TWI720287B - Transaction payment method and system - Google Patents

Transaction payment method and system Download PDF

Info

Publication number
TWI720287B
TWI720287B TW107104945A TW107104945A TWI720287B TW I720287 B TWI720287 B TW I720287B TW 107104945 A TW107104945 A TW 107104945A TW 107104945 A TW107104945 A TW 107104945A TW I720287 B TWI720287 B TW I720287B
Authority
TW
Taiwan
Prior art keywords
code
smart terminal
transaction
terminal
user
Prior art date
Application number
TW107104945A
Other languages
Chinese (zh)
Other versions
TW201832153A (en
Inventor
孫權
Original Assignee
大陸商中國銀聯股份有限公司
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by 大陸商中國銀聯股份有限公司 filed Critical 大陸商中國銀聯股份有限公司
Publication of TW201832153A publication Critical patent/TW201832153A/en
Application granted granted Critical
Publication of TWI720287B publication Critical patent/TWI720287B/en

Links

Images

Classifications

    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06QINFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES, NOT OTHERWISE PROVIDED FOR
    • G06Q20/00Payment architectures, schemes or protocols
    • G06Q20/30Payment architectures, schemes or protocols characterised by the use of specific devices or networks
    • G06Q20/32Payment architectures, schemes or protocols characterised by the use of specific devices or networks using wireless devices
    • G06Q20/327Short range or proximity payments by means of M-devices
    • G06Q20/3274Short range or proximity payments by means of M-devices using a pictured code, e.g. barcode or QR-code, being displayed on the M-device
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06QINFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES, NOT OTHERWISE PROVIDED FOR
    • G06Q20/00Payment architectures, schemes or protocols
    • G06Q20/38Payment protocols; Details thereof
    • G06Q20/382Payment protocols; Details thereof insuring higher security of transaction
    • G06Q20/3821Electronic credentials
    • G06Q20/38215Use of certificates or encrypted proofs of transaction rights
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06QINFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES, NOT OTHERWISE PROVIDED FOR
    • G06Q20/00Payment architectures, schemes or protocols
    • G06Q20/38Payment protocols; Details thereof
    • G06Q20/40Authorisation, e.g. identification of payer or payee, verification of customer or shop credentials; Review and approval of payers, e.g. check credit lines or negative lists
    • G06Q20/401Transaction verification
    • G06Q20/4014Identity check for transactions
    • G06Q20/40145Biometric identity checks

Abstract

本發明涉及一種交易支付方法,註冊階段包括:生物特徵認證伺服器基於智慧終端機的註冊請求而獲取註冊使用者的生物特徵,交易支付伺服器向智慧終端機下發公開金鑰;交易階段包括:智慧終端機至少基於公開金鑰及當前使用者的生物特徵而生成第一密文;智慧終端機基於第一密文生成漢信碼、基於當前使用者的使用者資訊生成二維碼;交易支付伺服器獲取經收銀終端掃描並識別的第一密文及使用者資訊,並利用私密金鑰對第一密文進行解密,以獲得當前使用者的生物特徵;以及,交易支付伺服器基於生物特徵認證伺服器對當前使用者的生物特徵認證的結果及使用者資訊來完成交易。其能夠實現更加安全的電子交易、保護使用者帳戶安全。The invention relates to a transaction payment method. The registration phase includes: a biometric authentication server obtains the biometric characteristics of a registered user based on a registration request of a smart terminal, and the transaction payment server issues a public key to the smart terminal; the transaction phase includes : The smart terminal generates the first cipher text based on at least the public key and the biometric characteristics of the current user; the smart terminal generates the Han Xin code based on the first cipher text and the QR code based on the user information of the current user; transaction; The payment server obtains the first ciphertext and user information scanned and identified by the cashier terminal, and uses the private key to decrypt the first ciphertext to obtain the biometric characteristics of the current user; and, the transaction payment server is based on biometrics The signature authentication server completes the transaction with the result of the biometric authentication of the current user and the user information. It can realize more secure electronic transactions and protect user account security.

Description

交易支付方法及系統Transaction payment method and system

本發明涉及電子商務技術領域,更具體地說,涉及一種交易支付方法及系統。 The present invention relates to the technical field of electronic commerce, and more specifically, to a transaction payment method and system.

現今,掃碼支付在生活中得到了廣泛應用。二維碼掃碼支付又可分為主掃和被掃兩種模式,其中被掃模式在微信支付、支付寶中被廣泛使用,例如,移動終端的用戶端應用將使用者帳戶資訊編碼成二維碼或者條碼,收銀終端掃碼來確定使用者帳戶資訊以完成支付交易。 Nowadays, QR code payment is widely used in daily life. QR code scanning payment can be divided into two modes: main scan and scanned mode. The scanned mode is widely used in WeChat payment and Alipay. For example, the user-end application of mobile terminal encodes user account information into two-dimensional Code or barcode, the cashier terminal scans the code to confirm the user account information to complete the payment transaction.

該支付方式的一個重要問題是存在安全性問題,二維碼資訊/條碼容易被複製,進而導致使用者帳戶資訊洩露,從而帶來冒用、盜用風險。一些應用雖然對帳號資訊/交易資訊進行了處理,使得二維碼/條碼不是簡單地以明文顯示帳號資訊/交易資訊,但仍然存在比較容易攻破的風險,給不法分子可乘之機。 An important problem of this payment method is the security problem. The QR code information/bar code is easy to be copied, which leads to the disclosure of user account information, thereby bringing risks of fraudulent use and embezzlement. Although some applications process account information/transaction information, so that the QR code/bar code does not simply display account information/transaction information in plain text, but there is still a risk that it is relatively easy to break, giving criminals a chance.

另一方面,現有技術中,已存在利用生物特徵(例如指紋)來驗證交易的方案,但是,一些收銀終端可以直接獲取甚至保留使用者的指紋特徵資料,這同樣給使用者帶來了安全風險。 On the other hand, in the prior art, there has been a scheme of using biological characteristics (such as fingerprints) to verify transactions. However, some cashier terminals can directly obtain or even retain the user’s fingerprint characteristic data, which also brings security risks to the user. .

本發明的目的在於以供一種更加安全可靠的、基於掃描二維碼的交易支付方法。 The purpose of the present invention is to provide a more secure and reliable transaction payment method based on scanning a two-dimensional code.

為實現上述目的,本發明提供一種技術方案如下:一種交易支付方法,包括:註冊階段,包括如下步驟:生物特徵認證伺服器基於智慧終端機的註冊請求而從智慧終端機獲取註冊使用者的生物特徵,交易支付伺服器基於註冊請求向智慧終端機下發公開金鑰;其中生物特徵由智慧終端機的生物特徵採集設備進行採集而得到;以及交易階段,包括如下步驟:智慧終端機採集當前使用者的生物特徵,並至少基於公開金鑰及當前使用者的生物特徵而生成第一密文;智慧終端機基於第一密文生成漢信碼、基於當前使用者的使用者資訊生成二維碼,並顯示漢信碼及二維碼以供收銀終端掃描並識別;交易支付伺服器從收銀終端獲取經收銀終端掃描並識別的第一密文及使用者資訊,並利用私密金鑰對第一密文進行解密,以獲得當前使用者的生物特徵並轉送至生物特徵認證伺服器;以及交易支付伺服器基於生物特徵認證伺服器對當前使用者的生物特徵認證的結果及使用者資訊來完成交易。 In order to achieve the above objective, the present invention provides a technical solution as follows: a transaction payment method, including: a registration phase, including the following steps: the biometric authentication server obtains the biometrics of the registered user from the smart terminal based on the smart terminal's registration request The transaction payment server issues a public key to the smart terminal based on the registration request; the biometrics are collected by the biometric collection device of the smart terminal; and the transaction phase includes the following steps: the smart terminal collects the current use The biological characteristics of the user, and the first ciphertext is generated based on at least the public key and the biological characteristics of the current user; the smart terminal generates the Chinese Xin code based on the first ciphertext, and the QR code is generated based on the user information of the current user , And display the Hanxin code and QR code for the cashier terminal to scan and recognize; the transaction payment server obtains the first ciphertext and user information scanned and recognized by the cashier terminal from the cashier terminal, and uses the private key to pair the first cipher text and user information. The ciphertext is decrypted to obtain the biometrics of the current user and forward it to the biometric authentication server; and the transaction payment server completes the transaction based on the biometric authentication server’s biometric authentication results of the current user and user information .

優選地,漢信碼及二維碼分別顯示在智慧終端機的螢幕或顯示視窗的不同部分。 Preferably, the Hanxin code and the two-dimensional code are respectively displayed on different parts of the screen or display window of the smart terminal.

優選地,漢信碼顯示於螢幕或顯示視窗的中 央部分,二維碼顯示於螢幕或顯示視窗的週邊部分。 Preferably, the Han Xin code is displayed on the screen or in the display window In the central part, the QR code is displayed on the peripheral part of the screen or display window.

優選地,漢信碼及二維碼同步顯示。 Preferably, the Hanxin code and the two-dimensional code are displayed simultaneously.

優選地,智慧終端機在生成第一密文時還基於當前時間的時間碼。 Preferably, the smart terminal is also based on the time code of the current time when generating the first ciphertext.

優選地,智慧終端機對當前使用者的生物特徵執行雜湊演算法而獲得摘要,並利用公開金鑰對摘要進行加密而生成第一密文。 Preferably, the smart terminal executes a hash algorithm on the biometrics of the current user to obtain the digest, and uses the public key to encrypt the digest to generate the first ciphertext.

本發明還公開一種交易支付系統,包括:交易執行單元,與至少一智慧終端機在通信上耦合,其包括:生物特徵認證伺服器,用於對當前使用者的生物特徵進行認證;交易支付伺服器,從收銀終端獲取第一密文及當前使用者的使用者資訊,並利用私密金鑰對第一密文進行解密,以獲得當前使用者的生物特徵並轉送至生物特徵認證伺服器,交易支付伺服器還基於生物特徵認證伺服器的認證結果來完成交易;至少一收銀終端,收銀終端掃描並識別智慧終端機所顯示的漢信碼及二維碼;以及至少一智慧終端機,智慧終端機包括生物特徵採集設備,智慧終端機至少基於交易支付伺服器下發的公開金鑰及當前使用者的生物特徵而生成第一密文,以及基於第一密文生成漢信碼、基於使用者資訊生成二維碼。 The present invention also discloses a transaction payment system, including: a transaction execution unit, which is communicatively coupled with at least one smart terminal, and includes: a biometric authentication server for authenticating the biometrics of the current user; a transaction payment server The device obtains the first ciphertext and the user information of the current user from the cashier terminal, and decrypts the first ciphertext with the private key to obtain the current user’s biometrics and forward it to the biometric authentication server. The payment server also completes the transaction based on the authentication result of the biometric authentication server; at least one cashier terminal, which scans and recognizes the Hanxin code and QR code displayed by the smart terminal; and at least one smart terminal, smart terminal The machine includes a biometric collection device. The smart terminal generates a first cipher text based on at least the public key issued by the transaction payment server and the biometric characteristics of the current user, and generates a Chinese character code based on the first cipher text, and based on the user Information generates a QR code.

本發明所提供的交易支付方法及系統,在以簡單方式實現電子交易的同時,能夠有效防止二維碼/條碼等資訊被複製從而給使用者帳戶帶來安全隱患,還能夠對使用者的生物特徵資訊進行認證從而防止不法分子盜用 用戶的智慧終端機,進而,該交易支付系統能夠實現更加安全的電子交易、保護使用者帳戶安全,也給用戶帶來了良好的使用體驗。 The transaction payment method and system provided by the present invention, while realizing electronic transactions in a simple manner, can effectively prevent the two-dimensional code/bar code and other information from being copied, thereby bringing security risks to the user’s account, and can also affect the user’s biological Characteristic information is authenticated to prevent fraudsters from embezzling The user’s smart terminal, in turn, the transaction payment system can implement more secure electronic transactions, protect the user’s account security, and also bring a good user experience to the user.

S10、S11、S12、S13、S14:步驟 S10, S11, S12, S13, S14: steps

20:交易執行單元 20: Transaction execution unit

21:收銀終端 21: Cashier terminal

22:智慧終端機 22: Smart Terminal

201:生物特徵認證伺服器 201: Biometric authentication server

202:交易支付伺服器 202: Transaction Payment Server

圖1示出本發明第一實施例提供的交易支付方法的流程示意圖。 Fig. 1 shows a schematic flowchart of a transaction payment method provided by the first embodiment of the present invention.

圖2示出本發明第二實施例提供的交易支付系統的框圖。 Fig. 2 shows a block diagram of a transaction payment system provided by a second embodiment of the present invention.

如圖1所示,本發明第一實施例提供一種交易支付方法,其以智慧終端機生成二維碼供收銀終端掃描的方式來實現,該方法包括兩個階段:註冊階段與交易階段。 As shown in FIG. 1, the first embodiment of the present invention provides a transaction payment method, which is implemented by a smart terminal generating a QR code for the cashier terminal to scan. The method includes two stages: a registration stage and a transaction stage.

註冊階段包括步驟S10:生物特徵認證伺服器基於智慧終端機的註冊請求而獲取註冊使用者的生物特徵,交易支付伺服器基於註冊請求向智慧終端機下發公開金鑰。其中生物特徵由智慧終端機的生物特徵採集設備進行採集而得到。 The registration phase includes step S10: the biometric authentication server obtains the biometrics of the registered user based on the registration request of the smart terminal, and the transaction payment server issues the public key to the smart terminal based on the registration request. Among them, the biological characteristics are collected by the biological characteristics collection equipment of the smart terminal.

具體地,希望註冊的用戶通過所持智慧終端機向生物特徵認證伺服器提交註冊請求,生物特徵認證伺服器指示智慧終端機採集註冊使用者的生物特徵,智慧終端機採集後將生物特徵上傳到生物特徵認證伺服器,生物 特徵認證伺服器保存該註冊使用者的生物特徵,並指示交易支付伺服器向該智慧終端機下發公開金鑰。 Specifically, the user who wants to register submits a registration request to the biometric authentication server through the smart terminal. The biometric authentication server instructs the smart terminal to collect the biometrics of the registered user, and the smart terminal uploads the biometrics to the biometrics after the collection. Signature authentication server, bio The feature authentication server saves the biometric feature of the registered user, and instructs the transaction payment server to issue a public key to the smart terminal.

上述註冊階段完成後,即可進入交易階段。本領域技術人員可以理解,註冊階段只需進行一次,而交易階段可以進行任意多次。 After the above registration phase is completed, you can enter the transaction phase. Those skilled in the art can understand that the registration phase only needs to be performed once, while the transaction phase can be performed any number of times.

在交易階段中,智慧終端機與收銀終端之間通過掃描的方式發生資訊交互,收銀終端與交易支付伺服器之間通過網路通信發生資訊交互,交易階段具體包括如下各步驟。 In the transaction phase, information interaction occurs between the smart terminal and the cashier terminal through scanning, and information interaction occurs between the cashier terminal and the transaction payment server through network communication. The transaction phase specifically includes the following steps.

步驟S11、智慧終端機採集當前使用者的生物特徵,並至少基於公開金鑰及當前使用者的生物特徵而生成第一密文。 Step S11: The smart terminal collects the biological characteristics of the current user, and generates a first ciphertext based on at least the public key and the biological characteristics of the current user.

具體地,作為示例,智慧終端機採集當前使用者的生物特徵後,對當前使用者的生物特徵執行雜湊演算法而獲得摘要,並利用交易支付伺服器在註冊階段下發的公開金鑰對摘要進行加密而生成第一密文。 Specifically, as an example, after collecting the biometrics of the current user, the smart terminal executes a hash algorithm on the biometrics of the current user to obtain a summary, and uses the public key pair summary issued by the transaction payment server during the registration phase Encryption is performed to generate the first ciphertext.

進一步地,智慧終端機在生成第一密文時還可以基於當前時間的時間碼。進而,在後續步驟中,交易支付伺服器可以通過時間碼來判斷交易的時效性,這也能夠增加交易的安全性。 Further, the smart terminal may also be based on the time code of the current time when generating the first ciphertext. Furthermore, in the subsequent steps, the transaction payment server can use the time code to determine the timeliness of the transaction, which can also increase the security of the transaction.

此外,智慧終端機在生成第一密文時還可以結合移動終端的設備ID。通常,移動終端的設備ID是不可更換的。結合了設備ID後,能夠有利於增加使用者資訊(例如帳戶)的安全性。 In addition, the smart terminal can also be combined with the device ID of the mobile terminal when generating the first ciphertext. Generally, the device ID of a mobile terminal is not replaceable. Combining the device ID can help increase the security of user information (such as accounts).

步驟S12、智慧終端機基於第一密文生成漢信碼、基於當前使用者的使用者資訊生成二維碼,並顯示漢信碼及二維碼以供收銀終端掃描並識別。 Step S12: The smart terminal generates a Hanxin code based on the first ciphertext, generates a two-dimensional code based on the user information of the current user, and displays the Hanxin code and the two-dimensional code for the cashier terminal to scan and recognize.

在該步驟中,漢信碼及二維碼可以分別顯示在智慧終端機的螢幕或顯示視窗的不同部分。例如,漢信碼顯示於螢幕或顯示視窗的中央部分,二維碼顯示於螢幕或顯示視窗的週邊部分;或者,漢信碼顯示於左側部分,二維碼顯示於右側部分。 In this step, the Hanxin code and the QR code can be respectively displayed on the screen of the smart terminal or different parts of the display window. For example, the Hanxin code is displayed on the central part of the screen or display window, and the QR code is displayed on the peripheral part of the screen or display window; or, the Hanxin code is displayed on the left part and the QR code is displayed on the right part.

可以理解,智慧終端機在顯示漢信碼、二維碼時,可以對兩者進行縮放,還可以以不同的時間順序來先後顯示兩者。 It can be understood that when the smart terminal displays the Hanxin code and the two-dimensional code, it can zoom in and out of the two, and can also display the two in a different time sequence.

優選情況下,二維碼環繞漢信碼,兩者同步顯示於智慧終端機的顯示視窗內,供收銀終端進行掃描、識別。 Preferably, the two-dimensional code surrounds the Hanxin code, and the two are simultaneously displayed in the display window of the smart terminal for scanning and identification by the cashier terminal.

步驟S13、交易支付伺服器獲取經收銀終端掃描並識別的第一密文及使用者資訊,並利用私密金鑰對第一密文進行解密,以獲得當前使用者的生物特徵。 Step S13: The transaction payment server obtains the first ciphertext and user information scanned and identified by the cashier terminal, and decrypts the first ciphertext with the private key to obtain the biological characteristics of the current user.

具體地,收銀終端掃描並識別漢信碼、二維碼後,將第一密文及使用者資訊上送至交易支付伺服器,交易支付伺服器利用私密金鑰對第一密文進行解密,獲得當前使用者的生物特徵。在此過程中,收銀終端雖然獲得第一密文,但無法解析或保存第一密文。隨後,交易支付伺服器將當前使用者的生物特徵轉送到生物特徵認證伺服器。 Specifically, after the cashier terminal scans and recognizes the Hanxin code and QR code, it sends the first ciphertext and user information to the transaction payment server, and the transaction payment server uses the private key to decrypt the first ciphertext. Get the biometrics of the current user. In this process, although the cash register terminal obtains the first ciphertext, it cannot parse or save the first ciphertext. Subsequently, the transaction payment server forwards the current user's biometrics to the biometric authentication server.

步驟S14、交易支付伺服器基於生物特徵認證伺服器對當前使用者的生物特徵認證的結果及使用者資訊來完成交易。 Step S14: The transaction payment server completes the transaction based on the result of the biometric authentication of the current user by the biometric authentication server and the user information.

其中,生物特徵認證伺服器首先對當前使用者的生物特徵進行認證,並將認證結果通知交易支付伺服器,交易支付伺服器再基於認證結果、使用者資訊來完成交易。 Among them, the biometric authentication server first authenticates the biometrics of the current user, and notifies the transaction payment server of the authentication result, and the transaction payment server completes the transaction based on the authentication result and user information.

具體地,若當前使用者的生物特徵未在已註冊使用者的生物特徵庫中得到匹配,生物特徵認證伺服器將給出否定的認證結果,交易支付伺服器將拒絕當前交易;反之,生物特徵認證伺服器將給出肯定的認證結果,交易支付伺服器將繼續進行當前交易,實現款項的流轉。 Specifically, if the biometrics of the current user are not matched in the biometric database of the registered user, the biometric authentication server will give a negative authentication result, and the transaction payment server will reject the current transaction; otherwise, the biometrics The authentication server will give a positive authentication result, and the transaction payment server will continue the current transaction to realize the transfer of funds.

該交易支付方法在以簡單方式實現電子交易的同時,能夠有效防止二維碼/條碼等資訊被複製,還能夠對使用者的生物特徵資訊進行認證。這些措施有利於提高電子交易的安全性、並有效保護使用者帳戶不受盜用。 While realizing electronic transactions in a simple manner, the transaction payment method can effectively prevent information such as two-dimensional codes/bar codes from being copied, and can also authenticate the user's biometric information. These measures are conducive to improving the security of electronic transactions and effectively protecting user accounts from embezzlement.

本發明第二實施例提供一種交易支付系統,其包括交易執行單元20、多個收銀終端21(為簡單起見,附圖中僅示出一個)以及多個智慧終端機22(為簡單起見,附圖中僅示出一個),如圖2所示。 The second embodiment of the present invention provides a transaction payment system, which includes a transaction execution unit 20, multiple cashier terminals 21 (for simplicity, only one is shown in the drawings), and multiple smart terminals 22 (for simplicity) , Only one is shown in the drawing), as shown in Figure 2.

其中,交易執行單元20與多個智慧終端機22可以利用移動通信網路進行通信,交易執行單元20與多個收銀終端21可以利用互聯網(例如Internet網)進行通信。 Wherein, the transaction execution unit 20 and the plurality of smart terminals 22 can communicate with a mobile communication network, and the transaction execution unit 20 and the plurality of cashier terminals 21 can communicate with the Internet (for example, an Internet network).

交易執行單元20包括生物特徵認證伺服器 201、交易支付伺服器202。智慧終端機22包括生物特徵採集設備,用於採集使用者的生物特徵,例如,指紋、虹膜、聲紋、面部圖像等。 The transaction execution unit 20 includes a biometric authentication server 201. Transaction payment server 202. The smart terminal 22 includes a biological feature collection device, which is used to collect the user's biological features, such as fingerprints, iris, voiceprints, facial images, and so on.

具體地,智慧終端機22至少基於交易支付伺服器202在使用者註冊階段下發的公開金鑰及當前使用者的生物特徵而生成第一密文,以及基於第一密文生成漢信碼、基於使用者資訊生成二維碼,並顯示漢信碼及二維碼以供收銀終端21進行掃描、識別。 Specifically, the smart terminal 22 generates the first ciphertext based on at least the public key issued by the transaction payment server 202 during the user registration phase and the biological characteristics of the current user, and generates the Chinese character code based on the first ciphertext, A two-dimensional code is generated based on the user information, and the Hanxin code and the two-dimensional code are displayed for the cashier terminal 21 to scan and recognize.

收銀終端21包括掃描設備,以掃描並識別智慧終端機22所顯示的漢信碼及二維碼。 The cash register terminal 21 includes a scanning device to scan and recognize the Han Xin code and the two-dimensional code displayed on the smart terminal 22.

隨後,交易支付伺服器202從收銀終端21獲取第一密文及當前使用者的使用者資訊,並利用私密金鑰對第一密文進行解密,以獲得當前使用者的生物特徵並轉送至生物特徵認證伺服器201,在生物特徵認證伺服器201進行認證之後,交易支付伺服器202還基於生物特徵認證伺服器201的認證結果來完成交易。 Subsequently, the transaction payment server 202 obtains the first ciphertext and the user information of the current user from the cashier terminal 21, and uses the private key to decrypt the first ciphertext to obtain the biological characteristics of the current user and forward it to the biometrics. The feature authentication server 201, after the biometric authentication server 201 performs authentication, the transaction payment server 202 also completes the transaction based on the authentication result of the biometric authentication server 201.

進一步地,智慧終端機22可以將漢信碼及二維碼分別顯示在螢幕或顯示視窗的不同部分。優選情況下,智慧終端機22將漢信碼顯示於螢幕或顯示視窗的中央部分,將二維碼顯示於螢幕或顯示視窗的週邊部分。此外,智慧終端機22優選地同步顯示漢信碼、二維碼。 Further, the smart terminal 22 can display the Hanxin code and the two-dimensional code on different parts of the screen or display window, respectively. Preferably, the smart terminal 22 displays the Han Xin code on the screen or the central part of the display window, and displays the two-dimensional code on the screen or the peripheral part of the display window. In addition, the smart terminal 22 preferably simultaneously displays the Han Xin code and the two-dimensional code.

進一步地,交易執行單元20設置於金融機構端(本地端),收銀終端21設置於遠端。上述交易支付系統可以基於雲計算系統來部署,以促進系統升級與維護。 Further, the transaction execution unit 20 is installed at the end of the financial institution (local end), and the cashier terminal 21 is installed at the remote end. The above transaction payment system can be deployed based on a cloud computing system to promote system upgrade and maintenance.

使用者在向上述交易支付系統註冊完成後,即能夠安全、快捷地進行電子交易,獲得良好的使用體驗。該交易支付系統實現成本低、便於推廣應用。 After the user has registered with the above-mentioned transaction payment system, he can conduct electronic transactions safely and quickly, and obtain a good user experience. The transaction payment system has low implementation cost and is convenient for popularization and application.

上述說明僅針對於本發明的優選實施例,並不在於限制本發明的保護範圍。本領域技術人員可作出各種變形設計,而不脫離本發明的思想及附隨的申請專利範圍。 The above description is only for the preferred embodiments of the present invention, and is not intended to limit the protection scope of the present invention. Those skilled in the art can make various deformation designs without departing from the idea of the present invention and the accompanying patent application scope.

Claims (10)

一種交易支付方法,包括:註冊階段,包括如下步驟:a)、生物特徵認證伺服器基於智慧終端機的註冊請求而從所述智慧終端機獲取註冊使用者的生物特徵,交易支付伺服器基於所述註冊請求向所述智慧終端機下發公開金鑰;其中所述生物特徵由所述智慧終端機的生物特徵採集設備進行採集而得到;以及交易階段,包括如下步驟:b)、所述智慧終端機採集當前使用者的所述生物特徵,並至少基於所述公開金鑰及所述當前使用者的生物特徵而生成第一密文;c)、所述智慧終端機基於所述第一密文生成漢信碼、基於所述當前使用者的使用者資訊生成二維碼,並顯示所述漢信碼及所述二維碼以供收銀終端掃描並識別;d)、所述交易支付伺服器從所述收銀終端獲取經所述收銀終端掃描並識別的所述第一密文及所述使用者資訊,並利用私密金鑰對所述第一密文進行解密,以獲得所述當前使用者的生物特徵並轉送至所述生物特徵認證伺服器;以及e)、所述交易支付伺服器基於所述生物特徵認證伺服器對所述當前使用者的生物特徵認證的結果及所述使用者資訊來完成交易。 A transaction payment method includes: a registration stage, including the following steps: a). The biometric authentication server obtains the biometric characteristics of the registered user from the smart terminal based on the smart terminal's registration request, and the transaction payment server is based on the smart terminal's registration request. The registration request issues a public key to the smart terminal; wherein the biometrics are collected by the biometrics collection device of the smart terminal; and the transaction phase includes the following steps: b), the smart The terminal collects the biological characteristics of the current user, and generates a first ciphertext based on at least the public key and the biological characteristics of the current user; c), the smart terminal is based on the first secret The text generates a Hanxin code, generates a QR code based on the user information of the current user, and displays the Hanxin code and the QR code for the cashier terminal to scan and recognize; d), the transaction payment server The device obtains the first cipher text and the user information scanned and identified by the cash register terminal from the cash register terminal, and decrypts the first cipher text with a private key to obtain the current use And transfer the biometrics of the current user to the biometric authentication server; and e), the transaction payment server is based on the biometric authentication result of the current user by the biometric authentication server and the user Information to complete the transaction. 根據請求項1所述的方法,其中,所述漢信碼及所述二維碼分別顯示在所述智慧終端機的螢幕或顯示視窗的不同部分。 The method according to claim 1, wherein the Chinese Xin code and the two-dimensional code are respectively displayed on different parts of the screen or display window of the smart terminal. 根據請求項2所述的方法,其中,所述漢信碼顯示於所述螢幕或顯示視窗的中央部分,所述二維碼顯示於所述螢幕或顯示視窗的週邊部分。 The method according to claim 2, wherein the Chinese Xin code is displayed on the central part of the screen or the display window, and the two-dimensional code is displayed on the peripheral part of the screen or the display window. 根據請求項2所述的方法,其中,所述漢信碼及所述二維碼同步顯示。 The method according to claim 2, wherein the Chinese Xin code and the two-dimensional code are displayed simultaneously. 根據請求項1所述的方法,其中,所述智慧終端機在生成所述第一密文時還基於當前時間的時間碼。 The method according to claim 1, wherein the smart terminal is also based on a time code of the current time when generating the first ciphertext. 根據請求項1所述的方法,其中,所述智慧終端機對所述當前使用者的生物特徵執行雜湊演算法而獲得摘要,並利用所述公開金鑰對所述摘要進行加密而生成所述第一密文。 The method according to claim 1, wherein the smart terminal executes a hash algorithm on the biometrics of the current user to obtain a digest, and uses the public key to encrypt the digest to generate the The first ciphertext. 一種交易支付系統,包括:交易執行單元,與至少一智慧終端機在通信上耦合,其包括:生物特徵認證伺服器,用於對當前使用者的生物 特徵進行認證;交易支付伺服器,從收銀終端獲取第一密文及當前使用者的使用者資訊,並利用私密金鑰對所述第一密文進行解密,以獲得所述當前使用者的生物特徵並轉送至所述生物特徵認證伺服器,所述交易支付伺服器還基於所述生物特徵認證伺服器的認證結果來完成交易;至少一所述收銀終端,所述收銀終端掃描並識別所述智慧終端機所顯示的漢信碼及二維碼;以及至少一所述智慧終端機,所述智慧終端機包括生物特徵採集設備,所述智慧終端機至少基於所述交易支付伺服器下發的公開金鑰及所述當前使用者的生物特徵而生成所述第一密文,以及基於所述第一密文生成所述漢信碼、基於所述使用者資訊生成所述二維碼。 A transaction payment system includes: a transaction execution unit, which is communicatively coupled with at least one smart terminal, and includes: a biometric authentication server for verifying the biometrics of the current user Feature authentication; the transaction payment server obtains the first ciphertext and the user information of the current user from the cashier terminal, and decrypts the first ciphertext with a private key to obtain the biological information of the current user Feature and forward it to the biometric authentication server, the transaction payment server also completes the transaction based on the authentication result of the biometric authentication server; at least one of the cashier terminal, the cashier terminal scans and recognizes the The Hanxin code and QR code displayed by the smart terminal; and at least one of the smart terminal, the smart terminal includes a biometrics collection device, the smart terminal is based on at least the transaction payment server issued The public key and the biological characteristics of the current user are used to generate the first ciphertext, the Chinese Xin code is generated based on the first ciphertext, and the two-dimensional code is generated based on the user information. 根據請求項7所述的系統,其中,所述智慧終端機將所述漢信碼及所述二維碼分別顯示在螢幕或顯示視窗的不同部分。 The system according to claim 7, wherein the smart terminal displays the Chinese Xin code and the two-dimensional code on different parts of a screen or a display window, respectively. 根據請求項8所述的系統,其中,所述智慧終端機將所述漢信碼顯示於所述螢幕或顯示視窗的中央部分,將所述二維碼顯示於所述螢幕或顯示視窗的週邊部分。 The system according to claim 8, wherein the smart terminal displays the Han Xin code on the central part of the screen or display window, and displays the two-dimensional code on the periphery of the screen or display window section. 根據請求項7至9中任一項所述的系統,其中,所述交易執行單元設置于金融機構端,所述收銀終端設置於遠 端。 The system according to any one of Claims 7 to 9, wherein the transaction execution unit is installed at the end of the financial institution, and the cash register terminal is installed at a remote location. end.
TW107104945A 2017-02-15 2018-02-12 Transaction payment method and system TWI720287B (en)

Applications Claiming Priority (3)

Application Number Priority Date Filing Date Title
??201710080394.X 2017-02-15
CN201710080394.X 2017-02-15
CN201710080394.XA CN107146079B (en) 2017-02-15 2017-02-15 Transaction payment method and system

Publications (2)

Publication Number Publication Date
TW201832153A TW201832153A (en) 2018-09-01
TWI720287B true TWI720287B (en) 2021-03-01

Family

ID=59783347

Family Applications (1)

Application Number Title Priority Date Filing Date
TW107104945A TWI720287B (en) 2017-02-15 2018-02-12 Transaction payment method and system

Country Status (3)

Country Link
CN (1) CN107146079B (en)
TW (1) TWI720287B (en)
WO (1) WO2018149367A1 (en)

Families Citing this family (4)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN107146079B (en) * 2017-02-15 2020-05-22 中国银联股份有限公司 Transaction payment method and system
CN108038529B (en) * 2017-12-08 2020-10-09 北京中星仝创科技有限公司 Method for generating and reading circular two-dimensional code with image
CN115189898A (en) * 2021-04-01 2022-10-14 富联精密电子(天津)有限公司 Transaction processing method, terminal and storage medium
CN116629887A (en) * 2023-07-20 2023-08-22 鼎铉商用密码测评技术(深圳)有限公司 Registration method, authentication method, device and storage medium based on biological characteristics

Citations (7)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US20130275309A1 (en) * 2012-04-13 2013-10-17 Francis King Hei KWONG Electronic-payment authentication process with an eye-positioning method for unlocking a pattern lock
CN103489102A (en) * 2013-09-13 2014-01-01 惠州Tcl移动通信有限公司 Method and system for preventing unauthorized credit card swiping through mobile phone based on two-dimensional code
CN104835039A (en) * 2015-04-03 2015-08-12 成都爱维科创科技有限公司 Data label generation method
CN104835030A (en) * 2015-05-26 2015-08-12 丹阳飓风物流股份有限公司 Inquiry service flow management method used for logistics industry
CN105574743A (en) * 2016-01-18 2016-05-11 上海透云物联网科技有限公司 Identification code structure, manufacturing method thereof, and product monitoring method
CN105590199A (en) * 2014-11-14 2016-05-18 中国银联股份有限公司 Payment method and payment system based on dynamic two-dimensional code
CN105654164A (en) * 2015-11-24 2016-06-08 上海透云物联网科技有限公司 Combined identification code, product using the combined identification code, and product monitoring method

Family Cites Families (4)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN102254380A (en) * 2010-05-31 2011-11-23 北京汇冠金财科技有限公司 Safe mobile phone payment method and system based on hybrid encryption mechanism
CN104486356A (en) * 2014-12-29 2015-04-01 芜湖乐锐思信息咨询有限公司 Data transmission method based on internet online tractions
CN106296197A (en) * 2015-06-25 2017-01-04 深圳市中兴微电子技术有限公司 A kind of method, apparatus and system of payment
CN107146079B (en) * 2017-02-15 2020-05-22 中国银联股份有限公司 Transaction payment method and system

Patent Citations (7)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US20130275309A1 (en) * 2012-04-13 2013-10-17 Francis King Hei KWONG Electronic-payment authentication process with an eye-positioning method for unlocking a pattern lock
CN103489102A (en) * 2013-09-13 2014-01-01 惠州Tcl移动通信有限公司 Method and system for preventing unauthorized credit card swiping through mobile phone based on two-dimensional code
CN105590199A (en) * 2014-11-14 2016-05-18 中国银联股份有限公司 Payment method and payment system based on dynamic two-dimensional code
CN104835039A (en) * 2015-04-03 2015-08-12 成都爱维科创科技有限公司 Data label generation method
CN104835030A (en) * 2015-05-26 2015-08-12 丹阳飓风物流股份有限公司 Inquiry service flow management method used for logistics industry
CN105654164A (en) * 2015-11-24 2016-06-08 上海透云物联网科技有限公司 Combined identification code, product using the combined identification code, and product monitoring method
CN105574743A (en) * 2016-01-18 2016-05-11 上海透云物联网科技有限公司 Identification code structure, manufacturing method thereof, and product monitoring method

Also Published As

Publication number Publication date
WO2018149367A1 (en) 2018-08-23
TW201832153A (en) 2018-09-01
CN107146079A (en) 2017-09-08
CN107146079B (en) 2020-05-22

Similar Documents

Publication Publication Date Title
US11847652B2 (en) Wireless biometric authentication system and method
CN110999212B (en) Online authentication of account holders using biometric identification and privacy preserving methods
CN105427099B (en) The method for network authorization of secure electronic transaction
CN105590199B (en) Payment method and payment system based on dynamic two-dimensional code
US8775814B2 (en) Personalized biometric identification and non-repudiation system
TWI720287B (en) Transaction payment method and system
WO2015161699A1 (en) Secure data interaction method and system
US20130147603A1 (en) Iris Cameras
JP2017530586A (en) System and method for authenticating a client to a device
KR101025807B1 (en) Authentication method and authentication server
US20180247313A1 (en) Fingerprint security element (se) module and payment verification method
WO2015161690A1 (en) Secure data interaction method and system
WO2018072588A1 (en) Approval signature verification method, mobile device, terminal device, and system
WO2014141263A1 (en) Asymmetric otp authentication system
US20160012399A1 (en) Secure two-stage transactions
WO2018148900A1 (en) Fingerprint identification-based authentication method and device, and transaction system
KR20200092950A (en) Match the center of the fingerprint in 2 steps
Nashwan et al. Mutual chain authentication protocol for SPAN transactions in Saudi Arabian banking
KR101619282B1 (en) Cloud system for manging combined password and control method thereof
Khachane et al. Enhancing security of internet banking using biometrics
CN109472587B (en) Mobile payment method and system
WO2015161691A1 (en) Secure data interaction method and system
KR102079667B1 (en) System for proving financial transaction service
WO2023055562A1 (en) Remote identity interaction
WO2019114813A1 (en) Biometric authentication system and method