CN114548986A - Payment method, payment security code generation method, device, equipment and storage medium - Google Patents

Payment method, payment security code generation method, device, equipment and storage medium Download PDF

Info

Publication number
CN114548986A
CN114548986A CN202210101513.6A CN202210101513A CN114548986A CN 114548986 A CN114548986 A CN 114548986A CN 202210101513 A CN202210101513 A CN 202210101513A CN 114548986 A CN114548986 A CN 114548986A
Authority
CN
China
Prior art keywords
payment
hash value
security code
certificate
payment security
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Pending
Application number
CN202210101513.6A
Other languages
Chinese (zh)
Inventor
王海明
杨兢
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
Shenzhen Finance Electronic Settlement Center Co ltd
Original Assignee
Shenzhen Finance Electronic Settlement Center Co ltd
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Shenzhen Finance Electronic Settlement Center Co ltd filed Critical Shenzhen Finance Electronic Settlement Center Co ltd
Priority to CN202210101513.6A priority Critical patent/CN114548986A/en
Publication of CN114548986A publication Critical patent/CN114548986A/en
Pending legal-status Critical Current

Links

Images

Classifications

    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06QINFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES, NOT OTHERWISE PROVIDED FOR
    • G06Q20/00Payment architectures, schemes or protocols
    • G06Q20/38Payment protocols; Details thereof
    • G06Q20/382Payment protocols; Details thereof insuring higher security of transaction
    • G06Q20/3829Payment protocols; Details thereof insuring higher security of transaction involving key management
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/04Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks
    • H04L63/0428Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks wherein the data content is protected, e.g. by encrypting or encapsulating the payload
    • H04L63/0435Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks wherein the data content is protected, e.g. by encrypting or encapsulating the payload wherein the sending and receiving network entities apply symmetric encryption, i.e. same key used for encryption and decryption
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/04Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks
    • H04L63/0428Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks wherein the data content is protected, e.g. by encrypting or encapsulating the payload
    • H04L63/0442Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks wherein the data content is protected, e.g. by encrypting or encapsulating the payload wherein the sending and receiving network entities apply asymmetric encryption, i.e. different keys for encryption and decryption
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/06Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols the encryption apparatus using shift registers or memories for block-wise or stream coding, e.g. DES systems or RC4; Hash functions; Pseudorandom sequence generators
    • H04L9/0643Hash functions, e.g. MD5, SHA, HMAC or f9 MAC
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/08Key distribution or management, e.g. generation, sharing or updating, of cryptographic keys or passwords
    • H04L9/0861Generation of secret information including derivation or calculation of cryptographic keys or passwords
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/08Key distribution or management, e.g. generation, sharing or updating, of cryptographic keys or passwords
    • H04L9/0861Generation of secret information including derivation or calculation of cryptographic keys or passwords
    • H04L9/0869Generation of secret information including derivation or calculation of cryptographic keys or passwords involving random numbers or seeds

Abstract

The invention discloses a payment method, a payment security code generation device, payment security code generation equipment and a storage medium, and belongs to the technical field of network information. According to the invention, the first certificate element and the payment security code are obtained, the national secret hash algorithm SM3 is used for calculating to obtain the first hash value corresponding to the first certificate element, the national secret asymmetric encryption algorithm SM2 is used for calculating to obtain the second hash value of the payment security code, and whether the first hash value and the second hash value are the same or not is further judged, so that the payment security verification is realized. And by acquiring the second certificate element, generating a first plaintext based on the second certificate element, generating a third hash value for the first plaintext according to SM3, further encrypting the third hash value by using a symmetric key according to a state secret symmetric encryption algorithm SM4 to generate a first encrypted text, and signing the first encrypted text by using a private key according to SM2 to obtain a payment security code, the generation of the payment security code based on the state secret algorithm is realized, and the security of the whole transaction process is ensured.

Description

Payment method, payment security code generation method, device, equipment and storage medium
Technical Field
The invention relates to the technical field of network information, in particular to a payment method, a payment security code generation device, equipment and a storage medium.
Background
Electronic payment refers to the act of securely transmitting payment information between a consumer, a merchant and a financial institution to a bank or a corresponding processing institution through an information network by using a secure electronic means, so as to realize currency payment or fund transfer. People also need to comprehensively recognize risks brought by network payment while enjoying convenience brought by mobile payment. In order to guarantee the capital safety of users and reduce the potential safety hazard, a payment safety code is usually used in the payment process.
The payment security code technology used in the existing payment process is based on paper checks and hardware encryption devices, is inconvenient to carry and easy to lose, does not accord with the current software trend, and has some defects in security.
Disclosure of Invention
The invention mainly aims to provide a payment method, a payment security code generation device, equipment and a storage medium, and aims to solve the problem of insufficient security in a payment process.
In order to achieve the above object, the present invention provides a payment method, comprising the steps of:
acquiring a first certificate element and a payment security code;
calculating a first hash value of the first credential element by a cryptographic hash algorithm SM 3;
calculating a second hash value of the payment security code through a national password asymmetric encryption algorithm;
comparing the first hash value and the second hash value;
and if the first hash value is equal to the second hash value, the payment security verification is passed.
Optionally, before the step of obtaining the first credential element and the payment security code, the method further comprises:
acquiring a second certificate element;
generating a first plaintext text based on the second credential element;
generating a third hash value for the first plaintext text according to the SM 3;
encrypting the third hash value by using a symmetric key according to a state secret symmetric encryption algorithm SM4 to generate a first encrypted text;
signing the first encrypted text with a private key according to the SM2 to obtain the payment security code.
Optionally, the method further comprises, before the step of obtaining the second credential element:
sending a signing application to an issuing center, and generating a public and private key pair corresponding to the signing application through the issuing center;
receiving a public key sent by the issuing center;
generating a first certificate, and encrypting the first certificate by using the public key to obtain an encrypted certificate;
sending the encryption certificate to a signing center;
judging whether the exchange of the encryption voucher is successful or not;
if yes, a response success prompt is returned through the issuing center.
Optionally, the generating a first credential and encrypting the first credential with the public key to obtain an encrypted credential includes:
generating the symmetric key and a serial number by using an algorithm package provided by the issuing center, wherein the first certificate comprises the symmetric key and the serial number;
and based on the SM2, encrypting the symmetric key and the serial number by using the public key to obtain an encryption certificate.
Optionally, the step of determining whether the exchange of the encryption credential is successful includes:
decrypting the encrypted certificate through the private key generated by the issuing center;
and judging whether the exchange of the encryption voucher is successful or not based on the decryption result.
Optionally, the calculating of the first hash value of the first credential element by the cryptographic hash algorithm SM 3; the step of calculating the second hash value of the payment security code by the public key asymmetric encryption algorithm SM2 comprises:
generating a second plaintext according to the first certificate element;
generating a first hash value for the second plaintext text according to the SM 3;
based on the SM2, the public key is used for releasing the contract signing of the payment security code, and a second encrypted text is obtained;
and according to the SM4, decrypting the second encrypted text by using the first certificate to obtain a second hash value.
In order to achieve the above object, the present invention further provides a payment security code generation method, including the following steps:
acquiring a second certificate element;
generating a first plaintext text based on the second credential element;
generating a third hash value for the first plaintext text according to the SM 3;
encrypting the third hash value by using a symmetric key according to a state secret symmetric encryption algorithm SM4 to generate a first encrypted text;
signing the first encrypted text with a private key according to the SM2 to obtain the payment security code.
In addition, to achieve the above object, the present invention also provides a payment apparatus, comprising:
the acquisition module is used for acquiring a first certificate element and a payment security code;
the first calculation module is used for calculating a first hash value of the first certificate element through a cryptographic hash algorithm SM 3;
the second calculation module is used for calculating a second hash value of the payment security code through a national password asymmetric encryption algorithm;
a comparison module for comparing the first hash value and the second hash value;
and the verification module is used for passing the payment safety verification if the first hash value is equal to the second hash value.
Optionally, the obtaining module is further configured to:
acquiring a second certificate element;
generating a first plaintext text based on the second credential element;
generating a third hash value for the first plaintext text according to the SM 3;
encrypting the third hash value by using a symmetric key according to a state secret symmetric encryption algorithm SM4 to generate a first encrypted text;
signing the first encrypted text with a private key according to the SM2 to obtain the payment security code.
Optionally, the obtaining module is further configured to:
sending a signing application to an issuing center, and generating a public and private key pair corresponding to the signing application through the issuing center;
receiving a public key sent by the issuing center;
generating a first certificate, and encrypting the first certificate by using the public key to obtain an encrypted certificate;
sending the encryption certificate to a signing center;
judging whether the exchange of the encryption voucher is successful or not;
if yes, a response success prompt is returned through the issuing center.
Optionally, the obtaining module is further configured to:
generating the symmetric key and a serial number by using an algorithm package provided by the issuing center, wherein the first certificate comprises the symmetric key and the serial number;
and based on the SM2, encrypting the symmetric key and the serial number by using the public key to obtain an encryption certificate.
Optionally, the obtaining module is further configured to:
decrypting the encrypted certificate through the private key generated by the issuing center;
and judging whether the exchange of the encryption voucher is successful or not based on the decryption result.
Optionally, the first computing module is further configured to:
generating a second plaintext according to the first certificate element;
generating a first hash value for the second plaintext text according to the SM 3;
optionally, the second computing module is further configured to:
based on the SM2, the public key is used for releasing the contract signing of the payment security code, and a second encrypted text is obtained;
and according to the SM4, decrypting the second encrypted text by using the first certificate to obtain a second hash value.
In addition, to achieve the above object, the present invention further provides a payment security code generating apparatus, including:
the certificate element acquisition module is used for acquiring a second certificate element;
a generating module, configured to generate a first plaintext text based on the second credential element;
a third calculation module, configured to generate a third hash value for the first plaintext according to the SM 3;
the fourth calculation module is used for encrypting the third hash value by using a symmetric key according to a national secret symmetric encryption algorithm SM4 to generate a first encrypted text;
and the payment security code generating module is used for signing the first encrypted text by using a private key according to the SM2 to obtain the payment security code.
In addition, to achieve the above object, the present invention also provides a payment and/or payment security code generating device, including: memory, a processor and a payment and/or payment security code generation program stored on the memory and executable on the processor, the payment program being configured to implement the steps of the payment method as claimed in any one of claims 1 to 6, the payment security code generation program being configured to implement the steps of the payment security code generation method as claimed in claim 7.
Furthermore, to achieve the above object, the present invention also provides a storage medium having stored thereon a payment and/or payment security code generation program, which when executed by a processor implements the steps of the payment method according to any one of claims 1 to 6, and which when executed by a processor implements the steps of the payment security code generation method according to claim 7.
According to the payment method and the payment security code generation method, device, equipment and storage medium provided by the embodiment of the invention, the first certificate element and the payment security code are obtained, the first hash value corresponding to the first certificate element is obtained through calculation by using the state secret hash algorithm SM3, the second hash value of the payment security code is obtained through calculation by using the state secret asymmetric encryption algorithm SM2, and whether the first hash value and the second hash value are the same or not is further judged, so that the payment security verification is realized, and the security guarantee effect of transaction is improved. And a payment security code generation method is also provided, wherein a second certificate element is obtained, a first plaintext text is generated based on the second certificate element, a third hash value is generated for the first plaintext text according to the SM3, the third hash value is encrypted by using a symmetric key according to a national-secret symmetric encryption algorithm SM4 to generate a first encrypted text, the first encrypted text is signed by using a private key according to the SM2 to obtain the payment security code, the payment security code is generated based on the national-secret algorithm, and the security of the whole transaction process is guaranteed.
Drawings
Fig. 1 is a schematic structural diagram of a payment and/or payment security code generation device of a hardware operating environment according to an embodiment of the present invention;
FIG. 2 is a schematic flow chart of a payment method according to a first embodiment of the present invention;
FIG. 3 is a flowchart illustrating a process of generating a payment security code according to a second embodiment of the payment method of the present invention;
FIG. 4 is a flow chart of a key exchange of an embodiment of a payment method of the present invention;
FIG. 5 is a flow chart of a payment password verification according to an embodiment of the payment method of the present invention;
FIG. 6 is a functional block diagram of an embodiment of a payment method of the present invention;
fig. 7 is a functional module diagram of a payment security code generation method according to an embodiment of the present invention.
The implementation, functional features and advantages of the objects of the present invention will be further explained with reference to the accompanying drawings.
Detailed Description
It should be understood that the specific embodiments described herein are merely illustrative of the invention and are not intended to limit the invention.
Referring to fig. 1, fig. 1 is a schematic structural diagram of a payment and/or payment security code generation device of a hardware operating environment according to an embodiment of the present invention.
As shown in fig. 1, the payment apparatus may include: a processor 1001, such as a Central Processing Unit (CPU), a communication bus 1002, a user interface 1003, a network interface 1004, and a memory 1005. Wherein a communication bus 1002 is used to enable connective communication between these components. The user interface 1003 may include a Display screen (Display), an input unit such as a Keyboard (Keyboard), and the optional user interface 1003 may also include a standard wired interface, a wireless interface. The network interface 1004 may optionally include a standard wired interface, a WIreless interface (e.g., a WIreless-FIdelity (WI-FI) interface). The Memory 1005 may be a Random Access Memory (RAM) Memory, or may be a Non-Volatile Memory (NVM), such as a disk Memory. The memory 1005 may alternatively be a storage device separate from the processor 1001.
Those skilled in the art will appreciate that the configuration shown in fig. 1 does not constitute a limitation of the payment and/or payment security code generation apparatus and may include more or fewer components than those shown, or some components in combination, or a different arrangement of components.
As shown in fig. 1, the memory 1005, which is a kind of storage medium, may include therein an operating system, a data storage module, a network communication module, a user interface module, and a payment and/or payment security code generation program.
In the payment and/or payment security code generation device shown in fig. 1, the network interface 1004 is mainly used for data communication with other devices; the user interface 1003 is mainly used for data interaction with a user; the processor 1001 and the memory 1005 of the payment and/or payment security code generation device of the present invention may be disposed in the payment and/or payment security code generation device, and the payment and/or payment security code generation device calls the payment program stored in the memory 1005 through the processor 1001 and executes the payment and/or payment security code generation method provided by the embodiment of the present invention.
An embodiment of the present invention provides a payment method, and referring to fig. 2, fig. 2 is a schematic flow diagram of a first embodiment of a payment method according to the present invention.
In this embodiment, the payment method includes:
step S10, acquiring a first certificate element and a payment security code;
step S20, calculating a first hash value of the first certificate element through a cryptographic hash algorithm SM 3;
step S30, calculating a second hash value of the payment security code through a national password asymmetric encryption algorithm;
step S40, comparing the first hash value and the second hash value;
and step S50, if the first hash value is equal to the second hash value, the payment security verification passes.
The payment method is applied to financial transaction institutions and bank systems. For financial institutions and banks, it is particularly important to ensure the security of transactions. In this embodiment, the payment security code is used to secure the transaction process during the financial transaction. The certificate elements are information contained in the certificate when the bank issues the certificate, and comprise a certificate number, an issuing date, a collection account number, a payment amount, a payee name and the like, and each certificate is different and is similar to the existence of an ID (identity card). The core field of the prior banking industry continues to use the international universal cryptographic algorithm systems such as 3DES, SHA-1, RSA and the like and relevant standards for a long time. In order to ensure the application safety of the key economic system password and fundamentally get rid of the excessive dependence on foreign password technology and products, the domestic password algorithm is widely popularized in the whole country, the domestic password algorithm is a set of data encryption processing series algorithm independently developed and innovated in China, and the symmetric, asymmetric, abstract and other algorithm functions are respectively realized from SM1-SM 4. Therefore, the transaction verification information is encrypted by the national cryptographic algorithm, on one hand, the transaction verification information is not easy to crack and the transaction security is high, and on the other hand, the method is based on the national cryptographic algorithm and is very beneficial to promoting the construction of the national self-owned password system.
The respective steps will be described in detail below:
step S10, acquiring a first certificate element and a payment security code;
in one embodiment, a first credential element and a payment security code are obtained. It can be understood that, in a financial transaction, due to the popularization of online payment and mobile payment, not only is convenience brought to payment, but also financial security risks are brought, generally, before a payment transaction, the identity of a payee needs to be verified, and after the security of the identity is verified, a further transaction can be performed, so that a certificate capable of representing the identity of the payee is needed. The payment security code may be a password, a ciphertext, or the like.
Step S20, calculating a first hash value of the first certificate element through a cryptographic hash algorithm SM 3;
in an embodiment, the first hash value of the first credential element is computed by the cryptographic hash algorithm SM 3. The SM3 is a national secret hash algorithm, is suitable for generation and verification of digital signature and verification message authentication codes and generation of random numbers in commercial password application, and can meet the security requirements of various password applications. Where "SM" stands for "secret of trade", i.e. a cryptographic technique for commercial use that does not involve national secrets. Since the hash values calculated by different credential elements are different, and even if the same credential element is used, part of data may be tampered with maliciously, and it is determined that the data is not safe only by the credential elements themselves, in order to verify the uniqueness of the first credential element, by generating the first hash value for the first credential element, due to the unique characteristic of the hash value itself, once the data changes, even if the data changes slightly, the hash value of the first credential element changes, so that the hash value can be used to determine whether two files are the same.
Step S30, calculating a second hash value of the payment security code through a national secret asymmetric encryption algorithm SM 2;
in an embodiment, the second hash value corresponding to the payment security code is calculated by the public key asymmetric encryption algorithm SM2, that is, after the payment security code is obtained, the corresponding second hash value is calculated. Similar to the purpose of calculating the hash value in step S20, in order to obtain a hash value unique to the payment security code for security verification. The SM2 national asymmetric cryptographic algorithm is formulated with the corresponding SM2 standard, including four parts of a convention, a digital signature algorithm, a key exchange protocol, and a public key cryptographic algorithm, and the relevant details and examples of implementation are detailed in the appendix of each part. The SM2 encryption algorithm is prior art, and therefore, the specific steps for decrypting the payment security code using the SM2 cryptographic algorithm are not described herein.
Step S40, comparing the first hash value and the second hash value;
in an embodiment, it should be noted that the payment security code is also generated by encrypting a credential element generated when the bank issues a credential, and therefore, if the second hash value generated by decrypting the payment security code matches the first hash value generated by the first credential element, it can prove that the payment security code and the first credential element are corresponding and valid. Therefore, the first hash value and the second hash value need to be compared, and whether the transaction is normal and safe is determined according to the comparison result. Because the payment security code and the certificate element are encrypted by using the national cryptographic algorithm, the security of information transmission is enhanced.
And step S50, if the first hash value is equal to the second hash value, the payment security verification passes.
In one embodiment, if the first hash value and the second hash value are equal, the payment security verification passes. It can be understood that, when the first hash value and the second hash value calculated by the cryptographic algorithm are equal, the transaction applicant holding the certificate can be proved to be legal, and the payment security code also correctly corresponds, the payment security verification is passed, the payment transaction can be performed, and the verification passing prompt can be output.
In this embodiment, the first credential element and the payment security code are obtained, the country secret hash algorithm SM3 is used to calculate to obtain the first hash value corresponding to the first credential element, the country secret asymmetric encryption algorithm SM2 is used to calculate to obtain the second hash value of the payment security code, and whether the first hash value and the second hash value are the same is further determined, so that the payment security verification is realized, and the security guarantee effect of the transaction is improved.
Further, based on the first embodiment of the payment method of the present invention, a second embodiment of the payment method of the present invention is proposed.
Referring to fig. 3, fig. 3 is a flow chart of generating a payment security code according to a second embodiment of the payment method of the present invention, and the second embodiment of the payment method is different from the first embodiment of the payment method in that the method further includes, before the step of acquiring the first credential element and the payment security code:
step S11, acquiring a second certificate element;
step S12, generating a first plaintext based on the second credential element;
step S13, generating a third hash value for the first plaintext text according to the SM 3;
step S14, according to the SM4, the third hash value is encrypted by using a symmetric key to generate a first encrypted text;
and step S15, according to the SM2, signing the first encrypted text by using a private key to obtain the payment security code.
In this embodiment, the contracting party obtains the second certificate element, generates a first plaintext for the second certificate element, calculates a third hash value from the first plaintext, encrypts the third hash value by using a symmetric key to generate a first encrypted text, and digitally signs the encrypted first encrypted text by using a national asymmetric encryption algorithm SM2 and a private key to generate the payment security code.
The respective steps will be described in detail below:
step S11, acquiring a second certificate element;
in one embodiment, a second credential element is obtained. Because the payment security code is generated when the bank or the financial institution issues the certificate, namely before the payment verification, the second certificate element is obtained first, and the corresponding payment security code is further generated by the second certificate element. It should be noted that the second credential element and the first credential element may be the same, and the category included in the content of the credential element in one transaction must be the same, for example, the payment security code is generated by the credential element: the voucher number, issue date, collection account number and payment amount are generated, then the contents of the voucher element at the time of verification should also consist of the voucher number, issue date, collection account number, payment amount, or not be possible to correspond with for sure.
Step S12, generating a first plaintext based on the second credential element;
in an embodiment, a first plaintext text is generated according to the obtained second credential element. Specifically, the voucher elements are spliced to generate a plaintext text. The document elements are some texts or numbers, the text splicing method is not limited, the texts can be spliced by symbols such as "/", "|", and the like, and the texts can be directly and simply combined together, for example: and splicing by using the '+' to obtain a spliced certificate element comprising a certificate number, an issuing date, a collection account number and a payment amount, wherein the spliced certificate element comprises 410075220+20220101+120045+10000, namely the first plaintext text.
Step S13, generating a third hash value for the first plaintext text according to the SM 3;
in an embodiment, the third hash value of the first plaintext is generated by the cryptographic hash algorithm SM 3. It can be understood that, in order to ensure the integrity of the second certificate element data, the first plaintext text obtained after splicing is encrypted by using the secret hash algorithm SM3, that is, the SM3 encryption algorithm, to obtain the third hash value.
Expression: hash as SM3(M)
Wherein, the first plaintext text is abbreviated as M;
the Hash is a third Hash value.
Step S14, according to the SM4, the third hash value is encrypted by using a symmetric key to generate a first encrypted text;
in an embodiment, the first encrypted text is generated by encrypting the third hash value using the symmetric key according to the public symmetric encryption algorithm SM 4. The symmetric key is obtained by the secure exchange between the issuing center and the signing party before the step of generating the payment security code, and the same symmetric key is stored in both the issuing center and the signing party. Symmetric key encryption, i.e. both the sending and receiving parties must use the same/symmetric key to encrypt and decrypt the plaintext. The cryptographic symmetric encryption algorithm SM4, also SM4 encryption algorithm, the cryptographic algorithm SM4 algorithm has a 128-bit key length and a packet length. The SM4 algorithm adopts a nonlinear iteration structure, each iteration is given by a round function, wherein the round function is formed by compounding a nonlinear transformation and a linear transformation, and the nonlinear transformation is given by an S box. Therefore, the third hash value is encrypted by using the symmetric key and the national symmetric encryption algorithm SM4 to generate a first encrypted text.
Briefly, the encryption flow of the SM4 algorithm includes the following steps:
1. dividing the 16-byte key into 4 groups according to 4-byte group, and generating 32 groups of 4-byte round keys according to a key expansion algorithm
2. Then, the input 16-byte data is divided into 4 groups according to the 4-byte group to perform 32-round loop iterative operation (namely, the operation is repeatedly executed according to a specified formula). In each round of encryption process, the exclusive OR operation is respectively carried out on each group of data and the round key, and then S box transformation is carried out on the result.
3. After 32 rounds of loop iteration operation, 4 groups of data are subjected to linear transformation and combined to finally obtain 16-byte ciphertext.
The SM4 cryptographic algorithm has the advantages of safety and high efficiency, so that the security of the encryption process can be improved by using the SM4 algorithm to encrypt the third hash value, and the encryption efficiency is high.
And step S15, according to the national password asymmetric encryption algorithm, signing the first encrypted text by using a private key to obtain a payment security code.
In one embodiment, the first encrypted text is signed by a private key through a national password asymmetric encryption algorithm to obtain a first payment password ciphertext. Where the signature is also a digital signature that can determine the integrity of the message. Because the digital signature is characterized in that it represents the characteristics of the document, if the document changes, the value of the digital digest will also change. Different files will get different digital summaries. And the signature and the original file already form a mixed integral data and cannot be tampered. Thus, to ensure the integrity of the first encrypted text, the first encrypted text is signed using the SM2 encryption algorithm, resulting in a payment security code.
Expressions of step S14 and step S15: c ═ SM2(SM4(Hash, AK), SK)
Encrypting the hash value by using SM4 algorithm and AK, and digitally signing the encrypted result (namely the first encrypted text) by using SM2 algorithm and SK to obtain the payment security code (C)
Referring to fig. 3, fig. 3 is a flowchart illustrating the generation of the payment security code in the payment method of the present invention, which outlines the present embodiment. In the figure, the plaintext is also the first plaintext, and the step of splicing the voucher elements to obtain the first plaintext is omitted in the figure. The hash value is also the third hash value; the encrypted value is also the first encrypted text. The method comprises the steps of obtaining a plaintext by splicing certificate elements, generating a Hash value for the plaintext by using an SM3 encryption algorithm, encrypting the Hash by using a symmetric key AK based on an SM4 encryption algorithm, and signing the encrypted value by using a private key SK based on an SM2 encryption algorithm to obtain a payment security code.
In this embodiment, a payment security code is obtained by obtaining a second credential element, generating a first plaintext text from the second credential element, generating a third hash value for the first plaintext text according to the country secret hash algorithm SM3, encrypting the third hash value by using a symmetric key according to a country secret symmetric encryption algorithm SM4 to generate a first encrypted text, and signing the first encrypted text by using a private key according to a country secret asymmetric encryption algorithm. The symmetric key is generated by the signing party, so that both the signing party and the issuing center participate in the encryption process, the condition that only one signing center participates in obtaining the payment password is avoided, and the safety of the payment safety code generation process is improved.
It should be noted that the payment security code generation method of the present invention may be implemented with reference to the present embodiment.
Further, based on the first and second embodiments of the payment method of the present invention, a third embodiment of the payment method of the present invention is provided.
The third embodiment of the payment method differs from the first and second embodiments of the payment method in that the step of obtaining the second credential element is preceded by the method further comprising:
step S111, sending a signing application to an issuing center, and generating a public and private key pair corresponding to the signing application through the issuing center;
step S112, receiving the public key sent by the issuing center;
step S113, generating a first certificate, and encrypting the first certificate by using the public key to obtain an encrypted certificate;
step S114, the encryption voucher is sent to a signing center;
step S115, judging whether the exchange of the encryption voucher is successful;
and step S116, if yes, returning a response success prompt through the issuing center.
In this embodiment, at the time of signing, the signing party applies for a key from the issuing center. The signing and issuing center generates a key pair for the signing, locally stores the private key (SK), and returns the public key (VK) to the signing party. The signatory generates a first credential. And transmits the first certificate to the issuing center after being encrypted by using a public key through an SM2 algorithm. The issuing center returns a response success after receiving the response success, and the key exchange is completed.
The respective steps will be described in detail below:
step S111, sending a signing application to an issuing center, and generating a public and private key pair corresponding to the signing application through the issuing center;
in one embodiment, the signing application is sent to the issuing center, and after receiving the signing application, the issuing center generates a corresponding public-private key pair for the current signing. It can be understood that when a signing party needs to transact a transaction signing, a signing application needs to be proposed, and the issuing center generates a public-private key pair according to the application and the corresponding signing party, as a guarantee for the transaction of both parties, wherein the public-private key pair includes an sk (secret key) asymmetric encryption algorithm private key and a vk (verify key) asymmetric encryption algorithm public key. There are many ways to generate public-private key pairs, such as: can be created using a strong naming tool (sn.exe).
Step S112, receiving the public key sent by the issuing center;
in one embodiment, a public key sent by an issuing center is received. After the issuing center generates the public-private key pair, the private key is locally stored, and the public key is sent to the signing party.
Step S113, generating a first certificate, and encrypting the first certificate by using the public key to obtain an encrypted certificate;
step S114, the encryption voucher is sent to a signing center;
in one embodiment, a first credential is generated by a signatory and encrypted with a public key to generate an encrypted credential. Specifically, the first credential may be a symmetric key, which is generated by the subscriber and encrypted to obtain the encrypted credential. Because the same key is used for both encryption and decryption in the symmetric encryption process, how to securely transfer the key to the decryptor becomes a problem that must be solved. Therefore, in order to solve this problem, the encryption certificate is encrypted and transmitted in the present embodiment.
Step S115, judging whether the exchange of the encryption voucher is successful;
in one embodiment, it is determined whether the exchange of the encryption credentials is successful, i.e., whether the encryption credentials are transmitted to the issuing center. It can be understood that, since a symmetric key used in the encryption certificate is required to perform the function of symmetric encryption, and the encryption certificate may be maliciously intercepted during transmission, or an error occurs in transmission, it is necessary to confirm that the issuing center receives the encryption certificate. Specifically, whether the encrypted certificate message is received or not can be taken as a judgment basis.
And step S116, if yes, returning a response success prompt through the issuing center.
In one embodiment, if the signing authority receives the encryption certificate, a response success prompt is returned to the signing party. It can be understood that, since the same symmetric key is used for security verification in subsequent transactions, if the issuing center receives the encryption certificate, the signing party needs to be informed that the key exchange is successful, and the transaction operation can be performed. If not, the specific situation needs to be judged, and the contracting party can be selected to resend the encryption voucher or to invalidate the current contract and then carry out the exchange again.
Further, in an embodiment, the generating the first credential and encrypting the first credential with the public key to obtain an encrypted credential includes:
step a, generating the symmetric key and a serial number by using an algorithm package provided by the issuing center, wherein the first certificate comprises the symmetric key and the serial number;
in one embodiment, the subscriber uses the algorithm package to generate a symmetric key and a corresponding serial number according to the algorithm package provided by the issuing center. The sequence number is a data packet sequence number, is a string of numbers randomly generated according to a symmetric key, and can be used for ensuring transmission reliability. After receiving the data message, the receiver can determine whether the message is a required message according to the sequence number. In particular, in one embodiment, the sequence number may be generated by setting a SEQ command statement. It should be noted that, it is relatively convenient to generate the symmetric key and the serial number according to the algorithm package provided by the issuing center, and no signing party is required, for example: and (4) a bank prepares a set of generation algorithms. Of course, in another embodiment, the symmetric key AK may be generated by using a bank self-security mechanism. The generation of the symmetric key and the sequence number from the provided algorithm package is only a preferred embodiment.
And b, based on the SM2, encrypting the symmetric key and the serial number by using the public key to obtain an encryption certificate.
In one embodiment, the symmetric key and the serial number are encrypted according to the SM2 and the public key to obtain an encrypted credential. Since the public key has already been transferred to the signatory, the pending SM2 public key encryption ensures transmission security and ensures that only the issuing center can decrypt it.
It will be appreciated that asymmetric encryption algorithms require two keys for encryption and decryption, namely public key encryption and private key decryption. At present, the issuing center only has a private key in hand, and the symmetric key is not exchanged, so that the issuing center cannot decrypt the received symmetric key. Therefore, this step is encrypted using a cryptographic asymmetric encryption algorithm, i.e., SM2 and a public key. Specifically, since the SM2 algorithm is a public algorithm, the step of encrypting using the SM2 encryption algorithm is not described herein.
Further, in an embodiment, the step of determining whether the exchange of the encryption credentials is successful includes:
c, decrypting the encrypted certificate through the private key stored by the issuing center;
and d, judging whether the exchange of the encryption voucher is successful or not based on the decryption result.
In one embodiment, in order to determine whether the exchange of the encrypted certificate is successful, the encrypted certificate is decrypted by a private key of the issuing center, and whether the exchange is successful is determined according to a decryption result. The private key is a private key in the generated public and private key pair; the decryption result comprises the success of decryption and the failure of decryption. According to the message obtained by the issuing center, if the private key can be used for signing off the encrypted message (or the certificate), the successful exchange of the encrypted certificate is proved, namely the issuing center obtains the symmetric key in the signed-off encrypted certificate. It should be noted that, in an embodiment, the encryption credential includes a serial number and a symmetric key, and the serial number and a private key are required to be used for performing a signature release, and if the signature release is successful, the symmetric key is obtained, which proves that the exchange is successful.
Referring to fig. 4, fig. 4 is a key exchange flow chart of an embodiment of the payment method of the present invention, which is described below: when signing, the signing party applies for a secret key from the signing and issuing center. The signing and issuing center generates a public and private key pair for the signing, locally stores the private key (SK), and returns the public key (VK) to the signing party. The signatory generates a symmetric key (AK) and a SEQ serial number using an algorithm package provided by the issuing center. And pass the two values to the issuing center after encryption using the SM2 public key. The issuing center returns a response success after receiving the response success, and the key exchange is completed.
In this embodiment, by sending a subscription request, a public-private key pair corresponding to the subscription application is generated by an issuing center, and a public key sent by the issuing center is received; generating a first certificate, encrypting the first certificate by using the public key to obtain an encrypted certificate, sending the encrypted certificate to a signing center, judging whether the encrypted certificate is exchanged successfully, and if the encrypted certificate is exchanged successfully, returning a response success prompt through the signing center to realize the safe exchange of the secret key.
Further, a fourth embodiment of the payment method of the present invention is proposed based on the previous embodiment of the payment method of the present invention, which differs from the previous embodiment in that the first hash value of the first credential element is calculated by a cryptographic hash algorithm SM 3; the step of calculating the second hash value of the payment security code by the public key asymmetric encryption algorithm SM2 comprises:
step S21, generating a second plaintext according to the first certificate element;
step S22, generating a first hash value for the second plaintext text according to the SM 3;
step S23, based on the SM2, the public key is used for releasing the contract signing of the payment security code, and a second encrypted text is obtained;
step S24, according to the SM4, the second encrypted text is decrypted by using the first certificate, and a second hash value is obtained.
In this embodiment, first, a second plaintext text is generated from a first credential element, then a hash value of the first credential element is obtained through SM3, the payment security code is de-signed through SM2, and further, a second hash value corresponding to the de-signed second encrypted text is calculated by using SM 4.
The respective steps will be described in detail below:
step S21, generating a second plaintext according to the first certificate element;
step S22, generating a first hash value for the second plaintext text according to the SM 3;
in an embodiment, the second plaintext is generated according to the first credential element, and the first hash value is generated for the second plaintext according to the cryptographic hash algorithm SM 3. For security verification, the first credential element and the payment security code are obtained, and corresponding hash values are calculated respectively. The step of generating the first hash value based on the first certificate element is identical to the step of generating the third hash value based on the second certificate element, and the step of generating the first hash value based on the first certificate element is to generate a plaintext according to the certificate element, and then generate a hash value for the plaintext according to the cryptographic hash algorithm SM 3. Therefore, when the signing party receives the first credential element, the first credential element is concatenated (for example, the credential number + issue date + collection account + payment amount) to generate a second plaintext, which is abbreviated as M in this embodiment. A first Hash value Hash' is then calculated for the plaintext.
The expression is as follows: hash ═ SM3(M)
Step S23, based on the SM2, the public key is used for releasing the contract signing of the payment security code, and a second encrypted text is obtained;
in an embodiment, based on the national password asymmetric encryption algorithm, the public key is used to sign off the payment security code, so as to obtain a second encrypted text. Symmetric encryption algorithms are given a plaintext and a key, encryption produces a ciphertext that is approximately the same length as the plaintext, and decryption uses the same decryption key as the encryption key when decrypting, and are therefore referred to as symmetric encryption algorithms. It can be understood that, because the payment security code is obtained based on the country password asymmetric encryption algorithm and the private key signature, when decrypting, the payment security code needs to be de-signed by the country password asymmetric encryption algorithm and the public key to obtain the second encrypted text.
Step S24, according to the SM4, the second encrypted text is decrypted by using the first certificate, and a second hash value is obtained.
And decrypting the second encrypted text according to the SM4, namely the SM4 encryption algorithm, and the first certificate to obtain a second hash value. It can be understood that, because the encrypted text is obtained by encrypting the hash value according to the national symmetric encryption algorithm SM4 in the payment password generation process, the SM4 encryption algorithm and the symmetric key in the first certificate are used for decryption to obtain the corresponding second hash value as the reverse process. The decryption algorithm of SM4 is the same as the encryption algorithm except that the order of use of the round keys is reversed, the decryption round keys being the reverse order of the encryption round keys.
The expressions of the second hash values obtained by the calculations of step S23 and step S24 are as follows:
Hash=SM4D(SM2D(C,VK),AK)
and subscripts D of SM2 and SM4 represent a decryption process, C is a ciphertext, namely a payment security code, VK is a public key, the C is signed off by the VK according to an SM2 decryption algorithm to obtain a second encrypted text, and the second encrypted text is decrypted by a symmetric key AK by using an SM4 decryption algorithm to obtain a second Hash value Hash.
Referring to fig. 5, fig. 5 is a flowchart of verifying a payment password according to an embodiment of the payment method of the present invention, which is described below: the signatory checks the received first certificate element and the payment security code, splices the certificate elements (certificate number + issue date + collection account + payment amount) to generate a first plaintext, and calculates a first hash value for the plaintext according to a national secret hash algorithm SM 3; and obtaining a second encrypted text after the payment security code is signed by using the public key, decrypting by using a first certificate which is a symmetric key in the embodiment and a third encryption algorithm SM4 to obtain a second hash value, judging whether the first hash value is consistent with the second hash value, if so, successfully verifying, and otherwise, failing to verify.
In this embodiment, a second plaintext is generated by a first credential element, and a first hash value is generated for the second plaintext according to a cryptographic hash algorithm SM 3; and based on the national password asymmetric encryption algorithm, the public key is used for releasing the contract signing on the payment security code to obtain a second encrypted text, and then the second encrypted text is decrypted according to the national password symmetric encryption algorithm SM4 and the first certificate to obtain a second hash value. The first certificate element is encrypted and the payment security code is decrypted through a state secret algorithm, so that a first hash value and a second hash value are obtained, namely data required by payment security verification are obtained, the security payment verification based on the payment security code and the first certificate element is realized, and the payment security is improved.
The invention also provides a payment device. As shown in fig. 6, fig. 6 is a functional module schematic diagram of an embodiment of the payment method of the present invention.
The payment device of the invention comprises:
an obtaining module 10, configured to obtain a first credential element and a payment security code;
a first calculating module 20, configured to calculate a first hash value of the first credential element through a cryptographic hash algorithm SM 3;
the second calculation module 30 is configured to calculate a second hash value of the payment security code through a national password asymmetric encryption algorithm;
a comparison module 40, configured to compare the first hash value and the second hash value;
and the verification module 50 is configured to pass the payment security verification if the first hash value is equal to the second hash value.
Optionally, the obtaining module is further configured to:
the invention also provides a payment security code generating device. Fig. 7 is a schematic diagram of functional modules of an embodiment of a payment security code generation method according to the present invention.
The payment security code generating device of the invention comprises:
a credential element obtaining module 100, configured to obtain a second credential element;
a generating module 200, configured to generate a first plaintext text based on the second credential element;
a third calculation module 300, configured to generate a third hash value for the first plaintext according to the SM 3;
the fourth calculation module 400 is configured to encrypt the third hash value by using a symmetric key according to a symmetric cryptographic algorithm SM4 to generate a first encrypted text;
a payment security code generation module 500, configured to sign the first encrypted text with a private key according to the SM2 to obtain the payment security code
The invention also provides a storage medium.
The storage medium of the invention has stored thereon a payment and/or payment security code generation program, which when executed by a processor carries out the steps of the payment method according to any one of claims 1 to 6, and which when executed by a processor carries out the steps of the payment security code generation method according to claim 7.
The payment and/or payment security code generation program executed on the processor may refer to the embodiments of the payment method and the payment security code generation method of the present invention, and will not be described herein again.
It should be noted that, in this document, the terms "comprises," "comprising," or any other variation thereof, are intended to cover a non-exclusive inclusion, such that a process, method, article, or system that comprises a list of elements does not include only those elements but may include other elements not expressly listed or inherent to such process, method, article, or system. Without further limitation, an element defined by the phrase "comprising an … …" does not exclude the presence of other like elements in a process, method, article, or system that comprises the element.
The above-mentioned serial numbers of the embodiments of the present invention are merely for description and do not represent the merits of the embodiments.
Through the above description of the embodiments, those skilled in the art will clearly understand that the method of the above embodiments can be implemented by software plus a necessary general hardware platform, and certainly can also be implemented by hardware, but in many cases, the former is a better implementation manner. Based on such understanding, the technical solutions of the present invention or portions thereof contributing to the prior art may be embodied in the form of a software product, which is stored in a storage medium (such as ROM/RAM, magnetic disk, optical disk) as described above and includes several instructions for enabling a terminal device (which may be a mobile phone, a computer, a server, or a network device) to execute the method according to the embodiments of the present invention.
The above description is only a preferred embodiment of the present invention, and not intended to limit the scope of the present invention, and all modifications of equivalent structures and equivalent processes, which are made by using the contents of the present specification and the accompanying drawings, or directly or indirectly applied to other related technical fields, are included in the scope of the present invention.

Claims (10)

1. A payment method, characterized in that the payment method comprises:
acquiring a first certificate element and a payment security code;
calculating a first hash value of the first credential element by a cryptographic hash algorithm SM 3;
calculating a second hash value of the payment security code through a cryptographic public asymmetric encryption algorithm SM 2;
comparing the first hash value and the second hash value;
and if the first hash value is equal to the second hash value, the payment security verification is passed.
2. A payment method as recited in claim 1, wherein the step of obtaining the first credential element and the payment security code is preceded by the method further comprising:
acquiring a second certificate element;
generating a first plaintext text based on the second credential element;
generating a third hash value for the first plaintext text according to the SM 3;
encrypting the third hash value by using a symmetric key according to a state secret symmetric encryption algorithm SM4 to generate a first encrypted text;
signing the first encrypted text with a private key according to the SM2 to obtain the payment security code.
3. A payment method as recited in claim 2, wherein the step of obtaining a second credential element is preceded by the method further comprising:
sending a signing application to an issuing center, and generating a public and private key pair corresponding to the signing application through the issuing center;
receiving a public key sent by the issuing center;
generating a first certificate, and encrypting the first certificate by using the public key to obtain an encrypted certificate;
sending the encryption certificate to a signing center;
judging whether the exchange of the encryption voucher is successful or not;
if yes, a response success prompt is returned through the issuing center.
4. A payment method as recited in claim 3, wherein the step of generating a first credential and encrypting the first credential with the public key to obtain an encrypted credential comprises:
generating the symmetric key and a serial number by using an algorithm package provided by the issuing center, wherein the first certificate comprises the symmetric key and the serial number;
and based on the SM2, encrypting the symmetric key and the serial number by using the public key to obtain an encryption certificate.
5. A payment method as defined in claim 3, wherein the step of determining whether the exchange of encryption credentials is successful comprises:
decrypting the encrypted certificate through the private key generated by the issuing center;
and judging whether the exchange of the encryption voucher is successful or not based on the decryption result.
6. A payment method as claimed in claim 1, wherein the first hash value of the first credential element is calculated by a cryptographic hash algorithm SM 3; the step of calculating the second hash value of the payment security code by the public key asymmetric encryption algorithm SM2 comprises:
generating a second plaintext according to the first certificate element;
generating a first hash value for the second plaintext text according to the SM 3;
based on the SM2, the public key is used for releasing the contract signing of the payment security code, and a second encrypted text is obtained;
and according to the SM4, decrypting the second encrypted text by using the first certificate to obtain a second hash value.
7. A payment security code generation method, comprising:
acquiring a second certificate element;
generating a first plaintext text based on the second credential element;
generating a third hash value for the first plaintext text according to the SM 3;
encrypting the third hash value by using a symmetric key according to a state secret symmetric encryption algorithm SM4 to generate a first encrypted text;
signing the first encrypted text with a private key according to the SM2 to obtain the payment security code.
8. A payment device, the device comprising:
the acquisition module is used for acquiring a first certificate element and a payment security code;
the first calculation module is used for calculating a first hash value of the first certificate element through a cryptographic hash algorithm SM 3;
the second calculation module is used for calculating a second hash value of the payment security code through a national password asymmetric encryption algorithm SM 2;
a comparison module for comparing the first hash value and the second hash value;
and the verification module is used for passing the payment safety verification if the first hash value is equal to the second hash value.
9. A payment and/or payment security code generation apparatus, the apparatus comprising: memory, a processor and a payment and/or payment security code generation program stored on the memory and executable on the processor, the payment program being configured to implement the steps of the payment method as claimed in any one of claims 1 to 6, the payment security code generation program being configured to implement the steps of the payment security code generation method as claimed in claim 7.
10. A storage medium having stored thereon a payment and/or payment security code generation program, the payment program when executed by a processor implementing the steps of the payment method according to any one of claims 1 to 6, the payment security code generation program when executed by a processor implementing the steps of the payment security code generation method according to claim 7.
CN202210101513.6A 2022-01-27 2022-01-27 Payment method, payment security code generation method, device, equipment and storage medium Pending CN114548986A (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
CN202210101513.6A CN114548986A (en) 2022-01-27 2022-01-27 Payment method, payment security code generation method, device, equipment and storage medium

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
CN202210101513.6A CN114548986A (en) 2022-01-27 2022-01-27 Payment method, payment security code generation method, device, equipment and storage medium

Publications (1)

Publication Number Publication Date
CN114548986A true CN114548986A (en) 2022-05-27

Family

ID=81674482

Family Applications (1)

Application Number Title Priority Date Filing Date
CN202210101513.6A Pending CN114548986A (en) 2022-01-27 2022-01-27 Payment method, payment security code generation method, device, equipment and storage medium

Country Status (1)

Country Link
CN (1) CN114548986A (en)

Citations (6)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN1417734A (en) * 2002-12-30 2003-05-14 邵苏毅 Method for implementation of electronic payment
CN105162607A (en) * 2015-10-12 2015-12-16 武汉瑞纳捷电子技术有限公司 Authentication method and system of payment bill voucher
CN105745678A (en) * 2013-09-20 2016-07-06 维萨国际服务协会 Secure remote payment transaction processing including consumer authentication
CN108537536A (en) * 2018-06-21 2018-09-14 咪付(广西)网络技术有限公司 A kind of method for secure transactions and system based on strategy mark
CN108876381A (en) * 2018-08-07 2018-11-23 杨国超 Method for secure transactions based on intelligent contract
CN113393237A (en) * 2021-05-28 2021-09-14 中国银联股份有限公司 Secure payment method, positioning terminal, device, system and storage medium

Patent Citations (6)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN1417734A (en) * 2002-12-30 2003-05-14 邵苏毅 Method for implementation of electronic payment
CN105745678A (en) * 2013-09-20 2016-07-06 维萨国际服务协会 Secure remote payment transaction processing including consumer authentication
CN105162607A (en) * 2015-10-12 2015-12-16 武汉瑞纳捷电子技术有限公司 Authentication method and system of payment bill voucher
CN108537536A (en) * 2018-06-21 2018-09-14 咪付(广西)网络技术有限公司 A kind of method for secure transactions and system based on strategy mark
CN108876381A (en) * 2018-08-07 2018-11-23 杨国超 Method for secure transactions based on intelligent contract
CN113393237A (en) * 2021-05-28 2021-09-14 中国银联股份有限公司 Secure payment method, positioning terminal, device, system and storage medium

Similar Documents

Publication Publication Date Title
US11394697B2 (en) Efficient methods for authenticated communication
US11356280B2 (en) Personal device security using cryptocurrency wallets
CN109067539B (en) Alliance chain transaction method, alliance chain transaction equipment and computer readable storage medium
CN102801710B (en) A kind of network trading method and system
KR102621116B1 (en) Elecronic device and electronic payement method using id-based public key cryptography
WO2016033610A1 (en) Methods for secure cryptogram generation
CN112055019B (en) Method for establishing communication channel and user terminal
CN106960343B (en) Electronic cash secure payment method and device
CN115276978A (en) Data processing method and related device
CN112419021B (en) Electronic invoice verification method, system, storage medium, computer equipment and terminal
WO2023160667A1 (en) Security authentication method, apparatus and system for digital currency transaction
CN114565382A (en) Transaction account anonymous payment method and system
WO2017175926A1 (en) Electronic payment method and electronic device using id-based public key cryptography
CN114548986A (en) Payment method, payment security code generation method, device, equipment and storage medium
TWI669672B (en) Electronic trading method and system
CN112311534A (en) Method for generating asymmetric algorithm key pair
CN117454437B (en) Transaction processing method, storage medium and electronic device
US20230124498A1 (en) Systems And Methods For Whitebox Device Binding
WO2011060738A1 (en) Method for confirming data in cpu card
Herath et al. Task based Interdisciplinary E-Commerce Course with UML Sequence Diagrams, Algorithm Transformations and Spatial Circuits to Boost Learning Information Security Concepts
KR20010048908A (en) Method for issuing and authenticating of payphone smart card
CN116781254A (en) Data encryption method, data decryption method and data decryption device
CN115422558A (en) Method, collection equipment and device for preventing double off-line transaction amount from being tampered
CN112187458A (en) Method, device, system and medium for activating session between equipment end and platform end
Assora et al. Using WPKI for security of web transaction

Legal Events

Date Code Title Description
PB01 Publication
PB01 Publication
SE01 Entry into force of request for substantive examination
SE01 Entry into force of request for substantive examination
RJ01 Rejection of invention patent application after publication
RJ01 Rejection of invention patent application after publication

Application publication date: 20220527