CN108647971A - Account safety method and smart card system in a kind of user payment - Google Patents
Account safety method and smart card system in a kind of user payment Download PDFInfo
- Publication number
- CN108647971A CN108647971A CN201810789485.5A CN201810789485A CN108647971A CN 108647971 A CN108647971 A CN 108647971A CN 201810789485 A CN201810789485 A CN 201810789485A CN 108647971 A CN108647971 A CN 108647971A
- Authority
- CN
- China
- Prior art keywords
- transaction
- information
- user
- smart card
- terminal
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Pending
Links
- 238000000034 method Methods 0.000 title claims abstract description 65
- 238000012544 monitoring process Methods 0.000 claims abstract description 24
- 238000012795 verification Methods 0.000 claims abstract description 19
- 238000004891 communication Methods 0.000 claims abstract description 13
- 230000010365 information processing Effects 0.000 claims abstract description 10
- 230000008569 process Effects 0.000 claims description 29
- 230000003466 anti-cipated effect Effects 0.000 claims description 5
- 230000002159 abnormal effect Effects 0.000 claims description 3
- 238000012217 deletion Methods 0.000 claims description 2
- 230000037430 deletion Effects 0.000 claims description 2
- 230000005856 abnormality Effects 0.000 claims 1
- 238000012545 processing Methods 0.000 description 9
- 230000000694 effects Effects 0.000 description 6
- 230000003993 interaction Effects 0.000 description 4
- 244000078534 Vaccinium myrtillus Species 0.000 description 3
- 238000010586 diagram Methods 0.000 description 3
- 239000000284 extract Substances 0.000 description 3
- 230000002547 anomalous effect Effects 0.000 description 2
- 230000005540 biological transmission Effects 0.000 description 2
- 238000011161 development Methods 0.000 description 2
- 238000000605 extraction Methods 0.000 description 2
- 230000009466 transformation Effects 0.000 description 2
- 235000003095 Vaccinium corymbosum Nutrition 0.000 description 1
- 235000017537 Vaccinium myrtillus Nutrition 0.000 description 1
- 241000700605 Viruses Species 0.000 description 1
- 230000009286 beneficial effect Effects 0.000 description 1
- 235000021014 blueberries Nutrition 0.000 description 1
- 230000008859 change Effects 0.000 description 1
- 238000006243 chemical reaction Methods 0.000 description 1
- 230000001419 dependent effect Effects 0.000 description 1
- 238000005516 engineering process Methods 0.000 description 1
- 239000002360 explosive Substances 0.000 description 1
- 230000006870 function Effects 0.000 description 1
- 239000003999 initiator Substances 0.000 description 1
- 230000007246 mechanism Effects 0.000 description 1
- 238000002360 preparation method Methods 0.000 description 1
Classifications
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06Q—INFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES, NOT OTHERWISE PROVIDED FOR
- G06Q20/00—Payment architectures, schemes or protocols
- G06Q20/38—Payment protocols; Details thereof
- G06Q20/382—Payment protocols; Details thereof insuring higher security of transaction
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06Q—INFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES, NOT OTHERWISE PROVIDED FOR
- G06Q20/00—Payment architectures, schemes or protocols
- G06Q20/38—Payment protocols; Details thereof
- G06Q20/40—Authorisation, e.g. identification of payer or payee, verification of customer or shop credentials; Review and approval of payers, e.g. check credit lines or negative lists
- G06Q20/401—Transaction verification
- G06Q20/4016—Transaction verification involving fraud or risk level assessment in transaction processing
Landscapes
- Business, Economics & Management (AREA)
- Engineering & Computer Science (AREA)
- Accounting & Taxation (AREA)
- Computer Security & Cryptography (AREA)
- Finance (AREA)
- Strategic Management (AREA)
- Physics & Mathematics (AREA)
- General Business, Economics & Management (AREA)
- General Physics & Mathematics (AREA)
- Theoretical Computer Science (AREA)
- Financial Or Insurance-Related Operations Such As Payment And Settlement (AREA)
Abstract
The present invention relates to a kind of smart card system, including user terminal, smart card, merchant terminal and payment server, smart card includes control unit, accesses monitoring unit, transaction verification unit, Transaction Information processing unit, storage unit and communication unit.Account safety method in a kind of user payment is further related to, this method is applied to smart card.The present invention, by smart card and relevant method, can effectively ensure the safety such as user information, password, also ensure that important information is stolen by criminal in user account during user's payment transaction.One security performance height, smart card device reasonable for structure are also provided simultaneously.
Description
Technical field
The present invention relates to account safety field, account safety method and smart card system in being paid more particularly to user.
Background technology
The high speed development of intelligent terminal and internet, but also the daily social activity carried out using intelligent network terminal of people is living
Dynamic very more, user's finance account or other accounts comprising important information be used to carry out all kinds of economy and non-economic activity
In the middle, it such as transfers accounts, do shopping, login service device etc..However, in the process for carrying out all kinds of economy and non-economic activity that accesses to your account
In, there are the risks that password and account information are stolen to cause damages.Crime one's share of expenses for a joint undertaking can utilize net using various means
Network or phone steal the close of account, privacy information, userspersonal information etc. in user account, and the above-mentioned information illegally obtained
Into the account of access customer, the fund in account is transferred under the account of crime one's share of expenses for a joint undertaking, or user is pretended to be to carry out the weight such as registering
The acquisition of information is wanted, different degrees of loss is thus caused to user.
In addition, many transaction, data interaction or other social activity all use terminal device logs related application
It is traded or operates, but after the completion of merchandising or operating, user may forget to exit related application immediately, be
Before system is automatically closed, it is possible to cause that user password is revealed or account information is distorted.Existing terminal payment or interaction
Security mechanism is call user's attention secrecy and safety when user opens and applies;Although some applications exit work(equipped with time-out
Can, it is likely that the time is longer, and can not remove the information such as the account of interim storage, password in terminal memory, may cause
Information leakage.Specifically, the privacy degrees of the important informations such as the personal information of user, account information are relatively low, are not only easy quilt
Interception, and its reproducibility is stronger, it is more likely that it is illegally usurped, the safety of consumer-user is impacted, is caused
The loss of consumer's economic aspect.On the other hand, if Intelligent mobile equipment loses or stolen, personal information, the account of user
Information may be used by unauthorized user, also can the account safety and economic security of user be impacted and be lost.
The application program (Application, APP) that user is commonly used in intelligent mobile terminal mentioned above refers to intelligence
The third party application of energy terminal, is referred to as " mobile application ", also referred to as " client terminals ".APP clients refer to intelligent mobile
Application client in equipment, the running of APP clients is as the computer transmission simple broadband internet of information, terminal
APP develops the information push between software, other than by immediate communication tool, becomes more dependent on third party and pushes platform.People
Gradually get used to the mode surfed the Internet using APP clients, and major service provider or electric business both at home and abroad at present has oneself
APP clients, for example, the App Store of apple, the Google Play Store of Google, the Ovi store of Nokia, also
There are BlackBerry App World, the Marketplace of Microsoft of blackberry, blueberry user, " wechat " etc..
APP types currently on the market are varied, including communication class, game class, amusement class, social class, practical life
Class etc..Wherein game class is most popular, the highest cell phone application application of download currently on the market, followed by social class
The APP of APP, well known social activity class have wechat, footpath between fields footpath between fields etc..The APP of the amusement class of third is come, it can be divided into several again
Class:Song class, player class etc..
The markets APP are expected, and are paid close attention to and are put by more businessmans, so that the type and quantity explosive growth of APP,
Various APP applications start to cover the every aspect of people's life.But the thing followed, which is exactly a series of such as malice, detains
Take, expose privacy, the malicious application of carrying mobile phone wooden horse and corpse virus, these bad illegal APP not only encroach on the conjunction of user
Method interests have also seriously affected the sound development of China's mobile Internet industry.
In addition, each APP or application or service, need user to register an account name and password, but due to mesh
Preceding various APP are easy to cause safety problem if user is all set to an account name and password, and if
Different account name and password are set for different APP, it is necessary to which user remembers the account name of all registered mistakes and close
Code, and be an extremely difficult and worried thing.
Only when transaction occurring or related data interacts, the safety of user identity and user account information is carried out
It is comprehensive and effectively check, transaction is just completed when ensuring that user identity and user account information are safe, not only contributes to carry
The specific aim that height detects user identity, and advantageously ensure that the account safety and economic security of user.
Safety in addition to effectively verifying user identity and user account information, it is also necessary to, will in data transmission procedure
The relevant information of user's interaction could more reasonably and comprehensively if important information is effectively handled in Transaction Information, account
Carry out the protection of user account.
Invention content
The present invention provides a kind of smart card system, including user terminal, smart card, merchant terminal and payment server, intelligence
Can block includes control unit, access monitoring unit, transaction verification unit, Transaction Information processing unit, storage unit and communication unit
Member;
Access monitoring unit and carry out the monitoring that current transaction is accessed number and stateful transaction, when occur abnormal exchanges or
When person's transaction count anomalous variation, notice control unit carries out respective handling to currently merchandising;Transaction verification unit is traded
The verification and matching of payment cipher or identity in the process, and send the result to control unit;Transaction Information processing unit will
Relevant multiple information are converted and are integrated in current transaction, that is, facilitate payment server and merchant terminal obtains corresponding letter
Breath also protects user account information safe.
Wherein, in user's payment process, only user terminal, smart card and payment server access current transaction, and
And before and after the payment verification either in payment information generating process access times be all anticipated that or fixed, and other
The access of equipment is all the string for having certain risk beyond a certain range of access times.
Preferably, when multiple information include trading card number, user terminal identification, transaction amount, merchant terminal mark, transaction
Between, user account information, user mobile phone number.
Preferably, each type of transaction information includes corresponding multiple merchant terminal information in trade management unit,
Specifically, multiple merchant terminals can be connected according to a type of transaction simultaneously to obtain transaction content list.
Preferably, it further includes currently merchandising to access needed for each stage to access pre-set access times in monitoring unit
Number.
Account safety method in a kind of user payment is also provided, this method is applied to smart card, and this method is specially:
Step 1:Receive transaction request, the request be in user's selective listing one transaction after, be sent to smart card, and
And the request includes customer transaction quantity, transaction amount, the merchant terminal mark belonging to transaction;
Step 2:After receiving request, to the monitoring that accesses of currently merchandising, the monitoring include request access equipment and
Access times;
Step 3:Current transaction obtains the random cipher that user terminal is sent, while obtaining storage under normal procedure
Password is verified, then matches the two, judges whether transaction succeeds;
Step 4:User account information and currency transaction information are obtained from user terminal, and according to success message by above-mentioned letter
After user privacy information is handled according to certain rule in breath, new information presentation content is formed;
Step 5:Treated user account information and currency transaction information and success message are sent collectively to pay
In server.
Account safety method in a kind of user payment is also provided, this method is applied to payment server, and this method is specially:
Step 1:After transaction starts, transaction browse request is received;
Step 2:The user terminal identification and type of transaction in transaction browse request are obtained, is obtained by user terminal identification
User account information, and it is sent to user terminal, meanwhile, merchant terminal information is obtained according to type of transaction, and connect businessman's end
After merchant terminal obtains corresponding transaction content list, it is aobvious to be then organized into user terminal for the corresponding merchant terminal of client information
The format shown, is sent to user terminal;
Step 3:After receiving the above-mentioned information sent together, while notifying user terminal and merchant terminal to merchandise successfully and disappearing
Breath, and respectively required transaction completion information is sent to corresponding terminal by user terminal and merchant terminal;
Step 4:According to above- mentioned information, by corresponding user account and Merchant Account into row information addition, update or delete
It removes, forms newest user account and Merchant Account information, and stored.
The present invention is beneficial to be had technical effect that:During user's payment transaction, by smart card and relevant method,
It can effectively ensure the safety such as user information, password, also ensure that important information is stolen by criminal in user account.Together
When one security performance height, smart card device reasonable for structure are also provided.
Description of the drawings
Fig. 1 is smart card architecture schematic diagram;
Fig. 2 is account safety method flow diagram in user's payment applied to smart card;
Fig. 3 is account safety method flow diagram in user's payment applied to payment server.
Specific implementation mode
Following will be combined with the drawings in the embodiments of the present invention, and technical solution in the embodiment of the present invention carries out clear, complete
Site preparation describes, it is clear that described embodiments are only a part of the embodiments of the present invention, instead of all the embodiments.It is based on
Embodiment in the present invention, it is obtained by those of ordinary skill in the art without making creative efforts every other
Embodiment shall fall within the protection scope of the present invention.
The present invention provides a kind of smart card system, including user terminal, smart card, merchant terminal and payment server.
User terminal is the initiator of payment flow, in the transaction List Table that the businessman that user shows in the user terminal provides
Transaction content needed for selection, and the payment to merchant terminal is completed by smart card and payment server.User terminal can be
Smart mobile phone, computer, ipad, smart television etc. include that various applications and the smart electronics with network data exchange function are set
It is standby.
Smart card is the protection equipment of payment flow, passes through smart card and payment server and merchant terminal in user terminal
When carrying out payment transaction, the safety guaranteed payment, and prevent Transaction Information stolen.Smart card is connect by hardware such as USB
The equipment that is connect with user terminal of mouth, or the equipment that is connect with user terminal by short-distance wireless communication modes such as bluetooths.
As shown in Figure 1, smart card includes control unit, accesses monitoring unit, transaction verification unit, Transaction Information processing list
Member, storage unit and communication unit.
Control unit connects other each units, and carries out data interaction and each unit control.
Access monitoring unit and carry out the monitoring that current transaction is accessed number and stateful transaction, when occur abnormal exchanges or
When person's transaction count anomalous variation, notice control unit carries out respective handling to currently merchandising.Under normal conditions, it is paid in user
In the process, only user terminal, smart card and payment server access current transaction, and before and after payment verification, Huo Zhezhi
It pays in information generating process, access times are all that anticipated that either fixed and other equipment access or beyond certain
The access times of range all have certain risk.
The verification and matching of payment cipher or identity during transaction verification unit is traded, and send the result to
Control unit.
Relevant multiple information in current transaction are converted and are integrated by Transaction Information processing unit, that is, facilitate payment
Server and merchant terminal obtain corresponding informance, also protect user account information safe.Above-mentioned multiple information include trading card
Number, user terminal identification, transaction amount, merchant terminal mark, exchange hour, user account information, user mobile phone number etc..Upper
State in multiple information, odd numbers of usually merchandising, user terminal identification, transaction amount step on information belong to can disclosed information, also make
The main information obtained for payment server and merchant terminal;And for privacy informations such as user account, user mobile phone numbers, logical
Cross after verification it is not necessary that payment transaction can also be completed to merchant terminal offer, thus be encrypted for above-mentioned privacy information or
Conversion, even if being leaked the safety that will not influence account in process of exchange.
Storage unit is substantially carried out the storage of Transaction Information.
Communication unit is used for carrying out smart card communicating with the data of external equipment.
Payment server is substantially carried out the communication of Transaction Information and the management of user, Merchant Account.
Payment server includes that password generates administrative unit, trade management unit, account management unit and the prior art
In control unit, storage unit and communication unit.
Password generates administrative unit and is used to generate the temporary password needed for transaction, is sent to user terminal and smart card carries out
Password match is verified.It is additionally operable to deletion, more new password, the transaction where security risk or temporary password occurs in transaction is completed
After delete current temporary password, and update temporary password as needed.
Trade management unit extracts information needed in Transaction Information, and root sends out above- mentioned information when transaction is normally carried out
It is sent to account management unit.When there is security risk in transaction, pause transaction, or terminate and currently merchandise and update transaction odd numbers
Etc. information generate new transaction content, and pass through control unit password notified to generate administrative unit and update temporary password.
In the Transaction Information that account management unit is sent according to trade management unit information needed more new user account or
Merchant Account.Above-mentioned information needed includes transaction odd numbers, user terminal identification, merchant terminal mark, transaction amount etc..Above-mentioned letter
Breath is stored with user account or the binding of Merchant Account information, after merchandising successfully, is updated in corresponding account information
Partial content.
Merchant terminal is mainly to provide the list of transaction content to user terminal by payment server, and believe by merchandising
Information needed in breath, which confirms to receive, to be paid and completes to merchandise.
It is described in detail for smart card system provided by the present invention below by specific example.
After user terminal receives transaction sign on input by user, transaction browse request is sent out to payment server,
Corresponding smart card is simultaneously scanned for, is connected automatically after finding smart card.
Browse request of merchandising includes user terminal identification and type of transaction.When searching for smart card, it is first determined whether having
The smart card being attached by interface, if so, then being matched by preset PIN code, when user terminal and smart card
In PIN code it is identical, then successful match;If it is not, being scanned for by short-distance wireless communication modes such as bluetooths, will search
Rope to equipment matched by PIN code, the equipment of successful match is corresponding smart card, and subsequent automated wireless connects intelligence
It can card.
Payment server obtains user terminal identification and type of transaction in transaction browse request, passes through user terminal identification
User account information is obtained from account management unit, and is sent to user terminal.Meanwhile according to type of transaction from trade management
Merchant terminal information is obtained in unit, and connects the corresponding merchant terminal of merchant terminal information.Then, trade management unit is from quotient
After family's terminal obtains corresponding transaction content list, it is organized into the format that user terminal is shown, is sent to user terminal.
Each type of transaction information includes corresponding multiple merchant terminal information in trade management unit, that is,
It says, multiple merchant terminals can be connected according to a type of transaction simultaneously to obtain transaction content list.For example, user passes through use
Articles for children, this friendship of the articles for children stored in the trade management unit in payment server are bought in application in the terminal of family
Easy type corresponds to multiple Business Information such as mother and baby shop A, mother and baby shop B, children's goods store A, and is connected simultaneously by these information
Multiple merchant terminals are stated to obtain product list of each businessman about articles for children.And the list that each businessman provides is not
Together, trade management unit extracts the key message in each list, and the display during key message is applied according to user terminal
Form collator is the list of Unified Form, and is sent to user terminal and shows.
After user terminal receives transaction content list, shown.In user's selective listing after a transaction, send
In transaction request to smart card.The request includes customer transaction quantity, transaction amount, the merchant terminal mark belonging to transaction.
After the communication unit of smart card receives request, control unit starts access monitoring unit and visits currently merchandising
Ask monitoring, which includes the equipment and access times that request accesses.In process of exchange, usually only user terminal, intelligence
Card and payment server request access current transaction, and if there is other equipment asks to access, notice can be sent by accessing monitoring unit
Information is to the trade management unit of payment server, and then, trade management unit obtains request access equipment according to notification information
Information then notifies smart card continuous business process if it is determined that the access equipment is legitimate device;If it is determined that the access equipment
It is illegality equipment, then terminates transaction, and notify user terminal and the current transaction content of intelligent card removal, and user is prompted to select again
Select new transaction.Meanwhile trade management unit notice password generates administrative unit and account management unit stops at current transaction
Reason process, and delete current transaction related content.After selecting new transaction in user, smart card and payment server restart
New trading processing process.
In addition, under normal procedure, the access times currently merchandised are to determine, that is, anticipated that at one
Range, wherein access current transaction include obtain or inquire it is all with the relevant parameter of the completion transaction and information.For example,
After smart card receives transaction request, user terminal information or corresponding password need to access current transaction in extraction transaction.
Payment server generates password or smart card carries out needing to access current transaction etc. when password match.Until closing the transaction,
It can set the maximum access times currently merchandised to fixed value, such as 8, concrete numerical value can be according to current or historical trading
Situation is set.If access times are without departing from maximum access times, continuous business process in process of exchange;If transaction
Access times exceed maximum access times in the process, then transaction of the notification information to payment server can be sent by accessing monitoring unit
Administrative unit, carries out the processing of shutting the book of each unit, and concrete mode is identical as the content being related to before.
In order to ensure the safety in process of exchange, it further includes currently handing over to access pre-set access times in monitoring unit
Access times needed for easy each stage.Each stage includes transaction request stage, password authentification stage and transaction completion stage.On
It is 2-3 times to state each stage setting access times, if the transaction that the ending of each stage detects in process of exchange is visited
It asks number within the above range, then accesses monitoring unit continuous business process;If exceeding above range, monitoring unit is accessed
Notification information can be sent to the trade management unit of payment server, carry out the processing of shutting the book of each unit, concrete mode
It is identical as the content being related to before.
Under normal procedure, password in payment server generates administrative unit and generates for currently merchandising for current transaction
Random cipher, and it is sent to user terminal.It is whole that transaction verification unit in smart card obtains the user received by communication unit
The random cipher sent to be held, while obtaining the verification password in storage unit, subsequent transaction verification unit matches the two,
Judge whether transaction succeeds.After being proved to be successful, success message is sent to Transaction Information processing unit by transaction verification unit.
Transaction Information processing unit obtains user account information and currency transaction information according to success message from user terminal,
And after being handled user privacy information in above- mentioned information according to certain rule, new information presentation content is formed, such as by word
Female and number combination Content Transformation is another group of letter or number, ensures in process of exchange after information leakage, can not obtain
Take correct user privacy information.And it is other can disclosed information, such as merchandise odd numbers, Business Information, the amount of money are without upper
State processing.Transaction Information processing unit rises treated user account information and currency transaction information and success message one
It is sent in payment server.
After trade management unit in payment server receives the above-mentioned information sent together, while notifying user terminal
With merchant terminal transaction successful message, and respectively required transaction completes information and is sent to correspondence by user terminal and merchant terminal
Terminal.Then, trade management unit obtains user terminal identification, trading card in user account information and currency transaction information
Number, the information needed such as number of transaction, transaction amount and Business Information, and above-mentioned information needed is sent to account management unit.
After account management unit receives above- mentioned information, by corresponding user account and Merchant Account into row information addition,
Update is deleted, and forms newest user account and Merchant Account information, and stored.It is looked at any time for user or businessman
Ask account information.
A kind of account safety method in being paid the present invention also provides user, as shown in Fig. 2, this method is applied to smart card,
Specially:
Step 1:Receive transaction request, the request be in user's selective listing one transaction after, be sent to smart card, and
And the request includes customer transaction quantity, transaction amount, the merchant terminal mark belonging to transaction.
Step 2:After receiving request, to the monitoring that accesses of currently merchandising, the monitoring include request access equipment and
Access times.
In process of exchange, usually only user terminal, smart card and payment server request accesses current transaction, if
There is other equipment request to access, notification information can be sent, then, request access equipment information is obtained according to notification information, if
Judge that the access equipment is legitimate device, then notifies smart card continuous business process;If it is determined that the access equipment is illegally to set
It is standby, then transaction is terminated, and notify user terminal and the current transaction content of intelligent card removal, and user is prompted to reselect new friendship
Easily.Meanwhile notifying that password generates administrative unit and account management unit stops current trading processing process, and delete current transaction
Related content.After selecting new transaction in user, smart card and payment server restart new trading processing process.
In addition, under normal procedure, the access times currently merchandised are to determine, that is, anticipated that at one
Range, wherein access current transaction include obtain or inquire it is all with the relevant parameter of the completion transaction and information.For example,
After receiving transaction request, user terminal information or corresponding password need to access current transaction in extraction transaction.It generates close
It needs to access current transaction etc. when code or progress password match.Until closing the transaction, the maximum currently merchandised can be visited
Ask that number is set as fixed value, such as 8, concrete numerical value can be set according to current or historical trading situation.If merchandised
Access times are without departing from maximum access times in journey, then continuous business process;If access times are beyond most in process of exchange
Big access times can then send notification information to the trade management unit of payment server, carry out shutting the book for each unit
Processing, concrete mode are identical as the content being related to before.
Before step 1:Pre-set access times further include access times needed for each stage of currently merchandising.It is each
Stage includes transaction request stage, password authentification stage and transaction completion stage.Access times are arranged in each above-mentioned stage
2-3 times, if the transaction access times that the ending of each stage detects in process of exchange are within the above range, continue to hand over
Easy process;If exceeding above range, notification information can be sent to the trade management unit of payment server, carry out each list
The processing of shutting the book of member, concrete mode are identical as the content being related to before.
Step 3:Current transaction obtains the random cipher that user terminal is sent, while obtaining storage under normal procedure
Password is verified, then matches the two, judges whether transaction succeeds.After being proved to be successful, success message is sent.
Step 4:User account information and currency transaction information are obtained from user terminal, and according to success message by above-mentioned letter
After user privacy information is handled according to certain rule in breath, new information presentation content is formed, such as by letter and number group
The Content Transformation of conjunction is another group of letter or number, ensures in process of exchange after information leakage, can not obtain correct use
Family privacy information.And it is other can disclosed information, such as merchandise odd numbers, Business Information, the amount of money are without above-mentioned processing.
Step 5:Treated user account information and currency transaction information and success message are sent collectively to pay
In server.
A kind of account safety method in being paid the present invention also provides user, as shown in figure 3, this method is applied to payment services
Device, specially:
Step 1:After transaction starts, transaction browse request is received.Browse request of merchandising includes user terminal identification and transaction
Type.
Step 2:The user terminal identification and type of transaction in transaction browse request are obtained, is obtained by user terminal identification
User account information, and it is sent to user terminal.Meanwhile merchant terminal information is obtained according to type of transaction, and connect businessman's end
The corresponding merchant terminal of client information.Then, after merchant terminal obtains corresponding transaction content list, it is aobvious to be organized into user terminal
The format shown, is sent to user terminal.
Wherein, each type of transaction information includes corresponding multiple merchant terminal information, that is to say, that according to one
Type of transaction can connect multiple merchant terminals to obtain transaction content list simultaneously.For example, user passes through in user terminal
Using purchase articles for children, articles for children this type of transaction stored in the trade management unit in payment server corresponds to
Multiple Business Information such as mother and baby shop A, mother and baby shop B, children's goods store A, and connect above-mentioned multiple businessmans simultaneously by these information
Terminal obtains product list of each businessman about articles for children.And the list that each businessman provides is different, trade management
Unit extracts the key message in each list, and the display format during key message is applied according to user terminal arranges as system
The list of one form, and be sent to user terminal and show.
Step 3:After receiving the above-mentioned information sent together, while notifying user terminal and merchant terminal to merchandise successfully and disappearing
Breath, and respectively required transaction completion information is sent to corresponding terminal by user terminal and merchant terminal.Then, user is obtained
The institutes such as user terminal identification, transaction odd numbers, number of transaction, transaction amount and Business Information in account information and currency transaction information
Need information.
Step 4:According to above- mentioned information, by corresponding user account and Merchant Account into row information addition, update or delete
It removes, forms newest user account and Merchant Account information, and stored.At any time account letter is inquired for user or businessman
Breath.
The above description is merely a specific embodiment, but scope of protection of the present invention is not limited thereto, any
Those skilled in the art in technical scope disclosed by the invention, all answer by the change or replacement that can be readily occurred in
It is included within the scope of the present invention.Therefore, protection scope of the present invention should be with the scope of the claims
It is accurate.
Claims (10)
1. a kind of smart card system, including user terminal, smart card, merchant terminal and payment server, which is characterized in that intelligence
Card includes control unit, accesses monitoring unit, transaction verification unit, Transaction Information processing unit, storage unit and communication unit;
It accesses monitoring unit and carries out the monitoring that current transaction is accessed number and stateful transaction, when there is abnormal exchanges or friendship
When easy frequency abnormality variation, notice control unit carries out respective handling to currently merchandising;
The verification and matching of payment cipher or identity during transaction verification unit is traded, and send the result to control
Unit;
Relevant multiple information in current transaction are converted and are integrated by Transaction Information processing unit, that is, facilitate payment services
Device and merchant terminal obtain corresponding informance, also protect user account information safe.
2. system according to claim 1, which is characterized in that in user's payment process, only user terminal, smart card
Current transaction is accessed with payment server, and before and after payment verification or in payment information generating process, access times are all
It is that anticipated that either fixed and other equipment access or is all that there is certain wind beyond a certain range of access times
Danger.
3. system according to claim 1, which is characterized in that multiple information include trading card number, user terminal identification, friendship
The easy amount of money, merchant terminal mark, exchange hour, user account information, user mobile phone number.
4. system according to claim 1, which is characterized in that each type of transaction information is wrapped in trade management unit
Containing corresponding multiple merchant terminal information, specifically, according to a type of transaction can connect simultaneously multiple merchant terminals come
Obtain transaction content list.
5. system according to claim 1, which is characterized in that access pre-set access times in monitoring unit and also wrap
Include access times needed for each stage of currently merchandising.
6. account safety method in a kind of user payment, this method are applied to smart card, which is characterized in that this method is specially:
Step 1:Receive transaction request, which is to be sent to smart card, and should in user's selective listing after a transaction
Request includes that customer transaction quantity, transaction amount, the merchant terminal belonging to transaction identify;
Step 2:After receiving request, to the monitoring that accesses of currently merchandising, which includes the equipment and access that request accesses
Number;
Step 3:Current transaction obtains the random cipher that user terminal is sent, while obtaining the verification of storage under normal procedure
Password then matches the two, judges whether transaction succeeds;
Step 4:User account information and currency transaction information are obtained from user terminal according to success message, and will be in above- mentioned information
After user privacy information is handled according to certain rule, new information presentation content is formed;
Step 5:Treated user account information and currency transaction information and success message are sent collectively to payment services
In device.
7. according to the method described in claim 6, it is characterized in that, before step 1:Pre-set access times further include
It currently merchandises access times needed for each stage.Each stage includes that transaction request stage, password authentification stage and transaction are completed
Stage.
8. a kind of account safety method in user's payment, this method are applied to payment server, which is characterized in that this method is specific
For:
Step 1:After transaction starts, transaction browse request is received;
Step 2:The user terminal identification and type of transaction in transaction browse request are obtained, user is obtained by user terminal identification
Account information, and it is sent to user terminal, meanwhile, merchant terminal information is obtained according to type of transaction, and connect merchant terminal letter
Corresponding merchant terminal is ceased, then, after merchant terminal obtains corresponding transaction content list, is organized into what user terminal was shown
Format is sent to user terminal;
Step 3:After receiving the above-mentioned information sent together, while notifying user terminal and merchant terminal transaction successful message,
And respectively required transaction completes information and is sent to corresponding terminal by user terminal and merchant terminal;
Step 4:According to above- mentioned information, user account and Merchant Account will be corresponded into the addition, update or deletion of row information, shape
At newest user account and Merchant Account information, and stored.
9. according to the method described in claim 8, it is characterized in that, each type of transaction information includes corresponding multiple quotient
Family's end message specifically can connect multiple merchant terminals to obtain transaction content row simultaneously according to a type of transaction
Table.
10. according to the method described in claim 9, it is characterized in that, step 3 further includes:Obtain user account information and current
The information needed such as user terminal identification, transaction odd numbers, number of transaction, transaction amount and Business Information in Transaction Information.
Priority Applications (1)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
CN201810789485.5A CN108647971A (en) | 2018-07-18 | 2018-07-18 | Account safety method and smart card system in a kind of user payment |
Applications Claiming Priority (1)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
CN201810789485.5A CN108647971A (en) | 2018-07-18 | 2018-07-18 | Account safety method and smart card system in a kind of user payment |
Publications (1)
Publication Number | Publication Date |
---|---|
CN108647971A true CN108647971A (en) | 2018-10-12 |
Family
ID=63759666
Family Applications (1)
Application Number | Title | Priority Date | Filing Date |
---|---|---|---|
CN201810789485.5A Pending CN108647971A (en) | 2018-07-18 | 2018-07-18 | Account safety method and smart card system in a kind of user payment |
Country Status (1)
Country | Link |
---|---|
CN (1) | CN108647971A (en) |
Cited By (3)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN111784549A (en) * | 2020-07-23 | 2020-10-16 | 嘉兴长润线业有限公司 | Real estate information interaction system and method thereof |
CN112348510A (en) * | 2019-08-09 | 2021-02-09 | 深圳市优克联新技术有限公司 | Information processing method, information processing device, electronic equipment and storage medium |
US20210133343A1 (en) * | 2018-10-22 | 2021-05-06 | Panasonic Intellectual Property Corporation Of America | Control method, contents management system, recording medium, and data structure |
Citations (5)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
US20030145205A1 (en) * | 2000-04-14 | 2003-07-31 | Branko Sarcanin | Method and system for a virtual safe |
CN103903140A (en) * | 2014-03-14 | 2014-07-02 | 福建联迪商用设备有限公司 | O2O safety payment method, system and safety payment background |
CN103942687A (en) * | 2014-04-25 | 2014-07-23 | 天地融科技股份有限公司 | Data security interactive system |
CN106934607A (en) * | 2015-12-31 | 2017-07-07 | 华为技术有限公司 | A kind of method of payment, payment system service end and payment devices |
CN107464109A (en) * | 2017-07-28 | 2017-12-12 | 中国工商银行股份有限公司 | Credible mobile payment device, system and method |
-
2018
- 2018-07-18 CN CN201810789485.5A patent/CN108647971A/en active Pending
Patent Citations (5)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
US20030145205A1 (en) * | 2000-04-14 | 2003-07-31 | Branko Sarcanin | Method and system for a virtual safe |
CN103903140A (en) * | 2014-03-14 | 2014-07-02 | 福建联迪商用设备有限公司 | O2O safety payment method, system and safety payment background |
CN103942687A (en) * | 2014-04-25 | 2014-07-23 | 天地融科技股份有限公司 | Data security interactive system |
CN106934607A (en) * | 2015-12-31 | 2017-07-07 | 华为技术有限公司 | A kind of method of payment, payment system service end and payment devices |
CN107464109A (en) * | 2017-07-28 | 2017-12-12 | 中国工商银行股份有限公司 | Credible mobile payment device, system and method |
Cited By (4)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
US20210133343A1 (en) * | 2018-10-22 | 2021-05-06 | Panasonic Intellectual Property Corporation Of America | Control method, contents management system, recording medium, and data structure |
CN112348510A (en) * | 2019-08-09 | 2021-02-09 | 深圳市优克联新技术有限公司 | Information processing method, information processing device, electronic equipment and storage medium |
CN111784549A (en) * | 2020-07-23 | 2020-10-16 | 嘉兴长润线业有限公司 | Real estate information interaction system and method thereof |
CN111784549B (en) * | 2020-07-23 | 2024-02-02 | 嘉兴长润线业有限公司 | Real estate information interaction system and method thereof |
Similar Documents
Publication | Publication Date | Title |
---|---|---|
CN106357644B (en) | Identity identifying method, system and server based on block chain network | |
CN106357640B (en) | Identity authentication method, system and server based on block chain network | |
US10621576B1 (en) | Mobile payments using payment tokens | |
US7865431B2 (en) | Private electronic value bank system | |
CN102985885B (en) | For based on the neighbouring system of point-to-point payment transaction, Apparatus and method for | |
KR101739581B1 (en) | Online transaction system | |
CN103903141B (en) | A kind of O2O safe payment methods, system and a kind of POS terminal | |
US20100063906A1 (en) | Systems and methods for authentication of a virtual stored value card | |
CN109074582A (en) | System and method for generating sub- token using main token | |
CN107278307A (en) | Software layer is mutually authenticated | |
CN105830107A (en) | Cloud-based transactions methods and systems | |
CN103778531A (en) | Method and system for implementing electronic bank card payment on basis of two-dimensional code | |
MX2014003427A (en) | Transaction payment method and system. | |
CN102186169A (en) | Identity authentication method, device and system | |
CN107026815A (en) | A kind of payment transaction processing method, paying server, relevant device and system | |
CN105338000B (en) | A kind of verification method, verification system | |
CN105556550A (en) | Method for securing a validation step of an online transaction | |
CN108647971A (en) | Account safety method and smart card system in a kind of user payment | |
CN103942691A (en) | Method and system for realizing electronic transaction through sound waves | |
KR102574524B1 (en) | Remote transaction system, method and point of sale terminal | |
JP2010061318A (en) | User terminal, method to be executed by user terminal, program and data structure | |
US20130054414A1 (en) | Online payment method and a network element, a system and a computer program product therefor | |
CN103020822A (en) | Financial order-receiving method based on double secure channels | |
US20010027435A1 (en) | Electronic-money settlement method and information processing apparatus therefor | |
KR101002010B1 (en) | Payment system using smart card and method thereof |
Legal Events
Date | Code | Title | Description |
---|---|---|---|
PB01 | Publication | ||
PB01 | Publication | ||
SE01 | Entry into force of request for substantive examination | ||
SE01 | Entry into force of request for substantive examination | ||
TA01 | Transfer of patent application right |
Effective date of registration: 20221229 Address after: 212355 Hengtang Industrial Zone, Danyang City, Zhenjiang City, Jiangsu Province Applicant after: HENGBAO Corp. Address before: 100033 room 801-2, No.5, a 5, Financial Street, Xicheng District, Beijing Applicant before: BEIJING DONGFANG YINGKA DIGITAL INFORMATION TECHNOLOGY CO.,LTD. |
|
TA01 | Transfer of patent application right | ||
RJ01 | Rejection of invention patent application after publication |
Application publication date: 20181012 |
|
RJ01 | Rejection of invention patent application after publication |