CN107464105A - Device pays interactive authentication method and its system - Google Patents
Device pays interactive authentication method and its system Download PDFInfo
- Publication number
- CN107464105A CN107464105A CN201710831730.XA CN201710831730A CN107464105A CN 107464105 A CN107464105 A CN 107464105A CN 201710831730 A CN201710831730 A CN 201710831730A CN 107464105 A CN107464105 A CN 107464105A
- Authority
- CN
- China
- Prior art keywords
- authentication
- private key
- message
- transaction information
- encrypted
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Pending
Links
Classifications
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06Q—INFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES, NOT OTHERWISE PROVIDED FOR
- G06Q20/00—Payment architectures, schemes or protocols
- G06Q20/08—Payment architectures
- G06Q20/085—Payment architectures involving remote charge determination or related payment systems
- G06Q20/0855—Payment architectures involving remote charge determination or related payment systems involving a third party
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06Q—INFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES, NOT OTHERWISE PROVIDED FOR
- G06Q20/00—Payment architectures, schemes or protocols
- G06Q20/38—Payment protocols; Details thereof
- G06Q20/382—Payment protocols; Details thereof insuring higher security of transaction
- G06Q20/3821—Electronic credentials
- G06Q20/38215—Use of certificates or encrypted proofs of transaction rights
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06Q—INFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES, NOT OTHERWISE PROVIDED FOR
- G06Q20/00—Payment architectures, schemes or protocols
- G06Q20/38—Payment protocols; Details thereof
- G06Q20/40—Authorisation, e.g. identification of payer or payee, verification of customer or shop credentials; Review and approval of payers, e.g. check credit lines or negative lists
- G06Q20/401—Transaction verification
Landscapes
- Business, Economics & Management (AREA)
- Accounting & Taxation (AREA)
- Engineering & Computer Science (AREA)
- Finance (AREA)
- Strategic Management (AREA)
- Physics & Mathematics (AREA)
- General Business, Economics & Management (AREA)
- General Physics & Mathematics (AREA)
- Theoretical Computer Science (AREA)
- Computer Security & Cryptography (AREA)
- Financial Or Insurance-Related Operations Such As Payment And Settlement (AREA)
Abstract
The present invention is that device pays interactive authentication method and its system, including:By authentication device obtain and analyze the first Transaction Information and the second Transaction Information after, output the first encrypted transaction message and second service private key to second device, and export the second encrypted transaction message and first service private key to first device;Second encrypted transaction message is exported to second device by first device, and the first encrypted transaction message is exported to first device by second device;The first encrypted transaction message is decrypted using first service private key by first device, and the second encrypted transaction message is decrypted using second service private key by second device;When authentication device confirms that the first decrypted transaction information is consistent with the first Transaction Information, and the second decrypted transaction information is consistent with the second Transaction Information, judge that first device is set up with second device interactive authentication;And after first device and second device interactive authentication are set up, delivery operation is completed by cash flow system helps first device.
Description
Technical field
The present invention relates to communication technique field, and in particular to a kind of device pays interactive authentication method and its system.
Background technology
With the fast development of internet and mobile phone popularity rate more and more higher, increasing people is carried out using online transaction
Pay.Traditional means of payment, it is the transaction by third-party platform, after buyer's free choice of goods, is provided using third-party platform
Account carry out payment for goods payment, after third-party platform receives customer payment information, notify that payment for goods is to account by seller, and require seller
Delivered;Buyer receives and after item inspecting, notifies third-party platform.Third-party platform pays seller.Third-party payment
The appearance of platform, theoretically, the fraud in electronic transaction is thoroughly prevented.
By taking conventional transaction pattern as an example:1. client is in the e-commerce website free choice of goods, final decision purchase, both parties
Reach purchase intention;2. money is drawn by the use of third-party platform as transaction, client and arrives third-party platform by customer selecting with Payment Card
Account;3. the message informing businessman that third-party platform has paid the bill client as authenticating party, and require businessman when defined
Interior delivery;Delivered after 4. businessman is notified according to order;5. client receives goods and notifies third-party platform after verifying;6.
Payment for goods in its account is included in Merchant Account by third-party platform, completes transaction.But under such a trade mode, money needs
Third-party platform is reached, fund can be detained at Third-party payment service provider, that is, so-called financing deposition occur.
The content of the invention
The shortcomings that for above-mentioned prior art, the present invention provide a kind of device and pay interactive authentication method and its system, lead to
The device that interactive authentication is crossed to confirm to be connected with each other is communication device trusty, after certification is set up, by Third Party Authentication device
Confirm transaction payment path, delivery operation is quickly performed by cash flow system helps first device.
The purpose of the present invention can use following technical scheme to realize with solving its technical problem.
A kind of device proposed by the present invention pays interactive authentication method, comprises the following steps:Obtained by an authentication device
And after one first Transaction Information of first device offer and one second Transaction Information of second device offer are provided, output one
First encrypted transaction message and a second service private key export one second encrypted transaction message and one the to the second device
One services private key to the first device;Second encrypted transaction message is exported to the second device by the first device,
And first encrypted transaction message is exported to the first device by the second device;Utilized by the first device
After first encrypted transaction message that the first service private key is provided the second device is decrypted, output one first
Decrypted transaction information is to the authentication device;And filled by the second device using the second service private key to described first
Put offer second encrypted transaction message be decrypted after, one second decrypted transaction information of output is to the authentication device;
When the authentication device confirms that the first decrypted transaction information for receiving is consistent with first Transaction Information, and described second
When decrypted transaction information is consistent with second Transaction Information, judge the first device and the second device interactive authentication into
It is vertical;And after the first device and the second device interactive authentication are set up, pass through described in a cash flow system helps the
One device completes delivery operation.
Wherein, in addition to:The first service private key is produced with the second service private key by the authentication device, or
There is provided by the network equipment being connected;The authentication device is added using the first service private key to first Transaction Information
First encrypted transaction message is obtained after close, and is obtained after being encrypted using the second service private key to second Transaction Information
To second encrypted transaction message;Wherein, the first device to the authentication device register when, the authentication device produces
The first service private key;The second device to the authentication device register when, the authentication device produces second clothes
Business private key.
Wherein, in addition to:The first device initiates a purchase request, when the purchase request that the first device is sent
During information to the authentication device, the authentication device judges the purchase request according to a log-on message of the first device
Whether information is correct;When judging that the purchase solicited message is correct, the first device is handed over the second device
Mutual certification;Or
The first device initiates the purchase request, when the purchase solicited message that the first device is sent to described the
During two devices, the second device judges the purchase by the log-on message of the authentication device according to the first device
Whether correct buy solicited message;When the second device judge it is described purchase solicited message it is correct when, the first device with
The second device interacts certification.
Wherein, in addition to:When the first device is registered to the authentication device, the authentication device utilizes institute
The identification information and the first service private key for stating first device obtain the log-on message.
The purpose of the present invention can also further be realized with solving its technical problem using following technical measures.
Mutual authentication system is paid according to a kind of device proposed by the present invention, including:One first device, including one first friendship
Easy information, and one second encrypted transaction message and a first service private key that an authentication device provides are received, and export described the
Two encrypted transaction messages a to second device;And one first provided using the first service private key the second device
After encrypted transaction message is decrypted, one first decrypted transaction information of output to the authentication device;The second device, connection
The first device, including one second Transaction Information, and receive first encrypted transaction message that the authentication device provides
With a second service private key, and output first encrypted transaction message is to the first device;And utilize the described second clothes
After second encrypted transaction message that business private key is provided the first device is decrypted, output one second decrypted transaction letter
Cease to the authentication device;The authentication device, the first device and the second device are connected respectively, obtain and analyze institute
The first Transaction Information is stated with after second Transaction Information, exporting first encrypted transaction message and the second service private key
To the second device, and export second encrypted transaction message and the first service private key to the first device;With
And work as and confirm that the first decrypted transaction information of reception is consistent with first Transaction Information, and second decrypted transaction is believed
When breath is consistent with second Transaction Information, judge that the first device is set up with the second device interactive authentication;And one
Cash streaming system, the second device is connected, after the first device and the second device interactive authentication are set up, assist institute
State first device and complete delivery operation.
Wherein, in addition to:The first service private key is produced with the second service private key by the authentication device, or
There is provided by the network equipment being connected;Wherein, the first device to the authentication device register when, authentication device production
The raw first service private key;The second device to the authentication device register when, the authentication device produces described second
Service private key.
Wherein, in addition to:After the authentication device is encrypted using the first service private key to first Transaction Information
First encrypted transaction message is obtained, and institute is obtained after being encrypted using the second service private key to second Transaction Information
State the second encrypted transaction message.
Wherein, in addition to:The first device initiates a purchase request, when the purchase request that the first device is sent
During information to the authentication device, the authentication device judges the purchase request according to a log-on message of the first device
Whether information is correct;When judging that the purchase solicited message is correct, the first device is handed over the second device
Mutual certification;Or
The first device initiates the purchase request, when the purchase solicited message that the first device is sent to described the
During two devices, the second device judges the purchase by the log-on message of the authentication device according to the first device
Whether correct buy solicited message;When the second device judge it is described purchase solicited message it is correct when, the first device with
The second device interacts certification.
Wherein, in addition to:When the first device is registered to the authentication device, the authentication device utilizes institute
The identification information and the first service private key for stating first device obtain the log-on message.
According to a kind of authentication device proposed by the present invention, the authentication device connects a first device and one second dress respectively
Put, including:One acquisition module, to obtain and analyze one first Transaction Information and the described second dress that the first device provides
One second Transaction Information of offer is provided;And obtain the first device and the second device is provided using a first service private key
One first encrypted transaction message be decrypted after one first decrypted transaction information, and obtain the second device and utilize one
One second encrypted transaction message that second service private key is provided the first device be decrypted after one second decrypted transaction
Information;One output module, first encrypted transaction message and the second service private key to the second device are exported, and it is defeated
Go out second encrypted transaction message and the first service private key to the first device;One judge module, when confirmation receives
The first decrypted transaction information it is consistent with first Transaction Information, and the second decrypted transaction information and described second
When Transaction Information is consistent, judge that the first device is set up with the second device interactive authentication.
Wherein, in addition to:One info conversion module, first Transaction Information is encrypted using the first service private key
After obtain first encrypted transaction message, and obtained after being encrypted using the second service private key to second Transaction Information
Second encrypted transaction message.
By above technical scheme and measure, the first device and second device interactive authentication establishment are being judged
Afterwards, transaction payment path is confirmed by Third Party Authentication device, payment behaviour is quickly performed by cash flow system helps first device
Make.The invention has the characteristics that:
A. independent authentication.Such practice is that authentication mechanism is independent, it is not merged operation with cash streaming system, avoids recognizing
Card arbitration and cash flow operation are all same unit or the same group organisation operations;
B. it is easy to use.For disburser, what is faced is friendly interface, it is not necessary to considers the technical operating procedure of behind;
C. security.Credit card information or accounts information only need to tell payment platform, without telling each payee, reduce
The risk that credit card information and accounts information are given away secrets.Other external devices can not find out rule from the certification between user and businessman
Rule.Because certification end is only provided by the converted encryption data of certification initial data;
Though it is to use both devices interactive authentication that d. this case, which is taken off, the key information of verification process demand is filled through certification mostly
Put and give, be not that both devices are given, be on the premise of absolute confidence is appointed in authentication device, further maintenance certification is protected
Close security;
E. quickly account is arrived.When both-end certification is assisted to complete in certification end, you can assert between user's set and merchant platform it is high
The both sides trusted each other are spent, therefore during client's purchase, the rear end i.e. rapid certification of meeting to enter cash flow operation, deducts department of banking
The clearing time of system, in time to account;
F. payment cost is low, and payment platform has concentrated substantial amounts of electronics penny ante, forms scale effect.Payment platform collects phase
To payment procedure expense.
Brief description of the drawings
Figure 1A to 1F is the information processing configuration diagram that a kind of device proposed by the present invention pays mutual authentication system.
Fig. 2 is the schematic flow sheet that a kind of device proposed by the present invention pays interactive authentication method.
Fig. 3 is the module diagram of authentication device in one embodiment of the invention.
Embodiment
Further to illustrate that a kind of device of the present invention pays interactive authentication method and its system to reach predetermined invention mesh
The technological means taken and its effect of reach, below in conjunction with accompanying drawing and preferred embodiment, to according to proposed by the present invention
Device pays embodiment, structure, feature and its effect of interactive authentication method and its system, is described in detail.
Figure 1A to 1F is refer to, it pays the information processing framework of mutual authentication system for a kind of device proposed by the present invention
Schematic diagram.
In Figure 1A into 1F, a kind of device proposed by the present invention pays mutual authentication system, including;One first device 110,
Including one first Transaction Information A, and receive one second encrypted transaction message B1 and a first service that an authentication device 130 provides
Private key Ka, and the second encrypted transaction message B1 is exported to a second device 120;And utilize the first service private key Ka
After the one first encrypted transaction message A1 provided the second device 120 is decrypted, one first decrypted transaction information is exported
A2 is to the authentication device 130;The second device 120, the first device 110, including one second Transaction Information B are connected,
And the first encrypted transaction message A1 and a second service private key Kb that the authentication device 130 provides are received, and output institute
The first encrypted transaction message A1 is stated to the first device 110;And filled using the second service private key Kb to described first
Put 110 offers the second encrypted transaction message B1 be decrypted after, output one second decrypted transaction information B2 recognize to described
Card device 130;The authentication device 130, the first device 110 and the second device 120 are connected respectively, obtains and analyzes
After the first Transaction Information A and the second Transaction Information B, the first encrypted transaction message A1 and the described second clothes are exported
Private key Kb be engaged in the second device 120, and exports the second encrypted transaction message B1 and first service private key Ka extremely
The first device 110;And as the first decrypted transaction information A2 for confirming to receive and the first Transaction Information A mono-
Cause, and when the second decrypted transaction information B2 is consistent with the second Transaction Information B, judge the first device 110 and institute
State the establishment of the interactive authentication of second device 120;And a cash streaming system 140, the second device 120 is connected, described first
After device 110 is set up with the interactive authentication of second device 120, the first device 110 is assisted to complete delivery operation.
In one embodiment, in addition to:The first service private key Ka and second service private key Kb is by the certification
Device 130 is produced, or the network equipment by being connected is provided;Wherein, the first device 110 is to the authentication device
During 130 registration, the authentication device 130 produces the first service private key Ka;The second device 120 is to the authentication device
During 130 registration, the authentication device produces the second service private key Kb.
In one embodiment, in addition to:The authentication device 130 is handed over described first using the first service private key Ka
The first encrypted transaction message A1 is obtained after easy information A encryptions, and is handed over using the second service private key Kb described second
The second encrypted transaction message B1 is obtained after easy information B encryptions.
In one embodiment, in addition to:The first device 110 initiates a purchase request, when the first device 110 is sent out
Send one purchase solicited message to the authentication device 130 when, the authentication device 130 according to the first device 110 one
Log-on message judges whether the purchase solicited message is correct;When judging that the purchase solicited message is correct, described first
Device 110 interacts certification with the second device 120;Or
The first device 110 initiate it is described purchase request, when the first device 110 send the purchase solicited message extremely
During the second device 120, the second device 120 is by the authentication device 130 according to described in the first device 110
Log-on message judges whether the purchase solicited message is correct;When the second device 120 judges the purchase solicited message
When correct, the first device 110 interacts certification with the second device 120.
In one embodiment, in addition to:It is described when the first device 110 is registered to the authentication device 130
Authentication device 130 obtains the registration with the first service private key Ka using an identification information of the first device 110 and believed
Breath.
Specifically, promoter of the first device 110 as purchase request.And first device 110 is registered to authentication device 130
Afterwards, authentication device 130 can utilize the identification information and first service private key Ka of first device 110, calculate corresponding first device
110 log-on message.Calculating formula is as follows:
α i=h (Ka | | IDi);Wherein, IDi is identification information, and Ka is first service private key, and α i are log-on message.First service
Private key Ka is voluntarily produced by authentication device 130, by associateds such as other servomechanism installations being connected or service units
Network equipment is provided.
The promoter that first device 110 is asked for purchase in this embodiment.Authentication device 130 is obtaining purchase solicited message
When, it can buy whether solicited message is correct according to the log-on message of first device 110 to judge this.For example, confirm identification letter
ID i presence or absence is ceased to judge whether first device 110 is registeredAnd for example, the first encryption corresponding to the first Transaction Information A is taken
Transaction Information A1, attempt to decrypt the first encrypted transaction message A1 with first service private key Ka, judging whether can successful decryptionThereby
Judge the correctness of purchase solicited message.When authentication device 130 confirms that first device 110 is registered, that is, think purchase request
Information is correct information.So far purchase request is initiated operation and completed.The first device 110 is carried out with the second device 120
Interactive authentication;After certification is set up, transaction payment path is confirmed by authentication device 130, the first dress is assisted by cash streaming system 140
Put 110 quick execution delivery operations.In addition, cash streaming system 140 includes banking system.
Fig. 2 is refer to, the schematic flow sheet of interactive authentication method is paid for a kind of device proposed by the present invention.It please coordinate ginseng
According to Figure 1A to 1F.Comprise the following steps:
Step S210:By authentication device obtain and analyze the first Transaction Information and the second Transaction Information after, output first
Encrypted transaction message and second service private key export the second encrypted transaction message and first service private key to the to second device
One device;Wherein, the first Transaction Information is provided by first device, the second Transaction Information is provided by second device.Such as Figure 1A to figure
Shown in 1B.
Step S220:Second encrypted transaction message is exported to second device by first device, and it is defeated by second device
Go out the first encrypted transaction message to first device;As shown in Figure 1 C.
Step S230A:It is defeated after the first encrypted transaction message is decrypted using first service private key by first device
Go out the first decrypted transaction information to authentication device;Wherein, first encrypted transaction message is provided by the second device.Such as figure
Shown in 1D.
Step S230B:It is defeated after the second encrypted transaction message is decrypted using second service private key by second device
Go out the second decrypted transaction information to authentication device;Wherein, second encrypted transaction message is provided by the first device.Such as figure
Shown in 1D.
Step S240:When authentication device confirms that the first decrypted transaction information for receiving is consistent with the first Transaction Information, and the
When two decrypted transaction information are consistent with the second Transaction Information, judge that first device is set up with second device interactive authentication.Such as Fig. 1 E
It is shown.
Step S250:After the first device and the second device interactive authentication are set up, pass through a cash streaming system
The first device is assisted to complete delivery operation.As shown in fig. 1F.
In one embodiment, in addition to:The first service private key Ka and second service private key Kb is by the certification
Device 130 is produced, or the network equipment by being connected is provided;Wherein, the first device 110 is to the authentication device
During 130 registration, the authentication device 130 produces the first service private key Ka;The second device 120 is to the authentication device
During 130 registration, the authentication device produces the second service private key Kb.
In one embodiment, in addition to:The authentication device 130 is handed over described first using the first service private key Ka
The first encrypted transaction message A1 is obtained after easy information A encryptions, and is handed over using the second service private key Kb described second
The second encrypted transaction message B1 is obtained after easy information B encryptions.
In one embodiment, in addition to:The first device 110 initiates a purchase request, when the first device 110 is sent out
Send one purchase solicited message to the authentication device 130 when, the authentication device 130 according to the first device 110 one
Log-on message judges whether the purchase solicited message is correct;When judging that the purchase solicited message is correct, described first
Device 110 interacts certification with the second device 120;Or
The first device 110 initiate it is described purchase request, when the first device 110 send the purchase solicited message extremely
During the second device 120, the second device 120 is by the authentication device 130 according to described in the first device 110
Log-on message judges whether the purchase solicited message is correct;When the second device 120 judges the purchase solicited message
When correct, the first device 110 interacts certification with the second device 120.
In one embodiment, in addition to:It is described when the first device 110 is registered to the authentication device 130
Authentication device 130 obtains the registration with the first service private key Ka using an identification information of the first device 110 and believed
Breath.
Specifically, promoter of the first device 110 as purchase request.And first device 110 is registered to authentication device 130
Afterwards, authentication device 130 can utilize the identification information and first service private key Ka of first device 110, calculate corresponding first device
110 log-on message.Calculating formula is as follows:
α i=h (Ka | | IDi);Wherein, IDi is identification information, and Ka is first service private key, and α i are log-on message.First service
Private key Ka is voluntarily produced by authentication device 130, by associateds such as other servomechanism installations being connected or service units
Network equipment is provided.
The promoter that first device 110 is asked for purchase in this embodiment.Authentication device 130 is obtaining purchase solicited message
When, it can buy whether solicited message is correct according to the log-on message of first device 110 to judge this.For example, confirm identification letter
ID i presence or absence is ceased to judge whether first device 110 is registeredAnd for example, the first encryption corresponding to the first Transaction Information A is taken
Transaction Information A1, attempt to decrypt the first encrypted transaction message A1 with first service private key Ka, judging whether can successful decryptionThereby
Judge the correctness of purchase solicited message.When authentication device 130 confirms that first device 110 is registered, that is, think purchase request
Information is correct information.So far purchase request is initiated operation and completed.The first device 110 is carried out with the second device 120
Interactive authentication;After certification is set up, transaction payment path is confirmed by authentication device 130, the first dress is assisted by cash streaming system 140
Put 110 quick execution delivery operations.In addition, cash streaming system 140 includes banking system.
Fig. 3 is refer to, is the module diagram of authentication device in one embodiment of the invention.It please coordinate reference picture 1A to 1F.
In figure 3, a kind of authentication device proposed by the present invention, the authentication device 130 connect a first device 110 respectively
With a second device 120, including:One acquisition module 131, to obtain and analyze the one first of the offer of first device 110
One second Transaction Information that Transaction Information provides with the second device 120;And obtain the first device 110 and utilize one first
One first decrypted transaction after one first encrypted transaction message that the second device 120 provides is decrypted service private key is believed
Breath, and obtain one second encryption that the second device 120 is provided the first device 110 using a second service private key
Transaction Information be decrypted after one second decrypted transaction information;One output module 132, export first encrypted transaction message
With the second service private key to the second device 120, and second encrypted transaction message and the first service are exported
Private key is to the first device 110;One judge module 133, when the first decrypted transaction information for confirming to receive and described the
One Transaction Information is consistent, and when the second decrypted transaction information is consistent with second Transaction Information, judges first dress
110 are put to set up with the interactive authentication of second device 120.
In one embodiment, in addition to:After the first device and the second device interactive authentication are set up, pass through one
First device described in cash flow system helps completes delivery operation.
In one embodiment, in addition to:One info conversion module, merchandised using the first service private key to described first
First encrypted transaction message is obtained after information encryption, and second Transaction Information is added using the second service private key
Second encrypted transaction message is obtained after close.
The above described is only a preferred embodiment of the present invention, any formal limitation not is made to the present invention, though
So the present invention is disclosed above with preferred embodiment, but is not limited to the present invention, any to be familiar with this professional technology people
Member, without departing from the scope of the present invention, when the technology contents using the disclosure above make a little change or modification
For the equivalent embodiment of equivalent variations, as long as being the content without departing from technical solution of the present invention, the technical spirit according to the present invention
Any simple modification and the equivalent variations and modification made to above example, still fall within the scope of technical solution of the present invention
It is interior.
Claims (10)
1. a kind of device pays interactive authentication method, it is characterised in that comprises the following steps:
Obtained by an authentication device and one first Transaction Information and a second device offer of first device offer are provided
After one second Transaction Information, one first encrypted transaction message and a second service private key are exported to the second device, and export
One second encrypted transaction message and a first service private key are to the first device;
The second encrypted transaction message is exported by the first device to export to the second device, and by the second device
First encrypted transaction message is to the first device;
The the first encryption transaction provided by the first device using the first service private key the second device
After information is decrypted, one first decrypted transaction information of output to the authentication device;And institute is utilized by the second device
State after second encrypted transaction message that second service private key is provided the first device is decrypted, the solution of output one second
Close Transaction Information is to the authentication device;
When the authentication device confirms that the first decrypted transaction information of reception and first Transaction Information are consistent and described
When second decrypted transaction information is consistent with second Transaction Information, judges that the first device interacts with the second device and recognize
Card is set up;And
After the first device and the second device interactive authentication are set up, pass through the first dress described in a cash flow system helps
Put and complete delivery operation.
2. device according to claim 1 pays interactive authentication method, it is characterised in that also includes:
The first service private key is produced with the second service private key by the authentication device, or the dress of the network by being connected
Put and provided;The authentication device obtains described first after being encrypted using the first service private key to first Transaction Information
Encrypted transaction message, and second encryption is obtained after being encrypted using the second service private key to second Transaction Information and is handed over
Easy information;
Wherein, the first device to the authentication device register when, the authentication device produces the first service private key;Institute
State second device to the authentication device register when, the authentication device produces the second service private key.
3. device according to claim 1 pays interactive authentication method, it is characterised in that also includes:
The first device initiates a purchase request, when purchase solicited message to the certification that the first device is sent fills
When putting, the authentication device judges whether the purchase solicited message is correct according to a log-on message of the first device;When
When judging that the purchase solicited message is correct, the first device interacts certification with the second device;Or
The first device initiates the purchase request, when the purchase solicited message that the first device is sent to described the
During two devices, the second device judges the purchase by the log-on message of the authentication device according to the first device
Whether correct buy solicited message;When the second device judge it is described purchase solicited message it is correct when, the first device with
The second device interacts certification.
4. device according to claim 3 pays interactive authentication method, it is characterised in that also includes:
When the first device is registered to the authentication device, the authentication device utilizes a knowledge of the first device
Other information obtains the log-on message with the first service private key.
5. a kind of device pays mutual authentication system, it is characterised in that including:
One first device, including one first Transaction Information, and receive an authentication device provide one second encrypted transaction message with
One first service private key, and output second encrypted transaction message a to second device;It is and private using the first service
After one first encrypted transaction message that key is provided the second device is decrypted, one first decrypted transaction information of output to institute
State authentication device;
The second device, the first device, including one second Transaction Information are connected, and receive what the authentication device provided
First encrypted transaction message and a second service private key, and first encrypted transaction message is exported to the described first dress
Put;And second encrypted transaction message provided using the second service private key the first device is decrypted
Afterwards, one second decrypted transaction information is exported to the authentication device;
The authentication device, the first device and the second device are connected respectively, obtain and analyze the first transaction letter
Breath is with after second Transaction Information, exporting first encrypted transaction message and the second service private key to the described second dress
Put, and export second encrypted transaction message and the first service private key to the first device;And when confirmation receives
The first decrypted transaction information it is consistent with first Transaction Information, and the second decrypted transaction information and described second
When Transaction Information is consistent, judge that the first device is set up with the second device interactive authentication;And
One cash streaming system, connects the second device, after the first device and the second device interactive authentication are set up,
The first device is assisted to complete delivery operation.
6. device according to claim 5 pays mutual authentication system, it is characterised in that also includes:
The first service private key is produced with the second service private key by the authentication device, or the dress of the network by being connected
Put and provided;The authentication device obtains described first after being encrypted using the first service private key to first Transaction Information
Encrypted transaction message, and second encryption is obtained after being encrypted using the second service private key to second Transaction Information and is handed over
Easy information;
Wherein, the first device to the authentication device register when, the authentication device produces the first service private key;Institute
State second device to the authentication device register when, the authentication device produces the second service private key.
7. device according to claim 5 pays mutual authentication system, it is characterised in that also includes:
The first device initiates a purchase request, when purchase solicited message to the certification that the first device is sent fills
When putting, the authentication device judges whether the purchase solicited message is correct according to a log-on message of the first device;When
When judging that the purchase solicited message is correct, the first device interacts certification with the second device;Or
The first device initiates the purchase request, when the purchase solicited message that the first device is sent to described the
During two devices, the second device judges the purchase by the log-on message of the authentication device according to the first device
Whether correct buy solicited message;When the second device judge it is described purchase solicited message it is correct when, the first device with
The second device interacts certification.
8. device according to claim 7 pays mutual authentication system, it is characterised in that also includes:When the described first dress
Put to the authentication device registered when, the authentication device utilize the first device an identification information and described first
Service private key obtains the log-on message.
9. a kind of authentication device, the authentication device connects a first device and a second device respectively, it is characterised in that bag
Include:
One acquisition module, one first Transaction Information provided to obtain and analyze the first device carry with the second device
One second Transaction Information supplied;And obtain the first device is provided the second device using a first service private key one
First encrypted transaction message be decrypted after one first decrypted transaction information, and obtain the second device and utilize one second
Service one second decrypted transaction information after one second encrypted transaction message that private key is provided the first device is decrypted;
One output module, first encrypted transaction message and the second service private key to the second device are exported, and it is defeated
Go out second encrypted transaction message and the first service private key to the first device;
One judge module, when the first decrypted transaction information and first Transaction Information that confirm to receive are consistent and described
When second decrypted transaction information is consistent with second Transaction Information, judges that the first device interacts with the second device and recognize
Card is set up.
10. authentication device according to claim 9, it is characterised in that also include:One info conversion module, using described
First service private key obtains first encrypted transaction message after being encrypted to first Transaction Information, and utilizes the described second clothes
Business private key obtains second encrypted transaction message after being encrypted to second Transaction Information.
Priority Applications (1)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
CN201710831730.XA CN107464105A (en) | 2017-09-15 | 2017-09-15 | Device pays interactive authentication method and its system |
Applications Claiming Priority (1)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
CN201710831730.XA CN107464105A (en) | 2017-09-15 | 2017-09-15 | Device pays interactive authentication method and its system |
Publications (1)
Publication Number | Publication Date |
---|---|
CN107464105A true CN107464105A (en) | 2017-12-12 |
Family
ID=60551323
Family Applications (1)
Application Number | Title | Priority Date | Filing Date |
---|---|---|---|
CN201710831730.XA Pending CN107464105A (en) | 2017-09-15 | 2017-09-15 | Device pays interactive authentication method and its system |
Country Status (1)
Country | Link |
---|---|
CN (1) | CN107464105A (en) |
Citations (11)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN101118627A (en) * | 2006-08-01 | 2008-02-06 | 上海融兴网络科技有限公司 | Movable electric commerce payment transaction system and safety identification method thereof |
CN101431415A (en) * | 2008-12-12 | 2009-05-13 | 天柏宽带网络科技(北京)有限公司 | Bidirectional authentication method |
CN101739622A (en) * | 2008-11-06 | 2010-06-16 | 同方股份有限公司 | Trusted payment computer system |
US20130042112A1 (en) * | 2011-02-12 | 2013-02-14 | CertiVox Ltd. | Use of non-interactive identity based key agreement derived secret keys with authenticated encryption |
CN103942688A (en) * | 2014-04-25 | 2014-07-23 | 天地融科技股份有限公司 | Data security interactive system |
CN104392355A (en) * | 2014-11-14 | 2015-03-04 | 青岛龙泰天翔通信科技有限公司 | Electronic payment method being high in safety |
CN105187357A (en) * | 2014-06-04 | 2015-12-23 | 北京大学深圳研究生院 | Two-dimension code verification method and system |
CN105577612A (en) * | 2014-10-11 | 2016-05-11 | 中兴通讯股份有限公司 | Identity authentication method, third party server, merchant server, and user terminal |
CN105721412A (en) * | 2015-06-24 | 2016-06-29 | 乐视云计算有限公司 | Method and device for authenticating identity between multiple systems |
CN105809417A (en) * | 2014-12-29 | 2016-07-27 | 航天信息股份有限公司 | Safe reliable real-time electronic payment settlement merchant terminal, user terminal, bank front-end system, system, and method |
CN106888097A (en) * | 2017-03-30 | 2017-06-23 | 福建北卡科技有限公司 | Identity identifying method based on zero-knowledge proof under a kind of HCE patterns |
-
2017
- 2017-09-15 CN CN201710831730.XA patent/CN107464105A/en active Pending
Patent Citations (11)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN101118627A (en) * | 2006-08-01 | 2008-02-06 | 上海融兴网络科技有限公司 | Movable electric commerce payment transaction system and safety identification method thereof |
CN101739622A (en) * | 2008-11-06 | 2010-06-16 | 同方股份有限公司 | Trusted payment computer system |
CN101431415A (en) * | 2008-12-12 | 2009-05-13 | 天柏宽带网络科技(北京)有限公司 | Bidirectional authentication method |
US20130042112A1 (en) * | 2011-02-12 | 2013-02-14 | CertiVox Ltd. | Use of non-interactive identity based key agreement derived secret keys with authenticated encryption |
CN103942688A (en) * | 2014-04-25 | 2014-07-23 | 天地融科技股份有限公司 | Data security interactive system |
CN105187357A (en) * | 2014-06-04 | 2015-12-23 | 北京大学深圳研究生院 | Two-dimension code verification method and system |
CN105577612A (en) * | 2014-10-11 | 2016-05-11 | 中兴通讯股份有限公司 | Identity authentication method, third party server, merchant server, and user terminal |
CN104392355A (en) * | 2014-11-14 | 2015-03-04 | 青岛龙泰天翔通信科技有限公司 | Electronic payment method being high in safety |
CN105809417A (en) * | 2014-12-29 | 2016-07-27 | 航天信息股份有限公司 | Safe reliable real-time electronic payment settlement merchant terminal, user terminal, bank front-end system, system, and method |
CN105721412A (en) * | 2015-06-24 | 2016-06-29 | 乐视云计算有限公司 | Method and device for authenticating identity between multiple systems |
CN106888097A (en) * | 2017-03-30 | 2017-06-23 | 福建北卡科技有限公司 | Identity identifying method based on zero-knowledge proof under a kind of HCE patterns |
Similar Documents
Publication | Publication Date | Title |
---|---|---|
US11720883B2 (en) | Transaction data tokenization | |
US10769632B2 (en) | Multi-commerce channel wallet for authenticated transactions | |
AU2012294451B2 (en) | Payment device with integrated chip | |
US20200058028A1 (en) | Data security system using mobile communications device | |
US20170024738A1 (en) | System and method for electronic payment using payment server provided transaction link codes | |
US20120290480A1 (en) | Electronic payment using transaction identity codes | |
US20130006872A1 (en) | Near-field communication based payment methods | |
US20100211503A1 (en) | Double Verified Transaction Device and Method | |
CN105989466A (en) | Method of payment with mobile phone | |
CN105894275A (en) | Two-dimensional-code-based intelligent payment system | |
JP5693551B2 (en) | Price settlement system and price settlement method using a mobile terminal | |
WO2014032206A1 (en) | Quick payment system and corresponding method | |
CN107464105A (en) | Device pays interactive authentication method and its system | |
WO2018231231A1 (en) | System and logic to convert an existing online bank transfer transaction | |
CN107633392A (en) | Device reimbursement interactive authentication method and its system | |
AU2004100516A4 (en) | Purchasing goods or services on the Internet | |
Junxuan | Research on E-Payment Model | |
CA3083662A1 (en) | Systems and methods for device-present electronic commerce transaction checkout | |
TW201636915A (en) | Financial service system and method | |
TW200926024A (en) | A method and system for secure transaction | |
WO2011018103A1 (en) | Money transfer request |
Legal Events
Date | Code | Title | Description |
---|---|---|---|
PB01 | Publication | ||
PB01 | Publication | ||
SE01 | Entry into force of request for substantive examination | ||
SE01 | Entry into force of request for substantive examination | ||
AD01 | Patent right deemed abandoned |
Effective date of abandoning: 20210730 |
|
AD01 | Patent right deemed abandoned |