CN1932866B - Network software payment method and system thereof - Google Patents
Network software payment method and system thereof Download PDFInfo
- Publication number
- CN1932866B CN1932866B CN200610113556.7A CN200610113556A CN1932866B CN 1932866 B CN1932866 B CN 1932866B CN 200610113556 A CN200610113556 A CN 200610113556A CN 1932866 B CN1932866 B CN 1932866B
- Authority
- CN
- China
- Prior art keywords
- intelligent key
- key apparatus
- payment
- information
- user
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Active
Links
Images
Landscapes
- Storage Device Security (AREA)
- Financial Or Insurance-Related Operations Such As Payment And Settlement (AREA)
Abstract
One payment method and system for network software belongs to the field of network finance business technology. It stores user information to intelligent key equipment that is connecting to computer. The network software agent tests the user information of the intelligent key and if passing through the test, guides user to the payment flat roof to pay. It adopts intelligent key equipment and it is a kind of safe carrier to prevent tampering and stealing inner information with the highest safe capability. The intelligent key equipment keeps the key only used inside it and the key cannot be copied. The agent sends the payment information to intelligent key equipment and uses it to finish the value-filling work. The payment process of end user is easy without inputting name, code, filling value information and is more safety by reducing the stolen rate about user information.
Description
Technical field
The present invention relates to finance business on network technical field, specifically a kind of payment methods of network software and system thereof.
Background technology
The develop rapidly of network brings the change in means of payment---online payment.In order to ensure the safety of user profile, existing online payment means need electronic signature, the multinomial authentication procedure such as password.For existing online game charging payment, if user uses Web bank to pay, through following steps:
1) enter agent's webpage, input user locates the user name registered and corresponding password agent, after being verified, and input or select to carry out the service of paying and the amount of money, and determine;
2) agent's webpage is automatically brought to payment platform webpage, on the webpage of payment platform, user needs the username and password inputting bank to pay on the net, successful information of paying can return to agent, and agent issues user by the mode such as mail, mobile phone payment information after obtaining successful information of paying;
3) enter gaming operators webpage, the user name that input user registers in online game and corresponding password, after being verified, then input the payment information received in previous step, complete whole flow process of paying dues.
Above-mentioned steps needs repeatedly to input username and password, and authenticating step is more, and authentication mode is loaded down with trivial details, easily makes mistakes during user's input authentication information, and information is also very large by the hidden danger intercepted and captured.So the fail safe of the simplification of transaction step and payment is just particularly important.
Intelligent key apparatus is a kind of small hardware device with processor and memory, and it is connected with computer by the data communication interface of computer.Private key can be preserved in its inside, install beforehand cryptographic algorithm, simultaneously also can later stage customized some algorithm.The built-in private key of intelligent key apparatus is externally invisible, and the computing relevant to key is completely at device internal operation, and intelligent key apparatus has the characteristic of attack resistance, and fail safe is high.
HMAC (keyed-Hashing Message Authentication Code)-Hash keys in the authentication mode that hashing algorithm is a kind of conventional impulse response.Intelligent key apparatus utilizes HMAC-Hash to carry out authentication web.First, client first sends logging request to server end, and server end just can extract corresponding user key by user name from database; Afterwards, after server end receives client logs request, just a random string is sent by client to intelligent key apparatus, after intelligent key apparatus in client carries out HMAC-Hash calculating by built-in hardware cryptographic engine to the key in the random string received and intelligent key apparatus, result return service device end.Carry out same calculating according to the random string of corresponding key and transmission after server end receives result of calculation, last server end is by two result comparisons, identical, is verified.HMAC is by key in conjunction with Hash computing, and each computing has random data to participate in, to ensure the result data difference that each verification process produces, even if there is malefactor to intercept and capture certain verify data like this, also cannot pass through certification next time.
Asymmetric key mechanisms is current widely used a kind of Authentication mechanism, and in this mechanism, encryption key is different from decruption key, can only decipher by the data of public key encryption with private key corresponding with it.The digital signature of public key system both ensure that the confidentiality of information, the information of in turn ensure that has non repudiation, first, client first sends logging request to server end, server end sends a random string by client to intelligent key apparatus, intelligent key apparatus to random string private key signature, return service device end, the server end corresponding public key verifications of intelligent key apparatus.
The operator of network software refers to the side providing the services such as all related network running software, maintenances, and agent refers to the side being responsible for selling network software Related product.The operation way of existing network software provides the service about network software operation and maintenance by operator and authorizes agent the power of sale, is responsible for selling software or the relevant product of software by distributors.
Summary of the invention
In order to solve the low problem of the payment methods complex operation of network software in prior art, fail safe, the invention provides a kind of payment methods of simple to operate, network software that fail safe is high, and realizing the system of the method.
The payment methods of network software of the present invention comprise payment procedure and supplement process with money:
Payment procedure in turn includes the following steps:
(1) intelligent key apparatus and computer connect;
(2) agent's server end is selected, and described agent's server end is by intelligent key apparatus authentication of users information;
(3) user interface is linked to payment platform by described agent's server end;
(4) paid successfully by described payment platform, described payment information is sent to described intelligent key apparatus and is kept in described intelligent key apparatus by described payment information by described agent's server end;
The process of supplementing with money in turn includes the following steps:
(1) client reads the payment information in described intelligent key apparatus;
(2) described payment information is sent to carrier server end by described client;
(3) complete and supplement with money; Or,
(1) ' user's running client program;
(2) ' the PIN code of user's input intelligent key apparatus after client-side program prompting;
(3) ' intelligent key apparatus judges that whether the PIN code that user inputs is correct, if correctly, is verified, performs step (4) '; If incorrect, checking not by, then again require that user inputs PIN code;
(4) ' the user profile of network game server end by storing in client-side program checking intelligent key apparatus;
(5) ' network game server end judges that whether the result is correct, if correctly, be verified, client-side program reads the payment information in intelligent key apparatus; If incorrect, checking is not passed through, and exits the program of supplementing with money, and gives a warning to user;
(6) ' payment information is sent to server end by client-side program;
Described intelligent key apparatus is connected to computer after, also comprise intelligent key apparatus legitimate holder checking step;
The method of described intelligent key apparatus legitimate holder checking is PIN code checking or biological characteristic validation;
The step of described authentication of users information adopts impulse response mode or unsymmetrical key mode.
The described process of supplementing with money is that client-side program runs, and described client-side program is sent to described carrier server end after reading payment information, completes and supplements operation with money;
Described payment information transmits with ciphertext form.
The present invention also provides a kind of charging system of network software, comprises intelligent key apparatus, client and agent/carrier server end,
Described intelligent key apparatus comprises:
Memory module, for storing subscriber information and payment information;
Communication module, for establishing a communications link between described intelligent key apparatus and computer, transmission data;
Legitimate holder's authentication module, is connected with communication module, in use for verifying that whether active user is the legitimate holder of described intelligent key apparatus; The method of legitimate holder's checking is PIN code checking or biological characteristic validation;
Described client comprises:
Transceiver module, for the data of described intelligent key apparatus being mail to described agent/carrier server end by the Internet, or receives the described agent/carrier server end data of being come by Internet Transmission and sends to described intelligent key apparatus;
Described agent/carrier server end comprises:
Communication module, for receiving data that described transceiver module sends over or the data of described agent/carrier server end being issued described transceiver module;
SIM, is connected with communication module, for verifying the user profile in described intelligent key apparatus; The step of authentication of users information adopts impulse response mode or unsymmetrical key mode.
Described intelligent key apparatus also comprises encrypting module, between the memory module being connected to described intelligent key apparatus and communication module, for being encrypted transmission data.
The beneficial effect that the present invention produces is: owing to present invention employs intelligent key apparatus, and intelligent key apparatus is a kind of safety barrier that can prevent from distorting and stealing internal information, intelligent key apparatus can realize only using key at device interior, such key just can not be replicated, its fail safe is very high, and the present invention adopts intelligent key apparatus largely to improve the fail safe of network software paying.In addition, because payment information can be sent to intelligent key apparatus by agent, intelligent key apparatus is utilized to complete subsequent replenishment work, end user no longer needs repeatedly to input user name, password, charging information, payment procedure is simpler, decrease the probability that user profile is stolen, so safer.
Accompanying drawing explanation
Fig. 1 is that user uses intelligent key apparatus by the flow chart of a kind of embodiment of network parting fee.
Fig. 2 is that user uses intelligent key apparatus to the flow chart of a kind of embodiment that online game is supplemented with money.
Fig. 3 is that user uses intelligent key apparatus to the flow chart of the another kind of embodiment that online game is supplemented with money.
Fig. 4 is the structure principle chart of the charging system of network software.
Embodiment
Below in conjunction with the drawings and specific embodiments, method of the present invention is further described, but not as a limitation of the invention.
As shown in Figure 1, user uses intelligent key apparatus by the whole process of network parting fee to be:
Step 101: user profile is stored in intelligent key apparatus, this information can comprise user name, user cipher and key etc.;
Step 102: when user needs to pay, intelligent key apparatus is connected on computer;
Step 103: in order to protect intelligent key apparatus not usurped by other people, inputted the PIN code of intelligent key apparatus by user;
Step 104: intelligent key apparatus judges that whether the PIN code that user inputs is correct, if correctly, is verified, performs step 105; If incorrect, checking not by, return step 103, again require that user inputs PIN code;
Step 105: select agent by user, the seller of such as Online Store, or game agent etc.;
Step 106: the user profile stored in agent authentication intelligent key apparatus;
Step 107: judge that whether the result is correct, if correctly, be verified, perform step 108; If incorrect, checking is not passed through, and performs step 111, exits paying program, and give a warning to user;
Step 108: user is introduced payment platform by agent, the payment webpage of such as certain bank, user inputs the account of e-bank and password is paid, and pays complete.
Step 109: payment platform sends payment information to agent;
Step 110: payment information is sent in intelligent key apparatus by agent.
In above-mentioned flow process, the step of PIN code checking can be replaced with biological characteristic validation, can reach the object whether authentication of users is the legitimate holder of intelligent key apparatus equally.
In above-mentioned flow process, the user profile stored in agent authentication intelligent key apparatus can adopt impulse response and unsymmetrical key two kinds of modes.
For online game, the process that user uses intelligent key apparatus and supplements with money for network software is described below.
As shown in Figure 2, user uses intelligent key apparatus to the process that online game is supplemented with money to be:
Step 201: user by after above-mentioned payment procedure directly by agent's web page interlinkage to operator's webpage;
Step 202: the user profile stored in operator's checking intelligent key apparatus;
Step 203: judge that whether the result is correct, if correctly, be verified, perform step 204; If incorrect, checking is not passed through, and performs step 207, exits the program of supplementing with money, and give a warning to user;
Step 204: operator reads the payment information in intelligent key apparatus by its webpage;
Step 205: payment information is sent to carrier server end by operator's webpage;
Step 206: supplemented with money.
As shown in Figure 3, user uses the process of intelligent key apparatus to the another kind of mode that online game is supplemented with money to be:
Step 301: user's running client program;
Step 302: the PIN code of user's input intelligent key apparatus after client-side program prompting;
Step 303: intelligent key apparatus judges that whether the PIN code that user inputs is correct, if correctly, is verified, performs step 304; If incorrect, checking not by, return step 302, again require that user inputs PIN code;
Step 304: the user profile of network game server end by storing in client-side program checking intelligent key apparatus;
Step 305: judge that whether the result is correct, if correctly, be verified, perform step 306; If incorrect, checking is not passed through, and performs step 309, exits the program of supplementing with money, and give a warning to user;
Step 306: client-side program reads the payment information in intelligent key apparatus;
Step 307: payment information is sent to server end by client-side program;
Step 308: supplemented with money.
PIN code checking in above-mentioned flow process equally also can be replaced with biological characteristic validation.
Verify that the user profile stored in intelligent key apparatus is the same with payment procedure in above-mentioned two kinds of processes of supplementing with money, also can have impulse response and unsymmetrical key two kinds of verification modes.
In above-mentioned paying and the whole process of supplementing with money, payment information transmits with ciphertext form.
As shown in Figure 4, present invention also offers a kind of charging system of network software, system comprises intelligent key apparatus, client and agent/carrier server end,
Intelligent key apparatus comprises memory module, encrypting module, communication module and PIN code authentication module, wherein:
Memory module, for storing subscriber information and payment information, user profile comprises user name, user cipher and key etc., and payment information comprises the information such as payment amount;
Encrypting module, is connected between memory module and communication module, for being encrypted transmission data;
Communication module, for establishing a communications link between intelligent key apparatus and computer, transmission data;
Legitimate holder's authentication module, is connected with communication module, in use for verifying that whether active user is the legitimate holder of intelligent key apparatus, the biological characteristic of PIN code or user can be adopted to verify;
Client comprises transceiver module, for the data of intelligent key apparatus being mail to agent/carrier server end by the Internet, or receives the servers' data of being come by Internet Transmission and sends to intelligent key apparatus;
Agent/carrier server end comprises communication module and SIM, wherein:
Communication module, for receiving data that described transceiver module sends over or the data of server end being issued described transceiver module;
SIM, is connected with communication module, for verifying the user profile in intelligent key apparatus.
The above; be only the present invention's preferably embodiment, protection scope of the present invention is not limited thereto, and those skilled in the art are in the technical scope that the present invention discloses; the any change that can expect easily or replacement, all should be encompassed within protection scope of the present invention.Therefore, protection scope of the present invention should be as the criterion with the protection range of claim.
Claims (2)
1. payment methods for network software, is characterized in that,
Intelligent key apparatus and computer connect, and wherein intelligent key apparatus comprises user profile;
Utilize intelligent key apparatus identifying user identity;
When intelligent key apparatus judges that user identity is legal, agent's server that user selects is by intelligent key apparatus authentication of users information;
When the authentication succeeds, user terminal is connected with payment platform by agent's server;
Pay successfully, payment platform sends payment information to agent's server;
Described payment information is sent to described intelligent key apparatus and is kept in described intelligent key apparatus by described payment information by agent's server;
Carrier server is by intelligent key apparatus authentication of users information;
When the authentication succeeds, client reads the payment information in described intelligent key apparatus;
Described payment information is sent to carrier server by described client;
Wherein intelligent key apparatus utilizes PIN code or biological characteristic to carry out identifying user identity;
Wherein the step of authentication of users information adopts impulse response mode or unsymmetrical key mode.
2. the payment methods of network software according to claim 1, is characterized in that, described payment information transmits with ciphertext form.
Priority Applications (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN200610113556.7A CN1932866B (en) | 2006-09-30 | 2006-09-30 | Network software payment method and system thereof |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN200610113556.7A CN1932866B (en) | 2006-09-30 | 2006-09-30 | Network software payment method and system thereof |
Publications (2)
| Publication Number | Publication Date |
|---|---|
| CN1932866A CN1932866A (en) | 2007-03-21 |
| CN1932866B true CN1932866B (en) | 2015-07-22 |
Family
ID=37878690
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN200610113556.7A Active CN1932866B (en) | 2006-09-30 | 2006-09-30 | Network software payment method and system thereof |
Country Status (1)
| Country | Link |
|---|---|
| CN (1) | CN1932866B (en) |
Families Citing this family (2)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN101645890B (en) * | 2009-08-06 | 2012-08-08 | 飞天诚信科技股份有限公司 | Method, system and corresponding equipment for verifying information source integrality |
| CN102811203B (en) * | 2011-06-01 | 2016-04-27 | 北京唯致动力网络信息科技有限公司 | Method for identifying ID, system and user terminal in the Internet |
Citations (5)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN1556449A (en) * | 2004-01-08 | 2004-12-22 | 中国工商银行 | Device and method for proceeding encryption and identification of network bank data |
| CN2667807Y (en) * | 2004-01-08 | 2004-12-29 | 中国工商银行 | Network bank with device for encrypting and idetificating utilizing USB key |
| CN1710852A (en) * | 2005-07-26 | 2005-12-21 | 北京飞天诚信科技有限公司 | Intelligent ciphered key with biological characteristic identification function and its working method |
| CN1811814A (en) * | 2006-03-01 | 2006-08-02 | 阿里巴巴公司 | Account charging method and system |
| CN1822541A (en) * | 2006-03-31 | 2006-08-23 | 北京飞天诚信科技有限公司 | Device and method for controlling computer access |
-
2006
- 2006-09-30 CN CN200610113556.7A patent/CN1932866B/en active Active
Patent Citations (5)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN1556449A (en) * | 2004-01-08 | 2004-12-22 | 中国工商银行 | Device and method for proceeding encryption and identification of network bank data |
| CN2667807Y (en) * | 2004-01-08 | 2004-12-29 | 中国工商银行 | Network bank with device for encrypting and idetificating utilizing USB key |
| CN1710852A (en) * | 2005-07-26 | 2005-12-21 | 北京飞天诚信科技有限公司 | Intelligent ciphered key with biological characteristic identification function and its working method |
| CN1811814A (en) * | 2006-03-01 | 2006-08-02 | 阿里巴巴公司 | Account charging method and system |
| CN1822541A (en) * | 2006-03-31 | 2006-08-23 | 北京飞天诚信科技有限公司 | Device and method for controlling computer access |
Also Published As
| Publication number | Publication date |
|---|---|
| CN1932866A (en) | 2007-03-21 |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| CN103903141B (en) | A kind of O2O safe payment methods, system and a kind of POS terminal | |
| EP2652688B1 (en) | Authenticating transactions using a mobile device identifier | |
| KR100695566B1 (en) | System and method of secure authentication and billing for goods and services using a celluler telecommunication and an authorization infrastructure | |
| EP1829281B1 (en) | Authentication device and/or method | |
| US8407112B2 (en) | Transaction authorisation system and method | |
| CN101496344B (en) | Method and system having self-setting authentication formula for webs bank payment and identification confirmation | |
| CN104573547B (en) | The safety and protection system and its operation realizing method of a kind of information exchange | |
| CN104464117B (en) | Based on dynamic two-dimension code ATM (automatic teller machine) withdrawal method and system | |
| CN110162936A (en) | A kind of use authorization method of software content | |
| CN106027501B (en) | A kind of system and method for being traded safety certification in a mobile device | |
| US20060095291A1 (en) | System and method for authenticating users for secure mobile electronic transactions | |
| CN106411950B (en) | Authentication method, apparatus and system based on block chain transaction id | |
| CN101577917A (en) | Safe dynamic password authentication method based on mobile phone | |
| US9055061B2 (en) | Process of authentication for an access to a web site | |
| US20120264405A1 (en) | Verification of transactional integrity | |
| CN103903140B (en) | A kind of O2O safe payment methods, system and a kind of secure payment backstage | |
| CN104426659B (en) | Dynamic password formation method, authentication method and system, relevant device | |
| CN106716916A (en) | Authentication system and method | |
| US11403633B2 (en) | Method for sending digital information | |
| CN101221641A (en) | On-line trading method and its safety affirmation equipment | |
| CN102281138A (en) | Method and system for improving safety of verification code | |
| CN105260890A (en) | On-line secure payment method based on multi-domain user information big data analysis | |
| CN107277017A (en) | Purview certification method, apparatus and system based on encryption key and device-fingerprint | |
| CN104125230A (en) | Short message authentication service system and authentication method | |
| CN107784501A (en) | A kind of safe method of payment and system based on recognition of face |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| C06 | Publication | ||
| PB01 | Publication | ||
| C10 | Entry into substantive examination | ||
| SE01 | Entry into force of request for substantive examination | ||
| C14 | Grant of patent or utility model | ||
| GR01 | Patent grant |