CN106688004A - Transaction authentication method, device, mobile terminal, POS terminal and server - Google Patents

Transaction authentication method, device, mobile terminal, POS terminal and server Download PDF

Info

Publication number
CN106688004A
CN106688004A CN201580050445.3A CN201580050445A CN106688004A CN 106688004 A CN106688004 A CN 106688004A CN 201580050445 A CN201580050445 A CN 201580050445A CN 106688004 A CN106688004 A CN 106688004A
Authority
CN
China
Prior art keywords
user
information
mobile terminal
server
electronic identifications
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Granted
Application number
CN201580050445.3A
Other languages
Chinese (zh)
Other versions
CN106688004B (en
Inventor
华先文
梅敬青
常新苗
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
Huawei Technologies Co Ltd
Original Assignee
Huawei Technologies Co Ltd
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Huawei Technologies Co Ltd filed Critical Huawei Technologies Co Ltd
Publication of CN106688004A publication Critical patent/CN106688004A/en
Application granted granted Critical
Publication of CN106688004B publication Critical patent/CN106688004B/en
Active legal-status Critical Current
Anticipated expiration legal-status Critical

Links

Classifications

    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06QINFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES, NOT OTHERWISE PROVIDED FOR
    • G06Q20/00Payment architectures, schemes or protocols
    • G06Q20/38Payment protocols; Details thereof
    • G06Q20/40Authorisation, e.g. identification of payer or payee, verification of customer or shop credentials; Review and approval of payers, e.g. check credit lines or negative lists
    • G06Q20/401Transaction verification
    • G06Q20/4014Identity check for transactions
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06QINFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES, NOT OTHERWISE PROVIDED FOR
    • G06Q20/00Payment architectures, schemes or protocols
    • G06Q20/08Payment architectures
    • G06Q20/12Payment architectures specially adapted for electronic shopping systems
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06QINFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES, NOT OTHERWISE PROVIDED FOR
    • G06Q20/00Payment architectures, schemes or protocols
    • G06Q20/08Payment architectures
    • G06Q20/20Point-of-sale [POS] network systems
    • G06Q20/206Point-of-sale [POS] network systems comprising security or operator identification provisions, e.g. password entry
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06QINFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES, NOT OTHERWISE PROVIDED FOR
    • G06Q20/00Payment architectures, schemes or protocols
    • G06Q20/38Payment protocols; Details thereof
    • G06Q20/40Authorisation, e.g. identification of payer or payee, verification of customer or shop credentials; Review and approval of payers, e.g. check credit lines or negative lists
    • G06Q20/401Transaction verification
    • G06Q20/4012Verifying personal identification numbers [PIN]
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06QINFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES, NOT OTHERWISE PROVIDED FOR
    • G06Q20/00Payment architectures, schemes or protocols
    • G06Q20/38Payment protocols; Details thereof
    • G06Q20/40Authorisation, e.g. identification of payer or payee, verification of customer or shop credentials; Review and approval of payers, e.g. check credit lines or negative lists
    • G06Q20/403Solvency checks
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/08Network architectures or network communication protocols for network security for authentication of entities
    • H04L63/0876Network architectures or network communication protocols for network security for authentication of entities based on the identity of the terminal or configuration, e.g. MAC address, hardware or software configuration or device fingerprint
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/08Network architectures or network communication protocols for network security for authentication of entities
    • H04L63/0892Network architectures or network communication protocols for network security for authentication of entities by using authentication-authorization-accounting [AAA] servers or protocols

Abstract

The embodiment of the invention provides a transaction authentication method, device, mobile terminal, POS terminal and server. The method includes the steps of obtaining commercial tenant electronic identity information sent by a mobile terminal; after determining that identity authentication of the commercial tenant is passed, sending commercial tenant information corresponding to the commercial tenant electronic identity information to the mobile terminal; obtaining first authorization information sent by the mobile terminal; and performing authentication on the identity of the user of the mobile terminal according to the first authorization information sent by the mobile terminal. The method, device, mobile terminal, POS terminal and server provided by the embodiment of the invention can realize bidirectional authentication of a card holder and the commercial tenant, thereby improving security of a transaction.

Description

A kind of business confirmation method, device, mobile terminal, POS terminal and server
Technical field
The present invention relates to communication technical field, more particularly to a kind of business confirmation method, device, mobile terminal, POS terminal And server.
Background technology
In the market point of sale POS (Point of Sales, abbreviation POS) terminal category is numerous, and consumer is in consumption When worry the security of POS unavoidably.The particularly release of mPOS, while little difference quotient family facility gathering is met, its peace Full property is all the time controversial.Even if adding Logo, manufacturer, the anti-counterfeiting mark for being marked with Unionpay in appearance in POS terminal Etc. information, it is also difficult to require that consumer goes the authenticity for checking above- mentioned information when consumption.
Existing POS receives single, mainly using consumer PIN verifications and/or cardholder signature as transaction authentication or authority, but still It is not enough to judge holder's identity information.In real process of exchange, both parties have the requirement of verification other side's identity, because How this, allow consumer quickly to judge that currently used POS is legal and is used by legal holder, while allowing trade company Quick identification current consumer seems most important for real holder.
Electronic identifications (electronic IDentity, abbreviation eID) are based on encryption technology, with intelligent core Piece is carrier, by the identity examination & verification of Ministry of Public Security Jing scenes, is issued to citizen, can be used to confirm identity, general in remote web The network identity certificate of adaptive.The unique identification of eID ensure that the authenticity of personal identification, and any disclosed is not contained again People's identity information, can be prevented effectively from identity information exposure.
The application of existing eID technologies includes authentication, the internet based on eID based on bank's cardholder of eID Using the application such as quickly logging in, there is no and eID is introduced into the application that POS terminal realizes the two-way authentication to holder and trade company.
The content of the invention
The embodiment of the present invention provides a kind of business confirmation method, device, mobile terminal, POS terminal and server, Neng Goushi The checking of legitimacy and the legitimacy of holder now to POS.
On the one hand, the embodiment of the present invention provides a kind of business confirmation method, and the method includes:Obtain what mobile terminal sent Trade company's electronic identifications information;After determining that the authentication of the trade company passes through, will believe with trade company's electronic identifications Cease corresponding merchant information to send to the mobile terminal;Obtain the first authorization message that the mobile terminal sends;According to institute State the first authorization message to be authenticated the identity of the user of the mobile terminal.
On the other hand, the embodiment of the present invention provides a kind of business confirmation method, and the method includes:Obtain trade company's electronic identity Identification information;Send trade company's electronic identifications information carries out merchant identification certification to server;Receive the server The merchant information corresponding with trade company's electronic identifications information for sending;Show the merchant information;Receive mobile terminal User input confirmation, the confirmation be used for indicate the merchant information by checking;Send authorization message extremely The server, the authorization message is used to indicate that the server is authenticated the identity of the user of the mobile terminal.
Another further aspect, the embodiment of the present invention provides a kind of business confirmation method, and the method includes:Obtain the use of trade user Family identifies;ID authentication request information is sent to server, the ID authentication request information is used to indicate the server pair The electronic identifications information of trade user is authenticated, and the ID authentication request packet contains the ID;Connect Receive the user profile corresponding with the electronic identifications information of the trade user that the server sends;Show the user Information;The confirmation of trade company's input is received, the confirmation is used to indicate the user profile by checking;Perform transaction Operation, the transactional operation includes at least one in consumption, account balance inquiry, transaction detail query.
Another aspect, the embodiment of the present invention provides a kind of business confirmation method, and the method includes:Acquisition for mobile terminal trade company Electronic identifications information;Mobile terminal transmission trade company's electronic identifications information carries out merchant identification and recognizes to server Card;After the server determines that the authentication of the trade company passes through, will be corresponding with trade company's electronic identifications information Merchant information is sent to the mobile terminal;It is sending with trade company's electronic identity that the mobile terminal receives the server Merchant information corresponding to identification information;The mobile terminal shows the merchant information;The mobile terminal receiving user's input Confirmation, the confirmation be used for indicate the merchant information by checking;The server receives described mobile whole The first authorization message that end sends, first authorization message is used to indicate the server to the user's of the mobile terminal Identity is authenticated.
Another aspect, the embodiment of the present invention provides a kind of transaction authentication device, and the device includes:First acquisition unit, uses In the trade company's electronic identifications information for obtaining mobile terminal transmission;Transmitting element, for determining the authentication of the trade company By rear, merchant information corresponding with trade company's electronic identifications information is sent to the mobile terminal;Second obtains Unit, for obtaining the first authorization message that the mobile terminal sends;Authentication unit, for according to first authorization message The identity of the user of the mobile terminal is authenticated.
Another aspect, the embodiment of the present invention provides a kind of transaction authentication device, and the device includes:Acquiring unit, for obtaining Take trade company's electronic identifications information;First transmitting element, for sending trade company's electronic identifications information to server Carry out merchant identification certification;First receiving unit is sending with trade company's electronic identifications for receiving the server The corresponding merchant information of information;First display unit, for showing the merchant information;Second receiving unit, moves for receiving The confirmation of the user input of dynamic terminal, the confirmation is used to indicate the merchant information by checking;Second sends Unit, for sending authorization message to the server, the authorization message is used to indicate the server to described mobile whole The identity of the user at end is authenticated.
Another aspect, the embodiment of the present invention provides a kind of transaction authentication device, and the device includes:Acquiring unit, for obtaining Take the ID of trade user;First transmitting element, for sending ID authentication request information to server, the identity is recognized Card solicited message is used to indicate that the server is authenticated user's electronic identifications information, and the ID authentication request Packet contains the ID;First receiving unit is sending with user's electronic identity for receiving the server User profile corresponding to identification information;Display unit, for showing the user profile;Second receiving unit, for receiving business The confirmation of family input, the confirmation is used to indicate the user profile by checking;Transaction unit, for performing friendship Easy to operate, the transactional operation includes at least one in consumption, account balance inquiry, transaction detail query.
Another aspect, the embodiment of the present invention provides a kind of server, including:Processor, communication unit, memory and total Line;Wherein described processor, the communication unit and the memory pass through the bus bar;The memory, for depositing Storage instruction or data;The processor calls storage instruction in which memory to realize:Obtain what mobile terminal sent Trade company's electronic identifications information;Authentication is carried out to trade company according to trade company's electronic identifications information;Obtain described The first authorization message that mobile terminal sends;The identity of the user of the mobile terminal is carried out according to first authorization message Certification;The communication unit is used for:After the authentication of the trade company passes through, will be with trade company's electronic identifications information Corresponding merchant information is sent to the mobile terminal.
Another aspect, the embodiment of the present invention provides a kind of mobile terminal, including:Processor, communication unit, display unit, User interface, memory and bus;Wherein described processor, the communication unit, the display unit, the user interface and The memory passes through the bus bar;The memory, for store instruction or data;The communication unit, is used for:Obtain Take trade company's electronic identifications information;Send trade company's electronic identifications information carries out merchant identification certification to server; Receive the merchant information corresponding with trade company's electronic identifications information that the server sends;Authorization message is sent to institute Server is stated, the authorization message is used to indicate that the server is authenticated the identity of the user of the mobile terminal.Institute Display unit is stated, for showing the merchant information;The user interface, for receiving the confirmation of the user input of mobile terminal Information, the confirmation is used to indicate the merchant information by checking.
Another aspect, the embodiment of the present invention provides a kind of POS terminal, including:Processor, communication unit, display unit is used Family interface, memory and bus;Wherein described processor, the communication interface and the memory pass through the bus bar; The memory, for store instruction or data;The communication unit is used for:Obtain the ID of trade user;Send body To server, the ID authentication request information is used to indicate the server to user's electronic identity mark part certification request information Knowledge information is authenticated, and the ID authentication request packet contains the ID;Receive that the server sends with The corresponding user profile of user's electronic identifications information;The display unit, for showing the user profile;It is described User interface, for receiving the confirmation of trade company's input, the confirmation is used to indicate the user profile by checking; The processor, for performing transactional operation, the transactional operation is included in consumption, account balance inquiry, transaction detail query At least one.
The above technical scheme provided from the present invention can be seen that method, device, the service due to the embodiment of the present invention Device, mobile terminal and POS terminal can realize the bi-directional verification of the legitimacy of the legitimacy to POS and holder, improve friendship Easy security.
Description of the drawings
In order to be illustrated more clearly that the technical scheme of the embodiment of the present invention, below will be in embodiment or description of the prior art The required accompanying drawing for using is briefly described, it should be apparent that, drawings in the following description are only some realities of the present invention Example is applied, for those of ordinary skill in the art, on the premise of not paying creative work, can be with according to these accompanying drawings Obtain other accompanying drawings.
Fig. 1 is eID system architecture schematic diagrams;
Fig. 2 is a kind of method flow diagram of embodiment of the business confirmation method that the present invention is provided;
Fig. 3 is the method flow diagram of another kind of embodiment of the business confirmation method that the present invention is provided;
Fig. 4 is the method flow diagram of the another embodiment of the business confirmation method that the present invention is provided;
Fig. 5 is the method flow diagram of another embodiment of the business confirmation method that the present invention is provided;
The method flow diagram of another embodiment of the business confirmation method that Fig. 6 is provided for the present invention;
The method flow diagram of another embodiment of the business confirmation method that Fig. 7 is provided for the present invention;
The method flow diagram of another embodiment of the business confirmation method that Fig. 8 is provided for the present invention;
A kind of interactive schematic diagram of the embodiment of the business confirmation method that Fig. 9 is provided for the present invention;
The interactive schematic diagram of another kind of embodiment of the business confirmation method that Figure 10 is provided for the present invention;
A kind of composition frame chart of the embodiment of the transaction authentication device that Figure 11 is provided for the present invention;
The composition frame chart of another kind of embodiment of the transaction authentication device that Figure 12 is provided for the present invention;
The composition frame chart of the another embodiment of the transaction authentication device that Figure 13 is provided for the present invention;
The composition frame chart of another embodiment of the transaction authentication device that Figure 14 is provided for the present invention;
The composition frame chart of another embodiment of the transaction authentication device that Figure 15 is provided for the present invention;
The composition frame chart of another embodiment of the transaction authentication device that Figure 16 is provided for the present invention;
The composition frame chart of another embodiment of the transaction authentication device that Figure 17 is provided for the present invention;
Figure 18 is a kind of structural representation of server provided in an embodiment of the present invention.
Figure 19 is a kind of structural representation of mobile terminal provided in an embodiment of the present invention.
Figure 20 is a kind of structural representation of POS terminal provided in an embodiment of the present invention.
Specific embodiment
Below in conjunction with the accompanying drawing in the embodiment of the present invention, the technical scheme in the embodiment of the present invention is carried out clear, complete Site preparation is described, it is clear that described embodiment is a part of embodiment of the invention, rather than the embodiment of whole.Based on this Embodiment in bright, the every other enforcement that those of ordinary skill in the art are obtained under the premise of creative work is not made Example, belongs to the scope of protection of the invention.
To make persons skilled in the art be better understood by technical scheme provided in an embodiment of the present invention, to existing eID System architecture does some simple introductions, as shown in figure 1, the managing network identities center of public security department is used as eID infrastructure, The examination & verification registration of responsible identity and the granting of carrier, and the life cycle to identity carrier carries out maintenance management.Network identity pipe Reason center gears to the needs of the society all Third Party Authentication mechanism open interfaces with related qualification, and Third Party Authentication mechanism includes place Property and professional digital authenticating center, Virtual network operator and other service organizations of trusted third party.These certification authorities constitute EID service platforms, towards the application of eID online and offline identity information service is provided, and these Third Party Authentication mechanisms are transported by network The regulation of service organization of battalion the industry, regulations provide the identity information service of different levels to the application of eID online and offline.Example Such as, to the mechanism for having real name laws and regulations requirement, such as bank, retail shop provide Real Name;For online game application, year is provided only Age information, and other privacy informations are not provided without exception in addition to holder is voluntary.
Third Party Authentication mechanism applies on eID lines or under line and eID is submitted in managing network identities when being authenticated Heart database is inquired about, and returning result shows the user profile in authority, has both reached the requirement of certification, and protection has been reached again The purpose of individual privacy.Therefore the risk that information is illegally leaked by platform has been effectively guarded against, privacy of user safety has been ensured.
EID can be loaded in the intelligent and safe chip carrier for meeting the requirement of eID high strength safes mechanism, such as:Social security card, Citizen Card Item, bank card, residence permit, SIM or security module (Secure Element, SE) etc..EID functions are in intelligent and safe Independent operating and storage in chip, it is unrelated with other functions (such as finance, social security) on carrier and do not interfere with each other.At present, it is embedding The financial IC card for entering eID has been put into and uses, and the real-name authentication service by financial IC card can adequately protect the hidden of holder Private, has effectively taken precautions against the risk that information is illegally leaked by platform, ensures privacy of user safety.
EID certifications include the certification of eID desktops and eID mobile authentication two ways, the main face of eID desktop real-name authentication schemes To the user that applies on all kinds of eID lines is accessed using PC, personal identification is realized by eID card reader, eID service platforms Authenticity and validation.EID mobile authentications scheme is used for the scene of mobile phone access eID online and offline application.As long as User mobile phone has NFC function, and user can realize identity by way of " patch card " (eID stickers are in mobile phone NFC card-reading zones) Certification, it is not necessary to which card reader can be achieved with the authenticity and validation of personal identification.
A kind of method flow diagram of the embodiment of the business confirmation method that Fig. 2 is provided for the present invention, what the present embodiment was provided Method can apply in the server of above-mentioned Third Party Authentication service organization so that these Third Party Authentication service organizations obtain Authentication ability is obtained, for businessman and consumer the identification of eID network identities and associated safety service are provided.Fig. 2 is refer to, including Following steps:
Step A10:Obtain trade company's electronic identifications information that mobile terminal sends.
The unique identification of eID be by user certificate number, address name and 128 byte random numbers word string be parameter, The binary coding that computing draws is carried out using national commercial cipher algorithm, was both corresponded with citizenship, it is ensured that be personal The authenticity of identity, does not contain any disclosed personally identifiable information again, can be prevented effectively from identity information exposure, and citizen can be certainly It is willing to claim and use eID.
EID is made up of a pair of unsymmetrical key (public key and private key) and associated electrical message file, and the key is to by special Safety chip inside produces, and guarantees to be read, replicate, distort or illegally use by high strength safe mechanism.When eID exists When remotely using on network, chip is carried out based on national commercial cipher algorithm (SM1/SM2/SM3 etc.) using above-mentioned key file The crypto-operations such as internal digital signature.
EID has uniqueness, needs networking certification, when eID carriers are lost or damage, can in time be reported the loss, be noted Pin;Claim new, old is just canceled and cannot reuse automatically, therefore eID holders are identified as being believable.And Because the use of eID need to input signature password, even if others finds also cannot use.
Alternatively, in the present embodiment, trade company business entity or trade company contact person can add to the eID that public security department claims In being loaded in any type of eID carriers of trade company, for example, during the SE of trade company's POS terminal can be loaded on.SE can be provided to quick The safety storage of sense information and the performing environment that provides one safety for trade transactions, its it is internal comprising microprocessor, store with And encryption and decryption hardware etc., can independently use (for example:Chip card) or it is embedded into other equipment (for example:Wearable device and shifting Dynamic terminal) middle offer high safety service.In another optional embodiment of the present embodiment, trade company business entity or trade company join In being the eID cards that people can also load on trade company to the eID that public security department claims.
Consumer can pass through close range wireless communication (NFC) mode when businessman carries out bankcard consumption using mobile terminal Access the eID information that trade company eID carriers obtain trade company.
Mobile terminal sends the trade company eID information for getting to server by mobile network or WLAN, By the authenticity and validity of server authentication trade company eID information, and to mobile terminal return authentication result, if certification is lost Lose, server to mobile terminal return authentication failure information, mobile terminal show the information of authentification failure, point out the trade company For illegal trade company.
Alternatively, in the present embodiment, if merchant identification authentification failure, mobile terminal is presented authentification failure and carries to user After showing information, user can terminate subsequent transaction flow process or submit to suspicious information to put on record to associated mechanisms according to information.
Step A20:After determining that the authentication of the trade company passes through, will be corresponding with trade company's electronic identifications information Merchant information send to the mobile terminal.
The server of electronic identity authentication mechanism can provide the identity information service of different levels.For example, to general Mechanism provides only the state (whether before the deadline etc.) of network identity certificate;To the mechanism for having real name laws and regulations requirement, such as bank, Shop etc. further provides for Real Name, and other privacy informations are not provided without exception in addition to holder is voluntary.
Alternatively, in the present embodiment, merchant information includes at least in name of firm, business qualification and business scope Kind.Server sends merchant information corresponding with trade company eID information to the mobile terminal, and mobile terminal displays to the user that institute Merchant information is stated, for user live confirmation is carried out, if the authenticity of customer acceptance merchant information subsequent operation is performed.It is optional Ground, in the present embodiment, merchant information is not reproducible, distort or illegally use, to prevent merchant information from revealing.
Step A30:Obtain the first authorization message that the mobile terminal sends.
After the user scene of mobile terminal confirms that merchant information is errorless, by mobile terminal input validation information;It is mobile whole Termination is received after the confirmation of user input, sends the first authorization message to server, and server is authorized according to described first Information starts the authentication procedures for performing the user to the mobile terminal, if the identity of the user to the mobile terminal Certification passes through, and the user of the mobile terminal can be traded by POS terminal.
Step A40:The identity of the user of the mobile terminal is authenticated according to first authorization message.
Hold consumption user after mobile terminal is completed to merchant identification certification, trade company is also required to the identity to user It is authenticated, prevents from stealing the appearance of brush behavior, specifically can be verified by dynamic authentication codes, or can be by by user The corresponding user profile of electronic identifications information (for example sign electronically picture, facial photo and credit scoring etc.) send to POS terminal confirms for trade company scene, to examine the true identity of the user of the consumption that holds.Alternatively, in the present embodiment, Yong Huxin Breath is not reproducible, distort or illegally use, to prevent user profile from revealing.
The method flow diagram of another kind of embodiment of the business confirmation method that Fig. 3 is provided for the present invention.The present embodiment is based on Embodiment shown in Fig. 2, as shown in figure 3, in the present embodiment, step A40 in embodiment illustrated in fig. 2 specifically can include:
Step A401:Generate the first dynamic authentication codes.
Step A402:First dynamic authentication codes are sent to the mobile terminal.
After the first authorization message for receiving mobile terminal transmission, the first dynamic authentication codes of generation simultaneously will be described for server First dynamic authentication codes are sent to the mobile terminal, and the mobile terminal to be received and show institute after first dynamic authentication codes State the first dynamic authentication codes.Alternatively, in the present embodiment, dynamic authentication codes include dynamic password, Quick Response Code, three-dimension code, color Any one of code, bar code, black and white code or buphthalmos code, the embodiment of the present invention is not limited.
Step A403:The second authorization message is sent to point of sale POS terminal.
Server sends the second authorization message to POS terminal, and POS terminal to be received and show defeated after second authorization message Enter the prompting of dynamic authentication codes, the dynamic authentication codes for then waiting the server that user input mobile terminal is received to send.
Step A404:Obtain the second dynamic authentication codes that the POS terminal sends.
In a kind of optional embodiment of the present embodiment, the dynamic authentication codes are dynamic password, and POS terminal can connect Receive the second dynamic authentication codes of user input and the second dynamic authentication codes of user input are sent into server and be authenticated.
In another kind of optional embodiment of the present embodiment, the dynamic authentication codes are Quick Response Code, three-dimension code, color During any one in code, bar code, black and white code or buphthalmos code, POS terminal scans the dynamic that the mobile terminal device shows recognizes Card code, is sent to the second dynamic authentication codes information for getting server and is authenticated.
Step A405:Second dynamic authentication codes are verified according to first dynamic authentication codes.
Server is checked second dynamic authentication codes according to first dynamic authentication codes, when described first dynamic When state authentication code is identical with second dynamic authentication codes, user passes through authentication.
Step A406:After determining that second dynamic authentication codes are verified, authentication success message is sent to the POS ends End.
When first dynamic authentication codes are identical with second dynamic authentication codes, user passes through authentication, to institute State POS terminal and send authentication success message, the authentication success message is used to indicate that the POS terminal performs transaction flow;It is no Then, authenticating user identification failure.
In a kind of optional embodiment of the present embodiment, the dynamic authentication codes be dynamic password, authenticating user identification After failure, the server record authentication frequency of failure, when authenticating user identification failure and the identity of described server record When authentification failure number of times is not up to the frequency of failure set in advance, the server to mobile terminal sends configured information, points out User re-enters dynamic password.
In another kind of optional embodiment of the present embodiment, when the dynamic authentication codes are Quick Response Code, three-dimension code, color During any one in code, bar code, black and white code or buphthalmos code, after authenticating user identification failure, server record authentication is lost Lose number of times, when the authentication frequency of failure of authenticating user identification failure and described server record it is not up to set in advance During the frequency of failure, the server to POS terminal sends configured information, points out to rescan the dynamic that the mobile terminal shows Authentication code.
The method flow diagram of the another embodiment of the business confirmation method that Fig. 4 is provided for the present invention.The present embodiment is based on Embodiment shown in Fig. 2, as shown in figure 4, in the present embodiment, step A30 in embodiment illustrated in fig. 2 specifically can include:
Step A4001:The 3rd authorization message is sent to POS terminal.
Server sends the 3rd authorization message to POS terminal, notifies that the authentication of the POS terminal trade company is complete Into POS terminal can initiate the authentication of the user to mobile terminal, with the authenticity of the person's identity that confirms bankcard consumption, prevent Only steal brush.POS terminal is received can initiate authenticating user identification request after the 3rd authorization message.
Alternatively, in the present embodiment, ID of the 3rd authorization message comprising the mobile terminal, wherein institute State ID include it is following in one or more:Phone number, user name, email address.
Step A4002:Receive the ID authentication request information that the POS terminal sends.
Step A4003:The ID authentication request information is sent to the mobile terminal.
Server receives POS terminal and sends ID authentication request information and be forwarded to the ID authentication request information The mobile terminal, wherein, the authenticating user identification solicited message is used to indicate the acquisition for mobile terminal user electronics body Part identification information, mobile terminal shows according to the authenticating user identification solicited message and requires carrying for input PIN PIN Show, point out user to read in the eID information of user's eID carriers by mobile terminal and point out user input PIN code, user eID is carried Body can be loaded in the bank card of user, or is built in the SIM of mobile terminal device or SE security modules.
Step A4004:Obtain user's electronic identifications information that the mobile terminal sends.
Step A4005:User profile corresponding with user's electronic identifications information is sent to the POS terminal.
User is input into PIN code by mobile terminal, and mobile terminal sends user's electronic identifications information to server Afterwards, server lookup user profile corresponding with user's electronic identifications information.Alternatively, user profile includes user's electronics At least one in signature picture, facial photo and credit scoring.Server will be inquired about obtaining with user's electronic identity User profile corresponding to identification information is sent to the POS terminal.
Alternatively, in the present embodiment, POS terminal receive it is described corresponding with user's electronic identifications information User profile after show the user profile to POS terminal operating personnel, believed according to the user for POS terminal operating personnel Breath performs scene and confirms.Transactional operation is performed after POS terminal operating personnel's certification success.Alternatively, transactional operation can include At least one in consumption, account balance inquiry, transaction detail query.
The embodiment of the present invention can realize the two-way authentication of the legitimacy of the legitimacy to POS terminal and trade user, carry The security of transaction is risen.
The method flow diagram of another embodiment of the business confirmation method that Fig. 5 is provided for the present invention.As shown in figure 5, this The business confirmation method that embodiment is provided can be using in the terminal, and mobile terminal includes smart mobile phone, intelligent watch, puts down Plate computer and kneetop computer etc., the business confirmation method that the present embodiment is provided specifically can be recognized with the transaction for being applied to server Card method coordinates to be realized, the process of implementing will not be described here, the business confirmation method that the present embodiment is provided, and specifically include:
Step B10:Obtain trade company's electronic identifications information.
Alternatively, in the present embodiment, mobile terminal can be by close range wireless communication NFC modes from the electricity of the trade company Sub- identity carrier obtains trade company's electronic identifications information.
Step B20:Send trade company's electronic identifications information carries out merchant identification certification to server.
Mobile terminal sends the trade company eID information for getting to server by mobile network or WLAN, By the authenticity and validity of server authentication trade company eID information, and to mobile terminal return authentication result, if certification is lost Lose, server to mobile terminal return authentication failure information, mobile terminal show the information of authentification failure, point out the trade company For illegal trade company.
Alternatively, in the present embodiment, if merchant identification authentification failure, mobile terminal is presented authentification failure and carries to user After showing information, user can terminate subsequent transaction flow process or submit to suspicious information to put on record to associated mechanisms according to information.
Step B30:Receive the merchant information corresponding with trade company's electronic identifications information that the server sends.
Step B40:Show the merchant information.
The server of electronic identity authentication mechanism can provide the identity information service of different levels.For example, to general Mechanism provides only the state (whether before the deadline etc.) of network identity certificate;To the mechanism for having real name laws and regulations requirement, such as bank, Shop etc. further provides for Real Name, and other privacy informations are not provided without exception in addition to holder is voluntary.
Alternatively, in the present embodiment, merchant information includes at least in name of firm, business qualification and business scope Kind.Server sends merchant information corresponding with trade company eID information to the mobile terminal, and mobile terminal displays to the user that institute Merchant information is stated, for user live confirmation is carried out, if the authenticity of customer acceptance merchant information subsequent operation is performed.
Step B50:Receive the confirmation of the user input of mobile terminal.
In the present embodiment, it is true by mobile terminal input after the user scene of mobile terminal confirms that merchant information is errorless Recognize information, the confirmation is in the instruction merchant information by checking.
Step B60:Authorization message is sent to the server.
Alternatively, in the present embodiment, hold consumption user after mobile terminal is completed to merchant identification certification, business Family is also required to be authenticated the identity of user, prevents from stealing the appearance of brush behavior, specifically can be tested by dynamic authentication codes Card, or can be by the way that by the corresponding user profile of user's electronic identifications information, (such as sign electronically picture, facial photo With credit scoring etc.) send to POS terminal and confirm for trade company scene, to examine the true identity of the user of the consumption that holds.
The method flow diagram of another embodiment of the business confirmation method that Fig. 6 is provided for the present invention.The present embodiment is based on Embodiment shown in Fig. 5, as shown in fig. 6, in the present embodiment, also includes after step B50 in embodiment illustrated in fig. 5:
Step B501:Receive the dynamic authentication codes that the server sends;
Step B502:Show the dynamic authentication codes.
Server generates dynamic authentication codes and by the dynamic authentication after the authorization message for receiving mobile terminal transmission Code is sent to the mobile terminal.Alternatively, in the present embodiment, dynamic authentication codes include dynamic password, Quick Response Code, three-dimension code, Any one of color code, bar code, black and white code or buphthalmos code, the embodiment of the present invention is not limited.POS terminal is defeated by user The mode that enters obtains dynamic authentication codes and is committed to server and verified by way of scanning, to examine mobile terminal User identity.
The method flow diagram of another embodiment of the business confirmation method that Fig. 7 is provided for the present invention.The present embodiment is based on Embodiment shown in Fig. 5, as shown in fig. 7, in the present embodiment, also includes after step B50 in embodiment illustrated in fig. 5:
Step B5001:Receive the ID authentication request information that the server sends.
After the completion of the authentication of trade company, server can be to the authentication of the user of mobile terminal, to confirm to swipe the card The authenticity of customer identification, prevents from stealing brush.In the present embodiment, especially by bankcard consumption person's electronic identifications information Certification is come the legitimacy of the identity of the person that determines bankcard consumption.
Step B5002:Shown to the user of the mobile terminal according to the ID authentication request information and require input The prompting of people's identification code PIN.
In the present embodiment, mobile terminal is received after the ID authentication request information, points out user to pass through mobile terminal Read in the eID information of user's eID carriers.Alternatively, eID carriers are that using the eID cards of NFC technique, user is by by eID cards Piece is fitted with mobile terminal and is input into PIN code.Alternatively, eID carriers can be built in the SIM or SE safety of mobile terminal device In module, user can directly input PIN code.
Step B5003:User's electronic identifications information is sent to the server.
User is input into PIN code by mobile terminal, and mobile terminal sends user's electronic identifications information to server Afterwards, server lookup user profile corresponding with user's electronic identifications information.Alternatively, user profile includes user's electronics At least one in signature picture, facial photo and credit scoring.Server will be inquired about obtaining with user's electronic identity User profile corresponding to identification information is sent to the POS terminal.
Alternatively, in the present embodiment, POS terminal receive it is described corresponding with user's electronic identifications information User profile after show the user profile to POS terminal operating personnel, believed according to the user for POS terminal operating personnel Breath performs scene and confirms.Transactional operation is performed after POS terminal operating personnel's certification success.Alternatively, transactional operation can include At least one in consumption, account balance inquiry, transaction detail query.
The embodiment of the present invention can realize the two-way authentication of the legitimacy of the legitimacy to POS terminal and trade user, carry The security of transaction is risen.
The method flow diagram of another embodiment of the business confirmation method that Fig. 8 is provided for the present invention.As shown in figure 8, this The business confirmation method that embodiment is provided can be applied in POS terminal, and the business confirmation method that the present embodiment is provided specifically may be used Realized with coordinating with the business confirmation method for being applied to server and the business confirmation method for being applied to mobile terminal, implemented Process will not be described here, the business confirmation method that the present embodiment is provided, and specifically include:
Step C10:Obtain the ID of trade user.
Alternatively, in the present embodiment, the ID of trade user include it is following in one or more:Cell-phone number Code, user name, email address.
In an optional embodiment of the present embodiment, trade user can be input into user's mark by POS terminal Know.
In another optional embodiment of the present embodiment, the authorization message that POS terminal can be sent with the reception server, ID of the authorization message comprising trade user.
Step C20:ID authentication request information is sent to server.
Trade company needs the authenticity of the identity of the user that the consumption that holds is verified by POS terminal, POS terminal to send identity and recognize To server, server interacts acquisition user's electronic identifications information with the mobile terminal of trade user to card solicited message, and Inquiry user profile corresponding with user's electronic identifications information.
Step C30:Receive the user profile corresponding with user's electronic identifications information that the server sends.
Step C40:Show the user profile.
Server will be inquired about the user profile corresponding with user's electronic identifications information that obtains and be sent to described POS terminal.Alternatively, user profile includes at least one that user signs electronically in picture, facial photo and credit scoring.
Alternatively, in the present embodiment, POS terminal receive it is described corresponding with user's electronic identifications information User profile after show the user profile to POS terminal operating personnel, believed according to the user for POS terminal operating personnel Breath performs scene and confirms.Transactional operation is performed after POS terminal operating personnel's certification success.Alternatively, transactional operation can include At least one in consumption, account balance inquiry, transaction detail query.
Step C50:Receive the confirmation of trade company's input.
Trade company carries out field verification to the user profile, confirms the user profile after checking, by POS terminal Input validation information, indicates that POS terminal performs transactional operation.
Step C60:Perform transactional operation.
Merchant verification hold consumption trade user identity legitimacy after, the executable normal transaction behaviour of POS terminal Make, the transactional operation includes at least one in consumption, account balance inquiry, transaction detail query.
The embodiment of the present invention can realize the certification of the legitimacy to trade user, improve the security of transaction.
In order to better illustrate technical scheme, Fig. 9 and Figure 10 provides the business confirmation method of the present invention The interactive schematic diagram of embodiment, referring to Fig. 9 and Figure 10, comprises the following steps that:
(1). acquisition for mobile terminal trade company electronic identifications information;
(2). mobile terminal sends trade company's electronic identifications information and carries out merchant identification certification to server;
(3). after the server determines that the authentication of the trade company passes through, will believe with trade company's electronic identifications Cease corresponding merchant information to send to the mobile terminal;
(4). the mobile terminal receives the corresponding with trade company's electronic identifications information of the server transmission Merchant information;
(5). the mobile terminal shows the merchant information;
(6). the confirmation of the mobile terminal receiving user's input, the confirmation is used to indicate trade company's letter Breath is by checking;
(7). the server receives the first authorization message that the mobile terminal sends, and first authorization message is used for Indicate
The server is authenticated to the identity of the user of the mobile terminal.
The authentication of the user to mobile terminal is performed after step (7), specifically can be carried out by dynamic authentication codes Certification, referring to Fig. 9, specific implementation step is as follows:
(8). the server generates the first dynamic authentication codes;
(9). the server sends first dynamic authentication codes to the mobile terminal;
(10). the mobile terminal receives the first dynamic authentication codes that the server sends;
(11). the mobile terminal shows first dynamic authentication codes;
(12). the server sends the second authorization message to point of sale POS terminal, and second authorization message is used to refer to Show that the POS terminal shows the prompting for requiring input dynamic authentication codes;
(13). the POS terminal shows the prompting for requiring input dynamic authentication codes;
(14). the POS terminal receives the second dynamic authentication codes of the user input of the mobile terminal;
(15). the server obtains second dynamic authentication codes that the POS terminal sends;
(16). the server is verified according to first dynamic authentication codes to second dynamic authentication codes;
(17). after the server determines that second dynamic authentication codes are verified, authentication success message is sent to institute POS terminal is stated, the authentication success message is used to indicate that the POS terminal performs transactional operation.
The authentication of the user to mobile terminal is performed after step (7), specifically can also be confirmed by trade company scene The mode certification of user profile, referring to Figure 10, specific implementation step is as follows:
(18). the server sends the 3rd authorization message to point of sale POS terminal, and the 3rd authorization message is used to refer to Show that the POS terminal initiates authenticating user identification request;
(19). the server receives the ID authentication request information that the POS terminal sends;
(20). the server sends the ID authentication request information to the mobile terminal, and the authentication please Information is sought for indicating the acquisition for mobile terminal user electronic identifications information;
(21). the mobile terminal requires input PIN PIN's according to the ID authentication request presentation of information Prompting;
(22). the mobile terminal sends user's electronic identifications information to the server, user's electronics body Part identification information is used for server lookup user profile corresponding with user's electronic identifications information, the user Electronic identifications packet PIN code containing user.
(23). the server obtains user's electronic identifications information that the mobile terminal sends;
(24). the server sends user profile corresponding with user's electronic identifications information to the POS Terminal;
(25). the POS terminal receives the user profile;
(26). the POS terminal shows the user profile;
(27). the POS terminal receives the confirmation of trade company's input, and the confirmation is used to indicate user's letter Breath is by checking;
(28). the POS terminal performs transactional operation.
Alternatively, in the present embodiment, the transactional operation is included in consumption, account balance inquiry, transaction detail query It is at least one.
Alternatively, in the present embodiment, the dynamic authentication codes include dynamic password, Quick Response Code, three-dimension code, color code, bar Any one of shape code, black and white code or buphthalmos code.
Alternatively, in the present embodiment, the user profile includes user's electronic signature picture, facial photo and credit scoring In at least one.
Alternatively, in the present embodiment, the merchant information is included in name of firm, business qualification and business scope at least It is a kind of.
Transaction authentication device provided in an embodiment of the present invention can be realized recognizing the two-way of legitimacy of trade user and POS Card, improves the security of transaction.
A kind of composition frame chart of embodiment of the transaction authentication device that Figure 11 is provided for the present invention, the device can realize this What invention any embodiment was provided is applied to each step of the business confirmation method of server, and the process here of implementing is no longer Repeat.Figure 11 is refer to, the device includes:
First acquisition unit 21, for obtaining trade company's electronic identifications information of mobile terminal transmission;
Transmitting element 22, after determining that the authentication of the trade company passes through, will be with trade company's electronic identifications The corresponding merchant information of information is sent to the mobile terminal;
Second acquisition unit 23, for obtaining the first authorization message that the mobile terminal sends;
Authentication unit 24, for being recognized the identity of the user of the mobile terminal according to first authorization message Card.
The composition frame chart of another kind of embodiment of the transaction authentication device that Figure 12 is provided for the present invention.The present embodiment is based on figure Embodiment shown in 11, as shown in figure 12, in the present embodiment, the authentication unit 24 in Fig. 9 includes:
Generation module 210, for generating the first dynamic authentication codes;
First sending module 220, for sending first dynamic authentication codes to the mobile terminal;
Second sending module 230, for sending the second authorization message to point of sale POS terminal, second authorization message For indicating that the POS terminal shows the prompting for requiring input dynamic authentication codes;
First acquisition module 240, for obtaining the second dynamic authentication codes that the POS terminal sends;
Authentication module 250, for being verified to second dynamic authentication codes according to first dynamic authentication codes;
3rd sending module 260, after determining that second dynamic authentication codes are verified, sends authentication success message To the POS terminal, the authentication success message is used to indicate that the POS terminal performs transactional operation.
The composition frame chart of the another embodiment of the transaction authentication device that Figure 13 is provided for the present invention.The present embodiment is based on figure Embodiment shown in 11, as shown in figure 13, in the present embodiment, the authentication unit 24 in Fig. 9 includes:
4th sending module 2410, for sending the 3rd authorization message to point of sale POS terminal, the 3rd authorization message For indicating that the POS terminal initiates authenticating user identification request;
Receiver module 2420, for receiving the ID authentication request information that the POS terminal sends;
5th sending module 2430, for sending the ID authentication request information to the mobile terminal, the identity Certification request information is used to indicate the acquisition for mobile terminal user electronic identifications information;
Second acquisition module 2440, for obtaining user's electronic identifications information that the mobile terminal sends;
6th sending module 2450, for sending user profile corresponding with user's electronic identifications information to institute State POS terminal.
The contents such as information exchange, implementation procedure between each module in said apparatus, due to implementing with the inventive method Example is based on same design, and particular content can be found in the narration in the inventive method embodiment, and here is omitted.
The embodiment of the present invention can realize the two-way authentication of the legitimacy of the legitimacy to POS and holder, improve friendship Easy security.
The composition frame chart of the another embodiment of the transaction authentication device that Figure 14 is provided for the present invention, the device can be realized What any embodiment of the present invention was provided is applied to each step of the business confirmation method of mobile terminal, implements process here Repeat no more.Figure 14 is refer to, the device includes:
Acquiring unit 31, for obtaining trade company's electronic identifications information;
First transmitting element 32, recognizes for sending trade company's electronic identifications information to server and carrying out merchant identification Card;
First receiving unit 33, for receiving the corresponding with trade company's electronic identifications information of the server transmission Merchant information;
First display unit 34, for showing the merchant information;
Second receiving unit 35, for receiving the confirmation of the user input of mobile terminal, the confirmation is used for Indicate the merchant information by checking;
Second transmitting element 36, for sending authorization message to the server, the authorization message is described for indicating POS terminal performs transactional operation.
In the present embodiment, acquiring unit 31 specifically for:By close range wireless communication NFC modes from the electricity of the trade company Sub- identity carrier obtains trade company's electronic identifications information.
The composition frame chart of the another embodiment of the transaction authentication device that Figure 15 is provided for the present invention.The present embodiment is based on figure Embodiment shown in 14, as shown in figure 15, in the present embodiment, the device shown in Figure 14 also includes:
3rd receiving unit 37, for receiving the dynamic authentication codes that the server sends;
Second display unit 38, for showing the dynamic authentication codes.
The composition frame chart of another embodiment of the transaction authentication device that Figure 16 is provided for the present invention.The present embodiment is based on figure Embodiment shown in 14, as shown in figure 16, in the present embodiment, the device shown in Figure 14 also includes:
4th receiving unit 370, for receiving the ID authentication request information that the server sends;
3rd display unit 380, for being shown to the user of the mobile terminal according to the ID authentication request information Require the prompting of input PIN PIN;
3rd transmitting element 390, for sending user's electronic identifications information to the server, user's electronics Identification information is used for server lookup user profile corresponding with user's electronic identifications information, the use Family electronic identifications packet PIN code containing user.
The composition frame chart of another embodiment of the transaction authentication device that Figure 17 is provided for the present invention, the device can be realized What any embodiment of the present invention was provided is applied to each step of the business confirmation method of POS terminal, implements process here Repeat no more.Figure 17 is refer to, the device includes:
Acquiring unit 41, for obtaining the ID of trade user;
First transmitting element 42, for sending ID authentication request information to server, the ID authentication request information For indicating that the server is authenticated to user's electronic identifications information, and the ID authentication request packet contains institute State ID;
First receiving unit 43, for receiving the corresponding with user's electronic identifications information of the server transmission User profile;
Display unit 44, for showing the user profile;
Second receiving unit 45, for receiving the confirmation of trade company's input, the confirmation is used to indicate the use Family information is by checking;
Transaction unit 46, for performing transactional operation, the transactional operation includes that consumption, account balance inquiry, transaction are bright Go through at least one in asking.
The contents such as information exchange, implementation procedure between each module in said apparatus, due to implementing with the inventive method Example is based on same design, and particular content can be found in the narration in the inventive method embodiment, and here is omitted.
Transaction authentication device provided in an embodiment of the present invention can realize the certification of the legitimacy to trade user, improve The security of transaction.
Figure 18 is a kind of structural representation of server provided in an embodiment of the present invention, refer to Figure 18, the server bag Include:
Processor 502, communication unit 504, memory 503 and bus 501;
Communication unit 504 includes the hardware of such as transceiver etc, and can be wired or wireless communication unit.Communication Unit 504 can include in mobile communication module, WLAN module and/or near-field communication (NFC) module at least according to its performance One.
Memory 503 can store the machine of the application program (such as video communication, game etc.) including various functions can Perform code, data etc..
Bus 501 can be that (for example, processor 502, communication unit 504, deposit by the inscape included by mobile terminal Reservoir 503) it is connected with each other, and make the circuit for realizing communicating between inscape.
Processor 502 be used for execute instruction (for example, from user interface 604 obtain instruction), interrupt processing, timing and its His function.In addition, processor 602 can further include GPU (graphic processing unit).
The processor 502 calls and is stored in the instruction in the memory 503 to realize:Obtain what mobile terminal sent Trade company's electronic identifications information;Authentication is carried out to trade company according to trade company's electronic identifications information;Obtain described The first authorization message that mobile terminal sends, is carried out according to first authorization message to the identity of the user of the mobile terminal Certification.
The communication unit 504 is used for:After the authentication of the trade company passes through, will be with trade company's electronic identity mark The corresponding merchant information of knowledge information is sent to the mobile terminal.
Alternatively, in the present embodiment, the merchant information is included in name of firm, business qualification and business scope at least It is a kind of.
In an optional embodiment of the present embodiment, to the user's of mobile terminal by the way of dynamic authentication codes Identity is authenticated, and specific embodiment is as follows:
The processor 502 is used to generate the first dynamic authentication codes;
The communication unit 504 is used for:First dynamic authentication codes are sent to the mobile terminal;Send second to authorize To point of sale POS terminal, second authorization message is used to indicate that the POS terminal shows requirement input dynamic authentication codes information Prompting;Obtain the second dynamic authentication codes that the POS terminal sends;
The processor 502 is additionally operable to:Second dynamic authentication codes are tested according to first dynamic authentication codes Card;
The communication unit 504 is used for:After second dynamic authentication codes are verified, authentication success message is sent extremely The POS terminal, the authentication success message is used to indicate that the POS terminal performs transactional operation.
Alternatively, in the present embodiment, the transactional operation is included in consumption, account balance inquiry, transaction detail query It is at least one.
Alternatively, in the present embodiment, the dynamic authentication codes include dynamic password, Quick Response Code, three-dimension code, color code, bar Any one of shape code, black and white code or buphthalmos code.
In another optional embodiment of the present embodiment, to movement by the way of trade company's scene verification user profile The identity of the user of terminal is authenticated, and concrete scheme is as follows:
The communication unit is used for:The 3rd authorization message is sent to point of sale POS terminal, the 3rd authorization message is used for Indicate that the POS terminal initiates authenticating user identification request;Receive the ID authentication request information that the POS terminal sends;Send out Send the ID authentication request information to the mobile terminal, the ID authentication request information is used to indicate the mobile terminal Obtain user's electronic identifications information;Obtain user's electronic identifications information that the mobile terminal sends;Send User profile corresponding with user's electronic identifications information is to the POS terminal.
Alternatively, in the present embodiment, ID of the 3rd authorization message comprising the mobile terminal, wherein described ID include it is following in one or more:Phone number, user name, email address.
Alternatively, in the present embodiment, the user profile includes user's electronic signature picture, facial photo and credit scoring In at least one.
Server provided in an embodiment of the present invention can realize that the two-way of the legitimacy of the legitimacy to POS and holder is recognized Card, improves the security of transaction.
Figure 19 is a kind of structural representation of mobile terminal provided in an embodiment of the present invention, refer to Figure 19, the movement end End includes:
Bus 601, processor 602, display unit 603, user interface 604, memory 605, communication unit 606;
In the present embodiment, mobile terminal can include smart phone, cell phone, notebook, laptop computer, flat board Any one in personal computer (PC), personal media player (PMP), personal digital assistant (PDA) etc., the present embodiment pair This is not limited.
Communication unit 606 includes the hardware of such as transceiver etc, and can be wired or wireless communication unit.Communication Unit 106 can include in mobile communication module, WLAN module and/or near-field communication (NFC) module at least according to its performance One.
The display image on screen of display unit 603, it is possible to use liquid crystal display (LCD), touch-screen etc..Touch-screen is used In display image, and when the user input apparatus of such as finger or pointer etc touch the surface of touch-screen, produce button Touch and interrupt.
The receiving user's input of user interface 604 provides a user with information, and can include hardware, for example but does not limit to Any one in multiple buttons, microphone, loudspeaker, vibrating motor, connector, keypad, touch-screen etc..
Memory 605 can store the machine of the application program (such as video communication, game etc.) including various functions can Perform code, data etc..
Bus 601 can be that (for example, processor 602, display unit 603 are used by the inscape included by mobile terminal Family interface 604, memory 605, communication unit 606) it is connected with each other, and make the circuit for realizing communicating between inscape.
Processor 602 be used for execute instruction (for example, from user interface 604 obtain instruction), interrupt processing, timing and its His function.In addition, processor 602 can further include GPU (graphic processing unit).
The communication unit 606, is used for:Obtain trade company's electronic identifications information;Send trade company's electronic identity mark Knowledge information to server carries out merchant identification certification;Receive the server sending with trade company's electronic identifications information Corresponding merchant information;Authorization message is sent to the server, the authorization message is used to indicate the server to described The identity of the user of mobile terminal is authenticated.
Alternatively, in the present embodiment, the merchant information is included in name of firm, business qualification and business scope at least It is a kind of.
Alternatively, in the present embodiment, the communication unit 606 specifically for:By close range wireless communication NFC modes from The electronic identifications carrier of the trade company obtains trade company's electronic identifications information.
The display unit, for showing the merchant information;
The user interface, for receiving the confirmation of the user input of mobile terminal, the confirmation is used to refer to Show the merchant information by checking.
In an optional embodiment of the present embodiment, to the user's of mobile terminal by the way of dynamic authentication codes Identity is authenticated, and specific embodiment is as follows:
The communication unit 606 is additionally operable to:Receive the dynamic authentication codes that the server sends;
The display unit 603 is additionally operable to:Show the dynamic authentication codes.
Alternatively, in the present embodiment, the dynamic authentication codes include dynamic password, Quick Response Code, three-dimension code, color code, bar Any one of shape code, black and white code or buphthalmos code.
In another optional embodiment of the present embodiment, to movement by the way of trade company's scene verification user profile The identity of the user of terminal is authenticated, and concrete scheme is as follows:
The communication unit 606 is additionally operable to:Receive the ID authentication request information that the server sends;
The display unit 603 is additionally operable to:Shown to the user of the mobile terminal according to the ID authentication request information Show that requirement is input into the prompting of PIN PIN;
The communication unit 606 is additionally operable to:User's electronic identifications information is sent to the server, user's electricity Sub- identification information is used for server lookup user profile corresponding with user's electronic identifications information, described User electronic identifications packet PIN containing user.
Alternatively, in the present embodiment, the user profile includes user's electronic signature picture, facial photo and credit scoring In at least one.
Mobile terminal provided in an embodiment of the present invention can realize the two-way authentication to trade user and trade company, improve friendship The security of easy process.
Figure 20 is a kind of structural representation of POS terminal provided in an embodiment of the present invention, refer to Figure 20, the POS terminal Including:
Bus 701, processor 702, display unit 703, user interface 704, memory 705, communication unit 706;
In the present embodiment, POS terminal includes that POS, Mobile POS Terminal (mobile POS, mPOS) etc. have to swipe the card and disappears Take the electronic equipment of function, the present embodiment is not limited this.
Communication unit 706 includes the hardware of such as transceiver etc, and can be wired or wireless communication unit.Communication Unit 106 can include in mobile communication module, WLAN module and/or near-field communication (NFC) module at least according to its performance One.
The display image on screen of display unit 703, it is possible to use liquid crystal display (LCD), touch-screen etc..Touch-screen is used In display image, and when the user input apparatus of such as finger or pointer etc touch the surface of touch-screen, produce button Touch and interrupt.
The receiving user's input of user interface 704 provides a user with information, and can include hardware, for example but does not limit to Any one in multiple buttons, microphone, loudspeaker, vibrating motor, connector, keypad, touch-screen etc..
Memory 705 can store the machine of the application program (such as video communication, game etc.) including various functions can Perform code, data etc..
Bus 701 can be that (for example, processor 702, display unit 703 are used by the inscape included by mobile terminal Family interface 704, memory 705, communication unit 706) it is connected with each other, and make the circuit for realizing communicating between inscape.
Processor 702 be used for execute instruction (for example, from user interface 704 obtain instruction), interrupt processing, timing and its His function.In addition, processor 702 can further include GPU (graphic processing unit).
The communication unit 706 is used for:Obtain the ID of trade user;ID authentication request information is sent to service Device, the ID authentication request information is used to indicate that the server is authenticated user's electronic identifications information, and institute ID authentication request packet is stated containing the ID;Receive the server sending with user's electronic identifications The corresponding user profile of information;
Alternatively, in the present embodiment, the user profile includes user's electronic signature picture, facial photo and credit scoring In at least one.
The display unit 703, for showing the user profile;
The user interface 704, for receiving the confirmation of trade company's input, the confirmation is used to indicate the use Family information is by checking;
The processor 702, for performing transactional operation, the transactional operation includes consumption, account balance inquiry, transaction At least one in detail inquiry.
In an optional embodiment in the present embodiment, trade user input can be received by user interface 704 ID.
In another optional embodiment in the present embodiment, by awarding that the reception server of communication unit 706 sends Power information, the authorization message comprising trade user ID, wherein, the ID include it is following in one or It is multinomial:Phone number, user name, email address.
POS terminal provided in an embodiment of the present invention can realize the certification to trade user, improve the peace of process of exchange Quan Xing.
For perform the present invention above-mentioned server, mobile terminal, POS terminal processor can be central processing unit (CPU), general processor, digital signal processor (DSP), special IC (ASIC), field programmable gate array (FPGA) or other PLDs, transistor logic, hardware component or its any combination.It can be realized Or execution is with reference to the various exemplary logic block described by the disclosure of invention, module and circuit.The processor Can be the combination for realizing computing function, for example, combine comprising one or more microprocessors, combination of DSP and microprocessor etc. Deng.
The step of method or algorithm with reference to described by the disclosure of invention, can be realized in the way of hardware, also may be used By be by computing device software instruction in the way of realizing.Software instruction can be made up of corresponding software module, software mould Block can be stored on RAM memory, flash memory, ROM memory, eprom memory, eeprom memory, register, hard disk, In the storage medium of portable hard drive, CD-ROM or any other form well known in the art.A kind of exemplary storage medium Coupled to processor, so as to enable a processor to from the read information, and can be to the storage medium write information.When So, storage medium can also be the part of processor.Processor and storage medium may be located in ASIC.In addition, should ASIC may be located in user equipment.Certainly, processor and storage medium can also be present in user equipment as discrete assembly In.
Those skilled in the art it will be appreciated that in said one or multiple examples, work(described in the invention Be able to can be realized with hardware, software, firmware or their any combination.When implemented in software, can be by these functions It is stored in computer-readable medium or is transmitted as one or more instructions on computer-readable medium or code. Computer-readable medium includes computer-readable storage medium and communication media, and wherein communication media includes being easy to from a place to another Any medium of one place transmission computer program.Storage medium can be universal or special computer can access it is any Usable medium.
Above-described specific embodiment, has been carried out further to the purpose of the present invention, technical scheme and beneficial effect Describe in detail, should be understood that the specific embodiment that the foregoing is only the present invention, be not intended to limit the present invention Protection domain, all any modification, equivalent substitution and improvements on the basis of technical scheme, done etc. all should It is included within protection scope of the present invention.

Claims (52)

1. a kind of business confirmation method, it is characterised in that include:
Obtain trade company's electronic identifications information that mobile terminal sends;
After determining that the authentication of the trade company passes through, merchant information corresponding with trade company's electronic identifications information is sent out Deliver to the mobile terminal;
Obtain the first authorization message that the mobile terminal sends;
The identity of the user of the mobile terminal is authenticated according to first authorization message.
2. the method for claim 1, it is characterised in that it is described according to first authorization message to the mobile terminal The identity of user be authenticated including:
Generate the first dynamic authentication codes;
First dynamic authentication codes are sent to the mobile terminal;
The second authorization message is sent to point of sale POS terminal, second authorization message is wanted for indicating that the POS terminal shows Ask the prompting of input dynamic authentication codes;
Obtain the second dynamic authentication codes that the POS terminal sends;
Second dynamic authentication codes are verified according to first dynamic authentication codes;
After determining that second dynamic authentication codes are verified, send authentication success message to the POS terminal, the certification into Work(information is used to indicate that the POS terminal performs transactional operation.
3. the method for claim 1, it is characterised in that it is described according to first authorization message to the mobile terminal The identity of user be authenticated including:
The 3rd authorization message is sent to point of sale POS terminal, the 3rd authorization message is used to indicate that the POS terminal is initiated to use Family ID authentication request;
Receive the ID authentication request information that the POS terminal sends;
The ID authentication request information is sent to the mobile terminal, the ID authentication request information is used to indicate the shifting Dynamic terminal obtains user's electronic identifications information;
Obtain user's electronic identifications information that the mobile terminal sends;
User profile corresponding with user's electronic identifications information is sent to the POS terminal.
4. method as claimed in claim 2, it is characterised in that the transactional operation includes consumption, account balance inquiry, transaction At least one in detail inquiry.
5. method as claimed in claim 2, it is characterised in that:
The dynamic authentication codes are included in dynamic password, Quick Response Code, three-dimension code, color code, bar code, black and white code or buphthalmos code Any one.
6. method as claimed in claim 3, it is characterised in that user of the 3rd authorization message comprising the mobile terminal Mark, wherein the ID include it is following in one or more:Phone number, user name, email address.
7. method as claimed in claim 3, it is characterised in that:
The user profile includes at least one that user signs electronically in picture, facial photo and credit scoring.
8. the method as described in claim 1 to 7 is arbitrary, it is characterised in that:
The merchant information includes at least one in name of firm, business qualification and business scope.
9. a kind of business confirmation method, it is characterised in that include:
Obtain trade company's electronic identifications information;
Send trade company's electronic identifications information carries out merchant identification certification to server;
Receive the merchant information corresponding with trade company's electronic identifications information that the server sends;
Show the merchant information;
The confirmation of the user input of mobile terminal is received, the confirmation is used to indicate the merchant information by testing Card;
Authorization message is sent to the server, the authorization message is used to indicate use of the server to the mobile terminal The identity at family is authenticated.
10. method as claimed in claim 9, it is characterised in that the acquisition trade company electronic identifications information, including:
Trade company's electronic identifications are obtained from the electronic identifications carrier of the trade company by close range wireless communication NFC modes Information.
11. methods as claimed in claim 9, it is characterised in that after the transmission authorization message to the server, also wrap Include:
Receive the dynamic authentication codes that the server sends;
Show the dynamic authentication codes.
12. methods as claimed in claim 9, it is characterised in that after the transmission authorization message to the server, also wrap Include:
Receive the ID authentication request information that the server sends;
Shown to the user of the mobile terminal according to the ID authentication request information and require carrying for input PIN PIN Show;
User's electronic identifications information is sent to the server, user's electronic identifications information is used for the service Device inquires about user profile corresponding with user's electronic identifications information, and user's electronic identifications packet is containing use Family PIN code.
13. methods as claimed in claim 11, it is characterised in that:
The dynamic authentication codes are included in dynamic password, Quick Response Code, three-dimension code, color code, bar code, black and white code or buphthalmos code Any one.
14. methods as claimed in claim 12, it is characterised in that:
The user profile includes at least one that user signs electronically in picture, facial photo and credit scoring.
15. methods as described in claim 9 to 14 is arbitrary, it is characterised in that:
The merchant information includes at least one in name of firm, business qualification and business scope.
16. a kind of business confirmation methods, it is characterised in that include:
Obtain the ID of trade user;
ID authentication request information is sent to server, the ID authentication request information is used to indicate the server to transaction The electronic identifications information of user is authenticated, and the ID authentication request packet contains the ID;
Receive the user profile corresponding with the electronic identifications information of the trade user that the server sends;
Show the user profile;
The confirmation of trade company's input is received, the confirmation is used to indicate the user profile by checking;
Transactional operation is performed, the transactional operation includes at least one in consumption, account balance inquiry, transaction detail query.
17. methods as claimed in claim 16, it is characterised in that the ID of the acquisition trade user includes:
Receive the ID of trade user input;Or,
The authorization message that the reception server sends, ID of the authorization message comprising trade user;Wherein, the user Mark include it is following in one or more:Phone number, user name, email address.
18. methods as claimed in claim 16, it is characterised in that the user profile includes user's electronic signature picture, face At least one in portion's photo and credit scoring.
19. a kind of business confirmation methods, it is characterised in that include:
Acquisition for mobile terminal trade company electronic identifications information;
Mobile terminal sends trade company's electronic identifications information and carries out merchant identification certification to server;
After the server determines that the authentication of the trade company passes through, will be corresponding with trade company's electronic identifications information Merchant information is sent to the mobile terminal;
The mobile terminal receives the merchant information corresponding with trade company's electronic identifications information that the server sends;
The mobile terminal shows the merchant information;
The confirmation of the mobile terminal receiving user's input, the confirmation is used to indicate the merchant information by testing Card;
The server receives the first authorization message that the mobile terminal sends, and first authorization message is described for indicating Server is authenticated to the identity of the user of the mobile terminal.
20. methods as claimed in claim 19, it is characterised in that the server receives first that the mobile terminal sends After authorization message, also include:
The server generates the first dynamic authentication codes;
The server sends first dynamic authentication codes to the mobile terminal;
The mobile terminal receives the first dynamic authentication codes that the server sends;
The mobile terminal shows first dynamic authentication codes;
The server sends the second authorization message to point of sale POS terminal, and second authorization message is used to indicate the POS Terminal shows the prompting for requiring input dynamic authentication codes;
The POS terminal shows the prompting for requiring input dynamic authentication codes;
The POS terminal receives the second dynamic authentication codes of the user input of the mobile terminal;
The server obtains second dynamic authentication codes that the POS terminal sends;
The server is verified according to first dynamic authentication codes to second dynamic authentication codes;
After the server determines that second dynamic authentication codes are verified, authentication success message is sent to the POS terminal, The authentication success message is used to indicate that the POS terminal performs transactional operation.
21. methods as claimed in claim 19, it is characterised in that the server receives first that the mobile terminal sends After authorization message, also include:
The server sends the 3rd authorization message to point of sale POS terminal, and the 3rd authorization message is used to indicate the POS Terminal initiates authenticating user identification request;
The server receives the ID authentication request information that the POS terminal sends;
The server sends the ID authentication request information to the mobile terminal, and the ID authentication request information is used for Indicate the acquisition for mobile terminal user electronic identifications information;
The mobile terminal requires the prompting of input PIN PIN according to the ID authentication request presentation of information;
The mobile terminal sends user's electronic identifications information to the server, user's electronic identifications information For server lookup user profile corresponding with user's electronic identifications information, user's electronic identity mark Know packet PIN code containing user;
The server obtains user's electronic identifications information that the mobile terminal sends;
The server sends user profile corresponding with user's electronic identifications information to the POS terminal;
The POS terminal receives the user profile;
The POS terminal shows the user profile;
The POS terminal receives the confirmation of trade company's input, and the confirmation is used to indicate the user profile by testing Card;The POS terminal performs transactional operation.
22. methods as described in claim 20 or 21, it is characterised in that the transactional operation includes that consumption, account balance are looked into At least one in inquiry, transaction detail query.
23. methods as claimed in claim 20, it is characterised in that:
The dynamic authentication codes are included in dynamic password, Quick Response Code, three-dimension code, color code, bar code, black and white code or buphthalmos code Any one.
24. methods as claimed in claim 21, it is characterised in that:
The user profile includes at least one that user signs electronically in picture, facial photo and credit scoring.
25. methods as described in claim 19 to 24 is arbitrary, it is characterised in that:
The merchant information includes at least one in name of firm, business qualification and business scope.
26. a kind of transaction authentication devices, it is characterised in that include:
First acquisition unit, for obtaining trade company's electronic identifications information of mobile terminal transmission;
Transmitting element, after determining that the authentication of the trade company passes through, will be with trade company's electronic identifications information pair The merchant information answered is sent to the mobile terminal;
Second acquisition unit, for obtaining the first authorization message that the mobile terminal sends;
Authentication unit, for being authenticated to the identity of the user of the mobile terminal according to first authorization message.
27. devices as claimed in claim 26, it is characterised in that the authentication unit includes:
Generation module, for generating the first dynamic authentication codes;
First sending module, for sending first dynamic authentication codes to the mobile terminal;
Second sending module, for sending the second authorization message to point of sale POS terminal, second authorization message is used to indicate The POS terminal shows the prompting for requiring input dynamic authentication codes;
First acquisition module, for obtaining the second dynamic authentication codes that the POS terminal sends;
Authentication module, for being verified to second dynamic authentication codes according to first dynamic authentication codes;
3rd sending module, after determining that second dynamic authentication codes are verified, sends authentication success message to described POS terminal, the authentication success message is used to indicate that the POS terminal performs transactional operation.
28. devices as claimed in claim 26, it is characterised in that the authentication unit includes:
4th sending module, for sending the 3rd authorization message to point of sale POS terminal, the 3rd authorization message is used to indicate The POS terminal initiates authenticating user identification request;
Receiver module, for receiving the ID authentication request information that the POS terminal sends;
5th sending module, for sending the ID authentication request information to the mobile terminal, the ID authentication request Information is used to indicate the acquisition for mobile terminal user electronic identifications information;
Second acquisition module, for obtaining user's electronic identifications information that the mobile terminal sends;
6th sending module, for sending user profile corresponding with user's electronic identifications information to the POS ends End.
29. a kind of transaction authentication devices, it is characterised in that include:
Acquiring unit, for obtaining trade company's electronic identifications information;
First transmitting element, merchant identification certification is carried out for sending trade company's electronic identifications information to server;
First receiving unit, for receiving the trade company corresponding with trade company's electronic identifications information that the server sends Information;
First display unit, for showing the merchant information;
Second receiving unit, for receiving the confirmation of the user input of mobile terminal, the confirmation is used to indicate institute Merchant information is stated by checking;
Second transmitting element, for sending authorization message to the server, the authorization message is used to indicate the server The identity of the user of the mobile terminal is authenticated.
30. devices as claimed in claim 29, it is characterised in that the acquiring unit specifically for:
Trade company's electronic identifications are obtained from the electronic identifications carrier of the trade company by close range wireless communication NFC modes Information.
31. devices as claimed in claim 29, it is characterised in that described device also includes:
3rd receiving unit, for receiving the dynamic authentication codes that the server sends;
Second display unit, for showing the dynamic authentication codes.
32. devices as claimed in claim 29, it is characterised in that described device also includes:4th receiving unit, for receiving The ID authentication request information that the server sends;
3rd display unit, for showing to the user of the mobile terminal according to the ID authentication request information input is required The prompting of PIN PIN;
3rd transmitting element, for sending user's electronic identifications information to the server, user's electronic identity mark Knowledge information is used for server lookup user profile corresponding with user's electronic identifications information, user's electronics Identification information includes user's PIN code.
33. a kind of transaction authentication devices, it is characterised in that include:
Acquiring unit, for obtaining the ID of trade user;
First transmitting element, for sending ID authentication request information to server, the ID authentication request information is used to refer to Show that the server is authenticated to user's electronic identifications information, and the ID authentication request packet contains the user Mark;
First receiving unit, for receiving the user corresponding with user's electronic identifications information that the server sends Information;
Display unit, for showing the user profile;
Second receiving unit, for receiving the confirmation of trade company's input, the confirmation is used to indicate the user profile By checking;
Transaction unit, for performing transactional operation, the transactional operation includes consumption, account balance inquiry, transaction detail query In at least one.
34. devices as claimed in claim 33, it is characterised in that the ID of the acquisition trade user, including:
Receive the ID of trade user input;Or,
The authorization message that the reception server sends, ID of the authorization message comprising trade user;Wherein described user Mark include it is following in one or more:Phone number, user name, email address.
35. a kind of servers, it is characterised in that include:Processor, communication unit, memory and bus;
Wherein described processor, the communication unit and the memory pass through the bus bar;
The memory, for store instruction or data;
The processor calls storage instruction in which memory to realize:Obtain trade company's electronics body that mobile terminal sends Part identification information;Authentication is carried out to trade company according to trade company's electronic identifications information;Obtain the mobile terminal to send out The first authorization message sent;The identity of the user of the mobile terminal is authenticated according to first authorization message;
The communication unit is used for:After the authentication of the trade company passes through, will be with trade company's electronic identifications information Corresponding merchant information is sent to the mobile terminal.
36. servers as claimed in claim 35, it is characterised in that it is described according to first authorization message to the movement The identity of the user of terminal is authenticated, including:
Generate the first dynamic authentication codes;
First dynamic authentication codes are sent to the mobile terminal;
The second authorization message is sent to point of sale POS terminal, second authorization message is wanted for indicating that the POS terminal shows Ask the prompting of input dynamic authentication codes;
Obtain the second dynamic authentication codes that the POS terminal sends;
Second dynamic authentication codes are verified according to first dynamic authentication codes;
After determining that second dynamic authentication codes are verified, send authentication success message to the POS terminal, the certification into Work(information is used to indicate that the POS terminal performs transactional operation.
37. servers as claimed in claim 35, it is characterised in that it is described according to first authorization message to the movement The identity of the user of terminal is authenticated, including:
The 3rd authorization message is sent to point of sale POS terminal, the 3rd authorization message is used to indicate that the POS terminal is initiated to use Family ID authentication request;
Receive the ID authentication request information that the POS terminal sends;
The ID authentication request information is sent to the mobile terminal, the ID authentication request information is used to indicate the shifting Dynamic terminal obtains user's electronic identifications information;
Obtain user's electronic identifications information that the mobile terminal sends;
User profile corresponding with user's electronic identifications information is sent to the POS terminal.
38. servers as claimed in claim 36, it is characterised in that the transactional operation include consumption, account balance inquiry, At least one in transaction detail query.
39. servers as claimed in claim 36, it is characterised in that:
The dynamic authentication codes are included in dynamic password, Quick Response Code, three-dimension code, color code, bar code, black and white code or buphthalmos code Any one.
40. servers as claimed in claim 37, it is characterised in that the 3rd authorization message includes the mobile terminal ID, wherein the ID include it is following in one or more:Phone number, user name, email address.
41. servers as claimed in claim 37, it is characterised in that:
The user profile includes at least one that user signs electronically in picture, facial photo and credit scoring.
42. methods as described in claim 35 to 41 is arbitrary, it is characterised in that:
The merchant information includes at least one in name of firm, business qualification and business scope.
43. a kind of mobile terminals, it is characterised in that include:Processor, communication unit, display unit, user interface, memory And bus;
Wherein described processor, the communication unit, the display unit, the user interface and the memory are by described Bus bar;
The memory, for store instruction or data;
The communication unit, is used for:Obtain trade company's electronic identifications information;Send trade company's electronic identifications information extremely Server carries out merchant identification certification;Receive the business corresponding with trade company's electronic identifications information that the server sends Family information;Authorization message is sent to the server, the authorization message is used to indicate the server to the mobile terminal The identity of user be authenticated.
The display unit, for showing the merchant information;
The user interface, for receiving the confirmation of the user input of mobile terminal, the confirmation is used to indicate institute Merchant information is stated by checking.
44. mobile terminals as claimed in claim 43, it is characterised in that the acquisition trade company electronic identifications information, bag Include:
Trade company's electronic identifications are obtained from the electronic identifications carrier of the trade company by close range wireless communication NFC modes Information.
45. mobile terminals as claimed in claim 43, it is characterised in that
The communication unit is additionally operable to:Receive the dynamic authentication codes that the server sends;
The display unit is additionally operable to:Show the dynamic authentication codes.
46. mobile terminals as claimed in claim 43, it is characterised in that
The communication unit is additionally operable to:Receive the ID authentication request information that the server sends;
The display unit is additionally operable to:Shown to the user of the mobile terminal according to the ID authentication request information require it is defeated Enter the prompting of PIN PIN;
The communication unit is additionally operable to:User's electronic identifications information is sent to the server, user's electronic identity Identification information is used for server lookup user profile corresponding with user's electronic identifications information, user's electricity Sub- identification information includes user's PIN code.
47. mobile terminals as claimed in claim 45, it is characterised in that:
The dynamic authentication codes are included in dynamic password, Quick Response Code, three-dimension code, color code, bar code, black and white code or buphthalmos code Any one.
48. mobile terminals as claimed in claim 46, it is characterised in that:
The user profile includes at least one that user signs electronically in picture, facial photo and credit scoring.
49. mobile terminals as described in claim 43 to 48 is arbitrary, it is characterised in that:
The merchant information includes at least one in name of firm, business qualification and business scope.
50. a kind of POS terminals, it is characterised in that include:Processor, communication unit, display unit, user interface, memory and Bus;
Wherein described processor, the communication interface and the memory pass through the bus bar;
The memory, for store instruction or data;
The communication unit is used for:Obtain the ID of trade user;ID authentication request information is sent to server, it is described ID authentication request information is used to indicate that the server is authenticated user's electronic identifications information, and the identity is recognized Card solicited message includes the ID;Receive the corresponding with user's electronic identifications information of the server transmission User profile;
The display unit, for showing the user profile;
The user interface, for receiving the confirmation of trade company's input, the confirmation is used to indicate the user profile By checking;
The processor, for performing transactional operation, the transactional operation includes that consumption, account balance inquiry, transaction details are looked into At least one in inquiry.
51. POS terminals as claimed in claim 50, it is characterised in that the ID of the acquisition trade user includes:
Receive the ID of trade user input;Or,
The authorization message that the reception server sends, ID of the authorization message comprising trade user;Wherein, the user Mark include it is following in one or more:Phone number, user name, email address.
52. POS terminals as claimed in claim 50, it is characterised in that the user profile include user electronic signature picture, At least one in facial photo and credit scoring.
CN201580050445.3A 2015-11-16 2015-11-16 Transaction authentication method and device, mobile terminal, POS terminal and server Active CN106688004B (en)

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
PCT/CN2015/094714 WO2017084013A1 (en) 2015-11-16 2015-11-16 Transaction authentication method, device, mobile terminal, pos terminal and server

Publications (2)

Publication Number Publication Date
CN106688004A true CN106688004A (en) 2017-05-17
CN106688004B CN106688004B (en) 2021-02-09

Family

ID=58717158

Family Applications (1)

Application Number Title Priority Date Filing Date
CN201580050445.3A Active CN106688004B (en) 2015-11-16 2015-11-16 Transaction authentication method and device, mobile terminal, POS terminal and server

Country Status (2)

Country Link
CN (1) CN106688004B (en)
WO (1) WO2017084013A1 (en)

Cited By (15)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN108229231A (en) * 2018-01-03 2018-06-29 中国工商银行股份有限公司 A kind of POS inspection devices, system and method based on RFID
WO2018210097A1 (en) * 2017-05-19 2018-11-22 威富通科技有限公司 Method and device for execution transaction mode by classification
CN108985769A (en) * 2017-06-05 2018-12-11 万事达卡国际公司 Enhance the system and method for user authentication
CN109285004A (en) * 2017-07-20 2019-01-29 上海方付通商务服务有限公司 Business confirmation method and system based on mobile network's terminal
CN109284999A (en) * 2017-07-20 2019-01-29 上海方付通商务服务有限公司 Business confirmation method and system based on mobile network's terminal
CN109598663A (en) * 2018-11-16 2019-04-09 阿里巴巴集团控股有限公司 There is provided and obtain the method and device of secure identity information
CN109919594A (en) * 2019-02-26 2019-06-21 苏州盛迪通电子科技有限公司 A kind of pos electromechanics authentication subprocess method of commerce
CN110135137A (en) * 2019-05-08 2019-08-16 北京科蓝软件系统股份有限公司 A kind of mobile device-based network identity validation method and device
CN110278180A (en) * 2018-03-16 2019-09-24 上海方付通商务服务有限公司 Exchange method, device, equipment and the storage medium of Financial Information
CN110880114A (en) * 2019-10-28 2020-03-13 淮安信息职业技术学院 Transaction protection system and method based on block chain
CN112001720A (en) * 2020-07-03 2020-11-27 拉卡拉支付股份有限公司 mPOS machine and data processing method thereof
CN112200586A (en) * 2020-11-16 2021-01-08 支付宝(杭州)信息技术有限公司 Identity authentication method and device
CN113095856A (en) * 2021-04-23 2021-07-09 广东电网有限责任公司电力调度控制中心 Electric power market trading method and platform
CN113592346A (en) * 2021-08-11 2021-11-02 北京金和网络股份有限公司 Commodity circulation method and device
WO2022048318A1 (en) * 2020-09-03 2022-03-10 深圳市百富智能新技术有限公司 Method for establishing communication channel, and user terminal

Families Citing this family (5)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN108667622B (en) * 2018-05-21 2022-02-22 平安科技(深圳)有限公司 Electronic signature authentication method, system, computer device and storage medium
CN111343133B (en) * 2018-12-19 2022-05-13 中移物联网有限公司 Authentication method, authentication equipment and computer readable storage medium
CN111491295A (en) * 2020-04-13 2020-08-04 佛山职业技术学院 NFC-based identity authorization and identity verification method, device and system
CN111681009A (en) * 2020-06-08 2020-09-18 中国银行股份有限公司 Multi-platform centralized authentication and authorization system and method, authentication and authorization and service device
CN113158151B (en) * 2021-04-29 2022-07-12 支付宝(杭州)信息技术有限公司 Identity authentication processing method and device

Citations (11)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN101025806A (en) * 2006-02-20 2007-08-29 普天信息技术研究院 Identity authentication method of fee payment via mobile communication terminal
CN101051372A (en) * 2006-04-06 2007-10-10 北京易富金川科技有限公司 Method for safety verifying financial business information in electronic business
CN101201889A (en) * 2006-12-12 2008-06-18 晨星半导体股份有限公司 Method for commodity transaction authentication
CN102004978A (en) * 2010-12-02 2011-04-06 联动优势科技有限公司 Secure real-name payment system and method
CN102592370A (en) * 2012-02-29 2012-07-18 胡乐乐 Method for preventing fraud swiping of bank card
CN103812835A (en) * 2012-11-09 2014-05-21 深圳市华营数字商业有限公司 Public key algorithm based offline mode ID and transaction authentication method
CN103914770A (en) * 2013-01-04 2014-07-09 深圳市华营数字商业有限公司 Handset payment terminal, payment method and system based on NFC label
CN104036406A (en) * 2013-03-07 2014-09-10 中国移动通信集团北京有限公司 Method and device for improving safety of ordering information
US20140279537A1 (en) * 2013-03-13 2014-09-18 EzWay2Pay.Com, LLC. Financial transaction system and method capable of utilizing a mobile device
CN104392349A (en) * 2014-11-13 2015-03-04 中国建设银行股份有限公司 Mobile payment method, device and system
CN104915829A (en) * 2015-05-06 2015-09-16 北京奇虎科技有限公司 Application interaction method and application interaction device based on NFC technology

Family Cites Families (1)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN104361491A (en) * 2014-11-03 2015-02-18 中国联合网络通信集团有限公司 Mobile paying method and system

Patent Citations (11)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN101025806A (en) * 2006-02-20 2007-08-29 普天信息技术研究院 Identity authentication method of fee payment via mobile communication terminal
CN101051372A (en) * 2006-04-06 2007-10-10 北京易富金川科技有限公司 Method for safety verifying financial business information in electronic business
CN101201889A (en) * 2006-12-12 2008-06-18 晨星半导体股份有限公司 Method for commodity transaction authentication
CN102004978A (en) * 2010-12-02 2011-04-06 联动优势科技有限公司 Secure real-name payment system and method
CN102592370A (en) * 2012-02-29 2012-07-18 胡乐乐 Method for preventing fraud swiping of bank card
CN103812835A (en) * 2012-11-09 2014-05-21 深圳市华营数字商业有限公司 Public key algorithm based offline mode ID and transaction authentication method
CN103914770A (en) * 2013-01-04 2014-07-09 深圳市华营数字商业有限公司 Handset payment terminal, payment method and system based on NFC label
CN104036406A (en) * 2013-03-07 2014-09-10 中国移动通信集团北京有限公司 Method and device for improving safety of ordering information
US20140279537A1 (en) * 2013-03-13 2014-09-18 EzWay2Pay.Com, LLC. Financial transaction system and method capable of utilizing a mobile device
CN104392349A (en) * 2014-11-13 2015-03-04 中国建设银行股份有限公司 Mobile payment method, device and system
CN104915829A (en) * 2015-05-06 2015-09-16 北京奇虎科技有限公司 Application interaction method and application interaction device based on NFC technology

Cited By (20)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
WO2018210097A1 (en) * 2017-05-19 2018-11-22 威富通科技有限公司 Method and device for execution transaction mode by classification
CN108985769A (en) * 2017-06-05 2018-12-11 万事达卡国际公司 Enhance the system and method for user authentication
CN109285004A (en) * 2017-07-20 2019-01-29 上海方付通商务服务有限公司 Business confirmation method and system based on mobile network's terminal
CN109284999A (en) * 2017-07-20 2019-01-29 上海方付通商务服务有限公司 Business confirmation method and system based on mobile network's terminal
CN108229231A (en) * 2018-01-03 2018-06-29 中国工商银行股份有限公司 A kind of POS inspection devices, system and method based on RFID
CN108229231B (en) * 2018-01-03 2023-08-08 中国工商银行股份有限公司 RFID-based POS inspection device, system and method
CN110278180B (en) * 2018-03-16 2021-09-21 上海方付通商务服务有限公司 Financial information interaction method, device, equipment and storage medium
CN110278180A (en) * 2018-03-16 2019-09-24 上海方付通商务服务有限公司 Exchange method, device, equipment and the storage medium of Financial Information
CN109598663A (en) * 2018-11-16 2019-04-09 阿里巴巴集团控股有限公司 There is provided and obtain the method and device of secure identity information
CN109598663B (en) * 2018-11-16 2023-05-09 创新先进技术有限公司 Method and device for providing and acquiring safety identity information
CN109919594A (en) * 2019-02-26 2019-06-21 苏州盛迪通电子科技有限公司 A kind of pos electromechanics authentication subprocess method of commerce
CN110135137A (en) * 2019-05-08 2019-08-16 北京科蓝软件系统股份有限公司 A kind of mobile device-based network identity validation method and device
CN110880114A (en) * 2019-10-28 2020-03-13 淮安信息职业技术学院 Transaction protection system and method based on block chain
CN110880114B (en) * 2019-10-28 2022-07-12 淮安信息职业技术学院 Transaction protection system and method based on block chain
CN112001720A (en) * 2020-07-03 2020-11-27 拉卡拉支付股份有限公司 mPOS machine and data processing method thereof
WO2022048318A1 (en) * 2020-09-03 2022-03-10 深圳市百富智能新技术有限公司 Method for establishing communication channel, and user terminal
CN112200586B (en) * 2020-11-16 2022-07-08 支付宝(杭州)信息技术有限公司 Identity authentication method and device
CN112200586A (en) * 2020-11-16 2021-01-08 支付宝(杭州)信息技术有限公司 Identity authentication method and device
CN113095856A (en) * 2021-04-23 2021-07-09 广东电网有限责任公司电力调度控制中心 Electric power market trading method and platform
CN113592346A (en) * 2021-08-11 2021-11-02 北京金和网络股份有限公司 Commodity circulation method and device

Also Published As

Publication number Publication date
CN106688004B (en) 2021-02-09
WO2017084013A1 (en) 2017-05-26

Similar Documents

Publication Publication Date Title
CN106688004A (en) Transaction authentication method, device, mobile terminal, POS terminal and server
US11720943B2 (en) Trusted remote attestation agent (TRAA)
US9467292B2 (en) Hardware-based zero-knowledge strong authentication (H0KSA)
RU2523304C2 (en) Trusted integrity manager (tim)
US8650614B2 (en) Interactive phishing detection (IPD)
AU2012303620B2 (en) System and method for secure transaction process via mobile device
US11405189B1 (en) Systems and methods for trustworthy electronic authentication using a computing device
US9135424B2 (en) Secure identity binding (SIB)
TWI588761B (en) Wireless secure transaction payment system and its method
US20130020389A1 (en) Systems and methods for authenticating near field communcation financial transactions
KR20120075590A (en) System for paying credit card using mobile otp security of mobile phone and method therefor
CN101739624A (en) Trusted payment network system
CN102238193A (en) Data authentication method and system using same
US20120095919A1 (en) Systems and methods for authenticating aspects of an online transaction using a secure peripheral device having a message display and/or user input
KR20160030342A (en) Method of paying for a product or service on a commercial website via an internet connection and a corresponding terminal
CN106330888B (en) The method and device of payment safety in a kind of guarantee the Internet line
CN106779672A (en) The method and device that mobile terminal safety pays
KR20120075607A (en) System for paying credit card using mobile security click of mobile phone and method therefor
KR101190745B1 (en) System for paying credit card using internet otp security of mobile phone and method therefor
US20230154260A1 (en) Token based secure access to a locker system
Jensen et al. Securing NFC Credit Card Payments against Malicious Retailers
CN112686662A (en) Mobile trading counter realized by real-name mobile phone and trading method thereof
KR101148990B1 (en) System for paying credit card using internet security click of mobile phone and method therefor

Legal Events

Date Code Title Description
PB01 Publication
PB01 Publication
SE01 Entry into force of request for substantive examination
SE01 Entry into force of request for substantive examination
GR01 Patent grant
GR01 Patent grant