WO2014101078A1 - Procédé de paiement, passerelle de paiement et client de paiement - Google Patents
Procédé de paiement, passerelle de paiement et client de paiement Download PDFInfo
- Publication number
- WO2014101078A1 WO2014101078A1 PCT/CN2012/087775 CN2012087775W WO2014101078A1 WO 2014101078 A1 WO2014101078 A1 WO 2014101078A1 CN 2012087775 W CN2012087775 W CN 2012087775W WO 2014101078 A1 WO2014101078 A1 WO 2014101078A1
- Authority
- WO
- WIPO (PCT)
- Prior art keywords
- payment
- information
- authentication
- request
- gateway
- Prior art date
Links
- 238000000034 method Methods 0.000 title claims abstract description 69
- 239000003999 initiator Substances 0.000 claims abstract description 15
- 230000004044 response Effects 0.000 claims description 11
- 239000000284 extract Substances 0.000 claims description 7
- 238000004891 communication Methods 0.000 claims description 4
- 238000010586 diagram Methods 0.000 description 8
- 239000000203 mixture Substances 0.000 description 4
- 230000005540 biological transmission Effects 0.000 description 2
- 230000009286 beneficial effect Effects 0.000 description 1
- 238000004590 computer program Methods 0.000 description 1
- 230000000694 effects Effects 0.000 description 1
- ZXQYGBMAQZUVMI-GCMPRSNUSA-N gamma-cyhalothrin Chemical compound CC1(C)[C@@H](\C=C(/Cl)C(F)(F)F)[C@H]1C(=O)O[C@H](C#N)C1=CC=CC(OC=2C=CC=CC=2)=C1 ZXQYGBMAQZUVMI-GCMPRSNUSA-N 0.000 description 1
- 230000003287 optical effect Effects 0.000 description 1
- 230000001568 sexual effect Effects 0.000 description 1
- 230000011664 signaling Effects 0.000 description 1
Classifications
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/04—Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks
- H04L63/0428—Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks wherein the data content is protected, e.g. by encrypting or encapsulating the payload
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06Q—INFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES, NOT OTHERWISE PROVIDED FOR
- G06Q20/00—Payment architectures, schemes or protocols
- G06Q20/02—Payment architectures, schemes or protocols involving a neutral party, e.g. certification authority, notary or trusted third party [TTP]
- G06Q20/027—Payment architectures, schemes or protocols involving a neutral party, e.g. certification authority, notary or trusted third party [TTP] involving a payment switch or gateway
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06Q—INFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES, NOT OTHERWISE PROVIDED FOR
- G06Q20/00—Payment architectures, schemes or protocols
- G06Q20/30—Payment architectures, schemes or protocols characterised by the use of specific devices or networks
- G06Q20/32—Payment architectures, schemes or protocols characterised by the use of specific devices or networks using wireless devices
- G06Q20/325—Payment architectures, schemes or protocols characterised by the use of specific devices or networks using wireless devices using wireless networks
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06Q—INFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES, NOT OTHERWISE PROVIDED FOR
- G06Q20/00—Payment architectures, schemes or protocols
- G06Q20/38—Payment protocols; Details thereof
- G06Q20/382—Payment protocols; Details thereof insuring higher security of transaction
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06Q—INFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES, NOT OTHERWISE PROVIDED FOR
- G06Q20/00—Payment architectures, schemes or protocols
- G06Q20/38—Payment protocols; Details thereof
- G06Q20/42—Confirmation, e.g. check or permission by the legal debtor of payment
- G06Q20/425—Confirmation, e.g. check or permission by the legal debtor of payment using two different networks, one for transaction and one for security confirmation
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/08—Network architectures or network communication protocols for network security for authentication of entities
Definitions
- the present invention relates to the field of mobile internet, and in particular, to a payment method, a payment gateway, and a payment client. Background technique
- Mobile payment can be used by various mobile terminals (such as smart phones, tablets, etc.).
- the terminal that is carried with you) makes payment, and the convenience of payment becomes a new wave.
- security risks are still the main reason why mobile payment has not been widely used.
- There are many security risks in the process of using mobile payment and the proportion of the account password stolen caused by Trojan or phishing website is relatively high.
- the payment method of the prior art one is to integrate the secure payment module into the mobile browser through cooperation with the mobile browser provider by the third party payment institution.
- the mobile browser invokes an integrated secure payment module to implement the payment.
- This payment method is only applicable to a specific mobile browser integrated with a secure payment module.
- the current number of mobile browsers is large and the update is faster, so this method will affect the efficiency of the user's instant payment, and has no universal applicability.
- the secure payment module is bound to the mobile browser.
- the secure payment module is upgraded, the mobile browser must also be upgraded to make the payment; and the payment method does not support the hardware medium type authentication method, such as U. Shield, etc., so there is still a certain security risk.
- the prior art 2 provides a method for mobile online payment, in which the online shopping mobile application (such as a mobile client of an electronic shopping mall), a payment client, and the like are involved.
- the online shopping mobile application such as a mobile client of an electronic shopping mall
- a payment client such as a mobile client of an electronic shopping mall
- payment is implemented by calling a mobile shopping application, an online shopping mobile application server, a payment server, and a payment client in a mobile operating system (OS) in the mobile terminal.
- OS mobile operating system
- There is a security risk when transmitting payment information between processes which may be stolen from the content and information of the user's transaction, or even use the content and information to steal the identity of the user for shopping or directly steal the user's funds.
- the embodiment of the invention provides a payment method, a payment gateway and a payment client, which can improve the security of mobile secure payment and avoid the security risk of interception, eavesdropping and tampering of payment information.
- a first aspect of the present invention provides a payment method, which may include:
- the payment gateway receives a payment request including user identity information and payment information
- Decrypting the payment request extracting the user identity information and payment information
- the payment result is obtained and the payment result is returned to the payment request originator.
- the payment channel is a channel for transmitting information between the payment gateway and the payment client, and the payment channel remains in a connected state.
- the user identity information may include a mobile phone number, a bank card number, a user name, an ID card number, and a mailbox. At least one of the addresses, the payment information includes payment server information and payment amount information.
- the sending the payment request to the payment client by using the payment channel for authentication may include
- the payment request is subjected to at least one of the following authentication methods: password authentication, software media certificate authentication, hardware media certificate authentication, and fingerprint authentication.
- the payment gateway and the payment client, the payment server, and The payment request originators communicate through an encrypted tunnel.
- the method may further include:
- a message to continue to wait for a response is returned to the originator of the payment request.
- the obtaining the payment result may be in any of the following manners obtain:
- the payment client returns a payment result to the payment gateway;
- the payment server returns a payment result to the payment gateway.
- the second aspect of the embodiment of the present invention provides a mobile payment method, which may include:
- the payment request is authenticated according to the authentication method, and the authentication result is returned to the payment gateway.
- the authentication manner may include at least one of the following authentication modes: password authentication, software medium certificate authentication, hardware media certificate authentication, and fingerprint authentication.
- the user identity information may include a mobile phone number, a bank card number, a user name, an ID card number, and a mailbox. At least one of the addresses, the payment information includes payment server information and payment amount information.
- a third aspect of the embodiments of the present invention provides a payment gateway, which may include:
- a transceiver unit configured to receive a payment request including user identity information and payment information; send the payment request to a payment client for authentication through a payment channel; receive a payment request that is sent by the payment client, and And the payment request is forwarded to the payment server; the payment result is obtained, and the payment result is returned to the payment request initiator; the decryption unit is configured to decrypt the payment request, and extract the user identity information and the payment information;
- a searching unit configured to find, in the payment channel list, a payment channel corresponding to the user identity information according to the user identity information.
- the payment channel is a channel for transmitting information between the payment gateway and the payment client, and the payment channel remains in a connected state.
- the user identity information may include a mobile phone number, a bank card number, a user name, an ID card number, and a mailbox.
- the payment information may include payment server information and payment amount information.
- the payment gateway, the payment client, the payment server, and the The payment request originator communicates through an encrypted tunnel.
- the message waiting for a response continues.
- a fourth aspect of the embodiments of the present invention provides a payment client, which may include:
- a receiving unit configured to receive a payment request that is sent by the payment gateway and includes the user identity information and the payment information
- a registration unit configured to send an authentication request to the payment server to obtain an authentication method
- an authentication unit configured to authenticate the payment request according to the authentication manner, and return the authentication result to the payment gateway.
- the user identity information may include at least one of a mobile phone number, a bank card number, a user name, an identity card number, and an email address
- the payment information may include payment server information and payment.
- Amount information; the authentication method may include at least one of the following authentication methods: password authentication, software media certificate authentication, hardware media certificate authentication, and fingerprint authentication.
- the receiving unit is further configured to block an interface between a service application on the mobile terminal and a mobile terminal's own operating system
- the payment client may further include:
- a fifth aspect of the embodiments of the present invention provides a payment gateway, which may include:
- the memory is configured to store a program executed by the processor
- the processor is configured to perform the following steps:
- Decrypting the payment request extracting the user identity information and payment information
- the payment result is obtained and the payment result is returned to the payment request originator.
- the user identity information may include at least one of a mobile phone number, a bank card number, a user name, an identity card number, and an email address
- the payment information may include payment server information and payment.
- Amount information the payment gateway communicates with the payment client, the payment server, and the payment request initiator through an encrypted tunnel; the payment gateway is further configured to return to the originator of the payment request A message waiting for a response.
- Banks or third-party payment agencies do not need to cooperate with browser vendors, do not need to integrate security controls into standard browsers, and do not need to modify existing browsers or online shopping mobile applications to achieve secure payment for mobile online shopping, and improve secure payment. Universality; and there is no call between applications in the payment process, which avoids the security risk of interception, eavesdropping and tampering of payment information.
- FIG. 1 is a schematic flowchart of a first embodiment of a payment method according to the present invention
- FIG. 2 is a schematic flowchart of a second embodiment of a payment method according to the present invention.
- FIG. 3 is a schematic structural diagram of a first embodiment of a payment gateway according to the present invention.
- FIG. 4 is a schematic structural diagram of a second embodiment of a payment gateway according to the present invention.
- FIG. 5 is a schematic structural diagram of a first embodiment of a payment client according to the present invention.
- FIG. 6 is a schematic structural diagram of a second embodiment of a payment client according to the present invention.
- FIG. 7 is a flow chart of the payment gateway and the payment client cooperate with the mobile payment according to the present invention. detailed description
- FIG. 1 is a schematic flowchart of a mobile payment method according to an embodiment of the present invention.
- the mobile payment method includes the following steps:
- the payment gateway receives a payment request including user identity information and payment information.
- the online shopping application or mobile browser ie, the payment request originator
- the payment request originator When a user makes an online payment or an online transfer, he or she needs to input his/her own user identity information and payment information, and the online shopping application or mobile browser (ie, the payment request originator) will send a payment request containing the user identity information and payment information to the office.
- the payment gateway When a user makes an online payment or an online transfer, he or she needs to input his/her own user identity information and payment information, and the online shopping application or mobile browser (ie, the payment request originator) will send a payment request containing the user identity information and payment information to the office.
- the payment gateway When a user makes an online payment or an online transfer, he or she needs to input his/her own user identity information and payment information, and the online shopping application or mobile browser (ie, the payment request originator) will send a payment request containing the user identity information and payment information to the office.
- the payment gateway When a user makes an online payment or an online transfer
- the payment request is in accordance with a Security Socket Layer (SSL) protocol
- the user identity information may be a user's mobile phone number, a bank card number, a user name, an ID card number, an email address, etc., which may be used to confirm the user.
- the information of the identity, the payment information may include information related to the payment, such as payment server information, payment amount information, and the like.
- the payment server information may be information of a bank to which the payment server belongs or a third-party payment institution to which the payment server belongs, and the payment amount information may be information such as the amount or currency of the payment amount.
- the payment gateway decrypts the payment request, and when extracting the user identity information, one or more of the user identity information may be extracted to ensure that the identity of the user can be confirmed by the user identity information.
- the payment channel is a channel for transmitting information between the payment gateway and the payment client.
- a payment gateway can establish a payment channel with multiple payment clients, and the payment channel list records the correspondence between the payment channel and the payment client.
- the payment client can be installed on a mobile terminal such as a smart phone or a tablet computer, and the payment client establishes a Transmission Control Protocol (TCP) connection and negotiates an SSL tunnel with the payment gateway, and based on the mobile terminal information and the user.
- TCP Transmission Control Protocol
- the identity information applies for registration with the payment gateway. After the registration is successful, the payment client maintains the TCP connection with the payment gateway. In case of network anomaly, you can reconnect automatically.
- the payment gateway maintains a TCP connection with the payment client, and can query the TCP connection according to the user identity information at any time, and can also actively send a message to the payment client to implement message push.
- the payment channel can remain connected. Maintaining the connection state of the payment channel does not occupy a large amount of communication resources, can quickly respond to the user's payment request, and can also bring a large user Convenience. For example, nowadays, the popular snapping or robbing activity, if the payment channel is in the connected state, can save the user time for payment, and is easy to snap up. Therefore, in the case where the resources of both parties allow, the payment channel can be kept in a connected state.
- the browser returns a message that continues to wait for a response, maintaining the current connection and preventing the payment from failing.
- Authenticating the payment request includes performing password authentication, software media certificate authentication, hardware media certificate authentication, or fingerprint authentication on the payment request.
- the payment authentication method is password authentication
- the user is prompted to enter the correct password to pass the authentication.
- the embodiments of the present invention can simultaneously support multiple payment authentication modes, and particularly support hardware media certificate authentication, thereby improving payment security.
- the obtained payment result is obtained by any of the following methods:
- the payment gateway communicates with the payment client, the payment server, and the payment request originator through an encrypted tunnel.
- the payment client or the payment server notifies the payment gateway that the payment is completed by out-of-band signaling.
- the payment gateway then returns the response message containing the final payment result to the mobile browser or online shopping application.
- the mobile browser or online shopping application can present the payment result to the user, indicating that the payment is over.
- the mobile browser or network card shopping application can also jump to the shopping address to allow the user to continue browsing.
- the payment gateway may also return a response message of the payment failure to the mobile browser or the online shopping application, and the mobile browser or the online shopping application prompts the user to re-pay or Abandon payment and other operations.
- a mobile payment method is provided, and a bank or a third party payment institution does not need Integrating payment security controls into mobile browsers, without the need to modify existing mobile browsers or online shopping mobile applications, can achieve secure payment for mobile online shopping, and improve the versatility of secure payment.
- Payment is implemented through the payment gateway during the payment process, without the need to communicate and invoke information in different applications, avoiding the risk of interception, eavesdropping and tampering of payment information.
- the payment gateway may be prompted to register and establish a payment channel. If the payment client is not installed in the mobile terminal of the user, the payment gateway may notify the third-party payment institution to push the payment client to the user's mobile terminal, and the user installs and registers. If the user is not willing to install the client, the payment can be made by using the existing payment method, which is not described in detail in the embodiment of the present invention.
- FIG. 2 is a schematic flowchart of a second embodiment of a payment method according to the present invention.
- the method includes the following steps:
- the user identity information includes at least one of a mobile phone number, a bank card number, a user name, an ID number, and an email address, and the payment information includes payment server information and payment amount information.
- the authentication mode includes at least one of the following authentication methods: password authentication, software media certificate authentication, hardware media certificate authentication, and fingerprint authentication.
- S203 Perform the authentication request according to the authentication manner, and return the authentication result to the payment gateway.
- the payment gateway includes: a transceiver unit 100, a decryption unit 200, and a search unit 300.
- the transceiver unit 100 is configured to receive a payment request including user identity information and payment information, send the payment request to a payment client for authentication by using a payment channel, and receive a payment request that is sent by the payment client, and Forwarding the authenticated payment request to the payment server; obtaining the payment result, and returning the payment result to the payment request initiator;
- the decryption unit 200 is configured to decrypt the payment request, and extract the user identity information and payment information;
- the searching unit 300 is configured to find, in the payment channel list, according to the user identity information.
- the payment channel is a channel for transmitting information between the payment gateway and the payment client, and the payment channel remains in a connected state.
- the user identity information includes at least one of a mobile phone number, a bank card number, a user name, an identity card number, and a mailbox address
- the payment information includes information such as payment server information and payment amount information.
- the payment gateway communicates with the payment client, the payment server, and the payment request originator through a force tunnel.
- the transceiver unit 100 is further configured to return a message of continuing to wait for a response to the initiator of the payment request.
- the authenticating the payment request includes performing at least one of the following authentication methods on the payment request: password authentication, software media certificate authentication, hardware media certificate authentication, and fingerprint authentication.
- the payment gateway includes:
- processor 400 and a memory 500 cooperating with the processor 400; wherein the memory
- 500 is configured to store a program executed by the processor 400
- the processor 400 is configured to perform the following steps:
- Decrypting the payment request extracting the user identity information and payment information
- the payment result is obtained and the payment result is returned to the payment request originator.
- the user identity information includes at least one of a mobile phone number, a bank card number, a user name, an identity card number, and an email address
- the payment information includes payment server information and payment amount information
- the payment client, the payment server, and the payment request initiator communicate through an encrypted tunnel; the payment gateway is further configured to return a message to the initiator of the payment request to continue to wait for a response.
- FIG. 5 it is a schematic diagram of a composition of a first embodiment of a payment client according to the present invention.
- the payment client includes:
- the receiving unit 600 the registration unit 700, and the authentication unit 800.
- the receiving unit 600 is configured to receive a payment request that is sent by the payment gateway and includes the user identity information and the payment information.
- the registration unit 700 is configured to send an authentication request to the payment server to obtain an authentication mode.
- the authentication unit 800 is configured to authenticate the payment request according to the authentication manner, and return the authentication result to the payment gateway.
- the user identity information includes at least one of a mobile phone number, a bank card number, a user name, an identity card number, and an email address
- the payment information includes payment server information and payment amount information
- the authentication manner includes the following: At least one authentication method: password authentication, software media certificate authentication, hardware media certificate authentication, and fingerprint authentication.
- FIG. 6 is a schematic diagram of a composition of a second embodiment of a payment client according to the present invention.
- the payment client includes:
- the receiving unit 600 is further configured to shield an interface between the service application on the mobile terminal and the operating system of the mobile terminal, thereby implementing the possibility that the payment client supports multiple mobile terminal operating systems across platforms. .
- the display unit 300 is configured to customize a payment interface; meet the personality requirements of a third-party payment institution and a user.
- the browser kernel unit 400 is for publishing a web application.
- the payment client includes a browser kernel unit 300, so the payment client can be regarded as a special browser, and the browser can carry a web application, and can quickly publish a web application of a third-party payment institution. Improve the user's payment experience.
- FIG. 7 is a flowchart of the payment gateway and the payment client in the present invention complete the mobile payment.
- the mobile shopping payment is taken as an example for the online shopping application, the electronic shopping mall server, the payment gateway, the payment server, and the payment client.
- the action of moving your browser is similar to the operation of the online shopping app.
- the user downloads and installs the payment client from the third party payment institution, such as a bank or a third party payment provider, to the mobile terminal, completes the registration, and establishes a payment channel with the payment gateway.
- the third party payment institution such as a bank or a third party payment provider
- TCP Transmission Control Protocol
- SSL tunnel is negotiated
- the registration is completed to the payment gateway based on the mobile terminal and the user identity information.
- the TCP connection i.e., payment channel
- the payment gateway maintains a payment channel with the payment client, so that the delivery channel can be queried according to the user identity information at any time, and the message is actively sent to the payment client.
- the user uses the mobile terminal to access the shopping website through the online shopping application for shopping, that is, accessing the electronic mall.
- the online shopping application sends a payment request including the user identity information and the payment information to the payment gateway.
- the payment gateway decrypts the payment request, and extracts the user identity information and the payment information.
- the payment gateway finds a payment channel corresponding to the user identity information in the payment channel list according to the user identity information, and sends the payment request to the payment client through the payment channel.
- the payment gateway returns a message to continue to wait for the online shopping application to maintain an online shopping link.
- the payment client sends an authentication request to the payment gateway to authenticate the payment request.
- the payment gateway returns a payment authentication method to the payment client.
- the payment client completes the payment authentication with the payment server in the payment channel according to the payment authentication method such as inputting a password or relying on other software and hardware media certificate authentication.
- the payment client sends a payment request to the payment gateway.
- the payment gateway forwards the payment request to the payment server.
- the payment server performs payment according to the payment request, and notifies the payment gateway that the payment is completed.
- the payment gateway returns a response message including the final payment result to the online shopping application.
- the online shopping application presents the payment result to the user's mobile terminal, indicating that the payment is over.
- the present invention has the following advantages:
- the payment gateway completes the communication between the payment client and the payment server, and does not need to integrate the security control to the standard browser, and can realize mobile online shopping without modifying the existing browser or the online shopping mobile application.
- the secure payment increases the versatility of the secure payment; and there is no call between the mobile terminal side application and the information in the payment process, which avoids the security risk of the interception, eavesdropping and tampering of the payment information;
- the user's payment experience saves the user time for payment; the payment client can perform various software and hardware media certificate authentication to ensure the security of payment.
- the transceiver unit of the payment client can block the interface between the business application on the mobile terminal and the operating system of the mobile terminal itself.
- the payment client comprises a display unit, a customizable payment interface, and the third party payment institution and the user's individual needs;
- the browser kernel unit It can host web applications, quickly publish web applications from third-party payment institutions, and enhance the user's payment experience.
- the storage medium may be a magnetic disk, an optical disk, a read-only memory (ROM), or a random access memory (Random Access Memory).
Landscapes
- Engineering & Computer Science (AREA)
- Business, Economics & Management (AREA)
- Computer Security & Cryptography (AREA)
- Accounting & Taxation (AREA)
- Strategic Management (AREA)
- Physics & Mathematics (AREA)
- General Business, Economics & Management (AREA)
- General Physics & Mathematics (AREA)
- Theoretical Computer Science (AREA)
- Computer Networks & Wireless Communication (AREA)
- Finance (AREA)
- Computer Hardware Design (AREA)
- Computing Systems (AREA)
- General Engineering & Computer Science (AREA)
- Signal Processing (AREA)
- Financial Or Insurance-Related Operations Such As Payment And Settlement (AREA)
Abstract
Les modes de réalisation de la présente invention concernent un procédé de paiement comprenant : la réception, par une passerelle de paiement, d'une demande de paiement contenant des informations d'identité d'utilisateur et des informations de paiement ; le déchiffrement de la demande de paiement et l'extraction des informations d'identité d'utilisateur et des informations de paiement ; sur la base des informations d'identité d'utilisateur, la recherche d'un tunnel de paiement correspondant aux informations d'identité d'utilisateur, dans une liste de tunnels de paiement ; la transmission de la demande de paiement à un client de paiement pour authentification via le tunnel de paiement ; la réception de la demande de paiement authentifiée, transmise par le client de paiement, et son transfert à un serveur de paiement ; enfin, l'obtention d'un résultat de paiement et son retour à un initiateur de la demande de paiement. Les modes de réalisation de la présente invention concernent également une passerelle de paiement et un client de paiement. Les modes de réalisation de la présente invention améliorent l'universalité de paiements sécurisés, et évitent que des informations de paiement soient interceptées, écoutées et piratées.
Priority Applications (2)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
PCT/CN2012/087775 WO2014101078A1 (fr) | 2012-12-28 | 2012-12-28 | Procédé de paiement, passerelle de paiement et client de paiement |
CN2012800030415A CN103392186A (zh) | 2012-12-28 | 2012-12-28 | 一种支付方法、支付网关及支付客户端 |
Applications Claiming Priority (1)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
PCT/CN2012/087775 WO2014101078A1 (fr) | 2012-12-28 | 2012-12-28 | Procédé de paiement, passerelle de paiement et client de paiement |
Publications (1)
Publication Number | Publication Date |
---|---|
WO2014101078A1 true WO2014101078A1 (fr) | 2014-07-03 |
Family
ID=49535839
Family Applications (1)
Application Number | Title | Priority Date | Filing Date |
---|---|---|---|
PCT/CN2012/087775 WO2014101078A1 (fr) | 2012-12-28 | 2012-12-28 | Procédé de paiement, passerelle de paiement et client de paiement |
Country Status (2)
Country | Link |
---|---|
CN (1) | CN103392186A (fr) |
WO (1) | WO2014101078A1 (fr) |
Cited By (1)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
US11030628B2 (en) | 2016-11-03 | 2021-06-08 | Advanced New Technologies Co., Ltd. | Success rate of an online transaction |
Families Citing this family (22)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN104753894B (zh) * | 2013-12-31 | 2019-09-13 | 腾讯科技(深圳)有限公司 | 一种数据处理方法、装置及系统 |
CN103944876B (zh) * | 2014-02-27 | 2018-07-06 | 小米科技有限责任公司 | 路由器访问控制方法、装置及路由器 |
CN104217329A (zh) * | 2014-08-26 | 2014-12-17 | 深圳贝特莱电子科技有限公司 | 一种基于指纹安全认证的支付方法及系统 |
CA3082755A1 (fr) * | 2014-09-12 | 2016-03-17 | 10353744 Canada Ltd. | Systeme de reception de fonds et de paiement base sur un certificat electronique |
CN105592013B (zh) * | 2014-10-24 | 2019-03-12 | 阿里巴巴集团控股有限公司 | 一种敏感信息处理方法、装置及客户端 |
CN104331296B (zh) * | 2014-11-25 | 2017-04-26 | 北京奇虎科技有限公司 | 交易信息处理方法、装置和系统 |
CN105654293B (zh) * | 2014-12-03 | 2020-01-17 | 阿里巴巴集团控股有限公司 | 支付方法及装置 |
US10127544B2 (en) * | 2014-12-16 | 2018-11-13 | Facebook, Inc. | Sending and receiving payments using a message system |
CN105841689A (zh) * | 2015-01-16 | 2016-08-10 | 阿里巴巴集团控股有限公司 | 提供长途交通工具信息的方法及装置 |
US10423937B2 (en) * | 2015-07-17 | 2019-09-24 | Mastercard International Incorporated | Systems and methods for establishing message routing paths through a computer network |
KR101834849B1 (ko) | 2015-08-19 | 2018-03-06 | 삼성전자주식회사 | 전자 장치 및 전자 장치의 사용자 인증 방법 |
CN105488663A (zh) * | 2015-11-19 | 2016-04-13 | 成都连银信息技术有限公司 | 支持多种付款通道的统一账务结算网关 |
CN105427101A (zh) * | 2015-11-19 | 2016-03-23 | 成都连银信息技术有限公司 | 支持多种支付通道的统一支付接入网关 |
CN106910053A (zh) * | 2015-12-22 | 2017-06-30 | 华为技术有限公司 | 移动支付方法、相关装置及系统 |
CN106897874B (zh) * | 2016-06-01 | 2021-02-09 | 创新先进技术有限公司 | 移动支付方法、装置及系统 |
SG10201700562UA (en) * | 2017-01-23 | 2018-08-30 | Mastercard Asia Pacific Pte Ltd | Switch For Routing Payment Instruction |
US20190362357A1 (en) * | 2017-02-20 | 2019-11-28 | Huawei Technologies Co., Ltd. | Payment method and terminal |
CN106993282A (zh) * | 2017-05-27 | 2017-07-28 | 苏州乐麟无线信息科技有限公司 | 计费方法和装置 |
CN107608798A (zh) * | 2017-08-04 | 2018-01-19 | 阿里巴巴集团控股有限公司 | 一种业务处理方法及设备 |
CN108154370B (zh) * | 2017-11-22 | 2021-09-14 | 中国银联股份有限公司 | 基于用户支付习惯的安全认证方法和设备 |
CN110083397A (zh) * | 2018-01-24 | 2019-08-02 | 上海复旦微电子集团股份有限公司 | 一种屏蔽苹果手机nfc支付功能界面弹出的方法 |
CN109460999A (zh) * | 2018-09-28 | 2019-03-12 | 珠海横琴现联盛科技发展有限公司 | 基于光学字符识别的支付信息方法 |
Citations (4)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN1547144A (zh) * | 2003-12-10 | 2004-11-17 | 北京矽谷学人科技有限公司 | 互联网安全支付系统 |
CN101420311A (zh) * | 2008-11-28 | 2009-04-29 | 中国移动通信集团四川有限公司 | 一种电信级支付结算网关系统 |
CN101741580A (zh) * | 2008-11-07 | 2010-06-16 | 中兴通讯股份有限公司 | 一种收费流媒体的支付方法和系统 |
CN102646238A (zh) * | 2011-02-16 | 2012-08-22 | 苏州同程旅游网络科技有限公司 | 基于互联网的支付通道整合方法 |
-
2012
- 2012-12-28 WO PCT/CN2012/087775 patent/WO2014101078A1/fr active Application Filing
- 2012-12-28 CN CN2012800030415A patent/CN103392186A/zh active Pending
Patent Citations (4)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN1547144A (zh) * | 2003-12-10 | 2004-11-17 | 北京矽谷学人科技有限公司 | 互联网安全支付系统 |
CN101741580A (zh) * | 2008-11-07 | 2010-06-16 | 中兴通讯股份有限公司 | 一种收费流媒体的支付方法和系统 |
CN101420311A (zh) * | 2008-11-28 | 2009-04-29 | 中国移动通信集团四川有限公司 | 一种电信级支付结算网关系统 |
CN102646238A (zh) * | 2011-02-16 | 2012-08-22 | 苏州同程旅游网络科技有限公司 | 基于互联网的支付通道整合方法 |
Cited By (2)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
US11030628B2 (en) | 2016-11-03 | 2021-06-08 | Advanced New Technologies Co., Ltd. | Success rate of an online transaction |
US11238462B2 (en) | 2016-11-03 | 2022-02-01 | Advanced New Technologies Co., Ltd. | Success rate of an online transaction |
Also Published As
Publication number | Publication date |
---|---|
CN103392186A (zh) | 2013-11-13 |
Similar Documents
Publication | Publication Date | Title |
---|---|---|
WO2014101078A1 (fr) | Procédé de paiement, passerelle de paiement et client de paiement | |
US9832183B2 (en) | Key management using quasi out of band authentication architecture | |
US8893237B2 (en) | Secure and efficient login and transaction authentication using iphones# and other smart mobile communication devices | |
US9444809B2 (en) | Secure and efficient authentication using plug-in hardware compatible with desktops, laptops and/or smart mobile communication devices such as iPhones™ | |
EP2859488B1 (fr) | Association 2chk déclenchée par entreprise | |
JP6021923B2 (ja) | オンライン取引のための安全な認証方法およびシステム | |
JP5632489B2 (ja) | 安全なユーザおよびトランザクション認証並びにリスク管理の新規方法 | |
US11658951B2 (en) | Carrier encryption system | |
CN101808077A (zh) | 信息安全输入处理系统和方法以及智能卡 | |
KR101494838B1 (ko) | 거래연동 오티피를 이용한 계좌 이체 방법 및 시스템 | |
KR101348079B1 (ko) | 휴대단말을 이용한 전자서명 시스템 | |
US20230379336A1 (en) | Systems and methods for multi-factor authentication by a commerce platform using a cloud services provider | |
KR101495914B1 (ko) | 인터넷뱅킹 서비스 제공 시스템 및 방법 | |
US8281123B2 (en) | Apparatus and method for managing and protecting information during use of semi-trusted interfaces | |
WO2014089968A1 (fr) | Procédé et dispositif de chiffrement de données dans un système de machines virtuelles | |
CN111212017A (zh) | 一种面向智能终端的安全传输方法及系统 | |
KR102380504B1 (ko) | 북마클릿을 이용한 전자 지갑 서비스 시스템 및 방법 | |
KR20170029942A (ko) | 웹 기반 인증을 이용한 결제 서비스 제공 장치 및 방법, 그리고 시스템 및 컴퓨터 프로그램이 기록된 기록매체 | |
KR20170065922A (ko) | 금융 서비스를 위한 단말 및 그의 금융 서비스 방법 | |
KR20170065929A (ko) | 금융 서비스를 위한 단말 및 그의 금융 서비스 방법 | |
JP2007279775A (ja) | ウェブ・アクセスポイント認証(wapa)が可能なウェブサーバー認証システム |
Legal Events
Date | Code | Title | Description |
---|---|---|---|
121 | Ep: the epo has been informed by wipo that ep was designated in this application |
Ref document number: 12891040 Country of ref document: EP Kind code of ref document: A1 |
|
NENP | Non-entry into the national phase |
Ref country code: DE |
|
122 | Ep: pct application non-entry in european phase |
Ref document number: 12891040 Country of ref document: EP Kind code of ref document: A1 |