CN1560801A - Disposable cipher protection careless electronic transaction payment method - Google Patents
Disposable cipher protection careless electronic transaction payment method Download PDFInfo
- Publication number
- CN1560801A CN1560801A CNA2004100264627A CN200410026462A CN1560801A CN 1560801 A CN1560801 A CN 1560801A CN A2004100264627 A CNA2004100264627 A CN A2004100264627A CN 200410026462 A CN200410026462 A CN 200410026462A CN 1560801 A CN1560801 A CN 1560801A
- Authority
- CN
- China
- Prior art keywords
- user
- bank
- transaction
- electronic transaction
- password
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Granted
Links
Images
Abstract
The invention discloses cardless electron transaction paying method with one-off code protection, it connects and carries on transaction through the user mobile phone short message and bank electron transaction terminals, the one-off code is formed by 4 bits number dynamic code matching with prerecorded 6 bits number user static code registered in bank, the 4 bits number dynamic code is determined by using the 4 bit random number as the seed and operated with the user electron transaction fee and it is transmitted to the user through mobile phone short message, the transaction code is transmitted to the bank through the electron transaction terminal and determines if carries on the transaction after test, the one-off code service life is 1-5 minutes, it is invalid after being used once, it solves the security problem in financial transaction, it can realize cardless transaction, one-off code protection.
Description
Technical field the present invention relates to the no card-type electronic transaction of a kind of disposal password protection delivery method; more particularly, relate to a kind of disposal password that carries out the e-commerce transaction clearing on bank self-help terminal access money, personal consumption electronic accounting and the internet that can be applied in effectively and protect no card-type electronic transaction delivery method.
Background technology in the prior art, personal banking electronic accountings such as bank individual debit, deposit, adopt the user to hold the bank card of issued by banks, with confirming subscriber authorisation at the user cipher of bank's registration in advance, carry out electronic accounting, deposit that card is forged, user cipher is stolen in the bank or the offender forces the user tell password after plundering user's bank card, thereby steal the fund of user in bank.The user is carrying out internet electronic business when transaction, if Bank Account Number, user cipher are stolen by the hacker on Network Transmission, transaction platform server or client personal computer, also threatens the safety of user's fund.Generally speaking, there is bigger security risk in present stage electronic transaction clearing.
Summary of the invention the object of the present invention is to provide the no card-type electronic transaction of a kind of disposal password protection delivery method; the user need not to carry bank card; just can carry out the electronic transaction clearing; can avoid effectively being plundered user's bank card, to take precautions against the fund security risk that Bank Account Number, user cipher are stolen and bring by the offender.
In order to achieve the above object; the invention provides following technical scheme: adopt the no card-type electronic transaction of a kind of disposal password protection delivery method; by user's mobile phone short-message and contact of bank electronic transaction terminal and transaction; the electronic transaction terminal comprises the POS machine of bank; ATM and e-commerce website; old-style Chinese private bank's code that user's Bank Account Number that this method adopted is encoded to bank adds user's Mobile Directory Number; disposal password is added in advance by 4 figure place dynamic passwords to be formed at 6 figure place user static passwords of bank's registration; when carrying out the electronic transaction payment; the user is to bank electronic transaction terminal input user account and dealing money; transaction terminal is submitted to bank and is contained user account; the transaction request of dealing money; by bank 4 figure place dynamic passwords are carried out determining behind the cryptographic calculation as seed and user's electronic dealing money by 4 random numbers; and Transaction Informations such as dynamic password and dealing money are sent to user's mobile phone; the user adds 4 figure place dynamic passwords trading password definite could transaction after the electronic transaction terminal sends to bank's empirical tests that 6 figure place user static passwords are formed again; whether transaction terminal concludes the business according to the decision of could concluding the business that bank provides again; the information that the electronic transaction terminal maybe can not be concluded the business Transaction Success is shown to the user, and passage at last Cancels Transaction.
The present invention will solve the coding method of user's Bank Account Number, disposal password generation and the technical matterss of being convenient to remember such as method of calibration, disposal password and user interaction method.Because Bank of China's code has only double-digit numeral to form at present, user's Mobile Directory Number user can both remember, therefore, and the very convenient user's memory of user account.Because disposal password is made of at user's static password of notes such as bank in advance 4 figure place dynamic passwords+six figure places, after 4 figure place dynamic passwords carry out cryptographic calculation by 4 random numbers as seed and user's electronic dealing money, get 4 bit digital and be user's dynamic password, transaction each time all generates different dynamic passwords, when password authentification, examine password that user submit with dealing money through identical cryptographic calculation scheme by the dynamic password seed, can effectively prevent the dealing money deception that illegal transaction terminal such as illegal business site produce; Static password uses, and in the time of can preventing that user's mobile phone from illegally being used by other people, user account ground is protected.
The present invention's technical scheme preferably can be: bank is set at 1~5 minute with disposal password life cycle, submits to from the user and comes into force in the electronic transaction request, loses efficacy after reaching setting-up time.Because adopt online transaction, the time of the actual use of disposal password generally got final product at 1~3 minute, will be set at 5 minutes its life cycle with the interior requirement that can satisfy transaction.
Hold with existing user, the static password calibration technology compares, the present invention has following tangible advantage and effect: 1, the user does not need to carry bank card, just can carry out the electronic transaction clearing, can take precautions against stolen, the quilt carrying bank card and bring effectively and be robbed risk; 2, adopt the disposal password protection, can take precautions against user account effectively, user cipher is revealed the risk of bringing to the user account fund; 3, dynamic password is relevant with dealing money, can take precautions against the dealing money deception of illegal transaction platform such as illegal e-commerce website effectively, respectively submits different dealing money to the user with bank as illegal e-commerce website; 4, settlement of transactions each time, all use generate by bank, by the cryptoguard of mobile network's transmission, can solve the user effectively to the worry of internet electronic business to account, cryptoguard, can greatly stimulate internet electronic business ground to develop.
Be description of drawings of the present invention below the description of drawings:
Fig. 1 is the no card-type electronic transaction of a disposal password protection delivery method process flow diagram;
Fig. 2 is the application of the no card-type electronic transaction delivery method of disposal password protection on the bank self-help terminal;
Fig. 3 is the application of the no card-type electronic transaction delivery method of disposal password protection on internet electronic business;
Fig. 4 is the application of the no card-type electronic transaction delivery method of disposal password protection on the personal consumption electronic accounting.
Among Fig. 1~Fig. 4, parties is user and electronic transaction terminal both sides, is settled accounts by the bank settlement processor, and the electronic transaction terminal among the figure comprises POS machine, ATM and the e-commerce website etc. of bank.
With reference to Fig. 1, the user is handed over by electronics to electronic transaction terminal input account number, dealing money Easily terminal proposes transaction request to bank, and bank settlement generates transaction journal number, dynamic password kind Son, dynamic password, while separate users Mobile Directory Number, and with dynamic password, trade gold The Transaction Informations such as volume send to user's mobile phone by note, and the user will be obtained by mobile phone Dynamic password add the 10 figure place trading passwords input electronic transaction terminal that static password forms And submitted to bank by the electronic transaction terminal, bank settlement checking dynamic password, dealing money, Static password, dynamic password be after life cycle, and sending to the electronic transaction terminal could Transaction Information, The electronic transaction terminal will according to bank provide could Transaction Information, conclude the business with the user or get The transaction that disappears, and transaction results is shown to the user, and carry out the relevant processing that writes off with bank. Silver Row also can send to Transaction Information user's mobile phone.
By specific embodiment the present invention is carried out more detailed description below the embodiment:
The application of embodiment 1 on the bank self-help terminal
With reference to Fig. 2, the user imports user account number on ATM, the amount of money of withdrawing the money, to bank transaction request is proposed through ATM, bank settlement generates transaction journal number, the dynamic password seed, dynamic password, while separate users Mobile Directory Number, and with dynamic password, Transaction Informations such as dealing money send to user's mobile phone by note, the user will be added 10 figure place trading passwords input ATM that static password forms by the dynamic password that mobile phone obtains and submit to bank, bank settlement checking dynamic password, dealing money, static password, dynamic password is after life cycle, sending to ATM could Transaction Information, ATM according to bank provide could Transaction Information, conclude the business or Cancel Transaction with the user, and transaction results is shown to the user, ATM is submitted the transaction results report to, and by bank's processing that writes off of being correlated with, bank also can send to Transaction Information user's mobile phone.
The application of embodiment 2 on internet electronic business
With reference to Fig. 3, user's order products is to the e-commerce website order products, e-commerce website shows product value, the user imports user account number, to e-commerce website transaction request is proposed, bank settlement generates transaction journal number, the dynamic password seed, dynamic password, while separate users Mobile Directory Number, and with dynamic password, Transaction Informations such as dealing money send to user's mobile phone by note, the user will be added that the 10 figure place trading passwords that static password is formed submit business web site to by the dynamic password that mobile phone obtains after examining dealing money, business web site transmitted transaction password is given bank, bank settlement checking dynamic password, dealing money, static password, dynamic password is after life cycle, sending to business web site could Transaction Information, business web site according to bank provide could Transaction Information, conclude the business or Cancel Transaction with the user, and transaction results is shown to the user, business web site is submitted the transaction results report to, and by bank's processing that writes off of being correlated with, bank is to send to Transaction Information user's mobile phone.
The application of embodiment 3 on the personal consumption electronic accounting
With reference to Fig. 4, trade company imports the amount of money of customer consumption on the POS machine, the user imports user account number on the POS machine, the POS machine proposes transaction request by Unionpay to bank through trade company, bank settlement generates transaction journal number, the dynamic password seed, dynamic password, while separate users Mobile Directory Number, and with dynamic password, Transaction Informations such as dealing money send to user's mobile phone by note, the user will be added 10 figure place trading passwords input POS machine that static password forms by the dynamic password that mobile phone obtains and submit to bank by Unionpay, bank settlement checking dynamic password, dealing money, static password, dynamic password is after life cycle, sending to the POS machine by Unionpay could Transaction Information, the POS machine according to bank provide could Transaction Information, conclude the business or Cancel Transaction with the user, and transaction results is shown to the user, the POS machine is submitted the transaction results report to, and carries out relevant writing off and Account Disposal through Unionpay by Unionpay and bank, and bank sends to user's mobile phone with Transaction Information.
Claims (2)
1; the no card-type electronic transaction of a kind of disposal password protection delivery method; by user's mobile phone short-message and contact of bank electronic transaction terminal and transaction; the electronic transaction terminal comprises the POS machine of bank; ATM and e-commerce website; it is characterized in that: old-style Chinese private bank's code that the user's Bank Account Number that is adopted is encoded to bank adds user's Mobile Directory Number; disposal password is added in advance by 4 figure place dynamic passwords to be formed at 6 figure place user static passwords of bank's registration; when carrying out the electronic transaction payment; the user is to bank electronic transaction terminal input user account and dealing money; transaction terminal is submitted to bank and is contained user account; the transaction request of dealing money; by bank 4 figure place dynamic passwords are carried out determining behind the cryptographic calculation as seed and user's electronic dealing money by 4 random numbers; and Transaction Informations such as dynamic password and dealing money are sent to user's mobile phone; the user adds 4 figure place dynamic passwords trading password definite could transaction after the electronic transaction terminal sends to bank's empirical tests that 6 figure place user static passwords are formed again; whether transaction terminal concludes the business according to the decision of could concluding the business that bank provides again; the information that the electronic transaction terminal maybe can not be concluded the business Transaction Success is shown to the user, and passage at last Cancels Transaction.
2, according to the described method of claim, it is characterized in that: bank is set at 1~5 minute with disposal password life cycle, submits to from the user and comes into force in the electronic transaction request, loses efficacy after reaching setting-up time.
Priority Applications (1)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
CNB2004100264627A CN100353705C (en) | 2004-03-09 | 2004-03-09 | Disposable cipher protection careless electronic transaction payment method |
Applications Claiming Priority (1)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
CNB2004100264627A CN100353705C (en) | 2004-03-09 | 2004-03-09 | Disposable cipher protection careless electronic transaction payment method |
Publications (2)
Publication Number | Publication Date |
---|---|
CN1560801A true CN1560801A (en) | 2005-01-05 |
CN100353705C CN100353705C (en) | 2007-12-05 |
Family
ID=34441227
Family Applications (1)
Application Number | Title | Priority Date | Filing Date |
---|---|---|---|
CNB2004100264627A Expired - Fee Related CN100353705C (en) | 2004-03-09 | 2004-03-09 | Disposable cipher protection careless electronic transaction payment method |
Country Status (1)
Country | Link |
---|---|
CN (1) | CN100353705C (en) |
Cited By (7)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN101882343A (en) * | 2009-05-05 | 2010-11-10 | 中国移动通信集团公司 | Method, system and equipment for cardless operation of automatic teller machine |
CN101901306A (en) * | 2009-06-01 | 2010-12-01 | 北京焜安信息技术有限公司 | Network transaction encryption method and dynamic password equipment used by same |
CN101582763B (en) * | 2009-04-02 | 2011-05-18 | 北京飞天诚信科技有限公司 | Method and system for identity authentication based on dynamic password |
CN102637273A (en) * | 2011-02-09 | 2012-08-15 | 周锡卫 | Safe real-time bank payment system and method |
CN101958024B (en) * | 2009-07-16 | 2013-06-26 | 全宏科技股份有限公司 | Financial transaction system, automated teller machine and method for operating automated teller machine |
CN104778384A (en) * | 2014-01-13 | 2015-07-15 | 全宏科技股份有限公司 | Authorization server, authorization method and computer program product |
CN105096111A (en) * | 2015-08-31 | 2015-11-25 | 宇龙计算机通信科技(深圳)有限公司 | No-card account transfer or withdrawal protection method and mobile phone system |
Family Cites Families (4)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN1283827A (en) * | 2000-08-18 | 2001-02-14 | 郝孟一 | Universal electronic information network authentication system and method |
CN1435985A (en) * | 2002-01-30 | 2003-08-13 | 鸿联九五信息产业股份有限公司 | Dynamic cipher safety system and dynamic cipher generating method |
CN1472915A (en) * | 2002-08-01 | 2004-02-04 | 苗 原 | Method for identification in Internet application by utilizing mobile device |
CN1274105C (en) * | 2003-06-12 | 2006-09-06 | 上海格尔软件股份有限公司 | Dynamic password authentication method based on digital certificate implement |
-
2004
- 2004-03-09 CN CNB2004100264627A patent/CN100353705C/en not_active Expired - Fee Related
Cited By (8)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN101582763B (en) * | 2009-04-02 | 2011-05-18 | 北京飞天诚信科技有限公司 | Method and system for identity authentication based on dynamic password |
CN101882343A (en) * | 2009-05-05 | 2010-11-10 | 中国移动通信集团公司 | Method, system and equipment for cardless operation of automatic teller machine |
CN101901306A (en) * | 2009-06-01 | 2010-12-01 | 北京焜安信息技术有限公司 | Network transaction encryption method and dynamic password equipment used by same |
CN101958024B (en) * | 2009-07-16 | 2013-06-26 | 全宏科技股份有限公司 | Financial transaction system, automated teller machine and method for operating automated teller machine |
CN102637273A (en) * | 2011-02-09 | 2012-08-15 | 周锡卫 | Safe real-time bank payment system and method |
CN104778384A (en) * | 2014-01-13 | 2015-07-15 | 全宏科技股份有限公司 | Authorization server, authorization method and computer program product |
CN105096111A (en) * | 2015-08-31 | 2015-11-25 | 宇龙计算机通信科技(深圳)有限公司 | No-card account transfer or withdrawal protection method and mobile phone system |
WO2017036201A1 (en) * | 2015-08-31 | 2017-03-09 | 宇龙计算机通信科技(深圳)有限公司 | Protection method for cardless account transfer or deposit withdrawal, and mobile phone system |
Also Published As
Publication number | Publication date |
---|---|
CN100353705C (en) | 2007-12-05 |
Similar Documents
Publication | Publication Date | Title |
---|---|---|
CA2322356C (en) | Credit card system and method | |
EP1153375B1 (en) | Credit card system and method | |
CA2288727C (en) | Electronic transaction | |
US20070170247A1 (en) | Payment card authentication system and method | |
US20080255992A1 (en) | Double recognizing method by means of telephone number and identification code for online credit card transactions over the internet | |
US20090055319A1 (en) | Novel card-less, name-less, number-less, and paper-less method and system of highly secure completely anonymous customer-merchant transactions | |
CN105260890A (en) | On-line secure payment method based on multi-domain user information big data analysis | |
WO2014108916A1 (en) | A computer implemented system and method for cashless and cardless transactions | |
CN100353705C (en) | Disposable cipher protection careless electronic transaction payment method | |
AU2004241345A1 (en) | Security method and apparatus for preventing credit card fraud | |
Dhobe et al. | A review on prevention of fraud in electronic payment gateway using secret code | |
Smith | Internet payment systems and their security risks | |
Theophilus et al. | Academic Journal of Applied Mathematical Sciences | |
US20200410493A1 (en) | Computer Implemented System and Method for Cashless and Cardless Transactions | |
CA2627108A1 (en) | A pin number security system for debit card and credit card | |
Carolina | Online credit card fraud: An emerging crime in the information technology | |
AU753159B2 (en) | Credit card system and method | |
Dhakade et al. | Review on Fraud Detection in Electronic Payment Gateway | |
Binitie et al. | Synthetic software method: panacea for combating internet fraud in Nigeria | |
Zhang et al. | SAFE System: Secure Applications for Financial Environments Using Mobile Phones | |
CA2353308A1 (en) | Electronic transaction system and method | |
by Visa | Card not present fraud | |
WO2007058519A1 (en) | On line banking security method and system |
Legal Events
Date | Code | Title | Description |
---|---|---|---|
C06 | Publication | ||
PB01 | Publication | ||
C10 | Entry into substantive examination | ||
SE01 | Entry into force of request for substantive examination | ||
C14 | Grant of patent or utility model | ||
GR01 | Patent grant | ||
C17 | Cessation of patent right | ||
CF01 | Termination of patent right due to non-payment of annual fee |
Granted publication date: 20071205 |