CN105931049A - Electronic signature device, and trading method and trading system thereof - Google Patents
Electronic signature device, and trading method and trading system thereof Download PDFInfo
- Publication number
- CN105931049A CN105931049A CN201610179104.2A CN201610179104A CN105931049A CN 105931049 A CN105931049 A CN 105931049A CN 201610179104 A CN201610179104 A CN 201610179104A CN 105931049 A CN105931049 A CN 105931049A
- Authority
- CN
- China
- Prior art keywords
- unit data
- electronic signature
- data bag
- server
- signature equipment
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Pending
Links
Classifications
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06Q—INFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES, NOT OTHERWISE PROVIDED FOR
- G06Q20/00—Payment architectures, schemes or protocols
- G06Q20/38—Payment protocols; Details thereof
- G06Q20/382—Payment protocols; Details thereof insuring higher security of transaction
- G06Q20/3825—Use of electronic signatures
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06Q—INFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES, NOT OTHERWISE PROVIDED FOR
- G06Q20/00—Payment architectures, schemes or protocols
- G06Q20/38—Payment protocols; Details thereof
- G06Q20/40—Authorisation, e.g. identification of payer or payee, verification of customer or shop credentials; Review and approval of payers, e.g. check credit lines or negative lists
Landscapes
- Business, Economics & Management (AREA)
- Engineering & Computer Science (AREA)
- Accounting & Taxation (AREA)
- Computer Security & Cryptography (AREA)
- Finance (AREA)
- Strategic Management (AREA)
- Physics & Mathematics (AREA)
- General Business, Economics & Management (AREA)
- General Physics & Mathematics (AREA)
- Theoretical Computer Science (AREA)
- Financial Or Insurance-Related Operations Such As Payment And Settlement (AREA)
Abstract
The invention provides an electronic signature device, and a trading method and a trading system thereof. The trading method comprises that the electronic signature device sends a transaction request to a server, wherein the transaction request at least comprises transaction amount; the electronic signature device receives at least one first unit data package, wherein each first unit data package represents a kind of currency denomination of multiple currency denominations, and the sum of currency denominations represented by the at least one second unit data package is equal to the transaction amount; and the electronic signature device saves the above at least one second unit data package in a security chip. The technical scheme provided by the invention is adopted to realize safe off-line electronic transaction.
Description
Technical field
The present invention relates to a kind of electronic technology field, particularly relate to the method for commerce of a kind of electronic signature equipment, transaction system and electricity
Sub-signature device.
Background technology
In existing electronic transaction, the fund of user is deposited in the account in digital form, such as: user holds the money of 100 yuan
Gold, this fund is stored in the user account of bank server in digital form, and after 10 yuan when customer consumption, bank takes
Business device needs the fund 100 in user account to be rewritten as 90, to complete the clearance of account.In order to ensure the safety of fund numerical value,
After bank server rewrites numerical value, revised fund numerical value 90 be signed.Because user is traded rear account every time
Amount of money numerical value in family all can change, so bank server to process for the numerical value after variation every time.Namely
Saying, existing electronic transaction bank server to be relied on, the electronic transaction needs that user is carried out and bank server are carried out in real time
Synchronize, it is impossible to realize many off-line transactions of complete independently in the case of not networking.
Summary of the invention
It is contemplated that at least solve one of the problems referred to above.
Present invention is primarily targeted at the method for commerce that a kind of electronic signature equipment is provided.
Another object of the present invention is to provide a kind of electronic signature equipment.
A further object of the present invention is to provide a kind of transaction system.
For reaching above-mentioned purpose, technical scheme is specifically achieved in that
Scheme 1, the method for commerce of a kind of electronic signature equipment, including: transaction request is sent to server by electronic signature equipment,
Wherein, described transaction request at least includes: dealing money;Described electronic signature equipment from described server receive at least one
One unit data bag, wherein, each first unit data bag represents a kind of currency denomination in multiple currency denomination, described at least
The summation of the currency denomination representated by one the first unit data bag is equal to described dealing money;Described electronic signature equipment is by described
At least one first unit data bag is stored in safety chip.
Scheme 2, according to the method for commerce described in scheme 1, described each first unit data bag at least includes: the first units
Described first unit data signed the first signed data obtained according to, described server;In described electronic signature equipment by described
Before at least one first unit data bag is stored in safety chip, described method also includes: described electronic signature equipment is to institute
State the first signed data to verify, after being verified, perform described electronic signature equipment by least one first units described
The step being stored in safety chip according to bag.
Scheme 3, according to the method for commerce described in scheme 1, described transaction request also includes: setting of described electronic signature equipment
Standby mark;Described each first unit data bag at least includes: the first unit data, described server are to described first units
The second signed data obtained according to the device identification signature with described electronic signature equipment;Described electronic signature equipment by described extremely
Before a few first unit data bag is stored in safety chip, described method also includes: described electronic signature equipment is to described
Second signed data is verified, performs described electronic signature equipment by least one first unit data described after being verified
The step that bag is stored in safety chip.
Scheme 4, according to the method for commerce described in any one of scheme 1 to 3, described electronic signature equipment by described at least one
After first unit data bag is stored in safety chip, described method also includes: according to described in receiving at least one first
Currency denomination representated by the number of unit data bag and described each first unit data bag calculates the first units received
Summation according to the currency denomination representated by bag is the most consistent with the dealing money in described transaction request, if it is inconsistent, to institute
State server and send the request of repeating transmission.
Scheme 5, according to the method for commerce described in scheme 4, after sending, to described server, the request of repeating transmission, described method is also
Including: described electronic signature equipment receives the retransmission of information that described server sends according to the described request of retransmitting, wherein, described heavy
Photos and sending messages includes at least one first unit data bag described;Described electronic signature equipment will be stored in described safety chip before
Described at least one first unit data bag delete, and again store described server retransmit at least one first unit described
Packet.
Scheme 6, according to the method for commerce described in scheme 4, after sending, to described server, the request of repeating transmission, described method is also
Including: described electronic signature equipment receives the retransmission of information that described server sends according to the described request of retransmitting, wherein, described heavy
Photos and sending messages includes the first unit data bag that described electronic signature equipment does not receives;Described electronic signature equipment does not receives described
To the first unit data bag be stored in described safety chip.
Scheme 7, according to the method for commerce described in any one of scheme 1 to 6, described electronic signature equipment by described at least one
Before first unit data bag is stored in safety chip, described method also includes: the safety chip of described electronic signature equipment divides
It is used in the memory space of storage at least one the first unit data bag described;By at least one first unit data bag storage described
In safety chip, including: at least one first unit data bag described is stored in the described memory space of correspondence, and will
The status word of corresponding described memory space is set to take.
Scheme 8, according to the method for commerce described in any one of scheme 1 to 7, described electronic signature equipment by described at least one
After first unit data bag is stored in safety chip, described method also includes: described electronic signature equipment utilizes enumerator
Count value obtains total number of the first currently stored unit data bag.
Scheme 9, according to the method for commerce described in any one of scheme 1 to 8, described electronic signature equipment by described at least one
After first unit data bag is stored in safety chip, described method also includes: described electronic signature equipment is by described trade gold
Volume counts current account balance, shows described dealing money and/or described current account balance to holding user.
Scheme 10, according to the method for commerce described in any one of scheme 2 to 9, described first unit data at least includes: currency face
Value Data, or, currency sequence number and currency denomination data;Described first unit data bag the most also includes one below: distribution
Bank identifier and bank certificate sequence number.
Scheme 11, a kind of electronic signature equipment, described electronic signature equipment includes: communication module, for transaction request being sent
To server, wherein, described transaction request at least includes: dealing money;Acquisition module, for from described server receive to
A few first unit data bag, wherein, each first unit data bag represents a kind of currency denomination in multiple currency denomination,
The summation of at least one currency denomination representated by the first unit data bag described is equal to described dealing money;Security module, is used for
Storage at least one first unit data bag described.
Scheme 12, according to the electronic signature equipment described in scheme 11, described each first unit data bag at least includes: first
The first signed data that described first unit data signature is obtained by unit data, described server;Described security module, also uses
In before storage at least one first unit data bag described, described first signed data is verified, and is being verified
The rear operation performing storage at least one the first unit data bag described.
Scheme 13, according to the electronic signature equipment described in scheme 11, described transaction request also includes: described electronic signature sets
Standby device identification;Described each first unit data bag at least includes: the first unit data, described server are to described first
The second signed data that the device identification signature of unit data and described electronic signature equipment obtains;Described security module, is additionally operable to
Before storage at least one first unit data bag described, described second signed data is verified, and after being verified
Perform the operation of storage at least one the first unit data bag described.
Scheme 14, according to the electronic signature equipment described in any one of scheme 11 to 13, described security module, be additionally operable to storage
After at least one first unit data bag described, according to the number of at least one the first unit data bag described in receiving and
Currency denomination representated by described each first unit data bag calculates the currency denomination representated by the first unit data bag received
Summation the most consistent with the dealing money in described transaction request, if it is inconsistent, by described communication module to described clothes
Business device sends the request of repeating transmission.
Scheme 15, according to the electronic signature equipment described in scheme 14, described acquisition module, be used for receiving described server according to
The retransmission of information that the described request of retransmitting sends, wherein, described retransmission of information includes at least one first unit data bag described;Institute
Stating security module, at least one first unit data bag is deleted described in will store before, and again stores described server
At least one the first unit data bag described retransmitted.
Scheme 16, according to the electronic signature equipment described in scheme 14, described acquisition module, be used for receiving described server according to
The retransmission of information that the described request of retransmitting sends, wherein, described retransmission of information includes first that described electronic signature equipment does not receives
Unit data bag;Described security module, is used for the first unit data bag not received described in storing.
Scheme 17, according to the electronic signature equipment described in any one of scheme 11 to 16, described security module, be additionally operable to storage
Before at least one first unit data bag described, distribution is used for storing the memory space of at least one the first unit data bag described,
At least one first unit data bag described is stored in the described memory space of correspondence, and by corresponding described memory space
Status word is set to take.
Scheme 18, according to the electronic signature equipment described in any one of scheme 11 to 17, described security module, be additionally operable to utilize meter
The count value of number device obtains total number of the first currently stored unit data bag.
Scheme 19, according to the electronic signature equipment described in any one of scheme 11 to 18, described electronic signature equipment also includes alternately
Module;Described security module, for, after storage at least one first unit data bag described, counting described dealing money
Current account balance;Described interactive module, for showing described dealing money and/or described current account balance to holding user.
Scheme 20, according to the electronic signature equipment described in any one of scheme 12 to 19, described first unit data at least includes:
Currency denomination data, or, currency sequence number and currency denomination data;Described first unit data bag the most also includes one below:
Bank of issue's mark and bank certificate sequence number.
Scheme 21, a kind of transaction system, including: according to the electronic signature equipment described in any one of scheme 11 to 20 and server,
Wherein: described server, for after receiving the described transaction request that described electronic signature equipment sends, by described at least one
Individual first unit data bag sends to described electronic signature equipment.
As seen from the above technical solution provided by the invention, the invention provides a kind of electronic signature equipment method of commerce,
Transaction system and electronic signature equipment.Use the technical scheme that the present invention provides, can by the fund of user with at least one the
The form of one unit data bag is stored in the electronic signature equipment of user.User is when consumption, because fund is no longer with numerical value
Form be stored in electronic signature equipment, so electronic signature equipment need not change storage numerical value, it is only necessary to consumption will be met
One or more first unit data bags of the amount of money are sent to beneficiary, improve the safety of electronic transaction, and, due to
Electronic signature equipment need not the numerical value of change storage, and server need not supervise electronic signature equipment again, therefore electronics
Signature device need not when carrying out electronic transaction rely on server, it is achieved off line electronic transaction.
Accompanying drawing explanation
In order to be illustrated more clearly that the technical scheme of the embodiment of the present invention, the required accompanying drawing used in embodiment being described below
It is briefly described, it should be apparent that, the accompanying drawing in describing below is only some embodiments of the present invention, for this area
From the point of view of those of ordinary skill, on the premise of not paying creative work, it is also possible to obtain other accompanying drawings according to these accompanying drawings.
The flow chart of the method for commerce of the electric signing tools that Fig. 1 provides for the embodiment of the present invention 1;
The structural representation of the transaction system that Fig. 2 provides for the embodiment of the present invention 2.
Detailed description of the invention
Below in conjunction with the accompanying drawing in the embodiment of the present invention, the technical scheme in the embodiment of the present invention is clearly and completely described,
Obviously, described embodiment is only a part of embodiment of the present invention rather than whole embodiments.Reality based on the present invention
Execute example, the every other embodiment that those of ordinary skill in the art are obtained under not making creative work premise, broadly fall into
Protection scope of the present invention.
In describing the invention, it is to be understood that term " " center ", " longitudinally ", " laterally ", " on ", D score, " front ",
Orientation or the position relationship of the instruction such as " afterwards ", "left", "right", " vertically ", " level ", " top ", " end ", " interior ", " outward " are base
In orientation shown in the drawings or position relationship, it is for only for ease of the description present invention and simplifies description rather than instruction or hint institute
The device that refers to or element must have specific orientation, with specific azimuth configuration and operation, therefore it is not intended that to the present invention
Restriction.Additionally, term " first ", " second " are only used for describing purpose, and it is not intended that instruction or hint relative importance
Or quantity or position.
In describing the invention, it should be noted that unless otherwise clearly defined and limited, term " install ", " being connected ",
" connect " and should be interpreted broadly, connect for example, it may be fixing, it is also possible to be to removably connect, or be integrally connected;Permissible
It is to be mechanically connected, it is also possible to be electrical connection;Can be to be joined directly together, it is also possible to be indirectly connected to by intermediary, can be two
The connection of individual element internal.For the ordinary skill in the art, can understand that above-mentioned term is in the present invention with concrete condition
In concrete meaning.
Below in conjunction with accompanying drawing, the embodiment of the present invention is described in further detail.
Embodiment 1
The flow chart of the method for commerce of a kind of electronic signature equipment that Fig. 1 provides for the present embodiment.Embodiment of the method shown in Fig. 1,
Comprise the following steps S11 to S13:
Step S11, transaction request is sent to server by electronic signature equipment, and wherein, transaction request at least includes: trade gold
Volume.
In the present embodiment, electronic signature equipment can be the electronic equipment with signature function, such as, has signature function
Smart card (mass transit card, bank card, purchase card etc.), the U-shield etc. of industrial and commercial bank.A kind of optional embodiment party of the present embodiment
In formula, electronic signature equipment can be set up with external equipment (such as PC or mobile terminal etc.) and be connected, will by this external equipment
Transaction request sends to server.Or, electronic signature equipment has wireline interface or wave point, sets up wired with server
Connect or wireless connections, directly transaction request is sent to server.Wherein, radio connection can include bluetooth, NFC
The mode such as near-field communication and WIFI.Thus, in the present embodiment, electronic signature equipment can be in several ways by transaction request
Send to server.As the optional embodiment of one, server includes bank server or third-party server, such as,
Third-party server can be the purchase card stored value server in certain market.
Such as, this electronic signature equipment needs the operation performing to supplement with money, just to server (bank server or the purchase card in market
Stored value server) send the transaction request for supplementing with money, the dealing money carried in this transaction request is that electronic signature equipment please
Seek the amount of money numerical value that server is supplemented with money, in order to server returns first unit data corresponding with dealing money to electronic signature equipment
Bag (i.e. the summation of the currency denomination of the first unit data bag that server returns is equal to dealing money).
Step S12, electronic signature equipment receives at least one first unit data bag, wherein, each first unit from server
Packet represents a kind of currency denomination in multiple currency denomination, at least one currency face representated by the first unit data bag above-mentioned
The summation of value is equal to dealing money.
In the present embodiment, each first unit data bag represents a kind of currency denomination in multiple currency denomination, say, that goods
Coin face amount has multiple, when electronic signature equipment only receives a first unit data bag from server, and this first units
A kind of currency denomination therein is only represented according to bag.When electronic signature equipment receives multiple first unit data bag from server,
Multiple first unit data bags can represent multiple different currency denomination, and such as, the number of the first unit data bag is 3,
Each first unit data bag respectively representative money face amount 1 yuan, 2 yuan and 5 yuan;Or, multiple first unit data bags can
To represent identical currency denomination, such as, the number of the first unit data bag is 3, and each first unit data Bao Jun represents
Currency denomination 1 yuan;Again or, the currency denomination representated by multiple first unit data bags had both included identical also include not phase
Same currency denomination, such as, the number of the first unit data bag is 3, each first unit data bag representative money face respectively
It is worth 1 yuan, 1 yuan and 2 yuan.Thus, at least one first unit data Bao Suodai that electronic signature equipment receives from server
The currency denomination of table has compound mode flexibly.
In a kind of optional embodiment of the present embodiment, at least including the first unit data in the first unit data bag, this is first years old
Unit data at least includes: currency denomination data, or, currency sequence number and currency denomination data.Wherein, currency denomination data
It is the currency denomination representated by the first unit data bag, identifies the currency denomination representated by the first unit data bag, currency with this
The unique serial number of each first unit data bag of serial number, the most different currency sequence numbers in the first unit data bag is different.
Thereby, it is possible to ensure the uniqueness of each first unit data bag, in order to recognize the true and false of the first unit data bag.As one
Planting optional embodiment, the first unit data bag the most also includes one below: the bank of issue identifies and bank certificate sequence number.
Wherein, the bank of issue is designated the identification information of the bank issuing this first unit data bag, thus can inquire about according to this mark
To the relevant information of the corresponding bank of issue, and, electronic signature equipment can be according to bank of issue's mark and bank certificate sequence number
Obtain the bank certificate of the corresponding bank of issue, bank certificate includes the PKI of the bank of issue, in order to electricity in subsequent step
Sub-signature device utilizes the PKI of the bank of issue that the signature of the first unit data completes checking.
In a kind of optional embodiment of the present embodiment, the first unit data bag the most also includes: the first unit data and clothes
The first signed data that first unit data signature is obtained by business device.As the optional embodiment of one, server by utilizing self
Private key respectively the first unit data in each first unit data bag is signed, obtain and each first unit data bag
The first corresponding signed data.At least one is carried the first unit data bag of the first signed data and sends to electronics by server
Signature device, in order in subsequent step, electronic signature equipment utilizes the verity of public key verifications the first unit data bag of server.
In the another kind of optional embodiment of the present embodiment, electronic signature equipment is sent in the transaction request of server also include:
The device identification of electronic signature equipment;Each first unit data bag at least includes: the first unit data, server are single to first
The second signed data that the device identification signature of bit data and electronic signature equipment obtains.As the optional embodiment of one, clothes
Business device utilizes the private key of self to sign the device identification of the first unit data and electronic signature equipment, obtains and each first unit
The second signed data that packet is corresponding.At least one is carried the first unit data bag of the second signed data and sends by server
To electronic signature equipment, in order in subsequent step, electronic signature equipment utilizes public key verifications the first unit data bag of server
Correctness.
In the present embodiment, server, can be from this electronic signature equipment pair after receiving the transaction request that electronic signature equipment sends
The account answered deducts the dealing money of electronic signature equipment request, and issues the summation of currency denomination for electronic signature equipment and be equal to
At least one of dealing money the first unit data bag, receives these the first unit data bags in electronic signature equipment, i.e. supplements with money
After success, just can complete off-line transaction with other electronic signature equipment, i.e. need not again just can be to other with server networking
Electronic signature equipment transfers accounts (will the first unit data bag be transmitted to other electronic signature equipment).Each first unit data bag institute
The currency denomination represented can be the same or different, and is sent to the number of the first unit data bag of electronic signature equipment and each
Currency denomination representated by individual first unit data bag can be determined according to dealing money by server, it is also possible to is set by electronic signature
Rear notification server is determined, such as, as the optional embodiment of the one in the present embodiment, electronic signature for according to dealing money
The transaction request that equipment sends can also be carried kind and the number of the first unit data bag.The former server can be real flexibly
Issuing of existing first unit data bag, the latter can meet user to the number of the first unit data bag and the demand of face amount.?
In a kind of optional embodiment of the present embodiment, each first unit data bag represents a kind of currency denomination in multiple currency denomination,
Such as, the currency denomination representated by the first unit data bag includes: 1 yuan, 2 yuan, 5 yuan, 10 yuan, 20 yuan, 50 yuan and 100
Unit, certainly, if following country has issued new currency denomination or other in addition to making by RMB are regional, national
Currency denomination fall within protection scope of the present invention, the present embodiment is only illustrated with RMB face amount.Such as, electricity
Transaction request is sent to server by sub-signature device, and wherein, the dealing money that transaction request includes is 10 yuan, and electronic signature sets
Standby receive 5 the first unit data bags from server, the currency denomination representated by 5 the first unit data bags be respectively 1 yuan, 1
Unit, 1 yuan, 2 yuan and 5 yuan, the summation of the currency denomination representated by 5 the first unit data bags is 10 yuan, with dealing money
Equal.Certainly, when the dealing money that transaction request includes is 10 yuan, electronic signature equipment can also receive 10 from server
Individual the first unit data bag representing 1 yuan of currency denomination, or, 2 the first unit data bags representing 5 yuan of currency denominations,
Or, 1 the first unit data bag representing 10 yuan of currency denominations.It is to say, the first electron unit monetary data Bao Suodai
The currency denomination of table and number can be with flexible combination, it is only necessary to make at least one currency representated by the first unit data bag received
The summation of face amount is equal to dealing money, the most only as a example by dealing money is 10 yuan, identical for other amount of money Numerical Principles,
The most no longer illustrate.Thus, determine the number of the first unit data bag at server according to dealing money, and each
In the case of face amount representated by one unit data bag, server can realize issuing of the first unit data bag, Ke Yiyou flexibly
Various combinations;The number of the first unit data bag, and each first units is determined according to dealing money in electronic signature equipment
In the case of the face amount representated by bag, can be by the currency face representated by the first unit data bag of the number of request and correspondence
Value sends to server, thus can meet user to the number of the first unit data bag and the demand of face amount.
The safety of data transmission in the first unit data packet procedures is issued in order to improve server further, a kind of at the present embodiment
In optional embodiment, electronic signature equipment can also receive the ciphertext data of at least one the first unit data bag from server,
Wherein, at least one first unit data bag is encrypted by server and to obtain by these ciphertext data, and electronic signature equipment is permissible
This ciphertext data deciphering obtains the first unit data bag original text, and server and electronic signature equipment can add solution by symmetric key
Close or unsymmetrical key encryption and decryption mode realizes the safe transmission of data.As the optional mode of one, server is at least one
The cipher mode that individual first unit data bag is encrypted includes: the PKI of server by utilizing electronic signature equipment at least one
One unit data bag is encrypted (this mode being asymmetric-key encryption), or, server by utilizing is assisted with electronic signature equipment
At least one first unit data bag is encrypted by the symmetric key that business obtains.Electronic signature equipment receive ciphertext data it
After, utilize the manner of decryption corresponding with the cipher mode of server ciphertext data to be decrypted, obtain at least one first unit
Packet is in plain text, i.e. utilize the private key of electronic signature equipment that this ciphertext data deciphering obtains the first unit data bag (this in plain text
Mode for unsymmetrical key deciphering), or, electronic signature equipment utilizes the symmetric key consulting to obtain with server to this ciphertext
Data deciphering obtains the first unit data bag in plain text.Thus, it is possible to prevent from the first unit data from wrapping in transmitting procedure being replicated or
Distort, improve the safety of data transmission.
Step S13, at least one first unit data bag above-mentioned is stored in safety chip by electronic signature equipment.
In a kind of optional embodiment of the present embodiment, electronic signature equipment is provided with safety chip, inside this safety chip
Have independent processor and memory element, PKI digital certificate and key, and other characteristics can be stored, data are entered
Row encryption and decryption computing, provides the user data encryption and identification safety authentication service, in the present embodiment, the peace of electronic signature equipment
In full chip, the first unit data bag of storage can not illegally be read, it is ensured that the Information Security of storage.
Before step S13, the method that the present embodiment provides also includes: the safety chip distribution of electronic signature equipment is used for storing
The memory space of at least one the first unit data bag above-mentioned.In the present embodiment, in step S13 by above-mentioned at least one first
Unit data bag is stored in safety chip, specifically includes: at least one first unit data bag above-mentioned is stored in depositing of correspondence
In storage space, and it is set to take by the status word of corresponding memory space.Wherein, safety chip is each first unit data
Bag one memory space of distribution, a memory space can only store a first unit data bag, and the transaction of electronic signature equipment
Record also can record the position of the memory space of each the first unit data bag storage received from server in a transaction.
It is the most occupied that the status word of memory space is used for identifying this memory space, if the most occupied, then electronic signature equipment
The first unit data bag can not be stored at this occupied memory space.When all memory spaces of safety chip distribution are the most occupied
Used time, electronic signature equipment needs make requests on server update packet or apply for the operation of new memory space, wherein,
As the optional embodiment of one, electronic signature equipment can apply for the first unit that new memory space is newly received with storage
Packet.As the optional embodiment of another kind, electronic signature equipment can also update locally stored the to server request
One unit data bag, such as, electronic signature equipment can N number of (N be the most whole more than 1 by locally stored with request server
Number) represent the first unit data bag of little face amount and replace with 1 or M (M < N) and represent the first units of big currency denomination
Store according to bag, as long as the amount of currency of storage is constant, the most just can discharge multiple memory space, thus save
The first unit data bag that memory space is newly received with storage.Additionally, in order to improve the safety that data store further,
In this step, each first unit data bag can also be encrypted and obtain each first unit data bag by electronic signature equipment
Ciphertext data, and each ciphertext data are stored in the memory space of correspondence.Thus, it is possible to ensure to be stored in safety chip
The first unit data bag in memory space can not be by fraudulent copying or change, the safety guaranteeing to store the first unit data bag with this
Property.
In the present embodiment, in order to be further ensured that the true of the first unit data bag of the storage of electronic signature equipment in step S13
Property, before performing step S13, as the optional embodiment of the one in the present embodiment, this method of commerce also includes: electronics
First signed data is verified by signature device, performs step S13 after being verified.Wherein, the first signed data is clothes
First unit data is signed and is obtained by business device, and each first unit data bag at least includes: the first unit data and clothes
The first signed data that first unit data signature is obtained by business device, so that electronic signature equipment can verify the first units
Verity according to bag.As the optional embodiment of one, the first signed data is that the private key of server by utilizing self is single to first
Bit data carries out the signed data obtained of signing.Accordingly, electronic signature equipment carries out checking to the first signed data and specifically includes:
Electronic signature equipment utilizes the PKI of this server that the first signed data is carried out sign test.As a example by server is as bank server,
Bank server carries out HASH computing and obtains the summary message A1 of the first unit data the first unit data, and utilizes bank to take
The private key of business device self carries out signature computing and obtains the first signed data this summary message A1, and carries at the first unit data bag
In be issued to electronic signature equipment.Electronic signature equipment can utilize the PKI of this bank server to test the first signed data
Sign, specifically, electronic signature equipment utilize the PKI of bank server the first electronic signature data is carried out computing obtain computing knot
Really A2, and the first unit data in the first unit data bag received is carried out HASH computing obtain the first unit data
Summary message A3, compares operation result A2 with summary message A3, if comparison result is consistent, then and electronic signature equipment
First electronic signature data sign test is passed through.Wherein, electronic signature equipment can be according to the bank certificate in the first unit data bag
Sequence number and/or bank of issue's mark obtain the PKI of bank, and such as, electronic signature equipment can be according in the first unit data bag
The bank of issue identifies, and obtains the bank certificate of this bank from bank of issue's server corresponding with the first signed data to be verified,
And from bank certificate, obtain the PKI of this bank;The most such as, electronic signature equipment can prestore the bank certificate of each bank,
Obtain from each bank certificate prestored and the first number of signature to be verified according to the bank certificate sequence number in the first unit data bag
According to corresponding bank certificate, and from corresponding bank certificate, obtain the PKI of bank.Thus, electronic signature equipment utilizes bank
PKI the first signed data carried in the first unit data bag is carried out sign test, the true of the first unit data bag can be verified
Property.Foregoing description only illustrates as a example by server is as bank server, but the present embodiment is not limited to bank server, its
Within the detailed description of the invention of his third-party server such as supermarket shopping card stored value server etc. belongs to protection scope of the present invention.
Further, electronic signature equipment, on the premise of the first unit data bag guaranteeing to receive is true, still wants to confirm clothes again
The object that business device sends is this electronic signature equipment the most really, to avoid storing the packet that server is sent out by mistake, is performing step
Before S13, this method of commerce also includes: the second signed data is verified by electronic signature equipment, performs after being verified
Step S13.Wherein, the second signed data is that the device identification of the first unit data and electronic signature equipment is signed by server
Arriving, therefore, in a kind of optional embodiment of the present embodiment, electronic signature equipment is sent in the transaction request of server
Also include: the device identification of electronic signature equipment;Each first unit data bag at least includes: the first unit data, server
The second signed data obtaining the device identification signature of the first unit data and electronic signature equipment, so that electronic signature sets
Standby verity and the correctness that can verify the first unit data bag.As the optional embodiment of one, the second signed data is
The device identification of the first unit data and electronic signature equipment is signed the label obtained by the private key of server by utilizing server self
Name data, say, that the signature object of each second signed data is setting of each first unit data and electronic signature equipment
The combination of standby mark.Accordingly, electronic signature equipment carries out checking to the second signed data and specifically includes: electronic signature equipment profit
Respectively each second signed data is carried out sign test with the PKI of server.As a example by server is as bank server, bank service
Device utilizes the private key of self that the device identification of the first unit data and electronic signature equipment is carried out signature to obtain the second signed data,
And carry and be issued to electronic signature equipment in the first unit data bag.Electronic signature equipment can utilize the public affairs of this bank server
Key carries out sign test to the second signed data.Wherein, electronic signature equipment can be according to the bank certificate sequence in the first unit data bag
Number and/or bank of issue's mark obtain the bank certificate of this bank, and from bank certificate, obtain the PKI of this bank, such as, electricity
Sub-signature device can identify according to the bank of issue in the first unit data, sends out from corresponding with the second signed data to be verified
Row bank server obtains the PKI of this bank;The most such as, electronic signature equipment can prestore the bank certificate of each bank, root
Obtain from each bank certificate prestored and the second signed data to be verified according to the bank certificate sequence number in the first unit data bag
Corresponding bank certificate, and from corresponding bank certificate, obtain the PKI of bank.Thus, electronic signature equipment utilizes bank
PKI carries out sign test to the second signed data carried in the first unit data bag, is possible not only to verify the true of the first unit data bag
Reality, it is also possible to prove that the first unit data bag strictly bank server is handed down to this electronic signature equipment, i.e. verify first
The correctness of unit data bag.Foregoing description only illustrates as a example by server is as bank server, but the present embodiment does not limit
In bank server, the detailed description of the invention of other third-party server such as supermarket shopping card stored value server etc. belongs to the present invention
Protection domain within.
In order to ensure that electronic signature equipment is collected money less, i.e. ensure the total of the first unit data bag that electronic signature equipment receives
The amount of money is equal to dealing money, and in a kind of optional embodiment of the present embodiment, after step s 13, this method of commerce also wraps
Include: according to the currency face representated by the number of at least one received the first unit data bag and each first unit data bag
The summation that value calculates the currency denomination representated by the first unit data bag received is the most consistent with the dealing money in transaction request,
If it is inconsistent, send, to server, the request of repeating transmission.Such as, dealing money is 10 yuan, and electronic signature equipment connects from server
Receiving 5 the first unit data bags, whether the summation calculating the currency denomination representated by 5 the first unit data bags is equal to 10 yuan,
If less than 10 yuan, then server sends the request of repeating transmission.Thus, electronic signature equipment can be asked by sending to retransmit to server
Ask, the problem solving the deficiency of the currency denomination representated by the first unit data bag received.
In electronic signature equipment after server sends the request of repeating transmission, electronic signature equipment can receive the repeating transmission letter that server returns
Breath, the content according to the request of retransmitting is different, and the retransmission of information that server returns also can be different, such as, retransmit in request and can take
The device identification of having electronic signature device, transaction record are (such as the numbering of every transaction, accounts information, timestamp, dealing money
And the number of the first unit data bag received and representative currency denomination etc., these server sides also can corresponding be remembered
Record), in order to a certain transaction that server lookup to this electronic signature equipment is corresponding, all these transactions of repeating transmission corresponding first
Unit data bag is to electronic signature equipment, the most such as, retransmits the number that can also carry the first unit data bag received in request
(mark of a first unit data bag can be uniquely identified, if server is each first unit data bag configuration according to bag mark
Unique mark, or currency sequence number), after server receives these package identifications, can inquire and Lou send out or transmitting procedure
In lost which the first unit data bag, the first unit data bag that is that these leakages generated or that lose in transmitting procedure sends to the most electric
Sub-signature device.Below the first unit data bag is retransmitted with regard to server illustrative:
Such as, in electronic signature equipment after server sends the request of repeating transmission, electronic signature equipment receives server according to repeating transmission
The retransmission of information that request sends, wherein, retransmission of information includes at least one first unit data bag.Electronic signature equipment will before
Be stored in the first unit data bag of at least one in safety chip delete, and again storage server retransmit at least one first
Unit data bag.As the optional embodiment of one, electronic signature equipment after sending, to server, the request of repeating transmission, electronics label
Name equipment receives the retransmission of information that server sends according to the request of repeating transmission, wherein, at least includes: electronic signature in this repeating transmission request
The device identification of equipment and transaction record, retransmission of information includes at least one first unit data bag, i.e. optionally implements at this
In mode, server has retransmitted, to electronic signature equipment, whole first unit data bags that a transaction is corresponding, in the present embodiment,
Server, when being traded with per-unit electronics signature instrument, also can store transaction record corresponding to each transaction (such as every friendship
The number of the first unit data bag of easy numbering, accounts information, timestamp, dealing money and transmission and representative goods
Coin face amount etc.) and the device identification of electronic signature equipment, this electronics can be inquired according to device identification and transaction record
The a certain transaction that signature device is corresponding, in this optional embodiment, the electronic signature equipment request that server can will inquire
First unit data bag of this transaction retransmitted all is retransmitted to electronic signature equipment, to ensure that electronic signature equipment receives completely
The first unit data bag, the transaction errorless (such as supplementing with money errorless) of server and electronic signature equipment.
In order to ensure that electronic signature equipment will not repeat to store packet, receive the first of server repeating transmission in electronic signature equipment
Before unit data bag, the method that the present embodiment provides also includes: electronic signature equipment will be stored in safety chip extremely before
A few first unit data bag is deleted (i.e. in this optional embodiment, owing to server can be by the first unit of this transaction
Packet all resends to electronic signature equipment, electronic signature equipment must will receive before whole the of this transaction
One unit data bag, i.e. before at least one first unit data bag corresponding to this transaction of being stored in safety chip delete),
And at least one first unit data bag that storage server is retransmitted again, wherein, electronic signature equipment is performing above-mentioned deletion the
After the operation of one unit data bag, can be set to vacant by the status word of shared memory space, electronic signature equipment is permissible
Again the first unit data bag received is stored to the memory space of the distribution of safety chip before, and the storage sky that will take
Between status word be set to take, thereby guarantee that electronic signature equipment will not repeat to store the first identical unit data bag, and protect
Demonstrate,prove same memory space and can only store a first unit data bag.
For example, for the transaction of a numbered 1*******, the dealing money in the transaction request of electronic signature equipment is
10 yuan, 5 the first unit data bags representing 2 yuan of currency denominations respectively that electronic signature equipment reception server sends, but by
Loss of data in transmitting procedure, electronic signature equipment only receives 4 the first unit datas representing 2 yuan of currency denominations respectively
Bag, currency denomination summation is 8 yuan, unequal with dealing money 10 yuan.For this transaction, electronic signature equipment is to server
Sending the request of repeating transmission, and receive the retransmission of information that server sends according to the request of repeating transmission, this repeating transmission request includes: electronic signature
The device identification of equipment and transaction record, server, can be according to device identification and transaction after receiving this repeating transmission request
Record queries is to this transaction corresponding to this electronic signature equipment, and server can be by the electronic signature equipment request repeat that inquires
First unit data bag of this transaction all retransmits that to be sent to this of electronic signature equipment to electronic signature equipment, i.e. server heavy
Photos and sending messages includes 5 the first unit data bags representing 2 yuan of currency denominations respectively.Electronic signature equipment will be stored in safety before
In chip 4 represent the first unit data bag of 2 yuan of currency denominations respectively and delete, and again store 5 of server repeating transmission
Represent the first unit data bag of 2 yuan of currency denominations respectively.Thus, needed for electronic signature equipment is not received by a transaction
Whole first unit data bag time, server can be by the whole first unit data packet retransmissions needed for this transaction to electronics label
Name equipment, so that transaction can smoothly complete.
The most such as, in electronic signature equipment after server sends the request of repeating transmission, electronic signature equipment receives server according to weight
The retransmission of information that the request of sending out sends, wherein, retransmission of information includes the first unit data bag that electronic signature equipment does not receives, and
The the first unit data bag not received is stored in safety chip.
As the optional embodiment of one, electronic signature equipment is after sending, to server, the request of repeating transmission, and electronic signature equipment connects
Receive the retransmission of information that server sends according to the request of repeating transmission, wherein, this repeating transmission request at least includes: setting of electronic signature equipment
Standby mark, transaction record and the package identification of each the first unit data bag received, retransmission of information includes electronic signature
The first unit data bag that equipment does not receives, i.e. in this optional embodiment, server is retransmitted to electronic signature equipment
One transaction is leaked the first unit data bag that is that send out or that lose in transmitting procedure, can look into according to device identification and transaction record
Asking a certain transaction that this electronic signature equipment is corresponding, server can being somebody's turn to do this electronic signature equipment request repeat inquired
Those first unit data packet retransmissions corresponding to the package identification that do not inquires in transaction are to electronic signature equipment, to ensure
Electronic signature equipment receives the transaction errorless (such as supplementing with money errorless) of the first complete unit data bag, server and electronic signature equipment.
Compared with the optional embodiment in a upper example, this optional embodiment can reduce the volume of transmitted data of server, is substantially reduced
The workload of server, improves the work efficiency that server is retransmitted.
In this optional embodiment, after electronic signature equipment receives the first unit data bag that server is retransmitted, electronic signature
The the first unit data bag not received before is stored in safety chip by equipment, i.e. electronic signature equipment will receive again
First unit data bag is stored in the memory space distributed before safety chip, and the status word of the memory space taken is set to
Take, thereby guarantee that same memory space can only store a first unit data bag.
For example, for the transaction of a numbered 1*******, the dealing money in the transaction request of electronic signature equipment is
5 yuan, electronic signature equipment receives 2 the first unit data bags (abbreviations 2 representing 2 yuan of currency denominations respectively that server sends
Metadata bag), and 1 the first unit data bag (being called for short 1 metadata bag) representing 1 yuan of currency denomination, but due to transmission
During loss of data, electronic signature equipment only receives 22 metadata bags, and currency denomination summation is 4 yuan, with trade gold
Volume 5 yuan is unequal.For this transaction, electronic signature equipment sends, to server, the request of repeating transmission, and receives server according to weight
The retransmission of information that the request of sending out sends, also carries the package identification of 22 metadata bags in the request of retransmitting, and server receives
After asking to this repeating transmission, all first unit data bags of its correspondence can be inquired for this transaction of this electronic signature equipment,
Just it appeared that retransmit the package identification not having 1 metadata bag in request, this 1 metadata packet retransmission can be given electricity by server
Sub-signature device, i.e. server are sent to this retransmission of information of electronic signature equipment and include 11 metadata bag.Electronic signature sets
Standby 11 metadata bag by server repeating transmission is stored in safety chip.In the present embodiment, electronic signature equipment is to server
Can include the package identification of part the first unit data bag being received in the repeating transmission request sent, server is permissible
The the first unit data bag needing in retransmission of information to carry is determined according to the package identification in the request of retransmitting.Thus, electronics is worked as
When signature device is not received by the whole first unit data bag needed for a transaction, server can be by unreceived part
One unit data packet retransmission, to electronic signature equipment, not only reduces the transmission quantity of retransmission data, also ensure that transaction can be smooth
Complete.
Below it is all to illustrate as a example by the embodiment of a transaction, in the present embodiment, every in many transactions
Transaction can realize in the manner described above.
In the present embodiment, the memory space of electronic signature equipment is limited after all, accordingly, it would be desirable to monitor electronic signature at any time
The remaining space of equipment, in order to instant-free memory space, it is to avoid do not have redundant space to cause Fail Transaction in process of exchange
Problem.In a kind of optional embodiment of the present embodiment, electronic signature equipment is additionally provided with enumerator, by this enumerator
The residual memory space of electronic signature equipment can be monitored in real time.Specifically, after each transaction terminates, i.e. in step S13
After middle electronic signature equipment stores the first unit data bag received, electronic signature equipment utilizes the count value of enumerator to obtain
Total number to the first currently stored unit data bag.Specifically, this transaction can all be added at each transaction Counter
Receiving the number of the first unit data bag, after many transactions, the count value of enumerator can be accumulated to a numerical value, when this
When numerical value reaches default value, illustrate that the memory space of electronic signature equipment is assigned, there is no unnecessary memory space,
Now, electronic signature equipment needs make requests on server update packet or apply for operation (the as above institute of new memory space
State).In the present embodiment, the size of each memory space is identical, and the size of each first unit data bag is identical, and with storage
The size coupling in space, such as, electronic signature equipment is 2M to the size of the memory space of a first unit data bag distribution,
The memory space of this 2M can store a first unit data bag, and a safety chip reserves storage the first unit data bag
Space be 1G, then, this electronic signature equipment at most can store 512 the first unit data bags, i.e. default value is permissible
It is set to 512.Thus, it is possible to monitor the remaining space of electronic signature equipment in real time, and discharge unnecessary memory space in time,
The problem avoiding not having redundant space to cause Fail Transaction in process of exchange.Certainly, electronic signature equipment can also utilize counting
The count value of device obtains total number of the first unit data bag of every kind of currency denomination of storage in safety chip.Thus, electronics label
Name equipment can obtain currently stored first according to the currency denomination representated by every kind of first unit data bag of storage and number
The sums of money of unit data bag.
In a kind of optional embodiment of the present embodiment, after step s 13, dealing money is counted by electronic signature equipment works as
Front account balance, shows dealing money and/or current account balance to holding user.Thus, the user of electronic signature equipment is held
Dealing money and current account balance can be inquired about on the equipment of oneself.
The method of commerce of the electronic signature equipment of the present embodiment offer is provided, the fund of user can be stored with the form of packet
In the electronic signature equipment of user, and the number of packet is one or more.User is when consumption, because fund is no longer
It is stored in electronic signature equipment with the form of numerical value, so electronic signature equipment need not deposit by networking to change with server
The numerical value of storage, it is only necessary to the one or more first unit data bags meeting spending amount are sent to beneficiary, thus, electricity
Sub-signature device is no longer necessary to rely on server to carry out networking and pays when carrying out electronic transaction with other electronic signature equipment, service
Device is no longer necessary to supervise electronic signature equipment, thus realizes off line electronic transaction veritably.
Embodiment 2
The structural representation of a kind of transaction system that Fig. 2 provides for the present embodiment.As in figure 2 it is shown, this transaction system includes electronics
Signature device 20 and server 30, wherein, electronic signature equipment 20 includes: communication module 201, acquisition module 202 and peace
Full module 203.
Communication module 201, for sending transaction request to server 30, wherein, transaction request at least includes: dealing money;
Acquisition module 202, for receiving at least one first unit data bag, wherein, each first unit data bag from server 30
Represent a kind of currency denomination in multiple currency denomination, at least one currency denomination representated by the first unit data bag above-mentioned total
With equal to dealing money;Security module 203, is used for storing at least one first unit data bag above-mentioned.
In the present embodiment, electronic signature equipment can be the electronic equipment with signature function, such as, has signature function
Smart card (mass transit card, bank card, purchase card etc.), the U-shield etc. of industrial and commercial bank.
Communication module 201, for sending transaction request to server 30, wherein, transaction request at least includes: dealing money.
In a kind of optional embodiment of the present embodiment, communication module 201 can be with external equipment (such as PC or mobile terminal
Deng) set up connection, by this external equipment, transaction request is sent to server 30.Or, communication module 201 includes wired
Interface or wave point, set up wired connection or wireless connections with server 30, directly send transaction request to server 30.
Wherein, radio connection can be to include the modes such as bluetooth, NFC and WIFI.Thus, electricity in the present embodiment
Transaction request can be sent to server 30 by sub-signature device 20 in several ways.As the optional embodiment of one,
Server 30 includes bank server or third-party server, and such as, third-party server can be the purchase card Stored Value in certain market
Server.
Such as, electronic signature equipment 20 needs the operation performing to supplement with money, and communication module 201 is just to server 30 (bank service
The purchase card stored value server in device or market) send the transaction request for supplementing with money, the dealing money carried in this transaction request is just
It is the amount of money numerical value supplemented with money of electronic signature equipment 20 request server 30, in order to server 30 returns to electronic signature equipment 20
First unit data bag (the i.e. summation etc. of the currency denomination of first unit data bag that server 30 return corresponding with dealing money
In dealing money).
Acquisition module 202, for receiving at least one first unit data bag above-mentioned from server 30, wherein, each first is single
Bit data bag represents a kind of currency denomination in multiple currency denomination, at least one currency representated by the first unit data bag above-mentioned
The summation of face amount is equal to dealing money.
In the present embodiment, each first unit data bag represents a kind of currency denomination in multiple currency denomination, say, that goods
Coin face amount has multiple, when acquisition module 202 only receives a first unit data bag from server 30, and this first unit
Packet only represents a kind of currency denomination therein.When acquisition module 202 receives multiple first unit data bag from server 30
Time, multiple first unit data bags can represent multiple different currency denomination, and such as, the number of the first unit data bag is 3
Individual, each first unit data bag respectively representative money face amount 1 yuan, 2 yuan and 5 yuan;Or, multiple first unit datas
Bag can represent identical currency denomination, and such as, the number of the first unit data bag is 3, each first unit data Bao Jun
Representative money face amount 1 yuan;Again or, the currency denomination representated by multiple first unit data bags had both included identical also including
The currency denomination differed, such as, the number of the first unit data bag is 3, and each first unit data bag represents goods respectively
Coin face amount 1 yuan, 1 yuan and 2 yuan.Thus, at least one first unit above-mentioned that acquisition module 202 receives from server 30
Currency denomination representated by packet has compound mode flexibly.
In a kind of optional embodiment of the present embodiment, at least including the first unit data in the first unit data bag, this is first years old
Unit data at least includes: currency denomination data, or, currency sequence number and currency denomination data.Wherein, currency denomination data
It is the currency denomination representated by the first unit data bag, identifies the currency denomination representated by the first unit data bag, currency with this
The unique serial number of each first unit data bag of serial number, the most different currency sequence numbers in the first unit data bag is different.
Thereby, it is possible to ensure the uniqueness of each first unit data bag, in order to recognize the true and false of the first unit data bag.As one
Planting optional embodiment, the first unit data bag the most also includes one below: the bank of issue identifies and bank certificate sequence number.
Wherein, the bank of issue is designated the identification information of the bank issuing this first unit data bag, thus can inquire about according to this mark
To the relevant information of the corresponding bank of issue, and, electronic signature equipment can be according to bank of issue's mark and bank certificate sequence number
Obtain the bank certificate of the corresponding bank of issue, bank certificate includes the PKI of the bank of issue, in order to electricity in subsequent step
Sub-signature device utilizes the PKI of the bank of issue that the signature of the first unit data completes checking.
In a kind of optional embodiment of the present embodiment, the first unit data bag the most also includes: the first unit data and clothes
The first signed data that first unit data signature is obtained by business device 30.As the optional embodiment of one, server 30 profit
Respectively the first unit data in each first unit data bag is signed with the private key of self, obtain and each first unit
The first signed data that packet is corresponding.At least one is carried the first unit data bag of the first signed data and sends out by server 30
Deliver to electronic signature equipment 20, in order in subsequent step, the security module 203 in electronic signature equipment 20 utilizes server 30
The verity of public key verifications the first unit data bag.
In the another kind of optional embodiment of the present embodiment, communication module 201 is sent in the transaction request of server also include:
The device identification of electronic signature equipment 20;Each first unit data bag at least includes: the first unit data, server 30 are right
The second signed data that the device identification signature of the first unit data and electronic signature equipment 20 obtains.Optionally implement as one
Mode, server 30 utilizes the private key of self to sign the device identification of the first unit data and electronic signature equipment 20, obtains
Second signed data corresponding with each first unit data bag.Server 30 by above-mentioned at least one carry the second signed data
First unit data bag send to electronic signature equipment 20, in order to the security module of electronic signature equipment 20 in subsequent step
The correctness of 203 public key verifications the first unit data bags utilizing server.
In the present embodiment, server 30 after receiving the transaction request that electronic signature equipment 20 is sent by communication module 201,
The dealing money of electronic signature equipment 20 request can be deducted from the account of electronic signature equipment 20 correspondence, and set for electronic signature
Standby 20 summation at least one first unit data bag equal to dealing money issuing currency denomination, receive at acquisition module 202
These the first unit data bags, i.e. after successful recharging, electronic signature equipment 20 just can complete under line with other electronic signature equipment
Transaction, i.e. need not network with server 30 more just to transfer accounts to other electronic signature equipment (will turn by the first unit data bag
Issue other electronic signature equipment).Currency denomination representated by each first unit data bag can be the same or different, and sends
Can to the currency denomination representated by the number of the first unit data bag of electronic signature equipment 20 and each the first unit data bag
To be determined according to dealing money by server 30, it is also possible to inform service after being determined according to dealing money by electronic signature equipment 20
Device 30, such as, as the optional embodiment of the one in the present embodiment, all right in the transaction request that communication module 201 sends
Carry kind and the number of the first unit data bag.The former can realize issuing of the first unit data bag by server 30 flexibly,
The latter can meet user to the number of the first unit data bag and the demand of face amount.A kind of optional embodiment party of the present embodiment
In formula, each first unit data bag represents a kind of currency denomination in multiple currency denomination, such as, the first unit data bag institute
The currency denomination represented includes: 1 yuan, 2 yuan, 5 yuan, 10 yuan, 20 yuan, 50 yuan and 100 yuan.Certainly, if following state
Family has issued new currency denomination or other regional, the national currency denominations in addition to making by RMB fall within this
Bright protection domain, is only illustrated with RMB face amount in the present embodiment.Such as, electronic signature equipment 20 is by communication
Transaction request is sent to server 30 by module 201, and wherein, the dealing money that transaction request includes is 10 yuan, acquisition module
202 receive 5 the first unit data bags from server 30, and the currency denomination representated by 5 the first unit data bags is respectively 1
Unit, 1 yuan, 1 yuan, 2 yuan and 5 yuan, the summation of the currency denomination representated by 5 the first unit data bags is 10 yuan, with transaction
The amount of money is equal.Certainly, when the dealing money that transaction request includes is 10 yuan, acquisition module 202 can also be from server 30
Receive 10 the first unit data bags representing 1 yuan of currency denomination, or, 2 the first unitss representing 5 yuan of currency denominations
According to bag, or, 1 the first unit data bag representing 10 yuan of currency denominations.It is to say, the first electron unit monetary data
Currency denomination representated by bag and number can be with flexible combination, it is only necessary to make representated by least one first unit data bag of receiving
The summation of currency denomination equal to dealing money, the most only as a example by dealing money is 10 yuan, remote for other amount of money numerical value
From identical, the most no longer illustrate.Thus, determine the number of the first unit data bag at server 30 according to dealing money,
And in the case of each face amount representated by the first unit data bag, server 30 can realize the first unit data bag flexibly
Issue, can have various combination;The number of the first unit data bag is determined according to dealing money in electronic signature equipment 20, and
In the case of each face amount representated by the first unit data bag, communication module 201 can be by the number of request and the of correspondence
Currency denomination representated by one unit data bag sends to server 30, thus can meet user to the first unit data bag
Number and the demand of face amount.
Security module 203, is used for storing at least one first unit data bag.
In a kind of optional embodiment of the present embodiment, security module 203 includes safety chip, has inside this safety chip
Independent processor and memory element, can store PKI digital certificate and key, and other characteristics, add data
Deciphering computing, provides the user data encryption and identification safety authentication service, in the present embodiment, and storage in security module 203
First unit data bag can not illegally be read, it is ensured that the Information Security of storage.
Security module 203 distribution is for storing the memory space of at least one the first unit data bag.In the present embodiment, safety
Module 203 is used for storing at least one first unit data bag, specifically includes: be stored in by least one first unit data bag
In corresponding memory space, and it is set to take by the status word of corresponding memory space.Wherein, security module 203 is each
First unit data bag one memory space of distribution, a memory space can only store a first unit data bag, and electronics label
The transaction record of name equipment 20 also can record each the first unit data bag storage received from server 30 in a transaction
The position of memory space.It is the most occupied that the status word of memory space is used for identifying this memory space, if the most occupied
With, then security module 203 can not store the first unit data bag at this occupied memory space.When security module 203 is distributed
All memory spaces the most occupied time, security module 203 needs by communication module 201 request server 30 more new data
Wrap, or security module 203 needs to apply for new memory space, wherein, as the optional embodiment of one, security module
203 can apply for the first unit data bag that new memory space is newly received with storage.As the optional embodiment of another kind,
Security module 203 can also update the first locally stored unit data bag, example by communication module 201 to server 30 request
As, security module 203 can N number of (N be more than 1 by locally stored by communication module 201 request server 30
Positive integer) represent the first unit data bag of little face amount and replace with 1 or M (M < N) and represent the first single of big currency denomination
Bit data bag stores, as long as the amount of currency of storage is constant, the most just can discharge multiple memory space, thus save
Save the first unit data bag that memory space is newly received with storage.Additionally, for the safety improving data storage further,
Security module 203 is additionally operable to each first unit data bag is encrypted the ciphertext data obtaining each first unit data bag,
And each ciphertext data are stored in the memory space of correspondence.Thus, it is possible to ensure that the storage being stored in security module 203 is empty
The first unit data bag between can not be by fraudulent copying or change, the safety guaranteeing to store the first unit data bag with this.
The safety of data transmission in the first unit data packet procedures is issued, at the present embodiment one in order to improve server 30 further
Planting in optional embodiment, acquisition module 202 can also receive the ciphertext of at least one the first unit data bag from server 30
Data, wherein, at least one first unit data bag is encrypted by server 30 and to obtain by these ciphertext data, security module
203 can obtain the first unit data bag original text to this ciphertext data deciphering, and server 30 and electronic signature equipment 20 can be led to
The mode crossing symmetric key encryption and decryption or unsymmetrical key encryption and decryption realizes the safe transmission of data.As the optional mode of one,
The cipher mode that at least one first unit data bag is encrypted by server 30 includes: server 30 utilizes electronic signature to set
At least one first unit data bag is encrypted (this mode being asymmetric-key encryption) by the PKI of standby 20, or, clothes
Business device 30 utilizes the symmetric key consulting to obtain with electronic signature equipment 20 to be encrypted at least one first unit data bag.
Security module 203 at acquisition module 202 after receiving ciphertext data, it is possible to use corresponding with the cipher mode of server 30
Manner of decryption ciphertext data are decrypted, obtain at least one first unit data bag in plain text, i.e. security module 203 profit
With the private key of self storage, this ciphertext data deciphering obtained the first unit data bag (this mode deciphered for unsymmetrical key) in plain text,
Or, security module 203 utilizes the symmetric key consulting to obtain with server 30 that this ciphertext data deciphering is obtained the first units
According to bag in plain text.It is replicated thus, it is possible to prevent the first unit data from wrapping in transmitting procedure or distorts, improve the peace of data transmission
Quan Xing.
In a kind of optional embodiment of the present embodiment, in order to be further ensured that in security module 203 first units of storage
According to the verity of bag, security module 203, it is additionally operable to, before storing at least one first unit data bag above-mentioned, sign first
Name data are verified, and perform to store the operation of at least one the first unit data bag above-mentioned after being verified.Wherein,
One signed data is that the first unit data is signed and obtained by server 30, and each first unit data bag at least includes:
The first signed data that first unit data signature is obtained by one unit data, server 30, thus makes security module 203 permissible
Verify the verity of the first unit data bag.As the optional embodiment of one, the first signed data is that server 30 utilizes certainly
First unit data is signed the signed data obtained by the private key of body.Accordingly, security module 203 is to the first signed data
Carry out checking to specifically include: security module 203 utilizes the PKI of this server 30 that first signed data is carried out sign test.With service
As a example by device 30 is bank server, bank server carries out HASH computing and obtains the first unit data and pluck the first unit data
Want message A1, and utilize the computing that carries out this summary message A1 signing of the private key of bank server self to obtain the first signed data,
And carry and be issued to electronic signature equipment 20 in the first unit data bag.Security module 203 can utilize this bank server
PKI carries out sign test to the first signed data, and specifically, security module 203 utilizes the PKI of bank server to the first electronics label
Name data carry out computing and obtain operation result A2, and the first unit data in the first unit data bag received is carried out HASH
Computing obtains the summary message A3 of the first unit data, is compared with summary message A3 by operation result A2, if comparison knot
Fruit is consistent, then the first electronic signature data sign test is passed through by security module 203.Wherein, security module 203 can be according to first
Bank certificate sequence number in unit data bag and/or the PKI of mark acquisition bank of the bank of issue, such as, security module 203 is permissible
Identify according to the bank of issue in the first unit data, utilize acquisition module 202 from corresponding with the first signed data to be verified
The bank of issue obtains the bank certificate of this bank, and obtains the PKI of this bank from bank certificate;The most such as, security module 203
In can prestore the bank certificate of each bank, according to the bank certificate sequence number in the first unit data bag from each bank prestored
Certificate obtains the bank certificate corresponding with the first signed data to be verified, and from corresponding bank certificate, obtains the public affairs of bank
Key.Thus, security module 203 utilizes the PKI of bank that the first signed data carried in the first unit data bag is carried out sign test,
The verity of the first unit data bag can be verified.Foregoing description only illustrates as a example by server 30 is as bank server, but
The present embodiment is not limited to bank server, the specific embodiment party of other third-party server such as supermarket shopping card stored value server etc.
Within formula belongs to protection scope of the present invention.
Further, security module 203, on the premise of the first unit data bag guaranteeing to receive is true, still wants to confirm clothes again
The object that business device 30 sends is electronic signature equipment 20 itself the most really, to avoid storage server 30 to send out packet, peace by mistake
Full module 203, is additionally operable to, before storing at least one first unit data bag, verify the second signed data, and
Perform to store the operation of at least one the first unit data bag after being verified.Wherein, the second signed data is that server 30 is to
The device identification signature of one unit data and electronic signature equipment 20 obtains, therefore, in the another kind of optional enforcement of the present embodiment
In mode, communication module 201 is sent in the transaction request of server 30 also include: the device identification of electronic signature equipment;Often
Individual first unit data bag at least includes: the first unit data and electronic signature equipment are set by the first unit data, server 30
The second signed data that standby identification signature obtains, so that security module 203 can verify the verity of the first unit data bag
And correctness.As the optional embodiment of one, the second signed data is the private key that server 30 utilizes server 30 self
The device identification of the first unit data and electronic signature equipment is signed the signed data obtained, say, that each second
The signature object of signed data is the combination of the device identification of each first unit data and electronic signature equipment.Accordingly, safety
Module 203 carries out checking to the second signed data and specifically includes: security module 203 utilizes the PKI of server 30 respectively to each
Second signed data carries out sign test.As a example by server 30 is as bank server, bank server utilizes the private key of self to first
The device identification of unit data and electronic signature equipment 20 carries out signature and obtains the second signed data, and carries at the first unit data
Bag is issued to electronic signature equipment 20.Security module 230 can utilize the PKI of this bank server to enter the second signed data
Row sign test.Wherein, security module 203 can identify according to the bank certificate sequence number in the first unit data bag and/or the bank of issue
Obtaining the PKI of bank, such as, security module 203 can identify according to the bank of issue in the first packet, utilizes and obtains mould
Block 202 obtains the bank certificate of this bank from bank of issue's server corresponding with the second signed data to be verified, and from bank
Certificate obtains the PKI of this bank;The most such as, security module 203 can prestore the bank certificate of each bank, according to first
Bank certificate sequence number in packet obtains the bank corresponding with the second signed data to be verified from each bank certificate prestored
Certificate, and from corresponding bank certificate, obtain the PKI of bank.Thus, security module 203 utilizes the PKI of bank to first
The second signed data carried in unit data bag carries out sign test, is possible not only to verify the verity of the first unit data bag, also may be used
To prove that the first unit data bag strictly bank server is handed down to electronic signature equipment 20, i.e. verify the first unit data bag
Correctness.Foregoing description only illustrates as a example by server 30 is as bank server, but the present embodiment is not limited to bank's clothes
Business device, the detailed description of the invention of other third-party server such as supermarket shopping card stored value server etc. belongs to the protection model of the present invention
Within enclosing.
In order to ensure that electronic signature equipment 20 is collected money less, the first unit data bag that i.e. guarantee acquisition module 202 receives
Total amount is equal to dealing money, in a kind of optional embodiment of the present embodiment, and described security module 203, it is additionally operable to depositing
After storage at least one first unit data bag described, according to the number of at least one the first unit data bag described in receiving with
And the currency denomination representated by described each first unit data bag calculates the currency face representated by the first unit data bag received
Value summation the most consistent with the dealing money in described transaction request, if it is inconsistent, by described communication module 201 to
Described server 30 sends the request of repeating transmission.Such as, dealing money is 10 yuan, and acquisition module 202 receives 5 from server 30
Individual first unit data bag, whether etc. security module 203 calculates the summation of the currency denomination representated by 5 the first unit data bags
In 10 yuan, if less than 10 yuan, then communication module 201 sends, to server 30, the request of repeating transmission.Thus, electronic signature equipment
20 can solve, by sending, to server 30, the request of repeating transmission, the currency denomination representated by the first unit data bag received
Not enough problem.
In communication module 201 after server 30 sends the request of repeating transmission, acquisition module 202 can receive server 30 and return
Retransmission of information, the content according to the request of retransmitting is different, and the retransmission of information that server 30 returns also can be different, such as, retransmit request
In can carry the device identification of electronic signature equipment 20, transaction record (as the numbering of every transaction, accounts information, timestamp,
Dealing money and the number of the first unit data bag received and representative currency denomination etc., these server 30 sides
Also can corresponding record), in order to server 30 inquires a certain transaction that this electronic signature equipment is corresponding, all retransmits these pens
First unit data bag corresponding to transaction is to electronic signature equipment 20, the most such as, retransmits and can also carry the received in request
The package identification of one unit data bag (can uniquely identify the mark of a first unit data bag, if server 30 is each
Unique mark of the first unit data bag configuration, or currency sequence number), after server 30 receives these package identifications, can
Lou send out or transmitting procedure lost which the first unit data bag to inquire, by these leakage send out or in transmitting procedure lose
First unit data bag sends to electronic signature equipment 20.Below the first unit data bag is retransmitted with regard to server 30 and carry out exemplary
Illustrate:
Such as, acquisition module 202, it is used for, in communication module 201 after server 30 sends the request of repeating transmission, receiving server
30 retransmission of information sent according to the request of repeating transmission, wherein, retransmission of information includes at least one first unit data bag above-mentioned.Safety
Module 203, for being deleted by least one the first unit data bag stored before, and storage server is retransmitted at least again
One the first unit data bag.
As the optional embodiment of one, in communication module 201 after server 30 sends the request of repeating transmission, acquisition module 202
For receiving the retransmission of information that server 30 sends according to the request of repeating transmission, wherein, this repeating transmission request at least includes: electronic signature
The device identification of equipment and transaction record, retransmission of information includes at least one first unit data bag above-mentioned, i.e. optional at this
In embodiment, server 30 has retransmitted, to electronic signature equipment 20, whole first unit data bags that a transaction is corresponding,
In the present embodiment, server 30, when being traded with per-unit electronics signature instrument 20, also can store each transaction corresponding
Transaction record (the first unit data bag such as numbering, accounts information, timestamp, dealing money and the transmission of every transaction
Number and representative currency denomination etc.) and the device identification of electronic signature equipment 20, according to device identification and transaction
Record can inquire a certain transaction that this electronic signature equipment is corresponding, and in this optional embodiment, server 30 can will be looked into
First unit data bag of this transaction of electronic signature equipment 20 request repeat ask all is retransmitted to electronic signature equipment 20,
To ensure that electronic signature equipment 20 receives the first complete unit data bag, server 30 is errorless with the transaction of electronic signature equipment
(such as supplementing with money errorless).
In order to ensure that security module 203 will not repeat to store packet, receive that server 30 is retransmitted at acquisition module 202 the
Before one unit data bag, the method that the present embodiment provides also includes: security module 203 will be for being stored in safety chip before
In at least one first unit data bag delete (i.e. in this optional embodiment, owing to server 30 can by this transaction
First unit data bag all resends to electronic signature equipment 20, and this received before must be handed over by security module 203
Easy whole first unit data bags, i.e. before corresponding at least one of this transaction of being stored in security module 203 first single
Bit data bag is deleted), and at least one first unit data bag that storage server 30 is retransmitted again, wherein, security module 203
After performing the operation of above-mentioned deletion the first unit data bag, can the status word of shared memory space be set to vacant,
Again the first unit data bag received can be stored to the memory space distributed before by security module 203, and will take
The status word of memory space be set to take, thereby guarantee that security module 203 will not repeat to store the first identical unit data
Bag, and ensure that same memory space can only store a first unit data bag.
For example, for the transaction of a numbered 1*******, the trade gold in the transaction request that communication module 201 sends
Volume is 10 yuan, and acquisition module 202 receives 5 the first unit datas representing 2 yuan of currency denominations respectively that server 30 sends
Bag, but due to loss of data in transmitting procedure, acquisition module 202 only receives 4 and represents the first of 2 yuan of currency denominations respectively
Unit data bag, currency denomination summation is 8 yuan, unequal with dealing money 10 yuan.For this transaction, acquisition module 202
In communication module 201 after server 30 sends the request of repeating transmission, receive the repeating transmission letter that server 30 sends according to the request of repeating transmission
Breath, this repeating transmission request includes: the device identification of electronic signature equipment 20 and transaction record, server 30 is receiving this
After retransmitting request, can inquire, according to device identification and transaction record, this transaction that this electronic signature equipment is corresponding, service
First unit data bag of this transaction of the electronic signature equipment request repeat inquired can all be retransmitted to electronics label by device 30
Name equipment 20, i.e. server 30 are sent to this retransmission of information of electronic signature equipment 20 and include that 5 represent 2 yuan of currency faces respectively
First unit data bag of value.Security module 203 is by store before 4 the first unitss representing 2 yuan of currency denominations respectively
Delete according to bag, and 5 the first unit data bags representing 2 yuan of currency denominations respectively that storage server 30 is retransmitted again.Thus,
During whole first unit data bag needed for electronic signature equipment 20 is not received by a transaction, server 30 be caned will
Whole first unit data packet retransmissions needed for transaction are to electronic signature equipment 20, so that transaction can smoothly complete.
The most such as, acquisition module 202, it is used for, in communication module 201 after server 30 sends the request of repeating transmission, receiving and servicing
The retransmission of information that device 30 sends according to the request of repeating transmission, wherein, retransmission of information includes first that electronic signature equipment 20 does not receives
Unit data bag;Security module 203, the first unit data bag not received for storage.
As the optional embodiment of one, in communication module 201 after server 30 sends the request of repeating transmission, acquisition module 202
For receiving the retransmission of information that server 30 sends according to the request of repeating transmission, wherein, this repeating transmission request at least includes: electronic signature
The device identification of equipment 20, transaction record and the package identification of each the first unit data bag received, retransmission of information bag
Including the first unit data bag that acquisition module 202 does not receives, i.e. in this optional embodiment, server 30 is to electronics label
Name equipment 20 has retransmitted in a transaction the first unit data bag that is that leakage is sent out or that lose in transmitting procedure, according to device identification and
Transaction record can inquire a certain transaction of this electronic signature equipment 20 correspondence, this electronics that server 30 can will inquire
Those first unit data Bao Chong that the package identification that do not inquires in this transaction of signature device 20 request repeat is corresponding
Issue electronic signature equipment 20, to ensure that electronic signature equipment receives the first complete unit data bag, server 30 and electronics
The transaction of signature device 20 is errorless (such as supplementing with money errorless).Compared with the optional embodiment in a upper example, this optional embodiment
The volume of transmitted data of server 30 can be reduced, be substantially reduced the workload of server 30, improve the work that server 30 is retransmitted
Make efficiency.
In this optional embodiment, after electronic signature equipment 20 receives the first unit data bag that server 30 is retransmitted, peace
Full module 203 will again receive for the first unit data bag storage that will do not receive before, i.e. security module 203 the
One unit data bag is stored in the memory space distributed before, and is set to take by the status word of the memory space taken, by
This ensures that same memory space can only store a first unit data bag.
For example, for the transaction of a numbered 1*******, the trade gold in the transaction request that communication module 201 sends
Volume is 5 yuan, and acquisition module 202 receives 2 the first unit data bags representing 2 yuan of currency denominations respectively that server 30 sends
(being called for short 2 metadata bags), and 1 the first unit data bag (being called for short 1 metadata bag) representing 1 yuan of currency denomination, but
Due to loss of data in transmitting procedure, acquisition module 202 only receives 22 metadata bags, and currency denomination summation is 4 yuan,
Unequal with dealing money 5 yuan.For this transaction, acquisition module 202 sends repeating transmission in communication module 201 to server 30
After request, receive the retransmission of information that server 30 sends according to the request of repeating transmission, in the request of retransmitting, also carry 22 yuan of numbers
According to the package identification of bag, after server 30 receives this repeating transmission request, this transaction for electronic signature equipment 20 is permissible
Inquire all first unit data bags of its correspondence, just it appeared that retransmit the package identification not having 1 metadata bag in request,
Server 30 can be by this 1 metadata packet retransmission to electronic signature equipment 20, i.e. server 30 is sent to electronic signature equipment 20
This retransmission of information include 11 metadata bag.11 metadata bag storage that server 30 is retransmitted by security module 203.
In the present embodiment, communication module 201 retransmits, to what server 30 sent, the part first that can include being received in request
The package identification of unit data bag, server 30 can determine need in retransmission of information according to the package identification in the request of retransmitting
First unit data bag to be carried.Thus, whole first lists needed for electronic signature equipment 20 is not received by a transaction
During bit data bag, server 30 can be by unreceived part the first unit data packet retransmission to electronic signature equipment 20, not only
Decrease the transmission quantity of retransmission data, also ensure that transaction can smoothly complete.
Below it is all to illustrate as a example by the embodiment of a transaction, in the present embodiment, every in many transactions
Transaction can realize in the manner described above.
In a kind of optional embodiment of the present embodiment, the memory space of security module 203 is limited after all, therefore, needs
To monitor the remaining space of electronic signature equipment at any time, in order to instant-free memory space, it is to avoid the most in process of exchange
The problem that complementary space causes Fail Transaction.In a kind of optional embodiment of the present embodiment, electronic signature equipment 20 is additionally provided with
Enumerator, security module 203, for monitoring the residual memory space of security module 203 by the count value of this enumerator.Tool
Body ground, after each transaction terminates, security module 203, it is additionally operable to after storing the first unit data bag received,
The count value utilizing enumerator obtains total number of the first currently stored unit data bag.Specifically, fall into a trap in each transaction
Number device all can receive the number of the first unit data bag, after many transactions, the count value meeting of enumerator plus this transaction
It is accumulated to a numerical value, when this numerical value reaches default value, illustrates that the memory space of security module 203 is assigned, do not have
Having unnecessary memory space, now, security module 203 needs make requests on server 30 more new data packets or apply for new
The operation (as mentioned above) of memory space.In the present embodiment, the size of each memory space is identical, each first unit data
The size of bag is identical, and mates with the size of memory space, and such as, security module 203 gives a first unit data bag distribution
The memory space that size is 2M, this 2M of memory space can store a first unit data bag, an and security module
The space of 203 reserved storage the first unit data bags is 1G, then, this security module 203 at most can store 512 first
Unit data bag, i.e. default value can be set to 512.Thus, it is possible to monitor the remaining space of security module 203 in real time, and
Discharge unnecessary memory space in time, it is to avoid in process of exchange, there is no the problem that redundant space causes Fail Transaction.Certainly,
Security module 203 can also utilize the count value of enumerator to obtain the first list of every kind of currency denomination of storage in security module 203
Total number of bit data bag.Thus, security module 203 can be according to the currency representated by every kind of first unit data bag of storage
Face amount and number obtain the sums of money of the first currently stored unit data bag.
In a kind of optional embodiment of the present embodiment, as in figure 2 it is shown, electronic signature equipment 20 also includes interactive module 204;
Security module 203, for, after storing at least one first unit data bag, counting current account balance by dealing money;
Interactive module 204, for showing dealing money and/or current account balance to holding user.Thus, electronic signature equipment is held
The user of 20 can inquire about dealing money and current account balance on the equipment of oneself.
In the present embodiment, server 30, for after receiving the transaction request that electronic signature equipment 20 sends, by least one
Individual first unit data bag sends to electronic signature equipment 20.
The transaction system using the present embodiment to provide, can deposit the fund of user with the form of at least one the first unit data bag
It is stored in the electronic signature equipment of user, and the number of packet is one or more.User is when consumption, because fund is no longer
It is to be stored in electronic signature equipment with the form of numerical value, so electronic signature equipment need not the numerical value of change storage, it is only necessary to will
The one or more first unit data bags meeting spending amount are sent to beneficiary, thus, electronic signature equipment with its
His electronic signature equipment carries out being no longer necessary to rely on server to carry out networking during electronic transaction and pays, and server is no longer necessary to electronics
Signature device is supervised, thus realizes off line electronic transaction veritably.
Any process described otherwise above or method describe and are construed as in flow chart or at this, represent include one or
The module of code, fragment or the part of the executable instruction of the more steps for realizing specific logical function or process, and
The scope of the preferred embodiment of the present invention includes other realization, wherein can not be by order that is shown or that discuss, including root
According to involved function by basic mode simultaneously or in the opposite order, performing function, this should be by embodiments of the invention institute
Belong to those skilled in the art to be understood.
Should be appreciated that each several part of the present invention can realize by hardware, software, firmware or combinations thereof.In above-mentioned enforcement
In mode, multiple steps or method can be with storing the software or firmware that in memory and be performed by suitable instruction execution system
Realize.Such as, if realized with hardware, with the most the same, available following technology well known in the art
In any one or their combination realize: have and patrol for the discrete of logic gates that data signal is realized logic function
Collect circuit, there is the special IC of suitable combination logic gate circuit, programmable gate array (PGA), field programmable gate
Array (FPGA) etc..
Those skilled in the art are appreciated that it is permissible for realizing all or part of step that above-described embodiment method carries
Instructing relevant hardware by program to complete, described program can be stored in a kind of computer-readable recording medium, this journey
Sequence upon execution, including one or a combination set of the step of embodiment of the method.
Additionally, each functional unit in each embodiment of the present invention can be integrated in a processing module, it is also possible to be each
Unit is individually physically present, it is also possible to two or more unit are integrated in a module.Above-mentioned integrated module is the most permissible
The form using hardware realizes, it would however also be possible to employ the form of software function module realizes.If described integrated module is with software merit
Can the form of module realize and as independent production marketing or when using, it is also possible to be stored in the storage of embodied on computer readable and be situated between
In matter.
Storage medium mentioned above can be read only memory, disk or CD etc..
In the description of this specification, reference term " embodiment ", " some embodiments ", " example ", " concrete example ",
Or specific features, structure, material or the feature that the description of " some examples " etc. means to combine this embodiment or example describes comprises
In at least one embodiment or example of the present invention.In this manual, the schematic representation to above-mentioned term not necessarily refers to
It is identical embodiment or example.And, the specific features of description, structure, material or feature can at any one or
Multiple embodiments or example combine in an appropriate manner.
Although above it has been shown and described that embodiments of the invention, it is to be understood that above-described embodiment is exemplary,
Being not considered as limiting the invention, those of ordinary skill in the art is in the case of without departing from the principle of the present invention and objective
Above-described embodiment can be changed within the scope of the invention, revise, replace and modification.The scope of the present invention is by appended power
Profit requires and equivalent limits.
Claims (10)
1. the method for commerce of an electronic signature equipment, it is characterised in that including:
Transaction request is sent to server by electronic signature equipment, and wherein, described transaction request at least includes: dealing money;
Described electronic signature equipment receives at least one first unit data bag, wherein, each first units from described server
A kind of currency denomination in multiple currency denomination, at least one currency denomination representated by the first unit data bag described is represented according to bag
Summation equal to described dealing money;
At least one first unit data bag described is stored in safety chip by described electronic signature equipment.
Method of commerce the most according to claim 1, it is characterised in that
Described each first unit data bag at least includes: the first unit data, described server are to described first unit data label
The first signed data that name obtains;
Before at least one first unit data bag described is stored in safety chip by described electronic signature equipment, described method
Also include:
Described first signed data is verified by described electronic signature equipment, performs described electronic signature equipment after being verified
The step that at least one first unit data bag described is stored in safety chip.
3. according to the method for commerce described in any one of claim 1 to 2, it is characterised in that in described electronic signature equipment by institute
Stating after at least one first unit data bag is stored in safety chip, described method also includes:
Representated by number according at least one the first unit data bag described in receiving and described each first unit data bag
Currency denomination calculate the summation of the currency denomination representated by the first unit data bag and the transaction in described transaction request received
The amount of money is the most consistent, if it is inconsistent, send, to described server, the request of repeating transmission.
4. according to the method for commerce described in any one of claims 1 to 3, it is characterised in that in described electronic signature equipment by institute
Stating before at least one first unit data bag is stored in safety chip, described method also includes:
The safety chip distribution of described electronic signature equipment is for storing the memory space of at least one the first unit data bag described;
At least one first unit data bag described is stored in safety chip, including:
At least one first unit data bag described is stored in the described memory space of correspondence, and by corresponding described storage sky
Between status word be set to take.
5. according to the method for commerce described in any one of claim 2 to 4, it is characterised in that
Described first unit data at least includes: currency denomination data, or, currency sequence number and currency denomination data;
Described first unit data bag the most also includes one below: the bank of issue identifies and bank certificate sequence number.
6. an electronic signature equipment, it is characterised in that described electronic signature equipment includes:
Communication module, for sending transaction request to server, wherein, described transaction request at least includes: dealing money;
Acquisition module, for receiving at least one first unit data bag, wherein, each first unit data from described server
Bao represents a kind of currency denomination in multiple currency denomination, at least one currency denomination representated by the first unit data bag described
Summation is equal to described dealing money;
Security module, is used for storing at least one first unit data bag described.
Electronic signature equipment the most according to claim 6, it is characterised in that
Described each first unit data bag at least includes: the first unit data, described server are to described first unit data label
The first signed data that name obtains;
Described security module, is additionally operable to before storage at least one first unit data bag described, to described first signed data
Verify, and after being verified, perform the operation of storage at least one the first unit data bag described.
8. according to the electronic signature equipment described in any one of claim 6 to 7, it is characterised in that
Described security module, is additionally operable to before storage at least one first unit data bag described, distribution be used for storing described in extremely
The memory space of a few first unit data bag, is stored in the described storage of correspondence by least one first unit data bag described
In space, and it is set to take by the status word of corresponding described memory space.
9. according to the electronic signature equipment described in any one of claim 7 to 8, it is characterised in that
Described first unit data at least includes: currency denomination data, or, currency sequence number and currency denomination data;
Described first unit data bag the most also includes one below: the bank of issue identifies and bank certificate sequence number.
10. a transaction system, it is characterised in that including: set according to the electronic signature described in any one of claim 6 to 9
Standby and server, wherein:
Described server, for receive described electronic signature equipment send described transaction request after, by described at least one
First unit data bag sends to described electronic signature equipment.
Applications Claiming Priority (2)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
CN2016100453392 | 2016-01-22 | ||
CN201610045339 | 2016-01-22 |
Publications (1)
Publication Number | Publication Date |
---|---|
CN105931049A true CN105931049A (en) | 2016-09-07 |
Family
ID=56744518
Family Applications (6)
Application Number | Title | Priority Date | Filing Date |
---|---|---|---|
CN202110217406.5A Pending CN113159763A (en) | 2016-01-22 | 2016-03-25 | Transaction method and transaction system of electronic signature device and electronic signature device |
CN201610178325.8A Pending CN105913256A (en) | 2016-01-22 | 2016-03-25 | Trade method and trade system of electronic signature device |
CN201610179102.3A Pending CN105931048A (en) | 2016-01-22 | 2016-03-25 | Electronic signature devices, and trading method and trading system thereof |
CN201610178067.3A Active CN105956855B (en) | 2016-01-22 | 2016-03-25 | Transaction method and transaction system of electronic signature device |
CN201610178324.3A Pending CN105913255A (en) | 2016-01-22 | 2016-03-25 | Trade method and trade system of electronic signature device, and electronic signature device |
CN201610179104.2A Pending CN105931049A (en) | 2016-01-22 | 2016-03-25 | Electronic signature device, and trading method and trading system thereof |
Family Applications Before (5)
Application Number | Title | Priority Date | Filing Date |
---|---|---|---|
CN202110217406.5A Pending CN113159763A (en) | 2016-01-22 | 2016-03-25 | Transaction method and transaction system of electronic signature device and electronic signature device |
CN201610178325.8A Pending CN105913256A (en) | 2016-01-22 | 2016-03-25 | Trade method and trade system of electronic signature device |
CN201610179102.3A Pending CN105931048A (en) | 2016-01-22 | 2016-03-25 | Electronic signature devices, and trading method and trading system thereof |
CN201610178067.3A Active CN105956855B (en) | 2016-01-22 | 2016-03-25 | Transaction method and transaction system of electronic signature device |
CN201610178324.3A Pending CN105913255A (en) | 2016-01-22 | 2016-03-25 | Trade method and trade system of electronic signature device, and electronic signature device |
Country Status (2)
Country | Link |
---|---|
CN (6) | CN113159763A (en) |
WO (1) | WO2017162164A1 (en) |
Cited By (1)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
WO2018141142A1 (en) * | 2017-02-06 | 2018-08-09 | 吕文华 | Operation system for binary system digital currency |
Families Citing this family (6)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN113159763A (en) * | 2016-01-22 | 2021-07-23 | 天地融科技股份有限公司 | Transaction method and transaction system of electronic signature device and electronic signature device |
CN106228349B (en) * | 2016-07-22 | 2021-01-15 | 天地融科技股份有限公司 | Transaction method of electronic signature device and electronic signature device |
CN107665427A (en) | 2017-08-22 | 2018-02-06 | 阿里巴巴集团控股有限公司 | A kind of offline electronic payment, business processing, the method and device of payment processes |
CN111915431A (en) * | 2019-05-09 | 2020-11-10 | 天地融科技股份有限公司 | Off-line electronic money transaction method and system |
CN112184450B (en) * | 2020-10-13 | 2023-06-20 | 中国联合网络通信集团有限公司 | Transaction settlement method, transaction node, device and medium based on blockchain |
CN114612269B (en) * | 2022-05-11 | 2022-09-13 | 山东国盾网信息科技有限公司 | Electronic labor contract platform based on electronic signature technology |
Citations (3)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN101408970A (en) * | 2008-11-21 | 2009-04-15 | 李东声 | Method, system and apparatus for implementing batch electronic transaction, and electronic signing tool |
CN102468960A (en) * | 2010-11-16 | 2012-05-23 | 卓望数码技术(深圳)有限公司 | Off-line mode identity and transaction authentication method and terminal |
CN103560886A (en) * | 2013-11-04 | 2014-02-05 | 北京旋极信息技术股份有限公司 | Authentication method for electronic signature equipment |
Family Cites Families (13)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
IL120585A0 (en) * | 1997-04-01 | 1997-08-14 | Teicher Mordechai | Countable electronic monetary system and method |
US8285991B2 (en) * | 2000-10-25 | 2012-10-09 | Tecsec Inc. | Electronically signing a document |
EP1205889A1 (en) * | 2000-11-10 | 2002-05-15 | TELEFONAKTIEBOLAGET LM ERICSSON (publ) | Returning of change in an electronic payment system |
US7506812B2 (en) * | 2004-09-07 | 2009-03-24 | Semtek Innovative Solutions Corporation | Transparently securing data for transmission on financial networks |
JP4391375B2 (en) * | 2004-09-30 | 2009-12-24 | フェリカネットワークス株式会社 | Information management apparatus and method, and program |
CN101051907B (en) * | 2007-05-14 | 2012-08-22 | 北京握奇数据系统有限公司 | Safety certifying method and its system for facing signature data |
CN101593338A (en) * | 2009-07-13 | 2009-12-02 | 招商银行股份有限公司 | A kind of method and system of handling electronic transaction request |
CN101719251A (en) * | 2010-01-15 | 2010-06-02 | 陈发勇 | Internet electronic money system |
CN102694795B (en) * | 2012-05-06 | 2018-02-27 | 北京深思数盾科技股份有限公司 | A kind of method for using application service in off-line case |
CN102999570B (en) * | 2012-11-09 | 2016-06-08 | 北京深思数盾科技股份有限公司 | The Off-line control method of application program critical data and system in mobile equipment |
CN103413159B (en) * | 2013-08-15 | 2016-09-21 | 成都市易恒信科技有限公司 | A kind of RFID electronic certificate off-line false proof realization method and system of Jianzhen based on CPK |
EP2924637A1 (en) * | 2014-03-24 | 2015-09-30 | The Roberto Giori Company Ltd. | System and method for electronic money transfer of fractional amounts |
CN113159763A (en) * | 2016-01-22 | 2021-07-23 | 天地融科技股份有限公司 | Transaction method and transaction system of electronic signature device and electronic signature device |
-
2016
- 2016-03-25 CN CN202110217406.5A patent/CN113159763A/en active Pending
- 2016-03-25 CN CN201610178325.8A patent/CN105913256A/en active Pending
- 2016-03-25 CN CN201610179102.3A patent/CN105931048A/en active Pending
- 2016-03-25 CN CN201610178067.3A patent/CN105956855B/en active Active
- 2016-03-25 CN CN201610178324.3A patent/CN105913255A/en active Pending
- 2016-03-25 CN CN201610179104.2A patent/CN105931049A/en active Pending
-
2017
- 2017-03-22 WO PCT/CN2017/077652 patent/WO2017162164A1/en active Application Filing
Patent Citations (3)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN101408970A (en) * | 2008-11-21 | 2009-04-15 | 李东声 | Method, system and apparatus for implementing batch electronic transaction, and electronic signing tool |
CN102468960A (en) * | 2010-11-16 | 2012-05-23 | 卓望数码技术(深圳)有限公司 | Off-line mode identity and transaction authentication method and terminal |
CN103560886A (en) * | 2013-11-04 | 2014-02-05 | 北京旋极信息技术股份有限公司 | Authentication method for electronic signature equipment |
Cited By (1)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
WO2018141142A1 (en) * | 2017-02-06 | 2018-08-09 | 吕文华 | Operation system for binary system digital currency |
Also Published As
Publication number | Publication date |
---|---|
CN105913256A (en) | 2016-08-31 |
CN113159763A (en) | 2021-07-23 |
CN105931048A (en) | 2016-09-07 |
CN105956855B (en) | 2022-02-22 |
CN105913255A (en) | 2016-08-31 |
CN105956855A (en) | 2016-09-21 |
WO2017162164A1 (en) | 2017-09-28 |
Similar Documents
Publication | Publication Date | Title |
---|---|---|
CN105931049A (en) | Electronic signature device, and trading method and trading system thereof | |
CN103746800B (en) | TMK (terminal master key) safe downloading method and system | |
CN106651331B (en) | A kind of electronic trade method and system based on digital cash | |
CN109493016A (en) | Offline electronic payment method, terminal based on digital cash and act on behalf of dispensing device | |
CN109726229A (en) | A kind of block chain date storage method and device | |
CN106600252A (en) | Payment method and payment system based on block chain | |
CN102819893B (en) | Air storage method | |
CN107615317A (en) | The system and method for block chain transaction record | |
WO2001093139A1 (en) | Electronic value system | |
CN103617532A (en) | Offline payment and collection method and device for mobile terminals | |
WO2002099710A1 (en) | Electronic dealing method using electronic coupon | |
CN103839340B (en) | The method and system of e-wallet information synchronization, space transference business platform | |
CN102819809B (en) | A kind of acquisition method of tax-control data and system | |
CN112232792A (en) | Prepaid card transaction system and method based on block chain | |
CN106033571A (en) | Trading method of electronic signature devices, electronic signature devices and trading system | |
CN102713939B (en) | Compatible type transportation card PSAM and PSAM method for running | |
CN101615318A (en) | E-payment system and device thereof | |
CN105976179A (en) | Transaction method and transaction system of electronic signature equipment and electronic signature equipment | |
JP2007310562A (en) | Settlement method using electronic money | |
CN106228349A (en) | The method of commerce of a kind of electronic signature equipment and electronic signature equipment | |
CN105913259A (en) | Trade method and trade system of electronic signature device, and electronic signature device | |
CN205486281U (en) | On -vehicle expressway high velocity electron charge system | |
CN112785299B (en) | Method and device for roaming transaction based on blockchain | |
CN114677128A (en) | Block chain-based public purse cubing method and device | |
CN112446787A (en) | Resource transfer method, device, equipment and storage medium |
Legal Events
Date | Code | Title | Description |
---|---|---|---|
C06 | Publication | ||
PB01 | Publication | ||
C10 | Entry into substantive examination | ||
SE01 | Entry into force of request for substantive examination | ||
RJ01 | Rejection of invention patent application after publication |
Application publication date: 20160907 |
|
RJ01 | Rejection of invention patent application after publication |