NZ751163A - A payment method and payment system based on security authentication mechanism - Google Patents

A payment method and payment system based on security authentication mechanism Download PDF

Info

Publication number
NZ751163A
NZ751163A NZ751163A NZ75116317A NZ751163A NZ 751163 A NZ751163 A NZ 751163A NZ 751163 A NZ751163 A NZ 751163A NZ 75116317 A NZ75116317 A NZ 75116317A NZ 751163 A NZ751163 A NZ 751163A
Authority
NZ
New Zealand
Prior art keywords
mobile terminal
payment
security plug
built
signature
Prior art date
Application number
NZ751163A
Other versions
NZ751163B2 (en
Inventor
Ming Nie
Original Assignee
China Smartcity Tech Co Ltd
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by China Smartcity Tech Co Ltd filed Critical China Smartcity Tech Co Ltd
Publication of NZ751163A publication Critical patent/NZ751163A/en
Publication of NZ751163B2 publication Critical patent/NZ751163B2/en

Links

Classifications

    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06QINFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES, NOT OTHERWISE PROVIDED FOR
    • G06Q20/00Payment architectures, schemes or protocols
    • G06Q20/38Payment protocols; Details thereof
    • G06Q20/382Payment protocols; Details thereof insuring higher security of transaction
    • G06Q20/3823Payment protocols; Details thereof insuring higher security of transaction combining multiple encryption tools for a transaction
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06QINFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES, NOT OTHERWISE PROVIDED FOR
    • G06Q20/00Payment architectures, schemes or protocols
    • G06Q20/30Payment architectures, schemes or protocols characterised by the use of specific devices or networks
    • G06Q20/32Payment architectures, schemes or protocols characterised by the use of specific devices or networks using wireless devices
    • G06Q20/322Aspects of commerce using mobile devices [M-devices]
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06QINFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES, NOT OTHERWISE PROVIDED FOR
    • G06Q20/00Payment architectures, schemes or protocols
    • G06Q20/30Payment architectures, schemes or protocols characterised by the use of specific devices or networks
    • G06Q20/36Payment architectures, schemes or protocols characterised by the use of specific devices or networks using electronic wallets or electronic money safes
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06QINFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES, NOT OTHERWISE PROVIDED FOR
    • G06Q20/00Payment architectures, schemes or protocols
    • G06Q20/30Payment architectures, schemes or protocols characterised by the use of specific devices or networks
    • G06Q20/36Payment architectures, schemes or protocols characterised by the use of specific devices or networks using electronic wallets or electronic money safes
    • G06Q20/367Payment architectures, schemes or protocols characterised by the use of specific devices or networks using electronic wallets or electronic money safes involving electronic purses or money safes
    • G06Q20/3674Payment architectures, schemes or protocols characterised by the use of specific devices or networks using electronic wallets or electronic money safes involving electronic purses or money safes involving authentication
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06QINFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES, NOT OTHERWISE PROVIDED FOR
    • G06Q20/00Payment architectures, schemes or protocols
    • G06Q20/38Payment protocols; Details thereof
    • G06Q20/382Payment protocols; Details thereof insuring higher security of transaction
    • G06Q20/3825Use of electronic signatures
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06QINFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES, NOT OTHERWISE PROVIDED FOR
    • G06Q20/00Payment architectures, schemes or protocols
    • G06Q20/38Payment protocols; Details thereof
    • G06Q20/382Payment protocols; Details thereof insuring higher security of transaction
    • G06Q20/3829Payment protocols; Details thereof insuring higher security of transaction involving key management
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06QINFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES, NOT OTHERWISE PROVIDED FOR
    • G06Q20/00Payment architectures, schemes or protocols
    • G06Q20/38Payment protocols; Details thereof
    • G06Q20/40Authorisation, e.g. identification of payer or payee, verification of customer or shop credentials; Review and approval of payers, e.g. check credit lines or negative lists
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06QINFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES, NOT OTHERWISE PROVIDED FOR
    • G06Q20/00Payment architectures, schemes or protocols
    • G06Q20/38Payment protocols; Details thereof
    • G06Q20/40Authorisation, e.g. identification of payer or payee, verification of customer or shop credentials; Review and approval of payers, e.g. check credit lines or negative lists
    • G06Q20/401Transaction verification
    • G06Q20/4014Identity check for transactions

Landscapes

  • Business, Economics & Management (AREA)
  • Engineering & Computer Science (AREA)
  • Accounting & Taxation (AREA)
  • Finance (AREA)
  • Strategic Management (AREA)
  • Physics & Mathematics (AREA)
  • General Business, Economics & Management (AREA)
  • General Physics & Mathematics (AREA)
  • Theoretical Computer Science (AREA)
  • Computer Security & Cryptography (AREA)
  • Computer Networks & Wireless Communication (AREA)
  • Financial Or Insurance-Related Operations Such As Payment And Settlement (AREA)

Abstract

A payment method and payment system based on a security authentication mechanism, wherein same falls within the technical field of mobile payment. The payment method comprises: a first mobile terminal acquiring a payment request and signing same, and sending same to a second mobile terminal (S1); the first mobile terminal receiving signature verification feedback and the signature sent by the second mobile terminal, and verifying the signature from the second mobile terminal (S2); the first mobile terminal acquiring payment information and signing same, and sending same to the second mobile terminal (S3); and the first mobile terminal receiving payment success feedback sent by the second mobile terminal (S4). During the process of payment, local signature and local signature verification operations are performed in each step without a network, making same simple and convenient, and secure and reliable.

Description

A Payment Method and Payment System Based on Security Authentication Mechanism Field of the Invention The present invention relates to the field of mobile payment technology, and more particularly to a payment method and a payment system.
Background of the Invention With the continuous development of science and technology, mobile payment is more and more popular among users and businesses. Mobile payment, also known as mobile phone payment, is a way of allowing users to use their mobile terminals (usually mobile phones) to pay for the goods or service they consume. Units or individuals through the mobile device, the Internet or close proximity sensor directly or indirectly send payment instructions to the bank financial institutions to generate money and money transfer behavior, in order to achieve mobile payment function. Mobile payment fuses the terminal device, the Internet, application providers and financial institutions, to provide users with currency payment, charge and other financial services.
Mobile payment is mainly divided into near field payment and remote payment. The so-called near-field payment is the way to use mobile phone credit card to take public transport or buy goods, which is very convenient. Remote payment means to pay by sending payment instructions (such as online banking, telephone banking, mobile payment, etc.) or the payment tool (such as mail, remittance), etc.
Because of the powerful function of mobile payment, it brings great convenience to people's daily life. However, the current mobile payment methods are generally through the dynamic password for authentication, of which security performance is not enough.
Summary of the Invention In view of the above-mentioned problems, the present invention aims to provide a payment method and a payment system based on a security authentication mechanism, which greatly improves the security performance in the payment process.
The technical scheme provided by the invention is as follows A payment method based on a security authentication mechanism, including: S1 The first mobile terminal obtains the payment request and sends the signature to the second mobile terminal; S2 The first mobile terminal receives the signature verification feedback and signature sent by the second mobile terminal and verifies the signature of the second mobile terminal; S3 The first mobile terminal acquires the payment information and sends the signature to the second mobile terminal; S4 The first mobile terminal receives the payment success feedback sent by the second mobile terminal.
It is further preferred that, the step S1 specifically includes: S11 The first mobile terminal acquires the payment request; S12 The first mobile terminal uses the built-in first security plug-in and the second public key to encrypt the payment request; S13 The first mobile terminal uses the built-in first security plug-in and the first private key signs the encrypted payment request; S14 The first mobile terminal sends the signed payment to the second mobile payment.
It is further preferred that, the step S2 specifically includes: S21 The second mobile terminal receives signed payment request sent by the first mobile terminal; S22 The second mobile terminal uses the built-in second security plug-in and the first public key to verify the signature of the first mobile terminal and generates a signature verification feedback; S23 The second mobile terminal uses the built-in second security plug-in and the second private key to decrypt the encrypted payment request; S24 The second mobile terminal uses the built-in second security plug-in and the first public key to encrypt signature verification feedback; S25 The second mobile terminal uses the built-in second security plug-in and the second private key sign the encrypted signature verification feedback; S26 The second mobile terminal sends the signed signature verification feedback to the first mobile terminal; S27 The first mobile terminal uses the built-in first security plug-in and the second public key verifies the signature of the second mobile terminal; S28 The first mobile terminal uses the built-in security plug-in and the first private key to decrypt the encrypted signature verification feedback.
It is further preferred that, the step S3 specifically includes: S31 The first mobile terminal acquires the payment information which includes the payment amount; S32 The first mobile terminal uses the built-in first security plug-in and the second public key to encrypt the payment information; S33 The first mobile terminal uses the built-in first security plug-in and the first private key to sign the encrypted payment information; S34 The first mobile terminal sends the signed payment information to the second mobile terminal.
It is further preferred that, the step S4 specifically includes: S41 The second mobile terminal receives the signed payment information sent by the first mobile terminal; S42 The second mobile terminal uses the built-in second security plug-in and the first public key to verify the signature of the first mobile terminal; S43 The second mobile terminal uses the built-in second security plug-in and the second private key to decrypt the encrypted payment information; S44 The second mobile terminal logs into the payment wallet and adds the amount of money accordingly based on the received payment information; S45 The second mobile terminal uses the built-in second security plug-in and the first public key to encrypt the payment success feedback; S46 The second mobile terminal uses the built-in second security plug-in and the second private key to sign the encrypted payment success feedback; S47 The second mobile terminal sends the signed payment success feedback to the first mobile terminal.
It is further preferred that after step S4 there includes: S51 The first mobile terminal uses the built-in first security plug-in and the second public key to verify the signature of the second mobile terminal; S52 The first mobile terminal uses the built-in first security plug-in and the first private key to decrypt the encrypted payment success feedback; S53 The first logs into the payment wallet from which to complete the charge, to complete the payment.
It is further preferred that before step S1 there includes: S01 The first mobile terminal and the second mobile terminal sends the registration message to the server; S02 The server generates the first public key and the first private key of the first mobile terminal and the second public key and the second private key of the second mobile terminal; S03 The server generates the first security plug-in based on the registration information of the first mobile terminal and calculation algorithm and issues it with the second public key of the second mobile terminal and the first private key of the first mobile terminal to the first mobile terminal; S04 The server generates the second security plug-in based on the registration information of the first mobile terminal and calculation algorithm and issues it with the second private key of the second mobile terminal and the first public key of the first mobile terminal to the second mobile terminal.
The present invention also provides a payment system based on a security authentication mechanism, including the first mobile terminal and the second mobile terminal that communicate with each other, among them: The first mobile terminal is used for acquiring the payment request and signs it to send to the second mobile terminal; used for receiving the signature verification feedback and the signature sent by the second mobile terminal and verification the signature of the second mobile terminal; used for obtaining the payment information and signing it to send to the second mobile terminal; used for receiving the payment success feedback sent by the second mobile terminal and verifying the signature of it, then logging into payment wallet and completing charge in the wallet, completing the payment.
The second mobile terminal is used for receiving the signed payment request and verifying the signature of the first mobile terminal to generate the signature verification feedback; used for receiving the signing the signature verification feedback and sending it to the first mobile terminal; used for receiving the signed payment information and verifying the signature of the first mobile terminal and logging into the payment wallet and add the amount of money accordingly; and used for signing the payment success feedback and sending it to the first mobile terminal.
It is further preferred that the payment system also includes a server that respectively communicates with the first mobile terminal and the second mobile terminal. The server obtains the first security plug-in, the first public key and the first private key based on the first mobile terminal. The server obtains the second security plug-in, the second public key and the second private key based on the second mobile terminal. The server issues the first security plug-in, the second public key and the first private key to the first mobile terminal and issues the second security plug-in, the first public key and the second private key to the second mobile terminal.
The payment method and the payment system based on the security authentication mechanism provided by the present invention have the advantages that: In the payment method and the payment system provided by the present invention, the server side generates the corresponding first security plug-in and the second security plug-in and issues them respectively to the first mobile terminal and the second mobile terminal. In this way, in the process of the payment, each step has local signing and local verifying operation, which can be carried out without network, easy and simple, safe and reliable.
In the payment process, the two mobile terminals authenticate each other and restrict each other, greatly improving the security of the process of the data exchange (such as sending payment request and payment information), not easily cracked by others.
Brief Description of the Drawings is a flow diagram of the payment method based on a security authentication mechanism; is a cross-sectional view of a payment system applied to the above-described payment method provided by the present invention; is another cross-sectional view of a payment system applied to the above-described payment method provided by the present invention; Reference number: 1-the first mobile terminal, 2-the second mobile terminal, 3- the server.
Detailed Description of the Invention The invention will now be described in further detail with reference to the accompanying drawings and specific embodiments. It is to be understood that the specific details of the invention which are described below are only for the purpose of illustrating the invention and are not to be construed as limiting the invention. Any modifications and variations made in accordance with the teachings of the invention described are also within the scope of the invention. shows a flow diagram of a payment method based on a security authentication mechanism provided by the present invention. As can be seen from the figure, the payment method includes: S1 The first mobile terminal obtains the payment request and sends the signature to the second mobile terminal; S2 The first mobile terminal receives the signature verification feedback and signature sent by the second mobile terminal and verifies the signature of the second mobile terminal; S3 The first mobile terminal acquires the payment information and sends the signature to the second mobile terminal; S4 The first mobile terminal receives the payment success feedback sent by the second mobile terminal.
Specifically, the step S1 includes: S11 The first mobile terminal acquires the payment request; S12 The first mobile terminal uses the built-in first security plug-in and the second public key to encrypt the payment request; S13 The first mobile terminal uses the built-in first security plug-in and the first private key signs the encrypted payment request; S14 The first mobile terminal sends the signed payment to the second mobile payment.
The step S2 specifically includes: S21 The second mobile terminal receives signed payment request sent by the first mobile terminal; S22 The second mobile terminal uses the built-in second security plug-in and the first public key to verify the signature of the first mobile terminal and generates a signature verification feedback; S23 The second mobile terminal uses the built-in second security plug-in and the second private key to decrypt the encrypted payment request; S24 The second mobile terminal uses the built-in second security plug-in and the first public key to encrypt signature verification feedback; S25 The second mobile terminal uses the built-in second security plug-in and the second private key sign the encrypted signature verification feedback; S26 The second mobile terminal sends the signed signature verification feedback to the first mobile terminal; S27 The first mobile terminal uses the built-in first security plug-in and the second public key verifies the signature of the second mobile terminal; S28 The first mobile terminal uses the built-in security plug-in and the first private key to decrypt the encrypted signature verification feedback. Specifically, in the step S2, only when the verification feedback received by the first terminal is verification success, the process will go to the next step S3. If the verification feedback received by the first mobile terminal, it is noted that the first mobile terminal does not pass the second mobile terminal’s verification and the payment will be terminated. The content described in step S1 and step S2 shows that the first public key and the first private key are a pair of key, the second public key and the second private key are a pair of key, and the first private key are a pair of key for the first mobile terminal, the second public key and the second private key are a pair of key for the second mobile terminal.
The step S3 specifically includes: S31 The first mobile terminal acquires the payment information which includes the payment amount; S32 The first mobile terminal uses the built-in first security plug-in and the second public key to encrypt the payment information; S33 The first mobile terminal uses the built-in first security plug-in and the first private key to sign the encrypted payment information; S34 The first mobile terminal sends the signed payment information to the second mobile terminal. More specifically, the above payment includes but is not limited to the time of payment and the account name of the receiver and so on besides the amount of the payment. In this way, the second mobile terminal makes sure and pays after receives the payment information.
The step S4 specifically includes: S41 The second mobile terminal receives the signed payment information sent by the first mobile terminal; S42 The second mobile terminal uses the built-in second security plug-in and the first public key to verify the signature of the first mobile terminal; S43 The second mobile terminal uses the built-in second security plug-in and the second private key to decrypt the encrypted payment information; S44 The second mobile terminal logs into the payment wallet and adds the amount of money accordingly based on the received payment information; S45 The second mobile terminal uses the built-in second security plug-in and the first public key to encrypt the payment success feedback; S46 The second mobile terminal uses the built-in second security plug-in and the second private key to sign the encrypted payment success feedback; S47 The second mobile terminal sends the signed payment success feedback to the first mobile terminal. Specifically, in this process, when the second mobile terminal verifies the signature of the first mobile terminal and decrypts to get the payment information, the second mobile terminal logs in to the payment wallet and increase the corresponding amount from the third-party payment platform to the payment wallet, and generates the payment success feedback. Of course, if the first mobile terminal fails the authentication of the second mobile terminal, immediately terminate the payment, reports verification failure to the first mobile terminal and requires another verification.
It is further preferred that after step S4 there includes: S51 The first mobile terminal uses the built-in first security plug-in and the second public key to verify the signature of the second mobile terminal; S52 The first mobile terminal uses the built-in first security plug-in and the first private key to decrypt the encrypted payment success feedback; S53 The first logs into the payment wallet from which to complete the charge, to complete the payment. In this process, the first mobile terminal logs in to the payment wallet to complete deducting money immediately after receives the payment success feedback sent by the second mobile terminal and verifies the signature of the second mobile terminal. It is to be noted that the payment wallet registered here is the same as the payment wallet registered by the second mobile terminal, that is, the amount of the charge is the amount charged by the second mobile terminal.
It can be seen that in the present invention, during the entire payment process, each time a data communication is performed between the first mobile terminal and the second mobile terminal, the identity of the other party is authenticated (verifying signature) using its built-in security plug-in. And only the verification successes it will enter the next step, once the verification fails, the payment will be terminated. The payment process is safe and reliable.
In addition, before step S1 there includes: S01 The first mobile terminal and the second mobile terminal sends the registration message to the server; S02 The server generates the first public key and the first private key of the first mobile terminal and the second public key and the second private key of the second mobile terminal; S03 The server generates the first security plug-in based on the registration information of the first mobile terminal and calculation algorithm and issues it with the second public key of the second mobile terminal and the first private key of the first mobile terminal to the first mobile terminal; S04 The server generates the second security plug-in based on the information of the first mobile terminal and calculation algorithm and issues it with the second private key of the second mobile terminal and the first public key of the first mobile terminal to the second mobile terminal. Specifically, the registered information includes username, login password, identity information of the unique identity terminal, etc. And the calculation algorithm used in the generation of the first security plug-in and the second security plug-in are the same.
As the shows, there is a hardware diagram of an embodiment of the payment system applied to the payment method described above provided by the present invention. As can be seen from the figure, the payment system includes the first mobile terminal 1 and the second mobile terminal 2 that communicate with each other. In the course of work, at first, the first mobile terminal obtains the payment request and signs it to send to the second mobile terminal; the second mobile terminal receives the signed payment request and then verifies it using the built-in second security plug-in. If the verification successes, return a verification feedback and sign it, send the signed verification feedback to the first mobile terminal. After that, the first mobile terminal receives the verification feedback and the signature sent by the second mobile terminal and verifies the signature of the second mobile terminal using the built-in first security plug-in. If the verification successes, then obtain the payment information including amount of money of payment and sign it, send it to the second mobile terminal. The second mobile terminal receives the signed payment information and verifies it using the built-in second security plug-in. If the verification successes, log in to the payment wallet and add the amount of money from the third party payment platform; then return signed payment success feedback. The first mobile terminal verifies the signature using the built-in first security plug-in after receiving the payment success feedback sent by the second mobile terminal. And after the verification completes, log in to the payment wallet and complete deductions, completing the payment.
It is further preferred that the first mobile terminal includes: the message acquisition module used for obtaining the payment request and payment information. The first storage module used for storing the first security plug-in, the first private key and the second public key, the first encryption module used for encrypting the payment request and payment information, the first decryption module used for decrypting the verification feedback and payment success feedback returned by the second mobile terminal, the first signature module used for signing the encrypted payment request and the payment information, the first verification module used for verifying the received signed verification feedback and the payment success feedback and the first message sending module used for sending the signed payment request and the payment information. Among them, the message acquisition module is connected with the first encryption module.
The first storage module is respectively connected with the first encryption module, the first decryption module, the first signature module and the first verification module. The first encryption module is connected with the first signature module. The decryption module is connected with the first verification module. The first message sending module is connected with the first signature module.
The second mobile terminal includes: the message receiving module used for receiving the signed payment request and the signed payment information sent by the first mobile terminal, the second storage module used for storing the second security plug-in, the second private key and the first public key, the second encryption module used for encrypting the verification feedback and the payment success feedback, the second decryption module used for decrypting the payment request and the payment information sent by the first mobile terminal, the second signature module used for signing the encrypted verification feedback and the payment success feedback, the second verification module used for verifying the received signed payment request an the payment information feedback and the second message sending module used for sending the signed verification feedback and the payment success feedback to the first mobile terminal. Among them, the message receiving module is connected with the second verification module. The second storage module is respectively connected with the second encryption module, the second decryption module, the second signature module and the second verification module. The second encryption module is connected with the second signature module. The second decryption module is connected with the second verification module. The second message sending module is connected with the second signature module.
As the shows, there is another hardware diagram of an embodiment of the payment system applied to the payment method described above provided by the present invention. As can be seen from the figure, the payment system also includes a server respectively connected with the first mobile terminal and the second mobile terminal. The server obtains the first security plug-in, the first public key and the first private key based on the first mobile terminal. And the server obtains the second security plug-in, the second public key and the second private key based on the second mobile terminal. And the server sends the first security plug-in, the second public key and the first private key to the first mobile terminal. The terminal sends the second security plug-in, the first public key and the second private key to the second mobile terminal. Specifically, the registered information includes the username, the login password, the identity information of the unique identity terminal, etc. And the algorithm to generate the first security plug-in and that to generate the second security plug-in are the same.
In a specific embodiment, both the first mobile terminal and the second mobile terminal are mobile phone terminal, respectively called the first mobile phone and the second mobile phone. In the absence of network payment in the market, for example, the whole payment process is as follows: The first mobile phone issues the signature and the payment request; the second mobile phone receives the signature and verifies it using the built-in second security plug-in. If the verification passes, report back the signature of the second signature. If not passed, terminate the payment and report back the verification failure. Then the first mobile phone performs the signature verification of the second mobile phone after receives the signature feedback and signature. If the verification passes, issue the payment amount request. If not passed, terminate the payment and report back the verification failure. Then the second mobile phone verifies the first mobile phone after receives the payment amount request sent by the first mobile phone. If the verification passes, report back payment success and add the amount of money of payment in the payment wallet by the corresponding amount of payment. If the verification does not pass, terminate the payment and report back the verification failure. At last, the first mobile phone receives the feedback sent by the second mobile phone and deducts the amount of money in the payment wallet, to complete the payment.
The present invention has been described in detail by describing the case scenario of each process. It will be understood by those skilled in the art that modifications and variations may be made without departing from the spirit of the invention, such as the use of part of the module and the embedding of the system in other applications.

Claims (8)

CLAIMS :
1. A payment method based on a security authentication mechanism, wherein the payment method includes: S1 a first mobile terminal obtains a payment request from a user, signs the payment request and sends the signed payment request to a second mobile terminal that connected to the first mobile terminal; S2 the first mobile terminal receives a signature verification feedback and a digital signature from the second mobile terminal and verifies the digital signature of the second mobile terminal; S3 the first mobile terminal obtains payment information, signs the payment information and sends the signed payment information to the second mobile terminal; and S4 the first mobile terminal receives a payment success feedback from the second mobile terminal; in which, before step S1 there includes: S01 the first mobile terminal and the second mobile terminal respectively send a registration message to a server for managing keys; S02 the server generates a pair of keys for the first mobile terminal that include a first public key and a first private key, and a pair of keys for the second mobile terminal that include a second public key and a second private key; S03 the server generates a first security plug-in based on the registration message of the first mobile terminal, sends the first security plug-in, the second public key of the second mobile terminal and the first private key of the first mobile terminal to the first mobile terminal; and S04 the server generates a second security plug-in based on the registration message of the second mobile terminal, and sends the second security plug-in, the second private key of the second mobile terminal and the first public key of the first mobile terminal to the second mobile terminal.
2. The payment method according to claim 1, wherein, the step S1 specifically includes: S10 installing the first security plug-in into the first mobile terminal to provide a built-in first security plug-in; S11 the first mobile terminal obtains the payment request from the user; S12 the first mobile terminal uses the built-in first security plug-in and the second public key to encrypt the payment request; S13 the first mobile terminal uses the built-in first security plug-in and the first private key to sign the encrypted payment request; and S14 the first mobile terminal sends the signed encrypted payment request to the second mobile payment.
3. The payment method according to claim 1, wherein, the step S2 specifically includes: S20 installing the first security plug-in into the first mobile terminal to provide a built-in first security plug-in and installing the second security plug-in into the second mobile terminal to provide a built-in second security plug-in; S21 the second mobile terminal receives the signed payment request from the first mobile terminal; S22 the second mobile terminal uses the built-in second security plug-in and the first public key to verify the signature of the first mobile terminal and generate the signature verification feedback; S23 the second mobile terminal uses the built-in second security plug-in and the second private key to decrypt the encrypted payment request; S24 the second mobile terminal uses the built-in second security plug-in and the first public key to encrypt the signature verification feedback; S25 the second mobile terminal uses the built-in second security plug-in and the second private key to sign the encrypted signature verification feedback; S26 the second mobile terminal sends the signed encrypted signature verification feedback to the first mobile terminal; S27 the first mobile terminal uses the built-in first security plug-in and the second public key to verify the signature of the second mobile terminal; and S28 the first mobile terminal uses the built-in security plug-in and the first private key to decrypt the encrypted signature verification feedback.
4. The payment method according to claim 1, wherein, the step S3 specifically includes: S30 installing the first security plug-in into the first mobile terminal to provide a built-in first security plug-in; S31 the first mobile terminal obtains the payment information including a payment amount; S32 the first mobile terminal uses the built-in first security plug-in and the second public key to encrypt the payment information; S33 the first mobile terminal uses the built-in first security plug-in and the first private key to sign the encrypted payment information; and S34 the first mobile terminal sends the signed encrypted payment information to the second mobile terminal.
5. The payment method according to claim 1, wherein, the step S4 specifically includes: S40 installing the second security plug-in into the second mobile terminal to provide a built-in second security plug-in; S41 the second mobile terminal receives the signed payment information from the first mobile terminal; S42 the second mobile terminal uses the built-in second security plug-in and the first public key to verify the signature of the first mobile terminal; S43 the second mobile terminal uses the built-in second security plug-in and the second private key to decrypt the encrypted payment information; S44 the second mobile terminal logs into a payment wallet of the second mobile terminal and increases the amount of the payment wallet accordingly based on the received payment information; S45 the second mobile terminal uses the built-in second security plug-in and the first public key to encrypt the payment success feedback; S46 the second mobile terminal uses the built-in second security plug-in and the second private key to sign the encrypted payment success feedback; and S47 the second mobile terminal sends the signed encrypted payment success feedback to the first mobile terminal.
6. The payment method according to any one of claims 1 to 5, wherein, after step S4 there includes: S50 installing the first security plug-in into the first mobile terminal to provide a built-in first security plug-in; S51 the first mobile terminal uses the built-in first security plug-in and the second public key to verify the signature of the second mobile terminal; S52 the first mobile terminal uses the built-in first security plug-in and the first private key to decrypt the encrypted payment success feedback; and S53 the first mobile terminal logs into a payment wallet of the first mobile terminal and deducts the amount of the payment wallet accordingly based on the obtained payment information, to complete the payment.
7. A payment system based on security authentication mechanism, wherein the payment system includes a first mobile terminal and a second mobile terminal that are in communication with each other, wherein: the first mobile terminal is used for: obtaining a payment request, signing the payment request and sending the signed payment request to the second mobile terminal; receiving a signed signature verification feedback and a signature from the second mobile terminal, and verifying the signature of the second mobile terminal; obtaining payment information, signing the payment information and sending the signed payment information to the second mobile terminal with a signature; and receiving a signed payment success feedback from the second mobile terminal and verifying the signature of the second mobile terminal, then logging in to a payment wallet of the first mobile terminal to complete a deduction, deducting an amount from the payment wallet, thereby completing the payment; and the second mobile terminal is used for: receiving the signed payment request from the first mobile terminal and verifying the signature of the first mobile terminal, then generating a signature verification feedback; signing the signature verification feedback and sending the signed signature verification feedback to the first mobile terminal; receiving the signed payment information and verifying the signature of the first mobile terminal, then logging in to a payment wallet of the second mobile terminal and adding an amount of money by increasing the amount of the payment wallet accordingly; and signing a payment success feedback and sending the signed payment success feedback to the first mobile terminal.
8. The payment system according to the claim 7, wherein the payment system also includes a server that respectively communicates with the first mobile terminal and the second mobile terminal; wherein the server: generates a first security plug-in, a first public key and a first private key based on the first mobile terminal; generates a second security plug-in, a second public key and a second private key based on the second mobile terminal; sends the first security plug-in, the second public key and the first private key to the first mobile terminal; and sends the second security plug-in, the first public key and the second private key to the second mobile terminal.
NZ751163A 2016-08-31 2017-06-05 A payment method and payment system based on security authentication mechanism NZ751163B2 (en)

Applications Claiming Priority (3)

Application Number Priority Date Filing Date Title
CN201610783530.7A CN106372942B (en) 2016-08-31 2016-08-31 A kind of method of payment and payment system based on security authentication mechanism
CN201610783530.7 2016-08-31
PCT/CN2017/087190 WO2018040651A1 (en) 2016-08-31 2017-06-05 Payment method and payment system based on security authentication mechanism

Publications (2)

Publication Number Publication Date
NZ751163A true NZ751163A (en) 2021-11-26
NZ751163B2 NZ751163B2 (en) 2022-03-01

Family

ID=

Also Published As

Publication number Publication date
WO2018040651A1 (en) 2018-03-08
AU2017319373A1 (en) 2019-03-21
CN106372942A (en) 2017-02-01
CN106372942B (en) 2018-09-21

Similar Documents

Publication Publication Date Title
US11258777B2 (en) Method for carrying out a two-factor authentication
US20200336315A1 (en) Validation cryptogram for transaction
US20230146705A1 (en) Federated closed-loop system
AU2017319373A1 (en) Payment method and payment system based on security authentication mechanism
US20030055738A1 (en) Method and system for effecting an electronic transaction
US20150128243A1 (en) Method of authenticating a device and encrypting data transmitted between the device and a server
CN110290134B (en) Identity authentication method, identity authentication device, storage medium and processor
KR20120017044A (en) System and method for personal certification using a mobile device
US11698982B2 (en) System and method for protecting location data
TWI591553B (en) Systems and methods for mobile devices to trade financial documents
JP2015537399A (en) Application system for mobile payment and method for providing and using mobile payment means
CN101842795A (en) System, method and device for enabling interaction with dynamic security
US20230062507A1 (en) User authentication at access control server using mobile device
Kisore et al. A secure SMS protocol for implementing digital cash system
Isaac et al. Anonymous payment in a client centric model for digital ecosystems
TW201935295A (en) Real-name authentication service system and real-name authentication service method
NZ751163B2 (en) A payment method and payment system based on security authentication mechanism
Dass et al. Security framework for addressing the issues of trust on mobile financial services
US11960581B2 (en) Mobile device secret protection system and method
KR20120123230A (en) Finance system and financial transaction data transmission method and data decryption system and method for securely delivering of financial transaction information
JP4148465B2 (en) Electronic value distribution system and electronic value distribution method
Me Security overview for m-payed virtual ticketing
RU2636694C2 (en) Method of message secure exchange organization
CN113191750A (en) Block chain network secure transaction system and method
CN115310976A (en) Non-contact transaction processing method, device and system

Legal Events

Date Code Title Description
PSEA Patent sealed
RENW Renewal (renewal fees accepted)

Free format text: PATENT RENEWED FOR 1 YEAR UNTIL 05 JUN 2023 BY SPRUSON + FERGUSON PTY LTD

Effective date: 20220726

RENW Renewal (renewal fees accepted)

Free format text: PATENT RENEWED FOR 1 YEAR UNTIL 05 JUN 2024 BY SPRUSON + FERGUSON PTY LTD

Effective date: 20230605