CN105931049A - Electronic signature device, and trading method and trading system thereof - Google Patents

Electronic signature device, and trading method and trading system thereof Download PDF

Info

Publication number
CN105931049A
CN105931049A CN201610179104.2A CN201610179104A CN105931049A CN 105931049 A CN105931049 A CN 105931049A CN 201610179104 A CN201610179104 A CN 201610179104A CN 105931049 A CN105931049 A CN 105931049A
Authority
CN
China
Prior art keywords
unit data
electronic signature
data bag
server
signature equipment
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Pending
Application number
CN201610179104.2A
Other languages
Chinese (zh)
Inventor
李东声
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
Tendyron Corp
Tendyron Technology Co Ltd
Original Assignee
Tendyron Technology Co Ltd
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Tendyron Technology Co Ltd filed Critical Tendyron Technology Co Ltd
Publication of CN105931049A publication Critical patent/CN105931049A/en
Pending legal-status Critical Current

Links

Classifications

    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06QINFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES, NOT OTHERWISE PROVIDED FOR
    • G06Q20/00Payment architectures, schemes or protocols
    • G06Q20/38Payment protocols; Details thereof
    • G06Q20/382Payment protocols; Details thereof insuring higher security of transaction
    • G06Q20/3825Use of electronic signatures
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06QINFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES, NOT OTHERWISE PROVIDED FOR
    • G06Q20/00Payment architectures, schemes or protocols
    • G06Q20/38Payment protocols; Details thereof
    • G06Q20/40Authorisation, e.g. identification of payer or payee, verification of customer or shop credentials; Review and approval of payers, e.g. check credit lines or negative lists

Landscapes

  • Business, Economics & Management (AREA)
  • Engineering & Computer Science (AREA)
  • Accounting & Taxation (AREA)
  • Computer Security & Cryptography (AREA)
  • Finance (AREA)
  • Strategic Management (AREA)
  • Physics & Mathematics (AREA)
  • General Business, Economics & Management (AREA)
  • General Physics & Mathematics (AREA)
  • Theoretical Computer Science (AREA)
  • Financial Or Insurance-Related Operations Such As Payment And Settlement (AREA)

Abstract

The invention provides an electronic signature device, and a trading method and a trading system thereof. The trading method comprises that the electronic signature device sends a transaction request to a server, wherein the transaction request at least comprises transaction amount; the electronic signature device receives at least one first unit data package, wherein each first unit data package represents a kind of currency denomination of multiple currency denominations, and the sum of currency denominations represented by the at least one second unit data package is equal to the transaction amount; and the electronic signature device saves the above at least one second unit data package in a security chip. The technical scheme provided by the invention is adopted to realize safe off-line electronic transaction.

Description

The method of commerce of a kind of electronic signature equipment, transaction system and electronic signature equipment
Technical field
The present invention relates to a kind of electronic technology field, particularly relate to the method for commerce of a kind of electronic signature equipment, transaction system and electricity Sub-signature device.
Background technology
In existing electronic transaction, the fund of user is deposited in the account in digital form, such as: user holds the money of 100 yuan Gold, this fund is stored in the user account of bank server in digital form, and after 10 yuan when customer consumption, bank takes Business device needs the fund 100 in user account to be rewritten as 90, to complete the clearance of account.In order to ensure the safety of fund numerical value, After bank server rewrites numerical value, revised fund numerical value 90 be signed.Because user is traded rear account every time Amount of money numerical value in family all can change, so bank server to process for the numerical value after variation every time.Namely Saying, existing electronic transaction bank server to be relied on, the electronic transaction needs that user is carried out and bank server are carried out in real time Synchronize, it is impossible to realize many off-line transactions of complete independently in the case of not networking.
Summary of the invention
It is contemplated that at least solve one of the problems referred to above.
Present invention is primarily targeted at the method for commerce that a kind of electronic signature equipment is provided.
Another object of the present invention is to provide a kind of electronic signature equipment.
A further object of the present invention is to provide a kind of transaction system.
For reaching above-mentioned purpose, technical scheme is specifically achieved in that
Scheme 1, the method for commerce of a kind of electronic signature equipment, including: transaction request is sent to server by electronic signature equipment, Wherein, described transaction request at least includes: dealing money;Described electronic signature equipment from described server receive at least one One unit data bag, wherein, each first unit data bag represents a kind of currency denomination in multiple currency denomination, described at least The summation of the currency denomination representated by one the first unit data bag is equal to described dealing money;Described electronic signature equipment is by described At least one first unit data bag is stored in safety chip.
Scheme 2, according to the method for commerce described in scheme 1, described each first unit data bag at least includes: the first units Described first unit data signed the first signed data obtained according to, described server;In described electronic signature equipment by described Before at least one first unit data bag is stored in safety chip, described method also includes: described electronic signature equipment is to institute State the first signed data to verify, after being verified, perform described electronic signature equipment by least one first units described The step being stored in safety chip according to bag.
Scheme 3, according to the method for commerce described in scheme 1, described transaction request also includes: setting of described electronic signature equipment Standby mark;Described each first unit data bag at least includes: the first unit data, described server are to described first units The second signed data obtained according to the device identification signature with described electronic signature equipment;Described electronic signature equipment by described extremely Before a few first unit data bag is stored in safety chip, described method also includes: described electronic signature equipment is to described Second signed data is verified, performs described electronic signature equipment by least one first unit data described after being verified The step that bag is stored in safety chip.
Scheme 4, according to the method for commerce described in any one of scheme 1 to 3, described electronic signature equipment by described at least one After first unit data bag is stored in safety chip, described method also includes: according to described in receiving at least one first Currency denomination representated by the number of unit data bag and described each first unit data bag calculates the first units received Summation according to the currency denomination representated by bag is the most consistent with the dealing money in described transaction request, if it is inconsistent, to institute State server and send the request of repeating transmission.
Scheme 5, according to the method for commerce described in scheme 4, after sending, to described server, the request of repeating transmission, described method is also Including: described electronic signature equipment receives the retransmission of information that described server sends according to the described request of retransmitting, wherein, described heavy Photos and sending messages includes at least one first unit data bag described;Described electronic signature equipment will be stored in described safety chip before Described at least one first unit data bag delete, and again store described server retransmit at least one first unit described Packet.
Scheme 6, according to the method for commerce described in scheme 4, after sending, to described server, the request of repeating transmission, described method is also Including: described electronic signature equipment receives the retransmission of information that described server sends according to the described request of retransmitting, wherein, described heavy Photos and sending messages includes the first unit data bag that described electronic signature equipment does not receives;Described electronic signature equipment does not receives described To the first unit data bag be stored in described safety chip.
Scheme 7, according to the method for commerce described in any one of scheme 1 to 6, described electronic signature equipment by described at least one Before first unit data bag is stored in safety chip, described method also includes: the safety chip of described electronic signature equipment divides It is used in the memory space of storage at least one the first unit data bag described;By at least one first unit data bag storage described In safety chip, including: at least one first unit data bag described is stored in the described memory space of correspondence, and will The status word of corresponding described memory space is set to take.
Scheme 8, according to the method for commerce described in any one of scheme 1 to 7, described electronic signature equipment by described at least one After first unit data bag is stored in safety chip, described method also includes: described electronic signature equipment utilizes enumerator Count value obtains total number of the first currently stored unit data bag.
Scheme 9, according to the method for commerce described in any one of scheme 1 to 8, described electronic signature equipment by described at least one After first unit data bag is stored in safety chip, described method also includes: described electronic signature equipment is by described trade gold Volume counts current account balance, shows described dealing money and/or described current account balance to holding user.
Scheme 10, according to the method for commerce described in any one of scheme 2 to 9, described first unit data at least includes: currency face Value Data, or, currency sequence number and currency denomination data;Described first unit data bag the most also includes one below: distribution Bank identifier and bank certificate sequence number.
Scheme 11, a kind of electronic signature equipment, described electronic signature equipment includes: communication module, for transaction request being sent To server, wherein, described transaction request at least includes: dealing money;Acquisition module, for from described server receive to A few first unit data bag, wherein, each first unit data bag represents a kind of currency denomination in multiple currency denomination, The summation of at least one currency denomination representated by the first unit data bag described is equal to described dealing money;Security module, is used for Storage at least one first unit data bag described.
Scheme 12, according to the electronic signature equipment described in scheme 11, described each first unit data bag at least includes: first The first signed data that described first unit data signature is obtained by unit data, described server;Described security module, also uses In before storage at least one first unit data bag described, described first signed data is verified, and is being verified The rear operation performing storage at least one the first unit data bag described.
Scheme 13, according to the electronic signature equipment described in scheme 11, described transaction request also includes: described electronic signature sets Standby device identification;Described each first unit data bag at least includes: the first unit data, described server are to described first The second signed data that the device identification signature of unit data and described electronic signature equipment obtains;Described security module, is additionally operable to Before storage at least one first unit data bag described, described second signed data is verified, and after being verified Perform the operation of storage at least one the first unit data bag described.
Scheme 14, according to the electronic signature equipment described in any one of scheme 11 to 13, described security module, be additionally operable to storage After at least one first unit data bag described, according to the number of at least one the first unit data bag described in receiving and Currency denomination representated by described each first unit data bag calculates the currency denomination representated by the first unit data bag received Summation the most consistent with the dealing money in described transaction request, if it is inconsistent, by described communication module to described clothes Business device sends the request of repeating transmission.
Scheme 15, according to the electronic signature equipment described in scheme 14, described acquisition module, be used for receiving described server according to The retransmission of information that the described request of retransmitting sends, wherein, described retransmission of information includes at least one first unit data bag described;Institute Stating security module, at least one first unit data bag is deleted described in will store before, and again stores described server At least one the first unit data bag described retransmitted.
Scheme 16, according to the electronic signature equipment described in scheme 14, described acquisition module, be used for receiving described server according to The retransmission of information that the described request of retransmitting sends, wherein, described retransmission of information includes first that described electronic signature equipment does not receives Unit data bag;Described security module, is used for the first unit data bag not received described in storing.
Scheme 17, according to the electronic signature equipment described in any one of scheme 11 to 16, described security module, be additionally operable to storage Before at least one first unit data bag described, distribution is used for storing the memory space of at least one the first unit data bag described, At least one first unit data bag described is stored in the described memory space of correspondence, and by corresponding described memory space Status word is set to take.
Scheme 18, according to the electronic signature equipment described in any one of scheme 11 to 17, described security module, be additionally operable to utilize meter The count value of number device obtains total number of the first currently stored unit data bag.
Scheme 19, according to the electronic signature equipment described in any one of scheme 11 to 18, described electronic signature equipment also includes alternately Module;Described security module, for, after storage at least one first unit data bag described, counting described dealing money Current account balance;Described interactive module, for showing described dealing money and/or described current account balance to holding user.
Scheme 20, according to the electronic signature equipment described in any one of scheme 12 to 19, described first unit data at least includes: Currency denomination data, or, currency sequence number and currency denomination data;Described first unit data bag the most also includes one below: Bank of issue's mark and bank certificate sequence number.
Scheme 21, a kind of transaction system, including: according to the electronic signature equipment described in any one of scheme 11 to 20 and server, Wherein: described server, for after receiving the described transaction request that described electronic signature equipment sends, by described at least one Individual first unit data bag sends to described electronic signature equipment.
As seen from the above technical solution provided by the invention, the invention provides a kind of electronic signature equipment method of commerce, Transaction system and electronic signature equipment.Use the technical scheme that the present invention provides, can by the fund of user with at least one the The form of one unit data bag is stored in the electronic signature equipment of user.User is when consumption, because fund is no longer with numerical value Form be stored in electronic signature equipment, so electronic signature equipment need not change storage numerical value, it is only necessary to consumption will be met One or more first unit data bags of the amount of money are sent to beneficiary, improve the safety of electronic transaction, and, due to Electronic signature equipment need not the numerical value of change storage, and server need not supervise electronic signature equipment again, therefore electronics Signature device need not when carrying out electronic transaction rely on server, it is achieved off line electronic transaction.
Accompanying drawing explanation
In order to be illustrated more clearly that the technical scheme of the embodiment of the present invention, the required accompanying drawing used in embodiment being described below It is briefly described, it should be apparent that, the accompanying drawing in describing below is only some embodiments of the present invention, for this area From the point of view of those of ordinary skill, on the premise of not paying creative work, it is also possible to obtain other accompanying drawings according to these accompanying drawings.
The flow chart of the method for commerce of the electric signing tools that Fig. 1 provides for the embodiment of the present invention 1;
The structural representation of the transaction system that Fig. 2 provides for the embodiment of the present invention 2.
Detailed description of the invention
Below in conjunction with the accompanying drawing in the embodiment of the present invention, the technical scheme in the embodiment of the present invention is clearly and completely described, Obviously, described embodiment is only a part of embodiment of the present invention rather than whole embodiments.Reality based on the present invention Execute example, the every other embodiment that those of ordinary skill in the art are obtained under not making creative work premise, broadly fall into Protection scope of the present invention.
In describing the invention, it is to be understood that term " " center ", " longitudinally ", " laterally ", " on ", D score, " front ", Orientation or the position relationship of the instruction such as " afterwards ", "left", "right", " vertically ", " level ", " top ", " end ", " interior ", " outward " are base In orientation shown in the drawings or position relationship, it is for only for ease of the description present invention and simplifies description rather than instruction or hint institute The device that refers to or element must have specific orientation, with specific azimuth configuration and operation, therefore it is not intended that to the present invention Restriction.Additionally, term " first ", " second " are only used for describing purpose, and it is not intended that instruction or hint relative importance Or quantity or position.
In describing the invention, it should be noted that unless otherwise clearly defined and limited, term " install ", " being connected ", " connect " and should be interpreted broadly, connect for example, it may be fixing, it is also possible to be to removably connect, or be integrally connected;Permissible It is to be mechanically connected, it is also possible to be electrical connection;Can be to be joined directly together, it is also possible to be indirectly connected to by intermediary, can be two The connection of individual element internal.For the ordinary skill in the art, can understand that above-mentioned term is in the present invention with concrete condition In concrete meaning.
Below in conjunction with accompanying drawing, the embodiment of the present invention is described in further detail.
Embodiment 1
The flow chart of the method for commerce of a kind of electronic signature equipment that Fig. 1 provides for the present embodiment.Embodiment of the method shown in Fig. 1, Comprise the following steps S11 to S13:
Step S11, transaction request is sent to server by electronic signature equipment, and wherein, transaction request at least includes: trade gold Volume.
In the present embodiment, electronic signature equipment can be the electronic equipment with signature function, such as, has signature function Smart card (mass transit card, bank card, purchase card etc.), the U-shield etc. of industrial and commercial bank.A kind of optional embodiment party of the present embodiment In formula, electronic signature equipment can be set up with external equipment (such as PC or mobile terminal etc.) and be connected, will by this external equipment Transaction request sends to server.Or, electronic signature equipment has wireline interface or wave point, sets up wired with server Connect or wireless connections, directly transaction request is sent to server.Wherein, radio connection can include bluetooth, NFC The mode such as near-field communication and WIFI.Thus, in the present embodiment, electronic signature equipment can be in several ways by transaction request Send to server.As the optional embodiment of one, server includes bank server or third-party server, such as, Third-party server can be the purchase card stored value server in certain market.
Such as, this electronic signature equipment needs the operation performing to supplement with money, just to server (bank server or the purchase card in market Stored value server) send the transaction request for supplementing with money, the dealing money carried in this transaction request is that electronic signature equipment please Seek the amount of money numerical value that server is supplemented with money, in order to server returns first unit data corresponding with dealing money to electronic signature equipment Bag (i.e. the summation of the currency denomination of the first unit data bag that server returns is equal to dealing money).
Step S12, electronic signature equipment receives at least one first unit data bag, wherein, each first unit from server Packet represents a kind of currency denomination in multiple currency denomination, at least one currency face representated by the first unit data bag above-mentioned The summation of value is equal to dealing money.
In the present embodiment, each first unit data bag represents a kind of currency denomination in multiple currency denomination, say, that goods Coin face amount has multiple, when electronic signature equipment only receives a first unit data bag from server, and this first units A kind of currency denomination therein is only represented according to bag.When electronic signature equipment receives multiple first unit data bag from server, Multiple first unit data bags can represent multiple different currency denomination, and such as, the number of the first unit data bag is 3, Each first unit data bag respectively representative money face amount 1 yuan, 2 yuan and 5 yuan;Or, multiple first unit data bags can To represent identical currency denomination, such as, the number of the first unit data bag is 3, and each first unit data Bao Jun represents Currency denomination 1 yuan;Again or, the currency denomination representated by multiple first unit data bags had both included identical also include not phase Same currency denomination, such as, the number of the first unit data bag is 3, each first unit data bag representative money face respectively It is worth 1 yuan, 1 yuan and 2 yuan.Thus, at least one first unit data Bao Suodai that electronic signature equipment receives from server The currency denomination of table has compound mode flexibly.
In a kind of optional embodiment of the present embodiment, at least including the first unit data in the first unit data bag, this is first years old Unit data at least includes: currency denomination data, or, currency sequence number and currency denomination data.Wherein, currency denomination data It is the currency denomination representated by the first unit data bag, identifies the currency denomination representated by the first unit data bag, currency with this The unique serial number of each first unit data bag of serial number, the most different currency sequence numbers in the first unit data bag is different. Thereby, it is possible to ensure the uniqueness of each first unit data bag, in order to recognize the true and false of the first unit data bag.As one Planting optional embodiment, the first unit data bag the most also includes one below: the bank of issue identifies and bank certificate sequence number. Wherein, the bank of issue is designated the identification information of the bank issuing this first unit data bag, thus can inquire about according to this mark To the relevant information of the corresponding bank of issue, and, electronic signature equipment can be according to bank of issue's mark and bank certificate sequence number Obtain the bank certificate of the corresponding bank of issue, bank certificate includes the PKI of the bank of issue, in order to electricity in subsequent step Sub-signature device utilizes the PKI of the bank of issue that the signature of the first unit data completes checking.
In a kind of optional embodiment of the present embodiment, the first unit data bag the most also includes: the first unit data and clothes The first signed data that first unit data signature is obtained by business device.As the optional embodiment of one, server by utilizing self Private key respectively the first unit data in each first unit data bag is signed, obtain and each first unit data bag The first corresponding signed data.At least one is carried the first unit data bag of the first signed data and sends to electronics by server Signature device, in order in subsequent step, electronic signature equipment utilizes the verity of public key verifications the first unit data bag of server.
In the another kind of optional embodiment of the present embodiment, electronic signature equipment is sent in the transaction request of server also include: The device identification of electronic signature equipment;Each first unit data bag at least includes: the first unit data, server are single to first The second signed data that the device identification signature of bit data and electronic signature equipment obtains.As the optional embodiment of one, clothes Business device utilizes the private key of self to sign the device identification of the first unit data and electronic signature equipment, obtains and each first unit The second signed data that packet is corresponding.At least one is carried the first unit data bag of the second signed data and sends by server To electronic signature equipment, in order in subsequent step, electronic signature equipment utilizes public key verifications the first unit data bag of server Correctness.
In the present embodiment, server, can be from this electronic signature equipment pair after receiving the transaction request that electronic signature equipment sends The account answered deducts the dealing money of electronic signature equipment request, and issues the summation of currency denomination for electronic signature equipment and be equal to At least one of dealing money the first unit data bag, receives these the first unit data bags in electronic signature equipment, i.e. supplements with money After success, just can complete off-line transaction with other electronic signature equipment, i.e. need not again just can be to other with server networking Electronic signature equipment transfers accounts (will the first unit data bag be transmitted to other electronic signature equipment).Each first unit data bag institute The currency denomination represented can be the same or different, and is sent to the number of the first unit data bag of electronic signature equipment and each Currency denomination representated by individual first unit data bag can be determined according to dealing money by server, it is also possible to is set by electronic signature Rear notification server is determined, such as, as the optional embodiment of the one in the present embodiment, electronic signature for according to dealing money The transaction request that equipment sends can also be carried kind and the number of the first unit data bag.The former server can be real flexibly Issuing of existing first unit data bag, the latter can meet user to the number of the first unit data bag and the demand of face amount.? In a kind of optional embodiment of the present embodiment, each first unit data bag represents a kind of currency denomination in multiple currency denomination, Such as, the currency denomination representated by the first unit data bag includes: 1 yuan, 2 yuan, 5 yuan, 10 yuan, 20 yuan, 50 yuan and 100 Unit, certainly, if following country has issued new currency denomination or other in addition to making by RMB are regional, national Currency denomination fall within protection scope of the present invention, the present embodiment is only illustrated with RMB face amount.Such as, electricity Transaction request is sent to server by sub-signature device, and wherein, the dealing money that transaction request includes is 10 yuan, and electronic signature sets Standby receive 5 the first unit data bags from server, the currency denomination representated by 5 the first unit data bags be respectively 1 yuan, 1 Unit, 1 yuan, 2 yuan and 5 yuan, the summation of the currency denomination representated by 5 the first unit data bags is 10 yuan, with dealing money Equal.Certainly, when the dealing money that transaction request includes is 10 yuan, electronic signature equipment can also receive 10 from server Individual the first unit data bag representing 1 yuan of currency denomination, or, 2 the first unit data bags representing 5 yuan of currency denominations, Or, 1 the first unit data bag representing 10 yuan of currency denominations.It is to say, the first electron unit monetary data Bao Suodai The currency denomination of table and number can be with flexible combination, it is only necessary to make at least one currency representated by the first unit data bag received The summation of face amount is equal to dealing money, the most only as a example by dealing money is 10 yuan, identical for other amount of money Numerical Principles, The most no longer illustrate.Thus, determine the number of the first unit data bag at server according to dealing money, and each In the case of face amount representated by one unit data bag, server can realize issuing of the first unit data bag, Ke Yiyou flexibly Various combinations;The number of the first unit data bag, and each first units is determined according to dealing money in electronic signature equipment In the case of the face amount representated by bag, can be by the currency face representated by the first unit data bag of the number of request and correspondence Value sends to server, thus can meet user to the number of the first unit data bag and the demand of face amount.
The safety of data transmission in the first unit data packet procedures is issued in order to improve server further, a kind of at the present embodiment In optional embodiment, electronic signature equipment can also receive the ciphertext data of at least one the first unit data bag from server, Wherein, at least one first unit data bag is encrypted by server and to obtain by these ciphertext data, and electronic signature equipment is permissible This ciphertext data deciphering obtains the first unit data bag original text, and server and electronic signature equipment can add solution by symmetric key Close or unsymmetrical key encryption and decryption mode realizes the safe transmission of data.As the optional mode of one, server is at least one The cipher mode that individual first unit data bag is encrypted includes: the PKI of server by utilizing electronic signature equipment at least one One unit data bag is encrypted (this mode being asymmetric-key encryption), or, server by utilizing is assisted with electronic signature equipment At least one first unit data bag is encrypted by the symmetric key that business obtains.Electronic signature equipment receive ciphertext data it After, utilize the manner of decryption corresponding with the cipher mode of server ciphertext data to be decrypted, obtain at least one first unit Packet is in plain text, i.e. utilize the private key of electronic signature equipment that this ciphertext data deciphering obtains the first unit data bag (this in plain text Mode for unsymmetrical key deciphering), or, electronic signature equipment utilizes the symmetric key consulting to obtain with server to this ciphertext Data deciphering obtains the first unit data bag in plain text.Thus, it is possible to prevent from the first unit data from wrapping in transmitting procedure being replicated or Distort, improve the safety of data transmission.
Step S13, at least one first unit data bag above-mentioned is stored in safety chip by electronic signature equipment.
In a kind of optional embodiment of the present embodiment, electronic signature equipment is provided with safety chip, inside this safety chip Have independent processor and memory element, PKI digital certificate and key, and other characteristics can be stored, data are entered Row encryption and decryption computing, provides the user data encryption and identification safety authentication service, in the present embodiment, the peace of electronic signature equipment In full chip, the first unit data bag of storage can not illegally be read, it is ensured that the Information Security of storage.
Before step S13, the method that the present embodiment provides also includes: the safety chip distribution of electronic signature equipment is used for storing The memory space of at least one the first unit data bag above-mentioned.In the present embodiment, in step S13 by above-mentioned at least one first Unit data bag is stored in safety chip, specifically includes: at least one first unit data bag above-mentioned is stored in depositing of correspondence In storage space, and it is set to take by the status word of corresponding memory space.Wherein, safety chip is each first unit data Bag one memory space of distribution, a memory space can only store a first unit data bag, and the transaction of electronic signature equipment Record also can record the position of the memory space of each the first unit data bag storage received from server in a transaction. It is the most occupied that the status word of memory space is used for identifying this memory space, if the most occupied, then electronic signature equipment The first unit data bag can not be stored at this occupied memory space.When all memory spaces of safety chip distribution are the most occupied Used time, electronic signature equipment needs make requests on server update packet or apply for the operation of new memory space, wherein, As the optional embodiment of one, electronic signature equipment can apply for the first unit that new memory space is newly received with storage Packet.As the optional embodiment of another kind, electronic signature equipment can also update locally stored the to server request One unit data bag, such as, electronic signature equipment can N number of (N be the most whole more than 1 by locally stored with request server Number) represent the first unit data bag of little face amount and replace with 1 or M (M < N) and represent the first units of big currency denomination Store according to bag, as long as the amount of currency of storage is constant, the most just can discharge multiple memory space, thus save The first unit data bag that memory space is newly received with storage.Additionally, in order to improve the safety that data store further, In this step, each first unit data bag can also be encrypted and obtain each first unit data bag by electronic signature equipment Ciphertext data, and each ciphertext data are stored in the memory space of correspondence.Thus, it is possible to ensure to be stored in safety chip The first unit data bag in memory space can not be by fraudulent copying or change, the safety guaranteeing to store the first unit data bag with this Property.
In the present embodiment, in order to be further ensured that the true of the first unit data bag of the storage of electronic signature equipment in step S13 Property, before performing step S13, as the optional embodiment of the one in the present embodiment, this method of commerce also includes: electronics First signed data is verified by signature device, performs step S13 after being verified.Wherein, the first signed data is clothes First unit data is signed and is obtained by business device, and each first unit data bag at least includes: the first unit data and clothes The first signed data that first unit data signature is obtained by business device, so that electronic signature equipment can verify the first units Verity according to bag.As the optional embodiment of one, the first signed data is that the private key of server by utilizing self is single to first Bit data carries out the signed data obtained of signing.Accordingly, electronic signature equipment carries out checking to the first signed data and specifically includes: Electronic signature equipment utilizes the PKI of this server that the first signed data is carried out sign test.As a example by server is as bank server, Bank server carries out HASH computing and obtains the summary message A1 of the first unit data the first unit data, and utilizes bank to take The private key of business device self carries out signature computing and obtains the first signed data this summary message A1, and carries at the first unit data bag In be issued to electronic signature equipment.Electronic signature equipment can utilize the PKI of this bank server to test the first signed data Sign, specifically, electronic signature equipment utilize the PKI of bank server the first electronic signature data is carried out computing obtain computing knot Really A2, and the first unit data in the first unit data bag received is carried out HASH computing obtain the first unit data Summary message A3, compares operation result A2 with summary message A3, if comparison result is consistent, then and electronic signature equipment First electronic signature data sign test is passed through.Wherein, electronic signature equipment can be according to the bank certificate in the first unit data bag Sequence number and/or bank of issue's mark obtain the PKI of bank, and such as, electronic signature equipment can be according in the first unit data bag The bank of issue identifies, and obtains the bank certificate of this bank from bank of issue's server corresponding with the first signed data to be verified, And from bank certificate, obtain the PKI of this bank;The most such as, electronic signature equipment can prestore the bank certificate of each bank, Obtain from each bank certificate prestored and the first number of signature to be verified according to the bank certificate sequence number in the first unit data bag According to corresponding bank certificate, and from corresponding bank certificate, obtain the PKI of bank.Thus, electronic signature equipment utilizes bank PKI the first signed data carried in the first unit data bag is carried out sign test, the true of the first unit data bag can be verified Property.Foregoing description only illustrates as a example by server is as bank server, but the present embodiment is not limited to bank server, its Within the detailed description of the invention of his third-party server such as supermarket shopping card stored value server etc. belongs to protection scope of the present invention.
Further, electronic signature equipment, on the premise of the first unit data bag guaranteeing to receive is true, still wants to confirm clothes again The object that business device sends is this electronic signature equipment the most really, to avoid storing the packet that server is sent out by mistake, is performing step Before S13, this method of commerce also includes: the second signed data is verified by electronic signature equipment, performs after being verified Step S13.Wherein, the second signed data is that the device identification of the first unit data and electronic signature equipment is signed by server Arriving, therefore, in a kind of optional embodiment of the present embodiment, electronic signature equipment is sent in the transaction request of server Also include: the device identification of electronic signature equipment;Each first unit data bag at least includes: the first unit data, server The second signed data obtaining the device identification signature of the first unit data and electronic signature equipment, so that electronic signature sets Standby verity and the correctness that can verify the first unit data bag.As the optional embodiment of one, the second signed data is The device identification of the first unit data and electronic signature equipment is signed the label obtained by the private key of server by utilizing server self Name data, say, that the signature object of each second signed data is setting of each first unit data and electronic signature equipment The combination of standby mark.Accordingly, electronic signature equipment carries out checking to the second signed data and specifically includes: electronic signature equipment profit Respectively each second signed data is carried out sign test with the PKI of server.As a example by server is as bank server, bank service Device utilizes the private key of self that the device identification of the first unit data and electronic signature equipment is carried out signature to obtain the second signed data, And carry and be issued to electronic signature equipment in the first unit data bag.Electronic signature equipment can utilize the public affairs of this bank server Key carries out sign test to the second signed data.Wherein, electronic signature equipment can be according to the bank certificate sequence in the first unit data bag Number and/or bank of issue's mark obtain the bank certificate of this bank, and from bank certificate, obtain the PKI of this bank, such as, electricity Sub-signature device can identify according to the bank of issue in the first unit data, sends out from corresponding with the second signed data to be verified Row bank server obtains the PKI of this bank;The most such as, electronic signature equipment can prestore the bank certificate of each bank, root Obtain from each bank certificate prestored and the second signed data to be verified according to the bank certificate sequence number in the first unit data bag Corresponding bank certificate, and from corresponding bank certificate, obtain the PKI of bank.Thus, electronic signature equipment utilizes bank PKI carries out sign test to the second signed data carried in the first unit data bag, is possible not only to verify the true of the first unit data bag Reality, it is also possible to prove that the first unit data bag strictly bank server is handed down to this electronic signature equipment, i.e. verify first The correctness of unit data bag.Foregoing description only illustrates as a example by server is as bank server, but the present embodiment does not limit In bank server, the detailed description of the invention of other third-party server such as supermarket shopping card stored value server etc. belongs to the present invention Protection domain within.
In order to ensure that electronic signature equipment is collected money less, i.e. ensure the total of the first unit data bag that electronic signature equipment receives The amount of money is equal to dealing money, and in a kind of optional embodiment of the present embodiment, after step s 13, this method of commerce also wraps Include: according to the currency face representated by the number of at least one received the first unit data bag and each first unit data bag The summation that value calculates the currency denomination representated by the first unit data bag received is the most consistent with the dealing money in transaction request, If it is inconsistent, send, to server, the request of repeating transmission.Such as, dealing money is 10 yuan, and electronic signature equipment connects from server Receiving 5 the first unit data bags, whether the summation calculating the currency denomination representated by 5 the first unit data bags is equal to 10 yuan, If less than 10 yuan, then server sends the request of repeating transmission.Thus, electronic signature equipment can be asked by sending to retransmit to server Ask, the problem solving the deficiency of the currency denomination representated by the first unit data bag received.
In electronic signature equipment after server sends the request of repeating transmission, electronic signature equipment can receive the repeating transmission letter that server returns Breath, the content according to the request of retransmitting is different, and the retransmission of information that server returns also can be different, such as, retransmit in request and can take The device identification of having electronic signature device, transaction record are (such as the numbering of every transaction, accounts information, timestamp, dealing money And the number of the first unit data bag received and representative currency denomination etc., these server sides also can corresponding be remembered Record), in order to a certain transaction that server lookup to this electronic signature equipment is corresponding, all these transactions of repeating transmission corresponding first Unit data bag is to electronic signature equipment, the most such as, retransmits the number that can also carry the first unit data bag received in request (mark of a first unit data bag can be uniquely identified, if server is each first unit data bag configuration according to bag mark Unique mark, or currency sequence number), after server receives these package identifications, can inquire and Lou send out or transmitting procedure In lost which the first unit data bag, the first unit data bag that is that these leakages generated or that lose in transmitting procedure sends to the most electric Sub-signature device.Below the first unit data bag is retransmitted with regard to server illustrative:
Such as, in electronic signature equipment after server sends the request of repeating transmission, electronic signature equipment receives server according to repeating transmission The retransmission of information that request sends, wherein, retransmission of information includes at least one first unit data bag.Electronic signature equipment will before Be stored in the first unit data bag of at least one in safety chip delete, and again storage server retransmit at least one first Unit data bag.As the optional embodiment of one, electronic signature equipment after sending, to server, the request of repeating transmission, electronics label Name equipment receives the retransmission of information that server sends according to the request of repeating transmission, wherein, at least includes: electronic signature in this repeating transmission request The device identification of equipment and transaction record, retransmission of information includes at least one first unit data bag, i.e. optionally implements at this In mode, server has retransmitted, to electronic signature equipment, whole first unit data bags that a transaction is corresponding, in the present embodiment, Server, when being traded with per-unit electronics signature instrument, also can store transaction record corresponding to each transaction (such as every friendship The number of the first unit data bag of easy numbering, accounts information, timestamp, dealing money and transmission and representative goods Coin face amount etc.) and the device identification of electronic signature equipment, this electronics can be inquired according to device identification and transaction record The a certain transaction that signature device is corresponding, in this optional embodiment, the electronic signature equipment request that server can will inquire First unit data bag of this transaction retransmitted all is retransmitted to electronic signature equipment, to ensure that electronic signature equipment receives completely The first unit data bag, the transaction errorless (such as supplementing with money errorless) of server and electronic signature equipment.
In order to ensure that electronic signature equipment will not repeat to store packet, receive the first of server repeating transmission in electronic signature equipment Before unit data bag, the method that the present embodiment provides also includes: electronic signature equipment will be stored in safety chip extremely before A few first unit data bag is deleted (i.e. in this optional embodiment, owing to server can be by the first unit of this transaction Packet all resends to electronic signature equipment, electronic signature equipment must will receive before whole the of this transaction One unit data bag, i.e. before at least one first unit data bag corresponding to this transaction of being stored in safety chip delete), And at least one first unit data bag that storage server is retransmitted again, wherein, electronic signature equipment is performing above-mentioned deletion the After the operation of one unit data bag, can be set to vacant by the status word of shared memory space, electronic signature equipment is permissible Again the first unit data bag received is stored to the memory space of the distribution of safety chip before, and the storage sky that will take Between status word be set to take, thereby guarantee that electronic signature equipment will not repeat to store the first identical unit data bag, and protect Demonstrate,prove same memory space and can only store a first unit data bag.
For example, for the transaction of a numbered 1*******, the dealing money in the transaction request of electronic signature equipment is 10 yuan, 5 the first unit data bags representing 2 yuan of currency denominations respectively that electronic signature equipment reception server sends, but by Loss of data in transmitting procedure, electronic signature equipment only receives 4 the first unit datas representing 2 yuan of currency denominations respectively Bag, currency denomination summation is 8 yuan, unequal with dealing money 10 yuan.For this transaction, electronic signature equipment is to server Sending the request of repeating transmission, and receive the retransmission of information that server sends according to the request of repeating transmission, this repeating transmission request includes: electronic signature The device identification of equipment and transaction record, server, can be according to device identification and transaction after receiving this repeating transmission request Record queries is to this transaction corresponding to this electronic signature equipment, and server can be by the electronic signature equipment request repeat that inquires First unit data bag of this transaction all retransmits that to be sent to this of electronic signature equipment to electronic signature equipment, i.e. server heavy Photos and sending messages includes 5 the first unit data bags representing 2 yuan of currency denominations respectively.Electronic signature equipment will be stored in safety before In chip 4 represent the first unit data bag of 2 yuan of currency denominations respectively and delete, and again store 5 of server repeating transmission Represent the first unit data bag of 2 yuan of currency denominations respectively.Thus, needed for electronic signature equipment is not received by a transaction Whole first unit data bag time, server can be by the whole first unit data packet retransmissions needed for this transaction to electronics label Name equipment, so that transaction can smoothly complete.
The most such as, in electronic signature equipment after server sends the request of repeating transmission, electronic signature equipment receives server according to weight The retransmission of information that the request of sending out sends, wherein, retransmission of information includes the first unit data bag that electronic signature equipment does not receives, and The the first unit data bag not received is stored in safety chip.
As the optional embodiment of one, electronic signature equipment is after sending, to server, the request of repeating transmission, and electronic signature equipment connects Receive the retransmission of information that server sends according to the request of repeating transmission, wherein, this repeating transmission request at least includes: setting of electronic signature equipment Standby mark, transaction record and the package identification of each the first unit data bag received, retransmission of information includes electronic signature The first unit data bag that equipment does not receives, i.e. in this optional embodiment, server is retransmitted to electronic signature equipment One transaction is leaked the first unit data bag that is that send out or that lose in transmitting procedure, can look into according to device identification and transaction record Asking a certain transaction that this electronic signature equipment is corresponding, server can being somebody's turn to do this electronic signature equipment request repeat inquired Those first unit data packet retransmissions corresponding to the package identification that do not inquires in transaction are to electronic signature equipment, to ensure Electronic signature equipment receives the transaction errorless (such as supplementing with money errorless) of the first complete unit data bag, server and electronic signature equipment. Compared with the optional embodiment in a upper example, this optional embodiment can reduce the volume of transmitted data of server, is substantially reduced The workload of server, improves the work efficiency that server is retransmitted.
In this optional embodiment, after electronic signature equipment receives the first unit data bag that server is retransmitted, electronic signature The the first unit data bag not received before is stored in safety chip by equipment, i.e. electronic signature equipment will receive again First unit data bag is stored in the memory space distributed before safety chip, and the status word of the memory space taken is set to Take, thereby guarantee that same memory space can only store a first unit data bag.
For example, for the transaction of a numbered 1*******, the dealing money in the transaction request of electronic signature equipment is 5 yuan, electronic signature equipment receives 2 the first unit data bags (abbreviations 2 representing 2 yuan of currency denominations respectively that server sends Metadata bag), and 1 the first unit data bag (being called for short 1 metadata bag) representing 1 yuan of currency denomination, but due to transmission During loss of data, electronic signature equipment only receives 22 metadata bags, and currency denomination summation is 4 yuan, with trade gold Volume 5 yuan is unequal.For this transaction, electronic signature equipment sends, to server, the request of repeating transmission, and receives server according to weight The retransmission of information that the request of sending out sends, also carries the package identification of 22 metadata bags in the request of retransmitting, and server receives After asking to this repeating transmission, all first unit data bags of its correspondence can be inquired for this transaction of this electronic signature equipment, Just it appeared that retransmit the package identification not having 1 metadata bag in request, this 1 metadata packet retransmission can be given electricity by server Sub-signature device, i.e. server are sent to this retransmission of information of electronic signature equipment and include 11 metadata bag.Electronic signature sets Standby 11 metadata bag by server repeating transmission is stored in safety chip.In the present embodiment, electronic signature equipment is to server Can include the package identification of part the first unit data bag being received in the repeating transmission request sent, server is permissible The the first unit data bag needing in retransmission of information to carry is determined according to the package identification in the request of retransmitting.Thus, electronics is worked as When signature device is not received by the whole first unit data bag needed for a transaction, server can be by unreceived part One unit data packet retransmission, to electronic signature equipment, not only reduces the transmission quantity of retransmission data, also ensure that transaction can be smooth Complete.
Below it is all to illustrate as a example by the embodiment of a transaction, in the present embodiment, every in many transactions Transaction can realize in the manner described above.
In the present embodiment, the memory space of electronic signature equipment is limited after all, accordingly, it would be desirable to monitor electronic signature at any time The remaining space of equipment, in order to instant-free memory space, it is to avoid do not have redundant space to cause Fail Transaction in process of exchange Problem.In a kind of optional embodiment of the present embodiment, electronic signature equipment is additionally provided with enumerator, by this enumerator The residual memory space of electronic signature equipment can be monitored in real time.Specifically, after each transaction terminates, i.e. in step S13 After middle electronic signature equipment stores the first unit data bag received, electronic signature equipment utilizes the count value of enumerator to obtain Total number to the first currently stored unit data bag.Specifically, this transaction can all be added at each transaction Counter Receiving the number of the first unit data bag, after many transactions, the count value of enumerator can be accumulated to a numerical value, when this When numerical value reaches default value, illustrate that the memory space of electronic signature equipment is assigned, there is no unnecessary memory space, Now, electronic signature equipment needs make requests on server update packet or apply for operation (the as above institute of new memory space State).In the present embodiment, the size of each memory space is identical, and the size of each first unit data bag is identical, and with storage The size coupling in space, such as, electronic signature equipment is 2M to the size of the memory space of a first unit data bag distribution, The memory space of this 2M can store a first unit data bag, and a safety chip reserves storage the first unit data bag Space be 1G, then, this electronic signature equipment at most can store 512 the first unit data bags, i.e. default value is permissible It is set to 512.Thus, it is possible to monitor the remaining space of electronic signature equipment in real time, and discharge unnecessary memory space in time, The problem avoiding not having redundant space to cause Fail Transaction in process of exchange.Certainly, electronic signature equipment can also utilize counting The count value of device obtains total number of the first unit data bag of every kind of currency denomination of storage in safety chip.Thus, electronics label Name equipment can obtain currently stored first according to the currency denomination representated by every kind of first unit data bag of storage and number The sums of money of unit data bag.
In a kind of optional embodiment of the present embodiment, after step s 13, dealing money is counted by electronic signature equipment works as Front account balance, shows dealing money and/or current account balance to holding user.Thus, the user of electronic signature equipment is held Dealing money and current account balance can be inquired about on the equipment of oneself.
The method of commerce of the electronic signature equipment of the present embodiment offer is provided, the fund of user can be stored with the form of packet In the electronic signature equipment of user, and the number of packet is one or more.User is when consumption, because fund is no longer It is stored in electronic signature equipment with the form of numerical value, so electronic signature equipment need not deposit by networking to change with server The numerical value of storage, it is only necessary to the one or more first unit data bags meeting spending amount are sent to beneficiary, thus, electricity Sub-signature device is no longer necessary to rely on server to carry out networking and pays when carrying out electronic transaction with other electronic signature equipment, service Device is no longer necessary to supervise electronic signature equipment, thus realizes off line electronic transaction veritably.
Embodiment 2
The structural representation of a kind of transaction system that Fig. 2 provides for the present embodiment.As in figure 2 it is shown, this transaction system includes electronics Signature device 20 and server 30, wherein, electronic signature equipment 20 includes: communication module 201, acquisition module 202 and peace Full module 203.
Communication module 201, for sending transaction request to server 30, wherein, transaction request at least includes: dealing money; Acquisition module 202, for receiving at least one first unit data bag, wherein, each first unit data bag from server 30 Represent a kind of currency denomination in multiple currency denomination, at least one currency denomination representated by the first unit data bag above-mentioned total With equal to dealing money;Security module 203, is used for storing at least one first unit data bag above-mentioned.
In the present embodiment, electronic signature equipment can be the electronic equipment with signature function, such as, has signature function Smart card (mass transit card, bank card, purchase card etc.), the U-shield etc. of industrial and commercial bank.
Communication module 201, for sending transaction request to server 30, wherein, transaction request at least includes: dealing money.
In a kind of optional embodiment of the present embodiment, communication module 201 can be with external equipment (such as PC or mobile terminal Deng) set up connection, by this external equipment, transaction request is sent to server 30.Or, communication module 201 includes wired Interface or wave point, set up wired connection or wireless connections with server 30, directly send transaction request to server 30. Wherein, radio connection can be to include the modes such as bluetooth, NFC and WIFI.Thus, electricity in the present embodiment Transaction request can be sent to server 30 by sub-signature device 20 in several ways.As the optional embodiment of one, Server 30 includes bank server or third-party server, and such as, third-party server can be the purchase card Stored Value in certain market Server.
Such as, electronic signature equipment 20 needs the operation performing to supplement with money, and communication module 201 is just to server 30 (bank service The purchase card stored value server in device or market) send the transaction request for supplementing with money, the dealing money carried in this transaction request is just It is the amount of money numerical value supplemented with money of electronic signature equipment 20 request server 30, in order to server 30 returns to electronic signature equipment 20 First unit data bag (the i.e. summation etc. of the currency denomination of first unit data bag that server 30 return corresponding with dealing money In dealing money).
Acquisition module 202, for receiving at least one first unit data bag above-mentioned from server 30, wherein, each first is single Bit data bag represents a kind of currency denomination in multiple currency denomination, at least one currency representated by the first unit data bag above-mentioned The summation of face amount is equal to dealing money.
In the present embodiment, each first unit data bag represents a kind of currency denomination in multiple currency denomination, say, that goods Coin face amount has multiple, when acquisition module 202 only receives a first unit data bag from server 30, and this first unit Packet only represents a kind of currency denomination therein.When acquisition module 202 receives multiple first unit data bag from server 30 Time, multiple first unit data bags can represent multiple different currency denomination, and such as, the number of the first unit data bag is 3 Individual, each first unit data bag respectively representative money face amount 1 yuan, 2 yuan and 5 yuan;Or, multiple first unit datas Bag can represent identical currency denomination, and such as, the number of the first unit data bag is 3, each first unit data Bao Jun Representative money face amount 1 yuan;Again or, the currency denomination representated by multiple first unit data bags had both included identical also including The currency denomination differed, such as, the number of the first unit data bag is 3, and each first unit data bag represents goods respectively Coin face amount 1 yuan, 1 yuan and 2 yuan.Thus, at least one first unit above-mentioned that acquisition module 202 receives from server 30 Currency denomination representated by packet has compound mode flexibly.
In a kind of optional embodiment of the present embodiment, at least including the first unit data in the first unit data bag, this is first years old Unit data at least includes: currency denomination data, or, currency sequence number and currency denomination data.Wherein, currency denomination data It is the currency denomination representated by the first unit data bag, identifies the currency denomination representated by the first unit data bag, currency with this The unique serial number of each first unit data bag of serial number, the most different currency sequence numbers in the first unit data bag is different. Thereby, it is possible to ensure the uniqueness of each first unit data bag, in order to recognize the true and false of the first unit data bag.As one Planting optional embodiment, the first unit data bag the most also includes one below: the bank of issue identifies and bank certificate sequence number. Wherein, the bank of issue is designated the identification information of the bank issuing this first unit data bag, thus can inquire about according to this mark To the relevant information of the corresponding bank of issue, and, electronic signature equipment can be according to bank of issue's mark and bank certificate sequence number Obtain the bank certificate of the corresponding bank of issue, bank certificate includes the PKI of the bank of issue, in order to electricity in subsequent step Sub-signature device utilizes the PKI of the bank of issue that the signature of the first unit data completes checking.
In a kind of optional embodiment of the present embodiment, the first unit data bag the most also includes: the first unit data and clothes The first signed data that first unit data signature is obtained by business device 30.As the optional embodiment of one, server 30 profit Respectively the first unit data in each first unit data bag is signed with the private key of self, obtain and each first unit The first signed data that packet is corresponding.At least one is carried the first unit data bag of the first signed data and sends out by server 30 Deliver to electronic signature equipment 20, in order in subsequent step, the security module 203 in electronic signature equipment 20 utilizes server 30 The verity of public key verifications the first unit data bag.
In the another kind of optional embodiment of the present embodiment, communication module 201 is sent in the transaction request of server also include: The device identification of electronic signature equipment 20;Each first unit data bag at least includes: the first unit data, server 30 are right The second signed data that the device identification signature of the first unit data and electronic signature equipment 20 obtains.Optionally implement as one Mode, server 30 utilizes the private key of self to sign the device identification of the first unit data and electronic signature equipment 20, obtains Second signed data corresponding with each first unit data bag.Server 30 by above-mentioned at least one carry the second signed data First unit data bag send to electronic signature equipment 20, in order to the security module of electronic signature equipment 20 in subsequent step The correctness of 203 public key verifications the first unit data bags utilizing server.
In the present embodiment, server 30 after receiving the transaction request that electronic signature equipment 20 is sent by communication module 201, The dealing money of electronic signature equipment 20 request can be deducted from the account of electronic signature equipment 20 correspondence, and set for electronic signature Standby 20 summation at least one first unit data bag equal to dealing money issuing currency denomination, receive at acquisition module 202 These the first unit data bags, i.e. after successful recharging, electronic signature equipment 20 just can complete under line with other electronic signature equipment Transaction, i.e. need not network with server 30 more just to transfer accounts to other electronic signature equipment (will turn by the first unit data bag Issue other electronic signature equipment).Currency denomination representated by each first unit data bag can be the same or different, and sends Can to the currency denomination representated by the number of the first unit data bag of electronic signature equipment 20 and each the first unit data bag To be determined according to dealing money by server 30, it is also possible to inform service after being determined according to dealing money by electronic signature equipment 20 Device 30, such as, as the optional embodiment of the one in the present embodiment, all right in the transaction request that communication module 201 sends Carry kind and the number of the first unit data bag.The former can realize issuing of the first unit data bag by server 30 flexibly, The latter can meet user to the number of the first unit data bag and the demand of face amount.A kind of optional embodiment party of the present embodiment In formula, each first unit data bag represents a kind of currency denomination in multiple currency denomination, such as, the first unit data bag institute The currency denomination represented includes: 1 yuan, 2 yuan, 5 yuan, 10 yuan, 20 yuan, 50 yuan and 100 yuan.Certainly, if following state Family has issued new currency denomination or other regional, the national currency denominations in addition to making by RMB fall within this Bright protection domain, is only illustrated with RMB face amount in the present embodiment.Such as, electronic signature equipment 20 is by communication Transaction request is sent to server 30 by module 201, and wherein, the dealing money that transaction request includes is 10 yuan, acquisition module 202 receive 5 the first unit data bags from server 30, and the currency denomination representated by 5 the first unit data bags is respectively 1 Unit, 1 yuan, 1 yuan, 2 yuan and 5 yuan, the summation of the currency denomination representated by 5 the first unit data bags is 10 yuan, with transaction The amount of money is equal.Certainly, when the dealing money that transaction request includes is 10 yuan, acquisition module 202 can also be from server 30 Receive 10 the first unit data bags representing 1 yuan of currency denomination, or, 2 the first unitss representing 5 yuan of currency denominations According to bag, or, 1 the first unit data bag representing 10 yuan of currency denominations.It is to say, the first electron unit monetary data Currency denomination representated by bag and number can be with flexible combination, it is only necessary to make representated by least one first unit data bag of receiving The summation of currency denomination equal to dealing money, the most only as a example by dealing money is 10 yuan, remote for other amount of money numerical value From identical, the most no longer illustrate.Thus, determine the number of the first unit data bag at server 30 according to dealing money, And in the case of each face amount representated by the first unit data bag, server 30 can realize the first unit data bag flexibly Issue, can have various combination;The number of the first unit data bag is determined according to dealing money in electronic signature equipment 20, and In the case of each face amount representated by the first unit data bag, communication module 201 can be by the number of request and the of correspondence Currency denomination representated by one unit data bag sends to server 30, thus can meet user to the first unit data bag Number and the demand of face amount.
Security module 203, is used for storing at least one first unit data bag.
In a kind of optional embodiment of the present embodiment, security module 203 includes safety chip, has inside this safety chip Independent processor and memory element, can store PKI digital certificate and key, and other characteristics, add data Deciphering computing, provides the user data encryption and identification safety authentication service, in the present embodiment, and storage in security module 203 First unit data bag can not illegally be read, it is ensured that the Information Security of storage.
Security module 203 distribution is for storing the memory space of at least one the first unit data bag.In the present embodiment, safety Module 203 is used for storing at least one first unit data bag, specifically includes: be stored in by least one first unit data bag In corresponding memory space, and it is set to take by the status word of corresponding memory space.Wherein, security module 203 is each First unit data bag one memory space of distribution, a memory space can only store a first unit data bag, and electronics label The transaction record of name equipment 20 also can record each the first unit data bag storage received from server 30 in a transaction The position of memory space.It is the most occupied that the status word of memory space is used for identifying this memory space, if the most occupied With, then security module 203 can not store the first unit data bag at this occupied memory space.When security module 203 is distributed All memory spaces the most occupied time, security module 203 needs by communication module 201 request server 30 more new data Wrap, or security module 203 needs to apply for new memory space, wherein, as the optional embodiment of one, security module 203 can apply for the first unit data bag that new memory space is newly received with storage.As the optional embodiment of another kind, Security module 203 can also update the first locally stored unit data bag, example by communication module 201 to server 30 request As, security module 203 can N number of (N be more than 1 by locally stored by communication module 201 request server 30 Positive integer) represent the first unit data bag of little face amount and replace with 1 or M (M < N) and represent the first single of big currency denomination Bit data bag stores, as long as the amount of currency of storage is constant, the most just can discharge multiple memory space, thus save Save the first unit data bag that memory space is newly received with storage.Additionally, for the safety improving data storage further, Security module 203 is additionally operable to each first unit data bag is encrypted the ciphertext data obtaining each first unit data bag, And each ciphertext data are stored in the memory space of correspondence.Thus, it is possible to ensure that the storage being stored in security module 203 is empty The first unit data bag between can not be by fraudulent copying or change, the safety guaranteeing to store the first unit data bag with this.
The safety of data transmission in the first unit data packet procedures is issued, at the present embodiment one in order to improve server 30 further Planting in optional embodiment, acquisition module 202 can also receive the ciphertext of at least one the first unit data bag from server 30 Data, wherein, at least one first unit data bag is encrypted by server 30 and to obtain by these ciphertext data, security module 203 can obtain the first unit data bag original text to this ciphertext data deciphering, and server 30 and electronic signature equipment 20 can be led to The mode crossing symmetric key encryption and decryption or unsymmetrical key encryption and decryption realizes the safe transmission of data.As the optional mode of one, The cipher mode that at least one first unit data bag is encrypted by server 30 includes: server 30 utilizes electronic signature to set At least one first unit data bag is encrypted (this mode being asymmetric-key encryption) by the PKI of standby 20, or, clothes Business device 30 utilizes the symmetric key consulting to obtain with electronic signature equipment 20 to be encrypted at least one first unit data bag. Security module 203 at acquisition module 202 after receiving ciphertext data, it is possible to use corresponding with the cipher mode of server 30 Manner of decryption ciphertext data are decrypted, obtain at least one first unit data bag in plain text, i.e. security module 203 profit With the private key of self storage, this ciphertext data deciphering obtained the first unit data bag (this mode deciphered for unsymmetrical key) in plain text, Or, security module 203 utilizes the symmetric key consulting to obtain with server 30 that this ciphertext data deciphering is obtained the first units According to bag in plain text.It is replicated thus, it is possible to prevent the first unit data from wrapping in transmitting procedure or distorts, improve the peace of data transmission Quan Xing.
In a kind of optional embodiment of the present embodiment, in order to be further ensured that in security module 203 first units of storage According to the verity of bag, security module 203, it is additionally operable to, before storing at least one first unit data bag above-mentioned, sign first Name data are verified, and perform to store the operation of at least one the first unit data bag above-mentioned after being verified.Wherein, One signed data is that the first unit data is signed and obtained by server 30, and each first unit data bag at least includes: The first signed data that first unit data signature is obtained by one unit data, server 30, thus makes security module 203 permissible Verify the verity of the first unit data bag.As the optional embodiment of one, the first signed data is that server 30 utilizes certainly First unit data is signed the signed data obtained by the private key of body.Accordingly, security module 203 is to the first signed data Carry out checking to specifically include: security module 203 utilizes the PKI of this server 30 that first signed data is carried out sign test.With service As a example by device 30 is bank server, bank server carries out HASH computing and obtains the first unit data and pluck the first unit data Want message A1, and utilize the computing that carries out this summary message A1 signing of the private key of bank server self to obtain the first signed data, And carry and be issued to electronic signature equipment 20 in the first unit data bag.Security module 203 can utilize this bank server PKI carries out sign test to the first signed data, and specifically, security module 203 utilizes the PKI of bank server to the first electronics label Name data carry out computing and obtain operation result A2, and the first unit data in the first unit data bag received is carried out HASH Computing obtains the summary message A3 of the first unit data, is compared with summary message A3 by operation result A2, if comparison knot Fruit is consistent, then the first electronic signature data sign test is passed through by security module 203.Wherein, security module 203 can be according to first Bank certificate sequence number in unit data bag and/or the PKI of mark acquisition bank of the bank of issue, such as, security module 203 is permissible Identify according to the bank of issue in the first unit data, utilize acquisition module 202 from corresponding with the first signed data to be verified The bank of issue obtains the bank certificate of this bank, and obtains the PKI of this bank from bank certificate;The most such as, security module 203 In can prestore the bank certificate of each bank, according to the bank certificate sequence number in the first unit data bag from each bank prestored Certificate obtains the bank certificate corresponding with the first signed data to be verified, and from corresponding bank certificate, obtains the public affairs of bank Key.Thus, security module 203 utilizes the PKI of bank that the first signed data carried in the first unit data bag is carried out sign test, The verity of the first unit data bag can be verified.Foregoing description only illustrates as a example by server 30 is as bank server, but The present embodiment is not limited to bank server, the specific embodiment party of other third-party server such as supermarket shopping card stored value server etc. Within formula belongs to protection scope of the present invention.
Further, security module 203, on the premise of the first unit data bag guaranteeing to receive is true, still wants to confirm clothes again The object that business device 30 sends is electronic signature equipment 20 itself the most really, to avoid storage server 30 to send out packet, peace by mistake Full module 203, is additionally operable to, before storing at least one first unit data bag, verify the second signed data, and Perform to store the operation of at least one the first unit data bag after being verified.Wherein, the second signed data is that server 30 is to The device identification signature of one unit data and electronic signature equipment 20 obtains, therefore, in the another kind of optional enforcement of the present embodiment In mode, communication module 201 is sent in the transaction request of server 30 also include: the device identification of electronic signature equipment;Often Individual first unit data bag at least includes: the first unit data and electronic signature equipment are set by the first unit data, server 30 The second signed data that standby identification signature obtains, so that security module 203 can verify the verity of the first unit data bag And correctness.As the optional embodiment of one, the second signed data is the private key that server 30 utilizes server 30 self The device identification of the first unit data and electronic signature equipment is signed the signed data obtained, say, that each second The signature object of signed data is the combination of the device identification of each first unit data and electronic signature equipment.Accordingly, safety Module 203 carries out checking to the second signed data and specifically includes: security module 203 utilizes the PKI of server 30 respectively to each Second signed data carries out sign test.As a example by server 30 is as bank server, bank server utilizes the private key of self to first The device identification of unit data and electronic signature equipment 20 carries out signature and obtains the second signed data, and carries at the first unit data Bag is issued to electronic signature equipment 20.Security module 230 can utilize the PKI of this bank server to enter the second signed data Row sign test.Wherein, security module 203 can identify according to the bank certificate sequence number in the first unit data bag and/or the bank of issue Obtaining the PKI of bank, such as, security module 203 can identify according to the bank of issue in the first packet, utilizes and obtains mould Block 202 obtains the bank certificate of this bank from bank of issue's server corresponding with the second signed data to be verified, and from bank Certificate obtains the PKI of this bank;The most such as, security module 203 can prestore the bank certificate of each bank, according to first Bank certificate sequence number in packet obtains the bank corresponding with the second signed data to be verified from each bank certificate prestored Certificate, and from corresponding bank certificate, obtain the PKI of bank.Thus, security module 203 utilizes the PKI of bank to first The second signed data carried in unit data bag carries out sign test, is possible not only to verify the verity of the first unit data bag, also may be used To prove that the first unit data bag strictly bank server is handed down to electronic signature equipment 20, i.e. verify the first unit data bag Correctness.Foregoing description only illustrates as a example by server 30 is as bank server, but the present embodiment is not limited to bank's clothes Business device, the detailed description of the invention of other third-party server such as supermarket shopping card stored value server etc. belongs to the protection model of the present invention Within enclosing.
In order to ensure that electronic signature equipment 20 is collected money less, the first unit data bag that i.e. guarantee acquisition module 202 receives Total amount is equal to dealing money, in a kind of optional embodiment of the present embodiment, and described security module 203, it is additionally operable to depositing After storage at least one first unit data bag described, according to the number of at least one the first unit data bag described in receiving with And the currency denomination representated by described each first unit data bag calculates the currency face representated by the first unit data bag received Value summation the most consistent with the dealing money in described transaction request, if it is inconsistent, by described communication module 201 to Described server 30 sends the request of repeating transmission.Such as, dealing money is 10 yuan, and acquisition module 202 receives 5 from server 30 Individual first unit data bag, whether etc. security module 203 calculates the summation of the currency denomination representated by 5 the first unit data bags In 10 yuan, if less than 10 yuan, then communication module 201 sends, to server 30, the request of repeating transmission.Thus, electronic signature equipment 20 can solve, by sending, to server 30, the request of repeating transmission, the currency denomination representated by the first unit data bag received Not enough problem.
In communication module 201 after server 30 sends the request of repeating transmission, acquisition module 202 can receive server 30 and return Retransmission of information, the content according to the request of retransmitting is different, and the retransmission of information that server 30 returns also can be different, such as, retransmit request In can carry the device identification of electronic signature equipment 20, transaction record (as the numbering of every transaction, accounts information, timestamp, Dealing money and the number of the first unit data bag received and representative currency denomination etc., these server 30 sides Also can corresponding record), in order to server 30 inquires a certain transaction that this electronic signature equipment is corresponding, all retransmits these pens First unit data bag corresponding to transaction is to electronic signature equipment 20, the most such as, retransmits and can also carry the received in request The package identification of one unit data bag (can uniquely identify the mark of a first unit data bag, if server 30 is each Unique mark of the first unit data bag configuration, or currency sequence number), after server 30 receives these package identifications, can Lou send out or transmitting procedure lost which the first unit data bag to inquire, by these leakage send out or in transmitting procedure lose First unit data bag sends to electronic signature equipment 20.Below the first unit data bag is retransmitted with regard to server 30 and carry out exemplary Illustrate:
Such as, acquisition module 202, it is used for, in communication module 201 after server 30 sends the request of repeating transmission, receiving server 30 retransmission of information sent according to the request of repeating transmission, wherein, retransmission of information includes at least one first unit data bag above-mentioned.Safety Module 203, for being deleted by least one the first unit data bag stored before, and storage server is retransmitted at least again One the first unit data bag.
As the optional embodiment of one, in communication module 201 after server 30 sends the request of repeating transmission, acquisition module 202 For receiving the retransmission of information that server 30 sends according to the request of repeating transmission, wherein, this repeating transmission request at least includes: electronic signature The device identification of equipment and transaction record, retransmission of information includes at least one first unit data bag above-mentioned, i.e. optional at this In embodiment, server 30 has retransmitted, to electronic signature equipment 20, whole first unit data bags that a transaction is corresponding, In the present embodiment, server 30, when being traded with per-unit electronics signature instrument 20, also can store each transaction corresponding Transaction record (the first unit data bag such as numbering, accounts information, timestamp, dealing money and the transmission of every transaction Number and representative currency denomination etc.) and the device identification of electronic signature equipment 20, according to device identification and transaction Record can inquire a certain transaction that this electronic signature equipment is corresponding, and in this optional embodiment, server 30 can will be looked into First unit data bag of this transaction of electronic signature equipment 20 request repeat ask all is retransmitted to electronic signature equipment 20, To ensure that electronic signature equipment 20 receives the first complete unit data bag, server 30 is errorless with the transaction of electronic signature equipment (such as supplementing with money errorless).
In order to ensure that security module 203 will not repeat to store packet, receive that server 30 is retransmitted at acquisition module 202 the Before one unit data bag, the method that the present embodiment provides also includes: security module 203 will be for being stored in safety chip before In at least one first unit data bag delete (i.e. in this optional embodiment, owing to server 30 can by this transaction First unit data bag all resends to electronic signature equipment 20, and this received before must be handed over by security module 203 Easy whole first unit data bags, i.e. before corresponding at least one of this transaction of being stored in security module 203 first single Bit data bag is deleted), and at least one first unit data bag that storage server 30 is retransmitted again, wherein, security module 203 After performing the operation of above-mentioned deletion the first unit data bag, can the status word of shared memory space be set to vacant, Again the first unit data bag received can be stored to the memory space distributed before by security module 203, and will take The status word of memory space be set to take, thereby guarantee that security module 203 will not repeat to store the first identical unit data Bag, and ensure that same memory space can only store a first unit data bag.
For example, for the transaction of a numbered 1*******, the trade gold in the transaction request that communication module 201 sends Volume is 10 yuan, and acquisition module 202 receives 5 the first unit datas representing 2 yuan of currency denominations respectively that server 30 sends Bag, but due to loss of data in transmitting procedure, acquisition module 202 only receives 4 and represents the first of 2 yuan of currency denominations respectively Unit data bag, currency denomination summation is 8 yuan, unequal with dealing money 10 yuan.For this transaction, acquisition module 202 In communication module 201 after server 30 sends the request of repeating transmission, receive the repeating transmission letter that server 30 sends according to the request of repeating transmission Breath, this repeating transmission request includes: the device identification of electronic signature equipment 20 and transaction record, server 30 is receiving this After retransmitting request, can inquire, according to device identification and transaction record, this transaction that this electronic signature equipment is corresponding, service First unit data bag of this transaction of the electronic signature equipment request repeat inquired can all be retransmitted to electronics label by device 30 Name equipment 20, i.e. server 30 are sent to this retransmission of information of electronic signature equipment 20 and include that 5 represent 2 yuan of currency faces respectively First unit data bag of value.Security module 203 is by store before 4 the first unitss representing 2 yuan of currency denominations respectively Delete according to bag, and 5 the first unit data bags representing 2 yuan of currency denominations respectively that storage server 30 is retransmitted again.Thus, During whole first unit data bag needed for electronic signature equipment 20 is not received by a transaction, server 30 be caned will Whole first unit data packet retransmissions needed for transaction are to electronic signature equipment 20, so that transaction can smoothly complete.
The most such as, acquisition module 202, it is used for, in communication module 201 after server 30 sends the request of repeating transmission, receiving and servicing The retransmission of information that device 30 sends according to the request of repeating transmission, wherein, retransmission of information includes first that electronic signature equipment 20 does not receives Unit data bag;Security module 203, the first unit data bag not received for storage.
As the optional embodiment of one, in communication module 201 after server 30 sends the request of repeating transmission, acquisition module 202 For receiving the retransmission of information that server 30 sends according to the request of repeating transmission, wherein, this repeating transmission request at least includes: electronic signature The device identification of equipment 20, transaction record and the package identification of each the first unit data bag received, retransmission of information bag Including the first unit data bag that acquisition module 202 does not receives, i.e. in this optional embodiment, server 30 is to electronics label Name equipment 20 has retransmitted in a transaction the first unit data bag that is that leakage is sent out or that lose in transmitting procedure, according to device identification and Transaction record can inquire a certain transaction of this electronic signature equipment 20 correspondence, this electronics that server 30 can will inquire Those first unit data Bao Chong that the package identification that do not inquires in this transaction of signature device 20 request repeat is corresponding Issue electronic signature equipment 20, to ensure that electronic signature equipment receives the first complete unit data bag, server 30 and electronics The transaction of signature device 20 is errorless (such as supplementing with money errorless).Compared with the optional embodiment in a upper example, this optional embodiment The volume of transmitted data of server 30 can be reduced, be substantially reduced the workload of server 30, improve the work that server 30 is retransmitted Make efficiency.
In this optional embodiment, after electronic signature equipment 20 receives the first unit data bag that server 30 is retransmitted, peace Full module 203 will again receive for the first unit data bag storage that will do not receive before, i.e. security module 203 the One unit data bag is stored in the memory space distributed before, and is set to take by the status word of the memory space taken, by This ensures that same memory space can only store a first unit data bag.
For example, for the transaction of a numbered 1*******, the trade gold in the transaction request that communication module 201 sends Volume is 5 yuan, and acquisition module 202 receives 2 the first unit data bags representing 2 yuan of currency denominations respectively that server 30 sends (being called for short 2 metadata bags), and 1 the first unit data bag (being called for short 1 metadata bag) representing 1 yuan of currency denomination, but Due to loss of data in transmitting procedure, acquisition module 202 only receives 22 metadata bags, and currency denomination summation is 4 yuan, Unequal with dealing money 5 yuan.For this transaction, acquisition module 202 sends repeating transmission in communication module 201 to server 30 After request, receive the retransmission of information that server 30 sends according to the request of repeating transmission, in the request of retransmitting, also carry 22 yuan of numbers According to the package identification of bag, after server 30 receives this repeating transmission request, this transaction for electronic signature equipment 20 is permissible Inquire all first unit data bags of its correspondence, just it appeared that retransmit the package identification not having 1 metadata bag in request, Server 30 can be by this 1 metadata packet retransmission to electronic signature equipment 20, i.e. server 30 is sent to electronic signature equipment 20 This retransmission of information include 11 metadata bag.11 metadata bag storage that server 30 is retransmitted by security module 203. In the present embodiment, communication module 201 retransmits, to what server 30 sent, the part first that can include being received in request The package identification of unit data bag, server 30 can determine need in retransmission of information according to the package identification in the request of retransmitting First unit data bag to be carried.Thus, whole first lists needed for electronic signature equipment 20 is not received by a transaction During bit data bag, server 30 can be by unreceived part the first unit data packet retransmission to electronic signature equipment 20, not only Decrease the transmission quantity of retransmission data, also ensure that transaction can smoothly complete.
Below it is all to illustrate as a example by the embodiment of a transaction, in the present embodiment, every in many transactions Transaction can realize in the manner described above.
In a kind of optional embodiment of the present embodiment, the memory space of security module 203 is limited after all, therefore, needs To monitor the remaining space of electronic signature equipment at any time, in order to instant-free memory space, it is to avoid the most in process of exchange The problem that complementary space causes Fail Transaction.In a kind of optional embodiment of the present embodiment, electronic signature equipment 20 is additionally provided with Enumerator, security module 203, for monitoring the residual memory space of security module 203 by the count value of this enumerator.Tool Body ground, after each transaction terminates, security module 203, it is additionally operable to after storing the first unit data bag received, The count value utilizing enumerator obtains total number of the first currently stored unit data bag.Specifically, fall into a trap in each transaction Number device all can receive the number of the first unit data bag, after many transactions, the count value meeting of enumerator plus this transaction It is accumulated to a numerical value, when this numerical value reaches default value, illustrates that the memory space of security module 203 is assigned, do not have Having unnecessary memory space, now, security module 203 needs make requests on server 30 more new data packets or apply for new The operation (as mentioned above) of memory space.In the present embodiment, the size of each memory space is identical, each first unit data The size of bag is identical, and mates with the size of memory space, and such as, security module 203 gives a first unit data bag distribution The memory space that size is 2M, this 2M of memory space can store a first unit data bag, an and security module The space of 203 reserved storage the first unit data bags is 1G, then, this security module 203 at most can store 512 first Unit data bag, i.e. default value can be set to 512.Thus, it is possible to monitor the remaining space of security module 203 in real time, and Discharge unnecessary memory space in time, it is to avoid in process of exchange, there is no the problem that redundant space causes Fail Transaction.Certainly, Security module 203 can also utilize the count value of enumerator to obtain the first list of every kind of currency denomination of storage in security module 203 Total number of bit data bag.Thus, security module 203 can be according to the currency representated by every kind of first unit data bag of storage Face amount and number obtain the sums of money of the first currently stored unit data bag.
In a kind of optional embodiment of the present embodiment, as in figure 2 it is shown, electronic signature equipment 20 also includes interactive module 204; Security module 203, for, after storing at least one first unit data bag, counting current account balance by dealing money; Interactive module 204, for showing dealing money and/or current account balance to holding user.Thus, electronic signature equipment is held The user of 20 can inquire about dealing money and current account balance on the equipment of oneself.
In the present embodiment, server 30, for after receiving the transaction request that electronic signature equipment 20 sends, by least one Individual first unit data bag sends to electronic signature equipment 20.
The transaction system using the present embodiment to provide, can deposit the fund of user with the form of at least one the first unit data bag It is stored in the electronic signature equipment of user, and the number of packet is one or more.User is when consumption, because fund is no longer It is to be stored in electronic signature equipment with the form of numerical value, so electronic signature equipment need not the numerical value of change storage, it is only necessary to will The one or more first unit data bags meeting spending amount are sent to beneficiary, thus, electronic signature equipment with its His electronic signature equipment carries out being no longer necessary to rely on server to carry out networking during electronic transaction and pays, and server is no longer necessary to electronics Signature device is supervised, thus realizes off line electronic transaction veritably.
Any process described otherwise above or method describe and are construed as in flow chart or at this, represent include one or The module of code, fragment or the part of the executable instruction of the more steps for realizing specific logical function or process, and The scope of the preferred embodiment of the present invention includes other realization, wherein can not be by order that is shown or that discuss, including root According to involved function by basic mode simultaneously or in the opposite order, performing function, this should be by embodiments of the invention institute Belong to those skilled in the art to be understood.
Should be appreciated that each several part of the present invention can realize by hardware, software, firmware or combinations thereof.In above-mentioned enforcement In mode, multiple steps or method can be with storing the software or firmware that in memory and be performed by suitable instruction execution system Realize.Such as, if realized with hardware, with the most the same, available following technology well known in the art In any one or their combination realize: have and patrol for the discrete of logic gates that data signal is realized logic function Collect circuit, there is the special IC of suitable combination logic gate circuit, programmable gate array (PGA), field programmable gate Array (FPGA) etc..
Those skilled in the art are appreciated that it is permissible for realizing all or part of step that above-described embodiment method carries Instructing relevant hardware by program to complete, described program can be stored in a kind of computer-readable recording medium, this journey Sequence upon execution, including one or a combination set of the step of embodiment of the method.
Additionally, each functional unit in each embodiment of the present invention can be integrated in a processing module, it is also possible to be each Unit is individually physically present, it is also possible to two or more unit are integrated in a module.Above-mentioned integrated module is the most permissible The form using hardware realizes, it would however also be possible to employ the form of software function module realizes.If described integrated module is with software merit Can the form of module realize and as independent production marketing or when using, it is also possible to be stored in the storage of embodied on computer readable and be situated between In matter.
Storage medium mentioned above can be read only memory, disk or CD etc..
In the description of this specification, reference term " embodiment ", " some embodiments ", " example ", " concrete example ", Or specific features, structure, material or the feature that the description of " some examples " etc. means to combine this embodiment or example describes comprises In at least one embodiment or example of the present invention.In this manual, the schematic representation to above-mentioned term not necessarily refers to It is identical embodiment or example.And, the specific features of description, structure, material or feature can at any one or Multiple embodiments or example combine in an appropriate manner.
Although above it has been shown and described that embodiments of the invention, it is to be understood that above-described embodiment is exemplary, Being not considered as limiting the invention, those of ordinary skill in the art is in the case of without departing from the principle of the present invention and objective Above-described embodiment can be changed within the scope of the invention, revise, replace and modification.The scope of the present invention is by appended power Profit requires and equivalent limits.

Claims (10)

1. the method for commerce of an electronic signature equipment, it is characterised in that including:
Transaction request is sent to server by electronic signature equipment, and wherein, described transaction request at least includes: dealing money;
Described electronic signature equipment receives at least one first unit data bag, wherein, each first units from described server A kind of currency denomination in multiple currency denomination, at least one currency denomination representated by the first unit data bag described is represented according to bag Summation equal to described dealing money;
At least one first unit data bag described is stored in safety chip by described electronic signature equipment.
Method of commerce the most according to claim 1, it is characterised in that
Described each first unit data bag at least includes: the first unit data, described server are to described first unit data label The first signed data that name obtains;
Before at least one first unit data bag described is stored in safety chip by described electronic signature equipment, described method Also include:
Described first signed data is verified by described electronic signature equipment, performs described electronic signature equipment after being verified The step that at least one first unit data bag described is stored in safety chip.
3. according to the method for commerce described in any one of claim 1 to 2, it is characterised in that in described electronic signature equipment by institute Stating after at least one first unit data bag is stored in safety chip, described method also includes:
Representated by number according at least one the first unit data bag described in receiving and described each first unit data bag Currency denomination calculate the summation of the currency denomination representated by the first unit data bag and the transaction in described transaction request received The amount of money is the most consistent, if it is inconsistent, send, to described server, the request of repeating transmission.
4. according to the method for commerce described in any one of claims 1 to 3, it is characterised in that in described electronic signature equipment by institute Stating before at least one first unit data bag is stored in safety chip, described method also includes:
The safety chip distribution of described electronic signature equipment is for storing the memory space of at least one the first unit data bag described;
At least one first unit data bag described is stored in safety chip, including:
At least one first unit data bag described is stored in the described memory space of correspondence, and by corresponding described storage sky Between status word be set to take.
5. according to the method for commerce described in any one of claim 2 to 4, it is characterised in that
Described first unit data at least includes: currency denomination data, or, currency sequence number and currency denomination data;
Described first unit data bag the most also includes one below: the bank of issue identifies and bank certificate sequence number.
6. an electronic signature equipment, it is characterised in that described electronic signature equipment includes:
Communication module, for sending transaction request to server, wherein, described transaction request at least includes: dealing money;
Acquisition module, for receiving at least one first unit data bag, wherein, each first unit data from described server Bao represents a kind of currency denomination in multiple currency denomination, at least one currency denomination representated by the first unit data bag described Summation is equal to described dealing money;
Security module, is used for storing at least one first unit data bag described.
Electronic signature equipment the most according to claim 6, it is characterised in that
Described each first unit data bag at least includes: the first unit data, described server are to described first unit data label The first signed data that name obtains;
Described security module, is additionally operable to before storage at least one first unit data bag described, to described first signed data Verify, and after being verified, perform the operation of storage at least one the first unit data bag described.
8. according to the electronic signature equipment described in any one of claim 6 to 7, it is characterised in that
Described security module, is additionally operable to before storage at least one first unit data bag described, distribution be used for storing described in extremely The memory space of a few first unit data bag, is stored in the described storage of correspondence by least one first unit data bag described In space, and it is set to take by the status word of corresponding described memory space.
9. according to the electronic signature equipment described in any one of claim 7 to 8, it is characterised in that
Described first unit data at least includes: currency denomination data, or, currency sequence number and currency denomination data;
Described first unit data bag the most also includes one below: the bank of issue identifies and bank certificate sequence number.
10. a transaction system, it is characterised in that including: set according to the electronic signature described in any one of claim 6 to 9 Standby and server, wherein:
Described server, for receive described electronic signature equipment send described transaction request after, by described at least one First unit data bag sends to described electronic signature equipment.
CN201610179104.2A 2016-01-22 2016-03-25 Electronic signature device, and trading method and trading system thereof Pending CN105931049A (en)

Applications Claiming Priority (2)

Application Number Priority Date Filing Date Title
CN2016100453392 2016-01-22
CN201610045339 2016-01-22

Publications (1)

Publication Number Publication Date
CN105931049A true CN105931049A (en) 2016-09-07

Family

ID=56744518

Family Applications (6)

Application Number Title Priority Date Filing Date
CN202110217406.5A Pending CN113159763A (en) 2016-01-22 2016-03-25 Transaction method and transaction system of electronic signature device and electronic signature device
CN201610178325.8A Pending CN105913256A (en) 2016-01-22 2016-03-25 Trade method and trade system of electronic signature device
CN201610179102.3A Pending CN105931048A (en) 2016-01-22 2016-03-25 Electronic signature devices, and trading method and trading system thereof
CN201610178067.3A Active CN105956855B (en) 2016-01-22 2016-03-25 Transaction method and transaction system of electronic signature device
CN201610178324.3A Pending CN105913255A (en) 2016-01-22 2016-03-25 Trade method and trade system of electronic signature device, and electronic signature device
CN201610179104.2A Pending CN105931049A (en) 2016-01-22 2016-03-25 Electronic signature device, and trading method and trading system thereof

Family Applications Before (5)

Application Number Title Priority Date Filing Date
CN202110217406.5A Pending CN113159763A (en) 2016-01-22 2016-03-25 Transaction method and transaction system of electronic signature device and electronic signature device
CN201610178325.8A Pending CN105913256A (en) 2016-01-22 2016-03-25 Trade method and trade system of electronic signature device
CN201610179102.3A Pending CN105931048A (en) 2016-01-22 2016-03-25 Electronic signature devices, and trading method and trading system thereof
CN201610178067.3A Active CN105956855B (en) 2016-01-22 2016-03-25 Transaction method and transaction system of electronic signature device
CN201610178324.3A Pending CN105913255A (en) 2016-01-22 2016-03-25 Trade method and trade system of electronic signature device, and electronic signature device

Country Status (2)

Country Link
CN (6) CN113159763A (en)
WO (1) WO2017162164A1 (en)

Cited By (1)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
WO2018141142A1 (en) * 2017-02-06 2018-08-09 吕文华 Operation system for binary system digital currency

Families Citing this family (6)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN113159763A (en) * 2016-01-22 2021-07-23 天地融科技股份有限公司 Transaction method and transaction system of electronic signature device and electronic signature device
CN106228349B (en) * 2016-07-22 2021-01-15 天地融科技股份有限公司 Transaction method of electronic signature device and electronic signature device
CN107665427A (en) 2017-08-22 2018-02-06 阿里巴巴集团控股有限公司 A kind of offline electronic payment, business processing, the method and device of payment processes
CN111915431A (en) * 2019-05-09 2020-11-10 天地融科技股份有限公司 Off-line electronic money transaction method and system
CN112184450B (en) * 2020-10-13 2023-06-20 中国联合网络通信集团有限公司 Transaction settlement method, transaction node, device and medium based on blockchain
CN114612269B (en) * 2022-05-11 2022-09-13 山东国盾网信息科技有限公司 Electronic labor contract platform based on electronic signature technology

Citations (3)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN101408970A (en) * 2008-11-21 2009-04-15 李东声 Method, system and apparatus for implementing batch electronic transaction, and electronic signing tool
CN102468960A (en) * 2010-11-16 2012-05-23 卓望数码技术(深圳)有限公司 Off-line mode identity and transaction authentication method and terminal
CN103560886A (en) * 2013-11-04 2014-02-05 北京旋极信息技术股份有限公司 Authentication method for electronic signature equipment

Family Cites Families (13)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
IL120585A0 (en) * 1997-04-01 1997-08-14 Teicher Mordechai Countable electronic monetary system and method
US8285991B2 (en) * 2000-10-25 2012-10-09 Tecsec Inc. Electronically signing a document
EP1205889A1 (en) * 2000-11-10 2002-05-15 TELEFONAKTIEBOLAGET LM ERICSSON (publ) Returning of change in an electronic payment system
US7506812B2 (en) * 2004-09-07 2009-03-24 Semtek Innovative Solutions Corporation Transparently securing data for transmission on financial networks
JP4391375B2 (en) * 2004-09-30 2009-12-24 フェリカネットワークス株式会社 Information management apparatus and method, and program
CN101051907B (en) * 2007-05-14 2012-08-22 北京握奇数据系统有限公司 Safety certifying method and its system for facing signature data
CN101593338A (en) * 2009-07-13 2009-12-02 招商银行股份有限公司 A kind of method and system of handling electronic transaction request
CN101719251A (en) * 2010-01-15 2010-06-02 陈发勇 Internet electronic money system
CN102694795B (en) * 2012-05-06 2018-02-27 北京深思数盾科技股份有限公司 A kind of method for using application service in off-line case
CN102999570B (en) * 2012-11-09 2016-06-08 北京深思数盾科技股份有限公司 The Off-line control method of application program critical data and system in mobile equipment
CN103413159B (en) * 2013-08-15 2016-09-21 成都市易恒信科技有限公司 A kind of RFID electronic certificate off-line false proof realization method and system of Jianzhen based on CPK
EP2924637A1 (en) * 2014-03-24 2015-09-30 The Roberto Giori Company Ltd. System and method for electronic money transfer of fractional amounts
CN113159763A (en) * 2016-01-22 2021-07-23 天地融科技股份有限公司 Transaction method and transaction system of electronic signature device and electronic signature device

Patent Citations (3)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN101408970A (en) * 2008-11-21 2009-04-15 李东声 Method, system and apparatus for implementing batch electronic transaction, and electronic signing tool
CN102468960A (en) * 2010-11-16 2012-05-23 卓望数码技术(深圳)有限公司 Off-line mode identity and transaction authentication method and terminal
CN103560886A (en) * 2013-11-04 2014-02-05 北京旋极信息技术股份有限公司 Authentication method for electronic signature equipment

Cited By (1)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
WO2018141142A1 (en) * 2017-02-06 2018-08-09 吕文华 Operation system for binary system digital currency

Also Published As

Publication number Publication date
CN105913256A (en) 2016-08-31
CN113159763A (en) 2021-07-23
CN105931048A (en) 2016-09-07
CN105956855B (en) 2022-02-22
CN105913255A (en) 2016-08-31
CN105956855A (en) 2016-09-21
WO2017162164A1 (en) 2017-09-28

Similar Documents

Publication Publication Date Title
CN105931049A (en) Electronic signature device, and trading method and trading system thereof
CN103746800B (en) TMK (terminal master key) safe downloading method and system
CN106651331B (en) A kind of electronic trade method and system based on digital cash
CN109493016A (en) Offline electronic payment method, terminal based on digital cash and act on behalf of dispensing device
CN109726229A (en) A kind of block chain date storage method and device
CN106600252A (en) Payment method and payment system based on block chain
CN102819893B (en) Air storage method
CN107615317A (en) The system and method for block chain transaction record
WO2001093139A1 (en) Electronic value system
CN103617532A (en) Offline payment and collection method and device for mobile terminals
WO2002099710A1 (en) Electronic dealing method using electronic coupon
CN103839340B (en) The method and system of e-wallet information synchronization, space transference business platform
CN102819809B (en) A kind of acquisition method of tax-control data and system
CN112232792A (en) Prepaid card transaction system and method based on block chain
CN106033571A (en) Trading method of electronic signature devices, electronic signature devices and trading system
CN102713939B (en) Compatible type transportation card PSAM and PSAM method for running
CN101615318A (en) E-payment system and device thereof
CN105976179A (en) Transaction method and transaction system of electronic signature equipment and electronic signature equipment
JP2007310562A (en) Settlement method using electronic money
CN106228349A (en) The method of commerce of a kind of electronic signature equipment and electronic signature equipment
CN105913259A (en) Trade method and trade system of electronic signature device, and electronic signature device
CN205486281U (en) On -vehicle expressway high velocity electron charge system
CN112785299B (en) Method and device for roaming transaction based on blockchain
CN114677128A (en) Block chain-based public purse cubing method and device
CN112446787A (en) Resource transfer method, device, equipment and storage medium

Legal Events

Date Code Title Description
C06 Publication
PB01 Publication
C10 Entry into substantive examination
SE01 Entry into force of request for substantive examination
RJ01 Rejection of invention patent application after publication

Application publication date: 20160907

RJ01 Rejection of invention patent application after publication