WO2013023499A1 - Procédé et système de contrôle de sécurité de paiement par téléphone mobile - Google Patents

Procédé et système de contrôle de sécurité de paiement par téléphone mobile Download PDF

Info

Publication number
WO2013023499A1
WO2013023499A1 PCT/CN2012/078151 CN2012078151W WO2013023499A1 WO 2013023499 A1 WO2013023499 A1 WO 2013023499A1 CN 2012078151 W CN2012078151 W CN 2012078151W WO 2013023499 A1 WO2013023499 A1 WO 2013023499A1
Authority
WO
WIPO (PCT)
Prior art keywords
mobile phone
data
security token
payment
security
Prior art date
Application number
PCT/CN2012/078151
Other languages
English (en)
Chinese (zh)
Inventor
罗攀峰
韩英彬
霍国杰
Original Assignee
广州广电运通金融电子股份有限公司
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by 广州广电运通金融电子股份有限公司 filed Critical 广州广电运通金融电子股份有限公司
Publication of WO2013023499A1 publication Critical patent/WO2013023499A1/fr

Links

Classifications

    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06QINFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES, NOT OTHERWISE PROVIDED FOR
    • G06Q20/00Payment architectures, schemes or protocols
    • G06Q20/30Payment architectures, schemes or protocols characterised by the use of specific devices or networks
    • G06Q20/32Payment architectures, schemes or protocols characterised by the use of specific devices or networks using wireless devices
    • G06Q20/322Aspects of commerce using mobile devices [M-devices]
    • G06Q20/3223Realising banking transactions through M-devices
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06QINFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES, NOT OTHERWISE PROVIDED FOR
    • G06Q20/00Payment architectures, schemes or protocols
    • G06Q20/30Payment architectures, schemes or protocols characterised by the use of specific devices or networks
    • G06Q20/32Payment architectures, schemes or protocols characterised by the use of specific devices or networks using wireless devices
    • G06Q20/322Aspects of commerce using mobile devices [M-devices]
    • G06Q20/3226Use of secure elements separate from M-devices
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06QINFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES, NOT OTHERWISE PROVIDED FOR
    • G06Q20/00Payment architectures, schemes or protocols
    • G06Q20/38Payment protocols; Details thereof
    • G06Q20/382Payment protocols; Details thereof insuring higher security of transaction
    • G06Q20/3823Payment protocols; Details thereof insuring higher security of transaction combining multiple encryption tools for a transaction
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/32Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials
    • H04L9/3215Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials using a plurality of channels
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/32Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials
    • H04L9/3234Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials involving additional secure or trusted devices, e.g. TPM, smartcard, USB or software token
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L2209/00Additional information or applications relating to cryptographic mechanisms or cryptographic arrangements for secret or secure communication H04L9/00
    • H04L2209/56Financial cryptography, e.g. electronic payment or e-cash
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L2209/00Additional information or applications relating to cryptographic mechanisms or cryptographic arrangements for secret or secure communication H04L9/00
    • H04L2209/80Wireless

Definitions

  • the present invention relates to the field of financial technology, and in particular, to a mobile phone payment security control method and system.
  • Mobile payment also known as mobile payment, is a way for mobile users to use their mobile terminals (usually mobile phones) to pay for goods or services they consume.
  • mobile terminals usually mobile phones
  • domestic commercial banks have opened their own mobile banking in some areas, providing convenient personalized financial services and fast payment channels for mobile phone users.
  • the overall security status of mobile payment is not satisfactory. How to ensure the security of mobile payment has become the focus of attention of users and banks.
  • the related parties of mobile payment mainly include: acquirer system, mobile billing system, mobile banking and shopping website.
  • acquirer system refers to the settlement unit or enterprise that collects the purchase price from major banks and UnionPay systems
  • the mobile phone billing system is the mobile phone holder that supports mobile payment, and belongs to the entity of the issuer
  • mobile banking is one of the trading platforms.
  • the transaction process is as follows: (1) trading platform access authentication; (2) the merchant or website inputs a specific collection amount according to the purchased goods; (3) the customer uses the mobile phone to the trading platform Import their identity information; (4) The trading platform submits the merchant and customer information to the bank back office for corresponding settlement.
  • the security protection method for mobile payment is: The payment account is bound to the mobile phone, and the static password and the dynamic password based on the short message are used for identity authentication.
  • the existing mobile payment authentication method has the following disadvantages: When paying by mobile phone, the payment account and the mobile phone must be bound, if the mobile phone is accidentally lost, and the payment password set by the user is too
  • the embodiment of the invention provides a mobile phone payment security control method and system, which can reduce the risk of fraudulent use of the user identity, the transaction information being tombed and the account funds being stolen, and improve the security of the mobile payment.
  • the mobile phone imports user payment data, and transmits the user payment data to the security token through a voice channel.
  • the security token invokes a built-in encryption algorithm and key data, performs encryption processing on the user payment data, and returns the encrypted user payment data and corresponding digital signature information to the mobile phone.
  • the mobile phone transmits the encrypted user payment data and the corresponding digital signature information to the transaction platform.
  • the security token is a 25mm earphone plug or a 35mm earphone plug conforming to the YD/T 1538-2006 5.1.2.6 specification, and is connected to the voice interface of the mobile phone.
  • a protocol converter, a micro control unit and a memory are disposed on the security token;
  • the protocol converter is configured to perform analog-to-digital conversion on data transmitted by the mobile phone, filter out the sound signal, and transmit the signal to the micro control unit for authentication or encryption processing;
  • the protocol converter is further configured to perform digital-to-analog conversion on the authenticated or encrypted data, generate a voice signal, and transmit the voice signal to the mobile phone through the voice channel;
  • the memory includes a transaction data storage area, a program storage area, and a key storage area that can only be read and written, and is used to store transaction data, encryption algorithms, and key data, respectively.
  • the mobile payment system provided by the embodiment of the invention includes a mobile phone, a security token and an online banking server;
  • the mobile phone is used to log in to the transaction platform to establish a communication connection with the online banking server; and the mobile phone has a voice interface for accessing the security token;
  • the mobile phone is further configured to send the authentication information and the user payment data to the security token;
  • the security token stores an encryption algorithm and key data, and is used to authenticate the authentication information sent by the mobile phone, to the mobile phone Sending user payment data for encryption processing, and returning the encrypted user payment data and corresponding digital signature information to the mobile phone;
  • the mobile phone transmits the encrypted user payment data and the corresponding digital signature information to the online banking server.
  • the security token includes a headphone plug, a switch, a protocol converter, a micro control unit, a memory, and a power source;
  • the earphone plug is connected to a voice interface of the mobile phone
  • the switch is disposed at the earphone plug, and when the earphone plug is connected to the mobile phone, the switch is turned on, and the power is turned on;
  • the protocol converter is respectively connected to the earphone plug and the micro control unit for converting data and filtering out the sound signal;
  • the memory is connected to the micro control unit for storing an encryption algorithm and key data; the micro control unit receives data of the mobile phone through a voice channel, and reads an encryption algorithm and key data from the memory. And performing encryption authentication processing on the data.
  • the encryption algorithm and the key data are stored in the security token.
  • the mobile phone and the security token establish communication through the voice channel, and the mobile phone payment data needs to be authenticated and encrypted through the security token, thereby reducing the user identity.
  • the voice interface is a universal interface of the mobile phone, and the security token is connected to the mobile phone through the voice channel, which is highly versatile.
  • FIG. 3 1 is a schematic flowchart of a mobile phone payment security control method according to Embodiment 1 of the present invention
  • FIG. 2 is a schematic structural diagram of a mobile phone payment system according to Embodiment 2 of the present invention
  • FIG. 3 is a schematic structural diagram of a security token according to Embodiment 3 of the present invention.
  • FIG. 4 is a schematic diagram of an interface of a mobile phone and a security token according to Embodiment 4 of the present invention
  • FIG. 5 is a schematic diagram of a workflow of a mobile payment system according to Embodiment 5 of the present invention.
  • FIG. 1 it is a schematic flowchart of a mobile phone payment security control method according to Embodiment 1 of the present invention. The method includes the following steps:
  • the transaction platform corresponds to an online banking server; when the mobile phone logs into the trading platform, a communication connection is established with the online banking server.
  • the mobile phone imports the user payment data, and transmits the user payment data to the security token through the voice channel;
  • the security token invokes the built-in encryption algorithm and key data, encrypts the user payment data, and returns the encrypted user payment data and the corresponding digital signature information to the mobile phone;
  • the mobile phone transmits the encrypted user data and the corresponding digital signature information to the transaction platform.
  • step S1 the transaction platform and the security token use the RSA security protocol for mutual authentication, including:
  • the mobile phone login trading platform obtains the authentication information, and transmits the authentication information to the security token;
  • the authentication information includes a random number, and the random number is encrypted by the public key and then encrypted by the public key
  • the security token reads the random number from the authentication information, and calls the built-in HASH algorithm to calculate the random number, and obtains a digital summary of the random number;
  • the security token reads the ciphertext from the authentication information, and decrypts the ciphertext by using the built-in private key; compares the decrypted data with the digital digest, and if the two are the same, the transaction platform is determined to be legal; otherwise, the S16 is executed. ;
  • the security token performs HASH calculation on the random number and the authentication parameter, and then encrypts the data calculated by the HASH with the private key, and returns the encrypted data to the mobile phone, and the mobile phone transmits the data to the transaction platform;
  • the transaction platform decrypts the data returned by the security token with the public key, compares the decrypted data with the corresponding HASH information, and if the same, determines that the security token is legal; otherwise, executing S16;
  • the user payment data includes account information, password information, and transaction information.
  • the security token encrypts the user payment data using a TLS, SSL or RSA encryption algorithm.
  • the security token uses a 25mm headphone plug or a 35mm headphone plug that conforms to the YD/T 1538-2006 5.1.2.6 specification to access the voice interface of the handset.
  • a protocol converter, a micro control unit and a memory are arranged on the security token; the protocol converter is used for inputting analog-to-digital conversion of the data transmitted by the mobile phone, filtering out the sound signal, and transmitting the signal to the micro control unit for authentication or encryption processing; The converter is also used for digital-to-analog conversion of the authenticated or encrypted data to generate a voice signal, which is then transmitted to the mobile phone through the voice channel.
  • the memory includes a transaction data storage area, a program storage area, and a key storage area that can only be read and written, and is used to store transaction data, encryption algorithms, and key data, respectively.
  • the mobile phone payment security control method provided by the embodiment of the invention can be applied to a mobile phone payment system, which can reduce the risk of fraudulent use of the user identity, transaction information being tombed and account funds stolen, and improve the security of mobile payment.
  • FIG. 2 is a schematic structural diagram of a mobile payment system according to Embodiment 2 of the present invention.
  • the mobile payment security protection device provided in this embodiment includes: a mobile phone 10, a security token 20, and an online banking server 30. Among them, the mobile phone 10 is used to log in to the trading platform, and the online banking service
  • the server 30 establishes a communication connection; and the mobile phone 10 has a voice interface 11 for accessing the security token 20.
  • the mobile phone 10 is further configured to send the authentication information and the user payment data to the security token 20;
  • the security token 20 stores an encryption algorithm and key data for authenticating the authentication information sent by the mobile phone 10, encrypting the user payment data sent by the mobile phone 10, and encrypting the processed user payment data and corresponding numbers.
  • the signature information is returned to the mobile phone 10;
  • the mobile phone 10 transmits the encrypted user payment data and the corresponding digital signature information to the online banking server 30.
  • the security token 20 includes a headphone plug 21, a switch 22, a protocol converter 23, a micro control unit 24, a memory 25, and a power source 26;
  • the earphone plug 21 is connected with the voice interface 11 of the mobile phone 10 to establish a voice channel;
  • the power source 26 uses a +5V button electronic battery
  • the switch 22 is disposed at the earphone plug 21, and when the earphone plug 21 is connected to the mobile phone 10, the switch 22 is turned on, and the power is turned on;
  • the protocol converter 23 is respectively connected to the earphone plug 21 and the micro control unit 24 for converting data and filtering out the sound signal;
  • the memory 25 is connected to the micro control unit 24 for storing the encryption algorithm and the key data.
  • the micro control unit 24 receives the data of the mobile phone through the voice channel, and reads the encryption algorithm and the key data from the memory 25 to encrypt and authenticate the data. deal with.
  • the memory 25 of the security token is a flash memory, including a transaction data storage area, a program storage area, and a key storage area that can only be read and written.
  • the transaction data storage area is used for storing transaction data of the mobile phone payment;
  • the program storage area is used for storing the processing procedure of the bank authentication protocol (ie, the encryption algorithm);
  • the key storage area is for storing the key data.
  • FIG. 3 is a schematic structural diagram of a security token according to Embodiment 3 of the present invention.
  • the earphone plug 21 of the security token 20 includes a data input terminal I and a data output terminal 0;
  • the protocol converter 23 includes an analog to digital converter and a digital to analog converter.
  • the data input terminal I is connected to the analog to digital converter, and the data output terminal 0 is connected to the digital to analog converter.
  • the voice interface of the mobile phone is a 25mm headphone channel interface or a 35mm headphone channel interface conforming to the YD/T 1538-2006 5.1.2.6 specification.
  • FIG. 4 is a schematic diagram of an interface between a mobile phone and a security token according to Embodiment 4 of the present invention.
  • the voice interface 11 of the mobile phone includes a left channel 1, a right channel 2, a GND return line 3, a receiver MIC port 4, and a receiver MIC port 5.
  • the voice interface 11 of the mobile phone is connected to the earphone plug 21 of the security token, the left channel 1 and the right channel 2 are both connected to the data input terminal I of the security token; the MIC port 4 of the receiver and the MIC port 5 of the receiver are both secure.
  • the data output 0 of the token is connected.
  • the security token supports hot plugging technology.
  • the switch is turned on, the system starts to supply power, all devices start to work, the micro control unit MCU loads the program from the flash memory, and reads the key data. .
  • the data that needs to be authenticated and encrypted is transmitted to the security token.
  • the security token receives the authentication information data transmitted from the headphone channel, the analog-to-digital converter converts and filters the data to shield the sound data.
  • the carrier frequency of the authentication information data is much higher than the sound frequency, so the filtering technique can be used to filter out the sound.
  • the MCU of the security token encrypts the received data information, and authenticates the data according to the key in the FLASH memory. If the authentication passes, the encrypted digital signature information is returned, and the related transaction information is stored in the flash. In memory.
  • the MCU of the security token transmits the encrypted and processed data to the digital-to-analog converter, converts it into a voice signal, and sends it to the mobile phone through the voice channel, and then sends it to the mobile banking server for authentication.
  • FIG. 5 is a schematic diagram showing the workflow of a mobile payment system according to Embodiment 5 of the present invention.
  • the workflow of the mobile payment system is as follows:
  • the mobile phone login trading platform establishes a communication connection with the online banking server;
  • the mobile phone obtains a security certificate of the trading platform
  • the security token authenticates the security certificate according to the built-in encryption algorithm and key data; this step is a two-way authentication process of the security token and the transaction platform;
  • 5105 Determine whether the two-way authentication is passed; if yes, execute S106; otherwise, execute S108; S106, start a secure transaction platform;
  • the secure trading platform requires a security token to authenticate and encrypt mobile payment related data to improve mobile payment security
  • the mobile phone imports user payment data, and transmits the user payment data to a security token
  • the general trading platform refers to the mobile payment transaction according to the traditional method, and does not require a security token to authenticate and encrypt the data;
  • the security token invokes the built-in encryption algorithm and key data, encrypts the user payment data, and returns the encrypted user payment data and the corresponding digital signature information to the mobile phone;
  • the mobile phone submits the encrypted user data and the corresponding digital signature information to the online banking server;
  • the online banking server feeds back the transaction result to the mobile phone.
  • the mobile phone payment security control method and system provided by the embodiments of the present invention store the encryption algorithm and the key data in the security token.
  • the mobile phone and the security token establish communication through the voice channel, and need to pass the security token pair.
  • Mobile payment data is authenticated and encrypted, thereby reducing
  • the low user identity is fraudulently used, the transaction information is being altered by the tomb and the account funds are stolen.
  • the voice interface is a universal interface of the mobile phone, and the security token is connected to the mobile phone through the voice channel, which is highly versatile.

Abstract

L'invention concerne un procédé et un système de contrôle de sécurité de paiement par téléphone mobile. Le procédé consiste à : se connecter sur une plateforme de transaction par l'intermédiaire d'un téléphone mobile et accéder à un jeton de sécurité par l'intermédiaire du canal vocal du téléphone mobile; réaliser, par la plateforme de transaction et le jeton de sécurité, une authentification bidirectionnelle; après que l'authentification bidirectionnelle est réussie, importer, par le téléphone mobile, des données de paiement d'utilisateur, et transmettre, par le téléphone mobile, les données de paiement d'utilisateur au jeton de sécurité par l'intermédiaire du canal vocal; invoquer, par le jeton de sécurité, un algorithme de chiffrement et des données de clé incorporées dans celui-ci, chiffrer, par le jeton de sécurité, les données de paiement d'utilisateur, et renvoyer, par le jeton de sécurité, au téléphone mobile les données de paiement d'utilisateur chiffrées et les informations de signature numérique correspondantes; et transmettre, par le téléphone mobile, à la plateforme de transaction les données de paiement d'utilisateur chiffrées et les informations de signature numérique correspondantes. L'application des modes de réalisation de la présente invention peut réduire les risques que l'identité d'utilisateur soit contrefaite, que les informations de transaction soient falsifiées et que les fonds de compte soient volés, améliorant la sécurité de paiement par téléphone mobile.
PCT/CN2012/078151 2011-08-17 2012-07-04 Procédé et système de contrôle de sécurité de paiement par téléphone mobile WO2013023499A1 (fr)

Applications Claiming Priority (2)

Application Number Priority Date Filing Date Title
CN201110235656.8 2011-08-17
CN2011102356568A CN102254264A (zh) 2011-08-17 2011-08-17 手机支付安全控制方法及系统

Publications (1)

Publication Number Publication Date
WO2013023499A1 true WO2013023499A1 (fr) 2013-02-21

Family

ID=44981509

Family Applications (1)

Application Number Title Priority Date Filing Date
PCT/CN2012/078151 WO2013023499A1 (fr) 2011-08-17 2012-07-04 Procédé et système de contrôle de sécurité de paiement par téléphone mobile

Country Status (2)

Country Link
CN (1) CN102254264A (fr)
WO (1) WO2013023499A1 (fr)

Cited By (5)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN109981654A (zh) * 2019-03-28 2019-07-05 安信数字(广州)科技有限公司 数字身份生成方法及装置
US10990957B2 (en) 2017-01-03 2021-04-27 Advanced New Technologies Co., Ltd. Scan and pay method and device utilized in mobile apparatus
US11127009B2 (en) 2015-04-07 2021-09-21 Omnyway, Inc. Methods and systems for using a mobile device to effect a secure electronic transaction
US11250414B2 (en) 2019-08-02 2022-02-15 Omnyway, Inc. Cloud based system for engaging shoppers at or near physical stores
US11468432B2 (en) 2019-08-09 2022-10-11 Omnyway, Inc. Virtual-to-physical secure remote payment to a physical location

Families Citing this family (19)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN102254264A (zh) * 2011-08-17 2011-11-23 广州广电运通金融电子股份有限公司 手机支付安全控制方法及系统
CN102685704B (zh) * 2012-05-16 2015-06-03 北京钱袋宝支付技术有限公司 手机交易方法及系统
US8639619B1 (en) 2012-07-13 2014-01-28 Scvngr, Inc. Secure payment method and system
HUP1200524A2 (hu) * 2012-09-12 2014-05-28 Cellum Global Innovacios Es Szolgaltato Zrt Mobil fizetõeszköz alkalmazói rendszer, valamint eljárás mobil fizetõeszköz létrehozására és használatára
CN103731266B (zh) * 2012-10-12 2017-05-10 北京微智全景信息技术有限公司 一种用于对电子凭证进行认证的方法及系统
CN103237306A (zh) * 2013-04-02 2013-08-07 程雪莲 一种手机身份认证终端的Usbkey及应用
CN103281186B (zh) * 2013-05-08 2016-02-03 上海众人网络安全技术有限公司 一种基于android系统的动态令牌、交易系统及方法
CN103338119B (zh) * 2013-06-08 2014-12-31 腾讯科技(深圳)有限公司 语音通道分配方法和语音系统
US8770478B2 (en) 2013-07-11 2014-07-08 Scvngr, Inc. Payment processing with automatic no-touch mode selection
CN103455914A (zh) * 2013-08-30 2013-12-18 深圳数字电视国家工程实验室股份有限公司 一种安全认证方法及应用其的遥控器、电视支付系统
CN103839157A (zh) * 2014-02-25 2014-06-04 中国联合网络通信集团有限公司 一种电子支付方法、装置及系统
CN104166918B (zh) * 2014-08-20 2017-08-25 齐鲁工业大学 基于音频按键的安全支付方法
CN104200366A (zh) * 2014-09-15 2014-12-10 长沙市梦马软件有限公司 一种语音支付认证方法及系统
CN104702411B (zh) * 2015-03-14 2017-12-29 丁贤根 兼具移动支付安全认证和手机丢失报警的令牌设计方法
CN104702412B (zh) * 2015-03-14 2018-02-02 丁贤根 移动支付手机外置ai安全认证系统及其实现方法
CN105050081B (zh) * 2015-08-19 2017-03-22 腾讯科技(深圳)有限公司 网络接入设备接入无线网络接入点的方法、装置和系统
AU2017207312A1 (en) * 2016-01-11 2018-07-19 Mastercard International Incorporated Generating and sending encrypted payment data messages between computing devices to effect a transfer of funds
AU2017332645B2 (en) * 2016-09-23 2019-12-19 Apple Inc. Managing credentials of multiple users on an electronic device
CN107274173A (zh) * 2017-05-11 2017-10-20 吴世贵 一种声波支付方法

Citations (4)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN101841417A (zh) * 2010-03-12 2010-09-22 李勇 一种支持短距离无线通信技术的电子签名装置和应用该装置保证电子交易安全的方法
CN201846343U (zh) * 2010-09-25 2011-05-25 北京天地融科技有限公司 以语音方式与手机通信的电子签名工具
CN102254264A (zh) * 2011-08-17 2011-11-23 广州广电运通金融电子股份有限公司 手机支付安全控制方法及系统
CN202221590U (zh) * 2011-08-17 2012-05-16 广州广电运通金融电子股份有限公司 手机支付安全保护装置

Family Cites Families (3)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN101236496A (zh) * 2007-01-29 2008-08-06 展讯通信(上海)有限公司 一种软件一致性检测方法和装置
CN102004977A (zh) * 2009-09-02 2011-04-06 深圳市证通电子股份有限公司 网络安全支付方法及系统
CN102118251B (zh) * 2011-01-24 2013-01-02 郑州信大捷安信息技术股份有限公司 基于多界面安全智能卡的网上银行远程支付的安全认证方法

Patent Citations (4)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN101841417A (zh) * 2010-03-12 2010-09-22 李勇 一种支持短距离无线通信技术的电子签名装置和应用该装置保证电子交易安全的方法
CN201846343U (zh) * 2010-09-25 2011-05-25 北京天地融科技有限公司 以语音方式与手机通信的电子签名工具
CN102254264A (zh) * 2011-08-17 2011-11-23 广州广电运通金融电子股份有限公司 手机支付安全控制方法及系统
CN202221590U (zh) * 2011-08-17 2012-05-16 广州广电运通金融电子股份有限公司 手机支付安全保护装置

Cited By (5)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US11127009B2 (en) 2015-04-07 2021-09-21 Omnyway, Inc. Methods and systems for using a mobile device to effect a secure electronic transaction
US10990957B2 (en) 2017-01-03 2021-04-27 Advanced New Technologies Co., Ltd. Scan and pay method and device utilized in mobile apparatus
CN109981654A (zh) * 2019-03-28 2019-07-05 安信数字(广州)科技有限公司 数字身份生成方法及装置
US11250414B2 (en) 2019-08-02 2022-02-15 Omnyway, Inc. Cloud based system for engaging shoppers at or near physical stores
US11468432B2 (en) 2019-08-09 2022-10-11 Omnyway, Inc. Virtual-to-physical secure remote payment to a physical location

Also Published As

Publication number Publication date
CN102254264A (zh) 2011-11-23

Similar Documents

Publication Publication Date Title
WO2013023499A1 (fr) Procédé et système de contrôle de sécurité de paiement par téléphone mobile
EP2859488B1 (fr) Association 2chk déclenchée par entreprise
CN101916388B (zh) 智能sd卡及利用该智能sd进行移动支付的方法
CA2875563C (fr) Securite d'authentification 2chk amelioree comportant des transactions d'interrogation
CN201600745U (zh) 一种电子支付终端及具有该电子支付终端的服务设备
WO2015161699A1 (fr) Procédé et système d'interaction de données sécurisés
US20110103586A1 (en) System, Method and Device To Authenticate Relationships By Electronic Means
CN106027501B (zh) 一种在移动设备中进行交易安全认证的系统和方法
WO2015085809A1 (fr) Système de sécurité de paiement mobile à réseau privé de transmission de données sans fil physiquement isolé d'internet
CN101216923A (zh) 提高网上银行交易数据安全性的系统及方法
CN101770619A (zh) 一种用于网上支付的多因子认证方法和认证系统
CN102195932A (zh) 一种基于两个隔离设备实现网络身份认证的方法和系统
WO2009094949A1 (fr) Procédé et système fiables de téléservices
CN101916476A (zh) 一种基于sd加密卡与近距离无线通信技术相结合的移动数据传输方法
CN101304569A (zh) 一种基于智能手机的移动认证系统
CN203278851U (zh) 一种带有无线通信功能的加密认证设备
WO2011140710A1 (fr) Procédé et plate-forme de service permettant de mettre en œuvre un transfert de fonds à l'aide d'un terminal mobile
CN103051640A (zh) 一种基于蓝牙的网银安全设备及其数据通讯方法
CN202221590U (zh) 手机支付安全保护装置
TWI753102B (zh) 實名認證服務系統及實名認證服務方法
CN204741571U (zh) 一种用于移动终端的安全认证装置、系统及可穿戴设备
WO2011060739A1 (fr) Système et procédé de sécurité
CN104318432A (zh) 一种交易信息传输方法及系统和移动终端
WO2015110045A1 (fr) Dispositif, procédé et système destinés à cacher des données d'identification d'utilisateur
KR20040031434A (ko) 모바일 디바이스를 이용한 실시간 계좌 정보 수신 시스템및 그 서비스 방법

Legal Events

Date Code Title Description
121 Ep: the epo has been informed by wipo that ep was designated in this application

Ref document number: 12823294

Country of ref document: EP

Kind code of ref document: A1

NENP Non-entry into the national phase

Ref country code: DE

122 Ep: pct application non-entry in european phase

Ref document number: 12823294

Country of ref document: EP

Kind code of ref document: A1