CN109889510B - Multiple encryption method for service provider transmitting service message - Google Patents
Multiple encryption method for service provider transmitting service message Download PDFInfo
- Publication number
- CN109889510B CN109889510B CN201910091842.5A CN201910091842A CN109889510B CN 109889510 B CN109889510 B CN 109889510B CN 201910091842 A CN201910091842 A CN 201910091842A CN 109889510 B CN109889510 B CN 109889510B
- Authority
- CN
- China
- Prior art keywords
- service provider
- service
- request
- party
- key
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Active
Links
Images
Landscapes
- Computer And Data Communications (AREA)
Abstract
The invention discloses a multiple encryption method for transmitting a service message by a service provider, which comprises a service provider H5 end, a service provider gateway server end, a service provider authentication end and a service provider back end, wherein the service provider H5 end, the service provider gateway server end, the service provider authentication end and the service provider back end are interacted. The invention solves the problems of data leakage, uncontrollable data use, increased third party APP size, long access period, complex flow and high development cost when a service provider service is accessed to a third party in the prior art, and provides a multiple encryption method for transmitting a service message by the service provider.
Description
Technical Field
The invention relates to a computer network security verification access technology, in particular to a multiple encryption method for transmitting service messages by a service provider.
Background
Existing third party access service provider service methods can be roughly divided into two categories: (1) an interface access method. The service provider provides an interface, and a third party submits a request and acquires return data through a background request server interface; (2) and (3) an SDK access method. And the third party introduces the SDK of the service provider to join the own APP, and requests to call the service party interface to submit the request and acquire the returned data through a method provided by the SDK.
The interface access method is characterized in that a request is initiated by a background service of a third party, but not a direct request of a front-end code of a foreground, a service provider interface is not exposed at the front end, and a back-end agreed encryption authentication flow is accessed at the back end, so that the interface safety of the service provider is guaranteed, even if an abnormal condition occurs, the service provider can timely limit the current or cut off the service to a certain third party, and great loss is avoided. However, this access method has a drawback that only the provided interface unconditionally returns a corresponding result as long as the third party initiates a request for passing authentication, but there is no restriction on the third party, and the third party can retain data to establish its second local library, modify and modify the data and return the modified data to the front-end user, and the service provider cannot control and identify such actions, which may bring a certain reputation risk to the service provider, especially in the financial industry, such a risk is particularly prominent in terms of competition in the same industry and financial compliance.
For example, an APP with the name of a certain bank provides the service of opening two types of accounts on line, and is really cooperative with a certain bank, a certain bank provides two types of account opening interfaces, but the three-party APP retains sensitive information provided by the user registering the second class of users before requesting the interface, such as name, ID card, mobile phone number, and even the image data of the front and back sides of ID card, and the image data of hand-held ID card, the important information is retained by the third party but certain bank cannot be judged, because the information is sent by the third party, as for what certain bank can not be controlled before, the user also considers that the information of the user is given to certain bank, the important information which is not known to the user is also retained to the third party, the risk brought in the follow-up process is difficult to estimate, and if the information is leaked by the third party or utilized to do some illegal events, the reputation risk can be generated in certain bank.
The SDK access method is divided into two types, one is the SDK without the front end page, and the other is the SDK with the front end page.
The principle of the access method without the front-end page SDK is that a service provider provides a native SDK to be added into a third-party APP, the third-party development front end calls a method in the SDK to carry out an encryption authentication process, the interface of the service provider is requested to acquire data through the authenticated interface request method provided by the SDK, the authentication is only put at a primary end but not at a back end, so that the interface of the service provider and the encryption and decryption authentication method can be found only by decompiling and cracking the APP of a third party and the primary SDK of the service provider in terms of safety, the conventional APP is generally reinforced and shelled, therefore, the security is still harder to break, but is slightly less secure than the interface access method, because the difficulty of breaking the decompilation of an APP is still smaller than the difficulty of breaking a back-end server, this method also risks third parties to retain data and modify data, as does the interface access method.
The principle of the access method including the front-end page SDK is that the SDK provided by the service provider not only provides an authentication and request method, but also provides the front-end page in the SDK, the third party only needs to call up a starting method of the SDK, the subsequent pages and the data interaction of the pages are all self-owned by the service provider, the third party has no relation at all, and only one result is returned to the third party after the service flow of the service provider is completed, in this way, the self-help service system can be regarded as an independent service supply by the self, thereby avoiding the risk of three parties retaining data and modifying data in an interface access method and an access method without a front-end page SDK, because the third party does not know how you are interacting at all, the entire process is a black box for the third party unless the third party is going to crack the SDK provided by the decompiling service provider. The development amount is very small when the third party accesses, the access is fast, the third party is happy, and certainly, as with the access method without the front-end page SDK, if someone cracks the APP of the decompiling third party and further cracks the SDK of the service provider, the interface and the encryption and decryption authentication method of the service provider can be found out.
However, the SDK access mode in the market at present has no interface access mode, and there are three points to the reason.
First, what many third parties are not well able to accept is that joining the SDK can increase the size of their APP, because the APP is too large, can directly result in the user not being able to download the APP in time (apple APP store exceeds 150M and cannot be downloaded with traffic, many mainstream android application markets also have similar settings), meet a service and add an SDK, whichever APP now certainly does not meet a service provider more than, if each family is the mode that the SDK accesses, the size of this APP can certainly not be small, except for platform restriction, the APP too large user also is not willing to spend traffic and memory space to download, this can directly influence the installation rate and the rate of usage of this APP, influence its propagation and marketing.
Second, issue the version problem, after the third party adds the SDK, APP will be updated after, new function just can be opened, will go to once to send the version flow, goes apple shop and android application market to go to upload the package again, wants the user to go to update this APP of installation on his cell-phone, and whole cycle is very long uncontrollable, and the flow is loaded down with trivial details, and the transmission conversion rate is lower, experiences also than the poor to the user.
Third, many service providers are also reluctant to use SDK access because, in addition to being less acceptable by third parties, development and maintenance costs, one version of IOS, one version of Android, and the costs of maintaining and developing both versions are relatively large.
Therefore, although the access method comprising the front page SDK looks good, more service providers are willing to select a third party which believes cooperation and are not willing to use the method, the service providers sell own services after all, the third parties are clients of the service providers, and the clients are enabled to more conveniently access own services on the premise of safety by taking the benefits of the clients as starting points. Although the interface access method used by the third party has a small development amount, the data can be stored, the third party can master the data, and the third party can accept the data.
Disclosure of Invention
The invention solves the problems of data leakage, uncontrollable data use, increased third party APP size, long access period, complex flow and high development cost of service provider service access to a third party in the prior art, and provides a multiple encryption method for service provider service message transmission, wherein the whole H5 application is developed by the service provider completely, the data is not leaked to any third party, the problems of increased third party APP size and re-edition are avoided, only a jump is configured in the third party background, the whole development cost is controllable, all access parties are modified and synchronized together, no inductive updating is performed, the online speed is high, the reusability is strong, the flow control can be realized, the current limitation and rejection can be performed according to key classification requesters, the access key is firstly accessed, the access key is arranged later, a random number is added, and the flow control is realized, The complexity is increased by mixing Hash, an AES encryption algorithm, public key and private key encryption and decryption, and the like, and the cracking cost of the whole method is very high.
The invention is realized by the following technical scheme:
the multiple encryption method for the service provider to transmit the service message comprises a service provider H5 end, a service provider gateway server end, a service provider authentication end and a service provider back end, wherein the interaction of the ends comprises the following steps:
D. the method comprises the steps that a service provider H5 side initiates a request for generating an access key VT to a service provider through a service provider gateway server side, wherein parameters of the request comprise an access key AT, and the access key AT is encrypted by using a random number as a key;
E. after receiving the request for generating the access key VT in the step D, the service provider authentication end in the service provider decrypts the request for generating the access key VT to decrypt the AT and check the authenticity of the AT, and when the AT is true, the access key VT is generated and returned to the service provider H5 end through the service provider gateway service end, and the function of the AT as the access key is disabled;
F. the service provider H5 decrypts VT by using random numbers, opens and renders an H5 product page, and develops various external services for H5 products;
G. a service provider H5 terminal initiates a service message request to a service provider rear terminal through a service provider gateway server, and request parameters of the service message request are firstly encrypted by random numbers, then encrypted by VT and then encrypted by AK;
H. after receiving a service message request initiated by a service provider H5, the service provider authentication end decrypts the service message request to obtain an initial real service message parameter, initiates a service request to a service provider rear end by using the service message parameter, returns the data requested back, and encrypts and returns the returned message to the service provider H5 by using VT;
I. the service provider H5 side receives the returned message, decrypts the message by VT and renders the returned data.
Further, in the multiple encryption method for the service provider to transmit the service packet, in step D, the service provider H5 initiates a request for generating the access key VT to the service provider through the service provider gateway server, where request parameters of the request include the asymmetric encrypted public key AK and the access key AT of the service provider gateway server.
Further, the multiple encryption method is used for the service provider to transmit the service message, after the access key AT in the request parameter is encrypted by using a random number as a key, the request is encrypted by using the asymmetric encryption public key AK of the gateway server of the service provider.
Further, in the multiple encryption method for the service provider to transmit the service packet, after receiving the request for generating the access key VT in step E, the specific process of decrypting the request for generating the access key VT by the service provider authentication end in the service provider is as follows: and D, after receiving the request in the step D, the service provider authentication end decrypts the request by using a private key SK corresponding to the asymmetric encrypted public key AK of the service provider gateway server end, and then decrypts the AT by using the decrypted random number as a key.
Further, in the multiple encryption method for the service provider to transmit the service packet, in the step E, the service provider authentication end correspondingly stores the generated access key VT with the previously generated registration account siteld of the third party AT the service provider when the AT request is generated, the account appId of the service provider H5 end, and the three-party account userId of the client of the third party.
Further, the service message request in step G further includes a parameter AK, a registered account siteld of the third party at the service provider, an account appId of the service provider H5 side, and a three-party account userId of a client of the third party.
Further, in the multiple encryption method for the service provider to transmit the service packet, after receiving the service packet request initiated by the service provider H5 in step H, the specific process of the service provider authentication end decrypting the service packet request is as follows: the method comprises the steps of firstly decrypting a requested service message by using a private key SK corresponding to an asymmetric encrypted public key AK of a gateway server side of a service provider, then routing to a corresponding VT according to a registered account siteId of a third party at the service provider, an account appId of an H5 side of the service provider and a three-party account userId of a client of the third party, decrypting by using the VT, and then decrypting by using a decrypted random number to obtain an initial real service message parameter.
Compared with the prior art, the invention has the following advantages and beneficial effects:
1. when the method is applied, the whole H5 application is developed by a service provider, data cannot be leaked to any third party, the problems that the size of the APP of the third party is increased and the edition needs to be re-issued do not exist, only one jump needs to be configured in the background of the third party, and the whole development cost is controllable.
2. When the method is applied, all access parties are modified and synchronized together, no perception update is performed, the online speed is high, the reusability is strong, and the flow control can be realized.
3. When the method is applied, the current limitation and rejection can be carried out according to the key classification request party, firstly, the key is accessed, then, the key is accessed, and the complexity is increased by adding random numbers, Hash, AES encryption algorithm, public key and private key encryption and decryption and the like, so that the breaking cost of the whole method is very high.
Drawings
The accompanying drawings, which are included to provide a further understanding of the embodiments of the invention and are incorporated in and constitute a part of this application, illustrate embodiment(s) of the invention and together with the description serve to explain the principles of the invention. In the drawings:
FIG. 1 is a schematic structural view of the present invention;
fig. 2 is a timing chart of the external output of H5 service in the present invention.
Detailed Description
In order to make the objects, technical solutions and advantages of the present invention more apparent, the present invention is further described in detail below with reference to examples and accompanying drawings, and the exemplary embodiments and descriptions thereof are only used for explaining the present invention and are not meant to limit the present invention.
Examples
As shown in fig. 1 to fig. 2, the third party secure access method in the form of the application of the service provider H5 includes a third party backend, a service provider H5 terminal, a service provider gateway server terminal, a service provider authentication terminal, and a service provider backend, and each terminal interactively includes the following steps:
A. a user of a client of a third party clicks an entrance request to enter a service application provided by a service provider and notifies a message to the back end of the third party;
B. the third party back end initiates a request (Access Token, AT for short) for generating an Access key AT to the service provider through the gateway server of the service provider, and the service provider generates the Access key AT and transmits the Access key AT back to the third party back end through the gateway server of the service provider;
C. after receiving the encrypted AT, the third party back end decrypts the AT, and the reverse AT obtains AK (AppKey, AK for short), wherein the AK is an asymmetric encrypted public key of a gateway server of a service provider, and the URL address of the H5 end of the service provider is opened in the webView of the third party with parameters of the AT and the AK, and the H5 end of the service provider temporarily stores the AT and the AK in a sessionStorage of an embedded browser of the APP of the third party;
D. a service provider H5 initiates a request for generating an access key VT (Visit Token, VT for short) to a service provider through a service provider gateway, wherein parameters of the request comprise an access key AT, and the access key AT is encrypted by using a random number as a key;
E. after receiving the request for generating the access key VT in the step D, the service provider authentication end in the service provider decrypts the request for generating the access key VT to decrypt the AT and check the authenticity of the AT, and when the AT is true, the access key VT is generated and returned to the service provider H5 end through the service provider gateway service end, and the function of the AT as the access key is disabled;
F. the service provider H5 decrypts VT by using random numbers, opens and renders an H5 product page, and develops various external services for H5 products;
G. a service provider H5 terminal initiates a service message request to a service provider rear terminal through a service provider gateway server, and request parameters of the service message request are firstly encrypted by random numbers, then encrypted by VT and then encrypted by AK;
H. after receiving a service message request initiated by a service provider H5, the service provider authentication end decrypts the service message request to obtain an initial real service message parameter, initiates a service request to a service provider rear end by using the service message parameter, returns the data requested back, and encrypts and returns the returned message to the service provider H5 by using VT;
I. the service provider H5 side receives the returned message, decrypts the message by VT and renders the returned data.
And in the step B, the third party back end initiates a request for generating the access key AT to the service provider through the gateway server of the service provider, wherein the transfer parameters of the request comprise a registration account siteId of the third party on the service provider, an account appId of the H5 of the service provider and a three-party account userId of a client of the third party.
The specific process that the service provider generates the access key AT and transmits the access key AT back to the third party back end through the gateway server of the service provider in the step B is as follows: and the service provider authentication end decrypts the check label and verifies the registered account siteId of the third party AT the service provider and the account appId of the service provider H5, and then returns the encrypted access key AT. The access key AT is reversible.
The access key AT in the step B includes an asymmetrically encrypted public key AK of the gateway server of the service provider, and a secretekey (SK for short) stored in the authentication side of the service provider.
In the step D, the service provider H5 initiates a request for generating the access key VT to the service provider through the service provider gateway server, where request parameters of the request include the asymmetric encrypted public key AK and the access key AT of the service provider gateway server. And after the access key AT in the request parameter is encrypted by taking the random number as a key, the request is encrypted by using the asymmetric encryption public key AK of the gateway server of the service provider.
After receiving the request for generating the access key VT in step E, the specific process of decrypting the request for generating the access key VT by the authentication end of the service provider in the service provider is as follows: and D, after receiving the request in the step D, the service provider authentication end decrypts the request by using a private key SK corresponding to the asymmetric encrypted public key AK of the service provider gateway server end, and then decrypts the AT by using the decrypted random number as a key.
In the step E, the service provider authentication end correspondingly stores the generated access key VT with the previously generated registration account siteId of the third party AT the service provider, the account appId of the service provider H5 and the three-party account userId of the client of the third party when the AT request is generated.
The service message request in step G further includes a parameter AK, a siteld of a registered account of the third party at the service provider, an account appId of the service provider H5 side, and a three-party account userId of a client of the third party.
After receiving the service message request initiated by the service provider H5 in step H, the specific process of decrypting the service message request by the service provider authentication end is as follows: the method comprises the steps of firstly decrypting a requested service message by using a private key SK corresponding to an asymmetric encrypted public key AK of a gateway server side of a service provider, then routing to a corresponding VT according to a registered account siteId of a third party at the service provider, an account appId of an H5 side of the service provider and a three-party account userId of a client of the third party, decrypting by using the VT, and then decrypting by using a decrypted random number to obtain an initial real service message parameter.
The invention overcomes the defects of data leakage, uncontrollable data use, increased third party APP size, long access period, complex flow and higher development cost existing in the prior art when the service of the service provider is accessed to the third party, the whole H5 application is developed by the service provider, the third party only needs to initiate a request by the background to take a key to transmit to the H5 home page of the service provider, the rest processes are unrelated to the third party, data cannot be leaked to any third party, the problems of increasing the size of the APP of the third party and needing to be re-published do not exist due to the application of H5, only a jump needs to be configured at the background of the third party, the whole development cost is controllable, one set of H5 can be accessed to the IOS, Android and H5 terminals, all access parties are modified and synchronized together every time, no perception updating is performed, the online speed is high, the reusability is strong, flow control can be achieved, and flow limitation and rejection can be performed according to the key classification request party.
The mechanism of oauth2.0 is referenced in the aspect of safety, firstly, a key is accessed, then, an access key is provided, random numbers, Hash, an AES encryption algorithm, public key and private key encryption and decryption and the like are added, complexity is increased, encryption and signing are requested every time, the decryption key does not need to go away, even if a packet is grabbed, VT cannot be taken, three-party APP with a reinforced shell needs to be broken, activity derivation is carried out on webview of the three-party APP, a user can only decompile the whole APP under an IOS platform, all modules are rewritten, JS files at the H5 end of a service provider are compressed and mixed, the front end and the back end are separated, HTTPS encryption and CSRF attack prevention on the network level are carried out, and breaking cost of the whole method is very high.
In the invention, AT consumes once, and becomes invalid after VT is generated; all data cached in sessionStorage of webview of the three-party APP AT the service provider H5 side are encrypted by using AT as key and then cached. The service provider is deployed in a front-end and back-end separation mode, a front-end product is output in an SPA mode, an independent server uses PM2 as a server kernel load balance, high response and rapid rendering are achieved, partial infrequent and public static resource CDN deployment can be performed on condition, and user experience is enabled to be rapid and smooth.
Compared with the prior art, the whole H5 application is developed by a service provider during application, data cannot be leaked to any third party, the problems that the size of the APP of the third party is increased and the edition needs to be re-issued do not exist, only one jump needs to be configured in the background of the third party, and the whole development cost is controllable. The invention modifies all access parties to be synchronous together, has no perception update, high online speed and strong reusability, can also realize flow control, and can classify the request party according to the key to carry out flow limitation and rejection. The invention firstly accesses the secret key and then accesses the secret key, adds the random number, Hash, AES encryption algorithm, public key and private key encryption and decryption and other mixture to increase the complexity, has very high cracking cost of the whole method and improves the security of encryption.
Some bank financing products are output externally, a second class of users, a registration process, an account opening process and a certain product output externally of the bank need to be opened, the whole business process is assembled on the open platform of the bank, the method is used for outputting externally, the problems that the development cost is high, the access of an access party is complex, the application size of the access party is increased, sensitive data is uncontrollable and the like are solved, the compliance risk of outputting externally is guaranteed, and the method does not conflict with the flexibility of opening and online of the products quickly.
The above-mentioned embodiments are intended to illustrate the objects, technical solutions and advantages of the present invention in further detail, and it should be understood that the above-mentioned embodiments are merely exemplary embodiments of the present invention, and are not intended to limit the scope of the present invention, and any modifications, equivalent substitutions, improvements and the like made within the spirit and principle of the present invention should be included in the scope of the present invention.
Claims (5)
1. The multiple encryption method for the service provider to transmit the service message is characterized by comprising a service provider H5 end, a service provider gateway server end, a service provider authentication end and a service provider back end, wherein the interaction of the ends comprises the following steps:
D. the method comprises the steps that a service provider H5 terminal initiates a request for generating an access key VT to a service provider through a service provider gateway server, the parameters of the request comprise an access key AT, the access key AT is encrypted by using a random number as a key, the service provider H5 terminal initiates the request for generating the access key VT to the service provider through the service provider gateway server, and the request parameters of the request comprise an asymmetric encrypted public key AK of the service provider gateway server and the access key AT; after the access key AT in the request parameter is encrypted by taking a random number as a key, the request is encrypted by using an asymmetric encrypted public key AK of a gateway server of a service provider;
E. after receiving the request for generating the access key VT in the step D, the service provider authentication end in the service provider decrypts the request for generating the access key VT to decrypt the AT and check the authenticity of the AT, and when the AT is true, the access key VT is generated and returned to the service provider H5 end through the service provider gateway service end, and the function of the AT as the access key is disabled;
F. the service provider H5 decrypts VT by using random numbers, opens and renders an H5 product page, and develops various external services for H5 products;
G. a service provider H5 terminal initiates a service message request to a service provider rear terminal through a service provider gateway server, and request parameters of the service message request are firstly encrypted by random numbers, then encrypted by VT and then encrypted by AK;
H. after receiving a service message request initiated by a service provider H5, the service provider authentication end decrypts the service message request to obtain an initial real service message parameter, initiates a service request to a service provider rear end by using the service message parameter, returns the data requested back, and encrypts and returns the returned message to the service provider H5 by using VT;
I. the service provider H5 side receives the returned message, decrypts the message by VT and renders the returned data.
2. The multiple encryption method for service provider to transmit service packet according to claim 1, wherein after receiving the request to generate access key VT in step E, the specific process of the service provider authentication end in the service provider to decrypt the request to generate access key VT is as follows: and D, after receiving the request in the step D, the service provider authentication end decrypts the request by using a private key SK corresponding to the asymmetric encrypted public key AK of the service provider gateway server end, and then decrypts the AT by using the decrypted random number as a key.
3. The multiple encryption method for the service provider to transmit the service packet according to claim 1, wherein in step E, the service provider authentication end stores the generated access key VT in correspondence with a previously generated registration account siteld of the third party AT the service provider, an account appId of the service provider H5, and a three-party account userId of a client of the third party.
4. The multiple encryption method for service provider to transmit service message according to claim 1, wherein the service message request in step G further includes parameter AK, registered account siteld of third party at service provider, account appId of service provider H5 side, and three party account userId of client of third party.
5. The multiple encryption method for the service provider to transmit the service packet according to claim 1, wherein after receiving the service packet request initiated by the service provider H5 in step H, the specific process of the service provider authentication end decrypting the service packet request is as follows: the method comprises the steps of firstly decrypting a requested service message by using a private key SK corresponding to an asymmetric encrypted public key AK of a gateway server side of a service provider, then routing to a corresponding VT according to a registered account siteId of a third party at the service provider, an account appId of an H5 side of the service provider and a three-party account userId of a client of the third party, decrypting by using the VT, and then decrypting by using a decrypted random number to obtain an initial real service message parameter.
Priority Applications (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN201910091842.5A CN109889510B (en) | 2019-01-30 | 2019-01-30 | Multiple encryption method for service provider transmitting service message |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN201910091842.5A CN109889510B (en) | 2019-01-30 | 2019-01-30 | Multiple encryption method for service provider transmitting service message |
Publications (2)
| Publication Number | Publication Date |
|---|---|
| CN109889510A CN109889510A (en) | 2019-06-14 |
| CN109889510B true CN109889510B (en) | 2021-05-11 |
Family
ID=66927427
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN201910091842.5A Active CN109889510B (en) | 2019-01-30 | 2019-01-30 | Multiple encryption method for service provider transmitting service message |
Country Status (1)
| Country | Link |
|---|---|
| CN (1) | CN109889510B (en) |
Families Citing this family (5)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN111010385A (en) * | 2019-12-09 | 2020-04-14 | 山东浪潮商用系统有限公司 | RESTful-based secure interaction method |
| CN111756738A (en) * | 2020-06-24 | 2020-10-09 | 昆明东电科技有限公司 | System framework for quickly constructing Web application, data processing method and system |
| CN112532387B (en) * | 2020-11-27 | 2022-12-30 | 上海爱数信息技术股份有限公司 | Key service operation system and method thereof |
| CN113132394B (en) * | 2021-04-22 | 2023-02-03 | 中国建设银行股份有限公司 | Request processing system, method and device, storage medium and electronic equipment |
| CN114338151A (en) * | 2021-12-28 | 2022-04-12 | 中国建设银行股份有限公司 | Secure communication method based on open platform mobile terminal SDK and native application |
Citations (5)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN102546819A (en) * | 2012-02-14 | 2012-07-04 | 中国民航信息网络股份有限公司 | Cross-platform system and method in mobile terminal application |
| CN106911663A (en) * | 2016-11-16 | 2017-06-30 | 上海艾融软件股份有限公司 | One kind sells bank's full message encryption system and method for mixed mode directly to households |
| CN108345632A (en) * | 2017-12-29 | 2018-07-31 | 中国平安财产保险股份有限公司 | Call method, device, equipment and the computer readable storage medium of the H5 pages |
| CN108959908A (en) * | 2018-08-03 | 2018-12-07 | 深圳市思迪信息技术股份有限公司 | A kind of method, computer equipment and storage medium that the mobile platform with access SDK is authenticated |
| CN109064143A (en) * | 2018-06-20 | 2018-12-21 | 中国建设银行股份有限公司 | Processing method, system, device and the storage medium of Transaction Information |
Family Cites Families (1)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| AU2015201536A1 (en) * | 2015-03-25 | 2016-10-13 | Cocoon Data Holdings Limited | Browser system and method |
-
2019
- 2019-01-30 CN CN201910091842.5A patent/CN109889510B/en active Active
Patent Citations (5)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN102546819A (en) * | 2012-02-14 | 2012-07-04 | 中国民航信息网络股份有限公司 | Cross-platform system and method in mobile terminal application |
| CN106911663A (en) * | 2016-11-16 | 2017-06-30 | 上海艾融软件股份有限公司 | One kind sells bank's full message encryption system and method for mixed mode directly to households |
| CN108345632A (en) * | 2017-12-29 | 2018-07-31 | 中国平安财产保险股份有限公司 | Call method, device, equipment and the computer readable storage medium of the H5 pages |
| CN109064143A (en) * | 2018-06-20 | 2018-12-21 | 中国建设银行股份有限公司 | Processing method, system, device and the storage medium of Transaction Information |
| CN108959908A (en) * | 2018-08-03 | 2018-12-07 | 深圳市思迪信息技术股份有限公司 | A kind of method, computer equipment and storage medium that the mobile platform with access SDK is authenticated |
Also Published As
| Publication number | Publication date |
|---|---|
| CN109889510A (en) | 2019-06-14 |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| CN109889510B (en) | Multiple encryption method for service provider transmitting service message | |
| EP2859488B1 (en) | Enterprise triggered 2chk association | |
| US10033701B2 (en) | Enhanced 2CHK authentication security with information conversion based on user-selected persona | |
| US20160050199A1 (en) | Key management using quasi out of band authentication architecture | |
| US20130278622A1 (en) | Secure and Authenticated Transactions with Mobile Devices | |
| CN111131416B (en) | Service providing method and device, storage medium and electronic device | |
| US11588642B2 (en) | Method and apparatus for sharing and acquiring information | |
| US20210176234A1 (en) | Cooperative communication validation | |
| CN107918731A (en) | Method and apparatus for controlling the authority to access to open interface | |
| CN111615105A (en) | Information providing method, information obtaining method, information providing device, information obtaining device and terminal | |
| JP2018519562A (en) | Method and system for transaction security | |
| CN110619222A (en) | Authorization processing method, device, system and medium based on block chain | |
| CN109831432B (en) | Third-party secure access method in application form of service provider H5 | |
| CN115037552A (en) | Authentication method, device, equipment and storage medium | |
| CN116992458A (en) | Programmable data processing method and system based on trusted execution environment | |
| CN109831431B (en) | Random number encryption method for service provider to initiate generation of access request | |
| CN112004201A (en) | Short message sending method and device and computer system | |
| CN101789973A (en) | Method and system for constructing Mashup application | |
| CN112927026A (en) | Coupon processing method and device, electronic equipment and computer storage medium | |
| US11917064B2 (en) | Token transformation filter for the service mesh | |
| CN113422758B (en) | Data encryption method and device, internet of things system, electronic equipment and storage medium | |
| CN109831433B (en) | Third-party-based request encryption method and system between user and server | |
| WO2022095426A1 (en) | Blockchain-based joint account creation method, system, device, and storage medium | |
| CN104717235B (en) | A kind of resources of virtual machine detection method | |
| CN106534047A (en) | Information transmitting method and apparatus based on Trust application |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| PB01 | Publication | ||
| PB01 | Publication | ||
| SE01 | Entry into force of request for substantive examination | ||
| SE01 | Entry into force of request for substantive examination | ||
| GR01 | Patent grant | ||
| GR01 | Patent grant |