CN115063221B - Bank customer data cross-line query method, computer device and storage medium - Google Patents

Bank customer data cross-line query method, computer device and storage medium Download PDF

Info

Publication number
CN115063221B
CN115063221B CN202210580351.9A CN202210580351A CN115063221B CN 115063221 B CN115063221 B CN 115063221B CN 202210580351 A CN202210580351 A CN 202210580351A CN 115063221 B CN115063221 B CN 115063221B
Authority
CN
China
Prior art keywords
client
bank
information
banking system
reserved
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Active
Application number
CN202210580351.9A
Other languages
Chinese (zh)
Other versions
CN115063221A (en
Inventor
张皓
徐峰
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
Bank Of Chongqing Co ltd
Original Assignee
Bank Of Chongqing Co ltd
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Bank Of Chongqing Co ltd filed Critical Bank Of Chongqing Co ltd
Priority to CN202210580351.9A priority Critical patent/CN115063221B/en
Publication of CN115063221A publication Critical patent/CN115063221A/en
Application granted granted Critical
Publication of CN115063221B publication Critical patent/CN115063221B/en
Active legal-status Critical Current
Anticipated expiration legal-status Critical

Links

Classifications

    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06QINFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES, NOT OTHERWISE PROVIDED FOR
    • G06Q40/00Finance; Insurance; Tax strategies; Processing of corporate or income taxes
    • G06Q40/02Banking, e.g. interest calculation or account maintenance
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F16/00Information retrieval; Database structures therefor; File system structures therefor
    • G06F16/90Details of database functions independent of the retrieved data types
    • G06F16/95Retrieval from the web
    • G06F16/953Querying, e.g. by the use of web search engines
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/30Authentication, i.e. establishing the identity or authorisation of security principals
    • G06F21/31User authentication

Landscapes

  • Engineering & Computer Science (AREA)
  • Theoretical Computer Science (AREA)
  • General Physics & Mathematics (AREA)
  • Business, Economics & Management (AREA)
  • Databases & Information Systems (AREA)
  • Physics & Mathematics (AREA)
  • Accounting & Taxation (AREA)
  • Finance (AREA)
  • Computer Security & Cryptography (AREA)
  • General Engineering & Computer Science (AREA)
  • Economics (AREA)
  • General Business, Economics & Management (AREA)
  • Technology Law (AREA)
  • Strategic Management (AREA)
  • Data Mining & Analysis (AREA)
  • Marketing (AREA)
  • Development Economics (AREA)
  • Computer Hardware Design (AREA)
  • Software Systems (AREA)
  • Financial Or Insurance-Related Operations Such As Payment And Settlement (AREA)

Abstract

The invention discloses a bank customer data cross-line inquiry method, a computer device and a storage medium. According to the invention, the bank customer data queried from the bank system can be safely sent to the external bank system according to the authorization operation of the same customer, so that the use of the customer can be facilitated, and the risk of information leakage caused by logging in and switching different bank systems can be reduced. The invention is widely applied to the technical field of bank digitization.

Description

Bank customer data cross-line query method, computer device and storage medium
Technical Field
The invention relates to the technical field of bank digitization, in particular to a bank customer data cross-line query method, a computer device and a storage medium.
Background
In daily use of banking, customers often have a need to query their transaction details and other banking customer data. The same customer often opens accounts in a plurality of banks, and generally, each bank provides a data query channel of the bank customer such as a mobile phone APP for the customer, which means that the customer needs to operate the mobile phone APP of the plurality of banks. Sometimes, a customer needs to know bank customer data of accounts opened by the customer at different banks at the same time, for example, the same customer opens accounts at an A bank and an B bank, and the customer operates a mobile phone APP of the A bank to transfer funds to the B bank account of the customer, so that the customer needs to know the balance of the B bank account of the customer before the customer, and the customer needs to operate the mobile phone APP of the B bank to inquire because the mobile phone APP of the A bank cannot inquire the balance of the B bank account. On one hand, the operation of logging in a plurality of bank mobile phones APP, switching the mobile phones APP and the like is required to be carried out by a client, so that the trouble in the process is caused; on the other hand, the customer needs to log in a plurality of bank mobile phones APP, so that the security risks such as account password leakage are increased, and due to the switching operation of the mobile phones APP, the customer is likely to make actions such as copying account balances on paper, and the bank customer information is separated from the control range of the mobile phones APP, so that the security risks are also present.
In summary, for convenience of operation and security, it is necessary to implement the cross-line query function of the bank customer data.
Disclosure of Invention
Aiming at least one technical problem that the current bank customer data cannot be queried in a crossing way, which causes complicated operation, security risk and the like, the invention aims to provide a bank customer data query method in a crossing way, a computer device and a storage medium.
In one aspect, an embodiment of the present invention includes a method for cross-row query of banking customer data, including:
acquiring operation authorization of a client;
acquiring a data query request sent by an external banking system;
generating a reverse query request in response to the data query request;
returning the reverse query request to the external banking system;
acquiring verification information; the verification information is sent by the external banking system in response to the reverse query request;
verifying the validity of the data query request according to the verification information;
when the data query request is legal, querying bank client data corresponding to the client from the bank system;
and returning the bank client data.
Further, the obtaining the operation authorization of the client includes:
acquiring a reserved password and a reserved encryption algorithm corresponding to the client;
acquiring confirmation information sent by the client; the confirmation information is used for indicating that the client has reserved the same reserved password and reserved encryption algorithm in the external banking system.
Further, the obtaining the reserved password and reserved encryption algorithm corresponding to the client includes:
acquiring a password generation request sent by the client;
responding to the password generation request, generating the reserved password and setting encryption algorithm parameters;
and returning the reserved password and the encryption algorithm parameters to the client.
Further, the generating the reservation password includes:
determining a target service type; the target service type is the service type corresponding to the bank client data to be queried by the data query request;
inquiring first transaction record information and second transaction record information in the bank system; the first transaction record information is generated by a first transaction operation and the second transaction record information is generated by a second transaction operation; the first transaction operation request is initiated by the client through the local banking system to the external banking system, and the second transaction operation request is initiated by the client through the external banking system to the local banking system; the first transaction operation and the second transaction operation both belong to the target service type;
and when the first transaction record information and the second transaction record information are inquired, generating the reserved password according to the first transaction record information and the second transaction record information.
Further, the generating the reservation password further includes:
when the first transaction record information and the second transaction record information are not inquired, sending indication information to the client; the indication information is used for indicating the client to complete the first transaction operation and the second transaction operation.
Further, the returning the reverse query request to the external banking system includes:
and requesting the external bank system to encrypt the reserved password according to the encryption algorithm parameters through the reverse query request to obtain first encrypted information, and returning the first encrypted information serving as the verification information to the bank system.
Further, the verifying the validity of the data query request according to the verification information includes:
decrypting the verification information according to the encryption algorithm parameters to obtain decryption information;
comparing the decryption information with the reserved password;
and when the decryption information is consistent with the reserved password, determining that the data query request is legal, otherwise, determining that the data query request is illegal.
Further, the returning the banking customer data includes:
encrypting the bank client data to obtain second encryption information;
storing the second encryption information to a blockchain; the blockchain is used for the client and/or the external banking system to read the second encryption information.
In another aspect, an embodiment of the present invention further includes a computer apparatus including a memory for storing at least one program and a processor for loading the at least one program to perform the bank customer data cross-line query method of the embodiment.
In another aspect, embodiments of the present invention further include a storage medium having stored therein a program executable by a processor, which when executed by the processor, performs the bank customer data cross-line querying method in the embodiments.
The beneficial effects of the invention are as follows: according to the bank client data cross-line query method in the embodiment, the bank client data queried from the bank system can be safely sent to an external bank system according to the authorization operation of the same client, so that the use of the client can be facilitated, and the risk of information leakage caused by logging in and switching different bank systems can be reduced.
Drawings
FIG. 1 is a flow chart of a bank customer data cross-line query method in an embodiment;
FIG. 2 is a schematic diagram of an embodiment of a bank customer data cross-line query method;
FIG. 3 is a schematic diagram illustrating a process of operation authorization performed by a client in an embodiment;
fig. 4 is a schematic diagram of a transmission process of a data query request in an embodiment;
FIG. 5 is a schematic diagram of a sending process of a reverse query request in an embodiment;
fig. 6 is a schematic diagram of a transmission process of the first encrypted information in the embodiment;
fig. 7 is a schematic diagram of a transmission process of the second encrypted information in the embodiment.
Detailed Description
In this embodiment, referring to fig. 1, the bank customer data cross-line query method includes the following steps:
s1, obtaining operation authorization of a client;
s2, acquiring a data query request sent by an external bank system;
s3, responding to the data query request, and generating a reverse query request;
s4, returning a reverse query request to an external bank system;
s5, acquiring verification information; the authentication information is sent by an external banking system in response to the reverse query request;
s6, verifying the validity of the data query request according to the verification information;
s7, inquiring bank client data corresponding to the client from the bank system when the data inquiry request is legal;
s8, returning the bank customer data.
In this embodiment, one scenario for performing steps S1-S8 is shown in FIG. 2. In fig. 2, a customer uses a terminal such as a mobile phone, a computer or a tablet computer to access an ethylside server by running an ethylside mobile phone APP or a computer application program, and can handle the ethylside business, and accesses an ethylside server by running an ethylside mobile phone APP or a computer application program, and can handle the ethylside business. The client needs to query bank client data of an account opened by the client at an A bank in a cross-bank mode through an B bank server.
In this embodiment, steps S1 to S8 may be performed by the first bank server in fig. 2, so that the first bank server that performs the bank client data cross-line query method in this embodiment may be referred to as the present bank system, and the second bank server may be referred to as the external bank system. The terminals such as a mobile phone, a computer or a tablet personal computer used by the client are clients.
In step S1, the present banking system obtains the operation authorization of the client, and only after obtaining the operation authorization of the client, the present banking system can send the banking client data of the client to the external banking system. Specifically, the bank may require the customer himself to contact the bank staff offline or online to transact the operation authorization.
In this embodiment, referring to fig. 3, when performing step S1, that is, the step of obtaining the operation authorization of the client, the following steps may be specifically performed:
s101, acquiring a reserved password and a reserved encryption algorithm corresponding to a client;
s102, acquiring confirmation information sent by a client; the confirmation information is used to indicate that the client has reserved the same reservation password and reservation encryption algorithm in the external banking system.
When executing step S101, the present banking system may first wait for the client to send a password generation request. The client generates a password generation request, sends the password generation request to the bank system, triggers the client to generate a reserved password, and sets encryption algorithm parameters. Specifically, the reserved password may be a character string, and the encryption algorithm parameter may be parameters such as a type, version number, and key of the selected encryption algorithm. For example, the present banking system may select a symmetric encryption algorithm such as DES or AES, and set a key as an encryption algorithm parameter.
When the bank system executes step S101 to return the reserved password and the encryption algorithm parameter to the client, the reserved password and the encryption algorithm can be transmitted through the physical medium. For example, the bank system writes the generated reserved password and encryption algorithm parameters into a data memory of a 3.5mm interface or a USB interface, the data memory is handed to a client, and the client connects the data memory with the client, so that the client can read the reserved password and the encryption algorithm parameters from the data memory, and the distribution of the reserved password and the encryption algorithm parameters is completed.
When the bank system executes step S101 to return the reserved password and the encryption algorithm parameter to the client, the reserved password and the encryption algorithm parameter can be encrypted by the public key, which is equivalent to encrypting the reserved password and the encryption algorithm parameter by using another set of data encryption algorithm, and the reserved password and the encryption algorithm parameter are distributed to the client by means of network transmission and the like, so that the use of a data storage can be avoided.
The bank system can also select an asymmetric encryption algorithm and set a public key and a private key as encryption algorithm parameters. When the bank system sends the encryption algorithm parameters to the client, only the public key can be sent, and the private key is reserved by the bank system and is not sent to the client. Since the public key is public, the public key can be sent to the client without adopting an encryption means, and the requirement on encryption performance is reduced.
After the bank system distributes the reserved password and the encryption algorithm parameters to the client, the client can be instructed to send the reserved password and the reserved encryption algorithm to the external bank system, so that the external bank system also stores the same reserved password and reserved encryption algorithm. The bank system and the instruction client side return confirmation information to the bank system after receiving feedback information of the external bank system and determining that the external bank system stores the reserved password and the reserved encryption algorithm, so that the bank system can confirm that the external bank system stores the reserved password and the reserved encryption algorithm according to the confirmation information.
After step S101-S102 is completed, the same reserved password and encryption algorithm parameters are reserved in the present bank system and the external bank system, and the reserved password and encryption algorithm parameters are generated by the present bank system by triggering the present bank system by sending a password generating request to the present bank system, and the action of the client sending the password generating request can determine the authorization authenticity and validity thereof, thereby completing the operation authorization of the client.
When step S2 is executed, that is, the step of acquiring the data query request sent by the external banking system, the banking system may open a data access interface to the bank mobile phone APP, directly receive the data query request sent by the bank mobile phone APP, or the bank mobile phone APP may send the data query request to the bank server (external banking system), and the bank server sends the data query request to the bank server (banking system).
In this embodiment, when step S101 is executed, the present banking system may randomly generate a character string as a reserved password through a random number generation algorithm. In this way, the generated reserved password has no characteristic of regularity, and the risk of attack of an illegal main body can be reduced.
In this embodiment, when executing step S101, the present banking system may further generate a reserved password by:
s10101, determining a target service type; the target service type is the service type corresponding to the bank customer data to be queried for the data query request;
s10102, inquiring first transaction record information and second transaction record information in the bank system; the first transaction record information is generated by a first transaction operation, and the second transaction record information is generated by a second transaction operation; the first transaction operation request is initiated by the client through the bank system to the external bank system, and the second transaction operation request is initiated by the client through the external bank system to the bank system; the first transaction operation and the second transaction operation belong to the target service type;
s10103, when the first transaction record information and the second transaction record information are obtained through inquiry, a reserved password is generated according to the first transaction record information and the second transaction record information;
s10104, when the first transaction record information and the second transaction record information are not inquired, sending indication information to the client; the indication information is used for indicating the client to complete the first transaction operation and the second transaction operation.
In step S10101, the service type corresponding to the bank client data to be queried in the data query request sent by the external banking system in step S2 may be determined. In actual use, the data query request may specifically request to query bank customer data such as a home money transfer record, a foreign money transfer record, and an exchange ticket redemption record, which are handled by the same customer at a bank, where the bank customer data corresponds to service types such as a home money transfer, a foreign money transfer, and an exchange ticket redemption, respectively. For example, if in step S2, the data query request sent by the external banking system is a home money transfer record, and the corresponding service type is a home money transfer, and the target service type determined in step S10101 is a home money transfer.
In step S10102, the present banking system inquires whether first transaction record information and second transaction record information corresponding to the target service type are stored therein. The first transaction record information is transaction record information generated by a first transaction operation, the second transaction record information is transaction record information generated by a second transaction operation, the first transaction operation request is a transaction operation request which is initiated by a client to an external banking system through the banking system and belongs to a target business type, and the second transaction operation request is a transaction operation request which is initiated by the client to the banking system through the external banking system and belongs to the target business type.
In performing step S10101 in the present embodiment, it has been determined that the target service type is the home money transfer. Then in step S10102, the present banking system may query whether the first transaction record information corresponding to the money transfer transaction operation from the bank a to the bank b initiated before the client is stored (i.e., the first transaction operation request, for example, the client initiates a transaction request to the bank a server through the bank a mobile phone APP, requests itself to transfer a part of the money in the bank a account to the account of the bank b), and the second transaction record information corresponding to the money transfer transaction operation from the bank b to the bank a (i.e., the second transaction operation request, for example, the client initiates a transaction request to the bank b server through the bank a mobile phone APP, requests itself to transfer a part of the money in the bank b account to the account of the bank a).
In step S10103, if the first transaction record information and the second transaction record information are queried, it indicates that the client terminal processes the service (such as the first transaction operation request) belonging to the target service type performed on the account of the first bank through the first bank mobile phone APP, processes the service (such as the second transaction operation request) belonging to the target service type performed on the account of the second bank through the second bank mobile phone APP, and can verify that the client terminal is not only the legal use subject of the present bank system, but also the legal use subject of the external bank system, and the present bank system can generate the reserved password according to the first transaction record information and the second transaction record information.
Specifically, when the bank system generates the reserved password according to the first transaction record information and the second transaction record information, the first transaction record information and the second transaction record information which are obtained by inquiry can be used as trigger information, and the reserved password is generated through a random number generation algorithm or other algorithms which are not related to the first transaction record information and the second transaction record information; the bank system can also convert the first transaction record information and the second transaction record information (including information of transaction opponents, transaction time, transaction amount, serial numbers and the like) into character strings, and then map the character strings to obtain reserved passwords, or directly splice the first transaction record information and the second transaction record information to be used as reserved passwords.
In step S10104, if the first transaction record information and the second transaction record information are not queried, referring to the principle of step S10103, it cannot be determined that the client is not the legal use subject of the present banking system, but is also the legal use subject of the external banking system, and the present banking system may send indication information to the client to instruct the client to use the client to complete the first transaction operation and the second transaction operation. The content of the instruction information may include a period during which the client performs the first transaction operation and the second transaction operation, an amount of the first transaction operation and the second transaction operation, and the like. For example, in the case that the target service type is determined to be the home currency transfer, the indication information may indicate that the client logs in the first bank mobile phone APP operated by the client, and a home currency with a certain value is transferred from the first bank account of the client to the second bank account of the client, so as to complete the first transaction operation and generate the first transaction record information; and indicating the client to log in an ethylene bank mobile phone APP operated by the client, transferring a certain number of home currency from the ethylene bank account of the client to the first bank account of the client, thereby completing a second transaction operation and generating second transaction record information.
By executing step S10104, it can be verified that the client is not only the legal use subject of the present banking system, but also the legal use subject of the external banking system, and the present banking system can generate the reserved password according to the first transaction record information and the second transaction record information.
In this embodiment, before executing step S2, the present banking system may pre-plan a service type corresponding to the data query request sent by the external banking system, and then generate indication information for the service types, respectively, to instruct the client to complete the first transaction operation and the second transaction operation of various service types, so that the operation authorization of the client to the present banking system can be implemented in advance, without repeating the operation of executing step S1 to obtain the authorization of the client before executing step S2 to obtain the data query request each time.
In this embodiment, the banking system may also not distinguish the service types, and only if the client has executed a set of the first transaction operation and the second transaction operation, the client is considered to have performed operation authorization, and even if the service type corresponding to the data query request obtained in the subsequent execution step S2 is different from the first transaction operation and the second transaction operation, the banking system also makes the responses in steps S3-S8, etc.
In step S2, referring to fig. 4, the external banking system may send a data query request through an interface between the banking system and the external banking system, or may send a data query request through an inter-banking mechanism such as a banked joint, or may upload the data query request to the blockchain, and the banking system obtains the data query request from the blockchain. By using the blockchain to transfer the data query request, the traceability and non-falsification of the bank client data transfer process between the first bank and the second bank can be realized.
In this embodiment, after executing step S2, the present banking system may execute steps S3 and S4 without querying the banking client data of the client after obtaining the data query request sent by the external banking system, that is, generate a reverse query request, and return the reverse query request to the external banking system.
When the present banking system executes steps S3 and S4, referring to fig. 5, a reverse query request may be sent through an interface between the present banking system and an external banking system, or may be sent through an inter-banking mechanism such as a banking unit, or may be uploaded to a blockchain, and the external banking system obtains the reverse query request from the blockchain. By using the blockchain to transfer the reverse query request, the traceability and non-falsification of the bank client data transfer process between the first bank and the second bank can be realized.
In step S5, after the external banking system receives the reverse query request, authentication information is generated in response to the reverse query request. Specifically, the reverse query request may trigger the external banking system to encrypt the reserved password according to the encryption algorithm parameter reserved in step S1, so as to obtain first encrypted information, where the first encrypted information is used as verification information. Specifically, if the encryption algorithm used is a symmetric encryption algorithm, the external banking system may encrypt using the key acquired in step S101; if the encryption algorithm used is an asymmetric encryption algorithm, the external banking system may encrypt using the public key acquired in step S101.
Referring to fig. 6, when the external banking system returns the first encrypted information to the present banking system, the first encrypted information may be transmitted through an interface between the present banking system and the external banking system, or may be transmitted through an inter-banking mechanism such as a banked joint, or may be uploaded to a blockchain, and the present banking system obtains the first encrypted information from the blockchain. By using the blockchain to transfer the first encryption information, the traceability and non-falsification of the bank client data transfer process between the first bank and the second bank can be realized.
In step S6, the present banking system verifies the validity of the data query request sent by the external banking system in step S2 according to the verification information returned by the external banking system in step S5. When executing step S6, the banking system may specifically execute the following steps:
s601, decrypting the verification information according to encryption algorithm parameters to obtain decryption information;
s602, comparing the decryption information with a reserved password;
s603, when the decryption information is consistent with the reserved password, determining that the data query request is legal, otherwise, determining that the data query request is illegal.
In step S601, if the present banking system selects a symmetric encryption algorithm, the key sent to the client and the external banking system in step S101 may be used to decrypt the verification information, thereby obtaining the decrypted information. Under the condition that the external banking system is really used by the client, the verification information sent by the external banking system is actually ciphertext, and the corresponding plaintext is the reserved password, and then the decryption information obtained by the step S601 is consistent with the reserved password through the comparison of the step S602, so that in the step S603, the data query request can be determined to be legal, and the data query request can be responded; if the external banking system is impersonated, the external banking system cannot obtain the reserved password and generate the corresponding ciphertext as verification information, and the decryption information obtained through the step S601 is inconsistent with the reserved password through the comparison of the step S602, so that in the step S603, it can be determined that the data query request is illegal, and the response to the data query request is refused.
In step S601, if the present banking system selects an asymmetric encryption algorithm, the private key may be used to decrypt the verification information, thereby obtaining decrypted information.
Whether the encryption algorithm is a symmetric encryption algorithm or an asymmetric encryption algorithm, the external bank system can obtain the reserved password the same as the bank system only under the condition that the external bank system and the bank system are the same bank service system used by the same customer and operation authorization of the client is performed, so that the validity verification of the data query request is passed in step S6. In executing steps S10101-S10104, according to the two-way transaction operation of the same customer in the present banking system and the external banking system, to generate the first transaction record information and the second transaction record information, and according to the first transaction record information and the second transaction record information, under the condition of generating the reserved password, since the generation process of the first transaction record information and the second transaction record information is performed by the reliable confidentiality means, the reserved password also has reliable confidentiality, thereby providing a guarantee for protecting the bank customer data in the bank customer data cross-line inquiry method in the present embodiment.
In step S7, the present banking system queries the banking customer data corresponding to the customer end in response to the data query request under the condition that the data query request is determined to be legal in step S6. For example, when the data query request needs to query the money transfer record of the customer in a certain time period (the money transfer record may be limited to the money transfer record of the bank server, i.e. the external bank system, or may not be limited to the transaction opponent), the bank system queries the money transfer record in the time period to obtain the bank customer data.
In step S8, the present banking system returns the banking customer data obtained by the inquiry in step S7 to the external banking system.
Specifically, in performing step S8, the following steps may be performed:
s801, encrypting bank customer data to obtain second encryption information;
s802, storing second encryption information to a blockchain.
In step S801, the present banking system may encrypt the banking customer data using the same or different encryption algorithm as in step S601, thereby obtaining second encrypted information. Referring to fig. 7, when the present bank system transmits the second encrypted information to the external bank system, the second encrypted information may be transmitted through an interface between the present bank system and the external bank system, or may be transmitted through an inter-bank mechanism such as a banked joint, or may be uploaded to the blockchain, and the external bank system obtains the second encrypted information from the blockchain. By using the blockchain to transfer the second encrypted information, the traceability and non-falsification of the bank client data transfer process between the first bank and the second bank can be realized.
In step S802, after the second encryption information is obtained from the blockchain by the external banking system, the second encryption information may be sent to the bank mobile phone APP of the client, or the bank mobile phone APP may directly obtain the second encryption information from the blockchain. The external banking system or the client decrypts the second encrypted information, thereby obtaining banking client data.
The client displays the acquired bank client data of the first bank through the second bank mobile phone APP, so that the cross-bank inquiry of the bank client data is realized.
By executing the bank client data cross-line query method in the embodiment, the bank client data queried from the bank system can be safely sent to an external bank system according to the authorization operation of the same client, so that the use of the client can be facilitated, and the risk of information leakage caused by logging in and switching different bank systems can be reduced.
The method for querying the bank client data cross-line in the embodiment can be implemented by writing a computer program for executing the method for querying the bank client data cross-line in the embodiment, writing the computer program into a computer device or a storage medium, and executing the method for querying the bank client data cross-line in the embodiment when the computer program is read out for running, thereby realizing the same technical effects as the method for querying the bank client data cross-line in the embodiment.
It should be noted that, unless otherwise specified, when a feature is referred to as being "fixed" or "connected" to another feature, it may be directly or indirectly fixed or connected to the other feature. Further, the descriptions of the upper, lower, left, right, etc. used in this disclosure are merely with respect to the mutual positional relationship of the various components of this disclosure in the drawings. As used in this disclosure, the singular forms "a," "an," and "the" are intended to include the plural forms as well, unless the context clearly indicates otherwise. In addition, unless defined otherwise, all technical and scientific terms used in this example have the same meaning as commonly understood by one of ordinary skill in the art. The terminology used in the description of the embodiments is for the purpose of describing particular embodiments only and is not intended to be limiting of the invention. The term "and/or" as used in this embodiment includes any combination of one or more of the associated listed items.
It should be understood that although the terms first, second, third, etc. may be used in this disclosure to describe various elements, these elements should not be limited by these terms. These terms are only used to distinguish one element of the same type from another. For example, a first element could also be termed a second element, and, similarly, a second element could also be termed a first element, without departing from the scope of the present disclosure. The use of any and all examples, or exemplary language (e.g., "such as") provided herein, is intended merely to better illuminate embodiments of the invention and does not pose a limitation on the scope of the invention unless otherwise claimed.
It should be appreciated that embodiments of the invention may be implemented or realized by computer hardware, a combination of hardware and software, or by computer instructions stored in a non-transitory computer readable memory. The methods may be implemented in a computer program using standard programming techniques, including a non-transitory computer readable storage medium configured with a computer program, where the storage medium so configured causes a computer to operate in a specific and predefined manner, in accordance with the methods and drawings described in the specific embodiments. Each program may be implemented in a high level procedural or object oriented programming language to communicate with a computer system. However, the program(s) can be implemented in assembly or machine language, if desired. In any case, the language may be a compiled or interpreted language. Furthermore, the program can be run on a programmed application specific integrated circuit for this purpose.
Furthermore, the operations of the processes described in the present embodiments may be performed in any suitable order unless otherwise indicated herein or otherwise clearly contradicted by context. The processes (or variations and/or combinations thereof) described in this embodiment may be performed under control of one or more computer systems configured with executable instructions, and may be implemented as code (e.g., executable instructions, one or more computer programs, or one or more applications), by hardware, or combinations thereof, that collectively execute on one or more processors. The computer program includes a plurality of instructions executable by one or more processors.
Further, the method may be implemented in any type of computing platform operatively connected to a suitable computing platform, including, but not limited to, a personal computer, mini-computer, mainframe, workstation, network or distributed computing environment, separate or integrated computer platform, or in communication with a charged particle tool or other imaging device, and so forth. Aspects of the invention may be implemented in machine-readable code stored on a non-transitory storage medium or device, whether removable or integrated into a computing platform, such as a hard disk, optical read and/or write storage medium, RAM, ROM, etc., such that it is readable by a programmable computer, which when read by a computer, is operable to configure and operate the computer to perform the processes described herein. Further, the machine readable code, or portions thereof, may be transmitted over a wired or wireless network. When such media includes instructions or programs that, in conjunction with a microprocessor or other data processor, implement the steps described above, the invention described in this embodiment includes these and other different types of non-transitory computer-readable storage media. The invention also includes the computer itself when programmed according to the methods and techniques of the present invention.
The computer program can be applied to the input data to perform the functions described in this embodiment, thereby converting the input data to generate output data that is stored to the non-volatile memory. The output information may also be applied to one or more output devices such as a display. In a preferred embodiment of the invention, the transformed data represents physical and tangible objects, including specific visual depictions of physical and tangible objects produced on a display.
The present invention is not limited to the above embodiments, but can be modified, equivalent, improved, etc. by the same means to achieve the technical effects of the present invention, which are included in the spirit and principle of the present invention. Various modifications and variations are possible in the technical solution and/or in the embodiments within the scope of the invention.

Claims (5)

1. The bank customer data cross-line query method is characterized by comprising the following steps of:
acquiring operation authorization of a client;
acquiring a data query request sent by an external banking system;
generating a reverse query request in response to the data query request;
returning the reverse query request to the external banking system;
acquiring verification information; the verification information is sent by the external banking system in response to the reverse query request;
verifying the validity of the data query request according to the verification information;
when the data query request is legal, querying bank client data corresponding to the client from the bank system;
returning the bank customer data;
the obtaining the operation authorization of the client comprises the following steps:
acquiring a reserved password and a reserved encryption algorithm corresponding to the client;
acquiring confirmation information sent by the client; the confirmation information is used for indicating that the client has reserved the same reserved password and reserved encryption algorithm in the external banking system;
the obtaining the reserved password and reserved encryption algorithm corresponding to the client comprises the following steps:
acquiring a password generation request sent by the client;
responding to the password generation request, generating the reserved password and setting encryption algorithm parameters;
returning the reserved password and the encryption algorithm parameters to the client;
the generating the reservation password includes:
determining a target service type; the target service type is the service type corresponding to the bank client data to be queried by the data query request;
inquiring first transaction record information and second transaction record information in the bank system; the first transaction record information is generated by a first transaction operation and the second transaction record information is generated by a second transaction operation; the first transaction operation request is initiated by the client through the local banking system to the external banking system, and the second transaction operation request is initiated by the client through the external banking system to the local banking system; the first transaction operation and the second transaction operation both belong to the target service type;
when the first transaction record information and the second transaction record information are inquired, generating the reserved password according to the first transaction record information and the second transaction record information;
the obtaining the operation authorization of the client side further includes:
if the client side executes a group of the first transaction operation and the second transaction operation, the client side is considered to be authorized to execute the operation;
the returning the reverse query request to the external banking system includes:
the external banking system is requested to encrypt the reserved password according to the encryption algorithm parameters through the reverse query request to obtain first encrypted information, and the first encrypted information is used as the verification information and returned to the banking system;
the verifying the validity of the data query request according to the verification information comprises the following steps:
decrypting the verification information according to the encryption algorithm parameters to obtain decryption information;
comparing the decryption information with the reserved password;
and when the decryption information is consistent with the reserved password, determining that the data query request is legal, otherwise, determining that the data query request is illegal.
2. The bank customer data cross-line querying method according to claim 1, wherein said generating the reservation password further comprises:
when the first transaction record information and the second transaction record information are not inquired, sending indication information to the client; the indication information is used for indicating the client to complete the first transaction operation and the second transaction operation.
3. A bank customer data cross-row query method according to claim 1 or 2, wherein said returning said bank customer data comprises:
encrypting the bank client data to obtain second encryption information;
storing the second encryption information to a blockchain; the blockchain is used for the client and/or the external banking system to read the second encryption information.
4. A computer apparatus comprising a memory for storing at least one program and a processor for loading the at least one program to perform the bank customer data cross-line querying method of any of claims 1-3.
5. A storage medium having stored therein a processor executable program, wherein the processor executable program when executed by a processor is for performing the bank customer data cross-line query method of any of claims 1-3.
CN202210580351.9A 2022-05-26 2022-05-26 Bank customer data cross-line query method, computer device and storage medium Active CN115063221B (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
CN202210580351.9A CN115063221B (en) 2022-05-26 2022-05-26 Bank customer data cross-line query method, computer device and storage medium

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
CN202210580351.9A CN115063221B (en) 2022-05-26 2022-05-26 Bank customer data cross-line query method, computer device and storage medium

Publications (2)

Publication Number Publication Date
CN115063221A CN115063221A (en) 2022-09-16
CN115063221B true CN115063221B (en) 2023-10-27

Family

ID=83199266

Family Applications (1)

Application Number Title Priority Date Filing Date
CN202210580351.9A Active CN115063221B (en) 2022-05-26 2022-05-26 Bank customer data cross-line query method, computer device and storage medium

Country Status (1)

Country Link
CN (1) CN115063221B (en)

Citations (9)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN105096119A (en) * 2014-05-15 2015-11-25 东方斯泰克信息技术研究院(北京)有限公司 Virtual bank system and realization method thereof
CN111179067A (en) * 2019-12-31 2020-05-19 杭州趣链科技有限公司 Block chain-based customer information exchange system between banks
CN111461733A (en) * 2020-04-03 2020-07-28 银清科技有限公司 Account information query method, device and system based on block chain
CN111967967A (en) * 2020-08-18 2020-11-20 中国银行股份有限公司 Block chain-based cross-bank payment service processing method and device
CN112801646A (en) * 2021-01-18 2021-05-14 九恒星(武汉)信息技术有限公司 Data processing method and device
CN113421092A (en) * 2021-06-30 2021-09-21 中国银行股份有限公司 Block chain system, client and storage system and method of transaction data
CN113469669A (en) * 2021-07-16 2021-10-01 中国银行股份有限公司 Method for querying client information across instances, related device and computer storage medium
CN113746904A (en) * 2021-08-04 2021-12-03 南京星云数字技术有限公司 Service request processing method, system and computer readable storage medium
CN114168932A (en) * 2021-11-19 2022-03-11 中国银行股份有限公司 Method and device for realizing cross-row login based on block chain

Patent Citations (9)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN105096119A (en) * 2014-05-15 2015-11-25 东方斯泰克信息技术研究院(北京)有限公司 Virtual bank system and realization method thereof
CN111179067A (en) * 2019-12-31 2020-05-19 杭州趣链科技有限公司 Block chain-based customer information exchange system between banks
CN111461733A (en) * 2020-04-03 2020-07-28 银清科技有限公司 Account information query method, device and system based on block chain
CN111967967A (en) * 2020-08-18 2020-11-20 中国银行股份有限公司 Block chain-based cross-bank payment service processing method and device
CN112801646A (en) * 2021-01-18 2021-05-14 九恒星(武汉)信息技术有限公司 Data processing method and device
CN113421092A (en) * 2021-06-30 2021-09-21 中国银行股份有限公司 Block chain system, client and storage system and method of transaction data
CN113469669A (en) * 2021-07-16 2021-10-01 中国银行股份有限公司 Method for querying client information across instances, related device and computer storage medium
CN113746904A (en) * 2021-08-04 2021-12-03 南京星云数字技术有限公司 Service request processing method, system and computer readable storage medium
CN114168932A (en) * 2021-11-19 2022-03-11 中国银行股份有限公司 Method and device for realizing cross-row login based on block chain

Also Published As

Publication number Publication date
CN115063221A (en) 2022-09-16

Similar Documents

Publication Publication Date Title
US10594498B2 (en) Method and service-providing server for secure transmission of user-authenticating information
US11611543B1 (en) Wireless peer to peer mobile wallet connections
EP3198907B1 (en) Remote server encrypted data provisioning system and methods
KR101544722B1 (en) Method for performing non-repudiation, payment managing server and user device therefor
CN103731259B (en) A kind of terminal master key TMK safety downloading method and systems
TWI497336B (en) Data security devices and computer program
JP6704919B2 (en) How to secure your payment token
CN109450910A (en) Data sharing method, data sharing network and electronic equipment based on block chain
US10210489B2 (en) Credential provision and proof system
CN108476227A (en) System and method for equipment push supply
US9225754B2 (en) Ad-hoc network communications
CN101842795B (en) For carrying out mutual system, the method and apparatus with dynamic security
CN101373528A (en) Electronic payment system, device and method based on position authentication
WO2018166359A1 (en) Mobile payment sublicensing method and payment system implemented by using same
CN110599342B (en) Block chain-based identity information authorization method and device
KR101702748B1 (en) Method, system and recording medium for user authentication using double encryption
JP7156889B2 (en) Payment processing method
CN102904720B (en) Method and system for mobile payment password processing
KR101769861B1 (en) User biometric authentication method and system using HSM smart card without password exposure
WO2016074781A1 (en) Method and server for providing transaction keys
KR101407737B1 (en) Apparatus and Method for Processing Finance Banking Information of Smart Device Using QR Code
KR101771484B1 (en) Creation Method of Signature Key to use Security Token efficiently
CN115063221B (en) Bank customer data cross-line query method, computer device and storage medium
KR101577058B1 (en) Method for Registering OTP Creation Condition
US10248947B2 (en) Method of generating a bank transaction request for a mobile terminal having a secure module

Legal Events

Date Code Title Description
PB01 Publication
PB01 Publication
SE01 Entry into force of request for substantive examination
SE01 Entry into force of request for substantive examination
GR01 Patent grant
GR01 Patent grant