CN118300847A - Transaction data encryption method and system based on mobile terminal - Google Patents
Transaction data encryption method and system based on mobile terminal Download PDFInfo
- Publication number
- CN118300847A CN118300847A CN202410410247.4A CN202410410247A CN118300847A CN 118300847 A CN118300847 A CN 118300847A CN 202410410247 A CN202410410247 A CN 202410410247A CN 118300847 A CN118300847 A CN 118300847A
- Authority
- CN
- China
- Prior art keywords
- mobile terminal
- server
- transaction
- transaction data
- information
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Pending
Links
- 238000000034 method Methods 0.000 title claims abstract description 46
- 238000012545 processing Methods 0.000 claims description 39
- 238000012795 verification Methods 0.000 claims description 30
- 238000012546 transfer Methods 0.000 claims description 14
- 239000000284 extract Substances 0.000 claims description 10
- 230000006870 function Effects 0.000 description 12
- 238000000605 extraction Methods 0.000 description 10
- 230000002159 abnormal effect Effects 0.000 description 7
- 238000007726 management method Methods 0.000 description 5
- 230000003044 adaptive effect Effects 0.000 description 4
- 230000005540 biological transmission Effects 0.000 description 4
- 238000013523 data management Methods 0.000 description 4
- 230000002093 peripheral effect Effects 0.000 description 3
- 230000009286 beneficial effect Effects 0.000 description 2
- 238000004891 communication Methods 0.000 description 2
- 238000004590 computer program Methods 0.000 description 2
- 230000001815 facial effect Effects 0.000 description 2
- 230000001360 synchronised effect Effects 0.000 description 2
- 206010063385 Intellectualisation Diseases 0.000 description 1
- 210000005252 bulbus oculi Anatomy 0.000 description 1
- 238000012790 confirmation Methods 0.000 description 1
- 238000013075 data extraction Methods 0.000 description 1
- 238000013500 data storage Methods 0.000 description 1
- 238000010586 diagram Methods 0.000 description 1
- 238000003708 edge detection Methods 0.000 description 1
- 210000001508 eye Anatomy 0.000 description 1
- 238000005286 illumination Methods 0.000 description 1
- 230000005764 inhibitory process Effects 0.000 description 1
- 238000012986 modification Methods 0.000 description 1
- 230000004048 modification Effects 0.000 description 1
- 230000003287 optical effect Effects 0.000 description 1
- 238000006467 substitution reaction Methods 0.000 description 1
Landscapes
- Mobile Radio Communication Systems (AREA)
Abstract
The invention provides a transaction data encryption method and a transaction data encryption system based on a mobile terminal, wherein the method comprises the following steps: s1, in the primary transaction, the mobile terminal encrypts transaction data based on an initial key and transmits the encrypted transaction data to a server; and S2, during subsequent transactions, the mobile terminal generates a current encryption key according to the transaction data encrypted last time, encrypts the current transaction data by adopting the current encryption key, and transmits the obtained current transaction data to the server. The invention can effectively ensure the safety of the encrypted data and effectively avoid the data safety problem caused by key leakage.
Description
Technical Field
The invention relates to the technical field of transaction data management, in particular to a transaction data encryption method and system based on a mobile terminal.
Background
At present, along with the increasing level of intellectualization of mobile terminals, users can conveniently complete mobile payment and transactions through the mobile terminals. After mobile payment and transaction is completed, a large amount of transaction data is generated and transmitted between the mobile terminal and the transaction server. Such transaction data carries a large amount of private information (such as transaction identity information, transaction amount, etc.), and once the transaction data is intercepted or leaked, the private information can be stolen, thereby seriously affecting the security management level of the transaction data.
In the prior art, when the mobile terminal and the transaction server transmit transaction data, the transaction data is generally encrypted in a data encryption mode, so that the leakage of privacy information is avoided; however, in the existing data encryption method, a fixed key is generally used to encrypt transaction data, but in the fixed key encryption method, once the key is leaked (for example, a manager can conveniently acquire the key by using a job or a hacker intercepts key data, etc.), all encryption processes are similar to dummy results, and the data security level in the data transmission and management process is seriously affected.
Disclosure of Invention
In view of the above, the present invention aims to provide a transaction data encryption method and system based on a mobile terminal.
The aim of the invention is realized by adopting the following technical scheme:
In a first aspect, the present invention provides a transaction data encryption method based on a mobile terminal, applied to the mobile terminal and a server, comprising the following steps:
s1, in the primary transaction, the mobile terminal encrypts transaction data based on an initial key and transmits the encrypted transaction data to a server;
And S2, during subsequent transactions, the mobile terminal generates a current encryption key according to the transaction data encrypted last time, encrypts the current transaction data by adopting the current encryption key, and transmits the obtained current transaction data to the server.
Preferably, the method further comprises: s01, before primary transaction, the mobile terminal generates an initial key and transmits the initial key to a server;
Preferably, the method further comprises: and S01, before the primary transaction, the mobile terminal transmits the user identity information to the server and receives an initial key returned by the server, wherein the initial key is generated by the server according to the user identity information.
Preferably, the mobile terminal receives the encrypted transaction feedback information returned by the server, and takes the received encrypted transaction feedback information as the transaction data after the last encryption; the encrypted transaction feedback information is obtained by the server through encryption processing of the transaction feedback information after generating a current encryption key in the same way based on the received encrypted transaction data; the transaction feedback information is generated by the server according to the transaction data.
Preferably, step S1 further includes:
and the mobile terminal locally stores the encrypted transaction data.
The transaction data comprises transaction information or transaction feedback information generated when a transaction task is completed, wherein the transaction information comprises transaction party identity information, transaction account information, transaction amount information and transaction commodity information.
The server also performs independent server storage management on the transaction data, and adds the related transaction data or transaction feedback information to the latest server storage record after the server receives the encrypted transaction data sent by the mobile terminal or the server generates the encrypted transaction feedback information.
Preferably, step S1 further includes:
After receiving the encrypted transaction feedback information returned by the server, the mobile terminal generates a current encryption key according to the last encrypted transaction data in the local storage record, and decrypts the acquired transaction feedback information by adopting the current encryption key to obtain decrypted transaction feedback information; and further storing the encrypted transaction feedback information locally and adding the transaction feedback information to the latest local storage record.
Preferably, in step S2, the mobile terminal generates a current encryption key according to the transaction data encrypted last time, and specifically includes:
Carrying out hash processing according to the last encrypted transaction data to obtain a hash value with a fixed length;
Extracting a time characteristic value according to the recording time of the transaction data encrypted last time;
and combining according to the acquired hash value and the time characteristic value to generate the current encryption key.
Preferably, the method further comprises:
When the mobile terminal needs to be replaced, the new mobile terminal acquires user identity information and transmits the user identity information to the server, so that the server performs verification according to the acquired user identity information to obtain an identity verification result; when the identity verification result passes, the server transmits the server storage record stored by the server to the new mobile terminal;
and the new mobile terminal performs localized local storage according to the acquired server storage record.
Preferably, the method further comprises:
When the mobile terminal needs to be replaced, the mobile terminal collects user identity information and transmits the user identity information to the server, so that the server performs verification according to the obtained user identity information to obtain an identity verification result; after the authentication result passes, the server returns record transfer information to the mobile terminal;
the mobile terminal shares the record transfer information to a new mobile terminal;
The new mobile terminal sends record transfer information to the server, so that the server extracts corresponding server storage records according to the received record transfer information and transmits the corresponding server storage records to the new mobile terminal;
and the new mobile terminal performs localized local storage according to the acquired server storage record.
Preferably, the user identity information comprises a user ID and a user face image acquired in real time;
the server performs verification according to the acquired user identity information, and specifically includes:
the server extracts a standard face image reserved by a user during registration from the registration information according to the acquired user ID;
extracting features according to the user face images acquired in real time, and extracting user face features;
and comparing and analyzing according to the extracted user face features and the user face features corresponding to the standard face images, and obtaining an identity verification result to pass when the similarity is higher than a preset standard value.
In a second aspect, the present invention shows a transaction data encryption system based on a mobile terminal, comprising a mobile terminal and a server; wherein the mobile terminal and the server are used for realizing the transaction data encryption method based on the mobile terminal as shown in any one of the implementation manners of the first aspect.
The beneficial effects of the invention are as follows: in the process of transaction data transmission between the mobile terminal and the server, only the transaction data generated by primary transaction is required to be encrypted and decrypted by adopting an initial key; in the subsequent transaction data transmission process, the last encrypted transaction data is adopted to generate a new encryption key, the encryption key is continuously updated, and the safety of the encrypted data can be effectively ensured on the premise that the specific mode of generating the encryption key according to the encrypted transaction data is not leaked, so that the data safety problem caused by key leakage is effectively avoided.
Meanwhile, the data encryption mode can realize the binding of transaction data and the appointed mobile terminal, and further improve the safety level of the transaction data management of the mobile terminal.
Drawings
The invention will be further described with reference to the accompanying drawings, in which embodiments do not constitute any limitation of the invention, and other drawings can be obtained by one of ordinary skill in the art without inventive effort from the following drawings.
FIG. 1 is a flow chart of a method for encrypting transaction data based on a mobile terminal according to an embodiment of the present invention;
Fig. 2 is a frame structure diagram of a transaction data encryption system based on a mobile terminal according to an embodiment of the present invention.
Detailed Description
The invention is further described in connection with the following application scenario.
Referring to fig. 1, an embodiment of a method for encrypting transaction data based on a mobile terminal includes:
s1, in the primary transaction, the mobile terminal encrypts transaction data based on an initial key and transmits the encrypted transaction data to a server;
And S2, during subsequent transactions, the mobile terminal generates a current encryption key according to the transaction data encrypted last time, encrypts the current transaction data by adopting the current encryption key, and transmits the obtained current transaction data to the server.
In the above embodiment of the present invention, in the process of transmitting transaction data between the mobile terminal and the server, only the initial key is used to encrypt and decrypt the transaction data generated by the primary transaction; in the subsequent transaction data transmission process, the last encrypted transaction data is adopted to generate a new encryption key, the encryption key is continuously updated, and the safety of the encrypted data can be effectively ensured on the premise that the specific mode of generating the encryption key according to the encrypted transaction data is not revealed, and the data safety problem caused by key leakage is effectively avoided.
Meanwhile, the data encryption mode can realize the binding of transaction data and the appointed mobile terminal, and further improve the safety level of the transaction data management of the mobile terminal.
The mobile terminal comprises intelligent equipment used by a user, wherein an application program or an applet corresponding to a transaction party is installed in the mobile terminal according to the actual situation requirement, so that the mobile terminal can establish communication connection with a server of the transaction party; wherein the mobile terminal also reserves a memory space for local storage by the transaction data record.
The server comprises a server built by a transaction party, wherein the transaction party comprises a securities trade merchant (such as securities trade company, bank and the like) and a mobile payment merchant (such as WeChat, payment treasury), and the server can receive and store transaction data transmitted by a user, or the server processes the received transaction data and then returns obtained feedback information (such as feedback information of successful transaction, transaction confirmation information, transaction record, balance information and the like) to the user.
Preferably, the method further comprises:
S01 the mobile terminal generates an initial key and transmits the initial key to the server before the initial transaction.
In one scenario, an initial encryption key can be generated by a mobile terminal, which shares the initial key to a server after generating the initial key. The manner in which the mobile terminal generates the initial key includes, but is not limited to: the initial key of a fixed length is generated based on specific key information input by a user, or the initial key is generated according to device ID information of the mobile terminal, etc.
Preferably, the method further comprises:
and S01, before the primary transaction, the mobile terminal transmits the user identity information to the server and receives an initial key returned by the server, wherein the initial key is generated by the server according to the user identity information.
In another scenario, the initial key can be generated by the server based on user identity information, where specific generation means include, but are not limited to: generating an initial key with fixed length based on the user ID, and generating a corresponding initial key after extracting the characteristics according to the user face image. After the initial key is generated, the server shares the initial key back to the mobile terminal. After the new user completes registration, the server can also generate an initial key according to the user identity information and transmit the initial key back to the mobile terminal of the user.
Preferably, step S1 further includes:
The mobile terminal receives the encrypted transaction feedback information returned by the server and takes the received encrypted transaction feedback information as the transaction data after the last encryption; the encrypted transaction feedback information is obtained by the server through encryption processing of the transaction feedback information after generating a current encryption key in the same way based on the received encrypted transaction data; the transaction feedback information is generated by the server according to the transaction data.
In a scene, after a user finishes mobile payment of goods through a mobile terminal, encrypting transaction data related to the mobile payment and transmitting the transaction data to a mobile payment server; and generating a first key according to the designated key generation rule based on the latest encrypted transaction data in the transaction record by the mobile payment server according to the received encrypted transaction data, and decrypting the encrypted transaction data by adopting the first key to acquire, record and process related transaction data. After the transaction data is processed, the mobile payment server generates corresponding feedback information, generates a second key according to a designated key generation rule based on the previously obtained encrypted transaction data, encrypts the feedback information by adopting the second key, and transmits the encrypted feedback information back to the mobile terminal. And the mobile payment server sequentially updates the acquired encrypted transaction data and the encrypted feedback information into a server storage record (in the current server storage record, the encrypted feedback information is the latest transaction data). After receiving the encrypted feedback information returned by the mobile payment server, the mobile terminal generates a second key according to a designated key generation rule based on the latest encrypted transaction data in the transaction record (namely the encrypted transaction data transmitted to the server by the mobile terminal previously), and decrypts the encrypted feedback information by adopting the second key to obtain related feedback information; and the mobile terminal updates and stores the acquired encrypted feedback information into a local storage record. In the above way, the synchronous recording between the mobile terminal and the server is realized. Meanwhile, dynamic updating of the encryption key is guaranteed, and the security level of transaction data encryption is improved.
Preferably, step S1 further includes:
and the mobile terminal locally stores the encrypted transaction data.
Wherein the transaction data comprises transaction information or transaction feedback information generated when the transaction task is completed, and the transaction information comprises transaction party identity information, transaction account information, transaction amount information, transaction commodity information and the like.
The server also performs independent server storage management on the transaction data, and adds the related transaction data or transaction feedback information into the latest server storage record after the server receives the encrypted transaction data sent by the mobile terminal or the server generates the encrypted transaction feedback information.
The mobile terminal and the server perform independent storage management on transaction data records of both sides, and can generate a key required for data encryption or decryption currently based on encrypted transaction data in the current storage records of the mobile terminal and the server.
The mobile terminal and the server do not directly store the current secret key, but a secret key algorithm calculates the current secret key based on the transaction record, and then encrypts or decrypts the secret key; the risk of unnecessary key leakage caused by directly storing the current key into the terminal or the server is avoided.
Preferably, step S1 further includes:
After receiving the encrypted transaction feedback information returned by the server, the mobile terminal generates a current encryption key according to the last encrypted transaction data in the local storage record, and decrypts the acquired transaction feedback information by adopting the current encryption key to obtain decrypted transaction feedback information; and further storing the encrypted transaction feedback information locally and adding the transaction feedback information to the latest local storage record.
For the setting form of the transaction record, the transaction feedback record can also be updated into the transaction record as transaction information so as to realize the synchronization of the transaction record between the mobile terminal and the server, and the current secret key is generated based on the transaction record.
Preferably, in step S2, the mobile terminal generates a current encryption key according to the transaction data encrypted last time, and specifically includes:
Carrying out hash processing according to the last encrypted transaction data to obtain a hash value with a fixed length;
and generating a current encryption key according to the obtained hash value.
The method for generating the current encryption key according to the encrypted transaction data can be to process the encrypted transaction data in a hash processing mode according to the preset data length in the actual transaction data to generate hash values with the same length, so that the transaction data can be encrypted or decrypted by the hash values. The mobile terminal and the server can generate the same hash value when the hash value is generated by the data based on the same encryption by utilizing the characteristic that the hash values obtained by the same data are the same, encrypt and decrypt the next transaction data based on the hash value, and realize synchronous updating of the secret key.
In one scenario, the key is set in a 16-bit format; an initial key bit key 0; the encryption function adopts a G (A, key) symmetrical encryption function, wherein A represents data to be encrypted, key represents an adopted encryption key, G ' (A ', key ') represents a decryption function, A ' represents data to be decrypted, and key ' represents an adopted decryption key; the transaction record S stores n items of encrypted transaction information s= { text 1,text2,…,textn }, the mobile terminal or the server generates a current encryption key keyn=Hash[G(textn,…G(text2,Hash[G(text1,Hash[G(text1,key0),16]),16])…),16], and performs encryption processing on the current transaction information pext n+1 based on the current key n to obtain encrypted transaction information text n+1=G(pextn+1,keyn, and adds the encrypted transaction information text n+1 to the transaction record to update the transaction record bit S' = { text 1,text2,…,textn+1 }.
Similarly, when decryption is needed, the other end generates a key n according to the encrypted transaction information in the transaction record S, and adopts the key n to decrypt the current encrypted transaction information text n+1 to obtain transaction information pext n+1=G′(textn+1,keyn); and adds the encrypted transaction information text n+1 to the transaction record, updating the transaction record bit S' = { text 1,text2,…,textn+1 }.
Where Hash [ B,16] represents hashing from data B to generate a 16-bit Hash value.
Preferably, in step S2, the mobile terminal generates a current encryption key according to the transaction data encrypted last time, and specifically includes:
Carrying out hash processing according to the last encrypted transaction data to obtain a hash value with a fixed length;
Extracting a time characteristic value according to the recording time of the transaction data encrypted last time;
and combining according to the acquired hash value and the time characteristic value to generate the current encryption key.
In the process of generating the current encryption key based on the hash value of the encrypted transaction data, the recording time of the transaction data can be further added as a key generation parameter, and when the server and the mobile terminal generate the current encryption key for the encrypted transaction data, the encryption key can be further generated based on the time characteristic value of the data, so that the security performance of key generation is improved.
In one scenario, when a key with a data length of 16 bits needs to be generated, a hash value with a length of 8 is generated through hash processing of transaction data; and extracting the time characteristic of 8 bits in length according to the recording time of the data after the last confidentiality, and combining the obtained hash value with the time characteristic value to obtain the current encryption key.
Preferably, the method further comprises:
When the mobile terminal needs to be replaced, the new mobile terminal acquires user identity information and transmits the user identity information to the server, so that the server performs verification according to the acquired user identity information to obtain an identity verification result; when the identity verification result passes, the server transmits the server storage record stored by the server to the new mobile terminal;
and the new mobile terminal performs localized local storage according to the acquired server storage record.
Typically, the user needs to use the same mobile terminal to continue to complete the transaction task (because transaction record data is stored in the mobile terminal's local storage record); when a user needs to replace a mobile terminal, user identity verification can be completed through the server, after the user identity verification is passed, the history transaction record of the user is obtained from the server through the new mobile terminal, and the synchronization of transaction data storage records is realized, so that the condition of encrypting transaction data between the new mobile terminal and the server is met, and the user can conveniently continue to use the new mobile terminal to complete transaction tasks.
Preferably, the method further comprises:
When the mobile terminal needs to be replaced, the mobile terminal collects user identity information and transmits the user identity information to the server, so that the server performs verification according to the obtained user identity information to obtain an identity verification result; after the authentication result passes, the server returns record transfer information to the mobile terminal;
the mobile terminal shares the record transfer information to a new mobile terminal;
The new mobile terminal sends record transfer information to the server, so that the server extracts corresponding server storage records according to the received record transfer information and transmits the corresponding server storage records to the new mobile terminal;
and the new mobile terminal performs localized local storage according to the acquired server storage record.
When the user needs to replace the mobile terminal, the user identity information needs to be verified first, and after the user passes the verification, the complete transaction record is obtained from the server or the old mobile terminal again and stored in the new mobile terminal, so that the mobile terminal is convenient to perform subsequent key generation and transaction data management operations.
Preferably, the user identity information comprises a user ID and a user face image acquired in real time;
the server performs verification according to the acquired user identity information, and specifically includes:
the server extracts a standard face image reserved by a user during registration from the registration information according to the acquired user ID;
Carrying out face feature extraction processing according to the face images of the user acquired in real time to acquire face feature information of the user;
And comparing and verifying according to the obtained user face characteristic information and standard user face characteristic information corresponding to the standard face image, and obtaining an identity verification result to pass when the similarity of the obtained user face characteristic information and the standard user face characteristic information accords with a preset standard value.
The user face features comprise face texture features extracted based on the user face images, and the face texture features comprise LBP features, LBPH features and the like.
In order to ensure the authenticity and reliability of transfer or re-request of transaction information record data (regarding the security of encrypted data), user identity information needs to be first verified to ensure the identity of the operating user when a request is made to acquire transaction record information. When user identity verification is carried out, user face images are acquired based on the mobile terminal, and the server carries out the identity verification based on the user face images acquired by the mobile terminal, so that the reliability of the identity verification is improved, and the safety of transaction data is further protected.
In actual operation, as the scenes of the mobile terminal for acquiring the face images of the user are various and are influenced by scene environments, the quality of the face images of the user is easily uneven, so that the server is easily interfered when the identity of the user is verified according to the face images of the user (for example, when the user acquires the face images through the mobile terminal, the light emitted by the screen of the mobile terminal can be reflected on the face of the user to cause abnormal reflection areas on the face, and the like), the accuracy and the reliability of the identity recognition based on the face images of the user are reduced, and the user experience is influenced.
Preferably, before face feature extraction processing is performed according to the face image of the user acquired in real time, the server further includes:
The server carries out self-adaptive adjustment processing on the received user face image, and specifically comprises the following steps:
The Sa1 extracts a foreground part according to the acquired face image of the user, and acquires the foreground part of the face image of the user as a face area A1; acquiring a background part of a face image of a user as a background area A2;
the Sa2 acquires edge characteristic information in the face region image according to gray information of pixel points in the face region image A1, extracts edge pixel points in the face region image, and records the edge pixel points into a set JH b;
Sa3 converts the face image of the user into an HSV color space, and extracts an H component value, an S component value and a V component value of each pixel point respectively;
The Sa4 classifies the pixels in the face region image A1 based on the obtained V component value and S component, wherein the adopted pixel classification function is as follows:
sourse3:V(x,y)-0.1S(x,y)≤0.3
sourse2:V(x,y)-0.1S(x,y)>0.3 and V(x,y)<0.9
sourse1:V(x,y)≥0.9
Wherein sourse, sourse, sourse respectively represent classification labels of the pixel points, and when the pixel points (x, y) conform to a conditional function corresponding to the classification labels, the pixel points (x, y) are marked as the pixel points of the corresponding classification labels; v (x, y) and S (x, y) represent the V component value and S component value of the pixel point (x, y), respectively;
The Sa5 carries out first adjustment processing on the V component value of the pixel point aiming at the pixel point sourse, wherein the adopted first adjustment function is as follows:
V*1(x,y)=Vs(x,y)
Wherein V *1 (x, y) represents the V component value of the pixel point (x, y) after the first adjustment processing, (x, y) ε sourse; v s(x,y) denotes an average V component value of each pixel point in the peripheral region of the pixel point (x, y);
The Sa6 forms a temporary set JH c aiming at the pixel points of sourse1 and the pixel points of sourse after the first adjustment processing, and sorts all the pixel points of the temporary set JH c according to the V component value from large to small to obtain a pixel point sequence Hlc, wherein in the Hlc, the larger the V component value is, the earlier the sorting is;
sa7 extracts the V component value V Hlc-1% of the first 10% of the pixel points and the average V component value of each pixel point in the temporary set JH c according to the pixel point sequence Hlc If it isWherein V TH represents a preset standard V component value, V TH E [0.1,0.3]; then the second adjustment processing is carried out on the V component value of the pixel point of 10% before the sorting, otherwise, if Then finishing the adjustment processing of the pixel points in the temporary set JH c;
the second adjusting function adopted is as follows:
V*2(x,y)=Vc(x,y)
Wherein V *2 (x, y) represents the V component value of the pixel point (x, y) after the second adjustment process, c (x, y) represents the adaptive neighborhood range centered on the pixel point (x, y), wherein the adaptive neighborhood range is a rectangular range with a side length d centered on the pixel point (x, y), wherein the side length d satisfies: d=argmin (num =Hlc-10%(c(x,y))<num≠Hlc-10% (c (x, y))), d represents the minimum value that holds the function num =Hlc-10%(c(x,y))<num≠Hlc-10% (c (x, y)), num =Hlc-10% (c (x, y)) represents the number of pixels belonging to 10% before sequence Hlc ordering within the adaptive neighborhood around pixel (x, y), and num ≠Hlc-10% (c (x, y)) represents the number of pixels not belonging to 10% before sequence Hlc ordering within the adaptive neighborhood around pixel (x, y);
After the second adjustment processing is completed, the Sa8 updates the pixel point sequence Hlc by using the V component value of the pixel points (x, y) after the second adjustment processing to obtain a new pixel point sequence, and repeats the step Sa7 based on the new pixel point sequence until the adjustment processing of the pixel points in the temporary set JH c is completed;
The Sa9 carries out third adjustment processing on the V component value of the pixel point aiming at the pixel point sourse, wherein the adopted third adjustment function is as follows:
V*3(x,y)=Vdt+V(x,y)×V(x,y)
wherein V *3 (x, y) represents the V component value of the pixel point (x, y) after the third adjustment processing, (x, y) ε sourse; v (x, y) represents the V component value of the pixel point (x, y) before the third adjustment processing, V dt represents the preset darkness V component value, wherein V dt epsilon [0.01,0.1];
The Sa10 adjusts the overall brightness of the face region image based on the current face region image, wherein the adopted overall brightness adjustment function is as follows:
Wherein V *Z (x, y) represents the V component value of the pixel point (x, y) after the whole brightness adjustment, V (x, y) represents the V component value of the current pixel point (x, y), V bt represents the preset standard V component value, V bt∈[0.5,0.7],da2b (x, y) represents the pixel distance between the pixel point (x, y) and the nearest edge pixel point (a, b), wherein (a, b) epsilon JH b;dat represents the preset distance standard value, and d at epsilon [3,5];
converting the user face image subjected to overall brightness adjustment into an RGB color space again to obtain a user face image subjected to self-adaptive adjustment;
the server further performs face feature extraction processing according to the self-adaptive adjustment processed face image of the user to obtain face feature information of the user.
Preferably, the foreground part extraction includes performing the foreground part extraction by using a foreground part extraction algorithm based on edge detection or a foreground part extraction algorithm based on depth information, etc., which is not particularly limited herein.
Preferably, obtaining the edge feature information according to the face region image includes detecting edge pixel points by using an LBP-based operator, a Sobel operator, a Canny operator and the like, which is not particularly limited herein.
Preferably, s (x, y) represents a peripheral region of the pixel point (x, y), wherein the peripheral region includes a rectangular region of a specific side length of 3×3, 5×5, 7×7, etc. centered on the pixel point, or the entire face region.
Preferably, in Sa7, the pixel neighborhood range is a rectangular area with 5×5 sides at the center of the pixel;
According to the technical scheme for carrying out self-adaptive adjustment processing on the face image of the user, the method and the device can carry out targeted processing on the condition that the face image is reflected due to the influence of illumination of a terminal screen in the process of acquiring the face image of the user through the mobile terminal, so that the feature extraction is carried out on the basis of the face image of the user and the accuracy of face recognition is influenced, and effectively improve the reliability and the robustness of user identity verification.
When the self-adaptive adjustment processing is performed, a face area in a face image of a user is used as a key processing part, and texture characteristic information of the face area is acquired based on gray level characteristics of the face area and is used as a basis for subsequent integral adjustment; further, based on the obtained face image of the user, the face image of the user is converted into an HSV color space, and the pixels are classified based on the saturation component and the brightness component characteristics of the pixels, wherein the proposed pixel classification function can classify the pixels into a sourse1 classification with obvious reflection, a sourse classification with important processing and a sourse3 classification with heavy shadow part, wherein the pixels classified into sourse1 with obvious reflection are firstly subjected to adjustment processing, and the obvious reflection points are subjected to brightness inhibition through the idea of brightness balance so as to eliminate the influence of the conditions such as the reflection of the face skin or the eyeball reflection; the method comprises the steps of detecting reflection phenomena of pixel points of a face area with the largest proportion according to the thought of sorting brightness values of pixel points according to the adjusted sourse pixel points and sourse pixel points, and performing traversal adjustment processing on a part with the abnormal brightness according to the characteristics of the reflection phenomena (a brightness abnormal condition in a local range can appear in a face part according to the reflection condition of a screen) so as to reduce the abnormal condition of the pixel points (reduce the probability of misjudging as the texture characteristics of the face due to the reflection condition); meanwhile, based on an iterative adjustment mode, the processing of the abnormal reflection area can be completed in a self-adaptive mode, the situation that the brightness is excessively flat (the human face texture features which should be identified are excessively eliminated) caused by excessive adjustment is avoided, and the method is beneficial to keeping the human face detail features to the greatest extent under the condition that the abnormal reflection area is removed; finally, aiming at the area of the middle shadow part (such as the texture area of the facial features, such as the areas between the corners of eyes, nostrils, lips and the like), the reflection of the texture features is highlighted in a brightness stretching mode, and the expression level of the facial features is improved. And simultaneously, the overall brightness adjustment processing is combined, the brightness level of the non-texture area is adaptively improved based on the texture characteristic information in the face area, the definition of the whole face area is improved, and the representation level of the texture characteristic of the face is improved. The server finally carries out further feature extraction processing based on the user face image subjected to self-adaptive adjustment processing, so that the influence of abnormal texture features caused by the light reflection phenomenon caused by the mobile terminal in the user face image acquisition process can be effectively eliminated, the reliability of face feature extraction is improved, the accuracy of user identity verification obtained by subsequent further comparison and verification based on the face features is also improved, and the safety of transaction data extraction is ensured.
Referring to the embodiment of fig. 2, a mobile terminal-based transaction data encryption system is shown, comprising a mobile terminal and a server, wherein,
During primary transaction, the mobile terminal is used for encrypting transaction data based on an initial key and transmitting the encrypted transaction data to the server;
And in the subsequent transaction, the mobile terminal is used for generating a current encryption key according to the transaction data encrypted last time, and carrying out encryption processing on the current transaction data by adopting the current encryption key to obtain the current transaction data and transmitting the current transaction data to the server.
It should be noted that, the transaction data encryption system based on the mobile terminal shown in the foregoing embodiment is further used to implement a corresponding specific implementation manner in the transaction data encryption method based on the mobile terminal shown in the embodiment of fig. 1, and the disclosure is not repeated here.
It should be noted that, in each embodiment of the present invention, each functional unit/module may be integrated in one processing unit/module, or each unit/module may exist alone physically, or two or more units/modules may be integrated in one unit/module. The integrated units/modules described above may be implemented either in hardware or in software functional units/modules.
From the description of the embodiments above, it will be apparent to those skilled in the art that the embodiments described herein may be implemented in hardware, software, firmware, middleware, code, or any suitable combination thereof. For a hardware implementation, the processor may be implemented in one or more of the following units: an Application Specific Integrated Circuit (ASIC), a Digital Signal Processor (DSP), a Digital Signal Processing Device (DSPD), a Programmable Logic Device (PLD), a Field Programmable Gate Array (FPGA), a processor, a controller, a microcontroller, a microprocessor, other electronic units designed to perform the functions described herein, or a combination thereof. For a software implementation, some or all of the flow of an embodiment may be accomplished by a computer program to instruct the associated hardware. When implemented, the above-described programs may be stored in or transmitted as one or more instructions or code on a computer-readable medium. Computer-readable media includes both computer storage media and communication media including any medium that facilitates transfer of a computer program from one place to another. A storage media may be any available media that can be accessed by a computer. Computer-readable media can include, but are not limited to, RAM, ROM, EEPROM, CD-ROM or other optical disk storage, magnetic disk storage media or other magnetic storage devices, or any other medium that can be used to carry or store desired program code in the form of instructions or data structures and that can be accessed by a computer.
Finally, it should be noted that the above embodiments are only for illustrating the technical solution of the present invention, and not for limiting the scope of the present invention, and although the present invention has been described in detail with reference to the preferred embodiments, those skilled in the art should understand that modifications or equivalent substitutions can be made to the technical solution of the present invention without departing from the spirit and scope of the technical solution of the present invention.
Claims (10)
1. The transaction data encryption method based on the mobile terminal is characterized by being applied to the mobile terminal and a server and comprising the following steps of:
s1, in the primary transaction, the mobile terminal encrypts transaction data based on an initial key and transmits the encrypted transaction data to a server;
And S2, during subsequent transactions, the mobile terminal generates a current encryption key according to the transaction data encrypted last time, encrypts the current transaction data by adopting the current encryption key, and transmits the obtained current transaction data to the server.
2. The mobile terminal-based transaction data encryption method of claim 1, further comprising: s01, before primary transaction, the mobile terminal generates an initial key and transmits the initial key to a server; or alternatively
And S01, before the primary transaction, the mobile terminal transmits the user identity information to the server and receives an initial key returned by the server, wherein the initial key is generated by the server according to the user identity information.
3. The method for encrypting transaction data based on mobile terminal according to claim 1, wherein the mobile terminal receives the encrypted transaction feedback information returned by the server, and uses the received encrypted transaction feedback information as the transaction data after the last encryption; the encrypted transaction feedback information is obtained by the server through encryption processing of the transaction feedback information after generating a current encryption key in the same way based on the received encrypted transaction data; the transaction feedback information is generated by the server according to the transaction data.
4. The method for encrypting transaction data based on a mobile terminal according to claim 1, wherein after step S1, further comprises:
and the mobile terminal locally stores the encrypted transaction data.
The transaction data comprises transaction information or transaction feedback information generated when a transaction task is completed, wherein the transaction information comprises transaction party identity information, transaction account information, transaction amount information and transaction commodity information.
The server also performs independent server storage management on the transaction data, and adds the related transaction data or transaction feedback information to the latest server storage record after the server receives the encrypted transaction data sent by the mobile terminal or the server generates the encrypted transaction feedback information.
5. The method for encrypting transaction data based on a mobile terminal according to claim 4, wherein step S1 further comprises:
After receiving the encrypted transaction feedback information returned by the server, the mobile terminal generates a current encryption key according to the last encrypted transaction data in the local storage record, and decrypts the acquired transaction feedback information by adopting the current encryption key to obtain decrypted transaction feedback information; and further storing the encrypted transaction feedback information locally and adding the transaction feedback information to the latest local storage record.
6. The method for encrypting transaction data based on a mobile terminal according to claim 1, wherein in step S2, the mobile terminal generates a current encryption key according to the transaction data encrypted last time, and specifically comprises:
Carrying out hash processing according to the last encrypted transaction data to obtain a hash value with a fixed length;
Extracting a time characteristic value according to the recording time of the transaction data encrypted last time;
and combining according to the acquired hash value and the time characteristic value to generate the current encryption key.
7. The mobile terminal-based transaction data encryption method of claim 1, further comprising:
When the mobile terminal needs to be replaced, the new mobile terminal acquires user identity information and transmits the user identity information to the server, so that the server performs verification according to the acquired user identity information to obtain an identity verification result; when the identity verification result passes, the server transmits the server storage record stored by the server to the new mobile terminal;
and the new mobile terminal performs localized local storage according to the acquired server storage record.
8. The mobile terminal-based transaction data encryption method of claim 1, further comprising:
When the mobile terminal needs to be replaced, the mobile terminal collects user identity information and transmits the user identity information to the server, so that the server performs verification according to the obtained user identity information to obtain an identity verification result; after the authentication result passes, the server returns record transfer information to the mobile terminal;
the mobile terminal shares the record transfer information to a new mobile terminal;
The new mobile terminal sends record transfer information to the server, so that the server extracts corresponding server storage records according to the received record transfer information and transmits the corresponding server storage records to the new mobile terminal;
and the new mobile terminal performs localized local storage according to the acquired server storage record.
9. The mobile terminal-based transaction data encryption method according to claim 7, wherein the user identity information comprises a user ID and a user face image acquired in real time;
the server performs verification according to the acquired user identity information, and specifically includes:
the server extracts a standard face image reserved by a user during registration from the registration information according to the acquired user ID;
extracting features according to the user face images acquired in real time, and extracting user face features;
and comparing and analyzing according to the extracted user face features and the user face features corresponding to the standard face images, and obtaining an identity verification result to pass when the similarity is higher than a preset standard value.
10. A transaction data encryption system based on a mobile terminal is characterized by comprising the mobile terminal and a server; wherein the mobile terminal and the server are adapted to implement a mobile terminal based transaction data encryption method according to any of the preceding claims 1-9.
Priority Applications (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN202410410247.4A CN118300847A (en) | 2024-04-07 | 2024-04-07 | Transaction data encryption method and system based on mobile terminal |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN202410410247.4A CN118300847A (en) | 2024-04-07 | 2024-04-07 | Transaction data encryption method and system based on mobile terminal |
Publications (1)
| Publication Number | Publication Date |
|---|---|
| CN118300847A true CN118300847A (en) | 2024-07-05 |
Family
ID=91674002
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN202410410247.4A Pending CN118300847A (en) | 2024-04-07 | 2024-04-07 | Transaction data encryption method and system based on mobile terminal |
Country Status (1)
| Country | Link |
|---|---|
| CN (1) | CN118300847A (en) |
Citations (4)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN110061840A (en) * | 2019-03-12 | 2019-07-26 | 平安科技(深圳)有限公司 | Data ciphering method, device, computer equipment and storage medium |
| CN114338047A (en) * | 2022-03-08 | 2022-04-12 | 科大天工智能装备技术(天津)有限公司 | Block chain industrial data encryption method and device based on state cipher and storage medium |
| CN116074618A (en) * | 2023-03-31 | 2023-05-05 | 广州翼拍联盟网络技术有限公司 | Intelligent photographing service method, system and storage medium for preventing portrait information leakage |
| CN116633677A (en) * | 2023-07-06 | 2023-08-22 | 深圳迅策科技有限公司 | Associated encryption method and system for batch transaction data |
-
2024
- 2024-04-07 CN CN202410410247.4A patent/CN118300847A/en active Pending
Patent Citations (4)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN110061840A (en) * | 2019-03-12 | 2019-07-26 | 平安科技(深圳)有限公司 | Data ciphering method, device, computer equipment and storage medium |
| CN114338047A (en) * | 2022-03-08 | 2022-04-12 | 科大天工智能装备技术(天津)有限公司 | Block chain industrial data encryption method and device based on state cipher and storage medium |
| CN116074618A (en) * | 2023-03-31 | 2023-05-05 | 广州翼拍联盟网络技术有限公司 | Intelligent photographing service method, system and storage medium for preventing portrait information leakage |
| CN116633677A (en) * | 2023-07-06 | 2023-08-22 | 深圳迅策科技有限公司 | Associated encryption method and system for batch transaction data |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| CN110414200B (en) | Identity authentication method, identity authentication device, storage medium and computer equipment | |
| AU2016217549B2 (en) | Systems and methods for securely managing biometric data | |
| US20230016784A1 (en) | Biometric validation process utilizing access device and location determination | |
| CN112819475B (en) | Information processing method, device, electronic equipment, server and medium | |
| EP2012249A1 (en) | Authenticating server device, terminal device, authenticating system and authenticating method | |
| CN115336223A (en) | Optimized private biometric matching | |
| CN108280369B (en) | Cloud document offline access system, intelligent terminal and method | |
| CN111095246B (en) | Method and electronic device for authenticating user | |
| CN102737441A (en) | Self-service terminal password input device | |
| WO2023142440A1 (en) | Image encryption method and apparatus, image processing method and apparatus, and device and medium | |
| WO2019078858A1 (en) | Biometric data security system and method | |
| US20230344643A1 (en) | Digital signature system using scalable servers | |
| US12019719B2 (en) | Method and electronic device for authenticating a user | |
| US11586717B2 (en) | Method and electronic device for authenticating a user | |
| Thawre et al. | Survey on security of biometric data using cryptography | |
| CN114581091A (en) | Identity authentication method and device, computer equipment and storage medium | |
| CN118300847A (en) | Transaction data encryption method and system based on mobile terminal | |
| CN109450878B (en) | Biological feature recognition method, device and system | |
| CN116756750A (en) | Medical sensitive data acquisition desensitization method | |
| CN115426189A (en) | Information security protection method and system based on big data | |
| CN115733615A (en) | Biological feature recognition method and system | |
| CN112968859A (en) | Encryption storage system for work privacy data | |
| CN116055129B (en) | Internet of things equipment identity authentication method and system based on dynamic graphic password picture | |
| Das et al. | An Efficient Visual Cryptography Approach for Intermodal Biometric Verification | |
| CN115348093A (en) | Picture verification method and device, storage medium and picture verification equipment |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| PB01 | Publication | ||
| PB01 | Publication | ||
| SE01 | Entry into force of request for substantive examination | ||
| SE01 | Entry into force of request for substantive examination |