CN112488686A - Secure payment method, system, electronic equipment and readable storage medium - Google Patents
Secure payment method, system, electronic equipment and readable storage medium Download PDFInfo
- Publication number
- CN112488686A CN112488686A CN202011304035.6A CN202011304035A CN112488686A CN 112488686 A CN112488686 A CN 112488686A CN 202011304035 A CN202011304035 A CN 202011304035A CN 112488686 A CN112488686 A CN 112488686A
- Authority
- CN
- China
- Prior art keywords
- apk
- payment
- party
- management platform
- program
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Pending
Links
- 238000000034 method Methods 0.000 title claims abstract description 67
- 238000013475 authorization Methods 0.000 claims description 65
- 238000012545 processing Methods 0.000 claims description 37
- 238000012795 verification Methods 0.000 claims description 19
- 230000008569 process Effects 0.000 claims description 12
- 238000004590 computer program Methods 0.000 claims description 10
- 238000007726 management method Methods 0.000 description 62
- 230000006870 function Effects 0.000 description 10
- 230000009286 beneficial effect Effects 0.000 description 9
- 238000011161 development Methods 0.000 description 6
- 230000007246 mechanism Effects 0.000 description 5
- 238000004891 communication Methods 0.000 description 4
- 238000010586 diagram Methods 0.000 description 4
- 230000003287 optical effect Effects 0.000 description 4
- 229920001621 AMOLED Polymers 0.000 description 3
- 230000005540 biological transmission Effects 0.000 description 3
- 230000008878 coupling Effects 0.000 description 3
- 238000010168 coupling process Methods 0.000 description 3
- 238000005859 coupling reaction Methods 0.000 description 3
- 238000012546 transfer Methods 0.000 description 3
- 238000005034 decoration Methods 0.000 description 2
- 230000002093 peripheral effect Effects 0.000 description 2
- 230000003068 static effect Effects 0.000 description 2
- 238000006467 substitution reaction Methods 0.000 description 2
- 238000013528 artificial neural network Methods 0.000 description 1
- 239000000470 constituent Substances 0.000 description 1
- 238000013500 data storage Methods 0.000 description 1
- 238000005516 engineering process Methods 0.000 description 1
- 230000014509 gene expression Effects 0.000 description 1
- 238000009434 installation Methods 0.000 description 1
- 239000004973 liquid crystal related substance Substances 0.000 description 1
- 238000012986 modification Methods 0.000 description 1
- 230000004048 modification Effects 0.000 description 1
- 230000001537 neural effect Effects 0.000 description 1
- 238000011022 operating instruction Methods 0.000 description 1
- 239000002096 quantum dot Substances 0.000 description 1
- 230000002787 reinforcement Effects 0.000 description 1
- 238000004088 simulation Methods 0.000 description 1
Images
Classifications
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06Q—INFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES, NOT OTHERWISE PROVIDED FOR
- G06Q20/00—Payment architectures, schemes or protocols
- G06Q20/08—Payment architectures
- G06Q20/085—Payment architectures involving remote charge determination or related payment systems
- G06Q20/0855—Payment architectures involving remote charge determination or related payment systems involving a third party
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06Q—INFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES, NOT OTHERWISE PROVIDED FOR
- G06Q20/00—Payment architectures, schemes or protocols
- G06Q20/38—Payment protocols; Details thereof
- G06Q20/382—Payment protocols; Details thereof insuring higher security of transaction
- G06Q20/3821—Electronic credentials
- G06Q20/38215—Use of certificates or encrypted proofs of transaction rights
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06Q—INFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES, NOT OTHERWISE PROVIDED FOR
- G06Q20/00—Payment architectures, schemes or protocols
- G06Q20/38—Payment protocols; Details thereof
- G06Q20/382—Payment protocols; Details thereof insuring higher security of transaction
- G06Q20/3823—Payment protocols; Details thereof insuring higher security of transaction combining multiple encryption tools for a transaction
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06Q—INFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES, NOT OTHERWISE PROVIDED FOR
- G06Q20/00—Payment architectures, schemes or protocols
- G06Q20/38—Payment protocols; Details thereof
- G06Q20/382—Payment protocols; Details thereof insuring higher security of transaction
- G06Q20/3825—Use of electronic signatures
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06Q—INFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES, NOT OTHERWISE PROVIDED FOR
- G06Q20/00—Payment architectures, schemes or protocols
- G06Q20/38—Payment protocols; Details thereof
- G06Q20/40—Authorisation, e.g. identification of payer or payee, verification of customer or shop credentials; Review and approval of payers, e.g. check credit lines or negative lists
- G06Q20/401—Transaction verification
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/04—Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks
- H04L63/0428—Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks wherein the data content is protected, e.g. by encrypting or encapsulating the payload
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/08—Network architectures or network communication protocols for network security for authentication of entities
- H04L63/0876—Network architectures or network communication protocols for network security for authentication of entities based on the identity of the terminal or configuration, e.g. MAC address, hardware or software configuration or device fingerprint
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L9/00—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
- H04L9/06—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols the encryption apparatus using shift registers or memories for block-wise or stream coding, e.g. DES systems or RC4; Hash functions; Pseudorandom sequence generators
- H04L9/0643—Hash functions, e.g. MD5, SHA, HMAC or f9 MAC
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L9/00—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
- H04L9/08—Key distribution or management, e.g. generation, sharing or updating, of cryptographic keys or passwords
- H04L9/0861—Generation of secret information including derivation or calculation of cryptographic keys or passwords
Abstract
The invention relates to the technical field of computers, in particular to a secure payment method, a secure payment system, electronic equipment and a computer-readable storage medium. The method comprises the following steps: when the third party APK receives a user request to call the payment APK, the payment APK judges whether the third party APK program is a legal program authorized and authenticated by the security management platform; if so, the intelligent terminal executes the calling request to call the payment APK; and the payment APK completes payment according to the payment request sent by the third party APK. The safety payment scheme provided by the application improves the safety of calling the payment application by the APK of the third party.
Description
Technical Field
The invention relates to the technical field of computers, in particular to a secure payment method, a secure payment system, electronic equipment and a readable storage medium.
Background
The intelligent terminal is a multifunctional terminal, is installed in special commercial tenants of credit cards and accepting network points to form a network with a computer, can realize automatic electronic fund transfer, and has the functions of supporting consumption, pre-authorization, balance inquiry, transfer and the like. The intelligent POS uses android as an operating system and uses 4G, network cable and WIFI as main communication modes to provide rich functions such as bank card payment, code scanning payment, O2O application, member management and the like for merchants. Compared with the traditional POS terminal, the intelligent POS terminal is developed in the technical aspect following the era, and can provide stronger technical foundation, including the operation and processing capacity, the storage capacity, the communication capacity, the peripheral equipment and the multimedia capacity of a terminal system, and the technical foundation is laid for various abundant service scenes. In order to facilitate payment landing on a specific service payment scene, third-party applications often need to call a bank system interface to complete payment after the safe payment of a bank system, the current schemes for safe payment and bank system call are that the bank interface is started to call after the safe payment of a third-party application program package is verified, namely, the bank system can be called as long as the file name of the third-party application program package has a signature of the safe payment of the bank system or meets the specific requirement of a bank, but the scheme has certain safety loopholes, and the risk of confusing or cheating the safe payment of the bank by modifying or tampering the file name of the program package exists in practice.
Disclosure of Invention
The present application aims to solve at least one of the above technical drawbacks. The technical scheme adopted by the application is as follows:
in a first aspect, an embodiment of the present application discloses a secure payment method, where the method is applied to a secure payment system, the system includes an intelligent terminal and a secure management platform of a payment APK, where the intelligent terminal further includes a third party APK and a payment APK, and the method includes:
when the third party APK receives a user request to call the payment APK, the payment APK judges whether the third party APK program is a legal program authorized and authenticated by the security management platform;
if so, the intelligent terminal executes the calling request to call the payment APK;
and the payment APK completes payment according to the payment request sent by the third party APK.
Further, the determining, by the payment APK, whether the third-party APK program is a legal program for authorization and authentication includes: judging whether the third party APK comprises a target module or not; wherein the target module comprises a core program file of a third party APK with the payment APK security management platform authorization identification.
Further, the target module having the authorization identifier of the payment APK security management platform further includes: and encrypting the generated third party APK core program file according to the preset encryption rule of the payment APK security management platform.
Further, the generating of the target template processed according to the preset encryption rule includes: the safety management platform carries out MD5 algorithm processing on the core program file of the third party APK; the security management platform utilizes the first key to encrypt third party APK signature and random encryption factor by MD5 algorithm; wherein the first key is generated by a security management platform; and forming a target module by the processed core program file and the third party APK signature, and compressing the target module into the third APK directory.
Further, the determining that the third party APK program is a legitimate program authorized and authenticated by the security management platform includes:
reading and decrypting the target module by the third party APK through an interface in an SDK file in a program package of the third party APK to obtain an MD5 value of the core program file and an MD5 value signed by the third party APK;
the intelligent terminal calculates the MD5 value of the core program file and the MD5 value of the APK signature of the third party;
and when the MD5 value of the core program file obtained by decryption and the MD5 value signed by the third party APK are respectively the same as the calculated values, determining that the third party APK is a legal program authorized to be authenticated.
Further, the generating of the SDK file further includes: when the security management platform identifies a target module of a third party APK, integrating the SDK file into a third party APK program file; the SDK file is used for providing a calling interface for the third party APK.
Further, before the executing the invocation request invokes a payment APK, the method further includes:
the third party APK reads and decrypts the target module through an interface in an SDK file in a program package of the third party APK to obtain a random encryption factor of the security management platform;
the third party APK generates a character string by using the random encryption factor of the security management platform, the encryption factor generated by the third party APK and the current timestamp;
the third party APK generates an authorization code for the character string according to a preset processing rule and sends the authorization code to the payment APK for verification; the preset processing rule comprises the following steps: the APK of a third party encrypts the generated character string by using a 3DES algorithm and then transcodes the character string by using base64 to generate an authorization code;
and when the payment APK successfully verifies the authorization code, the intelligent terminal executes a calling request to call the payment APK.
Further, the process of checking the authorization code by the payment APK includes: and when the payment APK receives a calling request sent by a third party APK through an interface in the SDK file of the third party APK, the payment APK reversely processes the authorization code through the interface according to a preset processing rule, and if the processing is successful, the verification is passed.
On the other hand, the embodiment of the present application provides a secure payment system, the system includes a secure management platform of an intelligent terminal and a payment APK, the intelligent terminal further includes a third party APK and a payment APK, wherein:
when the third party APK receives a user request to call the payment APK, the payment APK judges whether the third party APK program is a legal program authorized and authenticated by the security management platform;
if so, the intelligent terminal executes the calling request to call the payment APK;
and the payment APK completes payment according to the payment request sent by the third party APK.
Further, the determining, by the payment APK, whether the third-party APK program is a legal program for authorization and authentication includes: judging whether the third party APK comprises a target module or not; wherein the target module comprises a core program file of a third party APK with the payment APK security management platform authorization identifier; the target module with the authorization identifier further comprises a third party APK core program file generated by encrypting according to a preset encryption rule of the payment APK security management platform.
Further, the generating of the target template processed according to the preset encryption rule includes:
the safety management platform carries out MD5 algorithm processing on the core program file of the third party APK;
the security management platform utilizes the first key to encrypt third party APK signature and random encryption factor by MD5 algorithm; wherein the first key is generated by a security management platform;
and forming a target module by the processed core program file and the third party APK signature, and compressing the target module into the third APK directory.
Further, the determining that the third party APK program is a legitimate program authorized and authenticated by the security management platform includes:
reading and decrypting the target module by the third party APK through an interface in an SDK file in a program package of the third party APK to obtain an MD5 value of the core program file and an MD5 value signed by the third party APK;
the intelligent terminal calculates the MD5 value of the core program file and the MD5 value of the APK signature of the third party;
and when the MD5 value of the core program file obtained by decryption and the MD5 value signed by the third party APK are respectively the same as the calculated values, determining that the third party APK is a legal program authorized to be authenticated.
Further, before the executing the invocation request invokes the payment APK, the system further includes:
the third party APK reads and decrypts the target module through an interface in an SDK file in a program package of the third party APK to obtain a random encryption factor of the security management platform;
the third party APK generates a character string by using the random encryption factor of the security management platform, the encryption factor generated by the third party APK and the current timestamp;
the third party APK generates an authorization code for the character string according to a preset processing rule and sends the authorization code to the payment APK for verification; wherein, presetting the processing rule includes: the APK of a third party encrypts the generated character string by using a 3DES algorithm and then transcodes the character string by using base64 to generate an authorization code;
when the payment APK successfully verifies the authorization code, the intelligent terminal executes a calling request to call the payment APK;
in a third aspect, an embodiment of the present application provides an electronic device, including a processor and a memory;
the memory is used for storing operation instructions;
the processor is configured to execute the method in any of the embodiments by calling the operation instruction.
In a fourth aspect, the present application provides a computer-readable storage medium, on which a computer program is stored, and when the computer program is executed by a processor, the computer program implements the method of any one of the above embodiments.
The secure payment scheme provided by the embodiment of the application achieves the purpose of having the authorization identifier of the security management platform by processing the core file part in the application according to the rules of the security management platform in the development process of the application authorized and authenticated by the management mechanism of the payment application, so that the authorization verification of the core file in the third-party application is realized in the authorization verification process of the third-party application, rather than the authorization verification of the package name of the third-party application only in the prior art. The technical scheme provided by the embodiment of the application has the beneficial effects that at least one of the following is included:
(1) the method has the advantages that the specific application program file is authorized, the legality of the application program is verified firstly during use, the payment application can be called only through the authorization verification of the server (or the management enterprise of the payment application) of the payment application, and compared with the prior art that only the authorization of the package name is verified, the calling of the unauthorized program of the repackaged or tampered application name to a payment system is avoided.
(2) By adopting multiple encryption algorithm encryption and a JNI mechanism, the difficulty of decompilation is greatly increased, and the difficulty of deciphering is improved by separately storing the secret keys.
(3) The authorization code is generated by mixing data provided by the payment application server, local data and a time stamp, randomly changes, returns through encrypted transmission, is difficult to imitate, and improves the safety of transaction.
Drawings
In order to more clearly illustrate the technical solutions in the embodiments of the present application, the drawings used in the description of the embodiments of the present application will be briefly described below.
Fig. 1 is a schematic flowchart of a secure payment method according to an embodiment of the present application;
fig. 2 is a schematic structural diagram of a secure payment system provided in an embodiment of the present application;
fig. 3 is a schematic structural diagram of an electronic device according to an embodiment of the present application.
Detailed Description
Reference will now be made in detail to embodiments of the present application, examples of which are illustrated in the accompanying drawings, wherein like or similar reference numerals refer to the same or similar elements or elements having the same or similar function throughout. The embodiments described below with reference to the drawings are exemplary only for the purpose of explaining the present application and are not to be construed as limiting the present invention.
It will be understood by those skilled in the art that, unless otherwise specified, the singular forms "a", "an", "the" and "the" may include the plural forms, and the plural forms "a", "an", "a", and "the" are merely intended to illustrate the object definition for clarity and do not limit the object itself, and certainly, the object definition for "a" and "an" may be the same terminal, device, user, etc., and may also be the same terminal, device, user, etc. It will be further understood that the terms "comprises" and/or "comprising," when used in this specification, specify the presence of stated features, integers, steps, operations, elements, and/or components, but do not preclude the presence or addition of one or more other features, integers, steps, operations, elements, components, and/or groups thereof. As used herein, the term "and/or" includes all or any element and all combinations of one or more of the associated listed items.
In addition, it is to be understood that "at least one" in the embodiments of the present application means one or more, "a plurality" means two or more. "and/or" describes the association relationship of the associated objects, meaning that there may be three relationships, e.g., a and/or B, which may mean: a alone, both A and B, and B alone, where A, B may be singular or plural. The character "/" generally indicates that the former and latter associated objects are in an "or" relationship. "at least one of the following" or similar expressions refer to any combination of these items, including any combination of the singular or plural items. For example, at least one (one) of a, b, or c, may represent: a, b, c, a and b, a and c, b and c, or a, b and c, wherein a, b and c can be single or multiple.
To make the objects, technical solutions and advantages of the present application more clear, embodiments of the present application will be described in further detail below with reference to the accompanying drawings.
The following describes the technical solutions of the present application and how to solve the above technical problems with specific embodiments. The following several specific embodiments may be combined with each other, and details of the same or similar concepts or processes may not be repeated in some embodiments. Embodiments of the present application will be described below with reference to the accompanying drawings.
The present secure payment scheme in the prior art has a problem of poor flexibility as described in the background art, and based on this, the following embodiments of the present invention provide a secure payment method to solve at least one of the above-mentioned drawbacks.
To more clearly describe the technical solutions of the present application, some concepts, terms or systems that the following embodiments may relate to are described below to help understand the secure payment solution disclosed in the present application:
the 3DES (or called Triple DES) is a generic term for Triple Data Encryption Algorithm (TDEA) block cipher. It is equivalent to applying the DES encryption algorithm three times per block.
The RSA public key cryptosystem is a cryptosystem that uses different encryption and decryption keys, and it is computationally infeasible to derive a decryption key from a known encryption key. The principle of the RSA public key cryptosystem is as follows: according to number theory, it is relatively simple to find two large prime numbers, and factoring their product is extremely difficult, so the product can be disclosed as an encryption key.
MD5 Message Digest Algorithm (MD5 Message-Digest Algorithm), a widely used cryptographic hash function, may generate a 128-bit (16-byte) hash value (hash value) to ensure the integrity of the Message transmission. The principle of the MD5 algorithm can be briefly described as: the MD5 code processes incoming information in 512-bit packets, each of which is divided into 16 32-bit sub-packets, and after a series of processing, the output of the algorithm consists of four 32-bit packets, which are concatenated to produce a 128-bit hash value.
APK, package on android device, installation file.
And (3) SDK: the software development kit needs to be integrated in the development process of the industrial application apk and finally packaged into the apk, and the SDK provides a series of API interfaces for a developer to call.
APK signature: in the android mechanism, when an application is issued, a certificate is required to be used to sign the whole application, and the certificate is used as an identity of the application.
Fig. 1 shows a schematic flow diagram of a secure payment provided in an embodiment of the present application, where the method is applied to a secure payment system, the system includes an intelligent terminal and a secure management platform (security management platform for short) of a payment APK, where the intelligent terminal further includes a third party APK and a payment APK, and as shown in fig. 1, the method mainly includes:
s101, when a third party APK receives a user request to call a payment APK, the payment APK judges whether a third party APK program is a legal program authorized and authenticated by a security management platform;
s102, if yes, the intelligent terminal executes the calling request to call the payment APK;
s103, the payment APK completes payment according to the payment request sent by the third party APK.
In a further embodiment, the determining, by the payment APK, whether the third party APK program is a legitimate program for authorization authentication includes: judging whether the third party APK comprises a target module or not; the target module comprises a core program file of the third party APK with the payment APK security management platform authorization identifier, namely the target module generated by encrypting the core program file of the third party APK according to the preset encryption rule of the payment APK security management platform, so that the function of carrying out legal program authorization authentication identifier on the third party APK is achieved.
In a further embodiment, the generating of the target template processed according to the preset encryption rule includes:
step 1, the security management platform carries out MD5 algorithm processing on the core program file of the third party APK; the security management platform utilizes the first key to encrypt third party APK signature and random encryption factor by MD5 algorithm; wherein the first key is generated by a security management platform;
and 2, forming a target module by the processed core program file and the third party APK signature and compressing the target module into the third APK directory.
In a specific embodiment, if a third-party application development company has a need for calling a payment application, for example, a shopping APK has a need for calling a mobile banking application, the third-party application development company may first perform authorization verification of a call service of a payment application management mechanism on line, and after the verification is passed, a developer submits the developed third-party APK to a security management platform, and the security management platform calculates MD5 (MD5 of the whole APK and only MD5 of the core program file) of the APK core program file (or called a core structure), reads MD5 (hereinafter referred to as signature MD5) of the APK signature, and combines a string of encryption factors into a character string, encrypts the character string through a private key (first key), and then places the character string into a first file and compresses the first file in a file name directory of the security management platform in the third-party APK file.
In a further embodiment, the determining that the third party APK program is a legitimate program authorized and authenticated by the security management platform includes:
step 1, the third party APK reads and decrypts (according to a second key, i.e. a public key corresponding to a private key of a security management platform) the target module through an interface in the SDK file in the program package of the third party APK, and obtains an MD5 value of the core program file and an MD5 value signed by the third party APK, and the generation of the SDK file further includes: when the security management platform identifies a target module of a third party APK, integrating the SDK file into a third party APK program file; the SDK file is used for providing a calling interface for the third party APK.
Step 2, the intelligent terminal calculates the MD5 value of the core program file and the MD5 value of the APK signature of the third party;
and 3, when the MD5 value of the decrypted core program file and the MD5 value of the third party APK signature are respectively the same as the calculated values, determining that the third party APK is a legal program authorized and authenticated.
In an optional embodiment, in the process that a developer uploads or submits an APK development file of a third party to a security management platform for authorization, authentication and marking, the security management platform integrates an SDK file of the platform in the application to provide a call interface for a request related to payment for the APK of the third party, in the application, encryption and decryption algorithms (RSA, 3DES, MD5, base64 and the like) in the SDK are all implemented by C + +, and are compiled into a so dynamic library form, after reinforcement, jni technology is integrated into SDK, and an interface is provided to the outside through a java interface.
The security management platform generates an RSA public and private key pair, and the private key is used for encrypting and reserving APK signatures and the like by the platform; the public key is reserved by security SDK to be compiled into the so dynamic library using c + +, and is used for decrypting the third party APK core structure by the SDK.
In a further embodiment, before the executing the invocation request invokes a payment APK, the method further comprises:
step 1, a third party APK reads and decrypts the target module through an interface in an SDK file in a program package of the third party APK to obtain a random encryption factor of a security management platform;
step 1, a third party APK generates a character string from a random encryption factor of a security management platform, an encryption factor generated by the third party APK and a current timestamp;
step 3, the third party APK generates an authorization code for the character string according to a preset processing rule, and sends the authorization code to the payment APK for verification; the preset processing rule comprises the following steps: the APK of a third party encrypts the generated character string by using a 3DES algorithm and then transcodes the character string by using base64 to generate an authorization code;
and 4, when the payment APK receives a call request sent by a third party APK through an interface in the SDK file of the third party APK, the payment APK carries out reverse processing on the authorization code through the interface according to a preset processing rule, and if the processing is successful, the verification is passed.
And 5, after the payment APK successfully verifies the authorization code, the intelligent terminal executes a calling request to call the payment APK.
Based on the secure payment method shown in fig. 1, another aspect of the present application provides a secure payment system, as shown in fig. 2, the system may include: the system comprises a 201 intelligent terminal and a 202 payment APK security management platform, wherein the 201 intelligent terminal further comprises 2011 third-party APK and 2012 payment APK, and the 201 intelligent terminal further comprises:
2011 when receiving a user request to call 2012 a payment APK, the 2012 payment APK determines 2011 whether the third party APK program is a legal program authorized and authenticated by the 202 security management platform;
if yes, 201 the intelligent terminal executes the call request to call 2012 a payment APK;
and the 2012 payment APK completes payment according to the payment request sent by the 2011 third party APK.
In a further embodiment, the 2012 determining that the 2011 third party APK program is a legitimate program for authorization and authentication includes: judging whether the 2011 third party APK comprises a target module; wherein the target module comprises a core program file of a 2011 third party APK having the 2012 payment APK202 security management platform authorization token; the target module with the authorization identifier further comprises 2011 third party APK kernel files generated by encrypting according to preset encryption rules of the 202 security management platform.
In a further embodiment, the generating of the target template processed according to the preset encryption rule includes:
the 202 safety management platform carries out MD5 algorithm processing on the core program file of the 2011 third party APK;
the 202 security management platform utilizes a first key to encrypt 2011 third party APK signature and a random encryption factor by an MD5 algorithm; wherein the first key is generated by 202 a security management platform;
and forming a target module by the processed core program file and the 2011 third party APK signature, and compressing the target module into the third APK directory.
In a further embodiment, the determining that the 2011 third-party APK program is a legitimate program for 202 security management platform authorization and authentication includes:
2011 the third party APK reads and decrypts the target module through an interface in the SDK file in its package, to obtain the MD5 value of the core program file and the MD5 value signed by the third party APK;
201, the intelligent terminal calculates the MD5 value of the core program file and the MD5 value of the APK signature of a third party;
and when the MD5 value of the core program file obtained by decryption and the MD5 value signed by the third party APK are respectively the same as the calculated values, determining that the third party APK is a legal program authorized and authenticated.
In a further embodiment, before the executing the invocation request to invoke 2012 the payment APK, the system further includes:
2011 the third party APK reads and decrypts the target module through an interface in the SDK file in its package, to obtain 202 a random encryption factor of the security management platform;
2011 the third party APK generates a string from the random encryption factor of the 202 security management platform, the encryption factor generated by the 2011 third party APK and the current timestamp;
2011 the third party APK generates an authorization code for the character string according to a preset processing rule, and sends the authorization code to the 2012 payment APK for verification; wherein, presetting the processing rule includes: 2011 the third party APK encrypts the generated character string by using a 3DES algorithm, and then transcodes the character string by using base64 to generate an authorization code;
after the 2012 payment APK successfully verifies the authorization code, the 201 intelligent terminal executes a call request to call the 2012 payment APK;
it is understood that the above-mentioned constituent devices of the secure payment system in the present embodiment have functions of implementing the respective steps of the method in the embodiment shown in fig. 1. The function can be realized by hardware, and can also be realized by executing corresponding software by hardware. The hardware or software includes one or more modules or systems corresponding to the above-described functions. The modules and systems can be software and/or hardware, and the modules and systems can be realized independently or integrated by a plurality of modules and systems. For the functional description of each module and system, reference may be specifically made to the corresponding description of the method in the embodiment shown in fig. 1, and therefore, the beneficial effects that can be achieved by the method may refer to the beneficial effects in the corresponding method provided above, which are not described again here.
It is to be understood that the illustrated structure of the embodiments of the present invention does not constitute a specific limitation to the specific structure of the secure payment system. In other embodiments of the present application, the secure payment system may include more or fewer components than shown, or some components may be combined, some components may be split, or a different arrangement of components. The illustrated components may be implemented in hardware, software, or a combination of software and hardware.
The embodiment of the application provides an electronic device, which comprises a processor and a memory;
a memory for storing operating instructions;
and the processor is used for executing the secure payment method provided by any embodiment of the application by calling the operation instruction.
As an example, fig. 3 shows a schematic structural diagram of an electronic device to which the embodiment of the present application is applied, and as shown in fig. 3, the electronic device 300 includes: a processor 301 and a memory 303. Wherein processor 301 is coupled to memory 303, such as via bus 302. Optionally, the electronic device 300 may further include a transceiver 304. It should be noted that the practical application of the transceiver 304 is not limited to one. It is to be understood that the illustrated structure of the embodiment of the present invention does not constitute a specific limitation to the specific structure of the electronic device 300. In other embodiments of the present application, electronic device 300 may include more or fewer components than shown, or some components may be combined, some components may be split, or a different arrangement of components. The illustrated components may be implemented in hardware, software, or a combination of software and hardware. Optionally, the electronic device may further include a display screen 305 for displaying images or receiving operation instructions of a user as needed.
The processor 301 is applied to the embodiment of the present application, and is configured to implement the method shown in the foregoing method embodiment. The transceiver 304 may include a receiver and a transmitter, and the transceiver 304 is applied in the embodiment of the present application and is used for implementing the function of the electronic device of the embodiment of the present application to communicate with other devices when executed.
The Processor 301 may be a CPU (Central Processing Unit), a general-purpose Processor, a DSP (Digital Signal Processor), an ASIC (application Specific Integrated Circuit), an FPGA (Field Programmable Gate Array) or other Programmable logic device, a transistor logic device, a hardware component, or any combination thereof. Which may implement or perform the various illustrative logical blocks, modules, and circuits described in connection with the disclosure. The processor 301 may also be a combination of computing functions, e.g., comprising one or more microprocessors, a combination of a DSP and a microprocessor, or the like.
The processor 301 may operate the secure payment method provided in the embodiment of the present application, so as to reduce the operation complexity of the user, improve the intelligent degree of the terminal device, and improve the user experience. The processor 301 may include different devices, for example, when the CPU and the GPU are integrated, the CPU and the GPU may cooperate to execute the secure payment method provided in the embodiment of the present application, for example, part of the algorithm in the secure payment method is executed by the CPU, and another part of the algorithm is executed by the GPU, so as to obtain faster processing efficiency.
The Memory 303 may be a ROM (Read Only Memory) or other type of static storage device that can store static information and instructions, a RAM (Random Access Memory) or other type of dynamic storage device that can store information and instructions, an EEPROM (Electrically Erasable Programmable Read Only Memory), a CD-ROM (Compact disk), a high speed Random Access Memory, a non-volatile Memory such as at least one magnetic disk storage device, a flash Memory device, a universal flash Memory (UFS), or other optical disk storage, optical disk storage (including Compact disk, laser disk, optical disk, digital versatile disk, blu-ray disk, etc.), a magnetic disk storage medium or other magnetic storage device, a magnetic disk storage medium, or other magnetic storage device, Or any other medium which can be used to carry or store desired program code in the form of instructions or data structures and which can be accessed by a computer, but is not limited to such.
Optionally, the memory 303 is used for storing application program codes for executing the scheme of the present application, and is controlled by the processor 301 to execute. The processor 301 is configured to execute application program code stored in the memory 303 to implement the secure payment method provided in any embodiment of the present application.
The memory 303 may be used to store computer-executable program code, which includes instructions. The processor 301 executes various functional applications of the electronic device 300 and data processing by executing instructions stored in the memory 303. The memory 303 may include a program storage area and a data storage area. Wherein, the storage program area can store the codes of the operating system and the application program, etc. The storage data area may store data created during use of the electronic device 300 (e.g., images, video, etc. captured by a camera application), and the like.
The memory 303 may further store one or more computer programs corresponding to the secure payment method provided in the embodiment of the present application. The one or more computer programs stored in the memory 303 and configured to be executed by the one or more processors 301 include instructions that may be used to perform the various steps in the respective embodiments described above.
Of course, the code of the secure payment method provided by the embodiment of the present application may also be stored in the external memory. In this case, the processor 301 may execute the code of the secure payment method stored in the external memory through the external memory interface, and the processor 301 may control the execution of the secure payment procedure.
The display screen 305 includes a display panel. The display panel may be a Liquid Crystal Display (LCD), an organic light-emitting diode (OLED), an active-matrix organic light-emitting diode (active-matrix organic light-emitting diode, AMOLED), a flexible light-emitting diode (FLED), a miniature, a Micro-oeld, a quantum dot light-emitting diode (QLED), or the like. In some embodiments, the electronic device 300 may include 1 or N display screens 305, N being a positive integer greater than 1. The display screen 305 may be used to display information input by or provided to the user as well as various Graphical User Interfaces (GUIs). For example, the display screen 305 may display a photograph, video, web page, or file, etc.
The electronic device provided by the embodiment of the present application is applicable to any embodiment of the above method, and therefore, the beneficial effects that can be achieved by the electronic device can refer to the beneficial effects in the corresponding method provided above, and are not described again here.
The embodiment of the application provides a computer readable storage medium, which stores a computer program, and the program is executed by a processor to realize the secure payment method shown in the above method embodiment.
The computer-readable storage medium provided in the embodiments of the present application is applicable to any embodiment of the foregoing method, and therefore, the beneficial effects that can be achieved by the computer-readable storage medium can refer to the beneficial effects in the corresponding method provided above, and are not described herein again.
The embodiment of the present application further provides a computer program product, which when running on a computer, causes the computer to execute the above related steps to implement the method in the above embodiment. The computer program product provided in the embodiments of the present application is applicable to any of the embodiments of the method described above, and therefore, the beneficial effects that can be achieved by the computer program product can refer to the beneficial effects in the corresponding method provided above, and are not described herein again.
The safe payment scheme provided by the embodiment of the application comprises the steps that when a third party APK receives a user request to call a payment APK, the payment APK judges whether a third party APK program is a legal program authorized and authenticated by a safety management platform; if so, the intelligent terminal executes the calling request to call the payment APK; and the payment APK completes payment according to the payment request sent by the third party APK. The secure payment scheme provided by the embodiment of the application achieves the purpose of having the authorization identifier of the security management platform by processing the core file part in the application according to the rules of the security management platform in the development process of the application authorized and authenticated by the management mechanism of the payment application, so that the authorization verification of the core file in the third-party application is realized in the authorization verification process of the third-party application, rather than the authorization verification of the package name of the third-party application only in the prior art. The technical scheme provided by the embodiment of the application authorizes a specific application program file, the legality of the application program can be checked firstly during use, the payment application can be called only through authorization verification of a server (or a management enterprise of the payment application) of the payment application, compared with the prior art that only authorization of a program package name is checked, the calling of an unauthorized program of a repackaged or tampered application name to a payment system is avoided, an authorization code is generated by mixing data provided by the payment application server, local data and a timestamp, random variation and encrypted transmission return are achieved, simulation is difficult, and the safety of transaction is improved.
In the several embodiments provided in the present application, it should be understood that the disclosed system and method may be implemented in other ways. For example, the above-described system embodiments are merely illustrative, and for example, a division of a module or a unit is only one logical division, and an actual implementation may have another division, for example, a plurality of units or components may be combined or integrated into another system, or some features may be discarded or not executed. In addition, the shown or discussed mutual coupling or direct coupling or communication connection may be an indirect coupling or communication connection through some interfaces, systems or units, and may be in an electrical, mechanical or other form.
Units described as separate parts may or may not be physically separate, and parts displayed as units may be one physical unit or a plurality of physical units, may be located in one place, or may be distributed to a plurality of different places. Some or all of the units can be selected according to actual needs to achieve the purpose of the solution of the embodiment.
In addition, functional units in the embodiments of the present application may be integrated into one processing unit, or each unit may exist alone physically, or two or more units are integrated into one unit. The integrated unit can be realized in a form of hardware, and can also be realized in a form of a software functional unit.
The integrated unit, if implemented in the form of a software functional unit and sold or used as a stand-alone product, may be stored in a readable storage medium. Based on such understanding, the technical solutions of the embodiments of the present application may be essentially or partially contributed to by the prior art, or all or part of the technical solutions may be embodied in the form of a software product, where the software product is stored in a storage medium and includes several instructions to enable a device (which may be a single chip, a chip, or the like) or a processor (processor) to execute all or part of the steps of the methods of the embodiments of the present application. And the aforementioned storage medium includes: various media capable of storing program codes, such as a usb disk, a removable hard disk, a Read Only Memory (ROM), a Random Access Memory (RAM), a magnetic disk, or an optical disk.
It should be understood that, although the steps in the flowcharts of the figures are shown in order as indicated by the arrows, the steps are not necessarily performed in order as indicated by the arrows. The steps are not performed in the exact order shown and may be performed in other orders unless explicitly stated herein. Moreover, at least a portion of the steps in the flow chart of the figure may include multiple sub-steps or multiple stages, which are not necessarily performed at the same time, but may be performed at different times, which are not necessarily performed in sequence, but may be performed alternately or alternately with other steps or at least a portion of the sub-steps or stages of other steps.
The above description is only for the specific embodiments of the present application, but the scope of the present application is not limited thereto, and any person skilled in the art can easily conceive of changes or substitutions within the technical scope of the present application, and can make several modifications and decorations, and these changes, substitutions, improvements and decorations should also be considered to be covered by the scope of the present application. Therefore, the protection scope of the present application shall be subject to the protection scope of the claims.
Claims (16)
1. A secure payment method is applied to a secure payment system, the system comprises a smart terminal and a secure management platform of a payment APK, wherein the smart terminal further comprises a third party APK and the payment APK, and the method comprises the following steps:
when the third party APK receives a user request to call the payment APK, the payment APK judges whether the third party APK program is a legal program authorized and authenticated by the security management platform;
if so, the intelligent terminal executes the calling request to call the payment APK;
and the payment APK completes payment according to the payment request sent by the third party APK.
2. The secure payment method of claim 1, wherein the determining, by the payment APK, whether the third party APK program is a legitimate program for authorization authentication comprises:
judging whether the third party APK comprises a target module or not; wherein the target module comprises a core program file of a third party APK with the payment APK security management platform authorization identification.
3. The secure payment method of claim 2, wherein the target module having the payment APK security management platform authorization identifier further comprises:
and encrypting the generated third party APK core program file according to the preset encryption rule of the payment APK security management platform.
4. The secure payment method of claim 3, wherein the generating of the target template processed according to the preset encryption rule comprises:
the safety management platform carries out MD5 algorithm processing on the core program file of the third party APK;
the security management platform utilizes the first key to encrypt third party APK signature and random encryption factor by MD5 algorithm; wherein the first key is generated by a security management platform;
and forming a target module by the processed core program file and the third party APK signature, and compressing the target module into the third APK directory.
5. The secure payment method of claim 4, wherein the determining that the third party APK program is a legitimate program authorized for authentication by a security management platform comprises:
reading and decrypting the target module by the third party APK through an interface in an SDK file in a program package of the third party APK to obtain an MD5 value of the core program file and an MD5 value signed by the third party APK;
the intelligent terminal calculates the MD5 value of the core program file and the MD5 value of the APK signature of the third party;
and when the MD5 value of the core program file obtained by decryption and the MD5 value signed by the third party APK are respectively the same as the calculated values, determining that the third party APK is a legal program authorized to be authenticated.
6. The secure payment method of claim 5, wherein the generating of the SDK file further comprises:
when the security management platform identifies a target module of a third party APK, integrating the SDK file into a third party APK program file; the SDK file is used for providing a calling interface for the third party APK.
7. The secure payment method of claim 6, wherein prior to the executing the invocation request invoking a payment APK, the method further comprises:
the third party APK reads and decrypts the target module through an interface in an SDK file in a program package of the third party APK to obtain a random encryption factor of the security management platform;
the third party APK generates a character string by using the random encryption factor of the security management platform, the encryption factor generated by the third party APK and the current timestamp;
the third party APK generates an authorization code for the character string according to a preset processing rule and sends the authorization code to the payment APK for verification;
and when the payment APK successfully verifies the authorization code, the intelligent terminal executes a calling request to call the payment APK.
8. The secure payment scheme according to claim 7, wherein the preset processing rule of the third party APK generating the character string into the authorization code includes:
the third party APK encrypts the generated character string by using a 3DES algorithm;
and transcoding the character string by the APK of the third party through base64 to generate an authorization code.
9. A secure payment scheme as claimed in claim 8 wherein the process of the payment APK verifying the authorisation code comprises:
and when the payment APK receives a calling request sent by a third party APK through an interface in the SDK file of the third party APK, the payment APK reversely processes the authorization code through the interface according to a preset processing rule, and if the processing is successful, the verification is passed.
10. The safety payment system is characterized by comprising an intelligent terminal and a safety management platform of a payment APK, wherein the intelligent terminal further comprises a third party APK and the payment APK, and the safety management platform comprises:
when the third party APK receives a user request to call the payment APK, the payment APK judges whether the third party APK program is a legal program authorized and authenticated by the security management platform;
if so, the intelligent terminal executes the calling request to call the payment APK;
and the payment APK completes payment according to the payment request sent by the third party APK.
11. The secure payment system of claim 10, wherein the payment APK determining whether the third party APK program is a legitimate program for authorization authentication comprises:
judging whether the third party APK comprises a target module or not; wherein the target module comprises a core program file of a third party APK with the payment APK security management platform authorization identifier; the target module with the authorization identifier further comprises a third party APK core program file generated by encrypting according to a preset encryption rule of the payment APK security management platform.
12. The secure payment system of claim 11, wherein the generating of the target template processed according to the preset encryption rule comprises:
the safety management platform carries out MD5 algorithm processing on the core program file of the third party APK;
the security management platform utilizes the first key to encrypt third party APK signature and random encryption factor by MD5 algorithm; wherein the first key is generated by a security management platform;
and forming a target module by the processed core program file and the third party APK signature, and compressing the target module into the third APK directory.
13. The secure payment system of claim 12, wherein the determining that the third party APK program is a legitimate program authorized for authentication by a security management platform comprises:
reading and decrypting the target module by the third party APK through an interface in an SDK file in a program package of the third party APK to obtain an MD5 value of the core program file and an MD5 value signed by the third party APK;
the intelligent terminal calculates the MD5 value of the core program file and the MD5 value of the APK signature of the third party;
and when the MD5 value of the core program file obtained by decryption and the MD5 value signed by the third party APK are respectively the same as the calculated values, determining that the third party APK is a legal program authorized to be authenticated.
14. The secure payment system of claim 13, wherein prior to the executing the invocation request invoking a payment APK, the system further comprises:
the third party APK reads and decrypts the target module through an interface in an SDK file in a program package of the third party APK to obtain a random encryption factor of the security management platform;
the third party APK generates a character string by using the random encryption factor of the security management platform, the encryption factor generated by the third party APK and the current timestamp;
the third party APK generates an authorization code for the character string according to a preset processing rule and sends the authorization code to the payment APK for verification; wherein, presetting the processing rule includes: the APK of a third party encrypts the generated character string by using a 3DES algorithm and then transcodes the character string by using base64 to generate an authorization code;
and when the payment APK successfully verifies the authorization code, the intelligent terminal executes a calling request to call the payment APK.
15. An electronic device comprising a processor and a memory;
the memory is used for storing operation instructions;
the processor is used for executing the method of any one of claims 1-9 by calling the operation instruction.
16. A computer-readable storage medium, characterized in that the storage medium has stored thereon a computer program which, when being executed by a processor, carries out the method of any one of claims 1-9.
Priority Applications (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN202011304035.6A CN112488686A (en) | 2020-11-19 | 2020-11-19 | Secure payment method, system, electronic equipment and readable storage medium |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN202011304035.6A CN112488686A (en) | 2020-11-19 | 2020-11-19 | Secure payment method, system, electronic equipment and readable storage medium |
Publications (1)
| Publication Number | Publication Date |
|---|---|
| CN112488686A true CN112488686A (en) | 2021-03-12 |
Family
ID=74932019
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN202011304035.6A Pending CN112488686A (en) | 2020-11-19 | 2020-11-19 | Secure payment method, system, electronic equipment and readable storage medium |
Country Status (1)
| Country | Link |
|---|---|
| CN (1) | CN112488686A (en) |
Citations (6)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN102625309A (en) * | 2012-01-18 | 2012-08-01 | 中兴通讯股份有限公司 | Access control method and device |
| US20160277194A1 (en) * | 2012-09-18 | 2016-09-22 | Beijing Senselock Software Technology Co., Ltd. | Method for certifying android client application by local service unit |
| CN106127473A (en) * | 2016-06-30 | 2016-11-16 | 乐视控股(北京)有限公司 | A kind of safe payment method and electronic equipment |
| CN110333868A (en) * | 2019-06-12 | 2019-10-15 | 阿里巴巴集团控股有限公司 | For generating the method and system of the installation kit of sub- application |
| CN111260342A (en) * | 2019-11-26 | 2020-06-09 | 泰康保险集团股份有限公司 | Authentication payment method and device |
| CN111917680A (en) * | 2019-05-07 | 2020-11-10 | 中国移动通信集团湖南有限公司 | Encryption system, method, server and storage medium |
-
2020
- 2020-11-19 CN CN202011304035.6A patent/CN112488686A/en active Pending
Patent Citations (6)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN102625309A (en) * | 2012-01-18 | 2012-08-01 | 中兴通讯股份有限公司 | Access control method and device |
| US20160277194A1 (en) * | 2012-09-18 | 2016-09-22 | Beijing Senselock Software Technology Co., Ltd. | Method for certifying android client application by local service unit |
| CN106127473A (en) * | 2016-06-30 | 2016-11-16 | 乐视控股(北京)有限公司 | A kind of safe payment method and electronic equipment |
| CN111917680A (en) * | 2019-05-07 | 2020-11-10 | 中国移动通信集团湖南有限公司 | Encryption system, method, server and storage medium |
| CN110333868A (en) * | 2019-06-12 | 2019-10-15 | 阿里巴巴集团控股有限公司 | For generating the method and system of the installation kit of sub- application |
| CN111260342A (en) * | 2019-11-26 | 2020-06-09 | 泰康保险集团股份有限公司 | Authentication payment method and device |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| CN111095256B (en) | Securely executing smart contract operations in a trusted execution environment | |
| CN107743133B (en) | Mobile terminal and access control method and system based on trusted security environment | |
| CN111213171B (en) | Method and apparatus for secure offline payment | |
| TWI718567B (en) | Two-dimensional code generation method, data processing method, device, server and computer readable storage medium | |
| US8495383B2 (en) | Method for the secure storing of program state data in an electronic device | |
| CN109728906B (en) | Anti-quantum-computation asymmetric encryption method and system based on asymmetric key pool | |
| CN1679273A (en) | Integrated circuit for digital rights management | |
| JP2005260676A (en) | Security system, information processing system, control method of security system, control method of information processing system, program capable of implementation in system for performing control method and ticket system | |
| CN111476573B (en) | Account data processing method, device, equipment and storage medium | |
| CN109921905B (en) | Anti-quantum computation key negotiation method and system based on private key pool | |
| CN109936456B (en) | Anti-quantum computation digital signature method and system based on private key pool | |
| CN109728905B (en) | Anti-quantum computation MQV key negotiation method and system based on asymmetric key pool | |
| WO2023142440A1 (en) | Image encryption method and apparatus, image processing method and apparatus, and device and medium | |
| CN111506882A (en) | Electronic device and digital file management method | |
| CN110677261B (en) | Trusted two-dimensional code generation method and device, electronic equipment and storage medium | |
| CN111241492A (en) | Product multi-tenant secure credit granting method, system and electronic equipment | |
| CN114996666A (en) | Method for encrypting and decrypting neural network model, electronic device and storage medium | |
| US8904508B2 (en) | System and method for real time secure image based key generation using partial polygons assembled into a master composite image | |
| BR102014007666A2 (en) | method for mobile transaction authentication using video encryption and method for video encryption | |
| WO2020177109A1 (en) | Lot-drawing processing method, trusted chip, node, storage medium and electronic device | |
| CN112488686A (en) | Secure payment method, system, electronic equipment and readable storage medium | |
| CN112861156B (en) | Secure communication method and device for display data, electronic equipment and storage medium | |
| CN117063174A (en) | Security module and method for inter-app trust through app-based identity | |
| CN113938878A (en) | Equipment identifier anti-counterfeiting method and device and electronic equipment | |
| CN112511510B (en) | Authorization authentication method, system, electronic equipment and readable storage medium |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| PB01 | Publication | ||
| PB01 | Publication | ||
| SE01 | Entry into force of request for substantive examination | ||
| SE01 | Entry into force of request for substantive examination | ||
| TA01 | Transfer of patent application right | ||
| TA01 | Transfer of patent application right |
Effective date of registration: 20220919 Address after: 25 Financial Street, Xicheng District, Beijing 100033 Applicant after: CHINA CONSTRUCTION BANK Corp. Address before: 12 / F, 15 / F, 99 Yincheng Road, Pudong New Area pilot Free Trade Zone, Shanghai, 200120 Applicant before: Jianxin Financial Science and Technology Co.,Ltd. |