CN111626738A - Method, electronic device and storage medium for code scanning security - Google Patents
Method, electronic device and storage medium for code scanning security Download PDFInfo
- Publication number
- CN111626738A CN111626738A CN202010742048.5A CN202010742048A CN111626738A CN 111626738 A CN111626738 A CN 111626738A CN 202010742048 A CN202010742048 A CN 202010742048A CN 111626738 A CN111626738 A CN 111626738A
- Authority
- CN
- China
- Prior art keywords
- code
- user
- identification
- information
- code information
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Granted
Links
- 238000000034 method Methods 0.000 title claims abstract description 59
- 238000004891 communication Methods 0.000 claims abstract description 158
- 230000010365 information processing Effects 0.000 abstract description 3
- 230000008447 perception Effects 0.000 abstract description 3
- 230000000644 propagated effect Effects 0.000 abstract description 2
- 238000010586 diagram Methods 0.000 description 22
- 238000004590 computer program Methods 0.000 description 11
- 230000006870 function Effects 0.000 description 8
- 230000008569 process Effects 0.000 description 8
- 230000005540 biological transmission Effects 0.000 description 4
- 230000003287 optical effect Effects 0.000 description 3
- 230000008901 benefit Effects 0.000 description 2
- 239000000835 fiber Substances 0.000 description 2
- 230000003993 interaction Effects 0.000 description 2
- 238000012986 modification Methods 0.000 description 2
- 230000004048 modification Effects 0.000 description 2
- 230000001902 propagating effect Effects 0.000 description 2
- RYGMFSIKBFXOCR-UHFFFAOYSA-N Copper Chemical compound [Cu] RYGMFSIKBFXOCR-UHFFFAOYSA-N 0.000 description 1
- 238000004458 analytical method Methods 0.000 description 1
- 238000003491 array Methods 0.000 description 1
- 238000010276 construction Methods 0.000 description 1
- 229910052802 copper Inorganic materials 0.000 description 1
- 239000010949 copper Substances 0.000 description 1
- 238000004519 manufacturing process Methods 0.000 description 1
- 230000004044 response Effects 0.000 description 1
- 239000004065 semiconductor Substances 0.000 description 1
- 230000003068 static effect Effects 0.000 description 1
Images
Classifications
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06Q—INFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES, NOT OTHERWISE PROVIDED FOR
- G06Q20/00—Payment architectures, schemes or protocols
- G06Q20/38—Payment protocols; Details thereof
- G06Q20/382—Payment protocols; Details thereof insuring higher security of transaction
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06Q—INFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES, NOT OTHERWISE PROVIDED FOR
- G06Q20/00—Payment architectures, schemes or protocols
- G06Q20/30—Payment architectures, schemes or protocols characterised by the use of specific devices or networks
- G06Q20/32—Payment architectures, schemes or protocols characterised by the use of specific devices or networks using wireless devices
- G06Q20/327—Short range or proximity payments by means of M-devices
- G06Q20/3274—Short range or proximity payments by means of M-devices using a pictured code, e.g. barcode or QR-code, being displayed on the M-device
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/04—Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks
- H04L63/0428—Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks wherein the data content is protected, e.g. by encrypting or encapsulating the payload
Landscapes
- Engineering & Computer Science (AREA)
- Business, Economics & Management (AREA)
- Computer Security & Cryptography (AREA)
- Accounting & Taxation (AREA)
- General Business, Economics & Management (AREA)
- Computer Networks & Wireless Communication (AREA)
- Strategic Management (AREA)
- Physics & Mathematics (AREA)
- General Physics & Mathematics (AREA)
- Theoretical Computer Science (AREA)
- Signal Processing (AREA)
- General Engineering & Computer Science (AREA)
- Computing Systems (AREA)
- Finance (AREA)
- Computer Hardware Design (AREA)
- Telephonic Communication Services (AREA)
Abstract
Embodiments of the present disclosure relate to methods, electronic devices, and computer storage media for code scanning security, and relate to the field of information processing. According to the method, at a code scanning device, first code information is acquired from a first code displayed by a user device via scanning; sending first code information to a service server; receiving a communication room identification from a service server; generating encryption information based on the current time and the first code information; sending, to a communication server, encrypted information destined for a communication room associated with a communication room identification; acquiring second code information from a second code displayed by the user equipment through scanning within a first preset time interval after the first code information is acquired; and confirming that the first code information is valid if it is determined that the second code information is identical to the encryption information. From this, can sweep the sign indicating number through the secondary that the user does not have the perception and stop the risk that the sign indicating number was propagated by the screenshot, guarantee user experience simultaneously.
Description
Technical Field
Embodiments of the present disclosure relate generally to the field of information processing, and more particularly, to a method, electronic device, and computer storage medium for code scanning security.
Background
In an online pay-through transaction scenario, a user presents a code such as a two-dimensional code through a user device, and a store clerk scans the code through a code scanning device to acquire user identification and rights identification. The transaction mode runs through the business process, so the use safety of the code is very important. However, in the actual process, the code presented by the user is easily stolen by people screen capturing, and economic losses are caused to the user and enterprises.
Disclosure of Invention
The method, the electronic equipment and the computer storage medium for code scanning safety are provided, the risk that codes are transmitted by screen capture can be avoided through secondary code scanning without perception of a user, and meanwhile user experience is guaranteed.
According to a first aspect of the present disclosure, a method for code scanning security is provided. The method comprises the following steps: at a code scanning device, obtaining first code information via scanning a first code displayed from a user device; sending first code information to a service server; receiving a communication room identification from a service server; generating encryption information based on the current time and the first code information; sending, to a communication server, encrypted information destined for a communication room associated with a communication room identification; acquiring second code information from a second code displayed by the user equipment through scanning within a first preset time interval after the first code information is acquired; and confirming that the first code information is valid if it is determined that the second code information is identical to the encryption information.
According to a second aspect of the present disclosure, an electronic device is provided. The electronic device includes: at least one processor, and a memory communicatively connected to the at least one processor, wherein the memory stores instructions executable by the at least one processor, the instructions being executable by the at least one processor to enable the at least one processor to perform the method according to the first aspect.
In a third aspect of the present disclosure, a computer-readable storage medium is provided, on which a computer program is stored which, when executed by a processor, implements a method according to the first aspect of the present disclosure.
According to a fourth aspect of the present disclosure, a method for code scanning security is provided. The method comprises the following steps: at the user equipment, acquiring a user identification associated with the user equipment and a rights identification associated with the user identification; sending a request for creating a communication room to a communication server, the request comprising a user identification and a rights identification; receiving a communication room identification from the communication server, the communication room identification being created based on the user identification and the rights identification; displaying the first code; receiving, from the communication server, encrypted information from the code-scanning device within a communication room associated with the communication room identification, the encrypted information generated based on the first code and a time at which the code-scanning device scanned the first code; and generating and displaying a second code based on the encryption information.
According to a fifth aspect of the present disclosure, an electronic device is provided. The electronic device includes: at least one processor, and a memory communicatively coupled to the at least one processor, wherein the memory stores instructions executable by the at least one processor, the instructions being executable by the at least one processor to enable the at least one processor to perform the method according to the fourth aspect.
In a sixth aspect of the present disclosure, a computer-readable storage medium is provided, on which a computer program is stored, which program, when executed by a processor, implements a method according to the fourth aspect of the present disclosure.
According to a seventh aspect of the present disclosure, a method for code scanning security is provided. The method comprises the following steps: receiving a request from a user device to create a code, the request including a user identification associated with the user device, a rights identification associated with the user identification, and a location of the user device; generating a random character string; generating associations between the random character strings and the user identifiers, the rights and interests identifiers and the positions; sending a random character string to user equipment; receiving first code information from a code scanning device; determining a user identifier and a rights identifier associated with the first code information based on the association; sending a request for acquiring a communication room identifier to a communication server, wherein the request comprises a user identifier and a rights identifier; receiving a communication room identification from the communication server, the communication room identification being associated with the user identification and the rights identification; and sending the communication room identification to the code scanning device.
According to an eighth aspect of the present disclosure, an electronic device is provided. The electronic device includes: at least one processor, and a memory communicatively coupled to the at least one processor, wherein the memory stores instructions executable by the at least one processor to enable the at least one processor to perform the method according to the seventh aspect.
In a ninth aspect of the present disclosure, a computer readable storage medium is provided, having stored thereon a computer program which, when executed by a processor, implements the method according to the seventh aspect of the present disclosure.
It should be understood that the statements in this section do not necessarily identify key or critical features of the embodiments of the present disclosure, nor do they limit the scope of the present disclosure. Other features of the present disclosure will become apparent from the following description.
Drawings
The above and other features, advantages and aspects of various embodiments of the present disclosure will become more apparent by referring to the following detailed description when taken in conjunction with the accompanying drawings. In the drawings, like or similar reference characters designate like or similar elements.
FIG. 1 is a schematic diagram of an information handling environment 100 according to an embodiment of the present disclosure.
Fig. 2 is a schematic diagram of a method 200 for code-scan security, in accordance with an embodiment of the present disclosure.
Fig. 3 is a schematic diagram of a method 300 for code-scan security, in accordance with an embodiment of the present disclosure.
Fig. 4 is a schematic diagram of a method 400 for code-scan security, in accordance with an embodiment of the present disclosure.
Fig. 5 is a schematic diagram of message interactions, according to an embodiment of the present disclosure.
FIG. 6 is a block diagram of an electronic device for implementing a method for code scanning security of an embodiment of the present disclosure.
Detailed Description
Exemplary embodiments of the present disclosure are described below with reference to the accompanying drawings, in which various details of the embodiments of the disclosure are included to assist understanding, and which are to be considered as merely exemplary. Accordingly, those of ordinary skill in the art will recognize that various changes and modifications of the embodiments described herein can be made without departing from the scope and spirit of the present disclosure. Also, descriptions of well-known functions and constructions are omitted in the following description for clarity and conciseness.
The term "include" and variations thereof as used herein is meant to be inclusive in an open-ended manner, i.e., "including but not limited to". Unless specifically stated otherwise, the term "or" means "and/or". The term "based on" means "based at least in part on". The terms "one example embodiment" and "one embodiment" mean "at least one example embodiment". The term "another embodiment" means "at least one additional embodiment". The terms "first," "second," and the like may refer to different or the same object. Other explicit and implicit definitions are also possible below.
As described above, in the actual process, the code presented by the user is easily stolen by human screen capture, which causes economic loss to the user and the enterprise.
To address, at least in part, one or more of the above problems, as well as other potential problems, example embodiments of the present disclosure propose a scheme for code-scanning security. In the scheme, at a code scanning device, first code information is acquired from a first code displayed by user equipment through scanning; sending first code information to a service server; receiving a communication room identification from a service server; generating encryption information based on the current time and the first code information; sending, to a communication server, encrypted information destined for a communication room associated with a communication room identification; acquiring second code information from a second code displayed by the user equipment through scanning within a first preset time interval after the first code information is acquired; and confirming that the first code information is valid if it is determined that the second code information is identical to the encryption information.
From this, can sweep the sign indicating number through the secondary that the user does not have the perception and stop the risk that the sign indicating number was propagated by the screenshot, guarantee user experience simultaneously.
Hereinafter, specific examples of the present scheme will be described in more detail with reference to the accompanying drawings.
FIG. 1 shows a schematic diagram of an example of an information processing environment 100, according to an embodiment of the present disclosure. Information handling environment 100 may include code scanning device 110, user device 120, communication server 130, and business server 140.
The user device 120 includes, for example, but is not limited to, a smartphone, a personal digital assistant, a wearable device, and the like. User device 120 may have a display for displaying a code, including, for example but not limited to, a two-dimensional code, a barcode, and the like.
The communication server 130 and the business server 140 include, for example, but are not limited to, server computers, multiprocessor systems, mainframe computers, distributed computing environments that include any of the above systems or devices, and the like. In some embodiments, the communication server 130 and the traffic server 140 may have one or more processing units, including special purpose processing units such as image processing units GPU, field programmable gate arrays FPGA, and application specific integrated circuits ASIC, and general purpose processing units such as central processing units CPU. In some embodiments, the communication server 130 and the traffic server 140 may be implemented as the same server.
The communication server 130 may be implemented with communication services, such as a websocket service. In some embodiments, the communication server 130 may create a communication room in response to a request from the user device 120 to create a communication room (which may include a user identification and a rights identification), and return the communication room identification to the user device 120. The communication server 130 may associate the user identification and the rights identification in the request with the communication room identification. Code-scanning device 110 may send a join request including a communication room identification to communication server 130, and communication server 130 may join code-scanning device 110 to the communication room associated with the communication room identification. The communication server 130 may then forward the message between the user device 120 and the code scanning device 110 that joined the communication room. For example, communication server 130 may receive a message from code-scanning device 110 destined for a communication room associated with the communication room identification, and forward the message to user device 120. The communication server 130 may also receive a query request including the user identification and the rights identification from the service server 140 and return the communication room identification to the service server 140.
The code scanning device 110 is configured to obtain first code information from a first code displayed by the user device 120 via scanning; transmitting the first code information to the service server 140; receiving a communication room identification from the service server 140; generating encryption information based on the current time and the first code information; sending encryption information to the communication room associated with the communication room identification to the communication server 130; acquiring second code information from a second code displayed by the user equipment 120 via scanning within a first predetermined time interval after acquiring the first code information; and confirming that the first code information is valid if it is determined that the second code information is identical to the encryption information.
The user equipment 120 is configured to obtain a user identifier associated with the user equipment 120 and a rights identifier associated with the user identifier; sending a request to the communication server 130 for creating a communication room, the request including a user identification and a rights identification; receiving a communication room identification from the communication server 130, the communication room identification being created based on the user identification and the rights identification; displaying the first code; receive, from communication server 130, encrypted information from code-scanning device 110 within a communication room associated with the communication room identification, the encrypted information generated based on the first code and a time at which code-scanning device 110 scanned the first code; and generating and displaying a second code based on the encryption information.
The service server 140 is configured to receive a request for creating a code from the user equipment 120, the request including a user identity associated with the user equipment 120, a rights identity associated with the user identity, and a location of the user equipment 120; generating a random character string; generating associations between the random character strings and the user identifiers, the rights and interests identifiers and the positions; sending a random string to the user device 120; receiving a random string from the code scanning device 110; determining a user identifier and a rights identifier associated with the random character string based on the association; sending a request for obtaining a communication room identifier to the communication server 130, wherein the request comprises a user identifier and a rights identifier; receiving a communication room identification from the communication server 130, the communication room identification being associated with the user identification and the rights identification; and send the communication room identification to the code scanning device 110.
Fig. 2 shows a flow diagram of a method 200 for code-scan security, in accordance with an embodiment of the present disclosure. For example, the method 200 may be performed by the code scanning device 110 as shown in FIG. 1. It should be understood that method 200 may also include additional blocks not shown and/or may omit blocks shown, as the scope of the present disclosure is not limited in this respect.
At block 202, the code scanning device 110 obtains first code information via scanning from a first code displayed by the user device 120. For example, the code scanning device 110 scans a first code displayed by the user device 120 and obtains first code information from the first code. The first code information includes, for example, but is not limited to, a random string. The random string includes, for example, but is not limited to, an 18-bit random string.
At block 204, the code scanning device 110 sends the first code information to the traffic server 140. After receiving the first code information, the service server 140 may determine the user identifier and the right identifier associated with the first code information based on the association between the random character string and the user identifier and the right identifier. The service server 140 may then send a request to the communication server 130 for an identification of the communication room, which may include the user identification and the rights identification. The service server 140 may then receive the communication room identification associated with the user identification and the rights identification from the communication server 130 and return the communication room identification to the code scanning device 110.
At block 206, code scanning device 110 receives a communication room identification from service server 140.
At block 208, code scanning device 110 generates encrypted information based on the current time and the first code information. The code scanning device 110 may, for example, concatenate the current time and the first code information, and encrypt the concatenation result to obtain the encrypted information. Encryption may employ any suitable encryption algorithm, including, but not limited to, SHA256, MD5, and the like, for example.
In some embodiments, code-scanning device 110 may generate the encrypted information based on the current time, the user identification associated with code-scanning device 110, and the first code information. For example, the current time, the user identifier associated with the code-scanning device 110, and the first code information may be concatenated, and the concatenation may be encrypted to obtain the encrypted information. The user identification associated with code-scanning device 110 includes, for example, but is not limited to, a clerk ID. Therefore, the user identification associated with the code scanning device 110 is further considered in the process of generating the encrypted information, so that the encrypted information is more difficult to forge, and the security of secondary code scanning is improved.
At block 210, code scanning device 110 sends encryption information to communication server 130 destined for the communication room associated with the communication room identification. In some embodiments, code scanning device 110 may utilize the websocket service provided by communication server 130 to send encrypted information destined for a communication room associated with a communication room identification. For example, code scanning device 110 may establish a connection with communication server 130 via websocket, send a request to communication server 130 to join a communication room associated with a communication room identification, and then send encrypted information, such as https:// { { websocket service address } } uid { { token } } and os { { android/ios } } & roommid { { roommid } } { "data": type ": second scan", "scan data": 6DB4A3BE 9202B 9239F23238 a598431EC "} } to the communication room, where the encrypted message is indicated in the scan data, for communication server 130 to forward the encrypted message to other devices in the communication room, such as user device 120.
At block 212, the code scanning device 110 obtains second code information via scanning a second code displayed from the user device 120 within a first predetermined time interval after obtaining the first code information. The first predetermined time interval includes, for example, but is not limited to, 400ms, 500ms, 600 ms.
At block 214, code scanning device 110 determines whether the second code information is the same as the encrypted information.
If the code-scanning device 110 determines at block 214 that the second code information is the same as the encrypted information, the first code information is validated at block 216. If the second code information is the same as the encryption information, which indicates that the user device 120 has received the encryption information sent by the code scanning device 110, the user device creating the code creates a communication room associated with the communication room identification, so that the user device 120 can receive the encryption information through the communication room, which proves that the user device 120 is the user device creating the code and not a device stealing the code.
Therefore, the encrypted information based on the code scanning information for the first time can be sent to the user equipment after the code scanning for the first time is carried out on the user equipment, and whether the code scanning information for the first time is effective or not is determined through the code scanning for the second time without sensing of the user, so that the risk that the code is transmitted by screen capture is avoided, and the user experience is guaranteed.
In some cases, the user equipment 120 may not receive the encrypted information in a timely manner due to network fluctuations, etc., so that the code displayed by the user equipment 120 cannot be updated in a timely manner. In view of this, in some embodiments, if the code-scanning device 110 determines that the second code information is different from the encrypted information, the third code information is acquired via scanning a third code displayed from the user device 120 within a second predetermined time interval after acquiring the second code information. The second predetermined time interval includes, for example, but is not limited to, 400ms, 500ms, 600 ms. The first predetermined time interval and the second predetermined time interval may be the same or different.
If the code-scanning device 110 determines that the third code information is identical to the encrypted information, it confirms that the first code information is valid.
If the code scanning device 110 determines that the third code information is different from the encrypted information, then: sending a request for obtaining the user location to the service server 140, the request including the first code information; receiving a user location associated with the first code information from the service server 140; and determining whether the first code information is valid based on a distance between the user location and the location of the code-scanning device 110.
Therefore, whether the code scanning information for the first time is effective or not can be judged by utilizing the distance between the position of the code scanning device and the position of the user under the condition that the code scanning for the second time or the third time is unsuccessful due to reasons such as network fluctuation, and the safety guarantee of code scanning is improved.
Alternatively or additionally, in some embodiments, if the code-scanning device 110 determines that the distance between the location of the code-scanning device 110 and the user location is greater than or equal to the predetermined distance, then the first code information is determined to be invalid; and determining that the first code information is valid if the code-scanning device 110 determines that the distance between the location of the code-scanning device 110 and the user location is less than the predetermined distance. The predetermined distance includes, for example, but is not limited to, 50m, 100m, and the like. Therefore, the first code information can be determined to be invalid under the condition that the position of the code scanning device and the position of the user are greater than or equal to the preset distance, and the code scanning safety guarantee is improved.
In addition to the distance between the location of the code scanning device and the user's location, historical transaction data may be considered for the purpose of wind management analysis. In some embodiments, if the code scanning device 110 determines that the distance between the location of the code scanning device 110 and the user location is less than the predetermined distance, rather than determining that the first code information is valid directly, it is determined whether the first code information is valid based on historical transaction data for a user identification associated with the code scanning device 110 and/or historical transaction data for a user identification associated with the user device 120. For example, the code scanning device 110 can obtain historical transaction data of the user identifier associated with the code scanning device 110 and/or historical transaction data of the user identifier associated with the user device 120 from a service server, and if the code scanning device 110 determines that the historical transaction data of the user identifier associated with the code scanning device 110 and/or the historical transaction data of the user identifier associated with the user device 120 has a login anomaly, a transaction anomaly, and/or a usage anomaly, the first code information is determined to be invalid, otherwise the first code information is determined to be valid. Login anomalies include, for example and without limitation, off-site logins, short frequent login failures, and the like. Transaction anomalies include, for example and without limitation, short frequent transactions, transaction amounts deviating from an average transaction amount by more than a predetermined value, and the like.
Fig. 3 shows a flow diagram of a method 300 for code-scan security, in accordance with an embodiment of the present disclosure. For example, the method 300 may be performed by the user equipment 120 as shown in fig. 1. It should be understood that method 300 may also include additional blocks not shown and/or may omit blocks shown, as the scope of the disclosure is not limited in this respect.
At block 302, the user device 120 obtains a user identification associated with the user device 120 and a rights identification associated with the user identification. Benefits include, for example, but are not limited to coupons, vouchers, and the like.
At block 304, the user device 120 sends a request to the communication server 130 for creating a communication room, the request including a user identification and a rights identification. For example, the user device 120 may establish a connection with the communication server 130 using the websocket and send a user identification and an interest identification, such as but not limited to https:// { { websocket service room creation interface address } } { "memberID": 228 "," equetNo ": 111848856165670" }, to the websocket service room creation interface address of the communication server 130, so that the communication server 130 creates a communication room based on the user identification and the interest identification. For example, the communication server 130 may generate a communication room identification and associate the communication room identification with the user identification and the rights identification.
At block 306, the user device 120 receives a communication room identification from the communication server 130, the communication room identification being created based on the user identification and the rights identification.
At block 308, the user device 120 displays the first code. The first code is generated, for example, based on a random string from the service server 140.
At block 310, user device 120 receives, from communication server 130, encrypted information from code-scanning device 110 within a communication room associated with the communication room identification, the encrypted information generated based on the first code and a time at which code-scanning device 110 scanned the first code. The user device 120 can, for example, join a communication room associated with the communication room identification through the websocket and listen for messages from the communication server 130 for the communication room.
At block 312, the user device 120 generates and displays a second code based on the encrypted information. Generating the second code based on the encrypted information may, for example, employ any suitable encoding technique, such as a two-dimensional code encoding technique.
Thus, it is possible to receive the encrypted information generated based on the first code from the code scanning device through the communication room after the user device displays the first code and to generate and display the second code based on the encrypted information, so that the code scanning device is verified by scanning the code twice, thereby eliminating the risk of the code being transmitted by screen capture.
In some embodiments, prior to displaying the first code, the user device 120 may also generate the first code. In particular, the user device 120 may send a request to the service server 140 for creating a code, the request including the user identification, the entitlement identification and the location of the user device. Subsequently, the user device 120 may receive a random string from the service server 140, the random string being associated with the user identification, the entitlement identification and the location. Next, the user equipment 120 generates a first code based on the random string.
Therefore, codes displayed by the user equipment do not directly include user associated information such as user identification, rights and interests identification and the like, so that the user associated information is prevented from being exposed to the outside, and the safety is improved. In addition, the position of the user equipment can be submitted to the service server when the code is applied for creating, and subsequent wind control of code scanning based on the position is facilitated.
Fig. 4 shows a flow diagram of a method 400 for code-scan security, in accordance with an embodiment of the present disclosure. For example, the method 400 may be performed by the service server 140 as shown in fig. 1. It should be understood that method 400 may also include additional blocks not shown and/or may omit blocks shown, as the scope of the disclosure is not limited in this respect.
At block 402, the traffic server 140 receives a request from the user device 120 to create a code, the request including a user identification associated with the user device 120, a rights identification associated with the user identification, and a location of the user device 120 (also referred to as a user location).
At block 404, the business server 140 generates a random string.
At block 406, the business server 140 generates an association between the random string and the user identification, the entitlement identification, and the location. The association may be stored locally at the service server 140 or in a cache server connected to the service server 140, for example.
At block 408, the traffic server 140 sends a random string to the user device 120.
At block 410, the traffic server 140 receives first code information from the code-scanning device 110.
At block 412, the service server 140 determines the user identification and the rights identification associated with the first code information based on the association. The service server 140 may determine the user identifier and the rights identifier associated with the first code information in a locally stored association, or the service server 140 may transmit the first code information to a cache server that caches the association and receive the user identifier and the rights identifier associated with the first code information from the cache server.
At block 414, the service server 140 sends a request to the communication server 130 for an identification of the communication room, the request including the user identification and the rights identification.
At block 416, the service server 140 receives a communication room identification from the communication server 130, the communication room identification being associated with the user identification and the rights identification.
At block 418, the traffic server 140 sends the communication room identification to the code scanning device 110.
Therefore, the random character string is associated with the user identifier and the rights and interests identifier, the user identifier and the rights and interests identifier are replaced by the random character string for code scanning, the user identifier and the rights and interests identifier are prevented from being exposed outwards, and the safety is improved. In addition, the communication room identifier created by the user can be acquired through the user identifier and the rights identifier, so that the code scanning device 110 can communicate with the user device based on the communication room identifier, secondary code scanning is facilitated, and code scanning safety is improved.
FIG. 5 shows a flow diagram of message interaction in accordance with an embodiment of the present disclosure. It should be understood that method 500 may also include additional steps not shown and/or may omit steps shown, as the scope of the present disclosure is not limited in this respect.
The user equipment 120 sends (502) a request to the service server 140 for creating a code, the request comprising a user identification, a rights identification and a location of the user equipment. Upon receiving the request, the service server 140 generates (504) a random string and generates (506) an association between the random string and the user identification, the entitlement identification, and the location. Next, the service server 140 sends (508) the random string to the user equipment 120. The user device 120 generates 510 a first code, e.g. a two-dimensional code, based on the received random string. The user device 120 displays (512) the generated first code for scanning by the code scanning device 110.
The user device 120 sends (514) a request to the communication server 130 for creating a communication room, the request comprising a user identification and a rights identification. The communication server 130 creates (516) a communication room based on the received user identification and the rights identification. Subsequently, the communication server 130 sends (518) the communication room identification to the user device 120. It should be understood that although steps 514-518 are shown after steps 502-512, this is merely illustrative and steps 514-518 may be located before steps 502-512 or may be performed in parallel.
The code scanning device 110 obtains (520), via scanning, first code information, such as a random string included in the first code, from the first code displayed by the user device 120. Next, the code scanning device 110 sends (522) the first code information to the service server 140. The service server 140 determines (524) a user identification and a rights identification associated with the first code information based on the association. Subsequently, the service server 140 sends (526) a request for obtaining a communication room identification to the communication server 130, the request including the user identification and the rights identification. The communication server 130 determines (528) a communication room identification based on the received user identification and the rights identification and sends (530) the communication room identification to the service server 140. The service server 140 sends 532 the received communication room identification to the code scanning device 110.
Code-scanning device 110 generates 534 encrypted information based on the current time and the first code information. Upon receiving the communication room identification, code-scanning device 110 sends (536) to communication server 130 encrypted information destined for the communication room associated with the communication room identification. Upon receiving the encrypted information, the communication server 130 sends (538) the encrypted information to the user device 120.
The user device 120 generates and displays (540) a second code based on the received encrypted information.
The code-scanning device 110 obtains (542) second code information from a second code displayed by the user device 120 via scanning within a first predetermined time interval after obtaining the first code information. Next, code scanning device 110 determines (544) whether the second code information is the same as the encrypted information. If code-scanning device 110 determines that the second code information is the same as the encrypted information, code-scanning device 110 validates (546) the first code information.
Therefore, the encrypted information based on the code scanning information for the first time can be sent to the user equipment after the code scanning for the first time is carried out on the user equipment, and whether the code scanning information for the first time is effective or not is determined through the code scanning for the second time without sensing of the user, so that the risk that the code is transmitted by screen capture is avoided, and the user experience is guaranteed.
Fig. 6 illustrates a schematic block diagram of an example device 600 that can be used to implement embodiments of the present disclosure. For example, the code scanning device 110, the user device 120, the communication server 130, and the service server 140 shown in fig. 1 may be implemented by the device 600. As shown, device 600 includes a Central Processing Unit (CPU) 601 that may perform various appropriate actions and processes in accordance with computer program instructions stored in a Read Only Memory (ROM) 602 or loaded from a storage unit 608 into a Random Access Memory (RAM) 603. In the RAM 603, various programs and data required for the operation of the device 600 can also be stored. The CPU601, ROM 602, and RAM 603 are connected to each other via a bus 604. An input/output (I/O) interface 605 is also connected to bus 604.
A number of components in the device 600 are connected to the I/O interface 605, including: an input unit 606 such as a keyboard, a mouse, a microphone, and the like; an output unit 607 such as various types of displays, speakers, and the like; a storage unit 608, such as a magnetic disk, optical disk, or the like; and a communication unit 609 such as a network card, modem, wireless communication transceiver, etc. The communication unit 609 allows the device 600 to exchange information/data with other devices via a computer network such as the internet and/or various telecommunication networks.
The various processes and processes described above, such as the method 200-400, may be performed by the processing unit 601. For example, in some embodiments, the method 200-400 may be implemented as a computer software program tangibly embodied in a machine-readable medium, such as the storage unit 608. In some embodiments, part or all of the computer program may be loaded and/or installed onto the device 600 via the ROM 602 and/or the communication unit 609. When the computer program is loaded into RAM 603 and executed by CPU601, one or more of the acts of method 200 and 400 described above may be performed.
The present disclosure relates to methods, apparatuses, systems, electronic devices, computer-readable storage media and/or computer program products. The computer program product may include computer-readable program instructions for performing various aspects of the present disclosure.
The computer readable storage medium may be a tangible device that can hold and store the instructions for use by the instruction execution device. The computer readable storage medium may be, for example, but not limited to, an electronic memory device, a magnetic memory device, an optical memory device, an electromagnetic memory device, a semiconductor memory device, or any suitable combination of the foregoing. More specific examples (a non-exhaustive list) of the computer readable storage medium would include the following: a portable computer diskette, a hard disk, a Random Access Memory (RAM), a read-only memory (ROM), an erasable programmable read-only memory (EPROM or flash memory), a Static Random Access Memory (SRAM), a portable compact disc read-only memory (CD-ROM), a Digital Versatile Disc (DVD), a memory stick, a floppy disk, a mechanical coding device, such as punch cards or in-groove projection structures having instructions stored thereon, and any suitable combination of the foregoing. Computer-readable storage media as used herein is not to be construed as transitory signals per se, such as radio waves or other freely propagating electromagnetic waves, electromagnetic waves propagating through a waveguide or other transmission medium (e.g., optical pulses through a fiber optic cable), or electrical signals transmitted through electrical wires.
The computer-readable program instructions described herein may be downloaded from a computer-readable storage medium to a respective computing/processing device, or to an external computer or external storage device via a network, such as the internet, a local area network, a wide area network, and/or a wireless network. The network may include copper transmission cables, fiber optic transmission, wireless transmission, routers, firewalls, switches, gateway computers and/or edge servers. The network adapter card or network interface in each computing/processing device receives computer-readable program instructions from the network and forwards the computer-readable program instructions for storage in a computer-readable storage medium in the respective computing/processing device.
The computer program instructions for carrying out operations of the present disclosure may be assembler instructions, Instruction Set Architecture (ISA) instructions, machine-related instructions, microcode, firmware instructions, state setting data, or source or object code written in any combination of one or more programming languages, including an object oriented programming language such as Smalltalk, C + + or the like and conventional procedural programming languages, such as the "C" programming language or similar programming languages. The computer-readable program instructions may execute entirely on the user's computer, partly on the user's computer, as a stand-alone software package, partly on the user's computer and partly on a remote computer or entirely on the remote computer or server. In the case of a remote computer, the remote computer may be connected to the user's computer through any type of network, including a Local Area Network (LAN) or a Wide Area Network (WAN), or the connection may be made to an external computer (for example, through the Internet using an Internet service provider). In some embodiments, the electronic circuitry that can execute the computer-readable program instructions implements aspects of the present disclosure by utilizing the state information of the computer-readable program instructions to personalize the electronic circuitry, such as a programmable logic circuit, a Field Programmable Gate Array (FPGA), or a Programmable Logic Array (PLA).
Various aspects of the present disclosure are described herein with reference to flowchart illustrations and/or block diagrams of methods, apparatus (systems) and computer program products according to embodiments of the disclosure. It will be understood that each block of the flowchart illustrations and/or block diagrams, and combinations of blocks in the flowchart illustrations and/or block diagrams, can be implemented by computer-readable program instructions.
These computer-readable program instructions may be provided to a processing unit of a general purpose computer, special purpose computer, or other programmable data processing apparatus to produce a machine, such that the instructions, which execute via the processing unit of the computer or other programmable data processing apparatus, create means for implementing the functions/acts specified in the flowchart and/or block diagram block or blocks. These computer-readable program instructions may also be stored in a computer-readable storage medium that can direct a computer, programmable data processing apparatus, and/or other devices to function in a particular manner, such that the computer-readable medium storing the instructions comprises an article of manufacture including instructions which implement the function/act specified in the flowchart and/or block diagram block or blocks.
The computer readable program instructions may also be loaded onto a computer, other programmable data processing apparatus, or other devices to cause a series of operational steps to be performed on the computer, other programmable apparatus or other devices to produce a computer implemented process such that the instructions which execute on the computer, other programmable apparatus or other devices implement the functions/acts specified in the flowchart and/or block diagram block or blocks.
The flowchart and block diagrams in the figures illustrate the architecture, functionality, and operation of possible implementations of systems, methods and computer program products according to various embodiments of the present disclosure. In this regard, each block in the flowchart or block diagrams may represent a module, segment, or portion of instructions, which comprises one or more executable instructions for implementing the specified logical function(s). In some alternative implementations, the functions noted in the block may occur out of the order noted in the figures. For example, two blocks shown in succession may, in fact, be executed substantially concurrently, or the blocks may sometimes be executed in the reverse order, depending upon the functionality involved. It will also be noted that each block of the block diagrams and/or flowchart illustration, and combinations of blocks in the block diagrams and/or flowchart illustration, can be implemented by special purpose hardware-based systems which perform the specified functions or acts, or combinations of special purpose hardware and computer instructions.
Having described embodiments of the present disclosure, the foregoing description is intended to be exemplary, not exhaustive, and not limited to the disclosed embodiments. Many modifications and variations will be apparent to those of ordinary skill in the art without departing from the scope and spirit of the described embodiments. The terms used herein were chosen in order to best explain the principles of the embodiments, the practical application, or technical improvements to the techniques in the marketplace, or to enable others of ordinary skill in the art to understand the embodiments disclosed herein.
Claims (10)
1. A method for code scanning security, comprising:
at a code scanning device, obtaining first code information via scanning a first code displayed from a user device;
sending the first code information to a service server;
receiving a communication room identification from the service server;
generating encryption information based on the current time and the first code information;
sending the encrypted information to a communication room associated with the communication room identification to a communication server;
acquiring second code information from a second code displayed by the user equipment through scanning within a first preset time interval after the first code information is acquired; and
and if the second code information is determined to be the same as the encryption information, confirming that the first code information is valid.
2. The method of claim 1, further comprising:
if the second code information is determined to be different from the encrypted information, acquiring third code information from a third code displayed by the user equipment through scanning within a second preset time interval after the second code information is acquired;
if the third code information is determined to be the same as the encrypted information, confirming that the first code information is valid; and
if it is determined that the third code information is different from the encryption information:
sending a request for acquiring the position of a user to a service server, wherein the request comprises the first code information;
receiving a user location associated with the first code information from the service server; and
determining whether the first code information is valid based on a distance between the user location and a location of the code scanning device.
3. The method of claim 2, wherein determining whether the first code information is valid comprises:
determining that the first code information is invalid if it is determined that a distance between the location of the code scanning device and the user location is greater than or equal to a predetermined distance; and
determining that the first code information is valid if it is determined that the distance between the location of the code-scanning device and the user location is less than the predetermined distance.
4. The method of claim 1, wherein generating the encryption information comprises:
generating the encrypted information based on a current time, a user identification associated with the code scanning device, and the first code information.
5. The method of claim 2, wherein the first predetermined time interval is the same as or different from the second predetermined time interval.
6. A method for code scanning security, comprising:
at a user equipment, acquiring a user identification associated with the user equipment and a rights identification associated with the user identification;
sending a request to a communication server for creating a communication room, the request including the user identification and the rights identification;
receiving a communication room identification from the communication server, the communication room identification created based on the user identification and the rights identification;
displaying the first code;
receiving, from the communication server, encrypted information from a code-scanning device within a communication room associated with the communication room identification, the encrypted information generated based on the first code and a time at which the code-scanning device scanned the first code; and
and generating and displaying a second code based on the encrypted information.
7. The method of claim 6, further comprising:
sending a request for creating a code to a service server, the request comprising the user identity, the rights identity and the location of the user equipment;
receiving a random string from the service server, the random string being associated with the user identification, the rights identification, and the location; and
generating the first code based on the random string.
8. A method for code scanning security, comprising:
receiving a request from a user device to create a code, the request comprising a user identification associated with the user device, a rights identification associated with the user identification, and a location of the user device;
generating a random character string;
generating an association between the random string and the user identification, the equity identification, and the location;
sending the random character string to the user equipment;
receiving first code information from a code scanning device;
determining the user identification and the rights identification associated with the first code information based on the association;
sending a request for obtaining a communication room identifier to a communication server, wherein the request comprises the user identifier and the rights identifier;
receiving a communication room identification from the communication server, the communication room identification being associated with the user identification and the rights identification; and
and sending the communication room identification to the code scanning device.
9. An electronic device, comprising:
at least one processor; and
a memory communicatively coupled to the at least one processor; wherein,
the memory stores instructions executable by the at least one processor to enable the at least one processor to perform the method of any one of claims 1-8.
10. A non-transitory computer readable storage medium having stored thereon computer instructions for causing the computer to perform the method of any one of claims 1-8.
Priority Applications (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN202010742048.5A CN111626738B (en) | 2020-07-29 | 2020-07-29 | Method, electronic device and storage medium for code scanning security |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN202010742048.5A CN111626738B (en) | 2020-07-29 | 2020-07-29 | Method, electronic device and storage medium for code scanning security |
Publications (2)
| Publication Number | Publication Date |
|---|---|
| CN111626738A true CN111626738A (en) | 2020-09-04 |
| CN111626738B CN111626738B (en) | 2020-10-30 |
Family
ID=72261317
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN202010742048.5A Active CN111626738B (en) | 2020-07-29 | 2020-07-29 | Method, electronic device and storage medium for code scanning security |
Country Status (1)
| Country | Link |
|---|---|
| CN (1) | CN111626738B (en) |
Cited By (1)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN113190206A (en) * | 2021-07-02 | 2021-07-30 | 南京云联数科科技有限公司 | Method for displaying medicine information on same screen, computing equipment and computer storage medium |
Citations (3)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN107516216A (en) * | 2017-07-25 | 2017-12-26 | 深圳天珑无线科技有限公司 | A kind of method of payment, the device and intelligent terminal with store function |
| CN109711832A (en) * | 2018-12-29 | 2019-05-03 | 腾讯音乐娱乐科技(深圳)有限公司 | The methods, devices and systems paid |
| CN111091377A (en) * | 2019-12-23 | 2020-05-01 | 天津环球磁卡股份有限公司 | Method for preventing two-dimension code from being stolen and brushed in mobile payment |
-
2020
- 2020-07-29 CN CN202010742048.5A patent/CN111626738B/en active Active
Patent Citations (3)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN107516216A (en) * | 2017-07-25 | 2017-12-26 | 深圳天珑无线科技有限公司 | A kind of method of payment, the device and intelligent terminal with store function |
| CN109711832A (en) * | 2018-12-29 | 2019-05-03 | 腾讯音乐娱乐科技(深圳)有限公司 | The methods, devices and systems paid |
| CN111091377A (en) * | 2019-12-23 | 2020-05-01 | 天津环球磁卡股份有限公司 | Method for preventing two-dimension code from being stolen and brushed in mobile payment |
Cited By (1)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN113190206A (en) * | 2021-07-02 | 2021-07-30 | 南京云联数科科技有限公司 | Method for displaying medicine information on same screen, computing equipment and computer storage medium |
Also Published As
| Publication number | Publication date |
|---|---|
| CN111626738B (en) | 2020-10-30 |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| US20180196694A1 (en) | Transaction analyzer using graph-oriented data structures | |
| US20190311392A1 (en) | Reward point transfers using blockchain | |
| CN107249004B (en) | Identity authentication method, device and client | |
| US20140380508A1 (en) | Method and system for authenticating user identity | |
| CN107153599B (en) | Method and equipment for recording and playing back user operation | |
| US9270666B2 (en) | Verification of user communication addresses | |
| US20140229376A1 (en) | Using both social media and non-social media information to identify anomalous behavior | |
| CN113271296B (en) | Login authority management method and device | |
| CN113297163B (en) | Inquiry transfer system, method, device, equipment and medium based on block chain | |
| CN111275404A (en) | Block chain based review method, device, equipment and medium | |
| CN114826733A (en) | File transfer method, device, system, apparatus, medium, and program product | |
| CN111626738B (en) | Method, electronic device and storage medium for code scanning security | |
| CN108449186B (en) | Security verification method and device | |
| US10057216B2 (en) | Mention identification for untrusted content | |
| US12120133B1 (en) | Request header anomaly detection | |
| CN115168827B (en) | Two-dimensional code generation method containing identity information and two-dimensional code reading method | |
| US11356481B1 (en) | Preventing phishing attempts of one-time passwords | |
| CN114282506A (en) | Certificate generation method, system, electronic device and storage medium | |
| CN112580762B (en) | Dynamic two-dimensional code and identification method and identification device thereof | |
| CN114785560A (en) | Information processing method, apparatus, device and medium | |
| CN114036364A (en) | Method, apparatus, device, medium and product for identifying a crawler | |
| CN113111283A (en) | Forensic server, forensic method, storage medium, and program product | |
| CN104486302A (en) | Mobile transaction security authentication method | |
| US10007898B2 (en) | Database retrieval system | |
| CN112069231B (en) | User information processing method and device, storage medium and electronic equipment |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| PB01 | Publication | ||
| PB01 | Publication | ||
| SE01 | Entry into force of request for substantive examination | ||
| SE01 | Entry into force of request for substantive examination | ||
| GR01 | Patent grant | ||
| GR01 | Patent grant |