TW201828205A - Transaction method, device and system used in virtual reality environment - Google Patents

Transaction method, device and system used in virtual reality environment Download PDF

Info

Publication number
TW201828205A
TW201828205A TW106145264A TW106145264A TW201828205A TW 201828205 A TW201828205 A TW 201828205A TW 106145264 A TW106145264 A TW 106145264A TW 106145264 A TW106145264 A TW 106145264A TW 201828205 A TW201828205 A TW 201828205A
Authority
TW
Taiwan
Prior art keywords
transaction
identification information
user
information
virtual reality
Prior art date
Application number
TW106145264A
Other languages
Chinese (zh)
Other versions
TWI679556B (en
Inventor
童耀剛
鄭建賓
周鈺
Original Assignee
大陸商中國銀聯股份有限公司
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by 大陸商中國銀聯股份有限公司 filed Critical 大陸商中國銀聯股份有限公司
Publication of TW201828205A publication Critical patent/TW201828205A/en
Application granted granted Critical
Publication of TWI679556B publication Critical patent/TWI679556B/en

Links

Classifications

    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F3/00Input arrangements for transferring data to be processed into a form capable of being handled by the computer; Output arrangements for transferring data from processing unit to output unit, e.g. interface arrangements
    • G06F3/01Input arrangements or combined input and output arrangements for interaction between user and computer
    • G06F3/011Arrangements for interaction with the human body, e.g. for user immersion in virtual reality
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06QINFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES, NOT OTHERWISE PROVIDED FOR
    • G06Q30/00Commerce
    • G06Q30/06Buying, selling or leasing transactions
    • G06Q30/0601Electronic shopping [e-shopping]

Landscapes

  • Engineering & Computer Science (AREA)
  • Theoretical Computer Science (AREA)
  • Business, Economics & Management (AREA)
  • Finance (AREA)
  • General Physics & Mathematics (AREA)
  • Physics & Mathematics (AREA)
  • Accounting & Taxation (AREA)
  • General Engineering & Computer Science (AREA)
  • Human Computer Interaction (AREA)
  • Development Economics (AREA)
  • Economics (AREA)
  • Marketing (AREA)
  • Strategic Management (AREA)
  • General Business, Economics & Management (AREA)
  • Financial Or Insurance-Related Operations Such As Payment And Settlement (AREA)
  • Management, Administration, Business Operations System, And Electronic Commerce (AREA)

Abstract

Provided is a transaction method, device and system used in a virtual reality environment. The method comprises: generating a transaction request based on received user identity identifier information; transmitting the user identity identifier information to a trusted management platform; receiving an encrypted device identifier associated with the user identity identifier information from the trusted management platform; and sending the transaction request together with the encrypted device identifier to a user transaction device. In addition, also provided are a virtual reality device for implementing the method, a corresponding method implemented on a transaction device and a trusted management platform, a corresponding transaction device and a trusted management platform, and a transaction system for use in a virtual reality environment.

Description

用於虛擬實境環境的交易方法、裝置及系統Transaction method, device and system for virtual reality environment

本發明一般地涉及銀行卡安全技術領域,並且具體地,涉及在虛擬實境(VR)環境下的交易。The present invention relates generally to the technical field of bank card security, and in particular, to transactions in a virtual reality (VR) environment.

目前虛擬實境(VR)技術逐漸進入人們的生活,尤其是在虛擬實境購物方面。對於現有的虛擬實境百貨商場,用戶只要在 iOS 或 Android 系統上下載應用程序,購物者就可以足不出戶利用VR設備瀏覽到成千上萬的商品。   然而,在虛擬實境場景下沉浸式的選品、試穿、下單後,用戶仍需要離開虛擬環境進行支付,例如需要摘下VR設備,並且在交易設備上跳轉到支付頁面來完成付款,導致用戶體驗較差。   有互聯網公司對於在虛擬實境環境下的支付進行了一種設計,具體方法包括:用戶在接入了VR應用程序的商家店鋪內下單後,VR界面內會跳出一個3D形態的收銀台,用戶根據所佩戴的VR設備的操作特點,通過凝視、點頭、手勢等控制方法登陸支付帳戶,並輸入密碼完成交易。這類支付方式雖然能夠解決離開虛擬實境環境支付的問題,但是其具有許多其他缺點,包括沒有對用戶的VR設備進行安全認證、帳號密碼輸入的操作過程容易被設備內軟件監聽,以及通過記錄用戶動作推測出用戶的輸入信息具有很高的信息被盜取風險。此外,用戶需要通過手勢、體態等方式進行帳號登錄和密碼輸入,而實際中用戶的這些信息都較複雜,不易操作,導致用戶的體驗很差。   另一方面,現有技術中還利用VR設備作為內置證書的可信設備,通過該可穿戴設備的證書簽名來認證用於支付的移動設備。該方法實質是將VR設備當成一個U盾使用。這存在明顯的安全隱患,即一旦VR設備丟失或者被惡意竊取,他人同樣可以利用可穿戴設備認證其他移動設備的交易並進行支付。   因此,所期望的是設計一種可靠的用於虛擬實境環境的交易方案,在確保用戶體驗的同時保證交易的安全性。At present, virtual reality (VR) technology is gradually entering people's lives, especially in terms of virtual reality shopping. For existing virtual reality department stores, as long as users download applications on iOS or Android systems, shoppers can use VR devices to browse thousands of products without leaving home. However, after immersive selection, trying on, and placing an order in a virtual reality scene, users still need to leave the virtual environment to pay, for example, they need to remove the VR device and jump to the payment page on the transaction device to complete the payment. This results in a poor user experience. Some Internet companies have designed a payment in a virtual reality environment. The specific methods include: After the user places an order in a merchant store that has connected to the VR application, a 3D cashier will pop up in the VR interface. According to the operating characteristics of the worn VR device, log in to the payment account through control methods such as gaze, nod, and gesture, and enter the password to complete the transaction. Although this type of payment method can solve the problem of leaving the virtual reality environment, it has many other disadvantages, including the lack of security authentication of the user's VR device, the operation process of account and password input is easily monitored by the software in the device, and the record The user action infers that the user's input information has a high risk of information theft. In addition, users need to perform account login and password input through gestures, postures, etc. In practice, this information of the user is complicated and difficult to operate, resulting in a poor user experience. On the other hand, in the prior art, a VR device is also used as a trusted device with a built-in certificate, and the wearable device's certificate signature is used to authenticate the mobile device for payment. The method essentially uses the VR device as a USB shield. This has obvious security risks, that is, once the VR device is lost or maliciously stolen, others can also use the wearable device to authenticate other mobile device transactions and make payments. Therefore, what is desired is to design a reliable transaction scheme for the virtual reality environment, ensuring the security of the transaction while ensuring the user experience.

有鑑於此,本發明提供了一種用於虛擬實境環境的交易方案,可改善上述問題。   一方面,本發明提供了一種用於虛擬實境環境的交易方法,其包括:基於接收到用戶身份標識信息而產生交易請求;將所述用戶身份標識信息傳送至可信管理平臺;從所述可信管理平臺接收與所述用戶身份標識信息關聯的經加密的設備標識;以及連同所述經加密的設備標識一起向用戶的交易設備發送所述交易請求以利用與所述交易設備關聯的帳戶進行交易。   如上所述的交易方法,其中,所述用戶身份標識信息是用戶的生物特徵信息。   如上所述的交易方法,其中,所述設備標識基於所述交易設備的設備硬件參數以及設備使用情況數據生成。   如上所述的交易方法,其中,所述設備使用情況數據包括設備的網絡信息、地理位置信息以及用戶偏好行為信息中的一個或多個。   如上所述的交易方法,其中,接收與所述用戶身份標識信息關聯的經加密的設備標識包括接收與所述用戶身份標識信息關聯的所有交易設備的、經加密的設備標識。   如上所述的交易方法,其中,所述交易請求包括交易金額以及交易對象。   另一方面,本發明還提供了一種虛擬實境設備,其包括信息採集模塊,用於接收用戶身份標識信息;請求生成模塊,其基於接收到所述用戶身份標識信息而生成交易請求;信息傳輸模塊,用於將所述用戶身份標識信息傳送至可信管理平臺;以及信息接收模塊,用於從所述可信管理平臺接收與所述用戶身份標識信息關聯的經加密的設備標識;其中所述信息傳輸模塊還被配置用於連同所述經加密的設備標識一起向用戶的交易設備發送所述交易請求以利用與所述交易設備關聯的帳戶進行交易。   還有另一方面,本發明提供了一種用於虛擬實境環境的交易方法,其包括:將用戶身份標識信息與用戶的交易設備的設備標識信息一起發送至可信管理平臺;從所述可信管理平臺接收對應於所述設備標識信息的證書;在連同交易請求一起從虛擬實境設備收到經加密的設備標識時利用所述證書對所述經加密的設備標識進行解密;將解密得到的設備標識信息與本地採集的設備標識信息進行比對;以及在解密得到的設備標識信息與本地採集的設備標識信息匹配的情況下響應所述交易請求而使用與該交易設備關聯的帳戶進行交易。   如上所述的交易方法,其中,所述用戶身份標識信息是用戶的生物特徵信息。   如上所述的交易方法,其中,向所述可信管理平臺發送設備標識信息包括發送所述交易設備的設備硬件參數以及設備使用情況數據。   如上所述的交易方法,其中,所述設備使用情況數據包括設備的網絡信息、地理位置信息以及用戶偏好行為信息中的一個或多個。   又一方面,本發明提供了一種交易設備,其包括:數據發送模塊,用於將用戶身份標識信息與用戶的交易設備的設備標識信息一起發送至可信管理平臺;數據接收模塊,用於從所述可信管理平臺接收對應於所述設備標識的證書以及從虛擬實境設備接收交易請求和經加密的設備標識;解密模塊,用於在連同交易請求一起從虛擬實境設備收到經加密的設備標識時利用所述證書對所述經加密的設備標識進行解密;比對模塊,用於將解密得到的設備標識信息與本地採集的設備標識信息進行比對;以及交易模塊,用於在解密得到的設備標識信息與本地採集的設備標識信息匹配的情況下響應所述交易請求而使用與該交易設備關聯的帳戶進行交易。   還有另一方面,本發明提供了一種用戶虛擬實境環境的交易方法,其包括: 從用戶的交易設備接收用戶身份標識信息和設備標識信息;生成對應於所述設備標識信息的證書;將所述證書發送給所述交易設備;以及在從虛擬實境設備收到所述用戶身份標識信息之後向所述虛擬實境設備發送與所述用戶身份標識信息關聯的經加密的設備標識;其中,所述證書用於在所述交易設備連同交易請求一起從所述虛擬實境設備接收所述經加密的設備標識時對經加密的設備標識進行解密以判斷是否響應所述交易請求而使用與該交易設備關聯的帳戶進行交易。   如上所述的交易方法,其中,所述用戶身份標識信息是用戶的生物特徵信息。   如上所述的交易方法,其中,所述設備標識信息包括所述交易設備的設備硬件參數以及設備使用情況數據。   如上所述的交易方法,其中,所述設備使用情況數據包括設備的網絡信息、地理位置信息以及用戶偏好行為信息中的一個或多個。   如上所述的交易方法,其還包括:基於所述設備硬件參數以及設備使用情況數據生成設備標識以及將所述設備標識與所述用戶身份標識信息關聯地存儲。   如上所述的交易方法,其中,向所述虛擬實境設備發送經加密的設備標識包括向所述虛擬實境設備發送與所述用戶身份標識信息關聯的所有設備的、經加密的設備標識。   又一方面,本發明還提供了一種可信管理平臺,其包括:數據接收模塊,用於從用戶的交易設備接收用戶身份標識信息和設備標識信息以及從虛擬實境設備接收所述用戶身份標識信息;證書生成模塊,用於生成對應於所述設備標識信息的證書;數據發送模塊,用於將所述證書發送給所述交易設備以及在從虛擬實境設備收到所述用戶身份標識信息之後向所述虛擬實境設備發送與所述用戶身份標識信息關聯的經加密的設備標識;其中,所述證書用於在所述交易設備連同交易請求一起從所述虛擬實境設備接收所述經加密的設備標識時對經加密的設備標識進行解密以判斷是否響應所述交易請求而使用與該交易設備關聯的帳戶進行交易。   又一方面,本發明還提供了一種用於虛擬支付環境的交易系統,其包括:虛擬實境設備、交易設備以及可信管理平臺,其中所述交易設備被配置為將用戶身份標識信息與用戶的交易設備的設備標識信息一起發送至可信管理平臺;所述可信管理平臺被配置為從所述交易設備接收用戶身份標識信息和設備標識信息、生成對應於所述設備標識信息的證書並且將所述證書發送給所述交易設備;所述虛擬實境設備被配置為基於接收到用戶身份標識信息而產生交易請求並且將所述用戶身份標識信息傳送至可信管理平臺;其中所述可信管理平臺還被配置為在從所述虛擬實境設備收到所述用戶身份標識信息之後向所述虛擬實境設備發送與所述用戶身份標識信息關聯的經加密的設備標識;並且其中所述虛擬實境設備還被配置為從所述可信管理平臺接收與所述用戶身份標識信息關聯的經加密的設備標識並且連同所述經加密的設備標識一起向用戶的交易設備發送所述交易請求以利用與所述交易設備關聯的帳戶進行交易;並且其中所述交易設備還被配置為在連同交易請求一起從虛擬實境設備收到經加密的設備標識時利用從所述可信管理平臺接收的所述證書對所述經加密的設備標識進行解密、將解密得到的設備標識信息與本地採集的設備標識信息進行比對並且在解密得到的設備標識信息與本地採集的設備標識信息匹配的情況下響應所述交易請求而使用與該交易設備關聯的帳戶進行交易。In view of this, the present invention provides a trading scheme for a virtual reality environment, which can improve the above problems. In one aspect, the present invention provides a transaction method for a virtual reality environment, which includes: generating a transaction request based on receiving user identification information; transmitting the user identification information to a trusted management platform; The trusted management platform receives an encrypted device identification associated with the user identification information; and sends the transaction request to a user's transaction device along with the encrypted device identification to utilize an account associated with the transaction device Trading. The transaction method as described above, wherein the user identification information is biometric information of the user. The transaction method as described above, wherein the device identification is generated based on device hardware parameters and device usage data of the transaction device. The transaction method described above, wherein the device usage data includes one or more of network information, geographic location information, and user preference behavior information of the device. The transaction method as described above, wherein receiving the encrypted device identification associated with the user identification information includes receiving the encrypted device identification of all transaction devices associated with the user identification information. The transaction method as described above, wherein the transaction request includes a transaction amount and a transaction object. In another aspect, the present invention also provides a virtual reality device, which includes an information collection module for receiving user identification information; a request generation module for generating a transaction request based on receiving the user identification information; information transmission A module for transmitting the user identification information to a trusted management platform; and an information receiving module for receiving an encrypted device identification associated with the user identification information from the trusted management platform; The information transmission module is further configured to send the transaction request to a user's transaction device along with the encrypted device identification to perform a transaction using an account associated with the transaction device. In yet another aspect, the present invention provides a transaction method for a virtual reality environment, which includes: sending user identification information and device identification information of a user's transaction device to a trusted management platform; The letter management platform receives the certificate corresponding to the device identification information; when receiving the encrypted device identification from the virtual reality device together with the transaction request, the certificate is used to decrypt the encrypted device identification; the decryption is obtained Compare the device identification information with the locally collected device identification information; and in the case that the decrypted device identification information matches the locally collected device identification information, use the account associated with the transaction device to perform a transaction in response to the transaction request . The transaction method as described above, wherein the user identification information is biometric information of the user. The transaction method as described above, wherein sending the device identification information to the trusted management platform includes sending device hardware parameters and device usage data of the transaction device. The transaction method described above, wherein the device usage data includes one or more of network information, geographic location information, and user preference behavior information of the device. In another aspect, the present invention provides a transaction device, which includes: a data sending module for sending user identification information and device identification information of a user's transaction device to a trusted management platform; and a data receiving module for receiving data from a trusted management platform. The trusted management platform receives a certificate corresponding to the device identification and receives a transaction request and an encrypted device identification from a virtual reality device; a decryption module is configured to receive the encrypted from the virtual reality device together with the transaction request Use the certificate to decrypt the encrypted device identification; a comparison module for comparing the decrypted device identification information with locally collected device identification information; and a transaction module for When the decrypted device identification information matches the locally collected device identification information, in response to the transaction request, a transaction is performed using an account associated with the transaction device. In yet another aspect, the present invention provides a user virtual reality environment transaction method, which includes: receiving user identification information and device identification information from a user's transaction device; generating a certificate corresponding to the device identification information; Sending the certificate to the transaction device; and sending the encrypted device identification associated with the user identification information to the virtual reality device after receiving the user identification information from the virtual reality device; wherein , The certificate is used to decrypt the encrypted device identification when the transaction device receives the encrypted device identification from the virtual reality device together with the transaction request to determine whether to use the and The account associated with the transaction device is used for transactions. The transaction method as described above, wherein the user identification information is biometric information of the user. The transaction method described above, wherein the device identification information includes device hardware parameters and device usage data of the transaction device. The transaction method described above, wherein the device usage data includes one or more of network information, geographic location information, and user preference behavior information of the device. The transaction method as described above, further comprising: generating a device identification based on the device hardware parameters and device usage data and storing the device identification in association with the user identification information. The transaction method as described above, wherein sending the encrypted device identification to the virtual reality device includes sending the encrypted device identification of all devices associated with the user identification information to the virtual reality device. In another aspect, the present invention also provides a trusted management platform, which includes a data receiving module configured to receive user identification information and device identification information from a user's transaction device and receive the user identification information from a virtual reality device. Information; a certificate generation module for generating a certificate corresponding to the device identification information; a data sending module for sending the certificate to the transaction device and receiving the user identification information from the virtual reality device Sending the encrypted device identification associated with the user identification information to the virtual reality device; wherein the certificate is used to receive the transaction device from the virtual reality device together with the transaction request When the encrypted device identification is decrypted, the encrypted device identification is decrypted to determine whether to use the account associated with the transaction device for a transaction in response to the transaction request. In another aspect, the present invention also provides a transaction system for a virtual payment environment, which includes a virtual reality device, a transaction device, and a trusted management platform, wherein the transaction device is configured to associate user identification information with a user Send the device identification information of the transaction device to a trusted management platform; the trusted management platform is configured to receive user identification information and device identification information from the transaction device, generate a certificate corresponding to the device identification information, and Sending the certificate to the transaction device; the virtual reality device is configured to generate a transaction request based on receiving user identification information and transmit the user identification information to a trusted management platform; wherein the The letter management platform is further configured to send the encrypted device identification associated with the user identification information to the virtual reality device after receiving the user identification information from the virtual reality device; and wherein The virtual reality device is further configured to receive from the trusted management platform with the user Share the encrypted device identification associated with the identification information and send the transaction request to the user's transaction device along with the encrypted device identification to conduct transactions using an account associated with the transaction device; and wherein the transaction device further And configured to decrypt the encrypted device identifier using the certificate received from the trusted management platform when the encrypted device identifier is received from the virtual reality device along with the transaction request, and the decrypted device The identification information is compared with the locally collected device identification information, and in the case that the decrypted device identification information matches the locally collected device identification information, in response to the transaction request, a transaction is performed using an account associated with the transaction device.

現在參照附圖描述本發明的示意性示例,相同的附圖標號表示相同的元件。下文描述的各示例有助於本領域技術人員透徹理解本發明,且各示例意在示例而非限制。圖中各元件、部件、模塊、裝置及設備本體的圖示僅示意性表明存在這些元件、部件、模塊、裝置及設備本體同時亦表明它們之間的相對關係,但並不用以限定它們的具體形狀;流程圖中各步驟的關係也不以所給出的順序為限,可根據實際應用進行調整但不脫離本申請的保護範圍。   圖1是根據本發明一個示例的用於虛擬實境環境的交易系統的示意圖。如圖1所示,系統100包括虛擬實境設備101、交易設備102以及可信管理平臺103。其中,虛擬實境設備101可以是用於使用戶產生虛擬實境體驗的任何設備,例如包括VR眼鏡等可穿戴式的VR設備。交易設備102可以例如是已有的或待開發的任何智能設備,例如手機、計算機、膝上型筆記本、個人數字助理(PDA)等用戶可以用來進行在線支付的任何設備。可信管理平臺103可以是在交易各方之外獨立的可信管理機構的處理平臺,其可以與交易各方進行通信。   如圖1所示,虛擬實境設備101、交易設備102以及可信管理平臺103三者之間可以相互通信,這可以通過任何已知或待開發的有線或無線通信方式來實現。在一些示例中,交易設備與虛擬實境設備之間可以通過藍牙、WiFi等無線連接方式進行數據交互。   在圖1的示例中,虛擬實境設備101、交易設備102以及可信管理平臺103三者之間主要通過兩個過程來實現在虛擬實境環境下的交易,在圖1中以標號“1”和“2”來標注過程1和過程2,其中過程1可以被稱為是註冊過程,而過程2可以被稱為交易過程。下面將結合附圖1-4來具體描述系統中各方的操作以及註冊過程(過程1)和交易過程(過程2)的具體內涵。但是,本領域技術人員將理解本發明並不限於這樣的過程劃分,並且在不背離本發明的情況下,這些過程中的各個步驟及先後順序均可根據需要進行調整。   圖2是根據本發明一個示例的用於虛擬實境環境的交易方法的示意流程圖。圖2所示的方法可以在諸如VR眼鏡的虛擬實境設備中實施,並且圖2所示的方法是圖1所示的交易過程(過程2)的部分。   如圖2所示,虛擬實境設備101首先在步驟21中基於接收到用戶身份標識信息而產生交易請求。在優選的示例中,所採用的用戶身份標識信息是用戶的生物特徵信息,諸如虹膜、指紋。相應地,諸如VR眼鏡的虛擬實境設備101可以被配置有生物信息採集裝置。本領域技術人員能夠理解,用戶身份標識信息還可以是其他已有的或待開發的能夠唯一地標識用戶身份的信息。   在實踐中,用戶可以例如正佩戴諸如VR眼鏡的虛擬實境設備在進行沉浸式購物。當選中想要購買的商品之後,用戶可以根據具體的虛擬實境環境中的指示在VR設備上輸入其身份標識信息,例如提供指紋或虹膜信息等。一般地,當收到來自用戶的身份標識信息的輸入之後,虛擬實境設備101將生成交易請求,這可以例如通過與虛擬實境設備集成的處理裝置來操作,或者通過虛擬實境環境中的其他處理設備來進行。在一些示例中,該交易請求可以包括諸如交易金額以及交易對象的信息,使得交易請求的接收方能夠例如識別需要支付多少金額以及向誰支付。   進一步地,在步驟23中,虛擬實境設備101將所採集的用戶身份標識信息傳送至可信管理平臺。在一些示例中,向可信管理平臺傳送經加密的用戶身份標識信息,以提高安全性。   將在下文中結合圖4來描述可信管理平臺方的操作。就虛擬實境設備101而言,其將在步驟25中從可信管理平臺收到與用戶身份標識信息關聯的經加密的設備標識。在一些示例中,用戶可能事先將該用戶身份標識信息與多個設備進行關聯,並且可信管理平臺預先存儲有或者可獲取與用戶身份標識信息相關聯的所有設備的設備標識。在這種情況下,虛擬實境設備101將例如以列表的形式收到與用戶身份標識信息關聯的所有交易設備的、經加密的設備標識。   一般地,設備標識是已有的或待開發的能夠唯一地標識用戶的交易設備的信息,例如蜂窩電話的國際移動設備標識IMEI、智能設備的出廠序列號等。虛擬實境設備101將基於來自可信管理平臺的加密設備標識從交易設備尋求對虛擬實境環境中的交易的授權。在一些示例中,設備標識是基於所述交易設備的設備硬件參數以及設備使用情況數據生成的對交易設備的唯一標識。將在下文中結合可信管理平臺來對這類設備標識進行詳細描述。   最後,在步驟27中,虛擬實境設備101將把所有收到的經加密的設備標識連同所生成的交易請求一起發送給用戶的交易設備。至此,在虛擬實境設備101處與交易過程相關的主要操作得以完成。下面將結合圖3和圖4來介紹其餘部分的交易過程。   圖3是根據本發明另一示例的用於虛擬實境環境的交易方法的示意流程圖。圖3所示的方法可以在諸如手機的交易設備中實施,並且圖3所示的方法包括了圖1所示的註冊過程(過程1)的部分以及交易過程(過程2)的部分。結合圖1的示例,可以認為圖3中的步驟31-33屬於註冊過程,而步驟35-39屬於交易過程,然而這不是必須的。本領域技術人員可以在不背離本發明的情況下進行任何調整。   如圖3所示,交易設備102首先在步驟31中將用戶身份標識信息與交易設備的設備標識信息一起發送至可信管理平臺。在一些示例中,這可能發生在虛擬實境環境中的交易之前並且相隔一段時間。如上所述,用戶身份標識信息可以是用戶的生物特徵信息,例如指紋、虹膜等信息。相應地,交易設備將被配置有用於採集用戶的生物特徵信息的裝置。本領域技術人員能夠理解,用戶身份標識信息還可以是其他已有的或待開發的能夠唯一地標識用戶身份的信息。   設備標識可以是已有的或待開發的能夠唯一地標識用戶的交易設備的信息,例如蜂窩電話的國際移動設備標識IMEI、智能設備的出廠序列號等。在一些示例中,設備標識是基於所述交易設備的設備硬件參數以及設備使用情況數據生成的對交易設備的唯一標識,這樣的標識可以被稱為設備指紋。可以在可信管理平臺上來生成設備指紋。在這種情況下,交易設備可以向可信管理平臺發送包括交易設備的設備硬件參數以及設備使用情況數據在內的設備標識信息。然而,本領域技術人員能夠理解諸如設備指紋的設備標識也可以在交易設備內或者其他第三方機構來生成。可信管理平臺也可以從其他渠道採集關於交易設備的信息來更準確或可靠地生成設備指紋類的設備標識。   在一些示例中,為生成設備指紋類的設備標識,設備使用情況數據可以是與用戶應用設備的方式相關的信息。在一些示例中,設備使用情況數據包括設備的網絡信息、地理位置信息以及用戶偏好行為信息中的一個或多個。舉例來說,設備的網絡信息可以包括設備的網絡連接信息、TCP包屬性、連接的路由器屬性、HTTP協議屬性、WiFi列表中的一個或多個。設備的地理位置信息可以例如是基站定位地點、GPS定位地點、與時間相關聯的軌跡及常用地中的一個或多個。設備的用戶偏好行為信息可以例如是操作系統類型、版本號、偏好設置、應用安裝偏好設置、鬧鐘時間、開關機時間、應用使用頻率及時間、屏幕操作時的接觸面積、滑動方向、鍵盤輸入的時間間隔、按壓力度、陀螺儀信息、加速度計信息中的一個或多個。   在一些示例中,可以通過在設備處從用戶獲取採集設備信息的授權並依據該授權從用戶的設備採集包括設備硬件參數和設備使用情況數據在內的設備信息。由於加入了設備使用情況數據,依此構建的設備標識具有實時性和動態性,能夠更可靠地對各個設備進行標識,消除了例如在設備被盜、遭到惡意篡改等情況下重要信息洩露、惡性邦卡、帳戶盜刷等的風險。   進一步地,交易設備102將在步驟33中從可信管理平臺103接收對應於設備標識或者說對應於所發送的設備標識信息的證書。一般來說,該證書可以被理解為是由交易設備在後續的交易中用於驗證來自虛擬實境設備的交易請求的工具,並且保存有該證書的交易設備將在虛擬實境環境交易中被認為是可信設備,其有權對來自VR設備的交易請求進行認證。在一些示例中,可以在交易設備上採用可信執行環境TEE系統或者可信執行環境TEE可信存儲的方式進行證書的保存,以保證證書的安全性。   在步驟33完成之後,交易設備向可信管理平臺的註冊過程結束。根據本發明的一些示例,下面的步驟35-39將在交易過程中執行。   在步驟35中,交易設備102在連同交易請求一起從虛擬實境設備101收到經加密的設備標識時將利用來自可信管理平臺的、先前保存的證書對經加密的設備標識進行解密。在一些示例中,該加密解密過程可以基於公共密鑰基礎架構PKI協議。   在步驟37中,將解密得到的設備標識信息與本地採集的設備標識信息進行比對。如在上文中所提及的,設備標識信息可以是單一的設備標識本身,諸如蜂窩電話的國際移動設備標識IMEI、智能設備的出廠序列號等。在另外一些示例中,設備標識信息還可以是用於生成設備標識的信息,例如交易設備的設備硬件參數以及設備使用情況數據。在這種情況下,交易設備可以在解密之後,進一步從設備標識中提取相應的設備硬件參數和設備使用情況信息。同時在本地對這些信息進行採集,最後將來自解密得到的設備標識的信息與本地採集的信息進行比對。   在一些示例中,可以根據設備指紋型設備標識中包含的所有參數進行逐項對比。這種逐項對比可以被認為是一種靜態匹配。其中,參數可以包括設備硬件參數以及諸如網絡信息、地理位置信息以及用戶偏好行為信息的設備使用情況參數。在按各個參數進行精確匹配的過程中,可以為每個參數賦予匹配權重。如在上文中所提及的,設備指紋是一種具有動態性的設備標識,其中與設備使用情況相關的參數會隨著用戶狀態的改變而發生變化。可信管理平臺先前獲得的設備標識中所包含的信息與當前採集的設備信息之間在時效性上存在一定的差異,因此不一定需要每個參數都完全一致,而是可以通過權重來加以區別。進一步地,可以將當前設備指紋與列表中的每一項的各個參數的對比結果按預先分配的匹配權重進行加權平均。最後,根據加權平均的結果來判斷當前設備指紋是否與設備指紋列表中的項匹配。在一些示例中,例如可以將加權平均的結果與預先確定的閾值進行比較:如高於閾值則認為是匹配,否則認為是不匹配。   在步驟39中,在解密得到的設備標識信息與本地採集的設備標識信息匹配的情況下,交易設備102將響應來自虛擬實境設備101的交易請求而使用與該交易設備關聯的帳戶進行交易。也就是說,交易設備102將虛擬實境環境中的交易確認為是可信的,並執行相應的交易,例如按照交易請求中包含的金額進行支付等。   圖4是根據本發明還另一示例的用於虛擬實境環境的交易方法的的示意流程圖。圖4所示的方法可以在獨立的可信管理平臺103上操作,並且圖4所示的方法包括了圖1所示的註冊過程(過程1)的部分以及交易過程(過程2)的部分。結合圖1的示例,可以認為圖4中的步驟41-45屬於註冊過程,而步驟47屬於交易過程,然而這不是必須的。本領域技術人員可以在不背離本發明的情況下進行任何調整。   如圖4所示,可信管理平臺在步驟41中從用戶的交易設備接收用戶身份標識信息和設備標識信息。換句話說,用戶可以通過向可信管理平臺發送這些信息來向可信管理平臺進行註冊,以便於後續在虛擬實境環境中進行交易。如上所述,用戶身份標識信息可以是用戶的生物特徵信息,例如指紋、虹膜等信息。設備標識信息可以是已有的或待開發的能夠唯一地標識用戶的交易設備的設備標識,例如蜂窩電話的國際移動設備標識IMEI、智能設備的出廠序列號,或者是用於生成設備標識的信息等。在一些示例中,可信管理平臺從交易設備接收的設備標識信息包括交易設備的設備硬件參數以及設備使用情況數據。在這種情況下,可信管理平臺可以被配置為依據這些信息為交易設備生成設備標識,這樣的標識可以被稱為設備指紋。在另外的示例中,可信管理平臺也可以從其他渠道採集關於交易設備的信息來更准地生成設備指紋類的設備標識。   在步驟43中,可信管理平臺基於設備標識生成證書,該證書可以被理解為是由交易設備在後續的交易中用於驗證來自虛擬實境設備的交易請求的工具。在一些示例中,該證書可以是用於解密的密鑰,其與可信管理平臺用於對設備標識進行加密的算法相對應。   在步驟45中,可信管理平臺將所生成的證書發送給來要求註冊的交易設備。如在上文中所描述的那樣,交易設備將在本地存儲這個證書以便隨後對來自虛擬實境設備的交易請求進行驗證。   在步驟45完成之後,可信管理平臺與交易設備之間的註冊過程結束。值得注意的是,在發生交易的過程中,可信管理平臺與交易設備之間可以不再需要有任何其他信息交換。可信管理平臺將依據步驟47來參與交易過程。具體地,在從虛擬實境設備收到用戶身份標識信息之後,可信管理平臺將向虛擬實境設備發送與用戶身份標識信息關聯的經加密的設備標識。如上所述,該經加密的設備標識可以由虛擬實境設備作為向交易設備要求授權的依據。   在實踐中,可信管理平臺可以從用戶處收到多個註冊請求,即用戶可能希望向可信管理平臺註冊多個設備以用於後續的交易。可信管理平臺可以依據所收到的用戶標識信息來關聯地存儲同一用戶標識信息下的所有設備標識。在一些示例中,可信管理平臺可以首先利用來自用戶設備的設備標識信息生成設備指紋類設備標識,並且以用戶標識信息為索引將這些設備標識或者這些設備標識的加密形式關聯地存儲在第三方的用戶特徵-設備指紋庫中。在收到來自虛擬實境設備的包含用戶標識信息的設備標識請求之後,可信管理平臺可以將於該用戶標識信息關聯的所有經加密的設備標識傳送給虛擬實境設備,並由虛擬實境設備將這些內容全部轉交至交易設備以供驗證。   此外,在使用設備指紋型設備標識的情況下,可信管理平臺還可以對所存儲的設備指紋進行更新和維護。如在上文中所提及的,設備指紋是一種具有動態性的設備標識,尤其是其中與設備使用情況相關的參數可能不斷發生變化。因此,交易設備可以被配置為例如週期性地像可信管理平臺傳送更新的設備使用情況數據。可信管理平臺可以利用最新的設備使用情況數據來更新所存儲的設備指紋,或者例如通過機器學習的方法來分析前期採集的硬件信息和設備使用情況數據,由此預測持續的設備指紋變化,並將該預測結果作為更新的設備指紋存儲在設備指紋庫中,用於後續利用設備標識所進行的驗證過程。通過對用戶特徵-設備指紋庫的動態維護,可以在保證安全性的同時,大大改善用戶體驗,為整個業務處理過程增加便利性。   本發明所提供的虛擬實境環境下的交易方案基於用戶標識和設備標識相結合的方式,尤其是利用手機等用戶交易設備的設備指紋類設備標識和用戶的生物特徵的唯一性及安全性的特點,對用戶身份、VR設備和交易設備同時進行認證,並且由交易設備作為可信方對VR設備進行授權,由此用戶可直接在VR設備使用過程中進行支付,一方面不需要脫離虛擬實境環境,另一方面不需要在VR設備內進行帳戶/密碼的輸入驗證過程,充分保證了在虛擬實境環境下的交易的安全性和便利性。此外,本發明所提供的交易方案還可以免除通過手勢或者體態等複雜動作進行帳戶登錄的操作,大大保證了用戶體驗。此外,利用諸如設備指紋和生物特徵的雙重保障措施,消除了偽造用戶信息登錄或交易設備失竊帶來的風險。交易設備與虛擬實境設備之間的衝擊-響應式證書認證方式保證了傳輸過程的安全性和交易許可授權的可靠性,並且有效防止了信息洩露。即使VR設備被非法盜取,其也無法被用於任何交易,因為其不存儲或持有任何用戶的帳戶信息,並且交易觸發也需要用戶的身份特徵信息,無論從哪個角度來看,本方案的安全性都得到了保證。   圖5是根據本發明一個示例的虛擬實境設備的示意框圖。如圖5所示,虛擬實境設備500包信息採集模塊51、請求生成模塊53、信息傳輸模塊55以及信息接收模塊57。具體地,信息採集模塊51被用於接收用戶身份標識信息,其可以例如是用於採集用戶的諸如指紋或虹膜的生物信息的硬件接口裝置或傳感裝置。請求生成模塊53被配置為基於接收到用戶身份標識信息而生成交易請求。信息傳輸模塊505被配置用於將用戶身份標識信息傳送至可信管理平臺。信息接收模塊507被配置用於從可信管理平臺接收與用戶身份標識信息關聯的經加密的設備標識。另外,信息傳輸模塊55還被配置用於連同經加密的設備標識一起向用戶的交易設備發送交易請求以利用與該交易設備關聯的帳戶進行交易。   在本說明書中省去了對一般的虛擬實境設備的其他構造的描述,以避免不必要的冗餘。但本領域技術人員能夠理解圖5所示的結構能夠被集成在任何已有或待開發的虛擬實境設備中。圖5所示的虛擬實境設備能夠被配置為實現上文所描述的任何與本發明所提供的、在虛擬實境設備處實現的相關操作。本領域技術人員能夠理解,圖5所示的模塊劃分僅是示意性的,這些模塊能夠按照具體實現來集成或進一步劃分,並且以任何軟件或硬件的形式來實現。   圖6是根據本發明一個示例的交易設備的示意框圖。如圖6所示,交易設備600包括數據發送模塊61、數據接收模塊63、解密模塊65、比對模塊67以及交易模塊69。具體地,數據發送模塊61用於將用戶身份標識信息與用戶的交易設備的設備標識信息一起發送至可信管理平臺。數據接收模塊63被配置用於從可信管理平臺接收對應於設備標識的證書以及從虛擬實境設備接收交易請求和經加密的設備標識。解密模塊65被配置用於在連同交易請求一起從虛擬實境設備收到經加密的設備標識時利用該證書對經加密的設備標識進行解密。比對模塊67被配置用於將解密得到的設備標識信息與本地採集的設備標識信息進行比對。交易模塊69被用於在解密得到的設備標識信息與本地採集的設備標識信息匹配的情況下響應交易請求而使用與該交易設備關聯的帳戶進行交易。   在本說明書中省去了對一般的交易設備的其他構造的描述,以避免不必要的冗餘。但本領域技術人員能夠理解圖6所示的結構能夠被集成在任何已有或待開發的交易設備中。圖6所示的交易設備能夠被配置為實現上文所描述的任何與本發明所提供的、在交易設備處實現的相關操作。本領域技術人員能夠理解,圖6所示的模塊劃分僅是示意性的,這些模塊能夠按照具體實現來集成或進一步劃分,並且以任何軟件或硬件的形式來實現。   圖7是根據本發明一示例的可信管理平臺的示意框圖。如圖7所示,可信管理平臺700包括數據接收模塊71、證書生成模塊73以及數據發送模塊75。具體地,數據接收模塊71被配置用於從用戶的交易設備接收用戶身份標識信息和設備標識信息以及從虛擬實境設備接收所述用戶身份標識信息。證書生成模塊73被配置用於生成對應於設備標識信息的證書。數據發送模塊75被配置用於將所述證書發送給交易設備以及在從虛擬實境設備收到用戶身份標識信息之後向虛擬實境設備發送與用戶身份標識信息關聯的經加密的設備標識。如在上文中所描述的那樣,證書可以被用於在交易設備連同交易請求一起從虛擬實境設備接收經加密的設備標識時對經加密的設備標識進行解密以判斷是否響應交易請求而使用與該交易設備關聯的帳戶進行交易。   在本說明書中省去了對一般的可信管理平臺的其他構造的描述,以避免不必要的冗餘。但本領域技術人員能夠理解圖7所示的結構能夠被集成在任何已有或待開發的可信管理平臺中。圖7所示的可信管理平臺能夠被配置為實現上文所描述的任何與本發明所提供的、在可信管理平臺處實現的相關操作。本領域技術人員能夠理解,圖7所示的模塊劃分僅是示意性的,這些模塊能夠按照具體實現來集成或進一步劃分,並且以任何軟件或硬件的形式來實現。   應當說明的是,以上具體實施方式僅用以說明本發明的技術方案而非對其進行限制。儘管參照上述具體實施方式對本發明進行了詳細的說明,本領域的普通技術人員應當理解,依然可以對本發明的具體實施方式進行修改或對部分技術特徵進行等同替換而不脫離本發明的實質,其均涵蓋在本發明請求保護的範圍中。A schematic example of the present invention will now be described with reference to the drawings, in which like reference numerals refer to like elements. The examples described below help those skilled in the art to thoroughly understand the present invention, and the examples are intended to be illustrative rather than limiting. The illustration of each element, component, module, device and equipment body in the figure only indicates schematically the existence of these elements, components, modules, devices and equipment body and also indicates the relative relationship between them, but it is not intended to limit their specific The relationship between the steps in the flowchart is not limited to the order given. It can be adjusted according to the actual application without departing from the scope of protection of this application. Figure 1 is a schematic diagram of a transaction system for a virtual reality environment according to an example of the present invention. As shown in FIG. 1, the system 100 includes a virtual reality device 101, a transaction device 102, and a trusted management platform 103. The virtual reality device 101 may be any device used to enable a user to generate a virtual reality experience, such as a wearable VR device including VR glasses. The transaction device 102 may be, for example, any smart device existing or to be developed, such as any device that a user such as a mobile phone, computer, laptop, personal digital assistant (PDA) can use to make online payments. The trusted management platform 103 may be a processing platform of an independent trusted management agency other than the parties to the transaction, which may communicate with the parties to the transaction. As shown in Figure 1, the virtual reality device 101, the transaction device 102, and the trusted management platform 103 can communicate with each other. This can be achieved by any known or to be developed wired or wireless communication method. In some examples, data can be exchanged between the transaction device and the virtual reality device through wireless connection methods such as Bluetooth and WiFi. In the example of FIG. 1, the virtual reality device 101, the transaction device 102, and the trusted management platform 103 mainly implement transactions in the virtual reality environment through two processes. In FIG. 1, the reference numeral "1 "And" 2 "to label process 1 and process 2, where process 1 can be referred to as the registration process and process 2 can be referred to as the transaction process. The operations of the parties in the system and the specific connotation of the registration process (process 1) and transaction process (process 2) will be described in detail below with reference to FIGS. 1-4. However, those skilled in the art will understand that the present invention is not limited to such a process division, and that each step and sequence of these processes can be adjusted as needed without departing from the present invention. FIG. 2 is a schematic flowchart of a transaction method for a virtual reality environment according to an example of the present invention. The method shown in FIG. 2 may be implemented in a virtual reality device such as VR glasses, and the method shown in FIG. 2 is part of the transaction process (process 2) shown in FIG. 1. (2) As shown in FIG. 2, the virtual reality device 101 first generates a transaction request based on the received user identification information in step 21. In a preferred example, the user identification information used is biometric information of the user, such as iris and fingerprint. Accordingly, the virtual reality device 101 such as VR glasses may be configured with a biological information acquisition device. Those skilled in the art can understand that the user identification information may also be other existing or to-be-developed information that can uniquely identify the user.实践 In practice, a user may, for example, be wearing an immersive device such as VR glasses for immersive shopping. After selecting the product that they want to purchase, the user can enter their identity information on the VR device according to the instructions in the specific virtual reality environment, such as providing fingerprint or iris information. Generally, after receiving the input of the identification information from the user, the virtual reality device 101 will generate a transaction request, which can be operated, for example, by a processing device integrated with the virtual reality device, or through a virtual reality environment. Other processing equipment. In some examples, the transaction request may include information such as the transaction amount and the transaction object, so that the recipient of the transaction request can, for example, identify how much amount to pay and to whom. Further, in step 23, the virtual reality device 101 transmits the collected user identification information to the trusted management platform. In some examples, encrypted user identification information is transmitted to a trusted management platform to improve security. The operation of the trusted management platform side will be described below with reference to FIG. 4. As far as the virtual reality device 101 is concerned, it will receive the encrypted device identification associated with the user identification information from the trusted management platform in step 25. In some examples, the user may associate the user identification information with multiple devices in advance, and the trusted management platform stores or can obtain device identifications of all devices associated with the user identification information in advance. In this case, the virtual reality device 101 will receive the encrypted device identifications of all the transaction devices associated with the user identification information, for example, in the form of a list. Generally, the device identification is existing or to-be-developed information that can uniquely identify the user's transaction device, such as the international mobile device identification IMEI of a cellular phone, the factory serial number of a smart device, and the like. The virtual reality device 101 will seek authorization for transactions in the virtual reality environment from the transaction device based on the encrypted device identification from the trusted management platform. In some examples, the device identification is a unique identification of the transaction device that is generated based on device hardware parameters of the transaction device and device usage data. This type of device identification will be described in detail below in conjunction with a trusted management platform. Finally, in step 27, the virtual reality device 101 will send all received encrypted device identifications to the user's transaction device along with the generated transaction request. So far, the main operations related to the transaction process at the virtual reality device 101 have been completed. The rest of the transaction process will be described below with reference to FIGS. 3 and 4. FIG. 3 is a schematic flowchart of a transaction method for a virtual reality environment according to another example of the present invention. The method shown in FIG. 3 can be implemented in a transaction device such as a mobile phone, and the method shown in FIG. 3 includes a part of the registration process (process 1) and a part of the transaction process (process 2) shown in FIG. 1. With reference to the example of FIG. 1, it can be considered that steps 31-33 in FIG. 3 belong to the registration process and steps 35-39 belong to the transaction process, but this is not necessary. Those skilled in the art can make any adjustments without departing from the invention. As shown in FIG. 3, the transaction device 102 first sends user identification information and device identification information of the transaction device to the trusted management platform in step 31. In some examples, this may occur before and after a transaction in a virtual reality environment. As described above, the user identification information may be biometric information of the user, such as information such as a fingerprint and an iris. Accordingly, the transaction device will be configured with means for collecting biometric information of the user. Those skilled in the art can understand that the user identification information may also be other existing or to-be-developed information that can uniquely identify the user. The device identification can be existing or to-be-developed information that can uniquely identify the transaction device of the user, such as the international mobile device identification IMEI of the cell phone, the factory serial number of the smart device, etc. In some examples, the device identification is a unique identification of the transaction device that is generated based on the device hardware parameters of the transaction device and device usage data, and such identification may be referred to as a device fingerprint. Device fingerprints can be generated on a trusted management platform. In this case, the transaction device may send device identification information including the device hardware parameters of the transaction device and the device usage data to the trusted management platform. However, those skilled in the art can understand that device identifications such as device fingerprints can also be generated within the transaction device or other third party agencies. The trusted management platform can also collect information about transaction devices from other channels to more accurately or reliably generate device identifications such as device fingerprints.一些 In some examples, in order to generate a device identification like a device fingerprint, the device usage data may be information related to how the user applies the device. In some examples, the device usage data includes one or more of the device's network information, geographic location information, and user preference behavior information. For example, the network information of the device may include one or more of the device's network connection information, TCP packet attributes, connected router attributes, HTTP protocol attributes, and WiFi list. The geographic location information of the device may be, for example, one or more of a base station location, a GPS location, a track associated with time, and commonly used locations. The device's user preference behavior information can be, for example, the type of operating system, version number, preferences, application installation preferences, alarm time, power on / off time, application usage frequency and time, contact area during screen operation, sliding direction, keyboard input One or more of time interval, pressing force, gyroscope information, and accelerometer information. In some examples, device information including device hardware parameters and device usage data can be collected from the user's device by obtaining authorization to collect device information from the user at the device. Because the device usage data is added, the device identification constructed based on this is real-time and dynamic, which can identify each device more reliably, eliminating important information leakage such as device theft, malicious tampering, etc. Risks of vicious state cards, stolen accounts, etc. Further, the transaction device 102 will receive a certificate corresponding to the device identification or the device identification information sent from the trusted management platform 103 in step 33. Generally speaking, the certificate can be understood as a tool used by the transaction device to verify the transaction request from the virtual reality device in subsequent transactions, and the transaction device holding the certificate will be used in the virtual environment transaction. Considered a trusted device, it has the right to authenticate transaction requests from VR devices. In some examples, the certificate may be stored on the transaction device in a trusted execution environment TEE system or a trusted execution environment TEE trusted storage to ensure the security of the certificate.完成 After step 33 is completed, the registration process of the transaction device to the trusted management platform ends. According to some examples of the invention, the following steps 35-39 will be performed during the transaction. In step 35, upon receiving the encrypted device identification from the virtual reality device 101 along with the transaction request, the transaction device 102 will use the previously saved certificate from the trusted management platform to decrypt the encrypted device identification. In some examples, the encryption and decryption process may be based on a public key infrastructure PKI protocol. In step 37, the decrypted device identification information is compared with the locally collected device identification information. As mentioned above, the device identification information may be a single device identification itself, such as the international mobile device identification IMEI of the cellular phone, the factory serial number of the smart device, and the like. In other examples, the device identification information may also be information used to generate the device identification, such as device hardware parameters and device usage data of the transaction device. In this case, after decryption, the transaction device can further extract the corresponding device hardware parameters and device usage information from the device identification. At the same time, this information is collected locally, and finally the information from the decrypted device identification is compared with the locally collected information. In some examples, you can make item-by-item comparisons based on all the parameters contained in the device fingerprint-type device identification. This item-by-item comparison can be considered a static match. The parameters may include device hardware parameters and device usage parameters such as network information, geographic location information, and user preference behavior information. In the process of exact matching according to each parameter, a matching weight can be given to each parameter. As mentioned above, the device fingerprint is a kind of dynamic device identification, in which parameters related to the use of the device will change as the state of the user changes. There is a certain difference in timeliness between the information contained in the device identification previously obtained by the trusted management platform and the currently collected device information, so it is not necessary that each parameter is completely consistent, but it can be distinguished by weight. . Further, the comparison result of the current device fingerprint and each parameter of each item in the list may be weighted and averaged according to a pre-assigned matching weight. Finally, it is determined whether the current device fingerprint matches an item in the device fingerprint list according to the result of the weighted average. In some examples, for example, the result of the weighted average may be compared with a predetermined threshold: if it is higher than the threshold, it is considered to be a match, otherwise it is considered to be a mismatch. In step 39, if the decrypted device identification information matches the locally collected device identification information, the transaction device 102 will use the account associated with the transaction device to perform a transaction in response to the transaction request from the virtual reality device 101. That is, the transaction device 102 confirms the transaction in the virtual reality environment as credible, and executes the corresponding transaction, such as making a payment according to the amount included in the transaction request. FIG. 4 is a schematic flowchart of a transaction method for a virtual reality environment according to still another example of the present invention. The method shown in FIG. 4 can be operated on an independent trusted management platform 103, and the method shown in FIG. 4 includes a part of the registration process (process 1) and a part of the transaction process (process 2) shown in FIG. With reference to the example of FIG. 1, it can be considered that steps 41 to 45 in FIG. 4 belong to a registration process and step 47 belongs to a transaction process, but this is not necessary. Those skilled in the art can make any adjustments without departing from the invention. As shown in FIG. 4, the trusted management platform receives user identification information and device identification information from the user's transaction device in step 41. In other words, the user can register with the trusted management platform by sending these information to the trusted management platform to facilitate subsequent transactions in the virtual reality environment. As described above, the user identification information may be biometric information of the user, such as information such as a fingerprint and an iris. The device identification information can be an existing or to-be-developed device identification that can uniquely identify the user's transaction device, such as the international mobile device identification IMEI of a cell phone, the factory serial number of a smart device, or information used to generate a device identification Wait. In some examples, the device identification information received by the trusted management platform from the transaction device includes device hardware parameters of the transaction device and device usage data. In this case, the trusted management platform may be configured to generate a device identification for the transaction device based on this information, and such identification may be referred to as a device fingerprint. In another example, the trusted management platform may also collect information about the transaction device from other channels to more accurately generate the device identification of the device fingerprint. In step 43, the trusted management platform generates a certificate based on the device identification, and the certificate can be understood as a tool used by the transaction device to verify the transaction request from the virtual reality device in subsequent transactions. In some examples, the certificate may be a key for decryption, which corresponds to an algorithm used by the trusted management platform to encrypt the device identification. In step 45, the trusted management platform sends the generated certificate to the transaction device that requires registration. As described above, the transaction device will store this certificate locally for subsequent verification of the transaction request from the virtual reality device.完成 After step 45 is completed, the registration process between the trusted management platform and the transaction device ends. It is worth noting that in the process of a transaction, there is no need for any other information exchange between the trusted management platform and the transaction device. The trusted management platform will participate in the transaction process according to step 47. Specifically, after receiving the user identification information from the virtual reality device, the trusted management platform will send the encrypted device identification associated with the user identification information to the virtual reality device. As described above, the encrypted device identification may be used by the virtual reality device as a basis for requesting authorization from the transaction device.实践 In practice, the trusted management platform can receive multiple registration requests from the user, that is, the user may wish to register multiple devices with the trusted management platform for subsequent transactions. The trusted management platform may store all the device identifications under the same user identification information in an associated manner according to the received user identification information. In some examples, the trusted management platform may first use the device identification information from the user device to generate a device fingerprint device identification, and use the user identification information as an index to store these device identifications or encrypted forms of these device identifications in association with a third party User characteristics-device fingerprint library. After receiving a device identification request containing user identification information from a virtual reality device, the trusted management platform may transmit all encrypted device identifications associated with the user identification information to the virtual reality device, and the virtual reality device The device forwards all of this to the transaction device for verification. In addition, in the case of using the device fingerprint type device identification, the trusted management platform can also update and maintain the stored device fingerprint. As mentioned above, the device fingerprint is a kind of dynamic device identification, especially in which parameters related to device usage may change constantly. As such, the transaction device may be configured to periodically transmit updated device usage data like a trusted management platform, for example. The trusted management platform can use the latest device usage data to update the stored device fingerprints, or, for example, use machine learning to analyze the hardware information and device usage data collected earlier, thereby predicting continuous device fingerprint changes, and The prediction result is stored in the device fingerprint database as the updated device fingerprint, which is used for subsequent verification processes using the device identification. Through dynamic maintenance of user characteristics-device fingerprint database, while ensuring security, it can greatly improve the user experience and increase convenience for the entire business processing process. The transaction scheme in the virtual reality environment provided by the present invention is based on a combination of a user identification and a device identification, and particularly uses a device fingerprint type device identification of a user transaction device such as a mobile phone and the uniqueness and security of a user's biological characteristics. Features: Authenticate the user's identity, VR device and transaction device at the same time, and authorize the VR device by the transaction device as a trusted party, so the user can pay directly during the use of the VR device, on the one hand, there is no need to leave the virtual reality. On the other hand, there is no need to perform the account / password input verification process in the VR device, which fully guarantees the security and convenience of transactions in the virtual reality environment. In addition, the transaction scheme provided by the present invention can also avoid the operation of account login through gestures or posture and other complex actions, which greatly guarantees the user experience. In addition, the use of dual safeguards such as device fingerprints and biometrics eliminates the risk of forged user information login or theft of transaction equipment. The impact-response certificate authentication method between the transaction device and the virtual reality device guarantees the security of the transmission process and the reliability of the transaction permission authorization, and effectively prevents information leakage. Even if the VR device is stolen illegally, it cannot be used for any transaction, because it does not store or hold any user's account information, and the transaction trigger also requires the user's identity characteristic information. No matter from which perspective, this solution Security is guaranteed. 5 is a schematic block diagram of a virtual reality device according to an example of the present invention. As shown in FIG. 5, the virtual reality device 500 includes an information acquisition module 51, a request generation module 53, an information transmission module 55, and an information receiving module 57. Specifically, the information collection module 51 is used to receive user identification information, which may be, for example, a hardware interface device or a sensing device for collecting biological information such as a fingerprint or an iris of a user. The request generation module 53 is configured to generate a transaction request based on the received user identification information. The information transmission module 505 is configured to transmit user identification information to a trusted management platform. The information receiving module 507 is configured to receive an encrypted device identification associated with the user identification information from the trusted management platform. In addition, the information transmission module 55 is also configured to send a transaction request to the user's transaction device along with the encrypted device identification to conduct transactions using an account associated with the transaction device. In this description, descriptions of other configurations of general virtual reality equipment are omitted to avoid unnecessary redundancy. However, those skilled in the art can understand that the structure shown in FIG. 5 can be integrated into any existing or to-be-developed virtual reality device. The virtual reality device shown in FIG. 5 can be configured to implement any of the operations described above related to the virtual reality device provided by the present invention. Those skilled in the art can understand that the division of the modules shown in FIG. 5 is only schematic, and these modules can be integrated or further divided according to specific implementations, and implemented in any software or hardware form. FIG. 6 is a schematic block diagram of a transaction device according to an example of the present invention. As shown in FIG. 6, the transaction device 600 includes a data sending module 61, a data receiving module 63, a decryption module 65, a comparison module 67, and a transaction module 69. Specifically, the data sending module 61 is configured to send the user identification information to the trusted management platform together with the device identification information of the user's transaction device. The data receiving module 63 is configured to receive a certificate corresponding to a device identification from a trusted management platform and a transaction request and an encrypted device identification from a virtual reality device. The decryption module 65 is configured to use the certificate to decrypt the encrypted device identification when the encrypted device identification is received from the virtual reality device along with the transaction request. The comparison module 67 is configured to compare the decrypted device identification information with the locally collected device identification information. The transaction module 69 is used to respond to a transaction request and use an account associated with the transaction device to perform a transaction when the decrypted device identification information matches the locally collected device identification information.省 In this description, descriptions of other structures of general transaction equipment are omitted to avoid unnecessary redundancy. However, those skilled in the art can understand that the structure shown in FIG. 6 can be integrated into any existing or to-be-developed transaction equipment. The transaction device shown in FIG. 6 can be configured to implement any of the operations described above related to the transaction device provided by the present invention. Those skilled in the art can understand that the division of the modules shown in FIG. 6 is only schematic, and these modules can be integrated or further divided according to specific implementations, and implemented in any software or hardware form. 7 is a schematic block diagram of a trusted management platform according to an example of the present invention. As shown in FIG. 7, the trusted management platform 700 includes a data receiving module 71, a certificate generating module 73, and a data sending module 75. Specifically, the data receiving module 71 is configured to receive user identification information and device identification information from a user's transaction device and receive the user identification information from a virtual reality device. The certificate generation module 73 is configured to generate a certificate corresponding to the device identification information. The data sending module 75 is configured to send the certificate to the transaction device and send the encrypted device identification associated with the user identification information to the virtual reality device after receiving the user identification information from the virtual reality device. As described above, the certificate can be used to decrypt the encrypted device identification when the transaction device receives the encrypted device identification from the virtual reality device together with the transaction request to determine whether to use the and The account associated with the transaction device is used for transactions.省 In this description, the description of other structures of the general trusted management platform is omitted to avoid unnecessary redundancy. However, those skilled in the art can understand that the structure shown in FIG. 7 can be integrated into any existing or to be developed trusted management platform. The trusted management platform shown in FIG. 7 can be configured to implement any of the operations described above related to the trusted management platform provided by the present invention. Those skilled in the art can understand that the division of the modules shown in FIG. 7 is only schematic, and these modules can be integrated or further divided according to specific implementations, and implemented in any software or hardware form. It should be noted that the above specific implementations are only used to illustrate the technical solution of the present invention and not to limit it. Although the present invention has been described in detail with reference to the above specific embodiments, those of ordinary skill in the art should understand that the specific embodiments of the present invention can still be modified or equivalent technical substitutions can be made without departing from the essence of the present invention. All are covered by the scope of the present invention.

100‧‧‧系統100‧‧‧ system

101‧‧‧虛擬實境設備101‧‧‧Virtual Reality Equipment

102‧‧‧交易設備102‧‧‧Transaction Equipment

103‧‧‧可信管理平臺103‧‧‧Trusted Management Platform

21~27‧‧‧步驟21 ~ 27‧‧‧step

31~39‧‧‧步驟31 ~ 39‧‧‧step

41~47‧‧‧步驟41 ~ 47‧‧‧step

500‧‧‧虛擬實境設備500‧‧‧Virtual Reality Equipment

51‧‧‧信息採集模塊51‧‧‧Information Collection Module

53‧‧‧請求生成模塊53‧‧‧Request generation module

55‧‧‧信息傳輸模塊55‧‧‧Information transmission module

57‧‧‧信息接收模塊57‧‧‧Information receiving module

600‧‧‧交易設備600‧‧‧Transaction Equipment

61‧‧‧數據發送模塊61‧‧‧Data sending module

63‧‧‧數據接收模塊63‧‧‧Data receiving module

65‧‧‧解密模塊65‧‧‧Decryption module

67‧‧‧比對模塊67‧‧‧Comparison module

69‧‧‧交易模塊69‧‧‧Transaction module

700‧‧‧可信管理平臺700‧‧‧Trusted Management Platform

71‧‧‧數據接收模塊71‧‧‧data receiving module

73‧‧‧證書生成模塊73‧‧‧Certificate generation module

75‧‧‧數據發送模塊75‧‧‧Data sending module

本發明的前述和其他目標、特徵和優點根據下面對本發明的實施例的更具體的說明將是顯而易見的,這些實施例在附圖中被示意。   圖1是根據本發明一個示例的用於虛擬實境環境的交易系統的示意圖。   圖2是根據本發明一個示例的用於虛擬實境環境的交易方法的示意流程圖。   圖3是根據本發明另一示例的用於虛擬實境環境的交易方法的示意流程圖。   圖4是根據本發明還另一示例的用於虛擬實境環境的交易方法的的示意流程圖。   圖5是根據本發明一個示例的虛擬實境設備的示意框圖。   圖6是根據本發明一個示例的交易設備的示意框圖。   圖7是根據本發明一示例的可信管理平臺的示意框圖。The foregoing and other objects, features, and advantages of the present invention will be apparent from the following more detailed description of embodiments of the present invention, which are illustrated in the accompanying drawings. Figure 1 is a schematic diagram of a transaction system for a virtual reality environment according to an example of the present invention. FIG. 2 is a schematic flowchart of a transaction method for a virtual reality environment according to an example of the present invention. FIG. 3 is a schematic flowchart of a transaction method for a virtual reality environment according to another example of the present invention. FIG. 4 is a schematic flowchart of a transaction method for a virtual reality environment according to still another example of the present invention. 5 is a schematic block diagram of a virtual reality device according to an example of the present invention. FIG. 6 is a schematic block diagram of a transaction device according to an example of the present invention. 7 is a schematic block diagram of a trusted management platform according to an example of the present invention.

Claims (20)

一種用於虛擬實境環境的交易方法,其包括:   基於接收到用戶身份標識信息而產生交易請求;   將該用戶身份標識信息傳送至可信管理平臺;   從該可信管理平臺接收與該用戶身份標識信息關聯的經加密的設備標識;以及   連同該經加密的設備標識一起向用戶的交易設備發送該交易請求以利用與該交易設備關聯的帳戶進行交易。A transaction method for a virtual reality environment includes: generating a transaction request based on receiving user identification information; 传送 transmitting the user identification information to a trusted management platform; receiving from the trusted management platform and the user's identity An encrypted device identification associated with the identification information; and sending the transaction request to a user's transaction device along with the encrypted device identification to conduct transactions using an account associated with the transaction device. 如申請專利範圍第1項所述的交易方法,其中,該用戶身份標識信息是用戶的生物特徵信息。The transaction method according to item 1 of the scope of patent application, wherein the user identification information is biometric information of the user. 如申請專利範圍第1項所述的交易方法,其中,該設備標識基於該交易設備的設備硬件參數以及設備使用情況數據生成。The transaction method according to item 1 of the scope of patent application, wherein the device identification is generated based on device hardware parameters and device usage data of the transaction device. 如申請專利範圍第3項所述的交易方法,其中,該設備使用情況數據包括設備的網絡信息、地理位置信息以及用戶偏好行為信息中的一個或多個。The transaction method according to item 3 of the scope of patent application, wherein the device usage data includes one or more of the device's network information, geographic location information, and user preference behavior information. 如申請專利範圍第1項所述的交易方法,其中,接收與該用戶身份標識信息關聯的經加密的設備標識包括接收與該用戶身份標識信息關聯的所有交易設備的、經加密的設備標識。The transaction method according to item 1 of the scope of patent application, wherein receiving the encrypted device identification associated with the user identification information includes receiving the encrypted device identification of all transaction devices associated with the user identification information. 如申請專利範圍第1項所述的交易方法,其中,該交易請求包括交易金額以及交易對象。The transaction method according to item 1 of the scope of patent application, wherein the transaction request includes a transaction amount and a transaction object. 一種虛擬實境設備,其包括:   信息採集模塊,用於接收用戶身份標識信息;   請求生成模塊,其基於接收到該用戶身份標識信息而生成交易請求;   信息傳輸模塊,用於將該用戶身份標識信息傳送至可信管理平臺;以及   信息接收模塊,用於從該可信管理平臺接收與該用戶身份標識信息關聯的經加密的設備標識;其中   該信息傳輸模塊還被配置用於連同該經加密的設備標識一起向用戶的交易設備發送該交易請求以利用與該交易設備關聯的帳戶進行交易。A virtual reality device includes: an information collection module for receiving user identification information; a request generation module for generating a transaction request based on receiving the user identification information; an information transmission module for the user identification The information is transmitted to a trusted management platform; and an information receiving module for receiving an encrypted device identification associated with the user identity information from the trusted management platform; wherein the information transmission module is further configured to accompany the encrypted Together with the device identification, the transaction request is sent to the user's transaction device to use the account associated with the transaction device for transactions. 一種用於虛擬實境環境的交易方法,其包括:   將用戶身份標識信息與用戶的交易設備的設備標識信息一起發送至可信管理平臺;   從該可信管理平臺接收對應於該設備標識信息的證書;   在連同交易請求一起從虛擬實境設備收到經加密的設備標識時利用該證書對該經加密的設備標識進行解密;   將解密得到的設備標識信息與本地採集的設備標識信息進行比對;以及   在解密得到的設備標識信息與本地採集的設備標識信息匹配的情況下響應該交易請求而使用與該交易設備關聯的帳戶進行交易。A transaction method for a virtual reality environment includes: sending user identification information and device identification information of a user's transaction device to a trusted management platform; 接收 receiving from the trusted management platform corresponding to the device identification information Certificate; 解密 use the certificate to decrypt the encrypted device identification when receiving the encrypted device identification from the virtual reality device together with the transaction request; 比 compare the decrypted device identification information with the locally collected device identification information ; And when the decrypted device identification information matches the locally collected device identification information, in response to the transaction request, use the account associated with the transaction device to perform a transaction. 如申請專利範圍第8項所述的交易方法,其中,該用戶身份標識信息是用戶的生物特徵信息。The transaction method according to item 8 of the scope of patent application, wherein the user identification information is biometric information of the user. 如申請專利範圍第8項所述的交易方法,其中,向該可信管理平臺發送設備標識信息包括發送該交易設備的設備硬件參數以及設備使用情況數據。The transaction method according to item 8 of the scope of patent application, wherein sending the device identification information to the trusted management platform includes sending device hardware parameters and device usage data of the transaction device. 如申請專利範圍第10項所述的交易方法,其中,該設備使用情況數據包括設備的網絡信息、地理位置信息以及用戶偏好行為信息中的一個或多個。The transaction method according to item 10 of the scope of patent application, wherein the device usage data includes one or more of the device's network information, geographic location information, and user preference behavior information. 一種交易設備,其包括:   數據發送模塊,用於將用戶身份標識信息與用戶的交易設備的設備標識信息一起發送至可信管理平臺;   數據接收模塊,用於從該可信管理平臺接收對應於該設備標識的證書以及從虛擬實境設備接收交易請求和經加密的設備標識;   解密模塊,用於在連同交易請求一起從虛擬實境設備收到經加密的設備標識時利用該證書對該經加密的設備標識進行解密;   比對模塊,用於將解密得到的設備標識信息與本地採集的設備標識信息進行比對;以及   交易模塊,用於在解密得到的設備標識信息與本地採集的設備標識信息匹配的情況下響應該交易請求而使用與該交易設備關聯的帳戶進行交易。A transaction device includes: (1) a data transmitting module for transmitting user identification information and device identification information of a user's transaction device to a trusted management platform; and (4) a data receiving module for receiving from the trusted management platform corresponding to The certificate of the device identification and the receipt of the transaction request and the encrypted device identification from the virtual reality device; a decryption module for using the certificate to receive the encrypted device identification from the virtual reality device along with the transaction request; The encrypted device identification is decrypted; a comparison module is used to compare the decrypted device identification information with the locally collected device identification information; and a transaction module is used to decrypt the device identification information obtained with the locally collected device identification In the case of matching information, in response to the transaction request, the transaction is performed using an account associated with the transaction device. 一種用戶虛擬實境環境的交易方法,其包括:   從用戶的交易設備接收用戶身份標識信息和設備標識信息;   生成對應於該設備標識信息的證書;   將該證書發送給該交易設備;以及   在從虛擬實境設備收到該用戶身份標識信息之後向該虛擬實境設備發送與該用戶身份標識信息關聯的經加密的設備標識;   其中,該證書用於在該交易設備連同交易請求一起從該虛擬實境設備接收該經加密的設備標識時對經加密的設備標識進行解密以判斷是否響應該交易請求而使用與該交易設備關聯的帳戶進行交易。A user virtual reality environment transaction method includes: 接收 receiving user identification information and device identification information from a user's transaction device; generating a certificate corresponding to the device identification information; 发送 sending the certificate to the transaction device; and After receiving the user identification information, the virtual reality device sends the encrypted device identification associated with the user identification information to the virtual reality device; wherein the certificate is used for the transaction device together with the transaction request from the virtual device When the real-world device receives the encrypted device identification, it decrypts the encrypted device identification to determine whether to use the account associated with the transaction device for a transaction in response to the transaction request. 如申請專利範圍第13項所述的交易方法,其中,該用戶身份標識信息是用戶的生物特徵信息。The transaction method according to item 13 of the scope of patent application, wherein the user identification information is biometric information of the user. 如申請專利範圍第13項所述的交易方法,其中,該設備標識信息包括該交易設備的設備硬件參數以及設備使用情況數據。The transaction method according to item 13 of the scope of patent application, wherein the device identification information includes device hardware parameters and device usage data of the transaction device. 如申請專利範圍第15項所述的交易方法,其中,該設備使用情況數據包括設備的網絡信息、地理位置信息以及用戶偏好行為信息中的一個或多個。The transaction method according to item 15 of the scope of patent application, wherein the device usage data includes one or more of the device's network information, geographic location information, and user preference behavior information. 如申請專利範圍第15項所述的交易方法,其還包括:基於該設備硬件參數以及設備使用情況數據生成設備標識以及將該設備標識與該用戶身份標識信息關聯地存儲。The transaction method according to item 15 of the scope of patent application, further comprising: generating a device identifier based on the device hardware parameters and device usage data and storing the device identifier in association with the user identification information. 如申請專利範圍第15項所述的交易方法,其中,向該虛擬實境設備發送經加密的設備標識包括向該虛擬實境設備發送與該用戶身份標識信息關聯的所有設備的、經加密的設備標識。The transaction method according to item 15 of the scope of patent application, wherein sending the encrypted device identification to the virtual reality device includes sending the encrypted device identification to the virtual reality device of all devices associated with the user identification information. Equipment Identity. 一種可信管理平臺,其包括:   數據接收模塊,用於從用戶的交易設備接收用戶身份標識信息和設備標識信息以及從虛擬實境設備接收該用戶身份標識信息;   證書生成模塊,用於生成對應於該設備標識信息的證書;   數據發送模塊,用於將該證書發送給該交易設備以及在從虛擬實境設備收到該用戶身份標識信息之後向該虛擬實境設備發送與該用戶身份標識信息關聯的經加密的設備標識;   其中,該證書用於在該交易設備連同交易請求一起從該虛擬實境設備接收該經加密的設備標識時對經加密的設備標識進行解密以判斷是否響應該交易請求而使用與該交易設備關聯的帳戶進行交易。A trusted management platform includes: a data receiving module for receiving user identification information and device identification information from a user's transaction device and receiving the user identification information from a virtual reality device; a certificate generation module for generating a corresponding A certificate for the device identification information; a data sending module for sending the certificate to the transaction device and sending the user identification information to the virtual reality device after receiving the user identification information from the virtual reality device The associated encrypted device identification; wherein the certificate is used to decrypt the encrypted device identification to determine whether to respond to the transaction when the transaction device receives the encrypted device identification from the virtual reality device along with the transaction request When requested, use the account associated with the transaction device to conduct transactions. 一種用於虛擬支付環境的交易系統,其包括:虛擬實境設備、交易設備以及可信管理平臺,其中   該交易設備被配置為將用戶身份標識信息與用戶的交易設備的設備標識信息一起發送至可信管理平臺;   該可信管理平臺被配置為從該交易設備接收用戶身份標識信息和設備標識信息、生成對應於該設備標識信息的證書並且將該證書發送給該交易設備;   該虛擬實境設備被配置為基於接收到用戶身份標識信息而產生交易請求並且將該用戶身份標識信息傳送至可信管理平臺;其中   該可信管理平臺還被配置為在從該虛擬實境設備收到該用戶身份標識信息之後向該虛擬實境設備發送與該用戶身份標識信息關聯的經加密的設備標識;並且其中   該虛擬實境設備還被配置為從該可信管理平臺接收與該用戶身份標識信息關聯的經加密的設備標識並且連同該經加密的設備標識一起向用戶的交易設備發送該交易請求以利用與該交易設備關聯的帳戶進行交易;並且其中   該交易設備還被配置為在連同交易請求一起從虛擬實境設備收到經加密的設備標識時利用從該可信管理平臺接收的該證書對該經加密的設備標識進行解密、將解密得到的設備標識信息與本地採集的設備標識信息進行比對並且在解密得到的設備標識信息與本地採集的設備標識信息匹配的情況下響應該交易請求而使用與該交易設備關聯的帳戶進行交易。A transaction system for a virtual payment environment includes a virtual reality device, a transaction device, and a trusted management platform, wherein the transaction device is configured to send user identification information and device identification information of a user's transaction device to Trusted management platform; The trusted management platform is configured to receive user identification information and device identification information from the transaction device, generate a certificate corresponding to the device identification information, and send the certificate to the transaction device; the virtual reality The device is configured to generate a transaction request based on receiving the user identification information and transmit the user identification information to a trusted management platform; wherein the trusted management platform is further configured to receive the user from the virtual reality device Sending the encrypted device identification associated with the user identification information to the virtual reality device after the identification information; and wherein the virtual reality device is further configured to receive association with the user identification information from the trusted management platform Encrypted device identification and Sending the transaction request to a user's transaction device along with the encrypted device identification to conduct a transaction using an account associated with the transaction device; and wherein the transaction device is further configured to receive the virtual device from the virtual device along with the transaction request The encrypted device identification uses the certificate received from the trusted management platform to decrypt the encrypted device identification, compares the decrypted device identification information with locally collected device identification information, and decrypts the obtained device. When the identification information matches the locally collected device identification information, the account associated with the transaction device is used for the transaction in response to the transaction request.
TW106145264A 2016-12-30 2017-12-22 Transaction method, device and system for virtual reality environment TWI679556B (en)

Applications Claiming Priority (3)

Application Number Priority Date Filing Date Title
CN201611258102.9 2016-12-30
CN201611258102.9A CN106981003B (en) 2016-12-30 2016-12-30 Transaction method, device and system for virtual reality environment
??201611258102.9 2016-12-30

Publications (2)

Publication Number Publication Date
TW201828205A true TW201828205A (en) 2018-08-01
TWI679556B TWI679556B (en) 2019-12-11

Family

ID=59339925

Family Applications (1)

Application Number Title Priority Date Filing Date
TW106145264A TWI679556B (en) 2016-12-30 2017-12-22 Transaction method, device and system for virtual reality environment

Country Status (3)

Country Link
CN (1) CN106981003B (en)
TW (1) TWI679556B (en)
WO (1) WO2018121377A1 (en)

Cited By (1)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
TWI807170B (en) * 2019-05-31 2023-07-01 大陸商中國銀聯股份有限公司 Payment Information Processing Method, Device, Equipment, and Computer-Readable Storage Medium

Families Citing this family (7)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN106981003B (en) * 2016-12-30 2020-08-25 中国银联股份有限公司 Transaction method, device and system for virtual reality environment
CN109985390B (en) * 2017-12-29 2022-10-18 北京新媒传信科技有限公司 Virtual asset management method and system
US11134065B2 (en) * 2018-12-06 2021-09-28 Visa International Service Association Secured extended range application data exchange
CN109743160A (en) * 2018-12-20 2019-05-10 深圳市任子行科技开发有限公司 Prevent the Android device unique identification acquisition methods and device of Hook falsification
CN111210214A (en) * 2020-01-06 2020-05-29 湖南博铭信息科技有限公司 Virtual reality payment system and payment method thereof
CN113052605A (en) * 2021-03-22 2021-06-29 中国工商银行股份有限公司 Transaction authorization method and device and virtual reality equipment
CN114049214A (en) * 2021-11-15 2022-02-15 深圳前海鸿泰源兴科技发展有限公司 Big data information acquisition and processing system and operation method

Family Cites Families (19)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US8028329B2 (en) * 2005-06-13 2011-09-27 Iamsecureonline, Inc. Proxy authentication network
US8934865B2 (en) * 2006-02-02 2015-01-13 Alcatel Lucent Authentication and verification services for third party vendors using mobile devices
US8660911B2 (en) * 2009-09-23 2014-02-25 Boku, Inc. Systems and methods to facilitate online transactions
CN103188668B (en) * 2011-12-27 2017-02-08 方正国际软件(北京)有限公司 Security protection method and security protection system for mobile terminal application
US20150058129A1 (en) * 2013-08-23 2015-02-26 Marshall Feature Recognition Llc System and method for electronic interaction with merchandising venues
US20150095238A1 (en) * 2013-09-30 2015-04-02 Apple Inc. Online payments using a secure element of an electronic device
CN104574080A (en) * 2013-10-25 2015-04-29 腾讯科技(深圳)有限公司 Safe payment method as well as related equipment and system
CN104601327B (en) * 2013-12-30 2019-01-29 腾讯科技(深圳)有限公司 A kind of safe verification method, relevant device and system
CN104867011A (en) * 2014-02-21 2015-08-26 中国电信股份有限公司 Method and device for carrying out safety control on mobile payment
CN105205681A (en) * 2014-06-10 2015-12-30 高芳 Electronic business management system based on VR
CN106161359B (en) * 2015-04-02 2019-09-17 阿里巴巴集团控股有限公司 It authenticates the method and device of user, register the method and device of wearable device
US20160358181A1 (en) * 2015-05-14 2016-12-08 Magic Leap, Inc. Augmented reality systems and methods for tracking biometric data
US10825049B2 (en) * 2015-06-09 2020-11-03 Visa International Service Association Virtual reality and augmented reality systems and methods to generate mobile alerts
TWM509943U (en) * 2015-07-15 2015-10-01 Univ Hwa Hsia Technology Portable device payment system
CN105550877A (en) * 2015-12-21 2016-05-04 北京智付融汇科技有限公司 Payment method and apparatus
CN105867637A (en) * 2016-04-29 2016-08-17 乐视控股(北京)有限公司 Authentication method, device and system based on virtual reality equipment
CN106131057B (en) * 2016-08-19 2018-11-06 腾讯科技(深圳)有限公司 Certification based on virtual reality scenario and device
CN106251153A (en) * 2016-09-21 2016-12-21 上海星寰投资有限公司 A kind of method of payment and system
CN106981003B (en) * 2016-12-30 2020-08-25 中国银联股份有限公司 Transaction method, device and system for virtual reality environment

Cited By (2)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
TWI807170B (en) * 2019-05-31 2023-07-01 大陸商中國銀聯股份有限公司 Payment Information Processing Method, Device, Equipment, and Computer-Readable Storage Medium
US11797996B2 (en) 2019-05-31 2023-10-24 China Unionpay Co., Ltd. Payment information processing method, apparatus, device and computer readable storage medium

Also Published As

Publication number Publication date
TWI679556B (en) 2019-12-11
WO2018121377A1 (en) 2018-07-05
CN106981003B (en) 2020-08-25
CN106981003A (en) 2017-07-25

Similar Documents

Publication Publication Date Title
TWI679556B (en) Transaction method, device and system for virtual reality environment
JP7204705B2 (en) Validation of online access to secure device functions
US11086980B2 (en) Enhanced authentication based on secondary device interactions
JP2019507936A (en) Execution of transactions using electronic devices with non-native credentials
CN107070863A (en) Local device certification
CN110073387A (en) Confirm being associated between communication equipment and user
CN104715187A (en) Method and apparatus used for authenticating nodes of electronic communication system
CN110662222B (en) System and method for peer-to-peer wireless communication
KR101702748B1 (en) Method, system and recording medium for user authentication using double encryption
CN105684483A (en) Registry apparatus, agent device, application providing apparatus and corresponding methods
JP2022512202A (en) Trust token for resource access
KR20210046357A (en) Method and apparatus for key storing and recovery for blockchain based system
CN112136103B (en) Methods, systems, and computer program products for authenticating devices
CN104835038A (en) Networking payment device and networking payment method
CN108540498B (en) Method and system for issuing security policy version in financial payment
CN114629656B (en) Distributed biological feature safety recognition system, face recognition method, medium and equipment