CN112801660B

CN112801660B - Secret subscription-free method and device of payment protocol

Info

Publication number: CN112801660B
Application number: CN202110117507.5A
Authority: CN
Inventors: 谢莎莎; 姚远; 张立伟; 胡松鄂
Original assignee: Industrial and Commercial Bank of China Ltd ICBC
Current assignee: Industrial and Commercial Bank of China Ltd ICBC
Priority date: 2021-01-28
Filing date: 2021-01-28
Publication date: 2024-02-23
Anticipated expiration: 2041-01-28
Also published as: CN112801660A

Abstract

A secret contract-free signing method and device of a payment protocol can be used in the financial field or other fields. The method comprises the following steps: analyzing an agreement signing request sent by an application software client to obtain signing information and generating an admission request message; the subscription information comprises a client card number; determining an issuer according to the client card number, encrypting the admission request message according to a preset encryption rule, and sending the admission request message to an issuer server; receiving scene admission information returned by a card issuing bank server, and generating a subscription request message according to the subscription information and the scene admission information; encrypting the signing request message according to the UnionPay encryption rule, and sending the signing request message to the UnionPay server. According to the invention, through a pure message interaction mode, the admission verification of the password-free signing scene and the scene admission information verification are carried out, so that the payment agreement signing is completed, the interaction between a bank client and a plurality of systems is effectively reduced, and the business handling efficiency is improved.

Description

Secret subscription-free method and device of payment protocol

Technical Field

The invention relates to the technical field of payment agreement signing, in particular to a method and a device for signing without secret number of a payment agreement.

Background

The UnionPay payment is a quick mobile payment product based on the NFC technology of the mobile terminal, and a bank customer and a mobile terminal manufacturer, a UnionPay and an issuing bank sign a deduction authorization protocol in advance, so that when the subsequent bank customer carries out the UnionPay mobile payment under the specific scene and rule agreed by the protocol, the bank customer does not need to input a bank card password. According to the payment design, the mobile terminal replaces a bank card, so that the situation that the bank card needs to be carried for each payment is avoided, the situation that a bank card password is input in front of a person is avoided, personal privacy and account safety are protected, and meanwhile mobile payment experience of a bank client is improved. However, with the change of the classification management mode of the personal bank account, the bank is allowed to open the class II and class III accounts for the individual through the electronic channel in a non-face-to-face way, and a bank debit account without card density appears, so that two problems exist: after a bank debit account without a card password is opened on line on the application software of the mobile terminal, the bank debit account cannot sign a silver-linked pay payment protocol on the application software of the mobile terminal due to the fact that the bank card password is not available. Secondly, although a bank customer can set a bank card password by going to a downstream service website of a bank card issuing bank or downloading a bank APP client of the bank card issuing bank, and then return to the mobile terminal application software to sign an Unionpay payment protocol, the operation of the process is interrupted, the original design of the Unionpay payment protocol convenience is violated, and the process is generally refused to be accepted by mobile terminal manufacturers.

Disclosure of Invention

Aiming at the problems existing in the prior art, the main purpose of the embodiment of the invention is to provide a secret-free signing method and device for a payment protocol, which realize the purpose of coherent secret-free signing of the payment protocol after a bank debit account without a card secret is opened on the mobile terminal application software.

In order to achieve the above object, a method for a payment agreement without a secret subscription, the method comprising:

analyzing an agreement signing request sent by an application software client to obtain signing information, and generating an admission request message according to the signing information; wherein the subscription information includes a customer card number;

determining an issuer according to the client card number, encrypting the access request message according to a preset encryption rule, and sending the encrypted access request message to an issuer server;

receiving scene admission information returned by the card issuing row server, and generating a subscription request message according to the subscription information and the scene admission information;

encrypting the signing request message according to the UnionPay encryption rule, and sending the encrypted signing request message to the UnionPay server.

Optionally, in an embodiment of the present invention, the scene admission information includes an admission verification code and a scene ID.

Optionally, in an embodiment of the present invention, the subscription information further includes client information, a subscription payment protocol type, and an application ID.

The embodiment of the invention also provides a secret contract-free method of the payment protocol, which comprises the following steps:

analyzing an admission request message sent by an application software server to obtain subscription information corresponding to the admission request message, and performing admission qualification inspection according to the subscription information corresponding to the admission request message to obtain an inspection result;

if the checking result is that the checking is passed, determining a time stamp corresponding to the admission request message, and sending scene admission information corresponding to the admission request message to an application software server;

analyzing a subscription request message sent by a silver-linked server to obtain subscription information, scene admission information and a time stamp corresponding to the subscription request message, and matching according to the subscription information, the scene admission information and the time stamp corresponding to the admission request message and the subscription request message respectively to obtain a matching result;

if the matching result is that the matching is passed, verifying the subscription information corresponding to the subscription request message according to the scene access information corresponding to the subscription request message, and sending the generated verification result to a Unionpay server for generation and subscription of a payment protocol.

Optionally, in an embodiment of the present invention, subscription information corresponding to the admission request packet includes client information, a client card number, a subscription payment protocol type, and an application ID corresponding to the admission request packet; the subscription information corresponding to the subscription request message comprises client information, a client card number, a subscription payment protocol type and an application software ID corresponding to the subscription request message.

Optionally, in an embodiment of the present invention, performing admission qualification inspection according to subscription information corresponding to the admission request packet, and obtaining an inspection result includes: performing application software qualification inspection according to the application software ID corresponding to the admission request message; if the application software qualification inspection is passed, performing signed payment protocol type validity inspection according to the signed payment protocol type corresponding to the admission request message; if the legality check of the subscription payment protocol type is obtained to pass, the legality check of the acceptance card is carried out according to the client card number corresponding to the admission request message; if the acceptance card is checked to pass the validity check, the check result is checked to pass the check.

Optionally, in an embodiment of the present invention, the matching according to the subscription information, the scene admission verification code, and the timestamp corresponding to the admission request packet and the subscription request packet respectively, to obtain a matching result includes: determining a time interval according to the time stamp corresponding to the admission request message and the time stamp corresponding to the subscription request message; if the time interval is less than the preset threshold, the client information, the client card number, the subscription payment protocol type, the application software ID and the scene access information corresponding to the access request message are matched one by one, and a matching result is obtained.

Optionally, in an embodiment of the present invention, the scenario admission information corresponding to the subscription request packet includes an admission verification code and a scenario ID.

Optionally, in an embodiment of the present invention, verifying the subscription information corresponding to the subscription request packet according to the scene access information corresponding to the subscription request packet includes: determining an account type according to a client card number corresponding to the signing request message; and verifying the client information and the client card number corresponding to the signing request message according to the account type and a preset verification rule corresponding to the scene ID, and generating a verification result.

The embodiment of the invention also provides a device for avoiding secret contract signing of the payment protocol, which comprises:

the admission request message module is used for analyzing the agreement signing request sent by the application software client to obtain signing information, and generating an admission request message according to the signing information; wherein the subscription information includes a customer card number;

the first message sending module is used for determining an issuer according to the client card number, encrypting the access request message according to a preset encryption rule, and sending the encrypted access request message to an issuer server;

The signing request message module is used for receiving scene admission information returned by the card issuing row server and generating a signing request message according to the signing information and the scene admission information;

and the second message sending module is used for encrypting the signing request message according to the Unionpay encryption rule and sending the encrypted signing request message to the Unionpay server.

the admission qualification checking module is used for analyzing the admission request message sent by the application software server to obtain subscription information corresponding to the admission request message, and performing admission qualification checking according to the subscription information corresponding to the admission request message to obtain a checking result;

the scene access information module is used for determining a time stamp corresponding to the access request message and sending scene access information corresponding to the access request message to an application software server if the inspection result is that the inspection is passed;

The information matching module is used for analyzing the subscription request message sent by the Unionpay server to obtain subscription information, scene admission information and time stamp corresponding to the subscription request message, and matching according to the subscription information, scene admission information and time stamp respectively corresponding to the admission request message and the subscription request message to obtain a matching result;

and the verification result module is used for verifying the subscription information corresponding to the subscription request message according to the scene access information corresponding to the subscription request message if the matching result is that the matching is passed, and sending the generated verification result to the Unionpay server for generation and subscription of a payment protocol.

Optionally, in an embodiment of the present invention, the admission qualification module includes: the qualification checking unit is used for checking the qualification of the application software according to the application software ID corresponding to the admission request message; the agreement type checking unit is used for checking the legality of the contracted payment agreement type according to the contracted payment agreement type corresponding to the admission request message if the qualification checking of the application software is passed; the acceptance card checking unit is used for checking the legitimacy of the acceptance card according to the client card number corresponding to the admission request message if the legitimacy check of the subscription payment protocol type is passed; and the checking result unit is used for checking the passing of the validity check of the acceptance card.

Optionally, in an embodiment of the present invention, the information matching module includes: the time interval unit is used for determining a time interval according to the time stamp corresponding to the admission request message and the time stamp corresponding to the subscription request message; and the matching result unit is used for matching the client information, the client card number, the subscription payment protocol type, the application software ID and the scene access information corresponding to the access request message one by one to obtain a matching result if the time interval is less than the preset threshold value.

Optionally, in an embodiment of the present invention, the verification result module includes: the account type unit is used for determining the account type according to the client card number corresponding to the signing request message; and the verification result unit is used for verifying the client information and the client card number corresponding to the signing request message according to the account type and the preset verification rule corresponding to the scene ID, and generating a verification result.

The invention also provides an electronic device comprising a memory, a processor and a computer program stored on the memory and executable on the processor, the processor implementing the above method when executing the program.

The present invention also provides a computer readable storage medium storing a computer program for executing the above method.

The invention realizes the purpose of coherently signing a payment protocol after opening a bank debit account without a card secret on the mobile terminal application software, and simultaneously carries out the admission verification of a secret subscription-free scene and the scene admission information verification in a pure message interaction mode, thereby completing the payment protocol subscription, effectively reducing the interaction between a bank client and a plurality of systems and improving the service handling efficiency.

Drawings

In order to more clearly illustrate the embodiments of the present invention or the technical solutions in the prior art, the drawings that are needed in the description of the embodiments will be briefly described below, it being obvious that the drawings in the following description are only some embodiments of the present invention, and that other drawings may be obtained according to these drawings without inventive effort for a person skilled in the art.

FIG. 1 is a flow chart of a method for a secure subscription-free payment agreement in accordance with an embodiment of the present invention;

FIG. 2 is a flow chart of a method for a payment agreement sign-up free in accordance with another embodiment of the present invention;

FIG. 3 is a flow chart of admission qualification testing in an embodiment of the present invention;

FIG. 4 is a flow chart of information matching in an embodiment of the invention;

FIG. 5 is a flow chart of account verification in an embodiment of the invention;

FIG. 6 is a flow chart of interaction of the participants in an embodiment of the invention;

fig. 7 is a flowchart of admission qualification and scene admission information acquisition in an embodiment of the present invention;

FIG. 8 is a flow chart of a private contract-free Unionpay payment protocol in an embodiment of the invention;

fig. 9 is a schematic structural diagram of a payment agreement-free sign-up device according to an embodiment of the present invention;

fig. 10 is a schematic structural diagram of a payment agreement sign-up-free device according to another embodiment of the present invention;

FIG. 11 is a schematic diagram of a quasi-ingress qualification module according to an embodiment of the present invention;

FIG. 12 is a schematic diagram of a structure of an information matching module according to an embodiment of the present invention;

FIG. 13 is a schematic diagram of a verification result module according to an embodiment of the present invention;

fig. 14 is a schematic structural diagram of an electronic device according to an embodiment of the invention.

Detailed Description

The embodiment of the invention provides a secret-free signing method and device of a payment protocol, which can be used in the financial field or other fields, and the secret-free signing method and device of the payment protocol can be used in the financial field and can also be used in any field except the financial field, and the application field of the secret-free signing method and device of the payment protocol is not limited.

The following description of the embodiments of the present invention will be made clearly and completely with reference to the accompanying drawings, in which it is apparent that the embodiments described are only some embodiments of the present invention, but not all embodiments. All other embodiments, which can be made by those skilled in the art based on the embodiments of the invention without making any inventive effort, are intended to be within the scope of the invention.

Fig. 1 is a flowchart of a method for signing a contract without encryption of a payment protocol according to an embodiment of the present invention, where an execution subject of the method for signing a contract without encryption of a payment protocol provided by the embodiment of the present invention may be an application software server of a mobile terminal. The method shown in the figure comprises the following steps:

step S101, analyzing an agreement signing request sent by an application software client to obtain signing information, and generating an admission request message according to the signing information; wherein the subscription information includes a customer card number.

Before receiving a contract signing request sent by an application software client of the mobile terminal, a bank client enters the application software client of the mobile terminal, and clicks to trigger a password-free (i.e. password-free) payment contract signing operation. The mobile terminal application software client side displays a secret-free payment protocol subscription page, and the page subscription element comprises client information (name, certificate type, certificate number and the like), client bank card information (client card number, card secret and the like) and bank reserved mobile phone numbers. And the bank client inputs the subscription factors at the mobile terminal application software client and clicks to obtain the short message verification code at the mobile terminal application software client. The mobile terminal application software client checks the validity of the input information (including checking whether the certificate number is 15 bits or 18 bits if the certificate type is an identity card, if the certificate number is 18 bits, the first 17 bits can only be numbers, and the last bit is numbers or letters, etc.), and after the check is passed, the mobile terminal application software client sends a request for acquiring the short message verification code to perform the validity verification of the short message verification code. After the validity verification of the short message verification code is passed, the mobile terminal application software client sends a protocol signing request.

And receiving and analyzing the agreement signing request to obtain signing information input by the bank client at the application software client of the mobile terminal, wherein the signing information comprises client information, a client card number, a signing payment agreement type and an application software ID of the mobile terminal. And generating an admission request message according to the client information, the client card number, the signed payment protocol type and the application software ID according to the agreed format of the card issuing bank interface message.

Step S102, determining an issuer according to the client card number, encrypting the access request message according to a preset encryption rule, and sending the encrypted access request message to an issuer server.

And identifying the card issuing bank according to the client card number, and encrypting the access request message according to a preset encryption rule. The preset encryption rule may be an encryption rule agreed with the issuer. And sending the encrypted access request message to the card issuing server.

Step S103, receiving scene access information returned by the card issuing row server, and generating a signing request message according to the signing information.

After receiving the admission request message, the card issuing service end performs admission qualification check according to the admission request message, and returns scene admission information after the admission qualification check passes.

Specifically, the scene admission information includes an admission verification code and a scene ID. The admission verification code can be a randomly generated string code or a string code generated according to a preset generation rule. The admission verification code may be numbers, letters, and characters, or any combination of numbers, letters, and characters. The scenario ID may be a digital code representing the scenario of the current payment agreement subscription, e.g. subscription bloom as wallet.

Further, after receiving the scene access information returned by the card issuing row server, the subscription information, including the client information, the client card number, the subscription payment protocol type and the application software ID, and the scene access information are assembled into a subscription request message.

Step S104, encrypting the signing request message according to the Unionpay encryption rule, and sending the encrypted signing request message to the Unionpay server.

The signing request message is encrypted according to the UnionPay encryption rule, and the encrypted signing request message is sent to the UnionPay server for subsequent processing of payment protocol signing.

Fig. 2 is a flowchart of a method for signing a contract without encryption of a payment protocol according to another embodiment of the present invention, where an execution subject of the method for signing a contract without encryption of a payment protocol provided by the embodiment of the present invention may be a server of a issuer. The method shown in the figure comprises the following steps:

Step S201, analyzing an admission request message sent by an application software server to obtain subscription information corresponding to the admission request message, and performing admission qualification inspection according to the subscription information corresponding to the admission request message to obtain an inspection result.

And receiving an admission request message sent by an application software server of the mobile terminal, decrypting and analyzing the admission request message, and obtaining subscription information input by a bank user at an application software client of the mobile terminal, wherein the subscription information comprises client information and a client card number corresponding to the admission request message, and subscription payment protocol type and application software ID. And performing admission qualification inspection by utilizing the subscription information obtained by analysis, wherein the admission qualification inspection comprises application software qualification inspection, subscription payment protocol type validity inspection and acceptance card validity inspection.

Specifically, the application software qualification checking may use a preset permission white list of the application software to check, and determine whether the application software of the mobile terminal is in the permission white list according to the application software ID, if yes, the application software qualification checking passes. The validity check of the subscription payment protocol type refers to whether the payment protocol currently performed by the application software is within the authority range of the application software, for example, whether the application software has the authority to sign up for a certain payment protocol without being ciphered, if yes, the validity check of the subscription payment protocol type passes. The acceptance card validity check refers to judging whether the bank card supports the current payment protocol subscription according to the number of the client card after the subscription payment protocol type validity check is passed. In particular, different types of bank cards, such as credit or debit cards, support signing up for different payment agreements. Therefore, it is necessary to determine whether the current customer bank card has authority to sign up for a certain payment agreement, and if so, the acceptance card validity check passes. And after the acceptance card passes the validity check, obtaining a check result as passing. If the checking fails in the checking process of the admission qualification, the checking result is failed.

Step S202, if the checking result is that the checking is passed, determining a time stamp corresponding to the admission request message, and sending scene admission information corresponding to the admission request message to an application software server.

When the admission qualification check is passed, recording the current time as a time stamp corresponding to the admission request message, and sending scene admission information to an application software server. The scene access information comprises an access verification code and a scene ID. The admission verification code can be a randomly generated string code or a string code generated according to a preset generation rule. The admission verification code may be numbers, letters, and characters, or any combination of numbers, letters, and characters. The scenario ID may be a digital code representing the scenario of the current payment agreement subscription, e.g. subscription bloom as wallet.

Step S203, analyzing the subscription request message sent by the Unionpay server to obtain subscription information, scene admission information and time stamp corresponding to the subscription request message, and matching according to the subscription information, scene admission information and time stamp corresponding to the admission request message and the subscription request message respectively to obtain a matching result.

After receiving the scene access information, the application software server of the mobile terminal sends a subscription request message to the Unionpay server. The Unionpay server decrypts and analyzes the signing request message, determines a card issuing bank, and then thoroughly transmits the signing request message to the card issuing bank after re-encrypting the signing request message. The encryption rule of the Unionpay server can be a Unionpay encryption rule or a preset encryption rule agreed with a card issuing line.

Further, after decrypting and analyzing the subscription request message sent by the Unionpay server, subscription information corresponding to the subscription request message is obtained, wherein the subscription information comprises client information corresponding to the subscription request message, a client card number, a subscription payment protocol type, an application software ID, scene admission information and a time stamp. And determining the time interval of the two time stamps according to the time stamp of the subscription request message and the time stamp corresponding to the admission request message, and if the time interval does not exceed a preset threshold value, for example, 1 minute. And matching the client information, the client card number, the subscription payment protocol type, the application software ID and the scene access information which correspond to the subscription request message and the admission request message respectively one by one, detecting whether the client information, the client card number, the subscription payment protocol type, the application software ID and the scene access information are consistent, and if the client information, the client card number, the subscription payment protocol type, the application software ID and the scene access information are consistent, the matching result is that the matching is passed.

Step S204, if the matching result is that the matching is passed, verifying the subscription information corresponding to the subscription request message according to the scene access information corresponding to the subscription request message, and sending the generated verification result to the Unionpay server for generation and subscription of a payment protocol.

After the matching is passed, according to the scene access information corresponding to the signing request message, specifically, according to the scene ID in the scene access information, verifying the client information and the client card number according to the account type corresponding to the client card number. Further, the information such as the name, the certificate number, the card number and the like of the client can be checked, and a verification result can be generated. And sending the verification result to the Unionpay server to generate and sign up a payment protocol. In particular, the authentication process based on the scene admission information does not require authentication of the card secret.

Further, after the silver-connected server receives the verification result, judging whether the verification result is passed. If the verification result is that the verification is not passed, terminating the payment protocol subscription, returning subscription failure information to the application software server of the mobile terminal, and displaying a subscription failure page to the bank client by the application software client of the mobile terminal. If the verification result is that the verification is passed, the silver card server returns a payment protocol number to the card issuing server and the application software server of the mobile terminal. The card issuing bank server side stores information such as a payment protocol number, client information and a client card number, the application software server side of the mobile terminal stores information such as the payment protocol number, the client information and the client card number, and the application software client side of the mobile terminal displays a successful signing page to a bank client.

As one embodiment of the present invention, the subscription information corresponding to the admission request message includes the client information corresponding to the admission request message, the client card number, the subscription payment protocol type and the application software ID; the subscription information corresponding to the subscription request message comprises the client information, the client card number, the subscription payment protocol type and the application software ID corresponding to the subscription request message.

In this embodiment, as shown in fig. 3, performing admission qualification inspection according to subscription information corresponding to the admission request packet, where the obtaining an inspection result includes:

and step 2011, performing application software qualification checking according to the application software ID corresponding to the admission request message.

The application software qualification checking can check by using a preset permission white list of the application software, and judge whether the application software of the mobile terminal is in the permission white list according to the application software ID, if so, the application software qualification checking passes.

Step 2012, if it is known that the application software qualification check passes, performing a subscription payment protocol type validity check according to the subscription payment protocol type corresponding to the admission request message.

And after the qualification inspection of the application software is passed, performing legality inspection of the signed payment protocol type. The validity check of the subscription payment protocol type refers to whether the payment protocol currently performed by the application software is within the authority range of the application software, for example, whether the application software has the authority to sign up for a certain payment protocol without being ciphered, if yes, the validity check of the subscription payment protocol type passes.

And step S2013, if the legality check of the signed payment protocol type is passed, the legality check of the acceptance card is carried out according to the client card number corresponding to the admission request message.

And after the legitimacy check of the type of the signed payment protocol is passed, carrying out acceptance card legitimacy check. The acceptance card validity check refers to judging whether the bank card supports the current payment protocol subscription according to the number of the client card after the subscription payment protocol type validity check is passed. In particular, different types of bank cards, such as credit or debit cards, support signing up for different payment agreements. Therefore, it is necessary to determine whether the current customer bank card has authority to sign up for a certain payment agreement, and if so, the acceptance card validity check passes.

Step S2014, if the acceptance card validity check is found to pass, the check result is the check pass.

And after the acceptance card passes the validity check, obtaining a check result as passing. In addition, if the check fails in the admission qualification checking process, the check result is failed.

As an embodiment of the present invention, as shown in fig. 4, matching is performed according to subscription information, scene admission information and a timestamp corresponding to the admission request message and the subscription request message, respectively, so as to obtain a matching result, where the matching result includes:

Step S2031, determining a time interval according to the time stamp corresponding to the admission request message and the time stamp corresponding to the subscription request message.

The time interval between the two time stamps is determined according to the time stamp of the subscription request message and the time stamp corresponding to the admission request message, for example, the time interval may be 40 seconds.

Step S2032, if the time interval is less than the preset threshold, matches the client information, the client card number, the subscription payment protocol type, the application software ID, and the scene access information corresponding to the admission request message one by one, and matches the client information, the client card number, the subscription payment protocol type, the application software ID, and the scene access information corresponding to the subscription request message one by one, so as to obtain a matching result.

Wherein if the time interval does not exceed the preset threshold, for example 1 minute. And matching the client information, the client card number, the subscription payment protocol type, the application software ID and the scene access information which correspond to the subscription request message and the admission request message respectively one by one, detecting whether the client information, the client card number, the subscription payment protocol type, the application software ID and the scene access information are consistent, and if the client information, the client card number, the subscription payment protocol type, the application software ID and the scene access information are consistent, the matching result is that the matching is passed.

As an embodiment of the present invention, the scene admission information corresponding to the subscription request message includes an admission verification code and a scene ID.

The admission verification code can be a randomly generated string code or a string code generated according to a preset generation rule. The admission verification code may be numbers, letters, and characters, or any combination of numbers, letters, and characters. The scenario ID may be a digital code representing the scenario of the current payment agreement subscription, e.g. subscription bloom as wallet.

In this embodiment, as shown in fig. 5, according to the scene admission information corresponding to the subscription request packet, verifying the subscription information corresponding to the subscription request packet includes:

step S2041, determining the account type according to the client card number corresponding to the signing request message.

Wherein the account type, e.g., debit account or credit account, may be determined based on the customer card number.

Step S2042, according to the account type and the preset verification rule corresponding to the scene ID, verifies the client information and the client card number corresponding to the sign-up request message, and generates a verification result.

And verifying the client information and the client card number according to the scene ID in the scene access information and aiming at the account type corresponding to the client card number. Further, the information such as the name, the certificate number, the card number and the like of the client can be checked, and a verification result can be generated.

Specifically, if the account is a debit account, matching is performed in a debit account register, account verification is performed according to information such as name, card number and the like, and the password of the bank card is not verified; if the account is the credit account, the account is matched in a credit account register, and the account verification is carried out according to the information such as the name, the card number and the like, and the bank card password is not verified. And obtaining a verification result after the account verification process, wherein the verification result comprises verification passing or verification failing.

In a specific embodiment of the present invention, as shown in fig. 6, taking a private contract-free process of a silver-linked pay payment protocol as an example, the private contract-free process mainly includes five parties, namely a bank client, a mobile terminal application software server, a silver-linked server and a card issuing bank server. The mobile terminal application software client referred to in the process is a client APP (such as a wallet) of the mobile terminal, and the specific overall interaction process of each participant includes:

s1, a bank client enters a mobile terminal application software client side, and clicks to trigger the subscription operation of the Unionpay payment protocol.

S2, the mobile terminal application software client side displays a silver-linked pay payment protocol subscription page, and the page subscription element comprises identity information (name, certificate type, certificate number and the like), bank card information (bank card number, card secret and the like) and a bank reserved mobile phone number.

S3, the bank client inputs the specific information of the subscription factor at the mobile terminal application software client, wherein the specific information comprises identity information (name, certificate type, certificate number and the like), bank card information (bank card number, card secret and the like) and bank reserved mobile phone numbers.

S4, the bank client clicks and acquires the short message verification code at the mobile terminal application software client.

S5, the mobile terminal application software client checks the validity of the input information (including whether the certificate number is 15 bits or 18 bits if the certificate type is an identity card, if the certificate number is 18 bits, the first 17 bits can only be numbers, and the last bit is numbers or letters, etc.), and after the check is passed, the mobile terminal application software client forwards the request for acquiring the short message verification code to the mobile terminal application software server.

And S6, the mobile terminal application software server assembles the message according to interface specifications of the Unionpay and the card issuing bank agreement, encrypts and sends the message to the Unionpay server to acquire the short message verification code of the card issuing bank.

And S7, the Unionpay server analyzes the message, matches the card number corresponding to the card issuing bank according to the card number information in the message of the uploading interface, and transmits the message information to the card issuing bank server.

And S8, after receiving the interface message of the mobile terminal application software server transmitted by the Unionpay server, the bank server receives the short message verification code and sends the short message verification code to the reserved mobile phone number of the client in the message.

S9, the bank client inputs the short message verification code at the mobile terminal application software client.

S10, the mobile terminal application software client checks the validity of the input short message verification code (including whether the verification code is a 6-bit number or not), and forwards the request to the mobile terminal application software server after the verification is passed.

S11-S12, as shown in FIG. 7, specifically comprise:

a1, the mobile terminal application software server identifies a card issuing bank according to card number information in the request information, assembles a message based on information such as name, card number, signed payment protocol type and the like input by a client at the mobile terminal client and information such as app ID (i.e. application software ID) and encrypts and sends the assembled message to the card issuing bank server for admission inspection according to a card issuing bank interface message contract format in a message interaction mode.

and a2, the card issuing server analyzes the message, acquires app id information in the message, and performs permission check of app id.

and a3, if the app id is approved to pass the qualification check, the issuer server acquires the signed payment protocol type information in the message, and performs validity check of the payment protocol type according to the current app id.

and a4, if the validity check of the payment protocol type is passed, the card number information in the message is acquired by the issuer server, and the validity check of the receivable card number range is carried out according to the current app id.

and a5, if the validity check of the card number range is passed, the card issuing server records the app id, the type of the signed payment protocol, the name, the card number and the current system time stamp.

and a6, after the system records the system time stamp, the card issuing server returns the verification code and the scene id (the format is 'verification code|scene id'), namely the scene access information, which are permitted by the specific scene, to the mobile terminal application software server.

S13-S17, as shown in FIG. 8, specifically include:

b1, the mobile terminal application software server groups the messages based on the information of names, card numbers, signed payment protocol types and the like input by the client at the mobile terminal application software client, and verification codes and scene ids (the format is verification code |scene ids) which are acquired from a card issuing row and permitted by specific scenes, and encrypts and sends the messages to the UnionPay server (wherein the verification code|scene ids are sent to an expansion domain in a field of the expansion domain).

And b2, the Unionpay server analyzes the message, and if the message is successfully analyzed, a card number field in the message is obtained, and the card issuing bank information is obtained according to the card number information.

And b3, the Unionpay server side transparently transmits the encrypted message sent by the mobile terminal application software server side to the card issuing bank server side to which the card number belongs in a message interaction mode according to the card issuing bank information.

And b4, the issuing card row server side analyzes the message, and if the message analysis is successful, the information of the field of the expansion domain 'bank channel date' (the format is 'verification code|scene id') is acquired first.

And b5, the card issuing row server judges whether the specific scene identifier in the extension field in the message is empty, namely, judges whether the current agreement signing scene belongs to the password-free signing scene.

And b6, if the specific scene identifier in the extension field in the message is not null, the card issuing server matches the information such as app id, the type of the contracted payment protocol, the verification code|scene id and the like, acquires the timestamp of the system record, and compares the timestamp with the system time of the current transaction, wherein the time interval is not more than 1 minute.

And b7, if the matching verification is passed, the card issuing server side performs the matching verification according to the current scene id parameter:

a: if the account is a debit account, matching in a debit account register, and carrying out account verification according to information such as name, card number and the like, and not verifying the password of the bank card;

b: if the account is the credit account, matching in a credit account register, and carrying out account verification according to information such as name, card number and the like, and not verifying the password of the bank card;

and determining whether the account verification is passed according to the result: if the verification is passed, returning a verification passing receipt to the Unionpay server; if the verification is not passed, returning a receipt of the verification failure to the Unionpay server.

S18, if the specific scene mark in the extension field in the message is null, namely, a non-password-free signing scene, the card issuing bank server sequentially checks the following information:

A. the verification field comprises identity information, card number information, mobile phone number and verification code of a bank client, wherein the identity information, card number information, mobile phone number and verification code comprise name, certificate type code, certificate number, bank reserved mobile phone number, short message verification code and the like;

B. judging the type of the card number in the report after the verification in the last step is passed;

C. if the account is a debit account, matching and checking information such as a card number, a card secret and the like in a debit account register;

D. if the account is a credit account, matching and checking information such as a card number in a credit account register, and not checking the card density;

determining whether the account passes verification according to the result, and if so, returning a verification passing receipt to the Unionpay server; if the verification is not passed, returning a receipt of the verification failure to the Unionpay server.

S19, the Unionpay server judges whether account verification is passed or not.

And S20, if the account passes verification, the Unionpay server generates a Unionpay payment protocol number and sends the Unionpay payment protocol number to the card issuing bank server and the mobile terminal application software server.

S21A, the mobile terminal application software server receives the Unionpay payment protocol number returned by the Unionpay server to the mobile terminal application software server in real time, stores the Unionpay payment protocol number to the mobile terminal application software server, stores the stored information including a client identification number, a protocol type, a protocol number and the like, and simultaneously notifies the mobile terminal application software client of a successful signing result.

S21B, the card issuing bank server receives the Unionpay payment protocol number returned by the Unionpay server, and stores the Unionpay payment protocol number in a card issuing bank server client protocol table, wherein the stored information comprises names, bank card numbers, protocol types, protocol numbers and the like.

S22, the mobile terminal application software client signs up successfully according to the exhibited Unionpay payment protocol.

The method for signing the payment protocol without the encryption, disclosed by the invention, solves the problem that a bank debit account without the encryption cannot sign a payment protocol such as a Unionpay type at a mobile terminal application software client through the interactive cooperation of a bank client, the mobile terminal application software client, a mobile terminal application software server, a Unionpay server and a card issuing bank server. The method aims at improving the signing convenience of the silver-linked pay-off payment protocol in a specific scene, technically solves the problem that a bank client cannot sign up a silver-linked pay-off payment protocol after opening a bank debit account without card density on line on mobile terminal application software, and meanwhile effectively reduces interaction between the bank client and a plurality of systems and improves business handling efficiency.

Fig. 9 is a schematic structural diagram of a device for payment agreement free subscription according to an embodiment of the present invention, where the device includes:

the admission request message module 101 is configured to parse an agreement subscription request sent by an application software client to obtain subscription information, and generate an admission request message according to the subscription information; wherein the subscription information includes a customer card number.

Before receiving a contract signing request sent by an application software client of the mobile terminal, a bank client enters the application software client of the mobile terminal, and clicks to trigger a password-free (i.e. password-free) payment contract signing operation. The mobile terminal application software client side displays a secret-free payment protocol subscription page, and the page subscription element comprises client information (name, certificate type, certificate number and the like), client card numbers (bank card numbers, card secret and the like) and bank reserved mobile phone numbers. And the bank client inputs the subscription factors at the mobile terminal application software client and clicks to obtain the short message verification code at the mobile terminal application software client. The mobile terminal application software client checks the validity of the input information (including checking whether the certificate number is 15 bits or 18 bits if the certificate type is an identity card, if the certificate number is 18 bits, the first 17 bits can only be numbers, and the last bit is numbers or letters, etc.), and after the check is passed, the mobile terminal application software client sends a request for acquiring the short message verification code to perform the validity verification of the short message verification code. After the validity verification of the short message verification code is passed, the mobile terminal application software client sends a protocol signing request.

The first message sending module 102 is configured to determine an issuer according to the client card number, encrypt the admission request message according to a preset encryption rule, and send the encrypted admission request message to an issuer server.

And the subscription request message module 103 is configured to receive the scene access information returned by the card issuing row server, and generate a subscription request message according to the subscription information and the scene access information.

And the second message sending module 104 is configured to encrypt the subscription request message according to a silver-linked encryption rule, and send the encrypted subscription request message to a silver-linked server.

As one embodiment of the present invention, the scene admission information includes an admission verification code and a scene ID.

Fig. 10 is a schematic structural diagram of a device for payment agreement free subscription according to another embodiment of the present invention, where the device includes:

And the admission qualification checking module 201 is configured to analyze an admission request message sent by an application software server to obtain subscription information corresponding to the admission request message, and perform admission qualification checking according to the subscription information corresponding to the admission request message to obtain a checking result.

And the scene admission information module 202 is configured to determine a timestamp corresponding to the admission request message if the inspection result is that the inspection is passed, and send scene admission information corresponding to the admission request message to an application software server.

The information matching module 203 is configured to parse the subscription request message sent by the tandem server to obtain subscription information, scene admission information and a timestamp corresponding to the subscription request message, and match according to the subscription information, scene admission information and the timestamp corresponding to the admission request message and the subscription request message respectively, so as to obtain a matching result.

And the verification result module 204 is configured to verify the subscription information corresponding to the subscription request message according to the scene access information corresponding to the subscription request message if the matching result is that the matching is passed, and send the generated verification result to the Unionpay server for generation and subscription of a payment protocol.

As an embodiment of the present invention, as shown in fig. 11, the admission qualification module 201 includes:

a qualification checking unit 2011, configured to perform application software qualification checking according to the application software ID corresponding to the admission request message;

a protocol type checking unit 2012, configured to perform validity checking of the subscription payment protocol type according to the subscription payment protocol type corresponding to the admission request message if it is known that the qualification checking of the application software passes;

a receiving card checking unit 2013, configured to perform receiving card validity check according to the client card number corresponding to the admission request message if the type validity check of the signed payment protocol is known to pass;

and an inspection result unit 2014, configured to, when the acceptance card validity inspection is known to pass, determine that the inspection result is the pass.

As an embodiment of the present invention, as shown in fig. 12, the information matching module 203 includes:

a time interval unit 2031, configured to determine a time interval according to a time stamp corresponding to the admission request packet and a time stamp corresponding to the subscription request packet;

the matching result unit 2032 is configured to match the client information, the client card number, the subscription payment protocol type, the application software ID, and the scene access information corresponding to the admission request message one by one, and match the client information, the client card number, the subscription payment protocol type, the application software ID, and the scene access information corresponding to the subscription request message one by one if the time interval is less than the preset threshold, so as to obtain a matching result.

In this embodiment, as shown in fig. 13, the verification result module 204 includes:

an account type unit 2041, configured to determine an account type according to a client card number corresponding to the sign-up request packet;

and a verification result unit 2042, configured to verify the client information and the client card number corresponding to the subscription request packet according to the account type and a preset verification rule corresponding to the scene ID, and generate a verification result.

The invention also provides a secret-free signing device of the payment protocol based on the same application conception as the secret-free signing method of the payment protocol. Since the principle of solving the problem of the encryption-free signing device of the payment protocol is similar to that of the encryption-free signing method of the payment protocol, the implementation of the encryption-free signing device of the payment protocol can be referred to the implementation of the encryption-free signing method of the payment protocol, and the repetition is omitted.

The present invention also provides an electronic device comprising a first memory, a first processor and a first computer program stored on the first memory and executable on the first processor, the first processor implementing the following method when executing the program, for example comprising:

The schematic structural diagram of the electronic device in this embodiment is shown in fig. 14.

The present invention also provides a computer-readable storage medium storing a first computer program that performs a method, for example, including:

The present invention also provides an electronic device comprising a second memory, a second processor and a second computer program stored on the second memory and executable on the second processor, the second processor implementing the following method when executing the program, for example comprising:

The electronic device in this embodiment is identical to the electronic device in the above embodiment in structure, and a schematic structural diagram may refer to fig. 14.

The present invention also provides a computer-readable storage medium storing a second computer program for executing the method, comprising:

As shown in fig. 14, the electronic device 600 may further include: a communication module 110, an input unit 120, an audio processing unit 130, a display 160, a power supply 170. It is noted that the electronic device 600 need not include all of the components shown in fig. 14; in addition, the electronic device 600 may further include components not shown in fig. 14, to which reference is made to the related art.

As shown in fig. 14, the central processor 100, also sometimes referred to as a controller or operational control, may include a microprocessor or other processor device and/or logic device, which central processor 100 receives inputs and controls the operation of the various components of the electronic device 600.

The memory 140 may be, for example, one or more of a buffer, a flash memory, a hard drive, a removable media, a volatile memory, a non-volatile memory, or other suitable device. The information about failure may be stored, and a program for executing the information may be stored. And the central processor 100 can execute the program stored in the memory 140 to realize information storage or processing, etc.

The input unit 120 provides an input to the central processor 100. The input unit 120 is, for example, a key or a touch input device. The power supply 170 is used to provide power to the electronic device 600. The display 160 is used for displaying display objects such as images and characters. The display may be, for example, but not limited to, an LCD display.

The memory 140 may be a solid state memory such as Read Only Memory (ROM), random Access Memory (RAM), SIM card, or the like. But also a memory which holds information even when powered down, can be selectively erased and provided with further data, an example of which is sometimes referred to as EPROM or the like. Memory 140 may also be some other type of device. Memory 140 includes a buffer memory 141 (sometimes referred to as a buffer). The memory 140 may include an application/function storage 142, the application/function storage 142 for storing application programs and function programs or a flow for executing operations of the electronic device 600 by the central processor 100.

The memory 140 may also include a data store 143, the data store 143 for storing data, such as contacts, digital data, pictures, sounds, and/or any other data used by the electronic device. The driver storage 144 of the memory 140 may include various drivers of the electronic device for communication functions and/or for performing other functions of the electronic device (e.g., messaging applications, address book applications, etc.).

The communication module 110 is a transmitter/receiver 110 that transmits and receives signals via an antenna 111. A communication module (transmitter/receiver) 110 is coupled to the central processor 100 to provide an input signal and receive an output signal, which may be the same as in the case of a conventional mobile communication terminal.

Based on different communication technologies, a plurality of communication modules 110, such as a cellular network module, a bluetooth module, and/or a wireless local area network module, etc., may be provided in the same electronic device. The communication module (transmitter/receiver) 110 is also coupled to a speaker 131 and a microphone 132 via an audio processor 130 to provide audio output via the speaker 131 and to receive audio input from the microphone 132 to implement usual telecommunication functions. The audio processor 130 may include any suitable buffers, decoders, amplifiers and so forth. In addition, the audio processor 130 is also coupled to the central processor 100 so that sound can be recorded locally through the microphone 132 and so that sound stored locally can be played through the speaker 131.

It will be appreciated by those skilled in the art that embodiments of the present invention may be provided as a method, system, or computer program product. Accordingly, the present invention may take the form of an entirely hardware embodiment, an entirely software embodiment or an embodiment combining software and hardware aspects. Furthermore, the present invention may take the form of a computer program product embodied on one or more computer-usable storage media (including, but not limited to, disk storage, CD-ROM, optical storage, and the like) having computer-usable program code embodied therein.

The present invention is described with reference to flowchart illustrations and/or block diagrams of methods, apparatus (systems) and computer program products according to embodiments of the invention. It will be understood that each flow and/or block of the flowchart illustrations and/or block diagrams, and combinations of flows and/or blocks in the flowchart illustrations and/or block diagrams, can be implemented by computer program instructions. These computer program instructions may be provided to a processor of a general purpose computer, special purpose computer, embedded processor, or other programmable data processing apparatus to produce a machine, such that the instructions, which execute via the processor of the computer or other programmable data processing apparatus, create means for implementing the functions specified in the flowchart flow or flows and/or block diagram block or blocks.

These computer program instructions may also be stored in a computer-readable memory that can direct a computer or other programmable data processing apparatus to function in a particular manner, such that the instructions stored in the computer-readable memory produce an article of manufacture including instruction means which implement the function specified in the flowchart flow or flows and/or block diagram block or blocks.

These computer program instructions may also be loaded onto a computer or other programmable data processing apparatus to cause a series of operational steps to be performed on the computer or other programmable apparatus to produce a computer implemented process such that the instructions which execute on the computer or other programmable apparatus provide steps for implementing the functions specified in the flowchart flow or flows and/or block diagram block or blocks.

The principles and embodiments of the present invention have been described in detail with reference to specific examples, which are provided to facilitate understanding of the method and core ideas of the present invention; meanwhile, as those skilled in the art will have variations in the specific embodiments and application scope in accordance with the ideas of the present invention, the present description should not be construed as limiting the present invention in view of the above.

Claims

1. A method of a payment arrangement for a subscription-free subscription, the method comprising:

2. The method of claim 1, wherein the scene admission information comprises an admission verification code and a scene ID.

3. The method of claim 1, wherein the subscription information further comprises customer information, a subscription payment agreement type, and an application ID.

4. A method of a payment arrangement for a subscription-free subscription, the method comprising:

5. The method of claim 4, wherein the subscription information corresponding to the admission request message includes client information, a client card number, a subscription payment protocol type, and an application ID corresponding to the admission request message; the subscription information corresponding to the subscription request message comprises client information, a client card number, a subscription payment protocol type and an application software ID corresponding to the subscription request message.

6. The method of claim 5, wherein performing admission qualification inspection according to subscription information corresponding to the admission request message, and obtaining an inspection result comprises:

performing application software qualification inspection according to the application software ID corresponding to the admission request message;

if the application software qualification inspection is passed, performing signed payment protocol type validity inspection according to the signed payment protocol type corresponding to the admission request message;

if the legality check of the subscription payment protocol type is obtained to pass, the legality check of the acceptance card is carried out according to the client card number corresponding to the admission request message;

if the acceptance card is checked to pass the validity check, the check result is checked to pass the check.

7. The method of claim 5, wherein the matching according to the subscription information, the scene admission information, and the timestamp corresponding to the admission request message and the subscription request message respectively, to obtain a matching result comprises:

determining a time interval according to the time stamp corresponding to the admission request message and the time stamp corresponding to the subscription request message;

if the time interval is less than the preset threshold, the client information, the client card number, the subscription payment protocol type, the application software ID and the scene access information corresponding to the access request message are matched one by one, and a matching result is obtained.

8. The method of claim 5, wherein the context admission information corresponding to the sign-up request message includes an admission verification code and a context ID.

9. The method of claim 8, wherein verifying the subscription information corresponding to the subscription request message according to the context admission information corresponding to the subscription request message comprises:

determining an account type according to a client card number corresponding to the signing request message;

and verifying the client information and the client card number corresponding to the signing request message according to the account type and a preset verification rule corresponding to the scene ID, and generating a verification result.

10. A secure subscription-free device for a payment arrangement, the device comprising:

11. A secure subscription-free device for a payment arrangement, the device comprising:

12. An electronic device comprising a memory, a processor and a computer program stored on the memory and executable on the processor, characterized in that the processor implements the method of any one of claims 1 to 9 when executing the program.

13. A computer-readable storage medium, characterized in that the computer-readable storage medium stores a computer program for causing a computer to execute the method of any one of claims 1 to 9.