CN113902446A - Face payment security method based on security unit and trusted execution environment - Google Patents

Face payment security method based on security unit and trusted execution environment Download PDF

Info

Publication number
CN113902446A
CN113902446A CN202111172243.XA CN202111172243A CN113902446A CN 113902446 A CN113902446 A CN 113902446A CN 202111172243 A CN202111172243 A CN 202111172243A CN 113902446 A CN113902446 A CN 113902446A
Authority
CN
China
Prior art keywords
face
living body
payment
execution environment
data
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Pending
Application number
CN202111172243.XA
Other languages
Chinese (zh)
Inventor
杨波
于鸽
尚可
董晶
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
Beijing Unionpay Card Technology Co ltd
Original Assignee
Beijing Unionpay Card Technology Co ltd
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Beijing Unionpay Card Technology Co ltd filed Critical Beijing Unionpay Card Technology Co ltd
Priority to CN202111172243.XA priority Critical patent/CN113902446A/en
Publication of CN113902446A publication Critical patent/CN113902446A/en
Pending legal-status Critical Current

Links

Images

Classifications

    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06QINFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES, NOT OTHERWISE PROVIDED FOR
    • G06Q20/00Payment architectures, schemes or protocols
    • G06Q20/38Payment protocols; Details thereof
    • G06Q20/40Authorisation, e.g. identification of payer or payee, verification of customer or shop credentials; Review and approval of payers, e.g. check credit lines or negative lists
    • G06Q20/401Transaction verification
    • G06Q20/4014Identity check for transactions
    • G06Q20/40145Biometric identity checks
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06QINFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES, NOT OTHERWISE PROVIDED FOR
    • G06Q20/00Payment architectures, schemes or protocols
    • G06Q20/38Payment protocols; Details thereof
    • G06Q20/382Payment protocols; Details thereof insuring higher security of transaction
    • G06Q20/3829Payment protocols; Details thereof insuring higher security of transaction involving key management

Landscapes

  • Business, Economics & Management (AREA)
  • Engineering & Computer Science (AREA)
  • Accounting & Taxation (AREA)
  • Computer Security & Cryptography (AREA)
  • Finance (AREA)
  • Strategic Management (AREA)
  • Physics & Mathematics (AREA)
  • General Business, Economics & Management (AREA)
  • General Physics & Mathematics (AREA)
  • Theoretical Computer Science (AREA)
  • Collating Specific Patterns (AREA)
  • Financial Or Insurance-Related Operations Such As Payment And Settlement (AREA)

Abstract

The invention provides a face payment safety method based on a safety unit and a trusted execution environment, which comprises the steps of calculating a living body percentage by the trusted execution environment through face recognition trusted application and face living body detection data and face image data acquired by a face recognition camera, calling the safety unit to acquire a percentage signature result and ciphertext data, judging whether the living body percentage is greater than a preset living body percentage threshold value by the payment application, and performing user identity authentication and residual transaction by combining a password keyboard in a rich execution environment if the living body percentage is greater than the preset living body percentage threshold value. In the scheme, the safety unit provides safe cryptographic algorithm service and a face identification data protection key, the trusted execution environment ensures the safe execution of the face living body detection algorithm, and the integrity, the authentication and the confidentiality of each data in the face payment process are ensured by directly connecting with the face identification camera.

Description

Face payment security method based on security unit and trusted execution environment
The application is as follows, application date 2019, 8 and 30 months, application number: 2019108129583, the invention relates to a human face payment security method based on a security unit and a trusted execution environment and a divisional application of a platform.
Technical Field
The invention relates to the field of face payment, in particular to a face payment security method based on a security unit and a trusted execution environment.
Background
With the rapid development and derivation of artificial intelligence technology, face recognition technology is gradually applied to the field of financial payment, and the appearance of face recognition payment application introduces potential security risks to the original payment system. Under the condition of non-targeted safety protection, the face recognition related algorithm and the face image data are easily attacked by external malicious attacks in the conventional payment application common operating system, so that the payment transaction of the user faces severe safety threats. The face recognition safety payment application platform is designed, the defense capacity of payment application can be effectively improved, and the safety and the stability of executing a payment process by taking face recognition as a user identity identification and authentication way are guaranteed. The safe payment application platform is based on a safe unit and depends on a trusted execution environment to prevent the human face living body detection result and the human face image of the user from being maliciously tampered, stolen and forged, so that the terminal payment safety is guaranteed. The security unit solves the problems of core key storage and cryptographic algorithm service. The trusted execution environment solves the problems of face living body detection algorithm execution, algorithm result and face image integrity, authentication and confidentiality protection.
A Secure Element (SE) for a payment application platform is mostly an independent security chip, can prevent external malicious analysis attacks, protects the security of core sensitive data, and is provided with a cryptographic algorithm logic circuit in the chip, so that a Secure cryptographic algorithm service can be provided to the outside. The application of the SE concept in the financial field originates from financial IC card chips, SE chips with similar functions are gradually popularized on financial transaction terminals, and in recent years, mobile phone terminals are also equipped with special embedded SE chips. The SE can not only prevent logic attack from a software layer, but also resist physical attack, and can protect the safety of data stored in the SE even if the SE is physically damaged and disassembled. SE has extremely high security protection capability, but its computational and storage resources are limited, and it is usually only used to protect core-sensitive security key data and provide underlying cryptographic algorithm services, and is not suitable for protection of large-scale data and more complex program logic execution.
A Trusted Execution Environment (TEE) is a foundation for establishing a Trusted mobile terminal platform, by considering the idea of Trusted computing technology, aiming at protecting security-sensitive code Execution and related data information from being attacked and damaged by malicious adversaries. The TEE is mainly composed of a microkernel operating system, and is isolated from a Rich Execution Environment (REE) composed of common terminal operating systems (such as android and iOS). The TEE can resist attacks from a software layer, the safety protection capability is lower than that of the SE, but the TEE is actually operated on a main control Chip (CPU) of the terminal, has strong computing capability and can execute complex logic programs. The international standards organization (GlobalPlatform, GP) developed a standard white paper for TEE in 2011 and given system architecture design guidelines. The ARM company provides a TrustZone isolation technology for providing hardware support for TEE, and an isolation environment with high security can be constructed by a bottom-up method. In recent years, building TEE on mobile terminal devices has become a standard configuration for handset vendors.
The face recognition technology is widely applied to the fields of security, finance, smart home and the like, the face comparison and identification are realized, and the identity recognition and authentication of individual users are completed by means of the biological feature of the face. The face recognition is applied to the payment field, and is used for distinguishing and confirming the identity of a payment subject through face feature recognition, so that the distinguishing of a user (and a corresponding account thereof) can be realized (similar to the determination of a bank card number), and the identity can also be confirmed as an identity authentication element (similar to the input of a password). In the using process, in order to improve the security, the face recognition is often combined with authentication means such as user password input to complete the identity authentication of the payment user. Algorithms related to the payment safety in the face recognition process mainly comprise a living body detection algorithm and a face comparison algorithm, wherein the living body detection algorithm is mainly used for determining that a face image is from a real living body and preventing false body attacks such as photos, videos and the like, and the face comparison algorithm is mainly used for determining the identity of a current user in a large amount of user image data. In payment application, only a living body detection algorithm is generally integrated, and a face comparison algorithm is mainly deployed in a background server of a payment mechanism or an authentication mechanism and is used in combination with a large number of face image databases.
In order to reduce the security risk of payment transaction, the existing payment application equipment is designed to be safe in the aspects of operating system, physical hardware and password input protection. However, for the face recognition algorithm and the related flow, the above security design is not enough to protect the secure execution and result of the algorithm, and the face image data is exposed to the risks of leakage, falsification and forgery. The face recognition secure payment application platform based on the TEE and the SE can effectively solve related security problems, but in specific implementation and application, the following problems exist:
1. the existing payment application is not specially designed for protecting a human face living body detection algorithm, and cannot protect the integrity, the authentication and the confidentiality of algorithm execution and algorithm results.
2. The existing payment applications are not protected against the face recognition process.
3. The face image data belongs to privacy data of the user, and long-term potential safety hazards are brought to the user once the face image data is revealed. The existing payment application processes the face image in the common operating system REE, and because the REE is easy to be broken, the face image data also faces higher leakage risk. Therefore, how to design a security protection scheme for the face image data at each stage of generation, processing, transmission and the like of the terminal so as to ensure the security of the image data in the face recognition payment process becomes a problem to be solved urgently.
Disclosure of Invention
The invention provides a face payment security method based on a security unit and a trusted execution environment, which is used for solving the problems that the face payment related algorithm execution, the algorithm result, the face recognition flow and the integrity, the authentication and the confidentiality of face image data cannot be protected in the face payment process in the prior art.
In order to achieve the above object, the technical solution of the present invention provides a face payment security method based on a security unit and a trusted execution environment, including: and generating the living body percentage by the face recognition credible application in the credible execution environment according to the collected face living body detection data and the face image data. And the safety unit signs and encrypts the living body percentage and the face image data and then transmits the generated ciphertext data back to the face recognition credible application. And the payment application judges whether the living body percentage is larger than a preset living body percentage threshold value or not, if so, the identity authentication is carried out, and the rest transaction is carried out after the identity authentication is passed.
As a preferred aspect of the foregoing technical solution, preferably, the face recognition trusted application collects face live detection data and face image data, and includes: and the payment application judges whether the acquisition of the human face living body detection data and the human face image data is finished. And if not, the payment application calls the face recognition trusted application through a trusted execution environment. The face recognition credible application activates a face recognition camera to capture face data.
Preferably, the acquiring of the percentage of the living body includes: and the face recognition camera captures face living body detection data and face image data after being activated by a face recognition credible application in a credible execution environment. And the face recognition credible application calls a living body detection algorithm to obtain the living body percentage through calculation according to the face living body detection data and the face image data. The face image and the face living body detection data collected by the face recognition camera are transmitted to a corresponding face recognition tool in a trusted execution environment only through a trusted execution environment channel.
Preferably, as a preferred aspect of the foregoing technical solution, after signing and encrypting the living body percentage and the face image data, the security unit transmits a generated signature result and ciphertext data back to the face recognition trusted application, where the method includes: and calling a safety unit interface by the face recognition credible application, and carrying out signature operation on the living body percentage and the face image data by the safety unit to generate a signature result. And the safety unit calls a symmetric encryption algorithm and a corresponding key to carry out encryption operation on the living body percentage, the signature result and the face image data, generates ciphertext data and transmits the ciphertext data back to the face recognition credible application.
Preferably, as a preferred aspect of the foregoing technical solution, the determining, by the payment application, whether the living body percentage is greater than a preset living body percentage threshold, and if so, performing identity authentication includes: if the acquisition of the human face living body detection data and the human face image data is finished, a payment authentication process is executed by directly utilizing the living body percentage and the generated ciphertext data; and the payment application compares the living body percentage with a preset living body percentage threshold, if the living body percentage is larger than the preset living body percentage threshold, the password keyboard is unlocked, and the payment application acquires a payment password. And the payment application transmits the generated ciphertext data to the authentication server, the authentication server authenticates the identity of the user, if the user passes the authentication, the rest transaction is carried out, and if the user does not pass the authentication, the transaction is ended.
The technical scheme of the invention provides a face payment safety method, face living body detection data and face image data which are acquired by a face recognition camera through face recognition credible application are used, ciphertext data are acquired by a safety unit through a credible execution environment after living body percentage is acquired, payment application judges whether the living body percentage is larger than a preset living body percentage threshold value or not, if so, identity authentication is carried out by combining an encryption key, and after the living body percentage is passed, residual transaction is carried out by combining a password keyboard in a rich execution environment.
The invention has the advantages that:
1. the SE-based terminal platform can safely manage the data protection key related to the face recognition process, the SE can provide safe cryptographic algorithm service, the TEE ensures the safe execution of the face in-vivo detection algorithm, the TEE is directly connected with the face recognition camera, and the whole terminal platform realizes the protection of the data accuracy, integrity, authentication and confidentiality of the face in-vivo detection result and the face recognition image.
2. The invention can be closely fused with the original payment process of the payment application, and the face recognition safe payment method based on the terminal platform can effectively reduce the safety risk introduced to the traditional payment transaction in the face recognition process and can resist the malicious attack to the terminal platform from the software layer and part of the hardware layer, thereby integrally improving the safety of the face recognition payment.
3. The terminal platform and the payment method designed by the invention conform to general SE and TEE management mechanisms, and are matched with mature TSM (trusted service management platform) and TAM (trusted authentication management platform) mechanisms, so that the key life cycle management and authentication of the safe payment application platform and the life cycle management and authentication of TEE and TA can be effectively realized, and the platform is quickly integrated into the existing trusted management and authentication system environment, thereby further improving the safety management capability of a face recognition payment transaction bottom layer.
Drawings
In order to more clearly illustrate the embodiments of the present invention or the technical solutions in the prior art, a brief description will be given below of the drawings required for the embodiments or the technical solutions in the prior art, and it is obvious that the drawings in the following description are some embodiments of the present invention, and it is obvious for those skilled in the art to obtain other drawings based on these drawings without creative efforts.
Fig. 1 is a schematic flow chart of a face payment security method provided in an embodiment of the present invention.
Fig. 2 is a first flowchart of a specific payment process of the face payment security method according to the embodiment of the present invention.
Fig. 3 is a second flowchart of a specific payment process of the face payment security method according to the embodiment of the present invention.
Fig. 4 is a first structural schematic diagram of the face payment security method implemented based on hardware and software according to the embodiment of the present invention.
Fig. 5 is a structural schematic diagram two of the face payment security method implemented based on hardware and software according to the embodiment of the present invention.
Detailed Description
In order to make the objects, technical solutions and advantages of the embodiments of the present invention clearer, the technical solutions in the embodiments of the present invention will be clearly and completely described below with reference to the drawings in the embodiments of the present invention, and it is obvious that the described embodiments are some, but not all, embodiments of the present invention. All other embodiments, which can be obtained by a person skilled in the art without any inventive step based on the embodiments of the present invention, are within the scope of the present invention.
Now specifically describing the technical solution of the present invention, fig. 1 is a schematic flow chart provided in an embodiment of the present invention, as shown in fig. 1, including:
step 101, the payment application judges whether the acquisition of the human face living body detection data and the human face image data is finished.
If not, after the payment application calls the face recognition trusted application through the trusted execution environment, the face recognition trusted application activates a face recognition camera to capture face data and then executes step 102, and if the face recognition trusted application finishes executing step 104.
And 102, the face recognition credible application acquires the living body percentage through the acquired face living body detection data and the face image data.
The face recognition credible application calls a living body detection algorithm to obtain the living body percentage through calculation according to the face living body detection data and the face image data;
the face image and the face living body detection data collected by the face recognition camera are transmitted to a corresponding face recognition tool in a trusted execution environment only through a trusted execution environment channel.
And 103, acquiring ciphertext data by the face recognition credible application according to the living body percentage and the face image data.
And calling a safety unit interface by the face recognition credible application in the credible execution environment, and carrying out signature operation on the living body percentage and the face image data by the safety unit to generate a signature result. And the safety unit calls a symmetric encryption algorithm and a corresponding key to carry out encryption operation on the living body percentage, the signature result and the face image data to obtain ciphertext data. The encrypted content of the ciphertext data comprises face image data, a living body percentage and a signature result.
And step 104, the payment application judges whether the living body percentage is larger than a preset living body percentage threshold value, if so, the ciphertext data is transmitted to the authentication server for identity authentication, and after the identity authentication and the rest of transactions are completed by combining the password keyboard. If so, the transaction is ended.
Specifically, the payment application compares the living body percentage with a preset living body percentage threshold, if the living body percentage is larger than the preset living body percentage threshold, the password keyboard is unlocked, and the payment application acquires the payment password. And meanwhile, the payment application transmits the ciphertext data to the authentication server, the authentication server authenticates the identity of the user, if the user passes the authentication, the rest transaction is carried out, and if the user does not pass the authentication, the transaction is ended. Wherein the percentage of living being appears in clear text in the rich execution environment of the payment application when the payment application compares the percentage of living being to a preset percentage of living being threshold.
The technical scheme of the invention is further explained in detail by using a specific embodiment: the ID and key identification involved in the embodiment of the technical solution of the present invention are shown in table 1 below.
Table 1: ID and key identification
Figure BDA0003293707200000061
Figure BDA0003293707200000071
The specific payment flow of the face payment security method provided by the invention is shown in fig. 2, and is specifically described as follows: the secure element SE, the trusted execution environment TEE, the rich execution environment REE, the trusted application ta (trusted application), and the payment APP are the payment applications, and the payment applications are installed in the operation terminal of the merchant or the consumer.
Step 201, a merchant or a consumer operates a payment APP in a terminal platform REE to trigger a face recognition payment service.
Step 202, the payment APP judges whether the capturing and the living body detection of the face image of the consumer are finished, if so, step 210 is executed, otherwise, step 203 is executed.
Step 203, paying APP to activate face recognition TA.
The face recognition function module of the payment APP calls a face recognition TA in the trusted execution environment TEE through the TEE manager, a desired call instruction is sent to the TA, and the face recognition TA enters an active state.
And step 204, the face recognition camera captures a face image.
The face recognition TA activates a face recognition camera through the internal drive of the TEE, and the face recognition camera prepares to capture a face image according to an instruction financial activity state. Wherein the face recognition camera is usually arranged on an operation terminal of a merchant or a consumer.
Step 205, sending the face living body detection data l and the face image data p to the face recognition TA.
Specifically, the face recognition camera captures living detection data l and face image data p of the face of the consumer respectively, and directly transmits the two data into a face recognition TA in the TEE.
Step 206, the face recognition TA calculates the living body percentage r.
Specifically, the face recognition TA calls a face living body detection SDK corresponding algorithm to process and discriminate the face living body detection data l, and a living body percentage r corresponding to the data is obtained.
Step 207, the face recognition TA generates a signature result.
The face recognition TA calls an SE interface through TEE, the living body percentage r and the face image data p are sent to the SE, and the SE calls a signature algorithm SIG to use a private key SKFaceAnd performing signature operation on the living body percentage r and the face image data p to obtain a signature result s, wherein the method comprises the following steps:
s=SIG(SKFace,r||p)。
and step 208, the SE calls an encryption algorithm to perform data processing to obtain ciphertext data m.
The SE calls a symmetric encryption algorithm ENC to perform encryption operation on the signature result s, the living body percentage r and the face image data p by using a key FaceKey, so as to obtain ciphertext data m sent to a background, specifically, m is ENC (FaceKey, s | | | r | | | p). After the SE finishes the operation, sending the ciphertext data m and the living body percentage r to a face recognition TA of the TEE. Wherein the key FaceKey is a key in the secure element SE.
Step 209, the face recognition TA receives the ciphertext data m and the live body percentage r and sends the ciphertext data m and the live body percentage r to the payment APP.
At the moment, the payment APP finishes capturing and live body detection of the face image, obtains relevant data for verifying identity information of the consumer, and waits for sending to the background authentication server.
Specifically, the ciphertext data m is: and (4) encryption results of the signature result s, the living body percentage r and the face image data p.
And step 210, the payment APP judges whether the living body detection passes according to the living body percentage r, if so, the step 211 is executed, and if not, the transaction is ended.
And the payment APP makes a preliminary judgment according to the value of r, if the value reaches a set living body percentage threshold value, a subsequent face payment transaction step is carried out, and if the value does not reach the threshold value requirement, the payment is failed to end in the transaction.
The live percentage r at this time appears in the REE, so it is an untrusted data, and for the determination that it reaches above the live threshold, here only a preliminary determination, the relevant data will also make a final determination at the background authentication server.
And step 211, calling a payment function module by the payment APP, and entering a payment process.
Step 212, the consumer inputs the transaction password through the password keypad.
Payment equipment SDK activates PINPAD password keyboard, and the consumer inputs the password that is exclusively used in face identification payment transaction through PINPAD, and the consumer's password through security protection passes through payment equipment SDK and spreads into payment APP.
Step 213, the authentication server authenticates the identity of the consumer according to the received ciphertext data m and the password, and if the authentication passes, step 214 is executed.
And the payment APP packages the ciphertext data m and the safety-protected face recognition payment transaction password of the consumer, transmits the package to a related mechanism background server with a biological recognition platform, performs recognition and authentication on the identity of the consumer, and maps out a transaction account of the consumer for subsequent transaction operation of actual amount.
Step 214, the payment APP determines whether the transaction is completed, if so, step 215 is executed, otherwise, the transaction is ended.
Specifically, in step 214, the payment APP determines whether the payment password is correct and whether the face of the person matches the consumer himself, if both are correct, step 215 is executed, otherwise, the transaction is ended.
After the identity authentication of the consumer is completed through the face data, the related server and the terminal platform complete the original payment transaction process together, the actual operation of the corresponding account and the corresponding transaction amount is completed through the traditional payment channel, and the result of the terminal platform is returned.
Step 215, display the transaction result.
And the payment APP judges whether the final payment transaction is successfully completed or not, and displays a final transaction result through a terminal platform screen for confirmation of the merchant and the consumer.
The hardware implementation based on the method provided by the invention comprises the following steps: the system comprises a PINPAD password keyboard, a security unit SE and a human face camera; the software implementation based on the method provided by the invention comprises the following steps: REE and TEE environments. The REE is operated with a payment APP, a payment device SDK and a TEE manager, wherein the payment APP comprises a payment function module and a face recognition function module; and a face identification trusted application TA is operated in the TEE.
The payment method provided by the invention is now explained by combining hardware and software:
a payment application (payment APP)31, configured to invoke a face recognition trusted application if the acquisition of the face living body detection data and the face image data is not completed; and the system is also used for transmitting the ciphertext data generated by the safety unit to an authentication server, authenticating the identity of the user through the authentication server, and performing a payment process.
The face recognition trusted application TA32 is used to activate the face recognition camera and obtain the live percentage, which contains the face live detection algorithm SDK.
And the face recognition camera 33 is configured to capture face living body detection data and face image data, and send the face living body detection data and the face image data to the trusted execution environment. The camera is specially used for capturing face image data in the face recognition process, has a hardware support function of in-vivo detection, can be a 3D structured light camera, a TOF camera or an infrared binocular camera, and is driven by a corresponding algorithm in TEE. The face recognition camera is only directly connected with the TEE and not directly connected with the REE, and generated face image original data can only be directly transmitted into a corresponding face recognition credible application TA in the TEE for processing.
And the trusted execution environment TEE34 is used for calling a symmetric encryption algorithm in the security unit SE to perform signature operation on the living body percentage acquired by the face recognition trusted application and the face image data acquired by the face recognition camera, generating a signature result, and sending an encryption instruction to the security unit to instruct the security unit to generate ciphertext data m.
The trusted execution environment 34 is implemented based on an ARM TrustZone hardware architecture, and is a proprietary environment isolated from the REE, which is mainly described herein with respect to the TEE OS layer. A trusted face identification application TA is safely executed in the TEE, a living face detection algorithm SDK321 is run by the trusted face identification application TA32, and related algorithms such as living body detection and the like can be executed on the acquired face data, and the TEE stores a TEE identity identification serial number IDTEETEE authentication private key SKTEEAnd TA authentication public key PKTA_Certify(ii) a The TEE communicates data with the REE through a TEE manager in the REE, which may also execute other security sensitive TAs.
And the safety unit SE35 is configured to perform encryption operation on the living body percentage, the signature result generated by the trusted execution environment 34, and the face image data acquired by the face recognition camera, so as to obtain ciphertext data.
Specifically, the safety unit SE is directly positioned on the platform main board and used for signing the human face living body detection result, encrypting the human face image and providing a safe cryptographic algorithm for the upper layer, wherein the cryptographic algorithm comprises a signature algorithm, a symmetric encryption algorithm, a digest algorithm and the like, and the SE is provided with a unique identity identification serial number IDSEPrivate key SK of human face living body detection result signatureFaceAnd a face image symmetric encryption key FaceKey. The SE is directly connected with the TEE of the platform, only receives the effective instruction sent by the TEE, and returns the output result to the applicable TA in the TEE.
And the authentication server 36 is used for performing identity authentication on the current user according to the ciphertext data and the stored biological characteristics of the ciphertext data, and transmitting the identity authentication back to the payment APP 31.
The rich execution environment REE37 is used for operating a payment application of a payment mechanism for face recognition transaction, the payment application operates with a payment function module and a face recognition function module which respectively process a conventional payment flow and a face recognition flow, and the rich execution environment operates with a payment tool for assisting in completing the payment transaction, and the payment tool performs data interaction with a password keyboard. The Android operating system is a common Android operating system, executes application programs, component services and drivers of an original terminal, runs a payment APP31, and realizes an upper interface and a UI (user interface) of a payment transaction function and a face recognition function, wherein the APP is mainly realized by a payment mechanism. A payment function module 311 of the payment APP31, which is mainly responsible for processing requests, responses and data packets of payment-related functions; the face recognition function module 312 is mainly responsible for processing requests, responses and data packets of the face recognition related functions. Also running in the REE37 is a payment device SDK371 for handling the original payment transaction algorithms and protocols, which are related to payment authority background rules. The TEE manager 372 is operated in the REE37 and is used for realizing data communication and command calling functions of the TEE and the REE, and is responsible for sending a calling request and receiving a returned data result when the payment APP calls the face recognition trusted application TA.
A PINPAD password keypad 38 for a user to enter a payment password into a payment application. Specifically, the method is used for safely inputting the face transaction password during face payment, and the PINPAD is a physical entity keyboard and a non-virtual keyboard. The PINPAD needs to pass detection and authentication of related departments of the financial industry, an independent security chip is included, the PINPAD is in butt joint with a payment mechanism background during use, an encryption protection key and an integrity protection password which are distributed to the PINPAD are directly obtained, after a user inputs a face transaction password, encryption and integrity protection calculation are directly completed in the PINPAD, and then the face transaction password is sent to the payment mechanism background, and the user password cannot appear in other environments including a payment APP in a plaintext. The PINPAD interfaces with the rich execution environment REE, mainly interacting with the payment device SDK.
The face payment safety method based on the safety unit and the credible execution environment can be deployed in a common merchant, is independently oriented to a consumer to complete the payment transaction of goods or services through face recognition, and can also be matched with the existing payment MIS (management information system) cash register, self-service vending machine and POS terminal to quickly reform the original equipment to enable the original equipment to have the face recognition payment function.
Further, the face recognition payment method performs related information data interaction with an authentication server, a TSM (trusted service management platform) and a TAM (trusted authentication management platform) respectively to support and complete the face recognition secure payment process.
And the trusted service management platform TSM is used for performing data interaction with a face recognition payment method through a secure channel, issuing, registering and updating the ciphertext data and the rest applications generated by the secure unit, and protecting the face image data in the transaction. Specifically, the TSM may be deployed in a payment mechanism background, or may be independently operated and maintained by a certain mechanism, and is mainly used for managing the SE of the terminal platform and requiring data interaction with the payment APP background service. Before the terminal platform leaves the factory, a manufacturer presets a secret key for SE, and then a safe channel can be established between the TSM and the terminal platform. In the using process of the terminal platform, both Applet application and a function key operated by the SE can be issued to the SE by the TSM through a secure channel, and meanwhile, the updating and upgrading of the data are completed by issuing through the TSM. SE keys managed by TSM include faceKey and SKFaceWhen a terminal SE finishes registering at the TSM, the TSM has ID corresponding to the SESEfaceKey and PKFaceThe TSM transmits the data to the authentication server in a certain form through a certain mode, and the authentication server can use the data when verifying the terminal platform face payment transaction, so that the data is used as a verification basis.
And the trusted authentication management platform is used for performing data interaction with the face recognition payment method through a secure channel, issuing, registering and updating the key of the trusted execution environment and the face recognition trusted application in the trusted execution environment, and authenticating the identity of the trusted execution environment.
The TAM can be deployed at a payment mechanism background, and can also be independently operated and maintained by a certain mechanism, and the TAM is mainly used for managing the TEE of a terminal platform and needs to have data interaction with the payment APP background service. Before the terminal platform leaves the factory, a manufacturer presets a secret key for the TEE, and then a safe channel can be established between the TAM and the terminal platform. In the using process of the terminal platform, the TEE OS mirror image, the TA operated by the TEE and the function key can be issued to the terminal platform by the TAM through the secure channel, and meanwhile, the updating and upgrading of the data are also completed by the TAM. The TEE key for which TAM is responsible for management has SKTEEAnd PKTA_CertifyWhen a terminal TEE completes registration at the TAM, the TAM will have the ID corresponding to the TEETEE、PKTEEAnd SKTA_CertifyTAM will IDTEEAnd PKTEEAnd the data are transmitted to an authentication server in a certain mode, and the authentication server uses the two data when verifying the identity of the terminal platform TEE, so that the two data are used as the verification basis.
The authentication server is mainly arranged at the payment mechanism background and used for verifying the legal identities of the terminal platform and the consumer, is a main body for carrying out background face recognition algorithm arrangement in the face payment transaction process, and is a core component for carrying out account authentication on the consumer in the face payment transaction. In the face recognition safe payment process, a terminal platform (payment APP) generates face recognition packet data and sends the face recognition packet data to the authentication server, the authentication server unpacks and verifies the terminal platform data by using corresponding key data transmitted by a TSM, after the living body percentage r is subjected to qualification judgment, face image data p and a consumer face transaction password are used for comparison and retrieval in a self-owned face image database, specific identities and consumption accounts of corresponding consumers are determined, then the payment transaction process of specific money is completed through a traditional path, so that the core verification step of the face recognition payment transaction is completed, and the face recognition safe payment application method function is realized.
The technical solution of the present invention will now be described with reference to the actual operation process,
the consumer starts the payment application 31 in the terminal device to start payment, the payment application 31 activates the TEE manager 372, so as to invoke the face recognition trusted application TA32 in the trusted execution environment TEE34, the face recognition trusted application TA32 activates the face recognition camera 33 to collect the face image of the consumer and transmit the image back to the face recognition trusted application TA32, and the face living body detection algorithm SDK321 calculates the face image to obtain the living body percentage r and the face pixel image. The face recognition credible application TA32 issues the living body percentage r and the face pixel image to the safety unit SE35 for operation, and ciphertext data m are obtained. The ciphertext data m is then transmitted back to the face recognition trusted application TA32, via the TEE manager 372 and back to the payment application 31. The payment application sends the ciphertext data m to the authentication server 36 for authentication, and then sends the authentication result back to the payment application 31, if the authentication is passed, the password is input by the password keyboard 38, and then the calculation result is sent to the payment application 31 after being calculated by the payment device SDK371, and the payment function module 311 in the payment application 31 executes the payment process.
The technical scheme of the invention provides a face payment safety method, face living body detection data and face image data which are acquired by a face recognition camera through face recognition credible application are used, ciphertext data are acquired by a safety unit through a credible execution environment after living body percentage is acquired, payment application judges whether the living body percentage is larger than a preset living body percentage threshold value or not, if so, identity authentication is carried out by combining an encryption key, and after the living body percentage is passed, residual transaction is carried out by combining a password keyboard in a rich execution environment.
The invention has the advantages that:
1. the SE-based terminal platform can safely manage the data protection key related to the face recognition process, the SE can provide safe cryptographic algorithm service, the TEE ensures the safe execution of the face in-vivo detection algorithm, the TEE is directly connected with the face recognition camera, and the whole terminal platform realizes the protection of the data accuracy, integrity, authentication and confidentiality of the face in-vivo detection result and the face recognition image.
2. The invention can be closely fused with the original payment process of the payment application, and the face recognition safe payment method based on the terminal platform can effectively reduce the safety risk introduced to the traditional payment transaction in the face recognition process and can resist the malicious attack to the terminal platform from the software layer and part of the hardware layer, thereby integrally improving the safety of the face recognition payment.
3. The terminal platform and the payment method designed by the invention conform to general SE and TEE management mechanisms, and are matched with mature TSM (trusted service management platform) and TAM (trusted authentication management platform) mechanisms, so that the key life cycle management and authentication of the safe payment application platform and the life cycle management and authentication of TEE and TA can be effectively realized, and the platform is quickly integrated into the existing trusted management and authentication system environment, thereby further improving the safety management capability of a face recognition payment transaction bottom layer.
Finally, it should be noted that: the above embodiments are only used to illustrate the technical solution of the present invention, and not to limit the same; while the invention has been described in detail and with reference to the foregoing embodiments, it will be understood by those skilled in the art that: the technical solutions described in the foregoing embodiments may still be modified, or some or all of the technical features may be equivalently replaced; and the modifications or the substitutions do not make the essence of the corresponding technical solutions depart from the scope of the technical solutions of the embodiments of the present invention.

Claims (6)

1. A face payment security method based on a security unit and a trusted execution environment is characterized by comprising the following steps:
generating a living body percentage by a face recognition credible application in a credible execution environment according to the collected face living body detection data and the face image data;
the safety unit signs and encrypts the living body percentage and the face image data and then transmits a generated signature result and ciphertext data back to the face recognition credible application;
and the payment application judges whether the living body percentage is larger than a preset living body percentage threshold value or not, if so, the identity authentication is carried out, and the rest transaction is carried out after the identity authentication is passed.
2. The secure element and trusted execution environment based face payment security method of claim 1, wherein said trusted execution environment based face recognition trusted application based on collected face live detection data and face image data comprises:
the payment application judges whether the acquisition of the human face living body detection data and the human face image data is finished;
if not, the payment application calls the face recognition trusted application through a trusted execution environment;
the face recognition credible application activates a face recognition camera to capture face data.
3. The secure element and trusted execution environment based face payment security method of claim 1, wherein said trusted execution environment is configured to generate a live percentage from said collected live human face detection data and said collected human face image data, comprising:
the face recognition camera is activated by a face recognition credible application in the credible execution environment and then captures the face living body detection data and the face image data;
the face recognition credible application calls a living body detection algorithm to calculate the living body percentage according to the face living body detection data and the face image data;
the face image and the face living body detection data collected by the face recognition camera are transmitted to a corresponding face recognition tool in a trusted execution environment only through a trusted execution environment channel.
4. The secure element and trusted execution environment based face payment security method of claim 1, wherein a face recognition trusted application in said trusted execution environment generates a live percentage from the collected live face detection data and face image data, and thereafter comprises:
and the face recognition credible application acquires ciphertext data according to the living body percentage and the face image data.
5. The secure unit and trusted execution environment-based face payment security method according to claim 1 or 4, wherein the secure unit signs and encrypts the living body percentage and the face image data and then transmits generated signature results and ciphertext data back to the face recognition trusted application, and the method comprises:
the face recognition credible application calls a safety unit interface, and the safety unit carries out signature operation on the living body percentage and the face image data to generate a signature result;
and the safety unit calls an encryption algorithm to perform encryption operation on the living body percentage, the signature result and the face image data, generates ciphertext data and transmits the ciphertext data back to the face recognition credible application.
6. The secure unit and trusted execution environment based face payment security method of claim 2, wherein the payment application determines whether the percentage of living body is greater than a preset percentage of living body threshold, and if so, performs identity authentication, comprising:
if the acquisition of the human face living body detection data and the human face image data is finished, a payment authentication process is executed by directly utilizing the living body percentage and the generated ciphertext data;
the payment application compares the living body percentage with a preset living body percentage threshold value, if the living body percentage is larger than the preset living body percentage threshold value, a password keyboard is unlocked, and the payment application acquires a payment password;
and the payment application transmits the generated ciphertext data to an authentication server, the authentication server authenticates the identity of the user, if the user passes the authentication, the rest transaction is carried out, and if the user does not pass the authentication, the transaction is ended.
CN202111172243.XA 2019-08-30 2019-08-30 Face payment security method based on security unit and trusted execution environment Pending CN113902446A (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
CN202111172243.XA CN113902446A (en) 2019-08-30 2019-08-30 Face payment security method based on security unit and trusted execution environment

Applications Claiming Priority (2)

Application Number Priority Date Filing Date Title
CN201910812958.3A CN110555706A (en) 2019-08-30 2019-08-30 Face payment security method and platform based on security unit and trusted execution environment
CN202111172243.XA CN113902446A (en) 2019-08-30 2019-08-30 Face payment security method based on security unit and trusted execution environment

Related Parent Applications (1)

Application Number Title Priority Date Filing Date
CN201910812958.3A Division CN110555706A (en) 2019-08-30 2019-08-30 Face payment security method and platform based on security unit and trusted execution environment

Publications (1)

Publication Number Publication Date
CN113902446A true CN113902446A (en) 2022-01-07

Family

ID=68738491

Family Applications (2)

Application Number Title Priority Date Filing Date
CN202111172243.XA Pending CN113902446A (en) 2019-08-30 2019-08-30 Face payment security method based on security unit and trusted execution environment
CN201910812958.3A Pending CN110555706A (en) 2019-08-30 2019-08-30 Face payment security method and platform based on security unit and trusted execution environment

Family Applications After (1)

Application Number Title Priority Date Filing Date
CN201910812958.3A Pending CN110555706A (en) 2019-08-30 2019-08-30 Face payment security method and platform based on security unit and trusted execution environment

Country Status (1)

Country Link
CN (2) CN113902446A (en)

Cited By (1)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN110555706A (en) * 2019-08-30 2019-12-10 北京银联金卡科技有限公司 Face payment security method and platform based on security unit and trusted execution environment

Families Citing this family (19)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN111046365B (en) * 2019-12-16 2023-05-05 腾讯科技(深圳)有限公司 Face image transmission method, numerical value transfer method, device and electronic equipment
CN111401877A (en) * 2019-12-18 2020-07-10 中国银联股份有限公司 Face brushing equipment, face brushing payment system and face brushing payment method
CN111949972B (en) * 2020-02-19 2023-10-03 华控清交信息科技(北京)有限公司 Verification method, system, equipment and storage medium of artificial intelligent model
CN111414605B (en) * 2020-03-17 2023-07-18 Oppo(重庆)智能科技有限公司 Unlocking method and device of embedded security unit, electronic equipment and storage medium
CN111401901B (en) * 2020-03-23 2021-06-04 腾讯科技(深圳)有限公司 Authentication method and device of biological payment device, computer device and storage medium
CN111582144A (en) * 2020-05-06 2020-08-25 Oppo(重庆)智能科技有限公司 Safety processing method and device for face data, electronic equipment and storage medium
CN111476580A (en) * 2020-05-29 2020-07-31 南方电网科学研究院有限责任公司 Face payment method and system
CN111611976A (en) * 2020-06-04 2020-09-01 支付宝(杭州)信息技术有限公司 Payment method and device based on face recognition
CN111881459B (en) * 2020-08-03 2024-04-05 沈阳谦川科技有限公司 Equipment risk control system and detection method based on trusted computing environment
CN111881435B (en) * 2020-08-03 2023-11-24 沈阳谦川科技有限公司 Method and system for realizing safe memory
CN112202794A (en) * 2020-09-30 2021-01-08 中国工商银行股份有限公司 Transaction data protection method and device, electronic equipment and medium
CN113518061B (en) * 2020-10-16 2024-01-05 腾讯科技(深圳)有限公司 Data transmission method, equipment, device, system and medium in face recognition
CN112560116A (en) * 2020-12-04 2021-03-26 Oppo(重庆)智能科技有限公司 Function control method, device and storage medium
CN112669021B (en) * 2020-12-31 2024-05-24 北京握奇数据股份有限公司 Digital currency hardware wallet based on mobile terminal
CN112862491B (en) * 2021-01-18 2022-03-15 广东便捷神科技股份有限公司 Face payment security method and platform based on security unit and trusted execution environment
CN113760090B (en) * 2021-06-18 2022-09-13 荣耀终端有限公司 Business process execution method based on trusted execution environment and electronic equipment
CN116935467A (en) * 2021-08-12 2023-10-24 荣耀终端有限公司 Data processing method and device
CN113779588B (en) * 2021-08-12 2023-03-24 荣耀终端有限公司 Face recognition method and device
CN113837750A (en) * 2021-09-26 2021-12-24 快钱支付清算信息有限公司 Operating system for payment based on mobile terminal

Family Cites Families (7)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN105790938B (en) * 2016-05-23 2019-02-19 中国银联股份有限公司 Safe unit key generation system and method based on credible performing environment
CN106506472B (en) * 2016-11-01 2019-08-02 黄付营 A kind of safe mobile terminal digital certificate method and system
CN106778607A (en) * 2016-12-15 2017-05-31 国政通科技股份有限公司 A kind of people based on recognition of face and identity card homogeneity authentication device and method
CN107679861B (en) * 2017-08-30 2022-11-11 创新先进技术有限公司 Resource transfer method, fund payment method, device and electronic equipment
CN109191131B (en) * 2018-08-16 2022-06-10 沈阳微可信科技有限公司 Safe face recognition device based on trusted environment and double security chips
CN113902446A (en) * 2019-08-30 2022-01-07 北京银联金卡科技有限公司 Face payment security method based on security unit and trusted execution environment
CN210691384U (en) * 2019-08-30 2020-06-05 北京银联金卡科技有限公司 Face recognition payment terminal platform based on security unit and trusted execution environment

Cited By (1)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN110555706A (en) * 2019-08-30 2019-12-10 北京银联金卡科技有限公司 Face payment security method and platform based on security unit and trusted execution environment

Also Published As

Publication number Publication date
CN110555706A (en) 2019-12-10

Similar Documents

Publication Publication Date Title
CN113902446A (en) Face payment security method based on security unit and trusted execution environment
US20200294026A1 (en) Trusted remote attestation agent (traa)
TWI667585B (en) Method and device for safety authentication based on biological characteristics
CN106688004B (en) Transaction authentication method and device, mobile terminal, POS terminal and server
US9886688B2 (en) System and method for secure transaction process via mobile device
CN210691384U (en) Face recognition payment terminal platform based on security unit and trusted execution environment
RU2523304C2 (en) Trusted integrity manager (tim)
US10229410B2 (en) Method and device for end-user verification of an electronic transaction
US7788500B2 (en) Biometric authentication device and terminal
US9704160B2 (en) Trusted execution environment for transport layer security key pair associated with electronic commerce and card not present transactions
KR20170039672A (en) System and method for authenticating a client to a device
CN103544599A (en) Embedded secure element for authentication, storage and transaction within a mobile terminal
CN107992729A (en) A kind of control method, terminal and subscriber identification module card
CN101221641A (en) On-line trading method and its safety affirmation equipment
CN110807624A (en) Digital currency hardware cold wallet system and transaction method thereof
CN101425901A (en) Control method and device for customer identity verification in processing terminals
KR20160008012A (en) User authentification method in mobile terminal
US20140359703A1 (en) Method for securing an action that an actuating device must carry out at the request of a user
JP2002269052A (en) System, method, and program for portable terminal authentication, and computer-readable recording medium stored with the same program
KR101611099B1 (en) Method for issuing of authentication token for real name identification, method for certifying user using the authentication token and apparatus for performing the method
TWM603166U (en) Financial transaction device and system with non-contact authentication function
EP4250207B1 (en) Devices, methods and a system for secure electronic payment transactions
EP4250208B1 (en) Devices, methods and a system for secure electronic payment transactions
KR101619282B1 (en) Cloud system for manging combined password and control method thereof
EP4250209B1 (en) Devices, methods and a system for secure electronic payment transactions

Legal Events

Date Code Title Description
PB01 Publication
PB01 Publication
SE01 Entry into force of request for substantive examination
SE01 Entry into force of request for substantive examination