WO2014101078A1 - Procédé de paiement, passerelle de paiement et client de paiement - Google Patents

Procédé de paiement, passerelle de paiement et client de paiement Download PDF

Info

Publication number
WO2014101078A1
WO2014101078A1 PCT/CN2012/087775 CN2012087775W WO2014101078A1 WO 2014101078 A1 WO2014101078 A1 WO 2014101078A1 CN 2012087775 W CN2012087775 W CN 2012087775W WO 2014101078 A1 WO2014101078 A1 WO 2014101078A1
Authority
WO
WIPO (PCT)
Prior art keywords
payment
information
authentication
request
gateway
Prior art date
Application number
PCT/CN2012/087775
Other languages
English (en)
Chinese (zh)
Inventor
陈爱平
张战兵
Original Assignee
华为技术有限公司
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by 华为技术有限公司 filed Critical 华为技术有限公司
Priority to PCT/CN2012/087775 priority Critical patent/WO2014101078A1/fr
Priority to CN2012800030415A priority patent/CN103392186A/zh
Publication of WO2014101078A1 publication Critical patent/WO2014101078A1/fr

Links

Classifications

    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/04Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks
    • H04L63/0428Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks wherein the data content is protected, e.g. by encrypting or encapsulating the payload
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06QINFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES, NOT OTHERWISE PROVIDED FOR
    • G06Q20/00Payment architectures, schemes or protocols
    • G06Q20/02Payment architectures, schemes or protocols involving a neutral party, e.g. certification authority, notary or trusted third party [TTP]
    • G06Q20/027Payment architectures, schemes or protocols involving a neutral party, e.g. certification authority, notary or trusted third party [TTP] involving a payment switch or gateway
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06QINFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES, NOT OTHERWISE PROVIDED FOR
    • G06Q20/00Payment architectures, schemes or protocols
    • G06Q20/30Payment architectures, schemes or protocols characterised by the use of specific devices or networks
    • G06Q20/32Payment architectures, schemes or protocols characterised by the use of specific devices or networks using wireless devices
    • G06Q20/325Payment architectures, schemes or protocols characterised by the use of specific devices or networks using wireless devices using wireless networks
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06QINFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES, NOT OTHERWISE PROVIDED FOR
    • G06Q20/00Payment architectures, schemes or protocols
    • G06Q20/38Payment protocols; Details thereof
    • G06Q20/382Payment protocols; Details thereof insuring higher security of transaction
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06QINFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES, NOT OTHERWISE PROVIDED FOR
    • G06Q20/00Payment architectures, schemes or protocols
    • G06Q20/38Payment protocols; Details thereof
    • G06Q20/42Confirmation, e.g. check or permission by the legal debtor of payment
    • G06Q20/425Confirmation, e.g. check or permission by the legal debtor of payment using two different networks, one for transaction and one for security confirmation
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/08Network architectures or network communication protocols for network security for authentication of entities

Definitions

  • the present invention relates to the field of mobile internet, and in particular, to a payment method, a payment gateway, and a payment client. Background technique
  • Mobile payment can be used by various mobile terminals (such as smart phones, tablets, etc.).
  • the terminal that is carried with you) makes payment, and the convenience of payment becomes a new wave.
  • security risks are still the main reason why mobile payment has not been widely used.
  • There are many security risks in the process of using mobile payment and the proportion of the account password stolen caused by Trojan or phishing website is relatively high.
  • the payment method of the prior art one is to integrate the secure payment module into the mobile browser through cooperation with the mobile browser provider by the third party payment institution.
  • the mobile browser invokes an integrated secure payment module to implement the payment.
  • This payment method is only applicable to a specific mobile browser integrated with a secure payment module.
  • the current number of mobile browsers is large and the update is faster, so this method will affect the efficiency of the user's instant payment, and has no universal applicability.
  • the secure payment module is bound to the mobile browser.
  • the secure payment module is upgraded, the mobile browser must also be upgraded to make the payment; and the payment method does not support the hardware medium type authentication method, such as U. Shield, etc., so there is still a certain security risk.
  • the prior art 2 provides a method for mobile online payment, in which the online shopping mobile application (such as a mobile client of an electronic shopping mall), a payment client, and the like are involved.
  • the online shopping mobile application such as a mobile client of an electronic shopping mall
  • a payment client such as a mobile client of an electronic shopping mall
  • payment is implemented by calling a mobile shopping application, an online shopping mobile application server, a payment server, and a payment client in a mobile operating system (OS) in the mobile terminal.
  • OS mobile operating system
  • There is a security risk when transmitting payment information between processes which may be stolen from the content and information of the user's transaction, or even use the content and information to steal the identity of the user for shopping or directly steal the user's funds.
  • the embodiment of the invention provides a payment method, a payment gateway and a payment client, which can improve the security of mobile secure payment and avoid the security risk of interception, eavesdropping and tampering of payment information.
  • a first aspect of the present invention provides a payment method, which may include:
  • the payment gateway receives a payment request including user identity information and payment information
  • Decrypting the payment request extracting the user identity information and payment information
  • the payment result is obtained and the payment result is returned to the payment request originator.
  • the payment channel is a channel for transmitting information between the payment gateway and the payment client, and the payment channel remains in a connected state.
  • the user identity information may include a mobile phone number, a bank card number, a user name, an ID card number, and a mailbox. At least one of the addresses, the payment information includes payment server information and payment amount information.
  • the sending the payment request to the payment client by using the payment channel for authentication may include
  • the payment request is subjected to at least one of the following authentication methods: password authentication, software media certificate authentication, hardware media certificate authentication, and fingerprint authentication.
  • the payment gateway and the payment client, the payment server, and The payment request originators communicate through an encrypted tunnel.
  • the method may further include:
  • a message to continue to wait for a response is returned to the originator of the payment request.
  • the obtaining the payment result may be in any of the following manners obtain:
  • the payment client returns a payment result to the payment gateway;
  • the payment server returns a payment result to the payment gateway.
  • the second aspect of the embodiment of the present invention provides a mobile payment method, which may include:
  • the payment request is authenticated according to the authentication method, and the authentication result is returned to the payment gateway.
  • the authentication manner may include at least one of the following authentication modes: password authentication, software medium certificate authentication, hardware media certificate authentication, and fingerprint authentication.
  • the user identity information may include a mobile phone number, a bank card number, a user name, an ID card number, and a mailbox. At least one of the addresses, the payment information includes payment server information and payment amount information.
  • a third aspect of the embodiments of the present invention provides a payment gateway, which may include:
  • a transceiver unit configured to receive a payment request including user identity information and payment information; send the payment request to a payment client for authentication through a payment channel; receive a payment request that is sent by the payment client, and And the payment request is forwarded to the payment server; the payment result is obtained, and the payment result is returned to the payment request initiator; the decryption unit is configured to decrypt the payment request, and extract the user identity information and the payment information;
  • a searching unit configured to find, in the payment channel list, a payment channel corresponding to the user identity information according to the user identity information.
  • the payment channel is a channel for transmitting information between the payment gateway and the payment client, and the payment channel remains in a connected state.
  • the user identity information may include a mobile phone number, a bank card number, a user name, an ID card number, and a mailbox.
  • the payment information may include payment server information and payment amount information.
  • the payment gateway, the payment client, the payment server, and the The payment request originator communicates through an encrypted tunnel.
  • the message waiting for a response continues.
  • a fourth aspect of the embodiments of the present invention provides a payment client, which may include:
  • a receiving unit configured to receive a payment request that is sent by the payment gateway and includes the user identity information and the payment information
  • a registration unit configured to send an authentication request to the payment server to obtain an authentication method
  • an authentication unit configured to authenticate the payment request according to the authentication manner, and return the authentication result to the payment gateway.
  • the user identity information may include at least one of a mobile phone number, a bank card number, a user name, an identity card number, and an email address
  • the payment information may include payment server information and payment.
  • Amount information; the authentication method may include at least one of the following authentication methods: password authentication, software media certificate authentication, hardware media certificate authentication, and fingerprint authentication.
  • the receiving unit is further configured to block an interface between a service application on the mobile terminal and a mobile terminal's own operating system
  • the payment client may further include:
  • a fifth aspect of the embodiments of the present invention provides a payment gateway, which may include:
  • the memory is configured to store a program executed by the processor
  • the processor is configured to perform the following steps:
  • Decrypting the payment request extracting the user identity information and payment information
  • the payment result is obtained and the payment result is returned to the payment request originator.
  • the user identity information may include at least one of a mobile phone number, a bank card number, a user name, an identity card number, and an email address
  • the payment information may include payment server information and payment.
  • Amount information the payment gateway communicates with the payment client, the payment server, and the payment request initiator through an encrypted tunnel; the payment gateway is further configured to return to the originator of the payment request A message waiting for a response.
  • Banks or third-party payment agencies do not need to cooperate with browser vendors, do not need to integrate security controls into standard browsers, and do not need to modify existing browsers or online shopping mobile applications to achieve secure payment for mobile online shopping, and improve secure payment. Universality; and there is no call between applications in the payment process, which avoids the security risk of interception, eavesdropping and tampering of payment information.
  • FIG. 1 is a schematic flowchart of a first embodiment of a payment method according to the present invention
  • FIG. 2 is a schematic flowchart of a second embodiment of a payment method according to the present invention.
  • FIG. 3 is a schematic structural diagram of a first embodiment of a payment gateway according to the present invention.
  • FIG. 4 is a schematic structural diagram of a second embodiment of a payment gateway according to the present invention.
  • FIG. 5 is a schematic structural diagram of a first embodiment of a payment client according to the present invention.
  • FIG. 6 is a schematic structural diagram of a second embodiment of a payment client according to the present invention.
  • FIG. 7 is a flow chart of the payment gateway and the payment client cooperate with the mobile payment according to the present invention. detailed description
  • FIG. 1 is a schematic flowchart of a mobile payment method according to an embodiment of the present invention.
  • the mobile payment method includes the following steps:
  • the payment gateway receives a payment request including user identity information and payment information.
  • the online shopping application or mobile browser ie, the payment request originator
  • the payment request originator When a user makes an online payment or an online transfer, he or she needs to input his/her own user identity information and payment information, and the online shopping application or mobile browser (ie, the payment request originator) will send a payment request containing the user identity information and payment information to the office.
  • the payment gateway When a user makes an online payment or an online transfer, he or she needs to input his/her own user identity information and payment information, and the online shopping application or mobile browser (ie, the payment request originator) will send a payment request containing the user identity information and payment information to the office.
  • the payment gateway When a user makes an online payment or an online transfer, he or she needs to input his/her own user identity information and payment information, and the online shopping application or mobile browser (ie, the payment request originator) will send a payment request containing the user identity information and payment information to the office.
  • the payment gateway When a user makes an online payment or an online transfer
  • the payment request is in accordance with a Security Socket Layer (SSL) protocol
  • the user identity information may be a user's mobile phone number, a bank card number, a user name, an ID card number, an email address, etc., which may be used to confirm the user.
  • the information of the identity, the payment information may include information related to the payment, such as payment server information, payment amount information, and the like.
  • the payment server information may be information of a bank to which the payment server belongs or a third-party payment institution to which the payment server belongs, and the payment amount information may be information such as the amount or currency of the payment amount.
  • the payment gateway decrypts the payment request, and when extracting the user identity information, one or more of the user identity information may be extracted to ensure that the identity of the user can be confirmed by the user identity information.
  • the payment channel is a channel for transmitting information between the payment gateway and the payment client.
  • a payment gateway can establish a payment channel with multiple payment clients, and the payment channel list records the correspondence between the payment channel and the payment client.
  • the payment client can be installed on a mobile terminal such as a smart phone or a tablet computer, and the payment client establishes a Transmission Control Protocol (TCP) connection and negotiates an SSL tunnel with the payment gateway, and based on the mobile terminal information and the user.
  • TCP Transmission Control Protocol
  • the identity information applies for registration with the payment gateway. After the registration is successful, the payment client maintains the TCP connection with the payment gateway. In case of network anomaly, you can reconnect automatically.
  • the payment gateway maintains a TCP connection with the payment client, and can query the TCP connection according to the user identity information at any time, and can also actively send a message to the payment client to implement message push.
  • the payment channel can remain connected. Maintaining the connection state of the payment channel does not occupy a large amount of communication resources, can quickly respond to the user's payment request, and can also bring a large user Convenience. For example, nowadays, the popular snapping or robbing activity, if the payment channel is in the connected state, can save the user time for payment, and is easy to snap up. Therefore, in the case where the resources of both parties allow, the payment channel can be kept in a connected state.
  • the browser returns a message that continues to wait for a response, maintaining the current connection and preventing the payment from failing.
  • Authenticating the payment request includes performing password authentication, software media certificate authentication, hardware media certificate authentication, or fingerprint authentication on the payment request.
  • the payment authentication method is password authentication
  • the user is prompted to enter the correct password to pass the authentication.
  • the embodiments of the present invention can simultaneously support multiple payment authentication modes, and particularly support hardware media certificate authentication, thereby improving payment security.
  • the obtained payment result is obtained by any of the following methods:
  • the payment gateway communicates with the payment client, the payment server, and the payment request originator through an encrypted tunnel.
  • the payment client or the payment server notifies the payment gateway that the payment is completed by out-of-band signaling.
  • the payment gateway then returns the response message containing the final payment result to the mobile browser or online shopping application.
  • the mobile browser or online shopping application can present the payment result to the user, indicating that the payment is over.
  • the mobile browser or network card shopping application can also jump to the shopping address to allow the user to continue browsing.
  • the payment gateway may also return a response message of the payment failure to the mobile browser or the online shopping application, and the mobile browser or the online shopping application prompts the user to re-pay or Abandon payment and other operations.
  • a mobile payment method is provided, and a bank or a third party payment institution does not need Integrating payment security controls into mobile browsers, without the need to modify existing mobile browsers or online shopping mobile applications, can achieve secure payment for mobile online shopping, and improve the versatility of secure payment.
  • Payment is implemented through the payment gateway during the payment process, without the need to communicate and invoke information in different applications, avoiding the risk of interception, eavesdropping and tampering of payment information.
  • the payment gateway may be prompted to register and establish a payment channel. If the payment client is not installed in the mobile terminal of the user, the payment gateway may notify the third-party payment institution to push the payment client to the user's mobile terminal, and the user installs and registers. If the user is not willing to install the client, the payment can be made by using the existing payment method, which is not described in detail in the embodiment of the present invention.
  • FIG. 2 is a schematic flowchart of a second embodiment of a payment method according to the present invention.
  • the method includes the following steps:
  • the user identity information includes at least one of a mobile phone number, a bank card number, a user name, an ID number, and an email address, and the payment information includes payment server information and payment amount information.
  • the authentication mode includes at least one of the following authentication methods: password authentication, software media certificate authentication, hardware media certificate authentication, and fingerprint authentication.
  • S203 Perform the authentication request according to the authentication manner, and return the authentication result to the payment gateway.
  • the payment gateway includes: a transceiver unit 100, a decryption unit 200, and a search unit 300.
  • the transceiver unit 100 is configured to receive a payment request including user identity information and payment information, send the payment request to a payment client for authentication by using a payment channel, and receive a payment request that is sent by the payment client, and Forwarding the authenticated payment request to the payment server; obtaining the payment result, and returning the payment result to the payment request initiator;
  • the decryption unit 200 is configured to decrypt the payment request, and extract the user identity information and payment information;
  • the searching unit 300 is configured to find, in the payment channel list, according to the user identity information.
  • the payment channel is a channel for transmitting information between the payment gateway and the payment client, and the payment channel remains in a connected state.
  • the user identity information includes at least one of a mobile phone number, a bank card number, a user name, an identity card number, and a mailbox address
  • the payment information includes information such as payment server information and payment amount information.
  • the payment gateway communicates with the payment client, the payment server, and the payment request originator through a force tunnel.
  • the transceiver unit 100 is further configured to return a message of continuing to wait for a response to the initiator of the payment request.
  • the authenticating the payment request includes performing at least one of the following authentication methods on the payment request: password authentication, software media certificate authentication, hardware media certificate authentication, and fingerprint authentication.
  • the payment gateway includes:
  • processor 400 and a memory 500 cooperating with the processor 400; wherein the memory
  • 500 is configured to store a program executed by the processor 400
  • the processor 400 is configured to perform the following steps:
  • Decrypting the payment request extracting the user identity information and payment information
  • the payment result is obtained and the payment result is returned to the payment request originator.
  • the user identity information includes at least one of a mobile phone number, a bank card number, a user name, an identity card number, and an email address
  • the payment information includes payment server information and payment amount information
  • the payment client, the payment server, and the payment request initiator communicate through an encrypted tunnel; the payment gateway is further configured to return a message to the initiator of the payment request to continue to wait for a response.
  • FIG. 5 it is a schematic diagram of a composition of a first embodiment of a payment client according to the present invention.
  • the payment client includes:
  • the receiving unit 600 the registration unit 700, and the authentication unit 800.
  • the receiving unit 600 is configured to receive a payment request that is sent by the payment gateway and includes the user identity information and the payment information.
  • the registration unit 700 is configured to send an authentication request to the payment server to obtain an authentication mode.
  • the authentication unit 800 is configured to authenticate the payment request according to the authentication manner, and return the authentication result to the payment gateway.
  • the user identity information includes at least one of a mobile phone number, a bank card number, a user name, an identity card number, and an email address
  • the payment information includes payment server information and payment amount information
  • the authentication manner includes the following: At least one authentication method: password authentication, software media certificate authentication, hardware media certificate authentication, and fingerprint authentication.
  • FIG. 6 is a schematic diagram of a composition of a second embodiment of a payment client according to the present invention.
  • the payment client includes:
  • the receiving unit 600 is further configured to shield an interface between the service application on the mobile terminal and the operating system of the mobile terminal, thereby implementing the possibility that the payment client supports multiple mobile terminal operating systems across platforms. .
  • the display unit 300 is configured to customize a payment interface; meet the personality requirements of a third-party payment institution and a user.
  • the browser kernel unit 400 is for publishing a web application.
  • the payment client includes a browser kernel unit 300, so the payment client can be regarded as a special browser, and the browser can carry a web application, and can quickly publish a web application of a third-party payment institution. Improve the user's payment experience.
  • FIG. 7 is a flowchart of the payment gateway and the payment client in the present invention complete the mobile payment.
  • the mobile shopping payment is taken as an example for the online shopping application, the electronic shopping mall server, the payment gateway, the payment server, and the payment client.
  • the action of moving your browser is similar to the operation of the online shopping app.
  • the user downloads and installs the payment client from the third party payment institution, such as a bank or a third party payment provider, to the mobile terminal, completes the registration, and establishes a payment channel with the payment gateway.
  • the third party payment institution such as a bank or a third party payment provider
  • TCP Transmission Control Protocol
  • SSL tunnel is negotiated
  • the registration is completed to the payment gateway based on the mobile terminal and the user identity information.
  • the TCP connection i.e., payment channel
  • the payment gateway maintains a payment channel with the payment client, so that the delivery channel can be queried according to the user identity information at any time, and the message is actively sent to the payment client.
  • the user uses the mobile terminal to access the shopping website through the online shopping application for shopping, that is, accessing the electronic mall.
  • the online shopping application sends a payment request including the user identity information and the payment information to the payment gateway.
  • the payment gateway decrypts the payment request, and extracts the user identity information and the payment information.
  • the payment gateway finds a payment channel corresponding to the user identity information in the payment channel list according to the user identity information, and sends the payment request to the payment client through the payment channel.
  • the payment gateway returns a message to continue to wait for the online shopping application to maintain an online shopping link.
  • the payment client sends an authentication request to the payment gateway to authenticate the payment request.
  • the payment gateway returns a payment authentication method to the payment client.
  • the payment client completes the payment authentication with the payment server in the payment channel according to the payment authentication method such as inputting a password or relying on other software and hardware media certificate authentication.
  • the payment client sends a payment request to the payment gateway.
  • the payment gateway forwards the payment request to the payment server.
  • the payment server performs payment according to the payment request, and notifies the payment gateway that the payment is completed.
  • the payment gateway returns a response message including the final payment result to the online shopping application.
  • the online shopping application presents the payment result to the user's mobile terminal, indicating that the payment is over.
  • the present invention has the following advantages:
  • the payment gateway completes the communication between the payment client and the payment server, and does not need to integrate the security control to the standard browser, and can realize mobile online shopping without modifying the existing browser or the online shopping mobile application.
  • the secure payment increases the versatility of the secure payment; and there is no call between the mobile terminal side application and the information in the payment process, which avoids the security risk of the interception, eavesdropping and tampering of the payment information;
  • the user's payment experience saves the user time for payment; the payment client can perform various software and hardware media certificate authentication to ensure the security of payment.
  • the transceiver unit of the payment client can block the interface between the business application on the mobile terminal and the operating system of the mobile terminal itself.
  • the payment client comprises a display unit, a customizable payment interface, and the third party payment institution and the user's individual needs;
  • the browser kernel unit It can host web applications, quickly publish web applications from third-party payment institutions, and enhance the user's payment experience.
  • the storage medium may be a magnetic disk, an optical disk, a read-only memory (ROM), or a random access memory (Random Access Memory).

Landscapes

  • Engineering & Computer Science (AREA)
  • Business, Economics & Management (AREA)
  • Computer Security & Cryptography (AREA)
  • Accounting & Taxation (AREA)
  • Strategic Management (AREA)
  • Physics & Mathematics (AREA)
  • General Business, Economics & Management (AREA)
  • General Physics & Mathematics (AREA)
  • Theoretical Computer Science (AREA)
  • Computer Networks & Wireless Communication (AREA)
  • Finance (AREA)
  • Computer Hardware Design (AREA)
  • Computing Systems (AREA)
  • General Engineering & Computer Science (AREA)
  • Signal Processing (AREA)
  • Financial Or Insurance-Related Operations Such As Payment And Settlement (AREA)

Abstract

Les modes de réalisation de la présente invention concernent un procédé de paiement comprenant : la réception, par une passerelle de paiement, d'une demande de paiement contenant des informations d'identité d'utilisateur et des informations de paiement ; le déchiffrement de la demande de paiement et l'extraction des informations d'identité d'utilisateur et des informations de paiement ; sur la base des informations d'identité d'utilisateur, la recherche d'un tunnel de paiement correspondant aux informations d'identité d'utilisateur, dans une liste de tunnels de paiement ; la transmission de la demande de paiement à un client de paiement pour authentification via le tunnel de paiement ; la réception de la demande de paiement authentifiée, transmise par le client de paiement, et son transfert à un serveur de paiement ; enfin, l'obtention d'un résultat de paiement et son retour à un initiateur de la demande de paiement. Les modes de réalisation de la présente invention concernent également une passerelle de paiement et un client de paiement. Les modes de réalisation de la présente invention améliorent l'universalité de paiements sécurisés, et évitent que des informations de paiement soient interceptées, écoutées et piratées.
PCT/CN2012/087775 2012-12-28 2012-12-28 Procédé de paiement, passerelle de paiement et client de paiement WO2014101078A1 (fr)

Priority Applications (2)

Application Number Priority Date Filing Date Title
PCT/CN2012/087775 WO2014101078A1 (fr) 2012-12-28 2012-12-28 Procédé de paiement, passerelle de paiement et client de paiement
CN2012800030415A CN103392186A (zh) 2012-12-28 2012-12-28 一种支付方法、支付网关及支付客户端

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
PCT/CN2012/087775 WO2014101078A1 (fr) 2012-12-28 2012-12-28 Procédé de paiement, passerelle de paiement et client de paiement

Publications (1)

Publication Number Publication Date
WO2014101078A1 true WO2014101078A1 (fr) 2014-07-03

Family

ID=49535839

Family Applications (1)

Application Number Title Priority Date Filing Date
PCT/CN2012/087775 WO2014101078A1 (fr) 2012-12-28 2012-12-28 Procédé de paiement, passerelle de paiement et client de paiement

Country Status (2)

Country Link
CN (1) CN103392186A (fr)
WO (1) WO2014101078A1 (fr)

Cited By (1)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US11030628B2 (en) 2016-11-03 2021-06-08 Advanced New Technologies Co., Ltd. Success rate of an online transaction

Families Citing this family (22)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN104753894B (zh) * 2013-12-31 2019-09-13 腾讯科技(深圳)有限公司 一种数据处理方法、装置及系统
CN103944876B (zh) * 2014-02-27 2018-07-06 小米科技有限责任公司 路由器访问控制方法、装置及路由器
CN104217329A (zh) * 2014-08-26 2014-12-17 深圳贝特莱电子科技有限公司 一种基于指纹安全认证的支付方法及系统
CA3082755A1 (fr) * 2014-09-12 2016-03-17 10353744 Canada Ltd. Systeme de reception de fonds et de paiement base sur un certificat electronique
CN105592013B (zh) * 2014-10-24 2019-03-12 阿里巴巴集团控股有限公司 一种敏感信息处理方法、装置及客户端
CN104331296B (zh) * 2014-11-25 2017-04-26 北京奇虎科技有限公司 交易信息处理方法、装置和系统
CN105654293B (zh) * 2014-12-03 2020-01-17 阿里巴巴集团控股有限公司 支付方法及装置
US10127544B2 (en) * 2014-12-16 2018-11-13 Facebook, Inc. Sending and receiving payments using a message system
CN105841689A (zh) * 2015-01-16 2016-08-10 阿里巴巴集团控股有限公司 提供长途交通工具信息的方法及装置
US10423937B2 (en) * 2015-07-17 2019-09-24 Mastercard International Incorporated Systems and methods for establishing message routing paths through a computer network
KR101834849B1 (ko) 2015-08-19 2018-03-06 삼성전자주식회사 전자 장치 및 전자 장치의 사용자 인증 방법
CN105488663A (zh) * 2015-11-19 2016-04-13 成都连银信息技术有限公司 支持多种付款通道的统一账务结算网关
CN105427101A (zh) * 2015-11-19 2016-03-23 成都连银信息技术有限公司 支持多种支付通道的统一支付接入网关
CN106910053A (zh) * 2015-12-22 2017-06-30 华为技术有限公司 移动支付方法、相关装置及系统
CN106897874B (zh) * 2016-06-01 2021-02-09 创新先进技术有限公司 移动支付方法、装置及系统
SG10201700562UA (en) * 2017-01-23 2018-08-30 Mastercard Asia Pacific Pte Ltd Switch For Routing Payment Instruction
US20190362357A1 (en) * 2017-02-20 2019-11-28 Huawei Technologies Co., Ltd. Payment method and terminal
CN106993282A (zh) * 2017-05-27 2017-07-28 苏州乐麟无线信息科技有限公司 计费方法和装置
CN107608798A (zh) * 2017-08-04 2018-01-19 阿里巴巴集团控股有限公司 一种业务处理方法及设备
CN108154370B (zh) * 2017-11-22 2021-09-14 中国银联股份有限公司 基于用户支付习惯的安全认证方法和设备
CN110083397A (zh) * 2018-01-24 2019-08-02 上海复旦微电子集团股份有限公司 一种屏蔽苹果手机nfc支付功能界面弹出的方法
CN109460999A (zh) * 2018-09-28 2019-03-12 珠海横琴现联盛科技发展有限公司 基于光学字符识别的支付信息方法

Citations (4)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN1547144A (zh) * 2003-12-10 2004-11-17 北京矽谷学人科技有限公司 互联网安全支付系统
CN101420311A (zh) * 2008-11-28 2009-04-29 中国移动通信集团四川有限公司 一种电信级支付结算网关系统
CN101741580A (zh) * 2008-11-07 2010-06-16 中兴通讯股份有限公司 一种收费流媒体的支付方法和系统
CN102646238A (zh) * 2011-02-16 2012-08-22 苏州同程旅游网络科技有限公司 基于互联网的支付通道整合方法

Patent Citations (4)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN1547144A (zh) * 2003-12-10 2004-11-17 北京矽谷学人科技有限公司 互联网安全支付系统
CN101741580A (zh) * 2008-11-07 2010-06-16 中兴通讯股份有限公司 一种收费流媒体的支付方法和系统
CN101420311A (zh) * 2008-11-28 2009-04-29 中国移动通信集团四川有限公司 一种电信级支付结算网关系统
CN102646238A (zh) * 2011-02-16 2012-08-22 苏州同程旅游网络科技有限公司 基于互联网的支付通道整合方法

Cited By (2)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US11030628B2 (en) 2016-11-03 2021-06-08 Advanced New Technologies Co., Ltd. Success rate of an online transaction
US11238462B2 (en) 2016-11-03 2022-02-01 Advanced New Technologies Co., Ltd. Success rate of an online transaction

Also Published As

Publication number Publication date
CN103392186A (zh) 2013-11-13

Similar Documents

Publication Publication Date Title
WO2014101078A1 (fr) Procédé de paiement, passerelle de paiement et client de paiement
US9832183B2 (en) Key management using quasi out of band authentication architecture
US8893237B2 (en) Secure and efficient login and transaction authentication using iphones# and other smart mobile communication devices
US9444809B2 (en) Secure and efficient authentication using plug-in hardware compatible with desktops, laptops and/or smart mobile communication devices such as iPhones™
EP2859488B1 (fr) Association 2chk déclenchée par entreprise
JP6021923B2 (ja) オンライン取引のための安全な認証方法およびシステム
JP5632489B2 (ja) 安全なユーザおよびトランザクション認証並びにリスク管理の新規方法
US11658951B2 (en) Carrier encryption system
CN101808077A (zh) 信息安全输入处理系统和方法以及智能卡
KR101494838B1 (ko) 거래연동 오티피를 이용한 계좌 이체 방법 및 시스템
KR101348079B1 (ko) 휴대단말을 이용한 전자서명 시스템
US20230379336A1 (en) Systems and methods for multi-factor authentication by a commerce platform using a cloud services provider
KR101495914B1 (ko) 인터넷뱅킹 서비스 제공 시스템 및 방법
US8281123B2 (en) Apparatus and method for managing and protecting information during use of semi-trusted interfaces
WO2014089968A1 (fr) Procédé et dispositif de chiffrement de données dans un système de machines virtuelles
CN111212017A (zh) 一种面向智能终端的安全传输方法及系统
KR102380504B1 (ko) 북마클릿을 이용한 전자 지갑 서비스 시스템 및 방법
KR20170029942A (ko) 웹 기반 인증을 이용한 결제 서비스 제공 장치 및 방법, 그리고 시스템 및 컴퓨터 프로그램이 기록된 기록매체
KR20170065922A (ko) 금융 서비스를 위한 단말 및 그의 금융 서비스 방법
KR20170065929A (ko) 금융 서비스를 위한 단말 및 그의 금융 서비스 방법
JP2007279775A (ja) ウェブ・アクセスポイント認証(wapa)が可能なウェブサーバー認証システム

Legal Events

Date Code Title Description
121 Ep: the epo has been informed by wipo that ep was designated in this application

Ref document number: 12891040

Country of ref document: EP

Kind code of ref document: A1

NENP Non-entry into the national phase

Ref country code: DE

122 Ep: pct application non-entry in european phase

Ref document number: 12891040

Country of ref document: EP

Kind code of ref document: A1