CN114898510A - Financial password acquisition method, system, financial equipment and storage medium - Google Patents

Financial password acquisition method, system, financial equipment and storage medium Download PDF

Info

Publication number
CN114898510A
CN114898510A CN202210508604.1A CN202210508604A CN114898510A CN 114898510 A CN114898510 A CN 114898510A CN 202210508604 A CN202210508604 A CN 202210508604A CN 114898510 A CN114898510 A CN 114898510A
Authority
CN
China
Prior art keywords
password
financial
information
operation terminal
request
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Pending
Application number
CN202210508604.1A
Other languages
Chinese (zh)
Inventor
冯韵
李兴会
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
China University of Mining and Technology CUMT
Original Assignee
China University of Mining and Technology CUMT
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by China University of Mining and Technology CUMT filed Critical China University of Mining and Technology CUMT
Priority to CN202210508604.1A priority Critical patent/CN114898510A/en
Publication of CN114898510A publication Critical patent/CN114898510A/en
Pending legal-status Critical Current

Links

Images

Classifications

    • GPHYSICS
    • G07CHECKING-DEVICES
    • G07FCOIN-FREED OR LIKE APPARATUS
    • G07F19/00Complete banking systems; Coded card-freed arrangements adapted for dispensing or receiving monies or the like and posting such transactions to existing accounts, e.g. automatic teller machines
    • G07F19/20Automatic teller machines [ATMs]
    • GPHYSICS
    • G07CHECKING-DEVICES
    • G07FCOIN-FREED OR LIKE APPARATUS
    • G07F19/00Complete banking systems; Coded card-freed arrangements adapted for dispensing or receiving monies or the like and posting such transactions to existing accounts, e.g. automatic teller machines
    • G07F19/20Automatic teller machines [ATMs]
    • G07F19/201Accessories of ATMs
    • GPHYSICS
    • G07CHECKING-DEVICES
    • G07FCOIN-FREED OR LIKE APPARATUS
    • G07F7/00Mechanisms actuated by objects other than coins to free or to actuate vending, hiring, coin or paper currency dispensing or refunding apparatus
    • G07F7/08Mechanisms actuated by objects other than coins to free or to actuate vending, hiring, coin or paper currency dispensing or refunding apparatus by coded identity card or credit card or other personal identification means
    • G07F7/10Mechanisms actuated by objects other than coins to free or to actuate vending, hiring, coin or paper currency dispensing or refunding apparatus by coded identity card or credit card or other personal identification means together with a coded signal, e.g. in the form of personal identification information, like personal identification number [PIN] or biometric data
    • GPHYSICS
    • G07CHECKING-DEVICES
    • G07FCOIN-FREED OR LIKE APPARATUS
    • G07F7/00Mechanisms actuated by objects other than coins to free or to actuate vending, hiring, coin or paper currency dispensing or refunding apparatus
    • G07F7/08Mechanisms actuated by objects other than coins to free or to actuate vending, hiring, coin or paper currency dispensing or refunding apparatus by coded identity card or credit card or other personal identification means
    • G07F7/10Mechanisms actuated by objects other than coins to free or to actuate vending, hiring, coin or paper currency dispensing or refunding apparatus by coded identity card or credit card or other personal identification means together with a coded signal, e.g. in the form of personal identification information, like personal identification number [PIN] or biometric data
    • G07F7/1025Identification of user by a PIN code
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/08Key distribution or management, e.g. generation, sharing or updating, of cryptographic keys or passwords
    • H04L9/0891Revocation or update of secret information, e.g. encryption key update or rekeying
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L2209/00Additional information or applications relating to cryptographic mechanisms or cryptographic arrangements for secret or secure communication H04L9/00
    • H04L2209/56Financial cryptography, e.g. electronic payment or e-cash

Landscapes

  • Physics & Mathematics (AREA)
  • General Physics & Mathematics (AREA)
  • Business, Economics & Management (AREA)
  • Accounting & Taxation (AREA)
  • Finance (AREA)
  • Engineering & Computer Science (AREA)
  • Computer Security & Cryptography (AREA)
  • Computer Networks & Wireless Communication (AREA)
  • Signal Processing (AREA)
  • Financial Or Insurance-Related Operations Such As Payment And Settlement (AREA)

Abstract

The invention discloses a financial password acquisition method, a system, financial equipment and a storable medium, and relates to the technical field of computers, wherein the method comprises the following steps: s1: when the financial operation terminal detects that the card is inserted, acquiring registration information of the card and acquiring request information of an operation user; s2: judging whether the attribution of the financial operation terminal and the attribution of the request information are consistent, if not, acquiring the biological characteristic information of the operation user, judging whether the biological characteristic information of the operation user is consistent with the registration information, and if so, executing a step S3; s3: the financial operation terminal sends a password obtaining request to the password server; s4: the password server sends encrypted password information to the financial operation terminal according to the password obtaining request; the method and the device are used for solving the problem that the user password is easy to leak in the prior art.

Description

Financial password acquisition method, system, financial equipment and storage medium
Technical Field
The invention relates to the technical field of computers, in particular to a financial password acquisition method, a financial password acquisition system, financial equipment and a storage medium.
Background
At present, the ATM is also called ATM (Automated Teller Machine), which means ATM, and most of them are also called ATM. The device is a highly precise electromechanical integrated device, realizes self-service of financial transactions by utilizing a magnetic code card or an intelligent card, and replaces the work of bank counter personnel.
However, in the prior art, a user is required to input a password when using the ATM, the password is usually set by the user and is a fixed password, and once personal information is leaked or a bank card is lost, the user is easily lost.
Therefore, how to provide a financial password obtaining method capable of solving the above problems is a problem that needs to be solved by those skilled in the art.
Disclosure of Invention
In view of the above, the present invention provides a financial password obtaining method, system, financial device and storage medium, so as to solve the problem in the prior art that a user password is easy to leak.
In order to achieve the purpose, the invention adopts the following technical scheme:
a financial password acquisition method is applied to a financial operation terminal and a password server, and comprises the following steps:
s1: when the financial operation terminal detects that the card is inserted, acquiring registration information of the card and acquiring request information of an operation user;
s2: judging whether the attribution of the financial operation terminal and the attribution of the request information are consistent, if not, acquiring the biological characteristic information of the operation user, judging whether the biological characteristic information of the operation user is consistent with the registration information, and if so, executing a step S3;
s3: the financial operation terminal sends a password obtaining request to the password server;
s4: the password server sends encrypted password information to the financial operation terminal according to the password obtaining request;
s5: and the financial operation terminal decrypts the encrypted password information according to a preset rule to obtain the password information.
Preferably, in S2, if the correlation parameter value is not equal to the preset threshold, the correlation parameter value between the biometric information and the registration information is calculated, and if the correlation parameter value is greater than or equal to the preset threshold, the operation is executed in S3, and if the correlation parameter value is less than the preset threshold, the operation is not executed.
Preferably, the method further comprises the step of S6: and when the financial operation terminal executes the operation corresponding to the request information, establishing and storing the association relationship between the operation and the biological characteristic information and the registration information.
Preferably, the S5 specifically includes:
s51: when the password is displayed correctly after being decrypted, the financial operation terminal generates a random password, and the operation is completed by utilizing the random password to match with the password;
s52: and when the password is displayed incorrectly after being decrypted, judging that the password is an invalid password, sending an operation activation code to an operation user by the financial operation terminal, and finishing operation by using the operation activation code.
Preferably, in S51, when the password is displayed correctly after being decrypted and when the password usage exceeds a preset threshold, the password and the preset rule are deleted from the password server, and a new password rule and a new password are randomly generated.
Further, the present invention also provides a system using any one of the above financial password acquisition methods, including:
the acquisition module is used for acquiring the registration information of the card and acquiring the request information of an operation user when the financial operation terminal detects that the card is inserted;
a judging module, configured to judge whether the financial operation terminal is consistent with the attribution of the request message, collect biometric information of an operation user if the financial operation terminal is inconsistent with the attribution of the request message, judge whether the biometric information of the operation user is consistent with the registration message, and execute step S3 if the biometric information of the operation user is consistent with the registration message;
the sending module is used for sending a password obtaining request to the password server by using the financial operation terminal;
the receiving module is used for sending encrypted password information to the financial operation terminal by using the password server according to the password obtaining request;
and the decryption module is used for decrypting the encrypted password information by using the financial operation terminal according to a preset rule to obtain the password information.
Further, the present invention also provides a financial device comprising a memory, a processor and a computer program stored on the memory and executable on the processor, the processor implementing the method of any one of the above when executing the computer program.
Further, the present invention also provides a computer-readable storage medium having stored thereon a computer program which, when executed by a processor, implements the method of any of the above.
According to the technical scheme, compared with the prior art, the invention discloses a financial password acquisition method, a system, financial equipment and a storage medium, firstly, the request location of an operation request and the attribution of registration information are judged, when the request location of the operation request and the attribution of the registration information are consistent, a password server requests a password, and the password and an activation code are used for realizing operation together; when the password is inconsistent with the preset threshold value, the association coefficient of the biological characteristic information and the registration information is acquired, so that the password can be acquired when the preset threshold value requirement is met, operation is realized by using an unfixed password, and the security of the password can be improved; meanwhile, the password server regularly clears the passwords with high use frequency, and the safety is further improved.
Drawings
In order to more clearly illustrate the embodiments of the present invention or the technical solutions in the prior art, the drawings used in the description of the embodiments or the prior art will be briefly described below, it is obvious that the drawings in the following description are only embodiments of the present invention, and for those skilled in the art, other drawings can be obtained according to the provided drawings without creative efforts.
FIG. 1 is a flowchart illustrating an overall method for acquiring a financial password according to the present invention;
fig. 2 is a schematic block diagram of a financial password obtaining system according to the present invention.
Detailed Description
The technical solutions in the embodiments of the present invention will be clearly and completely described below with reference to the drawings in the embodiments of the present invention, and it is obvious that the described embodiments are only a part of the embodiments of the present invention, and not all of the embodiments. All other embodiments, which can be derived by a person skilled in the art from the embodiments given herein without making any creative effort, shall fall within the protection scope of the present invention.
Referring to fig. 1, the embodiment of the invention discloses a financial password obtaining method, which is applied to a financial operation terminal and a password server, and comprises the following steps:
s1: when the financial operation terminal detects that the card is inserted, acquiring the registration information of the card and simultaneously acquiring the request information of an operation user;
s2: judging whether the attribution of the financial operation terminal and the attribution of the request information are consistent, if not, acquiring the biological characteristic information of the operation user, judging whether the biological characteristic information of the operation user is consistent with the registration information, and if so, executing a step S3;
s3: the financial operation terminal sends a password obtaining request to the password server;
s4: the password server sends encrypted password information to the financial operation terminal according to the password acquisition request;
s5: and the financial operation terminal decrypts the encrypted password information according to a preset rule to obtain the password information.
In a specific embodiment, in S2, if the correlation parameter value is not consistent, the correlation parameter value of the biometric information and the registration information is calculated, and when the correlation parameter value is greater than or equal to a preset threshold, S3 is executed, and when the correlation parameter value is less than the preset threshold, no operation is executed.
In a specific embodiment, the method further comprises the step of S6: and when the financial operation terminal executes the operation corresponding to the request information, establishing and storing the association relationship between the operation and the biological characteristic information and the registration information.
In a specific embodiment, S5 specifically includes:
s51: when the password is displayed correctly after being decrypted, the financial operation terminal generates a random password, and the operation is completed by utilizing the random password and the password;
s52: and when the password is displayed incorrectly after being decrypted, judging that the password is an invalid password, sending an operation activation code to the operation user by the financial operation terminal, and finishing the operation by utilizing the operation activation code.
In one embodiment, in S51, when the password is decrypted and displayed correctly, and when the password usage exceeds the preset threshold, the password and the preset rule are deleted in the password server, and a new password rule and a new password are randomly generated.
Referring to fig. 2, an embodiment of the present invention further provides a system using the financial password obtaining method of any one of the above embodiments, including:
the acquisition module is used for acquiring the registration information of the card and acquiring the request information of an operation user when the financial operation terminal detects that the card is inserted;
a judging module, configured to judge whether the financial operation terminal is consistent with the attribution of the request message, collect biometric information of the operation user if the financial operation terminal is inconsistent with the attribution of the request message, judge whether the biometric information of the operation user is consistent with the registration message, and execute step S3 if the biometric information of the operation user is consistent with the registration message;
the sending module is used for sending a password obtaining request to the password server by utilizing the financial operation terminal;
the receiving module is used for sending the encrypted password information to the financial operation terminal by using the password server according to the password obtaining request;
and the decryption module is used for decrypting the encrypted password information according to a preset rule by using the financial operation terminal to obtain the password information.
Embodiments of the present invention further provide a financial device, which includes a memory, a processor, and a computer program stored in the memory and executable on the processor, and when the processor executes the computer program, the method in any one of the above embodiments is implemented.
An embodiment of the present invention further provides a computer-readable storage medium, on which a computer program is stored, and the computer program, when executed by a processor, implements the method of any one of the above embodiments.
The embodiments in the present description are described in a progressive manner, each embodiment focuses on differences from other embodiments, and the same and similar parts among the embodiments are referred to each other. The device disclosed in the embodiment corresponds to the method disclosed in the embodiment, so that the description is simple, and the relevant points can be referred to the description of the method part.
The previous description of the disclosed embodiments is provided to enable any person skilled in the art to make or use the present invention. Various modifications to these embodiments will be readily apparent to those skilled in the art, and the generic principles defined herein may be applied to other embodiments without departing from the spirit or scope of the invention. Thus, the present invention is not intended to be limited to the embodiments shown herein but is to be accorded the widest scope consistent with the principles and novel features disclosed herein.

Claims (8)

1. A financial password acquisition method is applied to a financial operation terminal and a password server, and is characterized by comprising the following steps:
s1: when the financial operation terminal detects that the card is inserted, acquiring registration information of the card and acquiring request information of an operation user;
s2: judging whether the attribution of the financial operation terminal and the attribution of the request information are consistent, if not, acquiring the biological characteristic information of the operation user, judging whether the biological characteristic information of the operation user is consistent with the registration information, and if so, executing a step S3;
s3: the financial operation terminal sends a password obtaining request to the password server;
s4: the password server sends encrypted password information to the financial operation terminal according to the password obtaining request;
s5: and the financial operation terminal decrypts the encrypted password information according to a preset rule to obtain the password information.
2. The method as claimed in claim 1, wherein in S2, if the biometric information and the registration information do not match, a correlation parameter value between the biometric information and the registration information is calculated, and when the correlation parameter value is greater than or equal to a predetermined threshold, the method proceeds to S3, and when the correlation parameter value is less than the predetermined threshold, no operation is performed.
3. The method for acquiring a financial password according to claim 1, further comprising S6: and when the financial operation terminal executes the operation corresponding to the request information, establishing and storing the association relationship between the operation and the biological characteristic information and the registration information.
4. The method according to claim 1, wherein the S5 specifically includes:
s51: when the password is displayed correctly after being decrypted, the financial operation terminal generates a random password, and the operation is completed by utilizing the random password to match with the password;
s52: and when the password is displayed incorrectly after being decrypted, judging that the password is an invalid password, sending an operation activation code to an operation user by the financial operation terminal, and finishing operation by using the operation activation code.
5. The method as claimed in claim 4, wherein in the step S51, when the password is decrypted and displayed correctly, and when the password usage exceeds a predetermined threshold, the password server deletes the password and the predetermined rule, and randomly generates a new password rule and a new password.
6. A system for using the financial password acquisition method according to any one of claims 1 to 5, comprising:
the acquisition module is used for acquiring the registration information of the card and acquiring the request information of an operation user when the financial operation terminal detects that the card is inserted;
a judging module, configured to judge whether the financial operation terminal is consistent with the attribution of the request message, collect biometric information of an operation user if the financial operation terminal is inconsistent with the attribution of the request message, judge whether the biometric information of the operation user is consistent with the registration message, and execute step S3 if the biometric information of the operation user is consistent with the registration message;
the sending module is used for sending a password obtaining request to the password server by utilizing the financial operation terminal;
the receiving module is used for sending encrypted password information to the financial operation terminal by using the password server according to the password obtaining request;
and the decryption module is used for decrypting the encrypted password information by using the financial operation terminal according to a preset rule to obtain the password information.
7. Financial device comprising a memory, a processor and a computer program stored on the memory and executable on the processor, characterized in that the processor implements the method of any of claims 1 to 5 when executing the computer program.
8. A computer-readable storage medium, on which a computer program is stored, which, when being executed by a processor, carries out the method of any one of claims 1 to 5.
CN202210508604.1A 2022-05-11 2022-05-11 Financial password acquisition method, system, financial equipment and storage medium Pending CN114898510A (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
CN202210508604.1A CN114898510A (en) 2022-05-11 2022-05-11 Financial password acquisition method, system, financial equipment and storage medium

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
CN202210508604.1A CN114898510A (en) 2022-05-11 2022-05-11 Financial password acquisition method, system, financial equipment and storage medium

Publications (1)

Publication Number Publication Date
CN114898510A true CN114898510A (en) 2022-08-12

Family

ID=82721249

Family Applications (1)

Application Number Title Priority Date Filing Date
CN202210508604.1A Pending CN114898510A (en) 2022-05-11 2022-05-11 Financial password acquisition method, system, financial equipment and storage medium

Country Status (1)

Country Link
CN (1) CN114898510A (en)

Cited By (1)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN115687437A (en) * 2022-12-30 2023-02-03 北京信加科技有限公司 Credit report query method and device, electronic equipment and readable storage medium

Citations (11)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
JP2004076346A (en) * 2002-08-14 2004-03-11 Fujitsu Ten Ltd Information processing system, server, information processor, radio portable terminal, and program
CN102123033A (en) * 2011-03-23 2011-07-13 北京恒光数码科技有限公司 Identity authentication method and system of dynamic password token as well as mobile terminal of dynamic password token
WO2011138558A2 (en) * 2010-05-06 2011-11-10 4G Secure Method for authenticating a user requesting a transaction with a service provider
CN102968275A (en) * 2012-11-23 2013-03-13 广东欧珀移动通信有限公司 Unlocking method and system of mobile terminal
CN103863249A (en) * 2014-04-14 2014-06-18 重庆大学 Control method for key-free emergency unlocking of car door
CN104320422A (en) * 2014-11-18 2015-01-28 中国建设银行股份有限公司 Password management method, related device and system
CN108710810A (en) * 2018-05-22 2018-10-26 中国银联股份有限公司 A kind of acquisition methods of password, traction equipment and terminal
CN108718359A (en) * 2018-04-25 2018-10-30 维沃移动通信有限公司 A kind of safe verification method, device and mobile terminal
CN109639724A (en) * 2019-01-14 2019-04-16 平安科技(深圳)有限公司 Password method for retrieving, password device for retrieving, computer equipment and storage medium
EP3809351A1 (en) * 2019-10-18 2021-04-21 Gaetano Rizzi Electronic payment control method and system
CN112929172A (en) * 2021-02-08 2021-06-08 中国工商银行股份有限公司 System, method and device for dynamically encrypting data based on key bank

Patent Citations (11)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
JP2004076346A (en) * 2002-08-14 2004-03-11 Fujitsu Ten Ltd Information processing system, server, information processor, radio portable terminal, and program
WO2011138558A2 (en) * 2010-05-06 2011-11-10 4G Secure Method for authenticating a user requesting a transaction with a service provider
CN102123033A (en) * 2011-03-23 2011-07-13 北京恒光数码科技有限公司 Identity authentication method and system of dynamic password token as well as mobile terminal of dynamic password token
CN102968275A (en) * 2012-11-23 2013-03-13 广东欧珀移动通信有限公司 Unlocking method and system of mobile terminal
CN103863249A (en) * 2014-04-14 2014-06-18 重庆大学 Control method for key-free emergency unlocking of car door
CN104320422A (en) * 2014-11-18 2015-01-28 中国建设银行股份有限公司 Password management method, related device and system
CN108718359A (en) * 2018-04-25 2018-10-30 维沃移动通信有限公司 A kind of safe verification method, device and mobile terminal
CN108710810A (en) * 2018-05-22 2018-10-26 中国银联股份有限公司 A kind of acquisition methods of password, traction equipment and terminal
CN109639724A (en) * 2019-01-14 2019-04-16 平安科技(深圳)有限公司 Password method for retrieving, password device for retrieving, computer equipment and storage medium
EP3809351A1 (en) * 2019-10-18 2021-04-21 Gaetano Rizzi Electronic payment control method and system
CN112929172A (en) * 2021-02-08 2021-06-08 中国工商银行股份有限公司 System, method and device for dynamically encrypting data based on key bank

Non-Patent Citations (2)

* Cited by examiner, † Cited by third party
Title
周致成等: "基于区块链技术的生物特征和口令双因子跨域认证方案", 《计算机应用》 *
管小明;雷伯录;曾凡锦;吴邦国;: "具有激活功能的实用型密码系统的设计" *

Cited By (1)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN115687437A (en) * 2022-12-30 2023-02-03 北京信加科技有限公司 Credit report query method and device, electronic equipment and readable storage medium

Similar Documents

Publication Publication Date Title
US11184343B2 (en) Method for carrying out an authentication
EP2782037B1 (en) Method and apparatus for performing authentication between applications
JP4874251B2 (en) Method and apparatus for authenticating a transaction using a dynamic authentication code
CN111814133A (en) Unified login method and device for mobile application
EP1983682A2 (en) Authentication system and method
CN101770552B (en) Method for clearing computer password, computer and system for clearing computer password
WO2019233224A1 (en) Tag data generation method, tag, and nfc tag-based data processing
CN111107063B (en) Login method and device
JP5286019B2 (en) Semiconductor device, biometric authentication method, biometric authentication system, and portable terminal
US20170076285A1 (en) Payment Method and Apparatus and Payment Factor Processing Method and Apparatus
US20180260816A1 (en) Payment authentication method and apparatus for mobile terminal and mobile terminal
CN114898510A (en) Financial password acquisition method, system, financial equipment and storage medium
CN108092764B (en) Password management method and equipment and device with storage function
KR20240024112A (en) System and method for contactless card communication and multi-device key pair cryptographic authentication
CN102546169A (en) Method and system for controlling the performance of a function protected by user authentication, in particular for accessing a resource
EP2985712B1 (en) Application encryption processing method, apparatus, and terminal
US7529369B2 (en) Data processing with a key
CN106533685B (en) Identity authentication method, device and system
EP3528154B1 (en) Systems and methods for authentication code entry using mobile electronic devices
US20230419325A1 (en) Method for processing an operation involving secret data, terminal, system and corresponding computer program
CN111949952A (en) Method for processing verification code request and computer-readable storage medium
CN115099799A (en) Transaction processing method and system for digital RMB
CN110430193B (en) Information verification method, device, server and storage medium
CN114938305A (en) Safety authentication method, system and storage medium of financial equipment
CN113506390B (en) Access control method, device, equipment and readable storage medium

Legal Events

Date Code Title Description
PB01 Publication
PB01 Publication
SE01 Entry into force of request for substantive examination
SE01 Entry into force of request for substantive examination
RJ01 Rejection of invention patent application after publication
RJ01 Rejection of invention patent application after publication

Application publication date: 20220812