CN203786773U - Mobile payment service platform - Google Patents
Mobile payment service platform Download PDFInfo
- Publication number
- CN203786773U CN203786773U CN201420122486.1U CN201420122486U CN203786773U CN 203786773 U CN203786773 U CN 203786773U CN 201420122486 U CN201420122486 U CN 201420122486U CN 203786773 U CN203786773 U CN 203786773U
- Authority
- CN
- China
- Prior art keywords
- encryption
- processor
- business
- mobile
- mobile phone
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Expired - Lifetime
Links
- 238000004891 communication Methods 0.000 claims abstract description 35
- 230000002093 peripheral effect Effects 0.000 claims description 12
- 238000000034 method Methods 0.000 claims description 9
- 230000008569 process Effects 0.000 claims description 5
- 230000004044 response Effects 0.000 description 12
- 230000005540 biological transmission Effects 0.000 description 6
- 238000012545 processing Methods 0.000 description 6
- 238000013461 design Methods 0.000 description 5
- 238000010586 diagram Methods 0.000 description 4
- 238000012795 verification Methods 0.000 description 3
- BQCADISMDOOEFD-UHFFFAOYSA-N Silver Chemical compound [Ag] BQCADISMDOOEFD-UHFFFAOYSA-N 0.000 description 2
- 238000005516 engineering process Methods 0.000 description 2
- 230000007246 mechanism Effects 0.000 description 2
- 229910052709 silver Inorganic materials 0.000 description 2
- 239000004332 silver Substances 0.000 description 2
- 241000208340 Araliaceae Species 0.000 description 1
- 101100217298 Mus musculus Aspm gene Proteins 0.000 description 1
- 235000005035 Panax pseudoginseng ssp. pseudoginseng Nutrition 0.000 description 1
- 235000003140 Panax quinquefolius Nutrition 0.000 description 1
- 241000700605 Viruses Species 0.000 description 1
- 238000006243 chemical reaction Methods 0.000 description 1
- 238000012790 confirmation Methods 0.000 description 1
- 230000007547 defect Effects 0.000 description 1
- 230000006870 function Effects 0.000 description 1
- 235000008434 ginseng Nutrition 0.000 description 1
- 230000002045 lasting effect Effects 0.000 description 1
- 238000012423 maintenance Methods 0.000 description 1
- 230000008520 organization Effects 0.000 description 1
- 238000004321 preservation Methods 0.000 description 1
- 238000012546 transfer Methods 0.000 description 1
Landscapes
- Mobile Radio Communication Systems (AREA)
- Financial Or Insurance-Related Operations Such As Payment And Settlement (AREA)
Abstract
The utility model discloses a mobile payment service platform, which is characterized by comprising a mobile phone service front-end system and a bank-merchant service system, wherein the mobile phone service front-end system is connected with the bank-merchant service system and an external mobile phone payment service system; the mobile phone service front-end system comprises an interface controller, a first encryption and decryption processor, a service router and a first communication processor; and the bank-merchant service system comprises a second encryption and decryption processor, a transaction processor and a second communication processor. The mobile payment service platform can facilitate users to carry out transaction through a mobile terminal directly, is high in safety and effectively avoids data leakage.
Description
Technical field
The utility model relates to payment system field, particularly a kind of mobile payment service platform.
Background technology
Mobile payment, also referred to as mobile-phone payment, allows user to use its mobile terminal (normally mobile phone) consumed commodity or service to be carried out to a kind of method of service of account payment exactly.Unit or individual by mobile device, internet or closely sensing directly or indirectly send payment instruction to bank finance mechanism and produce monetary payoff and capital transfer behavior, thereby realize mobile payment function.Mobile payment is merged terminal device, internet, application provider and financial institution mutually, for user provides the financial business such as monetary payoff, payment.Along with popularizing of smart mobile phone, mobile payment service will present lasting enhancement trend.
Generally, mobile payment sends transaction by payment platform to bank or other financial institutions.In fact payment platform is exactly " middleware " in both parties' process of exchange, also can be described as " technology plug-in "; It is the independent agency that ensures both parties' interests under banking supervision.As " middleware " of transaction, the fraud in electronic transaction has thoroughly been stopped in the appearance of third party transaction platform.
At present, mobile payment mainly completes payment by payment by using short messages means, for example: after selected commodity, the specific number that " goods number " is sent to trade company's appointment places an order, reply " Y " direct payment, can receive the confirmation of mobile-phone payment platform transmission after paying successfully
Payment by using short messages need to send many notes, also needs payer that bank card password is issued to Mobile banking by short message mode simultaneously, and the communication mode of this plaintext is not only inconvenient, and very dangerous.
Utility model content
The purpose of this utility model is open a kind of mobile payment service platform, to solve the unsafe defect of mobile payment in prior art.
A kind of mobile payment service platform of the present utility model, comprising: mobile phone business front-end system, silver-colored business's operation system, and mobile phone business front-end system is connected with outside mobile-phone payment operation system with silver-colored business's operation system respectively; Mobile phone business front-end system comprises: interface controller, the first encryption and decryption processor, business router and the first communication processor, and interface controller is connected with second communication processor by the first encryption and decryption processor, business router successively; Interface controller comprises wireless chip and peripheral circuit thereof, and the first encryption and decryption processor comprises hardware encipher machine, encryption chip and peripheral circuit thereof, and business router comprises router engine and peripheral circuit thereof, and the first communication processor comprises communication processor;
Silver business operation system comprises: the second encryption and decryption processor, transaction processor and second communication processor, and the second encryption and decryption processor is connected with second communication processor by transaction processor; The second encryption and decryption processor comprises hardware encipher machine, encryption chip and peripheral circuit thereof, and transaction processor comprises process chip and peripheral circuit thereof, and second communication processor comprises communication processor.
In technique scheme, mobile payment service platform also comprises: data-carrier store, data-carrier store is connected with mobile-phone payment operation system with silver-colored business's operation system respectively.
In technique scheme, hardware encipher machine comprises serial-port encryption machine or network encryption machine.
In technique scheme, mobile phone business front-end system is connected with mobile phone terminal by HTTP or https traffic agreement.
A kind of mobile payment service platform that the utility model embodiment provides, can must receive the transaction message that mobile phone terminal sends by safe ready, and then forward according to the type of transaction message, facilitates user directly to conclude the business by mobile terminal.Transaction message and response message all adopt front server certificate to be encrypted, and only have front server to decipher, therefore safe; Meanwhile, this mobile payment service platform is not preserved the sensitive information of transmission in transaction in any form, can effectively avoid reveal sensitive information.
Brief description of the drawings
Fig. 1 is the structural drawing of mobile payment service platform in the utility model embodiment;
Fig. 2 is the network architecture figure of mobile payment service platform in the utility model embodiment;
Fig. 3 is the circuit structure diagram of interface controller in the utility model embodiment;
Fig. 4 is the circuit structure diagram of business router engine in the utility model embodiment;
Fig. 5 is the arrangement plan of the first communication processor in the utility model embodiment.
Embodiment
Below in conjunction with accompanying drawing, several embodiments of the present utility model are described in detail, but are to be understood that protection domain of the present utility model is not subject to the restriction of embodiment.
A kind of mobile payment service platform that the utility model embodiment provides, shown in Fig. 1 and Fig. 2, comprising: mobile phone business front-end system 10, silver-colored business's operation system 20; Wherein, mobile phone business front-end system 10 is connected with outside mobile-phone payment operation system with silver-colored business's operation system 20 respectively.
Concrete, mobile phone business front-end system 10 comprises: interface controller 101, the first encryption and decryption processor 102, business router 103 and the first communication processor 104.
The transaction message that interface controller 101 passes over for receiving mobile phone terminal, and then can call hardware encipher machine decrypted transaction message, judge transaction message type according to application of electronic report head.Interface controller 101 is specially wireless IO interface, comprises wireless chip and peripheral circuit thereof, can adopt nRF905 wireless chip, and circuit diagram is shown in Figure 3.
Communication protocol type between the interface controller 101 of mobile phone terminal and mobile phone business front-end system 10 is HTTP and HTTPS, must adopt HTTPS for the mobile phone terminal of supporting HTTPS.The transaction message data of transmission are through session key, and sign with MD5.Session key is encrypted protection with the PKI of mobile phone business front-end system 10.Meanwhile, mobile phone terminal can extract mobile phone characteristic information (as mobile phone brand and model, mobile phone string number etc.), and inserts transaction message, and mobile phone business front-end system 10 records this information, conveniently carries out venture analysis.
Mobile phone terminal adopts front server certificate to be encrypted in the time that mobile phone business front-end system 10 sends transaction message, on this basis, can also adopt Platform Server certificate to encrypt to sensitive informations such as bank card password, forms double-encryption message.Bank card password adopts asymmetric arithmetic directly to encrypt output ciphertext in soft keyboard.
In addition, when merchant tenninal client call pays, the data of transmitting are signed with trade company's mobile-phone payment certificate, pay after control is received and pass to mobile phone business front-end system 10, mobile phone business front-end system 10 carries out signature verification, only have signature verification by just using payment control to pay, otherwise refusal calls.
The first encryption and decryption processor 102, specifically comprises hardware encipher machine, encryption chip and peripheral circuit thereof.The first encryption and decryption processor 102 is decrypted processing for the transaction message of calling hardware encipher machine mobile phone terminal being passed over, and judges transaction message type according to application of electronic report head.If general headquarters' message is set up message according to general headquarters' interface and is sent to mobile-phone payment operation system; If silver-colored business's payment message, again decipher magnetic track information and pinblock converts thereof into unsymmetrical key, be sent to silver-colored business's operation system 20.Wherein, hardware encipher machine is specially serial-port encryption machine or network encryption machine, specifically can adopt SJL06 type encryption equipment, and for PIN encrypt/decrypt, MAC generation and verification, key management, wherein, SJL06 type encryption equipment is prior art, does not describe in detail herein.Encryption chip can adopt the high-end encryption integrated circuit in LKT420132 position, guarantees the confidentiality of data, ensures both sides' data security of communication.This chip adopts 32 bit CPUs, and 18K RAM supports ISO7816 and serial communication, and communication speed reaches as high as nearly 1.25Mbps; User program memory block capacity reaches as high as 420K byte; When supporting the superelevation safe class cryptographic algorithm such as RSA, DES, AES, SHA1, ECC, speed surmounts general 8 or 16 bit encryption chips greatly.
Business router 103 is for being forwarded to corresponding silver-colored business's operation system 20 or mobile-phone payment operation system according to the type of transaction message by transaction message.Concrete, head office business is forwarded to mobile-phone payment operation system processing (user's login, registration, order inquiry, box pay); Beijing business is forwarded to silver-colored business's operation system 20(application query, places an order in advance, box pays, order inquiry).In the utility model embodiment, business router 103 adopts RSR50E-80 multiservice router.The core router engine of business router 103 adopts Motorola68030 and two kinds of processors of Orion/R4600, and Motorola68030 circuit diagram is specifically shown in Figure 4.
The message that the first communication processor 104 sends for receiving silver-colored business's operation system 20 and mobile-phone payment operation system.Concrete, the first communication processor 104 receives the message of mobile-phone payment operation system, and conversion message is back to mobile phone terminal; The message that receives silver-colored business's operation system 20 is back to mobile phone terminal (application query result, in advance place an order result, the payment result of swiping the card, order Query Result).The first communication processor 104 specifically can adopt CP343-1 module or SEL-2030 communication processor etc., and wherein the arrangement plan of SEL-2030 communication processor is shown in Figure 5.
Silver business operation system 20 comprises: the second encryption and decryption processor 201, transaction processor 202 and second communication processor 203.
Concrete, the second encryption and decryption processor 201, for calling hardware encipher machine decrypted transaction message, if pay message, calls hardware encipher machine deciphering magnetic track information and sensitive information again.The first encryption and decryption processor 102 structural similarities in the second encryption and decryption processor 201 and mobile phone business front-end system 10 do not describe in detail herein.
Transaction processor 202 comprises process chip and peripheral circuit thereof, for processing accordingly according to the message decrypting.In the embodiment of the present invention, transaction processor 202 is specially the ARM9TDMI chip based on ARM architecture V4 version, and ARM9TDMI chip structure is prior art, does not describe in detail herein.
Transaction processor 202 specifically for:
Application query: set up 8583 message repeatings to threeway platform according to querying condition;
Booking form processing: receive sequence information data inserting storehouse;
Transaction Inquiries: according to order number inquiry sequence information;
Payment processes: inquire about the sequence information (as payment, order number) that will pay according to the order number in transaction message, set up 8583 messages in conjunction with magnetic track information and pin information and be sent to threeway platform and withhold;
Processing writes off: the interface that writes off that calls threeway platform after paying successfully;
Log recording: log information.
Second communication processor 203 is deciphered 8583 messages for the message result that receives threeway platform and return, and sets up client message and be back to client through mobile phone business front platform.The first communication processor 104 structural similarities in second communication processor 203 and mobile phone business front-end system 10 do not repeat herein.
The transaction message that mobile-phone payment operation system sends for receiving mobile phone terminal, carries out corresponding transaction processing.
The Interface design of a kind of mobile payment service platform that the utility model embodiment provides is as follows:
1, communications protocol type is that http and https(require to adopt https for the mobile phone of supporting https);
2, message format is XML form;
3, coded format adopts UTF-8;
4, requesting party uses post mode to submit request to;
Example message ginseng is shown in Table 1:
Table 1
The parameter type of mentioning in interface protocol is as follows:
Message root node: umspay;
Message root node attribute: applicationId, terminalVersion, terminalModel, terminalOs, terminalId, terminalPhysicalNo;
Message child node: other are child node.
The maintenance of session status, by the sessionId that front platform is issued, fills in the HTTP HEADER of each session request, only in " terminal initialization ", have under the state of file update, can not use sessionId, all the other transaction message all must have sessionId.
The Interface design of a kind of mobile payment service platform that the utility model embodiment provides is specific as follows:
The symbol description in message territory and message field data type definition are respectively referring to shown in table 2 below and table 3:
Table 2
Table 3
The design of EDI messages of inquiring about for trade information is specifically referring to shown in table 4 and table 5, wherein table 4 is message PD, and table 5 is sub-message, be used for the paying the fees bill inquiry of this interface, can inquire about according to payment coding and family number, in the utility model embodiment, inquire about as example taking 011001 Credit Statement.
Table 4
Table 5
, do not describe in detail to above-mentioned similar for the message of other types of service herein.
And generate the design of EDI messages of interface specifically referring to shown in table 6 and table 7 for booking form, wherein table 6 is message PD, table 7 is sub-message, in the utility model embodiment taking 020001 credit card repayment as example.
Table 6
Table 7
, specifically, shown in 4-table 7, do not describe in detail referring to showing to above-mentioned similar for the design of EDI messages of Firm Order interface, sequence information interface and consumption interface etc. herein.
Preferably, a kind of mobile payment service platform that the utility model embodiment provides also comprises data-carrier store 30.Data-carrier store 30 is for Backup Data, the data backup mechanism of mobile payment service platform data in the time of the situations such as to run into virus, people be maloperation, do not lose, while making to break down, can within the shortest time, recover, ensure the stability of platform.
Wherein, in mobile phone business front-end system 10, do not preserve in any form the sensitive information of transmission in transaction.Preservation form includes but not limited to database Flow Record, journal file, configuration file etc.The sensitive data here comprises clip pin, the credit card term of validity and CVN2.
Mobile phone business front-end system 10 sends response message to mobile phone terminal and need to be encrypted.In the utility model embodiment, message data territory cryptographic algorithm adopts 3DES cryptographic algorithm, and 3DES uses DESede/ECB/PKCS5Padding integrated mode cover.
Encrypt message physique formula specific as follows:
Normal response form: 1|BASE64 (3DES (message)) | BASE64 (MD5 (message));
Errored response form: 0| error code | BASE64 (error description).
Message encryption:
If the correct analytic message of mobile phone business front-end system 10, response " 1 ", response message uses the symmetric key of the 3DES decrypting in request message to be encrypted response results message, and use MD5 to sign to response message original text, adopt BASE64 coding to latter two sections respectively, by normal response format organization message, and the message transmissions after encryption is given and paid plug-in unit.
If mobile phone business front-end system 10 is analytic message normally, response " 0 ", takes back error code, and error description is adopted to BASE64 coding, by wrong response format coding, beams back payment plug-in unit.
A kind of mobile payment service platform that the utility model embodiment provides, can must receive the transaction message that mobile phone terminal sends by safe ready, and then forward according to the type of transaction message, facilitates user directly to conclude the business by mobile terminal.Transaction message and response message all adopt front server certificate to be encrypted, and only have front server to decipher, therefore safe; Meanwhile, this mobile payment service platform is not preserved the sensitive information of transmission in transaction in any form, can effectively avoid reveal sensitive information.
Disclosed is above only several specific embodiment of the present utility model, and still, the utility model is not limited thereto, and the changes that any person skilled in the art can think of all should fall into protection domain of the present utility model.
Claims (3)
1. a mobile payment service platform, is characterized in that, comprising: mobile phone business front-end system, silver-colored business's operation system, and described mobile phone business front-end system is connected with outside mobile-phone payment operation system with described silver-colored business's operation system respectively;
Described mobile phone business front-end system comprises: interface controller, the first encryption and decryption processor, business router and the first communication processor, and described interface controller is connected with described the first communication processor by described the first encryption and decryption processor, described business router successively; Described interface controller comprises wireless chip and peripheral circuit thereof, and described the first encryption and decryption processor comprises hardware encipher machine, encryption chip and peripheral circuit thereof, and described business router comprises router engine, and described the first communication processor comprises communication processor;
Described silver-colored business's operation system comprises: the second encryption and decryption processor, transaction processor and second communication processor, and described the second encryption and decryption processor is connected with described second communication processor by described transaction processor; Described the second encryption and decryption processor comprises hardware encipher machine, encryption chip and peripheral circuit thereof, and described transaction processor comprises process chip and peripheral circuit thereof, and described second communication processor comprises communication processor.
2. mobile payment service platform according to claim 1, is characterized in that, also comprises: data-carrier store, described data-carrier store is connected with the mobile-phone payment operation system of described silver-colored business's operation system and described outside respectively.
3. mobile payment service platform according to claim 1, is characterized in that, described hardware encipher machine comprises serial-port encryption machine or network encryption machine.
Priority Applications (1)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
CN201420122486.1U CN203786773U (en) | 2014-03-18 | 2014-03-18 | Mobile payment service platform |
Applications Claiming Priority (1)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
CN201420122486.1U CN203786773U (en) | 2014-03-18 | 2014-03-18 | Mobile payment service platform |
Publications (1)
Publication Number | Publication Date |
---|---|
CN203786773U true CN203786773U (en) | 2014-08-20 |
Family
ID=51322934
Family Applications (1)
Application Number | Title | Priority Date | Filing Date |
---|---|---|---|
CN201420122486.1U Expired - Lifetime CN203786773U (en) | 2014-03-18 | 2014-03-18 | Mobile payment service platform |
Country Status (1)
Country | Link |
---|---|
CN (1) | CN203786773U (en) |
Cited By (3)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN104376493A (en) * | 2014-10-29 | 2015-02-25 | 中国建设银行股份有限公司 | Safe processing system and method based on encryption equipment |
CN106600243A (en) * | 2016-08-30 | 2017-04-26 | 广州云融信息科技有限公司 | Mobile payment method and system based on mixed mode |
CN114143278A (en) * | 2021-11-26 | 2022-03-04 | 中国银行股份有限公司 | Message processing method and server for supporting national password upgrade of peripheral system by core system |
-
2014
- 2014-03-18 CN CN201420122486.1U patent/CN203786773U/en not_active Expired - Lifetime
Cited By (4)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN104376493A (en) * | 2014-10-29 | 2015-02-25 | 中国建设银行股份有限公司 | Safe processing system and method based on encryption equipment |
CN106600243A (en) * | 2016-08-30 | 2017-04-26 | 广州云融信息科技有限公司 | Mobile payment method and system based on mixed mode |
CN114143278A (en) * | 2021-11-26 | 2022-03-04 | 中国银行股份有限公司 | Message processing method and server for supporting national password upgrade of peripheral system by core system |
CN114143278B (en) * | 2021-11-26 | 2024-02-23 | 中国银行股份有限公司 | Message processing method and server for supporting peripheral system cryptographic upgrade by core system |
Similar Documents
Publication | Publication Date | Title |
---|---|---|
US10235670B2 (en) | Device provisioning using partial personalization scripts | |
JP6713081B2 (en) | Authentication device, authentication system and authentication method | |
CN107077670B (en) | Method and apparatus for transmitting and processing transaction message, computer readable storage medium | |
CN103701812B (en) | TMK (Terminal Master Key) secure downloading method and system | |
CN104217327B (en) | A kind of financial IC card internet terminal and its method of commerce | |
CN108476227A (en) | System and method for equipment push supply | |
US20140358777A1 (en) | Method for secure atm transactions using a portable device | |
Liu et al. | State of the art: Secure mobile payment | |
US20110103586A1 (en) | System, Method and Device To Authenticate Relationships By Electronic Means | |
WO2018040653A1 (en) | Nfc-based off-line payment method | |
CN105900375A (en) | Efficient methods for protecting identity in authenticated transmissions | |
CN103679440A (en) | Financial receipt and payment method with two-dimension code being used as carrier | |
CN105701661A (en) | Methods, devices, and systems for secure provisioning, transmission, and authentication of payment data | |
CA2914956C (en) | System and method for encryption | |
Isaac et al. | An anonymous secure payment protocol in a payment gateway centric model | |
US20130121490A1 (en) | Method and apparatus for trust based data scanning, capture, and transfer | |
CN114270780B (en) | Gateway agnostic tokenization | |
CN203786773U (en) | Mobile payment service platform | |
SG128516A1 (en) | Updating a mobile payment device | |
CN101521576A (en) | Method and system for identity authentication of internet user | |
CN104539616B (en) | Realize credible MESSAGE EXCHANGE and the system of storage between heterogeneous system | |
CN110430052A (en) | A kind of online filling method and device of POS key | |
Kisore et al. | A secure SMS protocol for implementing digital cash system | |
CN104769628B (en) | Methods, systems, and computer-readable media for transaction fee negotiation for monetary remittance | |
CN107636664A (en) | For to the method and system of mobile device supply access data |
Legal Events
Date | Code | Title | Description |
---|---|---|---|
C14 | Grant of patent or utility model | ||
GR01 | Patent grant | ||
TR01 | Transfer of patent right | ||
TR01 | Transfer of patent right |
Effective date of registration: 20221220 Address after: 1006 and 1008 zhangheng Road, China (Shanghai) pilot Free Trade Zone, Pudong New Area, Shanghai, 201203 Patentee after: CHINA UMS CO.,LTD. Address before: 100048 Floor 10, Block B, Huatong Building, No. B19, Chegongzhuang West Road, Haidian District, Beijing Patentee before: BEIJING UNIONPAY MERCHANT SERVICES Co.,Ltd. |
|
CX01 | Expiry of patent term | ||
CX01 | Expiry of patent term |
Granted publication date: 20140820 |