CN117010897B

CN117010897B - Mobile payment security detection method and system thereof

Info

Publication number: CN117010897B
Application number: CN202310970508.3A
Authority: CN
Inventors: 杨云灏; 吕运; 彭绍煜
Original assignee: Shenzhen Weiyun Xinzhong Technology Co ltd
Current assignee: Shenzhen Weiyun Xinzhong Technology Co ltd
Priority date: 2023-08-02
Filing date: 2023-08-02
Publication date: 2024-08-09
Anticipated expiration: 2043-08-02
Also published as: CN117010897A

Abstract

The application relates to the technical field of computers, and provides a mobile payment security detection method and a system thereof, wherein the method comprises the following steps: receiving a payment security detection message; if the payment network information security authentication is determined to pass, determining a security authentication analysis tree and a data encryption type based on a payment channel, and determining a node position based on service identification information; encrypting payment merchant information in a security authentication analysis tree according to the node position by using a data encryption type to obtain security authentication encryption data; packaging the data encryption type and the unique identity information to obtain first packaged data, packaging the security authentication encryption data and the unique identity information to obtain second packaged data, and sending the second packaged data to a third party payment platform; comparing the security authentication code with a merchant authentication code; if the comparison result is determined as follows: and if the security authentication code is consistent with the merchant authentication code, determining that the current payment state is a security state. The application improves the safety of mobile payment safety detection.

Description

Mobile payment security detection method and system thereof

Technical Field

The application relates to the technical field of computers, in particular to a mobile payment security detection method and a system thereof.

Background

Currently, in the process of mobile payment, mobile payment security detection is required before payment to a merchant. The current mobile payment security detection method mainly comprises the steps of performing static and dynamic scanning on the mobile payment application by using an application security scanning method, and detecting loopholes, security risks and malicious codes in the application. However, the existing mobile payment security detection method focuses on the security of the application program, and ignores the security of payment merchant information. With the development of network technology, malicious use of merchant information induces more and more events of user payment, so that the security of mobile payment security detection is low.

Disclosure of Invention

The embodiment of the application provides a mobile payment security detection method and a system thereof, aiming at improving the security of mobile payment security detection.

In a first aspect, an embodiment of the present application provides a mobile payment security detection method, including:

Receiving a payment security detection message sent by a user terminal; the payment security detection message comprises a payment channel, payment network information, payment merchant information, unique identity information and service identification information;

if the payment network information security authentication is determined to pass, determining a security authentication analysis tree and a data encryption type based on the payment channel, and determining the node position of the payment merchant information in the security authentication analysis tree based on the service identification information;

encrypting the payment merchant information in the security authentication analysis tree according to the node position by using the data encryption type to obtain security authentication encryption data;

Packaging the data encryption type and the unique identity information to obtain first packaging data, and packaging the security authentication encryption data and the unique identity information to obtain second packaging data;

Transmitting the first packed data to a third party payment platform based on a first communication network, and transmitting the second packed data to the third party payment platform based on a second communication network; the first communication network and the second communication network are different communication networks;

Receiving a security authentication code returned by the third party payment platform, and comparing the security authentication code with a merchant authentication code determined based on the payment merchant information;

If the comparison result is determined as follows: and if the security authentication code is consistent with the merchant authentication code, determining that the current payment state is a security state.

In one embodiment, the determining the security authentication parse tree and the data encryption type based on the payment channel, and determining the node position of the payment merchant information in the security authentication parse tree based on the service identification information includes:

If the payment channel is determined to be a first payment channel, determining that the security authentication analysis tree branches to 10 child nodes for each father node, and the two adjacent father nodes share the first security authentication analysis tree of 2 child nodes; or if the payment channel is determined to be a second payment channel, determining that the security authentication analysis tree is a second security authentication analysis tree with 15 child nodes branched from each father node and 4 child nodes shared by two adjacent father nodes; the first payment channel comprises a WeChat payment channel and a Payment device payment channel; the second payment channel includes a credit card payment channel and a debit card payment channel;

If the payment channel is determined to be a first payment channel, determining that the data encryption type is a single-layer random code encryption type; the single-layer random code encryption type characterizes an encryption type for carrying out primary random number encryption; or if the payment channel is determined to be a second payment channel, determining that the data encryption type is a multi-layer random code encryption type; the multi-layer random code encryption type characterizes an encryption type for carrying out random number encryption for a plurality of times;

if the service identification information is determined to be the online shopping platform identification information, determining the node position as a root node position; or if the service identification information is determined to be life service platform identification information, determining the node position to be a leaf node position; or if the service identification information is determined to be the online entertainment platform identification information, determining that the node position is an intermediate node position which is not a leaf node position and is not a root node position.

In one embodiment, encrypting the payment merchant information in the security authentication parse tree according to the node position by using the data encryption type to obtain security authentication encryption data, including:

If the payment channel is determined to be a first payment channel and the service identification information is online shopping platform identification information, a first public key pair of the first payment channel is obtained, and the merchant authentication code is encrypted into a first encrypted random number based on the first public key pair;

and encrypting the first encrypted random number serving as a root node position in the first security authentication analysis tree to obtain security authentication encrypted data.

If the payment channel is determined to be a first payment channel and the business identification information is life service platform identification information, a first public key pair of the first payment channel is obtained, and the merchant authentication code is encrypted into a second encrypted random number based on the first public key pair;

acquiring a first initial digit and a first final digit in the second encrypted random number, and calculating a first average based on the first initial digit and the first final digit;

determining a first order of leaf node positions based on the first average;

And taking the first encrypted random number as a leaf node position, and encrypting in the first security authentication analysis tree according to the first sequence to obtain security authentication encrypted data.

If the payment channel is determined to be a first payment channel and the service identification information is online entertainment platform identification information, a first public key pair of the first payment channel is obtained, and the merchant authentication code is encrypted into a third encrypted random number based on the first public key pair;

acquiring a first intermediate digit of a third encrypted random number, and determining a first branch position between an intermediate node position and a root node position according to the first intermediate digit;

And encrypting the third encrypted random number serving as an intermediate node position in the first security authentication analysis tree according to the first branch position to obtain security authentication encrypted data.

if the payment channel is determined to be a second payment channel and the service identification information is online shopping platform identification information, a second public key pair of the second payment channel is obtained, and the merchant authentication code is encrypted into a fourth encrypted random number based on the second public key pair;

removing the first four-digit number and the last four-digit number in the fourth encrypted random number to obtain a first random number to be processed, squaring the first random number to be processed, and obtaining a first target random number after circulating for preset times;

and encrypting the first target random number serving as a root node position in the second security authentication analysis tree to obtain security authentication encrypted data.

If the payment channel is determined to be a second payment channel and the business identification information is life service platform identification information, a second public key pair of the second payment channel is obtained, and the merchant authentication code is encrypted into a fifth encrypted random number based on the second public key pair;

Removing the first four digits and the last four digits in the fifth encrypted random number to obtain a second random number to be processed, squaring the second random number to be processed, and obtaining a second target random number after circulating for preset times;

Acquiring a second head number and a second tail number in the second target random number, and calculating a second average number based on the second head number and the second tail number;

Determining a second order of leaf node positions based on the second average number;

And taking the second target random number as a leaf node position, and encrypting in the second security authentication analysis tree according to the second sequence to obtain security authentication encrypted data.

if the payment channel is determined to be a first payment channel and the service identification information is online entertainment platform identification information, a second public key pair of a second payment channel is obtained, and the merchant authentication code is encrypted into a sixth encrypted random number based on the second public key pair;

Removing the first four digits and the last four digits in the sixth encrypted random number to obtain a third random number to be processed, squaring the third random number to be processed, and obtaining a third target random number after circulating for preset times;

Acquiring a second intermediate digit of a third target random number, and determining a second branch position between the intermediate node position and the root node position according to the second intermediate digit;

and encrypting the third target random number serving as an intermediate node position in the second security authentication analysis tree according to the second branch position to obtain security authentication encrypted data.

In a second aspect, an embodiment of the present application provides a mobile payment security detection system, including:

The message receiving module is used for receiving a payment security detection message sent by the user terminal; the payment security detection message comprises a payment channel, payment network information, payment merchant information, unique identity information and service identification information;

The information determining module is used for determining a security authentication analysis tree and a data encryption type based on the payment channel if the payment network information security authentication is determined to pass, and determining the node position of the payment merchant information in the security authentication analysis tree based on the service identification information;

The data encryption module is used for encrypting the payment merchant information in the security authentication analysis tree according to the node position to obtain security authentication encryption data;

the data packaging module is used for packaging the data encryption type and the unique identity information to obtain first packaging data, and packaging the security authentication encryption data and the unique identity information to obtain second packaging data;

the data transmission module is used for transmitting the first packed data to a third party payment platform based on a first communication network and transmitting the second packed data to the third party payment platform based on a second communication network; the first communication network and the second communication network are different communication networks;

The information comparison module is used for receiving the security authentication code returned by the third party payment platform and comparing the security authentication code with a merchant authentication code determined based on the payment merchant information;

the mobile payment safety detection module is used for determining that if the comparison result is: and if the security authentication code is consistent with the merchant authentication code, determining that the current payment state is a security state.

In a third aspect, an embodiment of the present application provides an electronic device, where the electronic device includes a memory, a processor, and a computer program stored on the memory and executable on the processor, and the processor implements the mobile payment security detection method according to the first aspect when executing the computer program.

In a fourth aspect, an embodiment of the present application provides a non-transitory computer readable storage medium, including a computer program, which when executed by a processor implements the mobile payment security detection method of the first aspect.

The mobile payment security detection method and the system thereof provided by the embodiment of the application receive the payment security detection message sent by the user terminal; if the payment network information security authentication is determined to pass, determining a security authentication analysis tree and a data encryption type based on a payment channel, and determining the node position of payment merchant information in the security authentication analysis tree based on service identification information; encrypting payment merchant information in a security authentication analysis tree according to the node position by using a data encryption type to obtain security authentication encryption data; packaging the data encryption type and the unique identity information to obtain first packaged data, and packaging the security authentication encryption data and the unique identity information to obtain second packaged data; transmitting the first packed data to a third party payment platform based on a first communication network, and transmitting the second packed data to the third party payment platform based on a second communication network; receiving a security authentication code returned by the third party payment platform, and comparing the security authentication code with a merchant authentication code determined based on payment merchant information; if the comparison result is determined as follows: and if the security authentication code is consistent with the merchant authentication code, determining that the current payment state is a security state. In the process of mobile payment security detection, the security authentication analysis tree, the data encryption type and the node position are utilized to encrypt the payment merchant information, and the security authentication code returned by the third party payment platform and the merchant authentication code are used for verification, so that the payment merchant information is prevented from being maliciously used and tampered, and the security of the mobile payment security detection is improved.

Drawings

In order to more clearly illustrate the application or the technical solutions of the prior art, the following description will briefly explain the drawings used in the embodiments or the description of the prior art, and it is obvious that the drawings in the following description are some embodiments of the application, and other drawings can be obtained according to the drawings without inventive effort for a person skilled in the art.

FIG. 1 is a flow chart of a mobile payment security detection method provided by an embodiment of the present application;

FIG. 2 is a block diagram of a mobile payment security detection system provided by an embodiment of the present application;

Fig. 3 is a block diagram of an electronic device according to an embodiment of the present application.

Detailed Description

For the purpose of making the objects, technical solutions and advantages of the present application more apparent, the technical solutions of the present application will be clearly and completely described below with reference to the accompanying drawings in the embodiments of the present application, and it is apparent that the described embodiments are some embodiments of the present application, but not all embodiments. All other embodiments, which can be made by those skilled in the art based on the embodiments of the application without making any inventive effort, are intended to be within the scope of the application.

Referring to fig. 1, fig. 1 is a flowchart of a mobile payment security detection method according to an embodiment of the present application. The embodiment of the application provides a mobile payment security detection method, which comprises the following steps:

Step 101, receiving a payment security detection message sent by a user terminal;

102, if the payment network information security authentication is determined to pass, determining a security authentication analysis tree and a data encryption type based on the payment channel, and determining a node position of the payment merchant information in the security authentication analysis tree based on the service identification information;

Step 103, encrypting the payment merchant information in the security authentication analysis tree according to the node position by using the data encryption type to obtain security authentication encryption data;

104, packaging the data encryption type and the unique identity information to obtain first packaged data, and packaging the security authentication encryption data and the unique identity information to obtain second packaged data;

Step 105, transmitting the first packed data to a third party payment platform based on a first communication network, and transmitting the second packed data to the third party payment platform based on a second communication network;

Step 106, receiving a security authentication code returned by the third party payment platform, and comparing the security authentication code with a merchant authentication code determined based on payment merchant information;

Step 107, if the comparison result is determined to be: and if the security authentication code is consistent with the merchant authentication code, determining that the current payment state is a security state.

It should be noted that, in the mobile payment security detection method provided by the embodiment of the present application, the mobile payment security detection system is used as an execution subject for illustration, and the mobile payment security detection system can be understood as a mobile payment server.

After detecting that a user triggers a payment instruction, the user terminal acquires a payment channel, payment network information, payment merchant information, unique identity information and service identification information, and generates a payment security detection message from the payment channel, the payment network information, the payment merchant information, the unique identity information and the service identification information. Further, the user terminal sends the payment security detection message to the mobile payment server. Therefore, the mobile payment server receives the payment security detection message sent by the user terminal, and analyzes the payment channel, the payment network information, the payment merchant information, the unique identity information and the service identity information in the payment security detection message.

The payment channel comprises, but is not limited to, a WeChat payment channel, a Payment device payment channel and a Unionpay payment channel, the unique identity information can be understood as a terminal identification of the user terminal, and the service identification information comprises, but is not limited to, online shopping platform identification information, life service platform identification information and online entertainment platform identification information.

Further, the mobile payment server performs security authentication on the payment network information, namely, determines whether the payment network information carries phishing website information or pseudo base station information. If the payment network information is determined to not carry phishing website information or pseudo base station information, the mobile payment server determines that the payment network information security authentication passes.

Further, the mobile payment server determines the security authentication parse tree and the data encryption type according to the payment channel, and it is to be noted that the security authentication parse tree and the data encryption type of different payment channels are different. Further, the mobile payment server determines the node position of the payment merchant information in the security authentication analysis tree according to the service identification information. Further, the mobile payment server encrypts payment merchant information in a security authentication analysis tree according to the node position by using a data encryption type to obtain security authentication encryption data.

Further, the mobile payment server packages the data encryption type and the unique identification information to obtain first package data, so that the data format of the first package data is the unique identification information+the data encryption type. Further, the mobile payment server packages the security authentication encryption data and the unique identity information to obtain second package data, wherein the data format of the second package data is the unique identity information plus the security authentication encryption data.

Further, for the security of data transmission, the first packed data and the second packed data need to be transmitted through different communication networks. Thus, the mobile payment server transmits the first packetized data to the third party paymate over the first communication network and the second packetized data to the third party paymate over the second communication network. Therefore, it can be understood that, whether the third party payment platform receives the first package data and the second package data sequentially or receives the first package data and the second package data simultaneously, the third party payment platform can obtain the data encryption type and the security authentication encryption data of the same unique identity information through the unique identity information, and in one embodiment, the first communication network is a WIFI, and the second communication network is a cellular network.

Therefore, the third party payment platform can decrypt the security authentication encryption data according to the data encryption type to obtain payment merchant information in the security authentication analysis tree, and returns a security authentication code according to the payment merchant information. Further, after receiving the security authentication code returned by the third party payment platform, the mobile payment server compares the security authentication code with a merchant authentication code determined according to payment merchant information to obtain a comparison result. If the comparison result is determined as follows: the security authentication code is consistent with the merchant authentication code, and the mobile payment server determines that the current payment state is the security state. If the comparison result is determined as follows: the security authentication code is inconsistent with the merchant authentication code, and the mobile payment server determines that the current payment state is a risk state.

The mobile payment security detection method provided by the embodiment of the application receives the payment security detection message sent by the user terminal; if the payment network information security authentication is determined to pass, determining a security authentication analysis tree and a data encryption type based on a payment channel, and determining the node position of payment merchant information in the security authentication analysis tree based on service identification information; encrypting payment merchant information in a security authentication analysis tree according to the node position by using a data encryption type to obtain security authentication encryption data; packaging the data encryption type and the unique identity information to obtain first packaged data, and packaging the security authentication encryption data and the unique identity information to obtain second packaged data; transmitting the first packed data to a third party payment platform based on a first communication network, and transmitting the second packed data to the third party payment platform based on a second communication network; receiving a security authentication code returned by the third party payment platform, and comparing the security authentication code with a merchant authentication code determined based on payment merchant information; if the comparison result is determined as follows: and if the security authentication code is consistent with the merchant authentication code, determining that the current payment state is a security state. In the process of mobile payment security detection, the security authentication analysis tree, the data encryption type and the node position are utilized to encrypt the payment merchant information, and the security authentication code returned by the third party payment platform and the merchant authentication code are used for verification, so that the payment merchant information is prevented from being maliciously used and tampered, and the security of the mobile payment security detection is improved.

Further, determining a security authentication parse tree and a data encryption type based on the payment channel in step 102, and determining a node position of the payment merchant information in the security authentication parse tree based on the service identification information, including:

Specifically, if the payment channel is determined to be the first payment channel, the mobile payment server determines that the security authentication parse tree branches to 10 child nodes for each parent node, and the two adjacent parent nodes share a first security authentication parse tree of 2 child nodes, that is, in the first security authentication parse tree, the two adjacent parent nodes have 2 common child nodes. Further, if the payment channel is determined to be the second payment channel, the mobile payment server determines that the security authentication parse tree branches to 15 child nodes for each parent node, and the two adjacent parent nodes share a second security authentication parse tree of 4 child nodes, that is, in the second security authentication parse tree, the two adjacent parent nodes have 4 common child nodes. In one embodiment, the first payment channel comprises a WeChat payment channel and a Payment device payment channel, and the second payment channel is a UnionPayment channel comprising a credit card payment channel and a debit card payment channel.

Further, if the payment channel is determined to be the first payment channel, the mobile payment server determines that the data encryption type is a single-layer random code encryption type, wherein the single-layer random code encryption type characterizes the encryption type for carrying out random number encryption once. Further, if the payment channel is determined to be the second payment channel, the mobile payment server determines that the data encryption type is a multi-layer random code encryption type, namely, the multi-layer random code encryption type characterizes the encryption type for carrying out multiple random number encryption, and the multiple random number encryption is set according to practice.

Further, if the service identification information is determined to be the online shopping platform identification information, the mobile payment server determines the node position as the root node position. Further, if the service identification information is determined to be the life service platform identification information, the mobile payment server determines the node position to be the leaf node position. Further, if the service identification information is determined to be the online entertainment platform identification information, the mobile payment server determines that the node position is a non-leaf node position and an intermediate node position that is not a root node position.

Further, encrypting the payment merchant information in the security authentication parse tree according to the node position by using the data encryption type in step 103 to obtain security authentication encrypted data, including:

Specifically, if the payment channel is determined to be the first payment channel and the service identification information is the online shopping platform identification information, namely the data encryption type is the single-layer random code encryption type, the node position is the root node position, the mobile payment server acquires a first public key pair in a public key mapping table according to the first payment channel, and encrypts a merchant authentication code into a first encrypted random number based on the first public key pair, wherein the public key mapping table is an association relation table of the payment channel and the public key pair thereof.

Further, the mobile payment server encrypts the first encrypted random number in the first security authentication parsing tree by taking the first encrypted random number as a root node position to obtain security authentication encrypted data.

According to the embodiment of the application, the payment merchant information is encrypted by utilizing the security authentication analysis tree, the data encryption type and the node position, so that the payment merchant information cannot be tampered, and the security of mobile payment security detection is improved.

Further, step 103 describes encrypting the payment merchant information in the security authentication analysis tree according to the node position by using the data encryption type to obtain security authentication encrypted data, and includes:

determining a first order of leaf node positions based on the first average;

Specifically, if the payment channel is determined to be the first payment channel and the service identification information is the life service platform identification information, namely the data encryption type is the single-layer random code encryption type, the node position is the leaf node position, the mobile payment server acquires a first public key pair in the public key mapping table according to the first payment channel, and encrypts the merchant authentication code into a second encrypted random number through the first public key pair.

Further, the mobile payment server obtains a first initial digit and a first final digit in the second encrypted random number, and calculates the average value of the first initial digit and the first final digit to obtain a first average value. Further, the mobile payment server determines a first order of leaf node positions based on the first average, which in one embodiment is 4, and the first order of leaf node positions is a fourth leaf node position from left to right.

Further, the mobile payment server takes the first encrypted random number as a leaf node position, and encrypts the first encrypted random number in a first security authentication analysis tree according to a first sequence to obtain security authentication encrypted data.

Specifically, if the payment channel is determined to be the first payment channel and the service identification information is the identification information of the online entertainment platform, that is, the data encryption type is the single-layer random code encryption type node position, and the data encryption type is the intermediate node position of the non-leaf node position and the non-root node position, the mobile payment server obtains a first public key pair in the public key mapping table according to the first payment channel, and encrypts the merchant authentication code into a third encrypted random number through the first public key pair.

Further, the mobile payment server obtains a first intermediate digit of the third encrypted random number, and in an embodiment, if the digit of the third encrypted random number is an odd number, the first intermediate digit is a middle one of the third encrypted random number, and if the digit of the third encrypted random number is an even number, the first intermediate digit is a mean value of the middle two digits of the third encrypted random number. If the third encrypted random number is 1263837, the first intermediate number is 3, and if the third encrypted random number is 12635837, the first intermediate number is (3+5)/2=4. Further, the mobile payment server determines a first branch position between the intermediate node position and the root node position according to a first intermediate digit, wherein in an embodiment, the first intermediate digit is 4, the first branch position is a 4 th child node of the root node, and the position is a 4 th child node from left to right.

Further, the mobile payment server encrypts the third encrypted random number as an intermediate node position in the first security authentication analysis tree according to the first branch position to obtain security authentication encrypted data.

Specifically, if the payment channel is determined to be the second payment channel and the service identification information is the online shopping platform identification information, namely the data encryption type is the multi-layer random code encryption type, the node position is the root node position, the mobile payment server acquires a second public key pair in a public key mapping table according to the second payment channel, and encrypts a merchant authentication code into a fourth encrypted random number based on the second public key pair, wherein the public key mapping table is an association relation table of the payment channel and the public key pair thereof.

It should be noted that the encrypted random number is generally 15 digits, and the mobile payment server removes the first four digits and the last four digits in the fourth encrypted random number to obtain the first random number to be processed with 7 digits. Further, the mobile payment server squares the first random number to be processed with 7 digits to obtain a calculated value, if the calculated value is less than 15 digits, the calculated value is high-order 0 supplement, after the preset times of the process are circulated, the first target random number is obtained, and the preset times are set according to the actual.

Further, the mobile payment server encrypts the first target random number serving as the root node position in a second security authentication analysis tree to obtain security authentication encrypted data.

Specifically, if the payment channel is determined to be the second payment channel and the service identification information is the life service platform identification information, namely the data encryption type is the single-layer random code encryption type, the node position is the leaf node position, the mobile payment server acquires a second public key pair in the public key mapping table according to the second payment channel, and encrypts the merchant authentication code into a fourth encrypted random number based on the second public key pair. Further, the mobile payment server removes the first four digits and the last four digits in the fifth encrypted random number to obtain a second random number to be processed with 7 digits, squares the second random number to be processed with 7 digits to obtain a calculated value, supplements 0 in a high order if the calculated value is less than 15 digits, and loops the process for preset times to obtain a second target random number.

Further, the mobile payment server obtains a second initial digit and a second final digit in the second target random number, and calculates the average value of the second initial digit and the second final digit to obtain a second average value. Further, the mobile payment server determines a second order of leaf node locations based on the second average, in one embodiment, the first average is 5 and the second order of leaf node locations is a fifth leaf node location from left to right.

Further, the mobile payment server takes the second target random number as a leaf node position, and encrypts the second target random number in a second security authentication analysis tree according to a second sequence to obtain security authentication encrypted data.

Specifically, if the payment channel is determined to be the first payment channel and the service identification information is the online entertainment platform identification information, that is, the data encryption type is the single-layer random code encryption type node position, and the data encryption type is the intermediate node position, that is, the non-leaf node position and the non-root node position, the mobile payment server obtains a second public key pair in the public key mapping table according to the second payment channel, and encrypts the merchant authentication code into a sixth encrypted random number based on the second public key pair.

Further, the mobile payment server removes the first four digits and the last four digits in the sixth encrypted random number to obtain a third to-be-processed random number with 7 digits, squares the third to-be-processed random number with 7 digits to obtain a calculated value, supplements 0 in a high order if the calculated value is less than 15 digits, and loops the above process for preset times to obtain a third target random number.

Further, the mobile payment server obtains a second intermediate number of digits of the third target random number, and in an embodiment, if the digits of the third target random number are odd numbers, the second intermediate number of digits is a middle number of the third target random number, and if the digits of the third target random number are even numbers, the first intermediate number of digits is a mean value of the middle two digits of the third target random number. If the third target random number is 1263837, the second intermediate number is 3, and if the third target random number is 12635837, the second intermediate number is (3+5)/2=4. Further, the mobile payment server determines a second branch position between the intermediate node position and the root node position according to the second intermediate digit, and in an embodiment, the second intermediate digit is 5, the first branch position is a 5 th child node of the root node, and the position is a 5 th child node from left to right.

Further, the mobile payment server encrypts the third target random number as an intermediate node position in the second security authentication analysis tree according to the second branch position to obtain security authentication encrypted data.

The following describes a mobile payment security detection system provided by an embodiment of the present application, and the mobile payment security detection system described below and the mobile payment security detection method described above may be referred to correspondingly.

Referring to fig. 2, fig. 2 is a block diagram of a mobile payment security detection system provided by an embodiment of the present application, where the mobile payment security detection system provided by the embodiment of the present application includes:

a message receiving module 201, configured to receive a payment security detection message sent by a user terminal; the payment security detection message comprises a payment channel, payment network information, payment merchant information, unique identity information and service identification information;

An information determining module 202, configured to determine, if it is determined that the payment network information security authentication passes, a security authentication analysis tree and a data encryption type based on the payment channel, and determine a node position of the payment merchant information in the security authentication analysis tree based on the service identification information;

the data encryption module 203 is configured to encrypt the payment merchant information with the data encryption type according to the node position in the security authentication analysis tree to obtain security authentication encrypted data;

The data packaging module 204 is configured to package the data encryption type and the unique identity information to obtain first packaged data, and package the security authentication encryption data and the unique identity information to obtain second packaged data;

The data sending module 205 is configured to send the first packed data to a third party payment platform based on a first communication network, and send the second packed data to the third party payment platform based on a second communication network; the first communication network and the second communication network are different communication networks;

The information comparison module 206 is configured to receive a security authentication code returned by the third party payment platform, and compare the security authentication code with a merchant authentication code determined based on the payment merchant information;

the mobile payment security detection module 207 is configured to, if the comparison result is determined to be: and if the security authentication code is consistent with the merchant authentication code, determining that the current payment state is a security state.

The mobile payment safety detection system provided by the embodiment of the application receives a payment safety detection message sent by a user terminal; if the payment network information security authentication is determined to pass, determining a security authentication analysis tree and a data encryption type based on a payment channel, and determining the node position of payment merchant information in the security authentication analysis tree based on service identification information; encrypting payment merchant information in a security authentication analysis tree according to the node position by using a data encryption type to obtain security authentication encryption data; packaging the data encryption type and the unique identity information to obtain first packaged data, and packaging the security authentication encryption data and the unique identity information to obtain second packaged data; transmitting the first packed data to a third party payment platform based on a first communication network, and transmitting the second packed data to the third party payment platform based on a second communication network; receiving a security authentication code returned by the third party payment platform, and comparing the security authentication code with a merchant authentication code determined based on payment merchant information; if the comparison result is determined as follows: and if the security authentication code is consistent with the merchant authentication code, determining that the current payment state is a security state. In the process of mobile payment security detection, the security authentication analysis tree, the data encryption type and the node position are utilized to encrypt the payment merchant information, and the security authentication code returned by the third party payment platform and the merchant authentication code are used for verification, so that the payment merchant information is prevented from being maliciously used and tampered, and the security of the mobile payment security detection is improved.

In one embodiment, the information determination module 202 is further configured to:

In one embodiment, the data encryption module 203 is further configured to:

determining a first order of leaf node positions based on the first average;

In one embodiment, the data encryption module 203 is further configured to:

The specific embodiments of the mobile payment security detection system provided by the application are basically the same as the embodiments of the mobile payment security detection method, and are not described herein.

Fig. 3 illustrates a physical structure diagram of an electronic device, which may include, as shown in fig. 3: processor 310, communication interface (Communication Interface) 320, memory 330 and communication bus 340, wherein processor 310, communication interface 320 and memory 330 communicate with each other via communication bus 340. The processor 310 may call a computer program in the memory 330 to perform the steps of the mobile payment security detection method, including, for example:

Further, the logic instructions in the memory 330 described above may be implemented in the form of software functional units and may be stored in a computer-readable storage medium when sold or used as a stand-alone product. Based on this understanding, the technical solution of the present application may be embodied essentially or in a part contributing to the prior art or in a part of the technical solution, in the form of a software product stored in a storage medium, comprising several instructions for causing a computer device (which may be a personal computer, a server, a network device, etc.) to perform all or part of the steps of the method according to the embodiments of the present application. And the aforementioned storage medium includes: a U-disk, a removable hard disk, a Read-Only Memory (ROM), a random access Memory (RAM, randomAccess Memory), a magnetic disk, an optical disk, or other various media capable of storing program codes.

In another aspect, embodiments of the present application further provide a non-transitory computer readable storage medium, where the non-transitory computer readable storage medium includes a computer program, where the computer program may be stored on the non-transitory computer readable storage medium, and when the computer program is executed by a processor, the computer program may be capable of executing the steps of the mobile payment security detection method provided in the foregoing embodiments, for example, including:

The system embodiments described above are merely illustrative, wherein the elements illustrated as separate elements may or may not be physically separate, and the elements shown as elements may or may not be physical elements, may be located in one place, or may be distributed over a plurality of network elements. Some or all of the modules may be selected according to actual needs to achieve the purpose of the solution of this embodiment. Those of ordinary skill in the art will understand and implement the present invention without undue burden.

From the above description of the embodiments, it will be apparent to those skilled in the art that the embodiments may be implemented by means of software plus necessary general hardware platforms, or of course may be implemented by means of hardware. Based on this understanding, the foregoing technical solution may be embodied essentially or in a part contributing to the prior art in the form of a software product, which may be stored in a computer readable storage medium, such as ROM/RAM, a magnetic disk, an optical disk, etc., including several instructions for causing a computer device (which may be a personal computer, a server, or a network device, etc.) to execute the method described in the respective embodiments or some parts of the embodiments.

Finally, it should be noted that: the above embodiments are only for illustrating the technical solution of the present application, and are not limiting; although the application has been described in detail with reference to the foregoing embodiments, it will be understood by those of ordinary skill in the art that: the technical scheme described in the foregoing embodiments can be modified or some technical features thereof can be replaced by equivalents; such modifications and substitutions do not depart from the spirit and scope of the technical solutions of the embodiments of the present application.

Claims

1. A mobile payment security detection method, comprising:

If the comparison result is determined as follows: the security authentication code is consistent with the merchant authentication code, and the current payment state is determined to be a security state;

The method for determining the security authentication analysis tree and the data encryption type based on the payment channel, and determining the node position of the payment merchant information in the security authentication analysis tree based on the service identification information comprises the following steps:

If the service identification information is determined to be the online shopping platform identification information, determining the node position as a root node position; or if the service identification information is determined to be life service platform identification information, determining the node position to be a leaf node position; or if the service identification information is determined to be the online entertainment platform identification information, determining that the node position is a middle node position which is not a leaf node position and is not a root node position;

Encrypting the payment merchant information in the security authentication analysis tree according to the node position by using the data encryption type to obtain security authentication encryption data, wherein the method comprises the following steps:

Encrypting the first encrypted random number serving as a root node position in the first security authentication analysis tree to obtain security authentication encrypted data;

determining a first order of leaf node positions based on the first average;

The first encrypted random number is used as a leaf node position, and encryption is carried out in the first security authentication analysis tree according to the first sequence, so that security authentication encrypted data are obtained;

Encrypting the third encrypted random number serving as an intermediate node position in the first security authentication analysis tree according to the first branch position to obtain security authentication encrypted data;

Encrypting the first target random number serving as a root node position in the second security authentication analysis tree to obtain security authentication encryption data;

taking the second target random number as a leaf node position, and encrypting in the second security authentication analysis tree according to the second sequence to obtain security authentication encrypted data;

2. A mobile payment security detection system, comprising:

The mobile payment safety detection module is used for determining that if the comparison result is: the security authentication code is consistent with the merchant authentication code, and the current payment state is determined to be a security state;

determining a first order of leaf node positions based on the first average;

3. A non-transitory computer readable storage medium comprising a computer program, wherein the computer program when executed by a processor implements the mobile payment security detection method of claim 1.