CN112150151A - Secure payment method and device, electronic equipment and storage medium - Google Patents
Secure payment method and device, electronic equipment and storage medium Download PDFInfo
- Publication number
- CN112150151A CN112150151A CN202011073558.4A CN202011073558A CN112150151A CN 112150151 A CN112150151 A CN 112150151A CN 202011073558 A CN202011073558 A CN 202011073558A CN 112150151 A CN112150151 A CN 112150151A
- Authority
- CN
- China
- Prior art keywords
- payment
- user
- server
- identifier
- code
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Granted
Links
Images
Classifications
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06Q—INFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES, NOT OTHERWISE PROVIDED FOR
- G06Q20/00—Payment architectures, schemes or protocols
- G06Q20/38—Payment protocols; Details thereof
- G06Q20/382—Payment protocols; Details thereof insuring higher security of transaction
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06Q—INFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES, NOT OTHERWISE PROVIDED FOR
- G06Q20/00—Payment architectures, schemes or protocols
- G06Q20/38—Payment protocols; Details thereof
- G06Q20/40—Authorisation, e.g. identification of payer or payee, verification of customer or shop credentials; Review and approval of payers, e.g. check credit lines or negative lists
- G06Q20/401—Transaction verification
- G06Q20/4014—Identity check for transactions
Landscapes
- Business, Economics & Management (AREA)
- Engineering & Computer Science (AREA)
- Accounting & Taxation (AREA)
- Computer Security & Cryptography (AREA)
- Finance (AREA)
- Strategic Management (AREA)
- Physics & Mathematics (AREA)
- General Business, Economics & Management (AREA)
- General Physics & Mathematics (AREA)
- Theoretical Computer Science (AREA)
- Financial Or Insurance-Related Operations Such As Payment And Settlement (AREA)
Abstract
The invention relates to the technical field of security, and discloses a secure payment method, which comprises the following steps: when the client side carries out transaction payment, firstly, a user payment identifier comprising an encrypted user unique identifier is sent to the server side for authentication; after the server authenticates and passes the user payment identifier according to the pre-stored identity authentication information, encrypting the user payment identifier again at the server to generate a server payment identifier, generating a random keyboard code, and transmitting the server payment identifier and the random keyboard code to the client; and after the client passes the authentication of the payment identifier of the server, generating a payment keyboard according to the random keyboard code for a user to input payment information. The invention also provides a safe payment device, electronic equipment and a storage medium. In addition, the invention also relates to a block chain technology, and the identity authentication information can be stored in the block chain. The invention can improve the safety of payment.
Description
Technical Field
The present invention relates to the field of security technologies, and in particular, to a secure payment method and apparatus, an electronic device, and a computer-readable storage medium.
Background
The mobile payment is a novel payment mode in the internet era, and transaction settlement payment is carried out through a network by taking a mobile terminal as a center. The payment authentication of a user through a mobile payment App installed on a client such as a mobile phone becomes one of the main payment modes of the current transactions of people. However, the WiFi links anywhere, illegal App Trojan horse viruses, two-dimensional code for red packet robbing and other network security problems occur, so that the payment information of the user can be illegally acquired and tampered, and the economic loss of the user is caused.
To solve the above-mentioned network security problem, the conventional method is to provide a virtual payment keyboard for the user to input payment information. The payment keyboard can also be called as a soft keyboard, is a fixed keyboard or a random keyboard with a user-defined client interface, and is awakened to input a transaction password when a user pays. At present, the payment keyboard is realized by a mobile payment App, and program codes of the keyboard are easily tampered by means of decompiling codes and the like, so that payment information of a user can be stolen.
Disclosure of Invention
The invention provides a secure payment method, a secure payment device, electronic equipment and a computer readable storage medium, and mainly aims to improve the security of mobile payment.
In order to achieve the above object, the present invention provides a secure payment method, which is applied to a server and includes:
receiving a user payment identifier transmitted by a client, and authenticating the user payment identifier;
when the user payment identification is successfully authenticated, carrying out server side encryption on the user payment identification to generate a server side payment identification, and returning the server side payment identification and the randomly generated random keyboard code to the client side;
and receiving a payment code transmitted by the client, acquiring payment information of the user according to the payment code and the random keyboard code, and performing payment authentication on the payment information.
Optionally, the receiving a user payment identifier transmitted by a client, and authenticating the user payment identifier includes:
and identifying the encrypted plaintext of the user payment identifier, decrypting the encrypted plaintext in the user payment identifier, and authenticating the user payment identifier which is successfully decrypted according to the pre-stored security certificate.
Optionally, the encrypting the user payment identifier by the server to generate a server payment identifier includes:
and encrypting the user payment identifier by using the following method:
wherein E (M) represents the payment identifier of the server, m represents the mth plaintext in the payment identifier of the user, t represents the number of the plaintext in the payment identifier of the user, e represents the wireless non-cyclic decimal number, mod represents a plaintext encryption function, and N represents the encryption frequency.
Optionally, the secure payment method applied to the server further includes:
setting the safety aging of the random keyboard code;
discarding the payment code when the time of receipt of the payment code is not within the security age.
In order to achieve the above object, the present invention further provides a secure payment method, which is applied to a client, and includes:
acquiring a payment identifier based on a payment request, encrypting the payment identifier by a client to generate a user payment identifier, and transmitting the user payment identifier to a server;
receiving a server payment identifier and a random keyboard code returned by the server, and authenticating the server payment identifier;
and when the payment authentication of the server side is passed, generating a payment keyboard according to the random keyboard code, generating a payment code according to payment information input by a user through the payment keyboard, and transmitting the payment code to the server side for payment authentication.
Optionally, the generating a payment keyboard according to the random keyboard code includes:
acquiring the arrangement sequence of the characters in the random keyboard code;
and constructing a virtual keyboard, and carrying out interface configuration on the virtual keyboard according to the arrangement sequence of the characters to obtain a payment keyboard.
In order to solve the above problem, the present invention further provides a secure payment device, where the secure payment device is installed at a server, and the secure payment device includes:
the identity authentication module is used for receiving the user payment identifier transmitted by the client and authenticating the user payment identifier;
the server side encryption module is used for encrypting the user payment identifier through the server side when the user payment identifier is successfully authenticated to generate a server side payment identifier and returning the server side payment identifier and the randomly generated random keyboard code to the client side;
and the payment authentication module is used for receiving the payment code transmitted by the client, acquiring the payment information of the user according to the payment code and the random keyboard code, and performing payment authentication on the payment information.
In order to solve the above problem, the present invention further provides a secure payment apparatus, which is installed at a client, and includes:
the client encryption module is used for acquiring a payment identifier based on a payment request, carrying out client encryption on the payment identifier, generating a user payment identifier and transmitting the user payment identifier to a server;
the service authentication module is used for receiving the server payment identifier and the random keyboard code returned by the server and authenticating the server payment identifier;
and the generating module is used for generating a payment keyboard according to the random keyboard code when the payment authentication of the server side passes, generating a payment code according to payment information input by a user through the payment keyboard, and transmitting the payment code to the server side for payment authentication.
In order to solve the above problem, the present invention also provides an electronic device, including:
a memory storing at least one computer program; and
a processor executing the computer program stored in the memory to implement the secure payment method described above.
In order to solve the above problem, the present invention further provides a computer-readable storage medium having at least one instruction stored therein, where the at least one instruction is executed by a processor in an electronic device to implement the secure payment method described above.
The embodiment of the invention utilizes the server to authenticate the user payment identifier sent by the client and utilizes the client to authenticate the server payment identifier sent by the server, thereby realizing double authentication of the client and the server; further, when the server payment authentication is passed, the payment keyboard is generated according to the random keyboard code returned by the server, so that the safety of the payment information of the user is further ensured. Therefore, the secure payment method, the secure payment device, the electronic equipment and the computer-readable storage medium provided by the embodiment of the invention improve the security of mobile payment.
Drawings
Fig. 1 is a schematic flowchart of a secure payment method applied to a server according to a first embodiment of the present invention;
fig. 2 is a schematic flowchart of a secure payment method applied to a client according to a second embodiment of the present invention;
fig. 3 is a schematic block diagram of a secure payment device applied to a server according to a third embodiment of the present invention;
fig. 4 is a schematic block diagram of a payment apparatus for secure payment applied to a client according to a fourth embodiment of the present invention;
fig. 5 is a schematic internal structural diagram of an electronic device implementing a secure payment method according to a fifth embodiment of the present invention;
the implementation, functional features and advantages of the objects of the present invention will be further explained with reference to the accompanying drawings.
Detailed Description
It should be understood that the specific embodiments described herein are merely illustrative of the invention and are not intended to limit the invention.
The embodiment of the application provides a secure payment method, and an execution subject of the secure payment method includes but is not limited to at least one of electronic devices such as a server and a client, which can be configured to execute the method provided by the embodiment of the application. In other words, the secure payment method may be performed by software or hardware installed in the client or the server, and the software may be a blockchain platform. The server includes but is not limited to: a single server, a server cluster, a cloud server or a cloud server cluster, and the like.
In the embodiment of the invention, the safe payment method is realized through interaction of a client or a server, wherein the client can use portable electronic equipment such as a notebook computer, a desktop computer, a smart phone and the like of a user, an intelligent wearable type and the like, and the core of the embodiment of the invention is as follows: when the client side carries out transaction payment, firstly, a user payment identifier comprising an encrypted user unique identifier is sent to the server side for authentication; after the server passes the authentication of the user payment identifier, encrypting the user payment identifier again at the server to generate a server payment identifier, generating a random keyboard code, and transmitting the server payment identifier and the random keyboard code to the client; and after the client passes the authentication of the payment identifier of the server, generating a payment keyboard according to the random keyboard code for a user to input payment information. The invention implements double authentication on the server and the client, and the payment keyboard is generated according to the arrangement of the server instead of the mobile payment App, thereby further ensuring the safety of the payment information of the user.
The following describes the implementation principle of the present invention with reference to fig. 1 and 3.
The secure payment method provided by the first embodiment of the present invention is described with reference to the flowchart shown in fig. 1. The method described in fig. 1 is applied to a server, and includes:
s10, receiving the user payment identification transmitted by the client, and authenticating the user payment identification.
In a preferred embodiment of the present invention, the client may also be referred to as a mobile payment terminal, and is used for performing payment transactions, including, but not limited to: cell phones, tablets, and PCs, among others. The user payment identifier refers to a user unique identifier encrypted based on a client, and the user unique identifier includes, but is not limited to, a gesture, a fingerprint, a password and the like of a user.
Further, the embodiment of the invention authenticates the user payment identifier by using the pre-constructed security certificate.
The pre-constructed security credential refers to a data credential for data communication between the client and the server. Preferably, in the present invention, the security credentials include: digital signature, validity time, domain name, etc. In an optional embodiment of the present invention, the security credential is constructed by Secure Sockets Layer (SSL).
The embodiment of the invention identifies the encrypted plaintext of the client payment identifier based on the security certificate, decrypts the encrypted plaintext in the client payment identifier through a preset decryption algorithm to obtain the user unique identifier, and authenticates the user unique identifier by utilizing the prestored identity authentication information. And the preset decryption algorithm corresponds to the encryption algorithm for encrypting the plaintext.
Further, in order to ensure the security of the identity authentication information, in the embodiment of the present invention, the identity authentication information may be stored in a block chain.
Based on the authentication of the user payment identification, the authenticity of the user payment identification in the client can be identified.
And S11, when the user payment identifier is successfully authenticated, carrying out server side encryption on the user payment identifier to generate a server side payment identifier, and returning the server side payment identifier and the randomly generated random keyboard code to the client side.
In the embodiment of the invention, when the user payment authentication is successful, the server side encryption is carried out on the user payment identification by using the following method:
wherein E (M) represents the payment identifier of the server, m represents the mth plaintext in the payment identifier of the user, t represents the number of the plaintext in the payment identifier of the user, e represents the wireless non-cyclic decimal number, mod represents a plaintext encryption function, and N represents the encryption frequency.
The random keyboard code can be understood as a character code sequence which is randomly disorganized in sequence. In the embodiment of the invention, the random keyboard code is used for generating a virtual payment keyboard when a client performs transaction payment, namely, the character arrangement in the payment keyboard is arranged and set according to the random keyboard code. In the embodiment of the invention, in order to further ensure the safety, the random keyboard code can be provided with safety timeliness.
S12, receiving the payment code transmitted by the client, acquiring the payment information of the user according to the payment code and the random keyboard code, and performing payment authentication on the payment information to obtain a payment result.
In at least one embodiment of the present invention, when the client successfully verifies the payment identifier of the server, a virtual payment keyboard is generated according to the random keyboard code, and the user can input payment information through the virtual payment keyboard, generate a payment code, and transmit the payment code to the server. In other embodiments of the present invention, when the client fails to authenticate the payment identifier of the server, a virtual payment keyboard is not generated at the client, and thus the payment code cannot be generated.
In this embodiment of the present invention, the performing payment authentication on the payment information includes: and identifying whether the payment information in the payment code is consistent with payment authentication information stored in a server by a user in advance, if so, determining that the authentication result is successful, and if not, determining that the authentication result is failed. Further, in the embodiment of the present invention, a payment result is identified according to the authentication result, that is, if the authentication result is successful, the payment result is successful, and if the authentication result is failed, the payment result is failed.
Preferably, in order to ensure the security of the payment authentication information, the payment authentication information may also be stored in a blockchain node.
In a preferred embodiment of the present invention, the method further comprises:
setting the safety aging of the random keyboard code;
and when the receiving time of the payment code is not within the safety time limit, discarding the payment code so as to further ensure the safety of payment.
The secure payment method provided by the second embodiment of the present invention is described with reference to the flowchart shown in fig. 2. The method described in fig. 2 is applied to a client, and includes:
s20, obtaining a payment identifier based on the payment request, carrying out client encryption on the payment identifier to generate a user payment identifier, and transmitting the user payment to the server.
In a preferred embodiment of the present invention, the payment request refers to an interactive behavior generated between the user and the system payment platform, for example, the user a sees a watch in the watch mall platform through the mobile phone terminal, and before making a payment, a payment behavior requesting payment is sent out at the mobile phone terminal of the user a, and the payment behavior is the payment request.
Further, in a preferred implementation of the present invention, the obtaining the payment identifier based on the payment request includes:
identifying a payment environment according to the payment request; and receiving a user certificate input by a user in the payment environment to obtain the payment identifier.
The payment environment refers to a transaction environment of a user during payment, and preferably, the payment environment is identified through a preset Linux statement, where the preset Linux statement may be an OpenSSL statement. The user credential refers to a user unique identifier, for example, the user unique identifier may be: a user's gesture, fingerprint, password, etc.
Further, in the preferred embodiment of the present invention, the principle of the client encryption method is the same as that of the server encryption method, and further description thereof is omitted here.
S21, receiving the server payment identifier and the random keyboard code returned by the server, decrypting the server payment identifier, and authenticating the server payment identifier according to the user payment identifier.
In a preferred implementation of the present invention, the server payment identifier and the random number refer to an authentication result generated by the server encrypting the user payment identifier successfully authenticated by the server.
Further, in a preferred embodiment of the present invention, the server payment identifier is authenticated, that is, the server payment identifier is decrypted, and preferably, according to an encryption algorithm adopted when the user payment identifier is encrypted by the server, the embodiment of the present invention decrypts an encrypted plaintext in the server payment identifier by using a corresponding decryption algorithm.
In a preferred implementation of the invention, the authenticity of the server corresponding to the client can be identified by decrypting the service payment identifier, so that the reliability of the corresponding server can be judged, and the reliability of the payment environment is enhanced.
Further, another embodiment of the present invention further includes: and when the authentication of the server side fails, generating an error state code to prompt the user of error information.
And S22, when the payment authentication of the server side is passed, generating a payment keyboard according to the random keyboard code, generating a payment code according to payment information input by a user through the payment keyboard, and transmitting the payment code to the server side for payment authentication.
In at least one embodiment of the present invention, when the server-side payment authentication is passed, a payment keyboard is generated according to the random keyboard code, a payment code is generated according to payment information input by a user through the payment keyboard, and the payment code is transmitted to the server-side for payment authentication.
In an embodiment of the present invention, the generating a payment keyboard according to the random keyboard code includes: acquiring the arrangement sequence of the characters in the random keyboard code; and constructing a virtual keyboard, and carrying out interface configuration on the virtual keyboard according to the arrangement sequence of the characters to obtain a payment keyboard.
In the embodiment of the invention, the virtual keyboard is compiled through a preset scripting language and is used for supporting the user to input the payment code, and meanwhile, the payment keyboard is generated based on the random keyboard code, so that the payment code input by the user can be guaranteed to have certain timeliness, disorder and safety, and the payment operation can not be carried out even if the payment information of the user is illegally obtained or the payment program code is tampered, thereby greatly improving the payment safety of the user.
In summary, the embodiment of the present invention authenticates the user payment identifier sent by the client by using the server, and authenticates the server payment identifier sent by the server by using the client, thereby implementing dual authentication between the client and the server.
Fig. 3 is a schematic block diagram of a secure payment device applied to a server according to a third embodiment of the present invention.
The secure payment apparatus 100 applied to the server side according to the present invention may be installed in an electronic device. According to the realized functions, the secure payment device applied to the server can comprise an identity authentication module 101, a server encryption module 102 and a payment authentication module 103. A module according to the present invention, which may also be referred to as a unit, refers to a series of computer program segments that can be executed by a processor of an electronic device and that can perform a fixed function, and that are stored in a memory of the electronic device.
In the present embodiment, the functions regarding the respective modules/units are as follows:
the identity authentication module 101 is configured to receive a user payment identifier transmitted by a client, and authenticate the user payment identifier.
In a preferred embodiment of the present invention, the client may also be referred to as a mobile payment terminal, and is used for performing payment transactions, including, but not limited to: cell phones, tablets, and PCs, among others. The user payment identifier refers to a user unique identifier encrypted based on a client, and the user unique identifier includes, but is not limited to, a gesture, a fingerprint, a password and the like of a user.
Further, in the embodiment of the present invention, the identity authentication module 101 authenticates the user payment identifier by using a pre-established security credential.
The pre-constructed security credential refers to a data credential for data communication between the client and the server. Preferably, in the present invention, the security credentials include: digital signature, validity time, domain name, etc. In an optional embodiment of the present invention, the security credential is constructed by Secure Sockets Layer (SSL).
In the embodiment of the present invention, the identity authentication module 101 executes the user payment authentication by adopting the following method: and identifying the encrypted plaintext of the client payment identifier based on the security certificate, decrypting the encrypted plaintext in the client payment identifier through a preset decryption algorithm to obtain the unique user identifier, and authenticating the unique user identifier by utilizing prestored identity authentication information. And the preset decryption algorithm corresponds to the encryption algorithm for encrypting the plaintext.
Further, in order to ensure the security of the identity authentication information, in the embodiment of the present invention, the identity authentication information may be stored in a block chain.
Based on the authentication of the user payment identification, the authenticity of the user payment identification in the client can be identified.
The server side encryption module 102 is configured to perform server side encryption on the user payment identifier when the user payment identifier is successfully authenticated, generate a server side payment identifier, and return the server side payment identifier and the randomly generated random keyboard code to the client side.
In the embodiment of the present invention, when the user payment authentication is successful, the server encryption module 102 encrypts the user payment identifier by using the following method:
wherein E (M) represents the payment identifier of the server, m represents the mth plaintext in the payment identifier of the user, t represents the number of the plaintext in the payment identifier of the user, e represents the wireless non-cyclic decimal number, mod represents a plaintext encryption function, and N represents the encryption frequency.
The random keyboard code can be understood as a character code sequence which is randomly disorganized in sequence. In the embodiment of the invention, the random keyboard code is used for generating a virtual payment keyboard when a client performs transaction payment, namely, the character arrangement in the payment keyboard is arranged and set according to the random keyboard code. In the embodiment of the invention, in order to further ensure the safety, the random keyboard code can be provided with safety timeliness.
The payment authentication module 103 is configured to receive a payment code transmitted by a client, acquire payment information of a user according to the payment code and the random keyboard code, and perform payment authentication on the payment information to obtain a payment result.
In at least one embodiment of the present invention, when the payment authentication module 103 responds to the successful verification of the server payment identifier, a virtual payment keyboard is generated according to the random keyboard code, and the user can input payment information through the virtual payment keyboard, generate a payment code, and transmit the payment code to the server. In other embodiments of the present invention, when the client fails to authenticate the payment identifier of the server, a virtual payment keyboard is not generated at the client, and thus the payment code cannot be generated.
In the embodiment of the present invention, in the payment authentication on the payment information, the payment authentication module 103 adopts the following manner: and identifying whether the payment information in the payment code is consistent with payment authentication information stored in a server by a user in advance, if so, determining that the authentication result is successful, and if not, determining that the authentication result is failed. Further, in the embodiment of the present invention, a payment result is identified according to the authentication result, that is, if the authentication result is successful, the payment result is successful, and if the authentication result is failed, the payment result is failed.
Preferably, in order to ensure the security of the payment authentication information, the payment authentication information may also be stored in a blockchain node.
In a preferred embodiment of the present invention, the payment authentication module 103 further includes:
setting the safety aging of the random keyboard code;
and when the receiving time of the payment code is not within the safety time limit, discarding the payment code so as to further ensure the safety of payment.
Fig. 4 is a schematic block diagram of a secure payment device applied to a client according to a fourth embodiment of the present invention.
The secure payment apparatus 200 applied to the client according to the present invention may be installed in an electronic device. According to the implemented functions, the secure payment device applied to the client may include a client encryption module 201, a service authentication module 202, and a generation module 203. A module according to the present invention, which may also be referred to as a unit, refers to a series of computer program segments that can be executed by a processor of an electronic device and that can perform a fixed function, and that are stored in a memory of the electronic device.
In the present embodiment, the functions regarding the respective modules/units are as follows:
the client encryption module 201 is configured to obtain a payment identifier based on a payment request, perform client encryption on the payment identifier, generate a user payment identifier, and transmit the user payment identifier to a server.
In a preferred embodiment of the present invention, the payment request refers to an interactive behavior generated between the user and the system payment platform, for example, the user a sees a watch in the watch mall platform through the mobile phone terminal, and before making a payment, a payment behavior requesting payment is sent out at the mobile phone terminal of the user a, and the payment behavior is the payment request.
Further, in a preferred embodiment of the present invention, the client side encryption module 201 obtains the payment identifier based on the payment request, and executes the following steps:
identifying a payment environment according to the payment request; and receiving a user certificate input by a user in the payment environment to obtain the payment identifier.
The payment environment refers to a transaction environment of a user during payment, and preferably, the payment environment is identified through a preset Linux statement, where the preset Linux statement may be an OpenSSL statement. The user credential refers to a user unique identifier, for example, the user unique identifier may be: a user's gesture, fingerprint, password, etc.
Further, in the preferred embodiment of the present invention, the principle of the client encryption method is the same as that of the server encryption method, and further description thereof is omitted here.
The service authentication module 202 is configured to receive a server payment identifier and a random keyboard code returned by the server, and authenticate the server payment identifier. In a preferred implementation of the present invention, the server payment identifier and the random number refer to an authentication result generated by the server encrypting the user payment identifier successfully authenticated by the server.
Further, in a preferred embodiment of the present invention, the service authentication module 202 authenticates the server payment identifier, that is, decrypts the server payment identifier, and preferably, in an embodiment of the present invention, the service authentication module 202 decrypts an encrypted plaintext in the server payment identifier by using a corresponding decryption algorithm according to an encryption algorithm used when the user payment identifier is encrypted by the server.
In a preferred embodiment of the present invention, the service authentication module 202 may identify the authenticity of the service end corresponding to the client by decrypting the service payment identifier, so as to determine the reliability of the corresponding service end, thereby enhancing the reliability of the payment environment.
Further, in another embodiment of the present invention, the service authentication module 202 further includes: and when the authentication of the server side fails, generating an error state code to prompt the user of error information.
The generating module 203 is configured to generate a payment keyboard according to the random keyboard code when the server-side payment authentication passes, generate a payment code according to payment information input by a user through the payment keyboard, and transmit the payment code to the server-side for payment authentication.
In at least one embodiment of the present invention, when the server-side payment authentication is passed, the generating module 203 generates a payment keyboard according to the random keyboard code, generates a payment code according to payment information input by a user through the payment keyboard, and transmits the payment code to the server-side for payment authentication. The server side payment identifier which fails to be authenticated is popped up in the client side to prompt the user of error information.
In the embodiment of the present invention, the generating module 203 generates the payment keyboard according to the random keyboard code, and executes the following steps: acquiring the arrangement sequence of the characters in the random keyboard code; and constructing a virtual keyboard, and carrying out interface configuration on the virtual keyboard according to the arrangement sequence of the characters to obtain a payment keyboard.
In the embodiment of the invention, the virtual keyboard is compiled through a preset scripting language and is used for supporting the user to input the payment code, and meanwhile, the payment keyboard is generated based on the random keyboard code, so that the payment code input by the user can be guaranteed to have certain timeliness, disorder and safety, and the payment operation can not be carried out even if the payment information of the user is illegally obtained or the payment program code is tampered, thereby greatly improving the payment safety of the user.
In summary, the embodiment of the present invention authenticates the user payment identifier sent by the client by using the server, and authenticates the server payment identifier sent by the server by using the client, thereby implementing dual authentication between the client and the server.
In the embodiment of the present invention, the secure payment method may also be applied to a secure payment system, where the secure payment system includes: client and server. Wherein the client performs the method steps described in the above fig. 1, and the server performs the method steps described in the above fig. 3.
Fig. 5 is a schematic structural diagram of an electronic device of a secure payment method according to a fifth embodiment of the present invention.
In this embodiment of the present invention, the electronic device 1 may be a client or a server. Further, the electronic device 1 may comprise a processor 10, a memory 11 and a bus, and may further comprise a computer program, such as a secure payment program 12, stored in the memory 11 and executable on the processor 10.
The memory 11 includes at least one type of readable storage medium, which includes flash memory, removable hard disk, multimedia card, card-type memory (e.g., SD or DX memory, etc.), magnetic memory, magnetic disk, optical disk, etc. The memory 11 may in some embodiments be an internal storage unit of the electronic device 1, such as a removable hard disk of the electronic device 1. The memory 11 may also be an external storage device of the electronic device 1 in other embodiments, such as a plug-in mobile hard disk, a Smart Media Card (SMC), a Secure Digital (SD) Card, a Flash memory Card (Flash Card), and the like, which are provided on the electronic device 1. Further, the memory 11 may also include both an internal storage unit and an external storage device of the electronic device 1. The memory 11 may be used not only to store application software installed in the electronic device 1 and various types of data, such as a code for secure payment, etc., but also to temporarily store data that has been output or is to be output.
The processor 10 may be composed of an integrated circuit in some embodiments, for example, a single packaged integrated circuit, or may be composed of a plurality of integrated circuits packaged with the same or different functions, including one or more Central Processing Units (CPUs), microprocessors, digital Processing chips, graphics processors, and combinations of various control chips. The processor 10 is a Control Unit (Control Unit) of the electronic device, connects various components of the whole electronic device by using various interfaces and lines, and executes various functions and processes data of the electronic device 1 by running or executing programs or modules (e.g., performing secure payment, etc.) stored in the memory 11 and calling data stored in the memory 11.
The bus may be a Peripheral Component Interconnect (PCI) bus, an Extended Industry Standard Architecture (EISA) bus, or the like. The bus may be divided into an address bus, a data bus, a control bus, etc. The bus is arranged to enable connection communication between the memory 11 and at least one processor 10 or the like.
Fig. 5 only shows an electronic device with components, and it will be understood by a person skilled in the art that the structure shown in fig. 5 does not constitute a limitation of the electronic device 1, and may comprise fewer or more components than shown, or a combination of certain components, or a different arrangement of components.
For example, although not shown, the electronic device 1 may further include a power supply (such as a battery) for supplying power to each component, and preferably, the power supply may be logically connected to the at least one processor 10 through a power management device, so as to implement functions of charge management, discharge management, power consumption management, and the like through the power management device. The power supply may also include any component of one or more dc or ac power sources, recharging devices, power failure detection circuitry, power converters or inverters, power status indicators, and the like. The electronic device 1 may further include various sensors, a bluetooth module, a Wi-Fi module, and the like, which are not described herein again.
Further, the electronic device 1 may further include a network interface, and optionally, the network interface may include a wired interface and/or a wireless interface (such as a WI-FI interface, a bluetooth interface, etc.), which are generally used for establishing a communication connection between the electronic device 1 and other electronic devices.
Optionally, the electronic device 1 may further comprise a user interface, which may be a Display (Display), an input unit (such as a Keyboard), and optionally a standard wired interface, a wireless interface. Alternatively, in some embodiments, the display may be an LED display, a liquid crystal display, a touch-sensitive liquid crystal display, an OLED (Organic Light-Emitting Diode) touch device, or the like. The display, which may also be referred to as a display screen or display unit, is suitable for displaying data processed in the electronic device 1 and for displaying a visualized user interface, among other things.
It is to be understood that the described embodiments are for purposes of illustration only and that the scope of the appended claims is not limited to such structures.
The secure payment 12 stored by the memory 11 in the electronic device 1 is a combination of instructions that, when executed in the processor 10, may implement a secure payment method.
Preferably, when the electronic device 1 is a server, the secure payment method includes:
receiving a user payment identifier transmitted by a client, and authenticating the user payment identifier;
when the user payment identification is successfully authenticated, carrying out server side encryption on the user payment identification to generate a server side payment identification, and returning the server side payment identification and the randomly generated random keyboard code to the client side;
and receiving a payment code transmitted by the client, acquiring payment information of the user according to the payment code and the random keyboard code, and performing payment authentication on the payment information.
Further, when the electronic device 1 is a client, the secure payment method includes:
acquiring a payment identifier based on a payment request, encrypting the payment identifier by a client to generate a user payment identifier, and transmitting the user payment identifier to a server;
receiving a server payment identifier and a random keyboard code returned by the server, and authenticating the server payment identifier;
and when the payment authentication of the server side is passed, generating a payment keyboard according to the random keyboard code, generating a payment code according to payment information input by a user through the payment keyboard, and transmitting the payment code to the server side for payment authentication.
Specifically, the specific implementation method of the processor 10 for the instruction may refer to the description of the relevant steps in the embodiments corresponding to fig. 1 and fig. 2, which is not repeated herein.
Further, the integrated modules/units of the electronic device 1, if implemented in the form of software functional units and sold or used as separate products, may be stored in a non-volatile computer-readable storage medium. The computer-readable medium may include: any entity or device capable of carrying said computer program code, recording medium, U-disk, removable hard disk, magnetic disk, optical disk, computer Memory, Read-Only Memory (ROM).
In the embodiments provided in the present invention, it should be understood that the disclosed apparatus, device and method can be implemented in other ways. For example, the above-described apparatus embodiments are merely illustrative, and for example, the division of the modules is only one logical functional division, and other divisions may be realized in practice.
The modules described as separate parts may or may not be physically separate, and parts displayed as modules may or may not be physical units, may be located in one place, or may be distributed on a plurality of network units. Some or all of the modules may be selected according to actual needs to achieve the purpose of the solution of the present embodiment.
In addition, functional modules in the embodiments of the present invention may be integrated into one processing unit, or each unit may exist alone physically, or two or more units are integrated into one unit. The integrated unit can be realized in a form of hardware, or in a form of hardware plus a software functional module.
It will be evident to those skilled in the art that the invention is not limited to the details of the foregoing illustrative embodiments, and that the present invention may be embodied in other specific forms without departing from the spirit or essential attributes thereof.
The present embodiments are therefore to be considered in all respects as illustrative and not restrictive, the scope of the invention being indicated by the appended claims rather than by the foregoing description, and all changes which come within the meaning and range of equivalency of the claims are therefore intended to be embraced therein. Any reference signs in the claims shall not be construed as limiting the claim concerned.
The block chain is a novel application mode of computer technologies such as distributed data storage, point-to-point transmission, a consensus mechanism, an encryption algorithm and the like. A block chain (Blockchain), which is essentially a decentralized database, is a series of data blocks associated by using a cryptographic method, and each data block contains data of a batch of network transactions, so as to authenticate the validity (anti-counterfeiting) of the data and generate a next block. The blockchain may include a blockchain underlying platform, a platform product service layer, an application service layer, and the like.
Furthermore, it is obvious that the word "comprising" does not exclude other elements or steps, and the singular does not exclude the plural. A plurality of units or means recited in the system claims may also be implemented by one unit or means in software or hardware. The terms second, etc. are used to denote names, but not any particular order.
Finally, it should be noted that the above embodiments are only for illustrating the technical solutions of the present invention and not for limiting, and although the present invention is described in detail with reference to the preferred embodiments, it should be understood by those skilled in the art that modifications or equivalent substitutions may be made on the technical solutions of the present invention without departing from the spirit and scope of the technical solutions of the present invention.
Claims (10)
1. A secure payment method is applied to a server and comprises the following steps:
receiving a user payment identifier transmitted by a client, and authenticating the user payment identifier;
when the user payment identification is successfully authenticated, carrying out server side encryption on the user payment identification to generate a server side payment identification, and returning the server side payment identification and the randomly generated random keyboard code to the client side;
and receiving a payment code transmitted by the client, acquiring payment information of the user according to the payment code and the random keyboard code, and performing payment authentication on the payment information.
2. The secure payment method of claim 1, wherein the receiving the user payment identifier transmitted by the client, authenticating the user payment identifier comprises:
and identifying the encrypted plaintext of the user payment identifier, decrypting the encrypted plaintext in the user payment identifier, and authenticating the user payment identifier which is successfully decrypted according to the pre-stored security certificate.
3. The secure payment method of claim 2, wherein the server-side encrypting the user payment identifier to generate a server-side payment identifier comprises:
and encrypting the user payment identifier by using the following method:
wherein E (M) represents the payment identifier of the server, m represents the mth plaintext in the payment identifier of the user, t represents the number of the plaintext in the payment identifier of the user, e represents the wireless non-cyclic decimal number, mod represents a plaintext encryption function, and N represents the encryption frequency.
4. A secure payment method as recited in claim 1, further comprising:
setting the safety aging of the random keyboard code;
discarding the payment code when the time of receipt of the payment code is not within the security age.
5. A secure payment method is applied to a client side and comprises the following steps:
acquiring a payment identifier based on a payment request, encrypting the payment identifier by a client to generate a user payment identifier, and transmitting the user payment identifier to a server;
receiving a server payment identifier and a random keyboard code returned by the server, and authenticating the server payment identifier;
and when the payment authentication of the server side is passed, generating a payment keyboard according to the random keyboard code, generating a payment code according to payment information input by a user through the payment keyboard, and transmitting the payment code to the server side for payment authentication.
6. A secure payment method as recited in claim 5, wherein the generating a payment keyboard from the random keyboard code comprises:
acquiring the arrangement sequence of the characters in the random keyboard code;
and constructing a virtual keyboard, and carrying out interface configuration on the virtual keyboard according to the arrangement sequence of the characters to obtain a payment keyboard.
7. A secure payment device, wherein the device is installed in a server, comprising:
the identity authentication module is used for receiving the user payment identifier transmitted by the client and authenticating the user payment identifier;
the server side encryption module is used for encrypting the user payment identifier through the server side when the user payment identifier is successfully authenticated to generate a server side payment identifier and returning the server side payment identifier and the randomly generated random keyboard code to the client side;
and the payment authentication module is used for receiving the payment code transmitted by the client, acquiring the payment information of the user according to the payment code and the random keyboard code, and performing payment authentication on the payment information.
8. A secure payment device, the device being installed at a client, comprising:
the client encryption module is used for acquiring a payment identifier based on a payment request, carrying out client encryption on the payment identifier, generating a user payment identifier and transmitting the user payment identifier to a server;
the service authentication module is used for receiving the server payment identifier and the random keyboard code returned by the server and authenticating the server payment identifier;
and the generating module is used for generating a payment keyboard according to the random keyboard code when the payment authentication of the server side passes, generating a payment code according to payment information input by a user through the payment keyboard, and transmitting the payment code to the server side for payment authentication.
9. An electronic device, characterized in that the electronic device comprises:
at least one processor; and the number of the first and second groups,
a memory communicatively coupled to the at least one processor; wherein the content of the first and second substances,
the memory stores instructions executable by the at least one processor to enable the at least one processor to perform a secure payment method as claimed in any one of claims 1 to 6.
10. A computer-readable storage medium, in which a computer program is stored which, when being executed by a processor, carries out a secure payment method according to any one of claims 1 to 6.
Priority Applications (2)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN202011073558.4A CN112150151B (en) | 2020-10-09 | 2020-10-09 | Secure payment method, apparatus, electronic device and storage medium |
| PCT/CN2021/090308 WO2022073336A1 (en) | 2020-10-09 | 2021-04-27 | Secure payment method and apparatus, electronic device, and storage medium |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN202011073558.4A CN112150151B (en) | 2020-10-09 | 2020-10-09 | Secure payment method, apparatus, electronic device and storage medium |
Publications (2)
| Publication Number | Publication Date |
|---|---|
| CN112150151A true CN112150151A (en) | 2020-12-29 |
| CN112150151B CN112150151B (en) | 2023-07-14 |
Family
ID=73952694
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN202011073558.4A Active CN112150151B (en) | 2020-10-09 | 2020-10-09 | Secure payment method, apparatus, electronic device and storage medium |
Country Status (2)
| Country | Link |
|---|---|
| CN (1) | CN112150151B (en) |
| WO (1) | WO2022073336A1 (en) |
Cited By (1)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| WO2022073336A1 (en) * | 2020-10-09 | 2022-04-14 | 平安科技(深圳)有限公司 | Secure payment method and apparatus, electronic device, and storage medium |
Citations (3)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN201207190Y (en) * | 2008-05-22 | 2009-03-11 | 北京飞天诚信科技有限公司 | Apparatus for automatically inputting password |
| CN103020825A (en) * | 2012-12-05 | 2013-04-03 | 福建省派活园科技信息有限公司 | Safety payment authentication method based on software client |
| CN111611976A (en) * | 2020-06-04 | 2020-09-01 | 支付宝(杭州)信息技术有限公司 | Payment method and device based on face recognition |
Family Cites Families (4)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| US9842335B2 (en) * | 2012-03-23 | 2017-12-12 | The Toronto-Dominion Bank | System and method for authenticating a payment terminal |
| CN106920091A (en) * | 2015-12-25 | 2017-07-04 | 北京数码视讯科技股份有限公司 | A kind of method of payment and SOS |
| CN107465701B (en) * | 2017-10-04 | 2021-06-15 | 深圳市杰科创想科技有限公司 | Method and device for inputting password into interface at dynamic position |
| CN112150151B (en) * | 2020-10-09 | 2023-07-14 | 平安科技(深圳)有限公司 | Secure payment method, apparatus, electronic device and storage medium |
-
2020
- 2020-10-09 CN CN202011073558.4A patent/CN112150151B/en active Active
-
2021
- 2021-04-27 WO PCT/CN2021/090308 patent/WO2022073336A1/en active Application Filing
Patent Citations (3)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN201207190Y (en) * | 2008-05-22 | 2009-03-11 | 北京飞天诚信科技有限公司 | Apparatus for automatically inputting password |
| CN103020825A (en) * | 2012-12-05 | 2013-04-03 | 福建省派活园科技信息有限公司 | Safety payment authentication method based on software client |
| CN111611976A (en) * | 2020-06-04 | 2020-09-01 | 支付宝(杭州)信息技术有限公司 | Payment method and device based on face recognition |
Cited By (1)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| WO2022073336A1 (en) * | 2020-10-09 | 2022-04-14 | 平安科技(深圳)有限公司 | Secure payment method and apparatus, electronic device, and storage medium |
Also Published As
| Publication number | Publication date |
|---|---|
| WO2022073336A1 (en) | 2022-04-14 |
| CN112150151B (en) | 2023-07-14 |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| CN108900464B (en) | Electronic device, block chain-based data processing method, and computer storage medium | |
| US7934096B2 (en) | Integrity protected smart card transaction | |
| CN110677376B (en) | Authentication method, related device and system and computer readable storage medium | |
| CN112671720B (en) | Token construction method, device and equipment for cloud platform resource access control | |
| US20140172741A1 (en) | Method and system for security information interaction based on internet | |
| CN113055380B (en) | Message processing method and device, electronic equipment and medium | |
| CN112104627B (en) | Block chain-based data transmission method and device, electronic equipment and storage medium | |
| CN111695097A (en) | Login checking method and device and computer readable storage medium | |
| CN112165382A (en) | Software authorization method and device, authorization server and terminal equipment | |
| CN114760114B (en) | Identity authentication method, device, equipment and medium | |
| CN112257086A (en) | User privacy data protection method and electronic equipment | |
| CN114726630B (en) | License-based information security authorization method and device, electronic equipment and medium | |
| JP2018117185A (en) | Information processing apparatus, information processing method | |
| CN114499859A (en) | Password verification method, device, equipment and storage medium | |
| CN113709115B (en) | Authentication method and device | |
| CN111241492A (en) | Product multi-tenant secure credit granting method, system and electronic equipment | |
| CN112862484A (en) | Secure payment method and device based on multi-terminal interaction | |
| CN113221154A (en) | Service password obtaining method and device, electronic equipment and storage medium | |
| CN111934882B (en) | Identity authentication method and device based on block chain, electronic equipment and storage medium | |
| CN112150151B (en) | Secure payment method, apparatus, electronic device and storage medium | |
| CN114826725B (en) | Data interaction method, device, equipment and storage medium | |
| CN115482132A (en) | Data processing method and device for electronic contract based on block chain and server | |
| CN112417400A (en) | Safety optimization method and device based on multi-cluster system, electronic equipment and medium | |
| CN114172923A (en) | Data transmission method, communication system and communication device | |
| CN114826570A (en) | Certificate acquisition method, device, equipment and storage medium |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| PB01 | Publication | ||
| PB01 | Publication | ||
| SE01 | Entry into force of request for substantive examination | ||
| SE01 | Entry into force of request for substantive examination | ||
| GR01 | Patent grant | ||
| GR01 | Patent grant |