CN106529941A - PBOC micro payment security promotion method - Google Patents
PBOC micro payment security promotion method Download PDFInfo
- Publication number
- CN106529941A CN106529941A CN201611049944.3A CN201611049944A CN106529941A CN 106529941 A CN106529941 A CN 106529941A CN 201611049944 A CN201611049944 A CN 201611049944A CN 106529941 A CN106529941 A CN 106529941A
- Authority
- CN
- China
- Prior art keywords
- key
- user profile
- data
- information
- card
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Pending
Links
Classifications
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06Q—INFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES, NOT OTHERWISE PROVIDED FOR
- G06Q20/00—Payment architectures, schemes or protocols
- G06Q20/30—Payment architectures, schemes or protocols characterised by the use of specific devices or networks
- G06Q20/34—Payment architectures, schemes or protocols characterised by the use of specific devices or networks using cards, e.g. integrated circuit [IC] cards or magnetic cards
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06Q—INFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES, NOT OTHERWISE PROVIDED FOR
- G06Q20/00—Payment architectures, schemes or protocols
- G06Q20/38—Payment protocols; Details thereof
- G06Q20/382—Payment protocols; Details thereof insuring higher security of transaction
- G06Q20/3829—Payment protocols; Details thereof insuring higher security of transaction involving key management
Abstract
The invention discloses a PBOC micro payment security promotion method. The method comprises steps: the order number, the order information, the user information and issuing bank information are transmitted to a trusted cryptography module; an IC card sub key and a one-time process key are obtained through dispersion in the trusted cryptography module; the order information, the merchant information and the user information are encrypted in the trusted cryptography module, and a data check code corresponding to the encrypted data of the time is generated; and the encrypted data and the data check code are uploaded to a server through the internet. The method is based on the trusted cryptography module, processes of key dispersion, data encryption and data storage and the like are carried out in the trusted cryptography module, the security of offline data can be effectively improved, and data interception is prevented.
Description
Technical field
The present invention relates to PBOC safety of payment technical fields, more particularly to PBOC small amount payment security improvement methods.
Background technology
Financial IC card be using integrated circuit (IC) technology and financial industry standard, with consumptive credit, the transfer and settlement of accounts and
The financial payment instrument of the functions such as cash-access.Financial IC card from 20th century the mid-80 France come out since, progressively by
It is applied to socio-economic activity.The upgrading of PBOC3.0 specifications predominantly meet three below in terms of demand:1. industry expansion.It is suitable
The industry requirement of the function such as answer Public Service Field to freeze electronic cash timesharing, the block meter rate means of payment, electronic cash, promotees
Enter application of the financial IC card in Public Service Fields such as high ferro, public transport, subways.2. innovation pays.Realize financial IC card application with
The integration of the innovative application such as internet payment, mobile payment, promotes the offline upper channel incorporation of line.3. cross-border use.In satisfaction
State holder particularly carries out the demand of electronic cash payment in Hong Kong and Macao using financial IC card.
Specify according to PBOC3.0, system equipment allows for realizing following functions:Key divergent function, adds from being stored in
Credit card issuer master key in close equipment disperses unique IC-card sub-key:Process key systematic function, according to sub-key and defeated
Enter data, disperse process key;Data encryption feature, carries out data Encrypt and Decrypt according to sub-key or process key;MAC is produced
Raw function, according to MAC process keys and the data for being intended to be calculated, produces the check code of data.PBOC3.0 specifications data biographies
The safety of defeated process, but data storage especially terminal data is not fully specified safely.
The content of the invention
For solving above-mentioned technical problem, it is an object of the invention to provide a kind of PBOC small amount payments security improvement method, this
The purpose of invention is to be achieved through the following technical solutions:
A kind of PBOC small amount payments security improvement method, including:
A reads user profile and hair fastener row information on IC-card by controlling card reading module, and user profile, credit card issuer are believed
The order number and sequence information that breath and POS terminal are generated is transmitted into credible password module;
B obtains the credit card issuer master key in credible password module according to credit card issuer information retrieval, with reference to user profile, dispersion
Credit card issuer master key obtains IC-card sub-key;Based on credit card issuer master key and IC-card sub-key, and the order concluded the business with reference to this
Information, merchant information, user profile and order number, Jing process keys decentralized algorithm dispersion credit card issuer master key and IC-card sub-key
Obtain disposable process key;
C utilizes process key, and encryption sequence information, merchant information and user profile form encryption data;Using check code
Process key, sequence information, merchant information are generated data school corresponding with the encryption data with user profile by generating algorithm
Test code;
Encryption data is uploaded onto the server by D with data check code, server based on data check code checking encryption data
Integrity, and the process key of server end generation, the sequence information that ciphertext data acquisition is concluded the business, business is combined using decipherment algorithm
Family information, user profile and order number.
Compared with prior art, one or more embodiments of the invention can have the advantage that:
This method is based on credible password module, by processes such as key dispersion, data encryption, data preservations all in trusted cryptography
Carry out in module, the safety of off-line data can be effectively improved, data theft is prevented.
Description of the drawings
Fig. 1 is PBOC small amount payment security improvement method flow diagrams;
Fig. 2 is PBOC small amount payment security improvement method program frame diagrams.
Specific embodiment
For making the object, technical solutions and advantages of the present invention clearer, below in conjunction with embodiment and accompanying drawing to this
It is bright to be described in further detail.
As shown in figure 1, being PBOC small amount payment security improvement methods, the method comprises the following steps:
Step 10 reads user profile and hair fastener row information on IC-card by controlling card reading module, and by user profile, send out
The order number and sequence information that card row information and POS terminal are generated is transmitted into credible password module;
Step 20 obtains the credit card issuer master key in credible password module according to credit card issuer information retrieval, believes with reference to user
Breath, dispersion credit card issuer master key obtain IC-card sub-key;Based on credit card issuer master key and IC-card sub-key, and with reference to this transaction
Sequence information, merchant information, user profile and order number, Jing process keys decentralized algorithm dispersion credit card issuer master key and IC-card
Sub-key obtains disposable process key;
Step 30 utilizes process key, and encryption sequence information, merchant information and user profile form encryption data;Utilize
Check code generating algorithm, process key, sequence information, merchant information is generated with user profile corresponding with the encryption data
Data check code;
Encryption data is uploaded onto the server by step 40 with data check code, the checking encryption of server based on data check code
Data integrity, and the order letter that the process key of server end generation, ciphertext data obtain transaction is combined using decipherment algorithm
Breath, merchant information, user profile and order number.
As described in Figure 2, in above-mentioned steps 10, sequence information includes:The order amount of money, order generate time, content of good, business
Product quantity;The user profile includes:Bank's card number, bank card card-issuing date, bank's cardholder ID (identity number) card No., cell-phone number
Code;The merchant information includes:Trade company's name, trade company's business license number, organization mechanism code, Tax Registration Certificate number, trade company's method
Name.
In above-mentioned steps 20, dispersion obtains IC-card sub-key, dispersion and obtains the calculating process such as disposable process key and all exist
Carry out in credible password module.
In above-mentioned steps 30, sequence information, merchant information and user profile data, generation and this encryption of encryption are generated
The corresponding data check code of data is carried out in credible password module;And sequence information, merchant information, user profile with order
Odd numbers will be stored in credible password module after output transmission.
The method that above-described embodiment is provided is based on PBOC3.0 small amount payment security improvement methods.
Although disclosed herein embodiment as above, described content only to facilitate understand the present invention and adopt
Embodiment, is not limited to the present invention.Technical staff in any the technical field of the invention, without departing from this
On the premise of the disclosed spirit and scope of invention, any modification and change can be made in the formal and details implemented,
But the scope of patent protection of the present invention, still must be defined by the scope of which is defined in the appended claims.
Claims (5)
1. a kind of PBOC small amount payments security improvement method, it is characterised in that the method comprising the steps of:
A reads user profile and hair fastener row information on IC-card by controlling card reading module, and by user profile, hair fastener row information and
The order number and sequence information that POS terminal is generated is transmitted into credible password module;
B obtains the credit card issuer master key in credible password module according to credit card issuer information retrieval, with reference to user profile, disperses hair fastener
Row master key obtains IC-card sub-key;Based on credit card issuer master key and IC-card sub-key, and conclude the business with reference to this sequence information,
Merchant information, user profile and order number, Jing process keys decentralized algorithm dispersion credit card issuer master key are obtained with IC-card sub-key
Disposable process key;
C utilizes process key, and encryption sequence information, merchant information and user profile form encryption data;Generated using check code
Process key, sequence information, merchant information are generated data check corresponding with the encryption data with user profile by algorithm
Code;
Encryption data is uploaded onto the server by D with data check code, and server based on data check code checking encryption data is complete
Property, and the process key of server end generation, the sequence information that ciphertext data acquisition is concluded the business, trade company's letter is combined using decipherment algorithm
Breath, user profile and order number.
2. PBOC small amount payments security improvement method as claimed in claim 1, it is characterised in that in step A:
Sequence information includes that the order amount of money, order generate time, content of good, commodity amount;
User profile includes:Bank's card number, bank card card-issuing date, bank's cardholder ID (identity number) card No., phone number;
Merchant information includes:Trade company's name, trade company's business license number, organization mechanism code, Tax Registration Certificate number, trade company legal person
Name.
3. PBOC small amount payments security improvement method as claimed in claim 1, it is characterised in that in step B, disperse
Disposable process key calculating process is obtained to IC-card sub-key and dispersion is carried out in the credible password module.
4. PBOC small amount payments security improvement method as claimed in claim 1, it is characterised in that in step C, order letter
Breath, merchant information and user profile, form encryption data and by process key, sequence information, merchant information and user profile
Generating data check code corresponding with the encryption data is carried out in credible password module;And sequence information, trade company's letter
Breath, user profile and order number are stored in credible password module after output transmission.
5. PBOC small amount payments security improvement method as claimed in claim 1, it is characterised in that methods described is PBOC3.0
Small amount payment security improvement method.
Priority Applications (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN201611049944.3A CN106529941A (en) | 2016-11-24 | 2016-11-24 | PBOC micro payment security promotion method |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN201611049944.3A CN106529941A (en) | 2016-11-24 | 2016-11-24 | PBOC micro payment security promotion method |
Publications (1)
| Publication Number | Publication Date |
|---|---|
| CN106529941A true CN106529941A (en) | 2017-03-22 |
Family
ID=58357910
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN201611049944.3A Pending CN106529941A (en) | 2016-11-24 | 2016-11-24 | PBOC micro payment security promotion method |
Country Status (1)
| Country | Link |
|---|---|
| CN (1) | CN106529941A (en) |
Cited By (1)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN110060046A (en) * | 2019-04-25 | 2019-07-26 | 深圳蓝贝科技有限公司 | A kind of transaction processing method, device, system, equipment and storage medium |
Citations (4)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN101098225A (en) * | 2006-06-29 | 2008-01-02 | 中国银联股份有限公司 | Safety data transmission method and paying method, paying terminal and paying server |
| CN201163419Y (en) * | 2008-03-06 | 2008-12-10 | 同方股份有限公司 | Safety internet bank apparatus |
| CN101686225A (en) * | 2008-09-28 | 2010-03-31 | 中国银联股份有限公司 | Methods of data encryption and key generation for on-line payment |
| CN101651543B (en) * | 2009-09-04 | 2012-02-01 | 瑞达信息安全产业股份有限公司 | Creditable calculation platform key migration system and key migration method thereof |
-
2016
- 2016-11-24 CN CN201611049944.3A patent/CN106529941A/en active Pending
Patent Citations (4)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN101098225A (en) * | 2006-06-29 | 2008-01-02 | 中国银联股份有限公司 | Safety data transmission method and paying method, paying terminal and paying server |
| CN201163419Y (en) * | 2008-03-06 | 2008-12-10 | 同方股份有限公司 | Safety internet bank apparatus |
| CN101686225A (en) * | 2008-09-28 | 2010-03-31 | 中国银联股份有限公司 | Methods of data encryption and key generation for on-line payment |
| CN101651543B (en) * | 2009-09-04 | 2012-02-01 | 瑞达信息安全产业股份有限公司 | Creditable calculation platform key migration system and key migration method thereof |
Cited By (1)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN110060046A (en) * | 2019-04-25 | 2019-07-26 | 深圳蓝贝科技有限公司 | A kind of transaction processing method, device, system, equipment and storage medium |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| US11941591B2 (en) | Device including encrypted data for expiration date and verification value creation | |
| US11880815B2 (en) | Device enrollment system and method | |
| US20180053167A1 (en) | Processing of financial transactions using debit networks | |
| AU2006348401B8 (en) | System and method for generating an unpredictable number using a seeded algorithm | |
| US9818112B2 (en) | Method and system for payment authorization and card presentation using pre-issued identities | |
| US8527427B2 (en) | Method and system for performing a transaction using a dynamic authorization code | |
| CN108476227A (en) | System and method for equipment push supply | |
| US8055581B2 (en) | Management of financial transactions using debit networks | |
| CN105027153A (en) | Methods, devices, and systems for secure provisioning, transmission, and authentication of payment data | |
| AU2015214271A1 (en) | Token verification using limited use certificates | |
| CN111160902A (en) | Method and system for secure delivery of remote notification service messages to mobile devices without secure elements | |
| CN107230079A (en) | The method and system of offline electronic payment are carried out using digital cash chip card | |
| CN111523884A (en) | Method and system for generating advanced storage keys in a mobile device without a secure element | |
| CN105989466A (en) | Method of payment with mobile phone | |
| WO2002071177A3 (en) | Method and system for substantially secure electronic transactions | |
| CN107230299A (en) | The method and system of bank's storage of digital cash | |
| CN107230072A (en) | The method and system of online payment is carried out using digital cash chip card | |
| CN106529941A (en) | PBOC micro payment security promotion method | |
| CN107230300A (en) | The method and system of cash in kind are exchanged using digital cash chip card | |
| GB2373616A (en) | Remote cardholder verification process | |
| CN108780547B (en) | Proxy device for representing multiple certificates | |
| AU2008254851B2 (en) | Method and system for payment authorization and card presentation using pre-issued identities | |
| Pircalab | Security of Internet Payments | |
| KR20090002061A (en) | Card device for compositionally settling admission for discount coupon and supporting fund and program recording medium |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| C06 | Publication | ||
| PB01 | Publication | ||
| SE01 | Entry into force of request for substantive examination | ||
| SE01 | Entry into force of request for substantive examination | ||
| RJ01 | Rejection of invention patent application after publication |
Application publication date: 20170322 |
|
| RJ01 | Rejection of invention patent application after publication |