CN109981585B - Business handling method and equipment - Google Patents
Business handling method and equipment Download PDFInfo
- Publication number
- CN109981585B CN109981585B CN201910142950.0A CN201910142950A CN109981585B CN 109981585 B CN109981585 B CN 109981585B CN 201910142950 A CN201910142950 A CN 201910142950A CN 109981585 B CN109981585 B CN 109981585B
- Authority
- CN
- China
- Prior art keywords
- service
- result
- identification
- terminal
- signature
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Active
Links
- 238000000034 method Methods 0.000 title claims abstract description 52
- 238000013475 authorization Methods 0.000 claims abstract description 85
- 230000001960 triggered effect Effects 0.000 claims abstract description 12
- 238000012795 verification Methods 0.000 claims description 61
- 238000004590 computer program Methods 0.000 claims description 12
- 238000012545 processing Methods 0.000 claims description 9
- 238000010586 diagram Methods 0.000 description 13
- 238000011084 recovery Methods 0.000 description 13
- 238000004891 communication Methods 0.000 description 4
- 230000008569 process Effects 0.000 description 4
- 230000008878 coupling Effects 0.000 description 3
- 238000010168 coupling process Methods 0.000 description 3
- 238000005859 coupling reaction Methods 0.000 description 3
- 230000000694 effects Effects 0.000 description 2
- 238000005516 engineering process Methods 0.000 description 2
- 230000011664 signaling Effects 0.000 description 2
- 238000012546 transfer Methods 0.000 description 2
- 238000011161 development Methods 0.000 description 1
- 238000012986 modification Methods 0.000 description 1
- 230000004048 modification Effects 0.000 description 1
- 230000003287 optical effect Effects 0.000 description 1
- 238000003672 processing method Methods 0.000 description 1
- 230000009467 reduction Effects 0.000 description 1
- 230000002441 reversible effect Effects 0.000 description 1
- 238000006467 substitution reaction Methods 0.000 description 1
Images
Classifications
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/08—Network architectures or network communication protocols for network security for authentication of entities
- H04L63/0815—Network architectures or network communication protocols for network security for authentication of entities providing single-sign-on or federations
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/08—Network architectures or network communication protocols for network security for authentication of entities
- H04L63/0876—Network architectures or network communication protocols for network security for authentication of entities based on the identity of the terminal or configuration, e.g. MAC address, hardware or software configuration or device fingerprint
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/10—Network architectures or network communication protocols for network security for controlling access to devices or network resources
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L9/00—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
- H04L9/32—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials
- H04L9/321—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials involving a third party or a trusted authority
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L9/00—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
- H04L9/32—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials
- H04L9/3247—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials involving digital signatures
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06Q—INFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES, NOT OTHERWISE PROVIDED FOR
- G06Q10/00—Administration; Management
- G06Q10/10—Office automation; Time management
- G06Q10/103—Workflow collaboration or project management
Landscapes
- Engineering & Computer Science (AREA)
- Computer Security & Cryptography (AREA)
- Computer Networks & Wireless Communication (AREA)
- Signal Processing (AREA)
- Computer Hardware Design (AREA)
- Computing Systems (AREA)
- General Engineering & Computer Science (AREA)
- Power Engineering (AREA)
- Management, Administration, Business Operations System, And Electronic Commerce (AREA)
Abstract
The invention provides a business handling method and business handling equipment. The method comprises the following steps: a terminal acquires a service handling request triggered by a user, wherein the service handling request comprises: a login identification and a service identification; the terminal reads the electronic identity stored by the terminal; the terminal acquires the identity authentication result and the service authorization result of the user according to the login identification, the service identification and the electronic identity identification; and the terminal transacts the service for the user according to the identity authentication result and the service authorization result. The method and the device have the advantages that the problem of high business handling pressure of an entity business hall is relieved, and meanwhile, the safety of user information is guaranteed.
Description
Technical Field
The present invention relates to the field of communications technologies, and in particular, to a method and an apparatus for handling a service.
Background
With the development and popularization of operators, the increase of package products and the increase of service complexity, service handling requirements of operators are increasing day by day. Most of the services require users to carry identity cards to the entity business hall for transaction, which leads to higher business transaction pressure in the entity business hall, and even causes the phenomena of user satisfaction reduction and complaints due to overlong waiting time. How to relieve business handling pressure of an entity business hall becomes a problem to be solved urgently.
The prior art provides business handling channels such as a mobile phone business hall and an online business hall, but the channels only can handle relatively simple business and have low channel utilization rate because the channels have the problems that real-name authentication cannot be carried out, whether the operation is performed by the user cannot be identified and the like.
Disclosure of Invention
The invention provides a business handling method and equipment, which are used for solving the problems that real-name authentication cannot be carried out, whether the operation is performed by a user cannot be identified and the like in the prior art.
In a first aspect, the present invention provides a method for transacting a service, including:
a terminal acquires a service handling request triggered by a user, wherein the service handling request comprises: a login identification and a service identification;
the terminal reads the electronic identity stored by the terminal;
the terminal acquires the identity authentication result and the service authorization result of the user according to the login identification, the service identification and the electronic identity identification;
and the terminal transacts the service for the user according to the identity authentication result and the service authorization result.
Optionally, the obtaining, by the terminal, the identity authentication result and the service authorization result of the user according to the login identifier, the service identifier, and the electronic identity identifier includes:
the terminal acquires a signature result according to the login identification and the service identification;
the terminal sends the electronic identity identification and the signature result to a third party verification platform, so that the third party verification platform obtains the identity authentication result of the user according to the electronic identity identification and obtains the service authorization result of the user according to the signature result;
and the terminal receives the identity authentication result and the service authorization result of the user, which are sent by the third-party verification platform.
Optionally, the obtaining, by the terminal, a signature result according to the login identifier and the service identifier includes:
the terminal judges whether the login identification is correct or not;
and if the service identifier is correct, signing the service identifier to obtain the signature result.
Optionally, the method further includes:
and the terminal sends the identity authentication result and the service authorization result of the user to an operator server.
In a second aspect, the present invention provides a method for transacting a service, including:
a third-party verification platform receives an electronic identity and a signature result sent by a terminal, wherein the electronic identity is stored in the terminal, and the signature result is obtained after the terminal signs a service identifier;
the third party verification platform acquires an identity authentication result according to the electronic identity identifier and acquires a service authorization result according to the signature result;
and the third party verification platform sends the identity authentication result and the service authorization result to the terminal.
Optionally, the third party verifying platform obtains an identity authentication result according to the electronic identity identifier, and obtains a service authorization result according to the signature result, including:
and the third party verification platform verifies the validity of the electronic identity identification and the signature result through an encryption signature verification algorithm to obtain the identity authentication result and the service authorization result.
In a third aspect, the present invention provides a terminal, including: the device comprises an acquisition module and a processing module;
the acquisition module is configured to: acquiring a service handling request triggered by a user, wherein the service handling request comprises: a login identification and a service identification;
the acquisition module is also used for reading the electronic identity stored in the terminal;
the obtaining module is further used for obtaining the identity authentication result and the service authorization result of the user according to the login identification, the service identification and the electronic identity identification;
and the processing module is used for handling the service for the user according to the identity authentication result and the service authorization result.
Optionally, the obtaining module is specifically configured to:
acquiring a signature result according to the login identification and the service identification;
sending the electronic identity identification and the signature result to a third-party verification platform so that the third-party verification platform obtains an identity authentication result of the user according to the electronic identity identification and obtains a service authorization result of the user according to the signature result;
and receiving the identity authentication result and the service authorization result of the user, which are sent by the third party verification platform.
Optionally, the obtaining module is specifically configured to:
judging whether the login identification is correct or not;
and if the service identifier is correct, signing the service identifier to obtain the signature result.
Optionally, the terminal further includes:
and the sending module is used for sending the identity authentication result and the service authorization result of the user to an operator server.
In a fourth aspect, the present invention provides a verification platform comprising:
the system comprises a receiving module, a service identification processing module and a processing module, wherein the receiving module is used for receiving an electronic identity identification and a signature result sent by a terminal, the electronic identity identification is stored in the terminal, and the signature result is obtained after the terminal signs a service identification;
the acquisition module is used for acquiring an identity authentication result according to the electronic identity identifier and acquiring a service authorization result according to the signature result;
and the sending module is used for sending the identity authentication result and the service authorization result to the terminal.
Optionally, the obtaining module is specifically configured to verify validity of the electronic identity and the signature result through an encryption signature verification algorithm, so as to obtain the identity authentication result and the service authorization result.
In a fifth aspect, the present invention provides a terminal, comprising: the system comprises a business hall client, a calling interface and an SIM card, wherein the business hall client, the calling interface and the SIM card are sequentially connected;
wherein the business hall client is configured to: acquiring a service handling request triggered by a user, and sending the service handling request to the calling interface, wherein the service handling request comprises: a login identification and a service identification;
the calling interface is used for: reading an electronic identity identifier from the SIM card, and acquiring an identity authentication result and a service authorization result of the user according to the login identifier, the service identifier and the electronic identity identifier;
the business hall client is further configured to: and transacting the service for the user according to the identity authentication result and the service authorization result.
Optionally, the call interface is specifically configured to:
acquiring a signature result according to the login identification and the service identification;
sending the electronic identity identification and the signature result to a third-party verification platform so that the third-party verification platform obtains an identity authentication result of the user according to the electronic identity identification and obtains a service authorization result of the user according to the signature result;
and receiving the identity authentication result and the service authorization result of the user, which are sent by the third party verification platform.
In a sixth aspect, the present invention provides a server, comprising:
a processor; and
a memory for storing executable instructions of the processor;
wherein the processor is configured to implement the steps of the third party authentication platform in the service handling method via executing the executable instructions.
In a seventh aspect, the present invention provides a computer-readable storage medium, on which a computer program is stored, which, when executed by a processor, implements the steps of the terminal in the above-mentioned service handling method.
In an eighth aspect, the present invention provides a computer-readable storage medium, on which a computer program is stored, where the computer program, when executed by a processor, implements the steps of the third party authentication platform in the service processing method.
In a ninth aspect, the present invention provides a service handling system, including the above terminal and server.
According to the business handling method and the business handling equipment, the electronic identity stored in the terminal is read after the business handling request triggered by the user is obtained, the identity authentication result and the business hand authorization result of the user are obtained according to the login identity and the business identity contained in the business handling request and the read electronic identity, and finally the business is handled for the user according to the identity authentication result and the business authorization result, so that the business handling pressure of an entity business hall is relieved, and the safety of user information is guaranteed.
Drawings
FIG. 1 is an application scenario diagram of a business transaction method provided by the present invention;
FIG. 2 is a schematic flow chart of a first embodiment of a service handling method provided by the present invention;
fig. 3 is a schematic physical structure diagram of a terminal according to the present invention;
fig. 4 is a schematic signaling flow diagram of a second embodiment of a service handling method provided by the present invention;
fig. 5 is a schematic structural diagram of a terminal provided in the present invention;
FIG. 6 is a schematic structural diagram of a verification platform provided in the present invention;
FIG. 7 is a schematic diagram of a hardware structure of a server according to the present invention;
FIG. 8 is a schematic diagram of a business handling system provided by the present invention.
Detailed Description
In order to make the objects, technical solutions and advantages of the embodiments of the present invention clearer, the technical solutions in the embodiments of the present invention will be clearly and completely described below with reference to the drawings in the embodiments of the present invention, and it is obvious that the described embodiments are some, but not all, embodiments of the present invention. All other embodiments, which can be derived by a person skilled in the art from the embodiments given herein without making any creative effort, shall fall within the protection scope of the present invention.
The terms "first," "second," "third," "fourth," and the like in the description and in the claims, as well as in the drawings, if any, are used for distinguishing between similar elements and not necessarily for describing a particular sequential or chronological order. It is to be understood that the data so used is interchangeable under appropriate circumstances such that the embodiments of the invention described herein are, for example, capable of operation in sequences other than those illustrated or otherwise described herein. Furthermore, the terms "comprises," "comprising," and "having," and any variations thereof, are intended to cover a non-exclusive inclusion, such that a process, method, system, article, or apparatus that comprises a list of steps or elements is not necessarily limited to those steps or elements expressly listed, but may include other steps or elements not expressly listed or inherent to such process, method, article, or apparatus.
In order to relieve the business handling pressure of an entity business hall of an operator, in the prior art, business handling channels such as a mobile phone business hall and an online business hall are provided, but because the channels have the problems that real-name authentication cannot be carried out, whether the operation is performed by the user cannot be identified, and the like, the channels can only handle relatively simple business, and the utilization rate of the channels is not high.
Based on the technical problem, the invention provides a service handling method, before handling service for a user, the identity of the user and the service applied for handling by the user are firstly verified, and on the basis of the legality of the verification, the corresponding service is handled for the user, so that the safety of user information is ensured.
Fig. 1 is an application scenario diagram of the service handling method provided by the present invention. In the application scenario shown in fig. 1, the terminal, the third party authentication platform, and the operator server are connected by a wireless communication technology.
Alternatively, the terminal may be a portable, pocket, or hand-held mobile device, such as a smart phone, a tablet computer, a personal computer, and the like. The present invention does not limit the presentation form of the terminal.
The third-party verification platform may be an Electronic Identity identifier (Electronic Identity, abbreviated as eID) platform provided by a third-party Electronic Identity card service provider authorized by the ministry of public security.
The operator server refers to an operator related service operation platform. The operator server can be used for storing corresponding authentication credentials and authorization credentials according to the service order after the user transacts the related service, so as to prove the user for use when service transaction disputes occur in the future.
The following describes the technical solutions of the present invention and how to solve the above technical problems with specific embodiments. The following several specific embodiments may be combined with each other, and details of the same or similar concepts or processes may not be repeated in some embodiments. Embodiments of the present invention will be described below with reference to the accompanying drawings.
Fig. 2 is a schematic flow chart of a first embodiment of a service handling method provided by the present invention. The service handling method provided by the embodiment can be executed by the terminal shown in fig. 3. The following describes the physical structure of the terminal 300 shown in fig. 3: as shown in fig. 3, the terminal comprises the following components: the system comprises a business hall client, a calling interface and an SIM card, wherein the business hall client, the calling interface and the SIM card are connected in sequence.
The business hall client and the calling interface can be realized by software, hardware or a combination of software and hardware. The SIM card is integrated with an electronic identity of a user, identity information of the user can be identified from a public network identity identification system of the Ministry of public Security through the electronic identity, but the code does not contain any personal identity information and can not push out the personal identity information in a reversible way.
The following describes in detail the procedure of performing the service transaction method of the present embodiment using the terminal shown in fig. 3. Referring to fig. 2, the service handling method of this embodiment includes:
s201, the terminal acquires a service transaction request triggered by a user.
Specifically, a user may trigger a service transaction request through a business hall client installed on a terminal, where the service transaction request includes: login identification and service identification.
S202, the terminal reads the electronic identity stored in the terminal.
S203, the terminal obtains the identity authentication result and the service authorization result of the user according to the login identification, the service identification and the electronic identity identification.
In particular, steps S202-S203 may be performed by a calling interface, which may read the electronic identity from the SIM card, since the electronic identity of the user is integrated in the SIM card. After the business hall client in S201 obtains the login identifier and the service identifier, the login identifier and the service identifier are sent to the calling interface, and the calling interface further obtains the user authentication result and the service authorization result according to the received login identifier and service identifier and the read electronic identity identifier.
And S204, the terminal transacts the service for the user according to the identity authentication result and the service authorization result.
Specifically, S204 may be executed by the business hall client, and after the identity authentication result and the service authorization result of the user are obtained by calling the interface in S203, the identity authentication result and the service authorization result are sent to the business hall client, so that the business hall client can handle the corresponding service for the user according to the identity authentication result and the service authorization result.
The following description takes the user needing to handle the shutdown and recovery service as an example:
the user opens a business hall client on the terminal, selects the shutdown recovery service, the business hall client pops up a window for prompting the user to input login identifications such as account numbers, passwords and the like, and after the user successfully inputs and clicks and submits, the business hall client can acquire a service handling request of the user, wherein the service handling request comprises the login identification and the shutdown recovery service identification. The business hall client further sends the login identification and the identification of the shutdown recovery service to a calling interface, the calling interface reads the electronic identity identification from the SIM card, then obtains the identity authentication result and the service authorization result of the user according to the login identification, the identification of the shutdown recovery service and the electronic identity identification, and sends the identity authentication result and the service authorization result to the business hall client, the business hall client checks whether the identity authentication result is authenticated and whether the service authorization result is authorized, and if the two check results are yes, the shutdown recovery service is handled for the user.
According to the business handling method provided by the embodiment, after the business handling request triggered by the user is obtained, the electronic identity stored in the terminal is read, the identity authentication result and the business hand authorization result of the user are obtained according to the login identity and the business identity contained in the business handling request and the read electronic identity, and finally the business is handled for the user according to the identity authentication result and the business authorization result, so that the business handling pressure of the entity business hall is relieved, and the safety of user information is ensured.
The following describes in detail how the terminal obtains the user authentication result and the service authorization result according to the login identifier, the service identifier, and the electronic identity identifier, with reference to a specific embodiment.
Fig. 4 is a schematic signaling flow diagram of a second embodiment of the service handling method provided by the present invention. As shown in fig. 4, the service transaction method provided in this embodiment includes:
s401, a terminal acquires a service handling request triggered by a user, wherein the service handling request comprises: login identification and service identification.
S402, the terminal reads the electronic identity stored in the terminal.
The implementation manners of S401 to S402 can refer to S201 to S202 in the above embodiments, and the present invention is not described herein again.
And S403, the terminal judges whether the login identification is correct.
And S404, if the service identifier is correct, signing the service identifier to obtain a signature result.
S405, the terminal sends the electronic identity identification and the signature result to a third party verification platform.
S406, the third party verification platform obtains an identity authentication result according to the electronic identity, and obtains a service authorization result according to the signature result.
Optionally, the third party verification platform may verify the validity of the electronic identity and the signature result through a national encryption signature verification algorithm, so as to obtain the identity authentication result and the service authorization result.
Optionally, after verifying the validity of the electronic identity identifier, the third party verification platform may generate an identity authentication credential, and the identity authentication result is embodied in the identity authentication credential. Similarly, after the third party verification platform verifies the validity of the signature result, a service authorization credential can be generated, and the service authorization result is embodied in the identity authentication credential.
And S407, the third party verification platform sends the identity authentication result and the service authorization result to the terminal.
And S408, the terminal transacts the service for the user according to the identity authentication result and the service authorization result.
S409, the terminal sends the identity authentication result and the service authorization result of the user to an operator server.
The following proceeds to the above process of S401-S409 by taking the example that the user needs to handle the halt recovery service as an example:
the business hall client acquires a business handling request for a user to apply for handling the shutdown recovery business, the business handling request comprises a login identification of the user logging in the business hall client and an identification of the shutdown recovery business, and the business hall client further sends the login identification and the identification of the shutdown recovery business to the calling interface. The calling interface judges whether the login identification is correct, if so, the identification of the halt recovery service is sent to the SIM card for signature, the calling interface reads the electronic identity identification from the SIM card and receives a signature result of the SIM card on the identification of the halt recovery service, then the signature result and the read electronic identity identification are sent to a third party verification platform, the third party verification platform verifies the validity of the electronic identity identification and generates an identity authentication credential, and meanwhile, the validity of the signature result is verified and a service authorization credential is generated. The third party verification platform returns the identity authentication credential and the business authorization credential to the calling interface, the calling interface further transfers the identity authentication credential and the business authorization credential to the business hall client, the business hall client checks whether the identity authentication result contained in the identity authentication credential is authenticated and passes or not, meanwhile, checks whether the business authorization result contained in the business authorization credential is authorized and passes or not, and if the check results of the identity authentication credential and the business authorization credential are both yes, the user is transacted with the shutdown and recovery business. Finally, the business hall client can transfer the identity authentication evidence and the business authorization evidence to the operator server, so that the operator server stores the identity authentication evidence and the business authorization evidence, and the business transaction dispute can be raised for use in the future.
According to the service handling method provided by the embodiment, the terminal obtains the identity authentication result and the service authorization result of the user according to the login identifier, the service identifier and the electronic identity identifier, handles the corresponding service for the user based on the identity authentication result and the service authorization result, and ensures the safety of user information.
Fig. 5 is a schematic structural diagram of a terminal provided in the present invention. As shown in fig. 5, the terminal provided by the present invention includes:
an obtaining module 501, configured to obtain a service transaction request triggered by a user, where the service transaction request includes: a login identification and a service identification;
the obtaining module 501 is further configured to read an electronic identity stored in the terminal;
the obtaining module 501 is further configured to obtain an identity authentication result and a service authorization result of the user according to the login identifier, the service identifier, and the electronic identity identifier;
a processing module 502, configured to handle a service for the user according to the identity authentication result and the service authorization result.
Optionally, the obtaining module 501 is specifically configured to:
acquiring a signature result according to the login identification and the service identification;
sending the electronic identity identification and the signature result to a third-party verification platform so that the third-party verification platform obtains an identity authentication result of the user according to the electronic identity identification and obtains a service authorization result of the user according to the signature result;
and receiving the identity authentication result and the service authorization result of the user, which are sent by the third party verification platform.
Optionally, the obtaining module 501 is specifically configured to:
judging whether the login identification is correct or not;
and if the service identifier is correct, signing the service identifier to obtain the signature result.
Optionally, the terminal further includes:
a sending module 503, configured to send the identity authentication result and the service authorization result of the user to an operator server.
The terminal provided by the invention can be used for executing the steps executed by the terminal in the service handling method. The implementation principle and the technical effect are similar, and are not described in detail herein.
Fig. 6 is a schematic structural diagram of a verification platform provided in the present invention. As shown in fig. 6, the verification platform provided by the present invention includes: verification platform
A receiving module 601, configured to receive an electronic identity and a signature result sent by a terminal, where the electronic identity is stored in the terminal, and the signature result is obtained after the terminal signs a service identifier;
an obtaining module 602, configured to obtain an identity authentication result according to the electronic identity, and obtain a service authorization result according to the signature result;
a sending module 603, configured to send the identity authentication result and the service authorization result to the terminal.
Optionally, the obtaining module 602 is specifically configured to verify validity of the electronic identity and the signature result through an encryption signature verification algorithm, so as to obtain the identity authentication result and the service authorization result.
The verification platform provided by the invention can be used for executing the steps executed by the third-party verification platform in the service handling method. The implementation principle and the technical effect are similar, and are not described in detail herein.
Fig. 7 is a schematic diagram of a hardware structure of a server according to the present invention. As shown in fig. 7, the server 700 of the present embodiment may include:
a memory 701 for storing program instructions.
A processor 702 for implementing the steps performed by the third party verification platform in the service transaction method when the program instructions are executed. For a specific implementation principle, reference may be made to the above embodiments, which are not described herein again.
Fig. 8 is a schematic diagram of a service handling system provided by the present invention, and the service handling system shown in fig. 8 includes the terminal 300 shown in fig. 3, the server 700 shown in fig. 7, and an operator server.
The invention provides a computer-readable storage medium, on which a computer program is stored, which, when executed by a processor, implements the steps performed by the third party authentication platform in the above-described service handling method.
The present invention provides a computer-readable storage medium having stored thereon a computer program which, when executed by a processor, implements the steps performed by the terminal in the above-described service handling method.
The present invention also provides a program product comprising a computer program stored in a readable storage medium, the computer program being readable from the readable storage medium by at least one processor, the computer program being executable by the at least one processor to cause a verification platform to perform the steps performed by a third party verification platform in the above-mentioned transaction method.
The invention also provides a program product comprising a computer program stored in a readable storage medium, from which the computer program can be read by at least one processor, the execution of which by the at least one processor causes the terminal to carry out the steps performed by the terminal in the above-mentioned service transaction method.
In the embodiments provided in the present invention, it should be understood that the disclosed apparatus and method may be implemented in other ways. For example, the above-described apparatus embodiments are merely illustrative, and for example, the division of the units is only one logical division, and other divisions may be realized in practice, for example, a plurality of units or components may be combined or integrated into another system, or some features may be omitted, or not executed. In addition, the shown or discussed mutual coupling or direct coupling or communication connection may be an indirect coupling or communication connection through some interfaces, devices or units, and may be in an electrical, mechanical or other form.
The units described as separate parts may or may not be physically separate, and parts displayed as units may or may not be physical units, may be located in one place, or may be distributed on a plurality of network units. Some or all of the units can be selected according to actual needs to achieve the purpose of the solution of the embodiment.
In addition, functional units in the embodiments of the present invention may be integrated into one processing unit, or each unit may exist alone physically, or two or more units are integrated into one unit. The integrated unit can be realized in a form of hardware, or in a form of hardware plus a software functional unit.
The integrated unit implemented in the form of a software functional unit may be stored in a computer readable storage medium. The software functional unit is stored in a storage medium and includes several instructions to enable a computer device (which may be a personal computer, a server, or a network device) or a processor (processor) to execute some steps of the methods according to the embodiments of the present invention. And the aforementioned storage medium includes: a U disk, a removable hard disk, a Read-Only Memory (ROM), a Random Access Memory (RAM), a magnetic disk or an optical disk, and other various media capable of storing program codes.
In the foregoing embodiments of the network device or the terminal device, it should be understood that the Processor may be a Central Processing Unit (CPU), or may be other general-purpose processors, Digital Signal Processors (DSP), Application Specific Integrated Circuits (ASIC), etc. A general purpose processor may be a microprocessor or the processor may be any conventional processor or the like. The steps of a method disclosed in connection with the present application may be embodied directly in a hardware processor, or in a combination of the hardware and software modules in the processor.
Finally, it should be noted that: the above embodiments are only used to illustrate the technical solution of the present invention, and not to limit the same; while the invention has been described in detail and with reference to the foregoing embodiments, it will be understood by those skilled in the art that: the technical solutions described in the foregoing embodiments may still be modified, or some or all of the technical features may be equivalently replaced; and the modifications or the substitutions do not make the essence of the corresponding technical solutions depart from the scope of the technical solutions of the embodiments of the present invention.
Claims (11)
1. A method for transaction, comprising:
a terminal acquires a service handling request triggered by a user, wherein the service handling request comprises: a login identification and a service identification;
the terminal reads the electronic identity stored in the SIM card;
the terminal acquires the identity authentication result and the service authorization result of the user according to the login identification, the service identification and the electronic identity identification;
the terminal transacts the service for the user according to the identity authentication result and the service authorization result;
the terminal obtains the identity authentication result and the service authorization result of the user according to the login identifier, the service identifier and the electronic identity identifier, and the method comprises the following steps:
the terminal acquires a signature result according to the login identification and the service identification;
the terminal sends the electronic identity identification and the signature result to a third party verification platform so that the third party verification platform verifies the validity of the electronic identity identification and the signature result through an encryption signature verification algorithm to obtain an identity authentication result and a service authorization result;
and the terminal receives the identity authentication result and the service authorization result of the user, which are sent by the third-party verification platform.
2. The method of claim 1, wherein the obtaining, by the terminal, a signature result according to the login identifier and the service identifier comprises:
the terminal judges whether the login identification is correct or not;
and if the service identifier is correct, signing the service identifier to obtain the signature result.
3. The method of claim 1 or 2, further comprising:
and the terminal sends the identity authentication result and the service authorization result of the user to an operator server.
4. A method for transaction, comprising:
the third party verification platform receives an electronic identity identifier and a signature result sent by a terminal, wherein the electronic identity identifier is stored in an SIM card, and the signature result is obtained after the terminal signs a service identifier;
the third party verification platform acquires an identity authentication result according to the electronic identity identifier and acquires a service authorization result according to the signature result;
the third party verification platform sends the identity authentication result and the service authorization result to the terminal;
the third party verification platform acquires an identity authentication result according to the electronic identity identifier and acquires a service authorization result according to the signature result, and the method comprises the following steps:
and the third party verification platform verifies the validity of the electronic identity identification and the signature result through an encryption signature verification algorithm to obtain the identity authentication result and the service authorization result.
5. A terminal, comprising: the device comprises an acquisition module and a processing module;
the acquisition module is configured to: acquiring a service handling request triggered by a user, wherein the service handling request comprises: a login identification and a service identification;
the acquisition module is also used for reading the electronic identity stored in the SIM card;
the obtaining module is further used for obtaining the identity authentication result and the service authorization result of the user according to the login identification, the service identification and the electronic identity identification;
the processing module is used for handling the service for the user according to the identity authentication result and the service authorization result;
the acquisition module is specifically configured to:
acquiring a signature result according to the login identification and the service identification;
sending the electronic identity identification and the signature result to a third party verification platform so that the third party verification platform verifies the validity of the electronic identity identification and the signature result through an encryption signature verification algorithm to obtain an identity authentication result and a service authorization result;
and receiving the identity authentication result and the service authorization result of the user, which are sent by the third party verification platform.
6. A verification platform, comprising: the device comprises a receiving module, an obtaining module and a sending module;
the receiving module is used for receiving an electronic identity identifier and a signature result sent by a terminal, wherein the electronic identity identifier is stored in an SIM card, and the signature result is obtained after the terminal signs a service identifier;
the acquisition module is used for acquiring an identity authentication result according to the electronic identity identifier and acquiring a service authorization result according to the signature result;
the sending module is used for sending the identity authentication result and the service authorization result to the terminal;
the obtaining module is specifically configured to verify validity of the electronic identity and the signature result through an encryption signature verification algorithm to obtain the identity authentication result and the service authorization result.
7. A computer-readable storage medium, on which a computer program is stored, which, when being executed by a processor, carries out the method of any one of claims 1-3.
8. A computer-readable storage medium, on which a computer program is stored, which, when being executed by a processor, carries out the method of claim 4.
9. A terminal, comprising: the system comprises a business hall client, a calling interface and an SIM card, wherein the business hall client, the calling interface and the SIM card are sequentially connected;
wherein the business hall client is configured to: acquiring a service handling request triggered by a user, and sending the service handling request to the calling interface, wherein the service handling request comprises: a login identification and a service identification;
the calling interface is used for: reading an electronic identity identifier from the SIM card, and acquiring an identity authentication result and a service authorization result of the user according to the login identifier, the service identifier and the electronic identity identifier;
the business hall client is further configured to: transacting the service for the user according to the identity authentication result and the service authorization result;
the call interface is specifically configured to:
acquiring a signature result according to the login identification and the service identification;
sending the electronic identity identification and the signature result to a third party verification platform so that the third party verification platform verifies the validity of the electronic identity identification and the signature result through an encryption signature verification algorithm to obtain an identity authentication result and a service authorization result;
and receiving the identity authentication result and the service authorization result of the user, which are sent by the third party verification platform.
10. A server, comprising:
a processor; and
a memory for storing executable instructions of the processor;
wherein the processor is configured to implement the method of claim 4 via execution of the executable instructions.
11. A business transaction system, comprising: the terminal of claim 9, and the server of claim 10.
Priority Applications (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN201910142950.0A CN109981585B (en) | 2019-02-26 | 2019-02-26 | Business handling method and equipment |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN201910142950.0A CN109981585B (en) | 2019-02-26 | 2019-02-26 | Business handling method and equipment |
Publications (2)
| Publication Number | Publication Date |
|---|---|
| CN109981585A CN109981585A (en) | 2019-07-05 |
| CN109981585B true CN109981585B (en) | 2022-02-22 |
Family
ID=67077423
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN201910142950.0A Active CN109981585B (en) | 2019-02-26 | 2019-02-26 | Business handling method and equipment |
Country Status (1)
| Country | Link |
|---|---|
| CN (1) | CN109981585B (en) |
Families Citing this family (2)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN110688364A (en) * | 2019-09-05 | 2020-01-14 | Oppo(重庆)智能科技有限公司 | Data transfer method, device, storage medium and electronic equipment |
| CN111415134B (en) * | 2020-03-18 | 2023-08-22 | 中国物品编码中心 | Commodity bar code handling method, device, equipment and storage medium |
Citations (5)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN101945412A (en) * | 2009-07-07 | 2011-01-12 | 中兴通讯股份有限公司 | Service protection method and device based on user level |
| CN102176267A (en) * | 2011-02-17 | 2011-09-07 | 中国工商银行股份有限公司 | Client self-service processing equipment as well as self-service authority authentication system and method |
| CN102752308A (en) * | 2012-07-10 | 2012-10-24 | 河北省电子认证有限公司 | Network-based digital certificate comprehensive service providing system and implementation method thereof |
| CN108449348A (en) * | 2018-03-22 | 2018-08-24 | 西安电子科技大学 | A kind of on-line authentication system and method for supporting user identity secret protection |
| CN109120571A (en) * | 2017-06-22 | 2019-01-01 | 金联汇通信息技术有限公司 | The system and method that individual citizens data grant uses |
Family Cites Families (2)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN105100029B (en) * | 2014-05-22 | 2018-10-30 | 阿里巴巴集团控股有限公司 | The method and apparatus that authentication is carried out to user |
| US10419514B2 (en) * | 2015-08-14 | 2019-09-17 | Oracle International Corporation | Discovery of federated logins |
-
2019
- 2019-02-26 CN CN201910142950.0A patent/CN109981585B/en active Active
Patent Citations (5)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN101945412A (en) * | 2009-07-07 | 2011-01-12 | 中兴通讯股份有限公司 | Service protection method and device based on user level |
| CN102176267A (en) * | 2011-02-17 | 2011-09-07 | 中国工商银行股份有限公司 | Client self-service processing equipment as well as self-service authority authentication system and method |
| CN102752308A (en) * | 2012-07-10 | 2012-10-24 | 河北省电子认证有限公司 | Network-based digital certificate comprehensive service providing system and implementation method thereof |
| CN109120571A (en) * | 2017-06-22 | 2019-01-01 | 金联汇通信息技术有限公司 | The system and method that individual citizens data grant uses |
| CN108449348A (en) * | 2018-03-22 | 2018-08-24 | 西安电子科技大学 | A kind of on-line authentication system and method for supporting user identity secret protection |
Also Published As
| Publication number | Publication date |
|---|---|
| CN109981585A (en) | 2019-07-05 |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| CN105306490B (en) | Payment verifying system, method and device | |
| CN107464120B (en) | Security verification method for password-free payment, merchant background system and payment system | |
| US9741033B2 (en) | System and method for point of sale payment data credentials management using out-of-band authentication | |
| US9864983B2 (en) | Payment method, payment server performing the same and payment system performing the same | |
| CN105827600B (en) | Method and device for logging in client | |
| US10045210B2 (en) | Method, server and system for authentication of a person | |
| CN111163467B (en) | Method for 5G user terminal to access 5G network, user terminal equipment and medium | |
| EP2819050A1 (en) | Electronic signature system for an electronic document using a third-party authentication circuit | |
| CN108460272B (en) | Password changing method, device, terminal equipment and storage medium | |
| CN108055238A (en) | A kind of account verification method and system | |
| CN110278084B (en) | eID establishing method, related device and system | |
| CN107623907B (en) | eSIM card network locking method, terminal and network locking authentication server | |
| CN101699892A (en) | Method and device for generating dynamic passwords and network system | |
| CN111161056A (en) | Method, system and equipment for improving transaction security of digital assets | |
| CN106656993B (en) | Dynamic verification code verification method and device | |
| CN107317807A (en) | A kind of apparatus bound method, apparatus and system | |
| CN109981585B (en) | Business handling method and equipment | |
| EP3151180A1 (en) | Identification method and system | |
| CN104753675A (en) | Information verification method, and electronic payment method, terminal, server and system | |
| CN104268756A (en) | Mobile payment method and system | |
| CN105119716A (en) | Secret key negotiation method based on SD cards | |
| CN114491436A (en) | Contract signing method and device, electronic equipment and storage medium | |
| CN110659899B (en) | Offline payment method, device and equipment | |
| CN109558710B (en) | User login method, device, system and storage medium | |
| CN108900525B (en) | Processing method and device for verification code request |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| PB01 | Publication | ||
| PB01 | Publication | ||
| SE01 | Entry into force of request for substantive examination | ||
| SE01 | Entry into force of request for substantive examination | ||
| GR01 | Patent grant | ||
| GR01 | Patent grant |