CN107423977A - The method of commerce and system of a kind of credit card - Google Patents
The method of commerce and system of a kind of credit card Download PDFInfo
- Publication number
- CN107423977A CN107423977A CN201710743858.0A CN201710743858A CN107423977A CN 107423977 A CN107423977 A CN 107423977A CN 201710743858 A CN201710743858 A CN 201710743858A CN 107423977 A CN107423977 A CN 107423977A
- Authority
- CN
- China
- Prior art keywords
- terminal
- signed
- credit card
- information
- sim card
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Pending
Links
Classifications
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06Q—INFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES, NOT OTHERWISE PROVIDED FOR
- G06Q20/00—Payment architectures, schemes or protocols
- G06Q20/30—Payment architectures, schemes or protocols characterised by the use of specific devices or networks
- G06Q20/34—Payment architectures, schemes or protocols characterised by the use of specific devices or networks using cards, e.g. integrated circuit [IC] cards or magnetic cards
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06Q—INFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES, NOT OTHERWISE PROVIDED FOR
- G06Q20/00—Payment architectures, schemes or protocols
- G06Q20/38—Payment protocols; Details thereof
- G06Q20/382—Payment protocols; Details thereof insuring higher security of transaction
- G06Q20/3825—Use of electronic signatures
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06Q—INFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES, NOT OTHERWISE PROVIDED FOR
- G06Q20/00—Payment architectures, schemes or protocols
- G06Q20/38—Payment protocols; Details thereof
- G06Q20/40—Authorisation, e.g. identification of payer or payee, verification of customer or shop credentials; Review and approval of payers, e.g. check credit lines or negative lists
- G06Q20/401—Transaction verification
- G06Q20/4014—Identity check for transactions
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04W—WIRELESS COMMUNICATION NETWORKS
- H04W4/00—Services specially adapted for wireless communication networks; Facilities therefor
- H04W4/12—Messaging; Mailboxes; Announcements
- H04W4/14—Short messaging services, e.g. short message services [SMS] or unstructured supplementary service data [USSD]
Landscapes
- Engineering & Computer Science (AREA)
- Business, Economics & Management (AREA)
- Accounting & Taxation (AREA)
- Physics & Mathematics (AREA)
- Theoretical Computer Science (AREA)
- General Physics & Mathematics (AREA)
- General Business, Economics & Management (AREA)
- Strategic Management (AREA)
- Computer Security & Cryptography (AREA)
- Finance (AREA)
- Computer Networks & Wireless Communication (AREA)
- Signal Processing (AREA)
- Microelectronics & Electronic Packaging (AREA)
- Financial Or Insurance-Related Operations Such As Payment And Settlement (AREA)
Abstract
The invention provides a kind of method of commerce of credit card and system, compared with prior art, in the bargain link of credit card, the present invention is not simply to add a certification link, but use Transaction Information and the twin-channel mode of authentication information, wherein, authentication information is confirmation message to be signed, the present invention improves the security of authentication data, Transaction Information can pass through phone, swiping card equipment, the various forms of terminal devices such as computer obtain and upload to credit card terminal, it is versatile and flexible that Transaction Information uploads channel, confirmation message to be signed is sent to certification terminal by credit card terminal in the form of short message, identifying procedure is only realized in certification terminal, the form avoids the possibility that Transaction Information is tampered, truly improve the security of credit card trade link, and portability is strong.
Description
Technical field
The present invention relates to field of information security technology, in particular, is related to the method for commerce and system of a kind of credit card.
Background technology
Credit card (English:Credit Card), it is called credit card.It is a kind of mode of non-cash transaction payment, with people
Consumption habit change, be gradually changed into anticipating type from savings type, credit card issued volume is increasing, per capita the amount of holding day
Benefit increases, and current personal consumption is greatly to complete to pay by credit card, and especially the consumption pattern occupies abroad
Leading, the amount of holding is 2.9 per capita in the U.S. according to statistics.
When current credit card is paid abroad, by terminal device manually or phonetic entry credit card account, effectively
Phase, credit card security code CVV codes, payment can be completed to merchandise, simple and fast, but thus also bring serious safety hidden
Suffer from, the key message (credit card account and CVV codes) that credit card is fixed is given by terminal webpage, brushing card device, phone transmission
During bank card center, hacker may get these information, and then cause stealing for key message, make card
The risk for being replicated and being finally stolen brush becomes big.
The content of the invention
In view of this, the present invention provides a kind of method of commerce and system of credit card, to solve the pass for fixing credit card
Key information (credit card account and CVV codes) by webpage, brushing card device, phone transmission to bank card center during,
Hacker may get these information, and then cause stealing for key message, be replicated card and be finally stolen the wind of brush
Danger becomes the problem of big.
In order to solve the above technical problems, present invention employs following technical scheme:
A kind of method of commerce of credit card, including:
Terminal device obtains Transaction Information, and Transaction Information is sent to credit card terminal;Wherein, the terminal device bag
Include brushing card device, phone, the first mobile phone or computer;
The credit card terminal generates confirmation message to be signed according to the Transaction Information, and by the confirmation to be signed
Message is sent by way of short message to certification terminal;Wherein, the certification terminal built-in SIM card, the SIM card is interior to have label
Name module;
SIM card in the certification terminal parses the confirmation message to be signed, obtains information to be signed, and whole in certification
The display interface at end shows the information to be signed;
When the SIM card in the certification terminal receives the confirmation instruction of user's input, the SIM in the certification terminal
Card performs credit card signature operation, obtains signing messages, and the signing messages is sent to the credit card terminal;
When the credit card terminal verify the signing messages it is legal when, the credit card terminal pays the transaction letter
Dealing money in breath is into the beneficiary account in the Transaction Information.
Preferably, the certification terminal includes the second mobile phone.
Preferably, the credit card terminal generates confirmation message to be signed according to the Transaction Information, including:
Being extracted from the Transaction Information needs user's confirmation;
Need user's confirmation to carry out format conversion by described, obtain the confirmation message to be signed.
Preferably, the SIM card in the certification terminal parses the confirmation message to be signed, obtains information to be signed, and
The information to be signed is shown in the display interface of certification terminal, including:
The confirmation message to be signed enters row format conversion by the SIM card, obtains meeting preset format requirement and waits to locate
Manage message;
The SIM card extracts the information to be signed from the clear text;
The SIM card is shown the information transfer to be signed to the display interface of certification terminal.
Preferably, when the SIM card in the certification terminal receives the confirmation instruction of user's input, the certification terminal
Interior SIM card performs credit card signature operation, obtains signing messages, including:
When the SIM card receives the confirmation instruction of user's input, the SIM card is breathed out to the information to be signed
Uncommon algorithm calculates, and obtains the first cryptographic Hash corresponding to the information to be signed;
The SIM card is according to the user's signature private key of the SIM card memory storage in the certification terminal, to first Hash
Value performs signature operation, obtains the signing messages.
Preferably, the legal process of the credit card terminal checking signing messages includes:
Receive the signing messages;
The public key stored according to the credit card terminal, signature inverse operation is performed to the signing messages, obtains the second Kazakhstan
Uncommon value;
The hash algorithm calculating is carried out to the confirmation message to be signed, obtains the 3rd cryptographic Hash;
When the 3rd cryptographic Hash is identical with second cryptographic Hash, determine that the signing messages is legal.
A kind of transaction system of credit card, including:
Terminal device, credit card terminal and certification terminal;
The terminal device, sent for obtaining Transaction Information, and by Transaction Information to credit card terminal;Wherein, it is described
Terminal device includes brushing card device, phone, the first mobile phone or computer;
The credit card terminal, for according to the Transaction Information, generating confirmation message to be signed, and will be described to be signed
Confirmation message is sent by way of short message to certification terminal, and when verify signing messages it is legal when, pay the transaction
Dealing money in information is into the beneficiary account in the Transaction Information;Wherein, the certification terminal built-in SIM card, SIM
There are signature blocks in card;
SIM card in the certification terminal, for parsing the confirmation message to be signed, obtain information to be signed, and
The display interface of certification terminal shows the information to be signed, and when receiving the confirmation instruction of user's input, performs letter
With card signature operation, signing messages is obtained, and the signing messages is sent to the credit card terminal.
Preferably, the SIM card in the certification terminal is used to parse the confirmation message to be signed, obtains letter to be signed
Breath, and when the display interface of certification terminal shows the information to be signed, be specifically used for:
The confirmation message to be signed is entered into row format conversion, obtains the clear text for meeting preset format requirement;
The information to be signed is extracted from the clear text;
The information transfer to be signed is shown to the display interface of certification terminal.
Preferably, the SIM card in the certification terminal is used to, when receiving the confirmation instruction of user's input, perform credit
Card signature operation, when obtaining signing messages, it is specifically used for:
When receiving the confirmation instruction of user's input, hash algorithm calculating is carried out to the information to be signed, obtains institute
State the first cryptographic Hash corresponding to information to be signed;
According to the user's signature private key of the SIM card memory storage in the certification terminal, label are performed to first cryptographic Hash
Name operation, obtains the signing messages.
Preferably, when the credit card terminal is used to verify that the signing messages is legal, it is specifically used for:
Receive the signing messages;
The public key stored according to the credit card terminal, signature inverse operation is performed to the signing messages, obtains the second Kazakhstan
Uncommon value;
The hash algorithm calculating is carried out to the confirmation message to be signed, obtains the 3rd cryptographic Hash;
When the 3rd cryptographic Hash is identical with second cryptographic Hash, determine that the signing messages is legal.
Compared to prior art, the invention has the advantages that:
The invention provides a kind of method of commerce of credit card and system, compared with prior art, in the transaction of credit card
In link, the present invention is not simply to add a certification link, but uses Transaction Information and authentication information twin-channel
Mode, wherein, authentication information is confirmation message to be signed, and the present invention improves the security of authentication data, and Transaction Information can lead to
Cross the various forms of terminal devices such as phone, swiping card equipment, computer to obtain and upload to credit card terminal, Transaction Information uploads canal
Road is versatile and flexible, and confirmation message to be signed is sent to certification terminal by credit card terminal in the form of short message, in certification terminal
Identifying procedure is only realized, the form avoids the possibility that Transaction Information is tampered, and truly improves credit card trade ring
The security of section, and portability is strong.
Brief description of the drawings
In order to illustrate more clearly about the embodiment of the present invention or technical scheme of the prior art, below will be to embodiment or existing
There is the required accompanying drawing used in technology description to be briefly described, it should be apparent that, drawings in the following description are only this
The embodiment of invention, for those of ordinary skill in the art, on the premise of not paying creative work, can also basis
The accompanying drawing of offer obtains other accompanying drawings.
Fig. 1 is a kind of method flow diagram of the method for commerce of credit card provided by the invention;
Fig. 2 is the structural representation of the transaction system of another credit card provided by the invention.
Embodiment
Below in conjunction with the accompanying drawing in the embodiment of the present invention, the technical scheme in the embodiment of the present invention is carried out clear, complete
Site preparation describes, it is clear that described embodiment is only part of the embodiment of the present invention, rather than whole embodiments.It is based on
Embodiment in the present invention, those of ordinary skill in the art are obtained every other under the premise of creative work is not made
Embodiment, belong to the scope of protection of the invention.
The embodiments of the invention provide a kind of method of commerce of credit card, reference picture 1, including:
S11, terminal device obtain Transaction Information, and Transaction Information are sent to credit card terminal;
Wherein, terminal device can be brushing card device, phone, the first mobile phone or apparatus such as computer.Transaction Information includes
Two parts, respectively card using information and Transaction Information.
Wherein, card using information includes credit cardholder's name, credit card, credit card effective period and credit card security
Code.Transaction Information includes the information related to transaction such as beneficiary information, transaction journal number and dealing money.
In addition, credit card terminal refers to credit card server.It is used for the server of the various items of managerial credit card.
S12, credit card terminal generate confirmation message to be signed, and confirmation message to be signed is passed through according to Transaction Information
The mode of short message is sent to certification terminal;
Wherein, certification terminal built-in SIM card, has signature blocks in SIM card, signature blocks include user's signature private key with
Certificate.Certification terminal can be mobile phone.
Mobile phone is existing common smart mobile phone, has display screen and button.The cell-phone number has only with cardholder
One incidence relation.
SIM card physical size is identical with existing SIM card, difference be SIM card not only with existing SIM card function but also
Internal safety chip storage user's signature private key and certificate, can be achieved encryption/decryption, the safe calculation function of signature/sign test.
SIM card realizes the company with credit card terminal by bluetooth, near field communication (NFC) NFC or 7816 protocol modes
Connect.
In addition, certification terminal can also be cloud shield.
Cloud shield is a kind of identification authentication system, is specifically included:Display screen, button, baseband chip, antenna, machine and machine
M2M modules, safety chip, specifically equivalent to one mobile phone, does not possess the function of making a phone call simply, can only receive and return credit
The authentication information of card terminal.
Safety chip storage inside has signature private key and certificate, and has safe calculation function, achievable encryption/decryption,
Signature/sign test.
Specifically, in the present embodiment, credit card terminal acquires the channel of Transaction Information to be received by communication protocol,
And credit card terminal send confirmation message to be signed to the channel of certification terminal be by short message, because the two channels are different,
The probability very little that two channels are controlled by hacker simultaneously, and then improve transaction security.
Such as:When terminal device is controlled by hacker and changes Transaction Information, be sent to the channel of certification terminal also not by
Hacker controls, now, as long as user can avoid this time operating without confirming.Set compared to terminal is only relied in the prior art
It is standby to be interacted with credit card terminal, improve reliability.
Optionally, on the basis of the present embodiment, credit card terminal generates confirmation message to be signed according to Transaction Information,
Including:
1) being extracted from Transaction Information needs user's confirmation;
Specifically, user's confirmation is needed to refer in this process of exchange, it is necessary to which the information that user confirms, needs user true
It can be the information such as dealing money, credit card, beneficiary information to recognize information.
2) user's confirmation will be needed to carry out format conversion, obtain confirmation message to be signed.
Specifically, credit card terminal has arranged default communication protocol with certification terminal.It can be transmission control protocol TCP etc.
Agreement.
User's confirmation will be needed to carry out format conversion, confirmation message to be signed is obtained, refer to that user's confirmation will be needed
Change into the confirmation message to be signed for meeting default communication protocol.
SIM card in S13, certification terminal parses confirmation message to be signed, obtains information to be signed, and in certification terminal
Display interface shows information to be signed;
Optionally, on the basis of the present embodiment, the SIM card in certification terminal parses confirmation message to be signed, is treated
Signing messages, and information to be signed is shown in the display interface of certification terminal, including:
1) confirmation message to be signed is entered row format conversion by SIM card, obtains the clear text for meeting preset format requirement;
Wherein, the form that preset format requirement can be supported for mobile phone.
2) SIM card extracts information to be signed from clear text.
Wherein, information to be signed is exactly the information for needing user to confirm and signing.
3) SIM card is shown display interface of the information transfer to be signed to certification terminal.
S14, when the SIM card in certification terminal receives the confirmation instruction of user's input, the SIM card in certification terminal is held
Row credit card signature operates, and obtains signing messages, and signing messages is sent to credit card terminal;
S15, when credit card terminal verify signing messages it is legal when, the trade gold in credit card terminal payment transaction information
In beneficiary account in volume to Transaction Information.
Specifically, when the public key matched with user's signature private key in SIM card that credit card terminal is stored using itself will connect
When the signing messages received is verified, it was demonstrated that the behavior of transferring accounts be cardholder accreditation behavior, credit card terminal branch
Pay in the beneficiary account in the dealing money to Transaction Information in Transaction Information.
Compared with prior art, in the bargain link of credit card, the present invention is not simply to add one to the present embodiment
Individual certification link, but Transaction Information and the twin-channel mode of authentication information are used, wherein, authentication information confirms to report to be to be signed
Text, the present invention improve the security of authentication data, and Transaction Information can be various forms of by phone, swiping card equipment, computer etc.
Terminal device obtains and uploads to credit card terminal, and Transaction Information upload channel is versatile and flexible, and credit card terminal is with the shape of short message
Confirmation message to be signed is sent to certification terminal by formula, and identifying procedure is only realized in certification terminal, and the form avoids transaction
The possibility that information is tampered, the security of credit card trade link is truly improved, and portability is strong.
In addition, in the present invention, using being provided with SIM mobile phone as certification terminal, it is not necessary to which extra carry individually is recognized
Demonstrate,prove equipment, it is only necessary to the SIM card with safety chip function is changed, further, it is also possible to be used as certification terminal using cloud shield.
Optionally, on the basis of above-described embodiment, the confirmation that user's input is received when the SIM card in certification terminal refers to
When making, the SIM card in certification terminal performs credit card signature operation, obtains signing messages, including:
1) when SIM card receives the confirmation instruction of user's input, information to be signed is carried out hash algorithm calculating by SIM card,
Obtain the first cryptographic Hash corresponding to information to be signed;
Wherein, the binary value of random length is mapped as the binary value of shorter regular length by hash algorithm, this
Small binary value is referred to as cryptographic Hash.Cryptographic Hash is the unique and extremely compact numerical value representation of one piece of data.If hash
One section of plaintext and even only changing a letter of the paragraph, subsequent Hash will all produce different values.Find hash
It is computationally impossible for two different inputs of same value, so the cryptographic Hash of data can be with inspection data
Integrality.It is generally used for quick lookup and AES.
2) SIM card performs signature according to the user's signature private key of the SIM card memory storage in certification terminal to the first cryptographic Hash
Operation, obtains signing messages.
Specifically, user's signature private key can be the user's signature private key of the safety chip storage in the SIM card of mobile phone,
It can be the user's signature private key of the safety chip storage in cloud shield.
In the present embodiment, hash algorithm calculating is carried out by information to be signed, obtains the first Kazakhstan corresponding to information to be signed
Uncommon value, and then signature operation can be performed to the first cryptographic Hash, obtain signing messages.
Optionally, on the basis of any of the above-described embodiment, the legal process of credit card terminal checking signing messages includes:
1) signing messages is received;
2) public key stored according to credit card terminal, signature inverse operation is performed to signing messages, obtains the second cryptographic Hash;
Wherein, signature operation and inverse operation inverse operation each other of signing.Second cryptographic Hash may be identical with the first cryptographic Hash,
May be different from the first cryptographic Hash.Specifically, when signing messages is during credit card terminal is transferred to, distorted by hacker or
Person is network reason, when only transmitting partial data, the first cryptographic Hash can be caused different from the second cryptographic Hash.In normal condition
Under, the first cryptographic Hash is identical with the second cryptographic Hash.
3) treat Signature Confirmation message and carry out hash algorithm calculating, obtain the 3rd cryptographic Hash;
4) when the 3rd cryptographic Hash is identical with the second cryptographic Hash, determine that signing messages is legal.
When the 3rd cryptographic Hash is identical with the second cryptographic Hash, illustrate to need user's confirmation in whole transmitting procedure not have
Have and changed, and illustrate that user agrees to this time merchandise.
In the present embodiment, the is obtained with analyzing confirmation message to be signed by verifying the second cryptographic Hash corresponding to signing messages
Whether three cryptographic Hash are identical, this time merchandised to judge whether user authorizes.
Optionally, a kind of transaction system of credit card is provided in another embodiment of the present invention, it is characterised in that bag
Include:
Terminal device 101, credit card terminal 102 and certification terminal 103;
Terminal device 101, sent for obtaining Transaction Information, and by Transaction Information to credit card terminal 102;Wherein, eventually
End equipment includes brushing card device, phone, the first mobile phone or computer;
Credit card terminal 102, for according to Transaction Information, generating confirmation message to be signed, and by confirmation message to be signed
Sent by way of short message to certification terminal 103, and when verify signing messages it is legal when, the friendship in payment transaction information
In beneficiary account in the easy amount of money to Transaction Information;Wherein, certification terminal built-in SIM card, SIM card is interior to have signature blocks;
SIM card in certification terminal 103, for parsing confirmation message to be signed, information to be signed is obtained, and it is whole in certification
The display interface at end shows information to be signed, and when receiving the confirmation instruction of user's input, performs credit card signature behaviour
Make, obtain signing messages, and signing messages is sent to credit card terminal 102.
Optionally, on the basis of the present embodiment, the SIM card in certification terminal is used to parse confirmation message to be signed, obtains
To information to be signed, and when the display interface of certification terminal shows information to be signed, it is specifically used for:
Confirmation message to be signed is entered into row format conversion, obtains the clear text for meeting preset format requirement;
Information to be signed is extracted from clear text.
Display interface of the information transfer to be signed to certification terminal is shown.
Optionally, on the basis of the present embodiment, credit card terminal is used for according to Transaction Information, generates confirmation report to be signed
Wen Shi, it is specifically used for:
Being extracted from Transaction Information needs user's confirmation;
User's confirmation will be needed to carry out format conversion, obtain confirmation message to be signed.
Compared with prior art, in the bargain link of credit card, the present invention is not simply to add one to the present embodiment
Individual certification link, but Transaction Information and the twin-channel mode of authentication information are used, wherein, authentication information confirms to report to be to be signed
Text, the present invention improve the security of authentication data, and Transaction Information can be various forms of by phone, swiping card equipment, computer etc.
Terminal device obtains and uploads to credit card terminal, and Transaction Information upload channel is versatile and flexible, and credit card terminal is with the shape of short message
Confirmation message to be signed is sent to certification terminal by formula, and identifying procedure is only realized in certification terminal, and the form avoids transaction
The possibility that information is tampered, the security of credit card trade link is truly improved, and portability is strong.
Optionally, on the basis of embodiment corresponding to above-mentioned transaction system, the SIM card in certification terminal 103 is used to work as
When receiving the confirmation instruction of user's input, credit card signature operation is performed, when obtaining signing messages, is specifically used for:
When receiving the confirmation instruction of user's input, treat signing messages and carry out hash algorithm calculating, obtain to be signed
First cryptographic Hash corresponding to information;
According to the user's signature private key of the SIM card memory storage in certification terminal, signature operation is performed to the first cryptographic Hash, obtained
To signing messages.
In the present embodiment, hash algorithm calculating is carried out by information to be signed, obtains the first Kazakhstan corresponding to information to be signed
Uncommon value, and then signature operation can be performed to the first cryptographic Hash, obtain signing messages.
Optionally, on the basis of embodiment corresponding to any of the above-described transaction system, credit card terminal, which is used to verify, signs
When information is legal, it is specifically used for:
Receive signing messages;
The public key stored according to credit card terminal, signature inverse operation is performed to signing messages, obtains the second cryptographic Hash;
Treat Signature Confirmation message and carry out hash algorithm calculating, obtain the 3rd cryptographic Hash;
When the 3rd cryptographic Hash is identical with the second cryptographic Hash, determine that signing messages is legal.
In the present embodiment, the is obtained with analyzing confirmation message to be signed by verifying the second cryptographic Hash corresponding to signing messages
Whether three cryptographic Hash are identical, this time merchandised to judge whether user authorizes.
The foregoing description of the disclosed embodiments, professional and technical personnel in the field are enable to realize or using the present invention.
A variety of modifications to these embodiments will be apparent for those skilled in the art, as defined herein
General Principle can be realized in other embodiments without departing from the spirit or scope of the present invention.Therefore, it is of the invention
The embodiments shown herein is not intended to be limited to, and is to fit to and principles disclosed herein and features of novelty phase one
The most wide scope caused.
Claims (10)
- A kind of 1. method of commerce of credit card, it is characterised in that including:Terminal device obtains Transaction Information, and Transaction Information is sent to credit card terminal;Wherein, the terminal device includes brush Card device, phone, the first mobile phone or computer;The credit card terminal generates confirmation message to be signed according to the Transaction Information, and by the confirmation message to be signed Sent by way of short message to certification terminal;Wherein, the certification terminal built-in SIM card, the SIM card is interior to have signature mould Block;SIM card in the certification terminal parses the confirmation message to be signed, obtains information to be signed, and in certification terminal Display interface shows the information to be signed;When the SIM card in the certification terminal receives the confirmation instruction of user's input, the SIM card in the certification terminal is held Row credit card signature operates, and obtains signing messages, and the signing messages is sent to the credit card terminal;When the credit card terminal verify the signing messages it is legal when, the credit card terminal is paid in the Transaction Information Dealing money into the beneficiary account in the Transaction Information.
- 2. method of commerce according to claim 1, it is characterised in that the certification terminal includes the second mobile phone.
- 3. method of commerce according to claim 1, it is characterised in that the credit card terminal according to the Transaction Information, Confirmation message to be signed is generated, including:Being extracted from the Transaction Information needs user's confirmation;Need user's confirmation to carry out format conversion by described, obtain the confirmation message to be signed.
- 4. method of commerce according to claim 1, it is characterised in that treated described in the SIM card parsing in the certification terminal Signature Confirmation message, information to be signed is obtained, and the information to be signed is shown in the display interface of certification terminal, including:The confirmation message to be signed is entered row format conversion by the SIM card, obtains the pending report for meeting preset format requirement Text;The SIM card extracts the information to be signed from the clear text;The SIM card is shown the information transfer to be signed to the display interface of certification terminal.
- 5. method of commerce according to claim 1, it is characterised in that when the SIM card in the certification terminal receives use During the confirmation instruction of family input, the SIM card in the certification terminal performs credit card signature operation, obtains signing messages, including:When the SIM card receives the confirmation instruction of user's input, the SIM card carries out Hash calculation to the information to be signed Method calculates, and obtains the first cryptographic Hash corresponding to the information to be signed;The SIM card is held according to the user's signature private key of the SIM card memory storage in the certification terminal to first cryptographic Hash Row signature operation, obtain the signing messages.
- 6. method of commerce according to claim 1, it is characterised in that the credit card terminal verifies that the signing messages closes The process of method includes:Receive the signing messages;The public key stored according to the credit card terminal, signature inverse operation is performed to the signing messages, obtains the second cryptographic Hash;The hash algorithm calculating is carried out to the confirmation message to be signed, obtains the 3rd cryptographic Hash;When the 3rd cryptographic Hash is identical with second cryptographic Hash, determine that the signing messages is legal.
- A kind of 7. transaction system of credit card, it is characterised in that including:Terminal device, credit card terminal and certification terminal;The terminal device, sent for obtaining Transaction Information, and by Transaction Information to credit card terminal;Wherein, the terminal Equipment includes brushing card device, phone, the first mobile phone or computer;The credit card terminal, for according to the Transaction Information, generating confirmation message to be signed, and by the confirmation to be signed Message is sent by way of short message to certification terminal, and when verify signing messages it is legal when, pay the Transaction Information In dealing money into the beneficiary account in the Transaction Information;Wherein, the certification terminal built-in SIM card, in SIM card With signature blocks;SIM card in the certification terminal, for parsing the confirmation message to be signed, information to be signed is obtained, and in certification The display interface of terminal shows the information to be signed, and when receiving the confirmation instruction of user's input, performs credit card Signature operation, signing messages is obtained, and the signing messages is sent to the credit card terminal.
- 8. transaction system according to claim 7, it is characterised in that the SIM card in the certification terminal is used to parse institute Confirmation message to be signed is stated, obtains information to be signed, and when the display interface of certification terminal shows the information to be signed, tool Body is used for:The confirmation message to be signed is entered into row format conversion, obtains the clear text for meeting preset format requirement;The information to be signed is extracted from the clear text;The information transfer to be signed is shown to the display interface of certification terminal.
- 9. transaction system according to claim 7, it is characterised in that the SIM card in the certification terminal is used for when reception When the confirmation inputted to user instructs, credit card signature operation is performed, when obtaining signing messages, is specifically used for:When receiving the confirmation instruction of user's input, hash algorithm calculating is carried out to the information to be signed, obtains described treat First cryptographic Hash corresponding to signing messages;According to the user's signature private key of the SIM card memory storage in the certification terminal, signature behaviour is performed to first cryptographic Hash Make, obtain the signing messages.
- 10. transaction system according to claim 7, it is characterised in that the credit card terminal is used to verify the signature When information is legal, it is specifically used for:Receive the signing messages;The public key stored according to the credit card terminal, signature inverse operation is performed to the signing messages, obtains the second cryptographic Hash;The hash algorithm calculating is carried out to the confirmation message to be signed, obtains the 3rd cryptographic Hash;When the 3rd cryptographic Hash is identical with second cryptographic Hash, determine that the signing messages is legal.
Priority Applications (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN201710743858.0A CN107423977A (en) | 2017-08-25 | 2017-08-25 | The method of commerce and system of a kind of credit card |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN201710743858.0A CN107423977A (en) | 2017-08-25 | 2017-08-25 | The method of commerce and system of a kind of credit card |
Publications (1)
| Publication Number | Publication Date |
|---|---|
| CN107423977A true CN107423977A (en) | 2017-12-01 |
Family
ID=60434411
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN201710743858.0A Pending CN107423977A (en) | 2017-08-25 | 2017-08-25 | The method of commerce and system of a kind of credit card |
Country Status (1)
| Country | Link |
|---|---|
| CN (1) | CN107423977A (en) |
Cited By (2)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN110945553A (en) * | 2018-06-07 | 2020-03-31 | 北京光合信诚科技有限公司 | Transaction method, hardware wallet and transaction equipment |
| EP3961462A1 (en) * | 2020-08-27 | 2022-03-02 | Fujitsu Limited | Communication program, communication device, communication method, user terminal and communication system |
Citations (1)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN101496044A (en) * | 2006-05-10 | 2009-07-29 | 环球Gpms公司 | Method and system for implementing confirmation business by using movable unit mode |
-
2017
- 2017-08-25 CN CN201710743858.0A patent/CN107423977A/en active Pending
Patent Citations (1)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN101496044A (en) * | 2006-05-10 | 2009-07-29 | 环球Gpms公司 | Method and system for implementing confirmation business by using movable unit mode |
Non-Patent Citations (2)
| Title |
|---|
| 杨颖: "移动身份认证服务系统在NFC手机支付中的研究", 《中国优秀硕士学位论文全文数据库-信息科技辑》 * |
| 王建: "基于移动签名的电子支付系统的研究与实现", 《中国优秀硕士学位论文全文数据库-信息科技辑》 * |
Cited By (3)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN110945553A (en) * | 2018-06-07 | 2020-03-31 | 北京光合信诚科技有限公司 | Transaction method, hardware wallet and transaction equipment |
| EP3961462A1 (en) * | 2020-08-27 | 2022-03-02 | Fujitsu Limited | Communication program, communication device, communication method, user terminal and communication system |
| US11645420B2 (en) | 2020-08-27 | 2023-05-09 | Fujitsu Limited | Non-transitory computer-readable storage medium and communication device |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| US11488151B2 (en) | Methods and devices for conducting payment transactions | |
| CN107077670B (en) | Method and apparatus for transmitting and processing transaction message, computer readable storage medium | |
| KR101579214B1 (en) | Method of performing a financial transaction via unsecured public telecommunication infrastructure and an apparatus for same | |
| CN105308898B (en) | For executing system, the method and apparatus of password authentification | |
| CN104240074B (en) | The online payment system of prepaid card and its method of payment of identity-based certification | |
| CN104380777A (en) | Systems and methods for enabling secure transactions with mobile devices | |
| CN104408620B (en) | A kind of safe NFC payment and system | |
| JP2007226810A (en) | System and method for facilitating transaction over communication network | |
| JP6032626B2 (en) | Authentication method using NFC authentication card | |
| CN103747012A (en) | Security verification method, device and system of network transaction | |
| WO2014111888A1 (en) | Mobile payment system | |
| CN103400265A (en) | Quick payment method and system based on position information | |
| CN101790166A (en) | Digital signing method based on mobile phone intelligent card | |
| US20160210612A1 (en) | Rapid in Person Transactions Via Mobile Device | |
| CN104182875A (en) | Payment method and payment system | |
| CN104243162B (en) | A kind of information interacting method, system and intelligent cipher key equipment | |
| JP6845853B2 (en) | Systems and methods for self-calculating token vaults | |
| CN106355385B (en) | The novel two dimensional code method of payment for electronic scale | |
| CN104240077B (en) | A kind of coding encrypting device based on short-distance wireless communication technology | |
| CN107423977A (en) | The method of commerce and system of a kind of credit card | |
| TW201717081A (en) | Method for confirming on-line transaction security by means of mobile phone and system thereof | |
| CN105160531B (en) | Transaction data processing method and processing device | |
| US20130232084A1 (en) | Mobile Financial Transaction System and Method | |
| US20170024729A1 (en) | Secure Transmission of Payment Credentials | |
| KR101805813B1 (en) | a integrated payment service assistance apparatus |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| PB01 | Publication | ||
| PB01 | Publication | ||
| SE01 | Entry into force of request for substantive examination | ||
| RJ01 | Rejection of invention patent application after publication | ||
| RJ01 | Rejection of invention patent application after publication |
Application publication date: 20171201 |