CN111539732B - Biometric payment method, device, gateway equipment and storage medium - Google Patents

Biometric payment method, device, gateway equipment and storage medium Download PDF

Info

Publication number
CN111539732B
CN111539732B CN202010259375.5A CN202010259375A CN111539732B CN 111539732 B CN111539732 B CN 111539732B CN 202010259375 A CN202010259375 A CN 202010259375A CN 111539732 B CN111539732 B CN 111539732B
Authority
CN
China
Prior art keywords
biometric
payment
group
token
identification
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Active
Application number
CN202010259375.5A
Other languages
Chinese (zh)
Other versions
CN111539732A (en
Inventor
周明
陈旭
沈鑫
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
China Unionpay Co Ltd
Original Assignee
China Unionpay Co Ltd
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by China Unionpay Co Ltd filed Critical China Unionpay Co Ltd
Priority to CN202010259375.5A priority Critical patent/CN111539732B/en
Publication of CN111539732A publication Critical patent/CN111539732A/en
Priority to PCT/CN2021/075657 priority patent/WO2021196892A1/en
Application granted granted Critical
Publication of CN111539732B publication Critical patent/CN111539732B/en
Active legal-status Critical Current
Anticipated expiration legal-status Critical

Links

Classifications

    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06QINFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES, NOT OTHERWISE PROVIDED FOR
    • G06Q20/00Payment architectures, schemes or protocols
    • G06Q20/38Payment protocols; Details thereof
    • G06Q20/40Authorisation, e.g. identification of payer or payee, verification of customer or shop credentials; Review and approval of payers, e.g. check credit lines or negative lists
    • G06Q20/401Transaction verification
    • G06Q20/4014Identity check for transactions
    • G06Q20/40145Biometric identity checks
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L49/00Packet switching elements
    • H04L49/35Switches specially adapted for specific applications

Abstract

The application provides a biometric payment method, a device, gateway equipment and a storage medium, and relates to the field of data processing. The biometric payment method comprises the following steps: receiving a biometric route payment request message, the biometric route payment request message including a first biometric payment group token and first biometric data, the first biometric payment group token being used to characterize that an initiating user of the biometric route payment request message has rights for biometric payment in a first group; determining a first group according to the first biometric payment group token, and performing biometric identification by using the first biometric feature data and a biometric feature database corresponding to the first group to obtain a biometric identification result; and sending the biological recognition result to the payment device so that the payment device initiates a payment process according to the biological recognition result. By means of the technical scheme, the safety of the biometric payment of the user can be improved.

Description

Biometric payment method, device, gateway equipment and storage medium
Technical Field
The application belongs to the field of data processing, and particularly relates to a biometric payment method, a device, gateway equipment and a storage medium.
Background
With the gradual development of payment technology, the high efficiency and convenience of payment are important points of user attention. The biological identification payment is promoted in a large area due to the characteristics of high efficiency and convenience, and is a major key technology in the payment technology at present.
The biometric identification is a biometric identification technology for performing identity authentication based on biometric information. Biometric payment is a technique that utilizes biometric identification to make payments or transactions. The biometric data of the user collected during the biometric payment process is personal privacy data of the user. However, due to the large-scale popularization of face payment, there is a risk that personal privacy data of users are abused in a large range. In the case where there is a risk of the personal privacy data being abused to a large extent, the risk of the personal privacy data of the user being compromised increases. Once the user's personal privacy data is compromised, the security of the user's biometric payment will be greatly compromised.
Disclosure of Invention
The embodiment of the application provides a biometric payment method, a device, gateway equipment and a storage medium, which can improve the security of biometric payment of a user.
In a first aspect, an embodiment of the present application provides a biometric payment method, applied to a gateway device, where the method includes: receiving a biometric route payment request message, the biometric route payment request message including a first biometric payment group token and first biometric data, the first biometric payment group token being used to characterize that an initiating user of the biometric route payment request message has rights for biometric payment in a first group; determining a first group according to the first biometric payment group token, and performing biometric identification by using the first biometric feature data and a biometric feature database corresponding to the first group to obtain a biometric identification result; and sending the biological recognition result to the payment device so that the payment device initiates a payment process according to the biological recognition result.
In a second aspect, embodiments of the present application provide a biometric payment device, including: the receiving module is used for receiving a biometric route payment request message, wherein the biometric route payment request message comprises a first biometric payment group token and first biometric characteristic data, and the first biometric payment group token is used for representing that an initiating user of the biometric route payment request message has the right of biometric payment in a first group; the processing module is used for determining a first group according to the first biometric payment group token so as to perform biometric identification by utilizing the first biometric feature data and a biometric feature database corresponding to the first group to obtain a biometric identification result; and the sending module is used for sending the biological identification result to the payment equipment so that the payment equipment initiates a payment process according to the biological identification result.
In a third aspect, an embodiment of the present application provides a gateway device, including a processor, a memory, and a computer program stored on the memory and executable on the processor, where the computer program when executed by the processor implements a biometric payment method as in the technical solution of the first aspect.
In a fourth aspect, embodiments of the present application provide a computer readable storage medium, where a computer program is stored, where the computer program when executed by a processor implements the biometric payment method in the technical solution of the first aspect.
The embodiment of the application provides a biometric payment method, a device, gateway equipment and a storage medium, wherein the gateway equipment receives a biometric route payment request message comprising a first biometric payment group token and first biometric data. And determining a first group according to the first biometric payment group token, and performing biometric identification by using the first biometric feature data and a biometric feature database corresponding to the first group to obtain a biometric identification result. The biometric result may be used by the payment device to initiate a payment procedure. Wherein the first biometric payment group token may characterize the user as having rights to biometric payment in the first group. And (3) reducing the application range of the biometric data of the user to the group by using the biometric payment group token, reducing the risk that the personal privacy data of the user is abused in a large range, and reducing the risk that the personal privacy data of the user is revealed, thereby improving the security of the biometric payment of the user.
Drawings
The present application will be better understood from the following description of specific embodiments of the invention taken in conjunction with the accompanying drawings. Wherein like or similar reference numerals denote like or similar features.
FIG. 1 is a schematic diagram of a biometric payment system according to one embodiment of the present application;
FIG. 2 is a flow chart of a biometric payment method according to an embodiment of the present application;
FIG. 3 is a flow chart of a biometric payment method according to another embodiment of the present application;
FIG. 4 is a flow chart of a biometric payment method according to yet another embodiment of the present application;
FIG. 5 is a flowchart of a biometric payment method in a biometric payment system according to an embodiment of the present application;
FIG. 6 is a flow chart of a biometric payment method according to yet another embodiment of the present application;
fig. 7 is a schematic structural diagram of a biometric payment device according to an embodiment of the present application;
fig. 8 is a schematic structural diagram of a biometric payment device according to another embodiment of the present application;
fig. 9 is a schematic hardware structure of a gateway device according to an embodiment of the present application.
Detailed Description
Features and exemplary embodiments of various aspects of the present application are described in detail below. In the following detailed description, numerous specific details are set forth in order to provide a thorough understanding of the present application. It will be apparent, however, to one skilled in the art that the present application may be practiced without some of these specific details. The following description of the embodiments is merely intended to provide a better understanding of the present application by showing an example of the present application. The present application is in no way limited to any particular configuration and algorithm set forth below, but rather covers any modification, substitution, or improvement of elements, components, and algorithms without departing from the spirit of the present application. In the drawings and following description, well-known structures and techniques are not shown in order to avoid unnecessarily obscuring the present application.
Biometric payment is a technique that utilizes biometric identification to make payments or transactions. Since biometric payment involves personal privacy data such as biometric data of a user, security of biometric payment becomes a major concern. Fig. 1 is a schematic architecture diagram of a biometric payment system according to an embodiment of the present application. As shown in fig. 1, the biometric payment system may include a payment device, an order server, a gateway device, and a service server. The identification of the biometric rights and the biometric identification can be performed between the payment device and the network device. The interaction between the gateway device and the payment device may be via an order server. The payment device and the service server may perform a payment procedure. The interaction between the payment device and the service server may be performed by the order receiving server.
The application provides a biometric payment method, a device, gateway equipment and a storage medium, which can be applied to a scene of biometric payment of a user. The biometric payment method in the present application is particularly applicable to, i.e. performed by, a gateway device. The biometric payment method can limit the range of the user capable of using the biometric payment by using the biometric payment group token, so that the risk that personal privacy data of the user are abused in a large range is avoided, and the security of the biometric payment is improved. It should be noted that the Token is Token in this application.
Fig. 2 is a flowchart of a biometric payment method according to an embodiment of the present application. As shown in fig. 2, the biometric payment method may include steps S101 to S103.
In step S101, a biometric route payment request message is received.
The user can firstly send the biometric route payment request message to the order receiving device through the payment device, and then the order receiving device sends the biometric route payment request message to the gateway device. The biometric route payment request message received by the network device may include the first biometric payment group token and the first biometric data. Wherein the first biometric payment group token is used to characterize that an initiating user of the biometric routing payment request message has rights for biometric payment in the first group. The first biometric payment group token is a biometric payment group token. The biometric payment group token is used to characterize that the user has the right to biometric payment in the group. The biometric payment group token may indicate either the user with the right to biometric payment or the group to which the user has the right to biometric payment. The biometric payment group token has a uniqueness. For ease of description herein, the biometric payment group token contained in the biometric routing payment request message is referred to as a first biometric payment group token. The first group is a group. For ease of description herein, the group indicated by the first biometric payment group token is referred to as a first group.
The first biometric payment group token in the different biometric routing payment request messages may be different and is not limited herein. The users indicated by the different first biometric payment group tokens having the rights to biometric payment may be different and are not limited herein. The first group of users indicated by the different first biometric payment group tokens having the rights to biometric payment may be different and is not limited herein.
The group may be a group divided by the user, a group divided by a service provider that performs payment interaction with the user, or a group divided by the payment itself, which is not limited herein. For example, the group may be a group of service membership divisions, such as a supermarket membership division into one group and B supermarket membership division into another group. For another example, the group may be a business turn divided group, with payments occurring in business turn a divided into one group and payments occurring in business turn B divided into another group.
The first biometric data is biometric data of the user collected when the payment device initiates the biometric route payment request message. The biometric data may include, but is not limited to, facial feature data, fingerprint feature data, palm print feature data, iris feature data, and the like. The first biometric data included in the different biometric route payment request messages may be different and is not limited herein.
In step S102, a first group is determined according to the first biometric payment group token, so as to perform biometric identification by using the first biometric feature data and a biometric feature database corresponding to the first group, and obtain a biometric identification result.
A group, i.e., a first group, to which the user has the right to biometric payment may be determined from the first biometric payment group. In the biological recognition process, the first biological characteristic data and the biological characteristic database corresponding to the determined first group are utilized for biological recognition. The biometric identification is only performed within the first group, which reduces the scope of application of the biometric data and reduces the risk of misuse of the biometric data.
The biometric results are used to characterize the success or failure of the biometric. In some examples, the biometric identification may be done by the gateway device, i.e. the gateway generates the biometric identification result. In other examples, the biometric identification may be accomplished by the service server, i.e., the service server generates the biometric identification result. The gateway device may obtain the biometric result from the service server.
In step S103, the biometric result is transmitted to the payment device, so that the payment device initiates a payment procedure according to the biometric result.
Specifically, the gateway device may first send the biometric result to the acquiring device. The order receiving device then sends the biological identification result to the payment device. The payment device receives the biometric result and may initiate a payment procedure based on the biometric result. For example, in the event that the biometric identification result characterizes a successful biometric identification, the payment device may send a payment transaction request to the business server. And realizing the biometric payment through interaction between the payment equipment and the service server. The payment transaction request may include, but is not limited to, a user account, a payment password, a payment token, etc.
In an embodiment of the application, the gateway device receives a biometric route payment request message including a first biometric payment group token and first biometric data. And determining a first group according to the first biometric payment group token, and performing biometric identification by using the first biometric feature data and a biometric feature database corresponding to the first group to obtain a biometric identification result. The biometric result may be used by the payment device to initiate a payment procedure. Wherein the first biometric payment group token may characterize the user as having rights to biometric payment in the first group. And (3) reducing the application range of the biometric data of the user to the group by using the biometric payment group token, reducing the risk that the personal privacy data of the user is abused in a large range, and reducing the risk that the personal privacy data of the user is revealed, thereby improving the security of the biometric payment of the user.
Fig. 3 is a flowchart of a biometric payment method according to another embodiment of the present application. Fig. 3 is different from fig. 2 in that step S102 in fig. 2 can be specifically subdivided into step S1021 and step S1022 in fig. 3.
In step S1021, it is determined whether the first user identification has a binding relationship with the first biometric payment group token, based on the binding relationship of the pre-stored user identification with the biometric payment group token.
Wherein the biometric route payment request message may further comprise a first user identification. The first user identifier is a user identifier, which is used to identify a user, and may specifically be a user account number, a user card number, and the like, which is not limited herein. For ease of description herein, the user identification contained in the biometric route payment request message is referred to as the first user identification.
The gateway device may pre-store a binding relationship between the user identification and the biometric payment group token. The user may be authenticated by the binding of the user identification to the biometric payment group token. Specifically, if the corresponding relation between the first user identifier and the first biometric payment group token exists in the binding relation between the pre-stored user identifier and the biometric payment group token, the fact that the first user identifier and the first biometric payment group token have the binding relation is indicated, and the biometric route payment request message is effective. If the corresponding relation between the first user identification and the first biological identification payment group token does not exist in the binding relation between the pre-stored user identification and the biological identification payment group token, the fact that the first user identification and the first biological identification payment group token do not have the binding relation is indicated, and the biological identification route payment request message is invalid.
In step S1022, under the condition that the first user identifier and the first biometric payment group token are determined to have a binding relationship, determining the first group according to the first biometric payment group token, so as to perform biometric identification by using the first biometric feature data and a biometric feature database corresponding to the first group, and obtain a biometric identification result.
In the case where it is determined that the first user identification has a binding relationship with the first biometric payment group token, indicating that the biometric route payment request message is valid, the step of determining the first group to perform the biometric using the first biometric data and a biometric database corresponding to the first group may be performed.
In the case that the first user identifier and the first biometric payment group token are determined not to have binding relation, the biometric routing payment request message is invalid, and the step of determining the first group to perform biometric identification by utilizing the first biometric data and a biometric database corresponding to the first group is not needed.
Further, the biometric route payment request message may also include a first payment token. The first payment token is a payment token. The payment token is used for payment verification when the payment equipment and the service server carry out payment flow. For ease of description herein, the payment token contained in the biometric routing payment request message is referred to as a first payment token.
Correspondingly, in order to further ensure the security of personal privacy data of the user, the validity of the biometric route payment request message can be identified. In the above embodiment, on the basis of whether the first user identifier and the first biometric payment group token have a binding relationship, validity identification of the biometric routing payment request message may also be performed by combining whether the first user identifier and the first payment token have a binding relationship. The step S1022 may specifically include step S1022a and step S1022b.
In step S1022a, in the case that it is determined that the first user identifier has a binding relationship with the first biometric payment group token, it is determined whether the first user identifier has a binding relationship with the first payment token based on the pre-stored binding relationship between the user identifier and the payment token.
The gateway device also stores the binding relation between the user identification and the payment token in advance. Specifically, if the corresponding relation between the first user identifier and the first payment token exists in the pre-stored binding relation between the user identifier and the payment token, the first user identifier and the first payment token are indicated to have the binding relation, and the biometric route payment request message is effective. If the corresponding relation between the first user identifier and the first payment token does not exist in the prestored binding relation between the user identifier and the payment token, the fact that the first user identifier and the first payment token do not have the binding relation is indicated, and the biometric identification route payment request message is invalid.
In step S1022b, under the condition that the first user identifier and the first payment token have a binding relationship, the first group is determined according to the first biometric payment group token, so as to perform biometric identification by using the first biometric feature data and the biometric feature database corresponding to the first group, and obtain a biometric identification result.
In the case where it is determined that the first user identification has a binding relationship with the first payment token, indicating that the biometric route payment request message is valid, the step of determining the first group to biometric using the first biometric data and a biometric database corresponding to the first group may be performed.
In the case that the first user identification and the first payment token are determined not to have binding relation, the biometric route payment request message is invalid, and the step of determining the first group to perform biometric identification by utilizing the first biometric data and a biometric database corresponding to the first group is not needed.
In the above embodiment, the binding relationship may exist among the biometric payment group token, the biometric data, the user identifier and the payment token of the same user, and the binding relationship among the biometric payment group token, the biometric data, the user identifier and the payment token may be used to comprehensively identify the validity of the biometric routing payment request message, which is not illustrated herein.
Fig. 4 is a flowchart of a biometric payment method according to another embodiment of the present application. Fig. 4 differs from fig. 2 in that in the case where the biometric database is stored in the gateway device, step S102 in fig. 2 can be specifically thinned into step S1023 and step S1024 in fig. 3; in the case of storing the biometric database in the service server, step S102 in fig. 2 can be specifically subdivided into step S1025 and step S1026 in fig. 3.
In step S1023, a first group is determined from the first biometric payment group token.
The first biometric payment group token may indicate a first group. In some examples, at least a portion of the first biometric payment group token can indicate the first group. For example, the first biometric payment group token may be implemented as a string, a portion of which may be a group identification, which may indicate the first group.
In step S1024, the first biometric data is matched with the biometric data in the biometric database corresponding to the first group, so as to obtain a biometric result.
The gateway device may store at least one biometric database. Each biometric database corresponds to a group. When the biological identification is carried out, the first biological characteristic data is not required to be matched with the biological characteristic data in each biological characteristic database, and the biological characteristic data in the biological characteristic database corresponding to the first group is only required to be matched with the first biological characteristic data.
For example, 6 biometric databases are stored in the gateway device, and the 6 biometric databases correspond to group A1, group A2, group A3, group A4, group A5, and group A6, respectively. In the case that the first group determined according to the first biometric payment group token is the group A3, the first biometric data is utilized to match the biometric data in the biometric database corresponding to the group A3.
In step S1025, a first group is determined from the first biometric payment group token, and the first biometric data and the group identification of the first group are sent to the service server.
The service server stores at least one biometric database, each biometric database corresponding to a group. The service server receives the group identification of the first group and may determine a biometric database corresponding to the first group using the group identification of the first group. When the service server carries out biological recognition, the first biological characteristic data is not required to be matched with the biological characteristic data in each biological characteristic database, and only the biological characteristic data in the biological characteristic database corresponding to the first group is required to be matched with the first biological characteristic data.
In step S1026, a biometric result is received.
The service server matches the first biological characteristic data with the biological characteristic data in the biological characteristic database corresponding to the first group to obtain the biological identification result. The service server sends the biological recognition result to the gateway equipment, and the gateway equipment can determine whether the biological recognition is successful or failed according to the received biological recognition result.
The service server may belong to an acquirer. Because the service server can provide the service provider such as merchant with the functions of payment terminal management, payment initiation, fund settlement, etc., the service server can divide the group more accurately, thereby storing the biological characteristic database corresponding to the accurately divided group, and improving the accuracy of the division and management of the biological characteristic database. Moreover, the service server is closely related to a service provider such as a merchant and the like, so that the management and updating of the biological characteristic database are easier, and the running efficiency of the biological characteristic database is higher.
In the above embodiment, the biometric databases are stored in a database of a large number of users in one-to-one correspondence with the groups. In the process of biological identification, a specific biological characteristic database can be quickly positioned according to the group of the user, so that the data bearing capacity of gateway equipment or a service server is relieved, and the response speed of biological identification payment is also improved.
The application of the biometric payment method in a biometric payment system will be described below with an example. Fig. 5 is a flowchart of a biometric payment method in a biometric payment system according to an embodiment of the present application. As shown in fig. 5, the biometric payment method in the biometric payment system may specifically include steps S201 to S210.
In step S201, the payment device transmits a biometric route payment request message to the acquirer device.
In step S202, the order receiving device transmits a biometric route payment request message to the gateway device.
In step S203, the gateway device verifies the validity of the biometric route payment request message.
In step S204, in the case where the biometric route payment request message is valid, the gateway device performs biometric identification using the first biometric feature and the biometric feature corresponding to the first group, to obtain a biometric identification result.
In step S205, the gateway device transmits the biometric result to the order receiving device.
In step S206, the order receiving device transmits the biometric result to the payment device.
In step S207, in the case where the biometric identification result characterizes the biometric identification success, the payment device transmits a payment transaction request message to the acquirer device.
The payment transaction request message may include a payment token, a payment password, a user identification, etc., without limitation.
In step S208, the order receiving device transmits a payment transaction request message to the service server.
In step S209, the service server generates a payment transaction response message and transmits the payment transaction response message to the order receiving device.
The payment transaction response message is used for representing whether the biometric payment is successful or not.
In step S210, the order receiving apparatus transmits a payment transaction response message to the payment terminal.
In some examples, the service server may specifically include a server in a clearing system and a server in a card issuing service system, which are not limited herein.
Fig. 6 is a flowchart of a biometric payment method according to still another embodiment of the present application. Fig. 6 is different from fig. 2 in that the biometric payment method shown in fig. 6 may further include steps S104 to S107.
In step S104, a biometric group payment activation request message is received.
Wherein the biometric group payment activation request message includes the second user identification and the group information. The group information is used to characterize the second group. The second user identification is a user identification. For convenience of description herein, the user identification contained in the biometric group payment activation request message is referred to as a second user identification. The second group is a group. For convenience of description herein, the group characterized by the group information in the biometric group payment-opening request message is referred to as a second group.
The second user identification in the different biometric group payment initiation request message may be different and is not limited herein. The group information in the different biometric group payment activation request messages may be different and the second group characterized by the group information in the different biometric group payment activation request messages may be different, without limitation.
In step S105, a second biometric payment group token is generated based on the second user identification and the group information.
The second biometric payment group token is used to characterize that the initiating user of the biometric group payment initiation request message has the right to biometric payment in the second group. That is, the second biometric payment group token may indicate both the user with the right to biometric payment and the second group to which the user has the right to biometric payment. The second biometric payment group token is a biometric payment group token. For convenience of description herein, the biometric payment group token generated after receiving the biometric group payment-opening request message is referred to as a second biometric payment group token. The second, different biometric payment group token may indicate the user, and the second group indicated may be different.
In some examples, the second user identification and the group information may be processed to generate a second biometric payment group token. The processing of the second user identifier and the group information may specifically be a combining, labeling, encrypting, or other processing means, and is not limited herein.
In step S106, a binding relationship of the second user identification and the second biometric payment group token is stored.
In case it is determined that the right to the biometric payment in the second group is opened for the originating user of the biometric group payment opening request message, a binding relationship of the second user identification and the second biometric payment group token is stored in the gateway device. In the process of performing the biometric payment by the user identified by the second user identifier, the binding relationship between the second user identifier and the second biometric payment group token can be stored in the gateway device to verify whether the biometric routing payment request message initiated by the user is valid.
In step S107, a face payment group activation response message is transmitted to the payment device.
Specifically, the gateway device may first send a face payment group activation response message to the acquiring device. And the order receiving system sends a face payment group opening response message to the payment equipment.
Wherein the face payment group activation response message includes a second biometric payment group token. The gateway device transmits a biometric payment group token generated for a user initiating the biometric payment opening request message, namely a second biometric payment group token, to the payment device through the face payment group opening response message. The payment device may provide the second biometric payment group token to the gateway device in a subsequent process to effect the biometric payment.
In some examples, the gateway device may also send an authentication request message to the service server after receiving the biometric group payment activation request message. The authentication request message includes a second user identification. And the service server receives the second user identifier, performs identity verification on the user corresponding to the second user identifier, generates an identity verification response message and sends the identity verification response message to the gateway equipment. The gateway device receives the authentication reply message from the service server. The authentication response message is used to characterize whether the authentication of the second user identification was successful.
The steps S105 to S107 are executed only when the authentication response message indicates that the authentication of the second user id is successful, so as to further ensure personal privacy security of the user.
In some examples, the biometric group payment activation request message may further include second biometric data. The second biometric data is biometric data. For convenience of description herein, the biometric data included in the biometric group payment-opening request message is referred to as second biometric data. The second biometric data is collected prior to initiating the biometric group payment initiation request message. The gateway device may store the second biometric data in a biometric database corresponding to the second group for use in a subsequent biometric payment process.
In some examples, the group information in the above embodiments may include a group identification of the second group and/or acquisition channel information of the second biometric data. Different acquisition channels for acquiring the second biometric data may correspond to different groups, and thus the corresponding second group may be determined from the acquisition channel information of the second biometric data. For example, city C has business circles A1, A2, and A3. The acquisition channel information representation acquires second biological characteristic data in the business district A1, and a second group corresponding to the acquisition channel information is a group corresponding to the business district A1. The acquisition channel information represents that second biological characteristic data are acquired in the business district A2, and a second group corresponding to the acquisition channel information is the group corresponding to the business district A2. The acquisition channel information characterizes that the second biological characteristic data is acquired in the business district A3, and a second group corresponding to the acquisition channel information is a group corresponding to the business district A3.
In some examples, upon receiving the biometric group payment activation request message, the gateway device may also generate a second payment token based on the second user identification. The face payment group activation response message may also include a second payment token. The second payment token is a payment token. For convenience of description herein, a payment token generated according to the second user identification after receiving the biometric group payment activation request message will be referred to as a second payment token. The gateway device may store a binding relationship of the second user identification with the second payment token to determine validity of the biometric routing payment request message of the user using the binding relationship of the second user identification with the second payment token during a subsequent biometric payment.
In the above embodiment, the service server and the gateway device may further synchronize at least part of the biometric payment information with each other. For example, the biometric payment information may include, but is not limited to, at least part of a user cell phone number, biometric data cryptogram, biometric routing index, service entity code, payment card number, and the like.
In some examples, the data in the gateway device, the payment device, the order receiving device and the service server can be independently stored in an encrypted mode, and modification of the data, namely, the data modification operation, is prohibited to be invalid, so that the controllability, the safety, the stability and the reliability of the private data of the user are further improved.
The application also provides a biometric payment device. Fig. 7 is a schematic structural diagram of a biometric payment device according to an embodiment of the present application. As shown in fig. 7, the biometric payment device 300 may include a receiving module 301, a processing module 302, and a transmitting module 303.
The receiving module 301 is configured to receive a biometric routing payment request message, where the biometric routing payment request message includes a first biometric payment group token and first biometric data.
Wherein the first biometric payment group token is used to characterize that an initiating user of the biometric routing payment request message has rights for biometric payment in the first group.
The processing module 302 is configured to determine the first group according to the first biometric payment group token, so as to perform biometric identification by using the first biometric feature data and a biometric feature database corresponding to the first group, and obtain a biometric identification result.
And the sending module 303 is configured to send the biometric identification result to a payment device, so that the payment device initiates a payment procedure according to the biometric identification result.
In an embodiment of the application, a biometric payment device receives a biometric routing payment request message including a first biometric payment group token and first biometric data. And determining a first group according to the first biometric payment group token, and performing biometric identification by using the first biometric feature data and a biometric feature database corresponding to the first group to obtain a biometric identification result. The biometric result may be used by the payment device to initiate a payment procedure. Wherein the first biometric payment group token may characterize the user as having rights to biometric payment in the first group. And (3) reducing the application range of the biometric data of the user to the group by using the biometric payment group token, reducing the risk that the personal privacy data of the user is abused in a large range, and reducing the risk that the personal privacy data of the user is revealed, thereby improving the security of the biometric payment of the user.
In some examples, the biometric route payment request message may further include a first user identification. Correspondingly, the processing module 302 may be specifically configured to: determining whether the first user identification and the first biometric payment group token have a binding relationship based on a binding relationship between a pre-stored user identification and the biometric payment group token, wherein the biometric payment group token is used for representing that the user has the right of biometric payment in the group; under the condition that the first user identification and the first biometric payment group token are determined to have a binding relation, determining a first group according to the first biometric payment group token, and performing biometric identification by utilizing the first biometric feature data and a biometric feature database corresponding to the first group to obtain a biometric identification result.
In some examples, the biometric route payment request message may further include a first payment token. Correspondingly, the processing module 302 may be specifically configured to: under the condition that the first user identifier and the first biological identification payment group token are determined to have a binding relationship, determining whether the first user identifier and the first payment token have a binding relationship or not based on the pre-stored binding relationship between the user identifier and the payment token; under the condition that the first user identification and the first payment token are determined to have a binding relation, determining a first group according to the first biometric identification payment group token, and performing biometric identification by utilizing the first biometric feature data and a biometric feature database corresponding to the first group to obtain a biometric identification result.
In some examples, the biometric payment device stores at least one biometric database. Each biometric database corresponds to a group.
The processing module 302 may be specifically configured to: determining a first group from the first biometric payment group token; and matching the first biological characteristic data with the biological characteristic data in the biological characteristic database corresponding to the first group to obtain a biological identification result.
In another example, the business server stores at least one biometric database. Each biometric database corresponds to a group.
The processing module 302 may be specifically configured to determine the first group based on the first biometric payment group token.
The sending module 303 may be further configured to send the first biometric data and the group identification of the first group to the service server.
The receiving module 301 may also be configured to receive a biometric result.
The service server matches the first biological characteristic data with the biological characteristic data in the biological characteristic database corresponding to the first group to obtain the biological identification result.
Fig. 8 is a schematic structural diagram of a biometric payment device according to another embodiment of the present application. Fig. 8 differs from fig. 7 in that the biometric payment device 300 shown in fig. 8 may further include a group token generation module 304, a storage module 305, and a payment token generation module 306.
The receiving module 301 may be further configured to receive a biometric group payment activation request message.
Wherein the biometric group payment activation request message includes the second user identification and the group information. The group information is used to characterize the second group.
The group token generation module 304 may be configured to generate a second biometric payment group token based on the second user identification and the group information.
Wherein the second biometric payment group token is used to characterize that the initiating user of the biometric group payment initiation request message has the right to biometric payment in the second group.
The storage module 305 may be configured to store a binding relationship of the second user identification with the second biometric payment group token.
The sending module 303 may be further configured to send a face payment group activation response message to the payment device. The face payment group activation response message includes a second biometric payment group token.
In some examples, the sending module 303 is further configured to send an authentication request message to a service server.
Wherein the authentication request message comprises the second user identification.
The above-described receiving module 301 may also be used to receive authentication response messages from the service server.
Wherein the authentication response message is used to characterize whether authentication of the second user identification is successful.
The group token generation module 304 may be specifically configured to generate a second biometric payment group token according to the second user identifier and the group information in case that the authentication response message characterizes that the authentication of the second user identifier is successful.
In some examples, the biometric group payment activation request message further includes second biometric data. The storage module 305 may be further configured to store the second biometric data in a biometric database corresponding to the second group.
The group information in the above-described embodiments may include a group identification of the second group and/or acquisition channel information of the second biometric data.
The payment token generation module 306 may be configured to generate a second payment token based on the second user identification.
The storage module 305 may be further configured to store a binding relationship between the second user identifier and the second payment token.
The face payment group opening response message further comprises the second payment token.
The application also provides gateway equipment. Fig. 9 is a schematic hardware structure of a gateway device according to an embodiment of the present application. As shown in fig. 9, the gateway device 400 includes a memory 401, a processor 402, and a computer program stored on the memory 401 and executable on the processor 402.
In one example, the processor 402 described above may include a Central Processing Unit (CPU), or an Application Specific Integrated Circuit (ASIC), or may be configured to implement one or more integrated circuits of embodiments of the present application.
Memory 401 may include mass storage for data or instructions. By way of example, and not limitation, memory 401 may comprise an HDD, floppy disk drive, flash memory, optical disk, magneto-optical disk, magnetic tape, or Universal Serial Bus (USB) drive, or a combination of two or more of these. Memory 401 may include removable or non-removable (or fixed) media where appropriate. Memory 401 may be internal or external to gateway device 400 at a terminal hotspot, where appropriate. In a particular embodiment, the memory 401 is a non-volatile solid state memory. In a particular embodiment, the memory 401 includes Read Only Memory (ROM). The ROM may be mask programmed ROM, programmable ROM (PROM), erasable PROM (EPROM), electrically Erasable PROM (EEPROM), electrically rewritable ROM (EAROM), or flash memory, or a combination of two or more of these, where appropriate.
The processor 402 runs a computer program corresponding to the executable program code by reading the executable program code stored in the memory 401 for realizing the biometric payment method in the above-described embodiment.
In one example, gateway device 400 may also include a communication interface 403 and a bus 404. As shown in fig. 9, the memory 401, the processor 402, and the communication interface 403 are connected to each other by a bus 404 and perform communication with each other.
The communication interface 403 is mainly used to implement communication between each module, device, unit and/or apparatus in the embodiments of the present application. Input devices and/or output devices may also be accessed through communication interface 403.
Bus 404 includes hardware, software, or both, coupling the components of gateway device 400 to one another. By way of example, and not limitation, bus 404 may include an Accelerated Graphics Port (AGP) or other graphics bus, an Enhanced Industry Standard Architecture (EISA) bus, a Front Side Bus (FSB), a HyperTransport (HT) interconnect, an Industry Standard Architecture (ISA) bus, an infiniband interconnect, a Low Pin Count (LPC) bus, a memory bus, a micro channel architecture (MCa) bus, a Peripheral Component Interconnect (PCI) bus, a PCI-Express (PCI-X) bus, a Serial Advanced Technology Attachment (SATA) bus, a video electronics standards association local (VLB) bus, or other suitable bus, or a combination of two or more of the above. Bus 404 may include one or more buses, where appropriate. Although embodiments of the present application describe and illustrate a particular bus, the present application contemplates any suitable bus or interconnect.
An embodiment of the present application further provides a computer readable storage medium, where a computer program is stored, where the computer program may be executed by a processor to implement the biometric payment method applied to a gateway device in the foregoing embodiment.
It should be understood that, in the present specification, each embodiment is described in an incremental manner, and the same or similar parts between the embodiments are all referred to each other, and each embodiment is mainly described in a different point from other embodiments. For apparatus embodiments, gateway device embodiments, and computer-readable storage medium embodiments, the relevant points may be found in the description of method embodiments. The present application is not limited to the specific steps and structures described above and shown in the drawings. Those skilled in the art may, after appreciating the spirit of the present application, make various changes, modifications and additions, or change the order between steps. Also, a detailed description of known method techniques is omitted here for the sake of brevity.
Those skilled in the art will appreciate that the above-described embodiments are exemplary and not limiting. The different technical features presented in the different embodiments may be combined to advantage. Other variations to the disclosed embodiments can be understood and effected by those skilled in the art in view of the drawings, the description, and the claims. In the claims, the term "comprising" does not exclude other means or steps; the nouns are not preceded by an adjective, and the number of the nouns can be one or more; the terms "first," "second," and the like, are used for designating a name and not for indicating any particular order. Any reference signs in the claims shall not be construed as limiting the scope. The functions of the various elements presented in the claims may be implemented by means of a single hardware or software module. The presence of certain features in different dependent claims does not imply that these features cannot be combined to advantage.

Claims (11)

1. A biometric payment method, for use with a gateway device, the method comprising:
receiving a biometric route payment request message, wherein the biometric route payment request message comprises a first biometric payment group token and first biometric feature data, the first biometric payment group token is used for representing that an initiating user of the biometric route payment request message has the right of biometric payment in a first group, the first biometric payment group token has uniqueness, and the groups are divided according to service members or business circles;
determining the first group according to the first biometric payment group token, so as to perform biometric identification by utilizing the first biometric feature data and a biometric feature database corresponding to the first group, and obtaining a biometric identification result;
transmitting the biological recognition result to a payment device so that the payment device initiates a payment process according to the biological recognition result;
the determining the first group according to the first biometric payment group token to perform biometric identification by using the first biometric feature data and a biometric feature database corresponding to the first group, so as to obtain a biometric identification result, including:
Determining the first group according to the first biometric payment group token, and sending the first biometric data and the group identification of the first group to a service server, wherein the service server belongs to a bill receiving mechanism and stores at least one biometric database, and each biometric database corresponds to one group;
receiving the biological recognition result, wherein the biological recognition result is obtained by matching the first biological characteristic data with the biological characteristic data in the biological characteristic database corresponding to the first group by the service server;
the biometric route payment request message further includes a first user identification;
determining the first group according to the first biometric payment group token, performing biometric identification by using the first biometric feature data and a biometric feature database corresponding to the first group, and obtaining a biometric identification result, including:
determining whether the first user identifier and the first biometric payment group token have a binding relationship or not based on a binding relationship between a pre-stored user identifier and the biometric payment group token, wherein the biometric payment group token is used for representing that a user has the right of biometric payment in a group;
And under the condition that the first user identification and the first biometric payment group token are determined to have a binding relationship, determining the first group according to the first biometric payment group token, and performing biometric identification by utilizing the first biometric feature data and a biometric feature database corresponding to the first group to obtain a biometric identification result.
2. The method of claim 1, wherein the biometric route payment request message further comprises a first payment token;
determining the first group according to the first biometric payment group token, performing biometric identification by using the first biometric feature data and a biometric feature database corresponding to the first group, and obtaining a biometric identification result, including:
determining whether the first user identification and the first payment token have a binding relationship or not based on a binding relationship between a pre-stored user identification and the payment token;
and under the condition that the first user identification and the first payment token are determined to have a binding relation, determining the first group according to the first biometric identification payment group token so as to perform biometric identification by utilizing the first biometric characteristic data and a biometric characteristic database corresponding to the first group, and obtaining a biometric identification result.
3. The method of claim 1, wherein the gateway device stores at least one biometric database, each of the biometric databases corresponding to a group;
the determining the first group according to the first biometric payment group token to perform biometric identification by using the first biometric feature data and a biometric feature database corresponding to the first group, to obtain a biometric identification result, including:
determining the first group from the first biometric payment group token;
and matching the first biological characteristic data with the biological characteristic data in the biological characteristic database corresponding to the first group to obtain a biological identification result.
4. The method as recited in claim 1, further comprising:
receiving a biometric group payment opening request message, wherein the biometric group payment opening request message comprises a second user identifier and group information, and the group information is used for representing a second group;
generating a second biometric payment group token according to the second user identifier and the group information, wherein the second biometric payment group token is used for representing that an initiating user of the biometric group payment opening request message has the right of biometric payment in the second group;
Storing a binding relationship of the second user identification and the second biometric payment group token;
and sending a face payment group opening response message to the payment equipment, wherein the face payment group opening response message comprises the second biometric payment group token.
5. The method of claim 4, further comprising, after said receiving a biometric group payment activation request message:
sending an identity verification request message to a service server, wherein the identity verification request message comprises a second user identifier;
receiving an authentication response message from the service server, wherein the authentication response message is used for representing whether the authentication of the second user identifier is successful or not;
wherein the generating a second biometric payment group token according to the second user identification and the group information comprises:
and under the condition that the authentication response message represents that the authentication of the second user identifier is successful, generating a second biometric payment group token according to the second user identifier and the group information.
6. The method of claim 4, wherein the biometric group payment activation request message further includes second biometric data;
The method further comprises the steps of:
and storing the second biological characteristic data into a biological characteristic database corresponding to the second group.
7. The method of claim 6, wherein the step of providing the first layer comprises,
the group information includes a group identification of a second group and/or acquisition channel information of the second biometric data.
8. The method of claim 4, further comprising, after said receiving a biometric group payment activation request message:
generating a second payment token according to the second user identifier;
storing a binding relationship between the second user identification and the second payment token;
the face payment group opening response message further comprises the second payment token.
9. A biometric payment device, comprising:
a receiving module, configured to receive a biometric route payment request message, where the biometric route payment request message includes a first biometric payment group token and first biometric data, where the first biometric payment group token is used to characterize that an initiating user of the biometric route payment request message has a right of biometric payment in a first group, where the first biometric payment group token has uniqueness, and where groups are divided by service members or business circles;
The processing module is used for determining the first group according to the first biometric payment group token so as to perform biometric identification by utilizing the first biometric feature data and a biometric feature database corresponding to the first group to obtain a biometric identification result;
the sending module is used for sending the biological recognition result to the payment equipment so that the payment equipment initiates a payment flow according to the biological recognition result;
wherein the service server belongs to a bill receiving mechanism and stores at least one biological characteristic database, each biological characteristic database corresponds to a group,
the processing module is used for: determining the first group from the first biometric payment group token;
the sending module is further configured to: transmitting the first biometric data and the group identification of the first group to the service server;
the receiving module is further configured to: receiving the biological recognition result, wherein the biological recognition result is obtained by matching the first biological characteristic data with the biological characteristic data in the biological characteristic database corresponding to the first group by the service server;
the biometric routing payment request message further includes a first user identifier, and the processing module is specifically configured to:
Determining whether the first user identifier and the first biometric payment group token have a binding relationship or not based on a binding relationship between a pre-stored user identifier and the biometric payment group token, wherein the biometric payment group token is used for representing that a user has the right of biometric payment in a group;
and under the condition that the first user identification and the first biometric payment group token are determined to have a binding relationship, determining the first group according to the first biometric payment group token, and performing biometric identification by utilizing the first biometric feature data and a biometric feature database corresponding to the first group to obtain a biometric identification result.
10. A gateway device comprising a processor, a memory and a computer program stored on the memory and executable on the processor, which when executed by the processor implements a biometric payment method as claimed in any one of claims 1 to 8.
11. A computer readable storage medium, characterized in that the computer readable storage medium has stored thereon a computer program which, when executed by a processor, implements a biometric payment method according to any of claims 1 to 8.
CN202010259375.5A 2020-04-03 2020-04-03 Biometric payment method, device, gateway equipment and storage medium Active CN111539732B (en)

Priority Applications (2)

Application Number Priority Date Filing Date Title
CN202010259375.5A CN111539732B (en) 2020-04-03 2020-04-03 Biometric payment method, device, gateway equipment and storage medium
PCT/CN2021/075657 WO2021196892A1 (en) 2020-04-03 2021-02-05 Biometric identification payment method and apparatus, gateway device and storage medium

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
CN202010259375.5A CN111539732B (en) 2020-04-03 2020-04-03 Biometric payment method, device, gateway equipment and storage medium

Publications (2)

Publication Number Publication Date
CN111539732A CN111539732A (en) 2020-08-14
CN111539732B true CN111539732B (en) 2024-02-27

Family

ID=71978563

Family Applications (1)

Application Number Title Priority Date Filing Date
CN202010259375.5A Active CN111539732B (en) 2020-04-03 2020-04-03 Biometric payment method, device, gateway equipment and storage medium

Country Status (2)

Country Link
CN (1) CN111539732B (en)
WO (1) WO2021196892A1 (en)

Families Citing this family (2)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN111539732B (en) * 2020-04-03 2024-02-27 中国银联股份有限公司 Biometric payment method, device, gateway equipment and storage medium
CN112036894B (en) * 2020-09-01 2023-08-18 中国银行股份有限公司 Method and system for identity confirmation by utilizing iris characteristics and action characteristics

Citations (3)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN105930765A (en) * 2016-02-29 2016-09-07 中国银联股份有限公司 Payment method and device
CN110457882A (en) * 2019-07-18 2019-11-15 阿里巴巴集团控股有限公司 A kind of identification pretreatment, personal identification method and system
CN110688974A (en) * 2019-09-30 2020-01-14 支付宝(杭州)信息技术有限公司 Identity recognition method and device

Family Cites Families (3)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
WO2019162957A1 (en) * 2018-08-20 2019-08-29 Lad Denikumar Biometric payment transaction without mobile or card
US20200058032A1 (en) * 2018-08-20 2020-02-20 Denikumar Dalpatbhai Lad Biometric Payment Transaction Without Mobile or Card
CN111539732B (en) * 2020-04-03 2024-02-27 中国银联股份有限公司 Biometric payment method, device, gateway equipment and storage medium

Patent Citations (3)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN105930765A (en) * 2016-02-29 2016-09-07 中国银联股份有限公司 Payment method and device
CN110457882A (en) * 2019-07-18 2019-11-15 阿里巴巴集团控股有限公司 A kind of identification pretreatment, personal identification method and system
CN110688974A (en) * 2019-09-30 2020-01-14 支付宝(杭州)信息技术有限公司 Identity recognition method and device

Also Published As

Publication number Publication date
CN111539732A (en) 2020-08-14
WO2021196892A1 (en) 2021-10-07

Similar Documents

Publication Publication Date Title
CN110692214B (en) Method and system for ownership verification using blockchain
KR102052036B1 (en) Method for obtaining data through searching and merging distributed data stored using blockchain
RU2711464C2 (en) Multiple-device transaction verification
US9864983B2 (en) Payment method, payment server performing the same and payment system performing the same
EP3374953B1 (en) Server based biometric authentication
US11646891B2 (en) Compact recordation protocol
KR102477453B1 (en) Transaction messaging
CN106464673B (en) Enhanced security for authenticating device registration
KR101111381B1 (en) User identification system, apparatus, smart card and method for ubiquitous identity management
EP2819050B1 (en) Electronic signature system for an electronic document using a third-party authentication circuit
US20130246281A1 (en) Service providing system and unit device
CN112805737A (en) Techniques for token proximity transactions
CN113015992B (en) Cloud token provisioning of multiple tokens
CN113196704B (en) Techniques for securely performing offline authentication
CN111539732B (en) Biometric payment method, device, gateway equipment and storage medium
US20210211292A1 (en) System for performing service by using biometric information, and control method therefor
CN111435914A (en) Authentication with an offline device
CN112084527A (en) Data storage and acquisition method, device, equipment and medium
CN114463012A (en) Authentication method, payment method, device and equipment
CN111937023B (en) Security authentication system and method
KR101879842B1 (en) User authentication method and system using one time password
KR20210017308A (en) Method for providing secondary authentication service using device registration and distributed storage of data
US20230410098A1 (en) Authentication method secured by structural decoupling of personal and service identifiers
EP3757830A1 (en) System for performing service by using biometric information, and control method therefor
KR20210017969A (en) Data management method through distributed storage of data between user and blockchain

Legal Events

Date Code Title Description
PB01 Publication
PB01 Publication
SE01 Entry into force of request for substantive examination
SE01 Entry into force of request for substantive examination
GR01 Patent grant
GR01 Patent grant