CN117479111B - Wi-Fi technology-based offline automatic payment method, system and device - Google Patents
Wi-Fi technology-based offline automatic payment method, system and device Download PDFInfo
- Publication number
- CN117479111B CN117479111B CN202311794243.2A CN202311794243A CN117479111B CN 117479111 B CN117479111 B CN 117479111B CN 202311794243 A CN202311794243 A CN 202311794243A CN 117479111 B CN117479111 B CN 117479111B
- Authority
- CN
- China
- Prior art keywords
- mobile phone
- client
- ptk
- client mobile
- technology
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Active
Links
- 238000000034 method Methods 0.000 title claims abstract description 65
- 238000005516 engineering process Methods 0.000 title claims abstract description 32
- 230000008569 process Effects 0.000 claims description 20
- 238000004891 communication Methods 0.000 claims description 14
- 238000012795 verification Methods 0.000 claims description 13
- 238000012544 monitoring process Methods 0.000 claims description 3
- 238000012790 confirmation Methods 0.000 description 4
- 230000008901 benefit Effects 0.000 description 3
- 230000005540 biological transmission Effects 0.000 description 3
- 238000010586 diagram Methods 0.000 description 2
- RWSOTUBLDIXVET-UHFFFAOYSA-N Dihydrogen sulfide Chemical compound S RWSOTUBLDIXVET-UHFFFAOYSA-N 0.000 description 1
- 230000009286 beneficial effect Effects 0.000 description 1
- 230000008859 change Effects 0.000 description 1
- 238000005538 encapsulation Methods 0.000 description 1
- 238000012986 modification Methods 0.000 description 1
- 230000004048 modification Effects 0.000 description 1
- 238000012545 processing Methods 0.000 description 1
- 238000011084 recovery Methods 0.000 description 1
- 238000006467 substitution reaction Methods 0.000 description 1
Classifications
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04W—WIRELESS COMMUNICATION NETWORKS
- H04W4/00—Services specially adapted for wireless communication networks; Facilities therefor
- H04W4/06—Selective distribution of broadcast services, e.g. multimedia broadcast multicast service [MBMS]; Services to user groups; One-way selective calling services
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06Q—INFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES, NOT OTHERWISE PROVIDED FOR
- G06Q20/00—Payment architectures, schemes or protocols
- G06Q20/08—Payment architectures
- G06Q20/10—Payment architectures specially adapted for electronic funds transfer [EFT] systems; specially adapted for home banking systems
- G06Q20/102—Bill distribution or payments
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06Q—INFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES, NOT OTHERWISE PROVIDED FOR
- G06Q20/00—Payment architectures, schemes or protocols
- G06Q20/30—Payment architectures, schemes or protocols characterised by the use of specific devices or networks
- G06Q20/32—Payment architectures, schemes or protocols characterised by the use of specific devices or networks using wireless devices
- G06Q20/322—Aspects of commerce using mobile devices [M-devices]
- G06Q20/3223—Realising banking transactions through M-devices
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06Q—INFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES, NOT OTHERWISE PROVIDED FOR
- G06Q20/00—Payment architectures, schemes or protocols
- G06Q20/30—Payment architectures, schemes or protocols characterised by the use of specific devices or networks
- G06Q20/32—Payment architectures, schemes or protocols characterised by the use of specific devices or networks using wireless devices
- G06Q20/322—Aspects of commerce using mobile devices [M-devices]
- G06Q20/3224—Transactions dependent on location of M-devices
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06Q—INFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES, NOT OTHERWISE PROVIDED FOR
- G06Q20/00—Payment architectures, schemes or protocols
- G06Q20/30—Payment architectures, schemes or protocols characterised by the use of specific devices or networks
- G06Q20/32—Payment architectures, schemes or protocols characterised by the use of specific devices or networks using wireless devices
- G06Q20/325—Payment architectures, schemes or protocols characterised by the use of specific devices or networks using wireless devices using wireless networks
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06Q—INFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES, NOT OTHERWISE PROVIDED FOR
- G06Q20/00—Payment architectures, schemes or protocols
- G06Q20/38—Payment protocols; Details thereof
- G06Q20/382—Payment protocols; Details thereof insuring higher security of transaction
- G06Q20/3821—Electronic credentials
- G06Q20/38215—Use of certificates or encrypted proofs of transaction rights
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06Q—INFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES, NOT OTHERWISE PROVIDED FOR
- G06Q20/00—Payment architectures, schemes or protocols
- G06Q20/38—Payment protocols; Details thereof
- G06Q20/40—Authorisation, e.g. identification of payer or payee, verification of customer or shop credentials; Review and approval of payers, e.g. check credit lines or negative lists
- G06Q20/401—Transaction verification
- G06Q20/4015—Transaction verification using location information
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04W—WIRELESS COMMUNICATION NETWORKS
- H04W12/00—Security arrangements; Authentication; Protecting privacy or anonymity
- H04W12/03—Protecting confidentiality, e.g. by encryption
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04W—WIRELESS COMMUNICATION NETWORKS
- H04W12/00—Security arrangements; Authentication; Protecting privacy or anonymity
- H04W12/04—Key management, e.g. using generic bootstrapping architecture [GBA]
- H04W12/041—Key generation or derivation
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04W—WIRELESS COMMUNICATION NETWORKS
- H04W12/00—Security arrangements; Authentication; Protecting privacy or anonymity
- H04W12/04—Key management, e.g. using generic bootstrapping architecture [GBA]
- H04W12/043—Key management, e.g. using generic bootstrapping architecture [GBA] using a trusted network node as an anchor
- H04W12/0431—Key distribution or pre-distribution; Key agreement
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04W—WIRELESS COMMUNICATION NETWORKS
- H04W12/00—Security arrangements; Authentication; Protecting privacy or anonymity
- H04W12/12—Detection or prevention of fraud
- H04W12/121—Wireless intrusion detection systems [WIDS]; Wireless intrusion prevention systems [WIPS]
- H04W12/122—Counter-measures against attacks; Protection against rogue devices
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04W—WIRELESS COMMUNICATION NETWORKS
- H04W4/00—Services specially adapted for wireless communication networks; Facilities therefor
- H04W4/02—Services making use of location information
- H04W4/029—Location-based management or tracking services
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04W—WIRELESS COMMUNICATION NETWORKS
- H04W4/00—Services specially adapted for wireless communication networks; Facilities therefor
- H04W4/30—Services specially adapted for particular environments, situations or purposes
Abstract
The invention relates to the field of offline payment, and discloses an offline automatic payment method based on Wi-Fi technology, which comprises the following steps: step 1: the AP broadcasts first data; step 2: the AP encrypts Anonce by adopting the first PTK to generate M1 and sends the M1 to the client mobile phone; step 3: the AP receives M2, wherein the M2 contains a payment code encrypted by a second PTK and Snonce; the second PTK is generated by a client mobile phone through sign information of the client mobile phone and Anonce, snonce; step 4: the AP adopts the second PTK to decrypt the payment code, and adopts the decrypted payment code to pay, and the AP and the client mobile phone respectively use the second PTK to replace the first PTK for storage. The method can realize that the consumer pays under the condition of no network or does not need to take out the mobile phone to operate and pay, and the AP can send a plurality of beacon broadcast packets in a short time, so that a large amount of automatic and rapid payment is realized; meanwhile, the invention also discloses an offline automatic payment device and system based on the Wi-Fi technology.
Description
Technical Field
The invention relates to the field of offline payment, in particular to an offline automatic payment method, system and device based on Wi-Fi technology.
Background
At present, after goods are scanned, a mobile phone needs to be taken out to highlight a WeChat or pay a bank to pay two-dimension codes, so that queuing is needed, or surfing the internet is needed, or a payment code needs to be opened. In addition, at the gas station, the oil is charged up to the business hall for payment, and the payment is not completed rapidly. Meanwhile, the method can be completed only by surfing the internet or taking out the mobile phone to open the corresponding WeChat or pay treasures.
In modern life, payment is popular through two-dimensional codes, which include a cash register and a payment code. However, the user needs to confirm the payment by using the mobile phone, and when the shopping amount is large and the user cannot vacate the hand to pay, the shopping experience of the user is reduced. The existing noninductive payment uses human body characteristics such as human faces or fingerprints to confirm the payment, and human body characteristics of individuals are easy to leak. Therefore, there is a need to devise a payment method that can be paid quickly and easily without revealing the personal characteristics of the individual.
CN101308559a discloses a WI-FI mobile phone payment terminal, a payment method and a system thereof, the system comprises: the system comprises a payer mobile phone terminal, a paid party mobile phone terminal and a bank mobile payment server, wherein the paid party mobile phone terminal is used for sending a payment request to the payer mobile phone terminal through a WI-FI signal; the mobile phone terminal of the payer is used for receiving the payment request and sending a payment instruction to the mobile payment server of the bank according to the payment request; and the bank mobile payment server receives the payment request, processes related accounting information and sends an operation result to the mobile phone terminal of the paid party and the mobile phone terminal of the paying party. The Wi-Fi is used for sending the bill information to the mobile phone, and the mobile phone is used for confirming and paying, so that input information is reduced, but the mobile phone is required to pay, and the user cannot vacate hands for confirmation, so that the user experience is possibly reduced.
The technical problems to be solved by the invention are as follows: how to pay without network or without taking out the mobile phone operation, and can automatically and quickly pay in large batches at the same time.
Disclosure of Invention
The invention mainly aims to provide an offline automatic payment method based on Wi-Fi technology, which is characterized in that consumption information of each consumer is continuously broadcast by utilizing a beacon broadcast packet of Wi-Fi, the consumer obtains a bill according to a unique temporary PTK of the mobile phone of the consumer, and a payment two-dimensional code is sent by 4-Way Handshake encryption so as to realize payment under the condition of no network or without taking out the mobile phone for operation payment, and an AP can send a plurality of beacon broadcast packets in a short time so as to realize automatic and rapid payment in a large batch.
In order to achieve the above purpose, the technical scheme adopted in the application is as follows:
an offline automatic payment method based on Wi-Fi technology comprises the following steps:
step 1: the AP broadcasts first data; the first data contains a consumption bill of a client mobile phone; when the client mobile phone receives the first data and verifies that the MIC passes, a consumption bill is obtained, and 4-Way Handshake offline connection with the AP is started;
step 2: the AP encrypts Anonce by adopting the first PTK to generate M1 and sends the M1 to the client mobile phone; the client mobile phone adopts a first PTK to decrypt M1 to obtain Anonce; the first PTK is generated by negotiating between the AP and the client mobile phone in the last 4-Way handle process;
step 3: the AP receives M2, wherein the M2 contains a payment code encrypted by a second PTK and Snonce; the second PTK is generated by a client mobile phone through sign information of the client mobile phone and Anonce, snonce; the mark information of the client mobile phone is pre-stored in the AP;
step 4: the AP decrypts the payment code using the second PTK and pays using the decrypted payment code.
It should be noted that: 4-Way Handshake: the process called four-way handshake is a process of wireless connection between a mobile phone and an AP through Wi-Fi, and specifically comprises the following steps: the AP and STA each know the password before 4-Way Handshake. At 1/4, the AP transmits own random number (Anonce) to the hand STA, and the STA can generate the PTK after receiving the Anonce; at 2/4, the STA transmits its own random number (Snonce) to the AP, with the MIC (i.e., key confirmation key) added. After receiving Snonce, the AP can generate a PTK, compare the received MIC with its own MIC to perform integrity check, and if the check fails, handshake fails. The verification is successful, the AP generates PTK and GTK (GroupTransient Key, used for encrypting multicast and broadcast); at 3/4, the AP sends the GTK and the MIC to the STA together; at 4/4, the STA sends an ACK for acknowledgement.
And (3) STA: each connected to a terminal in the wireless network, such as: notebook computers, cell phones, and other user devices that can be networked.
AP: the wireless access point is a creator of a wireless network and is a central node of the network. A wireless router used in a general home or office is an AP, and a device capable of turning on a Wi-Fi hotspot is also an AP.
Anonce: the AP generates a random number.
Snonce: a random number generated by the STA.
PTK: the transmission key is used for encrypting and decrypting unicast data frames.
BSSID: an identifier for device identification.
Beacon: the beacon frame is sent out periodically by the AP at certain time intervals so as to tell the outside that the wireless network exists.
MIC: the key confirmation key is used for verification.
GTK: groupTransient Key for encrypting multicast and broadcast.
Preferably, the sign information of the client mobile phone is a mobile phone number and a BSSID of the mobile phone.
Preferably, the verification method in step 1 is as follows: the AP encrypts a consumption bill by adopting a first PTK; the client handset decrypts using the first PTK.
Preferably, if the first shopping is first shopping, the electronic shopping card needs to be transacted, and the specific flow is as follows: the AP encrypts second data by adopting the mark information of the client mobile phone and broadcasts the second data; the second data includes a merchant-BSSID and a merchant name; when the client mobile phone decrypts the second data by adopting the mark information, the AP-BSSID and the merchant name are acquired, and the merchant information needs to be stored so as to be used by the chain merchants. And initiates a 4-Way handoff offline connection with the AP, generating a first PTK.
Preferably, the method further comprises step 5: the AP monitors the position of the client through the positioning of the client mobile phone, and judges whether the client pays when the client leaves.
Preferably, the method further comprises step 6: the AP scans other surrounding APs and judges whether the other APs have the AP-BSSID conflict.
Preferably, if the merchant is a chain merchant, the plurality of APs share the client cell phone information and the first PTK; the client mobile phone information comprises a mobile phone number and a BSSID of the mobile phone;
the step 1: the AP broadcasts first data; the first data contains a consumption bill of a client mobile phone and an original AP-BSSID; when the client mobile phone receives the first data and verifies that the MIC passes, a consumption bill and an original AP-BSSID are obtained, the original AP-BSSID is verified to pass, and 4-Way Handshake off-line connection between the client mobile phone and the AP is started.
The offline automatic payment device based on Wi-Fi technology comprises the following units:
broadcasting unit: for broadcasting the first data; the first data contains a consumption bill of a client mobile phone; when the client mobile phone receives the first data and verifies that the MIC passes, a consumption bill is obtained, and 4-Way Handshake offline connection with the AP is started;
m1 generation unit: the method comprises the steps of encrypting Anonce by using a first PTK to generate M1 and sending the M1 to a client mobile phone; the client mobile phone adopts a first PTK to decrypt M1 to obtain Anonce; the first PTK is generated by negotiating between the AP and the client mobile phone in the last 4-Way handle process;
m2 receiving unit: the method comprises the steps of receiving M2, wherein the M2 contains a payment code encrypted by a second PTK and Snonce; the second PTK is generated by a client mobile phone through sign information of the client mobile phone and Anonce, snonce; the mark information of the client mobile phone is pre-stored in the AP;
collection unit: the method comprises the steps of decrypting the payment code by using a second PTK, and paying by using the decrypted payment code;
the broadcasting unit, the M1 generating unit, the M2 receiving unit and the collecting unit are sequentially in communication connection.
Preferably, the method further comprises:
a positioning unit: the system is used for monitoring the position of the client through the positioning of the mobile phone of the client, and judging whether the client pays when the client leaves;
the positioning unit is in communication connection with the collection unit.
Preferably, the method further comprises:
a scanning unit: the method is used for scanning other surrounding APs and judging whether the other APs have AP-BSSID collision or not;
the scanning unit is in communication with the positioning unit.
Preferably, the method further comprises:
sharing unit: the method comprises the steps that a plurality of APs share client mobile phone information and a first PTK; the client mobile phone information comprises a mobile phone number and a BSSID of the mobile phone;
the sharing unit is in communication with the scanning unit.
The offline automatic payment system based on Wi-Fi technology comprises the device as set forth in any one of 7-11 and a client mobile phone; the client mobile phone is in communication connection with the device.
Preferably, the plurality of devices are communicatively connected.
Compared with the prior art, the scheme has the following beneficial effects:
1. according to the offline automatic payment method based on the Wi-Fi technology, the beacon broadcast packet is skillfully utilized, and consumption information of each consumption is broadcast continuously. And the information of one customer of each beacon envelope belt, the customer information of each beacon is encrypted through different PTKs, and the security is strong just like each vehicle-mounted transporting different goods. If the client decrypts successfully, the beacon packet information contains a bill of the client, and the client mobile phone sends a payment two-dimensional code to the AP for payment through offline 4-Way transaction encryption, so that payment under the condition of no network is realized or the mobile phone operation payment does not need to be taken out. The beacon interval is set to 10 ms, and one beacon is broadcast for 10 ms, so that there are 100 beacons in 1 second. So 100 customer bills can be processed simultaneously in one second. If the market is relatively large, several APs may be used, but at different frequencies. E.g. 2.4G has 13 channels, so that 100 x 13 = 1600 bills are processed per second. The speed of processing bills at the same time is greatly improved.
2. The offline automatic payment method based on the Wi-Fi technology has higher security, and a service area accessory can appear in a fake AP, so that legal APs often scan whether surrounding APs have BSSID conflicts. If there is a conflict, the merchant can alert the public security bureau and locate the offending AP. If the same client mobile phone receives the illegal bill, the merchant can be notified to alarm. In order to confirm the legal information of the merchant, the first card handling needs to click the mobile phone to confirm the information of the merchant, and the legal AP and the legal merchant are confirmed. Secondly, when the mobile phone is consumed in different places, the client mobile phone enters the range of the AP, and the AP searches through the cloud platform to know that the client mobile phone roams. The Beacon packet contains the AP-BSSID at the time of client registration, indicating a legal bill. The Wi-Fi quick automatic fee deduction process can be consumed according to the local process, so that the situation that each user needs to transact an electronic shopping card is avoided, and the shopping experience of a client is improved.
3. The offline automatic payment method based on the Wi-Fi technology can track whether the fee deduction is successful through the Wi-Fi positioning system so as to remind a customer of unsuccessful payment or alarm escape behavior, and the benefit of a merchant is protected.
Drawings
FIG. 1 is a flow chart of an off-line automatic payment method of embodiment 1;
FIG. 2 is a flowchart of an example 14-Way Handshake offline connection;
FIG. 3 is a block diagram of an offline automatic payment device of embodiment 2;
fig. 4 is a block diagram of an offline automatic payment system of embodiment 3.
Detailed Description
For the purposes of making the objects, technical solutions and advantages of the embodiments of the present application more clear, the technical solutions in the embodiments of the present application will be clearly and completely described below with reference to the drawings in the embodiments of the present application, and it is apparent that the described embodiments are some embodiments of the present application, but not all embodiments. The components of the implementations of the present application, which are generally described and illustrated in the figures herein, may be arranged and designed in a wide variety of different configurations.
Example 1
Referring to fig. 1, an offline automatic payment method based on Wi-Fi technology includes the steps of:
step 1: the AP broadcasts first data; the first data contains a consumption bill of a client mobile phone; when the client mobile phone receives the first data and passes verification, acquiring a consumption bill, and starting 4-Way Handshake off-line connection with the AP;
when step 1 is performed, wi-Fi connection is already established between the AP and the client handset at the time of last shopping by the client. Because the AP and the client mobile phone have established offline Wi-Fi connection, the AP and the client mobile phone both store the first PTK. After the client mobile phone receives the first data, the authentication method of the client mobile phone to the first data comprises the following steps: the AP encrypts a consumption bill by adopting a first PTK; the client mobile phone adopts a first PTK to decrypt; if the first data can be decrypted and the calculated MIC is verified to be correct, the consumption bill is proved to be the self bill of the client, and the mobile phone of the client obtains the consumption bill. MIC is part of PTK used for integrity verification during data transmission.
If the client and the mall have never established Wi-Fi offline connection, authentication should be performed, more generally, electronic shopping card transaction should be performed, and the specific process is as follows: the AP encrypts second data by adopting the mark information of the client mobile phone and broadcasts the second data; the most primitive second PTK is implemented directly as the negotiated handset number plus the padding value. The second data comprises an AP-BSSID and a merchant name; when the mobile phone of the client adopts the mark information to decrypt the second data, obtain the basic information of the merchant, and start the 4-Way Handshake off-line connection with the AP, use the mobile phone number to replace the inherent password of the AP, when the AP receives M2, verify that the MIC is wrong according to the inherent password in the normal flow, and the mobile phone number verifies that the MIC is correct at the moment, therefore, only the first PTK is generated, and the PTK is not installed to be used as Wi-Fi data encryption.
In this process, the validity of the second data in the beacon of the AP needs to be confirmed. The AP encrypts the second data using the client's handset number plus pad 1. After the second data is received by the client mobile phone, the second data is decrypted by the mobile phone number of the client mobile phone, and after the decryption of the client mobile phone is successful, the mobile phone automatically pops up and confirms the information of the merchant. After the merchant information is confirmed to be correct, the AP-BSSID, the merchant name and the merchant telephone number are stored after the customer clicks the mobile phone to confirm, the AP-BSSID, the merchant name, the merchant telephone number and the first PTK can be stored on the SIM card of the customer mobile phone by the customer mobile phone, and can also be uploaded to a two-dimension code payment platform, such as a WeChat or a payment bank, and the two-dimension code payment platform can be used as recovery data when the customer replaces the mobile phone or the SIM card. The AP stores the BSSID of the mobile phone, the corresponding mobile phone number and the corresponding first PTK into an AP data table. Therefore, the legal APs and merchants are known in the subsequent shopping, and other people are prevented from stealing the payment two-dimension codes of the clients.
Step 2: the AP encrypts Anonce by adopting the first PTK to generate M1 and sends the M1 to the client mobile phone; the client mobile phone adopts a first PTK to decrypt M1 to obtain Anonce; the first PTK is generated by negotiating between the AP and the client mobile phone in the last 4-Way handle process;
the first PTK at this time is the first PTK when the electronic shopping card is first handled or the second PTK stored by the AP and the client mobile phone during the last offline connection process of the AP and the client mobile phone in the 4-Way Handshake.
Step 3: the AP receives M2, wherein the M2 contains a payment code encrypted by a second PTK, and the payment code is plugged into key-data and Snonce; the second PTK is generated by a client mobile phone through sign information of the client mobile phone and Anonce, snonce; the mark information of the client mobile phone is pre-stored in the AP; the key-data attribute is a custom attribute of the second data (M2 packet) that can store information.
The second PTK is generated by using the logo information of the client phone and Anonce, snonce in the 4-Way Handshake process. The client handset encrypts M2 using the save second PTK and saves the second PTK. In addition, the change of the BSSID of the mobile phone is caused by the replacement of the mobile phone, so if the BSSID of the mobile phone is changed, the old BSSID needs to be contained in Snonce, that is, snonce is generated by adding 26 bytes generated randomly to 6 bytes of the BSSID of the old mobile phone. The AP thus knows whether the current handset has updated the BSSID of the new handset.
Step 4: the AP decrypts the payment code using the second PTK and pays using the decrypted payment code.
After the AP receives M2, the AP verifies the MIC of M2 using the first PTK stored before. After the verification fails, the AP searches the corresponding phone number according to the BSSID of the mobile phone, calculates a second PTK in combination with Anonce, snonce, and verifies the MIC using the second PTK. After verification is correct, the second PTK is used for replacing the first PTK for storage, and a payment code is acquired for payment. If the current mobile phone updates the BSSID of the new mobile phone, the AP stores the BSSID of the new mobile phone.
Preferably, the sign information of the client mobile phone is a mobile phone number.
Preferably, the method further comprises step 5: the AP monitors the position of the client through the positioning of the client mobile phone, and judges whether the client pays when the client leaves.
In this embodiment, the positioning system of the mobile phone of the client will assist positioning through the AP, and at this time, the AP monitors that the client enters the service range of the AP. If the client mobile phone does not send the payment two-dimensional code, or the AP deduction fails. When the client mobile phone is about to leave the mall, the AP sends alarm information to prompt which client has no purchase order, and the client mobile phone also prompts that the payment is not paid through the mobile phone, so that the benefits of the merchant and the client are ensured.
Preferably, the method further comprises step 6: the AP scans other surrounding APs and judges whether the other APs have the AP-BSSID conflict.
In this embodiment, in order to improve security, some false APs may appear, so a legitimate AP should constantly scan surrounding APs for AP-BSSID collisions. If there is a conflict, the merchant can alert the public security bureau and locate the offending AP. If the same client mobile phone receives the illegal bill, the merchant can be notified to alarm. In order to confirm the legal information of the merchant, the first card handling needs to click the mobile phone to confirm the information of the merchant, and the legal AP and the legal merchant are confirmed.
Preferably, if the merchant is a chain merchant, the plurality of APs share the client cell phone information and the first PTK; the client mobile phone information comprises a mobile phone number and a BSSID of the mobile phone;
when the chain merchant consumes, the client mobile phone enters the range of the AP, and the AP searches through the cloud platform to know that the client mobile phone roams. The Beacon packet contains the AP-BSSID at the time of client registration, indicating a legal bill. The Wi-Fi quick automatic deduction flow can be consumed according to the local flow.
Aiming at the situation that a client mobile phone roams to another chain merchant, the beacon encapsulation band of the AP is an AP-BSSID (access point-base station service identifier) with the ID of 0x4 when the registration is carried out, if the client mobile phone discovers a new AP, the client mobile phone traverses all first PTKs, and if the old AP-BSSID corresponding to the new AP can be found, the client is proved to roam to another AP of the same merchant. If the own bill is found, the client handset will select this AP-BSSID for authentication association. Therefore, the payment can be carried out without multiple registration in the chain merchant, and the shopping experience of the customer is improved.
Referring to fig. 2, it should be noted that the 4-Way handle offline connection does not install a PTK or acquire an IP. Whereas Anonce for installing M1 is in encrypted form. When M1 is received by the mobile phone, anonce is calculated by using the stored PTK. And in the M2 process, the mobile phone number is used as a password to generate a new PTK, and the key-data is encrypted by a payment code. When the AP receives M2, the MIC of M2 is verified to be wrong according to the normal 4-Way Handshake connection. Thus, the client mobile phone number is searched, a new PTK is generated by using the client mobile phone number, and the verified MIC is opposite. Therefore, when the AP sends M3, the first two bits of the first reserved of the key information of M3 are used to fill in 10, and write 1 in the error column, which indicates that the PTK cannot be installed, and is a 4-Way handle offline connection. The same holds true for M4. Through the offline connection of the 4-Way Handshake, the AP and the mobile phone perform data transmission in the process of holding the hand, and are not connected with the AP in a network manner. Specifically, the AP and the mobile phone utilize data exchange in the four-way handshake verification process, and finally the PTK is saved but not installed, so that WiFi connection between the AP and the mobile phone is unsuccessful, and the payment can be realized without connecting WiFi of a mall. The normal Wi-Fi functions of the AP and the handset remain.
Example 2
Referring to fig. 3, an offline automatic payment device based on Wi-Fi technology includes the following units:
broadcasting unit: for broadcasting the first data; the first data contains a consumption bill of a client mobile phone; when the client mobile phone receives the first data and passes verification, acquiring a consumption bill, and starting 4-Way Handshake connection with the AP;
m1 generation unit: the method comprises the steps of encrypting Anonce by using a first PTK to generate M1 and sending the M1 to a client mobile phone; the client mobile phone adopts a first PTK to decrypt M1 to obtain Anonce; the first PTK is generated by negotiating between the AP and the client mobile phone in the last 4-Way handle process;
m2 receiving unit: the method comprises the steps of receiving M2, wherein the M2 contains a payment code encrypted by a second PTK and Snonce; the second PTK is generated by a client mobile phone through sign information of the client mobile phone and Anonce, snonce; the mark information of the client mobile phone is pre-stored in the AP;
collection unit: for decrypting the payment code using the second PTK and making a payment using the decrypted payment code. Meanwhile, a new second PTK of the client mobile phone is prompted to belong to off-line connection, the mobile phone number is not required to be stored as a universal password, and special values can be assigned to prompt through reserved and error bits;
a positioning unit: the system is used for monitoring the position of the client through the positioning of the mobile phone of the client, and judging whether the client pays when the client leaves;
a scanning unit: the method is used for scanning other surrounding APs and judging whether the other APs have AP-BSSID collision or not;
sharing unit: the method comprises the steps that a plurality of APs share client mobile phone information and a first PTK; the client mobile phone information comprises a mobile phone number and a BSSID of the mobile phone.
In this embodiment, the broadcasting unit, the M1 generating unit, the M2 receiving unit, the collecting unit, the positioning unit, the scanning unit, and the sharing unit are sequentially connected in communication. After the broadcasting unit broadcasts the first data, the client mobile phone sends out a 4-Way Handshake offline connection request, and the broadcasting unit sends the 4-Way Handshake offline connection request information to the M1 generation unit. The M1 generating unit encrypts Anonce by using the first PTK to generate M1, sends the M1 to the client mobile phone and sends information to the M2 receiving unit to remind the client mobile phone to receive M2. The M2 receiving unit receives M2 and transmits M2 to the collecting unit. The payment receiving unit decrypts the payment code and makes payment. The collecting unit sends the successful payment information to the positioning unit, and the positioning unit sends the consumption bill to the mobile phone of the client when the client leaves. The scanning unit scans nearby APs, when illegal APs appear, information is sent to a merchant, and the AP-BSSID of the AP is the illegal AP if the AP-BSSID is not on a list of the merchant. And the plurality of sharing units are interconnected through the Internet or a local area network to mutually share the client mobile phone information and the first PTK, so that each AP can have all the client mobile phone information and the corresponding first PTK.
Example 3
Referring to fig. 4, an offline automatic payment system based on Wi-Fi technology includes the above device and a client mobile phone; the client mobile phone is in communication connection with the device, and the devices are in communication connection.
The payment code is sent to the offline automatic payment device for payment through the process of 4-Way Handshake authentication association between the client mobile phone and the offline automatic payment device, and in the process, the client can safely and rapidly pay without taking out the mobile phone for confirmation, so that the shopping experience of the client is improved.
Different merchants in the chain merchants can share the mobile phone number of the customer, the BSSID of the mobile phone and the first PTK through the sharing unit among the devices, so that payment can be carried out in the chain merchants without multiple registration, and shopping experience of the customer is improved.
While embodiments of the present invention have been shown and described, it will be understood by those of ordinary skill in the art that: many changes, modifications, substitutions and variations may be made to the embodiments without departing from the spirit and principles of the invention, the scope of which is defined by the claims and their equivalents.
Claims (13)
1. An offline automatic payment method based on Wi-Fi technology is characterized by comprising the following steps:
step 1: the AP broadcasts first data; the first data contains a consumption bill of a client mobile phone; when the client mobile phone receives the first data and passes verification, acquiring a consumption bill, and starting 4-Way Handshake off-line connection with the AP;
step 2: the AP encrypts Anonce by adopting the first PTK to generate M1 and sends the M1 to the client mobile phone; the client mobile phone adopts a first PTK to decrypt M1 to obtain Anonce; the first PTK is generated by negotiating between the AP and the client mobile phone in the last 4-Way handle process;
step 3: the AP receives M2, wherein the M2 contains a payment code encrypted by a second PTK and Snonce; the second PTK is generated by a client mobile phone through sign information of the client mobile phone and Anonce, snonce; the mark information of the client mobile phone is pre-stored in the AP;
step 4: the AP adopts the second PTK to decrypt the payment code, and adopts the decrypted payment code to pay, and the AP and the client mobile phone respectively use the second PTK to replace the first PTK for storage.
2. The offline automatic payment method based on Wi-Fi technology of claim 1, wherein the sign information of the client mobile phone is a mobile phone number and a BSSID of the mobile phone.
3. The offline automatic payment method based on Wi-Fi technology according to claim 1, wherein the verification method in step 1 is: the AP encrypts a consumption bill by adopting a first PTK; the client handset decrypts using the first PTK.
4. The offline automatic payment method based on Wi-Fi technology according to claim 1, wherein if the electronic shopping card is required to be transacted for the first shopping, the specific flow is as follows: the AP encrypts second data by adopting the mark information of the client mobile phone and broadcasts the second data; the second data comprises an AP-BSSID and a merchant name; and when the client mobile phone adopts the mark information to decrypt the second data, the AP-BSSID and the merchant name are obtained, the client needs to confirm the merchant information for the first time, and the 4-Way Handshake off-line connection with the AP is started.
5. The offline automatic payment method based on Wi-Fi technology according to claim 1, further comprising step 5: the AP monitors the position of the client through the positioning of the client mobile phone, and judges whether the client pays when the client leaves.
6. The offline automatic payment method based on Wi-Fi technology according to claim 1, further comprising step 6: the AP scans other surrounding APs and judges whether the other APs have the AP-BSSID conflict.
7. The Wi-Fi technology-based offline automatic payment method of claim 4, wherein if the merchant is a chain merchant, the plurality of APs share the customer cell phone information and the first PTK; the client mobile phone information comprises a mobile phone number and a BSSID of the mobile phone;
the step 1: the AP broadcasts first data; the first data contains a consumption bill of a client mobile phone and an original AP-BSSID; when the client mobile phone receives the first data and passes verification, a consumption bill and an original AP-BSSID are obtained, the original AP-BSSID is verified to pass, and 4-Way Handshake off-line connection between the client mobile phone and the AP is started.
8. An offline automatic payment device based on Wi-Fi technology, which is characterized by comprising the following units:
broadcasting unit: for broadcasting the first data; the first data contains a consumption bill of a client mobile phone; when the client mobile phone receives the first data and passes verification, acquiring a consumption bill, and starting 4-Way Handshake off-line connection with the AP;
m1 generation unit: the method comprises the steps of encrypting Anonce by using a first PTK to generate M1 and sending the M1 to a client mobile phone; the client mobile phone adopts a first PTK to decrypt M1 to obtain Anonce; the first PTK is generated by negotiating between the AP and the client mobile phone in the last 4-Way handle process;
m2 receiving unit: the method comprises the steps of receiving M2, wherein the M2 contains a payment code encrypted by a second PTK and Snonce; the second PTK is generated by a client mobile phone through sign information of the client mobile phone and Anonce, snonce; the mark information of the client mobile phone is pre-stored in the AP;
collection unit: for decrypting the payment code using the second PTK and for making a payment using the decrypted payment code,
the broadcasting unit, the M1 generating unit, the M2 receiving unit and the collecting unit are sequentially in communication connection.
9. The Wi-Fi technology-based offline automatic payment device of claim 8, further comprising:
a positioning unit: the system is used for monitoring the position of the client through the positioning of the mobile phone of the client, and judging whether the client pays when the client leaves;
the positioning unit is in communication connection with the collection unit.
10. The Wi-Fi technology-based offline automatic payment device of claim 8, further comprising:
a scanning unit: the method is used for scanning other surrounding APs and judging whether the other APs have AP-BSSID collision or not;
the scanning unit is in communication with the positioning unit.
11. The Wi-Fi technology-based offline automatic payment device of claim 8, further comprising:
sharing unit: the method comprises the steps that a plurality of APs share client mobile phone information and a first PTK; the client mobile phone information comprises a mobile phone number and a BSSID of the mobile phone;
the sharing unit is in communication with the scanning unit.
12. An offline automatic payment system based on Wi-Fi technology, comprising an offline automatic payment device based on Wi-Fi technology as claimed in any one of claims 8 to 11 and a customer mobile phone; the client mobile phone is in communication connection with an offline automatic payment device based on Wi-Fi technology.
13. The Wi-Fi technology-based offline automatic payment system of claim 12, wherein the number of Wi-Fi technology-based offline automatic payment devices is a plurality of times; and communication connection between off-line automatic payment devices based on Wi-Fi technology.
Priority Applications (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN202311794243.2A CN117479111B (en) | 2023-12-25 | 2023-12-25 | Wi-Fi technology-based offline automatic payment method, system and device |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN202311794243.2A CN117479111B (en) | 2023-12-25 | 2023-12-25 | Wi-Fi technology-based offline automatic payment method, system and device |
Publications (2)
| Publication Number | Publication Date |
|---|---|
| CN117479111A CN117479111A (en) | 2024-01-30 |
| CN117479111B true CN117479111B (en) | 2024-03-22 |
Family
ID=89635001
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN202311794243.2A Active CN117479111B (en) | 2023-12-25 | 2023-12-25 | Wi-Fi technology-based offline automatic payment method, system and device |
Country Status (1)
| Country | Link |
|---|---|
| CN (1) | CN117479111B (en) |
Citations (4)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN109215219A (en) * | 2018-09-11 | 2019-01-15 | 新锐泰乐(北京)科技有限公司 | Automatic vending machine is improved to make an inventory the method and system of speed |
| CN111344727A (en) * | 2017-12-12 | 2020-06-26 | 联想(新加坡)私人有限公司 | Providing network access using blockchain payments |
| CN113496404A (en) * | 2020-04-08 | 2021-10-12 | 腾讯科技(深圳)有限公司 | Payment code updating method and device, computer equipment and storage medium |
| CN114006692A (en) * | 2020-07-16 | 2022-02-01 | 腾讯科技(深圳)有限公司 | Data transmission method and device, computer equipment and storage medium |
-
2023
- 2023-12-25 CN CN202311794243.2A patent/CN117479111B/en active Active
Patent Citations (4)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN111344727A (en) * | 2017-12-12 | 2020-06-26 | 联想(新加坡)私人有限公司 | Providing network access using blockchain payments |
| CN109215219A (en) * | 2018-09-11 | 2019-01-15 | 新锐泰乐(北京)科技有限公司 | Automatic vending machine is improved to make an inventory the method and system of speed |
| CN113496404A (en) * | 2020-04-08 | 2021-10-12 | 腾讯科技(深圳)有限公司 | Payment code updating method and device, computer equipment and storage medium |
| CN114006692A (en) * | 2020-07-16 | 2022-02-01 | 腾讯科技(深圳)有限公司 | Data transmission method and device, computer equipment and storage medium |
Non-Patent Citations (1)
| Title |
|---|
| 一种基于WAP2.0的移动安全支付协议架构;宋珊珊;;计算机系统应用;20071215(12);全文 * |
Also Published As
| Publication number | Publication date |
|---|---|
| CN117479111A (en) | 2024-01-30 |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| KR100922906B1 (en) | Bootstrapping authentication using distinguished random challenges | |
| KR101044210B1 (en) | Certificate based authentication authorization accounting scheme for loose coupling interworking | |
| US9047444B2 (en) | Mobile application registration | |
| EP1430640B1 (en) | A method for authenticating a user in a terminal, an authentication system, a terminal, and an authorization device | |
| JP3105361B2 (en) | Authentication method in mobile communication system | |
| EP1886438B1 (en) | Method for inclusive authentication and management of service provider, terminal and user identity module, and system and terminal device using the method | |
| US7319757B2 (en) | Wireless communication device and method for over-the-air application service | |
| US20100173609A1 (en) | Method and Apparatus for Secure Immediate Wireless Access in a Telecommunications Network | |
| EP1434407A1 (en) | Radio communication system, shared key management server and terminal | |
| AU5718599A (en) | Efficient authentication with key update | |
| EP2756699A1 (en) | Wireless communication using concurrent re-authentication and connection setup | |
| CN101167388A (en) | Limited supply access to mobile terminal features | |
| JP2002058066A (en) | Short-range radio access and method for performing short-range radio commercial transaction between hybrid radio terminal and service terminal through interface for corresponding service terminal | |
| CN105493115A (en) | Processing electronic tokens | |
| US9788202B2 (en) | Method of accessing a WLAN access point | |
| JP4536934B2 (en) | Authentication method for cellular communication system | |
| JP2008042862A (en) | Wireless lan communication system, method thereof and program | |
| JP2006050523A (en) | Authentication vector generation device, subscriber authentication module, mobile communication system, authentication vector generation method, calculation method, and subscriber authentication method | |
| KR20160143333A (en) | Method for Double Certification by using Double Channel | |
| US20080031214A1 (en) | GSM access point realization using a UMA proxy | |
| US8635667B2 (en) | Electronic apparatus and terminal | |
| WO2000024218A1 (en) | A method and a system for authentication | |
| CN117479111B (en) | Wi-Fi technology-based offline automatic payment method, system and device | |
| US20050102519A1 (en) | Method for authentication of a user for a service offered via a communication system | |
| CN104182867B (en) | Order sending method, method of reseptance, dispensing device, reception device and system |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| PB01 | Publication | ||
| PB01 | Publication | ||
| SE01 | Entry into force of request for substantive examination | ||
| SE01 | Entry into force of request for substantive examination | ||
| GR01 | Patent grant | ||
| GR01 | Patent grant |