CN116415946A - Payment method, device and system based on hardware wallet - Google Patents

Payment method, device and system based on hardware wallet Download PDF

Info

Publication number
CN116415946A
CN116415946A CN202111663005.9A CN202111663005A CN116415946A CN 116415946 A CN116415946 A CN 116415946A CN 202111663005 A CN202111663005 A CN 202111663005A CN 116415946 A CN116415946 A CN 116415946A
Authority
CN
China
Prior art keywords
payment
wallet
free
secret
password
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Pending
Application number
CN202111663005.9A
Other languages
Chinese (zh)
Inventor
穆长春
狄刚
边永超
彭晨漪
赵新宇
崔沛东
彭美玲
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
Digital Currency Institute of the Peoples Bank of China
Original Assignee
Digital Currency Institute of the Peoples Bank of China
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Digital Currency Institute of the Peoples Bank of China filed Critical Digital Currency Institute of the Peoples Bank of China
Priority to CN202111663005.9A priority Critical patent/CN116415946A/en
Publication of CN116415946A publication Critical patent/CN116415946A/en
Pending legal-status Critical Current

Links

Images

Classifications

    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06QINFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES, NOT OTHERWISE PROVIDED FOR
    • G06Q20/00Payment architectures, schemes or protocols
    • G06Q20/08Payment architectures
    • G06Q20/10Payment architectures specially adapted for electronic funds transfer [EFT] systems; specially adapted for home banking systems
    • G06Q20/105Payment architectures specially adapted for electronic funds transfer [EFT] systems; specially adapted for home banking systems involving programming of a portable memory device, e.g. IC cards, "electronic purses"
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06QINFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES, NOT OTHERWISE PROVIDED FOR
    • G06Q20/00Payment architectures, schemes or protocols
    • G06Q20/04Payment circuits
    • G06Q20/06Private payment circuits, e.g. involving electronic currency used among participants of a common payment scheme
    • G06Q20/065Private payment circuits, e.g. involving electronic currency used among participants of a common payment scheme using e-cash
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06QINFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES, NOT OTHERWISE PROVIDED FOR
    • G06Q20/00Payment architectures, schemes or protocols
    • G06Q20/38Payment protocols; Details thereof
    • G06Q20/382Payment protocols; Details thereof insuring higher security of transaction
    • G06Q20/3821Electronic credentials
    • G06Q20/38215Use of certificates or encrypted proofs of transaction rights
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06QINFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES, NOT OTHERWISE PROVIDED FOR
    • G06Q20/00Payment architectures, schemes or protocols
    • G06Q20/38Payment protocols; Details thereof
    • G06Q20/40Authorisation, e.g. identification of payer or payee, verification of customer or shop credentials; Review and approval of payers, e.g. check credit lines or negative lists
    • G06Q20/409Device specific authentication in transaction processing
    • G06Q20/4097Device specific authentication in transaction processing using mutual authentication between devices and transaction partners
    • G06Q20/40975Device specific authentication in transaction processing using mutual authentication between devices and transaction partners using encryption therefor

Landscapes

  • Business, Economics & Management (AREA)
  • Accounting & Taxation (AREA)
  • Engineering & Computer Science (AREA)
  • Finance (AREA)
  • Physics & Mathematics (AREA)
  • Strategic Management (AREA)
  • General Business, Economics & Management (AREA)
  • General Physics & Mathematics (AREA)
  • Theoretical Computer Science (AREA)
  • Computer Security & Cryptography (AREA)
  • Economics (AREA)
  • Development Economics (AREA)
  • Financial Or Insurance-Related Operations Such As Payment And Settlement (AREA)

Abstract

The invention discloses a payment method, device and system based on a hardware wallet, and relates to the technical field of digital currency. One embodiment of the method comprises the following steps: receiving a secret-free payment request, wherein the secret-free payment request comprises a payment wallet identification and a payment amount, and the payment wallet is a hardware wallet bound with an associated wallet; acquiring payment wallet information according to the payment wallet identification, wherein the payment wallet information comprises a password-free identification; judging whether the payment wallet supports small-amount secret-free payment according to the secret-free identification; under the condition that the payment wallet supports small-amount secret-free payment, obtaining the secret-free amount of the payment wallet; judging whether the payment amount exceeds the encryption free amount; and carrying out payment processing under the condition that the payment amount does not exceed the encryption free amount. The embodiment carries out convenient payment based on the small-amount secret payment-free operation of the hardware wallet, and expands the application scene of digital currency.

Description

Payment method, device and system based on hardware wallet
Technical Field
The invention relates to the technical field of digital currency, in particular to a payment method, device and system based on a hardware wallet.
Background
The existing hardware wallet can be used only by binding identity information such as mobile phone numbers, but the use mode is inconvenient for users inconvenient to bind mobile phone numbers such as foreign people and old people who just enter the environment. This limits the application scenarios of the hardware wallet and thus the digital currency.
Disclosure of Invention
In view of the above, embodiments of the present invention provide a payment method, device and system based on a hardware wallet, which can perform small-amount secret-free payment based on a secret-free amount set by checking a payment password of an associated wallet bound to the hardware wallet, and when secret-free payment conditions are satisfied, no payment password is required to be input, thereby avoiding that when each payment is performed, the password is required to be input regardless of the size of the payment amount, and each payment may involve a plurality of passwords, resulting in the occurrence of a complex payment process, realizing convenient payment by performing small secret-free payment operation based on the hardware wallet, and expanding the application scenario of digital money.
To achieve the above object, according to an aspect of an embodiment of the present invention, there is provided a payment method based on a hardware wallet, the method being applied to a payer operation mechanism, the method including:
Receiving a secret-free payment request, the secret-free payment request comprising a payment wallet identification and a payment amount, wherein the payment wallet is a hardware wallet bound with an associated wallet, the associated wallet being a wallet associated with a user identity;
acquiring payment wallet information according to the payment wallet identification, wherein the payment wallet information comprises a password-free identification;
judging whether the payment wallet supports small-amount secret-free payment or not according to the secret-free identification;
acquiring a secret free amount of the payment wallet under the condition that the payment wallet supports small secret free payment;
judging whether the payment amount exceeds the encryption free amount;
and carrying out payment processing under the condition that the payment amount does not exceed the encryption free amount.
Optionally, the secure payment request further includes a first number of transactions; before acquiring the payment wallet information according to the payment wallet identification, the method further comprises: and carrying out first verification on the secret payment-free request according to the first transaction times.
Optionally, performing a first check on the secure payment request according to the first transaction number includes: judging whether the first transaction times are larger than the second transaction times of the payment wallet stored by the user; generating a decryption key according to the first transaction times and decrypting the encryption-free payment request by using the decryption key under the condition that the first transaction times are larger than the second transaction times; under the condition that decryption is successful, the first verification of the secret payment-free request is passed; and under the condition that the first transaction times are not greater than the second transaction times or decryption is unsuccessful, the first verification of the secret payment-free request is not passed.
Optionally, generating the decryption key according to the first number of transactions includes: and symmetrically encrypting the first transaction times and a wallet key generated when the payment wallet is opened to generate a decryption key.
Optionally, the method further comprises: after the payment process is completed, the second number of transactions is incremented.
Optionally, the secret payment-free request further includes a message authentication code generated from the payment information; after the first verification of the secure payment request passes and before the payment wallet information is obtained according to the payment wallet identification, the method further comprises: and carrying out second verification on the secret payment-free request according to the message authentication code.
Optionally, performing a second check on the secure payment request according to the message authentication code includes: obtaining payment information from the secret payment-free request; generating a first message authentication code according to the payment information; performing a second check on the non-secret payment request by comparing the first message authentication code with the message authentication code; if the comparison result is consistent, the second check passes, otherwise, the second check does not pass.
Optionally, the method further comprises: prompting a user to input a payment password under the condition that the payment wallet does not support small-amount secret-free payment or the payment amount exceeds the secret-free amount; and carrying out payment verification according to the payment password input by the user, and carrying out payment processing under the condition that the payment verification is passed.
Optionally, the payment wallet information includes a payment password mode of the payment wallet, the payment password mode being used to determine whether the payment wallet supports cryptographic multiplexing of an associated wallet; performing payment verification according to a payment password input by a user, including: under the condition that the payment wallet supports the password multiplexing of the associated wallet, the payment password of the associated wallet is obtained, and payment verification is carried out according to the payment password of the associated wallet and the payment password input by the user; and under the condition that the payment wallet does not support the password multiplexing of the associated wallet, acquiring the payment password of the payment wallet, and performing payment verification according to the payment password of the payment wallet and the payment password input by the user.
Optionally, the payment wallet information includes a payment password mode of the payment wallet, the payment password mode being used to determine whether the payment wallet supports cryptographic multiplexing of an associated wallet; the payment processing includes: acquiring a first balance of the payment wallet; judging whether the first balance is greater than or equal to the payment amount; if yes, deducting the payment amount from the first balance of the payment wallet, and enabling the payee operation mechanism to perform accounting processing on the payment wallet; otherwise, judging whether the payment wallet supports the password multiplexing of the associated wallet according to the payment password mode; if the password multiplexing of the associated wallet is supported, judging whether a payment password is input before; if yes, calculating the difference between the first balance and the payment amount, deducting the first balance from the payment wallet, deducting the difference from the second balance of the associated wallet, and enabling the payee operating mechanism to check in the payment wallet; otherwise, prompting the user to input a payment password and carrying out payment verification according to the payment password input by the user, under the condition that the payment verification is passed, calculating the difference between the first balance and the payment amount, deducting the first balance from the payment wallet, deducting the difference from the second balance of the associated wallet, and enabling the payee operating mechanism to carry out accounting processing on the payment wallet; otherwise, the payment fails.
Optionally, deducting the first balance from the payment wallet and, before deducting the difference from the second balance of the associated wallet, further comprises: confirming that the second balance of the associated wallet is greater than or equal to the balance; and, in the event that the second balance of the associated wallet is less than the balance, failing to pay.
Optionally, the secret free amount is set by checking a payment password of the associated wallet.
Optionally, the setting manner of the no-credit includes: setting by the payment wallet after verifying a payment password of the associated wallet and a payment password of the payment wallet; or, setting by the associated wallet after checking the payment password of the associated wallet and the payment password of the payment wallet; or, the associated wallet is set after checking the payment password of the payment wallet.
According to another aspect of an embodiment of the present invention, there is provided a payment device based on a hardware wallet, the device being applied to a payer operation mechanism, the device including:
a payment request receiving module, configured to receive a secret-free payment request, where the secret-free payment request includes a payment wallet identifier and a payment amount, where the payment wallet is a hardware wallet bound with an associated wallet, and the associated wallet is a wallet associated with a user identity;
The wallet information acquisition module is used for acquiring payment wallet information according to the payment wallet identification, wherein the payment wallet information comprises a password-free identification;
the encryption-free permission judging module is used for judging whether the payment wallet supports small-amount encryption-free payment according to the encryption-free identification;
the secret-free line acquiring module is used for acquiring the secret-free line of the payment wallet under the condition that the payment wallet supports small-amount secret-free payment;
the secret payment-free judging module is used for judging whether the payment amount exceeds the secret payment-free amount;
and the payment processing module is used for performing payment processing under the condition that the payment amount does not exceed the secret free limit.
According to still another aspect of the embodiment of the present invention, there is provided a payment method based on a hardware wallet, including:
the hardware wallet accepting terminal sends a payment instruction to a payment wallet, wherein the payment wallet is a hardware wallet bound with an associated wallet, and the associated wallet is a wallet associated with a user identity;
the payment wallet generates a payment message according to the payment instruction and sends the payment message to the acceptance terminal;
the acceptance terminal generates a secret-free payment request according to the payment message and sends the secret-free payment request, wherein the secret-free payment request comprises a payment wallet identifier, a collection wallet identifier and a payment amount;
The payer operation mechanism receives the secret-free payment request, and obtains payment wallet information according to the payment wallet identification, wherein the payment wallet information comprises the secret-free identification; judging whether the payment wallet supports small-amount secret-free payment or not according to the secret-free identification; acquiring a secret free amount of the payment wallet under the condition that the payment wallet supports small secret free payment; judging whether the payment amount exceeds the encryption free amount; carrying out payment processing under the condition that the payment amount does not exceed the encryption free amount; and returning a payment processing result.
Optionally, the secure payment request further includes a first number of transactions; the payment wallet further comprises, before generating a payment message according to the payment instruction: the payment wallet increases the first transaction times stored by the payment wallet according to the payment instruction, and then generates an encryption key according to the first transaction times, wherein the encryption key is used for encrypting payment information; and, before acquiring payment wallet information according to the payment wallet identification, the payment party operation mechanism further comprises: and the payer operation mechanism performs first verification on the secret payment-free request according to the first transaction times.
Optionally, the payment wallet generating an encryption key according to the first transaction number comprises: and the payment wallet symmetrically encrypts the first transaction times and a wallet key generated when the payment wallet is opened to generate an encryption key.
Optionally, the first verification of the secret payment request by the payer operator according to the first transaction number includes: the payer operating mechanism judges whether the first transaction times are larger than the second transaction times of the payment wallet stored by the payer operating mechanism; generating a decryption key according to the first transaction times and decrypting the encryption-free payment request by using the decryption key under the condition that the first transaction times are larger than the second transaction times; under the condition that decryption is successful, the first verification of the secret payment-free request is passed; and under the condition that the first transaction times are not greater than the second transaction times or decryption is unsuccessful, the first verification of the secret payment-free request is not passed.
Optionally, the generating, by the payer operator, a decryption key according to the first number of transactions includes: and the payer operation mechanism symmetrically encrypts the first transaction times and a wallet key generated when the payment wallet is opened to generate a decryption key.
Optionally, the method further comprises: the payer operator increments the second transaction number after the payment process is completed.
Optionally, the secret payment-free request further includes a message authentication code generated from the payment information; the payment wallet further comprises, before generating a payment message according to the payment instruction: the payment wallet organizes the payment information according to the payment instruction and generates the message authentication code according to the payment information; the payer operator, after the first verification of the secure payment request passes and before obtaining payment wallet information from the payment wallet identifier, further comprises: and the payer operation mechanism performs second verification on the secret payment-free request according to the message authentication code.
Optionally, the payer operator performs a second check on the secret payment request according to the message authentication code, including: the payer operation mechanism obtains payment information from the secret payment-free request; generating a first message authentication code according to the payment information; performing a second check on the non-secret payment request by comparing the first message authentication code with the message authentication code; if the comparison result is consistent, the second check passes, otherwise, the second check does not pass.
Optionally, the method further comprises: and under the condition that the payment wallet does not support small-amount secret-free payment or the payment amount exceeds the secret-free amount, the payer operating mechanism prompts the user to input a payment password, performs payment verification according to the payment password input by the user, and performs payment processing under the condition that the payment verification is passed.
Optionally, the payment wallet information includes a payment password mode of the payment wallet, the payment password mode being used to determine whether the payment wallet supports cryptographic multiplexing of an associated wallet; the payment verification is carried out by the payer operation mechanism according to the payment password input by the user, and the payment verification comprises the following steps: under the condition that the payment wallet supports the password multiplexing of the associated wallet, the payer operation mechanism acquires the payment password of the associated wallet, and performs payment verification according to the payment password of the associated wallet and the payment password input by the user; and under the condition that the payment wallet does not support the password multiplexing of the associated wallet, the payer operation mechanism acquires the payment password of the payment wallet, and performs payment verification according to the payment password of the payment wallet and the payment password input by the user.
Optionally, the payment wallet information includes a payment password mode of the payment wallet, the payment password mode being used to determine whether the payment wallet supports cryptographic multiplexing of an associated wallet; the payment processing by the payer operator comprises: the payer operating mechanism obtains a first balance of the payment wallet; judging whether the first balance is greater than or equal to the payment amount; if yes, deducting the payment amount from the first balance of the payment wallet, and enabling the payee operation mechanism to perform accounting processing on the payment wallet; otherwise, judging whether the payment wallet supports the password multiplexing of the associated wallet according to the payment password mode; if the password multiplexing of the associated wallet is supported, judging whether a payment password is input before; if yes, calculating the difference between the first balance and the payment amount, deducting the first balance from the payment wallet, deducting the difference from the second balance of the associated wallet, and enabling the payee operating mechanism to check in the payment wallet; otherwise, prompting the user to input a payment password and carrying out payment verification according to the payment password input by the user, under the condition that the payment verification is passed, calculating the difference between the first balance and the payment amount, deducting the first balance from the payment wallet, deducting the difference from the second balance of the associated wallet, and enabling the payee operating mechanism to carry out accounting processing on the payment wallet; otherwise, the payment fails.
Optionally, the payer operator further comprises, before deducting the first balance from the payment wallet and the difference from the second balance of the associated wallet: the payer operating mechanism confirms that the second balance of the associated wallet is greater than or equal to the balance; and, in the event that the second balance of the associated wallet is less than the balance, failing to pay.
Optionally, the secret free amount is set by checking a payment password of the associated wallet.
Optionally, the setting manner of the no-credit includes: setting by the payment wallet after verifying a payment password of the associated wallet and a payment password of the payment wallet; or, setting by the associated wallet after checking the payment password of the associated wallet and the payment password of the payment wallet; or, the associated wallet is set after checking the payment password of the payment wallet.
Optionally, in the case that the payer operation mechanism corresponding to the payment wallet and the payee operation mechanism corresponding to the payment wallet are different mechanisms, the sending, by the acceptance terminal, the secret payment-free request includes: the acceptance terminal sends the secret payment-free request to the payee operation mechanism; the payer operator receiving the secure payment-free request includes: the payer operator receives the secure payment-free request sent by the payee operator; the payment processing result returned by the payer operation mechanism comprises: the payer operation mechanism returns the payment processing result to the payee operation mechanism; and after the payer operation mechanism returns the payment processing result, the method further comprises: and the payee operation mechanism carries out accounting processing on the wallet according to the payment processing result and returns the accounting processing result to the acceptance terminal.
Optionally, if the payment processing result is that the payment of the payer operation mechanism is successful, the payee operation mechanism performs accounting processing on the wallet according to the payment processing result, including: the payee operation mechanism performs accounting processing on the wallet; if the payment processing result is that the payment of the payer operation mechanism fails, the payee operation mechanism carries out accounting processing on a wallet according to the payment processing result, and the accounting processing comprises the following steps: the payee operator does not conduct any accounting on the payee wallet.
Optionally, before the accepting terminal generates the secret payment-free request according to the payment message, the accepting terminal further includes: the acceptance terminal checks the payment message, and confirms that the payment message comprises a secret-free mark, wherein the secret-free mark is used for marking that the payment message can be used for generating a secret-free payment request; and under the condition that the payment message does not comprise the secret mark, the payment message cannot be used for generating a secret-free payment request, prompting a user to input a payment password, and generating a non-secret-free payment request according to the payment password input by the user and the payment message.
According to yet another aspect of an embodiment of the present invention, there is provided a hardware wallet-based payment system including:
the hardware wallet accepting terminal is used for: sending payment instructions to a payment wallet, the payment wallet being a hardware wallet that has an associated wallet bound thereto, the associated wallet being a wallet associated with a user identity; generating a secret-free payment request according to a payment message, and sending the secret-free payment request, wherein the secret-free payment request comprises a payment wallet identifier, a collection wallet identifier and a payment amount;
a payment wallet for: generating a payment message according to the payment instruction, and sending the payment message to the acceptance terminal;
a payer operator for: receiving the secret-free payment request, and acquiring payment wallet information according to the payment wallet identification, wherein the payment wallet information comprises the secret-free identification; judging whether the payment wallet supports small-amount secret-free payment or not according to the secret-free identification; acquiring a secret free amount of the payment wallet under the condition that the payment wallet supports small secret free payment; judging whether the payment amount exceeds the encryption free amount; carrying out payment processing under the condition that the payment amount does not exceed the encryption free amount; and returning a payment processing result.
Optionally, in the case that the payer operation mechanism corresponding to the payment wallet and the payee operation mechanism corresponding to the payee wallet are different mechanisms, the system further includes a payee operation mechanism, and the acceptance terminal is further configured to: sending the secret payment-free request to the payee operating mechanism; the payer operator is further configured to: receiving the secure payment-free request sent by the payee operator entity; and returning the payment processing result to the payee operation mechanism; the payee operating mechanism is used for: and carrying out accounting processing on the wallet according to the payment processing result and returning the accounting processing result to the acceptance terminal.
According to yet another aspect of an embodiment of the present invention, there is provided a payment electronic device based on a hardware wallet, including: one or more processors; and the storage device is used for storing one or more programs, and when the one or more programs are executed by the one or more processors, the one or more processors are enabled to realize the payment method based on the hardware wallet provided by the embodiment of the invention.
According to yet another aspect of the embodiments of the present invention, there is provided a computer readable medium having stored thereon a computer program which, when executed by a processor, implements the hardware wallet-based payment method provided by the embodiments of the present invention.
One embodiment of the above invention has the following advantages or benefits: by receiving a no-secret payment request, the no-secret payment request including a payment wallet identification and a payment amount; acquiring payment wallet information according to the payment wallet identification, wherein the payment wallet information comprises a password-free identification; judging whether the payment wallet supports small-amount secret-free payment according to the secret-free identification; under the condition that the payment wallet supports small-amount secret-free payment, obtaining the secret-free amount of the payment wallet; judging whether the payment amount exceeds the encryption free amount; under the condition that the payment amount does not exceed the secret-free amount, the technical scheme of payment processing is carried out, the secret-free payment is carried out on the small amount based on the secret-free amount set on the basis of the payment password verification of the associated wallet bound to the hardware wallet, and the payment password is not required to be input when secret-free payment conditions are met, so that the situation that a plurality of passwords are required to be input no matter how large the payment amount is, and a plurality of passwords are possibly involved in each payment, and the situation that the payment flow is complex is caused is avoided, the portable payment is carried out on the basis of the secret-free payment operation of the small amount of the hardware wallet, and the application scene of digital currency is expanded.
Further effects of the above-described non-conventional alternatives are described below in connection with the embodiments.
Drawings
The drawings are included to provide a better understanding of the invention and are not to be construed as unduly limiting the invention. Wherein:
fig. 1 is a schematic diagram of the main steps of a hardware wallet based payment method according to a first embodiment of the invention;
FIG. 2 is a schematic diagram of the main steps of a hardware wallet based payment method according to a second embodiment of the invention;
FIG. 3 is a schematic diagram of a hardware wallet-based payment flow of a third embodiment of the invention;
FIG. 4 is a schematic diagram of a process flow of a payment-free request by a payer operator according to a third embodiment of the present invention;
FIG. 5 is a schematic diagram of a hardware wallet-based payment flow of a fourth embodiment of the invention;
fig. 6 is a schematic diagram of main modules of a hardware wallet-based payment apparatus according to a fifth embodiment of the invention;
fig. 7 is a schematic diagram of the main constituent parts of a hardware wallet-based payment system according to a sixth embodiment of the invention;
FIG. 8 is an exemplary system architecture diagram in which embodiments of the present invention may be applied;
fig. 9 is a schematic diagram of a computer system suitable for use in implementing an embodiment of the invention.
Detailed Description
Exemplary embodiments of the present invention will now be described with reference to the accompanying drawings, in which various details of the embodiments of the present invention are included to facilitate understanding, and are to be considered merely exemplary. Accordingly, those of ordinary skill in the art will recognize that various changes and modifications of the embodiments described herein can be made without departing from the scope and spirit of the invention. Also, descriptions of well-known functions and constructions are omitted in the following description for clarity and conciseness.
The embodiment of the invention provides a scheme about a hardware wallet, wherein the hardware wallet in the embodiment of the invention refers to the hardware wallet which is not associated with the identity of a user during issuing and is only associated with a public account of an issuing institution. It has a unique hardware wallet number, a hardware wallet that stores digital identity credentials in the form of a secure chip, and a coin string in the back-office system.
After the hardware wallet in the embodiment of the invention is released, the hardware wallet can be bound with the personal wallet according to the selection of a user, and the bound hardware wallet is managed through the personal wallet. After the hardware wallet in the embodiment of the invention is associated and bound with the personal wallet, a password is required to be input no matter the payment amount, and a plurality of passwords are possibly involved in each payment, so that the condition of complex payment flow exists, and the application scene of digital currency is severely limited. In order to solve the technical problems in the prior art, the invention provides a payment method, a device and a system based on a hardware wallet, which have the following implementation principle: the hardware wallet receiving terminal POS machine of the payee sends a payment instruction to the hardware wallet, wherein the hardware wallet is provided with a bound associated wallet, the associated wallet is normally issued and is associated with the identity of a user, and can be a soft wallet or a hardware wallet, the hardware wallet forms a payment message and returns the payment message to the payee operation mechanism, the payee operation mechanism confirms the payer operation mechanism according to the payment message and sends the payment request to the payer operation mechanism, after the payer operation mechanism verifies information, the payee operation mechanism judges whether the payment amount is smaller than the payment limit set after the payment password of the associated wallet is verified, deduction processing is carried out after the verification is passed, and a deduction success message is sent to the payee operation mechanism, the payee operation mechanism carries out account checking processing on the wallet, returns the result to the payee operation mechanism, and the payee operation mechanism receives the result and displays the result of the payee operation terminal. Therefore, the small-amount secret-free payment can be performed based on the secret-free amount set by the secret-free payment password verification of the associated wallet bound to the hardware wallet, and the secret-free payment condition is met without inputting a payment password, so that the situation that the password is required to be input no matter how large the payment amount is, a plurality of passwords are possibly involved in each payment, and the complex payment flow is caused is avoided, the convenient payment is performed based on the small-amount secret-free payment operation of the hardware wallet, and the application scene of digital currency is expanded.
Fig. 1 is a schematic diagram of the main steps of a hardware wallet-based payment method according to a first embodiment of the invention. As shown in fig. 1, the payment method based on the hardware wallet of the first embodiment of the present invention is applied to a payer operation mechanism, and mainly includes the following steps:
step S101: receiving a secret-free payment request, the secret-free payment request comprising a payment wallet identification and a payment amount, wherein the payment wallet is a hardware wallet bound with an associated wallet, the associated wallet being a wallet associated with a user identity;
step S102: acquiring payment wallet information according to the payment wallet identification, wherein the payment wallet information comprises a password-free identification;
step S103: judging whether the payment wallet supports small-amount secret-free payment or not according to the secret-free identification;
step S104: acquiring a secret free amount of the payment wallet under the condition that the payment wallet supports small secret free payment;
step S105: judging whether the payment amount exceeds the encryption free amount;
step S106: and carrying out payment processing under the condition that the payment amount does not exceed the encryption free amount.
According to the technical scheme of the invention, the associated wallet can be a soft wallet or a hardware wallet. The soft wallet refers to digital currency APP running on a terminal, such as digital RMB APP, digital Euro APP and the like.
According to one embodiment of the present invention, the secure payment request further includes a first number of transactions; and before acquiring the payment wallet information according to the payment wallet identification, further comprising: and carrying out first verification on the secret payment-free request according to the first transaction times.
According to another embodiment of the present invention, performing a first check on the secure payment request according to the first number of transactions includes: judging whether the first transaction times are larger than the second transaction times of the payment wallet stored by the user; generating a decryption key according to the first transaction times and decrypting the encryption-free payment request by using the decryption key under the condition that the first transaction times are larger than the second transaction times; under the condition that decryption is successful, the first verification of the secret payment-free request is passed; and under the condition that the first transaction times are not greater than the second transaction times or decryption is unsuccessful, the first verification of the secret payment-free request is not passed.
According to yet another embodiment of the present invention, generating a decryption key from the first number of transactions includes: and symmetrically encrypting the first transaction times and a wallet key generated when the payment wallet is opened to generate a decryption key.
According to a further embodiment of the invention, the method further comprises: after the payment process is completed, the second number of transactions is incremented.
According to a further embodiment of the invention, the secure payment request further comprises a message authentication code generated from the payment information; after the first verification of the secure payment request passes and before the payment wallet information is obtained according to the payment wallet identification, the method further comprises: and carrying out second verification on the secret payment-free request according to the message authentication code.
According to yet another embodiment of the present invention, performing a second check on the secure payment request according to the message authentication code comprises: obtaining payment information from the secret payment-free request; generating a first message authentication code according to the payment information; performing a second check on the non-secret payment request by comparing the first message authentication code with the message authentication code; if the comparison result is consistent, the second check passes, otherwise, the second check does not pass.
According to a further embodiment of the invention, the method further comprises: prompting a user to input a payment password under the condition that the payment wallet does not support small-amount secret-free payment or the payment amount exceeds the secret-free amount; and carrying out payment verification according to the payment password input by the user, and carrying out payment processing under the condition that the payment verification is passed.
According to yet another embodiment of the invention, the payment wallet information includes a payment password pattern of the payment wallet for determining whether the payment wallet supports cryptographic multiplexing of an associated wallet. Performing payment verification according to a payment password input by a user, including: under the condition that the payment wallet supports the password multiplexing of the associated wallet, the payment password of the associated wallet is obtained, and payment verification is carried out according to the payment password of the associated wallet and the payment password input by the user; and under the condition that the payment wallet does not support the password multiplexing of the associated wallet, acquiring the payment password of the payment wallet, and performing payment verification according to the payment password of the payment wallet and the payment password input by the user.
According to yet another embodiment of the invention, the payment wallet information includes a payment password pattern of the payment wallet for determining whether the payment wallet supports cryptographic multiplexing of an associated wallet. And, the payment processing includes: acquiring a first balance of the payment wallet; judging whether the first balance is greater than or equal to the payment amount; if yes, deducting the payment amount from the first balance of the payment wallet, and enabling the payee operation mechanism to perform accounting processing on the payment wallet; otherwise, judging whether the payment wallet supports the password multiplexing of the associated wallet according to the payment password mode; if the password multiplexing of the associated wallet is supported, judging whether a payment password is input before; if yes, calculating the difference between the first balance and the payment amount, deducting the first balance from the payment wallet, deducting the difference from the second balance of the associated wallet, and enabling the payee operating mechanism to check in the payment wallet; otherwise, prompting the user to input a payment password and carrying out payment verification according to the payment password input by the user, under the condition that the payment verification is passed, calculating the difference between the first balance and the payment amount, deducting the first balance from the payment wallet, deducting the difference from the second balance of the associated wallet, and enabling the payee operating mechanism to carry out accounting processing on the payment wallet; otherwise, the payment fails.
According to yet another embodiment of the present invention, deducting the first balance from the payment wallet and prior to deducting the differential from the second balance of the associated wallet, further comprises: confirming that the second balance of the associated wallet is greater than or equal to the balance; and, in the event that the second balance of the associated wallet is less than the balance, failing to pay.
According to a further embodiment of the invention, the no-secret credit is set by checking a payment password of the associated wallet. The setting mode of the no-secret credit comprises the following steps: setting by the payment wallet after verifying a payment password of the associated wallet and a payment password of the payment wallet; or, setting by the associated wallet after checking the payment password of the associated wallet and the payment password of the payment wallet; or, the associated wallet is set after checking the payment password of the payment wallet.
According to the technical scheme of the embodiment of the invention, the secret payment-free request is received, and comprises a payment wallet identifier and a payment amount; acquiring payment wallet information according to the payment wallet identification, wherein the payment wallet information comprises a password-free identification; judging whether the payment wallet supports small-amount secret-free payment according to the secret-free identification; under the condition that the payment wallet supports small-amount secret-free payment, obtaining the secret-free amount of the payment wallet; judging whether the payment amount exceeds the encryption free amount; under the condition that the payment amount does not exceed the secret-free amount, the technical scheme of payment processing is carried out, the secret-free payment is carried out on the small amount based on the secret-free amount set on the basis of the payment password verification of the associated wallet bound to the hardware wallet, and the payment password is not required to be input when secret-free payment conditions are met, so that the situation that a plurality of passwords are required to be input no matter how large the payment amount is, and a plurality of passwords are possibly involved in each payment, and the situation that the payment flow is complex is caused is avoided, the portable payment is carried out on the basis of the secret-free payment operation of the small amount of the hardware wallet, and the application scene of digital currency is expanded.
Fig. 2 is a schematic diagram of the main steps of a hardware wallet-based payment method according to a second embodiment of the invention. As shown in fig. 2, the hardware wallet-based payment method according to the second embodiment of the present invention mainly includes the steps of:
step S201: the hardware wallet accepting terminal sends a payment instruction to a payment wallet, wherein the payment wallet is a hardware wallet bound with an associated wallet, and the associated wallet is a wallet associated with a user identity;
step S202: the payment wallet generates a payment message according to the payment instruction and sends the payment message to the acceptance terminal;
step S203: the acceptance terminal generates a secret-free payment request according to the payment message and sends the secret-free payment request, wherein the secret-free payment request comprises a payment wallet identifier, a collection wallet identifier and a payment amount;
step S204: the payer operation mechanism receives the secret-free payment request, and obtains payment wallet information according to the payment wallet identification, wherein the payment wallet information comprises the secret-free identification; judging whether the payment wallet supports small-amount secret-free payment or not according to the secret-free identification; acquiring a secret free amount of the payment wallet under the condition that the payment wallet supports small secret free payment; judging whether the payment amount exceeds the encryption free amount; carrying out payment processing under the condition that the payment amount does not exceed the encryption free amount; and returning a payment processing result.
According to one embodiment of the present invention, the secure payment request further includes a first number of transactions; and, before generating a payment message according to the payment instruction, the payment wallet further comprises: the payment wallet increases the first transaction times stored by the payment wallet according to the payment instruction, and then generates an encryption key according to the first transaction times, wherein the encryption key is used for encrypting payment information; and, before acquiring payment wallet information according to the payment wallet identification, the payment party operation mechanism further comprises: and the payer operation mechanism performs first verification on the secret payment-free request according to the first transaction times.
According to another embodiment of the invention, the payment wallet generating an encryption key from the first transaction number comprises: and the payment wallet symmetrically encrypts the first transaction times and a wallet key generated when the payment wallet is opened to generate an encryption key.
According to yet another embodiment of the present invention, the first check of the secure payment request by the payer operator according to the first number of transactions includes: the payer operating mechanism judges whether the first transaction times are larger than the second transaction times of the payment wallet stored by the payer operating mechanism; generating a decryption key according to the first transaction times and decrypting the encryption-free payment request by using the decryption key under the condition that the first transaction times are larger than the second transaction times; under the condition that decryption is successful, the first verification of the secret payment-free request is passed; and under the condition that the first transaction times are not greater than the second transaction times or decryption is unsuccessful, the first verification of the secret payment-free request is not passed.
According to yet another embodiment of the present invention, the payer operator generating a decryption key according to the first number of transactions includes: and the payer operation mechanism symmetrically encrypts the first transaction times and a wallet key generated when the payment wallet is opened to generate a decryption key.
According to a further embodiment of the invention, the method further comprises: the payer operator increments the second transaction number after the payment process is completed.
According to a further embodiment of the invention, the secure payment request further comprises a message authentication code generated from the payment information; and, before generating a payment message according to the payment instruction, the payment wallet further comprises: the payment wallet organizes the payment information according to the payment instruction and generates the message authentication code according to the payment information; the payer operator, after the first verification of the secure payment request passes and before obtaining payment wallet information from the payment wallet identifier, further comprises: and the payer operation mechanism performs second verification on the secret payment-free request according to the message authentication code.
According to yet another embodiment of the present invention, the payer operator performs a second check on the secret payment request according to the message authentication code, including: the payer operation mechanism obtains payment information from the secret payment-free request; generating a first message authentication code according to the payment information; performing a second check on the non-secret payment request by comparing the first message authentication code with the message authentication code; if the comparison result is consistent, the second check passes, otherwise, the second check does not pass.
According to a further embodiment of the invention, the method further comprises: and under the condition that the payment wallet does not support small-amount secret-free payment or the payment amount exceeds the secret-free amount, the payer operating mechanism prompts the user to input a payment password, performs payment verification according to the payment password input by the user, and performs payment processing under the condition that the payment verification is passed.
According to yet another embodiment of the present invention, the payment wallet information includes a payment password pattern of the payment wallet for determining whether the payment wallet supports cryptographic multiplexing of an associated wallet; and, the payment party operation mechanism carries out payment verification according to the payment password input by the user, and the payment party operation mechanism comprises: under the condition that the payment wallet supports the password multiplexing of the associated wallet, the payer operation mechanism acquires the payment password of the associated wallet, and performs payment verification according to the payment password of the associated wallet and the payment password input by the user; and under the condition that the payment wallet does not support the password multiplexing of the associated wallet, the payer operation mechanism acquires the payment password of the payment wallet, and performs payment verification according to the payment password of the payment wallet and the payment password input by the user.
According to yet another embodiment of the present invention, the payment wallet information includes a payment password pattern of the payment wallet for determining whether the payment wallet supports cryptographic multiplexing of an associated wallet; and, the payment processing by the payer operating mechanism includes: the payer operating mechanism obtains a first balance of the payment wallet; judging whether the first balance is greater than or equal to the payment amount; if yes, deducting the payment amount from the first balance of the payment wallet, and enabling the payee operation mechanism to perform accounting processing on the payment wallet; otherwise, judging whether the payment wallet supports the password multiplexing of the associated wallet according to the payment password mode; if the password multiplexing of the associated wallet is supported, judging whether a payment password is input before; if yes, calculating the difference between the first balance and the payment amount, deducting the first balance from the payment wallet, deducting the difference from the second balance of the associated wallet, and enabling the payee operating mechanism to check in the payment wallet; otherwise, prompting the user to input a payment password and carrying out payment verification according to the payment password input by the user, under the condition that the payment verification is passed, calculating the difference between the first balance and the payment amount, deducting the first balance from the payment wallet, deducting the difference from the second balance of the associated wallet, and enabling the payee operating mechanism to carry out accounting processing on the payment wallet; otherwise, the payment fails.
According to yet another embodiment of the invention, the payer operator, before deducting the first balance from the payment wallet and deducting the difference from the second balance of the associated wallet, further comprises: the payer operating mechanism confirms that the second balance of the associated wallet is greater than or equal to the balance; and, in the event that the second balance of the associated wallet is less than the balance, failing to pay.
According to a further embodiment of the invention, the no-credit is set by checking a payment password of the associated wallet. The setting mode of the no-secret credit comprises the following steps: setting by the payment wallet after verifying a payment password of the associated wallet and a payment password of the payment wallet; or, setting by the associated wallet after checking the payment password of the associated wallet and the payment password of the payment wallet; or, the associated wallet is set after checking the payment password of the payment wallet.
According to still another embodiment of the present invention, in a case where the payer operation mechanism corresponding to the payment wallet and the payee operation mechanism corresponding to the payee wallet are different mechanisms, the accepting terminal transmitting the secret payment-free request includes: the acceptance terminal sends the secret payment-free request to the payee operation mechanism; the payer operator receiving the secure payment-free request includes: the payer operator receives the secure payment-free request sent by the payee operator; the payment processing result returned by the payer operation mechanism comprises: the payer operation mechanism returns the payment processing result to the payee operation mechanism; and after the payer operation mechanism returns the payment processing result, the method further comprises: and the payee operation mechanism carries out accounting processing on the wallet according to the payment processing result and returns the accounting processing result to the acceptance terminal.
According to still another embodiment of the present invention, if the payment processing result is that the payment is successfully deducted by the payer operator, the payee operator performs accounting processing on a wallet according to the payment processing result, including: the payee operation mechanism performs accounting processing on the wallet; if the payment processing result is that the payment of the payer operation mechanism fails, the payee operation mechanism carries out accounting processing on a wallet according to the payment processing result, and the accounting processing comprises the following steps: the payee operator does not conduct any accounting on the payee wallet.
According to still another embodiment of the present invention, before the accepting terminal generates the secret payment request according to the payment packet, the accepting terminal further includes: the acceptance terminal checks the payment message, and confirms that the payment message comprises a secret-free mark, wherein the secret-free mark is used for marking that the payment message can be used for generating a secret-free payment request; and under the condition that the payment message does not comprise the secret mark, the payment message cannot be used for generating a secret-free payment request, prompting a user to input a payment password, and generating a non-secret-free payment request according to the payment password input by the user and the payment message.
Fig. 3 is a schematic diagram of a payment flow based on a hardware wallet according to a third embodiment of the invention. In this embodiment, the payee operator corresponding to the collection wallet and the payer operator corresponding to the payment wallet are different authorities. As shown in fig. 3, the payment process according to the third embodiment of the present invention mainly includes the following steps:
step 1: the method comprises the steps that a receiving terminal of a hardware wallet (such as a POS machine of a payee) sends a payment instruction to a payment wallet (the hardware wallet), wherein the payment instruction comprises payment amount information; the payment instruction may be sent after the acceptance terminal and the payment wallet establish network connection based on near field communication modes such as NFC and Bluetooth or other network connection modes, or may be sent after the acceptance terminal obtains payment wallet information through scanning after a two-dimensional code is displayed by a SIM card/SE card/IC card carrying the payment wallet;
step 2: after receiving the payment instruction, the payment wallet increments a transaction counter (used for recording the transaction number of the payment wallet and increasing with the transaction number), generates an encryption key of a session, a transaction index (transaction ID (used for uniquely identifying one transaction and randomly generated), acquires information such as a payment wallet identifier, a collection wallet identifier, a payment amount, a password-free mark (used for identifying that the payment is password-free, for example, the password-free mark can be realized by using a password-free switch value), and organizes the value (transaction number) of the transaction counter, the transaction index, the payment wallet identifier, the collection wallet identifier, the payment amount, the password-free mark and the like into payment information; then, according to the payment information, calculating a message authentication code MAC (hash function with a secret key, a verification mechanism used by both communication entities in cryptography, a tool for guaranteeing the integrity of message data); and finally, encrypting the payment information and the message authentication code MAC by using an encryption key to form a ciphertext, and taking the value of a transaction counter (the number of transactions), the payment wallet identification and the password-free mark as plaintext to form a payment message. The encryption key is a dynamic key generated by symmetrically encrypting according to the value (the number of transactions) of the transaction counter and a wallet key generated when the payment wallet is opened;
Step 3: the payment wallet returns the payment message generated in the second step to the acceptance terminal;
step 4: and the acceptance terminal generates a payment request according to the received payment message and sends the payment request to the payee operation mechanism. Before the acceptance terminal generates the payment request from the payment message, whether the payment message contains the secret-free mark is judged whether to generate the secret-free payment request or not. If the payment message contains the encryption-free mark, generating an encryption-free payment request directly according to the payment message; otherwise, prompting the user to input a payment password, and generating a non-password-free payment request according to the payment password and the payment message input by the user. In the embodiment of the invention, how to carry out subsequent processing on the secret payment-free request is mainly described;
step 5: the payee operator determines the payer operator from the payment wallet identification in the payment request, where the payer operator is different from the payee operator. In this step, format conversion may be further performed on the payment request to convert the payment request sent by the acceptance terminal into a payment request conforming to the format of the request message between the operators, where the content of the payment message included in the payment request is unchanged, so that operations such as format adjustment or message encapsulation performed on the payment request may be omitted. In addition, when a payment request is transferred from one execution subject to another execution subject (for example, from a receiving terminal to a receiving party operation mechanism), encryption and decryption operations can be performed, but the operation is not highly relevant to the technical proposal of the invention, so the operation can be omitted here;
Step 6: the payee operation mechanism sends the payment request to an interconnection platform, wherein the interconnection platform is a public platform which can perform data interaction with different currency operation mechanisms in the currency circulation process;
step 7: the interconnection platform forwards the payment request to a payer operation mechanism;
step 8: after receiving the payment request, the payer operation mechanism firstly obtains the value (transaction times) of a transaction counter in the payment request, and generates a decryption password according to the value (transaction times) of the transaction counter to decrypt the payment request; then verifying whether the value of the transaction counter is larger than the value of the transaction counter at the payer operation mechanism end, whether the MAC is correct, the balance of the payment wallet and the like;
step 9: for the secret-free payment request, firstly checking whether a payment wallet supports small secret-free payment or not by a payer operation mechanism, and if so, checking whether the payment amount is smaller than the secret-free amount or not; if the verification is not greater than the secret free limit, checking is passed; if the password is greater than the password-free limit, returning to the acceptance terminal to prompt the user to input the payment password, checking after receiving the payment password sent again in the mode from the step 4 to the step 8, and executing the step 10 after the check is passed;
Step 10: after the check is passed, the payer operation mechanism carries out deduction and accounting treatment. If the payment amount does not exceed the balance of the payment wallet, directly deducting money from the payment wallet; if the payment amount exceeds the balance of the payment wallet, acquiring a payment password mode of the payment wallet to judge whether the payment wallet supports payment password multiplexing of the associated wallet; if the payment password is supported, the payment balance part is directly deducted from the associated wallet under the condition that the user inputs the payment password before, if the payment password is not input before, the payer operating mechanism feeds back information to the acceptance terminal, the acceptance terminal sends the payment password to the payer operating mechanism for verification after prompting the user to input the payment password, and the payment balance part is deducted from the associated wallet after the verification is passed; otherwise, the payment fails;
step 11: the payment party operation mechanism sends a payment processing result to the interconnection platform, wherein the payment processing result comprises a payment deduction success and a payment failure;
step 12: the interconnection and interworking platform forwards the payment processing result to the payee operation mechanism;
step 13: after receiving the payment processing result, the payee operating mechanism performs account deposit and accounting processing on the wallet if the payment processing result is that the deduction is successful, and then step 14 is executed; otherwise, directly executing the step 14;
Step 14: the operation mechanism of the payee returns a payment processing result to the acceptance terminal;
step 15: and the acceptance terminal displays the payment processing result to the user.
Fig. 4 is a schematic flow chart of a processing procedure of a payment-free request by a payer operator according to a third embodiment of the present invention. As shown in fig. 4, a specific implementation flow of the payer operator is shown in steps 8 to 10 in fig. 3. After receiving the payment-free request, the payer operator will perform the following steps:
step S401: judging whether the payment wallet supports small-amount secret payment, if so, executing a step S402, otherwise, executing a step S403;
step S402: obtaining the free credit of the payment wallet, and executing step S404;
step S403: the user is prompted to input a payment password and perform authentication, and step S405 is performed. When verifying the payment password input by the user, if the payment wallet supports password multiplexing, the payment password of the associated wallet which is stored in the background and is bound with the payment wallet is used for verification, otherwise, the payment password of the payment wallet which is stored in the background is directly used for verification;
step S404: judging whether the payment amount in the secret free payment request is greater than the secret free amount, if so, executing the step S403, otherwise, executing the step S406;
Step S405: judging whether the verification is passed, if so, executing step S406, otherwise, executing step S417;
step S406: acquiring a first balance of the payment wallet, and then executing step S407;
step S407: judging whether the first balance is greater than or equal to the payment amount, if so, executing step S415, otherwise, executing step S408;
step S408: judging whether the payment wallet supports the password multiplexing of the associated wallet according to the payment password mode of the payment wallet, if so, executing step S409, otherwise, executing step S417;
step S409: judging whether a payment password is input before, if so, executing a step S410, otherwise, executing a step S411;
step S410: acquiring a second balance of the associated wallet, calculating a difference between the first balance and the payment amount, and then executing step S413;
step S411: the user is prompted to input a payment password and perform authentication, and step S412 is performed. In the step, the payment password of the associated wallet is directly used for verification;
step S412: judging whether the verification is passed, if so, executing step S410, otherwise, executing step S417;
step S413: judging whether the second balance is greater than or equal to the balance, if so, executing step S414, otherwise, executing step S417;
Step S414: deducting the first balance from the payment wallet, deducting the balance from the second balance of the associated wallet, and then performing step S416;
step S415: deducting the payment amount from the first balance of the payment wallet;
step S416: the deduction is successful.
Step S417: the payment fails.
Fig. 5 is a schematic diagram of a payment flow based on a hardware wallet according to a fourth embodiment of the invention. In this embodiment, the payer operator corresponding to the payment wallet is the same as the payee operator corresponding to the payment wallet, so the wallet operator in this embodiment is represented using the payee/payer operator. As shown in fig. 5, the payment procedure of the fourth embodiment of the present invention mainly includes the following steps:
step 1: the method comprises the steps that a receiving terminal of a hardware wallet (such as a POS machine of a payee) sends a payment instruction to a payment wallet (the hardware wallet), wherein the payment instruction comprises payment amount information; the payment instruction may be sent after the acceptance terminal and the payment wallet establish network connection based on near field communication modes such as NFC and Bluetooth or other network connection modes, or may be sent after the acceptance terminal obtains payment wallet information through scanning after a two-dimensional code is displayed by a SIM card/SE card/IC card carrying the payment wallet;
Step 2: after receiving the payment instruction, the payment wallet increments a transaction counter (used for recording the transaction number of the payment wallet and increasing with the transaction number), generates an encryption key of a session, a transaction index (transaction ID (used for uniquely identifying one transaction and randomly generated), acquires information such as a payment wallet identifier, a collection wallet identifier, a payment amount, a password-free mark (used for identifying that the payment is password-free, for example, the password-free mark can be realized by using a password-free switch value), and organizes the value (transaction number) of the transaction counter, the transaction index, the payment wallet identifier, the collection wallet identifier, the payment amount, the password-free mark and the like into payment information; then, according to the payment information, calculating a message authentication code MAC (hash function with a secret key, a verification mechanism used by both communication entities in cryptography, a tool for guaranteeing the integrity of message data); and finally, encrypting the payment information and the message authentication code MAC by using an encryption key to form a ciphertext, and taking the value of a transaction counter (the number of transactions), the payment wallet identification and the password-free mark as plaintext to form a payment message. The encryption key is a dynamic key generated by symmetrically encrypting according to the value (the number of transactions) of the transaction counter and a wallet key generated when the payment wallet is opened;
Step 3: the payment wallet returns the payment message generated in the second step to the acceptance terminal;
step 4: and the acceptance terminal generates a payment request according to the received payment message and sends the payment request to the payee operation mechanism. Before the acceptance terminal generates the payment request from the payment message, whether the payment message contains the secret-free mark is judged whether to generate the secret-free payment request or not. If the payment message contains the encryption-free mark, generating an encryption-free payment request directly according to the payment message; otherwise, prompting the user to input a payment password, and generating a non-password-free payment request according to the payment password and the payment message input by the user. In the embodiment of the invention, how to carry out subsequent processing on the secret payment-free request is mainly described;
step 5: the receiving/paying side operation mechanism determines that the paying side operation mechanism is the same as the paying side operation mechanism according to the paying wallet identification in the payment request, so that the paying side operation mechanism is the paying side operation mechanism. In this step, when the payment request is transferred from one execution subject to another execution subject (for example, from the reception terminal to the receiver operation mechanism), encryption, decryption, etc. can be performed, but this has low correlation with the technical proposal of the present invention, and is therefore negligible here;
Step 6: the operation mechanism of the receiving/paying party firstly obtains the value (transaction times) of a transaction counter in the payment request according to the payment request, and generates a decryption password according to the value (transaction times) of the transaction counter to decrypt the payment request; then verifying whether the value of the transaction counter is larger than the value of the transaction counter at the payer operation mechanism end, whether the MAC is correct, the balance of the payment wallet and the like;
step 7: for the secret-free payment request, the receiving/paying side operation mechanism firstly checks whether the payment wallet supports the small secret-free amount, and if so, checks whether the payment amount is smaller than the secret-free amount; if the verification is not greater than the secret free limit, checking is passed; if the password is greater than the password-free limit, returning to the acceptance terminal to prompt the user to input the payment password, checking after receiving the payment password sent again in the mode from the step 4 to the step 6, and executing the step 8 after the check is passed;
step 8: and after the verification is passed, the receiving/paying side operation mechanism carries out deduction and accounting treatment. If the payment amount does not exceed the balance of the payment wallet, directly deducting money from the payment wallet; if the payment amount exceeds the balance of the payment wallet, acquiring a payment password mode of the payment wallet to judge whether the payment wallet supports payment password multiplexing of the associated wallet; if the payment password is supported, the payment balance part is directly deducted from the associated wallet under the condition that the user inputs the payment password before, if the payment password is not input before, the payer operating mechanism feeds back information to the acceptance terminal, the acceptance terminal sends the payment password to the payer operating mechanism for verification after prompting the user to input the payment password, and the payment balance part is deducted from the associated wallet after the verification is passed; otherwise, the payment fails. Namely: the payment processing result comprises deduction success and payment failure;
Step 9: the receiving/paying side operation mechanism carries out account deposit and accounting processing on the wallet if the payment processing result is successful in deduction according to the payment processing result, and then the step 10 is executed; otherwise, directly executing the step 10;
step 10: the receiving/paying party operation mechanism returns a payment processing result to the acceptance terminal;
step 11: and the acceptance terminal displays the payment processing result to the user.
Fig. 6 is a schematic diagram of main modules of a hardware wallet-based payment apparatus according to a fifth embodiment of the invention. As shown in fig. 6, the payment device 600 based on a hardware wallet of the fifth embodiment of the present invention is applied to a payer operation mechanism, and mainly includes a payment request receiving module 601, a wallet information obtaining module 602, a privacy-free authority judging module 603, a privacy-free amount obtaining module 604, a privacy-free payment judging module 605 and a payment processing module 606.
A payment request receiving module 601, configured to receive a secret payment-free request, where the secret payment-free request includes a payment wallet identifier and a payment amount, and the payment wallet is a hardware wallet bound with an associated wallet, and the associated wallet is a wallet associated with a user identity;
a wallet information obtaining module 602, configured to obtain payment wallet information according to the payment wallet identifier, where the payment wallet information includes a password-free identifier;
A secret-free authority judging module 603, configured to judge whether the payment wallet supports small secret-free payment according to the secret-free identifier;
a secret-free amount obtaining module 604, configured to obtain a secret-free amount of the payment wallet if the payment wallet supports small-amount secret-free payment;
a secret payment-free determination module 605, configured to determine whether the payment amount exceeds the secret credit-free amount;
and a payment processing module 606, configured to perform payment processing when the payment amount does not exceed the secret free amount.
According to one embodiment of the present invention, the secure payment request further includes a first number of transactions; the hardware wallet based payment device 600 may further include a request verification module (not shown) for: and before payment wallet information is acquired according to the payment wallet identification, performing first verification on the secret payment-free request according to the first transaction times.
According to another embodiment of the present invention, the request checking module (not shown in the figure) may also be used for: judging whether the first transaction times are larger than the second transaction times of the payment wallet stored by the user; generating a decryption key according to the first transaction times and decrypting the encryption-free payment request by using the decryption key under the condition that the first transaction times are larger than the second transaction times; under the condition that decryption is successful, the first verification of the secret payment-free request is passed; and under the condition that the first transaction times are not greater than the second transaction times or decryption is unsuccessful, the first verification of the secret payment-free request is not passed.
According to yet another embodiment of the present invention, the request checking module (not shown in the figure) may also be used for: and symmetrically encrypting the first transaction times and a wallet key generated when the payment wallet is opened to generate a decryption key.
According to yet another embodiment of the present invention, the hardware wallet-based payment device 600 may further include a transaction number incrementing module (not shown) for: after the payment process is completed, the second number of transactions is incremented.
According to a further embodiment of the invention, the secure payment request further comprises a message authentication code generated from the payment information; the request checking module (not shown in the figure) may also be used to: and after the first verification of the secret payment-free request is passed and before payment wallet information is acquired according to the payment wallet identification, performing second verification on the secret payment-free request according to the message authentication code.
According to yet another embodiment of the present invention, the request checking module (not shown in the figure) may also be used for: obtaining payment information from the secret payment-free request; generating a first message authentication code according to the payment information; performing a second check on the non-secret payment request by comparing the first message authentication code with the message authentication code; if the comparison result is consistent, the second check passes, otherwise, the second check does not pass.
According to yet another embodiment of the present invention, the hardware wallet-based payment apparatus 600 may further include a payment verification processing module (not shown) for: prompting a user to input a payment password under the condition that the payment wallet does not support small-amount secret-free payment or the payment amount exceeds the secret-free amount; and carrying out payment verification according to the payment password input by the user, and carrying out payment processing under the condition that the payment verification is passed.
According to yet another embodiment of the present invention, the payment wallet information includes a payment password pattern of the payment wallet for determining whether the payment wallet supports cryptographic multiplexing of an associated wallet; the payment verification processing module (not shown in the figure) may also be used to: under the condition that the payment wallet supports the password multiplexing of the associated wallet, the payment password of the associated wallet is obtained, and payment verification is carried out according to the payment password of the associated wallet and the payment password input by the user; and under the condition that the payment wallet does not support the password multiplexing of the associated wallet, acquiring the payment password of the payment wallet, and performing payment verification according to the payment password of the payment wallet and the payment password input by the user.
According to yet another embodiment of the present invention, the payment wallet information includes a payment password pattern of the payment wallet for determining whether the payment wallet supports cryptographic multiplexing of an associated wallet; the payment processing module 606 and the payment verification processing module (not shown) may also be used to perform payment processing: acquiring a first balance of the payment wallet; judging whether the first balance is greater than or equal to the payment amount; if yes, deducting the payment amount from the first balance of the payment wallet, and enabling the payee operation mechanism to perform accounting processing on the payment wallet; otherwise, judging whether the payment wallet supports the password multiplexing of the associated wallet according to the payment password mode; if the password multiplexing of the associated wallet is supported, judging whether a payment password is input before; if yes, calculating the difference between the first balance and the payment amount, deducting the first balance from the payment wallet, deducting the difference from the second balance of the associated wallet, and enabling the payee operating mechanism to check in the payment wallet; otherwise, prompting the user to input a payment password and carrying out payment verification according to the payment password input by the user, under the condition that the payment verification is passed, calculating the difference between the first balance and the payment amount, deducting the first balance from the payment wallet, deducting the difference from the second balance of the associated wallet, and enabling the payee operating mechanism to carry out accounting processing on the payment wallet; otherwise, the payment fails.
According to yet another embodiment of the invention, the payment processing module 606 and the payment verification processing module (not shown) are further configured to, prior to deducting the first balance from the payment wallet and the difference from the second balance of the associated wallet: confirming that the second balance of the associated wallet is greater than or equal to the balance; and, in the event that the second balance of the associated wallet is less than the balance, failing to pay.
According to a further embodiment of the invention, the no-secret credit is set by checking a payment password of the associated wallet. The setting mode of the no-secret credit comprises the following steps: setting by the payment wallet after verifying a payment password of the associated wallet and a payment password of the payment wallet; or, setting by the associated wallet after checking the payment password of the associated wallet and the payment password of the payment wallet; or, the associated wallet is set after checking the payment password of the payment wallet.
Fig. 7 is a schematic diagram of the main constituent parts of a hardware wallet-based payment system according to a sixth embodiment of the invention. As shown in fig. 7, a payment system 700 based on a hardware wallet of the sixth embodiment of the present invention mainly includes a hardware wallet accepting terminal 701, a payment wallet 702, and a payer operator 703, wherein the hardware wallet accepting terminal 701 is also simply referred to as an accepting terminal 701.
A hardware wallet accepting terminal 701 for: sending payment instructions to a payment wallet, the payment wallet being a hardware wallet that has an associated wallet bound thereto, the associated wallet being a wallet associated with a user identity; generating a secret-free payment request according to the payment message, and sending the secret-free payment request to a payee operation mechanism 703, wherein the secret-free payment request comprises a payment wallet identifier, a payment wallet identifier and a payment amount;
payment wallet 702 for: generating a payment message according to the payment instruction, and sending the payment message to the acceptance terminal 701;
payer operator 703 for: receiving the secret-free payment request, and acquiring payment wallet information according to the payment wallet identification, wherein the payment wallet information comprises the secret-free identification; judging whether the payment wallet supports small-amount secret-free payment or not according to the secret-free identification; acquiring a secret free amount of the payment wallet under the condition that the payment wallet supports small secret free payment; judging whether the payment amount exceeds the encryption free amount; carrying out payment processing under the condition that the payment amount does not exceed the encryption free amount; and returning a payment processing result.
According to an embodiment of the present invention, in the case that the payer operation mechanism corresponding to the payment wallet and the payee operation mechanism corresponding to the payee wallet are different mechanisms, as shown in fig. 7, the payment system 700 based on the hardware wallet of the embodiment of the present invention further includes a payee operation mechanism 704, and the acceptance terminal 701 is further configured to: sending the secure payment-free request to the payee operator entity 704; the payer operator 703 is also configured to: receiving the secure payment-free request from the payee operator entity 704; and returning the payment processing result to the payee operator 704; the payee operator 704 is configured to: and performing accounting processing on the wallet according to the payment processing result and returning the accounting processing result to the receiving terminal 601.
According to one embodiment of the present invention, the secure payment request further includes a first number of transactions; the payment wallet 702 is further configured to, prior to generating a payment message according to the payment instruction: increasing the first transaction times stored by the payment instruction according to the payment instruction, and generating an encryption key according to the first transaction times, wherein the encryption key is used for encrypting the payment information; and, before acquiring the payment wallet information according to the payment wallet identification, the payment party operation mechanism 703 is further configured to: and carrying out first verification on the secret payment-free request according to the first transaction times.
According to another embodiment of the present invention, payment wallet 702, when generating an encryption key from the first transaction number, is further configured to: and symmetrically encrypting the first transaction times and the wallet key generated when the payment wallet is opened to generate an encryption key.
According to yet another embodiment of the present invention, the payer operator 703, when performing a first check on the secure payment request according to the first number of transactions, is further configured to: judging whether the first transaction times are larger than the second transaction times of the payment wallet stored by the user; generating a decryption key according to the first transaction times and decrypting the encryption-free payment request by using the decryption key under the condition that the first transaction times are larger than the second transaction times; under the condition that decryption is successful, the first verification of the secret payment-free request is passed; and under the condition that the first transaction times are not greater than the second transaction times or decryption is unsuccessful, the first verification of the secret payment-free request is not passed.
According to yet another embodiment of the present invention, the payer operator 703, when generating the decryption key from said first number of transactions, is further configured to: and symmetrically encrypting the first transaction times and a wallet key generated when the payment wallet is opened to generate a decryption key.
According to yet another embodiment of the present invention, the payer operator 703 is further arranged to increment said second number of transactions after the payment process is completed.
According to a further embodiment of the invention, the secure payment request further comprises a message authentication code generated from the payment information; the payment wallet 702 is further configured to, prior to generating a payment message according to the payment instruction: organizing the payment information according to the payment instruction, and generating the message authentication code according to the payment information; the payer operator 703 is further configured to, after the first verification of the secure payment request is passed and before obtaining payment wallet information from the payment wallet identification: and carrying out second verification on the secret payment-free request according to the message authentication code.
According to yet another embodiment of the present invention, the payer operator 703, when performing a second check on the secure payment request according to the message authentication code, is further configured to: obtaining payment information from the secret payment-free request; generating a first message authentication code according to the payment information; performing a second check on the non-secret payment request by comparing the first message authentication code with the message authentication code; if the comparison result is consistent, the second check passes, otherwise, the second check does not pass.
According to still another embodiment of the present invention, in the case where the payment wallet 702 does not support the small-amount secret-free payment, or the payment amount exceeds the secret-free amount, the payer operator 703 prompts the user to input a payment password, performs payment verification according to the payment password input by the user, and performs payment processing in the case where the payment verification passes.
According to yet another embodiment of the present invention, the payment wallet information includes a payment password pattern of the payment wallet for determining whether the payment wallet supports cryptographic multiplexing of an associated wallet; the payer operator 703 is further configured to, when performing payment verification according to a payment password input by the user: under the condition that the payment wallet supports the password multiplexing of the associated wallet, the payment password of the associated wallet is obtained, and payment verification is carried out according to the payment password of the associated wallet and the payment password input by the user; and under the condition that the payment wallet does not support the password multiplexing of the associated wallet, acquiring the payment password of the payment wallet, and performing payment verification according to the payment password of the payment wallet and the payment password input by the user.
According to yet another embodiment of the present invention, the payment wallet information includes a payment password pattern of the payment wallet for determining whether the payment wallet supports cryptographic multiplexing of an associated wallet; the payer operator 703 is also configured to, when performing payment processing: acquiring a first balance of the payment wallet; judging whether the first balance is greater than or equal to the payment amount; if yes, deducting the payment amount from the first balance of the payment wallet, and enabling the payee operation mechanism to perform accounting processing on the payment wallet; otherwise, judging whether the payment wallet supports the password multiplexing of the associated wallet according to the payment password mode; if the password multiplexing of the associated wallet is supported, judging whether a payment password is input before; if yes, calculating the difference between the first balance and the payment amount, deducting the first balance from the payment wallet, deducting the difference from the second balance of the associated wallet, and enabling the payee operating mechanism to check in the payment wallet; otherwise, prompting the user to input a payment password and carrying out payment verification according to the payment password input by the user, under the condition that the payment verification is passed, calculating the difference between the first balance and the payment amount, deducting the first balance from the payment wallet, deducting the difference from the second balance of the associated wallet, and enabling the payee operating mechanism to carry out accounting processing on the payment wallet; otherwise, the payment fails.
According to yet another embodiment of the present invention, the payer operator 703, before deducting said first balance from said payment wallet and said difference from said second balance of said associated wallet, is further configured to: confirming that the second balance of the associated wallet is greater than or equal to the balance; and, in the event that the second balance of the associated wallet is less than the balance, failing to pay.
According to a further embodiment of the invention, the no-credit is set by checking a payment password of the associated wallet. The setting mode of the no-secret credit comprises the following steps: setting by the payment wallet after verifying a payment password of the associated wallet and a payment password of the payment wallet; or, setting by the associated wallet after checking the payment password of the associated wallet and the payment password of the payment wallet; or, the associated wallet is set after checking the payment password of the payment wallet.
According to yet another embodiment of the present invention, if the payment processing result is that the payment is successfully deducted by the payer operator, the payee operator 703 is further configured to, when performing accounting processing on the wallet according to the payment processing result: performing account entry processing on the money receiving wallet; if the payment processing result is that the payment by the payer operation mechanism fails, the payee operation mechanism 703 is further configured to: no accounting is performed on the wallet.
According to yet another embodiment of the present invention, the accepting terminal 701 is further configured to, before generating the secure payment request according to the payment message: checking the payment message, and confirming that the payment message comprises a secret-free mark, wherein the secret-free mark is used for marking that the payment message can be used for generating a secret-free payment request; and under the condition that the payment message does not comprise the secret mark, the payment message cannot be used for generating a secret-free payment request, prompting a user to input a payment password, and generating a non-secret-free payment request according to the payment password input by the user and the payment message.
According to the technical scheme of the embodiment of the invention, the secret payment-free request is received, and comprises a payment wallet identifier and a payment amount; acquiring payment wallet information according to the payment wallet identification, wherein the payment wallet information comprises a password-free identification; judging whether the payment wallet supports small-amount secret-free payment according to the secret-free identification; under the condition that the payment wallet supports small-amount secret-free payment, obtaining the secret-free amount of the payment wallet; judging whether the payment amount exceeds the encryption free amount; under the condition that the payment amount does not exceed the secret-free amount, the technical scheme of payment processing is carried out, the secret-free payment is carried out on the small amount based on the secret-free amount set on the basis of the payment password verification of the associated wallet bound to the hardware wallet, and the payment password is not required to be input when secret-free payment conditions are met, so that the situation that a plurality of passwords are required to be input no matter how large the payment amount is, and a plurality of passwords are possibly involved in each payment, and the situation that the payment flow is complex is caused is avoided, the portable payment is carried out on the basis of the secret-free payment operation of the small amount of the hardware wallet, and the application scene of digital currency is expanded.
Fig. 8 illustrates an exemplary system architecture 800 of a hardware wallet-based payment method or a hardware wallet-based payment device to which embodiments of the invention may be applied.
As shown in fig. 8, a system architecture 800 may include terminal devices 801, 802, 803, a network 804, and a server 805. The network 804 serves as a medium for providing communication links between the terminal devices 801, 802, 803 and the server 805. The network 804 may include various connection types, such as wired, wireless communication links, or fiber optic cables, among others.
A user may interact with the server 805 through the network 804 using the terminal devices 801, 802, 803 to receive or send messages or the like. Various communication client applications such as, for example, commercial banking applications, digital money wallet applications, payment software, etc., may be installed on the terminal devices 801, 802, 803.
The terminal devices 801, 802, 803 may be a variety of electronic devices having a display screen and supporting web browsing, including but not limited to smartphones, tablets, laptop and desktop computers, and the like.
The server 805 may be a server providing various services, such as a background management server (by way of example only) that provides support for payment requests received by users using the terminal devices 801, 802, 803. The background management server can acquire payment wallet information according to the payment wallet identification on the received payment request and other data, wherein the payment wallet information comprises a password-free identification; judging whether the payment wallet supports small-amount secret-free payment or not according to the secret-free identification; acquiring a secret free amount of the payment wallet under the condition that the payment wallet supports small secret free payment; judging whether the payment amount exceeds the encryption free amount; in the case where the payment amount does not exceed the secret free amount, processing such as payment processing is performed, and a processing result (e.g., a payment processing result—merely an example) is fed back to the terminal device.
It should be noted that, the payment method based on the hardware wallet provided by the embodiment of the invention is generally executed by the server 805, and accordingly, the payment device based on the hardware wallet is generally disposed in the server 805.
It should be understood that the number of terminal devices, networks and servers in fig. 8 is merely illustrative. There may be any number of terminal devices, networks, and servers, as desired for implementation.
Referring now to FIG. 9, there is illustrated a schematic diagram of a computer system 900 suitable for use in implementing a terminal device or server in accordance with an embodiment of the present invention. The terminal device or server shown in fig. 9 is only an example, and should not impose any limitation on the functions and scope of use of the embodiments of the present invention.
As shown in fig. 9, the computer system 900 includes a Central Processing Unit (CPU) 901, which can execute various appropriate actions and processes according to a program stored in a Read Only Memory (ROM) 902 or a program loaded from a storage section 908 into a Random Access Memory (RAM) 903. In the RAM 903, various programs and data necessary for the operation of the system 900 are also stored. The CPU 901, ROM 902, and RAM 903 are connected to each other through a bus 904. An input/output (I/O) interface 905 is also connected to the bus 904.
The following components are connected to the I/O interface 905: an input section 906 including a keyboard, a mouse, and the like; an output portion 907 including a display such as a Cathode Ray Tube (CRT), a Liquid Crystal Display (LCD), and a speaker; a storage portion 908 including a hard disk or the like; and a communication section 909 including a network interface card such as a LAN card, a modem, or the like. The communication section 909 performs communication processing via a network such as the internet. The drive 910 is also connected to the I/O interface 905 as needed. A removable medium 911 such as a magnetic disk, an optical disk, a magneto-optical disk, a semiconductor memory, or the like is installed as needed on the drive 910 so that a computer program read out therefrom is installed into the storage section 908 as needed.
In particular, according to embodiments of the present disclosure, the processes described above with reference to flowcharts may be implemented as computer software programs. For example, embodiments of the present disclosure include a computer program product comprising a computer program embodied on a computer readable medium, the computer program comprising program code for performing the method shown in the flow chart. In such an embodiment, the computer program may be downloaded and installed from the network via the communication portion 909 and/or installed from the removable medium 911. The above-described functions defined in the system of the present invention are performed when the computer program is executed by a Central Processing Unit (CPU) 901.
The computer readable medium shown in the present invention may be a computer readable signal medium or a computer readable storage medium, or any combination of the two. The computer readable storage medium can be, for example, but not limited to, an electronic, magnetic, optical, electromagnetic, infrared, or semiconductor system, apparatus, or device, or a combination of any of the foregoing. More specific examples of the computer-readable storage medium may include, but are not limited to: an electrical connection having one or more wires, a portable computer diskette, a hard disk, a Random Access Memory (RAM), a read-only memory (ROM), an erasable programmable read-only memory (EPROM or flash memory), an optical fiber, a portable compact disc read-only memory (CD-ROM), an optical storage device, a magnetic storage device, or any suitable combination of the foregoing. In the context of this document, a computer readable storage medium may be any tangible medium that can contain, or store a program for use by or in connection with an instruction execution system, apparatus, or device. In the present invention, however, the computer-readable signal medium may include a data signal propagated in baseband or as part of a carrier wave, with the computer-readable program code embodied therein. Such a propagated data signal may take any of a variety of forms, including, but not limited to, electro-magnetic, optical, or any suitable combination of the foregoing. A computer readable signal medium may also be any computer readable medium that is not a computer readable storage medium and that can communicate, propagate, or transport a program for use by or in connection with an instruction execution system, apparatus, or device. Program code embodied on a computer readable medium may be transmitted using any appropriate medium, including but not limited to: wireless, wire, fiber optic cable, RF, etc., or any suitable combination of the foregoing.
The flowcharts and block diagrams in the figures illustrate the architecture, functionality, and operation of possible implementations of systems, methods and computer program products according to various embodiments of the present invention. In this regard, each block in the flowchart or block diagrams may represent a module, segment, or portion of code, which comprises one or more executable instructions for implementing the specified logical function(s). It should also be noted that, in some alternative implementations, the functions noted in the block may occur out of the order noted in the figures. For example, two blocks shown in succession may, in fact, be executed substantially concurrently, or the blocks may sometimes be executed in the reverse order, depending upon the functionality involved. It will also be noted that each block of the block diagrams or flowchart illustration, and combinations of blocks in the block diagrams or flowchart illustration, can be implemented by special purpose hardware-based systems which perform the specified functions or acts, or combinations of special purpose hardware and computer instructions.
The units or modules involved in the embodiments of the present invention may be implemented in software or in hardware. The described units or modules may also be provided in a processor, for example, as: the processor comprises a payment request receiving module, a wallet information obtaining module, a secret-free permission judging module, a secret-free amount obtaining module, a secret-free payment judging module and a payment processing module. Where the names of the units or modules do not constitute a limitation of the unit or module itself in some cases, for example, the payment request receiving module may also be described as "a module for receiving a payment request without encryption".
As another aspect, the present invention also provides a computer-readable medium that may be contained in the apparatus described in the above embodiments; or may be present alone without being fitted into the device. The computer readable medium carries one or more programs which, when executed by a device, cause the device to include: receiving a secret-free payment request, the secret-free payment request comprising a payment wallet identification and a payment amount, wherein the payment wallet is a hardware wallet bound with an associated wallet, the associated wallet being a wallet associated with a user identity; acquiring payment wallet information according to the payment wallet identification, wherein the payment wallet information comprises a password-free identification; judging whether the payment wallet supports small-amount secret-free payment or not according to the secret-free identification; acquiring a secret free amount of the payment wallet under the condition that the payment wallet supports small secret free payment; judging whether the payment amount exceeds the encryption free amount; and carrying out payment processing under the condition that the payment amount does not exceed the encryption free amount.
According to the technical scheme of the embodiment of the invention, the secret payment-free request is received, and comprises a payment wallet identifier and a payment amount; acquiring payment wallet information according to the payment wallet identification, wherein the payment wallet information comprises a password-free identification; judging whether the payment wallet supports small-amount secret-free payment according to the secret-free identification; under the condition that the payment wallet supports small-amount secret-free payment, obtaining the secret-free amount of the payment wallet; judging whether the payment amount exceeds the encryption free amount; under the condition that the payment amount does not exceed the secret-free amount, the technical scheme of payment processing is carried out, the secret-free payment is carried out on the small amount based on the secret-free amount set on the basis of the payment password verification of the associated wallet bound to the hardware wallet, and the payment password is not required to be input when secret-free payment conditions are met, so that the situation that a plurality of passwords are required to be input no matter how large the payment amount is, and a plurality of passwords are possibly involved in each payment, and the situation that the payment flow is complex is caused is avoided, the portable payment is carried out on the basis of the secret-free payment operation of the small amount of the hardware wallet, and the application scene of digital currency is expanded.
The above embodiments do not limit the scope of the present invention. It will be apparent to those skilled in the art that various modifications, combinations, sub-combinations and alternatives can occur depending upon design requirements and other factors. Any modifications, equivalent substitutions and improvements made within the spirit and principles of the present invention should be included in the scope of the present invention.

Claims (35)

1. A method of payment based on a hardware wallet, the method being applied to a payer operator, the method comprising:
receiving a secret-free payment request, the secret-free payment request comprising a payment wallet identification and a payment amount, wherein the payment wallet is a hardware wallet bound with an associated wallet, the associated wallet being a wallet associated with a user identity;
acquiring payment wallet information according to the payment wallet identification, wherein the payment wallet information comprises a password-free identification;
judging whether the payment wallet supports small-amount secret-free payment or not according to the secret-free identification;
acquiring a secret free amount of the payment wallet under the condition that the payment wallet supports small secret free payment;
judging whether the payment amount exceeds the encryption free amount;
And carrying out payment processing under the condition that the payment amount does not exceed the encryption free amount.
2. The method of claim 1, wherein the secure payment request further comprises a first number of transactions;
before acquiring the payment wallet information according to the payment wallet identification, the method further comprises:
and carrying out first verification on the secret payment-free request according to the first transaction times.
3. The method of claim 2, wherein first verifying the secure payment request based on the first number of transactions comprises:
judging whether the first transaction times are larger than the second transaction times of the payment wallet stored by the user;
generating a decryption key according to the first transaction times and decrypting the encryption-free payment request by using the decryption key under the condition that the first transaction times are larger than the second transaction times;
under the condition that decryption is successful, the first verification of the secret payment-free request is passed;
and under the condition that the first transaction times are not greater than the second transaction times or decryption is unsuccessful, the first verification of the secret payment-free request is not passed.
4. A method according to claim 3, wherein generating a decryption key from the first number of transactions comprises:
And symmetrically encrypting the first transaction times and a wallet key generated when the payment wallet is opened to generate a decryption key.
5. A method according to claim 3, characterized in that the method further comprises:
after the payment process is completed, the second number of transactions is incremented.
6. A method according to claim 3, wherein the secure payment request further comprises a message authentication code generated from payment information;
after the first verification of the secure payment request passes and before the payment wallet information is obtained according to the payment wallet identification, the method further comprises:
and carrying out second verification on the secret payment-free request according to the message authentication code.
7. The method of claim 6, wherein performing a second check on the secure payment request based on the message authentication code comprises:
obtaining payment information from the secret payment-free request;
generating a first message authentication code according to the payment information;
performing a second check on the non-secret payment request by comparing the first message authentication code with the message authentication code;
if the comparison result is consistent, the second check passes, otherwise, the second check does not pass.
8. The method according to claim 1, wherein the method further comprises:
prompting a user to input a payment password under the condition that the payment wallet does not support small-amount secret-free payment or the payment amount exceeds the secret-free amount;
and carrying out payment verification according to the payment password input by the user, and carrying out payment processing under the condition that the payment verification is passed.
9. The method of claim 8, wherein the payment wallet information includes a payment cryptopattern of the payment wallet, the payment cryptopattern being used to determine whether the payment wallet supports cryptographic multiplexing of an associated wallet;
performing payment verification according to a payment password input by a user, including:
under the condition that the payment wallet supports the password multiplexing of the associated wallet, the payment password of the associated wallet is obtained, and payment verification is carried out according to the payment password of the associated wallet and the payment password input by the user;
and under the condition that the payment wallet does not support the password multiplexing of the associated wallet, acquiring the payment password of the payment wallet, and performing payment verification according to the payment password of the payment wallet and the payment password input by the user.
10. The method of claim 1 or 8, wherein the payment wallet information comprises a payment cryptopattern of the payment wallet for determining whether the payment wallet supports cryptographic multiplexing of an associated wallet;
the payment processing includes:
acquiring a first balance of the payment wallet;
judging whether the first balance is greater than or equal to the payment amount;
if yes, deducting the payment amount from the first balance of the payment wallet, and enabling the payee operation mechanism to perform accounting processing on the payment wallet;
otherwise, judging whether the payment wallet supports the password multiplexing of the associated wallet according to the payment password mode;
if the password multiplexing of the associated wallet is supported, judging whether a payment password is input before;
if yes, calculating the difference between the first balance and the payment amount, deducting the first balance from the payment wallet, deducting the difference from the second balance of the associated wallet, and enabling the payee operating mechanism to check in the payment wallet; otherwise, prompting the user to input a payment password and carrying out payment verification according to the payment password input by the user, under the condition that the payment verification is passed, calculating the difference between the first balance and the payment amount, deducting the first balance from the payment wallet, deducting the difference from the second balance of the associated wallet, and enabling the payee operating mechanism to carry out accounting processing on the payment wallet;
Otherwise, the payment fails.
11. The method of claim 10, wherein deducting the first balance from the payment wallet and prior to deducting the difference from the second balance of the associated wallet, further comprises:
confirming that the second balance of the associated wallet is greater than or equal to the balance;
and, in the event that the second balance of the associated wallet is less than the balance, failing to pay.
12. The method of claim 1, wherein the no-secret credit is set by verifying a payment password of the associated wallet.
13. The method according to claim 12, wherein the manner of setting the credit-free amount includes:
setting by the payment wallet after verifying a payment password of the associated wallet and a payment password of the payment wallet;
or, setting by the associated wallet after checking the payment password of the associated wallet and the payment password of the payment wallet;
or, the associated wallet is set after checking the payment password of the payment wallet.
14. A payment device based on a hardware wallet, the device being applied to a payer operator, the device comprising:
A payment request receiving module, configured to receive a secret-free payment request, where the secret-free payment request includes a payment wallet identifier and a payment amount, where the payment wallet is a hardware wallet bound with an associated wallet, and the associated wallet is a wallet associated with a user identity;
the wallet information acquisition module is used for acquiring payment wallet information according to the payment wallet identification, wherein the payment wallet information comprises a password-free identification;
the encryption-free permission judging module is used for judging whether the payment wallet supports small-amount encryption-free payment according to the encryption-free identification;
the secret-free line acquiring module is used for acquiring the secret-free line of the payment wallet under the condition that the payment wallet supports small-amount secret-free payment;
the secret payment-free judging module is used for judging whether the payment amount exceeds the secret payment-free amount;
and the payment processing module is used for performing payment processing under the condition that the payment amount does not exceed the secret free limit.
15. A method of payment based on a hardware wallet, comprising:
the hardware wallet accepting terminal sends a payment instruction to a payment wallet, wherein the payment wallet is a hardware wallet bound with an associated wallet, and the associated wallet is a wallet associated with a user identity;
The payment wallet generates a payment message according to the payment instruction and sends the payment message to the acceptance terminal;
the acceptance terminal generates a secret-free payment request according to the payment message and sends the secret-free payment request, wherein the secret-free payment request comprises a payment wallet identifier, a collection wallet identifier and a payment amount;
the payer operation mechanism receives the secret-free payment request, and obtains payment wallet information according to the payment wallet identification, wherein the payment wallet information comprises the secret-free identification; judging whether the payment wallet supports small-amount secret-free payment or not according to the secret-free identification; acquiring a secret free amount of the payment wallet under the condition that the payment wallet supports small secret free payment; judging whether the payment amount exceeds the encryption free amount; carrying out payment processing under the condition that the payment amount does not exceed the encryption free amount; and returning a payment processing result.
16. The method of claim 15, wherein the secure payment request further comprises a first number of transactions;
the payment wallet further comprises, before generating a payment message according to the payment instruction:
the payment wallet increases the first transaction times stored by the payment wallet according to the payment instruction, and then generates an encryption key according to the first transaction times, wherein the encryption key is used for encrypting payment information;
And, before acquiring payment wallet information according to the payment wallet identification, the payment party operation mechanism further comprises:
and the payer operation mechanism performs first verification on the secret payment-free request according to the first transaction times.
17. The method of claim 16, wherein the payment wallet generating an encryption key based on the first transaction number comprises:
and the payment wallet symmetrically encrypts the first transaction times and a wallet key generated when the payment wallet is opened to generate an encryption key.
18. The method of claim 16, wherein the payer operator performing a first check on the secure payment request based on the first number of transactions comprises:
the payer operating mechanism judges whether the first transaction times are larger than the second transaction times of the payment wallet stored by the payer operating mechanism;
generating a decryption key according to the first transaction times and decrypting the encryption-free payment request by using the decryption key under the condition that the first transaction times are larger than the second transaction times;
under the condition that decryption is successful, the first verification of the secret payment-free request is passed;
And under the condition that the first transaction times are not greater than the second transaction times or decryption is unsuccessful, the first verification of the secret payment-free request is not passed.
19. The method of claim 18, wherein the payer operator generating a decryption key based on the first number of transactions comprises:
and the payer operation mechanism symmetrically encrypts the first transaction times and a wallet key generated when the payment wallet is opened to generate a decryption key.
20. The method of claim 18, wherein the method further comprises:
the payer operator increments the second transaction number after the payment process is completed.
21. The method of claim 18, wherein the secure payment request further comprises a message authentication code generated from payment information;
the payment wallet further comprises, before generating a payment message according to the payment instruction:
the payment wallet organizes the payment information according to the payment instruction and generates the message authentication code according to the payment information;
the payer operator, after the first verification of the secure payment request passes and before obtaining payment wallet information from the payment wallet identifier, further comprises:
And the payer operation mechanism performs second verification on the secret payment-free request according to the message authentication code.
22. The method of claim 21, wherein the payor operator performing a second check of the secure payment request based on the message authentication code comprises:
the payer operation mechanism obtains payment information from the secret payment-free request;
generating a first message authentication code according to the payment information;
performing a second check on the non-secret payment request by comparing the first message authentication code with the message authentication code;
if the comparison result is consistent, the second check passes, otherwise, the second check does not pass.
23. The method of claim 15, wherein the method further comprises:
and under the condition that the payment wallet does not support small-amount secret-free payment or the payment amount exceeds the secret-free amount, the payer operating mechanism prompts the user to input a payment password, performs payment verification according to the payment password input by the user, and performs payment processing under the condition that the payment verification is passed.
24. The method of claim 23, wherein the payment wallet information includes a payment cryptopattern of the payment wallet for determining whether the payment wallet supports cryptographic multiplexing of an associated wallet;
The payment verification is carried out by the payer operation mechanism according to the payment password input by the user, and the payment verification comprises the following steps:
under the condition that the payment wallet supports the password multiplexing of the associated wallet, the payer operation mechanism acquires the payment password of the associated wallet, and performs payment verification according to the payment password of the associated wallet and the payment password input by the user;
and under the condition that the payment wallet does not support the password multiplexing of the associated wallet, the payer operation mechanism acquires the payment password of the payment wallet, and performs payment verification according to the payment password of the payment wallet and the payment password input by the user.
25. The method of claim 15 or 23, wherein the payment wallet information comprises a payment cryptopattern of the payment wallet for determining whether the payment wallet supports cryptographic multiplexing of an associated wallet;
the payment processing by the payer operator comprises:
the payer operating mechanism obtains a first balance of the payment wallet;
judging whether the first balance is greater than or equal to the payment amount;
if yes, deducting the payment amount from the first balance of the payment wallet, and enabling the payee operation mechanism to perform accounting processing on the payment wallet;
Otherwise, judging whether the payment wallet supports the password multiplexing of the associated wallet according to the payment password mode;
if the password multiplexing of the associated wallet is supported, judging whether a payment password is input before;
if yes, calculating the difference between the first balance and the payment amount, deducting the first balance from the payment wallet, deducting the difference from the second balance of the associated wallet, and enabling the payee operating mechanism to check in the payment wallet; otherwise, prompting the user to input a payment password and carrying out payment verification according to the payment password input by the user, under the condition that the payment verification is passed, calculating the difference between the first balance and the payment amount, deducting the first balance from the payment wallet, deducting the difference from the second balance of the associated wallet, and enabling the payee operating mechanism to carry out accounting processing on the payment wallet;
otherwise, the payment fails.
26. The method of claim 25, wherein the payer operator, prior to deducting the first balance from the payment wallet and deducting the difference from the second balance of the associated wallet, further comprises:
The payer operating mechanism confirms that the second balance of the associated wallet is greater than or equal to the balance;
and, in the event that the second balance of the associated wallet is less than the balance, failing to pay.
27. The method of claim 15, wherein the no-secret credit is set by verifying a payment password of the associated wallet.
28. The method of claim 27, wherein the manner of setting the credit-free amount includes:
setting by the payment wallet after verifying a payment password of the associated wallet and a payment password of the payment wallet;
or, setting by the associated wallet after checking the payment password of the associated wallet and the payment password of the payment wallet;
or, the associated wallet is set after checking the payment password of the payment wallet.
29. The method of claim 15, wherein, in the case where the payer operator corresponding to the payment wallet is a different entity from the payee operator corresponding to the payment wallet,
the accepting terminal sending the secret payment-free request includes: the acceptance terminal sends the secret payment-free request to the payee operation mechanism;
The payer operator receiving the secure payment-free request includes: the payer operator receives the secure payment-free request sent by the payee operator;
the payment processing result returned by the payer operation mechanism comprises: the payer operation mechanism returns the payment processing result to the payee operation mechanism;
and after the payer operation mechanism returns the payment processing result, the method further comprises: and the payee operation mechanism carries out accounting processing on the wallet according to the payment processing result and returns the accounting processing result to the acceptance terminal.
30. The method of claim 29, wherein the step of providing the first information comprises,
if the payment processing result is that the payment of the payer operation mechanism is successful, the payee operation mechanism carries out accounting processing on a wallet according to the payment processing result, and the accounting processing comprises the following steps:
the payee operation mechanism performs accounting processing on the wallet;
if the payment processing result is that the payment of the payer operation mechanism fails, the payee operation mechanism carries out accounting processing on a wallet according to the payment processing result, and the accounting processing comprises the following steps:
the payee operator does not conduct any accounting on the payee wallet.
31. The method of claim 15, wherein before the accepting terminal generates the secure free payment request from the payment message, further comprising:
the acceptance terminal checks the payment message, and confirms that the payment message comprises a secret-free mark, wherein the secret-free mark is used for marking that the payment message can be used for generating a secret-free payment request;
and under the condition that the payment message does not comprise the secret mark, the payment message cannot be used for generating a secret-free payment request, prompting a user to input a payment password, and generating a non-secret-free payment request according to the payment password input by the user and the payment message.
32. A hardware wallet-based payment system, comprising:
the hardware wallet accepting terminal is used for: sending payment instructions to a payment wallet, the payment wallet being a hardware wallet that has an associated wallet bound thereto, the associated wallet being a wallet associated with a user identity; generating a secret-free payment request according to a payment message, and sending the secret-free payment request, wherein the secret-free payment request comprises a payment wallet identifier, a collection wallet identifier and a payment amount;
a payment wallet for: generating a payment message according to the payment instruction, and sending the payment message to the acceptance terminal;
A payer operator for: receiving the secret-free payment request, and acquiring payment wallet information according to the payment wallet identification, wherein the payment wallet information comprises the secret-free identification; judging whether the payment wallet supports small-amount secret-free payment or not according to the secret-free identification; acquiring a secret free amount of the payment wallet under the condition that the payment wallet supports small secret free payment; judging whether the payment amount exceeds the encryption free amount; carrying out payment processing under the condition that the payment amount does not exceed the encryption free amount; and returning a payment processing result.
33. The system of claim 32, wherein in the event that the payor operator corresponding to the payment wallet is a different entity than the payee operator corresponding to the payment wallet, the system further comprises the payee operator,
the reception terminal is further configured to: sending the secret payment-free request to the payee operating mechanism;
the payer operator is further configured to: receiving the secure payment-free request sent by the payee operator entity; and returning the payment processing result to the payee operation mechanism;
the payee operating mechanism is used for: and carrying out accounting processing on the wallet according to the payment processing result and returning the accounting processing result to the acceptance terminal.
34. A hardware wallet-based payment electronic device, comprising:
one or more processors;
storage means for storing one or more programs,
when executed by the one or more processors, cause the one or more processors to implement the method of any of claims 1-13 and/or 15-31.
35. A computer readable medium, on which a computer program is stored, characterized in that the program, when being executed by a processor, implements the method according to any one of claims 1-13 and/or 15-31.
CN202111663005.9A 2021-12-31 2021-12-31 Payment method, device and system based on hardware wallet Pending CN116415946A (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
CN202111663005.9A CN116415946A (en) 2021-12-31 2021-12-31 Payment method, device and system based on hardware wallet

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
CN202111663005.9A CN116415946A (en) 2021-12-31 2021-12-31 Payment method, device and system based on hardware wallet

Publications (1)

Publication Number Publication Date
CN116415946A true CN116415946A (en) 2023-07-11

Family

ID=87051743

Family Applications (1)

Application Number Title Priority Date Filing Date
CN202111663005.9A Pending CN116415946A (en) 2021-12-31 2021-12-31 Payment method, device and system based on hardware wallet

Country Status (1)

Country Link
CN (1) CN116415946A (en)

Similar Documents

Publication Publication Date Title
CN105934771B (en) Automatic account provisioning
CN102801710B (en) A kind of network trading method and system
JP2017537421A (en) How to secure payment tokens
JP2013514556A (en) Method and system for securely processing transactions
CN112889046A (en) System and method for password authentication of contactless cards
JP2015537399A (en) Application system for mobile payment and method for providing and using mobile payment means
CN111062717B (en) Data transfer processing method, device and computer readable storage medium
US20230351384A1 (en) Card management method, user terminal, server, system and storage medium
CN113052599B (en) Method, device, equipment and system for generating, verifying and storing transaction certificates
WO2024109551A1 (en) Digital payment processing method and apparatus, and device, system and medium
CN106033571A (en) Trading method of electronic signature devices, electronic signature devices and trading system
EP1142194A1 (en) Method and system for implementing a digital signature
US20240062198A1 (en) Security Chip for Digital Currency Storage, and Application Method for Security Chip for Digital Currency Storage
KR101754486B1 (en) Method for Providing Mobile Payment Service by Using Account Information
TW201317911A (en) Cloud credit card transaction system and transaction method thereof
EP2747363A1 (en) Transaction validation method using a communications device
CN114037447A (en) Method and device for off-line transaction
CN113627905A (en) Digital currency wallet generation method, digital currency payment method, device and system
CN113822664A (en) Method, device, system, terminal, server and medium for opening offline payment
CN112712354A (en) Interaction method of digital currency wallet and digital currency server
CN114584355B (en) Security authentication method, device and system for digital currency transaction
US12041179B2 (en) Digital signature terminal and secure communication method
WO2015162276A2 (en) Secure token implementation
CN114037446A (en) Transaction method, transaction management method, device and system for digital currency
CN114462990A (en) Method and device for secret-free payment based on digital currency

Legal Events

Date Code Title Description
PB01 Publication
PB01 Publication
SE01 Entry into force of request for substantive examination
SE01 Entry into force of request for substantive examination