CN111062725A - Face payment method, device and system and computer readable storage medium - Google Patents

Face payment method, device and system and computer readable storage medium Download PDF

Info

Publication number
CN111062725A
CN111062725A CN201911294321.6A CN201911294321A CN111062725A CN 111062725 A CN111062725 A CN 111062725A CN 201911294321 A CN201911294321 A CN 201911294321A CN 111062725 A CN111062725 A CN 111062725A
Authority
CN
China
Prior art keywords
payment
image data
face
signature
face image
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Granted
Application number
CN201911294321.6A
Other languages
Chinese (zh)
Other versions
CN111062725B (en
Inventor
郭润增
耿志军
周俊
黄家宇
刘文君
崔齐
张晋铭
陈磊
夏凯
吕俊
王军
刘勇
张勇
王少鸣
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
Tencent Technology Shenzhen Co Ltd
Original Assignee
Tencent Technology Shenzhen Co Ltd
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Tencent Technology Shenzhen Co Ltd filed Critical Tencent Technology Shenzhen Co Ltd
Priority to CN201911294321.6A priority Critical patent/CN111062725B/en
Publication of CN111062725A publication Critical patent/CN111062725A/en
Application granted granted Critical
Publication of CN111062725B publication Critical patent/CN111062725B/en
Active legal-status Critical Current
Anticipated expiration legal-status Critical

Links

Images

Classifications

    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06QINFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES, NOT OTHERWISE PROVIDED FOR
    • G06Q20/00Payment architectures, schemes or protocols
    • G06Q20/38Payment protocols; Details thereof
    • G06Q20/40Authorisation, e.g. identification of payer or payee, verification of customer or shop credentials; Review and approval of payers, e.g. check credit lines or negative lists
    • G06Q20/401Transaction verification
    • G06Q20/4014Identity check for transactions
    • G06Q20/40145Biometric identity checks
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06QINFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES, NOT OTHERWISE PROVIDED FOR
    • G06Q20/00Payment architectures, schemes or protocols
    • G06Q20/38Payment protocols; Details thereof
    • G06Q20/382Payment protocols; Details thereof insuring higher security of transaction
    • G06Q20/3825Use of electronic signatures
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06QINFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES, NOT OTHERWISE PROVIDED FOR
    • G06Q20/00Payment architectures, schemes or protocols
    • G06Q20/38Payment protocols; Details thereof
    • G06Q20/382Payment protocols; Details thereof insuring higher security of transaction
    • G06Q20/3829Payment protocols; Details thereof insuring higher security of transaction involving key management

Abstract

The application provides a face payment method, a face payment device, a face payment system and a computer readable storage medium, and belongs to the technical field of computers. The system comprises: the payment terminal is provided with an intelligent camera, the intelligent camera is used for acquiring face image data, and signing is carried out according to the face image data to obtain signature information; the payment terminal is used for sending a payment request to the payment server, and the payment request carries the facial image data and the signature information; and the payment server is used for checking the signature information and carrying out face payment according to the face image data after the signature is checked successfully. The method and the device are beneficial to improving the safety of face payment.

Description

Face payment method, device and system and computer readable storage medium
Technical Field
The present application relates to the field of computer technologies, and in particular, to a method, an apparatus, and a system for face payment, and a computer-readable storage medium.
Background
With the popularization of face payment, more and more merchants have access to the face payment function. With the steep increase of the number of users using the face payment function, the security of the face payment becomes more important. Face payment security can be maintained from the perspective of the face image data.
At present, a payment terminal can collect face image data through a camera, transmit the collected face image data to a payment server, and perform face payment according to the face image data by the payment server.
However, in the above scheme, the payment terminal transmits the plaintext face image data to the payment server, so that the security of face payment is poor.
Disclosure of Invention
The application provides a face payment method, a face payment device, a face payment system and a computer readable storage medium, which are beneficial to improving the safety of face payment. The technical scheme is as follows:
in one aspect, a face payment system is provided, the system comprising: a payment terminal and a payment server, wherein the payment terminal is provided with an intelligent camera,
the intelligent camera is used for acquiring face image data and carrying out signature according to the face image data to obtain signature information;
the payment terminal is used for sending a payment request to the payment server, wherein the payment request carries the facial image data and the signature information;
and the payment server is used for verifying the signature information carried by the payment request and carrying out face payment according to the face image data carried by the payment request after the signature verification is successful.
Optionally, the intelligent camera is configured to sign the face image data by using a target private key to obtain the signature information;
the payment server is used for verifying the signature information by adopting a target public key to obtain signature verification data, the signature verification data is the same as the face image data, the success of signature verification is determined, and the target private key and the target public key are a group of asymmetric public and private keys.
Optionally, the intelligent camera is configured to obtain feature data of the face image data, and sign the feature data by using a target private key to obtain the signature information;
the payment server is used for adopting a target public key to check the signature of the signature information to obtain signature checking data, the signature checking data is the same as the characteristic data, the success of signature checking is determined, and the target private key and the target public key are a group of asymmetric public and private keys.
Optionally, the smart camera is further configured to generate the target private key and the target public key, and store the target private key in a security module of the smart camera;
the payment terminal is further used for sending the identification of the intelligent camera and the target public key to the payment server;
and the payment server is also used for binding and storing the identification of the intelligent camera and the target public key.
Optionally, the payment request further carries an identifier of the intelligent camera, and the payment server is further configured to obtain the target public key according to the identifier of the intelligent camera.
Optionally, the characteristic data comprises a hash value.
In another aspect, a face payment method is provided, and is applied to a payment terminal, where the payment terminal has an intelligent camera, and the method includes:
acquiring human face image data through the intelligent camera;
signing according to the face image data through the intelligent camera to obtain signature information;
and sending a payment request to a payment server, wherein the payment request carries the face image data and the signature information, so that the payment server checks the signature of the signature information and carries out face payment according to the face image data after the signature is checked successfully.
Optionally, the signing according to the face image data by the intelligent camera to obtain signature information includes: and signing the face image data by adopting a target private key through the intelligent camera to obtain the signature information.
Optionally, the signing according to the face image data by the intelligent camera to obtain signature information includes: acquiring feature data of the face image data through the intelligent camera; and signing the characteristic data by adopting a target private key through the intelligent camera to obtain the signature information.
Optionally, before obtaining signature information by performing signature according to the face image data through the intelligent camera, the method further includes:
generating a target public key and a target private key through the intelligent camera, wherein the target private key and the target public key are a group of asymmetric public and private keys;
storing the target private key in a security module of the intelligent camera;
and sending the identification of the intelligent camera and the target public key to the payment server so that the payment server can bind and store the identification of the intelligent camera and the target public key.
Optionally, the characteristic data comprises a hash value.
In another aspect, a face payment method is provided, which is applied to a payment server, and the method includes:
receiving a payment request sent by a payment terminal, wherein the payment request carries face image data and signature information, and the signature information is obtained by carrying out signature according to the face image data after an intelligent camera of the payment terminal acquires the face image data;
verifying the signature information;
and after the signature verification is successful, carrying out face payment according to the face image data.
Optionally, the signature information is obtained by signing the facial image data by an intelligent camera of the payment terminal by using a target private key,
the verifying the signature information includes:
adopting a target public key to check the signature information to obtain signature checking data, wherein the target private key and the target public key are a group of asymmetric public and private keys;
and when the signature checking data is the same as the face image data, determining that the signature checking is successful.
Optionally, the signature information is obtained by signing the feature data of the facial image data by the intelligent camera of the payment terminal by using a target private key, the payment request further carries the feature data,
the verifying the signature information includes:
adopting a target public key to check the signature information to obtain signature checking data, wherein the target private key and the target public key are a group of asymmetric public and private keys;
and when the signature verification data is the same as the characteristic data, determining that the signature verification is successful.
Optionally, before verifying the signature information, the method further includes:
receiving the identification of the intelligent camera and the target public key sent by the payment terminal;
and binding and storing the identification of the intelligent camera and the target public key.
Optionally, the characteristic data comprises a hash value.
In another aspect, a face payment device is provided, which includes various modules for executing the face payment method of the above aspects.
In yet another aspect, a face payment device is provided, the device includes a processor and a memory, the memory stores at least one instruction, at least one program, a set of codes, or a set of instructions, and the at least one instruction, the at least one program, the set of codes, or the set of instructions is loaded and executed by the processor to implement the face payment method of the above aspects.
In yet another aspect, a computer-readable storage medium is provided, in which at least one instruction, at least one program, a set of codes, or a set of instructions is stored, which is loaded and executed by a processor to implement the face payment method of the above aspects.
The beneficial effect that technical scheme that this application provided brought is:
according to the face payment method, the face payment device and the face payment system and the computer readable storage medium, after the face image data are acquired by the intelligent camera of the payment terminal, signature is carried out according to the face image data to obtain signature information, the payment terminal sends a payment request carrying the face image data and the signature information to the payment server, the payment server checks the signature of the signature information, and after the signature is checked successfully, face payment is carried out according to the face image data. Because the intelligent camera of the payment terminal carries out signature according to the face image data, and the payment server carries out face payment according to the face image data after the signature verification is successful, the safety of face payment is improved.
It is to be understood that both the foregoing general description and the following detailed description are exemplary and explanatory only and are not restrictive of the application.
Drawings
In order to more clearly illustrate the technical solutions in the embodiments of the present application, the drawings needed to be used in the description of the embodiments are briefly introduced below, and it is obvious that the drawings in the following description are only some embodiments of the present application, and it is obvious for those skilled in the art to obtain other drawings based on these drawings without creative efforts.
FIG. 1 is a schematic illustration of an implementation environment to which various embodiments of the present application relate;
fig. 2 is a flowchart of a method of a face payment method according to an embodiment of the present application;
fig. 3 is a flowchart of another face payment method provided in the embodiment of the present application;
fig. 4 is a flowchart of a method of another face payment method according to an embodiment of the present application;
fig. 5 is a schematic diagram of a face payment method provided in an embodiment of the present application;
fig. 6 is a block diagram of a face payment apparatus provided in an embodiment of the present application;
fig. 7 is a block diagram of another face payment apparatus provided in the embodiment of the present application;
fig. 8 is a block diagram of another face payment apparatus provided in an embodiment of the present application;
fig. 9 is a block diagram of another face payment apparatus provided in the embodiment of the present application;
fig. 10 is a schematic structural diagram of a face payment device according to an embodiment of the present application;
fig. 11 is a schematic structural diagram of another face payment apparatus provided in the embodiment of the present application;
fig. 12 is a schematic diagram of a face payment system according to an embodiment of the present application.
The accompanying drawings, which are incorporated in and constitute a part of this specification, illustrate embodiments consistent with the present application and together with the description, serve to explain the principles of the application.
Detailed Description
In order to make the principle, technical solutions and advantages of the present application clearer, the present application will be described in further detail with reference to the accompanying drawings, and it is obvious that the described embodiments are only a part of the embodiments of the present application, and not all embodiments. All other embodiments, which can be derived by a person skilled in the art from the embodiments given herein without making any creative effort, shall fall within the protection scope of the present application.
Referring to fig. 1, a schematic diagram of an implementation environment according to various embodiments of the present application is shown, and referring to fig. 1, the implementation environment includes: a payment terminal 110 and a payment server 120. The payment terminal 110 and the payment server 120 may be communicatively connected through a wired network or a wireless network, which may include but is not limited to: a Wireless Fidelity (WIFI) network, a bluetooth network, an infrared network, a Zigbee (Zigbee) network, or a data network, and the wired network may be a Universal Serial Bus (USB) network.
The payment terminal 110 may be a face terminal, and the face terminal refers to a terminal having a face payment function, for example, the payment terminal 110 may be a smart phone, a tablet computer, a notebook computer, or a desktop computer. The payment server 120 may be a server, a server cluster composed of several servers, or a cloud computing service center.
In this embodiment, the payment terminal 110 may have an intelligent camera, the intelligent camera may be arranged in the payment terminal 110 in a pluggable manner, and the intelligent camera may be a three-dimensional (3-dimensional) camera, which has a living body detection function. The smart camera may include a security module that may be used to store a private key of the smart camera. The security module may be a software module and/or a hardware module, for example, the security module may be a Secure Element (SE), or the security module may be a Trusted Execution Environment (TEE) module, and the TEE can provide a Secure area for the smart camera to store sensitive data, so as to ensure that the sensitive data is stored, processed, and protected in an isolated and Trusted Environment. Optionally, the smart camera may further include a Processor, which may be used for data processing, and the Processor may be, for example, a Digital Signal Processor (DSP), which is a unique microprocessor and is a device for processing data with Digital signals. Optionally, the smart camera may further include an image sensor (sensor) for acquiring image data, and the image sensor may include any one or more of a color image sensor, a depth image sensor, or an infrared image sensor. In this embodiment, the payment terminal 110 further includes a payment host, where the payment host may include an execution module, where the execution module may be a common execution Environment (REE) module, and the REE module includes a common operating system and a client application program running on a general-purpose processor.
In this embodiment of the application, the intelligent camera of the payment terminal 110 may obtain face image data, perform signature according to the face image data to obtain signature information, the payment terminal 110 sends a payment request to the payment server 120, the payment request carries the face image data and the signature information, the payment server 120 performs signature verification on the signature information carried by the payment request, and performs face payment according to the face image data carried by the payment request after the signature verification is successful. In this way, since the intelligent camera of the payment terminal 110 performs signature according to the face image data, and the payment server 120 performs face payment according to the face image data after the signature verification is successful, it is helpful to improve the security of face payment.
Referring to fig. 2, a flowchart of a method of a face payment method provided in an embodiment of the present application is shown, where the face payment method may be used in the payment terminal 110 in the implementation environment shown in fig. 1, and referring to fig. 2, the method may include the following steps:
step 201, acquiring face image data through an intelligent camera.
Optionally, the intelligent camera may have an image sensor, and the intelligent camera may acquire face image data through the image sensor to obtain the face image data.
Step 202, performing signature according to the face image data through the intelligent camera to obtain signature information.
Optionally, a target private key may be stored in the intelligent camera, and the intelligent camera may use the target private key to sign the face image data to obtain signature information; or, the intelligent camera can obtain the feature data of the face image data, and the signature information is obtained by adopting a target private key to sign the feature data of the face image data. The characteristic data may be hash data, such as a hash value.
Step 203, sending a payment request to a payment server, where the payment request carries the face image data and the signature information, so that the payment server checks the signature of the signature information, and performs face payment according to the face image data after the signature is successfully checked.
Optionally, if the intelligent camera signs the feature data of the face image data by using the target private key to obtain signature information, the payment request may also carry the feature data of the face image data.
Optionally, the payment request may further carry an identifier of the intelligent camera, so that the payment server obtains a target public key according to the identifier of the intelligent camera, and verifies the signature information by using the target public key. The target public key and the target private key in step 202 may be an asymmetric set of public private keys, e.g., the target public key and the target public key may be RSA keys. The identifier of the intelligent camera uniquely identifies the intelligent camera, and the identifier of the intelligent camera may be, for example, a Serial Number (SN) of the intelligent camera.
To sum up, in the face payment method provided in the embodiment of the present application, after the intelligent camera of the payment terminal acquires the face image data, the intelligent camera performs signature according to the face image data to obtain signature information, the payment terminal sends the payment request carrying the face image data and the signature information to the payment server, the payment server performs signature verification on the signature information, and after the signature verification is successful, the face payment is performed according to the face image data. Because the intelligent camera of the payment terminal carries out signature according to the face image data, and the payment server carries out face payment according to the face image data after the signature verification is successful, the safety of face payment is improved.
Referring to fig. 3, which shows a flowchart of another method for face payment provided in this embodiment of the present application, the face payment method may be used in the payment server 120 in the implementation environment shown in fig. 1, and referring to fig. 3, the method may include the following steps:
step 301, receiving a payment request sent by a payment terminal, where the payment request carries face image data and signature information, and the signature information is obtained by performing signature according to the face image data after an intelligent camera of the payment terminal acquires the face image data.
In the embodiment of the application, the signature information may be obtained by the intelligent camera of the payment terminal signing the face image data by using a target private key, or obtained by the intelligent camera of the payment terminal signing the feature data of the face image data by using the target private key, and if the signature information is obtained by the intelligent camera of the payment terminal signing the feature data of the face image data by using the target private key, the payment request may also carry the feature data of the face image data. The characteristic data may be a hash value.
And step 302, checking the signature information.
The payment server can obtain a target public key, and the target public key is adopted to check the signature of the signature information to obtain signature checking data. Optionally, the payment server stores a binding relationship between the public key and the camera identifier, the payment request may further carry an identifier of an intelligent camera of the payment terminal, and the payment server may obtain the target public key according to the identifier of the intelligent camera. The target public key and the target private key in step 301 may be a set of asymmetric public and private keys, for example, the target public key and the target public key may be RSA keys.
Optionally, the signature information is obtained by signing the face image data by the intelligent camera of the payment terminal by using a target private key, after the payment server obtains the signature verification data, whether the signature verification data is the same as the face image data carried by the payment request can be detected, if the signature verification data is the same as the face image data carried by the payment request, the payment server determines that the signature verification is successful, and if the signature verification data is different from the face image data carried by the payment request, the payment server determines that the signature verification is failed.
Optionally, the signature information is obtained by signing feature data of the face image data by an intelligent camera of the payment terminal by using a target private key, after the payment server obtains signature verification data, whether the signature verification data is the same as the feature data carried by the payment request can be detected, if the signature verification data is the same as the feature data carried by the payment request, the payment server determines that signature verification is successful, and if the signature verification data is different from the feature data carried by the payment request, the payment server determines that signature verification fails.
And 303, after the signature verification is successful, carrying out face payment according to the face image data.
And after the payment server successfully checks the signature, the payment server can carry out face payment according to the face image data carried by the payment request. Optionally, the payment server obtains payment information according to the face image data, returns the payment information to the payment terminal, and the payment terminal completes payment according to the payment information.
To sum up, in the face payment method provided in the embodiment of the present application, after the intelligent camera of the payment terminal acquires the face image data, the intelligent camera performs signature according to the face image data to obtain signature information, the payment terminal sends the payment request carrying the face image data and the signature information to the payment server, the payment server performs signature verification on the signature information, and after the signature verification is successful, the face payment is performed according to the face image data. Because the intelligent camera of the payment terminal carries out signature according to the face image data, and the payment server carries out face payment according to the face image data after the signature verification is successful, the safety of face payment is improved.
Referring to fig. 4, a flowchart of a method of another face payment method provided in this embodiment of the present application is shown, where the face payment method may be applied to the implementation environment shown in fig. 1, where the implementation environment includes a payment terminal 110 and a payment server 120, and fig. 4 illustrates that the payment terminal 110 includes a payment host and an intelligent camera. Referring to fig. 4, the method may include the steps of:
step 401, an intelligent camera of the payment terminal generates a target public key and a target private key.
Wherein the target private key and the target public key are a set of asymmetric public and private keys, such as RSA keys.
Optionally, the smart camera may generate the target public key and the target private key according to an identifier of the smart camera, or the smart camera may include a processor therein, and the smart camera may generate the target public key and the target private key according to an identifier of the processor.
Illustratively, the smart camera generates the target public key and the target private key according to the SN of the smart camera, or the smart camera generates the target public key and the target private key according to the identifier of the DSP in the smart camera.
It should be understood by those skilled in the art that the manner in which the smart camera generates the target public key and the target private key described in the embodiment of the present application is merely an example, and in practical applications, the smart camera may also generate the target public key and the target private key in other manners, and the embodiment of the present application does not limit the manner in which the smart camera generates the target public key and the target private key.
And 402, the intelligent camera of the payment terminal stores the target private key in a security module of the intelligent camera.
In the embodiment of the application, the intelligent camera may include a security module, and after the intelligent camera generates the target public key and the target private key, the target private key may be stored in the security module of the intelligent camera, so that the target private key may be prevented from being maliciously obtained by other terminals.
Optionally, the security module may be a software module and/or a hardware module, for example, the security module may be an SE or TEE module, and the TEE can provide a security zone for the smart camera to store the sensitive data, ensuring that the sensitive data is stored, processed, and protected in an isolated, trusted environment.
Optionally, in this embodiment of the application, the intelligent camera may be removably disposed in the payment terminal, the intelligent camera may generate the target public key and the target private key after leaving a factory, and the target private key may be burned in a security module of the intelligent camera, which is not limited in this embodiment of the application.
And step 403, the intelligent camera of the payment terminal sends the identifier of the intelligent camera and the target public key to the payment server.
Optionally, the intelligent camera may obtain an identifier of the intelligent camera first, and then send the identifier of the intelligent camera and the target public key to the payment server through communication connection between the payment terminal and the payment server, where the identifier of the intelligent camera may uniquely identify the intelligent camera, and the identifier of the intelligent camera may be, for example, an SN of the intelligent camera.
Optionally, the identifier of the intelligent camera may be stored in the intelligent camera, and the intelligent camera may read the identifier of the intelligent camera from its own storage space.
Step 404, the payment server receives the identifier of the intelligent camera and the target public key sent by the intelligent camera of the payment terminal.
The intelligent camera corresponding to the payment terminal sends the identification of the intelligent camera and the target public key to the payment server, and the payment server can receive the identification of the intelligent camera and the target public key sent by the intelligent camera. Optionally, the payment server may receive the identifier of the smart camera and the target public key sent by the smart camera through a communication connection with the payment terminal.
It should be noted that, in this embodiment of the application, it is described by taking an example that the intelligent camera sends the identifier of the intelligent camera and the target public key to the payment server, in practical application, the intelligent camera may transmit the identifier of the intelligent camera and the target public key to the payment host, and the payment host sends the identifier of the intelligent camera and the target public key to the payment server, so that the payment server may receive the identifier of the intelligent camera and the target public key sent by the payment host of the payment terminal, which is not limited in this embodiment of the application.
And step 405, the payment server binds and stores the identification of the intelligent camera and the target public key.
After receiving the identifier of the intelligent camera and the target public key, the payment server can bind and store the identifier of the intelligent camera and the target public key. Optionally, the payment server may bind the identifier of the smart camera and the target public key to obtain a binding relationship, and then store the binding relationship.
It is easy to understand that the payment server may store the identifier of the smart camera and the target public key in a local binding manner, or store the identifier of the smart camera and the target public key in a binding manner to another terminal or server, which is not limited in this embodiment of the present application.
And step 406, the intelligent camera of the payment terminal acquires the face image data.
Optionally, the intelligent camera may have an image sensor, and the intelligent camera may acquire face image data through the image sensor to obtain the face image data. The image sensor may include any combination of a color image sensor, a depth image sensor or an infrared image sensor, and accordingly, the face image data may be any combination of one or more of color image data, depth image data or infrared image data.
Optionally, the user may operate the payment terminal to trigger the payment terminal to turn on the intelligent camera and display the face acquisition area, and the user may adjust the face position according to the face acquisition area, so that the face is located in the face acquisition area, and the intelligent camera performs face image acquisition.
And 407, the intelligent camera of the payment terminal signs according to the face image data to obtain signature information.
After the intelligent camera of the payment terminal collects the face image data, signature can be carried out according to the face image data to obtain signature information. Optionally, the intelligent camera may include a processor (e.g., a DSP), and after the image sensor acquires the face image data, the image sensor may transmit the face image data to the processor, and the processor performs a signature according to the face image data to obtain signature information.
Optionally, the signing by the intelligent camera according to the face image data to obtain signature information may include: the intelligent camera uses the target private key to sign the face image data to obtain signature information, for example, the intelligent camera uses the target private key to encrypt the face image data to obtain signature information. Or, the intelligent camera acquires the feature data of the face image data, and signs the feature data of the face image data by using the target private key to obtain signature information, for example, the intelligent camera encrypts the feature data of the face image data by using the target private key to obtain signature information. Wherein the characteristic data may comprise a hash value.
Optionally, the intelligent camera may perform feature extraction on the face image data to obtain feature data of the face image data, for example, the intelligent camera performs feature extraction on the face image data through a hash algorithm to obtain a hash value of the face image data.
In the embodiment of the application, before the intelligent camera adopts the target private key for signature, the target private key can be obtained first. Optionally, the smart camera may read the target private key from its own security module, for example, the smart camera may read the target private key from the SE or TEE module.
Those skilled in the art can easily understand that signature information obtained according to private key signature can only be verified by using a corresponding public key, and the signature information in the embodiment of the present application is obtained by an intelligent camera by using a target private key for signature, so that the signature information can only be verified by using a target public key paired with the target private key, and information security can be ensured.
And step 408, the intelligent camera of the payment terminal transmits the face image data and the signature information to a payment host of the payment terminal.
Optionally, the intelligent camera is pluggable to the payment host, and the intelligent camera can transmit the face image data and the signature information to the payment host through the communication connection.
Optionally, if the signature information is obtained by the intelligent camera signing the feature data of the face image data by using the target private key, the intelligent camera may also transmit the feature data of the face image data to the payment host, which is not limited in the embodiment of the present application.
Step 409, the payment host of the payment terminal sends a payment request to the payment server, wherein the payment request carries the face image data and the signature information.
Optionally, the payment host may generate a payment request, and then send the payment request to the payment server through a communication connection between the payment terminal and the payment server, where the payment request carries the facial image data and the signature information.
Optionally, if the signature information is obtained by signing, by the intelligent camera of the payment terminal, the feature data of the face image data by using the target private key, the payment request may also carry the feature data of the face image data, which is not limited in this embodiment of the application.
Step 410, the payment server receives the payment request sent by the payment host of the payment terminal.
The payment server can receive the payment request sent by the payment host of the payment terminal, and the payment request carries the face image data and the signature information. Optionally, the payment request may also carry feature data of the facial image data, which is not limited in this embodiment of the application.
Step 411, the payment server checks the signature information carried by the payment request.
After receiving a payment request sent by a payment host of the payment terminal, the payment server can analyze the payment request to obtain the face image data and the signature information, and then verify the signature of the signature information. Optionally, if the payment request also carries the feature data of the facial image data, the payment server analyzes the payment request to obtain the feature data of the facial image data.
Optionally, the payment server verifying the signature information may include: the payment server checks the signature information by adopting a target public key to obtain signature checking data, whether the signature checking data is the same as the face image data carried by the payment request is detected, if the signature checking data is the same as the face image data carried by the payment request, the payment server determines that the signature checking is successful, and if the signature checking data is different from the face image data carried by the payment request, the payment server determines that the signature checking is failed.
Optionally, if the payment request further carries feature data of the facial image data, the verifying the signature by the payment server may include: the payment server checks the signature information by adopting the target public key to obtain signature checking data, whether the signature checking data is the same as the characteristic data carried by the payment request is detected, if the signature checking data is the same as the characteristic data, the payment server determines that the signature checking is successful, and if the signature checking data is different from the characteristic data, the payment server determines that the signature checking is failed.
It should be noted that, the verifying the signature information by the payment server using the target public key may include: the payment server decrypts the signature information by adopting the target public key, and if decryption fails, or the decrypted signature verification data is different from the human face characteristic data (or the characteristic data of the human face characteristic data), signature verification fails.
It should be further noted that, before the payment server adopts the target public key to verify the signature information, the payment server may first obtain the target public key. Optionally, the payment request may further carry an identifier of the intelligent camera, the payment server may store a binding relationship between the public key and the identifier of the camera, and the payment server may obtain the target public key from the binding relationship according to the identifier of the intelligent camera carried in the payment request. Of course, the payment server may also obtain the target public key in other manners, and the embodiment of the present application does not limit the manner in which the payment server obtains the target public key.
And step 412, the payment server performs face payment according to the face image data carried by the payment request after the signature verification is successful.
If the payment server determines that the signature verification is successful in step 412, the payment server determines that the face image data carried in the payment request is authentic face image data and not malicious data, and the payment server performs face payment according to the face image data.
Optionally, the payment server making the face payment according to the face image data may include: and the payment server acquires payment information according to the face image data, returns the payment information to the payment terminal, and completes payment according to the payment information after the payment terminal receives the payment information. The payment information may be a payment code or a payment link, the payment code may be any one of a two-dimensional code or a barcode, and the payment link may be a payment website, which is not limited in this embodiment of the present application.
Those skilled in the art will readily understand that the sequence of the steps of the face payment method provided in the embodiment of the present application may be appropriately adjusted, and the steps may also be increased or decreased according to the circumstances, for example, steps 401 to 405 may be performed when the payment terminal is used for face payment for the first time, or performed when the intelligent camera leaves a factory, and need not be performed each time face payment is performed.
To sum up, in the face payment method provided in the embodiment of the present application, after the intelligent camera of the payment terminal acquires the face image data, the intelligent camera performs signature according to the face image data to obtain signature information, the payment terminal sends the payment request carrying the face image data and the signature information to the payment server, the payment server performs signature verification on the signature information, and after the signature verification is successful, the face payment is performed according to the face image data. Because the intelligent camera of the payment terminal carries out signature according to the face image data, and the payment server carries out face payment according to the face image data after the signature verification is successful, the safety of face payment is improved.
In the embodiment of the application, the target private key is stored in the security module of the intelligent camera and cannot be exported, so that the security of the target private key can be ensured, and the process of signing according to the face image data by adopting the target private key is executed in the intelligent camera, so that the security of the face image data (data source) can be ensured, and the security of face payment is ensured.
At present, some schemes for improving payment security by modifying and upgrading a host of a payment terminal exist, but the difficulty of modifying and upgrading the host of the payment terminal is high, and the cost is high; in the embodiment of the application, the intelligent camera is arranged in the payment terminal in a pluggable manner, so that the intelligent camera can be integrated in the payment terminal without modifying and upgrading a host (namely, the payment host) of the payment terminal, the difficulty is low, and the cost is low.
Fig. 5 is a schematic diagram of a face payment method provided in an embodiment of the present application, and the face payment method provided in the embodiment of the present application is schematically described below with reference to fig. 5, by taking an example in which an intelligent camera signs feature data of face image data by using a target private key, where the feature data is a hash value.
As shown in fig. 5, the payment terminal includes an intelligent camera and a payment host, the intelligent camera is pluggable and communicatively connected with the payment host, the intelligent camera includes a security module (SE and/or TEE module), a DSP and an image sensor, and the payment host includes an REE module.
When the payment method provided by the embodiment of the application is executed, the DSP generates a target public key and a target private key, the target private key is stored in the SE or TEE module, the target public key is sent to the payment server, and the payment server stores the target public key. And then, the image sensor collects the face image data and transmits the face image data to the DSP. The DSP calculates the hash value of the face image data, reads a target private key from the SE or TEE module, signs the hash value of the face image data by adopting the target private key to obtain signature information, and transmits the face image data, the hash value of the face image data and the signature information to the payment host. And the payment host generates a payment request carrying the facial image data, the hash value of the facial image data and the signature information, and sends the payment request to a payment server. And after receiving the payment request, the payment server acquires a target public key, checks the signature information carried by the payment request by adopting the target public key to obtain signature checking data, detects whether the signature checking data is the same as a hash value carried by the payment request or not to check the face image data carried by the payment request, and after the check is successful, carries out face payment according to the face image data.
The following are embodiments of the apparatus of the present application that may be used to perform embodiments of the method of the present application. For details which are not disclosed in the embodiments of the apparatus of the present application, reference is made to the embodiments of the method of the present application.
Referring to fig. 6, a block diagram of a face payment apparatus 600 provided in an embodiment of the present application is shown, where the face payment apparatus 600 may be a program component in a payment terminal, and the payment terminal has an intelligent camera. Referring to fig. 6, the face payment apparatus 600 may include, but is not limited to:
an obtaining module 610, configured to obtain face image data through an intelligent camera;
the signature module 620 is configured to perform signature according to the face image data through an intelligent camera to obtain signature information;
the first sending module 630 is configured to send a payment request to the payment server, where the payment request carries the facial image data and the signature information, so that the payment server checks the signature of the signature information, and performs facial payment according to the facial image data after the signature is successfully checked.
Optionally, the signature module 620 is configured to sign the face image data with a target private key through the smart camera to obtain signature information.
Optionally, the signature module 620 is configured to:
acquiring feature data of the face image data through an intelligent camera;
and signing the characteristic data by adopting a target private key through the intelligent camera to obtain signature information.
Optionally, referring to fig. 7, which shows a block diagram of another face payment apparatus 600 provided in the embodiment of the present application, referring to fig. 7, on the basis of fig. 6, the face payment apparatus 600 further includes:
a generating module 640, configured to generate a target public key and a target private key through an intelligent camera, where the target private key and the target public key are a set of asymmetric public and private keys;
the storage module 650 is used for storing the target private key in the security module of the intelligent camera;
the second sending module 660 is configured to send the identifier of the smart camera and the target public key to the payment server, so that the payment server binds and stores the identifier of the smart camera and the target public key.
Optionally, the characteristic data comprises a hash value.
To sum up, according to the face payment device provided by the embodiment of the application, after the intelligent camera of the payment terminal acquires the face image data, the intelligent camera signs according to the face image data to obtain the signature information, the payment terminal sends the payment request carrying the face image data and the signature information to the payment server, the payment server checks the signature of the signature information, and after the signature is checked successfully, the face payment is performed according to the face image data. Because the intelligent camera of the payment terminal carries out signature according to the face image data, and the payment server carries out face payment according to the face image data after the signature verification is successful, the safety of face payment is improved.
Referring to fig. 8, a block diagram of a face payment apparatus 800 provided in an embodiment of the present application is shown, where the face payment apparatus 800 may be a program component in a payment server. Referring to fig. 8, the face payment apparatus 800 may include, but is not limited to:
the first receiving module 810 is configured to receive a payment request sent by a payment terminal, where the payment request carries face image data and signature information, and the signature information is obtained by performing signature according to the face image data after an intelligent camera of the payment terminal acquires the face image data;
a signature verification module 820, configured to verify the signature information;
and the payment module 830 is configured to perform face payment according to the face image data after the signature verification is successful.
Optionally, the signature information is obtained by signing the face image data by an intelligent camera of the payment terminal by using a target private key,
the signature verification module 820 is configured to:
adopting a target public key to check the signature information to obtain signature checking data, wherein the target private key and the target public key are a group of asymmetric public and private keys;
and when the signature checking data is the same as the face image data, determining that the signature checking is successful.
Optionally, the signature information is obtained by signing the feature data of the facial image data by the intelligent camera of the payment terminal by using a target private key, the payment request also carries the feature data,
the signature verification module 820 is configured to:
adopting a target public key to check the signature information to obtain signature checking data, wherein the target private key and the target public key are a group of asymmetric public and private keys;
and when the signature verification data is the same as the characteristic data, determining that the signature verification is successful.
Optionally, referring to fig. 9, which shows a block diagram of another face payment apparatus 800 provided in the embodiment of the present application, referring to fig. 9, on the basis of fig. 8, the face payment apparatus 800 further includes:
the second receiving module 840 is configured to receive the identifier of the intelligent camera and the target public key sent by the payment terminal;
and the storage module 850 is used for binding and storing the identifier of the intelligent camera and the target public key.
Optionally, the characteristic data comprises a hash value.
To sum up, according to the face payment device provided by the embodiment of the application, after the intelligent camera of the payment terminal acquires the face image data, the intelligent camera signs according to the face image data to obtain the signature information, the payment terminal sends the payment request carrying the face image data and the signature information to the payment server, the payment server checks the signature of the signature information, and after the signature is checked successfully, the face payment is performed according to the face image data. Because the intelligent camera of the payment terminal carries out signature according to the face image data, and the payment server carries out face payment according to the face image data after the signature verification is successful, the safety of face payment is improved.
With regard to the apparatus in the above-described embodiment, the specific manner in which each module performs the operation has been described in detail in the embodiment related to the method, and will not be elaborated here.
Please refer to fig. 10, which illustrates a schematic structural diagram of a face payment apparatus 1000 according to an embodiment of the present application. The apparatus 1000 may be a payment terminal, which may be a face terminal, for example: a terminal such as a smart phone, a tablet computer, a notebook computer or a desktop computer. The apparatus 1000 may also be referred to by other names such as user equipment, portable terminal, laptop terminal, desktop terminal, etc.
In general, the apparatus 1000 includes: a processor 1001 and a memory 1002.
Processor 1001 may include one or more processing cores, such as a 4-core processor, an 8-core processor, and so forth. The processor 1001 may be implemented in at least one hardware form of Digital Signal Processing (DSP), Field Programmable Gate Array (FPGA), and Programmable Logic Array (PLA). The processor 1001 may also include a main processor and a coprocessor, where the main processor is a processor, also called a CPU, for processing data in an awake state; a coprocessor is a low power processor for processing data in a standby state. In some embodiments, the processor 1001 may be integrated with an image processor (GPU), and the GPU is responsible for rendering and drawing the content required to be displayed on the display screen. In some embodiments, processor 1001 may further include an Artificial Intelligence (AI) processor for processing computing operations related to machine learning.
Memory 1002 may include one or more computer-readable storage media, which may be non-transitory. The memory 1002 may also include high-speed random access memory, as well as non-volatile memory, such as one or more magnetic disk storage devices, flash memory storage devices. In some embodiments, a non-transitory computer readable storage medium in the memory 1002 is used to store at least one instruction for execution by the processor 1001 to implement the methods provided by embodiments of the present application.
In some embodiments, the apparatus 1000 may further include: a peripheral interface 1003 and at least one peripheral. The processor 1001, memory 1002 and peripheral interface 1003 may be connected by a bus or signal line. Various peripheral devices may be connected to peripheral interface 1003 via a bus, signal line, or circuit board. The peripheral device may include: at least one of radio frequency circuitry 1004, touch screen display 1005, camera assembly 1006, audio circuitry 1007, positioning assembly 1008, or power supply 1009.
Peripheral interface 1003 may be used to connect at least one peripheral associated with I/O to processor 1001 and memory 1002. In some embodiments, processor 1001, memory 1002, and peripheral interface 1003 are integrated on the same chip or circuit board; in some other embodiments, any one or two of the processor 1001, the memory 1002, and the peripheral interface 1003 may be implemented on separate chips or circuit boards, which are not limited by this embodiment.
The Radio Frequency circuit 1004 is used for receiving and transmitting Radio Frequency (RF) signals, also called electromagnetic signals. The radio frequency circuitry 1004 communicates with communication networks and other communication devices via electromagnetic signals. The radio frequency circuit 1004 converts an electrical signal into an electromagnetic signal to transmit, or converts a received electromagnetic signal into an electrical signal. Optionally, the radio frequency circuit 1004 comprises: an antenna system, an RF transceiver, one or more amplifiers, a tuner, an oscillator, a digital signal processor, a codec chipset, a subscriber identity module card, and so forth. The radio frequency circuit 1004 may communicate with other terminals via at least one wireless communication protocol. The wireless communication protocols include, but are not limited to: metropolitan area networks, various generation mobile communication networks (2G, 3G, 4G, and 5G), wireless local area networks, and/or WiFi networks. In some embodiments, the rf circuit 1004 may further include a Near Field Communication (NFC) related circuit, which is not limited in this application.
The display screen 1005 is used to display a User Interface (UI). The UI may include graphics, text, icons, video, and any combination thereof. When the display screen 1005 is a touch display screen, the display screen 1005 also has the ability to capture touch signals on or over the surface of the display screen 1005. The touch signal may be input to the processor 1001 as a control signal for processing. At this point, the display screen 1005 may also be used to provide virtual buttons and/or a virtual keyboard, also referred to as soft buttons and/or a soft keyboard. In some embodiments, the display screen 1005 may be one, disposed on the front panel of the device 1000; in other embodiments, the display screen 1005 may be at least two, respectively disposed on different surfaces of the device 1000 or in a folded design; in still other embodiments, the display 1005 may be a flexible display, disposed on a curved surface or on a folded surface of the device 1000. Even more, the display screen 1005 may be arranged in a non-rectangular irregular figure, i.e., a shaped screen. The Display screen 1005 may be made of Liquid Crystal Display (LCD), Organic Light-Emitting Diode (OLED), or the like.
The camera assembly 1006 is used to capture images or video. Optionally, the camera assembly 1006 includes a front camera and a rear camera. Generally, a front camera is disposed at a front panel of the terminal, and a rear camera is disposed at a rear surface of the terminal. In some embodiments, the number of the rear cameras is at least two, and each of the rear cameras is any one of a main camera, a depth-of-field camera, a wide-angle camera and a telephoto camera, so that the main camera and the depth-of-field camera are fused to realize a background blurring function, and the main camera and the wide-angle camera are fused to realize a panoramic shooting function and a Virtual Reality (VR) shooting function or other fusion shooting functions. In some embodiments, camera assembly 1006 may also include a flash. The flash lamp can be a monochrome temperature flash lamp or a bicolor temperature flash lamp. The double-color-temperature flash lamp is a combination of a warm-light flash lamp and a cold-light flash lamp, and can be used for light compensation at different color temperatures. In this embodiment, the camera assembly 1006 may include an intelligent camera that is removably disposed in the device 1000, and the intelligent camera may be a 3D camera having a live body detection function. The smart camera may include a security module that may be used to store a private key of the smart camera. The security module may be a software module and/or a hardware module, for example, the security module may be a SE or TEE module. Optionally, the smart camera may further include a processor, which may be used for data processing, and the processor may be, for example, a DSP. And, the intelligent camera can also comprise an image sensor, the image sensor is used for collecting image data, and the image sensor can comprise any one of a color image sensor, a depth image sensor or an infrared image sensor.
The audio circuit 1007 may include a microphone and a speaker. The microphone is used for collecting sound waves of a user and the environment, converting the sound waves into electric signals, and inputting the electric signals to the processor 1001 for processing or inputting the electric signals to the radio frequency circuit 1004 for realizing voice communication. For stereo sound acquisition or noise reduction purposes, the microphones may be multiple and located at different locations of the device 1000. The microphone may also be an array microphone or an omni-directional pick-up microphone. The speaker is used to convert electrical signals from the processor 1001 or the radio frequency circuit 1004 into sound waves. The loudspeaker can be a traditional film loudspeaker or a piezoelectric ceramic loudspeaker. When the speaker is a piezoelectric ceramic speaker, the speaker can be used for purposes such as converting an electric signal into a sound wave audible to a human being, or converting an electric signal into a sound wave inaudible to a human being to measure a distance. In some embodiments, the audio circuit 1007 may also include a headphone jack.
The positioning component 1008 is used for positioning the current geographic Location of the device 1000 to implement navigation or Location Based Service (LBS). The Positioning component 1008 may be a Positioning component based on the Global Positioning System (GPS) in the united states, the beidou System in china, the graves System in russia, or the galileo System in the european union.
A power supply 1009 is used to supply power to the various components in the apparatus 1000. The power source 1009 may be alternating current, direct current, disposable batteries, or rechargeable batteries. When the power source 1009 includes a rechargeable battery, the rechargeable battery may support wired charging or wireless charging. Rechargeable batteries may also be used to support fast charge technologies.
In some embodiments, the device 1000 further comprises one or more sensors 1010. The one or more sensors 1010 include, but are not limited to: acceleration sensor 1011, gyro sensor 1012, pressure sensor 1013, fingerprint sensor 1014, optical sensor 1015, and proximity sensor 1016.
The acceleration sensor 1011 can detect the magnitude of acceleration on three coordinate axes of a coordinate system established with the apparatus 1000. For example, the acceleration sensor 1011 may be used to detect components of the gravitational acceleration in three coordinate axes. The processor 1001 may control the touch display screen 1005 to display a user interface in a landscape view or a portrait view according to the gravitational acceleration signal collected by the acceleration sensor 1011. The acceleration sensor 1011 may also be used for acquisition of motion data of a game or a user.
The gyro sensor 1012 may detect a body direction and a rotation angle of the apparatus 1000, and the gyro sensor 1012 may cooperate with the acceleration sensor 1011 to acquire a 3D motion of the user with respect to the apparatus 1000. From the data collected by the gyro sensor 1012, the processor 1001 may implement the following functions: motion sensing (such as changing the UI according to a user's tilting operation), image stabilization at the time of photographing, game control, and inertial navigation.
Pressure sensors 1013 may be provided on the side frame of the device 1000 and/or on the lower layer of the touch screen 1005. When the pressure sensor 1013 is disposed on a side frame of the device 1000, a user's holding signal of the device 1000 can be detected, and the processor 1001 performs left-right hand recognition or shortcut operation according to the holding signal collected by the pressure sensor 1013. When the pressure sensor 1013 is disposed at a lower layer of the touch display screen 1005, the processor 1001 controls the operability control on the UI interface according to the pressure operation of the user on the touch display screen 1005. The operability control comprises at least one of a button control, a scroll bar control, an icon control and a menu control.
The fingerprint sensor 1014 is used to collect a fingerprint of the user, and the processor 1001 identifies the user according to the fingerprint collected by the fingerprint sensor 1014, or the fingerprint sensor 1014 identifies the user according to the collected fingerprint. Upon identifying that the user's identity is a trusted identity, the processor 1001 authorizes the user to perform relevant sensitive operations including unlocking a screen, viewing encrypted information, downloading software, paying, and changing settings, etc. The fingerprint sensor 1014 may be disposed on the front, back, or side of the face payment device 1000. When a physical button or vendor Logo is provided on the device 1000, the fingerprint sensor 1014 may be integrated with the physical button or vendor Logo.
The optical sensor 1015 is used to collect the ambient light intensity. In one embodiment, the processor 1001 may control the display brightness of the touch display screen 1005 according to the intensity of the ambient light collected by the optical sensor 1015. Specifically, when the ambient light intensity is high, the display brightness of the touch display screen 1005 is increased; when the ambient light intensity is low, the display brightness of the touch display screen 1005 is turned down. In another embodiment, the processor 1001 may also dynamically adjust the shooting parameters of the camera assembly 1006 according to the intensity of the ambient light collected by the optical sensor 1015.
A proximity sensor 1016, also known as a distance sensor, is typically provided on the front panel of the device 1000. The proximity sensor 1016 is used to capture the distance between the user and the front of the device 1000. In one embodiment, the processor 1001 controls the touch display screen 1005 to switch from the bright screen state to the dark screen state when the proximity sensor 1016 detects that the distance between the user and the front of the device 1000 is gradually decreased; when the proximity sensor 1016 detects that the distance between the user and the front of the device 1000 is gradually increased, the touch display screen 1005 is controlled by the processor 1001 to switch from a breath-screen state to a bright-screen state.
Those skilled in the art will appreciate that the configuration shown in fig. 10 is not intended to be limiting of the apparatus 1000 and may include more or fewer components than those shown, or some components may be combined, or a different arrangement of components may be used.
Referring to fig. 11, a schematic structural diagram of a face payment apparatus 1100 according to an embodiment of the present application is shown, where the face payment apparatus 1100 may be a payment server. Illustratively, as shown in fig. 11, the apparatus 1100 includes a Central Processing Unit (CPU) 1101, a system Memory 1104 including a Random-Access Memory (RAM) 1102 and a Read-Only Memory (ROM) 1103, and a system bus 1105 connecting the system Memory 1104 and the Central Processing Unit 1101. The apparatus 1100 also includes a basic Input/Output (I/O) system 1106, which facilitates information transfer between devices within the computer, and a mass storage device 1107 for storing an operating system 1113, application programs 1114, and other program modules 1115.
The basic input/output system 1106 includes a display 1108 for displaying information and an input device 1109 such as a mouse, keyboard, etc. for user input of information. Wherein the display 1108 and the input device 1109 are connected to the central processing unit 1101 through an input output controller 1110 connected to the system bus 1105. The basic input/output system 1106 may also include an input/output controller 1110 for receiving and processing input from a number of other devices, such as a keyboard, mouse, or electronic stylus. Similarly, input/output controller 1110 also provides output to a display screen, a printer, or other type of output device.
The mass storage device 1107 is connected to the central processing unit 1101 through a mass storage controller (not shown) that is connected to the system bus 1105. The mass storage device 1107 and its associated computer-readable media provide non-volatile storage for the apparatus 1100. That is, the mass storage device 1107 may include a computer-readable medium (not shown) such as a hard disk or CD-ROM drive.
Without loss of generality, computer-readable storage media may comprise computer storage media and communication media. Computer storage media includes volatile and nonvolatile, removable and non-removable media implemented in any method or technology for storage of information such as computer readable instructions, data structures, program modules or other data. Computer storage media include RAM, ROM, Erasable Programmable Read Only Memory (EPROM), Electrically Erasable Programmable Read Only Memory (EEPROM), flash Memory or other solid state Memory technologies, Compact Disc Read-Only Memory (CD-ROM), Digital Versatile Disc (DVD), or other optical storage, magnetic cassettes, magnetic tape, magnetic disk storage, or other magnetic storage devices. Of course, those skilled in the art will appreciate that computer storage media is not limited to the foregoing. The system memory 1104 and mass storage device 1107 described above may be collectively referred to as memory.
According to various embodiments of the present application, the apparatus 1100 may also operate as a remote computer connected to a network via a network, such as the Internet. That is, the apparatus 1100 may connect to the network 1112 through the network interface unit 1111 that is coupled to the system bus 1105, or may connect to other types of networks or remote computer systems (not shown) using the network interface unit 1111.
The memory further includes one or more programs, and the one or more programs are stored in the memory and configured to be executed by the CPU to implement the method provided by the embodiment of the present application.
Referring to fig. 12, which shows a schematic diagram of a face payment system provided in an embodiment of the present application, referring to fig. 12, the face payment system may include: a payment terminal 1210 and a payment server 1220, the payment terminal 1210 having an intelligent camera 1211.
The intelligent camera 1211 is configured to obtain face image data, and perform signature according to the face image data to obtain signature information;
the payment terminal 1210 is configured to send a payment request to the payment server 1220, where the payment request carries the facial image data and the signature information;
the payment server 1220 is configured to check the signature information carried in the payment request, and perform face payment according to the face image data carried in the payment request after the signature is successfully checked.
Optionally, the intelligent camera 1211 is configured to sign the face image data with a target private key to obtain signature information;
the payment server 1220 is configured to check the signature information by using a target public key to obtain signature checking data, and when the signature checking data is the same as the face image data, it is determined that the signature checking is successful, and the target private key and the target public key are a set of asymmetric public and private keys.
Optionally, the intelligent camera 1211 is configured to obtain feature data of the face image data, and sign the feature data with a target private key to obtain signature information;
the payment request further carries the feature data, and the payment server 1220 is configured to use a target public key to check the signature of the signature information to obtain signature checking data, and when the signature checking data is the same as the feature data, it is determined that the signature checking is successful, and the target private key and the target public key are a set of asymmetric public and private keys.
Optionally, the smart camera 1211 is further configured to generate a target private key and a target public key, and store the target private key in a security module of the smart camera 1211;
the payment terminal 1210 is further configured to send the identifier of the smart camera 1211 and the target public key to the payment server 1220;
the payment server 1220 is further configured to store the identifier of the smart camera 1211 and the target public key in a binding manner.
Optionally, the payment request further carries an identifier of the intelligent camera 1211, and the payment server 1221 is further configured to obtain the target public key according to the identifier of the intelligent camera 1221.
Optionally, the characteristic data comprises a hash value.
To sum up, according to the face payment system provided by the embodiment of the application, after the intelligent camera of the payment terminal acquires the face image data, the intelligent camera signs according to the face image data to obtain the signature information, the payment terminal sends the payment request carrying the face image data and the signature information to the payment server, the payment server checks the signature of the signature information, and after the signature is checked successfully, the face payment is performed according to the face image data. Because the intelligent camera of the payment terminal carries out signature according to the face image data, and the payment server carries out face payment according to the face image data after the signature verification is successful, the safety of face payment is improved.
A computer-readable storage medium may store at least one instruction, at least one program, a set of codes, or a set of instructions, which is loaded and executed by a processor to implement the face payment method shown in fig. 2 to 4.
In this application, the terms "first" and "second" are used for descriptive purposes only and are not to be construed as indicating or implying relative importance. The term "plurality" means two or more unless expressly limited otherwise.
The term "and/or" in this application is only one kind of association relationship describing the associated object, and means that there may be three kinds of relationships, for example, a and/or B, which may mean: a exists alone, A and B exist simultaneously, and B exists alone. In addition, the character "/" herein generally indicates that the former and latter related objects are in an "or" relationship.
The term "at least one of a or B" in this application is only one kind of association relationship describing an associated object, and means that three kinds of relationships may exist, for example, at least one of a or B may mean: a exists alone, A and B exist simultaneously, and B exists alone. Similarly, "A, B or at least one of C" means that there may be seven relationships that may represent: seven cases of A alone, B alone, C alone, A and B together, A and C together, C and B together, and A, B and C together exist.
It will be understood by those skilled in the art that all or part of the steps for implementing the above embodiments may be implemented by hardware, or may be implemented by a program instructing relevant hardware, where the program may be stored in a computer-readable storage medium, and the above-mentioned storage medium may be a read-only memory, a magnetic disk or an optical disk, etc.
The above description is only exemplary of the present application and should not be taken as limiting the present application, and any modifications, equivalents, improvements and the like that are made within the spirit and principle of the present application should be included in the protection scope of the present application.

Claims (10)

1. A face payment system, the system comprising: a payment terminal and a payment server, wherein the payment terminal is provided with an intelligent camera,
the intelligent camera is used for acquiring face image data and carrying out signature according to the face image data to obtain signature information;
the payment terminal is used for sending a payment request to the payment server, wherein the payment request carries the facial image data and the signature information;
and the payment server is used for verifying the signature information carried by the payment request and carrying out face payment according to the face image data carried by the payment request after the signature verification is successful.
2. The system of claim 1,
the intelligent camera is used for signing the face image data by adopting a target private key to obtain the signature information;
the payment server is used for verifying the signature information by adopting a target public key to obtain signature verification data, the signature verification data is the same as the face image data, the success of signature verification is determined, and the target private key and the target public key are a group of asymmetric public and private keys.
3. The system of claim 1,
the intelligent camera is used for acquiring the feature data of the face image data and signing the feature data by adopting a target private key to obtain the signature information;
the payment server is used for adopting a target public key to check the signature of the signature information to obtain signature checking data, the signature checking data is the same as the characteristic data, the success of signature checking is determined, and the target private key and the target public key are a group of asymmetric public and private keys.
4. The system of claim 2 or 3,
the intelligent camera is further used for generating the target private key and the target public key and storing the target private key in a security module of the intelligent camera;
the payment terminal is further used for sending the identification of the intelligent camera and the target public key to the payment server;
and the payment server is also used for binding and storing the identification of the intelligent camera and the target public key.
5. The system of claim 4,
the payment request also carries an identification of the intelligent camera, and the payment server is further used for obtaining the target public key according to the identification of the intelligent camera.
6. A face payment method is applied to a payment terminal, the payment terminal is provided with an intelligent camera, and the method comprises the following steps:
acquiring human face image data through the intelligent camera;
signing according to the face image data through the intelligent camera to obtain signature information;
and sending a payment request to a payment server, wherein the payment request carries the face image data and the signature information, so that the payment server checks the signature of the signature information and carries out face payment according to the face image data after the signature is checked successfully.
7. A face payment method is applied to a payment server and comprises the following steps:
receiving a payment request sent by a payment terminal, wherein the payment request carries face image data and signature information, and the signature information is obtained by carrying out signature according to the face image data after an intelligent camera of the payment terminal acquires the face image data;
verifying the signature information;
and after the signature verification is successful, carrying out face payment according to the face image data.
8. A face payment device, characterized by comprising modules for executing the face payment method of claim 6 or 7.
9. A face payment device, the device comprising a processor and a memory, the memory having stored therein at least one instruction, at least one program, a set of codes, or a set of instructions, the at least one instruction, the at least one program, the set of codes, or the set of instructions being loaded and executed by the processor to implement the face payment method of claim 6 or 7.
10. A computer readable storage medium having stored therein at least one instruction, at least one program, a set of codes, or a set of instructions, which is loaded and executed by a processor to implement the face payment method of claim 6 or 7.
CN201911294321.6A 2019-12-16 2019-12-16 Face payment method, device and system and computer readable storage medium Active CN111062725B (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
CN201911294321.6A CN111062725B (en) 2019-12-16 2019-12-16 Face payment method, device and system and computer readable storage medium

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
CN201911294321.6A CN111062725B (en) 2019-12-16 2019-12-16 Face payment method, device and system and computer readable storage medium

Publications (2)

Publication Number Publication Date
CN111062725A true CN111062725A (en) 2020-04-24
CN111062725B CN111062725B (en) 2023-07-07

Family

ID=70300773

Family Applications (1)

Application Number Title Priority Date Filing Date
CN201911294321.6A Active CN111062725B (en) 2019-12-16 2019-12-16 Face payment method, device and system and computer readable storage medium

Country Status (1)

Country Link
CN (1) CN111062725B (en)

Cited By (3)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN111882324A (en) * 2020-07-24 2020-11-03 南京华捷艾米软件科技有限公司 Face authentication method and system
CN112101133A (en) * 2020-08-24 2020-12-18 江西台德智慧科技有限公司 Multi-view-angle-based multi-face scene face-brushing payment risk prevention and control system
CN112749971A (en) * 2020-08-21 2021-05-04 腾讯科技(深圳)有限公司 Payment verification method and device, detachable camera assembly and storage medium

Citations (8)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US20070094503A1 (en) * 2005-10-21 2007-04-26 Novell, Inc. Techniques for key distribution for use in encrypted communications
CN105306490A (en) * 2015-11-23 2016-02-03 小米科技有限责任公司 System, method and device for payment verification
US20160070894A1 (en) * 2014-09-07 2016-03-10 Michael Boodaei Authentication method and system using password as the authentication key
CN105704123A (en) * 2016-01-08 2016-06-22 腾讯科技(深圳)有限公司 Business processing method, device and system
CN108564353A (en) * 2018-04-27 2018-09-21 数字乾元科技有限公司 Payment system based on block chain and method
CN108599946A (en) * 2018-06-22 2018-09-28 深圳合纵富科技有限公司 A kind of safe encryption method and camera system based on camera system
CN108809653A (en) * 2018-06-19 2018-11-13 北京多采多宜网络科技有限公司 A kind of cryptographic check processing method
CN108881960A (en) * 2018-08-08 2018-11-23 江苏信源久安信息科技有限公司 The method of intelligent video camera head security control and data confidentiality based on id password

Patent Citations (8)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US20070094503A1 (en) * 2005-10-21 2007-04-26 Novell, Inc. Techniques for key distribution for use in encrypted communications
US20160070894A1 (en) * 2014-09-07 2016-03-10 Michael Boodaei Authentication method and system using password as the authentication key
CN105306490A (en) * 2015-11-23 2016-02-03 小米科技有限责任公司 System, method and device for payment verification
CN105704123A (en) * 2016-01-08 2016-06-22 腾讯科技(深圳)有限公司 Business processing method, device and system
CN108564353A (en) * 2018-04-27 2018-09-21 数字乾元科技有限公司 Payment system based on block chain and method
CN108809653A (en) * 2018-06-19 2018-11-13 北京多采多宜网络科技有限公司 A kind of cryptographic check processing method
CN108599946A (en) * 2018-06-22 2018-09-28 深圳合纵富科技有限公司 A kind of safe encryption method and camera system based on camera system
CN108881960A (en) * 2018-08-08 2018-11-23 江苏信源久安信息科技有限公司 The method of intelligent video camera head security control and data confidentiality based on id password

Non-Patent Citations (2)

* Cited by examiner, † Cited by third party
Title
FIDA ULLAH KHATTAK 等: "An invisible dual watermarking scheme for authentication and copyrights protection", 《2009 INTERNATIONAL CONFERENCE ON EMERGING TECHNOLOGIES》, pages 247 - 251 *
徐静: "基于生物特征识别的多因子身份认证即服务研究与应用", 《中国优秀硕士学位论文全文数据库》, no. 5, pages 138 - 140 *

Cited By (3)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN111882324A (en) * 2020-07-24 2020-11-03 南京华捷艾米软件科技有限公司 Face authentication method and system
CN112749971A (en) * 2020-08-21 2021-05-04 腾讯科技(深圳)有限公司 Payment verification method and device, detachable camera assembly and storage medium
CN112101133A (en) * 2020-08-24 2020-12-18 江西台德智慧科技有限公司 Multi-view-angle-based multi-face scene face-brushing payment risk prevention and control system

Also Published As

Publication number Publication date
CN111062725B (en) 2023-07-07

Similar Documents

Publication Publication Date Title
KR102350462B1 (en) Signature generation method, electronic device and storage medium
CN109948586B (en) Face verification method, device, equipment and storage medium
CN111062725B (en) Face payment method, device and system and computer readable storage medium
CN111506884A (en) User invitation method, device, computer equipment and computer readable storage medium
CN111275122A (en) Label labeling method, device, equipment and readable storage medium
CN110601827A (en) Block chain-based identity recognition method, device and system and storage medium
CN111062323A (en) Face image transmission method, numerical value transfer method, device and electronic equipment
CN113435621A (en) Reservation and data updating method, device, equipment and storage medium for epidemic prevention project
CN111309360B (en) Firmware updating method and device of quick charging equipment, computer equipment and storage medium
CN110677262B (en) Information notarization method, device and system based on blockchain
CN111193702B (en) Method and device for data encryption transmission
CN110365501B (en) Method and device for group joining processing based on graphic code
CN110290191B (en) Resource transfer result processing method, device, server, terminal and storage medium
CN111241499A (en) Application program login method, device, terminal and storage medium
CN111901283A (en) Resource transfer method, device, terminal and storage medium
CN111198922B (en) Game resource management method and device based on block chain
CN111523878A (en) Service processing method, device, system and storage medium
CN111881423A (en) Method, device and system for limiting function use authorization
CN108829464B (en) Service starting method and device, computer equipment and storage medium
CN110570289A (en) service processing method, device, equipment and storage medium based on block chain
CN110597840A (en) Partner relationship establishing method, device, equipment and storage medium based on block chain
CN112528311B (en) Data management method, device and terminal
CN115329309A (en) Verification method, verification device, electronic equipment and storage medium
CN111131619B (en) Account switching processing method, device and system
CN110971692B (en) Method and device for opening service and computer storage medium

Legal Events

Date Code Title Description
PB01 Publication
PB01 Publication
SE01 Entry into force of request for substantive examination
SE01 Entry into force of request for substantive examination
REG Reference to a national code

Ref country code: HK

Ref legal event code: DE

Ref document number: 40022560

Country of ref document: HK

GR01 Patent grant
GR01 Patent grant