Transaction protection system and method based on block chain
Technical Field
The invention relates to the field of block chains, in particular to a transaction protection system and a transaction protection method based on the block chains.
Background
With the development of the existing science and technology, more and more people adopt network transactions, and one major characteristic of the network transactions is that the commodity transactions and the service transactions of both parties of the transactions are completed in a network virtual channel, so that the network transactions not only bring convenience to the commodity and service transactions, but also increase related potential safety hazards, and the prior art lacks a technology capable of effectively protecting the network transactions.
Disclosure of Invention
The invention aims to provide a transaction protection system and a transaction protection method based on a block chain, which aim to solve the problems in the prior art.
In order to achieve the purpose, the invention provides the following technical scheme:
a transaction protection system based on a block chain comprises a client, a transaction end and a verification code server end, wherein the verification code server end is used for providing verification code verification service between the client and the transaction end.
As a preferred scheme, the client comprises a first input module, a first verification code receiving module, a first verification code comparing module, a first verification result output module, a first verification code conversion parameter database, a first conversion parameter receiving module, a first verification code converting module and a first verification code sending module, wherein the first input module is used for a user to initiate verification code request service and input user identity information and a transaction ID, the first verification code receiving module is used for the client to receive verification codes sent from the transaction end and the verification code service end, the first verification code comparing module is used for comparing whether the verification codes received by the client from the transaction end and the verification code service end are the same or not, the first verification result output module sends the verification codes to the transaction end according to the comparison result of the first verification code comparing module and displays whether the transaction end passes the verification of the client or not to the client, the first verification code conversion parameter database is used for storing verification code conversion parameters in the client, the first conversion parameter receiving module is used for receiving the verification code conversion parameter types sent by the verification code server, the first verification code conversion module searches corresponding conversion parameters in the first verification code conversion parameter database according to the received verification code conversion parameter types and converts the verification codes by using the corresponding conversion parameters, and the first verification code sending module is used for sending the converted verification codes to the transaction server for verification; the verification code server comprises a second verification code generating module, a second verification code sending module, a second verification code conversion parameter database, a second conversion parameter receiving module, a second verification code conversion module, a second verification code receiving module, a second verification code comparison module and a second verification result output module, wherein the second verification code generating module is used for receiving verification code request service initiated by the client and generating corresponding verification codes, the second verification code sending module is used for sending verification codes to the client and the transaction end, the second verification code conversion parameter database is used for storing verification code conversion parameters for the verification code server, the second conversion parameter receiving module is used for receiving verification code conversion parameter types sent by the transaction end, and the second verification code conversion module searches corresponding conversion parameters in the second verification code conversion parameter database according to the received verification code conversion parameter types, and the verification code is converted by using the corresponding conversion parameters, the second verification code receiving module is used for receiving the verification code sent by the client, the second verification code comparing module is used for comparing whether the verification code sent by the client is the same as the verification code converted by the second verification code converting module, and the second verification result output module is used for sending whether the verification of the transaction end is passed by the client to the transaction end and the client according to the comparison result of the second verification code comparing module.
As a preferred scheme, the transaction end includes a third verification code sending module, an authentication request initiating module, a third verification code transformation parameter database, a client information receiving module, a user identity information determining module and a transaction database, where the third verification code sending module is configured to send a verification code to the client, the authentication request initiating module initiates a connection authentication request to the verification code server after the transaction end passes verification by the client, the third verification code transformation parameter database is configured to store verification code transformation parameters in the transaction end, the client information receiving module is configured to receive information from the client at the transaction end after the client passes verification by the transaction end, the user identity information determining module is configured to determine the type of user identity information, and the transaction database is configured to store identity information of an authorized user.
A blockchain-based transaction protection method, the protection method comprising the steps of:
step S1: mutual authentication between the client and the transaction end is carried out;
step S2: and judging whether to carry out transaction according to the user identity information.
Preferably, the mutual authentication between the client and the transaction end in step S1 further includes the following steps:
step S11: the user sends verification code request information to the verification code server at the client, wherein the verification code request information comprises verification code length, verification code width, verification code height, verification code type, verification time point and a first verification period, and the step S12 is turned to;
step S12: after receiving the information sent by the client, the verification code server generates a first verification code according to the verification code request information, and sends the first verification code and the first verification period to the client and the transaction end respectively at the verification time point, and then the step S13 is switched to;
step S13: after receiving the first verification code, the transaction end sends the first verification code to the client in a first verification period, and goes to step S14;
step S14: if the client receives the first verification code received from the transaction end in the first verification period, comparing the first verification code received from the verification code server with the first verification code received from the transaction end, if the first verification code received from the verification code server is the same as the first verification code received from the transaction end, the transaction end passes verification, and sending a verification result to the client and the transaction end, turning to the step S15, otherwise, the transaction end fails verification, and sending the verification result to the client and the transaction end;
step S15: the transaction end sends connection authentication request information to the verification code server end, the connection authentication request information comprises a first verification code, a verification code conversion parameter and a second verification period, and the step S16 is switched;
step S16: the verification code server side transforms the first verification code based on the verification code transformation parameter to obtain a second verification code, sends the verification code transformation parameter and the second verification period to the client side, and goes to step S17;
step S17: the client side transforms the first verification code based on the received verification code transformation parameter to obtain a third verification code, sends the third verification code to the verification code server side, and goes to the step S18;
step S18: if the verification code server side receives a third verification code in a second verification period, comparing the second verification code with the received third verification code, if the second verification code is the same as the received third verification code, the client side successfully verifies for the second time, and turning to the step S19, otherwise, the client side fails the second verification and sends a verification result to the client side and the transaction side;
step S19: the verification code server side sends verification passing information to the transaction side and the client side, and the transaction side allows to receive transaction information transmitted by the client side.
Preferably, the step S2 further includes:
step S21: the user inputs user identity information and a transaction ID at the client, the client transmits the user identity information to the transaction end, the user identity information comprises the user ID and a transaction password, and the step S22 is switched;
step S22: the transaction end receives the user identity information and judges the user identity information category, the user identity information category comprises authorized user identity information, unauthorized user identity information and illegal user identity information,
wherein the content of the first and second substances,
when the user identity information type is judged to be authorized user identity information, acquiring a transaction password from a transaction database according to the user ID, and if the transaction passwords of the user ID and the transaction password are consistent, starting transaction by a transaction end according to the transaction ID;
when the user identity information type is judged to be unauthorized user identity information, user data is created according to the user identity information, the user data is stored in a transaction database, and the step S21 is switched;
and when the user identity information category is judged to be illegal user identity information, the transaction terminal forbids to receive the transaction information transmitted by the client.
Preferably, the verification code types include an alphabetic verification code, a numeric verification code, and an alphanumeric verification code.
Preferably, the verification code conversion parameter includes a sorting parameter, a proportion parameter and a sorting proportion mixing parameter.
Compared with the prior art, the invention has the beneficial effects that: according to the invention, the client and the transaction end can carry out bidirectional verification through the setting of the verification code server, and the transaction end is allowed to receive the transaction information transmitted by the client only after the bidirectional verification of the client and the transaction end is passed; meanwhile, the transaction end judges the type of the user identity information when receiving the user identity information, and when the type of the user identity information is judged to be illegal user identity information, the transaction end prohibits receiving the transaction information transmitted by the client, so that the security during transaction is improved.
Drawings
FIG. 1 is a block diagram of a transaction protection system according to the present invention;
fig. 2 is a flowchart illustrating a step S1 of the transaction protection method based on the blockchain according to the present invention.
Detailed Description
The technical solutions in the embodiments of the present invention will be clearly and completely described below with reference to the drawings in the embodiments of the present invention, and it is obvious that the described embodiments are only a part of the embodiments of the present invention, and not all of the embodiments. All other embodiments, which can be derived by a person skilled in the art from the embodiments given herein without making any creative effort, shall fall within the protection scope of the present invention.
Referring to fig. 1-2, in an embodiment of the present invention, a transaction protection system based on a block chain is a transaction protection system based on a block chain, and the transaction protection system includes a client, a transaction end and a verification code server, where the verification code server is used to provide verification service for a verification code between the client and the transaction end.
The client comprises a first input module, a first verification code receiving module, a first verification code comparing module, a first verification result output module, a first verification code conversion parameter database, a first conversion parameter receiving module, a first verification code converting module and a first verification code sending module, wherein the first input module is used for a user to initiate verification code request service and input user identity information and a transaction ID, the first verification code receiving module is used for the client to receive verification codes sent from a transaction end and a verification code service end, the first verification code comparing module is used for comparing whether the verification codes received by the client from the transaction end and the verification code service end are the same or not, and the first verification result output module sends the verification codes to the transaction end according to the comparison result of the first verification code comparing module and displays whether the transaction end passes the verification of the client or not to the client, the first verification code conversion parameter database is used for storing verification code conversion parameters in the client, the first conversion parameter receiving module is used for receiving the verification code conversion parameter types sent by the verification code server, the first verification code conversion module searches corresponding conversion parameters in the first verification code conversion parameter database according to the received verification code conversion parameter types and converts the verification codes by using the corresponding conversion parameters, and the first verification code sending module is used for sending the converted verification codes to the transaction server for verification; the verification code server comprises a second verification code generating module, a second verification code sending module, a second verification code conversion parameter database, a second conversion parameter receiving module, a second verification code conversion module, a second verification code receiving module, a second verification code comparison module and a second verification result output module, wherein the second verification code generating module is used for receiving verification code request service initiated by the client and generating corresponding verification codes, the second verification code sending module is used for sending verification codes to the client and the transaction end, the second verification code conversion parameter database is used for storing verification code conversion parameters for the verification code server, the second conversion parameter receiving module is used for receiving verification code conversion parameter types sent by the transaction end, and the second verification code conversion module searches corresponding conversion parameters in the second verification code conversion parameter database according to the received verification code conversion parameter types, and the verification code is converted by using the corresponding conversion parameters, the second verification code receiving module is used for receiving the verification code sent by the client, the second verification code comparing module is used for comparing whether the verification code sent by the client is the same as the verification code converted by the second verification code converting module, and the second verification result output module is used for sending whether the verification of the transaction end is passed by the client to the transaction end and the client according to the comparison result of the second verification code comparing module.
The transaction end comprises a third verification code sending module, an authentication request initiating module, a third verification code conversion parameter database, a client information receiving module, a user identity information judging module and a transaction database, wherein the third verification code sending module is used for sending a verification code to the client, the authentication request initiating module initiates a connection authentication request to the verification code server after the transaction end passes the client verification, the third verification code conversion parameter database is used for storing verification code conversion parameters in the transaction end, the client information receiving module is used for receiving information of the client at the transaction end after the client passes the transaction end verification, the user identity information judging module is used for judging the type of user identity information, and the transaction database is used for storing identity information of authorized users.
A blockchain based transaction protection method, the protection method comprising the steps of:
step S1: mutual authentication between the client and the transaction end:
step S11: the user sends verification code request information to a verification code server at the client, wherein the verification code request information comprises verification code length, verification code width, verification code height, verification code type, verification time point and a first verification period, the verification code type comprises an alphabetic verification code, a digital verification code and an alphanumeric verification code, and the step S12 is switched;
step S12: after receiving the information sent by the client, the verification code server generates a first verification code according to the verification code request information, and respectively sends the first verification code and a first verification period to the client and the transaction end at the verification time point, and goes to step S13;
step S13: after receiving the first verification code, the transaction end sends the first verification code to the client in a first verification period, and goes to step S14;
step S14: if the client receives the first verification code received from the transaction end in the first verification period, comparing the first verification code received from the verification code server with the first verification code received from the transaction end, if the first verification code and the first verification code are the same, the transaction end passes the verification, sending the verification result to the client and the transaction end, and turning to the step S15, otherwise, the transaction end fails the verification, and sending the verification result to the client and the transaction end;
step S15: the transaction end sends connection authentication request information to the verification code server end, the connection authentication request information comprises a first verification code, a verification code conversion parameter and a second verification period, and the step S16 is switched;
step S16: the verification code server side converts the first verification code to obtain a second verification code based on the verification code conversion parameter, sends the verification code conversion parameter and a second verification period to the client side, and switches to the step S17, wherein the verification code conversion parameter comprises a sorting parameter, a proportion parameter and a sorting proportion mixing parameter;
step S17: the client converts the first verification code based on the received verification code conversion parameter to obtain a third verification code, sends the third verification code to the verification code server, and goes to step S18;
step S18: if the verification code server side receives a third verification code in a second verification period, comparing the second verification code with the received third verification code, if the second verification code is the same as the received third verification code, the client side successfully verifies for the second time, and turning to the step S19, otherwise, the client side fails the second verification and sends a verification result to the client side and the transaction side;
step S19: the verification code server side sends verification passing information to the transaction side and the client side, and the transaction side allows to receive transaction information transmitted by the client side.
Step S2: judging whether to carry out transaction according to the user identity information:
step S21: the user inputs user identity information and a transaction ID at the client, the client transmits the user identity information to the transaction end, the user identity information comprises the user ID and a transaction password, and the step S22 is switched;
step S22: the transaction end receives the user identity information and judges the user identity information category, the user identity information category comprises authorized user identity information, unauthorized user identity information and illegal user identity information,
wherein the content of the first and second substances,
when the user identity information type is judged to be authorized user identity information, acquiring a transaction password from a transaction database according to the user ID, and if the transaction passwords of the user ID and the transaction password are consistent, starting transaction by a transaction end according to the transaction ID;
when the user identity information type is judged to be unauthorized user identity information, user data is created according to the user identity information, the user data is stored in a transaction database, and the step S21 is switched;
and when the user identity information category is judged to be illegal user identity information, the transaction terminal forbids to receive the transaction information transmitted by the client.
It will be evident to those skilled in the art that the invention is not limited to the details of the foregoing illustrative embodiments, and that the present invention may be embodied in other specific forms without departing from the spirit or essential attributes thereof. The present embodiments are therefore to be considered in all respects as illustrative and not restrictive, the scope of the invention being indicated by the appended claims rather than by the foregoing description, and all changes which come within the meaning and range of equivalency of the claims are therefore intended to be embraced therein. Any reference sign in a claim should not be construed as limiting the claim concerned.