CN117575762A - Method, system, equipment and medium for transacting banking business based on outgoing equipment - Google Patents
Method, system, equipment and medium for transacting banking business based on outgoing equipment Download PDFInfo
- Publication number
- CN117575762A CN117575762A CN202311571930.8A CN202311571930A CN117575762A CN 117575762 A CN117575762 A CN 117575762A CN 202311571930 A CN202311571930 A CN 202311571930A CN 117575762 A CN117575762 A CN 117575762A
- Authority
- CN
- China
- Prior art keywords
- message
- server
- dmz
- api platform
- outgoing
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Pending
Links
- 238000000034 method Methods 0.000 title claims abstract description 58
- 238000012545 processing Methods 0.000 claims abstract description 28
- 230000008569 process Effects 0.000 claims abstract description 9
- 238000004590 computer program Methods 0.000 claims description 20
- 238000012795 verification Methods 0.000 claims description 8
- 230000002159 abnormal effect Effects 0.000 claims description 6
- RWSOTUBLDIXVET-UHFFFAOYSA-N Dihydrogen sulfide Chemical compound S RWSOTUBLDIXVET-UHFFFAOYSA-N 0.000 abstract description 6
- 230000000694 effects Effects 0.000 abstract description 5
- 238000010586 diagram Methods 0.000 description 11
- 230000015654 memory Effects 0.000 description 11
- 238000004891 communication Methods 0.000 description 9
- 239000000463 material Substances 0.000 description 8
- 238000011161 development Methods 0.000 description 6
- 230000006870 function Effects 0.000 description 6
- 230000005540 biological transmission Effects 0.000 description 4
- 238000012546 transfer Methods 0.000 description 4
- 230000003287 optical effect Effects 0.000 description 3
- 230000014509 gene expression Effects 0.000 description 2
- 238000012986 modification Methods 0.000 description 2
- 230000004048 modification Effects 0.000 description 2
- 230000004888 barrier function Effects 0.000 description 1
- 230000008859 change Effects 0.000 description 1
- 239000000835 fiber Substances 0.000 description 1
- 238000007689 inspection Methods 0.000 description 1
- 230000003993 interaction Effects 0.000 description 1
- 238000002955 isolation Methods 0.000 description 1
- 239000004973 liquid crystal related substance Substances 0.000 description 1
- 238000004806 packaging method and process Methods 0.000 description 1
- 238000003672 processing method Methods 0.000 description 1
- 230000004044 response Effects 0.000 description 1
- 239000004065 semiconductor Substances 0.000 description 1
- 239000000758 substrate Substances 0.000 description 1
Classifications
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06Q—INFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES, NOT OTHERWISE PROVIDED FOR
- G06Q40/00—Finance; Insurance; Tax strategies; Processing of corporate or income taxes
- G06Q40/02—Banking, e.g. interest calculation or account maintenance
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F9/00—Arrangements for program control, e.g. control units
- G06F9/06—Arrangements for program control, e.g. control units using stored programs, i.e. using an internal store of processing equipment to receive or retain programs
- G06F9/46—Multiprogramming arrangements
- G06F9/54—Interprogram communication
- G06F9/547—Remote procedure calls [RPC]; Web services
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06Q—INFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES, NOT OTHERWISE PROVIDED FOR
- G06Q40/00—Finance; Insurance; Tax strategies; Processing of corporate or income taxes
- G06Q40/04—Trading; Exchange, e.g. stocks, commodities, derivatives or currency exchange
Abstract
The application provides a business handling method based on an outgoing device banking business, which can be applied to the technical field of finance and comprises the following steps: the outbound equipment sends a service request and a data packet to the API platform through a server in the DMZ area; the API platform analyzes the data packet and verifies and processes the service according to the service request; the API platform generates a second message according to the processing completion degree, encrypts the second message and sends the encrypted second message to a server in the DMZ area; the outbound device receives the second message forwarded by the server in the DMZ zone, decrypts and views the content of the second message. According to the banking business handling method, by using the outgoing equipment, great convenience is brought to the fact that staff goes out to projects or cashless services are provided on the company site, the time consumed by clients in handling business is reduced, and the workload of cabinet staff is also reduced. The customers can transact in linkage without queuing, filling forms and multiple businesses, so that the effect and the service range of the outgoing marketing service are greatly improved, and the customer experience and the satisfaction are improved.
Description
Technical Field
The application relates to the technical field of banking Internet, which can be used in the financial field, in particular to a business handling method, a system, equipment, a medium and a program product based on an outgoing device banking business.
Background
In general, a bank cashless service is not handled in a window, but queuing treatment is required on a counter, when a service person goes out to popularize products or marketing services, customers are still required to be led into each counter to handle the counter on site, a plurality of small cities or overseas banking outlets are fewer, even a plurality of overseas countries only have one banking outlet, the willingness of the customers to develop the banking service from the customers to the outlets is greatly reduced, the development of the individual service of the branch is limited, a large amount of starting funds and personnel are required to be input to set up new outlets, the cost is high, and finally the obtained service development effect is unstable.
Disclosure of Invention
The present application aims to solve at least one of the technical problems existing in the prior art.
For example, a method for improving the transacting of individual cashless business of each branch is provided, business personnel provide a gate service by using specific outgoing equipment, link an API platform of a bank, call different API services after security authentication, and realize remote development of banking business.
A first aspect of the present application provides a method for transacting banking business based on an outgoing device, the banking business being a cashless business, comprising:
the outbound equipment sends a service request and a data packet to the API platform through a server in the DMZ area;
the API platform analyzes the data packet and verifies and processes the service according to the service request;
the API platform generates a second message according to the processing completion degree, encrypts the second message and sends the encrypted second message to a server in the DMZ area;
the outbound device receives the second message forwarded by the server in the DMZ zone, decrypts and views the content of the second message.
According to the method for handling banking business, by using the outgoing equipment, great convenience is brought to issuing cards, paying internet banking, signing service agreements and handling cashless services of various password reset for staff going out to projects or company sites, the time consumed by clients for handling business is reduced, and the workload of cabinet staff is also reduced. The customers can transact in linkage without queuing, filling forms and multiple businesses, so that the effect and the service range of the outgoing marketing service are greatly improved, and the customer experience and the satisfaction are improved.
Further, the method further comprises:
after a server in the DMZ area confirms that the outgoing equipment is a trusted equipment, receiving and sending a network connection request sent by the outgoing equipment to an API platform;
and the API platform responds to the network connection request, generates a first message and sends the first message to the outgoing equipment through the server in the DMZ area.
Further, the method of confirming that the egress device is a trusted device comprises:
the outbound equipment generates a private key, packages the private key with an instruction of the network connection request and sends the private key to a server in the DMZ area;
the server of the DMZ area sends a request for acquiring the public key of the trusted device to the API platform, and verifies the private key after receiving the public key of the trusted device;
after the verification is passed, the outgoing device is confirmed to be a trusted device.
Further, before the server in the DMZ zone confirms that the egress device is a trusted device, the method further includes:
and checking whether the person is a trusted person or not through the starting password of the outgoing equipment.
Further, the first message comprises a successful network connection message and an abnormal network connection message,
when the outbound device receives the abnormal message, pre-storing the generated service request and the data packet in a storage area of the outbound device;
the outbound equipment periodically sends a network connection request to the API platform through a server in the DMZ area, and checks the network connection state;
when the network connection is successful, the outbound device sends the service request and the data packet in the storage area to the API platform.
Further, the API platform comprises an API gateway, a service routing gateway, an API server and a host,
the API gateway is suitable for analyzing the data packet and encrypting the second message, and the host is suitable for verifying and processing the service.
Further, the method further comprises:
the outbound device prints the content of the second message as a result voucher.
A second aspect of the present application provides a banking transaction system, the banking transaction being a cashless transaction, comprising:
the outbound equipment is equipment connected with the external network;
the API platform is a platform connected with the bank intranet;
the DMZ area is an area arranged between the external network and the bank intranet, and a server is arranged in the DMZ area;
wherein,
the egress device is adapted to: sending a service request and a data packet to an API platform through a server in the DMZ area, receiving a second message forwarded by the server in the DMZ area, decrypting and checking the content of the second message;
the API platform is adapted to: analyzing the data packet, verifying and processing the service according to the service request, generating a second message according to the processing completion degree, encrypting the second message, and sending the encrypted second message to a server in the DMZ area;
the DMZ zone is adapted to forward data sent by the egress device to the API platform or sent by the API platform to the egress device.
A third aspect of the present application provides an electronic device, comprising: one or more processors; and a memory for storing one or more programs, wherein the one or more programs, when executed by the one or more processors, cause the one or more processors to perform the above-described processing method.
A fourth aspect of the present application also provides a computer readable storage medium having stored thereon executable instructions which, when executed by a processor, cause the processor to perform the above-described handling method.
A fifth aspect of the present application also provides a computer program product comprising a computer program which, when executed by a processor, implements the above-mentioned handling method.
Drawings
The foregoing and other objects, features and advantages of the application will be more apparent from the following description of embodiments of the application with reference to the accompanying drawings in which:
FIG. 1 schematically illustrates an application scenario diagram of an egress device, a DMZ zone server, and an API platform in transacting business in accordance with an embodiment of the present application;
FIG. 2 schematically illustrates a flow chart of a method of transacting banking in accordance with an embodiment of the present application;
FIG. 3 schematically illustrates a data transmission diagram of a banking transaction method according to an embodiment of the present application;
FIG. 4 schematically illustrates a flow chart of a method of transacting banking in accordance with an embodiment of the present application;
FIG. 5 schematically illustrates a flow chart for validating an outbound device as a trusted device in accordance with an embodiment of the present application;
FIG. 6 schematically illustrates a flow chart when a network is abnormal in accordance with an embodiment of the present application;
FIG. 7 schematically illustrates a block diagram of a banking transaction system in accordance with an embodiment of the present application; and
fig. 8 schematically shows a block diagram of an electronic device adapted to implement a banking transaction method according to an embodiment of the present application.
Detailed Description
Hereinafter, embodiments of the present application will be described with reference to the accompanying drawings. It should be understood that the description is only exemplary and is not intended to limit the scope of the present application. In the following detailed description, for purposes of explanation, numerous specific details are set forth in order to provide a thorough understanding of the embodiments of the present application. It may be evident, however, that one or more embodiments may be practiced without these specific details. In addition, in the following description, descriptions of well-known structures and techniques are omitted so as not to unnecessarily obscure the concepts of the present application.
The terminology used herein is for the purpose of describing particular embodiments only and is not intended to be limiting of the application. The terms "comprises," "comprising," and/or the like, as used herein, specify the presence of stated features, steps, operations, and/or components, but do not preclude the presence or addition of one or more other features, steps, operations, or components.
All terms (including technical and scientific terms) used herein have the same meaning as commonly understood by one of ordinary skill in the art unless otherwise defined. It should be noted that the terms used herein should be construed to have meanings consistent with the context of the present specification and should not be construed in an idealized or overly formal manner.
Where expressions like at least one of "A, B and C, etc. are used, the expressions should generally be interpreted in accordance with the meaning as commonly understood by those skilled in the art (e.g.," a system having at least one of A, B and C "shall include, but not be limited to, a system having a alone, B alone, C alone, a and B together, a and C together, B and C together, and/or A, B, C together, etc.).
Personal cashless service: the individual customers carry out other business than cash transaction at banking outlets, such as issuing cards, signing messenger agreements, registering or logging out individual electronic banks, resetting card secret or electronic bank login passwords, changing registration mobile phone numbers, maintaining electronic bank down-hanging accounts, maintaining electronic bank authentication media and other services.
Leaving the cabinet: the customer can complete the transaction by self-service or remotely without the actual operation of a bank teller.
DMZ zone (Demilitarized Zone): the DMZ zone is a zone of the network between the external network and the internal network, also called the isolation zone. It is understood in this application that the DMZ zone is a buffer between the non-secure system (egress device) and the secure system (API platform).
In general, a bank cashless service is not handled in a window, but queuing processing is required on a counter, and a worker needs to perform related transactions through the counter after verifying names, certificate types and certificate numbers, so that the counter cannot be removed. When business personnel go out to popularize products or marketing services, customers still need to be introduced into each website to conduct counter field handling, but a plurality of small cities or overseas banking websites are fewer, even a plurality of overseas countries only have one banking website, thereby greatly reducing the willingness of the customers to develop banking business from website to website, limiting the development of individual business by website, requiring a large amount of starting funds and personnel to be invested in setting up new website, and having higher cost and unstable income of the finally obtained business development effect.
Aiming at the problems, the application provides a method for improving the transacting of individual cashless business of each branch, business personnel provide a gate-on service by using specific outgoing equipment, link an API platform of a bank, call different API services after security authentication to realize remote development of banking business, and solve the problem that customers have banking business demands but cannot be in close contact with the website.
Fig. 1 schematically illustrates an application scenario diagram of an egress device, a DMZ zone server, and an API platform in handling a service according to an embodiment of the present application.
As shown in fig. 1, the external network 104 is used to provide a medium for communication links between the egress devices 101, 102, 103 and the DMZ zone server 105; the internal network 106 is used to provide a medium for communication links between the server 105 and the API platform of the DMZ zone. The networks 104, 106 may include various connection types, such as wired, wireless communication links, or fiber optic cables, among others.
A user may interact with the server 105 of the DMZ zone through the external network 104 using the egress devices 101, 102, 103 to receive or send messages or the like; the server 105 of the DMZ zone interacts with the API platform through an internal network 106.
Various communication client applications may be installed on the outbound devices 101, 102, 103, such as shopping class applications, web browser applications, search class applications, instant messaging tools, mailbox clients, social platform software, and the like (just examples). The egress devices 101, 102, 103 may be a variety of electronic devices having a display screen and supporting web browsing, including but not limited to smartphones, tablets, laptop and desktop computers, and the like.
The server 105 of the DMZ zone is placed within the DMZ zone and establishes the DMZ barrier service.
The API platform may provide various business services, including an API gateway, a service routing gateway, an API server, and a host 107. The gateway is also called an intersystem connector or a protocol converter, and realizes network interconnection above a network layer; the API server belongs to a part of the host, and flows and forwards the service data processed by the host 107; the host 107 corresponds to a server, and may analyze and process data such as a received user request, and may feed back processing results (e.g., web pages, information, data, etc., acquired or generated according to the user request) to the API server.
It should be understood that the number of terminal devices, networks and servers in fig. 1 is merely illustrative. There may be any number of terminal devices, networks, and servers, as desired for implementation.
The following will describe in detail a method for handling banking business according to an embodiment of the application with reference to fig. 2 to 6 based on the scenario described in fig. 1. It should be noted that, in the existing business handling process of the counter, only the internal network is used, that is, the counter device and the host are both in the internal network environment, and are the request and the reply between the counter device and the host.
Fig. 2 schematically shows a flow chart of a method of transacting banking according to an embodiment of the present application. Fig. 3 schematically shows a data transmission schematic of a banking transaction method according to an embodiment of the present application.
As shown in fig. 2, the embodiment includes operations S210 to S240, and three-way interaction involving the outbound device, the server of the DMZ area, and the API platform is involved in the flow.
In operation S210, the egress device transmits a service request and a data packet to the API platform through the server of the DMZ zone.
The server in the DMZ area corresponds to a transfer area, and safety inspection between an external network and an internal network is established, and data transmitted by an outgoing device and data transmitted by an API platform are transmitted after passing through the server in the DMZ area.
In this operation step, the service request is a request code of a cashless service, and code requests corresponding to different services are different. The data package is the necessary material for handling the related business, such as bank card number of the transactor, identity card number of the transactor, work card number of the staff, and other materials. In one embodiment, it is assumed that the external device is used to transact the change service of the bank card binding mobile phone number, and the bank card number of the transactor, the identity card number of the transactor, the license plate number of the staff and the changed mobile phone number are needed in the data packet. The outbound equipment compresses the related materials for transacting business to form a data packet, and transmits the data packet to a server in a DMZ area, and the server in the DMZ area is used as a transfer station to be sent to an API platform.
In operation S220, the API platform parses the data packet and verifies and processes the service according to the service request.
After receiving the service request and the data packet forwarded by the server in the DMZ area, the API platform analyzes the data packet, checks whether the materials in the data packet are complete according to the item of the service request, verifies whether the bank card number of the provided transactor is consistent with the identity card number of the transactor, and executes service processing after all the materials are complete and the credentials are consistent.
In operation S230, the API platform generates a second message according to the processing completion, encrypts the second message, and sends the encrypted second message to the server in the DMZ area.
It can be understood that the processing completion degree is two types of completion and incompletion, that is, if the processing completion degree is 100%, the generated second message can be receipt information of successful processing; if the processing completion degree is other than 100%, and the processing completion degree stays at the value for more than a certain time, the generated second message can be the wrong receipt information.
After the second message is generated, the API platform encrypts the second message to prevent the message from being leaked in the transmission process, and sends the encrypted second message to a server in a DMZ area, wherein the server in the DMZ area is used as a transfer station to send the second message to the outbound equipment.
In operation S240, the egress device receives the second message forwarded by the server of the DMZ zone, decrypts and views the content of the second message.
According to the method for handling banking business, by using the outgoing equipment, great convenience is brought to issuing cards, paying internet banking, signing service agreements and handling cashless services of various password reset for staff going out to projects or company sites, the time consumed by clients for handling business is reduced, and the workload of cabinet staff is also reduced. The customers can transact in linkage without queuing, filling forms and multiple businesses, so that the effect and the service range of the outgoing marketing service are greatly improved, and the customer experience and the satisfaction are improved.
Further, the outbound device prints the content of the second message as a result voucher. It will be appreciated that credentials typically need to be set aside for the customer after the transaction is completed.
The data packet transmission may be accomplished through the network, i.e. through both the external network and the internal network, and thus further comprises the step of network connection before performing the data packet transfer and the service request.
Fig. 4 schematically shows a flow chart of a method of transacting banking according to an embodiment of the present application.
As shown in fig. 4, this embodiment includes operations S310 to S320.
In operation S310, after the server in the DMZ area confirms that the outbound device is a trusted device, a network connection request issued by the outbound device is accepted and sent to the API platform.
The server in the DMZ zone first performs a trusted check on the outgoing device and agrees to interact with the API platform after confirming that the outgoing device is a device that is brought by the bank and that handles cashless services exclusively.
In operation S320, the API platform generates a first message in response to the network connection request and transmits the first message to the outbound device through the server of the DMZ zone.
The first message comprises a network connection success message and a network connection abnormal message. Of course, when the same customer handles a plurality of services at a time, since the outgoing device is in the same external network and is always connected, operations S310 to S320 may not be executed any more, and operations S210 to S240 may be executed in a loop.
Fig. 5 schematically illustrates a flowchart for confirming that an outbound device is a trusted device according to an embodiment of the present application. It will be appreciated that verifying whether a trusted device is one is accomplished by the server to the DMZ zone as an intermediary.
As shown in fig. 5, this embodiment includes operations S410 to S430.
In operation S410, the egress device generates a private key and transmits it to the server of the DMZ zone in packets with the instruction of the network connection request.
In operation S420, the server of the DMZ zone transmits a request for obtaining the public key of the trusted device to the API platform, and verifies the private key after receiving the public key of the trusted device.
After the verification is passed, the outgoing device is confirmed to be a trusted device in operation S430.
Each outgoing device is provided with a unique private key, and the API platform is matched with the unique private key, and has a public key for unlocking the private keys, so that it is understood that the public key can be only one, the private keys of all trusted outgoing devices can be unlocked, and further, whether the outgoing devices are trusted devices can be verified by utilizing the public key.
In the operation, verification is executed in a server in a DMZ area, an outbound device sends a private key to the server in the DMZ area, an API platform sends a public key to the server in the DMZ area, the private key and the public key are checked in the server in the DMZ area, after verification is passed, the outbound device is confirmed to be a trusted device, and otherwise, the outbound device is refused to send a network connection request.
Further, before the server in the DMZ zone confirms that the egress device is a trusted device, the method further includes: and checking whether the person is a trusted person or not through the starting password of the outgoing equipment.
Because verification of names, certificate types and certificate numbers is usually completed through field verification of counter machines, corresponding certificates need to be provided for the owners of the outgoing equipment in the application, the owners need to be proved to be trusted first, and information security of the offices can be guaranteed.
In the verification process, the outgoing equipment is provided with a startup password, the startup password can be a fixed password or a random password, namely, when the outgoing equipment is used each time, a trusted person can know in advance or receive a startup dynamic password when in use, and the received equipment can be public mobile phones, public platforms and the like of the trusted person. If the person can open the outgoing device, the person can be authenticated as a trusted person.
Fig. 6 schematically shows a flow chart at network anomalies according to an embodiment of the present application.
As shown in fig. 6, this embodiment includes operations S510 to S530.
In operation S510, when the outbound device receives the exception message, the generated service request and data packet are pre-stored in the memory area of the outbound device.
In operation S520, the egress device periodically transmits a network connection request to the API platform through the server of the DMZ zone, and checks the network connection status.
In operation S530, when the network connection is successful, the outbound device transmits the service request and the data packet in the storage area to the API platform.
It can be understood that when the network is abnormal, in order to rapidly transact business for the client, after the trusted device carried by the trusted person is authenticated, the trusted person can manually authenticate the name, the certificate type and the certificate number of the transacted person, and then uniformly upload the business which the transacted person wants to transact and the required materials into a storage area of the outgoing device, so as to continuously detect whether the network is successfully connected. When the network connection is successful, the outbound device sends the service request and the data packet in the storage area to the API platform.
For functional subdivision in the API platform of the bank, the API platform includes an API gateway, a service routing gateway, an API server, and a host, where the API gateway is adapted to parse the data packet and encrypt the second packet, and the host is adapted to verify and process the service, and referring to fig. 3 specifically.
Based on the banking business handling method, the application also provides a banking business handling system. This system will be described in detail below in connection with fig. 7.
Fig. 7 schematically shows a block diagram of a banking transaction system according to an embodiment of the present application.
As shown in fig. 7, the banking transaction system 700 of this embodiment includes an outbound device, an API platform, and a DMZ area.
The outgoing equipment is equipment connected with the external network, the API platform is a platform connected with the bank intranet, the DMZ area is an area arranged between the external network and the bank intranet, and a server is arranged in the DMZ area.
Wherein, the outgoing device is internally provided with a sending module 710 and a receiving module 720.
The sending module 710 is configured to: and sending the service request and the data packet to the API platform through the server in the DMZ area. In one embodiment, the sending module 710 may be configured to perform the operation S210 described above, which is not described herein. And
A receiving module 720, where the receiving module 720 is configured to: and receiving a second message forwarded by a server in the DMZ zone, decrypting and viewing the content of the second message. In one embodiment, the receiving module 720 may be configured to perform the operation S240 described above, which is not described herein.
An parsing module 730 and a message encrypting module 740 are arranged in the API platform.
The parsing module 730 is configured to: and analyzing the data packet, and verifying and processing the service according to the service request. In one embodiment, the parsing processing module 730 may be used to perform the operation S220 described above, which is not described herein. And
The message encryption module 740 is configured to: and generating a second message according to the processing completion degree, encrypting the second message and then sending the second message to a server in the DMZ area. In one embodiment, the message encrypting module 740 may be used to perform the operation S230 described above, which is not described herein.
The DMZ zone is adapted to forward data sent by the egress device to the API platform or sent by the API platform to the egress device.
According to an embodiment of the present application, the parsing processing module 730 and the message encrypting module 740 may be combined into one module to be implemented, or any one of the modules may be split into a plurality of modules. Alternatively, at least some of the functionality of one or more of the modules may be combined with at least some of the functionality of other modules and implemented in one module. According to embodiments of the present application, at least one of the parsing processing module 730 and the message encrypting module 740 may be implemented at least in part as hardware circuitry, such as a Field Programmable Gate Array (FPGA), a Programmable Logic Array (PLA), a system on a chip, a system on a substrate, a system on a package, an Application Specific Integrated Circuit (ASIC), or may be implemented in hardware or firmware in any other reasonable way of integrating or packaging the circuitry, or in any one of or a suitable combination of three of software, hardware, and firmware. Alternatively, at least one of the parsing processing module 730 and the message encrypting module 740 may be at least partially implemented as a computer program module, which when executed, performs the corresponding functions.
Fig. 8 schematically illustrates a block diagram of an electronic device adapted to implement a banking transaction method according to an embodiment of the present application, where the receiving, processing, etc. of a request by an API platform may be performed by the following electronic device.
As shown in fig. 8, an electronic device 800 according to an embodiment of the present application includes a processor 801 that can perform various appropriate actions and processes according to a program stored in a Read Only Memory (ROM) 802 or a program loaded from a storage section 808 into a Random Access Memory (RAM) 803. The processor 801 may include, for example, a general purpose microprocessor (e.g., a CPU), an instruction set processor and/or an associated chipset and/or a special purpose microprocessor (e.g., an Application Specific Integrated Circuit (ASIC)), or the like. The processor 801 may also include on-board memory for caching purposes. The processor 801 may include a single processing unit or multiple processing units for performing the different actions of the method flows according to embodiments of the present application.
In the RAM 803, various programs and data required for the operation of the electronic device 800 are stored. The processor 801, the ROM 802, and the RAM 803 are connected to each other by a bus 804. The processor 801 performs various operations of the method flow according to the embodiments of the present application by executing programs in the ROM 802 and/or the RAM 803. Note that the program may be stored in one or more memories other than the ROM 802 and the RAM 803. The processor 801 may also perform various operations of the method flows according to embodiments of the present application by executing programs stored in the one or more memories.
According to an embodiment of the present application, the electronic device 800 may also include an input/output (I/O) interface 805, the input/output (I/O) interface 805 also being connected to the bus 804. The electronic device 800 may also include one or more of the following components connected to the I/O interface 805: an input portion 806 including a keyboard, mouse, etc.; an output portion 807 including a display such as a Cathode Ray Tube (CRT), a Liquid Crystal Display (LCD), and a speaker; a storage section 808 including a hard disk or the like; and a communication section 809 including a network interface card such as a LAN card, a modem, or the like. The communication section 809 performs communication processing via a network such as the internet. The drive 810 is also connected to the I/O interface 805 as needed. A removable medium 811 such as a magnetic disk, an optical disk, a magneto-optical disk, a semiconductor memory, or the like is mounted on the drive 810 as needed so that a computer program read out therefrom is mounted into the storage section 808 as needed.
The present application also provides a computer-readable storage medium that may be embodied in the apparatus/device/system described in the above embodiments; or may exist alone without being assembled into the apparatus/device/system. The computer-readable storage medium carries one or more programs that when executed implement methods according to embodiments of the present application.
According to embodiments of the present application, the computer-readable storage medium may be a non-volatile computer-readable storage medium, which may include, for example, but is not limited to: a portable computer diskette, a hard disk, a Random Access Memory (RAM), a read-only memory (ROM), an erasable programmable read-only memory (EPROM or flash memory), a portable compact disc read-only memory (CD-ROM), an optical storage device, a magnetic storage device, or any suitable combination of the foregoing. In the context of this document, a computer readable storage medium may be any tangible medium that can contain, or store a program for use by or in connection with an instruction execution system, apparatus, or device. For example, according to embodiments of the present application, the computer-readable storage medium may include ROM 802 and/or RAM 803 and/or one or more memories other than ROM 802 and RAM 803 described above.
Also included in embodiments of the present application is a computer program product comprising a computer program containing program code for performing the methods shown in the flowcharts. The program code means for causing a computer system to carry out the methods provided in the embodiments of the present application when the computer program product is run on the computer system.
The above-described functions defined in the system/apparatus of the embodiments of the present application are performed when the computer program is executed by the processor 801. The systems, apparatus, modules, units, etc. described above may be implemented by computer program modules according to embodiments of the application.
In one embodiment, the computer program may be based on a tangible storage medium such as an optical storage device, a magnetic storage device, or the like. In another embodiment, the computer program may also be transmitted, distributed, and downloaded and installed in the form of a signal on a network medium, and/or from a removable medium 811 via a communication portion 809. The computer program may include program code that may be transmitted using any appropriate network medium, including but not limited to: wireless, wired, etc., or any suitable combination of the foregoing.
In such an embodiment, the computer program may be downloaded and installed from a network via the communication section 809, and/or installed from the removable media 811. The above-described functions defined in the system of the embodiments of the present application are performed when the computer program is executed by the processor 801. According to embodiments of the present application, the systems, devices, means, modules, units, etc. described above may be implemented by means of computer program modules.
According to embodiments of the present application, program code for executing computer programs provided in embodiments of the present application may be written in any combination of one or more programming languages, and in particular, such computer programs may be implemented in high-level procedural and/or object-oriented programming languages, and/or assembly/machine languages. Programming languages include, but are not limited to, such as Java, c++, python, "C" or similar programming languages. The program code may execute entirely on the user's computing device, partly on the user's device, partly on a remote computing device, or entirely on the remote computing device or server. In the case of remote computing devices, the remote computing device may be connected to the user computing device through any kind of network, including a Local Area Network (LAN) or a Wide Area Network (WAN), or may be connected to an external computing device (e.g., connected via the Internet using an Internet service provider).
The flowcharts and block diagrams in the figures illustrate the architecture, functionality, and operation of possible implementations of systems, methods and computer program products according to various embodiments of the present application. In this regard, each block in the flowchart or block diagrams may represent a module, segment, or portion of code, which comprises one or more executable instructions for implementing the specified logical function(s). It should also be noted that, in some alternative implementations, the functions noted in the block may occur out of the order noted in the figures. For example, two blocks shown in succession may, in fact, be executed substantially concurrently, or the blocks may sometimes be executed in the reverse order, depending upon the functionality involved. It will also be noted that each block of the block diagrams or flowchart illustration, and combinations of blocks in the block diagrams or flowchart illustration, can be implemented by special purpose hardware-based systems which perform the specified functions or acts, or combinations of special purpose hardware and computer instructions.
Those skilled in the art will appreciate that the features recited in the various embodiments and/or claims of the present application may be combined in various combinations and/or combinations, even if such combinations or combinations are not explicitly recited in the present application. In particular, the features recited in the various embodiments and/or the claims of the present application may be combined and/or combined in various ways without departing from the spirit and teachings of the present application. All such combinations and/or combinations fall within the scope of the present application.
In the description of the present specification, a description referring to the terms "one embodiment," "some embodiments," "examples," "specific examples," or "some examples," etc., means that a particular feature, structure, material, or characteristic described in connection with the embodiment or example is included in at least one embodiment or example of the present application. In this specification, schematic representations of the above terms do not necessarily refer to the same embodiments or examples. Furthermore, the particular features, structures, materials, or characteristics described may be combined in any suitable manner in any one or more embodiments or examples.
The embodiments of the present application are described above. However, these examples are for illustrative purposes only and are not intended to limit the scope of the present application. Although the embodiments are described above separately, this does not mean that the measures in the embodiments cannot be used advantageously in combination. The scope of the application is defined by the appended claims and equivalents thereof. Various alternatives and modifications can be made by those skilled in the art without departing from the scope of the present application, and such alternatives and modifications are intended to fall within the scope of the present application.
Claims (11)
1. A method for transacting banking business based on an outgoing device, the banking business being cashless business, comprising:
the outbound equipment sends a service request and a data packet to the API platform through a server in the DMZ area;
the API platform analyzes the data packet and verifies and processes the service according to the service request;
the API platform generates a second message according to the processing completion degree, encrypts the second message and sends the encrypted second message to a server in the DMZ area;
the outbound device receives the second message forwarded by the server in the DMZ zone, decrypts and views the content of the second message.
2. The method of transacting banking according to claim 1, wherein the method further comprises:
after a server in the DMZ area confirms that the outgoing equipment is a trusted equipment, receiving and sending a network connection request sent by the outgoing equipment to an API platform;
and the API platform responds to the network connection request, generates a first message and sends the first message to the outgoing equipment through the server in the DMZ area.
3. The method of transacting banking according to claim 2, wherein the method of confirming that the outgoing device is a trusted device comprises:
the outbound equipment generates a private key, packages the private key with an instruction of the network connection request and sends the private key to a server in the DMZ area;
the server of the DMZ area sends a request for acquiring the public key of the trusted device to the API platform, and verifies the private key after receiving the public key of the trusted device;
after the verification is passed, the outgoing device is confirmed to be a trusted device.
4. The banking transaction method according to claim 2, wherein before the server in the DMZ area confirms that the outgoing device is a trusted device, the method further comprises:
and checking whether the person is a trusted person or not through the starting password of the outgoing equipment.
5. The method according to claim 2, wherein the first message includes a network connection success message and a network connection exception message,
when the outbound device receives the abnormal message, pre-storing the generated service request and the data packet in a storage area of the outbound device;
the outbound equipment periodically sends a network connection request to the API platform through a server in the DMZ area, and checks the network connection state;
when the network connection is successful, the outbound device sends the service request and the data packet in the storage area to the API platform.
6. The banking transaction method according to claim 1, wherein the API platform includes an API gateway, a service routing gateway, an API server and a host,
the API gateway is suitable for analyzing the data packet and encrypting the second message, and the host is suitable for verifying and processing the service.
7. The method of transacting banking according to claim 1, wherein the method further comprises:
the outbound device prints the content of the second message as a result voucher.
8. A system for transacting banking, the banking being cashless, comprising:
the outbound equipment is equipment connected with the external network;
the API platform is a platform connected with the bank intranet;
the DMZ area is an area arranged between the external network and the bank intranet, and a server is arranged in the DMZ area;
wherein,
the egress device is adapted to: sending a service request and a data packet to an API platform through a server in the DMZ area, receiving a second message forwarded by the server in the DMZ area, decrypting and checking the content of the second message;
the API platform is adapted to: analyzing the data packet, verifying and processing the service according to the service request, generating a second message according to the processing completion degree, encrypting the second message, and sending the encrypted second message to a server in the DMZ area;
the DMZ zone is adapted to forward data sent by the egress device to the API platform or sent by the API platform to the egress device.
9. An electronic device, comprising:
one or more processors;
storage means for storing one or more programs,
wherein the one or more programs, when executed by the one or more processors, cause the one or more processors to perform the method of any of claims 1-7.
10. A computer readable storage medium having stored thereon executable instructions which, when executed by a processor, cause the processor to perform the method according to any of claims 1-7.
11. A computer program product comprising a computer program which, when executed by a processor, implements the method according to any one of claims 1 to 7.
Priority Applications (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN202311571930.8A CN117575762A (en) | 2023-11-23 | 2023-11-23 | Method, system, equipment and medium for transacting banking business based on outgoing equipment |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN202311571930.8A CN117575762A (en) | 2023-11-23 | 2023-11-23 | Method, system, equipment and medium for transacting banking business based on outgoing equipment |
Publications (1)
| Publication Number | Publication Date |
|---|---|
| CN117575762A true CN117575762A (en) | 2024-02-20 |
Family
ID=89889624
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN202311571930.8A Pending CN117575762A (en) | 2023-11-23 | 2023-11-23 | Method, system, equipment and medium for transacting banking business based on outgoing equipment |
Country Status (1)
| Country | Link |
|---|---|
| CN (1) | CN117575762A (en) |
-
2023
- 2023-11-23 CN CN202311571930.8A patent/CN117575762A/en active Pending
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| US11716321B2 (en) | Communication network employing a method and system for establishing trusted communication using a security device | |
| US11282074B2 (en) | Automated application programming interface (API) system and method | |
| US11727410B2 (en) | Method and apparatus for improving security of a computer network utilizing simple mail transfer protocol (SMTP) | |
| WO2019014374A1 (en) | Systems and methods for using a transaction identifier to protect sensitive credentials | |
| US20070033136A1 (en) | Secured financial transaction device | |
| CN101221641B (en) | On-line trading method and its safety affirmation equipment | |
| US11699149B2 (en) | Systems and methods for substitute low-value tokens in secure network transactions | |
| CN111832005B (en) | Application authorization method, application authorization device and electronic equipment | |
| CN102611702A (en) | System and method for ensuring safety of network payment | |
| CN113553302A (en) | Credit report acquisition method, system, equipment and storage medium | |
| US20220124116A1 (en) | Systems and methods for detecting security risks in network pages | |
| CN117575762A (en) | Method, system, equipment and medium for transacting banking business based on outgoing equipment | |
| CN113393239A (en) | Transaction processing method, system, device, electronic equipment and storage medium | |
| CN114785560B (en) | Information processing method, device, equipment and medium | |
| CN114553570B (en) | Method, device, electronic equipment and storage medium for generating token | |
| US20150235214A1 (en) | User Authentication and Authorization | |
| CN117349821A (en) | Cross-system account association management method, device, equipment, medium and program product | |
| CN115760082A (en) | Digital payment processing method, device, equipment, system and medium | |
| CN117649297A (en) | Transaction method, apparatus, device, medium and program product | |
| CN114862395A (en) | Transaction speed improving method, device, equipment and medium | |
| WO2013062438A2 (en) | System and method for conducting payment transactions | |
| Garg et al. | A RESEARCH PAPER ON STUDY OF MOBILE PAYMENT AND IT’S SECURITY IN INDIA |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| PB01 | Publication | ||
| PB01 | Publication | ||
| SE01 | Entry into force of request for substantive examination | ||
| SE01 | Entry into force of request for substantive examination |