本发明的实施方式Embodiments of the invention
本发明的主要构思是:以支付设备(例如移动终端)为移动支付交易的中心,使得用户可以通过移动终端等支付设备在移动支付交易的任一步骤终止或继续支付过程。在移动支付过程中以支付设备为交易中心可以有效地减少交易的不安全因素,从而能够提高支付交易的安全性。The main idea of the present invention is to use a payment device (e.g., a mobile terminal) as the center of a mobile payment transaction so that the user can terminate or continue the payment process at any step of the mobile payment transaction through a payment device such as a mobile terminal. In the mobile payment process, the payment device is used as the transaction center to effectively reduce the insecure factors of the transaction, thereby improving the security of the payment transaction.
以下结合附图和实施例对本发明的原理和特征进行描述,所举实例只用于解释本发明,并非用于限定本发明的范围。The principles and features of the present invention are described in the following with reference to the accompanying drawings and embodiments.
图1为本发明实施例中移动支付方法的一种流程图。如图1所示,本实施例中,移动支付方法包括:FIG. 1 is a flowchart of a mobile payment method according to an embodiment of the present invention. As shown in FIG. 1 , in this embodiment, the mobile payment method includes:
步骤101,用户通信终端与POS终端建立可信通信链路;Step 101: The user communication terminal establishes a trusted communication link with the POS terminal.
此处,通信终端是一个具体的支付设备,POS终端是一个具体的受付设备。对于本领域的技术人员来讲,本文中各实施例所述的移动支付方法应当理解为适用于所有的包含支付设备、受付设备和金融支付平台的移动支付系统。用户通信终端可以是但不限于手机、个人数字助理PDA等。Here, the communication terminal is a specific payment device, and the POS terminal is a specific paid device. For those skilled in the art, the mobile payment methods described in the various embodiments herein should be understood to be applicable to all mobile payment systems including payment devices, payment devices, and financial payment platforms. The user communication terminal can be, but is not limited to, a cell phone, a personal digital assistant PDA, and the like.
当用户通信终端和POS终端两者处于有效的非接触传输距离内且通信状态正常时才可建立可信通信链路。A trusted communication link can be established when both the user communication terminal and the POS terminal are within a valid contactless transmission distance and the communication state is normal.
通信终端和POS终端建立可信通信链路(或者称为安全链路)前要通过安全认证,该安全认证可以采用现有的以及以后可能出现的所有安全认证方式,例如可以采用基于对称算法的挑战/响应认证方式或者基于非对称密码算法的签名认证方式。The communication terminal and the POS terminal must pass the security authentication before establishing a trusted communication link (also referred to as a secure link). The security authentication can adopt all existing security authentication methods that may occur in the future, for example, a symmetric algorithm based Challenge/response authentication method or signature authentication method based on asymmetric cryptographic algorithm.
图2为基于对称算法的挑战/响应认证方式的一种流程图,如图2所示,该挑战/响应认证的流程包括:2 is a flow chart of a challenge/response authentication method based on a symmetric algorithm. As shown in FIG. 2, the challenge/response authentication process includes:
(1)A向B发送随机数Rp;(1) A sends a random number Rp to B;
(2)A、B双方生成过程密钥Key_proc,其中过程密钥可以由第一密钥Key1、随机数Rp和识别码ID进行加密或混淆处理得到;(2) Both A and B generate a process key Key_proc, wherein the process key can be obtained by encrypting or obfuscating the first key Key1, the random number Rp, and the identification code ID;
(3)启动认证,A向B发送认证请求;(3) initiate authentication, and A sends an authentication request to B;
(4)B收到认证请求后,生成第一随机字串Ra,用过程密钥Key_proc加密该第一随机字串Ra后传送给A;(4) After receiving the authentication request, B generates a first random string Ra, encrypts the first random string Ra with the process key Key_proc, and transmits it to A;
(5)A解密后获得第一随机字串Ra,然后自身生成第二随机字串Rb,将第一随机字串Ra和第二随机字串Rb拼接后用过程密钥Key_proc加密透传给B;(5) After decrypting A, the first random string Ra is obtained, and then the second random string Rb is generated by itself, and the first random string Ra and the second random string Rb are spliced and encrypted by the process key Key_proc to be transparently transmitted to B. ;
(6)B解密获得第一随机字串Ra和第二随机字串Rb,然后判断所第一随机字串Ra是否同自身生成的第一随机字串Ra相同,若相同则将第二随机字串Rb用过程密钥Key_proc加密后透传给A,A解密获得第二随机字串Rb,然后判断该第二随机字串Rb是否同自身生成的第二随机字串Rb相同,若相同则认证通过。(6) B decrypts to obtain the first random string Ra and the second random string Rb, and then determines whether the first random string Ra is the same as the first random string Ra generated by itself, and if the same, the second random word The string Rb is encrypted by the process key Key_proc and then transparently transmitted to A, A decrypts to obtain the second random string Rb, and then determines whether the second random string Rb is the same as the second random string Rb generated by itself, and if the same, the authentication is performed. by.
步骤102,用户通信终端将用户身份信息发送给POS终端;Step 102: The user communication terminal sends the user identity information to the POS terminal.
可信通信链路建立之后,通信终端和POS终端都进入非接触信息交互模式,两者可以通过射频通道进行数据交换。当然,除了射频通道,通信终端和POS终端之间也可以通过其它的非接触通信通道进行通信。After the trusted communication link is established, both the communication terminal and the POS terminal enter a non-contact information interaction mode, and the two can exchange data through the radio frequency channel. Of course, in addition to the radio frequency channel, the communication terminal and the POS terminal can also communicate through other non-contact communication channels.
通信终端生成用户身份信息及其验证码,并将它们发送给POS终端。其中,用户身份信息可以包括但不限于银行账户信息、个人识别码、验证码等。The communication terminal generates user identity information and its verification code and sends them to the POS terminal. The user identity information may include, but is not limited to, bank account information, a personal identification number, a verification code, and the like.
步骤103,POS终端将用户身份信息和商品信息绑定生成支付信息报文,再将报文发送给用户通信终端;Step 103: The POS terminal binds the user identity information and the product information to generate a payment information message, and then sends the message to the user communication terminal.
商品信息由POS终端生成。商品信息可以包括但不限于额度信息、交易时间、商品名称、商品数量、商家信息等。支付信息报文包含商品信息和用户身份信息。Product information is generated by the POS terminal. Product information may include, but is not limited to, credit information, transaction time, product name, number of products, merchant information, and the like. The payment information message includes product information and user identity information.
步骤104,用户通信终端将支付信息报文发送给金融支付平台;Step 104: The user communication terminal sends the payment information message to the financial payment platform.
在本发明的其他实施例中,金融支付平台也可以主动获取支付信息报文。In other embodiments of the present invention, the financial payment platform may also actively obtain the payment information message.
步骤105,金融支付平台根据支付信息报文判断交易是否合法,并将判断结果通知用户通信终端和POS终端。用户通信终端根据金融支付平台的判断结果决定是否进行交易,如果用户允许交易,则金融支付平台会进一步完成交易;Step 105: The financial payment platform determines whether the transaction is legal according to the payment information message, and notifies the user of the communication terminal and the POS terminal of the determination result. The user communication terminal determines whether to conduct the transaction according to the judgment result of the financial payment platform, and if the user allows the transaction, the financial payment platform further completes the transaction;
具体地,金融支付平台可以检验支付信息报文的完整性和支付信息报文内容的合法性,若支付信息报文完整且内容合法,则本次交易合法,否则本次交易不合法。Specifically, the financial payment platform can verify the integrity of the payment information message and the legality of the content of the payment information message. If the payment information message is complete and the content is legal, the transaction is legal, otherwise the transaction is illegal.
判断结果有:1、支付信息报文完整且合法,则本次交易合法;2、支付信息报文接收超时、支付信息报文不完整或支付信息报文内容不合法,则本次交易不合法。用户通信终端根据金融支付平台的判断结果决定是否进行交易具体为:若判断结果为本次交易合法,则允许进行交易,否则禁止进行交易。The judgment result is as follows: 1. If the payment information message is complete and legal, the transaction is legal; 2. If the payment information message receives timeout, the payment information message is incomplete, or the payment information message content is illegal, the transaction is illegal. . The user communication terminal determines whether to conduct the transaction according to the judgment result of the financial payment platform: if the judgment result is legal for the transaction, the transaction is allowed, otherwise the transaction is prohibited.
通过金融支付平台对通信终端的信息反馈,实现了以通信终端等支付设备为交易中心的移动支付方式,增进了信息交互的友好程度,使用户体验更加人性化。在本发明的其他实施例中,金融支付平台也可以不将判断结果通知用户通信终端和POS终端,即不对通信终端和/或POS终端进行信息反馈,用户通信终端等支付设备和POS终端等受付设备也可以主动获取判断结果。Through the information feedback of the communication terminal by the financial payment platform, the mobile payment method with the payment device such as the communication terminal as the transaction center is realized, the friend-friendliness of the information interaction is enhanced, and the user experience is more humanized. In other embodiments of the present invention, the financial payment platform may not notify the user communication terminal and the POS terminal of the determination result, that is, the information terminal does not perform feedback on the communication terminal and/or the POS terminal, and the payment device such as the user communication terminal and the POS terminal are paid. The device can also actively obtain the judgment result.
步骤106,用户通信终端恢复到初始状态。In step 106, the user communication terminal returns to the initial state.
本实施例的移动支付方法与现有技术相比,具有以下优点:Compared with the prior art, the mobile payment method of this embodiment has the following advantages:
(1)对移动支付过程中的数据(包含在支付信息报文中)进行合法性判断和完整性校验,增加了交易的安全性;(1) Legality judgment and integrity check on the data in the mobile payment process (included in the payment information message), which increases the security of the transaction;
(2)采用一种新的数据处理流程进行移动支付(交易信息由POS终端到通信终端再到金融支付平台,交易完成后金融支付平台再反馈给POS终端和通信终端),增进了信息交互的友好程度;(2) Adopting a new data processing flow for mobile payment (transaction information from the POS terminal to the communication terminal to the financial payment platform, the financial payment platform is fed back to the POS terminal and the communication terminal after the transaction is completed), and the information interaction is enhanced. Degree of friendliness
(3)通过通信终端对POS终端传来信息的控制和金融支付平台对通信终端的信息反馈,实现了一种以通信终端为交易中心的移动支付方式,使用户体验更加人性化。(3) Through the communication terminal to control the information transmitted by the POS terminal and the information feedback of the financial payment platform to the communication terminal, a mobile payment method with the communication terminal as the transaction center is realized, and the user experience is more humanized.
综上所述,本实施例的移动支付方法以支付设备为交易中心,使得用户可以通过移动终端在移动支付交易的任一步骤终止或继续支付过程,从而提高了移动支付交易的安全性,增进了信息交互的友好程度,更加人性化,提升了用户体验。In summary, the mobile payment method of the embodiment uses the payment device as a transaction center, so that the user can terminate or continue the payment process at any step of the mobile payment transaction through the mobile terminal, thereby improving the security and promotion of the mobile payment transaction. The friendliness of information interaction is more user-friendly and enhances the user experience.
图3为本发明实施例中移动支付方法的另一种流程图。如图3所示,本实施例中,移动支付方法包括:FIG. 3 is another flow chart of a mobile payment method according to an embodiment of the present invention. As shown in FIG. 3, in this embodiment, the mobile payment method includes:
步骤301,用户通信终端与POS终端建立可信通信链路;Step 301: The user communication terminal establishes a trusted communication link with the POS terminal.
当用户通信终端和POS终端两者处于有效的非接触传输距离内且通信状态正常时才可以建立可信通信链路。通信终端和POS终端建立可信通信链路(或者称为安全链路)前要通过安全认证,关于安全认证的方式参见对步骤101的说明,此处不再赘述。A trusted communication link can be established when both the user communication terminal and the POS terminal are within a valid contactless transmission distance and the communication state is normal. The communication terminal and the POS terminal must pass the security authentication before establishing a trusted communication link (or a secure link). For the manner of the security authentication, refer to the description of step 101, and details are not described herein.
步骤302,POS终端将商品信息发送给用户通信终端;Step 302: The POS terminal sends the commodity information to the user communication terminal.
POS终端生成商品信息及其校验码,将它们发送给通信终端。商品信息可以包括但不限于额度信息、交易时间、商品名称、商品数量、商家信息等。The POS terminal generates commodity information and its check code, and transmits them to the communication terminal. Product information may include, but is not limited to, credit information, transaction time, product name, number of products, merchant information, and the like.
步骤303,用户通信终端将用户身份信息和商品信息绑定生成支付信息报文;Step 303: The user communication terminal binds the user identity information and the product information to generate a payment information message.
用户身份信息由通信终端生成。用户身份信息可以包括但不限于银行账户信息、个人识别码、验证码等。支付信息报文包含商品信息和用户身份信息。User identity information is generated by the communication terminal. User identity information may include, but is not limited to, bank account information, personal identification numbers, verification codes, and the like. The payment information message includes product information and user identity information.
步骤304,用户通信终端将支付信息报文发送给金融支付平台;Step 304: The user communication terminal sends the payment information message to the financial payment platform.
步骤305,金融支付平台根据支付信息报文判断交易是否合法,并将判断结果通知用户通信终端和POS终端,用户通信终端根据金融支付平台的判断结果决定是否进行交易,如果用户允许交易,则金融支付平台会进一步完成交易;Step 305: The financial payment platform determines whether the transaction is legal according to the payment information message, and notifies the user of the communication terminal and the POS terminal, and the user communication terminal determines whether to conduct the transaction according to the judgment result of the financial payment platform. If the user allows the transaction, the financial The payment platform will complete the transaction further;
具体地,金融支付平台可以检验支付信息报文的完整性和支付信息报文内容的合法性。若支付信息报文完整且内容合法,则本次交易合法,否则本次交易不合法。用户通信终端根据金融支付平台的判断结果决定是否进行交易具体为:若判断结果为本次交易合法,则允许进行交易,否则禁止进行交易。Specifically, the financial payment platform can verify the integrity of the payment information message and the legality of the content of the payment information message. If the payment information message is complete and the content is legal, the transaction is legal, otherwise the transaction is illegal. The user communication terminal determines whether to conduct the transaction according to the judgment result of the financial payment platform: if the judgment result is legal for the transaction, the transaction is allowed, otherwise the transaction is prohibited.
其中,判断结果有:1、支付信息报文完整且合法,则本次交易合法;2、支付信息报文接收超时、支付信息报文不完整或支付信息报文内容不合法,则本次交易不合法。The judgment result is as follows: 1. If the payment information message is complete and legal, the transaction is legal; 2. If the payment information message is timed out, the payment information message is incomplete, or the payment information message content is illegal, the transaction is illegal.
在本发明的其他实施例中,金融支付平台也可以不将判断结果通知用户通信终端和POS终端,即不对通信终端和/或POS终端进行信息反馈。In other embodiments of the present invention, the financial payment platform may not notify the user of the communication terminal and the POS terminal of the determination result, that is, does not perform information feedback on the communication terminal and/or the POS terminal.
步骤306,用户通信终端恢复到初始状态。In step 306, the user communication terminal returns to the initial state.
在本发明的各个实施例中,可以对通信终端、POS终端和金融支付平台的任意两者之间传递的数据进行数据完整性校验。并且,发送到通信终端的信息,对用户都可以是可见且可控的,用户可以在任何环节选择继续、中断或重新交易。In various embodiments of the invention, data integrity verification may be performed on data communicated between any of the communication terminal, the POS terminal, and the financial payment platform. Moreover, the information sent to the communication terminal can be visible and controllable to the user, and the user can choose to continue, interrupt or re-trade at any point.
本实施例的移动支付方法,以支付设备为交易中心,使得用户可以在移动支付交易的任一步骤终止或继续支付过程,从而提高了移动支付交易的安全性,增进了信息交互的友好程度,更加人性化,提升了用户体验。In the mobile payment method of the embodiment, the payment device is used as a transaction center, so that the user can terminate or continue the payment process at any step of the mobile payment transaction, thereby improving the security of the mobile payment transaction and improving the friendliness of the information interaction. More user-friendly and improved user experience.
本发明还提出了一种移动支付系统,用以实施上述的移动支付方法。图4为本发明实施例中移动支付系统的结构图,如图4所示,本发明的移动支付系统包括受付设备42、支付设备41和金融支付平台43,其中,支付设备41用于生成或获取本次交易的支付信息报文,并发送给金融支付平台43,金融支付平台43用于根据支付信息报文判断本次交易是否合法,支付设备41还用于根据金融支付平台43的判断结果决定是否进行交易。The invention also proposes a mobile payment system for implementing the above mobile payment method. 4 is a structural diagram of a mobile payment system according to an embodiment of the present invention. As shown in FIG. 4, the mobile payment system of the present invention includes a payment device 42, a payment device 41, and a financial payment platform 43, wherein the payment device 41 is used to generate or acquire The payment information message of the transaction is sent to the financial payment platform 43, and the financial payment platform 43 is configured to determine whether the transaction is legal according to the payment information message, and the payment device 41 is further configured to determine according to the judgment result of the financial payment platform 43. Whether to trade.
图5为本发明实施例中移动支付系统的一种具体结构及其工作过程示意图。如图5所示,在本实施例中,支付设备41包括第一通信模块510、第一报文生成模块520、发送模块530,受付设备42包括第二通信模块540,金融支付平台43包括接收模块550、检测模块560。其中,第一通信模块510用于与第二通信模块540进行数据交换,第一报文生成模块520用于生成本次交易的支付信息报文,发送模块530用于将支付信息报文发送给金融支付平台43,第二通信模块540用于与第一通信模块510进行数据交换,接收模块550用于接收支付信息报文,检测模块560用于根据支付信息报文判断本次交易是否合法。FIG. 5 is a schematic diagram of a specific structure and a working process of a mobile payment system according to an embodiment of the present invention. As shown in FIG. 5, in the embodiment, the payment device 41 includes a first communication module 510, a first message generation module 520, and a sending module 530. The device to be paid 42 includes a second communication module 540, and the financial payment platform 43 includes receiving. Module 550, detection module 560. The first communication module 510 is configured to perform data exchange with the second communication module 540. The first message generating module 520 is configured to generate a payment information message of the current transaction, and the sending module 530 is configured to send the payment information message to the The financial payment platform 43, the second communication module 540 is configured to exchange data with the first communication module 510, the receiving module 550 is configured to receive the payment information message, and the detecting module 560 is configured to determine whether the current transaction is legal according to the payment information message.
检测模块560中还可以包括第一检测单元,第一检测单元用于检验支付信息报文的完整性和支付信息报文内容的合法性,若支付信息报文完整且内容合法,则判定交易合法,否则判定交易不合法。The detecting module 560 may further include a first detecting unit, where the first detecting unit is configured to check the integrity of the payment information message and the legality of the content of the payment information message. If the payment information message is complete and the content is legal, the transaction is determined to be legal. Otherwise, the transaction is determined to be illegal.
支付设备41中还可以包括判断模块,判断模块用于根据金融支付平台43的判断结果决定是否进行交易。该判断模块中还可以进一步包括第一判断单元,该第一判断单元用于在判断结果为交易合法时允许进行交易,否则禁止进行交易。The payment device 41 may further include a determining module, and the determining module is configured to determine whether to perform the transaction according to the judgment result of the financial payment platform 43. The judging module may further include a first judging unit, where the first judging unit is configured to allow the transaction to be performed when the judgment result is that the transaction is legal, otherwise the transaction is prohibited.
图5所示移动支付系统的工作过程是:受付设备42将商品信息通过第二通信模块540发送给支付设备41,支付设备41通过第一通信模块510接收商品信息,第一报文生成模块520将商品信息与支付设备41的用户身份信息绑定生成支付信息报文,然后发送模块530将支付信息报文发送给金融支付平台43,金融支付平台43通过接收模块550接收支付信息报文,检测模块560根据接收模块550接收的支付信息报文判断本次交易是否合法。金融支付平台43可以进一步将检测模块560的判断结果通知给支付设备41和受付设备42。支付设备41根据金融支付平台43的检测模块560的判断结果的判断结果决定是否进行交易。The working process of the mobile payment system shown in FIG. 5 is: the paid device 42 sends the commodity information to the payment device 41 through the second communication module 540, and the payment device 41 receives the commodity information through the first communication module 510, and the first packet generation module 520 The product information is bound to the user identity information of the payment device 41 to generate a payment information message, and then the sending module 530 sends the payment information message to the financial payment platform 43, and the financial payment platform 43 receives the payment information message through the receiving module 550, and detects The module 560 determines whether the transaction is legal according to the payment information message received by the receiving module 550. The financial payment platform 43 may further notify the payment device 41 and the payee device 42 of the determination result of the detection module 560. The payment device 41 determines whether or not to perform the transaction based on the determination result of the determination result of the detection module 560 of the financial payment platform 43.
本实施例的移动支付系统,以支付设备41为交易中心,使得用户可以在移动支付交易的任一步骤终止或继续支付过程,从而提高了移动支付交易的安全性,增进了信息交互的友好程度,更加人性化,提升了用户体验。The mobile payment system of this embodiment uses the payment device 41 as a transaction center, so that the user can terminate or continue the payment process at any step of the mobile payment transaction, thereby improving the security of the mobile payment transaction and improving the friendliness of information interaction. It is more user-friendly and enhances the user experience.
图6为本发明实施例中移动支付系统的又一种具体结构及其工作过程示意图。如图7所示,本实施例中,支付设备41包括第一通信模块610、第二报文获取模块620、发送模块630,受付设备42包括第二通信模块640、第二报文生成模块650,金融支付平台43包括接收模块550、检测模块560,其中,第一通信模块610用于与第二通信模块640进行数据交换,第二报文获取模块620用于获取本次交易的支付信息报文,发送模块630用于将支付信息报文发送给金融支付平台43,第二通信模块640用于与第一通信模块610进行数据交换,第二报文生成模块650用于生成本次交易的支付信息报文,接收模块550用于接收支付信息报文,检测模块560用于根据支付信息报文判断本次交易是否合法。FIG. 6 is still another schematic structural diagram of a mobile payment system according to an embodiment of the present invention and a working process thereof. As shown in FIG. 7, in the embodiment, the payment device 41 includes a first communication module 610, a second message acquisition module 620, and a sending module 630. The device to be charged 42 includes a second communication module 640 and a second message generation module 650. The financial payment platform 43 includes a receiving module 550 and a detecting module 560. The first communication module 610 is configured to exchange data with the second communication module 640, and the second packet obtaining module 620 is configured to obtain a payment information report of the transaction. The sending module 630 is configured to send the payment information message to the financial payment platform 43, the second communication module 640 is configured to exchange data with the first communication module 610, and the second message generating module 650 is configured to generate the transaction. The payment information message is used by the receiving module 550 to receive the payment information message, and the detecting module 560 is configured to determine whether the current transaction is legal according to the payment information message.
图6所示移动支付系统的工作过程是:支付设备41将用户身份信息通过第一通信模块610发送给受付设备42,受付设备42通过第二通信模块640接收用户身份信息,第二报文生成模块650将用户身份信息与受付设备42生成的商品信息绑定生成支付信息报文;然后支付设备41的第二报文获取模块620发出获取支付信息报文的命令,第一通信模块610收到报文获取模块620的命令后,向受付设备42的第二通信模块640发送请求,第二通信模块640收到请求后将支付信息报文传给第一通信模块610,第一通信模块610再传给第二报文获取模块620,发送模块630将支付信息报文发送给金融支付平台43;金融支付平台43通过接收模块550接收支付信息报文,检测模块560根据接收模块550接收的支付信息报文判断本次交易是否合法。金融支付平台43可以进一步将检测模块560的判断结果通知给支付设备41和受付设备42。支付设备41根据金融支付平台43的检测模块560的判断结果的判断结果决定是否进行交易。The working process of the mobile payment system shown in FIG. 6 is that the payment device 41 transmits the user identity information to the device to be served 42 through the first communication module 610, and the device for receiving the device 42 receives the identity information of the user through the second communication module 640, and generates the second message. The module 650 binds the user identity information to the product information generated by the device to be paid 42 to generate a payment information message; then the second message obtaining module 620 of the payment device 41 issues a command to obtain a payment information message, and the first communication module 610 receives the command. After the command of the message obtaining module 620, the second communication module 640 sends a request to the second communication module 640 of the device to be paid, and the second communication module 640 transmits the payment message to the first communication module 610 after receiving the request, and the first communication module 610 The sending module 620 sends the payment information message to the financial payment platform 43. The financial payment platform 43 receives the payment information message through the receiving module 550, and the detecting module 560 receives the payment information according to the receiving module 550. The message determines whether the transaction is legal. The financial payment platform 43 may further notify the payment device 41 and the payee device 42 of the determination result of the detection module 560. The payment device 41 determines whether or not to perform the transaction based on the determination result of the determination result of the detection module 560 of the financial payment platform 43.
除了采用支付设备41发送支付信息报文、金融支付平台43接收支付信息报文的方式,还可以采用金融支付平台43主动获取支付信息报文的方式。因此,在本发明的其他实施例中,金融支付平台43中可以包括第一报文获取模块,第一报文获取模块用于获取本次交易的支付信息报文。In addition to the manner in which the payment device 41 sends the payment information message and the financial payment platform 43 receives the payment information message, the financial payment platform 43 can also actively acquire the payment information message. Therefore, in other embodiments of the present invention, the financial payment platform 43 may include a first message obtaining module, where the first message acquiring module is configured to obtain a payment information message of the current transaction.
本实施例的移动支付系统,以支付设备41为交易中心,使得用户可以在移动支付交易的任一步骤终止或继续支付过程,从而提高了移动支付交易的安全性,增进了信息交互的友好程度,更加人性化,提升了用户体验。The mobile payment system of this embodiment uses the payment device 41 as a transaction center, so that the user can terminate or continue the payment process at any step of the mobile payment transaction, thereby improving the security of the mobile payment transaction and improving the friendliness of information interaction. It is more user-friendly and enhances the user experience.
在本发明的其他实施例中,金融支付平台中还可以包括用于将检测模块的判断结果通知支付设备和受付设备的通知模块,支付设备中还可以包括用于接收通知模块的通知的第一通知接收模块,受付设备中还可以包括用于接收通知模块的通知的第二通知接收模块。In other embodiments of the present invention, the financial payment platform may further include a notification module for notifying the payment device and the payment device of the determination result of the detection module, where the payment device may further include a first notification for receiving the notification module. The notification receiving module may further include a second notification receiving module for receiving the notification of the notification module.
在本发明的其他实施例中,一个功能模块可以进一步拆分成多个子模块,也可以将同一设备的多个功能模块集成为一个模块。例如,将支付设备的多个可以用程序实现的模块合成为交易软件,将支付设备的多个硬件模块集成在带有安全芯片的RFID模块中。交易软件也可以存放在但不仅限于支付设备(例如通信终端)内部的存储介质或RFID模块中,其中RFID模块可以为但不仅限于RFID-SIM卡、RFID-USIM卡、RFID-TF卡、RFID-SD卡或RFID-MMC卡。In other embodiments of the present invention, one functional module may be further split into multiple sub-modules, or multiple functional modules of the same device may be integrated into one module. For example, a plurality of program-implementable modules of the payment device are synthesized into transaction software, and a plurality of hardware modules of the payment device are integrated in an RFID module with a security chip. The transaction software may also be stored in, but not limited to, a storage medium or an RFID module inside a payment device (eg, a communication terminal), which may be, but is not limited to, an RFID-SIM card, an RFID-USIM card, an RFID-TF card, an RFID- SD card or RFID-MMC card.
图7为本发明应用实施例中包含手机的移动支付系统的一种工作过程示意图。如图7所示,该移动支付系统包括手机(支付设备)、POS终端(受付设备)和金融支付平台,其中手机中具有上述的交易软件和RFID模块,图7所示移动支付系统的工作过程包括:FIG. 7 is a schematic diagram of a working process of a mobile payment system including a mobile phone according to an application embodiment of the present invention. As shown in FIG. 7, the mobile payment system includes a mobile phone (payment device), a POS terminal (paid device), and a financial payment platform, wherein the mobile phone has the above-mentioned transaction software and RFID module, and the working process of the mobile payment system shown in FIG. include:
第一步,用户用手机向POS终端发送用户身份信息;In the first step, the user sends the user identity information to the POS terminal by using the mobile phone;
用户在商户选择好商品以后,用手机与商户的POS终端通过安全认证建立可信非接触通信链路。用户在交易软件界面通过软键盘输入账户信息、个人识别码和随机验证码等,并生成用户身份信息及其校验码,然后将它们发送给POS终端。After the merchant selects a good product, the user establishes a trusted contactless communication link by using the mobile phone and the POS terminal of the merchant through security authentication. The user inputs account information, personal identification code, random verification code, etc. through the soft keyboard in the transaction software interface, and generates user identity information and its check code, and then sends them to the POS terminal.
第二步,POS终端将用户身份信息与商品信息绑定生成支付信息报文,并发送给手机;In the second step, the POS terminal binds the user identity information with the product information to generate a payment information message, and sends the message to the mobile phone;
POS终端先对手机传来的用户身份信息进行完整性校验。校验成功则将其和商品信息(POS终端身份认证信息、商品名称、商品数量和交易金额等)生成支付信息报文及其校验码,再通过2.4GHz非接触通信频段发送到用户RF-SIM卡手机上。如果校验失败,POS终端通知手机,由用户决定是否重新给POS终端发送用户身份信息及其校验码,还是取消本次交易。The POS terminal first checks the integrity of the user identity information transmitted from the mobile phone. If the verification is successful, it will generate payment information message and its check code with the product information (POS terminal identity authentication information, product name, product quantity and transaction amount, etc.), and then send it to the user RF through the 2.4GHz contactless communication band. SIM card on the phone. If the verification fails, the POS terminal notifies the mobile phone, and the user decides whether to resend the user identity information and its check code to the POS terminal, or cancel the transaction.
第三步,用户用手机将支付信息报文发送给金融支付平台。In the third step, the user sends the payment information message to the financial payment platform by using the mobile phone.
用户通过手机对支付信息报文进行完整性校验,校验成功则通过GPRS网络将支付信息报文发送给金融支付平台(由银行机构控制)。如果校验失败,由用户决定是通知POS终端重新发送支付信息报文及其校验码,还是取消本次交易。The user performs integrity verification on the payment information message through the mobile phone, and if the verification succeeds, the payment information message is sent to the financial payment platform (controlled by the banking institution) through the GPRS network. If the verification fails, it is up to the user to inform the POS terminal to resend the payment information message and its check code, or cancel the transaction.
金融支付平台对用户手机传来的支付信息报文,先进行完整性校验,再判断报文内账户信息和个人识别码是否匹配。如果匹配,金融支付平台将判断本次交易合法,并通过GPRS网络向POS终端和通信终端发出交易合法通知。如果不匹配,金融支付平台回复通信终端,由用户决定是重新输入用户身份信息,还是取消本次交易。The financial payment platform first checks the integrity of the payment information message sent by the user's mobile phone, and then determines whether the account information and the personal identification code in the message match. If it matches, the financial payment platform will judge the transaction to be legal, and issue a legal notice of the transaction to the POS terminal and the communication terminal through the GPRS network. If there is no match, the financial payment platform replies to the communication terminal, and the user decides whether to re-enter the user identity information or cancel the transaction.
图8为本发明应用实施例中包含手机的移动支付系统的另一种工作过程示意图。如图8所示,该移动支付系统包括手机(支付设备)、POS终端(受付设备)和金融支付平台,其中手机中具有上述的交易软件和RFID模块,图9所示移动支付系统的工作过程包括:FIG. 8 is a schematic diagram of another working process of a mobile payment system including a mobile phone according to an application embodiment of the present invention. As shown in FIG. 8, the mobile payment system includes a mobile phone (payment device), a POS terminal (paid device), and a financial payment platform, wherein the mobile phone has the above-mentioned transaction software and RFID module, and the working process of the mobile payment system shown in FIG. include:
第一步,POS终端将商品信息发送到用户手机;In the first step, the POS terminal sends the product information to the user's mobile phone;
用户在商户选择好商品以后,用手机与商户的POS终端建立可信非接触通信链路。After the merchant selects the commodity, the user establishes a trusted contactless communication link with the POS terminal of the merchant by using the mobile phone.
POS终端先生成商品信息(POS终端身份认证信息、商品名称、商品数量和交易金额等)及其校验码,并将它们通过2.4GHz非接触通信频段发送到用户RF-SIM卡手机上。The POS terminal becomes commodity information (POS terminal identity authentication information, product name, number of products, transaction amount, etc.) and its check code, and transmits them to the user RF-SIM card mobile phone through the 2.4 GHz contactless communication band.
第二步,手机将商品信息和用户身份信息绑定生成支付信息报文,然后将支付信息报文发送给金融支付平台。In the second step, the mobile phone binds the product information and the user identity information to generate a payment information message, and then sends the payment information message to the financial payment platform.
用户通过手机交易软件开始对POS终端传来的商品信息进行完整性校验。如果校验成功,用户在交易软件界面通过软键盘输入账户信息、个人识别码和随机验证码等,并生成用户身份信息。再将其和商品信息一起生成校验码和支付信息报文,再通过GPRS网络发送给金融支付平台(由银行机构控制)。如果校验失败,由用户决定是通知POS终端重新发送校验码和报文,还是取消本次交易。The user starts to check the integrity of the product information transmitted by the POS terminal through the mobile phone transaction software. If the verification is successful, the user inputs account information, personal identification code, random verification code, etc. through the soft keyboard in the transaction software interface, and generates user identity information. Then, together with the commodity information, a check code and a payment information message are generated, and then sent to the financial payment platform (controlled by the banking institution) through the GPRS network. If the verification fails, it is up to the user to inform the POS terminal to resend the check code and the message, or to cancel the transaction.
金融支付平台对用户手机传来的报文,先进行完整性校验,再判断报文内账户信息和个人识别码是否匹配。如果匹配,金融支付平台将判断本次交易合法,并通过GPRS网络向POS终端和通信终端发出交易合法通知。如果不匹配,金融支付平台回复通信终端,由用户决定是重新输入用户身份信息,还是取消本次交易。The financial payment platform first checks the integrity of the message sent by the user's mobile phone, and then determines whether the account information and the personal identification code in the message match. If it matches, the financial payment platform will judge the transaction to be legal, and issue a legal notice of the transaction to the POS terminal and the communication terminal through the GPRS network. If there is no match, the financial payment platform replies to the communication terminal, and the user decides whether to re-enter the user identity information or cancel the transaction.
由上可见,本实施例的移动支付系统,以支付设备为交易中心,使得用户可以在移动支付交易的任一步骤终止或继续支付过程,从而提高了移动支付交易的安全性,增进了信息交互的友好程度,更加人性化,提升了用户体验。It can be seen from the above that the mobile payment system of the embodiment uses the payment device as a transaction center, so that the user can terminate or continue the payment process at any step of the mobile payment transaction, thereby improving the security of the mobile payment transaction and enhancing the information interaction. The friendliness is more user-friendly and enhances the user experience.
以上所述仅为本发明的较佳实施例,并不用以限制本发明,凡在本发明的精神和原则之内,所作的任何修改、等同替换、改进等,均应包含在本发明的保护范围之内。The above are only the preferred embodiments of the present invention, and are not intended to limit the present invention. Any modifications, equivalents, improvements, etc., which are within the spirit and scope of the present invention, should be included in the protection of the present invention. Within the scope.