CN106845985B - Visible light and bar code CA authentication online payment method with hidden channel - Google Patents

Visible light and bar code CA authentication online payment method with hidden channel Download PDF

Info

Publication number
CN106845985B
CN106845985B CN201710066529.7A CN201710066529A CN106845985B CN 106845985 B CN106845985 B CN 106845985B CN 201710066529 A CN201710066529 A CN 201710066529A CN 106845985 B CN106845985 B CN 106845985B
Authority
CN
China
Prior art keywords
module
payment
information
bar code
visible light
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Active
Application number
CN201710066529.7A
Other languages
Chinese (zh)
Other versions
CN106845985A (en
Inventor
邓健志
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
Guilin University of Technology
Original Assignee
Guilin University of Technology
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Guilin University of Technology filed Critical Guilin University of Technology
Priority to CN201710066529.7A priority Critical patent/CN106845985B/en
Publication of CN106845985A publication Critical patent/CN106845985A/en
Application granted granted Critical
Publication of CN106845985B publication Critical patent/CN106845985B/en
Active legal-status Critical Current
Anticipated expiration legal-status Critical

Links

Images

Classifications

    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06QINFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES, NOT OTHERWISE PROVIDED FOR
    • G06Q20/00Payment architectures, schemes or protocols
    • G06Q20/30Payment architectures, schemes or protocols characterised by the use of specific devices or networks
    • G06Q20/36Payment architectures, schemes or protocols characterised by the use of specific devices or networks using electronic wallets or electronic money safes
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06QINFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES, NOT OTHERWISE PROVIDED FOR
    • G06Q20/00Payment architectures, schemes or protocols
    • G06Q20/30Payment architectures, schemes or protocols characterised by the use of specific devices or networks
    • G06Q20/32Payment architectures, schemes or protocols characterised by the use of specific devices or networks using wireless devices
    • G06Q20/327Short range or proximity payments by means of M-devices
    • G06Q20/3276Short range or proximity payments by means of M-devices using a pictured code, e.g. barcode or QR-code, being read by the M-device
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06QINFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES, NOT OTHERWISE PROVIDED FOR
    • G06Q20/00Payment architectures, schemes or protocols
    • G06Q20/30Payment architectures, schemes or protocols characterised by the use of specific devices or networks
    • G06Q20/36Payment architectures, schemes or protocols characterised by the use of specific devices or networks using electronic wallets or electronic money safes
    • G06Q20/367Payment architectures, schemes or protocols characterised by the use of specific devices or networks using electronic wallets or electronic money safes involving electronic purses or money safes
    • G06Q20/3674Payment architectures, schemes or protocols characterised by the use of specific devices or networks using electronic wallets or electronic money safes involving electronic purses or money safes involving authentication
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06QINFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES, NOT OTHERWISE PROVIDED FOR
    • G06Q20/00Payment architectures, schemes or protocols
    • G06Q20/30Payment architectures, schemes or protocols characterised by the use of specific devices or networks
    • G06Q20/36Payment architectures, schemes or protocols characterised by the use of specific devices or networks using electronic wallets or electronic money safes
    • G06Q20/367Payment architectures, schemes or protocols characterised by the use of specific devices or networks using electronic wallets or electronic money safes involving electronic purses or money safes
    • G06Q20/3678Payment architectures, schemes or protocols characterised by the use of specific devices or networks using electronic wallets or electronic money safes involving electronic purses or money safes e-cash details, e.g. blinded, divisible or detecting double spending
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06QINFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES, NOT OTHERWISE PROVIDED FOR
    • G06Q20/00Payment architectures, schemes or protocols
    • G06Q20/38Payment protocols; Details thereof
    • G06Q20/382Payment protocols; Details thereof insuring higher security of transaction
    • G06Q20/3823Payment protocols; Details thereof insuring higher security of transaction combining multiple encryption tools for a transaction
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06QINFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES, NOT OTHERWISE PROVIDED FOR
    • G06Q20/00Payment architectures, schemes or protocols
    • G06Q20/38Payment protocols; Details thereof
    • G06Q20/40Authorisation, e.g. identification of payer or payee, verification of customer or shop credentials; Review and approval of payers, e.g. check credit lines or negative lists
    • G06Q20/401Transaction verification
    • G06Q20/4014Identity check for transactions

Landscapes

  • Business, Economics & Management (AREA)
  • Accounting & Taxation (AREA)
  • Engineering & Computer Science (AREA)
  • Finance (AREA)
  • Physics & Mathematics (AREA)
  • Strategic Management (AREA)
  • General Business, Economics & Management (AREA)
  • General Physics & Mathematics (AREA)
  • Theoretical Computer Science (AREA)
  • Computer Networks & Wireless Communication (AREA)
  • Computer Security & Cryptography (AREA)
  • Financial Or Insurance-Related Operations Such As Payment And Settlement (AREA)
  • Control Of Vending Devices And Auxiliary Devices For Vending Devices (AREA)

Abstract

The invention discloses a visible light and bar code CA authentication online payment method with a hidden channel. Establishing a set of optical authentication online consumption device with a hidden channel, comprising: electronic purses, consumer machines, and servers; the electronic wallet comprises a visible light emitting module, a bar code scanning module, a control module, an input module, a display module, a data interface and a wallet light receiving module; the consumption machine comprises a visible light receiving module, a bar code display module, a read-write control module, a keyboard module, a communication module and a backlight module; a communication channel is formed by visible light signal receiving and transmitting devices, bar code display devices and scanning devices which are arranged on a consumer machine and an electronic wallet, a hidden channel of information is formed by illumination backlight of the bar code and other prompt information display devices, and the consumer machine and the electronic wallet must simultaneously receive and process information transmitted by the hidden channel to carry out interactive authentication of visible light signals and bar code scanning identification. The online payment method enables people to consume conveniently and quickly.

Description

Visible light and bar code CA authentication online payment method with hidden channel
Technical Field
The invention belongs to the technical field of optical payment, and particularly relates to a visible light and bar code CA authentication online payment method with a hidden channel.
Background
Visible Light Communication (VLC) technology. The VLC technology is a method for realizing wireless communication by utilizing the characteristics that an LED can emit high-frequency flicker and light flicker which cannot be sensed by human eyes, carrying signals by the high-frequency flicker of the LED at a data sending end and collecting the signals by a photosensitive element with the same quick response time at a receiving end.
The code scanning is a popular information acquisition mode at present, and the code scanning payment is an on-line payment mode developed on the basis of a code scanning technology and technologies such as WeChat and Paibao. However, the payment means belonging to the code scanning payment is still an online payment mode which cannot be separated from the network.
The code of the code scanning is usually a dynamically variable code which needs to be displayed on a display screen, and the existing liquid crystal screen and LED screen are required to provide backlight illumination which is a good carrier for visible light communication. The illumination backlight is an information carrier which is easy to ignore, is used as a transmission carrier of a hidden signal, is applied to the field of optical payment, can provide a hidden channel, and improves the safety of a payment link.
CA authentication, which is called a Certificate Authority (CA), also called an e-commerce authentication center, is an Authority responsible for issuing and managing digital certificates, and is used as a trusted third party in e-commerce transactions, and assumes responsibility for validity check of public keys in a public key system. CA authentication is to ensure the security, authenticity, reliability, integrity and non-repudiation of information transferred over the network between users. With the prevalence of electronic commerce, the authenticity, authority, fairness and uniqueness of the user identity need to be verified, which is a core link of secure electronic transaction.
The invention is inspired by the technical modes, utilizes the standard configurations of the camera, the flash lamp and the ambient light sensing module which are almost modern smart phones and tablet computers, and jointly constructs a safe and hidden online payment method, so that people can easily shop and consume as long as carrying the mobile phones and the tablet computers.
Disclosure of Invention
The invention aims to provide a visible light and bar code CA authentication online payment method with a hidden channel.
The method comprises the following specific steps:
(1) establishing a set of optical authentication online consumption device with a hidden channel, comprising: electronic purses, consumer machines, and servers.
An electronic wallet, comprising: the device comprises a visible light emitting module, a bar code scanning module, a control module, an input module, a display module, a data interface and a wallet light receiving module; the visible light emitting module is used for generating and sending visible light signals according to the information input by the control module; the bar code scanning module is used for scanning and identifying bar codes and outputting an identification result to the control module; a control module to: 1. processing information to be sent to generate a data packet, outputting the data packet to a visible light emitting module, and driving the visible light emitting module to send a visible light signal; 2. receiving the scanning result output of the bar code scanning module, and verifying the scanning result; 3. receiving the result output of the wallet light receiving module, and identifying and authenticating the result output; 4. generating information needing to pass through the visible light emitting module according to the received information and the generated payment information; 5. the data interaction can be carried out with the server through the data interface; the input module is used for inputting information including payment amount, inquiry passwords, payment passwords and operation instructions to the control module; the display module is used for displaying payment amount, a password input interface, an operation instruction and prompt information; the data interface is used for providing a networking function of the electronic wallet and providing functions of connecting with the server and performing data exchange, data maintenance and upgrading; and the wallet light receiving module is used for receiving the visible light backlight signal sent by the backlight module.
A consumer machine, comprising: the device comprises a visible light receiving module, a bar code display module, a read-write control module, a keyboard module, a communication module and a backlight module; the visible light receiving module is used for receiving the visible light signals, processing and restoring the visible light signals into corresponding digital signals, and restoring the digital signals into data packets; a barcode display module for: 1. generating and displaying a bar code according to the input information of the read-write control module; 2. displaying the transaction amount, a password input interface, an operation instruction and prompt information; a read-write control module for: 1. receiving the output of the visible light receiving module, and identifying and authenticating the output; 2. processing information to be sent and outputting the information to a bar code display module; 3. processing information to be sent in an optical signal form, generating a data packet, outputting the data packet to a backlight module, and driving the backlight module to send a visible light signal; 4. providing a data interface, and uploading and downloading information with a server through a communication module; the keyboard module is used for inputting transaction amount, transaction password and operation instruction to the read-write control module; the communication module is used for connecting the upper computer or the access network in a wired or wireless mode so as to be connected with the server; and the backlight module is used for providing the bar code display module with displayed illumination backlight and sending a visible light backlight signal by using the backlight.
A server to: 1. establishing data connection for uploading and downloading with the consumer computer through the communication module; 2. establishing data connection for uploading and downloading with the electronic wallet through a data interface; 3. providing background service support of the payment method; 4. an interface to provide funds flow throughout the payment device with the financial system; 5. providing for issuing or de-authorizing a consumer machine, e-wallet, comprising: key updating, algorithm updating and upgrading, use authority adjustment, validity period adjustment, electronic wallet recharging, consumer payment, electronic wallet and consumer public information inquiry; 6. the preservation comprises the following steps: information including an authorized user list, a blacklist, an operation log summary and a consumer list.
An authorized user list for maintaining a list comprising: identity, usage rights, expiration date and identity information of the electronic wallet holder of electronic wallets that have been authorized to make online payments; the blacklist is used for storing the identity identification information of the part of the electronic wallets which are refused to pay for the transaction due to arrearage, loss report and illegal use records in the authorized user list; a payment interface for providing an interface for the flow of funds throughout the online payment device with the financial system; the operation log summarization is used for storing information including query, recharge, consumption operation time, payment amount and payment process data parameters of all the consumption machines and the electronic wallets; a consumer machine manifest for maintaining a list comprising: the identity identification, the use authority, the validity period and the identity information of the consumer machine holder of the consumer machine which is authorized to carry out online payment transaction; the server is used for issuing authority to the equipment comprising the module of the consumer machine and the function thereof, so that the equipment has the function of receiving the electronic wallet in the device for payment; the server is used for issuing authority to the equipment comprising the module and the function of the electronic wallet, so that the electronic wallet has the function of paying to a consumption machine in the device; meanwhile, the server issues an authorization to the user, wherein the authorization mode is to issue an authorization entity hardware device or to provide an authorization number for the user of the existing device; the server is used for recharging authorized entity hardware equipment or existing equipment of a user obtaining an authorization number, and writing an electronic wallet identity, a use authority, a validity period, a payment password and an inquiry password of the electronic wallet and identity information of an electronic wallet holder.
(2) The payment is completed by a payee who holds a consumer computer with the CID and a payer who holds an electronic wallet with the QID, and a payment process initiated by the payee is as follows:
BF1, a receiving party issues a receiving request, and the processing flow includes the following steps:
BF1.1, the payee enters the amount to be received JR1 at the consumer machine.
BF1.2, the read-write control module generates an optical random code GSJ1, and generates a collection request SKQQ1 containing a collection amount JR1, a consumer identity CID1 and an optical random code GSJ1 according to a collection amount JR1 input by BF 1.1; uploading a collection request SKQQ1 to a server through a communication module; generating and downloading a collection random code SKSJ1 by the server; and outputting a collection request SKQQ1 to a bar code display module; meanwhile, the random collection code SKSJ1 is output to the backlight module and is sent out in the form of visible light signals.
BF1.3, the bar code display module produces a bar code and displays according to the request SKQQ1 of gathering money, send out the random code SKSJ1 of gathering money with the form of visible light signal with the backlight module; and begins to wait for receipt of the payer's response; if no response is received from the payer within a set waiting time, the bar code display module is refreshed to wait for the input of the next payment receiving request.
BF2, the payer receives the payment request from the payee and makes a payment response according to the payment request, the process flow comprises the following steps:
BF2.1, the bar code scanning module for electronic wallet scans and discerns the bar code display module of the payee, receive the request SKQQ2 of gathering; and receiving the collection random code SKSJ2 by using the wallet light receiving module.
BF2.2, the control module obtains the amount of money JR2 and the consumer identity CID2, the random code GSJ2 according to the request of receiving money SKQQ2, and checks through connecting the server:
1) the consumer ID CID2 is verified to confirm that the consumer with the ID CID2 is authorized and not blacklisted.
2) And checking whether the random collection codes SKSJ1 downloaded by the server to the consumer machine are the same as the random collection codes SKSJ2 received by the electronic wallet.
If at least one of the two checks fails, displaying the information that the server fails to pass the check on the display module; otherwise, if both verification tests are passed, displaying JR2, CID2 and payment prompt information on a display module, and waiting for confirmation of a payer; if the payer agrees to pay, inputting an order of agreeing to pay through the input module, and entering BF 2.3; if the payer inputs an instruction of not agreeing with the payment or whether the payer agrees within a certain set time, the payment process is quitted.
BF2.3, after the electronic purse obtains the order of agreeing to pay, the prompt of inputting the password is displayed on the display module.
BF2.4, the user inputs the payment password by the input module according to the prompt of password input in BF 2.3.
BF2.5, the control module will input the payment password ZFMMM 2 that the module inputs, produce a data packet containing electronic wallet ID QID2, payment agree ZFMTY 2, amount of payment FKJR2, request for collecting SKQQ2, random code SKSJ2 and payment password ZFMMM 2, and output the data packet to the visible light emission module, send out the data packet in the form of visible light signal by the visible light emission module, and begin to wait for the response of the payee; if the response from the payee is not received within a set waiting time, the operation is ended and the payment process is exited.
BF3, the payee issues a receipt of payment based on the payment response sent by the payer, the process flow includes the following steps:
BF3.1, the visible light receiving module of the consumption machine receives the visible light signal, and convert it into the data packet, and then output to the read-write control module.
BF3.2, the read-write control module extracts the electronic wallet identity QID3, the payment request SKQQ3, the payment amount FKJR3, the payment agreement ZFTTY 3, the payment password ZFMM3 and the payment random code SKSJ3 from the data packet.
The extracted information is uploaded to the server through the communication module, and the server performs the following 6 verifications:
1) verifying whether the wallet identity QID3 is not blacklisted, and if the wallet identity QID3 is blacklisted, verifying that the wallet identity QID is not passed; otherwise, the verification is passed.
2) Whether the received collection request SKQQ3 in the data packet is consistent with SKQQ1 sent by the collection party or not is judged, if so, the verification is passed; otherwise, the verification is not passed.
3) Whether the payment amount FKJR3 in the data packet of the payment response is consistent with the collection amount JR1 sent by the receiver or not, and if so, the verification is passed; otherwise, the verification is not passed.
4) Whether the payment password ZFMM3 is consistent with the identity stored on the server and is identified as a QID3 electronic wallet payment password or not; if the two are consistent, the verification is passed; otherwise, the verification is not passed.
5) Whether the payment amount FKJR3 is greater than the balance identified as QID3 electronic purse; if the balance is enough, the verification is passed; otherwise, if the balance is insufficient, the verification is not passed.
6) Whether the collection random code SKSJ1 generated by the server is consistent with the collection random code SKSJ3 extracted from the data packet in BF3.2 or not is judged to be passed if the collection random code SKSJ1 is consistent with the collection random code SKSJ3 extracted from the data packet in BF 3.2; otherwise, the verification is not passed.
When the 6 verification passes, the server returns a verification confirmation code YSQR3 to the consumer machine and enters BF3.3, otherwise, as long as at least one verification fails, the server returns information that the verification fails to pass to the consumer machine, the read-write control module sends prompt information that the verification fails to pass to the bar code display module, the bar code display module informs a user of a payee, and meanwhile, the operation is ended, and the payment process is quitted; when the balance is verified to be insufficient, prompting information of insufficient balance is also prompted.
BF3.3, the read-write control module generates acceptance information SLX3 and a light response random code GDSJ3 which comprise a collection amount JR1, a consumer identity CID1, an electronic wallet identity QID3, a payment agreement ZFTY3, a collection code SKM3 and a verification confirmation code YSQR3, and outputs the acceptance information SLX3 to the bar code display module.
BF3.4, the bar code display module produces a bar code and displays according to the acceptance information SLX3, and at the same time, and output the random code GDSJ3 of the light response to the backlight module, send out in the form of visible light signal; and starts to wait for receiving the response of the server; and if the response from the server is not received within a set waiting time, refreshing the bar code display module, ending the process operation of the payment and quitting the payment process.
BF4, the payer receives the receipt information from the payee and makes a payment response based on the receipt information, the processing flow of the payer includes:
BF4.1, the bar code scanning module for electronic wallet scans and discerns the bar code display module of the payee, receive the acceptance information SLX 4; and receiving the light response random code GDSJ4 by using the wallet light receiving module.
BF4.2, the control module obtains the amount of money JR4, the consumer identity CID4, the electronic wallet identity QID4, the payment agreement ZFTY4, the collection code SKM4 and the verification confirmation code YSQR4 according to the acceptance information SLX4, uploads the extracted information to the server through a data interface, and the server performs the following 5 verifications:
1) the collection amount JR2 is consistent with the collection amount JR 4.
2) Whether the consumer identity CID2 is consistent with CID 4.
3) The wallet id QID2 is consistent with QID 4.
4) Payment agreement ZFTY2 is consistent with payment agreement ZFTY 4.
5) And whether the verification confirmation code YSQR3 returned by the server received by the consumer machine is consistent with the verification confirmation code YSQR4 extracted by the electronic wallet from the received acceptance information SLX 4.
If the above 5 comparisons are respectively consistent, entering BF4.3 for passing verification; if the comparison is inconsistent, generating a verification failure message by the server to be sent to the electronic wallet and the consumption machine for verification failure if the comparison is inconsistent, BF 4.5; and the control module sends a prompt message that the verification fails to pass to the display module, the display module informs the payer, and meanwhile, the operation is finished, and the payment process is quitted.
BF4.3, the server updates the balance of the electronic wallet with the identity of QID4, and sends a collection completion code SKWC to the electronic wallet and the consumer machine according to the time of the payment operation, the collection amount JR4, the identity of the consumer machine CID4, the payment code ZFM4 and the collection code SKM 4.
BF4.4, the electronic purse receives the gathering and finishes the code SKWC, send a prompt message of paying and finishing to the display module through the control module, display out in order to inform the payer through the display module, finish the operation at the same time, withdraw from the payment flow.
BF4.5, the electronic wallet receives the information that the verification fails, and then send a prompt message that the verification fails to pass to the display module by the control module, tell the payer through the display module, finish the operation at the same time, withdraw from the payment procedure.
BF5, the receiving party receives the information from the server, and the processing flow includes the following steps:
BF5.1, the consumption machine receives the finished code SKWC of gathering or verifies the information that fails, if receive the finished code SKWC of gathering, send a prompt message that pays and finishes to the display module of bar code through the read-write control module, display out in order to inform the payee through the display module of bar code, finish operating at the same time, withdraw from the payment process; if the information that the verification fails is received, a prompt message that the verification fails is sent to the bar code display module through the read-write control module, the prompt message is displayed through the bar code display module to inform a payee, meanwhile, the operation is finished, and the payment process is quitted.
(3) In the payment process, the data sent by the consumer machine is received from the electronic wallet, and the data sent by the electronic wallet is received from the consumer machine, so that the possibility that the data cannot be identified exists in the transceiving process, and therefore, in the payment process, for the situation that the data cannot be identified and cannot be identified due to the fact that the data cannot be received, the device unilaterally ends the payment process after a set waiting time is overtime.
In the payment process, the data sent from the electronic wallet to the consumer machine and the data sent from the consumer machine to the electronic wallet may have risks of data loss, tampering and forgery in the transceiving process, so in the payment process, for each received key data, it is assumed that the currently received data is different from the data generated or received in the previous steps of the payment process, and comparison and verification are required, thereby ensuring the authenticity and integrity of the transceiving data.
The invention is based on the premise of combining a visible light communication technology and a bar code scanning identification technology, and utilizes the illumination backlight of a display device of a bar code and other prompt information to construct a hidden channel so as to improve the safety of the payment process, thereby providing the online payment method of visible light with hidden signals and bar code CA authentication.
Drawings
FIG. 1 is a schematic diagram of the structure of the process of the present invention.
Fig. 2 is a block diagram of an apparatus in an embodiment of the present invention.
The labels in the figure are: 1-an electronic wallet; 2-a consumer machine; 3-a server; 11-a control module; 12-an input module; 13-a display module; 14-a data interface; 15-a barcode scanning module; 17-a visible light emitting module; 18-a wallet light receiving module; 21-read-write control module; 22-a barcode display module; 24-a visible light receiving module; 25-a keyboard module; 26-a backlight module; 27-a communication module.
Detailed Description
Example (b):
the invention discloses a visible light and bar code CA authentication online payment method with a hidden channel, which comprises the following specific implementation steps of:
establishing a set of optical authentication online consumption device with a hidden channel, comprising: an electronic wallet 1, a consumer machine 2 and a server 3.
Electronic wallet 1, comprising: a visible light emitting module 17, a bar code scanning module 15, a control module 11, an input module 12, a display module 13, a data interface 14, and a wallet light receiving module 18.
And the visible light emitting module 17 is used for generating and sending a visible light signal according to the information input by the control module 11.
And the bar code scanning module 15 is used for scanning and identifying a bar code and outputting an identification result to the control module 11.
A control module 11 for: 1. processing information to be sent to generate a data packet, outputting the data packet to the visible light emitting module 17, and driving the visible light emitting module 17 to send a visible light signal; 2. receiving the scanning result output of the bar code scanning module 15, and verifying the scanning result; 3. receiving the result output of the wallet light receiving module 18, and identifying and authenticating the result; 4. generating information to be passed through the visible light emitting module 17 according to the received information and the generated payment information; 5. data interaction with the server 3 can take place via a data interface 14.
And the input module 12 is used for inputting payment amount, inquiry password, payment password and operation instruction to the control module 11.
And the display module 13 is used for displaying payment amount, a password input interface, an operation instruction and prompt information.
And the data interface 14 is used for providing networking functions of the electronic wallet 1, and providing functions of connecting with the server 3 and performing data exchange, data maintenance and upgrading.
The wallet light receiving module 18 is configured to receive the visible light backlight signal sent by the backlight module 26.
The electronic wallet 1 is implemented by a smart phone equipped with a flash, a photoelectric sensor, and a camera.
Consumer machine 2, comprising: a visible light receiving module 24, a bar code display module 22, a read-write control module 21, a keyboard module 25, a communication module 27 and a backlight module 26.
The visible light receiving module 24 is configured to receive the visible light signal, process and restore the visible light signal to a corresponding digital signal, and restore the digital signal to a data packet.
The bar code display module 22 is used for 1, generating and displaying a bar code according to the input information of the read-write control module 21; 2. and displaying the transaction amount, the password input interface, the operation instruction and the prompt information.
A read-write control module 21, configured to: 1. receiving the output of the visible light receiving module 24, and identifying and authenticating the output; 2. processing the information to be sent and outputting the information to the bar code display module 22; 3. processing the information to be sent in the form of optical signals to generate data packets, outputting the data packets to the backlight module 26, and driving the backlight module 26 to send visible light signals; 4. information is uploaded and downloaded to and from the server 3 via the communication module 27.
And the keyboard module 25 is used for inputting the transaction amount, the transaction password and the operation instruction to the read-write control module 21.
And the communication module 27 is used for connecting an upper computer or an access network in a wired or wireless mode so as to be connected with the server 3.
And the backlight module 26 is used for providing an illuminating backlight for the bar code display module 22 to display, and simultaneously sending a visible light backlight signal by using the backlight.
A server 3 for: 1. establishing data connection for uploading and downloading with the consumer machine 2 through the communication module 17; 2. establishing data connection for uploading and downloading with the electronic wallet 1 through the data interface 14; 3. providing background service support of the payment method; 4. an interface providing the entire online payment device with the flow of funds of the financial system; 5. issuing or de-authorizing the consumer machine 3 and the electronic wallet 1, the providing comprising: key updating, algorithm updating and upgrading, use authority adjustment, validity period adjustment, electronic wallet recharging, consumer machine payment and electronic wallet 1 and consumer machine 2 public information inquiry; 6. the preservation comprises the following steps: information including an authorized user list, a blacklist, an operation log summary and a consumer list.
An authorized user list for maintaining a list comprising: identification of electronic wallets, usage rights, expiration dates and identity information of electronic wallet holders that have been authorized to make online payments.
And the blacklist is used for storing the identification information of the part of the electronic wallets which are refused to pay for the transaction due to arrearage, loss report and illegal use records in the authorized user list.
And the payment interface is used for providing an interface for the fund flow of the whole online payment device and the financial system.
And the operation log collection is used for storing information including inquiry, recharging and consumption operation time, payment amount and payment process data parameters of all the consumption machines and the electronic wallets.
And the consumer machine list is used for storing the information, the use authority and the validity period of the consumer machine terminal which is authorized to carry out online payment transaction.
The issuing process of the electronic wallet comprises the following steps: the server issues an authorization to the user, and the authorization mode can be to issue an authorization entity hardware device or to provide an authorization number for the existing device equipped with the invention; the server is used for recharging authorized entity hardware equipment or existing equipment of a user obtaining an authorization number, and writing an electronic wallet identity, a use authority, a validity period, a payment password and an inquiry password of the electronic wallet and identity information of an electronic wallet holder.
The payment is completed by the payee holding the CID consumer machine 2 and the payer holding the QID wallet 1, and a payment process initiated by the payee is as follows:
BF1, a receiving party issues a receiving request, and the processing flow includes the following steps:
BF1.1, the payee enters the amount to be received JR1 at the consumer machine 2.
BF1.2, the read-write control module 21 generates an optical random code GSJ1, and generates a collection request SKQQ1 containing a collection amount JR1, a consumer identity CID1 and an optical random code GSJ1 according to the collection amount JR1 input by BF 1.1; uploading the collection request SKQQ1 to the server 3 through the communication module 27; a collection random code SKSJ1 is generated by the server 3 and downloaded from the server 3; and outputs the collection request SKQQ1 to the bar code display module 22; meanwhile, the random collection code SKSJ1 is output to the backlight module 26 and sent out in the form of visible light signals.
BF1.3, bar code display module 22 produces a bar code and displays according to the request SKQQ1 of gathering money, send out gathering the random code SKSJ1 with the form of visible light signal with the backlight module 26; and begins to wait for receipt of the payer's response; if no response is received from the payer within a set wait time, the barcode display module 22 is refreshed, awaiting the entry of the next payment request.
BF2, the payer receives the payment request from the payee and makes a payment response according to the payment request, the process flow comprises the following steps:
BF2.1, the electronic wallet 1 scans the bar code display module 22 of the identification payee with the bar code scanning module 15, receive the request SKQQ2 of gathering; the random number SKSJ2 is received by the wallet light-receiving module 18.
BF2.2, the control module 11 obtains the amount of money JR2, the consumer identity CID2 and the random code GSJ2 according to the request SKQQ2, and checks through connecting the server 3:
1) the identity CID2 of the consumer machine 2 is checked to see if the consumer machine with the identity CID2 is authorized and not blacklisted.
2) The check server 3 checks whether the random collection number SKSJ1 downloaded to the consumer machine 2 is the same as the random collection number SKSJ2 received by the electronic wallet 1.
If at least one of the two checks fails, displaying the information that the service 3 checks fail on the display module 13; otherwise, if both the verifications are passed, displaying the JR2, the CID2 and the payment prompt information on the display module 13 and waiting for the confirmation of the payer; if the payer agrees to pay, inputting an instruction of agreeing to pay through the input module 12, and entering BF 2.3; if the payer inputs an instruction of not agreeing with the payment or whether the payer agrees within a certain set time, the payment process is quitted.
BF2.3, after the electronic wallet 1 gets the instruction to approve the payment, a prompt to enter the password is displayed on the display module 13.
BF2.4, the user inputs the payment password through the input module 13 according to the prompt of password input in BF 2.3.
BF2.5, the control module 11 will input the payment password ZFMM2 that the module 13 inputs, produce a data packet containing E-wallet ID QID2, payment agree ZFMTY 2, amount of payment FKJR2, collect request SKQQ2, collect random code SKSJ2 and payment password ZFMM2, and output the data packet to the visible light emission module 17, send out the data packet in the form of visible light signal by the visible light emission module 17, and begin to wait for the payee's response; if the response from the payee is not received within a set waiting time, the operation is ended and the payment process is exited.
BF3, the payee issues a receipt of payment based on the payment response sent by the payer, the process flow includes the following steps:
BF3.1, the visible light receiving module 24 of the consumption machine 2 receives the visible light signal, and converts it into a data packet, and outputs it to the read-write control module 21.
BF3.2, the read-write control module 21 extracts the electronic wallet ID QID3, the payment request SKQQ3, the payment amount FKJR3, the payment agreement ZFTY3, the payment password ZFMM3 and the payment random code SKSJ3 from the data packet.
The extracted information is uploaded to the server 3 through the communication module 27, and 6 verifications are performed by the server 3 as follows:
1) verifying whether the wallet identity QID3 is not blacklisted, and if the wallet identity QID3 is blacklisted, verifying that the wallet identity QID is not passed; otherwise, the verification is passed.
2) Whether the received collection request SKQQ3 in the data packet is consistent with SKQQ1 sent by the collection party or not is judged, if so, the verification is passed; otherwise, the verification is not passed.
3) Whether the payment amount FKJR3 in the data packet of the payment response is consistent with the collection amount JR1 sent by the receiver or not, and if so, the verification is passed; otherwise, the verification is not passed.
4) Whether the payment password ZFMM3 is consistent with the payment password of QID3 electronic wallet 1 stored in the server 3 or not; if the two are consistent, the verification is passed; otherwise, the verification is not passed.
5) Whether the payment amount FKJR3 is greater than the balance identified as QID3 electronic purse 1; if the balance is enough, the verification is passed; otherwise, if the balance is insufficient, the verification is not passed.
6) Whether the collection random code SKSJ1 generated by the server 3 is consistent with the collection random code SKSJ3 extracted from the data packet in BF3.2 or not, and if the two are consistent, the verification is passed; otherwise, the verification is not passed.
When the above 6 pieces are verified, the server 3 returns a verification confirmation code YSQR3 to the consumer machine 2 and enters BF3.3, otherwise, as long as at least one verification fails, the server 3 returns information that the verification fails to pass to the consumer machine, the read-write control module 21 sends prompt information that the verification fails to pass to the bar code display module 22, the bar code display module 22 informs the user of the payee, and at the same time, the operation is ended, and the payment process is exited; when the balance is verified to be insufficient, prompting information of insufficient balance is also prompted.
BF3.3, the read-write control module 21 generates acceptance information SLX3 and a light response random code GDSJ3 which comprise a collection amount JR1, a consumer identity CID1, an electronic wallet identity QID3, a payment agreement ZFTTY 3, a collection code SKM3 and a verification confirmation code YSQR3, and outputs the acceptance information SLX3 to the bar code display module.
BF3.4, the bar code display module 22 produces a bar code and displays according to the acceptance information SLX3, and at the same time, outputs the light response random code GDSJ3 to the backlight module 26, and sends out in the form of visible light signal; and starts to wait for receiving the response of the server; if the response from the server 3 is not received within a set waiting time, the bar code display module 22 is refreshed, the process operation of the current payment is finished, and the payment process is quitted.
BF4, the payer receives the receipt information from the payee and makes a payment response based on the receipt information, the processing flow of the payer includes:
BF4.1, the electronic wallet 1 scans and identifies the bar code display module 22 of the payee by using the bar code scanning module 15 to obtain acceptance information SLX 4; the light response random code GDSJ4 is received by the wallet light receiving module 18.
BF4.2, the control module 11 obtains the collection amount JR4, the consumer identity CID4, the electronic wallet identity QID4, the payment agreement ZFTY4, the collection code SKM4, and the verification confirmation code YSQR4 according to the acceptance information SLX4, uploads the extracted information to the server 3 through the data interface 14, and the server 3 performs 5 verifications as follows:
1) the collection amount JR2 is consistent with the collection amount JR 4.
2) Whether the consumer identity CID2 is consistent with CID 4.
3) The wallet id QID2 is consistent with QID 4.
4) Payment agreement ZFTY2 is consistent with payment agreement ZFTY 4.
5) The verification confirmation code YSQR3 returned by the server 3 received by the consumer machine 2 is identical to the verification confirmation code YSQR4 extracted by the electronic wallet 1 from the received acceptance information SLX 4.
If the above 5 comparisons are respectively consistent, entering BF4.3 for passing verification; if only one comparison is inconsistent, the server 3 generates a verification failure message to be sent to the electronic wallet 1 and the consumer machine 2, BF4.5, for verification failure; and the control module 11 sends a prompt message indicating that the verification fails to pass to the display module 13, and the display module 13 informs the payer, and simultaneously ends the operation and quits the payment process.
BF4.3, the server 3 updates the balance of the electronic wallet 1 with the identity of QID4, and sends a collection completion code SKWC to the electronic wallet 1 and the consumer machine 2 according to the time of the payment operation, the collection amount JR4, the consumer machine identity CID4, the payment code ZFM4 and the collection code SKM 4.
BF4.4, electronic wallet 1 receives the collection and finishes the code SKWC, send a prompt message of paying and finishing to the display module 13 through the control module 11, display out in order to inform the payer through the display module 13, finish the operation at the same time, withdraw from the payment procedure.
BF4.5, the electronic wallet 1 receives the information that the verification fails, and then send a prompt message that the verification fails to pass to the display module 13 by the control module 11, notify the payer through the display module 13, finish the operation at the same time, withdraw from the payment procedure.
BF5, the receiving party receives the information from the server 3, and the processing flow includes the following steps:
BF5.1, the consumption machine 2 receives the finished code SKWC of gathering or verifies the information that is not passed, if receive the finished code SKWC of gathering, send a prompt message that pays and finishes to the display module 22 of bar code through the read-write control module 21, display out in order to tell the payee through the display module 22 of bar code, finish the operation at the same time, withdraw from the payment process; if the information that the verification fails is received, a prompt message that the verification fails is sent to the bar code display module 22 through the read-write control module 21, and the prompt message is displayed through the bar code display module 22 to inform the payee, and meanwhile, the operation is ended, and the payment process is quitted.

Claims (1)

1. A visible light and bar code CA authentication online payment method with a hidden channel is characterized by comprising the following specific steps:
(1) establishing a set of optical authentication online consumption device with a hidden channel, comprising: electronic purses, consumer machines, and servers;
an electronic wallet, comprising: the device comprises a visible light emitting module, a bar code scanning module, a control module, an input module, a display module, a data interface and a wallet light receiving module; the visible light emitting module is used for generating and sending visible light signals according to the information input by the control module; the bar code scanning module is used for scanning and identifying bar codes and outputting an identification result to the control module; a control module to: 1. processing information to be sent to generate a data packet, outputting the data packet to a visible light emitting module, and driving the visible light emitting module to send a visible light signal; 2. receiving the scanning result output of the bar code scanning module, and verifying the scanning result; 3. receiving the result output of the wallet light receiving module, and identifying and authenticating the result output; 4. generating information needing to pass through the visible light emitting module according to the received information and the generated payment information; 5. the data interaction can be carried out with the server through the data interface; the input module is used for inputting information including payment amount, inquiry passwords, payment passwords and operation instructions to the control module; the display module is used for displaying payment amount, a password input interface, an operation instruction and prompt information; the data interface is used for providing a networking function of the electronic wallet and providing functions of connecting with the server and performing data exchange, data maintenance and upgrading; the wallet light receiving module is used for receiving the visible light backlight signal sent by the backlight module;
a consumer machine, comprising: the device comprises a visible light receiving module, a bar code display module, a read-write control module, a keyboard module, a communication module and a backlight module; the visible light receiving module is used for receiving the visible light signals, processing and restoring the visible light signals into corresponding digital signals, and restoring the digital signals into data packets; a barcode display module for: 1. generating and displaying a bar code according to the input information of the read-write control module; 2. displaying the transaction amount, a password input interface, an operation instruction and prompt information; a read-write control module for: 1. receiving the output of the visible light receiving module, and identifying and authenticating the output; 2. processing information to be sent and outputting the information to a bar code display module; 3. processing information to be sent in an optical signal form, generating a data packet, outputting the data packet to a backlight module, and driving the backlight module to send a visible light signal; 4. providing a data interface, and uploading and downloading information with a server through a communication module; the keyboard module is used for inputting transaction amount, transaction password and operation instruction to the read-write control module; the communication module is used for connecting the upper computer or the access network in a wired or wireless mode so as to be connected with the server; the backlight module is used for providing displayed illumination backlight for the bar code display module and sending visible light backlight signals by utilizing the backlight;
a server to: 1. establishing data connection for uploading and downloading with the consumer computer through the communication module; 2. establishing data connection for uploading and downloading with the electronic wallet through a data interface; 3. providing background service support of the payment method; 4. an interface to provide funds flow throughout the payment device with the financial system; 5. providing for issuing or de-authorizing a consumer machine, e-wallet, comprising: key updating, algorithm updating and upgrading, use authority adjustment, validity period adjustment, electronic wallet recharging, consumer payment, electronic wallet and consumer public information inquiry; 6. the preservation comprises the following steps: information including an authorized user list, a blacklist, an operation log summary and a consumer list;
an authorized user list for maintaining a list comprising: identity, usage rights, expiration date and identity information of the electronic wallet holder of electronic wallets that have been authorized to make online payments; the blacklist is used for storing the identity identification information of the part of the electronic wallets which are refused to pay for the transaction due to arrearage, loss report and illegal use records in the authorized user list; a payment interface for providing an interface for the flow of funds throughout the online payment device with the financial system; the operation log summarization is used for storing information including query, recharge, consumption operation time, payment amount and payment process data parameters of all the consumption machines and the electronic wallets; a consumer machine manifest for maintaining a list comprising: the identity identification, the use authority, the validity period and the identity information of the consumer machine holder of the consumer machine which is authorized to carry out online payment transaction; the server is used for issuing authority to the equipment comprising the module of the consumer machine and the function thereof, so that the equipment has the function of receiving the electronic wallet in the device for payment; the server is used for issuing authority to the equipment comprising the module and the function of the electronic wallet, so that the electronic wallet has the function of paying to a consumption machine in the device; meanwhile, the server issues an authorization to the user, wherein the authorization mode is to issue an authorization entity hardware device or to provide an authorization number for the user of the existing device; the server is used for recharging authorized entity hardware equipment or existing user equipment obtaining an authorization number and writing an electronic wallet identity, a use authority, a validity period, a payment password and an inquiry password of the electronic wallet and identity information of an electronic wallet holder;
(2) the payment is completed by a payee who holds a consumer computer with the CID and a payer who holds an electronic wallet with the QID, and a payment process initiated by the payee is as follows:
BF1, a receiving party issues a receiving request, and the processing flow includes the following steps:
BF1.1, the payee inputs the amount JR1 to be received on the consumption machine;
BF1.2, the read-write control module generates an optical random code GSJ1, and generates a collection request SKQQ1 containing a collection amount JR1, a consumer identity CID1 and an optical random code GSJ1 according to a collection amount JR1 input by BF 1.1; uploading a collection request SKQQ1 to a server through a communication module; generating and downloading a collection random code SKSJ1 by the server; and outputting a collection request SKQQ1 to a bar code display module; meanwhile, the collection random code SKSJ1 is output to the backlight module and is sent out in the form of visible light signals;
BF1.3, the bar code display module produces a bar code and displays according to the request SKQQ1 of gathering money, send out the random code SKSJ1 of gathering money with the form of visible light signal with the backlight module; and begins to wait for receipt of the payer's response; if the response from the payer is not received within a set waiting time, refreshing the bar code display module and waiting for the input of the next collection request;
BF2, the payer receives the payment request from the payee and makes a payment response according to the payment request, the process flow comprises the following steps:
BF2.1, the bar code scanning module for electronic wallet scans and discerns the bar code display module of the payee, receive the request SKQQ2 of gathering; receiving a collection random code SKSJ2 by using a wallet light receiving module;
BF2.2, the control module obtains the amount of money JR2 and the consumer identity CID2, the random code GSJ2 according to the request of receiving money SKQQ2, and checks through connecting the server:
1) checking the identity CID2 of the consumer, and determining whether the consumer with the identity CID2 is authorized and not listed in a blacklist;
2) checking whether the random collection code SKSJ1 downloaded by the server to the consumer is the same as the random collection code SKSJ2 received by the electronic wallet;
if at least one of the two checks fails, displaying the information that the server fails to pass the check on the display module; otherwise, if both verification tests are passed, displaying JR2, CID2 and payment prompt information on a display module, and waiting for confirmation of a payer; if the payer agrees to pay, inputting an order of agreeing to pay through the input module, and entering BF 2.3; if the payer inputs an instruction of not agreeing with the payment or whether the payer agrees within a certain set time, quitting the payment process;
BF2.3, after the electronic wallet obtains the order agreeing to pay, reveal the suggestion of inputting the password on the display module;
BF2.4, the user inputs the payment password by the input module according to the prompt of password input in BF 2.3;
BF2.5, the control module will input the payment password ZFMMM 2 that the module inputs, produce a data packet containing electronic wallet ID QID2, payment agree ZFMTY 2, amount of payment FKJR2, request for collecting SKQQ2, random code SKSJ2 and payment password ZFMMM 2, and output the data packet to the visible light emission module, send out the data packet in the form of visible light signal by the visible light emission module, and begin to wait for the response of the payee; if the response from the payee is not received within a set waiting time, ending the operation and quitting the payment process;
BF3, the payee issues a receipt of payment based on the payment response sent by the payer, the process flow includes the following steps:
BF3.1, the visible light receiving module of the consumption machine receives the visible light signal, and convert to the data packet, and then output to the read-write control module;
BF3.2, the read-write control module extracts the electronic wallet identity QID3, the collection request SKQQ3, the payment amount FKJR3, the payment agreement ZFTTY 3, the payment password ZFMM3 and the collection random code SKSJ3 from the data packet;
the extracted information is uploaded to the server through the communication module, and the server performs the following 6 verifications:
1) verifying whether the wallet identity QID3 is not blacklisted, and if the wallet identity QID3 is blacklisted, verifying that the wallet identity QID is not passed; otherwise, the verification is passed;
2) whether the received collection request SKQQ3 in the data packet is consistent with SKQQ1 sent by the collection party or not is judged, if so, the verification is passed; otherwise, the verification is failed;
3) whether the payment amount FKJR3 in the data packet of the payment response is consistent with the collection amount JR1 sent by the receiver or not, and if so, the verification is passed; otherwise, the verification is failed;
4) whether the payment password ZFMM3 is consistent with the identity stored on the server and is identified as a QID3 electronic wallet payment password or not; if the two are consistent, the verification is passed; otherwise, the verification is failed;
5) whether the payment amount FKJR3 is greater than the balance identified as QID3 electronic purse; if the balance is enough, the verification is passed; otherwise, if the balance is insufficient, the verification is not passed;
6) whether the collection random code SKSJ1 generated by the server is consistent with the collection random code SKSJ3 extracted from the data packet in BF3.2 or not is judged to be passed if the collection random code SKSJ1 is consistent with the collection random code SKSJ3 extracted from the data packet in BF 3.2; otherwise, the verification is failed;
when the 6 verification passes, the server returns a verification confirmation code YSQR3 to the consumer machine and enters BF3.3, otherwise, as long as at least one verification fails, the server returns information that the verification fails to pass to the consumer machine, the read-write control module sends prompt information that the verification fails to pass to the bar code display module, the bar code display module informs a user of a payee, and meanwhile, the operation is ended, and the payment process is quitted; when the balance is verified to be insufficient, prompting information of the insufficient balance is also prompted;
BF3.3, the read-write control module generates an acceptance information SLX3 and a light response random code GDSJ3 which comprise a collection amount JR1, a consumer identity CID1, an electronic wallet identity QID3, a payment agreement ZFTTY 3, a collection code SKM3 and a verification confirmation code YSQR3, and outputs the acceptance information SLX3 to the bar code display module;
BF3.4, the bar code display module produces a bar code and displays according to the acceptance information SLX3, and at the same time, and output the random code GDSJ3 of the light response to the backlight module, send out in the form of visible light signal; and starts to wait for receiving the response of the server; if the response from the server is not received within a set waiting time, refreshing the bar code display module, ending the process operation of the payment and quitting the payment process;
BF4, the payer receives the receipt information from the payee and makes a payment response based on the receipt information, the processing flow of the payer includes:
BF4.1, the bar code scanning module for electronic wallet scans and discerns the bar code display module of the payee, receive the acceptance information SLX 4; receiving the light response random code GDSJ4 by using a wallet light receiving module;
BF4.2, the control module obtains the amount of money JR4, the consumer identity CID4, the electronic wallet identity QID4, the payment agreement ZFTY4, the collection code SKM4 and the verification confirmation code YSQR4 according to the acceptance information SLX4, uploads the extracted information to the server through a data interface, and the server performs the following 5 verifications:
1) whether the collection amount JR2 agrees with the collection amount JR 4;
2) whether the consumer identity CID2 is consistent with CID 4;
3) whether the electronic wallet identity QID2 is consistent with QID 4;
4) whether the payment agreement ZFTY2 is consistent with the payment agreement ZFTY 4;
5) whether the verification confirmation code YSQR3 returned by the server received by the consumer machine is consistent with the verification confirmation code YSQR4 extracted by the electronic wallet from the received acceptance information SLX4 or not;
if the above 5 comparisons are respectively consistent, entering BF4.3 for passing verification; if the comparison is inconsistent, generating a verification failure message by the server to be sent to the electronic wallet and the consumption machine for verification failure if the comparison is inconsistent, BF 4.5; then the control module sends a prompt message that the verification fails to pass to the display module, the display module informs the payer, and meanwhile, the operation is finished, and the payment process is quitted;
BF4.3, the server updates the balance of the electronic wallet with the identity of QID4, and the time of the payment operation, the collection amount JR4, the identity of the consumer computer CID4, the payment code ZFM4, the collection code SKM4 and sends a collection completion code SKWC to the electronic wallet and the consumer computer;
BF4.4, the electronic wallet receives the finished code SKWC of gathering, send a prompt message of paying completion to the display module through the control module, display out in order to inform the paying party through the display module, finish the operation at the same time, withdraw from the payment process;
BF4.5, the electronic wallet receives the information that the verification fails, and then send a prompt message that the verification fails to pass to the display module by the control module, tell the payer through the display module, finish the operation at the same time, withdraw from the payment process;
BF5, the receiving party receives the information from the server, and the processing flow includes the following steps:
BF5.1, the consumption machine receives the finished code SKWC of gathering or verifies the information that fails, if receive the finished code SKWC of gathering, send a prompt message that pays and finishes to the display module of bar code through the read-write control module, display out in order to inform the payee through the display module of bar code, finish operating at the same time, withdraw from the payment process; if the information that the verification fails is received, a prompt message that the verification fails is sent to the bar code display module through the read-write control module, the prompt message is displayed through the bar code display module to inform a payee, meanwhile, the operation is finished, and the payment process is quitted;
(3) in the payment process, the data sent by the consumer machine is received from the electronic wallet, and the data sent by the electronic wallet is received from the consumer machine, so that the possibility that the data cannot be identified exists in the transceiving process, and therefore, in the payment process, for the data which cannot be identified and the situation that the data cannot be identified due to the fact that the data cannot be received, the device unilaterally ends the payment process after a set waiting time is overtime;
in the payment process, the data sent from the electronic wallet to the consumer machine and the data sent from the consumer machine to the electronic wallet may have risks of data loss, tampering and forgery in the transceiving process, so in the payment process, for each received key data, it is assumed that the currently received data is different from the data generated or received in the previous steps of the payment process, and comparison and verification are required, thereby ensuring the authenticity and integrity of the transceiving data.
CN201710066529.7A 2017-02-07 2017-02-07 Visible light and bar code CA authentication online payment method with hidden channel Active CN106845985B (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
CN201710066529.7A CN106845985B (en) 2017-02-07 2017-02-07 Visible light and bar code CA authentication online payment method with hidden channel

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
CN201710066529.7A CN106845985B (en) 2017-02-07 2017-02-07 Visible light and bar code CA authentication online payment method with hidden channel

Publications (2)

Publication Number Publication Date
CN106845985A CN106845985A (en) 2017-06-13
CN106845985B true CN106845985B (en) 2021-01-05

Family

ID=59122061

Family Applications (1)

Application Number Title Priority Date Filing Date
CN201710066529.7A Active CN106845985B (en) 2017-02-07 2017-02-07 Visible light and bar code CA authentication online payment method with hidden channel

Country Status (1)

Country Link
CN (1) CN106845985B (en)

Citations (5)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN103426221A (en) * 2013-09-09 2013-12-04 桂林理工大学 Bidirectional authentication type light-operated entrance guard method
CN103810590A (en) * 2013-09-10 2014-05-21 刘明晶 Payment system and method for controlling receiving side consumption by paying side
CN103812835A (en) * 2012-11-09 2014-05-21 深圳市华营数字商业有限公司 Public key algorithm based offline mode ID and transaction authentication method
CN103996116A (en) * 2014-04-21 2014-08-20 北京邮电大学 Mobile payment system and method based on visible light communication technology
CN106339868A (en) * 2016-08-26 2017-01-18 湖南金码智能设备制造有限公司 Off-line and on-line fused e-payment method and system

Family Cites Families (3)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US7890433B2 (en) * 2000-06-30 2011-02-15 Tara Chand Singhal Private and secure payment system
FR2974260B1 (en) * 2011-04-13 2013-09-06 Ingenico Sa MESSAGE MULTIPLEXING METHOD, DEVICE AND PROGRAM THEREOF
CN104008480B (en) * 2014-06-09 2018-12-18 深圳市博世知识产权运营有限公司 A kind of shopping checkout method based on visible light communication

Patent Citations (5)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN103812835A (en) * 2012-11-09 2014-05-21 深圳市华营数字商业有限公司 Public key algorithm based offline mode ID and transaction authentication method
CN103426221A (en) * 2013-09-09 2013-12-04 桂林理工大学 Bidirectional authentication type light-operated entrance guard method
CN103810590A (en) * 2013-09-10 2014-05-21 刘明晶 Payment system and method for controlling receiving side consumption by paying side
CN103996116A (en) * 2014-04-21 2014-08-20 北京邮电大学 Mobile payment system and method based on visible light communication technology
CN106339868A (en) * 2016-08-26 2017-01-18 湖南金码智能设备制造有限公司 Off-line and on-line fused e-payment method and system

Also Published As

Publication number Publication date
CN106845985A (en) 2017-06-13

Similar Documents

Publication Publication Date Title
US11915210B2 (en) Animated two-dimensional barcode checks
AU2016202504B2 (en) Methods, devices, and systems for secure provisioning, transmission, and authentication of payment data
CN106412041B (en) System for connecting mobile terminal with service providing equipment and service providing method
KR100366060B1 (en) Optical payment transceiver and system using the same
JP6467559B2 (en) Information processing system, information processing method, and information processing program
CN107430731A (en) More equipment transaction verifications
EP2521992A1 (en) System and method for performing a transaction responsive to a mobile device
CN106845997B (en) Double-random code visible light and bar code double-authentication offline payment method with hidden channel
CN106910069B (en) Offline payment method with visible light and bar code bidirectional authentication
CN106910068B (en) Multi-algorithm multi-key optical authentication offline payment method
CN106845985B (en) Visible light and bar code CA authentication online payment method with hidden channel
CN106875180B (en) Online payment method with visible light and bar code bidirectional authentication
CN106920095B (en) Optical authentication offline payment method with hidden message abstract
CN106910058B (en) Optical authentication rapid off-line payment method with hidden channel
CN106920093B (en) Visible light and bar code authentication online payment device with hidden channel
CN111489146A (en) NFC (near field communication) collection method and device and storage medium
CN106910067B (en) Optical authentication offline payment device with hidden message
CN106920094B (en) Online payment device with visible light and bar code bidirectional authentication
CN206541337U (en) A kind of on-line payment device with two-way authentication
CN106682904B (en) Off-line payment device with visible light and bar code bidirectional authentication
KR20140089733A (en) Method for Validating Alliance Application for Payment
CN112598413B (en) Transaction method, device, system, equipment and storage medium
CN207216684U (en) A kind of visible ray and bar code authentication on-line payment device
KR101165089B1 (en) Reserving apparatus for the change
KR20120115075A (en) Reserving apparatus for the change

Legal Events

Date Code Title Description
PB01 Publication
PB01 Publication
SE01 Entry into force of request for substantive examination
SE01 Entry into force of request for substantive examination
GR01 Patent grant
GR01 Patent grant
EE01 Entry into force of recordation of patent licensing contract

Application publication date: 20170613

Assignee: Guilin Chuangyuan Intelligent Technology Co.,Ltd.

Assignor: GUILIN University OF TECHNOLOGY

Contract record no.: X2022450000051

Denomination of invention: Visible light and barcode CA authentication online payment method with hidden channel

Granted publication date: 20210105

License type: Common License

Record date: 20221118

EE01 Entry into force of recordation of patent licensing contract