CN109583898B - Intelligent terminal and method for payment based on TEE and block chain - Google Patents

Intelligent terminal and method for payment based on TEE and block chain Download PDF

Info

Publication number
CN109583898B
CN109583898B CN201811493925.9A CN201811493925A CN109583898B CN 109583898 B CN109583898 B CN 109583898B CN 201811493925 A CN201811493925 A CN 201811493925A CN 109583898 B CN109583898 B CN 109583898B
Authority
CN
China
Prior art keywords
payment
unit
information
clearing
identity
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Active
Application number
CN201811493925.9A
Other languages
Chinese (zh)
Other versions
CN109583898A (en
Inventor
张福健
唐博
刘建敏
黄德俊
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
Sichuan Changhong Electric Co Ltd
Original Assignee
Sichuan Changhong Electric Co Ltd
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Sichuan Changhong Electric Co Ltd filed Critical Sichuan Changhong Electric Co Ltd
Priority to CN201811493925.9A priority Critical patent/CN109583898B/en
Publication of CN109583898A publication Critical patent/CN109583898A/en
Application granted granted Critical
Publication of CN109583898B publication Critical patent/CN109583898B/en
Active legal-status Critical Current
Anticipated expiration legal-status Critical

Links

Images

Classifications

    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06QINFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES, NOT OTHERWISE PROVIDED FOR
    • G06Q20/00Payment architectures, schemes or protocols
    • G06Q20/38Payment protocols; Details thereof
    • G06Q20/382Payment protocols; Details thereof insuring higher security of transaction
    • G06Q20/3829Payment protocols; Details thereof insuring higher security of transaction involving key management
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06QINFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES, NOT OTHERWISE PROVIDED FOR
    • G06Q20/00Payment architectures, schemes or protocols
    • G06Q20/08Payment architectures
    • G06Q20/085Payment architectures involving remote charge determination or related payment systems
    • G06Q20/0855Payment architectures involving remote charge determination or related payment systems involving a third party

Landscapes

  • Business, Economics & Management (AREA)
  • Accounting & Taxation (AREA)
  • Engineering & Computer Science (AREA)
  • Finance (AREA)
  • Strategic Management (AREA)
  • Physics & Mathematics (AREA)
  • General Business, Economics & Management (AREA)
  • General Physics & Mathematics (AREA)
  • Theoretical Computer Science (AREA)
  • Computer Security & Cryptography (AREA)
  • Financial Or Insurance-Related Operations Such As Payment And Settlement (AREA)

Abstract

The invention relates to the technical field of safety, solves the problem of unreliable payment when sensitive data is maliciously tampered by a third party in the conventional payment process, and provides an intelligent terminal for payment based on a TEE (enhanced Environment) and a block chain, which comprises an REE module and a TEE module, wherein the REE module comprises a client for interacting with a user; the TEE module is used for acquiring the identity identification information after receiving the registration request, storing the identity identification information and performing cryptology processing to obtain a ciphertext of the identity identification information; after receiving a payment request, calling a safety input unit for a user to input payment information, comparing the collected identity identification information of the user with stored identity identification information, if the comparison is successful, sending complete payment information to a clearing center, and generating a corresponding payment log after receiving a clearing success message; and after the ciphertext of the identity identification information and the payment log are packaged according to a block chain protocol, local recording is carried out and the ciphertext and the payment log are simultaneously sent to a block chain network for uplink. The invention is suitable for the safe payment of the intelligent terminal.

Description

Intelligent terminal and method for payment based on TEE and block chain
Technical Field
The invention relates to the technical field of security, in particular to an intelligent television and a method for payment based on a trusted execution environment and a blockchain.
Background
An Operating System of an existing smart terminal basically runs in an REE (Rich Execution Environment), a Rich OS (Rich Operating System) is usually an iOS System of an android System or apple runs in the REE Environment, the REE itself has a security problem, in order to ensure that a user can conveniently, quickly, safely and reliably perform a payment transaction, a standard organization GP (Global Platform organization) for smart card and terminal security proposes a concept of a TEE (Trusted Execution Environment), the TEE is a Trusted Execution space which is safer than the REE (concurrent Execution Environment) on the smart terminal and is composed of a security kernel, TEE hardware resources, and Trusted software and hardware resources such as TA (Trusted Application), and the TEE is a less secure element (SE, usually a smart card) than the security element Processing speed is slow and physically removable, and TEE is the first choice for existing secure environments in view of a balance of cost, security, and user experience. However, the collection of the existing identity authentication information and the payment information are all executed in the REE, and when the REE sends the identity authentication information and the payment information to the TEE, the reliability of payment cannot be guaranteed once sensitive data such as the payment information and the identity authentication information are tampered by a third party.
Disclosure of Invention
The technical problem to be solved by the invention is as follows: the problem that payment is unreliable when sensitive data such as payment logs and identity authentication information are maliciously tampered by a third party in the existing payment process is solved, and an intelligent terminal and a method for payment based on a TEE and a block chain are provided.
The invention solves the technical problems and adopts the technical scheme that:
the intelligent terminal for payment based on the TEE and the blockchain comprises an REE module and a TEE module, wherein the REE module comprises a client; the TEE module comprises an acquisition unit, an encryption and decryption unit, a storage unit, a block chain unit, a secure network unit and a processing unit;
the client is used for interacting with the user and sending a registration request to the TEE module when the user registers the identity; when a user initiates payment, sending a payment request to a TEE module;
the acquisition unit is used for acquiring the identity of the user to obtain identity information after receiving the registration request or the payment request;
the storage unit is used for storing the payment log and the correspondingly acquired identity identification information after receiving the registration request;
a security network unit for communicating with an external network;
the processing unit is used for calling the encryption and decryption unit to carry out cryptographic processing on the identity identification information corresponding to the registration request after receiving the registration request to obtain a ciphertext of the identity identification information; after receiving a payment request, calling a safety input unit for a user to input payment information, comparing the correspondingly acquired identity identification information with the identity identification information in the storage module, if the comparison is successful, sending the complete payment information to a clearing center through a safety network unit, and generating a corresponding payment log after receiving a clearing success message returned by the clearing center;
and the block chain unit is used for carrying out local recording after the ciphertext and the payment log of the identity information are packaged according to a block chain protocol by calling the encryption and decryption unit, and simultaneously sending the ciphertext and the payment log to a block chain network for uplink through the security network unit.
Preferably, the identification information includes biometric information and/or a payment password, when both biometric information and the payment password exist, the processing unit is further configured to compare the collected biometric information with the biometric information stored in the storage module and compare the payment password input by the security input unit with the payment password stored in the storage module when the payment request is received and if the payment amount in the payment information is greater than or equal to a predetermined amount, if both the comparison is successful, the complete payment information is sent to the clearing center through the security network unit, and when a clearing success message returned by the clearing center is received, a corresponding payment log is generated; and if the comparison is successful, the complete payment information is sent to the clearing center through the secure network unit, and after a clearing success message returned by the clearing center is received, a corresponding payment log is generated.
Further, the processing unit is further configured to download all ciphertext of the id information from the blockchain network through the security network unit, compare the received id information, which is acquired correspondingly after receiving the payment request, with the ciphertext of the id information after being cryptographically processed by the encryption and decryption unit, if the comparison is successful, send the complete payment information to the clearing center through the security network unit, and generate a corresponding payment log after receiving a clearing success message returned by the clearing center;
and/or the processing unit is also used for downloading the payment log data from the blockchain network, and storing the payment log data to the storage unit after carrying out corresponding cryptographic processing on the payment log data.
Further, the blockchain unit further comprises an interface unit, and the interface unit is used for calling the encryption and decryption unit to complete the consensus algorithm, the signature verification and the abstract in the blockchain protocol.
Further, the TEE module further includes a clearing unit, and the clearing unit is configured to clear the data in the storage unit and notify the blockchain unit to synchronously update the corresponding data on the blockchain network.
The method applied to the intelligent terminal for payment based on the TEE and the block chain comprises the following steps:
the method comprises the steps that a client side sends a registration request to a TEE module when a user needs identity registration, an acquisition unit acquires an identity of the user to obtain identity information and sends the identity information to a storage unit for storage, an encryption and decryption unit conducts cryptographic processing on the identity information to obtain a ciphertext of the identity information, a block chain unit packages the ciphertext of the identity information according to a block chain protocol through calling the encryption and decryption unit, then conducts local recording, and sends the ciphertext to a block chain network through a security network unit to conduct cochain;
the client sends a payment request to the TEE module when a user initiates payment, the processing unit receives the payment request and then calls the safety input unit for the user to input payment information, the acquisition unit is called to acquire the identity of the user to obtain identity information, the acquired identity information is compared with the identity information in the storage module, if the comparison is successful, the complete payment information is sent to a clearing center through the safety network unit, and after a clearing success message returned by the clearing center is received, a corresponding payment log is generated; and the block chain unit calls the encryption and decryption unit to package the payment log according to a block chain protocol, then performs local recording, and simultaneously transmits the payment log to the block chain network through the security network unit for uplink.
Preferably, the identity information includes biometric information and/or a payment password, when the biometric information and the payment password exist, after the client sends a payment request to the TEE module when the user initiates payment, if the payment amount in the payment information is greater than or equal to a preset amount, the processing unit compares the collected biometric information with the biometric information stored in the storage module, compares the payment password input by the security input unit with the payment password stored in the storage module, if the comparison between the collected biometric information and the payment password is successful, sends the complete payment information to the clearing center through the security network unit, and generates a corresponding payment log after receiving a clearing success message returned by the clearing center; and if the comparison is successful, the complete payment information is sent to the clearing center through the secure network unit, and after a clearing success message returned by the clearing center is received, a corresponding payment log is generated.
Further, when the identity identification information in the storage unit is abnormal, the processing unit downloads all ciphertexts of the identity identification information from the block chain network through the secure network unit, compares the identity identification information which is acquired correspondingly after receiving the payment request and is cryptographically processed through the encryption and decryption unit with the ciphertexts of the identity identification information, if the comparison is successful, sends the complete payment information to the clearing center through the secure network unit, and generates a corresponding payment log after receiving a clearing success message returned by the clearing center;
and/or when the payment log in the storage unit is abnormal, the processing unit downloads the payment log data from the blockchain network, and stores the payment log data in the storage unit after performing corresponding cryptographic processing on the payment log data.
Further, the encapsulating according to the block chain protocol includes calling an encryption and decryption unit to complete a consensus algorithm, a signature verification and a digest in the block chain protocol.
Further, when the user needs to log off the account corresponding to the intelligent terminal, the clearing unit is called to clear the data in the storage unit and notify the block chain unit to synchronously update the corresponding data on the block chain network.
The invention has the beneficial effects that:
the payment information is input in the TEE module, so that the payment information is prevented from being tampered in the transmission process; the identity authentication information is collected in the collecting unit of the TEE module, so that an attacker can be effectively prevented from forging the user attack; the encryption and decryption unit ensures the safety of all cryptology processing, prevents a third party from modifying data in the operation process, synchronously packages a payment log and a ciphertext of identity authentication information in a block chain protocol through the encryption and decryption unit, and stores the block chain protocol in a local block chain unit and an external block chain network, wherein the block chain unit is used as a node of the block chain network, and the sensitive data is prevented from being maliciously tampered by utilizing the anti-tampering characteristic of the block chain, so that the double guarantee of the sensitive data is realized.
Drawings
Fig. 1 is a schematic structural diagram of an embodiment of the present invention.
Detailed Description
In order to make the objects, technical solutions and advantages of the present invention more apparent, the present invention will be further described in detail with reference to the accompanying drawings and the following embodiments.
As shown in fig. 1, the intelligent terminal for payment based on TEE and blockchain includes an REE module and a TEE module, where the REE module includes a client; the TEE module comprises an acquisition unit, an encryption and decryption unit, a storage unit, a block chain unit, a secure network unit and a processing unit;
the client is used for interacting with the user and sending a registration request to the TEE module when the user registers the identity; when a user initiates payment, sending a payment request to a TEE module;
the acquisition unit is used for acquiring the identity of the user to obtain identity information after receiving the registration request or the payment request;
the storage unit is used for storing the payment log and the correspondingly acquired identity identification information after receiving the registration request;
a security network unit for communicating with an external network;
the processing unit is used for calling the encryption and decryption unit to carry out cryptographic processing on the identity identification information corresponding to the registration request after receiving the registration request to obtain a ciphertext of the identity identification information; after receiving a payment request, calling a safety input unit for a user to input payment information, comparing the correspondingly acquired identity identification information with the identity identification information in the storage module, if the comparison is successful, sending the complete payment information to a clearing center through a safety network unit, and generating a corresponding payment log after receiving a clearing success message returned by the clearing center;
the block chain unit is used for carrying out local recording after the ciphertext and the payment log of the identity identification information are packaged according to a block chain protocol by calling the encryption and decryption unit, and simultaneously sending the ciphertext and the payment log to a block chain network for uplink through the security network unit;
and the encryption and decryption unit is used for performing cryptographic processing on the input data.
The intelligent terminal can be intelligent equipment supporting an REE module and a TEE module on hardware such as an intelligent television and a mobile phone. The Client, i.e. the CA (Client Application) in fig. 1, may call TEE-related functions by calling the TEE function API, call TA-related functions by calling the TEE Client API, or communicate with the TEE module by calling the REE communication agent. The encryption and decryption unit can adopt a hardware encryption and decryption unit to ensure that the encryption and decryption operation reaches the safety of a hardware level; the block chain unit is used as a node of a block chain network, and the tamper-proof characteristic of the block chain is utilized to prevent sensitive data from being maliciously tampered, so that double guarantee of the sensitive data is realized. The payment information can comprise payment related information such as payment amount and payee information confirmation information; the clearing center can be a mechanism with clearing function such as a bank union and a network union, the complete payment information is obtained by combining the corresponding payment information according to the requirement of the corresponding clearing center, and the block chain network can be a union chain of the corresponding industry of the intelligent terminal. The collecting unit extracts the identity identification information by carrying out characteristics on the identity identification, and the cryptography processing comprises obtaining summary information, and particularly, an SHA-1 algorithm can be adopted.
In order to ensure that identity identification information can be safely collected on hardware and strong authentication in large-amount payment is realized, the identity identification information can comprise biological characteristic information and/or a payment password, when the biological characteristic information and the payment password exist, the processing unit can be also used for comparing the collected biological characteristic information with the biological characteristic information stored in the storage module and comparing the payment password input by the safety input unit with the payment password stored in the storage module if the payment amount in the payment information is larger than or equal to a preset amount after a payment request is received, transmitting the complete payment information to a clearing center through the safety network unit if the comparison between the collected biological characteristic information and the biological characteristic information stored in the storage module is successful, and generating a corresponding payment log after a clearing success message returned by the clearing center is received; and if the comparison is successful, the complete payment information is sent to the clearing center through the secure network unit, and after a clearing success message returned by the clearing center is received, a corresponding payment log is generated.
In order to ensure that when the identity identification information in the storage unit in the storage module is abnormal, the processing unit can correctly compare the information, the processing unit can also be used for downloading all cipher texts of the identity identification information from a block chain network through the security network unit, comparing the identity identification information which is correspondingly collected after receiving the payment request and is cryptographically processed through the encryption and decryption unit with the cipher texts of the identity identification information, if the comparison is successful, sending the complete payment information to the clearing center through the security network unit, and generating a corresponding payment log after receiving a clearing success message returned by the clearing center;
similarly, in order to ensure that the processing unit can correctly compare information when the payment log in the storage unit is abnormal in the storage module, the processing unit can also be used for downloading payment log data from the blockchain network, and storing the payment log data in the storage unit after performing corresponding cryptographic processing on the payment log data. The presence anomaly described above may be manifested as tampering or loss.
In order to ensure the safety of the related operation of the blockchain unit, the blockchain unit further comprises an interface unit, and the interface unit is used for calling the encryption and decryption unit to complete the consensus algorithm, the signature verification and the abstract in the blockchain protocol.
When the user needs to log off the account corresponding to the intelligent terminal, the TEE module further comprises a clearing unit, and the clearing unit is used for clearing the data of the storage unit and informing the block chain unit to synchronously update the corresponding data on the block chain network.
The method applied to the intelligent terminal for payment based on the TEE and the block chain comprises the following steps:
the method comprises the steps that a client side sends a registration request to a TEE module when a user needs identity registration, an acquisition unit acquires an identity of the user to obtain identity information and sends the identity information to a storage unit for storage, an encryption and decryption unit conducts cryptographic processing on the identity information to obtain a ciphertext of the identity information, a block chain unit packages the ciphertext of the identity information according to a block chain protocol through calling the encryption and decryption unit, then conducts local recording, and sends the ciphertext to a block chain network through a security network unit to conduct cochain;
the client sends a payment request to the TEE module when a user initiates payment, the processing unit receives the payment request and then calls the safety input unit for the user to input payment information, the acquisition unit is called to acquire the identity of the user to obtain identity information, the acquired identity information is compared with the identity information in the storage module, if the comparison is successful, the complete payment information is sent to a clearing center through the safety network unit, and after a clearing success message returned by the clearing center is received, a corresponding payment log is generated; and the block chain unit calls the encryption and decryption unit to package the payment log according to a block chain protocol, then performs local recording, and simultaneously transmits the payment log to the block chain network through the security network unit for uplink.
Examples
In this embodiment, an intelligent terminal is exemplified by an intelligent television, the method applied to the intelligent terminal for payment based on TEE and blockchain includes a user registration method and a user payment method, and the preparation work includes: and downloading or presetting the client by the user, and initializing the resources by the intelligent terminal to finish the installation of the client.
Specifically, the user registration method comprises the following steps:
s101, a client sends a registration request to a TEE module when a user needs identity registration;
s102, requesting to collect the biological characteristics of a user by a collecting unit;
s103, providing biological characteristics by a user;
s104, the acquisition unit extracts the acquired biological characteristics to obtain biological characteristic information, and the biological characteristic information is stored in the storage unit;
s105, the block chain unit packages the equipment number corresponding to the intelligent terminal and sends the block chain network;
s106, the encryption and decryption unit performs cryptographic processing on the biological characteristic information to obtain a ciphertext of the biological characteristic information, and the block chain unit calls the encryption and decryption unit to package the ciphertext of the biological characteristic information according to a block chain protocol, then performs local recording, and transmits the ciphertext to a block chain network through the secure network unit for uplink; the block chain protocol encapsulation comprises calling an encryption and decryption unit to complete a consensus algorithm, a signature verification and an abstract in a block chain protocol;
s107, informing the client that the biological characteristic information is completely acquired;
s108, the client prompts whether the user supports the large payment;
s109, if the user selects support, the method enters S110, otherwise, the method enters S115;
s110, calling a safety input unit to prompt a user to input a payment password;
s111, inputting a payment password by a user;
s112, storing the payment password in a storage unit,
s113, the encryption and decryption unit carries out cryptographic processing on the payment password to obtain a ciphertext of the payment password, the block chain unit packages the ciphertext of the payment password according to a block chain protocol by calling the encryption and decryption unit, then carries out local recording, and sends the ciphertext to a block chain network through the security network unit for uplink; the block chain protocol encapsulation comprises calling an encryption and decryption unit to complete a consensus algorithm, a signature verification and an abstract in a block chain protocol;
s114, informing the client that the payment password is collected;
and S115, the client displays the registration completion to the user.
Specifically, the user payment method comprises the following steps:
s201, a user initiates payment;
s202, prompting a user to select a payment mode by a client;
s203, if the user selects the smart television to directly pay, the step S204 is carried out, otherwise, other payment processes are carried out, which is not the protection key point of the invention and is not explained;
s204, the processing unit calls a safety input unit for a user to input payment information and requests to acquire biological characteristics;
s205, a user inputs payment information and provides biological characteristics for an acquisition unit to acquire;
s206, the TEE module judges whether the biological characteristic information in the storage unit is abnormal, if so, the S207 is entered, and if not, the S208 is entered;
s207, the processing unit downloads all the ciphertexts of the biological characteristic information from the block chain network through the secure network unit, compares the acquired biological characteristic information with the ciphertexts of the identity identification information after the acquired biological characteristic information is cryptographically processed through the encryption and decryption unit, and enters S209 if the comparison is successful, or exits the payment process;
s208, the processing unit compares the acquired biological characteristic information with the biological characteristic information in the storage module, if the comparison is successful, S209 is entered, otherwise, the payment process is exited;
s209, judging whether the payment amount in the payment information is larger than or equal to a preset amount, if so, entering a step S210, and if not, entering a step S215;
s210, the processing unit calls a safety input unit for a user to input a payment password;
s211, inputting a payment password by a user;
s212, the TEE module judges whether the payment password in the storage unit is abnormal, if so, the S213 is entered, otherwise, the S214 is entered;
s213, the processing unit downloads all cipher texts of the payment password from the block chain network through the secure network unit, compares the acquired payment password with the cipher texts of the payment password after being cryptographically processed by the encryption and decryption unit, and enters S215 if the comparison is successful, otherwise exits the payment process;
s214, the processing unit compares the collected payment password with the payment password in the storage module, if the comparison is successful, S215 is entered, otherwise, the payment process is exited;
s215, processing the payment information into complete payment information which meets the format required by the clearing center, and sending the complete payment information to the clearing center through the safety network unit;
s216, after receiving a clearing success message returned by the clearing center, the processing unit generates a corresponding payment log;
s217, the block chain unit packages the payment log according to a block chain protocol by calling the encryption and decryption unit, then carries out local recording, and sends the payment log to a block chain network through the security network unit for uplink; the block chain protocol encapsulation comprises calling an encryption and decryption unit to complete a consensus algorithm, a signature verification and an abstract in a block chain protocol;
s218, informing the client of successful payment;
and S219, the client displays that the payment is successful to the user.
In the above step, when the payment log in the storage unit is abnormal, the processing unit downloads the payment log data from the blockchain network, and stores the payment log data in the storage unit after performing corresponding cryptographic processing on the payment log data. When a user needs to log off an account corresponding to the intelligent terminal, the clearing unit is called to clear the data of the storage unit and inform the block chain unit to synchronously update the corresponding data on the block chain network.

Claims (10)

1. The intelligent terminal for payment based on the TEE and the blockchain comprises an REE module and a TEE module, and is characterized in that the REE module comprises a client; the TEE module comprises an acquisition unit, an encryption and decryption unit, a storage unit, a block chain unit, a safety network unit, a safety input unit and a processing unit;
the client is used for interacting with the user and sending a registration request to the TEE module when the user registers the identity; when a user initiates payment, sending a payment request to a TEE module;
the acquisition unit is used for acquiring the identity of the user to obtain identity information after receiving the registration request or the payment request;
the storage unit is used for storing the payment log and the correspondingly acquired identity identification information after receiving the registration request;
a security network unit for communicating with an external network;
the processing unit is used for calling the encryption and decryption unit to carry out cryptographic processing on the identity identification information corresponding to the registration request after receiving the registration request to obtain a ciphertext of the identity identification information; after receiving a payment request, calling a safety input unit for a user to input payment information, informing an acquisition unit of acquiring identity identification information of the user, comparing the acquired identity identification information with identity identification information in a storage module, if the comparison is successful, sending complete payment information to a clearing center through a safety network unit, and generating a corresponding payment log after receiving a clearing success message returned by the clearing center;
and the block chain unit is used for carrying out local recording after the ciphertext and the payment log of the identity information are packaged according to a block chain protocol by calling the encryption and decryption unit and sending the ciphertext and the payment log to a block chain network for uplink through the security network unit.
2. The intelligent TEE and blockchain based payment terminal of claim 1, wherein the identification information includes biometric information and/or a payment password, when both the biometric information and the payment password exist, the processing unit is further configured to compare the collected biometric information with the biometric information stored in the storage module and compare the payment password input by the security input unit with the payment password stored in the storage module when a payment request is received and if the payment amount in the payment information is greater than or equal to a predetermined amount, transmit the complete payment information to the clearing center through the security network unit if both the comparison is successful, and generate a corresponding payment log when a clearing success message returned by the clearing center is received; and if the comparison is successful, the complete payment information is sent to the clearing center through the secure network unit, and after a clearing success message returned by the clearing center is received, a corresponding payment log is generated.
3. The intelligent TEE and blockchain based payment terminal of claim 1, wherein the processing unit is further configured to download all ciphertexts of the identity information from the blockchain network through the security network unit, compare the identity information, which is acquired after receiving the payment request, after being cryptographically processed through the encryption and decryption unit with the ciphertexts of the identity information, and if the comparison is successful, send the complete payment information to the clearing center through the security network unit, and when receiving a clearing success message returned by the clearing center, generate a corresponding payment log;
and/or the processing unit is also used for downloading the payment log data from the blockchain network, and storing the payment log data to the storage unit after carrying out corresponding cryptographic processing on the payment log data.
4. The TEE and blockchain based payment intelligent terminal of claim 1 wherein the blockchain unit further includes an interface unit for invoking the encryption and decryption unit to perform consensus algorithms, signatures and digests in the blockchain protocol.
5. The intelligent TEE and blockchain based payment terminal of claim 1 wherein the TEE module further includes a clearing unit for clearing the data of the storage unit and notifying the blockchain unit to synchronously update the corresponding data on the blockchain network.
6. The method applied to the TEE and blockchain based payment intelligent terminal of claim 1, comprising:
the method comprises the steps that a client side sends a registration request to a TEE module when a user needs identity registration, an acquisition unit acquires an identity of the user to obtain identity information and sends the identity information to a storage unit for storage, an encryption and decryption unit conducts cryptographic processing on the identity information to obtain a ciphertext of the identity information, a block chain unit packages the ciphertext of the identity information according to a block chain protocol through calling the encryption and decryption unit, then conducts local recording, and sends the ciphertext to a block chain network through a security network unit to conduct cochain;
the client sends a payment request to the TEE module when a user initiates payment, the processing unit receives the payment request and then calls the safety input unit for the user to input payment information, the acquisition unit is called to acquire the identity of the user to obtain identity information, the acquired identity information is compared with the identity information in the storage module, if the comparison is successful, the complete payment information is sent to a clearing center through the safety network unit, and after a clearing success message returned by the clearing center is received, a corresponding payment log is generated; and the block chain unit packages the payment log according to a block chain protocol by calling the encryption and decryption unit, then performs local recording, and sends the payment log to the block chain network for uplink through the secure network unit.
7. The method of claim 6, wherein the identification information includes biometric information and/or a payment password, when the biometric information and the payment password exist, after the client sends a payment request to the TEE module when the user initiates payment, if the payment amount in the payment information is greater than or equal to a predetermined amount, the processing unit compares the collected biometric information with the biometric information stored in the storage module, compares the payment password input by the security input unit with the payment password stored in the storage module, if the comparison between the collected biometric information and the biometric information is successful, sends the complete payment information to the clearing center through the security network unit, and generates a corresponding payment log after receiving a clearing success message returned by the clearing center; and if the comparison is successful, the complete payment information is sent to the clearing center through the secure network unit, and after a clearing success message returned by the clearing center is received, a corresponding payment log is generated.
8. The method of claim 6, wherein when the identity information in the storage unit is abnormal, the processing unit further downloads all ciphertexts of the identity information from the blockchain network through the security network unit, compares the identity information which is correspondingly collected after receiving the payment request and is cryptographically processed through the encryption and decryption unit with the ciphertexts of the identity information, if the comparison is successful, the complete payment information is sent to the clearing center through the security network unit, and when a clearing success message returned by the clearing center is received, a corresponding payment log is generated;
and/or when the payment log in the storage unit is abnormal, the processing unit downloads the payment log data from the blockchain network, and stores the payment log data in the storage unit after performing corresponding cryptographic processing on the payment log data.
9. The method of claim 6, wherein the encapsulating according to the blockchain protocol includes calling an encryption/decryption unit to perform a consensus algorithm, a signature, and a digest in the blockchain protocol.
10. The method as claimed in claim 6, wherein when the user needs to log off the account corresponding to the intelligent terminal, the clearing unit is invoked to clear the data in the storage unit and notify the blockchain unit to synchronously update the corresponding data on the blockchain network.
CN201811493925.9A 2018-12-07 2018-12-07 Intelligent terminal and method for payment based on TEE and block chain Active CN109583898B (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
CN201811493925.9A CN109583898B (en) 2018-12-07 2018-12-07 Intelligent terminal and method for payment based on TEE and block chain

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
CN201811493925.9A CN109583898B (en) 2018-12-07 2018-12-07 Intelligent terminal and method for payment based on TEE and block chain

Publications (2)

Publication Number Publication Date
CN109583898A CN109583898A (en) 2019-04-05
CN109583898B true CN109583898B (en) 2022-02-01

Family

ID=65929004

Family Applications (1)

Application Number Title Priority Date Filing Date
CN201811493925.9A Active CN109583898B (en) 2018-12-07 2018-12-07 Intelligent terminal and method for payment based on TEE and block chain

Country Status (1)

Country Link
CN (1) CN109583898B (en)

Families Citing this family (9)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN110060058B (en) * 2019-04-25 2023-10-10 深圳市元征科技股份有限公司 Transaction method, device, equipment and readable storage medium
CN110247895B (en) * 2019-05-20 2021-04-06 创新先进技术有限公司 Receipt storage method, node, device and storage medium
CN110264193B (en) * 2019-05-20 2021-05-18 创新先进技术有限公司 Receipt storage method and node combining user type and transaction type
JP7176488B2 (en) * 2019-07-08 2022-11-22 株式会社デンソー Data storage device and data storage program
CN110400223B (en) * 2019-07-26 2022-05-17 中国工商银行股份有限公司 Block chain-based interactive log encryption, calling and anti-theft method and device
CN111133734B (en) * 2019-08-12 2022-05-27 创新先进技术有限公司 Block chain based decision execution
CN110688364A (en) * 2019-09-05 2020-01-14 Oppo(重庆)智能科技有限公司 Data transfer method, device, storage medium and electronic equipment
CN111740838B (en) * 2020-05-22 2023-04-07 上海链民信息科技有限公司 Trusted uplink method and system for block chain data
CN115719272A (en) * 2021-08-26 2023-02-28 华为技术有限公司 Data processing method, system, device, computer equipment and storage medium

Family Cites Families (7)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN102855580A (en) * 2012-09-24 2013-01-02 深圳市国电科技通信有限公司 Clearing settlement method and system
AU2016235539B2 (en) * 2015-03-20 2019-01-24 Rivetz Corp. Automated attestation of device integrity using the block chain
US10592639B2 (en) * 2016-09-06 2020-03-17 Intel Corporation Blockchain-based shadow images to facilitate copyright protection of digital content
CN107038639B (en) * 2017-03-07 2020-08-04 杭州云象网络技术有限公司 Alliance chain construction method compatible with multi-asset type rapid transaction
CN107274184A (en) * 2017-05-11 2017-10-20 上海点融信息科技有限责任公司 block chain data processing based on zero-knowledge proof
CN108229142B (en) * 2017-12-28 2020-12-15 中国人民银行数字货币研究所 Method and device for upgrading wallet based on digital currency wallet terminal
CN108737422A (en) * 2018-05-23 2018-11-02 栾友祥 A kind of network security mobile-payment system based on block chain

Also Published As

Publication number Publication date
CN109583898A (en) 2019-04-05

Similar Documents

Publication Publication Date Title
CN109583898B (en) Intelligent terminal and method for payment based on TEE and block chain
US11005989B1 (en) Validating automatic number identification data
EP1766847B1 (en) Method for generating and verifying an electronic signature
US9055061B2 (en) Process of authentication for an access to a web site
CN109145628B (en) Data acquisition method and system based on trusted execution environment
CN108418812B (en) Intelligent terminal safety message service method based on trusted execution environment
US20020181701A1 (en) Method for cryptographing information
CN109688098B (en) Method, device and equipment for secure communication of data and computer readable storage medium
US20160210477A1 (en) System and method of rapid deployment of trusted execution environment application
CN109711824B (en) Resource transfer method, device, computer equipment and storage medium
CN111539720B (en) Credible transaction method and system based on digital currency
CN104753674A (en) Application identity authentication method and device
CN109729000B (en) Instant messaging method and device
CN112448930A (en) Account registration method, device, server and computer readable storage medium
CN110958266A (en) Data processing method, system, computer device and storage medium
JP2003208409A (en) Authentication system and method
US9648495B2 (en) Method and device for transmitting a verification request to an identification module
CN109640277B (en) Short message processing method and device applied to USIM card
CN113098685B (en) Security verification method and device based on cloud computing and electronic equipment
CN113079506B (en) Network security authentication method, device and equipment
CN109792436B (en) Verification code processing method and mobile terminal
JP4964048B2 (en) Authentication system and authentication method using non-contact IC and portable information terminal
CN110933028A (en) Message transmission method, device, network equipment and storage medium
CN114501442B (en) Message tamper detection method, auxiliary method, device, medium and terminal
CN115002761B (en) Data processing method and device and electronic equipment

Legal Events

Date Code Title Description
PB01 Publication
PB01 Publication
SE01 Entry into force of request for substantive examination
SE01 Entry into force of request for substantive examination
GR01 Patent grant
GR01 Patent grant