CN108171510A - Offline payment method, apparatus and system to network payment account universal retrieval - Google Patents
Offline payment method, apparatus and system to network payment account universal retrieval Download PDFInfo
- Publication number
- CN108171510A CN108171510A CN201810050605.XA CN201810050605A CN108171510A CN 108171510 A CN108171510 A CN 108171510A CN 201810050605 A CN201810050605 A CN 201810050605A CN 108171510 A CN108171510 A CN 108171510A
- Authority
- CN
- China
- Prior art keywords
- payment
- transaction
- chip
- account
- label
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Pending
Links
- 238000000034 method Methods 0.000 title claims abstract description 47
- 230000006798 recombination Effects 0.000 claims abstract description 34
- 238000005215 recombination Methods 0.000 claims abstract description 34
- 230000004044 response Effects 0.000 claims abstract description 20
- 238000004891 communication Methods 0.000 claims abstract description 12
- 238000012545 processing Methods 0.000 claims abstract description 12
- 101000911390 Homo sapiens Coagulation factor VIII Proteins 0.000 claims description 6
- 102000057593 human F8 Human genes 0.000 claims description 6
- 230000007246 mechanism Effects 0.000 claims description 6
- 229940047431 recombinate Drugs 0.000 claims description 6
- 230000005540 biological transmission Effects 0.000 claims description 4
- 230000008569 process Effects 0.000 description 5
- 238000010586 diagram Methods 0.000 description 3
- 238000005516 engineering process Methods 0.000 description 3
- 238000001629 sign test Methods 0.000 description 3
- 238000004364 calculation method Methods 0.000 description 2
- 238000012544 monitoring process Methods 0.000 description 2
- 230000008901 benefit Effects 0.000 description 1
- 235000013399 edible fruits Nutrition 0.000 description 1
- 230000000694 effects Effects 0.000 description 1
- 239000003999 initiator Substances 0.000 description 1
- 238000003780 insertion Methods 0.000 description 1
- 230000037431 insertion Effects 0.000 description 1
- 239000002184 metal Substances 0.000 description 1
- 238000012986 modification Methods 0.000 description 1
- 230000004048 modification Effects 0.000 description 1
- 238000012795 verification Methods 0.000 description 1
Classifications
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06Q—INFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES, NOT OTHERWISE PROVIDED FOR
- G06Q20/00—Payment architectures, schemes or protocols
- G06Q20/30—Payment architectures, schemes or protocols characterised by the use of specific devices or networks
- G06Q20/34—Payment architectures, schemes or protocols characterised by the use of specific devices or networks using cards, e.g. integrated circuit [IC] cards or magnetic cards
- G06Q20/341—Active cards, i.e. cards including their own processing means, e.g. including an IC or chip
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06Q—INFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES, NOT OTHERWISE PROVIDED FOR
- G06Q20/00—Payment architectures, schemes or protocols
- G06Q20/38—Payment protocols; Details thereof
- G06Q20/382—Payment protocols; Details thereof insuring higher security of transaction
- G06Q20/3829—Payment protocols; Details thereof insuring higher security of transaction involving key management
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06Q—INFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES, NOT OTHERWISE PROVIDED FOR
- G06Q20/00—Payment architectures, schemes or protocols
- G06Q20/38—Payment protocols; Details thereof
- G06Q20/40—Authorisation, e.g. identification of payer or payee, verification of customer or shop credentials; Review and approval of payers, e.g. check credit lines or negative lists
- G06Q20/409—Device specific authentication in transaction processing
Abstract
An embodiment of the present invention provides a kind of offline payment method, apparatus and systems to network payment account universal retrieval.This method includes:In response to the selection operation of network payment type, payment label is determined;After communication connection is established with IC chip, the IC chip identification account being locally stored and the certification ciphertext calculated by IC chip are received;Certification ciphertext, payment label and transaction business data assembling including identification account into transaction message and are sent to the authentication that authentication platform carries out IC chip, if certification passes through, the target network payment accounts for transaction are then determined according to payment label and identification account by authentication platform, and transaction message is recombinated based on target network payment accounts, the transaction message after recombination is sent to the corresponding network payment platform of payment label to be traded processing.By implementing the corresponding scheme of the embodiment of the present invention, the use cost of network payment can be reduced and improving the payment success rate of network payment.
Description
Technical field
The present invention relates to propped up under financial payment technical field more particularly to a kind of line to network payment account universal retrieval
Pay method, apparatus and system.
Background technology
It is universal with 3/4G networks, network payment substituted pay in cash, cCredit card payment, when becoming purchase commodity
One of mainstream means of payment.For example, Alipay payment, wechat payment, Baidu's wallet payment etc..
The existing network means of payment relies on smart mobile phone to complete payment, for example, scanning payment Quick Response Code by smart mobile phone.
And if then form the situation for wanting that smart mobile phone must be bought using network payment.And under normal conditions the price of smart mobile phone compared with
Height, the use cost for causing the existing network means of payment are higher.Meanwhile when mobile phone signal is unstable, possibly it can not complete to prop up
It pays, causes payment success rate low.
Invention content
To the offline payment method of network payment account universal retrieval, device and it is an embodiment of the present invention provides a kind of
System, to reduce the use cost of network payment and improve payment success rate.
Then, in one embodiment of the invention, provide and propped up under a kind of line to network payment account universal retrieval
The method of paying.This method includes:In response to the selection operation of network payment type, payment label is determined;It is logical being established with IC chip
After letter connection, the identification account that the IC chip is locally stored and the certification ciphertext calculated by the IC chip are received;It will
The certification ciphertext, the payment label and transaction business data assembling including the identification account into transaction message simultaneously
The authentication that authentication platform carries out the IC chip is sent to, if certification passes through, by the authentication platform according to the payment
Label and the identification account determine the target network payment accounts for transaction, and are paid a bill based on the target network branch
Number recombination transaction message, and by the transaction message after recombination be sent to the corresponding network payment platform of the payment label with
It is traded processing.
Optionally, it is determined by the authentication platform according to the payment label and the identification account for transaction
Target network payment accounts, including:The identification account and at least one network payment account are obtained by the authentication platform
Number correspondence;By the authentication platform according to the payment label and the correspondence, the target for transaction is determined
Network payment account.
Optionally, the target network payment accounts are based on by the authentication platform and recombinate the transaction message, including:By
Identification account in the transaction message is substituted for the target network payment accounts by the authentication platform, to obtain
State the transaction message after recombination.
Optionally, the certification ciphertext uses private key to the number to be encrypted in the transaction business data for the IC chip
According to what is signed;The be-encrypted data includes the identification account;The above method further includes:It is receiving
After the identification account, the be-encrypted data is generated based on the identification account;The be-encrypted data is sent out
It send to the IC chip, is signed to obtain the certification ciphertext to indicate the IC chip to the be-encrypted data.
Optionally, transaction journal number is further included in the be-encrypted data, transaction terminal identification number, merchant information, is added
It is one or more in number;Wherein, the additional number includes random number or unique mark.
Optionally, the transaction business data include payment amount and payment password.
In yet another embodiment of the present invention, it additionally provides and is paid under a kind of line to network payment account universal retrieval
Method.This method includes:The transaction message that transaction terminal is sent is received, the transaction message includes certification ciphertext, payment label
And transaction business data, the certification ciphertext are calculated by IC chip, it is described payment label for the transaction terminal in response to
The selection operation generation of network payment type, the transaction business data include the identity that the IC chip is locally stored and know
Other account;Authentication is carried out to the IC chip according to the transaction message;If certification passes through, according to the payment label
And the identification account determines the target network payment accounts for transaction, and based on the target network payment accounts weight
Transaction message after recombination is sent to the corresponding network payment platform of the payment label and is traded by the group transaction message
Processing.
Optionally, it determines to pay a bill for the target network branch of transaction according to the payment label and the identification account
Number, including:Obtain the correspondence of the identification account and at least one network payment account;According to the payment label
And the correspondence, determine the target network payment accounts for transaction.
Optionally, the transaction message is recombinated based on the target network payment accounts, including:It will be in the transaction message
Identification account be substituted for the target network payment accounts, to obtain the transaction message after the recombination.
Optionally, the certification ciphertext is to be encrypted in the transaction business data by the IC chip using private key
What data were signed, the be-encrypted data includes the identification account;Correspondingly, it is reported according to the transaction
Text carries out authentication to the IC chip, including:The certification ciphertext is decrypted using the IC chip public key, is obtained
Ciphertext data;Compare the ciphertext data and the be-encrypted data;If identical, certification passes through.It should be noted that using
IC chip public key carries out the IC chip process of authentication, that is to say the process that sign test is carried out to the transaction message.
Optionally, transaction journal number is further included in the be-encrypted data, transaction terminal identification number, merchant information, is added
It is one or more in number;Wherein, the additional number includes random number or unique mark.
Optionally, the transaction business data include payment amount and payment password.
In yet another embodiment of the present invention, it additionally provides and is paid under a kind of line to network payment account universal retrieval
Device.The device includes:Determining module for the selection operation in response to network payment type, determines payment label;Receive mould
Block, for after communication connection is established with IC chip, receiving identification account that the IC chip is locally stored and by described
The certification ciphertext that IC chip calculates;Module is assembled, for knowing by the certification ciphertext, the payment label and including the identity
The transaction business data assembling of other account is into transaction message and is sent to the authentication that authentication platform carries out the IC chip, if recognizing
Card passes through, then determines the target network for transaction according to the payment label and the identification account by the authentication platform
Network payment accounts, and the transaction message is recombinated based on the target network payment accounts, the transaction message after recombination is sent
It is handled to the corresponding network payment platform of the payment label with being traded.
In yet another embodiment of the present invention, it additionally provides and is paid under a kind of line to network payment account universal retrieval
Device.The device includes:Receiving module, for receiving the transaction message of transaction terminal transmission, the transaction message includes certification
Ciphertext, payment label and transaction business data, the certification ciphertext are calculated by IC chip, and the payment label is the friendship
Easy terminal is generated in response to the selection operation of network payment type, and it is local that the transaction business data include the IC chip
The identification account of storage;Authentication module, for carrying out authentication to the IC chip according to the transaction message;Recombination
If passing through for certification, the target network for transaction is determined according to the payment label and the identification account for module
Network payment accounts, and the transaction message is recombinated based on the target network payment accounts, the transaction message after recombination is sent
Processing is traded to the corresponding network payment platform of the payment label.
In yet another embodiment of the present invention, it additionally provides and is paid under a kind of line to network payment account universal retrieval
System.The system includes:IC chip, transaction terminal and authentication platform;Identification account is stored in the IC chip;It is described
Transaction terminal includes above-mentioned device;The authentication platform includes above-mentioned device.
In technical solution provided in an embodiment of the present invention, identification account is prestored in IC chip, in transaction,
By reading the identification account in IC chip, you can realize transaction, broken away from the dependence to smart mobile phone, reduced network
The payment cost of payment;Meanwhile also avoid because smart mobile phone signal it is unstable caused by pay failure, improve network branch
The payment success rate paid.In addition, carrying out authentication to IC chip by authentication platform, it can effectively improve and be carried out using IC chip
The safety of payment.
Description of the drawings
In order to illustrate more clearly about the embodiment of the present invention or technical scheme of the prior art, to embodiment or will show below
There is attached drawing needed in technology description to be briefly described, it should be apparent that, the accompanying drawings in the following description is this hair
Some bright embodiments, for those of ordinary skill in the art without creative efforts, can be with root
Other attached drawings are obtained according to these attached drawings.
Fig. 1 is the flow chart of offline payment method that one embodiment of the invention provides;
Fig. 2 is the another flow chart of offline payment method that one embodiment of the invention provides;
Fig. 3 is the flow chart of offline payment method that further embodiment of this invention provides;
Fig. 4 is the another flow chart of offline payment method that further embodiment of this invention provides;
Fig. 5 is the structure diagram of payment mechanism under the line that one embodiment of the invention provides;
Fig. 6 is the structure diagram of payment mechanism under the line that further embodiment of this invention provides;
Fig. 7 is the structure diagram of payment system under the line that further embodiment of this invention provides.
Specific embodiment
Purpose, technical scheme and advantage to make the embodiment of the present invention are clearer, below in conjunction with the embodiment of the present invention
In attached drawing, the technical solution in the embodiment of the present invention is clearly and completely described, it is clear that described embodiment is
Part of the embodiment of the present invention, instead of all the embodiments.Based on the embodiments of the present invention, those of ordinary skill in the art
All other embodiments obtained without making creative work shall fall within the protection scope of the present invention.
The term used in embodiments of the present invention is only merely for the purpose of description specific embodiment, and is not intended to be limiting
The present invention.In the embodiment of the present invention and " one kind " of singulative used in the attached claims, " described " and "the"
It is also intended to including most forms, unless context clearly shows that other meanings, " a variety of " generally comprise at least two, but not
It excludes comprising at least one situation.
It should be appreciated that term "and/or" used herein is only a kind of incidence relation for describing affiliated partner, represent
There may be three kinds of relationships, for example, A and/or B, can represent:Individualism A, exists simultaneously A and B, individualism B these three
Situation.In addition, character "/" herein, it is a kind of relationship of "or" to typically represent forward-backward correlation object.
Depending on linguistic context, word as used in this " if ", " if " can be construed to " ... when " or
" when ... " or " in response to determining " or " in response to monitoring ".Similarly, depending on linguistic context, phrase " if it is determined that " or " such as
Fruit monitors (condition or event of statement) " " when determining " or " in response to determining " can be construed to or " when monitoring (statement
Condition or event) when " or " in response to monitor (condition or event of statement) ".
It should also be noted that, term " comprising ", "comprising" or its any other variant are intended to nonexcludability
Comprising so that commodity or system including a series of elements not only include those elements, but also including without clear and definite
It the other element listed or further includes as this commodity or the intrinsic element of system.In the feelings not limited more
Under condition, the element that is limited by sentence "including a ...", it is not excluded that in the commodity including the element or system also
There are other identical elements.
Fig. 1 is the flow chart of offline payment method that one embodiment of the invention provides.This method is applied to transaction terminal one
Side.As shown in Figure 1, this method includes:
101st, in response to the selection operation of network payment type, payment label is determined.
102nd, after communication connection is established with IC chip, receive identification account that the IC chip is locally stored and by
The certification ciphertext that the IC chip calculates.
103rd, by the certification ciphertext, the payment label and the transaction business data group for including the identification account
It dresses up transaction message and is sent to the authentication that authentication platform carries out the IC chip, if certification passes through, put down by the certification
Platform determines the target network payment accounts for transaction according to the payment label and the identification account, and based on described
Target network payment accounts recombinate the transaction message, and the transaction message after recombination is sent to the corresponding net of the payment label
Network payment platform is handled with being traded.
At present, there are many kinds of network payment types, such as:Have Alipay payment, wechat payment, the payment of Baidu wallet and
Packet payment etc..In general, using for convenience, most of user can possess the account of multiple network type of payment simultaneously, for example, together
Shi Yongyou Alipays pay the account that both network payment types are paid with wechat.Therefore, user can be directed in IC chip
Store an identification account, the identification account can with the network payment account of the multiple network type of payment of the user into
Row binding, can correspond to the network branch for finding the multiple network type of payment that the user is possessed by the identification account in this way
The number of paying a bill.I.e. an IC chip can meet the payment demand of the multiple network type of payment of user.Wherein, the identification
Account can be the identification card number of user, cell-phone number or be user when applying for IC chip, IC chip publisher is the user
The identification identifier of generation, the identification identifier have uniqueness, can unique mark go out the user.It it should be noted that should
Identification account applies for the registration of to obtain, and the identification account is in IC chip publisher for user in IC chip issuer
When issuing the IC chip to user, the application for being just directed to the user is written in the IC chip.IC chip publisher end can be passed through
IC chip is written in identification account by end, and IC chip publisher terminal uses asymmetric encryption mould with IC chip in write-in
Formula carries out information exchange, can increase safety.In order to protect the physical protection based on the IC chip, which can be embedded in certain
In one carrier, which includes but not limited to plastic cards.In IC chip insertion plastic cards, IC card is formed.
In above-mentioned steps 101, in off-line transaction, teller can inquire which kind of network payment type buyer user uses
The means of payment, the answer further according to buyer user select corresponding control to be clicked or touched on transaction terminal;Alternatively, cabinet
Transaction terminal is given buyer user by member, corresponding control is selected to be clicked or touched on transaction terminal by buyer user oneself
It touches, to complete the selection operation of network payment type.Transaction terminal is operated in response to the selection, generation payment label, the payment
Label includes the information such as the network payment type for being used for transaction of buyer user's selection.Such as:When buyer user selects wechat
During payment, which can be " wechat ";When buyer user selects Alipay payment, which can be " payment
It is precious ".Transaction terminal includes but not limited to POS (point of sale) machine, and POS machine is to receive and pay out work(with cash or amount of bartering
The terminal reader of energy.
In above-mentioned steps 102, in off-line transaction, teller can require buyer user to show IC chip and in transaction terminal
On swipe the card, in response to swiping card, establish and communicate to connect with IC chip, to receive the IC chip local sent by IC chip
The identification account of storage and the certification ciphertext calculated by IC chip.The IC chip can pass through contact or non-contacting side
Formula is established with transaction terminal and is communicated to connect.Such as:The IC chip is contact IC chip, passes through the card reader on transaction terminal
Hard contact is contacted with the metal pins in IC chip, so as to establish communication connection;Alternatively, the IC chip is contactless
IC chip, transaction terminal establish communication connection with communicated (i.e. near-field communication) with IC chip by electromagnetic wave.
In above-mentioned steps 103, transaction business data include identification account, may also include payment amount and/or branch
Pay password.The interface or button that payment amount can be provided before swiping the card or after swiping the card by transaction terminal are inputted, and are propped up
Paying password can be inputted after swiping the card by transaction terminal interface or button.
It should be noted that it is certain transaction scenes in, each transaction amount fix (such as:Bus card-reading, every time for
Fixed " unitary " or " two-spot "), in this case, payment amount, network payment platform are may not include in transaction business data
It is handled when being handled according to the amount of money given tacit consent in advance.In addition, present many network payment platforms are for convenience
User uses, and provides " low volume is exempted from close " service, i.e., when transaction amount is less than certain numerical value, user can not have to provide payment mouth
It enables.Wherein, payment password includes but not limited to password, fingerprint, face recognition information etc..
After authentication platform receives transaction message, the identity that the certification ciphertext in transaction message carries out IC chip is recognized
Card.Wherein, the certification ciphertext can be that IC chip is encrypted to obtain to the be-encrypted data in transaction business data, this is treated
Encryption data includes the identification account;Alternatively, be encrypted to obtain to a certain appointment data for IC chip, the about fixed number
According to being stored respectively in IC chip and authentication platform.Symmetric encipherment algorithm can be used in IC chip or rivest, shamir, adelman is added
Close, the present embodiment is not especially limited this.When using symmetric encipherment algorithm, IC chip and authentication platform use same key
It is encrypted and decrypted;When using rivest, shamir, adelman, IC chip is signed using private key (i.e. IC chip private key), is recognized
It demonstrate,proves platform and sign test is carried out using the IC chip public key.Authentication platform obtains decryption number after the certification ciphertext is decrypted
According to if ciphertext data is identical with the be-encrypted data in transaction business data or ciphertext data and the appointment data that is locally stored
Identical, then authentication passes through, you can shows this time to merchandise and be initiated by validated user.It should be noted that signature is also one kind
Ciphering process.
In practical applications, can authentication preferentially be carried out using rivest, shamir, adelman, this is because IC chip private key
Only IC chip possesses, therefore, when the authentication platform decryption of IC chip public key realization certification ciphertext, you can determine the transaction
Initiator is IC chip, compared to symmetric encipherment algorithm, the reliability of rivest, shamir, adelman and safety higher.In view of recognizing
Card platform needs to store different IC chip public keys to carry out authentication to different IC chips, therefore, can be in advance in authentication platform
On establish the correspondence of identification account and IC chip public key, since identification account and IC chip correspond, because
This, the correspondence of identification account and IC chip public key that is to say the correspondence of IC chip and IC chip public key.In this way,
After transaction message is received, the identification account in transaction message indexes corresponding IC chip public key, with to certification
Ciphertext is decrypted, and then realizes verification process.
In authentication platform certification by rear, since the identification account in transaction message is to be noted in IC chip issuer
Volume, network payment platform is None- identified to the identification account.Therefore, it is necessary to be recombinated to the transaction message, with
Identification account in transaction message is replaced with into the corresponding network payment account of payment label, so as to corresponding network payment
Platform can identify.Transaction message after recombination is sent to the corresponding network payment platform of the payment label by authentication platform again
To be traded processing.The process that transaction message of the network payment platform after recombination is received is traded processing can be found in now
There is technology, the present invention is not especially limited this.
It should be noted that above-mentioned steps 101 can be implemented before step 102, can also implement after step 102.I.e.
The selection operation of network payment type can be carried out before reading data of swiping the card, also can carry out network after reading data of swiping the card
The selection operation of type of payment, the present invention are not especially limited this.
In technical solution provided in an embodiment of the present invention, identification account is prestored in IC chip, in transaction,
By reading the identification account in IC chip, you can realize transaction, broken away from the dependence to smart mobile phone, reduced payment
Cost;Meanwhile also avoid because smart mobile phone signal it is unstable caused by pay failure, improve payment success rate.In addition,
Authentication is carried out to IC chip by authentication platform, the safety paid using IC chip can be effectively improved.
Further, it is above-mentioned to determine to be used for according to the payment label and the identification account by the authentication platform
The target network payment accounts of transaction, including:The identification account and at least one network are obtained by the authentication platform
The correspondence of payment accounts;By the authentication platform according to the payment label and the correspondence, determine to merchandise
Target network payment accounts.Such as:Identification account A and Alipay account B, wechat payment accounts C in transaction message
Corresponding, payment label is " Alipay ", then using Alipay account B as target payment accounts.The correspondence can prestore
On the authentication platform, obtained with facilitating.
In a kind of achievable scheme, the target network payment accounts are based on by the authentication platform and recombinate the friendship
Easy message, including:The identification account in the transaction message is substituted for the target network branch by the authentication platform
The number of paying a bill, to obtain the transaction message after the recombination.Such as:Target network payment accounts are Alipay account B, then by identity
Identification account is substituted for Alipay account B, with the transaction message after the recombination arrived.
In the specific implementation, when recombinating transaction message can also by transaction message certification ciphertext, payment label and
Identification account is deleted, and to simplify the transaction message after recombinating, reduces network resource consumption.
In another embodiment, as shown in Fig. 2, the offline payment method applied to the transaction terminal includes:
201st, in response to the selection operation of network payment type, payment label is determined.
202nd, after communication connection is established with IC chip, the identification account that the IC chip is locally stored is received.
203rd, after the identification account is received, the number to be encrypted is generated based on the identification account
According to.
204th, the be-encrypted data is sent to the IC chip, to indicate the IC chip to the be-encrypted data
It is signed to obtain the certification ciphertext.
205th, the certification ciphertext calculated by the IC chip is received.
206th, by the certification ciphertext, the payment label and the transaction business data group for including the identification account
It dresses up transaction message and is sent to the authentication that authentication platform carries out the IC chip, if certification passes through, put down by the certification
Platform determines the target network payment accounts for transaction according to the payment label and the identification account, and based on described
Target network payment accounts recombinate the transaction message, and it is corresponding that the transaction message after recombination is sent to the payment label
Network payment platform is handled with being traded.
Above-mentioned steps 201, step 202, step 205 and step 206 can be found in corresponding contents in above-described embodiment, herein not
It repeats again.
Certain important informations in transaction business data, such as:Identification account, transaction journal number, transaction terminal mark
Number, merchant information etc., needs are encrypted, are illegally intercepted and distorted to avoid transaction message.These important informations can
It is sent to IC chip together, to be signed by IC chip, then is sent to authentication platform, can be further assured that this time transaction is by IC
Chip is initiated, and improves transaction security.
In above-mentioned steps 203, transaction terminal is after the identification account that IC chip is sent is received, based on the identity
Identify account generation be-encrypted data, which includes the identification account.Optionally, in the be-encrypted data
It may also include:It is one or more in transaction journal number, transaction terminal identification number, merchant information, additional number;Wherein, it is described attached
Addend includes random number or unique mark.The addition of transaction journal number, transaction terminal identification number and merchant information can be formed with
The transaction record of effect facilitates subsequent query business and reimbursement business.In view of the transaction that in practical application, transaction terminal generates
Serial number has the upper limit, and after the upper limit is reached, the transaction journal number of subsequent transaction will be with used transaction journal number before
Repeat (such as:The digit of the pre-set transaction journals number of transaction terminal A is 4 digits, when transaction terminal completes 9999 transaction
Afterwards, the transaction journal number that transaction terminal A is generated will be with used transaction journal repetition before), it can not ensure to merchandise
The uniqueness of record, therefore, can be by randomly generating random number or obtaining unique mark, you can ensure each transaction record only
One property;And the addition of random number can further increase the difficulty that other people illegally decrypt.
In technical solution provided in an embodiment of the present invention, identification account is prestored in IC chip, in transaction,
By reading the identification account in IC chip, you can realize transaction, broken away from the dependence to smart mobile phone, reduced network
The payment cost of payment;Meanwhile also avoid because smart mobile phone signal it is unstable caused by pay failure, improve network branch
The payment success rate paid.In addition, carrying out authentication to IC chip by authentication platform, it can effectively improve and be carried out using IC chip
The safety of payment.
In addition, offline payment method that the embodiment of the present invention provided corresponding with above method embodiment, applied to recognizing
Demonstrate,prove platform.As shown in figure 3, this method includes:
301st, the transaction message that transaction terminal is sent is received, the transaction message includes certification ciphertext, payment label and friendship
Easy business datum, the certification ciphertext are calculated by IC chip, and the payment label is the transaction terminal in response to network
The selection operation generation of type of payment, the transaction business data include the identification account that the IC chip is locally stored
Number.
302nd, authentication is carried out to the IC chip according to the transaction message.
If the 303, certification passes through, the target for transaction is determined according to the payment label and the identification account
Network payment account, and the transaction message is recombinated based on the target network payment accounts, and by the transaction message after recombination
It is sent to the corresponding network payment platform of the payment label and is traded processing.
Wherein, the certification ciphertext and the identification account are to be established by the IC chip with the transaction terminal
The transaction terminal is sent to after communication connection.The certification ciphertext can be IC chip to be added in transaction business data
Ciphertext data is encrypted to obtain, which includes the identification account;Alternatively, for IC chip to a certain about fixed number
According to being encrypted to obtain, which is stored respectively in IC chip and authentication platform.Symmetric cryptography calculation can be used in IC chip
Method or rivest, shamir, adelman are encrypted, and the present embodiment is not especially limited this.When using symmetric encipherment algorithm, IC cores
Piece and authentication platform are encrypted and decrypted using same key;When using rivest, shamir, adelman, IC chip uses IC cores
Piece private key is signed, and authentication platform carries out sign test using the corresponding IC chip public key of IC chip private key.Authentication platform is to described
Certification ciphertext obtains ciphertext data after being decrypted, if ciphertext data is identical with the be-encrypted data in transaction business data,
Or ciphertext data is identical with the appointment data being locally stored, then authentication passes through, you can shows that this time transaction is legal.Above-mentioned step
Rapid 301, step 302 and step 303 can be found in the corresponding contents in the various embodiments described above, and details are not described herein.
Further, the target network payment for transaction is determined according to the payment label and the identification account
Account, including:Obtain the correspondence of the identification account and at least one network payment account;It is marked according to the payment
Label and the correspondence, determine the target network payment accounts for transaction.
Further, the transaction message is recombinated based on the target network payment accounts, including:By the transaction message
In identification account be substituted for the target network payment accounts, to obtain the transaction message after the recombination.
In the specific implementation, when recombinating transaction message can also by transaction message certification ciphertext, payment label and
Identification account is deleted, and to simplify the transaction message after recombinating, reduces network resource consumption.
Further, the certification ciphertext is to be added in the transaction business data by the IC chip using private key
What ciphertext data was signed, the be-encrypted data includes the identification account.According to the transaction message pair
The IC chip carries out authentication, including:The certification ciphertext is decrypted using the IC chip public key, is decrypted
Data;Compare the ciphertext data and the be-encrypted data;If identical, certification passes through.The private key and the IC chip
Public key is a pair of secret keys pair that IC chip generates, and private key is stored in the IC chip, and IC chip public key is sent to authentication platform
It is stored.Be-encrypted data can be by transaction terminal after the identification account for receiving IC chip transmission, based on the identity
Identify account generation.It may also include transaction journal number, transaction terminal identification number, merchant information, additional number in the be-encrypted data
In it is one or more;Wherein, the additional number includes random number or unique mark.
Further, the transaction business data include payment amount and payment password.The payment password is available to institute
The foundation that the corresponding network payment platform of payment label is authenticated this transaction is stated, which can be that target is paid
The payment cipher of account.
In technical solution provided in an embodiment of the present invention, identification account is prestored in IC chip, in transaction,
By reading the identification account in IC chip, you can realize transaction, broken away from the dependence to smart mobile phone, reduced network
The payment cost of payment;Meanwhile also avoid because smart mobile phone signal it is unstable caused by pay failure, improve network branch
The payment success rate paid.In addition, carrying out authentication to IC chip by authentication platform, it can effectively improve and be carried out using IC chip
The safety of payment.
It should be noted that in the various embodiments described above, if authentication platform certification does not pass through, authentication platform can think transaction eventually
End returns to the prompt message of a Fail Transaction, after transaction terminal receives the prompt message, is shown at its interface.
As shown in figure 4, the another alternative embodiment of the present invention includes the following steps:
401st, transaction terminal determines payment label in response to the selection operation of network payment type.
402nd, after communication connection is established with IC chip, transaction terminal receives the identification account that IC chip is sent
Number.
403rd, after the identification account is received, transaction terminal is based on treating described in identification account generation
Encryption data.
404th, the be-encrypted data is sent to the IC chip by transaction terminal, to indicate that the IC chip is treated to described
Encryption data is encrypted to obtain the certification ciphertext.
405th, after the IC chip receives the be-encrypted data, using the private key being locally stored to the number to be encrypted
According to being signed to obtain certification ciphertext.
Wherein, the be-encrypted data includes the identification account, transaction journal number, transaction terminal identification number, quotient
Family information, additional number.
406th, transaction terminal receives the certification ciphertext that the IC chip returns.
407th, transaction terminal by the certification ciphertext, it is described payment label and transaction business data assembling into transaction message simultaneously
It is sent to authentication platform.
Wherein, the transaction business data include be-encrypted data, payment amount and payment password.
408th, authentication platform receives the transaction message that transaction terminal is sent.
409th, authentication platform is decrypted the certification ciphertext in the transaction message using the IC chip public key, obtains
Ciphertext data.
410th, the ciphertext data and the be-encrypted data are compared.
If the 411, identical, it is corresponding at least one network payment account that authentication platform obtains the identification account
Relationship.
412nd, authentication platform determines the target network payment for transaction according to the payment label and the correspondence
Account.
413rd, the identification account in transaction message is substituted for the target network payment accounts by authentication platform, with
Transaction message to after the recombination.
414th, authentication platform by the transaction message after recombination be sent to the corresponding network payment platform of the payment label into
Row trading processing.
In addition, as shown in figure 5, corresponding to the embodiment of the method applied to issue terminal, the embodiment of the present invention also provides one
Payment mechanism under kind line, described device include:Determining module 501, the first receiving module 502 and assembling module 503.Wherein, really
Cover half block 501 for the selection operation in response to network payment type, determines payment label;First receiving module 502, is used for
After communication connection is established with IC chip, identification account that the IC chip is locally stored is received and by the IC chip meter
The certification ciphertext of calculation;Module 503 is assembled, for by the certification ciphertext, the payment label and including the identification account
Number transaction business data assembling into transaction message and be sent to the authentication that authentication platform carries out the IC chip, if certification is led to
It crosses, then determines the target network branch for transaction according to the payment label and the identification account by the authentication platform
The number of paying a bill, and the transaction message is recombinated based on the target network payment accounts, the transaction message after recombination is sent to institute
The corresponding network payment platform of payment label is stated to be traded processing.
Above device may also include:Generation module and sending module.Wherein, generation module, for receiving the body
After part identification account, the be-encrypted data is generated based on the identification account;Sending module, for will be described to be encrypted
Data are sent to the IC chip, are encrypted to obtain the certification to indicate the IC chip to the be-encrypted data close
Text.
In addition, as shown in fig. 6, corresponding to the embodiment of the method applied to authentication platform, the embodiment of the present invention also provides one
Payment mechanism under kind line, described device include:Second receiving module 601, authentication module 602 and recombination module 603.Wherein,
Two receiving modules 601, for receiving the transaction message of transaction terminal transmission, the transaction message includes certification ciphertext, payment mark
Label and transaction business data, the certification ciphertext are calculated by IC chip, and the payment label is responded for the transaction terminal
It is generated in the selection operation of network payment type, the transaction business data include the identity that the IC chip is locally stored
Identify account;Authentication module 602, for carrying out authentication to the IC chip according to the transaction message;Recombination module
603, if passing through for certification, the target network for transaction is determined according to the payment label and the identification account
Payment accounts, and the transaction message is recombinated, and the transaction message after recombination is sent based on the target network payment accounts
Processing is traded to the corresponding network payment platform of the payment label.
Optionally, recombination module may include:Acquiring unit, determination unit.Acquiring unit, for obtaining the identification
The correspondence of account and at least one network payment account;Determination unit, for according to the payment label and the correspondence
Relationship determines the target network payment accounts for transaction.Recombination module further includes recomposition unit.Recomposition unit, for by institute
It states the identification account in transaction message and is substituted for the target network payment accounts, to obtain the transaction report after the recombination
Text.
Optionally, authentication module may include:Decryption unit and comparing unit.Wherein, decryption unit, for using the IC
The certification ciphertext is decrypted in chip public key, obtains ciphertext data, and the certification ciphertext is using private by the IC chip
Key signs to the be-encrypted data in the transaction business data, and the be-encrypted data includes the identity
Identify account;Comparing unit, for comparing the ciphertext data and the be-encrypted data;If identical, certification passes through.
It should be noted that for device embodiment, since it is substantially similar to embodiment of the method, so describing
Relatively simple, the relevent part can refer to the partial explaination of embodiments of method.
In addition, as shown in fig. 7, the embodiment of the present invention also provides payment system under a kind of line of network payment account, including:
IC chip 701, transaction terminal 702 and authentication platform 703;The IC chip 701 is stored with identification account;The transaction is eventually
End 702 includes any of the above-described device;The authentication platform 703 includes any of the above-described device.
It should be noted that for device and system embodiment, since it is substantially similar to embodiment of the method, so
Describe relatively simple, referring to the explanation of embodiment of the method in place of correlation.
Finally it should be noted that:The above embodiments are merely illustrative of the technical solutions of the present invention, rather than its limitations;Although
The present invention is described in detail with reference to the foregoing embodiments, it will be understood by those of ordinary skill in the art that:It still may be used
To modify to the technical solution recorded in foregoing embodiments or carry out equivalent replacement to which part technical characteristic;
And these modification or replace, various embodiments of the present invention technical solution that it does not separate the essence of the corresponding technical solution spirit and
Range.
Claims (15)
1. a kind of offline payment method to network payment account universal retrieval, which is characterized in that including:
In response to the selection operation of network payment type, payment label is determined;
After communication connection is established with IC chip, identification account that the IC chip is locally stored is received and by the IC cores
The certification ciphertext that piece calculates;
By the certification ciphertext, the payment label and transaction business data assembling including the identification account into transaction
Message is simultaneously sent to the authentication that authentication platform carries out the IC chip, if certification passes through, by the authentication platform according to institute
It states payment label and the identification account determines target network payment accounts for transaction, and based on the target network
Payment accounts recombinate the transaction message, and the transaction message after recombination is sent to the corresponding network payment of the payment label puts down
Platform is handled with being traded.
2. according to the method described in claim 1, it is characterized in that, by the authentication platform according to the payment label and described
Identification account determines the target network payment accounts for transaction, including:
The correspondence of the identification account and at least one network payment account is obtained by the authentication platform;
By the authentication platform according to the payment label and the correspondence, determine to pay a bill for the target network branch of transaction
Number.
3. it according to the method described in claim 1, it is characterized in that, is paid a bill by the authentication platform based on the target network branch
Number recombination transaction message, including:
The identification account in the transaction message is substituted for the target network payment accounts by the authentication platform, with
Obtain the transaction message after the recombination.
4. according to the method in any one of claims 1 to 3, which is characterized in that the certification ciphertext is the IC chip
It is signed using private key to the be-encrypted data in the transaction business data;The be-encrypted data includes described
Identification account;
The method further includes:After the identification account is received, based on the identification account generation described in treat
Encryption data;
The be-encrypted data is sent to the IC chip, to indicate that the IC chip signs to the be-encrypted data
Obtain the certification ciphertext.
5. according to the method described in claim 4, it is characterized in that, transaction journal number is further included in the be-encrypted data, is handed over
It is one or more in easy terminal iidentification number, merchant information, additional number;
Wherein, the additional number includes random number or unique mark.
6. according to the method in any one of claims 1 to 3, which is characterized in that the transaction business data include payment
The amount of money and payment password.
7. a kind of offline payment method to network payment account universal retrieval, which is characterized in that including:
The transaction message that transaction terminal is sent is received, the transaction message includes certification ciphertext, payment label and transaction business number
According to the certification ciphertext is calculated by IC chip, and the payment label is the transaction terminal in response to network payment type
Selection operation generation, the transaction business data include the identification account that the IC chip is locally stored;
Authentication is carried out to the IC chip according to the transaction message;
If certification passes through, the target network payment for transaction is determined according to the payment label and the identification account
Account, and the transaction message is recombinated based on the target network payment accounts, the transaction message after recombination is sent to described
The corresponding network payment platform of payment label is traded processing.
It is 8. the method according to the description of claim 7 is characterized in that true according to the payment label and the identification account
The fixed target network payment accounts for transaction, including:
Obtain the correspondence of the identification account and at least one network payment account;
According to the payment label and the correspondence, the target network payment accounts for transaction are determined.
9. the method according to the description of claim 7 is characterized in that recombinate the transaction based on the target network payment accounts
Message, including:Identification account in the transaction message is substituted for the target network payment accounts, it is described to obtain
Transaction message after recombination.
10. the method according to any one of claim 7 to 9, which is characterized in that the certification ciphertext is by the IC cores
What piece signed to the be-encrypted data in the transaction business data using private key, the be-encrypted data includes
The identification account;
Correspondingly, authentication is carried out to the IC chip according to the transaction message, including:
The certification ciphertext is decrypted using the IC chip public key, obtains ciphertext data;
Compare the ciphertext data and the be-encrypted data;
If identical, certification passes through.
11. according to the method described in claim 10, it is characterized in that, further included in the be-encrypted data transaction journal number,
It is one or more in transaction terminal identification number, merchant information, additional number;
Wherein, the additional number includes random number or unique mark.
12. the method according to any one of claim 7 to 9, which is characterized in that the transaction business data include payment
The amount of money and payment password.
13. a kind of payment mechanism under line to network payment account universal retrieval, which is characterized in that including:
Determining module for the selection operation in response to network payment type, determines payment label;
First receiving module is known for after communication connection is established with IC chip, receiving the identity that the IC chip is locally stored
Other account and the certification ciphertext calculated by the IC chip;
Module is assembled, for by the certification ciphertext, the payment label and including the transaction business of the identification account
Data assembling is into transaction message and is sent to the authentication that authentication platform carries out the IC chip, if certification passes through, by described
Authentication platform determines the target network payment accounts for transaction, and base according to the payment label and the identification account
The transaction message is recombinated in the target network payment accounts, the transaction message after recombination is sent to the payment label pair
The network payment platform answered is handled with being traded.
14. a kind of payment mechanism under line to network payment account universal retrieval, which is characterized in that including:
Second receiving module, for receiving the transaction message of transaction terminal transmission, the transaction message includes certification ciphertext, payment
Label and transaction business data, the certification ciphertext are calculated by IC chip, and the payment label is rung for the transaction terminal
It should be generated in the selection operation of network payment type, the transaction business data include the body that the IC chip is locally stored
Part identification account;
Authentication module, for carrying out authentication to the IC chip according to the transaction message;
Recombination module if for certification passing through, determines to merchandise according to the payment label and the identification account
Target network payment accounts, and the transaction message is recombinated based on the target network payment accounts, by the transaction after recombination
Message is sent to the corresponding network payment platform of the payment label and is traded processing.
15. a kind of payment system under line to network payment account universal retrieval, which is characterized in that including:IC chip, transaction are eventually
End and authentication platform;
Identification account is stored in the IC chip;
The transaction terminal includes the device described in the claims 13;
The authentication platform includes the device described in the claims 14.
Priority Applications (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN201810050605.XA CN108171510A (en) | 2018-01-18 | 2018-01-18 | Offline payment method, apparatus and system to network payment account universal retrieval |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN201810050605.XA CN108171510A (en) | 2018-01-18 | 2018-01-18 | Offline payment method, apparatus and system to network payment account universal retrieval |
Publications (1)
| Publication Number | Publication Date |
|---|---|
| CN108171510A true CN108171510A (en) | 2018-06-15 |
Family
ID=62515201
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN201810050605.XA Pending CN108171510A (en) | 2018-01-18 | 2018-01-18 | Offline payment method, apparatus and system to network payment account universal retrieval |
Country Status (1)
| Country | Link |
|---|---|
| CN (1) | CN108171510A (en) |
Cited By (1)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN113379412A (en) * | 2021-02-26 | 2021-09-10 | 中国银联股份有限公司 | Readable and writable electronic tag, payment method and device based on tag |
Citations (5)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN102468960A (en) * | 2010-11-16 | 2012-05-23 | 卓望数码技术(深圳)有限公司 | Off-line mode identity and transaction authentication method and terminal |
| CN102496223A (en) * | 2011-11-30 | 2012-06-13 | 钱袋网(北京)信息技术有限公司 | Short-distance on-site payment equipment and system |
| CN104778579A (en) * | 2015-04-30 | 2015-07-15 | 北京奇虎科技有限公司 | Induction payment method and device based on electronic identity recognition carrier |
| CN104881779A (en) * | 2015-06-17 | 2015-09-02 | 恒宝股份有限公司 | Device, system, and method for mobile convergence payment |
| CN105260886A (en) * | 2014-05-28 | 2016-01-20 | 中兴通讯股份有限公司 | Payment processing method and device, NFC (Near Field Communication) portable terminal and wearable terminal |
-
2018
- 2018-01-18 CN CN201810050605.XA patent/CN108171510A/en active Pending
Patent Citations (5)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN102468960A (en) * | 2010-11-16 | 2012-05-23 | 卓望数码技术(深圳)有限公司 | Off-line mode identity and transaction authentication method and terminal |
| CN102496223A (en) * | 2011-11-30 | 2012-06-13 | 钱袋网(北京)信息技术有限公司 | Short-distance on-site payment equipment and system |
| CN105260886A (en) * | 2014-05-28 | 2016-01-20 | 中兴通讯股份有限公司 | Payment processing method and device, NFC (Near Field Communication) portable terminal and wearable terminal |
| CN104778579A (en) * | 2015-04-30 | 2015-07-15 | 北京奇虎科技有限公司 | Induction payment method and device based on electronic identity recognition carrier |
| CN104881779A (en) * | 2015-06-17 | 2015-09-02 | 恒宝股份有限公司 | Device, system, and method for mobile convergence payment |
Cited By (1)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN113379412A (en) * | 2021-02-26 | 2021-09-10 | 中国银联股份有限公司 | Readable and writable electronic tag, payment method and device based on tag |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| US20230133210A1 (en) | Secure authentication system and method | |
| US20210073821A1 (en) | Proxy device for representing multiple credentials | |
| van den Breekel et al. | EMV in a nutshell | |
| US9372971B2 (en) | Integration of verification tokens with portable computing devices | |
| AU2010315111B2 (en) | Verification of portable consumer devices for 3-D secure services | |
| US20110103586A1 (en) | System, Method and Device To Authenticate Relationships By Electronic Means | |
| US20140040147A1 (en) | Secure and convenient mobile authentication techniques | |
| US20110010289A1 (en) | Method And System For Controlling Risk Using Static Payment Data And An Intelligent Payment Device | |
| CN101324942A (en) | Payment system and method performing trade by identification card including IC card | |
| AU2010248794A1 (en) | Verification of portable consumer devices | |
| AU2016308150B2 (en) | Payment devices having multiple modes of conducting financial transactions | |
| CN103959312A (en) | Method of paying for a product or service on a commercial website via an internet connection and a corresponding terminal | |
| CN106330888B (en) | The method and device of payment safety in a kind of guarantee the Internet line | |
| CN109313782A (en) | Pre-approval financial transaction provides system and method | |
| US20050080677A1 (en) | Real-time entry and verification of PIN at point-of-sale terminal | |
| CN108171510A (en) | Offline payment method, apparatus and system to network payment account universal retrieval | |
| Abdulwahab et al. | NFC Payments Security in Light of COVID-19 Pandemic: Review of Recent Security Threats and Protection Methods | |
| EP3338230A1 (en) | Payment devices having multiple modes of conducting financial transactions | |
| Olowolayemo et al. | Examining Users’ Understanding of Security Failures in EMV Smart Card Payment Systems | |
| Ali et al. | A Novel Multiple Session Payment System | |
| KR20120039129A (en) | Method and system for electronic banking using token | |
| CN108780547B (en) | Proxy device for representing multiple certificates | |
| Chen | Information Security of Apple Pay | |
| JP2002190005A (en) | Multifunctional ic card | |
| Badeggi et al. | Avoiding Cybercrime Pandemic in Cashless Society using HMM |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| PB01 | Publication | ||
| PB01 | Publication | ||
| SE01 | Entry into force of request for substantive examination | ||
| SE01 | Entry into force of request for substantive examination | ||
| RJ01 | Rejection of invention patent application after publication | ||
| RJ01 | Rejection of invention patent application after publication |
Application publication date: 20180615 |