CN1851740A - Bank net business processing method based on traditional terminal transaction form - Google Patents
Bank net business processing method based on traditional terminal transaction form Download PDFInfo
- Publication number
- CN1851740A CN1851740A CNA2006100272482A CN200610027248A CN1851740A CN 1851740 A CN1851740 A CN 1851740A CN A2006100272482 A CNA2006100272482 A CN A2006100272482A CN 200610027248 A CN200610027248 A CN 200610027248A CN 1851740 A CN1851740 A CN 1851740A
- Authority
- CN
- China
- Prior art keywords
- execution
- transaction
- terminal
- bank
- payment platform
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Pending
Links
Images
Landscapes
- Financial Or Insurance-Related Operations Such As Payment And Settlement (AREA)
Abstract
Said method designs the traditional terminal as new type terminal capable of connected with internet, setting network bank server in bank headquarter, after said new type terminal connected to internet, capable of execution of tradition bank card deal and network bank service adjoined deal method, Said new type terminal configured with CPU chip and embedded type board card, mobile intelligent unlocking key, liquid crystal display, banker's card slot, keyboard and modem; wherein modem for accessing internet or by ADSL dialing, embedded type board card controlling scheduling peripheral and executing scheduled software, keyboard card slot and liquid crystal display receiving input output result.
Description
Technical field
The present invention relates to a kind of novel banking terminal transaction method, belong to the banking technicality field, refer to a kind ofly especially, use the conventional transaction form to carry out the disposal route of ebanking services based on conventional terminal equipment (as bank POS terminal, bank ATM terminal etc.).It is a kind of brand-new banking terminal method of commerce that conventional terminal is professional and ebanking services combines.
Background technology
Each big bank is constantly expanding its banking kind and scope of business at present, from the saving service of maturation, corporate business, international business, loans and deposits business, credit card business, off-shore banking etc., to promoting very successful bank card business and Internet-based banking services that emerge rapidly and emerging mobile banking service in the recent period.Make great efforts the colony that extends one's service, improve economic interests is the final goal of bank's development always.Wherein bank card business and Internet-based banking services are full-fledged and relatively outstanding classs of business.
Traditional terminal transaction is one of major transaction kind of bank card business, and this terminal device is mainly based on telecommunication telephone network or bank's dedicated line.Aspect the data transmission, it is generally based on FSK modulation, adopts host-host protocols such as the CTSI of China Telecom information protocol or bank be self-defined.Aspect data security, it has adopted symmetric encipherment algorithms such as 3DES.Relatively money transaction, traditional terminal transaction not only can reduce the risk that the consumer carries buckets of cash, makes them can safer, transaction fast, easily, can also reduce trade company a large amount of turnovers are escorted, manage, distinguish false risk etc.Because its plurality of advantages, and through years of development, the traditional terminal transaction mode is shown one's talent in bank card business, and has been subjected to businessman and consumers in general's approval and likes.
Internet-based banking services are novel relatively at present classs of business, are subjected to the drive of bank card business, and the novel mode of doing business of using bank card to carry out the online payment transaction develops maturation rapidly.The network payment platform is based on Internet.Aspect the data transmission, it has adopted the application layer security host-host protocol based on the Internet environment such as HTTPS.Aspect data security, it has adopted rivest, shamir, adelmans such as PKI (Public Key Infrastructure) technical system, RSA.Network payment platform mode of doing business has that transaction is safer, the transaction non-repudiation, transaction cost is low, turnover of funds is convenient, be not subjected to a series of advantages such as constraint, broad covered area of time and region.The user only need open a web browser, connects the bank paying platform, submits digital certificate to, and input bank card account number and encrypted message just can be finished transaction at instantly safe.
But two kinds of existing modes of doing business that more than introduce all exist shortcoming and defect.
The drawback of traditional terminal transaction mainly be following some:
The first, based on the data transmission scheme of telecommunication telephone network or bank's dedicated line, defining conventional terminal equipment need adopt public telephone network and bank to carry out communication, so, the bank aspect need drop into a large amount of responses in each service area and handle front server, and needs these equipment of maintenance and management; If adopt cable special line and front server directly to carry out communication in order to improve data rate, the bank aspect also needs additionally to lay private cable circuit (seeing also traditional terminal transaction circuit link model Fig. 1).Either way dropped into great amount of cost, and this cost will inevitably some be married again on one's body trade company and the consumer.
The second, the FSK transmission technology defines the highest 300 byte per seconds that are not more than of data rate of conventional terminal equipment, directly causes the Transaction Information that equipment can't the fast processing big data quantity.This is for complicated day by day, and diversified business need obviously is disadvantageous.
Three, adopt symmetric encipherment algorithm can't realize digital signature function, also just be doomed traditional terminal transaction and do not possessed the anti-negativity of transaction.This makes that the bank aspect can not get legal assurance when Transaction Disputes took place.
The drawback of online payment transaction mainly be following some:
The first, use the general networking transaction must be equipped with a PC computer, and owing to do not re-use entity transaction authority such as bank card, network trading is difficult for being trusted by the consumer and accepting relatively.
The second, finishing the primary network transaction needs the operator to possess certain schooling, certain computation knowledge, and safety precaution knowledge.This requirement can not be fit to most consumers relatively.
Summary of the invention
In order to overcome the weak point of above-mentioned traditional terminal transaction, and continuation keeps its strong point, can take into account simultaneously the advantage of online payment transaction again, fundamental purpose of the present invention aims to provide a kind of use traditional terminal transaction form, realizes the transacting targeted solution of online payment; This method is to continue to use the operation steps and the using method of traditional terminal transaction equipment, and utilizes existing e-Bank payment platform, realizes online transaction; Mainly be with conventional terminal, be designed to the new model terminal that can be communicated with, acquire ebanking server, after this new model terminal is communicated with internet in head office of bank with the internet, just can implement traditional bank swipe the card transaction and the method for commerce that combines of ebanking services, the step of this method master routine is:
Step 1. beginning;
Step 2. initialization terminal equipment;
Step 3. is accepted keyboard input dealing money;
Does step 4. judge whether input legal?
It is execution in step 5;
It deny execution in step 3;
Step 5. is accepted draw-in groove and is put client's card number under;
Does step 6. judge whether input legal?
It is execution in step 7;
It deny execution in step 5;
Step 7. is accepted keyboard input client password;
Does step 8. judge whether input legal?
It is execution in step 9;
It deny execution in step 7;
Step 9. starts modulator-demodular unit and inserts Internet;
Step 10. head office of the bank e-Bank payment platform of shaking hands;
Step 11. sends encrypted transaction message and incidental transactions number of signature word signature;
Step 12. receives head office's encrypted response and analyzes transaction results;
Step 13. is used LCD panel output transaction results;
Does step 14. judge whether continuous business?
It is execution in step 3;
It deny execution in step 15;
Step 15. is closed modulator-demodular unit;
Step 16. finishes.
The job step of actuating equipment initialization operation program is:
Step 1. is accepted keyboard entry terminal digital certificate password;
Step 2. reading terminal equipment digital certificate;
Whether certificate is read in step 3. judgement successful?
It is execution in step 4;
Do not get back to the job step 16 of master routine;
Does step 4. judge that the digital certificate content comprises terminal device machine code information?
It is execution in step 5;
Do not get back to overall software work step 16;
Step 5. is accepted draw-in groove and is put trade company's card number under;
Does step 6. judge whether input legal?
It is execution in step 7;
It deny execution in step 5;
Step 7. is accepted keyboard input trade company bank card password;
Does step 8. judge whether input legal?
It is execution in step 9;
It deny execution in step 7;
Step 9. is got back to the job step 3 of master routine.
The shake hands job step of payment platform running program of execution is:
Step 1. is served to the e-Bank payment platform request;
Step 2. receives the digital certificate Ca of payment platform;
Step 3. is judged this certificate, and whether is trusted in the Certificate Trust List of terminal?
It is execution in step 4;
Do not get back to overall software work step 16;
Step 4. sends the digital certificate Cb of terminal to payment platform;
Step 5. receives the signature information D a (Cb (M)) of payment platform;
Information original text M=(the platform time tag, the platform proof of identification,
Any data message);
Digital envelope Cb (M)=use terminal digital certificate Cb encrypts
The information original text;
The private key of signature information D a (Cb (M))=use payment platform
The digital envelope that Da encrypts;
Step 6. is used the digital certificate Ca decrypted signature information of payment platform, obtains
Digital envelope;
Step 7. is used the private key Db deciphering digital envelope of terminal, obtains information original text M;
Does step 8. judge whether the time tag of payment platform in the information original text and proof of identification correct?
It is execution in step 9;
Do not get back to overall software work step 16;
Step 9. is used the digital certificate Ca enciphered message original text M of payment platform, generates digital envelope Ca (M).
Information original text M=(terminal time sign, terminal identity prove,
The shared key K that terminal produces, any data message);
Digital envelope Ca (M)=use payment platform digital certificate Ca
The information encrypted original text;
Step 10. is used the private key Db enciphered digital envelope Ca (M) of terminal, generates digital signature Db (Ca (M));
The digital envelope Ca (M) that digital envelope Ca (M)=step 9 obtains;
The digital envelope that signature information D b (Ca (M))=use terminal secret key Db encrypts;
The terminal signature information D b that step 11. obtains to payment platform forwarding step 10 (Ca (M));
Does step 12. judge whether by the authentication of payment platform to terminal?
It is execution in step 13;
Do not get back to overall software work step 16;
Step 13. uses the symmetry of having been known by both sides to share the encryption communication tunnel of key K foundation and payment platform;
Step 14. is got back to the job step 11 of master routine.
Carrying out the job step that sends the encrypted transaction message running program is:
Step 1. generates Transaction Information original text M;
Transaction Information original text M=(trade company's card number, trade company's clip pin, user's card number, subscriber card password, terminal device number, transaction journal number, Transaction Inquiries number);
Step 2. is used HASH algorithm hash information original text M, generates digital finger-print H (M);
The information original text of digital finger-print H (M)=use hashing algorithm hash;
Step 3. is used the private key Db enciphered digital fingerprint H (M) of terminal, generates digital signature Db (H (M));
Digital signature Db (H (M))=use terminal gets the digital finger-print that private key Db encrypts;
Step 4. sends to payment platform, uses symmetry to share the Transaction Information K (M+Db (H (M))) that key K (the shared session key that produces during standard HTTP S protocol handshake) is encrypted;
Encrypted transaction message K (M+Db (H (M)))=use symmetry
Share key K information encrypted original text M and digital signature Db (H (M));
Step 5. is got back to the job step 12 of master routine.
Carrying out the job step that receives encryption transaction results running program is:
Step 1. receives payment platform, uses symmetry to share key K (the shared session key that produces during standard HTTPS protocol handshake) information encrypted K (Ra+Rb);
Does step 2. judge whether the key K decryption information is shared in use successful?
It is execution in step 3;
Do not return Fail Transaction, execution in step 8;
Step 3. obtains transaction results Ra and the result Rb that signs;
Transaction results Ra=(stateful transaction sign indicating number, terminal device number, transaction journal number, Transaction Inquiries number)
The result Rb=Da (H (Ra) ') that signs
Step 4. is used HASH algorithm hash transaction results Ra, generates digital finger-print H (Ra);
The transaction results Ra of digital finger-print H (Ra)=use hashing algorithm hash
Step 5. is judged the digital certificate Ca decrypted result signature that uses payment platform
Whether Rb is successful
It is execution in step 6;
Do not return Fail Transaction, execution in step 8;
Digital finger-print H (Ra) ' after step 6. obtains deciphering;
The result of the digital certificate Ca of the digital finger-print H (Ra) ' after the deciphering=use payment platform deciphering Rb that signs
Whether the digital finger-print H (Ra) ' after step 7. is judged digital finger-print H (Ra) and deciphered is consistent.
Be to return Transaction Success, execution in step 8;
Do not return Fail Transaction, execution in step 8;
Step 8. is got back to the job step 13 of master routine.
New model terminal of the present invention is provided with cpu chip and embedded integrated circuit board, and intelligent movable key, LCDs, bank's draw-in groove, keyboard and modulator-demodular unit; Wherein modulator-demodular unit is used to insert the Internet net, perhaps uses ADSL dial-up access Internet net, embedded board card control scheduling peripheral hardware, and carry out predetermined software, keyboard, draw-in groove and LCDs are accepted input, output result.This solution will utilize Internet as data transmission carrier (seeing also the new model terminal transaction circuit link model Fig. 2 that utilizes the online payment interface), thereby save a large amount of response processing front server equipment and long cost apart from the private cable circuit in the black phone public network pattern on physical connection.Make it possess low input cost, hang down the advantage that ebanking services such as safeguarding cost possesses.Simultaneously, the new model terminal (seeing also new model terminal block diagram 3) that this solution is used is provided with cpu chip and embedded integrated circuit board, and intelligent movable key, LCDs, bank's draw-in groove, keyboard and modulator-demodular unit; Wherein modulator-demodular unit is used to insert the Internet net, perhaps uses ADSL dial-up access Internet net, embedded board card control scheduling peripheral hardware, and carry out predetermined software, keyboard, draw-in groove and LCDs are accepted input, output result.This terminal is the input and output device that continues to prolong with traditional, thereby kept already by original traditional terminal transaction form that masses knew and accepted, and makes it inherit the advantage of traditional businesses such as easy behaviour's property, practicality, possesses very strong transplantability simultaneously.
The present invention will utilize the extremely wide Internet of existing, perfect and coverage rate as the data transmission carrier, can save the input cost of track laying cost and other server apparatus so greatly, and administer and maintain cost.As the bank aspect, only need unilaterally to acquire ebanking server and get final product with its relevant device in head office, need not to drop into any optional equipment in lines in each department, need not to lay any cable line, all data all will be passed through internet transmission.As the trade company that uses terminal, only need to use outward appearance, all consistent new terminals of operation to get final product with conventional terminal, need not to retrain the operator.For reaching popular, the purpose cheaply of new terminals, the present invention as the technical scheme that inserts the internet, can certainly realize that in any form (traditional modem dialup, ADSL dialing, Ethernet, wireless network etc.) insert the technical scheme of Internet with the relative modulator-demodular unit slowly of transmission speed.Yet even if use the minimalist configuration 9.6K modulator-demodular unit of having been eliminated by market at present, its data rate also can reach 1200 byte per seconds, is 4 times of the highest configuration conventional terminal device transmission speed (300 byte per second).If adopt the 56K modulator-demodular unit of common configuration in the market, its data rate more can reach 7000 byte per seconds, be the former more than 23 times.This has increased data rate undoubtedly greatly, has improved trading efficiency.
Secondly, the present invention will select for use HTTPS (the Secure Hypertext Transfer Protocol) Secure Hypertext Transfer Protocol of one of application layer security communication protocol based on the Internet environment can meet global bank online payment platform protocol security standard existing, stable, that be widely used like this as Data Transport Protocol.Can certainly realize using any application layer (HTTPS, SSL, SET, PGP etc. or self-defined) secure communication protocols as Data Transport Protocol based on TCP/IP.
Once more, the present invention will select asymmetric RSA cryptographic algorithms and the message digest HASH algorithm important cryptographic algorithm as transaction data for use.Be used in combination the PKI technical system,, other identification informations of user's PKI and user (as title, e-mail, identification card number etc.) bundled, promptly use digital certificate by third-party trust authority (CA).Can on Internet, verify user's identity like this and use electronic signature technology, guarantee confidentiality, authenticity, integrality and the non repudiation (functional definition of electronic signature) of online data.For reaching higher security, the present invention can support smart card pattern (one of main pattern of electronic signature) to allow the digital certificate of any file layout (smart card device, Intelligent key USBKey etc.) of use, and realizes all required algorithms of encrypted transaction data by hardware.
At last, the present invention will prolong the All Activity form with traditional terminal transaction, mainly show new terminals in appearance with operation on.In appearance, new terminals is with the employed standard input and output device of inheriting tradition terminal device (as terminal keyboard, bank card draw-in groove, LCD panel etc.); In operation, the operator of conventional terminal equipment not through any training in advance down, can adapt to new terminals rapidly and operate and use it.Remedied the narrow drawback of ebanking services applicable surface.
The invention solves and a kind ofly can collect traditional business and the ebanking services transaction processing method of advantage separately, and have practicality and extensibility.
The technical solution adopted for the present invention to solve the technical problems is:
The software environment that this method relied on comprises (SuSE) Linux OS, transaction software and a terminal digital certificate.
The present invention is a kind of brand-new banking terminal method of commerce that a kind of traditional business and ebanking services combine.Mainly contain following three aspects:
The first, be prerequisite to insert Internet, make it become the data transmission carrier, finally realize the method for terminal transaction target.
The second, based on Internet, use any application-layer data transmission agreement to connect bank paying platform or payment gateway.
The 3rd, use security assurance information measure based on the PKI system, especially refer to use a kind of key management media of digital certificate as public key architecture.
The present invention compared with prior art has following obvious advantage:
1, carry out terminal transaction with Internet, removed the input cost of bank side's laying special line or purchase preposition equipment from, the use cost of having removed user's leased line from.Also alleviated the degree that the transaction place is subjected to region and environmental impact.
2, realize traditional terminal transaction with full-fledged network bank business based interface, improved data rate technically greatly, saved data transmission period, accelerated trading efficiency, also ensured transaction security simultaneously.
3, kept traditional terminal transaction form, inherited its low characteristics of using difficulty and low complicated operation degree, existing conventional terminal operator is not needed to implement any training, also be fit to most consumers' use.
4, adopt PKI architecture, asymmetric encryption techniques to ensure the security of terminal transaction, met by in the world the Internet security solution that extensively adopts, have this four characteristics of confidentiality, authenticity, integrality and non repudiation, meet the safety standard of information transmission fully.
Description of drawings
Accompanying drawing 1 is a traditional terminal transaction circuit connection diagram.
Accompanying drawing 2 is the new model terminal transaction circuit connection diagram of online payment interface of the present invention.
Accompanying drawing 3 is new model terminal block diagram of the present invention.
Accompanying drawing 4 is main program flow chart of the present invention.
Accompanying drawing 5 is actuating equipment initialization operation program flow diagram of the present invention.
Accompanying drawing 6 is carried out the payment platform running program process flow diagram of shaking hands for the present invention.
Accompanying drawing 7 sends encrypted transaction message running program process flow diagram for the present invention carries out.
Accompanying drawing 8 receives for the present invention carries out encrypts transaction results running program process flow diagram.
Embodiment
Below in conjunction with specific embodiments the present invention is done detailed description further.
As shown in Figure 2, utilize the new model terminal transaction circuit connection diagram of Internet, the present invention uses new terminals and utilizes Internet to realize the solution of traditional terminal transaction for a kind of.Its hardware environment, the used new model terminal model of this example is selected Hayes (Hayes) ACCURA 33.6K external VOICE modulator-demodular unit for use, 17 key boards, bank card draw-in groove (keyboard is subsidiary), the smart electric MOBI2006 LCD MODULE in Hong Kong, the SZD23-B V1.0.0 of CIDC intelligent code key, DC 5V power supply and based on the embedded integrated circuit board of AT91RM9200 cpu chip.Wherein said embedded integrated circuit board is a main body, and modulator-demodular unit (com interface), keyboard, draw-in groove (com interface) LCD panel (SPI interface) are connected by interface with main body as independent peripheral with intelligent code key (USB interface).
Wherein modulator-demodular unit is responsible for connecting Internet, keyboard, draw-in groove and LCD panel are responsible for accepting the input and output result, the intelligent movable key is responsible for storing digital certificate and cryptographic algorithm is provided, and embedded integrated circuit board is responsible for control and is dispatched all peripheral hardwares, and carries out predetermined software programs.
About software environment of the present invention, this example will embed at AT91RM9200 Linux 2.4.19-arm operating system and transaction software will be installed in the integrated circuit board, and a terminal digital certificate is installed in the SZD23-B V1.0.0 of CIDC intelligent code key.
The job step of this specific embodiments is:
Step 1. beginning.
Step 2. is played the part of the operator of the trade company start of going to work.
Step 3. is inserted the intelligent code key that has the terminal digital certificate.
Step 4. is used keyboard input Intelligent key PIN code.
Step 5. transaction software uses this PIN code to read numeral in the Intelligent key
Certificate, and judge whether success.
It is execution in step 6.
It deny execution in step 26.
Step 6. transaction software is analyzed the digital certificate content information, and judges whether bag
The machine code information that contains this terminal device.
It is execution in step 7.
It deny execution in step 26.
Step 7. is used draw-in groove to draw and is drawn trade company's bank card.
Step 8. transaction software judges whether trade company's card number reads success.
It is execution in step 9.
It deny execution in step 7.
Step 9. is used the keyboard input trade company bank card password of transferring accounts.
Step 10. transaction software judges whether password length is legal.
It is execution in step 11.
It deny execution in step 9.
Step 11. start work is finished, and waits for client's consumption.
Step 12. is played the part of client's consumption of coming to stamp the card
The operator of step 13. trade company uses the keyboard input consumption amount of money.
Step 14. transaction software judges whether amount of money value is legal.
It is execution in step 15.
It deny execution in step 13.
The operator of step 15. trade company uses draw-in groove to draw and draws the customer bank card.
Step 16. transaction software judges whether client's card number reads success.
It is execution in step 17.
It deny execution in step 15.
The operator of step 17. trade company requires the client to input its bank card business dealing password.
Step 18. transaction software judges whether password length is legal.
It is execution in step 19.
It deny execution in step 17.
Step 19. transaction software uses modulator-demodular unit to dial by telephone wire, inserts
Internet.
The step 20. transaction software Net silver of shaking hands is paid platform, and judges the whether success of shaking hands.
It is execution in step 21.
It deny execution in step 13.
Step 21. transaction software sends the Transaction Information and the trading signature information of encrypting.
Step 22. transaction software receives the transaction results of encrypting, and the authentication result signature.
Step 23. transaction software is used LCD panel output transaction results.
Step 24. judges whether continuous business
It is execution in step 13.
It deny execution in step 25.
Step 25. transaction software is cut off Internet and is connected, and closes modulator-demodular unit.
Step 26. finishes.
It should be noted last that, above embodiment is only unrestricted in order to explanation the present invention, although the present invention is had been described in detail with reference to embodiment, those of ordinary skill in the art is to be understood that, can be to the present invention make amendment this or equal the replacement, and not breaking away from the spirit and scope of the present invention, it all should be encompassed in the middle of the claim scope of the present invention.
Claims (6)
1, a kind of bank net business processing method based on traditional terminal transaction form is characterized in that: this method is to continue to use the operation steps and the using method of traditional terminal transaction equipment, and utilizes existing e-Bank payment platform, realizes online transaction; Mainly be that conventional terminal is designed to the new model terminal that can be communicated with the internet, acquire ebanking server, after this new model terminal is communicated with internet, implement the following step transaction in head office of bank:
(1) beginning;
(2) initialization terminal equipment;
(3) accept keyboard input dealing money;
(4) judge whether input is legal;
It is execution in step 5;
It deny execution in step 3;
(5) accept draw-in groove and put client's card number under;
(6) judge whether input is legal;
It is execution in step 7;
It deny execution in step 5;
(7) accept keyboard input client password;
(8) judge whether input is legal;
It is execution in step 9;
It deny execution in step 7;
(9) start modulator-demodular unit and insert Internet;
(10) head office of the bank e-Bank payment platform of shaking hands;
(11) send encrypted transaction message and incidental transactions number of signature word signature;
(12) receive head office's encrypted response and analyze transaction results;
(13) use LCD panel output transaction results;
(14) judge whether continuous business?
It is execution in step 3;
It deny execution in step 15;
(15) close modulator-demodular unit;
(16) finish.
2, by the described a kind of bank net business processing method based on traditional terminal transaction form of claim 1, it is characterized in that: the job step of described actuating equipment initialize routine operation is:
(1) accepts keyboard entry terminal digital certificate password;
(2) reading terminal equipment digital certificate;
(3) do you judge whether successfully read certificate?
It is execution in step 4;
Do not get back to overall software work step 16;
(4) do you judge that the digital certificate content comprises terminal device machine code information?
It is execution in step 5;
Do not get back to overall software work step 16;
(5) accept draw-in groove and put trade company's card number under;
(6) do you judge whether input legal?
It is execution in step 7;
It deny execution in step 5;
(7) accept keyboard input trade company bank card password;
(8) do you judge whether input legal?
It is execution in step 9;
It deny execution in step 7;
(9) get back to master routine job step 3.
3, by the described a kind of bank net business processing method based on traditional terminal transaction form of claim 1, it is characterized in that: described job step of shaking hands head office of bank e-Bank payment platform is:
(1) serves to the e-Bank payment platform request;
(2) the digital certificate Ca of reception payment platform;
(3) whether is trusted in the Certificate Trust List of terminal to judge this certificate?
It is execution in step 4;
Do not get back to overall software work step 16;
(4) send the digital certificate Cb of terminal to payment platform;
(5) the signature information D a (Cb (M)) of reception payment platform;
(6) the digital certificate Ca decrypted signature information of use payment platform obtains digital envelope;
(7) use the private key Db of terminal to decipher digital envelope, obtain information original text M;
(8) do you judge whether the time tag of payment platform in the information original text and proof of identification correct?
It is execution in step 9;
Do not get back to overall software work step 16;
(9) the digital certificate Ca enciphered message original text M of use payment platform generates digital envelope Ca (M);
(10) the private key Db enciphered digital envelope Ca (M) of use terminal generates digital signature Db (Ca (M));
(11) the terminal signature information D b that obtains to payment platform forwarding step 10 (Ca (M));
(12) judge whether by the authentication of payment platform terminal?
It is execution in step 13;
Do not get back to overall software work step 16;
(13) use the symmetry of having been known by both sides to share the encryption communication tunnel of key K foundation and payment platform;
(14) get back to master routine job step 11.
4, by the described a kind of bank net business processing method based on traditional terminal transaction form of claim 1, it is characterized in that: the job step that described execution sends encrypted transaction message operation and preface is:
(1) generates Transaction Information original text M;
(2) use HASH algorithm hash information original text M, generate digital finger-print H (M);
(3) the private key Db enciphered digital fingerprint H (M) of use terminal generates digital signature Db (H (M));
(4) send to payment platform, use symmetry to share key K, the Transaction Information K of encryption (M+Db (H (M)));
(5) get back to master routine job step 12.
5, by the described a kind of bank net business processing method based on traditional terminal transaction form of claim 1, it is characterized in that: described execution receives the job step of encrypting the transaction results running program and is:
(1) receives payment platform, use symmetry to share key K, information encrypted K (Ra+Rb);
(2) do you judge whether the key K decryption information is shared in use successful?
It is execution in step 3;
Do not return Fail Transaction, execution in step 8;
(3) obtain transaction results Ra and the result Rb that signs;
(4) use HASH algorithm hash transaction results Ra, generate digital finger-print H (Ra);
(5) do you judge whether the digital certificate Ca decrypted result signature Rb that uses payment platform successful?
It is execution in step 6;
Do not return Fail Transaction, execution in step 8;
(6) the digital finger-print H (Ra) ' after obtaining deciphering;
(7) judge digital finger-print H (Ra) and the deciphering after digital finger-print H (Ra) ' whether consistent?
Be to return Transaction Success, execution in step 8;
Do not return Fail Transaction, execution in step 8;
(8) get back to master routine job step 13.
6, described a kind of by claim 1 based on the new model terminal in the bank net business processing method of traditional terminal transaction form, it is characterized in that: this terminal is provided with cpu chip and embedded integrated circuit board, and intelligent movable key, LCDs, bank's draw-in groove, keyboard and modulator-demodular unit; Wherein modulator-demodular unit is used to insert the Internet net, perhaps uses ADSL dial-up access Internet net, embedded board card control scheduling peripheral hardware, and carry out predetermined software, keyboard, draw-in groove and LCDs are accepted input, output result.
Priority Applications (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CNA2006100272482A CN1851740A (en) | 2006-06-02 | 2006-06-02 | Bank net business processing method based on traditional terminal transaction form |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CNA2006100272482A CN1851740A (en) | 2006-06-02 | 2006-06-02 | Bank net business processing method based on traditional terminal transaction form |
Publications (1)
| Publication Number | Publication Date |
|---|---|
| CN1851740A true CN1851740A (en) | 2006-10-25 |
Family
ID=37133219
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CNA2006100272482A Pending CN1851740A (en) | 2006-06-02 | 2006-06-02 | Bank net business processing method based on traditional terminal transaction form |
Country Status (1)
| Country | Link |
|---|---|
| CN (1) | CN1851740A (en) |
Cited By (6)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN101127604B (en) * | 2007-09-25 | 2010-06-23 | 中兴通讯股份有限公司 | Information secure transmission method and system |
| CN101933287A (en) * | 2007-08-08 | 2010-12-29 | 黄金富 | The device and the method of encrypting and authenticating against trojan horse with one time key |
| CN102480473A (en) * | 2010-11-26 | 2012-05-30 | 中国银联股份有限公司 | Security information interaction system and method based on frequency shift keying (FSK) |
| CN103414567A (en) * | 2013-08-08 | 2013-11-27 | 天地融科技股份有限公司 | Information monitoring method and system |
| CN106022037A (en) * | 2016-05-11 | 2016-10-12 | 湖南财政经济学院 | Financial terminal authentication method and device |
| CN106651361A (en) * | 2016-12-20 | 2017-05-10 | 张涉应 | Internet terminal for financial IC (Integrated Circuit) card and transaction method thereof |
-
2006
- 2006-06-02 CN CNA2006100272482A patent/CN1851740A/en active Pending
Cited By (8)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN101933287A (en) * | 2007-08-08 | 2010-12-29 | 黄金富 | The device and the method of encrypting and authenticating against trojan horse with one time key |
| CN101933287B (en) * | 2007-08-08 | 2015-11-25 | 黄金富 | The encrypting and authenticating apparatus and method of the disposable one time key of antagonism wooden horse formula |
| CN101127604B (en) * | 2007-09-25 | 2010-06-23 | 中兴通讯股份有限公司 | Information secure transmission method and system |
| CN102480473A (en) * | 2010-11-26 | 2012-05-30 | 中国银联股份有限公司 | Security information interaction system and method based on frequency shift keying (FSK) |
| CN103414567A (en) * | 2013-08-08 | 2013-11-27 | 天地融科技股份有限公司 | Information monitoring method and system |
| CN103414567B (en) * | 2013-08-08 | 2016-09-07 | 天地融科技股份有限公司 | Information monitoring method and system |
| CN106022037A (en) * | 2016-05-11 | 2016-10-12 | 湖南财政经济学院 | Financial terminal authentication method and device |
| CN106651361A (en) * | 2016-12-20 | 2017-05-10 | 张涉应 | Internet terminal for financial IC (Integrated Circuit) card and transaction method thereof |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| CN1147120C (en) | Accounting apparatus, information receiving apparatus, and communication system | |
| CN1271485C (en) | Device and method for proceeding encryption and identification of network bank data | |
| CN1756150A (en) | Information management apparatus, information management method, and program | |
| CN1635525A (en) | Security Internet payment system and security Internet payment authentication method | |
| CN1313948C (en) | Electronic stamp. storage medium, high-level vertification system, moving device and vehicle start control equipment | |
| CN1561498A (en) | Apparatus, method and system for payment using mobile device | |
| CN1502186A (en) | Controlled distribution of application code and content data within a computer network | |
| CN1457169A (en) | Content issuing/receiving method | |
| CN1337029A (en) | Electronic wallet | |
| CN1758590A (en) | Information processing apparatus, information processing method, and program | |
| CN1934564A (en) | Method and apparatus for digital rights management using certificate revocation list | |
| CN1908981A (en) | Wireless computer wallet for physical point of sale (pos) transactions | |
| CN1851740A (en) | Bank net business processing method based on traditional terminal transaction form | |
| CN1302406A (en) | Method and system for secure transactions in computer system | |
| CN1773546A (en) | Anonymous ordering system, anonymous ordering apparatus and program | |
| CN1928907A (en) | Method, system and device for transaction payment using mobile terminal equipment | |
| CN1449540A (en) | Method and system of securely collecting, storing, and transmitting information | |
| CN1262485A (en) | User-computer interactive method for group capable of flexible connecting of computer system | |
| CN1399216A (en) | Electronic payment method, system and device | |
| CN101051372A (en) | Method for safety verifying financial business information in electronic business | |
| CN1713572A (en) | System, apparatus, program, and method for authentication | |
| CN1605203A (en) | Interactive protocol for remote management of access control to scrambled data | |
| CN1304602A (en) | Cryptographic system and method for electronic transactions | |
| CN1921395A (en) | Method and system for improving security of network software | |
| CN1288205A (en) | Full compatible inter net electronic trade and payment system |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| C06 | Publication | ||
| PB01 | Publication | ||
| C10 | Entry into substantive examination | ||
| SE01 | Entry into force of request for substantive examination | ||
| C12 | Rejection of a patent application after its publication | ||
| RJ01 | Rejection of invention patent application after publication |
Open date: 20061025 |