WO2015062530A1

WO2015062530A1 - User account information management method, user account management server, sales terminal and system

Info

Publication number: WO2015062530A1
Application number: PCT/CN2014/089964
Authority: WO
Inventors: Ziying KE; Dongming XIA; Yanghui XU
Original assignee: Tencent Technology (Shenzhen) Company Limited
Priority date: 2013-10-31
Filing date: 2014-10-31
Publication date: 2015-05-07
Also published as: TW201516901A; CN104599123A; HK1206129A1

Abstract

A method of protecting account information at an account management server having one or more processors, and memory, comprising: receiving, from a portable electronic device associated with a first user account, a request to make a payment at the portable electronic device. In response to the payment request, creating a temporary first account access code associated with the first user account, storing a copy of the first account access code at the server and sending the first account access code to the portable electronic device. The method including receiving a transaction confirmation request sent from a sales terminal, wherein the transaction confirmation request comprises a second account access code, and in accordance with a determination that the second account access code matches the first account access code stored at the server, sending a transaction confirmation message to the sales terminal.

Description

USER ACCOUNT INFORMATION MANAGEMENT METHOD, USER ACCOUNT MANAGEMENT SERVER, SALES TERMINAL AND SYSTEM

RELATED APPLICATION

This application claims priority to Chinese Patent Application No. 201310534441.5, “ACCOUNT INFORMATION MANAGEMENT METHOD, ACCOUNT MANAGEMENT SERVER, SALES TERMINAL AND SYSTEM, ” filed October 31, 2013, which is hereby incorporated by reference in its entirety.

FIELD OF THE INVENTION

The present application relates to the field of computer technologies, and particularly to an account information management method, an account management server, a sales terminal and a system.

BACKGROUND OF THE INVENTION

A prepaid card is a value carrier prepaid by a user for purchasing goods or services of an issuer, including prepaid cards issued in forms such as cards and passwords by using magnetic stripe, chip and other technologies. For example, phone cards, network game cards, gift coupons and the like for general use may purchase goods or services in a certain amount range.

Currently, information about a prepaid card may be directly sent to a user's mobile phone through a prepaid card management server, the user does not need to additionally carry the prepaid card, and such a convenient manner is more and more welcomed by users. When the user uses a prepaid card to perform a payment behavior, generally a business directly scans card number information about the prepaid card stored in the mobile phone through a sales terminal, the business may directly acquire the card number of the user's prepaid card, the user enters a password, and the business sends relevant payment information to a card-issuing acquisition mechanism through the sales terminal, so as to complete the payment process.

However, during the process of implementing the present application, the inventor finds that, in the prior art, card number information about the prepaid card sent by the prepaid card management server to the user's mobile phone is a static card number owned by the user, the business may acquire the static card number with the sales terminal scanning the card number information about the prepaid card, the static card number is easily copied to cause leakage of the card number of the prepaid card, if the business or a third party also may use the copied static card number to be scanned by the sales terminal for a payment behavior, the user's account security only may be ensured by relying on the password set by the user, if the password is leaked, the third party acquires the leaked password, the third party may complete the whole payment process, and this will cause loss of the user account. Therefore, the existing prepaid card payment manner has great security risks.

SUMMARY

The above deficiencies and other problems associated with the ability to protect confidential user account information are reduced or eliminated by the invention disclosed below. In some embodiments, the invention is implemented in a computer system that has one or more processors, memory and one or more modules, programs or sets of instructions stored in the memory for performing multiple functions. Instructions for performing these functions may be included in a computer program product configured for execution by one or more processors.

One aspect of the invention involves a computer-implemented method of protecting account information at an account management server having one or more processors, and memory for storing programs to be executed by the one or more processors. The computer-implemented method includes: receiving, from a portable electronic device associated with a first user account, a request to make a payment at the portable electronic device. The method includes, in response to the payment request, creating a temporary first account access code associated with the first user account, storing a copy of the first account access code at the server and sending the first account access code to the portable electronic device. The method includes, receiving a transaction confirmation request sent from a sales terminal, wherein the transaction confirmation request comprises a second account access code, and in accordance with a determination that the second account access code matches the first account access code stored at the server, sending a transaction confirmation message to the sales terminal.

Another aspect of the invention involves a computer system. The computer system includes memory, one or more processors, and one or more programs stored in the memory and configured for execution by the one or more processors. The one or more programs include: receiving, from a portable electronic device associated with a first user account, a request to make a payment at the portable electronic device； in response to the payment request, creating a temporary first account access code associated with the first user account, storing a copy of the first account access code at the server and sending the first account access code to the portable electronic device； receiving a transaction confirmation request sent from a sales terminal, wherein the transaction confirmation request comprises a second account access code, and in accordance with a determination that the second account access code matches the first account access code stored at the server, sending a transaction confirmation message to the sales terminal.

Another aspect of the invention involves a non-transitory computer readable storage medium storing one or more programs, the one or more programs comprising instructions, which when executed by a server, cause the server to: receive, from a portable electronic device associated with a first user account, a request to make a payment at the portable electronic device； in response to the payment request: create a temporary first account access code associated with the first user account, store a copy of the first account access code at the server, send the first account access code to the portable electronic device； receive a transaction confirmation request sent from a sales terminal, wherein the transaction confirmation request comprises a second account access code； and in accordance with a determination that the second account access code matches the first account access code stored at the server, send a transaction confirmation message to the sales terminal.

Another aspect of the invention involves a server, comprising a processing unit configured to: receive, from a portable electronic device associated with a first user account, a request to make a payment at the portable electronic device； in response to the payment request: create a temporary first account access code associated with the first user account, store a copy of the first account access code at the server, send the first account access code to the portable electronic device； receive a transaction confirmation request sent from a sales terminal, wherein the transaction confirmation request comprises a second account access code； and in accordance with a determination that the second account access code matches the first account access code stored at the server, send a transaction confirmation message to the sales terminal.

BRIEF DESCRIPTION OF THE DRAWINGS

The aforementioned features and advantages of the invention as well as additional features and advantages thereof will be more clearly understood hereinafter as a result of a detailed description of preferred embodiments when taken in conjunction with the drawings.

To illustrate technical solutions according to embodiments of the present application more clearly, the accompanying drawings for describing the embodiments are introduced briefly in the following. Apparently, the accompanying drawings in the following description are only some embodiments of the present application； persons of ordinary skill in the art may obtain other drawings according to the accompanying drawings without paying any creative efforts.

FIG. 1 is a schematic block diagram of a flow of an account information management method according to an embodiment of the present application；

FIG. 2 is a schematic block diagram of a flow of another account information management method according to an embodiment of the present application；

FIG. 3 is a schematic diagram of an interaction process between network elements in an account information management system according to an embodiment of the present application；

FIG. 4A is a schematic structural diagram of an account management server according to an embodiment of the present application；

FIG. 4B is a schematic structural diagram of another account management server according to an embodiment of the present application；

FIG. 5 is a schematic structural diagram of a sales terminal according to an embodiment of the present application； and

FIG. 6 is a schematic structural diagram of an account information management system according to an embodiment of the present application.

FIG. 7 is a diagram of a client-server environment for protecting account information, in accordance with some implementations of the present application.

FIG. 8 is a diagram of an example implementation of the server for protecting account information, in accordance with some implementations of the present application.

FIG. 9 is a structural diagram of a realization apparatus of protecting account information in accordance with some implementations of the present application.

FIGS. 10A-10B are a flow chart of a method of protecting account information at an account management server in accordance with some implementations of the present application.

FIG. 11A illustrates an exemplary embodiment of a system of protecting account information of the present application.

FIG. 11B illustrates an exemplary representation of a first account access code.

Like reference numerals refer to corresponding parts throughout the several views of the drawings.

DESCRIPTION OF EMBODIMENTS

Reference will now be made in detail to embodiments, examples of which are illustrated in the accompanying drawings. In the following detailed description, numerous specific details are set forth in order to provide a thorough understanding of the subject matter presented herein. But it will be apparent to one skilled in the art that the subject matter may be practiced without these specific details. In other instances, well-known methods, procedures, components, and circuits have not been described in detail so as not to unnecessarily obscure aspects of the embodiments.

Embodiments of the present application provide an account information management method, an account management server, a sales terminal and a system, for improving the user's account security.

In order to make the objectives, technical solutions, and advantages of the present application comprehensible, the present application is further described in detail below with reference to the accompanying drawings. It is obvious that the embodiments to be described are only a part rather than all of the embodiments of the present application. All other embodiments derived by persons of ordinary skill in the art based on the embodiments of the present application without carrying out creative activities should fall within the scope of the present application.

The terms "include" and "have" as well as any variations thereof in the specification and the claims as well as the accompanying drawings of the present application are intended to cover non-exclusive inclusion, so that processes, methods, systems, products or devices containing a series of units are not limited to the units, but may include other units that are not clearly listed or inherent for the processes, methods, products or devices.

Detailed description is given below respectively.

One embodiment of the account information management method according to the present application may be implemented based on an account management server side, which may include: creating an account password or account access code bound to a user account； sending the account password or account access code to a user terminal, wherein the user terminal displays the account password or account access code in a form of an identification code； receiving a payment request message sent by a sales terminal, wherein the payment request message includes the account password or account access code acquired by the sales terminal from the user terminal； acquiring account information corresponding to the account password or account access code according to the payment request message； and sending a payment confirmation message to the sales terminal according to the account information.

Referring to FIG. 1, the account information management method according to one embodiment of the present application may include the following steps.

101. Create an account password bound to a user account.

In this embodiment of the present application, the account management server is used for managing user account information, and managing a user's payment behavior. The account management server saves account information bound to a user, specifically, the account information may refer to card number information about a prepaid card purchased by the user, the account information also may refer to a card number of a savings card or card number information about a credit card used by the user or the like, and in this embodiment of the present application, accounts represented by various types of securities forms that the user could use for payment are collectively called account information.

In this embodiment of the present application, the account management server may create an account password or account access code bound to a user account, wherein the account password or account access code refers to certificate information generated by the account management server for a user for representing an account owned by the user. In this embodiment of the present application, the account management server sends an account password or account access code to the user, the user may use the account password or account access code to perform a payment behavior on a sales terminal of a business, the business only may acquire the account password or account access code through the sales terminal, and the sales terminal may interact with the account management server through the account password or account access code to complete the whole payment process. In the prior art, the account management server sends account information to a user terminal, for example, the account management server directly sends an account number purchased by a user to the user terminal, the user easily causes leakage of the account number when using the user terminal for payment, thereby threatening the user's account security, while in this embodiment of the present application, the user terminal and the sales terminal may perform payment and payment verification without using the user's real account information, as long as the user terminal and the sales terminal use the account password or account access code, and thus a leakage risk brought about by the account management server's sending account information to the user terminal may be avoided from the source.

It should be noted that, in some embodiments of the present application, step 101, i.e., creating an account password bound to a user account, specifically may include the following step: encrypting account information bound to a user, to obtain the account password or account access code. After creating account information for a user, the account management server binds the user to the created account information, and the account management server first acquires the account information, and then encrypts the account information, thereby obtaining the account password or account access code. That is to say, after acquiring account information bound to a user, the account management server does not directly sends the account information to the user, but may encrypt the account information, to generate an account password or account access code, the account management server sends the account password or account access code to the user, the user terminal receives the account password or account access code, but may not receive the account information, and thus leakage of the account information at the user terminal may be avoided, thereby avoiding account security risks brought about to the user by leakage of the account information.

For example, if the account management server manages account information about three users, and the three users are respectively user A, user B and user C, wherein account information bound to the user A is 123, account information bound to the user B is 456, and account information bound to the user C is 789, the account management server may encrypt the account information of the user A, i.e., 123, to obtain an account password or account access code of the user A, and respectively encrypt the user B and the user C in a similar manner, to obtain an account password or account access code of the user B and an account password or account access code of the user C.

Specifically, that the account management server encrypts account information bound to a user may be implemented in many manners, for example, dynamically encrypt the account information bound to the user, to generate a dynamic account password or account access code. In this embodiment of the present application, that the account management server dynamically encrypts the account information may refer to the manner in which the account management server encrypts the account information bound to the user by selecting an algorithm in multiple encryption algorithms to generate a dynamic account password or account access code, for example, the multiple encryption algorithms may include numerical calculation, logic operation, preset computational logic manners and other algorithms, the dynamic account password or account access code generated in this embodiment of the present application may include: numbers, character strings, operators and the like, and the dynamic account password or account access code may be generated by a predetermined function according to timestamp, user ID, account information and the like. For example, the account management server adopts different encryption algorithms for multiple users, so as to create account passwords for the users, also, the account management server, for multiple requests from the same user, may adopt a different encryption algorithm each time to generate an account password or account access code. The account passwords are dynamic, and it is quite difficult to crack them, which may effectively protect user account information from leakage.

In this embodiment of the present application, after the account information bound to the user is dynamically encrypted, a dynamic account password or account access code may be obtained, and with respect to the manner in the prior art in which the account management server sends static account information to a user terminal, dynamically encrypting the account information to obtain a dynamic account password or account access code in this embodiment of the present application may protect the account information more securely, may improve the security level when the user performs payment, and avoid the risk of leaking the account information. Specifically, in this embodiment of the present application, the account management server, when dynamically encrypting the account information, also may dynamically encrypt other information in addition to the account information, for example, the user's user ID and creation timestamp, to obtain a dynamic account password or account access code； it may be understood that, by dynamically encrypting the account information, the user ID and the creation timestamp, an account password or account access code with a higher security level may be obtained, which increases the difficulty of cracking the account password or account access code, thereby effectively protecting the user's account security. Specifically, in this embodiment of the present application, that the account management server dynamically encrypts the account information may decide which encryption algorithm is adopted for implementation according to a specific application scenario, for example, a dynamic encryption algorithm may be Message Digest Algorithm 5 (MD5) , a public key encryption algorithm (RSA) and the like.

The foregoing embodiment introduces the manner in which the account management server generates an account password or account access code according to account information, next, the manner in which the account management server generates an account password or account access code without using account information in the embodiments of the present application is described, in some embodiments of the present application, after the account management server creates an account password or account access code for a user account, the following step may be included: establishing a correspondence relationship between the account password or account access code and the account information bound to the user. For example, the account management server randomly generates an account password or account access code, for instance, if the account management server manages account information of three users, and the three users are respectively user A, user B and user C, wherein account information bound to the user A is 123, account information bound to the user B is 456, and account information bound to the user C is 789, the three account passwords or account access codes randomly generated by the account management server are respectively abcd, efgh and ijkl, generation of the three account passwords is completely decided by the account management server, then the account management server respectively establishes a correspondence relationship between each account password or account access code and account information bound to a user, and the correspondence relationship may be stored in a manner of a list of correspondence relationships, for example, referring to the following Table 1, Table 1 shows a list of correspondence relationships between account information bound to users and account passwords:

Table 1

It should be noted that, in some other embodiments of the present application, in order to further ensure the user's account security, after the account management server creates an account password or account access code for a user account, the following step may be included: setting a life cycle for the account password or account access code. The life cycle refers to a validity period that the account management server sets for the account password or account access code, for example, the account management server sets a life cycle of 30 minutes for the account password or account access code, if the user uses the account password or account access code for payment within 30 minutes, confirmation from the account management server may be obtained, so that the payment is successful, and if it exceeds 30 minutes, the account password or account access code set by the account management server may be invalid, the account management server needs to re-send a new account password or account access code to the user, so that the user's account security may be effectively protected.

It should be noted that, in this embodiment of the present application, the account management server is used for managing user account information, for example, after a user purchases a prepaid card issued by a card issuer, the card issuer may create account information for the user through the account management server, the user's user ID, card number of a prepaid card, purchase amount, card number expiration time and the like are included, the account management server binds the account information to the user, and the account information is stored in the account management server, wherein the account management server specifically may be set at a cloud end, to be implemented through a cloud server, and the sales terminal may complete the payment process through interaction with the cloud server.

102. Send the account password to a user terminal, wherein the user terminal displays the account password in a form of an identification code.

In this embodiment of the present application, after the account management server generates an account password or account access code for a user, the account management server sends the account password or account access code to a user terminal operated by the user, and the user receives the account password or account access code sent by the account management server through the user terminal operated by the user, but the user terminal does not need to acquire account information of the user, which may avoid that the account information of the user is leaked through the user terminal.

In some embodiments of the present application, after the user terminal receives the account password or account access code from the account management server, the user terminal may display the account password or account access code in a form of an identification code, wherein the identification code is a code for uniquely identifying the account password or account access code, and the identification code may facilitate storage or one-by-one query and retrieval, and may avoid leakage for the account password or account access code； specifically, the identification code may include: bar codes and two-dimensional codes. The two-dimensional codes specifically may refer to the PDF417 two-dimensional codes and the like. Step 102, i.e., sending the account password to a user terminal, specifically may include the following steps: generating two-dimensional code information according to the account password or account access code； and sending the two-dimensional code information to the user terminal. After the account management server generates the account password or account access code, in order to facilitate the user to use the account password or account access code for payment, the account management server may generate two-dimensional code information according to the account password or account access code, the account management server sends the two-dimensional code information to a user terminal used by the user, the user terminal may display the two-dimensional code information, and the user uses the user terminal to perform payment on the sales terminal of the business, which may make the user perform payment more conveniently. In addition, that the account management server generates two-dimensional code information according to the account password or account access code in this embodiment of the present application is only one feasible implementation manner, and the manner in which the account management server sends the account password or account access code to a user terminal also may have other implementation measures, for example, the account management server directly sends the account password or account access code to the user terminal, and the user terminal sends the account password or account access code to the sales terminal by means of Bluetooth or short-distance wireless communication； for another example, the account management server also may generate a bar code according to the account password or account access code, and then send the bar code to the user terminal, and the sales terminal may swipe or scan the bar code displayed in the user terminal, to acquire the account password or account access code from it.

103. Receive a payment request message sent by a sales terminal.

The payment request message includes the account the account password or account access code acquired by the sales terminal from the user terminal.

In this embodiment of the present application, after the user receives the account password or account access code sent by the account management server through the user terminal, the user may use the account password or account access code to go to the business for consumption, and when the user confirms purchasing the business's goods or services, the user may send the account password or account access code to the business's sales terminal, and the user may perform payment without knowing the user's real account information, which thus may avoid that the user's real account information is leaked. For example, if the user terminal displays the account password or account access code represented by two-dimensional code information, the business scans or swipes the two-dimensional code information displayed in the user terminal through the sales terminal, the sales terminal decodes the two-dimensional code information, and the account password or account access code may be acquired, then the sales terminal generates a payment request message according to the account password or account access code, and carries the account password or account access code in the payment request message to be sent to the account management server, and in addition to the account password or account access code carried in the payment request message, the payment request message also includes: the amount paid by the user, the order number and/or the payee account. For example, in addition to carrying the account password or account access code, the payment request message usually carries order information necessary for a successful transaction, such as a transaction serial number, the payee account (a business logo) , the amount that is paid, and transaction time. If the account management server receives the payment request message sent by the sales terminal, the account management server may acquire the account password or account access code from the payment request message, that is, no matter which user managed by the account management server requests payment, the account management server may confirm the payment behavior of the user, and after confirming account information, the account management server may store the payment amount, the order number and the payee account of the account information. In this embodiment of the present application, the sales terminal acquires the account password or account access code from the user terminal, the payment request message sent by the sales terminal to the account management server is the account password or account access code, the sales terminal does not need to acquire the user account information, the sales terminal does not need to send the account information to the account management server, and the payment may be completed, which thus may avoid the risk of account security caused by leakage of the user account information.

It should be noted that, in some embodiments of the present application, if the account management server further sets a life cycle for the account password or account access code, after the account management server receives the payment request message, the embodiments of the present application further need to perform the following method: judging whether the life cycle of the account password or account access code ends； if the life cycle of the account password or account access code has ended, sending a payment failure message to the sales terminal； and if the life cycle of the account password or account access code does not end, triggering execution of step 104, i.e., acquiring account information corresponding to the account password or account access code according to the payment request message. When the account password or account access code has exceeded the validity period, the account management server feeds back the payment failure message to the sales terminal, to terminate the transaction.

104. Acquire account information corresponding to the account password according to the payment request message.

In this embodiment of the present application, after the account management server receives the payment request message, the account management server acquires the account password or account access code carried in payment request message through the payment request message, the account management server acquires account information corresponding to the account password or account access code； in this embodiment of the present application, it is only necessary for the account management server to store the user account information and for the account management server to acquire account information corresponding to the account password or account access code when receiving the account password or account access code sent by the sales terminal, and thus the account information may not be leaked, which improves the user's account security.

In some embodiments of the present application, if the account management server obtains the account password or account access code in a manner of encrypting the account information, step 104, i.e., acquiring account information corresponding to the account password according to the payment request message, specifically may include the following steps: acquiring the account password or account access code from the payment request message； and decrypting the acquired account password or account access code, to obtain account information corresponding to the account password or account access code. The manner in which the account management server decrypts the account password or account access code is a reverse process opposite to the manner of encrypting the account password or account access code, if the manner of dynamically encrypting the account password or account access code is adopted, it is necessary herein to adopt a reverse process opposite to the manner of dynamically encrypting the account password or account access code for decryption, so as to obtain the account information.

In some other embodiments of the present application, if the account management server adopts an implementation manner of establishing a correspondence relationship between an account password or account access code and account information, step 104, i.e., acquiring account information corresponding to the account password according to the payment request message, specifically may include the following steps: acquiring the account password or account access code from the payment request message； and acquiring account information corresponding to the account password or account access code according to a correspondence relationship between account information bound to the user and the account password or account access code. The account management server stores a correspondence relationship between an account password or account access code and account information, and after the account management server receives the account password or account access code carried in the payment request message sent by the sales terminal, the account management server acquires account information corresponding to the account password or account access code according to the stored correspondence relationship, for example, regarding the correspondence relationship shown in Table 1, if the account password or account access code received by the account management server is efgh, according to the correspondence relationship, the account management server may acquire that account information corresponding to the account password efgh is 456, and the account management server may acquire according to the account information 456 that it is a payment behavior initiated by the user B.

105. Send a payment confirmation message to the sales terminal according to the account information.

In this embodiment of the present application, the account management server authenticates the payment request message sent by the sales terminal, after acquiring the account information corresponding to the account password or account access code carried in the payment request message, the account management server performs relevant account and order verification according to the account information, and after the account and order verification passes, the account management server sends a payment confirmation message to the sales terminal according to the account information, to indicate that the user presents a valid real account to the business, and the business completes the payment process according to the payment confirmation message received by the sales terminal from the account management server, wherein the payment confirmation message is confirmation for the payment behavior initiated by the user made by the account management server according to the payment request message, the account management server may acquire, through the payment request message, the account password or account access code and necessary order information carried in the payment request message, for example, the transaction serial number, the business logo, the amount of payment, transaction time and the like, and the payment confirmation message sent by the account management server to the sales terminal also may include confirmed transaction serial number, confirmed business logo, the confirmed amount of payment, confirmed transaction time and the like. The account management server records transaction information of the transaction into the account information bound to the user, as transaction confirmation for the account information bound to the user, so as to facilitate subsequent users to perform query through user terminals.

It may be known according to the description about this embodiment of the present application that, an account management server first creates an account password or account access code bound to a user account, and sends the account password or account access code to a user terminal, the user terminal displays the account password or account access code in a form of an identification code, when a user uses the account password or account access code for payment, a sales terminal acquires the account password or account access code from the user terminal, then the sales terminal generates a payment request message according to the account password or account access code and sends the payment request message to the account management server, after the account management server receives the payment request message, the account management server acquires account information corresponding to the account password or account access code carried in the payment request message, and finally, the account management server sends a payment confirmation message to the sales terminal according to the account information, so as to complete the whole payment process. As the account management server sends the account password or account access code to the user instead of user account information and the sales terminal acquires the account password or account access code from the user terminal instead of the user account information, only the account management server may acquire account information according to the account password or account access code, which thus may avoid that the user account information is leaked at a user terminal side and a sales terminal side to pose a threat to the user's account security, and may improve security of the user account information.

Next, another embodiment of the account information management method according to the present application is introduced, which may be implemented based on the sales terminal side, and may include: acquiring an account password or account access code displayed by a user terminal in a form of an identification code from the user terminal； creating a payment request message according to the account password or account access code, wherein the payment request message includes the account password or account access code； sending the payment request message to an account management server； and receiving a payment confirmation message sent by the account management server.

Referring to FIG. 2, the account information management method according to another embodiment of the present application may include the following steps.

201. Acquire an account password displayed by a user terminal in a form of an identification code from the user terminal.

In this embodiment of the present application, after a user receives an account password or account access code sent by an account management server through a user terminal, the user terminal may display the account password or account access code in a form of an identification code； for example, the identification code may be a bar code or a two-dimensional code. The user may use the account password or account access code to go to a business for consumption, and when the user confirms purchasing the business's goods or services, the user may send the account password or account access code to the business's sales terminal, the sales terminal may acquire the account password or account access code from a user terminal operated by the user, the user may perform payment without knowing the user's real account information, and the sales terminal only needs to acquire the account password or account access code from the user terminal and then may interact with the account management server, that is to say, the user terminal and the sales terminal do not need to acquire the user's real account information, which thus may avoid the risk of account security caused by leakage of the user's real account information.

In some embodiments of the present application, in step 201, i.e., acquiring an account password or account access code displayed by a user terminal in a form of an identification code from the user terminal, if the user terminal displays an account password or account access code represented with two-dimensional code information, the following steps may be specifically included: scanning two-dimensional code information displayed in the user terminal； and acquiring the account password or account access code from the two-dimensional code information. The business swipes the two-dimensional code information displayed in the user terminal through a sales terminal, the sales terminal decodes the two-dimensional code information, and the account password or account access code may be obtained. In addition, that the account management server generates two-dimensional code information according to the account password or account access code in this embodiment of the present application is only one feasible implementation manner, and the manner in which the account management server sends the account password or account access code to a user terminal also may have other implementation measures, for example, the account management server directly sends the account password or account access code to the user terminal, and the user terminal sends the account password or account access code to the sales terminal by means of Bluetooth or short-distance wireless communication； for another example, the account management server also may generate a bar code according to the account password or account access code, and then send the bar code to the user terminal, and the sales terminal may swipe or scan the bar code displayed in the user terminal, to acquire the account password or account access code from it.

202. Create a payment request message according to the account password.

The payment request message includes the account password or account access code.

In this embodiment of the present application, after the sales terminal acquires the account password or account access code from the user terminal, the sales terminal generates a payment request message according to the account password or account access code, and carries the account password or account access code in the payment request message, wherein in addition to the account password or account access code carried in the payment request message, the payment request message also includes: the amount paid by the user, the order number and/or the payee account. For example, in addition to carrying the account password or account access code, the payment request message usually carries order information necessary for a successful transaction, such as transaction serial number, business logo, the amount that is paid, and transaction time. If the account management server receives the payment request message sent by the sales terminal, the account management server may acquire the account password or account access code from the payment request message, that is, no matter which user managed by the account management server requests payment, the account management server may confirm the payment behavior of the user. In this embodiment of the present application, the sales terminal acquires an account password or account access code from the user terminal, the payment request message created by the sales terminal carries the account password or account access code, the sales terminal does not need to acquire the user account information, the payment request message created by the sales terminal does not need to carry account information, and the payment may be completed, which thus may avoid the risk of account security caused by leakage of the user account information.

In some embodiments of the present application, in order to further improve the user's account security, step 202, i.e., creating a payment request message according to the account password or account access code, specifically may include: receiving a password or account access code entered by a user； and generating the payment request message according to the password or account access code and the account password or account access code. After acquiring the account password or account access code displayed in the user terminal, the sales terminal also may receive a password (e.g., a Personal Identification Number or PIN) entered by the user, and then carries the account password and the password in the created payment request message, and if the user cannot provide a correct password, the payment cannot be completed.

203. Send the payment request message to an account management server.

In this embodiment of the present application, after the sales terminal creates the payment request message, the sales terminal sends the payment request message to an account management server. The sales terminal and the account management server establish a communication connection therebetween, for example, the sales terminal sends the payment request message to the account management server via the Internet.

204. Receive a payment confirmation message sent by the account management server.

In this embodiment of the present application, after the account management server receives the payment request message, the account management server acquires the account password or account access code carried in the payment request message through the payment request message, and the account management server acquires account information corresponding to the account password or account access code, and sends a payment confirmation message to the sales terminal according to the account information； so, if the sales terminal receives the payment confirmation message from the account management server, the sales terminal may confirm according to the payment confirmation message that the user presents a real account and the payment amount in the account has been allocated, and the sales terminal completes the transaction. In this embodiment of the present application, it is only necessary for the account management server to store the user account information and for the account management server to acquire account information corresponding to the account password or account access code when receiving the account password or account access code sent by the sales terminal, and thus the account information may not be leaked, which improves the user's account security.

It may be known according to the description about this embodiment of the present application that, when a user uses the account password or account access code for payment, a sales terminal acquires the account password or account access code from a user terminal, then the sales terminal generates a payment request message according to the account password or account access code and sends the payment request message to an account management server, after the account management server receives the payment request message, the account management server acquires account information corresponding to the account password or account access code carried in the payment request message, and finally, the account management server sends a payment confirmation message to the sales terminal according to the account information, so as to complete the whole payment process. As the account management server sends the account password or account access code to the user instead of user account information and the sales terminal acquires the account password or account access code from the user terminal instead of the user account information, only the account management server may acquire account information according to the account password or account access code, which thus may avoid that the user account information is leaked at a user terminal side and a sales terminal side to pose a threat to the user's account security, and may improve security of the user account information.

To facilitate better understanding and implementation of the solutions in the embodiments of the present application, corresponding application scenarios are exemplified for specific description.

Referring to FIG. 3, FIG. 3 is a schematic diagram of an interaction process between network elements in an account information management system according to an embodiment of the present application, description is given by taking that the user account information is specifically card number of a prepaid card as an example, the user terminal operated by the user is specifically a mobile phone terminal, the user's user ID is the user's WeChat ID, and the account management server specifically may be a cloud server. The account information management method according to the present application may include the following content.

First, the account management server creates an account password or account access code bound to a user account. By taking that the account information is specifically card number of a prepaid card as an example, the account management server dynamically encrypts card number of a prepaid card bound to a user, to obtain a dynamic account password or account access code, and sets a life cycle of the dynamic account password or account access code as 5 minutes. For example, the account management server dynamically encrypts card number of a prepaid card bound to a user, a user's WeChat ID, creation timestamp and a key according to an MD5 encryption algorithm, to generate a 32-bit dynamic account password or account access code, the account management server records the dynamic account password or account access code, the card number of a prepaid card, the user's WeChat ID, password generation time and other parameters into a memory cache, and sets a life cycle of 5 minutes for the dynamic account password or account access code, the account management server dynamically monitors whether the account password or account access code exceeds the life cycle, and the account management server dynamically manages dynamic card numbers that have expired.

Also, the account management server dynamically encrypts the prepaid card number bound to the user, the user's WeChat ID and the creation timestamp according to an RSA encryption algorithm, takes a generated RSA encrypted string as a dynamic password or account access code, and sets a life cycle of 5 minutes for the dynamic account password or account access code, the account management server dynamically monitors whether the account password or account access code exceeds the life cycle, and the account management server dynamically manages dynamic card numbers that have expired.

After the account management server creates the account password or account access code, the account management server generates two-dimensional code information according to the dynamic account password or account access code, and the mobile phone terminal operated by the user sends the two-dimensional code information. Then, the user receives the two-dimensional code information through the mobile phone terminal, the user terminal displays account information in a form of the two-dimensional code, the user may use the two-dimensional code displayed in the mobile phone terminal to go to a business for consumption, the business scans the two-dimensional code in the mobile phone terminal through a sales terminal, the sales terminal obtains the account password or account access code by decoding from the two-dimensional code information, then the sales terminal receives a password or account access code entered by the user, and the sales terminal generates a payment request message according to the account password or account access code and the password or account access code, and sends the payment request message to the account management server.

The account management server receives the payment request message sent by the sales terminal, and acquires the account password or account access code from it, the account management server first judges whether the account password or account access code exceeds the life cycle of 5 minutes, if the account password or account access code has expired, the account management server feeds back a payment failure message to the sales terminal, the sales terminal prompts the business that the payment fails, if the account password or account access code is still in the validity period, the account management server acquires account information corresponding to the account password or account access code according to the account password or account access code. For example, if the account management server has used the MD5 encryption algorithm to encrypt the account password or account access code, the account management server may acquire the account password or account access code from the payment request message sent by the sales terminal, and queries corresponding account information in the memory cache and the life cycle of the account password or account access code according to the acquired account password or account access code, so as to confirm validity of the account password or account access code. If the account management server uses the RSA encryption algorithm to generate a dynamic account password or account access code, an encrypted original string may include account information bound to the user, creation timestamp of the account password or account access code, validity time of the account password or account access code and other information, the account management server may perform decryption according to an inverse algorithm of the RSA encryption algorithm, and acquires corresponding account information and the life cycle of the account password or account access code, so as to confirm validity of the account password or account access code.

After the account management server acquires the user account information, the account management server feeds back a payment confirmation message to the sales terminal according to the account information, and the sales terminal completes the whole payment process according to the received payment confirmation message.

It may be known through the description about one application scenario that, when a user uses the account password or account access code for payment, a sales terminal acquires the account password or account access code from a user terminal, then the sales terminal generates a payment request message according to the account password or account access code and sends the payment request message to an account management server, after the account management server receives the payment request message, the account management server acquires account information corresponding to the account password or account access code carried in the payment request message, and finally, the account management server sends a payment confirmation message to the sales terminal according to the account information, so as to complete the whole payment process. As the account management server sends the account password or account access code to the user instead of user account information and the sales terminal acquires the account password or account access code from the user terminal instead of the user account information, only the account management server may acquire account information according to the account password or account access code, which thus may avoid that the user account information is leaked at a user terminal side and a sales terminal side to pose a threat to the user's account security, and may improve security of the user account information.

It should be noted that, regarding the foregoing method embodiments, for the sake of simple description, they are expressed as a series of action combinations, but persons skilled in the art should know that, the present application is not limited by the described action order, because according to the present application, some steps may be performed in another order or simultaneously. Secondly, persons skilled in the art also should know that, the embodiments described in the specification are preferred embodiments, and actions and modules involved therein are not necessarily required by the present application.

To facilitate better implementation of the solutions in the embodiments of the present application, relevant apparatuses for implementing the solutions are further provided below.

Referring to FIG. 4A, an account management server 400 according to an embodiment of the present application may include: a password creation module 401, a password sending module 402, a payment request receiving module 403, an account information acquisition module 404 and a payment confirmation sending module 405, wherein,

the password creation module 401 is used for creating an account password or account access code bound to a user account；

the password sending module 402 is used for sending the account password or account access code to a user terminal, wherein the user terminal displays the account password or account access code in a form of an identification code；

the payment request receiving module 403 is used for receiving a payment request message sent by a sales terminal, wherein the payment request message includes the account password or account access code acquired by the sales terminal from the user terminal；

the account information acquisition module 404 is used for acquiring account information corresponding to the account password or account access code according to the payment request message； and

the payment confirmation sending module 405 is used for sending a payment confirmation message to the sales terminal according to the account information.

In some embodiments of the present application, the account information acquisition module 404 is specifically used for acquiring the account password or account access code from the payment request message； and acquiring account information corresponding to the account password or account access code according to a correspondence relationship between account information bound to the user and the account password or account access code.

In some embodiments of the present application, the password creation module 401 is specifically used for encrypting the account information bound to the user, to obtain the account password or account access code； and

the account information acquisition module 404 is specifically used for acquiring the account password or account access code from the payment request message； and decrypting the acquired account password or account access code, to obtain the account information corresponding to the account password or account access code.

Specifically, the password creation module 401 is specifically used for dynamically encrypting the account information bound to the user, to generate the account password or account access code which is dynamic.

Compared with FIG. 4A, referring to FIG. 4B, in some embodiments of the present application, the account management server 400 further includes: a timeliness setting module 406, a timeliness monitoring module 407 and a payment failure sending module 408, wherein,

the timeliness setting module 406 is used for setting a life cycle for the account password or account access code；

the timeliness monitoring module 407 is used for, after the payment request receiving module receives the payment request message, judging whether the life cycle of the account password or account access code ends, if the life cycle of the account password or account access code has ended, triggering execution of the payment failure sending module, and if the life cycle of the account password or account access code does not end, triggering execution of the account information acquisition module； and

the payment failure sending module 408 is used for sending a payment failure message to the sales terminal when the life cycle of the account password or account access code has ended.

In some embodiments of the present application, the password sending module 401 is specifically used for generating two-dimensional code information according to the account password or account access code； and sending the two-dimensional code information to the user terminal.

In some embodiments of the present application, the payment request message received by the payment request receiving module 403 further includes the amount paid by the user, the order number and/or the payee account.

Referring to FIG. 5, a sales terminal 500 according to an embodiment of the present application may include: a password acquisition module 501, a payment request creation module 502, a payment request sending module 503 and a payment confirmation receiving module 504, wherein,

the password acquisition module 501 is used for acquiring an account password or account access code displayed by a user terminal in a form of an identification code from the user terminal；

the payment request creation module 502 is used for creating a payment request message according to the account password or account access code, wherein the payment request message includes the account password or account access code；

the payment request sending module 503 is used for sending the payment request message to the account management server； and

the payment confirmation receiving module 504 is used for receiving a payment confirmation message sent by the account management server.

In some embodiments of the present application, the password acquisition module 501 is specifically used for scanning two-dimensional code information displayed in the user terminal； and acquiring the account password or account access code from the two-dimensional code information.

In some embodiments of the present application, the payment request creation module 502 is specifically used for receiving a password or account access code entered by the user； and generating the payment request message according to the password or account access code and the account password or account access code.

In some embodiments of the present application, the payment request message created by the payment request creation module 502 further includes the amount paid by the user, the order number and/or the payee account.

Referring to FIG. 6, an account information management system 600 according to an embodiment of the present application may include: an account management server 400, a sales terminal 500 and a user terminal 601, wherein,

the account management server 400 may be the account management server described in any embodiment of FIGS. 4A and 4B, the sales terminal 500 may be the sales terminal described in any embodiment of FIG. 5, and the user terminal 601 is used for receiving an account password or account access code sent by the account management server； displaying the account password or account access code in a form of an identification code； and sending the account password or account access code to the sales terminal.

In some embodiments of the present application, the identification code displayed by the user terminal 601 includes: bar codes and two-dimensional codes.

It may be known according to the description about this embodiment of the present application that, in an account information management system, an account management server first creates an account password or account access code bound to a user account, and sends the account password or account access code to a user terminal, the user terminal displays the account password or account access code in a form of an identification code, when a user uses the account password or account access code for payment, a sales terminal acquires the account password or account access code from the user terminal, then the sales terminal generates a payment request message according to the account password or account access code and sends the payment request message to the account management server, after the account management server receives the payment request message, the account management server acquires account information corresponding to the account password or account access code carried in the payment request message, and finally, the account management server sends a payment confirmation message to the sales terminal according to the account information, so as to complete the whole payment process. As the account management server sends the account password or account access code to the user instead of user account information and the sales terminal acquires the account password or account access code from the user terminal instead of the user account information, only the account management server may acquire account information according to the account password or account access code, which thus may avoid that the user account information is leaked at a user terminal side and a sales terminal side to pose a threat to the user's account security, and may improve security of the user account information.

Figure 7 is a diagram of a client-server environment 700 for protecting account information, in accordance with some implementations of the present application. While certain specific features are illustrated, those skilled in the art will appreciate from the present disclosure that various other features have not been illustrated for the sake of brevity and so as not to obscure more pertinent aspects of the implementations disclosed herein. To that end, the client-server environment 700 includes one or more mobile phone operators 702, one or more internet service providers 704, and a communications network 706.

The mobile phone operator 702 (e.g., wireless carrier) , and the Internet service provider 704 are capable of being connected to the communication network 706 in order to exchange information with one another and/or other devices and systems. Additionally, the mobile phone operator 702 and the Internet service provider 704 are operable to connect client devices to the communication network 706 as well. For example, a smart phone 708 is operable with the network of the mobile phone operator 702, which includes for example, a base station 703. Similarly, for example, a laptop computer 710 (or tablet, desktop, smart television, workstation or the like) is connectable to the network provided by an Internet service provider 704, which is ultimately connectable to the communication network 706.

The communication network 706 may be any combination of wired and wireless local area network (LAN) and/or wide area network (WAN) , such as an intranet, an extranet, including a portion of the Internet. It is sufficient that the communication network 706 provides communication capability between client devices (e.g., smart phones 708 and personal computers 710) and servers. In some implementations, the communication network 706 uses the HyperText Transport Protocol (HTTP) to transport information using the Transmission Control Protocol/Internet Protocol (TCP/IP) . HTTP permits a client device to access various resources available via the communication network 706. However, the various implementations described herein are not limited to the use of any particular protocol.

In some implementations, the client-server environment 700 further includes an account information protection server system 711. Within the account information protection server system 711, there is a server computer 712 (e.g., a network server such as a web server) for receiving and processing data received from the client device 708/710 (e.g., identifying information about the present or prior user) or a point of sale terminal 716. In some implementations, the account information protection server system 711 stores (e.g., in a database 714) and maintains account information corresponding to one or more user accounts for users of a mobile payment system. In some embodiments, the account information protection system 711 is part of a general mobile payment system or a general mobile banking system.

In some implementations, the account information protection system 711 sends and receives various communications to and from a client device 708/710 or point of sale terminal 716. In some embodiments, these communications or the information in these communications are stored and retrieved from database 714. In some embodiments, the account information protection system 711 receives a payment request from a first user of client device 708/710 and sends to the client device 708/710 an account access code associated with the first user. In some embodiments, identification and authentication of the first user is performed before sending the account access code. In some embodiments, identification and/or authentication is performed by the account information protection system 711 through account-related security measures such as matching an entered user name, password or answer to one or more security questions. In some embodiments, identification and/or authentication of the first user is performed using security measures of the client device 708/710 such as entry of a device passcode, matching of registered fingerprints, matching of a retina or facial scan or answering of a security question. In some embodiments, the account information protection system 711 receives a transaction confirmation request from a point of sale terminal 716, and sends a confirmation or rejection message back to point of sale terminal 716.

Those skilled in the art will appreciate from the present disclosure that any number of such devices and/or systems may be provided in a client-server environment, and particular devices may be altogether absent. In other words, the client-server environment 700 is merely an example provided to discuss more pertinent features of the present disclosure. Additional server systems, such as domain name servers and client distribution networks may be present in the client-server environment 700, but have been omitted for ease of explanation.

Figure 8 is a diagram of an example implementation of the server 712 for protecting account information, in accordance with some implementations of the present application. While certain specific features are illustrated, those skilled in the art will appreciate from the present disclosure that various other features have not been illustrated for the sake of brevity and so as not to obscure more pertinent aspects of the implementations disclosed herein.

Server 712 includes one or more processing units (CPU’s ) 804, one or more network or other communications interfaces 808, an optional user interface 801 (optionally comprising elements such as a keyboard 801-1 or display 801-2) , memory 806, and one or more communication buses 805 for interconnecting these and various other components. The communication buses 805 may include circuitry (sometimes called a chipset) that interconnects and controls communications between system components. Memory 806 includes high-speed random access memory, such as DRAM, SRAM, DDR RAM or other random access solid state memory devices； and may include non-volatile memory, such as one or more magnetic disk storage devices, optical disk storage devices, flash memory devices, or other non-volatile solid state storage devices. Memory 806 may optionally include one or more storage devices remotely located from the CPU (s) 804. Memory 806, including the non-volatile and volatile memory device (s) within memory 806, comprises a non-transitory computer readable storage medium.

In some implementations, memory 806 or the non-transitory computer readable storage medium of memory 806 stores the following programs, modules and data structures, or a subset thereof including an operating system 816, a network communication module 818, and an account information protection server module 831.

The operating system 816 includes procedures for handling various basic system services and for performing hardware dependent tasks.

The network communication module 818 facilitates communication with other devices via the one or more communication network interfaces 808 (wired or wireless) and one or more communication networks, such as the internet, other wide area networks, local area networks, metropolitan area networks, and so on.

In some implementations, the account information protection server module 831 includes an account access code generation sub-module 802 for generating one or more temporary account access codes for a respective user, optionally using information embedded in a payment request from a client device 708/710. To this end, the account access code generation sub-module 802 includes a set of instructions 802-1 and, optionally, metadata 802-2. In some implementations, the account information protection server module 831 includes an account access code comparison sub-module 821 having a set of instructions 821-1 (e.g., for optionally comparing a first account access code sent to a device 708/710 and a second account access code received from a point of sale terminal 716) and, optionally, metadata 821-2, as well as an account access code encryption sub-module 803 having a set of instructions 803-1 (e.g., for optionally encrypting a first account access code and decrypting a second account access code) and optionally metadata 803-2. In some implementations, the account information protection server module 831 includes a fraud detection sub-module 822 having a set of instructions 822-1 (e.g., for optionally performing fraud detection protective measures such as locking out device 708/710 from making any more mobile payment requests through server 712, or informing the user associated with the client device 708/710 through alternate means such as email) and, optionally, metadata 821-2.

Figure 9 is a structural diagram of realization device 900 of protecting account information based on the embodiment of the present application.

As is shown in Figure 9, this device includes: a communications unit 904, and a processing unit 906 comprising an account access code generation unit 901, account access code comparison unit 902, account access code encryption unit 903, and fraud detection unit 905, among which:

Account access code generation unit 901: configured to generate one or more temporary account access codes for a respective user, optionally using information embedded in a payment request from a client device 708/710；

Data deletion unit 902: configured to delete any confidential data stored in memory；

Passcode detection unit 903: configured to detect correct user input of a passcode on the protective user interface；

User interface retrieval unit 905: configured to retrieve one or more elements of the protective user interface from a remote server or locally stored information on device.

Display unit 904 is configured to display a protective user interface, and a normal user interface for a respective application in accordance with various embodiments described herein.

It is acceptable to integrate the device shown in Figure 9 into hardware entities of a variety of networks. For example, the realization device for the generation of a protective user interface is allowed to be integrated into: devices including feature phone, smart phone, palmtop, personal computer (PC) , tablet computer or personal digital assistant (PDA) , etc.

Figures 10A to 10B depict a flow chart of a method 1000 of protecting account information at an account management server in accordance with some implementations of the present application. At an account management server having one or more processors, and memory for storing programs to be executed by the one or more processors, the method 1000 comprises receiving (1002) , from a portable electronic device associated with a first user account, a request to make a payment at the portable electronic device. In some embodiments, the request is from an application running on a portable electronic device, and in some embodiments, the request is from a proprietary application associated with the server, running on the portable electronic device (e.g., a banking application, or a retail store application) .

The method includes, in response to the payment request, creating (1004) a temporary first account access code associated with the first user account (e.g., a bar code or QR code, or two-dimensional code) . In some embodiments, the payment request comprises (1006) date, time, location or payee information of the payment request, and the first account access code is generated in accordance with one or more of the date, time, location or payee information of the payment request. In some embodiments, the first account access code embeds date, time, location or payee information into the code. In some embodiments, the first account access code can only be used within a certain time frame of the date and time information of the payment request. In some embodiments, the first access code corresponds to and is limited to the location and/or the payee of the payment request. In some embodiments, the first access code is encrypted, and in some embodiments, the first access code is encrypted (1008) using a dynamic encryption algorithm.

The method further includes, storing (1010) a copy of the first account access code at the server. In some embodiments, the stored copy of the first account access code is encrypted. In some embodiments, the stored copy of the first account access code is encrypted. In some embodiments, the stored copy of the first account access code is deleted (1012) from the server after passage of a predetermined amount of time (e.g., there is an expiration time associated with the account access code) .

The method further includes, sending (1014) the first account access code to the portable electronic device. In some embodiments, a representation of the first account access code is sent to the portable electronic device, so that the device can directly display the representation (e.g., barcode or two-dimensional code) . In some embodiments, information corresponding to the first account access code is sent, so that the device can create a representation of the first account access code.

The method further includes receiving (1016) a transaction confirmation request sent from a sales terminal, wherein the transaction confirmation request comprises a second account access code. For example, if a user of the portable electronic device displayed a representation of the first account access code to a sales terminal, the sales terminal obtains that representation (e.g., by scanning the code) , and sends information corresponding to an account access code to the server for verification that this portable electronic device is authorized to make the payment with the sent code. In some embodiments, the first account access code and the second account access code each correspond (1018) to two-dimensional bar codes, respectively. For example, information to generate two-dimensional codes, or graphical representations of the two-dimensional codes.

The method further includes, in accordance with a determination that the second account access code matches the first account access code stored at the server (1020) : sending (1022) a transaction confirmation message to the sales terminal. For example, the server may match the first account access code and the second account access code by decrypting both codes and comparing the information representing each code, respectively. In some embodiments, the method further includes sending (1024) a transaction notification to the portable electronic device. For example, the notification could be a pop-up message on the portable electronic device to confirm that the transaction was successful, or a message sent to a mailbox or message system associated with an application used to make the payment. In some embodiments, the method further includes storing (1026) a copy of the transaction in the first user account. For example, the server keeps track of the transactions associated with a respective user, for future retrieval by the server or the user.

In some embodiments, the method further includes, in accordance with a determination that the second account access code does not match the first account access code (1028) , sending (1030) a transaction rejection message to the sales terminal. For example, a transaction rejection message informs the sales terminal that the transaction could not be completed. In some embodiments, the transaction rejection message alerts the sales terminal that this may be an attempt to commit fraud (e.g., if the same second account access code has been used for more than one failed transaction) . In some embodiments, the transaction rejection message informs the sales terminal to try the transaction again. In some embodiments the server sends a request to the portable electronic device to provide some identifying or authenticating information to receive a freshly created first account access code (e.g., enter login credentials such as a password, enter biometric data such as a thumbprint or answer a security question) .

In some embodiments, the method further includes, in accordance with a determination that the second account access code does not match the first account access code (1028) , sending (1032) a fraud detection alert to the portable electronic device. In some embodiments, the method further includes locking (1034) out the first user account from future commercial transactions. For example, the user account is temporarily or permanently unable to obtain new first account access codes to make mobile payments. In some embodiments, the method further includes flagging the first user account at the account management server (e.g., blacklisting or disabling the account) .

FIG. 11A illustrates an exemplary embodiment of a system of protecting account information of the present application. In this example, the account information protection server system 711 receives from a portable electronic device 708/710 associated with a first user account, a request 1102 to make a payment at the portable electronic device 708/710. In response to receiving the payment request, the account information protection server system 711 sends a first account access code 1104 created and stored at the server, to the portable electronic device 708/710. The portable electronic device 708/710 then transfers the first account access code to a sales terminal (e.g., point of sale terminal 716) through a communication 1106 (e.g., manual entry of a number, scanning of a bar code, taking a photo of a representation of the first account access code) . The server then receives a transaction confirmation request 1108 sent from the sales terminal 716, where the transaction confirmation request 1108 comprises a second account access code (e.g., the same account access code that the sales terminal obtained from the portable electronic device in the current transaction) . After comparing the first account access code and the second account access code, the server sends communication 1110 to the sales terminal 716, corresponding to a match of the two codes or a mis-match of the two codes.

Figure 11B illustrates an exemplary representation of a first account access code 1112. Portable electronic device 708 depicts one possible representation 1112 of the first account access code. In some embodiments, the representation 1112 of the first account access code has one or more portions that correspond to information embedded in the payment request 1102 received at the server system 711. For example, portion 1114 of representation 1112 corresponds to a representation of the location of the portable electronic device embedded in payment request 1102, and portion 1116 corresponds to a representation of the date embedded in the payment request 1102.

The mentioned portable electronic device can be a smart phone, tablet computer and so on, and the mentioned application program can be built-in browser of mobile terminal, game, micro blog, WeChat, Baidu space, QQ space, etc.

While particular embodiments are described above, it will be understood it is not intended to limit the invention to these particular embodiments. On the contrary, the invention includes alternatives, modifications and equivalents that are within the spirit and scope of the appended claims. Numerous specific details are set forth in order to provide a thorough understanding of the subject matter presented herein. But it will be apparent to one of ordinary skill in the art that the subject matter may be practiced without these specific details. In other instances, well-known methods, procedures, components, and circuits have not been described in detail so as not to unnecessarily obscure aspects of the embodiments.

The terminology used in the description of the invention herein is for the purpose of describing particular embodiments only and is not intended to be limiting of the invention. As used in the description of the invention and the appended claims, the singular forms "a, " "an, " and "the" are intended to include the plural forms as well, unless the context clearly indicates otherwise. It will also be understood that the term "and/or" as used herein refers to and encompasses any and all possible combinations of one or more of the associated listed items. It will be further understood that the terms "includes, " "including, " "comprises, " and/or "comprising, " when used in this specification, specify the presence of stated features, operations, elements, and/or components, but do not preclude the presence or addition of one or more other features, operations, elements, components, and/or groups thereof.

As used herein, the term "if" may be construed to mean "when" or "upon" or "in response to determining" or "in accordance with a determination" or "in response to detecting, " that a stated condition precedent is true, depending on the context. Similarly, the phrase "if it is determined [that a stated condition precedent is true] " or "if [astated condition precedent is true] " or "when [astated condition precedent is true] " may be construed to mean "upon determining" or "in response to determining" or "in accordance with a determination" or "upon detecting" or "in response to detecting" that the stated condition precedent is true, depending on the context.

Although some of the various drawings illustrate a number of logical stages in a particular order, stages that are not order dependent may be reordered and other stages may be combined or broken out. While some reordering or other groupings are specifically mentioned, others will be obvious to those of ordinary skill in the art and so do not present an exhaustive list of alternatives. Moreover, it should be recognized that the stages could be implemented in hardware, firmware, software or any combination thereof.

The foregoing description, for purpose of explanation, has been described with reference to specific embodiments. However, the illustrative discussions above are not intended to be exhaustive or to limit the invention to the precise forms leaked. Many modifications and variations are possible in view of the above teachings. The embodiments were chosen and described in order to best explain the principles of the invention and its practical applications, to thereby enable others skilled in the art to best utilize the invention and various embodiments with various modifications as are suited to the particular use contemplated.

Claims

A method of protecting account information at an account management server having one or more processors, and memory for storing programs to be executed by the one or more processors, comprising:

receiving, from a portable electronic device associated with a first user account, a request to make a payment at the portable electronic device；

in response to the payment request:

creating a temporary first account access code associated with the first user account；

storing a copy of the first account access code at the server；

sending the first account access code to the portable electronic device；

receiving a transaction confirmation request sent from a sales terminal, wherein the transaction confirmation request comprises a second account access code； and

in accordance with a determination that the second account access code matches the first account access code stored at the server:

sending a transaction confirmation message to the sales terminal.
The method of claim 1, further comprising:

in accordance with a determination that the second account access code does not match the first account access code:

sending a transaction rejection message to the sales terminal.
The method of claim 2, further comprising:

in accordance with a determination that the second account access code does not match the first account access code:

sending a fraud detection alert to the portable electronic device；

locking out the first user account from future commercial transactions； and

flagging the first user account at the account management server.
The method of claim 1, wherein the first account access code and the second account access code each correspond to two-dimensional bar codes, respectively.
The method of claim 1, wherein the payment request comprises date, time, location or payee information of the payment request, and the first account access code is generated in accordance with one or more of the date, time, location or payee information of the payment request.
The method of claim 1, wherein the stored copy of the first account access code is deleted from the server after passage of a predetermined amount of time.
The method of claim 1, wherein creating a first account access code associated with the first user account further includes encrypting the first account access code using a dynamic encryption algorithm.
The method of claim 1, further comprising:

in accordance with a determination that the second account access code matches the first account access code:

sending a transaction notification to the portable electronic device； and

storing a copy of the transaction in the first user account.
A server, comprising:

one or more processors；

memory； and

one or more programs, wherein the one or more programs are stored in the memory and configured to be executed by the one or more processors, the one or more programs including instructions for:

receiving, from a portable electronic device associated with a first user account, a request to make a payment at the portable electronic device；

in response to the payment request:

creating a temporary first account access code associated with the first user account；

storing a copy of the first account access code at the server；

sending the first account access code to the portable electronic device；

receiving a transaction confirmation request sent from a sales terminal, wherein the transaction confirmation request comprises a second account access code； and

in accordance with a determination that the second account access code matches the first account access code stored at the server:

sending a transaction confirmation message to the sales terminal.
The server of claim 9, further comprising:

in accordance with a determination that the second account access code does not match the first account access code:

sending a transaction rejection message to the sales terminal.
The server of claim 10, further comprising:

in accordance with a determination that the second account access code does not match the first account access code:

sending a fraud detection alert to the portable electronic device；

locking out the first user account from future commercial transactions； and

flagging the first user account at the account management server.
The server of any of claims 9-11, wherein the first account access code and the second account access code each correspond to two-dimensional bar codes, respectively.
The server of any of claims 9-12, wherein the payment request comprises date, time, location or payee information of the payment request, and the first account access code is generated in accordance with one or more of the date, time, location or payee information of the payment request.
The server of any of claims 9-13, wherein the stored copy of the first account access code is deleted from the server after passage of a predetermined amount of time.
The server of any of claims 9-14, wherein creating a first account access code associated with the first user account further includes encrypting the first account access code using a dynamic encryption algorithm.
The server of any of claims 9-15, further comprising:

in accordance with a determination that the second account access code matches the first account access code:

sending a transaction notification to the portable electronic device； and

storing a copy of the transaction in the first user account.
A non-transitory computer readable storage medium storing one or more programs, the one or more programs comprising instructions, which when executed by a server, cause the server to:

receive, from a portable electronic device associated with a first user account, a request to make a payment at the portable electronic device；

in response to the payment request:

create a temporary first account access code associated with the first user account；

store a copy of the first account access code at the server；

send the first account access code to the portable electronic device；

receive a transaction confirmation request sent from a sales terminal, wherein the transaction confirmation request comprises a second account access code； and

in accordance with a determination that the second account access code matches the first account access code stored at the server:

send a transaction confirmation message to the sales terminal.
The non-transitory computer readable storage medium of claim 17, further comprising instructions that cause the device to:

in accordance with a determination that the second account access code does not match the first account access code:

send a transaction rejection message to the sales terminal.
The non-transitory computer readable storage medium of claim 18, further comprising instructions that cause the device to:

in accordance with a determination that the second account access code does not match the first account access code:

send a fraud detection alert to the portable electronic device；

lock out the first user account from future commercial transactions； and

flag the first user account at the account management server.
The non-transitory computer readable storage medium of any of claims 17-19, wherein the first account access code and the second account access code each correspond to two-dimensional bar codes, respectively.
The non-transitory computer readable storage medium of any of claims 17-20, wherein the payment request comprises date, time, location or payee information of the payment request, and the first account access code is generated in accordance with one or more of the date, time, location or payee information of the payment request.
The non-transitory computer readable storage medium of any of claims 17-21, wherein the stored copy of the first account access code is deleted from the server after passage of a predetermined amount of time.
The non-transitory computer readable storage medium of any of claims 17-22, wherein creating a first account access code associated with the first user account further includes encrypting the first account access code using a dynamic encryption algorithm.
The non-transitory computer readable storage medium of any of claims 17-23, further comprising instructions that cause the device to:

in accordance with a determination that the second account access code matches the first account access code:

send a transaction notification to the portable electronic device； and

store a copy of the transaction in the first user account.
A server, comprising:

a processing unit configured to:

receive, from a portable electronic device associated with a first user account, a request to make a payment at the portable electronic device；

in response to the payment request:

create a temporary first account access code associated with the first user account；

store a copy of the first account access code at the server；

send the first account access code to the portable electronic device；

receive a transaction confirmation request sent from a sales terminal, wherein the transaction confirmation request comprises a second account access code； and

in accordance with a determination that the second account access code matches the first account access code stored at the server:

send a transaction confirmation message to the sales terminal.
The server of claim 25, wherein the processing unit is further configured to:

in accordance with a determination that the second account access code does not match the first account access code:

send a transaction rejection message to the sales terminal.
The server of claim 26, wherein the processing unit is further configured to:

in accordance with a determination that the second account access code does not match the first account access code:

send a fraud detection alert to the portable electronic device；

lock out the first user account from future commercial transactions； and

flag the first user account at the account management server.
The server of any of claims 25-27, wherein the first account access code and the second account access code each correspond to two-dimensional bar codes, respectively.
The server of any of claims 25-28, wherein the payment request comprises date, time, location or payee information of the payment request, and the first account access code is generated in accordance with one or more of the date, time, location or payee information of the payment request.
The server of any of claims 25-29, wherein the stored copy of the first account access code is deleted from the server after passage of a predetermined amount of time.
The server of any of claims 25-30, wherein creating a first account access code associated with the first user account further includes encrypting the first account access code using a dynamic encryption algorithm.
The server of any of claims 25-31, wherein the processing unit is further configured to:

in accordance with a determination that the second account access code matches the first account access code:

send a transaction notification to the portable electronic device； and

store a copy of the transaction in the first user account.