CN107464105A - Device pays interactive authentication method and its system - Google Patents

Device pays interactive authentication method and its system Download PDF

Info

Publication number
CN107464105A
CN107464105A CN201710831730.XA CN201710831730A CN107464105A CN 107464105 A CN107464105 A CN 107464105A CN 201710831730 A CN201710831730 A CN 201710831730A CN 107464105 A CN107464105 A CN 107464105A
Authority
CN
China
Prior art keywords
authentication
private key
message
transaction information
encrypted
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Pending
Application number
CN201710831730.XA
Other languages
Chinese (zh)
Inventor
蔡小春
廖敏杰
陈明
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
Shenzhen Tinno Mobile Technology Co Ltd
Shenzhen Tinno Wireless Technology Co Ltd
Original Assignee
Shenzhen Tinno Mobile Technology Co Ltd
Shenzhen Tinno Wireless Technology Co Ltd
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Shenzhen Tinno Mobile Technology Co Ltd, Shenzhen Tinno Wireless Technology Co Ltd filed Critical Shenzhen Tinno Mobile Technology Co Ltd
Priority to CN201710831730.XA priority Critical patent/CN107464105A/en
Publication of CN107464105A publication Critical patent/CN107464105A/en
Pending legal-status Critical Current

Links

Classifications

    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06QINFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES, NOT OTHERWISE PROVIDED FOR
    • G06Q20/00Payment architectures, schemes or protocols
    • G06Q20/08Payment architectures
    • G06Q20/085Payment architectures involving remote charge determination or related payment systems
    • G06Q20/0855Payment architectures involving remote charge determination or related payment systems involving a third party
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06QINFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES, NOT OTHERWISE PROVIDED FOR
    • G06Q20/00Payment architectures, schemes or protocols
    • G06Q20/38Payment protocols; Details thereof
    • G06Q20/382Payment protocols; Details thereof insuring higher security of transaction
    • G06Q20/3821Electronic credentials
    • G06Q20/38215Use of certificates or encrypted proofs of transaction rights
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06QINFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES, NOT OTHERWISE PROVIDED FOR
    • G06Q20/00Payment architectures, schemes or protocols
    • G06Q20/38Payment protocols; Details thereof
    • G06Q20/40Authorisation, e.g. identification of payer or payee, verification of customer or shop credentials; Review and approval of payers, e.g. check credit lines or negative lists
    • G06Q20/401Transaction verification

Landscapes

  • Business, Economics & Management (AREA)
  • Accounting & Taxation (AREA)
  • Engineering & Computer Science (AREA)
  • Finance (AREA)
  • Strategic Management (AREA)
  • Physics & Mathematics (AREA)
  • General Business, Economics & Management (AREA)
  • General Physics & Mathematics (AREA)
  • Theoretical Computer Science (AREA)
  • Computer Security & Cryptography (AREA)
  • Financial Or Insurance-Related Operations Such As Payment And Settlement (AREA)

Abstract

The present invention is that device pays interactive authentication method and its system, including:By authentication device obtain and analyze the first Transaction Information and the second Transaction Information after, output the first encrypted transaction message and second service private key to second device, and export the second encrypted transaction message and first service private key to first device;Second encrypted transaction message is exported to second device by first device, and the first encrypted transaction message is exported to first device by second device;The first encrypted transaction message is decrypted using first service private key by first device, and the second encrypted transaction message is decrypted using second service private key by second device;When authentication device confirms that the first decrypted transaction information is consistent with the first Transaction Information, and the second decrypted transaction information is consistent with the second Transaction Information, judge that first device is set up with second device interactive authentication;And after first device and second device interactive authentication are set up, delivery operation is completed by cash flow system helps first device.

Description

Device pays interactive authentication method and its system
Technical field
The present invention relates to communication technique field, and in particular to a kind of device pays interactive authentication method and its system.
Background technology
With the fast development of internet and mobile phone popularity rate more and more higher, increasing people is carried out using online transaction Pay.Traditional means of payment, it is the transaction by third-party platform, after buyer's free choice of goods, is provided using third-party platform Account carry out payment for goods payment, after third-party platform receives customer payment information, notify that payment for goods is to account by seller, and require seller Delivered;Buyer receives and after item inspecting, notifies third-party platform.Third-party platform pays seller.Third-party payment The appearance of platform, theoretically, the fraud in electronic transaction is thoroughly prevented.
By taking conventional transaction pattern as an example:1. client is in the e-commerce website free choice of goods, final decision purchase, both parties Reach purchase intention;2. money is drawn by the use of third-party platform as transaction, client and arrives third-party platform by customer selecting with Payment Card Account;3. the message informing businessman that third-party platform has paid the bill client as authenticating party, and require businessman when defined Interior delivery;Delivered after 4. businessman is notified according to order;5. client receives goods and notifies third-party platform after verifying;6. Payment for goods in its account is included in Merchant Account by third-party platform, completes transaction.But under such a trade mode, money needs Third-party platform is reached, fund can be detained at Third-party payment service provider, that is, so-called financing deposition occur.
The content of the invention
The shortcomings that for above-mentioned prior art, the present invention provide a kind of device and pay interactive authentication method and its system, lead to The device that interactive authentication is crossed to confirm to be connected with each other is communication device trusty, after certification is set up, by Third Party Authentication device Confirm transaction payment path, delivery operation is quickly performed by cash flow system helps first device.
The purpose of the present invention can use following technical scheme to realize with solving its technical problem.
A kind of device proposed by the present invention pays interactive authentication method, comprises the following steps:Obtained by an authentication device And after one first Transaction Information of first device offer and one second Transaction Information of second device offer are provided, output one First encrypted transaction message and a second service private key export one second encrypted transaction message and one the to the second device One services private key to the first device;Second encrypted transaction message is exported to the second device by the first device, And first encrypted transaction message is exported to the first device by the second device;Utilized by the first device After first encrypted transaction message that the first service private key is provided the second device is decrypted, output one first Decrypted transaction information is to the authentication device;And filled by the second device using the second service private key to described first Put offer second encrypted transaction message be decrypted after, one second decrypted transaction information of output is to the authentication device; When the authentication device confirms that the first decrypted transaction information for receiving is consistent with first Transaction Information, and described second When decrypted transaction information is consistent with second Transaction Information, judge the first device and the second device interactive authentication into It is vertical;And after the first device and the second device interactive authentication are set up, pass through described in a cash flow system helps the One device completes delivery operation.
Wherein, in addition to:The first service private key is produced with the second service private key by the authentication device, or There is provided by the network equipment being connected;The authentication device is added using the first service private key to first Transaction Information First encrypted transaction message is obtained after close, and is obtained after being encrypted using the second service private key to second Transaction Information To second encrypted transaction message;Wherein, the first device to the authentication device register when, the authentication device produces The first service private key;The second device to the authentication device register when, the authentication device produces second clothes Business private key.
Wherein, in addition to:The first device initiates a purchase request, when the purchase request that the first device is sent During information to the authentication device, the authentication device judges the purchase request according to a log-on message of the first device Whether information is correct;When judging that the purchase solicited message is correct, the first device is handed over the second device Mutual certification;Or
The first device initiates the purchase request, when the purchase solicited message that the first device is sent to described the During two devices, the second device judges the purchase by the log-on message of the authentication device according to the first device Whether correct buy solicited message;When the second device judge it is described purchase solicited message it is correct when, the first device with The second device interacts certification.
Wherein, in addition to:When the first device is registered to the authentication device, the authentication device utilizes institute The identification information and the first service private key for stating first device obtain the log-on message.
The purpose of the present invention can also further be realized with solving its technical problem using following technical measures.
Mutual authentication system is paid according to a kind of device proposed by the present invention, including:One first device, including one first friendship Easy information, and one second encrypted transaction message and a first service private key that an authentication device provides are received, and export described the Two encrypted transaction messages a to second device;And one first provided using the first service private key the second device After encrypted transaction message is decrypted, one first decrypted transaction information of output to the authentication device;The second device, connection The first device, including one second Transaction Information, and receive first encrypted transaction message that the authentication device provides With a second service private key, and output first encrypted transaction message is to the first device;And utilize the described second clothes After second encrypted transaction message that business private key is provided the first device is decrypted, output one second decrypted transaction letter Cease to the authentication device;The authentication device, the first device and the second device are connected respectively, obtain and analyze institute The first Transaction Information is stated with after second Transaction Information, exporting first encrypted transaction message and the second service private key To the second device, and export second encrypted transaction message and the first service private key to the first device;With And work as and confirm that the first decrypted transaction information of reception is consistent with first Transaction Information, and second decrypted transaction is believed When breath is consistent with second Transaction Information, judge that the first device is set up with the second device interactive authentication;And one Cash streaming system, the second device is connected, after the first device and the second device interactive authentication are set up, assist institute State first device and complete delivery operation.
Wherein, in addition to:The first service private key is produced with the second service private key by the authentication device, or There is provided by the network equipment being connected;Wherein, the first device to the authentication device register when, authentication device production The raw first service private key;The second device to the authentication device register when, the authentication device produces described second Service private key.
Wherein, in addition to:After the authentication device is encrypted using the first service private key to first Transaction Information First encrypted transaction message is obtained, and institute is obtained after being encrypted using the second service private key to second Transaction Information State the second encrypted transaction message.
Wherein, in addition to:The first device initiates a purchase request, when the purchase request that the first device is sent During information to the authentication device, the authentication device judges the purchase request according to a log-on message of the first device Whether information is correct;When judging that the purchase solicited message is correct, the first device is handed over the second device Mutual certification;Or
The first device initiates the purchase request, when the purchase solicited message that the first device is sent to described the During two devices, the second device judges the purchase by the log-on message of the authentication device according to the first device Whether correct buy solicited message;When the second device judge it is described purchase solicited message it is correct when, the first device with The second device interacts certification.
Wherein, in addition to:When the first device is registered to the authentication device, the authentication device utilizes institute The identification information and the first service private key for stating first device obtain the log-on message.
According to a kind of authentication device proposed by the present invention, the authentication device connects a first device and one second dress respectively Put, including:One acquisition module, to obtain and analyze one first Transaction Information and the described second dress that the first device provides One second Transaction Information of offer is provided;And obtain the first device and the second device is provided using a first service private key One first encrypted transaction message be decrypted after one first decrypted transaction information, and obtain the second device and utilize one One second encrypted transaction message that second service private key is provided the first device be decrypted after one second decrypted transaction Information;One output module, first encrypted transaction message and the second service private key to the second device are exported, and it is defeated Go out second encrypted transaction message and the first service private key to the first device;One judge module, when confirmation receives The first decrypted transaction information it is consistent with first Transaction Information, and the second decrypted transaction information and described second When Transaction Information is consistent, judge that the first device is set up with the second device interactive authentication.
Wherein, in addition to:One info conversion module, first Transaction Information is encrypted using the first service private key After obtain first encrypted transaction message, and obtained after being encrypted using the second service private key to second Transaction Information Second encrypted transaction message.
By above technical scheme and measure, the first device and second device interactive authentication establishment are being judged Afterwards, transaction payment path is confirmed by Third Party Authentication device, payment behaviour is quickly performed by cash flow system helps first device Make.The invention has the characteristics that:
A. independent authentication.Such practice is that authentication mechanism is independent, it is not merged operation with cash streaming system, avoids recognizing Card arbitration and cash flow operation are all same unit or the same group organisation operations;
B. it is easy to use.For disburser, what is faced is friendly interface, it is not necessary to considers the technical operating procedure of behind;
C. security.Credit card information or accounts information only need to tell payment platform, without telling each payee, reduce The risk that credit card information and accounts information are given away secrets.Other external devices can not find out rule from the certification between user and businessman Rule.Because certification end is only provided by the converted encryption data of certification initial data;
Though it is to use both devices interactive authentication that d. this case, which is taken off, the key information of verification process demand is filled through certification mostly Put and give, be not that both devices are given, be on the premise of absolute confidence is appointed in authentication device, further maintenance certification is protected Close security;
E. quickly account is arrived.When both-end certification is assisted to complete in certification end, you can assert between user's set and merchant platform it is high The both sides trusted each other are spent, therefore during client's purchase, the rear end i.e. rapid certification of meeting to enter cash flow operation, deducts department of banking The clearing time of system, in time to account;
F. payment cost is low, and payment platform has concentrated substantial amounts of electronics penny ante, forms scale effect.Payment platform collects phase To payment procedure expense.
Brief description of the drawings
Figure 1A to 1F is the information processing configuration diagram that a kind of device proposed by the present invention pays mutual authentication system.
Fig. 2 is the schematic flow sheet that a kind of device proposed by the present invention pays interactive authentication method.
Fig. 3 is the module diagram of authentication device in one embodiment of the invention.
Embodiment
Further to illustrate that a kind of device of the present invention pays interactive authentication method and its system to reach predetermined invention mesh The technological means taken and its effect of reach, below in conjunction with accompanying drawing and preferred embodiment, to according to proposed by the present invention Device pays embodiment, structure, feature and its effect of interactive authentication method and its system, is described in detail.
Figure 1A to 1F is refer to, it pays the information processing framework of mutual authentication system for a kind of device proposed by the present invention Schematic diagram.
In Figure 1A into 1F, a kind of device proposed by the present invention pays mutual authentication system, including;One first device 110, Including one first Transaction Information A, and receive one second encrypted transaction message B1 and a first service that an authentication device 130 provides Private key Ka, and the second encrypted transaction message B1 is exported to a second device 120;And utilize the first service private key Ka After the one first encrypted transaction message A1 provided the second device 120 is decrypted, one first decrypted transaction information is exported A2 is to the authentication device 130;The second device 120, the first device 110, including one second Transaction Information B are connected, And the first encrypted transaction message A1 and a second service private key Kb that the authentication device 130 provides are received, and output institute The first encrypted transaction message A1 is stated to the first device 110;And filled using the second service private key Kb to described first Put 110 offers the second encrypted transaction message B1 be decrypted after, output one second decrypted transaction information B2 recognize to described Card device 130;The authentication device 130, the first device 110 and the second device 120 are connected respectively, obtains and analyzes After the first Transaction Information A and the second Transaction Information B, the first encrypted transaction message A1 and the described second clothes are exported Private key Kb be engaged in the second device 120, and exports the second encrypted transaction message B1 and first service private key Ka extremely The first device 110;And as the first decrypted transaction information A2 for confirming to receive and the first Transaction Information A mono- Cause, and when the second decrypted transaction information B2 is consistent with the second Transaction Information B, judge the first device 110 and institute State the establishment of the interactive authentication of second device 120;And a cash streaming system 140, the second device 120 is connected, described first After device 110 is set up with the interactive authentication of second device 120, the first device 110 is assisted to complete delivery operation.
In one embodiment, in addition to:The first service private key Ka and second service private key Kb is by the certification Device 130 is produced, or the network equipment by being connected is provided;Wherein, the first device 110 is to the authentication device During 130 registration, the authentication device 130 produces the first service private key Ka;The second device 120 is to the authentication device During 130 registration, the authentication device produces the second service private key Kb.
In one embodiment, in addition to:The authentication device 130 is handed over described first using the first service private key Ka The first encrypted transaction message A1 is obtained after easy information A encryptions, and is handed over using the second service private key Kb described second The second encrypted transaction message B1 is obtained after easy information B encryptions.
In one embodiment, in addition to:The first device 110 initiates a purchase request, when the first device 110 is sent out Send one purchase solicited message to the authentication device 130 when, the authentication device 130 according to the first device 110 one Log-on message judges whether the purchase solicited message is correct;When judging that the purchase solicited message is correct, described first Device 110 interacts certification with the second device 120;Or
The first device 110 initiate it is described purchase request, when the first device 110 send the purchase solicited message extremely During the second device 120, the second device 120 is by the authentication device 130 according to described in the first device 110 Log-on message judges whether the purchase solicited message is correct;When the second device 120 judges the purchase solicited message When correct, the first device 110 interacts certification with the second device 120.
In one embodiment, in addition to:It is described when the first device 110 is registered to the authentication device 130 Authentication device 130 obtains the registration with the first service private key Ka using an identification information of the first device 110 and believed Breath.
Specifically, promoter of the first device 110 as purchase request.And first device 110 is registered to authentication device 130 Afterwards, authentication device 130 can utilize the identification information and first service private key Ka of first device 110, calculate corresponding first device 110 log-on message.Calculating formula is as follows:
α i=h (Ka | | IDi);Wherein, IDi is identification information, and Ka is first service private key, and α i are log-on message.First service Private key Ka is voluntarily produced by authentication device 130, by associateds such as other servomechanism installations being connected or service units Network equipment is provided.
The promoter that first device 110 is asked for purchase in this embodiment.Authentication device 130 is obtaining purchase solicited message When, it can buy whether solicited message is correct according to the log-on message of first device 110 to judge this.For example, confirm identification letter ID i presence or absence is ceased to judge whether first device 110 is registeredAnd for example, the first encryption corresponding to the first Transaction Information A is taken Transaction Information A1, attempt to decrypt the first encrypted transaction message A1 with first service private key Ka, judging whether can successful decryptionThereby Judge the correctness of purchase solicited message.When authentication device 130 confirms that first device 110 is registered, that is, think purchase request Information is correct information.So far purchase request is initiated operation and completed.The first device 110 is carried out with the second device 120 Interactive authentication;After certification is set up, transaction payment path is confirmed by authentication device 130, the first dress is assisted by cash streaming system 140 Put 110 quick execution delivery operations.In addition, cash streaming system 140 includes banking system.
Fig. 2 is refer to, the schematic flow sheet of interactive authentication method is paid for a kind of device proposed by the present invention.It please coordinate ginseng According to Figure 1A to 1F.Comprise the following steps:
Step S210:By authentication device obtain and analyze the first Transaction Information and the second Transaction Information after, output first Encrypted transaction message and second service private key export the second encrypted transaction message and first service private key to the to second device One device;Wherein, the first Transaction Information is provided by first device, the second Transaction Information is provided by second device.Such as Figure 1A to figure Shown in 1B.
Step S220:Second encrypted transaction message is exported to second device by first device, and it is defeated by second device Go out the first encrypted transaction message to first device;As shown in Figure 1 C.
Step S230A:It is defeated after the first encrypted transaction message is decrypted using first service private key by first device Go out the first decrypted transaction information to authentication device;Wherein, first encrypted transaction message is provided by the second device.Such as figure Shown in 1D.
Step S230B:It is defeated after the second encrypted transaction message is decrypted using second service private key by second device Go out the second decrypted transaction information to authentication device;Wherein, second encrypted transaction message is provided by the first device.Such as figure Shown in 1D.
Step S240:When authentication device confirms that the first decrypted transaction information for receiving is consistent with the first Transaction Information, and the When two decrypted transaction information are consistent with the second Transaction Information, judge that first device is set up with second device interactive authentication.Such as Fig. 1 E It is shown.
Step S250:After the first device and the second device interactive authentication are set up, pass through a cash streaming system The first device is assisted to complete delivery operation.As shown in fig. 1F.
In one embodiment, in addition to:The first service private key Ka and second service private key Kb is by the certification Device 130 is produced, or the network equipment by being connected is provided;Wherein, the first device 110 is to the authentication device During 130 registration, the authentication device 130 produces the first service private key Ka;The second device 120 is to the authentication device During 130 registration, the authentication device produces the second service private key Kb.
In one embodiment, in addition to:The authentication device 130 is handed over described first using the first service private key Ka The first encrypted transaction message A1 is obtained after easy information A encryptions, and is handed over using the second service private key Kb described second The second encrypted transaction message B1 is obtained after easy information B encryptions.
In one embodiment, in addition to:The first device 110 initiates a purchase request, when the first device 110 is sent out Send one purchase solicited message to the authentication device 130 when, the authentication device 130 according to the first device 110 one Log-on message judges whether the purchase solicited message is correct;When judging that the purchase solicited message is correct, described first Device 110 interacts certification with the second device 120;Or
The first device 110 initiate it is described purchase request, when the first device 110 send the purchase solicited message extremely During the second device 120, the second device 120 is by the authentication device 130 according to described in the first device 110 Log-on message judges whether the purchase solicited message is correct;When the second device 120 judges the purchase solicited message When correct, the first device 110 interacts certification with the second device 120.
In one embodiment, in addition to:It is described when the first device 110 is registered to the authentication device 130 Authentication device 130 obtains the registration with the first service private key Ka using an identification information of the first device 110 and believed Breath.
Specifically, promoter of the first device 110 as purchase request.And first device 110 is registered to authentication device 130 Afterwards, authentication device 130 can utilize the identification information and first service private key Ka of first device 110, calculate corresponding first device 110 log-on message.Calculating formula is as follows:
α i=h (Ka | | IDi);Wherein, IDi is identification information, and Ka is first service private key, and α i are log-on message.First service Private key Ka is voluntarily produced by authentication device 130, by associateds such as other servomechanism installations being connected or service units Network equipment is provided.
The promoter that first device 110 is asked for purchase in this embodiment.Authentication device 130 is obtaining purchase solicited message When, it can buy whether solicited message is correct according to the log-on message of first device 110 to judge this.For example, confirm identification letter ID i presence or absence is ceased to judge whether first device 110 is registeredAnd for example, the first encryption corresponding to the first Transaction Information A is taken Transaction Information A1, attempt to decrypt the first encrypted transaction message A1 with first service private key Ka, judging whether can successful decryptionThereby Judge the correctness of purchase solicited message.When authentication device 130 confirms that first device 110 is registered, that is, think purchase request Information is correct information.So far purchase request is initiated operation and completed.The first device 110 is carried out with the second device 120 Interactive authentication;After certification is set up, transaction payment path is confirmed by authentication device 130, the first dress is assisted by cash streaming system 140 Put 110 quick execution delivery operations.In addition, cash streaming system 140 includes banking system.
Fig. 3 is refer to, is the module diagram of authentication device in one embodiment of the invention.It please coordinate reference picture 1A to 1F.
In figure 3, a kind of authentication device proposed by the present invention, the authentication device 130 connect a first device 110 respectively With a second device 120, including:One acquisition module 131, to obtain and analyze the one first of the offer of first device 110 One second Transaction Information that Transaction Information provides with the second device 120;And obtain the first device 110 and utilize one first One first decrypted transaction after one first encrypted transaction message that the second device 120 provides is decrypted service private key is believed Breath, and obtain one second encryption that the second device 120 is provided the first device 110 using a second service private key Transaction Information be decrypted after one second decrypted transaction information;One output module 132, export first encrypted transaction message With the second service private key to the second device 120, and second encrypted transaction message and the first service are exported Private key is to the first device 110;One judge module 133, when the first decrypted transaction information for confirming to receive and described the One Transaction Information is consistent, and when the second decrypted transaction information is consistent with second Transaction Information, judges first dress 110 are put to set up with the interactive authentication of second device 120.
In one embodiment, in addition to:After the first device and the second device interactive authentication are set up, pass through one First device described in cash flow system helps completes delivery operation.
In one embodiment, in addition to:One info conversion module, merchandised using the first service private key to described first First encrypted transaction message is obtained after information encryption, and second Transaction Information is added using the second service private key Second encrypted transaction message is obtained after close.
The above described is only a preferred embodiment of the present invention, any formal limitation not is made to the present invention, though So the present invention is disclosed above with preferred embodiment, but is not limited to the present invention, any to be familiar with this professional technology people Member, without departing from the scope of the present invention, when the technology contents using the disclosure above make a little change or modification For the equivalent embodiment of equivalent variations, as long as being the content without departing from technical solution of the present invention, the technical spirit according to the present invention Any simple modification and the equivalent variations and modification made to above example, still fall within the scope of technical solution of the present invention It is interior.

Claims (10)

1. a kind of device pays interactive authentication method, it is characterised in that comprises the following steps:
Obtained by an authentication device and one first Transaction Information and a second device offer of first device offer are provided After one second Transaction Information, one first encrypted transaction message and a second service private key are exported to the second device, and export One second encrypted transaction message and a first service private key are to the first device;
The second encrypted transaction message is exported by the first device to export to the second device, and by the second device First encrypted transaction message is to the first device;
The the first encryption transaction provided by the first device using the first service private key the second device After information is decrypted, one first decrypted transaction information of output to the authentication device;And institute is utilized by the second device State after second encrypted transaction message that second service private key is provided the first device is decrypted, the solution of output one second Close Transaction Information is to the authentication device;
When the authentication device confirms that the first decrypted transaction information of reception and first Transaction Information are consistent and described When second decrypted transaction information is consistent with second Transaction Information, judges that the first device interacts with the second device and recognize Card is set up;And
After the first device and the second device interactive authentication are set up, pass through the first dress described in a cash flow system helps Put and complete delivery operation.
2. device according to claim 1 pays interactive authentication method, it is characterised in that also includes:
The first service private key is produced with the second service private key by the authentication device, or the dress of the network by being connected Put and provided;The authentication device obtains described first after being encrypted using the first service private key to first Transaction Information Encrypted transaction message, and second encryption is obtained after being encrypted using the second service private key to second Transaction Information and is handed over Easy information;
Wherein, the first device to the authentication device register when, the authentication device produces the first service private key;Institute State second device to the authentication device register when, the authentication device produces the second service private key.
3. device according to claim 1 pays interactive authentication method, it is characterised in that also includes:
The first device initiates a purchase request, when purchase solicited message to the certification that the first device is sent fills When putting, the authentication device judges whether the purchase solicited message is correct according to a log-on message of the first device;When When judging that the purchase solicited message is correct, the first device interacts certification with the second device;Or
The first device initiates the purchase request, when the purchase solicited message that the first device is sent to described the During two devices, the second device judges the purchase by the log-on message of the authentication device according to the first device Whether correct buy solicited message;When the second device judge it is described purchase solicited message it is correct when, the first device with The second device interacts certification.
4. device according to claim 3 pays interactive authentication method, it is characterised in that also includes:
When the first device is registered to the authentication device, the authentication device utilizes a knowledge of the first device Other information obtains the log-on message with the first service private key.
5. a kind of device pays mutual authentication system, it is characterised in that including:
One first device, including one first Transaction Information, and receive an authentication device provide one second encrypted transaction message with One first service private key, and output second encrypted transaction message a to second device;It is and private using the first service After one first encrypted transaction message that key is provided the second device is decrypted, one first decrypted transaction information of output to institute State authentication device;
The second device, the first device, including one second Transaction Information are connected, and receive what the authentication device provided First encrypted transaction message and a second service private key, and first encrypted transaction message is exported to the described first dress Put;And second encrypted transaction message provided using the second service private key the first device is decrypted Afterwards, one second decrypted transaction information is exported to the authentication device;
The authentication device, the first device and the second device are connected respectively, obtain and analyze the first transaction letter Breath is with after second Transaction Information, exporting first encrypted transaction message and the second service private key to the described second dress Put, and export second encrypted transaction message and the first service private key to the first device;And when confirmation receives The first decrypted transaction information it is consistent with first Transaction Information, and the second decrypted transaction information and described second When Transaction Information is consistent, judge that the first device is set up with the second device interactive authentication;And
One cash streaming system, connects the second device, after the first device and the second device interactive authentication are set up, The first device is assisted to complete delivery operation.
6. device according to claim 5 pays mutual authentication system, it is characterised in that also includes:
The first service private key is produced with the second service private key by the authentication device, or the dress of the network by being connected Put and provided;The authentication device obtains described first after being encrypted using the first service private key to first Transaction Information Encrypted transaction message, and second encryption is obtained after being encrypted using the second service private key to second Transaction Information and is handed over Easy information;
Wherein, the first device to the authentication device register when, the authentication device produces the first service private key;Institute State second device to the authentication device register when, the authentication device produces the second service private key.
7. device according to claim 5 pays mutual authentication system, it is characterised in that also includes:
The first device initiates a purchase request, when purchase solicited message to the certification that the first device is sent fills When putting, the authentication device judges whether the purchase solicited message is correct according to a log-on message of the first device;When When judging that the purchase solicited message is correct, the first device interacts certification with the second device;Or
The first device initiates the purchase request, when the purchase solicited message that the first device is sent to described the During two devices, the second device judges the purchase by the log-on message of the authentication device according to the first device Whether correct buy solicited message;When the second device judge it is described purchase solicited message it is correct when, the first device with The second device interacts certification.
8. device according to claim 7 pays mutual authentication system, it is characterised in that also includes:When the described first dress Put to the authentication device registered when, the authentication device utilize the first device an identification information and described first Service private key obtains the log-on message.
9. a kind of authentication device, the authentication device connects a first device and a second device respectively, it is characterised in that bag Include:
One acquisition module, one first Transaction Information provided to obtain and analyze the first device carry with the second device One second Transaction Information supplied;And obtain the first device is provided the second device using a first service private key one First encrypted transaction message be decrypted after one first decrypted transaction information, and obtain the second device and utilize one second Service one second decrypted transaction information after one second encrypted transaction message that private key is provided the first device is decrypted;
One output module, first encrypted transaction message and the second service private key to the second device are exported, and it is defeated Go out second encrypted transaction message and the first service private key to the first device;
One judge module, when the first decrypted transaction information and first Transaction Information that confirm to receive are consistent and described When second decrypted transaction information is consistent with second Transaction Information, judges that the first device interacts with the second device and recognize Card is set up.
10. authentication device according to claim 9, it is characterised in that also include:One info conversion module, using described First service private key obtains first encrypted transaction message after being encrypted to first Transaction Information, and utilizes the described second clothes Business private key obtains second encrypted transaction message after being encrypted to second Transaction Information.
CN201710831730.XA 2017-09-15 2017-09-15 Device pays interactive authentication method and its system Pending CN107464105A (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
CN201710831730.XA CN107464105A (en) 2017-09-15 2017-09-15 Device pays interactive authentication method and its system

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
CN201710831730.XA CN107464105A (en) 2017-09-15 2017-09-15 Device pays interactive authentication method and its system

Publications (1)

Publication Number Publication Date
CN107464105A true CN107464105A (en) 2017-12-12

Family

ID=60551323

Family Applications (1)

Application Number Title Priority Date Filing Date
CN201710831730.XA Pending CN107464105A (en) 2017-09-15 2017-09-15 Device pays interactive authentication method and its system

Country Status (1)

Country Link
CN (1) CN107464105A (en)

Citations (11)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN101118627A (en) * 2006-08-01 2008-02-06 上海融兴网络科技有限公司 Movable electric commerce payment transaction system and safety identification method thereof
CN101431415A (en) * 2008-12-12 2009-05-13 天柏宽带网络科技(北京)有限公司 Bidirectional authentication method
CN101739622A (en) * 2008-11-06 2010-06-16 同方股份有限公司 Trusted payment computer system
US20130042112A1 (en) * 2011-02-12 2013-02-14 CertiVox Ltd. Use of non-interactive identity based key agreement derived secret keys with authenticated encryption
CN103942688A (en) * 2014-04-25 2014-07-23 天地融科技股份有限公司 Data security interactive system
CN104392355A (en) * 2014-11-14 2015-03-04 青岛龙泰天翔通信科技有限公司 Electronic payment method being high in safety
CN105187357A (en) * 2014-06-04 2015-12-23 北京大学深圳研究生院 Two-dimension code verification method and system
CN105577612A (en) * 2014-10-11 2016-05-11 中兴通讯股份有限公司 Identity authentication method, third party server, merchant server, and user terminal
CN105721412A (en) * 2015-06-24 2016-06-29 乐视云计算有限公司 Method and device for authenticating identity between multiple systems
CN105809417A (en) * 2014-12-29 2016-07-27 航天信息股份有限公司 Safe reliable real-time electronic payment settlement merchant terminal, user terminal, bank front-end system, system, and method
CN106888097A (en) * 2017-03-30 2017-06-23 福建北卡科技有限公司 Identity identifying method based on zero-knowledge proof under a kind of HCE patterns

Patent Citations (11)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN101118627A (en) * 2006-08-01 2008-02-06 上海融兴网络科技有限公司 Movable electric commerce payment transaction system and safety identification method thereof
CN101739622A (en) * 2008-11-06 2010-06-16 同方股份有限公司 Trusted payment computer system
CN101431415A (en) * 2008-12-12 2009-05-13 天柏宽带网络科技(北京)有限公司 Bidirectional authentication method
US20130042112A1 (en) * 2011-02-12 2013-02-14 CertiVox Ltd. Use of non-interactive identity based key agreement derived secret keys with authenticated encryption
CN103942688A (en) * 2014-04-25 2014-07-23 天地融科技股份有限公司 Data security interactive system
CN105187357A (en) * 2014-06-04 2015-12-23 北京大学深圳研究生院 Two-dimension code verification method and system
CN105577612A (en) * 2014-10-11 2016-05-11 中兴通讯股份有限公司 Identity authentication method, third party server, merchant server, and user terminal
CN104392355A (en) * 2014-11-14 2015-03-04 青岛龙泰天翔通信科技有限公司 Electronic payment method being high in safety
CN105809417A (en) * 2014-12-29 2016-07-27 航天信息股份有限公司 Safe reliable real-time electronic payment settlement merchant terminal, user terminal, bank front-end system, system, and method
CN105721412A (en) * 2015-06-24 2016-06-29 乐视云计算有限公司 Method and device for authenticating identity between multiple systems
CN106888097A (en) * 2017-03-30 2017-06-23 福建北卡科技有限公司 Identity identifying method based on zero-knowledge proof under a kind of HCE patterns

Similar Documents

Publication Publication Date Title
US11720883B2 (en) Transaction data tokenization
US10769632B2 (en) Multi-commerce channel wallet for authenticated transactions
AU2012294451B2 (en) Payment device with integrated chip
US20200058028A1 (en) Data security system using mobile communications device
US20170024738A1 (en) System and method for electronic payment using payment server provided transaction link codes
US20120290480A1 (en) Electronic payment using transaction identity codes
US20130006872A1 (en) Near-field communication based payment methods
US20100211503A1 (en) Double Verified Transaction Device and Method
CN105989466A (en) Method of payment with mobile phone
CN105894275A (en) Two-dimensional-code-based intelligent payment system
JP5693551B2 (en) Price settlement system and price settlement method using a mobile terminal
WO2014032206A1 (en) Quick payment system and corresponding method
CN107464105A (en) Device pays interactive authentication method and its system
WO2018231231A1 (en) System and logic to convert an existing online bank transfer transaction
CN107633392A (en) Device reimbursement interactive authentication method and its system
AU2004100516A4 (en) Purchasing goods or services on the Internet
Junxuan Research on E-Payment Model
CA3083662A1 (en) Systems and methods for device-present electronic commerce transaction checkout
TW201636915A (en) Financial service system and method
TW200926024A (en) A method and system for secure transaction
WO2011018103A1 (en) Money transfer request

Legal Events

Date Code Title Description
PB01 Publication
PB01 Publication
SE01 Entry into force of request for substantive examination
SE01 Entry into force of request for substantive examination
AD01 Patent right deemed abandoned

Effective date of abandoning: 20210730

AD01 Patent right deemed abandoned