CN106157013B - Payment terminal, equipment, server, system and payment processing method - Google Patents
Payment terminal, equipment, server, system and payment processing method Download PDFInfo
- Publication number
- CN106157013B CN106157013B CN201510172186.3A CN201510172186A CN106157013B CN 106157013 B CN106157013 B CN 106157013B CN 201510172186 A CN201510172186 A CN 201510172186A CN 106157013 B CN106157013 B CN 106157013B
- Authority
- CN
- China
- Prior art keywords
- payment
- equipment
- card number
- virtual card
- result
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Active
Links
Landscapes
- Financial Or Insurance-Related Operations Such As Payment And Settlement (AREA)
Abstract
The present invention proposes a kind of payment terminal, equipment, server, system and payment processing method, is related to mobile payment field.Wherein, a kind of method of payment of the invention includes: that payment terminal receives the transmission of payment equipment including paying equipment number, the payment request of time of payment and payment amount, it is forwarded to payment server, virtual card number and dynamic key are generated according to payment equipment number, time of payment and payment amount by payment server;The virtual card number of payment terminal and dynamic key encryption generate payment affirmation message, are sent to payment equipment;Payment terminal receives the payment result from payment equipment;Payment result is transmitted to payment server by payment terminal, handles fund according to payment result by payment server.By such method, virtual card number and dynamic key with uniqueness can be generated, risk caused by payment terminal is invaded, data are stolen is effectively prevented, realizes the secure payment in the case where paying equipment off-line state.
Description
Technical field
The present invention relates to mobile payment field, especially a kind of payment terminal, equipment, server, system and payment processing
Method.
Background technique
NFC (Near Field Communication, near-field communication) is a kind of short-range high frequency wireless communication technology.
NFC technique can provide a kind of simple, touch solution for mobile device, consumer electronics product, PC etc., can allow and disappear
Exchange to expense person's simple, intuitive information, access content and service.Therefore, NFC technique is considered having very in mobile payment field
Big application prospect, and the various fields such as smart media, identification, information exchange can be widely used in, by industrial chain
The close attention of upper manufacturers at different levels, and development at full speed has been obtained, gradually become the main trend and standard of international mobile payment.
But due to the complexity of NFC technique, need to carry out upgrading to mobile phone terminal and SIM card, therefore during application
Encounter the problems such as at high cost, deployment is difficult, the development cycle is long.
HCE (Host Card Emulation, host card mold are quasi-) provides a kind of ability of simple simulation nfc card piece.
The chip of traditional NFC controller is routed according to NFC mode: the interaction of non-contact POS machine tool and mobile phone terminal
Order is routed in safety chip (may be special chip of the SIM card either built in mobile phone terminal) and is handled.
HCE changes traditional routing mode, and the interactive command of non-contact POS machine tool and mobile phone terminal can be routed to
In mobile phone terminal CPU in so-called HCE service, this just departing from the limitation of traditional safety chip carrier, allow to using
Cell phone software passes through registration HCE service, so that it may substitute safety chip and interact with POS machine tool.
HCE has got around subscriber card with the mode of software simulating Safety chip hardware, although reducing safety, business
Process is simpler, application and development/deployment more rapidly.
Due to lacking hardware supported, for the safety for promoting HCE technology, business datum is mainly carried out by cloud mode at present
Storage.But current HCE technical solution is only applicable to on-line payment transaction, and (POS machine tool needs to connect in real time with backstage
Connect), and can not support offline electronic payment transaction (POS machine tool and backstage are connectionless).Due to the applied field of current domestic bankcard consumption
Scape still based on the application of the offline electronic payments such as public transport, school-run enterprise's all-purpose card, can not support offline electronic payment transaction to will affect HCE technology
It promotes and applies.
Summary of the invention
An object of the present invention is to provide the payment solutions under a kind of payment equipment off-line state.
According to an aspect of the present invention, a kind of method of payment is proposed, comprising: payment terminal receives what payment equipment was sent
Payment request, wherein payment request includes payment equipment number, time of payment and payment amount;Payment terminal is by payment request
It is forwarded to payment server, by payment server according to payment equipment number, time of payment and payment amount, generates virtual card number
And dynamic key;Payment terminal obtains virtual card number and dynamic key from payment server, and with virtual card number and dynamic key
Encryption generates payment affirmation message, and payment affirmation message is sent to payment equipment;Payment terminal is received from payment equipment
Payment result, wherein payment equipment according to payment equipment number, time of payment and payment amount, using with payment server phase
Same virtual card number and Dynamical Secret Key Building Algorithm, generates virtual card number and dynamic key, uses virtual card number and dynamic key
Payment affirmation message is decrypted, if successful decryption, payment result is to pay successfully, and otherwise payment result is payment failure;Payment
Payment result is transmitted to payment server by terminal, handles fund according to payment result by payment server.
Optionally, payment server and payment equipment foundation key having the same;The payment request of payment equipment generation,
Payment result, and virtual card number and dynamic key are encrypted through foundation key;The virtual card number and dynamic that payment server generates
Key is encrypted through foundation key;Payment server decrypts payment request, payment result using foundation key.
Optionally, further includes: payment server is withholdd in advance according to payment amount;Payment server is according to payment result
Handle fund are as follows: payment server is withholdd in advance according to successfully deduction is paid, or is unsuccessfully released according to payment and withholdd in advance.
Optionally, further includes: payment equipment and payment server are in predetermined time synchrodata;Payment server according to from
The synchrodata processing of payment equipment is withholdd in advance.
Optionally, payment affirmation message is effective within the predetermined time after payment equipment sends payment request;And/or
Virtual card number and dynamic key are only effective in the payment equipment for sending payment request;And/or
Virtual card number and dynamic key are used only once in life cycle;And/or
Same payment equipment only receives same Send only Account in the given time and carries out a payment transaction.
Optionally, payment request further includes the near-field communication application identities for paying equipment requirement access, purchaser's mark, purchase
Goods number and/or quantity purchase are bought, according to payment equipment mark, time of payment and payment amount and near-field communication application
Mark, purchaser's mark, purchase goods number and/or quantity purchase, generate virtual card number and dynamic key.
Optionally, payment equipment is POS machine tool, and payment terminal is the payment for the near-field communication for supporting that Intrusion Detection based on host card mold is quasi-
Terminal.
By such method, can be generated according to payment equipment mark, time of payment and payment amount virtual card number and
Dynamic key, thus ensure that virtual card number and dynamic key can not be forged and reuse, it is offline in payment equipment, it needs
Can decrypt by virtual card number and move by judgement in the state of payment server message transmission by payment terminal
The payment affirmation message of state key encryption carries out payment verification, effectively prevents that payment terminal is invaded, data are stolen and make
At risk, realize the secure payment in the case where paying equipment off-line state.
According to another aspect of the present invention, a kind of payment processing method for paying equipment is proposed, comprising: to payment terminal
Payment request is sent, payment request includes payment equipment number, time of payment and payment amount;It is true that payment is obtained from payment terminal
Recognize message, payment affirmation message is encrypted in payment terminal through virtual card number and dynamic key, and virtual card number and dynamic key are by propping up
Pay server is generated according to payment equipment number, time of payment and payment amount;According to payment equipment number, time of payment and branch
The amount of money is paid, using virtual card number identical with payment server and Dynamical Secret Key Building Algorithm, virtual card number is generated and dynamic is close
Key decrypts payment affirmation message using virtual card number and dynamic key, if successful decryption, it is determined that payment result be payment at
Function, otherwise payment result is payment failure;Payment result is sent to payment terminal, so that payment server is according to from payment terminal
The payment result of acquisition handles fund.
Optionally, payment server and payment equipment foundation key having the same;The payment request of payment equipment generation,
Payment result, and virtual card number and dynamic key are encrypted through foundation key;The virtual card number and dynamic that payment server generates
Key is encrypted through foundation key;Payment server decrypts payment request, payment result using foundation key.
Optionally, further include, in predetermined time and payment server synchrodata.
Optionally, payment affirmation message is effective within the predetermined time after payment equipment sends payment request;And/or
Virtual card number and dynamic key are only effective in the payment equipment for sending payment request;And/or
Virtual card number and dynamic key are used only once in life cycle;And/or
Same payment equipment only receives same Send only Account in the given time and carries out a payment transaction.
Optionally, payment equipment is POS machine tool, and payment terminal is the payment for the near-field communication for supporting that Intrusion Detection based on host card mold is quasi-
Terminal.
By such method, payment equipment can in the state of offline, by payment terminal will pay equipment number,
Can time of payment and payment amount be sent to payment server, decrypt payment affirmation message by judgement and determine payment result,
And result is sent to payment server through payment terminal, the processing to fund is completed, to realize offline in payment equipment
Secure payment under state.
According to a further aspect of the invention, a kind of payment processing method of payment server is proposed, comprising: eventually from payment
End obtains payment request, wherein payment request includes payment equipment number, time of payment and payment amount;According to payment equipment
Number, time of payment and payment amount generate virtual card number and dynamic key;It is whole to payment to send virtual card number and dynamic key
End;From payment terminal obtain payment result, wherein payment result be payment terminal from payment equipment obtain, payment equipment according to
Equipment number, time of payment and payment amount are paid, using virtual card number identical with payment server and dynamic key production
Algorithm generates virtual card number and dynamic key, payment affirmation message is decrypted using virtual card number and dynamic key, if being decrypted into
Function, then payment result is to pay successfully, and otherwise payment result is payment failure;Fund is handled according to payment result, including, according to
Payment, which successfully completes, withholds, and is unsuccessfully cancelled according to payment and being withholdd.
Optionally, payment server and payment equipment foundation key having the same;The payment request of payment equipment generation,
Payment result, and virtual card number and dynamic key are encrypted through foundation key;The virtual card number and dynamic that payment server generates
Key is encrypted through foundation key;Payment server decrypts payment request, payment result using foundation key.
Optionally, further includes: withholdd in advance according to payment amount;Fund is handled according to payment result are as follows: according to payment
Success is deducted and is withholdd in advance, or is unsuccessfully released according to payment and withholdd in advance.
Optionally, further includes: with payment equipment in predetermined time synchrodata;According to the synchrodata processing of payment equipment
It withholds in advance.
Optionally, virtual card number and dynamic key are only effective in the payment equipment for sending payment request;And/or
Virtual card number and dynamic key are used only once in life cycle;And/or
Same payment equipment only receives same Send only Account in the given time and carries out a payment transaction.
Optionally, payment equipment is POS machine tool, and payment terminal is that Intrusion Detection based on host card mold is supported to intend the payment end of near-field communication
End.
By such method, payment server according to obtained from payment terminal payment equipment number, the time of payment and
Payment amount generates virtual card number and dynamic key, and payment affirmation message is generated by virtual card number and dynamic key encryption;Payment
Equipment can also be generated according to payment equipment number, time of payment and payment amount using algorithm same as payment server
Virtual card number and dynamic key.In payment equipment number, time of payment and the identical situation of payment amount, payment server and
Payment equipment can generate identical virtual card number and dynamic key, i.e. payment equipment can decrypt payment affirmation message.By sentencing
Can disconnected payment equipment decrypt payment affirmation message to determine payment result, and payment server is propped up according to through payment terminal from offline
The processing that the payment result that equipment returns completes fund is paid, to realize the Secure Transaction in the case where paying equipment off-line state.
According to a further aspect of the invention, a kind of payment terminal is proposed, comprising: payment request receiving module, for connecing
Revenue and expenditure pays the payment request that equipment is sent, wherein payment request includes payment equipment number, time of payment and payment amount;Branch
Request sending module is paid, for payment request to be forwarded to payment server, by payment server according to payment equipment number, branch
It pays the time and payment amount generates virtual card number and dynamic key;Receiving module, for obtaining virtual card number from payment server
And dynamic key;Payment affirmation sending module, for encrypting payment affirmation message with virtual card number and dynamic key, after encryption
Payment affirmation message be sent to payment equipment;Payment result receiving module, for receiving the payment result from payment equipment,
Wherein, payment equipment is according to payment equipment number, time of payment and payment amount, using virtual card identical with payment server
Number and Dynamical Secret Key Building Algorithm, generate virtual card number and dynamic key, it is true using virtual card number and dynamic key decryption payment
Recognize message, if successful decryption, payment result is to pay successfully, and otherwise payment result is payment failure;Payment result sends mould
Block handles fund according to payment result by payment server for payment result to be transmitted to payment server.
Optionally, payment server and payment equipment foundation key having the same;The payment request of payment equipment generation,
Payment result, and virtual card number and dynamic key are encrypted through foundation key;The virtual card number and dynamic that payment server generates
Key is encrypted through foundation key;Payment server decrypts payment request, payment result using foundation key.
Optionally, payment affirmation message is effective within the predetermined time after payment equipment sends payment request;And/or
Virtual card number and dynamic key are only effective in the payment equipment for sending payment request;And/or
Virtual card number and dynamic key are used only once in life cycle;And/or
Same payment equipment only receives same Send only Account in the given time and carries out a payment transaction.
Optionally, payment request further includes the near-field communication application identities for paying equipment requirement access, purchaser's mark, purchase
Goods number and/or quantity purchase are bought, according to payment equipment mark, time of payment and payment amount and near-field communication application
Mark, purchaser's mark, purchase goods number and/or quantity purchase, generate virtual card number and dynamic key.
Optionally, payment equipment is POS machine tool, and payment terminal is the payment for the near-field communication for supporting that Intrusion Detection based on host card mold is quasi-
Terminal.
Such payment terminal can obtain payment equipment number, time of payment and payment amount that payment equipment is sent,
And it is sent to payment server;Payment server can be obtained to be generated according to payment equipment number, time of payment and payment amount
Virtual card number and dynamic key, for encrypt generate payment affirmation message, be sent to payment equipment;It is true can will to pay equipment
Fixed payment result is transmitted to payment server, to complete payment equipment and payment services in the state that payment equipment is offline
The information exchange of device, and guarantee the safety of transaction.
According to a further aspect of the invention, a kind of payment equipment is proposed, comprising: request sending module is used for payment
Terminal sends payment request, and payment request includes payment equipment number, time of payment and payment amount;Message capturing module is used
In obtaining payment affirmation message from payment terminal, payment affirmation message is encrypted in payment terminal through virtual card number and dynamic key,
Virtual card number and dynamic key are generated by payment server according to payment equipment number, time of payment and payment amount;Calibration mode
Block, for using virtual card number identical with payment server and moving according to payment equipment number, time of payment and payment amount
State key schedule generates virtual card number and dynamic key, decrypts payment affirmation message using virtual card number and dynamic key,
If successful decryption, it is determined that payment result is to pay successfully, and otherwise payment result is payment failure;As a result sending module is used for
Payment result is sent to payment terminal, so that payment server handles fund according to the payment result obtained from payment terminal.
Optionally, further includes: equipment underlying cryptographic module, for encrypting payment request, payment result using foundation key,
And virtual card number and dynamic key, wherein foundation key is identical as the foundation key in payment server.
Optionally, correction verification module includes: decryption generation unit, for according to payment equipment number, time of payment and payment
The amount of money generates virtual card number and dynamic key using virtual card number identical with payment server and Dynamical Secret Key Building Algorithm;
Decryption unit, for using virtual card number and dynamic key to decrypt payment affirmation message as decryption factor, if can decrypt,
Payment result is to pay successfully, is otherwise payment failure.
Optionally, further includes: data simultaneous module, in predetermined time and payment server synchrodata.
Optionally, payment affirmation message is effective within the predetermined time after payment request sending;And/or
Virtual card number and dynamic key are only effective in the payment equipment for sending payment request;And/or
Virtual card number and dynamic key are used only once in life cycle;And/or
Same payment equipment only receives same Send only Account in the given time and carries out a payment transaction.
Optionally, payment equipment is POS machine tool, and payment terminal is the payment for the near-field communication for supporting that Intrusion Detection based on host card mold is quasi-
Terminal.
Such payment equipment can will pay equipment number, time of payment by payment terminal in the state of offline
It is sent to payment server with payment amount, can payment affirmation message be decrypted by judgement and determines payment result, and by result
It is sent to payment server through payment terminal, completes the processing to fund, to realize in the state that payment equipment is offline
Secure payment.
According to a further aspect of the invention, a kind of payment server is proposed, comprising: request module is used for from branch
It pays terminal and obtains payment request, wherein payment request includes payment equipment number, time of payment and payment amount;Generation module,
For generating virtual card number and dynamic key according to payment equipment number, time of payment and payment amount;Sending module, for sending out
Send virtual card number and dynamic key to payment terminal;As a result module is obtained, for obtaining payment result from payment terminal, wherein
Payment result is that payment terminal is obtained from payment equipment, payment equipment according to payment equipment number, time of payment and payment amount,
Using virtual card number identical with payment server and Dynamical Secret Key Building Algorithm, virtual card number and dynamic key are generated, is used
Virtual card number and dynamic key decrypt payment affirmation message, if successful decryption, payment result is to pay successfully, otherwise payment knot
Fruit is payment failure;Result treatment module is used to handle fund according to payment result, including, it is successfully completed and is withholdd according to payment,
Unsuccessfully cancelled according to payment and being withholdd.
Optionally, further includes: server basis encrypting module, for encrypt according to payment equipment number, the time of payment and
The virtual card number and dynamic password that payment amount generates;Server basis deciphering module, for decrypting payment request and being transmitted to
Generation module, and decrypt payment result and be transmitted to result and obtain module.
It optionally, further include pre- module of withholing, for being withholdd in advance according to payment amount;Result treatment module, is used for
It is withholdd according to payment successful result deduction, or is withholdd in advance according to payment failure result releasing in advance.
Optionally, further includes: synchronization module is used for payment equipment in predetermined time synchrodata;Synchronous processing module,
For being withholdd in advance according to the synchrodata processing of payment equipment.
Optionally, virtual card number and dynamic key are only effective in the payment equipment for sending payment request;And/or
Virtual card number and dynamic key are used only once in life cycle;And/or
Same payment equipment only receives same Send only Account in the given time and carries out a payment transaction.
Optionally, payment equipment is POS machine tool, and payment terminal is that Intrusion Detection based on host card mold is supported to intend the payment end of near-field communication
End.
Such payment server, according to payment equipment number, time of payment and the payment amount obtained from payment terminal
Virtual card number and dynamic key are generated, payment affirmation message is generated by virtual card number and dynamic key encryption;Payment equipment also can
Enough according to payment equipment number, time of payment and payment amount, virtual card number is generated using algorithm same as payment server
And dynamic key.In payment equipment number, time of payment and the identical situation of payment amount, payment server and payment equipment
Identical virtual card number and dynamic key can be generated, i.e. payment equipment can decrypt payment affirmation message.By judging payment machine
Can tool decrypt payment affirmation message to determine payment result, and payment server is returned according to through payment terminal from offline electronic payment equipment
The payment result returned completes the processing of fund, to realize the Secure Transaction in the case where paying equipment off-line state.
In addition, according to an aspect of the present invention, proposing a kind of offline electronic payment system, including previously mentioned any payment
Terminal, any payment equipment and any payment server.
Offline electronic payment system in this way can be realized in the state that payment equipment is offline, complete by payment terminal
At the information exchange of payment equipment and payment server, wherein payment server is according to the payment equipment obtained from payment terminal
Number, time of payment and payment amount generate virtual card number and dynamic key, and payment affirmation message is close by virtual card number and dynamic
Key encryption generates;Paying equipment also can be according to payment equipment number, time of payment and payment amount, use and payment server
Same algorithm generates virtual card number and dynamic key.In the situation that payment equipment number, time of payment are identical with payment amount
Under, payment server and payment equipment can generate identical virtual card number and dynamic key, i.e. payment equipment can decrypt payment
Confirmation message.Payment affirmation message can be decrypted to determine payment result by judgement payment equipment, and payment server is according to warp
Payment result that payment terminal is returned from offline electronic payment equipment completes the processing of fund, ensure that offline in payment equipment, needs
Transaction security when message transmission is carried out through payment terminal.
Detailed description of the invention
The drawings described herein are used to provide a further understanding of the present invention, constitutes part of this application, this hair
Bright illustrative embodiments and their description are used to explain the present invention, and are not constituted improper limitations of the present invention.In the accompanying drawings:
Fig. 1 is the flow chart of one embodiment of method of payment of the invention.
Fig. 2 is the flow chart of one embodiment of the payment processing method of payment equipment of the invention.
Fig. 3 is the flow chart of one embodiment of the payment processing method of payment server of the invention.
Fig. 4 is showing for one embodiment of the information exchange of payment equipment, payment terminal and payment server of the invention
It is intended to.
Fig. 5 is the schematic diagram of one embodiment of offline electronic payment system of the invention.
Fig. 6 is the schematic diagram of another embodiment of offline electronic payment system of the invention.
Fig. 7 is the schematic diagram of one embodiment of payment server of the invention.
Fig. 8 is the schematic diagram of the further embodiment of offline electronic payment system of the invention.
Specific embodiment
Below by drawings and examples, technical scheme of the present invention will be described in further detail.
The flow chart of one embodiment of method of payment of the invention is as shown in Figure 1.
In a step 101, it is paid on payment equipment in user using payment terminal, such as by the way of brush mobile phone, branch
Equipment is paid according at the time of the mark such as number of itself, payment and payment amount, generates payment request, and by the payment request
It is sent to payment terminal, payment terminal receives the payment request that payment equipment is sent.Payment request can also include payment equipment
It is required that the NFC application identities of access.Payment terminal receives payment request, and according to the NFC application identities in instruction, request is forwarded
It is handled to payment client terminal.
In a step 102, payment request is forwarded to payment server by payment terminal, by payment server according to payment machine
Tool mark, time of payment and payment amount generate virtual card number and dynamic key.Under existing payment equipment presence
Transaction payment is different, since payment equipment is offline, cannot need to pass by payment terminal at any time with payment server direct communication
Message is passed, therefore using the existing random mode for generating virtual card number and dynamic key, not can guarantee the safety of transaction.Using
Generate the mode of virtual card number and dynamic key according to payment equipment mark, time of payment and payment amount, virtual card number and dynamic
State key is no longer randomly generated, but according to scheduled algorithm, according to payment equipment mark, time of payment and payment amount
What data generated, when can guarantee that virtual card number and dynamic key possess the payment equipment mark of corresponding transaction, payment at the same time
Between and payment amount, and virtual card number and Dynamical Secret Key Building Algorithm in the case where can obtain, to avoid payment eventually
End invaded, data theft when cause damages to both parties.
In step 103, payment terminal receives virtual card number and dynamic key from payment server, with virtual card number
It is encrypted with dynamic key, generates payment affirmation message, be sent to payment equipment.
At step 104, payment terminal receives the payment result from payment equipment.Payment result is passed through by payment equipment
Can judgement decrypt payment affirmation message to determine.Paying equipment can be by generating virtual card number and dynamic with payment server
The identical algorithm of key generates according to payment equipment mark, time of payment and payment amount and generates virtual card with payment server
Number and dynamic key, and with generate virtual card number and dynamic key payment affirmation message is decrypted.If payment
The virtual card number and dynamic key that equipment and payment server generate be it is identical, then can decrypt, determination is paid successfully, otherwise
Payment failure., can not be with payment server direct communication since payment equipment is offline, therefore, it is necessary to forward branch by payment terminal
Pay result.In the payment process of existing payment equipment presence, payment result can be directly sent to by payment equipment
Acquirer is sent to payment server interaction by acquirer, and payment server returns the result confirmation.
In step 105, payment result is transmitted to payment server by payment terminal, is tied by payment server according to payment
Fruit handles fund.If the payment result that payment server is obtained from payment terminal is to pay successfully, according to from payment request
The payment amount completion of acquisition is withholdd;If payment result is payment failure, cancel the payment.
By such method, can be generated according to payment equipment mark, time of payment and payment amount virtual card number and
Dynamic key, thus ensure that virtual card number and dynamic key can not be forged, it is offline in payment equipment, it needs through payment eventually
Can end be decrypted by judgement by virtual card number and dynamic key encryption in the state of payment server message transmission
Payment affirmation message carry out payment verification, effectively prevent risk caused by payment terminal is invaded, data are stolen, it is real
The secure payment in the case where paying equipment off-line state is showed.
In one embodiment, payment server and payment equipment foundation key having the same, payment equipment generate
Payment request, payment result, and virtual card number and dynamic key are encrypted by foundation key, and payment server can decrypt branch
Pay request and payment result;Virtual card number and dynamic key that payment server generates also pass through the encryption of foundation key, payment
Terminal is encrypted using encrypted virtual card number and dynamic key, generates payment affirmation message.By such method, Neng Goubao
It demonstrate,proves payment request, payment result not to be stolen and forge, prevent payment terminal information leakage or forges transaction caused by message not
Safety.
In one embodiment, payment server is after obtaining payment request, can according to payment amount to account fund into
Row is withholdd in advance, freezes the fund of the corresponding amount of money.After obtaining payment result from payment terminal, if payment result is to pay successfully,
It then deducts and withholds in advance, complete payment;If payment result is payment failure, freezing of withholing in advance is released, terminates payment.
By such method, payment result can be confirmed in payment equipment, but fail payment result through payment terminal
In the case where being sent to payment server, the account debit processing avoided the occurrence of in payment server is asynchronous with payment equipment,
Guarantee the integrality of transaction, account amount of money is enough when guaranteeing payment, and prevents the generation of overdraw.
In one embodiment, payment equipment can be periodically synchronous with payment server progress data, such as once a day.Payment
Equipment returns to presence, with payment server synchrodata, handles unfinished payment transaction, such as pays equipment and generates branch
It pays as a result, but since payment server fails to receive payment result, the transaction of the pre- state of withholing of fund maintenance.According to payment machine
The synchrodata of tool, if paying successfully, payment server deduction is withholdd in advance;If payment failure, payment server releasing is freezed
It withholds in advance.
By such method, it is able to solve the case where message between payment equipment and payment server is transmitted by payment terminal
Under, payment result fail to be sent to transaction caused by payment server not exclusively, payment server it is asynchronous with equipment data are paid
The problem of, to further enhance the security reliability of transaction.
In one embodiment, payment affirmation message is effective within the predetermined time after payment equipment sends payment request,
Such as 1~3 second, such method repeated to pay caused by capable of preventing user from thinking not trade successfully, and can reinforce trading
Safety.
In one embodiment, virtual card number and dynamic key are only effective in the payment equipment for sending payment request.Payment
Comprising payment equipment mark in request, virtual card number and dynamic key are generated according to payment request, guarantee virtual card number and dynamic
Key is only effective in the payment equipment for sending payment request, in the case where virtual card number and dynamic key are revealed, other payments
Equipment can not be determined and be paid successfully, to further increase the safety of payment.
In one embodiment, virtual card number and dynamic key are used only once in life cycle.In this way
Method, it is therefore prevented that the reuse of virtual card number and dynamic key increases the safety of transaction.
In one embodiment, Send only Account can only carry out a payment transaction in the given time.The same payment account
Family can be the same register account number or same Bank Account Number, can be by caching Recent Activity information in payment equipment come real
It is existing.By such method, the safety of transaction can be further increased.
It in one embodiment, can also include application identities, the purchaser's mark, purchase of near-field communication in payment request
Goods number and/or quantity purchase, according to payment equipment mark, time of payment and payment amount and near-field communication application mark
Know, purchaser's mark, buy goods number and/or quantity purchase, generates virtual card number and dynamic key.Side in this way
Method can generate virtual card number and dynamic key according to more information, increase the complexity of virtual card number and dynamic key,
To improve decoding difficulty, the uniqueness of virtual card number and dynamic key is further strengthened, the safety of transaction is increased.
In one embodiment, payment equipment is POS machine tool, and payment terminal is the NFC terminal based on HCE, and POS machine has
It is widely applied, the NFC terminal based on HCE can evade cost problem caused by hardware modification, be easy to popularization and application.
The flow chart of one embodiment of the payment processing method of payment equipment of the invention is as shown in Figure 2.
In step 201, payment equipment according to number of itself etc. identify, and payment at the time of, payment amount, generate
Payment request, and the payment request is sent to payment terminal, payment request is transmitted to payment server by payment terminal.Branch
Pay server can generate virtual card number according to the number of the payment equipment in payment request, time of payment and payment amount and dynamic is close
Key, and the virtual card number and dynamic key of generation are sent to payment terminal.
In step 202, it is true to obtain the payment encrypted using virtual card number and dynamic key from payment terminal for payment equipment
Recognize message.From it is existing payment equipment presence under transaction payment it is different, due to pay equipment it is offline, cannot at any time with branch
Pay server direct communication needs to transmit message by payment terminal, therefore uses the virtual card number of existing random generation and move
The mode of state key not can guarantee the safety of transaction.It is empty using being generated according to payment equipment mark, time of payment and payment amount
The mode of quasi- card number and dynamic key, can be avoided payment terminal invaded, data theft when cause damages to both parties.
In step 203, payment equipment takes according to payment equipment number, time of payment and payment amount using with payment
The identical algorithm for generating virtual card number and dynamic key of business device, generates virtual card number and dynamic key, and is used to decrypt payment
Confirmation message.Since payment equipment and payment server are identified according to identical payment equipment, time of payment and payment amount, make
Virtual card number and dynamic key are generated with identical algorithm, the virtual card number and dynamic key of generation should be identical, i.e. payment machine
Tool can be decrypted by the payment affirmation message of the payment server virtual card number generated and dynamic key encryption.Therefore, if decryption
Success, it is determined that payment result is to pay successfully;If decryption is unsuccessful, determine payment result for payment failure.
In step 204, payment equipment sends payment result to payment terminal, so that payment server is according to whole from payment
The payment result that end obtains handles fund.
By such method, payment equipment can in the state of offline, by payment terminal will pay equipment number,
Can time of payment and payment amount be sent to payment server, decrypt payment affirmation message by judgement and determine payment result,
And result is sent to payment server through payment terminal, the processing to fund is completed, to realize offline in payment equipment
Secure payment under state.
In one embodiment, payment server and payment equipment foundation key having the same, payment equipment generate
Payment request, payment result, and virtual card number and dynamic key are encrypted by foundation key, and payment server can decrypt branch
Pay request and payment result;Virtual card number and dynamic key that payment server generates also pass through the encryption of foundation key, payment
Terminal is encrypted using encrypted virtual card number and dynamic key, generates payment affirmation message.By such method, Neng Goubao
It demonstrate,proves payment request, payment result not to be stolen and forge, prevent payment terminal information leakage or forges transaction caused by message not
Safety.
In one embodiment, payment equipment can be periodically synchronous with payment server progress data, such as once a day.Payment
Equipment returns to presence, with payment server synchrodata, handles unfinished payment transaction, such as pays equipment and generates branch
It pays as a result, but since payment server fails to receive payment result, the transaction of the pre- state of withholing of fund maintenance.According to payment machine
The synchrodata of tool, if paying successfully, payment server deduction is withholdd in advance;If payment failure, payment server releasing is freezed
It withholds in advance.
By such method, it is able to solve the case where message between payment equipment and payment server is transmitted by payment terminal
Under, payment result fail to be sent to transaction caused by payment server not exclusively, payment server it is asynchronous with equipment data are paid
The problem of, to further enhance the security reliability of transaction.
The flow chart of one embodiment of the payment processing method of payment server of the invention is as shown in Figure 3.
In step 301, payment server obtains payment request from payment terminal, and payment request includes that payment equipment is compiled
Number, time of payment and payment amount, such information can guarantee payment the uniqueness of request.
In step 302, payment server generates virtual card number according to payment equipment number, time of payment and payment amount
And dynamic key.Since payment equipment number, time of payment and payment amount have uniqueness, virtual card number and dynamic
Key also has uniqueness.
In step 303, payment server sends virtual card number and dynamic key to payment terminal, is used by payment terminal
Virtual card number and dynamic key encryption generate payment affirmation information and sending and give payment equipment.
In step 304, payment server obtains payment result from payment terminal, and payment result is that payment equipment passes through branch
It pays terminal and is sent to payment server, payment result is to pay successfully or pay failure.Pay equipment according to payment equipment number,
Time of payment and payment amount generate virtual card number and dynamic key using algorithm identical with payment server.Due to payment
Server and payment equipment are generated virtual all in accordance with payment equipment number, time of payment and payment amount using identical algorithm
Card number and dynamic key, therefore it is identical with dynamic key to pay the virtual card number that equipment and payment server generate.Pay equipment
Using itself generate virtual card number and dynamic key decryption payment terminal by payment server generate virtual card number and
The payment affirmation message of dynamic key encryption confirms the virtual card that payment equipment and payment server generate if successful decryption
Number identical with dynamic key, payment result is pay successfully, otherwise pays and fails.
In step 305, payment server handles fund according to payment result.If payment result is to pay successfully, complete
At withholing;Fail if payment, then terminates to pay.
By such method, payment server according to obtained from payment terminal payment equipment number, the time of payment and
Payment amount generates virtual card number and dynamic key, and payment affirmation message is generated by virtual card number and dynamic key encryption;Payment
Equipment can also be generated according to payment equipment number, time of payment and payment amount using algorithm same as payment server
Virtual card number and dynamic key.In payment equipment number, time of payment and the identical situation of payment amount, payment server and
Payment equipment can generate identical virtual card number and dynamic key, i.e. payment equipment can decrypt payment affirmation message.By sentencing
Can disconnected payment equipment decrypt payment affirmation message to determine payment result, and payment server is propped up according to through payment terminal from offline
The processing that the payment result that equipment returns completes fund is paid, to realize the Secure Transaction in the case where paying equipment off-line state.
In one embodiment, payment server and payment equipment foundation key having the same, payment equipment generate
Payment request, payment result, and virtual card number and dynamic key are encrypted by foundation key, and payment server can decrypt branch
Pay request and payment result;Virtual card number and dynamic key that payment server generates also pass through the encryption of foundation key, payment
Terminal is encrypted using encrypted virtual card number and dynamic key, generates payment affirmation message.By such method, Neng Goubao
It demonstrate,proves payment request, payment result not to be stolen and forge, prevent payment terminal information leakage or forges transaction caused by message not
Safety.
In one embodiment, payment server is after obtaining payment request, can according to payment amount to account fund into
Row is withholdd in advance, freezes the fund of the corresponding amount of money.After obtaining payment result from payment terminal, if payment result is to pay successfully,
It then deducts and withholds in advance, complete payment;If payment result is payment failure, freezing of withholing in advance is released, terminates payment.
By such method, payment result can be confirmed in payment equipment, but fail payment result through payment terminal
In the case where being sent to payment server, the account debit processing avoided the occurrence of in payment server is asynchronous with payment equipment,
Guarantee the integrality of transaction, account amount of money is enough when guaranteeing payment, and prevents the generation of overdraw.
In one embodiment, payment server can be periodically synchronous with payment equipment progress data, such as once a day.Payment
Equipment is presence, with payment server synchrodata, handles unfinished payment transaction, such as pays equipment and generates payment
As a result, but since payment server fails to receive payment result, fund maintains the transaction of pre- state of withholing.According to payment equipment
Synchrodata, if paying successfully, payment server deduction withhold in advance;If payment failure, payment server releasing is freezed pre-
It withholds.
By such method, it is able to solve the case where message between payment equipment and payment server is transmitted by payment terminal
Under, payment result fail to be sent to transaction caused by payment server not exclusively, payment server it is asynchronous with equipment data are paid
The problem of, to further enhance the security reliability of transaction.
In one embodiment, virtual card number and dynamic key are only effective in the payment equipment for sending payment request.Payment
Comprising payment equipment mark in request, virtual card number and dynamic key are generated according to payment request, guarantee virtual card number and dynamic
Key is only effective in the payment equipment for sending payment request, in the case where virtual card number and dynamic key are revealed, other payments
Equipment can not be determined and be paid successfully, to further increase the safety of payment.
In one embodiment, virtual card number and dynamic key are used only once in life cycle.In this way
Method, it is therefore prevented that the reuse of virtual card number and dynamic key increases the safety of transaction.
In one embodiment, same payment equipment only receives same Send only Account in the given time and is once paid
Transaction.The same Send only Account can be the same register account number or same Bank Account Number.By such method, Neng Goujin
One step increases the safety of transaction.
It in one embodiment, can also include application identities, the purchaser's mark, purchase of near-field communication in payment request
Goods number and/or quantity purchase, according to payment equipment mark, time of payment and payment amount and near-field communication application mark
Know, purchaser's mark, buy goods number and/or quantity purchase, generates virtual card number and dynamic key.Side in this way
Method can generate virtual card number and dynamic key according to more information, increase the complexity of virtual card number and dynamic key
Property, to improve decoding difficulty, the uniqueness of transaction is further increased, increases the safety of transaction.
In one embodiment, payment equipment is POS machine tool, and payment terminal is the NFC terminal based on HCE.POS machine has
It is widely applied, the NFC terminal based on HCE can evade cost problem caused by hardware modification, be easy to popularization and application.
Fig. 4 shows one embodiment of the information exchange of payment equipment of the invention, payment terminal and payment server
Schematic diagram.
In 401, when user is paid using payment terminal, payment request is sent to payment terminal by payment equipment, payment is asked
Include payment equipment mark, time of payment and payment amount in asking.Payment request can be encrypted by foundation key, be guaranteed payment
Equipment mark, time of payment and payment amount will not be stolen.
In 402, payment request is transmitted to payment server by payment terminal.
In 403, payment server generates empty according to payment equipment mark, time of payment and the payment amount in payment request
Quasi- card number and dynamic key, and carry out money processing of withholding.If payment request is encrypted by foundation key, payment server be will use
Identical foundation key decrypts payment request.Virtual card number and dynamic key can also be encrypted by foundation key.
In 404, virtual card number and dynamic key are sent to payment terminal by payment server.
In 405, payment terminal is encrypted using the virtual card number and dynamic key obtained, generates payment affirmation message.
In 406, payment affirmation message is sent to payment equipment by payment terminal.
In 407, payment equipment according to payment equipment mark, time of payment and payment amount, using with payment server phase
The algorithm of same generation virtual card number and dynamic key, generates virtual card number and dynamic key, and is used to decrypt payment affirmation and disappear
Breath is decrypted according to success and determines payment result.If successful decryption, payment result is to pay successfully, is otherwise lost for payment
It loses.Payment result can be encrypted by foundation key.
In 408, payment equipment will be paid successfully or the payment result of payment failure is sent to payment terminal.
In 409, payment result is transmitted to payment server by payment terminal.
In 410, payment server is handled according to payment result withholing in advance.If payment result is to pay successfully,
It then deducts and withholds in advance, complete transaction;If payment result is payment failure, releasing is withholdd in advance.
By such method, can be generated according to payment equipment mark, time of payment and payment amount virtual card number and
Dynamic key, thus ensure that the uniqueness of virtual card number and dynamic key, it is offline in payment equipment, it needs to pass through payment terminal
In the state of carrying out with payment server message transmission, encrypted by judging can to decrypt using virtual card number and dynamic key
Payment affirmation message effectively prevents risk caused by payment terminal is invaded, data are stolen to determine whether pay successfully,
Realize the secure payment in the case where paying equipment off-line state.
The schematic diagram of one embodiment of offline electronic payment system of the invention is as shown in Figure 5.Wherein 51 be to pay equipment, 52
It is payment server for payment terminal, 53.
In payment equipment 51,511 be request sending module, for sending payment request, payment request to payment terminal
In include payment equipment number, time of payment and payment amount.512 be message capturing module, is passed through for obtaining from payment terminal
It crosses with the payment affirmation message of virtual card number and dynamic key encryption.513 be correction verification module, can successfully be solved for judging whether
Close payment affirmation message.Correction verification module possesses algorithm same as the virtual card number of payment server generation and dynamic key, can
Identical virtual card number and dynamic key are generated according to payment equipment number, time of payment and payment amount, and is used to decrypt branch
Pay confirmation message, according to can successful decryption determine payment result be pay successfully or pay failure.514 send mould for result
Block, for sending payment result to payment terminal, so that payment server is handled according to the payment result obtained from payment terminal
Fund.
Such payment equipment can send payment machine to payment server by payment terminal in the state of offline
Tool number, time of payment and payment amount, and virtual card number and dynamic key are obtained, by determining payment result through payment terminal
Be transmitted to payment server, thus complete under off-line state with the interaction of payment server, and guarantee transaction safety.
In one embodiment, correction verification module 513 includes decryption generation unit and decryption unit.Wherein, decryption generates single
Member, which has, generates virtual card number and the identical algorithm of dynamic key according to payment request with payment server, decrypts generation unit root
According to payment equipment mark, time of payment and payment amount, virtual card number and dynamic key are generated, and virtual card number and dynamic is close
Key passes to decryption unit.The virtual card number of decryption unit and dynamic key decrypt the virtual card number generated by payment server
With the payment affirmation message of dynamic key encryption, judge whether successful decryption.If successful decryption, payment result be payment at
Otherwise function is payment failure.Since the payment equipment for initiating payment request and the payment server for receiving payment request possess phase
Same payment equipment mark, time of payment and payment amount, and virtual card number and Dynamical Secret Key Building Algorithm, in this way
Device, it can be ensured that the payment equipment of only transmission payment request can complete the decryption to payment affirmation message, realize branch
It pays successfully, to enhance the safety of transaction.
In payment terminal 52,521 be payment request receiving module, the payment request sent for receiving payment equipment,
And payment request is passed into payment request sending module 522.Payment request is forwarded to branch by payment request sending module 522
Pay server 53 is generated virtual card number according to payment equipment number, time of payment and payment amount by payment server 53 and is moved
State key.523 be receiving module, for receiving virtual card number and dynamic key from payment server 53, and by virtual card
Number and dynamic key pass to payment affirmation sending module 524.Payment affirmation sending module 524 will pass through with virtual card number and move
The payment affirmation message that the encryption of state key generates is sent to payment equipment 51.525 be payment result receiving module, is come for receiving
From the payment result of payment equipment 51, can payment result decrypt payment affirmation message by judgement to determine by payment equipment.
Payment result is passed to payment result sending module 526 by payment result receiving module 525.Payment result sending module 526 will
Payment result is transmitted to payment server 53, handles fund according to payment result by payment server 53.
Such payment terminal can obtain payment equipment number, time of payment and payment amount that payment equipment is sent,
And it is sent to payment server;Payment server can be obtained to be generated according to payment equipment number, time of payment and payment amount
Virtual card number and dynamic key generate payment affirmation message and be transmitted to payment equipment and for encrypting;It can will pay equipment
Determining payment result is transmitted to payment server, to complete payment equipment and payment clothes in the state that payment equipment is offline
The information exchange of business device, and guarantee the safety of transaction.
In payment server 53,531 be request module, for obtaining payment request from payment terminal 52.Request
It obtains module 531 and payment request is passed into generation module 532.Generation module 532 is compiled according to the payment equipment in payment request
Number, time of payment and payment amount generate virtual card number and dynamic key.Generation module 532 passes virtual card number and dynamic key
Pass sending module 533.Sending module 533 sends virtual card number and dynamic key to payment terminal 52.534 obtain mould for result
Block, for obtaining payment result from payment terminal.As a result it obtains module 534 and payment result is passed into result treatment module 535.
Result treatment module 535 handles fund according to payment result, if payment result is to pay successfully, completion is withholdd, if payment knot
Fruit is payment failure, then cancels and withholing, and terminates payment.
Such payment server can obtain payment equipment hair through payment terminal in the state that payment equipment is offline
Payment equipment number, time of payment and the payment amount sent, and generated according to payment equipment number, time of payment and payment amount
Virtual card number and dynamic key carry out the processing of fund according to the payment result that offline electronic payment equipment is sent through payment terminal, from
And it ensure that offline in payment equipment transaction security when needing through payment terminal progress message transmission.
By offline electronic payment system shown in fig. 5, it can be realized in the state that payment equipment is offline, pass through payment terminal
Can transmitting payment equipment number, time of payment and payment amount and validation of payment equipment use identical as payment server
Virtual card number and Dynamical Secret Key Building Algorithm, generate identical with payment server virtual card number and dynamic key, successfully solve
The payment affirmation message of the close virtual card number generated through payment server and dynamic key encryption, to guarantee to return to payment result
Payment equipment with issue the payment equipment of payment request it is identical, ensure that payment equipment it is offline, need through payment terminal into
Transaction security when row message transmission.
The schematic diagram of another embodiment of offline electronic payment system of the invention is as shown in Figure 6.Wherein 61 be payment equipment,
62 be payment terminal, and 63 be payment server.
It pays in equipment 61,611,612,613,614 be respectively request sending module, message capturing module, correction verification module
With result sending module, the course of work is similar with Fig. 5.In addition, 615 be equipment underlying cryptographic module, for being payment machine
Have the payment request generated, payment result, and virtual card number and dynamic key are encrypted using foundation key, payment server 63
Foundation key having the same.The payment request of generation is sent to equipment underlying cryptographic module 615 by request sending module 611,
Request sending module 611 is returned after encrypted;As a result the payment result of generation is sent to equipment underlying cryptographic by sending module 614
Module 615, equipment underlying cryptographic module 615 return to encrypted payment result to result sending module 614;Correction verification module 613
In decryption generation unit the virtual card number and dynamic key of generation are sent to equipment underlying cryptographic module 615, after encrypted
The decryption unit being sent in correction verification module 613 is decrypted for payment affirmation message.Payment result sending module 614 is sent to branch
The payment result for paying terminal 62 is encrypted through equipment underlying cryptographic module 615, is transmitted to payment server 63 by payment terminal 62.This
The payment equipment of sample can prevent payment terminal dangerous and payment terminal caused by message leakage in repeating process from forging
False transaction caused by payment result improves the safety of offline electronic payment.
In payment server 63,631,632,633,634,635 be respectively request module, generation module, transmission mould
Block, result obtain module and result encrypting module.Since the payment request that payment equipment 61 is sent is encryption, request
The payment request that obtaining module 631 will acquire passes to basic deciphering module 637, by sending after the decryption of basic deciphering module 637
To generation module 632, virtual card number and dynamic key are generated.Generation module 632 sends out the virtual card number and dynamic key of generation
Server basis encrypting module 636 is given, virtual card number and dynamic key are added using foundation key identical with payment equipment
It is close, encrypted result is sent to sending module 633, is transmitted to payment equipment 61 through payment terminal 62.
Such payment server is able to use foundation key and interacts with payment equipment, prevents payment terminal forwarded over
Dangerous and payment terminal caused by message leakage forges false transaction caused by payment result in journey, improves offline branch
The safety paid.
In payment terminal 62,621,622,623,624,625 be respectively payment request receiving module, payment request transmission mould
Block, receiving module, payment affirmation sending module, payment result receiving module and payment result sending module.Its course of work with
Payment terminal 52 is similar in Fig. 5.The virtual card number and dynamic key obtained due to receiving module 623 is by payment server 63
Underlying cryptographic, payment affirmation sending module 624 is used to encrypt the virtual card number of payment affirmation message and dynamic key is by clothes
What device underlying cryptographic module 636 of being engaged in encrypted.
Such offline electronic payment system, payment server and payment equipment foundation key having the same, payment server
It can be interacted with payment equipment with the message by foundation key encryption, prevent payment terminal message in repeating process from letting out
Dangerous and payment terminal caused by dew forges false transaction caused by payment result, improves the safety of offline electronic payment.
In one embodiment, the schematic diagram of another embodiment of payment server of the invention is as shown in Figure 7.Its
In, 701 be request module, for obtaining payment request from payment terminal.Request module 701 transmits payment request
To generation module 702.In addition, payment request is also sent to pre- module 706 of withholing, module of withholing in advance by request module 701
706 are withholdd in advance according to the payment amount in payment request.Generation module 702 is compiled according to the payment equipment in payment request
Number, time of payment and payment amount generate virtual card number and dynamic key.Generation module 702 passes virtual card number and dynamic key
Pass sending module 703.Sending module 703 sends virtual card number and dynamic key to payment terminal.704 obtain mould for result
Block, for obtaining payment result from payment terminal.As a result it obtains module 704 and payment result is passed into result treatment module 705.
Result treatment module 705 handles the pre- of module 706 of withholing in advance according to payment result and withholds, and deducts if paying successfully and withholds in advance,
It releases if paying failure and withholds in advance.
Such payment server is able to solve the feelings that message between payment equipment and payment server is transmitted by payment terminal
Under condition, payment result fail to be sent to transaction caused by payment server not exclusively, payment server it is different with equipment data are paid
The problem of step, to further enhance the security reliability of transaction.
The schematic diagram of another embodiment of offline electronic payment system of the invention is as shown in Figure 7.Wherein, 81 be payment machine
Tool, 82 be payment terminal, and 83 be payment server.
In payment equipment 81,811,812,813,814 be respectively request sending module, message capturing module, calibration mode
Block and result sending module, the course of work are identical as equipment 51 is paid in Fig. 5.In addition, payment equipment 81 also has data same
Walk module 815.Data simultaneous module 815 is used for when paying equipment and payment server data being synchronous at the scheduled time, to branch
Pay server 83 sends synchrodata.Payment equipment in this way is able to solve and transmits payment equipment and branch by payment terminal
Between pay server in the case where message, payment result fails incomplete, payment server of trading caused by being sent to payment server
With payment the nonsynchronous problem of equipment data, to further enhance the security reliability of transaction.
In payment terminal 82,821,821,823,824,825,826 be respectively payment request receiving module, payment request
Sending module, receiving module, payment affirmation sending module, payment result receiving module and payment result sending module, work
Process is identical as payment terminal 52 in Fig. 5.
In payment server 83,831,832,833,834,835,836 be respectively request module, generation module,
Sending module, result obtain module, result treatment module and module of withholing in advance, the payment server phase of the course of work and Fig. 6
Seemingly.In addition, payment server 83 also has synchronization module 837 and synchronous processing module 838.Synchronization module 837 is for paying
It is synchronous with the payment progress of equipment 81 data when equipment is online at the scheduled time, obtain the data simultaneous module 815 of payment equipment 81
The synchrodata of transmission, and by isochronous data transfers to synchronous processing module 838.Synchronous processing module 838 according to synchrodata,
Pre- withhold for module 836 of withholing in advance is handled, is withholdd in advance according to paying successfully to deduct, is unsuccessfully released and withheld according to payment
Money.Payment server in this way is able to solve the feelings that message between payment equipment and payment server is transmitted by payment terminal
Under condition, payment result fail to be sent to transaction caused by payment server not exclusively, payment server it is different with equipment data are paid
The problem of step.Pre- withhold still in frozen state is handled according to the synchrodata of payment equipment, guarantees the complete of transaction
It is whole, to further enhance the security reliability of transaction.
Such offline transaction system is able to solve and transmits message between payment equipment and payment server by payment terminal
In the case of, payment result fails incomplete transaction caused by being sent to payment server, payment server and payment equipment data not
Synchronous problem guarantees the complete of transaction, strengthens the security reliability of transaction.
In one embodiment, payment affirmation message is effective within the predetermined time after payment equipment sends payment request,
Such as 1~3 second, such device repeated to pay caused by capable of preventing user from thinking not trade successfully, and can reinforce trading
Safety.
In one embodiment, virtual card number and dynamic key are only effective in the payment equipment for sending payment request.Payment
Comprising payment equipment mark, virtual card number and dynamic key according to payment equipment mark, time of payment and payment amount in request
It generates, guarantees that virtual card number and dynamic key are only effective in the payment equipment for sending payment request, it is close in virtual card number and dynamic
In the case that key is revealed, other payment equipments, which can not determine, to be paid successfully, to further increase the safety of payment.
In one embodiment, virtual card number and dynamic key are used only once in life cycle.In this way
Device, it is therefore prevented that the reuse of virtual card number and dynamic key increases the safety of transaction.
In one embodiment, Send only Account can only carry out a payment transaction in the given time.The same payment account
Family can be the same register account number or same Bank Account Number.Device in this way can further increase the safety of transaction
Property.
It in one embodiment, can also include application identities, the purchaser's mark, purchase of near-field communication in payment request
Goods number and/or quantity purchase, according to payment equipment mark, time of payment and payment amount and near-field communication application mark
Know, purchaser's mark, buy goods number and/or quantity purchase, generates virtual card number and dynamic key.Dress in this way
It sets, virtual card number and dynamic key can be generated according to more information, increase the complexity of virtual card number and dynamic key,
To improve decoding difficulty, the uniqueness of virtual card number and dynamic key is further strengthened, the safety of transaction is increased.
In one embodiment, payment equipment is POS machine tool, and payment terminal is the NFC terminal based on HCE, and POS machine has
It is widely applied, the NFC terminal based on HCE can evade cost problem caused by hardware modification, be easy to popularization and application.
Finally it should be noted that: the above embodiments are merely illustrative of the technical scheme of the present invention and are not intended to be limiting thereof;To the greatest extent
The present invention is described in detail with reference to preferred embodiments for pipe, it should be understood by those ordinary skilled in the art that: still
It can modify to a specific embodiment of the invention or some technical features can be equivalently replaced;Without departing from this hair
The spirit of bright technical solution should all cover within the scope of the technical scheme claimed by the invention.
Claims (20)
1. a kind of method of payment, it is characterised in that:
Payment terminal receives the payment request that payment equipment is sent, wherein the payment request includes payment equipment number, payment
Time and payment amount, the payment equipment are in off-line state;
The payment request is forwarded to payment server by the payment terminal, by the payment server according to the payment machine
Tool number, time of payment and payment amount, generate virtual card number and dynamic key;
The payment terminal obtains the virtual card number and dynamic key from the payment server, and with the virtual card number with
Dynamic key encryption, generates payment affirmation message, the payment affirmation message is sent to the payment equipment;
The payment terminal receives the payment result from the payment equipment, wherein the payment equipment is according to the payment
Equipment number, time of payment and payment amount, using virtual card number identical with the payment server and dynamic key production
Algorithm generates virtual card number and dynamic key, decrypts the payment affirmation message using the virtual card number and dynamic key, if
Successful decryption, then the payment result is to pay successfully, and otherwise the payment result is payment failure;
The payment result is transmitted to the payment server by the payment terminal, by the payment server according to the branch
Pay result treatment fund.
2. according to the method described in claim 1, it is characterized by:
The payment server and payment equipment foundation key having the same;With, it is described payment equipment generate it is described
Payment request, payment result and the virtual card number and dynamic key are encrypted through the foundation key;With the payment clothes
The virtual card number and dynamic key that business device generates are encrypted through the foundation key;With described in the payment server use
Foundation key decrypts the payment request, payment result;
Or,
The payment affirmation message is effective within the predetermined time after the payment equipment sends the payment request;And/or institute
It states virtual card number and the dynamic key is only effective in the payment equipment for sending the payment request;And/or the virtual card number
It is used only once in life cycle with the dynamic key;And/or same payment equipment only receives together in the given time
One Send only Account carries out a payment transaction;
Or,
The payment request further includes the near-field communication application identities of the payment equipment requirement access, purchaser's mark, purchase
Goods number and/or quantity purchase are answered according to payment equipment mark, time of payment and payment amount and near-field communication
With mark, purchaser's mark, purchase goods number and/or quantity purchase, the virtual card number and the dynamic key are generated.
3. a kind of payment processing method for paying equipment, which is characterized in that
Payment equipment in off-line state sends payment request to payment terminal, and the payment request includes that payment equipment is compiled
Number, time of payment and payment amount;
Obtain payment affirmation message from the payment terminal, the payment affirmation message the payment terminal through virtual card number and
Dynamic key encryption, the virtual card number and dynamic key numbered by payment server according to the payment equipment, the time of payment
It is generated with payment amount;
According to payment equipment number, time of payment and payment amount, using virtual card identical with the payment server
Number and Dynamical Secret Key Building Algorithm, generate virtual card number and dynamic key, the virtual card number and dynamic key used to decrypt institute
Payment affirmation message is stated, if successful decryption, it is determined that payment result is to pay successfully, and otherwise the payment result is that payment is lost
It loses;
The payment result is sent to payment terminal, so that payment server is according to the payment result obtained from the payment terminal
Handle fund.
4. according to the method described in claim 3, it is characterized by:
The payment server and payment equipment foundation key having the same;With, it is described payment equipment generate it is described
Payment request, payment result and the virtual card number and dynamic key are encrypted through the foundation key;With the payment clothes
The virtual card number and dynamic key that business device generates are encrypted through the foundation key;With described in the payment server use
Foundation key decrypts the payment request, payment result;
Or,
The method also includes in predetermined time and the payment server synchrodata;
Or,
The payment affirmation message is effective within the predetermined time after the payment equipment sends the payment request;And/or institute
It states virtual card number and the dynamic key is only effective in the payment equipment for sending the payment request;And/or the virtual card number
It is used only once in life cycle with the dynamic key;And/or same payment equipment only receives together in the given time
One Send only Account carries out a payment transaction.
5. the method according to claim 3 or 4, which is characterized in that the payment equipment is POS machine tool, and the payment is eventually
End is the payment terminal for the near-field communication for supporting Intrusion Detection based on host card mold quasi-.
6. a kind of payment processing method of payment server, which is characterized in that
Payment request is obtained from payment terminal, wherein the payment request includes payment equipment number, time of payment and payment gold
Volume, the payment equipment are in off-line state;
Virtual card number and dynamic key are generated according to payment equipment number, time of payment and payment amount;
The virtual card number and the dynamic key are sent to the payment terminal;
Payment result is obtained from the payment terminal, wherein the payment result is the payment terminal from the payment equipment
Obtain, the payment equipment numbers according to the payment equipment, time of payment and payment amount, using with the payment server
Identical virtual card number and Dynamical Secret Key Building Algorithm generate the virtual card number and dynamic key, use the virtual card number
The payment affirmation message is decrypted with dynamic key, if successful decryption, the payment result is to pay successfully, otherwise the branch
Paying result is payment failure;
Fund is handled according to the payment result, including, it is successfully completed and is withholdd according to the payment, unsuccessfully taken according to the payment
Disappear and withholds.
7. according to the method described in claim 6, it is characterized by:
The payment server and payment equipment foundation key having the same;With, it is described payment equipment generate it is described
Payment request, payment result and the virtual card number and dynamic key are encrypted through the foundation key;With the payment clothes
The virtual card number and dynamic key that business device generates are encrypted through the foundation key;With described in the payment server use
Foundation key decrypts the payment request, payment result;
Or
The virtual card number and the dynamic key are only effective in the payment equipment for sending the payment request;And/or the void
Quasi- card number and the dynamic key are used only once in life cycle;And/or same payment equipment in the given time only
Receive same Send only Account and carries out a payment transaction.
8. according to the method described in claim 6, it is characterized by further comprising:
It is withholdd in advance according to the payment amount;
It is described that fund is handled according to the payment result are as follows: according to it is described pay successfully deduct it is described it is pre- withhold, or according to described
Payment unsuccessfully releases described pre- withhold.
9. according to the method described in claim 8, it is characterized by further comprising:
With payment equipment in predetermined time synchrodata;
It is withholdd in advance according to the synchrodata processing of the payment equipment.
10. a kind of payment terminal characterized by comprising
Payment request receiving module, the payment request sent for receiving payment equipment, wherein the payment request includes payment
Equipment number, time of payment and payment amount, the payment equipment are in off-line state;
Payment request sending module, for the payment request to be forwarded to payment server, by the payment server according to
The payment equipment number, time of payment and payment amount generate virtual card number and dynamic key;
Receiving module, for obtaining the virtual card number and dynamic key from the payment server;
Payment affirmation sending module will be encrypted for encrypting payment affirmation message with the virtual card number and dynamic key
The payment affirmation message is sent to the payment equipment;
Payment result receiving module, for receive from it is described payment equipment payment result, wherein the payment equipment according to
The payment equipment number, time of payment and payment amount, using virtual card number identical with the payment server and dynamic
Key schedule generates the virtual card number and dynamic key, decrypts the branch using the virtual card number and dynamic key
Confirmation message is paid, if successful decryption, the payment result is to pay successfully, and otherwise the payment result is payment failure;
Payment result sending module, for the payment result to be transmitted to the payment server, by the payment server
Fund is handled according to the payment result.
11. payment terminal according to claim 10, which is characterized in that
The payment server and payment equipment foundation key having the same;With, it is described payment equipment generate it is described
Payment request, payment result and the virtual card number and dynamic key are encrypted through the foundation key;With the payment clothes
The virtual card number and dynamic key that business device generates are encrypted through the foundation key;With described in the payment server use
Foundation key decrypts the payment request, payment result;
Or,
The payment affirmation message is effective within the predetermined time after the payment equipment sends the payment request;And/or institute
It states virtual card number and the dynamic key is only effective in the payment equipment for sending the payment request;And/or the virtual card number
It is used only once in life cycle with the dynamic key;And/or same payment equipment only receives together in the given time
One Send only Account carries out a payment transaction;
Or,
The payment request further includes the near-field communication application identities of the payment equipment requirement access, purchaser's mark, purchase
Goods number and/or quantity purchase are answered according to payment equipment mark, time of payment and payment amount and near-field communication
With mark, purchaser's mark, purchase goods number and/or quantity purchase, the virtual card number and the dynamic key are generated.
12. a kind of payment equipment characterized by comprising
Request sending module, for sending payment request, institute to payment terminal in the case where payment equipment is in off-line state
Stating payment request includes payment equipment number, time of payment and payment amount;
Message capturing module, for obtaining payment affirmation message from the payment terminal, the payment affirmation message is in the branch
It pays terminal to encrypt through virtual card number and dynamic key, the virtual card number and dynamic key are by payment server according to the payment
Equipment number, time of payment and payment amount generate;
Correction verification module, for being numbered according to the payment equipment, time of payment and payment amount, using with the payment server
Identical virtual card number and Dynamical Secret Key Building Algorithm generate the virtual card number and dynamic key, use the virtual card number
The payment affirmation message is decrypted with dynamic key, if successful decryption, it is determined that payment result is to pay successfully, otherwise the branch
Paying result is payment failure;
As a result sending module, for sending the payment result to payment terminal, so that payment server is according to from the payment
The payment result that terminal obtains handles fund.
13. payment equipment according to claim 12, which is characterized in that further include: equipment underlying cryptographic module, for making
The payment request, payment result and the virtual card number and dynamic key are encrypted with foundation key, wherein the basis
Key is identical as the foundation key in the payment server.
14. payment equipment according to claim 12, which is characterized in that
The correction verification module includes:
Generation unit is decrypted, for according to payment equipment number, time of payment and payment amount, use and payment server
Identical virtual card number and Dynamical Secret Key Building Algorithm, generate virtual card number and dynamic key;
Decryption unit, for using the virtual card number and dynamic key to decrypt the payment affirmation message as decryption factor,
If can decrypt, the payment result is to pay successfully, is otherwise payment failure;
Or,
The payment equipment further include: data simultaneous module, in predetermined time and payment server synchrodata;
Or,
The payment affirmation message is effective within the predetermined time after payment request sending;And/or the virtual card number and
The dynamic key is only effective in the payment equipment for sending the payment request;And/or the virtual card number and the dynamic it is close
Key is used only once in life cycle;And/or same payment equipment only receive in the given time same Send only Account into
Payment transaction of row.
15. payment equipment described in 2,13 or 14 according to claim 1, which is characterized in that the payment equipment is POS machine tool,
The payment terminal is the payment terminal for the near-field communication for supporting that Intrusion Detection based on host card mold is quasi-.
16. a kind of payment server characterized by comprising
Request module, for obtaining payment request from payment terminal, wherein the payment request includes that payment equipment is compiled
Number, time of payment and payment amount, the payment equipment be in off-line state;
Generation module, for close according to payment equipment number, time of payment and the virtual card number of payment amount generation and dynamic
Key;
Sending module, for sending the virtual card number and the dynamic key to the payment terminal;
As a result module is obtained, for obtaining payment result from the payment terminal, wherein the payment result is that the payment is whole
End is obtained from the payment equipment, and the payment equipment numbers according to the payment equipment, time of payment and payment amount, use
Virtual card number identical with the payment server and Dynamical Secret Key Building Algorithm generate the virtual card number and dynamic key,
The payment affirmation message is decrypted using the virtual card number and dynamic key, if successful decryption, the payment result is branch
It pays successfully, otherwise the payment result is payment failure;
Result treatment module is used to handle fund according to the payment result, including, it is successfully completed and is withholdd according to the payment,
Unsuccessfully cancelled according to the payment and being withholdd.
17. payment server according to claim 16, which is characterized in that
The payment server further include:
Server basis encrypting module, for encrypting according to the payment equipment number, time of payment and payment amount generation
The virtual card number and dynamic password;
Server basis deciphering module, for decrypting the payment request and be transmitted to the generation module, and described in decryption
Payment result is simultaneously transmitted to result acquisition module;
Or,
The virtual card number and the dynamic key are only effective in the payment equipment for sending the payment request;And/or the void
Quasi- card number and the dynamic key are used only once in life cycle;And/or same payment equipment in the given time only
Receive same Send only Account and carries out a payment transaction.
18. payment server according to claim 16, which is characterized in that further include pre- module of withholing, for according to institute
Payment amount is stated to be withholdd in advance;
The result treatment module, for according to payment successful result deduct it is described it is pre- withhold, or according to it is described payment unsuccessfully tie
Fruit releases described pre- withhold.
19. payment server according to claim 18, which is characterized in that further include:
Synchronization module is used for payment equipment in predetermined time synchrodata;
Synchronous processing module, for being withholdd in advance according to the synchrodata processing of the payment equipment.
20. a kind of offline electronic payment system, which is characterized in that including the payment terminal of claim 10 or 11, claim 12-
15 any payment equipments and any payment server of claim 16-19.
Priority Applications (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN201510172186.3A CN106157013B (en) | 2015-04-13 | 2015-04-13 | Payment terminal, equipment, server, system and payment processing method |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN201510172186.3A CN106157013B (en) | 2015-04-13 | 2015-04-13 | Payment terminal, equipment, server, system and payment processing method |
Publications (2)
| Publication Number | Publication Date |
|---|---|
| CN106157013A CN106157013A (en) | 2016-11-23 |
| CN106157013B true CN106157013B (en) | 2019-08-30 |
Family
ID=57336663
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN201510172186.3A Active CN106157013B (en) | 2015-04-13 | 2015-04-13 | Payment terminal, equipment, server, system and payment processing method |
Country Status (1)
| Country | Link |
|---|---|
| CN (1) | CN106157013B (en) |
Families Citing this family (9)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| KR101798059B1 (en) * | 2016-12-21 | 2017-11-16 | 주식회사 한국스마트카드 | Method for creating and deleting a dynamic virtual card |
| CN106845980B (en) * | 2017-01-18 | 2021-12-07 | 北京小米移动软件有限公司 | Mobile payment method and device in virtual reality environment |
| CN107516196A (en) * | 2017-09-04 | 2017-12-26 | 杭州哲信信息技术有限公司 | A kind of mobile-payment system and its method of mobile payment |
| CN107705123A (en) * | 2017-09-13 | 2018-02-16 | 迟祥 | A kind of NFC payment, system and terminal, server |
| CN108805539A (en) * | 2018-02-09 | 2018-11-13 | 深圳市微付充科技有限公司 | A kind of method of payment, mobile device and storage device that Intrusion Detection based on host snap gauge is quasi- |
| CN109714716B (en) * | 2019-02-01 | 2020-08-25 | Oppo广东移动通信有限公司 | Data packet forwarding method and device and mobile terminal |
| CN110288337A (en) * | 2019-06-11 | 2019-09-27 | 深圳市微付充科技有限公司 | Method of mobile payment, mobile terminal, server and device |
| CN111935158B (en) * | 2020-08-12 | 2021-02-26 | 盐城工学院 | Financial data management method of remote network consumption system |
| CN114154991A (en) * | 2021-12-09 | 2022-03-08 | 兴业银行股份有限公司 | Payment transaction failure automatic retransmission system and method based on virtual order mechanism |
Citations (5)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN102468960A (en) * | 2010-11-16 | 2012-05-23 | 卓望数码技术(深圳)有限公司 | Off-line mode identity and transaction authentication method and terminal |
| CN104268746A (en) * | 2014-09-17 | 2015-01-07 | 江苏爱心消费支付服务有限公司 | Card-free payment method |
| CN104380777A (en) * | 2012-07-09 | 2015-02-25 | 英特尔公司 | Systems and methods for enabling secure transactions with mobile devices |
| CN104504565A (en) * | 2015-01-16 | 2015-04-08 | 上海浩恺信息科技有限公司 | Mobile payment system and method based on bank virtual card number |
| CN104603809A (en) * | 2012-04-16 | 2015-05-06 | 盐技术股份有限公司 | Systems and methods for facilitating a transaction using a virtual card on a mobile device |
-
2015
- 2015-04-13 CN CN201510172186.3A patent/CN106157013B/en active Active
Patent Citations (5)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN102468960A (en) * | 2010-11-16 | 2012-05-23 | 卓望数码技术(深圳)有限公司 | Off-line mode identity and transaction authentication method and terminal |
| CN104603809A (en) * | 2012-04-16 | 2015-05-06 | 盐技术股份有限公司 | Systems and methods for facilitating a transaction using a virtual card on a mobile device |
| CN104380777A (en) * | 2012-07-09 | 2015-02-25 | 英特尔公司 | Systems and methods for enabling secure transactions with mobile devices |
| CN104268746A (en) * | 2014-09-17 | 2015-01-07 | 江苏爱心消费支付服务有限公司 | Card-free payment method |
| CN104504565A (en) * | 2015-01-16 | 2015-04-08 | 上海浩恺信息科技有限公司 | Mobile payment system and method based on bank virtual card number |
Also Published As
| Publication number | Publication date |
|---|---|
| CN106157013A (en) | 2016-11-23 |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| CN106157013B (en) | Payment terminal, equipment, server, system and payment processing method | |
| CN105139193B (en) | Electronic resource processing method, electronic resource processing device and server | |
| CN103903141B (en) | A kind of O2O safe payment methods, system and a kind of POS terminal | |
| CN113228556A (en) | System and method for password authentication of contactless card | |
| CN104951937B (en) | Method for authenticating and right discriminating system between a kind of mobile equipment | |
| JP5766199B2 (en) | Secure mobile payment processing | |
| US8527427B2 (en) | Method and system for performing a transaction using a dynamic authorization code | |
| AU2006348401B2 (en) | System and method for generating an unpredictable number using a seeded algorithm | |
| US20150287031A1 (en) | Methods and apparatus for card transactions | |
| CN102722816B (en) | A kind of method, system and device of mobile payment | |
| CN104700267A (en) | Bank virtual card number based mobile payment system and method | |
| CN106447310A (en) | Device, system and method for reducing an interaction time for a contactless transaction | |
| CN105701661A (en) | Methods, devices, and systems for secure provisioning, transmission, and authentication of payment data | |
| CN106997527A (en) | Credit payment method and device based on mobile terminal P2P | |
| Husni et al. | Efficient tag-to-tag near field communication (NFC) protocol for secure mobile payment | |
| CN103123708A (en) | Secure payment method, mobile device and secure payment system | |
| TR201808160T4 (en) | Method, device and system for securing payment data for transmission over open communication networks. | |
| CN103400265A (en) | Quick payment method and system based on position information | |
| US11997208B2 (en) | Systems and methods for inventory management using cryptographic authentication of contactless cards | |
| CN112889046A (en) | System and method for password authentication of contactless cards | |
| CN103903140A (en) | O2O safety payment method, system and safety payment background | |
| CN103944735A (en) | Data security interactive method | |
| EP3533172B1 (en) | System for secure authentication of a user's identity in an electronic system for banking transactions | |
| CN101313329B (en) | Reduce equipment and the system of the interaction time of contactless transaction | |
| TWI502524B (en) | Payment data processing method, system, payment terminal and payment server |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| C06 | Publication | ||
| PB01 | Publication | ||
| C10 | Entry into substantive examination | ||
| SE01 | Entry into force of request for substantive examination | ||
| GR01 | Patent grant | ||
| GR01 | Patent grant |