WO2015101273A1 - Procédé de vérification de sécurité et dispositif et système associés - Google Patents

Procédé de vérification de sécurité et dispositif et système associés Download PDF

Info

Publication number
WO2015101273A1
WO2015101273A1 PCT/CN2014/095467 CN2014095467W WO2015101273A1 WO 2015101273 A1 WO2015101273 A1 WO 2015101273A1 CN 2014095467 W CN2014095467 W CN 2014095467W WO 2015101273 A1 WO2015101273 A1 WO 2015101273A1
Authority
WO
WIPO (PCT)
Prior art keywords
service
information
verification
user
wearable device
Prior art date
Application number
PCT/CN2014/095467
Other languages
English (en)
Chinese (zh)
Inventor
杨小伟
Original Assignee
腾讯科技(深圳)有限公司
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by 腾讯科技(深圳)有限公司 filed Critical 腾讯科技(深圳)有限公司
Publication of WO2015101273A1 publication Critical patent/WO2015101273A1/fr

Links

Images

Classifications

    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/32Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials
    • H04L9/321Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials involving a third party or a trusted authority
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04WWIRELESS COMMUNICATION NETWORKS
    • H04W12/00Security arrangements; Authentication; Protecting privacy or anonymity
    • H04W12/06Authentication
    • H04W12/069Authentication using certificates or pre-shared keys
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L2209/00Additional information or applications relating to cryptographic mechanisms or cryptographic arrangements for secret or secure communication H04L9/00
    • H04L2209/56Financial cryptography, e.g. electronic payment or e-cash
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L2209/00Additional information or applications relating to cryptographic mechanisms or cryptographic arrangements for secret or secure communication H04L9/00
    • H04L2209/80Wireless
    • H04L2209/805Lightweight hardware, e.g. radio-frequency identification [RFID] or sensor

Definitions

  • the present invention relates to the field of Internet technologies, and in particular, to a security verification method, related device, and system.
  • the authentication method is to authenticate by SMS verification code, and the SMS verification code is established on the mobile phone channel. If the mobile phone cannot receive the short message normally, the payment behavior cannot be completed normally; if the mobile phone is lost, the security verification cannot be performed in a short time, and It may happen that another person uses the lost mobile phone to perform SMS verification, thereby counterfeiting the user for business processing, resulting in security risks of the user's assets or personal information.
  • the embodiment of the invention provides a security verification method, a related device and a system, which can be verified by using the verification information stored in the wearable device of the user, so that the service processing for the service request is more secure and convenient.
  • an embodiment of the present invention provides a security verification method, where the method includes:
  • the service terminal acquires user authentication information pre-stored in the wearable device from the wearable device of the user by using a short-range communication manner;
  • the service terminal sends a service request to the service server, where the service request includes service information and the user verification information;
  • the service server performs verification on the user verification information, and if the verification succeeds, performs service processing on the service request.
  • the embodiment of the present invention further provides a security verification method, where the method includes:
  • the service terminal acquires user authentication information pre-stored in the wearable device from the wearable device of the user by using a short-range communication manner;
  • the service terminal sends a service request to the service server, where the service request includes the service information and the user verification information, so that the service server checks the user verification information, and if the verification is successful, the service terminal
  • the service server performs business processing on the service request.
  • an embodiment of the present invention further provides a security verification method, where the method includes:
  • the wearable device sends the user authentication information pre-stored in the wearable device to the service terminal in a short-distance communication manner, so that the service terminal sends a service request to the service server, where the service request includes service information and The user verification information, the service server performs verification on the user verification information, and if the verification is successful, performs service processing on the service request.
  • the embodiment of the present invention further provides a secure payment method, where the secure payment method includes:
  • the payment terminal acquires user verification information pre-stored in the wearable device from the wearable device of the user by using a short-range communication manner;
  • the payment terminal sends a payment request to the payment server, where the payment request includes order information and the user verification information;
  • the payment server verifies the user verification information, and if the verification is successful, performs payment processing on the payment request.
  • an embodiment of the present invention further provides a service terminal, where the service terminal includes a memory, and one or more programs, where one or more programs are stored in a memory and configured to be one or more
  • the processor executes instructions included in the one or more programs for performing the following methods:
  • an embodiment of the present invention further provides a wearable device, where the wearable device includes a memory, and one or more programs, wherein one or more programs are stored in the memory and configured to be one or More than one processor executes instructions included in the one or more programs for performing the following methods:
  • the service server verifies the user verification information, and if the verification is successful, performs service processing on the service request.
  • the embodiment of the present invention obtains the user verification information pre-stored in the wearable device from the wearable device of the user, and sends a service request to the service server, where the service request includes the service information and the user.
  • the verification information is used to enable the service server to verify the user verification information. If the verification is successful, the service request is processed, and the verification information stored in the user's wearable device can be used for service verification. Make business processing safer and more convenient.
  • FIG. 1 is a schematic flow chart of a security verification method according to an embodiment of the present invention.
  • FIG. 2 is a schematic flow chart of a security verification method in another embodiment of the present invention.
  • FIG. 3 is a schematic flow chart of a security verification method in another embodiment of the present invention.
  • FIG. 4 is a schematic flow chart of a security verification method in another embodiment of the present invention.
  • FIG. 5 is a schematic structural diagram of a service terminal according to an embodiment of the present invention.
  • FIG. 6 is a schematic structural diagram of a service terminal according to another embodiment of the present invention.
  • FIG. 7 is a schematic structural diagram of a wearable device according to an embodiment of the present invention.
  • FIG. 8 is a schematic structural diagram of a wearable device according to another embodiment of the present invention.
  • FIG. 9 is a schematic structural diagram of a security verification system in an embodiment of the present invention.
  • FIG. 10 is a schematic structural diagram of a secure payment system according to an embodiment of the present invention.
  • FIG. 11 is a schematic structural diagram of a service terminal according to another embodiment of the present invention.
  • FIG. 12 is a schematic structural diagram of a wearable device according to an embodiment of the present invention.
  • the service terminal in the embodiment of the present invention may include an Internet device such as a personal computer, a tablet computer, a smart phone, an e-reader, and an in-vehicle terminal, and can log in to the service server to perform an online payment service by using a user account.
  • a wearable device that can be worn directly on the user or integrated into the user's clothing or accessories, can include a smart bracelet, a smart wristband, a smart watch, smart glasses, and various smart accessories.
  • the service terminal is used for secure payment.
  • the security verification method in this embodiment may include:
  • the service terminal acquires user verification information pre-stored in the wearable device from the wearable device of the user by using a short-range communication manner.
  • the user can initiate an online payment request through the service terminal.
  • the service terminal can initiate the establishment according to the payment instruction input by the user.
  • the short-range communication connection with the wearable device specifically, a Bluetooth connection, a NFC (Near Field Communication) connection, etc., for example, after the user clicks “confirm payment”, the service terminal turns on the Bluetooth function and performs the Bluetooth device. Searching, the user wearable device keeps the Bluetooth on state by default, and can automatically establish a Bluetooth connection with the wearable device after the service terminal searches for the user's wearable device.
  • the user verification information pre-stored in the wearable device may be acquired from the wearable device by using the established short-range communication connection, where the user
  • the verification information may include a user digital certificate or other user's payment verification password, password, and the like.
  • the user authentication information obtained by the service terminal from the wearable device may be that the wearable device encrypts according to the preset user private key.
  • the obtained user verification information may also be in advance.
  • Verification by the service terminal encryption or service server encryption and then stored in the wearable device
  • the information service terminal cannot decrypt the user verification information in the process of obtaining the user verification information and using the user verification information, thereby ensuring the security of the user verification information in the payment transmission process.
  • the service terminal sends a service request to a service server, where the service request includes service information and the user verification information.
  • the service terminal may send a service request to the service server, where the service request may include service information and user authentication information obtained from the user's wearable device, and the service request.
  • the service information may include payment information such as a transaction order and a payment amount, and may also include login information such as a login account and a login password for logging in to the service server using the user account, and the like.
  • the service server performs verification on the user verification information, and if the verification succeeds, performs service processing on the service request.
  • the service server may perform verification on the user verification information in the service request, and if the verification succeeds, perform service processing on the service request.
  • the user authentication information obtained by the preferred service terminal from the wearable device may be encrypted by using a preset user private key, and the service server may use the user public key corresponding to the user to authenticate the encrypted user.
  • the information is decrypted, and the decrypted user verification information is verified according to the pre-stored reference user verification information. If the verification is successful, the service request is subjected to subsequent service processing, that is, the service information in the service request is obtained (such as transaction orders, payment amounts and other information), for subsequent business processing (such as online payment processing, etc.); if the verification fails, the business server can directly reject the current business request.
  • the service terminal of the present embodiment obtains the user authentication information pre-stored in the wearable device by using the proximity communication method from the user's wearable device, and sends a service request to the service server, where the service request includes the service information and the The user verification information is used to enable the service server to verify the user verification information. If the verification is successful, the service request is processed, and the verification information stored in the user's wearable device can be used for calibration. To make business processing for business requests safer and more convenient.
  • the security verification method in this embodiment may include the following steps:
  • the service terminal acquires the device identifier of the user's wearable device by using the short-range communication manner.
  • the user can wear a smart phone, a smart wristband, a smart watch, a smart glasses or various smart accessories devices through a business terminal such as a personal computer, a tablet computer, a smart phone, an e-reader or an in-vehicle terminal.
  • the device obtains the device identifier of the wearable device, and the device identifier uniquely identifies the wearable device, and may be an identifier of the wearable device or the like.
  • the user can initiate an online payment request through the service terminal, confirm the goods to be purchased when browsing the e-commerce website, and log in to the service server to perform online payment after confirming the order.
  • the service terminal can initiate establishment and the user according to the payment instruction input by the user.
  • the data connection of the wearable device may be a Bluetooth connection or an NFC connection, and obtain the device identifier of the wearable device through the established data connection.
  • the Bluetooth connection is used, and the service terminal can perform Bluetooth device search and wearable.
  • the device performs Bluetooth pairing to establish a Bluetooth connection with the wearable device.
  • the service terminal may also establish a Bluetooth connection with the wearable device according to the Bluetooth identifier of the wearable device pre-stored in the service terminal. Then, the device identification of the wearable device can be obtained through the established Bluetooth connection.
  • the service terminal sends the device identifier of the wearable device to the service server.
  • the service server performs binding verification according to the device identifier and the identifier information of the service terminal.
  • the service server may perform binding verification according to the device identifier and the identifier information of the service terminal, where the identifier information of the service terminal may be sent by the service terminal.
  • the online payment is used as an example, or the service server obtains the service from the service terminal at any time after the service terminal logs in to the service server.
  • the identification information of the service terminal where the identification information of the service terminal can uniquely identify the service terminal, and can be an identity identification code of the service terminal.
  • the identifier information can also be a login account of the login service server. .
  • the service server may pre-store the binding relationship between the device identifier of the wearable device and the identification information of the service terminal, and determine whether a binding relationship between the wearable device and a service terminal is established, and the binding relationship is established.
  • the process can be referred to the related content below, and the service server obtains the wearable
  • the device may be configured to check whether the wearable device and the service terminal establish a binding relationship, and if the wearable device is verified, Establishing a binding relationship with the service terminal, determining that the service terminal is a terminal that is commonly used by the user, and further performing a process of sending device relationship confirmation information to the service terminal; and if the wearable device and the service terminal are If it is not bound, the service server may refuse to send device relationship confirmation information to the service terminal.
  • the service terminal may send the binding request information to the service server, where the binding request information may carry the device identifier of the wearable device and the identification information of the service terminal, so that the service server Establishing a binding relationship between the wearable device and the service terminal, for example, the user may send the registration request information to the service server by using the service terminal, where the registration request information may carry the device identifier of the wearable device and the identification information of the service terminal.
  • the service server performs registration processing on the registration request information to associate the wearable device with the service terminal (ie, establish a binding relationship). Further, the service server may establish a binding relationship between the wearable device and the multiple service terminals according to the binding request information, that is, the user may set multiple common service terminals.
  • the service server sends the device relationship confirmation information to the service terminal.
  • the service server may send the device relationship confirmation information to the service terminal, where the device relationship confirmation information may be determining the wearable device and The service terminal is confirmation information of a binding relationship.
  • the service terminal acquires user authentication information of the wearable device by using a short-range communication manner.
  • the service terminal may obtain the user verification information of the wearable device by establishing a data connection with the wearable device, where the user verification information may include a user digital certificate. Or other users pay for verified passwords, passwords, and other information.
  • the user authentication information obtained by the service terminal from the wearable device may be that the wearable device encrypts according to the preset user private key.
  • the obtained user verification information may also be in advance.
  • the service terminal sends a service request to the service server, where the service request includes the service information and the user verification information, and carries the device relationship confirmation information.
  • the service terminal may send a service request to the service server, where the service request may include the service information and the user verification information obtained from the user's wearable device, and carry The device relationship confirmation information, wherein the service information may include payment information such as a transaction order and a payment amount, and may also include login information such as a login account and a login password for logging in to the service server using the user account, and the like.
  • the service information may include payment information such as a transaction order and a payment amount, and may also include login information such as a login account and a login password for logging in to the service server using the user account, and the like.
  • the service server checks the received user authentication information and the device relationship confirmation information, and if the verification is successful, performs service processing on the service request.
  • the user authentication information obtained by the service terminal from the wearable device may be the authentication information that is encrypted by using the preset user private key, and the service server may use the service request after receiving the service request sent by the service terminal. Decrypting the encrypted user authentication information by the user public key corresponding to the user, and verifying the decrypted user authentication information and the device relationship confirmation information carried by the service request respectively, if the decryption is performed If the obtained user authentication information and the device relationship confirmation information are both verified successfully, the service server may perform service processing on the service request, that is, through the service information (such as transaction order, payment amount, and the like) in the service request. Perform subsequent business processing (such as online payment processing, etc.).
  • the service server may perform service processing on the service request, that is, through the service information (such as transaction order, payment amount, and the like) in the service request. Perform subsequent business processing (such as online payment processing, etc.).
  • the processing manner of the foregoing step 207 may further include: the service server decrypts the encrypted user verification information by using the user public key corresponding to the user, and performs the decryption of the user verification information according to the pre-stored reference user verification information. Test.
  • the reference user verification information may be user authentication information that is pre-stored by the user in the service server by using the terminal, and the reference user verification information may include information such as a user digital certificate or a password, password, and the like of other user payment verification.
  • the service server may decrypt the encrypted user verification information by using the user public key corresponding to the user, and obtain the decrypted user verification information, and then the service server. You can extract the device relationship confirmation information carried in the service request and search for the device relationship confirmation information stored in the service server. If you find the service, please If the device relationship confirmation information is found, the binding relationship between the wearable device and the service terminal may be determined. At this time, the service server may extract the user verification information carried in the service request, and pre-stored with the service server. If the user authentication information in the service request is the same as the pre-stored user authentication information, the verification may be successful. In this case, the service server may perform service processing on the service request, otherwise, the verification is performed. Failure, at this point, the business server can refuse to respond to the business request.
  • the service server of the present embodiment performs binding verification according to the identification information of the service terminal and the device identifier of the wearable device sent by the service terminal, and if the verification succeeds, the device relationship confirmation information is sent to the service terminal, and the further service terminal obtains the After the user authentication information of the device is received, the service request is sent to the service server, where the service request includes the service information and the user verification information, and the device relationship confirmation information is carried, and after receiving the service request, the service server The user verification information and the device relationship confirmation information are verified. If the verification is successful, the service request is processed by the service server, and the service server may be sent according to the device identifier of the wearable device of the user and the identification information of the service terminal. The device relationship confirmation information and the verification information stored in the wearable device are verified, so that the business process for the service request is safer and more convenient.
  • FIG. 3 is a schematic flowchart of a security verification method in another embodiment of the present invention.
  • the security verification method described in this embodiment is mainly described from three sides of a wearable device, a service terminal, and a service server.
  • the security verification method in this embodiment may include the following steps:
  • the service terminal acquires third-party verification information of the service server.
  • the service terminal may obtain third-party verification information of the service server, where the third-party verification information may include information such as a digital certificate or a password, a password, and the like for payment verification.
  • the third-party verification information obtained by the service terminal from the service server may be the verification information that the service server encrypts by using the third-party private key, and the service terminal cannot decrypt the third-party verification information, thereby ensuring the The security of the three-party authentication information in the payment transmission process.
  • the service terminal sends the third-party verification information of the service server to the wearable device by using a short-range communication manner.
  • the service terminal may establish the obtained data connection with the wearable device, and the The obtained third party verification information of the service server is sent to the wearable device, and the data connection may be a Bluetooth connection or an NFC connection or the like.
  • the wearable device checks the third-party verification information.
  • the wearable device may perform verification on the third-party verification information, and if the verification is successful, perform a process of sending user verification information to the service terminal; If the verification is unsuccessful, the wearable device may refuse to send the user authentication information to the service terminal.
  • the third party authentication information obtained by the service terminal from the service server may be the authentication information that is encrypted by the service server by using the third-party private key, and the wearable device may use the first corresponding to the service server.
  • the third-party public key decrypts the encrypted third-party verification information, and the third-party verification information obtained by the decryption is verified according to the pre-stored reference third-party verification information, wherein the reference third-party verification information may be a pre-generation generated by the service server.
  • the third-party verification information stored in the wearable device, and the reference third-party verification information may include information such as a digital certificate or a payment verification password, a password, and the like.
  • the wearable device may decrypt the encrypted third-party verification information by using a third-party public key corresponding to the service server, and obtain the decrypted Third-party verification information, and then the service server can compare the decrypted third-party verification information with the pre-stored third-party verification information in the service server, if the decrypted third-party verification information and the pre-stored reference third party If the verification information is the same, you can confirm that the verification is successful, otherwise the verification fails.
  • the user verification information may be sent to the service terminal by using the data connection, where the user verification information may include a user digital certificate or a password for other user payment verification. , password and other information.
  • the user authentication information obtained by the service terminal from the wearable device may be that the wearable device encrypts according to the preset user private key.
  • the obtained user verification information may also be in advance. After the service terminal encrypts or encrypts the service server, and then stores the verification information in the wearable device, the service terminal cannot obtain the user verification information in the process of subsequently obtaining the user verification information and using the user verification information. Line decryption ensures the security of the user authentication information during the payment transmission process.
  • the service terminal sends a service request to the service server, where the service request includes service information and the user verification information.
  • the service terminal sends a service request to the service server, where the service request may include service information and the user verification information, etc., the service request may be a payment request, and the service information may include a transaction order and a payment amount, etc.
  • the information may also include login information such as a login account and a login password for logging in to the service server using the user account, and the like.
  • the service server performs verification on the received user authentication information, and if the verification succeeds, performs service processing on the service request.
  • the service server may perform verification on the user verification information in the service request, and if the verification succeeds, perform service processing on the service request.
  • the user authentication information obtained by the service terminal from the wearable device may be the authentication information that is encrypted by using the preset user private key, and the service server may use the user public key pair corresponding to the user to be encrypted.
  • the user authentication information is decrypted, and the decrypted user verification information is verified according to the pre-stored reference user verification information. If the verification is successful, the service request is processed, that is, the service information in the service request is passed. (such as transaction orders, payment amount and other information), for subsequent business processing (such as online payment processing, etc.); if the verification fails, the business server can directly reject the current business request.
  • the service server may decrypt the encrypted user verification information by using the user public key corresponding to the user, and obtain the decrypted user verification information, and then the service server.
  • the user verification information carried in the service request may be extracted and compared with the reference user verification information pre-stored in the service server. If the user verification information in the service request is the same as the pre-stored reference user verification information, the verification success may be determined.
  • the service server may perform service processing on the service request, otherwise the verification fails. At this time, the service server may refuse to respond to the service request.
  • the wearable device of the embodiment checks the third-party authentication information of the service server sent by the service terminal, and if the verification succeeds, sends the user verification information to the service terminal, and the further service terminal sends a service request to the service server, where the service is sent.
  • the request includes the service information and the user verification information, so that the service server checks the user verification information, and if the verification is successful, the The service request is processed by the service, and the third-party verification information of the service server and the verification information stored in the user's wearable device can be used for verification, so that the service processing for the service request is more secure and convenient.
  • FIG. 4 is a schematic flowchart of a security verification method in another embodiment of the present invention.
  • the security verification method described in this embodiment is described in detail by using an online payment process as an example, mainly from a wearable device, a service terminal, and a service server.
  • the service terminal in this embodiment is a payment terminal, and the service server is a payment server.
  • the security verification method in this embodiment may include the following steps:
  • the payment terminal performs a Bluetooth device search to establish a Bluetooth connection with the wearable device.
  • the payment terminal can perform a Bluetooth device search to establish a Bluetooth connection with a user's wearable device such as a smart bracelet, a smart wristband, a smart watch, smart glasses, or various smart accessory devices, wherein the payment terminal can be a personal computer or a tablet.
  • a user's wearable device such as a smart bracelet, a smart wristband, a smart watch, smart glasses, or various smart accessory devices, wherein the payment terminal can be a personal computer or a tablet.
  • the wearable device has enabled the Bluetooth function, that is, in a searchable state, when the user initiates an online payment request through the payment terminal, the payment terminal may perform a Bluetooth device search and perform Bluetooth pairing with the wearable device. Thereby establishing a Bluetooth connection with the wearable device.
  • the payment terminal may also establish a Bluetooth connection with the wearable device according to a Bluetooth identification code of the wearable device pre-stored in the payment terminal.
  • the payment terminal acquires the device identifier of the wearable device from the wearable device by using the Bluetooth connection.
  • the device identifier of the wearable device may be obtained from the wearable device by using the Bluetooth connection, where the device identifier uniquely identifies the wearable device, and may be the wearable device Identification code, etc.
  • the payment terminal sends the device identifier of the wearable device to a payment server.
  • the payment server performs binding verification according to the device identifier of the wearable device and the identifier information of the payment terminal.
  • the payment server may perform binding verification according to the device identifier of the received wearable device and the identification information of the payment terminal. If the verification is passed, the payment server may determine that the payment terminal is a terminal commonly used by the user, and then perform the The payment terminal sends a device relationship confirmation information processing process; if the verification fails, the payment server may refuse to send the device relationship to the payment terminal. Recognize information.
  • the identification information of the payment terminal may be a login account of the login payment server, and may be an identity identification code of the payment terminal.
  • the identifier information may also be a login account of the login payment server.
  • the identification information of the payment terminal may be the identification information that is sent to the payment server when the payment device sends the device identifier of the wearable device.
  • the online payment is used as an example, and the identifier information of the payment terminal may also be in the service terminal. At any time after logging in to the service server, the service server obtains the identification information of the service terminal from the service terminal.
  • the service terminal may send the binding request information to the service server, where the binding request information may carry the device identifier of the wearable device and the identification information of the service terminal, so that the service server Establishing a binding relationship between the wearable device and the service terminal, for example, the user may send the registration request information to the payment server by using the payment terminal, where the registration request information may carry the device identifier of the wearable device and the identification information of the service terminal.
  • the payment server performs registration processing on the registration request information to associate the wearable device with the payment terminal.
  • the service server may establish a binding between the wearable device and the multiple payment terminals according to the binding request information, that is, the service server may set multiple common service terminals for the user.
  • the payment server may send the device relationship confirmation information to the payment terminal, where the device relationship confirmation information may be determining the wearable device and The payment terminal is information of a binding relationship.
  • the payment terminal acquires third-party verification information of the payment server.
  • the payment terminal may further obtain third-party verification information of the payment server, where the third-party verification information may include a digital certificate or a password, password, and the like for verification.
  • the third-party verification information obtained by the payment terminal from the payment server may be the verification information that the payment server encrypts using the third-party private key, and the payment terminal cannot decrypt the third-party verification information, thereby ensuring the The security of the three-party authentication information in the payment transmission process.
  • the payment terminal sends third-party verification information of the payment server to the wearable device.
  • the payment terminal can set the obtained payment server by establishing a Bluetooth connection
  • the three-party authentication information is sent to the wearable device.
  • the wearable device decrypts and verifies the third-party verification information by using a third-party public key.
  • the wearable device may perform verification on the third-party verification information, and if the verification is successful, perform a process of sending user verification information to the payment terminal; If the verification is unsuccessful, the wearable device may refuse to send the user authentication information to the payment terminal.
  • the third party authentication information obtained by the payment terminal from the service server may be encrypted by using the third party private key, and the wearable device may use the third party corresponding to the payment server.
  • the key decrypts the encrypted third-party verification information, and verifies the decrypted third-party verification information according to the pre-stored reference third-party verification information.
  • the wearable device may decrypt the encrypted third-party verification information by using a third-party public key corresponding to the payment server, and obtain the decrypted Third-party verification information, and then the payment server can compare the decrypted third-party verification information with the pre-stored third-party verification information in the payment server, if the decrypted third-party verification information and the pre-stored reference third party If the verification information is the same, you can confirm that the verification is successful, otherwise the verification fails.
  • the user verification information may be sent to the payment terminal through the data connection, where the user verification information may include a password of the user digital certificate or other user payment verification. , password and other information.
  • the user authentication information obtained by the payment terminal from the wearable device may be that the wearable device encrypts according to the preset user private key.
  • the obtained user verification information may also be After the service terminal encrypts or encrypts the service server, and then stores the verification information in the wearable device, the payment terminal cannot decrypt the user verification information in the process of acquiring the user verification information and using the user verification information. The security of the user authentication information during the payment transmission process.
  • the payment terminal sends a payment request to the payment server, where the payment request includes payment information and the user verification information, and carries the device relationship confirmation information.
  • the payment terminal sends a payment request to the payment server, where the payment request may include payment information and the user verification information, etc., and the payment information may be a transaction order, a payment amount, and the like.
  • the payment server performs verification on the received user verification information, and if the verification is successful, performs payment processing on the payment request.
  • the payment server may verify the user verification information in the payment request, and if the verification is successful, perform payment processing on the payment request.
  • the user authentication information obtained by the payment terminal from the wearable device may be the authentication information encrypted by the preset user private key, and the payment server may encrypt the user public key corresponding to the user.
  • the user authentication information is decrypted, and the decrypted user verification information is verified according to the pre-stored reference user verification information. If the verification is successful, the payment request is processed, that is, the service information in the service request is passed. (such as transaction orders, payment amount and other information), for subsequent business processing (such as online payment processing, etc.). If the verification fails, the payment server can directly reject the payment request.
  • the device may also carry the device relationship confirmation information, and the corresponding process may be: the payment server performs verification on the received user verification information and the device relationship confirmation information, and if the verification is successful, The payment request performs business processing.
  • the payment server may decrypt the encrypted user verification information by using the user public key corresponding to the user, and obtain the decrypted user verification information, and then the payment server.
  • the device relationship confirmation information carried in the payment request may be extracted, and the device relationship confirmation information pre-stored in the payment server is searched for, and if the device relationship confirmation information in the payment request is found, the wearable device and the payment terminal may be determined. The binding relationship is established.
  • the payment server can extract the user verification information carried in the payment request, and compare with the pre-stored reference user verification information in the payment server, if the user verification information in the payment request and the pre-stored reference If the user authentication information is the same, the verification succeeds.
  • the payment server may perform service processing on the payment request, otherwise the verification fails.
  • the payment server may refuse to respond to the payment request.
  • the payment terminal of the embodiment establishes a Bluetooth connection with the wearable device of the user, and sends the device identifier of the wearable device acquired through the Bluetooth connection to the payment server, and then the payment server according to the device of the wearable device Identification and payment terminal identification information return device relationship confirmation
  • the information, the wearable device checks the third-party verification information of the payment server sent by the payment terminal, and if the verification succeeds, sends the user verification information to the payment terminal, and the further payment terminal sends a payment request to the payment server, where the payment request is And including the payment information and the user verification information, and carrying the device relationship confirmation information, so that the payment server checks the user verification information and the device relationship confirmation information, and if the verification is successful, the payment is performed.
  • the payment processing is requested, and the payment verification by using the third-party verification information of the payment server and the verification information stored in the user's wearable device makes the online payment more secure and convenient.
  • FIG. 5 is a schematic structural diagram of a service terminal according to an embodiment of the present invention.
  • the service terminal in the embodiment of the present invention may include an Internet device such as a personal computer, a tablet computer, a smart phone, an e-reader, and an in-vehicle terminal, and may use the user.
  • the account is logged in to the service server to perform the online payment service.
  • the service terminal 500 in this embodiment may include:
  • the first receiving unit 510 is configured to acquire user authentication information pre-stored in the wearable device from a wearable device of the user by using a short-range communication manner, where the wearable device may include a smart bracelet, a smart wristband, and an intelligent device.
  • the user authentication information may include a user digital certificate or a password, a password, and the like of the user's payment verification, such as a watch, smart glasses, or various smart accessories devices.
  • the service terminal may initiate a short-distance communication connection with the wearable device according to the payment instruction input by the user, which may be a Bluetooth connection, a NFC (Near Field Communication) connection, etc., for example, when the user clicks
  • the service terminal turns on the Bluetooth function and performs the Bluetooth device search.
  • the user wearable device keeps the Bluetooth enabled state by default, and the Bluetooth connection with the wearable device can be automatically established after the service terminal searches for the user's wearable device.
  • the first receiving unit 510 can obtain the user verification information pre-stored in the wearable device from the wearable device by using the established short-range communication connection.
  • the user authentication information may include a user digital certificate or a password, a password, and the like of other user payment verification.
  • the user authentication information obtained by the service terminal from the wearable device may be that the wearable device encrypts according to the preset user private key.
  • the obtained user verification information may also be in advance. After the service terminal encrypts or encrypts the service server, and further stores the verification information in the wearable device, the service terminal cannot decrypt the user verification information in the process of acquiring the user verification information and using the user verification information. Guaranteed the user's test The security of the information in the payment transmission process.
  • the second sending unit 520 is configured to send a service request to the service server, where the service request includes the service information and the user verification information received by the first receiving unit 510, so that the service server verifies the user information. The verification is performed. If the verification is successful, the service server performs service processing on the service request.
  • the service request may be a payment request
  • the service information may include payment information such as a transaction order and a payment amount, and may also include login information such as a login account and a login password for logging in to the service server using the user account. and many more.
  • the first receiving unit 510 is further configured to perform short-range communication before acquiring user authentication information pre-stored in the wearable device from the wearable device of the user by using the short-range communication manner. Obtaining a device identifier of the wearable device, where the device identifier uniquely identifies the wearable device, and may be an identifier of the wearable device, and the like;
  • the second sending unit 520 is further configured to send the device identifier of the wearable device acquired by the first receiving unit 510 to the service server, so that the service server according to the device identifier and the service The identification information of the terminal is verified by binding;
  • the identification information of the service terminal may be the same as the service terminal, and may be an identity identification code of the service terminal.
  • the identifier information may also be a login account of the login service server.
  • the identification information of the service terminal may be the identification information that is sent to the service server when the service terminal sends the device identifier of the wearable device.
  • the online payment is used as an example, and the identification information of the service terminal may also be in the service terminal.
  • the service server obtains the identification information of the service terminal from the service terminal.
  • the service terminal 500 further includes:
  • the second receiving unit 530 is configured to obtain device relationship confirmation information from the service server when the binding verification by the service server is passed;
  • the service request further includes the device relationship confirmation information
  • the second sending unit 520 is further configured to send, to the service server, a service request that carries the device relationship confirmation information received by the second receiving unit 530.
  • the service server performs verification on the user authentication information and the device relationship confirmation information, and if the verification is successful, performs service processing on the service request.
  • the service terminal 500 further includes:
  • a first sending unit 540 configured to send third-party verification information of the service server to the wearable device by using a short-range communication manner, so that the wearable device performs verification on the third-party verification information, where
  • the third-party verification information may include a digital certificate or a password, a password, and the like for verifying the verification;
  • the first receiving unit 510 acquires the user verification information from the wearable device by using a close communication method when the wearable device successfully verifies the third party verification information.
  • the first sending unit 540 sends the third-party authentication information to the wearable device to be encrypted by using the third-party private key by the service server;
  • the verifying, by the wearable device, the third-party verification information includes:
  • the wearable device decrypts the encrypted third-party verification information by using a third-party public key corresponding to the service server, and performs verification on the decrypted third-party verification information according to the pre-stored reference third-party verification information. .
  • the first receiving unit 510 acquires user authentication information pre-stored in the wearable device from the user's wearable device as authentication information encrypted by the user private key, where the user verification information
  • the information may be encrypted by the wearable device according to the preset user private key, or may be verified by the service terminal encryption or the service server, and then stored in the wearable device, and the service terminal 500 obtains the user verification subsequently.
  • the information and the use of the user verification information cannot decrypt the user verification information, thereby ensuring the security of the user verification information in the payment transmission process;
  • the verifying, by the service server, the user verification information includes:
  • the service server decrypts the encrypted user verification information by using the user public key corresponding to the user, and performs verification of the decrypted user verification information according to the pre-stored reference user verification information.
  • the service terminal further includes:
  • a Bluetooth search unit 550 configured to perform a Bluetooth device search, thereby establishing a Bluetooth connection with the wearable device
  • the wearable device has enabled the Bluetooth function by default, that is, when the user can initiate the online service request through the service terminal, the Bluetooth search unit 550 can perform the Bluetooth device search and perform the Bluetooth device search with the wearable device.
  • Bluetooth pairing to establish a Bluetooth connection with the wearable device
  • the Bluetooth search unit 550 can also establish a Bluetooth connection with the wearable device according to the Bluetooth identification code of the wearable device pre-stored in the payment terminal.
  • the service terminal of the embodiment obtains user authentication information pre-stored in the wearable device from the wearable device of the user, and sends a service request to the service server, where the service request includes the service information and the user verification information.
  • the service server In order to enable the service server to verify the user verification information, if the verification is successful, perform service processing on the service request, and perform verification by using the verification information stored in the user's wearable device, so that Business processing of business requests is safer and more convenient.
  • FIG. 6 is a schematic structural diagram of a service terminal according to another embodiment of the present invention.
  • the service terminal 600 may include: at least one processor 601, such as a CPU, at least one network interface 603, a memory 604, and a communication bus. 602.
  • the communication bus 602 is used to implement connection communication between these components.
  • the first network interface 603 of the service terminal 600 in the embodiment of the present invention may include a standard wired interface, a wireless interface (such as a WI-FI interface), and is used for communicating with a server through the Internet, and the second network interface 605 may be a close communication.
  • a network interface such as a Bluetooth connection interface or an NFC interface, for communicating with the wearable device.
  • the memory 604 may be a high speed RAM memory or a non-volatile memory such as at least one disk memory.
  • the memory 604 can optionally also be at least one storage device located remotely from the aforementioned processor 601.
  • a set of program codes is stored in the memory 604, and the processor 601 is configured to call the program code stored in the memory 604 for performing the following operations:
  • the short-range communication manner may include a Bluetooth connection or NFC, etc., for example, when the user clicks After the "confirm payment", the service terminal turns on the Bluetooth function and performs the Bluetooth device search.
  • the user wearable device keeps the Bluetooth enabled state by default, and the Bluetooth connection with the wearable device can be automatically established after the service terminal searches for the user's wearable device;
  • processor 601 invoking the program code stored in the memory 604 may also perform the following operations:
  • the service terminal obtains the device relationship confirmation information from the service server, where the identification information of the service terminal can uniquely identify the service terminal, and can be an identity identification code of the service terminal, etc., optionally, the identifier
  • the information can also be the login account of the login service server.
  • the identification information of the service terminal may be the identification information that is sent to the service server when the service terminal sends the device identifier of the wearable device.
  • the online payment is used as an example, and the identification information of the service terminal may also be in the service terminal.
  • the service server obtains the identification information of the service terminal from the service terminal at any time after the login to the service server;
  • the device relationship confirmation information is carried, so that the service server checks the user verification information and the device relationship confirmation information, and if both are verified Upon success, the business request is processed.
  • the processor 601 calls the program code stored in the memory 604 to obtain the user verification information pre-stored in the wearable device from the wearable device of the user through the second network interface 605, specifically:
  • processor 601 invoking the program code stored in the memory 604 may also perform the following operations:
  • a Bluetooth device search is performed to establish a Bluetooth connection with the wearable device.
  • the service terminal introduced in this embodiment may be used to implement some or all of the processes in the security verification method embodiment introduced in the foregoing with reference to FIG. 1 to FIG.
  • the wearable device 700 in this embodiment may include:
  • the sending unit 710 is configured to send the user verification information pre-stored in the wearable device to the service terminal by using a short-range communication manner, so that the service terminal sends a service request to the service server, where the service request may be Including the service information and the user verification information, the service information may include payment information such as a transaction order and a payment amount, and may also include login information such as a login account and a login password for logging in to the service server using a user account.
  • the user authentication information may include a user digital certificate or a password, a password, and the like of the user payment verification, and the service server performs verification on the user verification information, and if the verification succeeds, performs service on the service request. deal with.
  • the sending unit 710 is further configured to send the user verification information pre-stored in the wearable device to the service terminal by using a short-range communication manner.
  • the service terminal sends the device identifier of the wearable device, where the device identifier uniquely identifies the wearable device, and may be an identifier of the wearable device, etc., so that the service terminal will be the wearable device
  • the device identifier is sent to the service server, and the service server performs binding verification according to the device identifier and the identification information of the service terminal, and if the verification succeeds, sends device relationship confirmation information to the service terminal, where the service terminal
  • the device relationship confirmation information is carried, so that the service server checks the user verification information and the device relationship confirmation information, and if the verification is successful, the service is Request for business processing.
  • the wearable device 700 further includes:
  • the receiving unit 720 is configured to obtain third-party verification information of the service server that is sent by the service terminal by using a short-distance communication method, where the third-party verification information may include a digital certificate or a password, a password, and the like for verifying the payment;
  • the verification unit 730 is configured to check the third-party verification information. If the verification is successful, the sending unit 710 is notified to send the user verification information to the service terminal by using a short-range communication manner.
  • the third-party authentication information is encrypted by using the third-party private key by the service server;
  • the verification unit 730 is configured to decrypt the encrypted third-party verification information by using a third-party public key corresponding to the service server, and decrypt the obtained third-party verification information according to the pre-stored reference third-party verification information. Check it out.
  • the wearable device of the embodiment may send user authentication information to the service terminal, so that the service server checks the user authentication information sent by the service terminal, and if the verification succeeds, performs service on the service request sent by the service terminal. Processing makes the process of business processing safer and more convenient.
  • FIG. 8 is a schematic structural diagram of a wearable device according to another embodiment of the present invention.
  • the wearable device 800 may include: at least one processor 801, such as a CPU, at least one network interface 803, and a memory 804.
  • Communication bus 802. the communication bus 802 is used to implement connection communication between these components.
  • the network interface 803 of the wearable device 800 in the embodiment of the present invention may include a short-range communication network interface for communicating with the server through the Internet.
  • the memory 804 may be a high speed RAM memory or a non-volatile memory such as at least one disk memory.
  • the memory 804 can also optionally be at least one storage device located remotely from the aforementioned processor 801.
  • a set of program codes is stored in the memory 804, and the processor 801 is configured to call the program code stored in the memory 804 for performing the following operations:
  • the network interface 803 Transmitting, by the network interface 803, the user authentication information pre-stored in the wearable device to the service terminal in a short-range communication manner, so that the service terminal sends a service request to the service server, where the service request may include service information.
  • the service server checks the user verification information, and if the verification is successful, performs service processing on the service request.
  • processor 801 invoking the program code stored in the memory 804 may also perform the following operations:
  • the device identifier of the wearable device is sent to the service terminal in a short-distance communication manner, so that The service terminal sends the device identifier of the wearable device to the service server, and the service server performs binding verification according to the device identifier and the identification information of the service terminal, and if the verification passes, the service is sent to the service.
  • the terminal sends device relationship confirmation information, When the service terminal sends a service request to the service server, the device relationship confirmation information is carried, so that the service server checks the user verification information and the device relationship confirmation information, and if the verification is successful, the device The business request is for business processing.
  • the processor 801 calls the program code stored in the memory 804 to send the user verification information pre-stored in the wearable device to the service terminal through the network interface 803, which is specifically:
  • the third-party verification information is verified by the network interface 803. If the verification is successful, the pre-stored user verification information is sent to the service terminal in a short-distance communication manner.
  • the third-party verification information is encrypted by using the third-party private key by the service server, and the processor 801 performs verification on the third-party verification information, specifically:
  • the encrypted third-party authentication information is decrypted by using a third-party public key corresponding to the service server, and the decrypted third-party verification information is verified according to the pre-stored reference third-party verification information.
  • the wearable device introduced in this embodiment may be used to implement some or all of the processes in the security verification method embodiment introduced in the foregoing with reference to FIG. 1 to FIG.
  • FIG. 9 is a schematic structural diagram of a security verification system according to an embodiment of the present invention.
  • the security verification system in the embodiment of the present invention includes a service terminal 901, a wearable device 902, and a service server 903, where:
  • the service terminal 901 communicates with the wearable device 902 in a short-range communication manner, and is configured to acquire, from the wearable device 902, user authentication information pre-stored in the wearable device 902, to the service server.
  • 903 Send a service request, where the service request includes service information and the user verification information;
  • the service server 903 is configured to perform verification on the user verification information, and if the verification is successful, perform service processing on the service request.
  • the service terminal 901 is further configured to acquire the wearable before acquiring the user verification information pre-stored in the wearable device 902 from the wearable device 902 of the user.
  • the device identifier of the device 902, the device identifier of the wearable device 902 is sent to the service server 903;
  • the service server 903 is further configured to perform binding verification according to the device identifier and the identifier information of the service terminal, and send the device relationship confirmation information to the service terminal 901 if the verification succeeds;
  • the service terminal 901 carries the device relationship confirmation information when the service request is sent to the service server 903, and the service server 903 checks the user verification information and the device relationship confirmation information. Then, the business request is processed.
  • the obtaining, by the service terminal 901, the user verification information pre-stored in the wearable device 902 from the wearable device 902 of the user includes:
  • the service terminal 901 acquires the third party verification information of the service server 903 and sends the third party verification information of the service server 903 to the wearable device 902;
  • the wearable device 902 is configured to check the third-party verification information, and if the verification is successful, send the pre-stored user verification information to the service terminal 901.
  • the third-party authentication information sent by the service terminal 901 to the wearable device 902 is encrypted by using the third-party private key by the service server 903;
  • the verification of the third-party verification information by the wearable device 902 includes:
  • the wearable device 902 decrypts the encrypted third-party verification information by using a third-party public key corresponding to the service server 903, and performs decrypted third-party verification information according to the pre-stored reference third-party verification information. check.
  • the service terminal 901 obtains user authentication information pre-stored in the wearable device 902 from the wearable device 902 of the user as being encrypted by the user private key;
  • the verifying the user verification information by the service server 903 includes:
  • the service server 903 decrypts the encrypted user verification information by using the user public key corresponding to the user, and verifies the decrypted user verification information according to the pre-stored reference user verification information.
  • the short-range communication mode may include a Bluetooth connection or NFC, etc., for example, after the user clicks “confirm payment”, the service terminal turns on the Bluetooth function and performs a Bluetooth device search, and the user wearable device keeps the Bluetooth by default. In the on state, the Bluetooth connection to the wearable device can be automatically established after the service terminal searches for the user's wearable device.
  • the service terminal 901 is further configured to perform a Bluetooth device search before acquiring the user verification information pre-stored in the wearable device 902 from the wearable device 902 of the user, thereby The wearable device 902 establishes a Bluetooth connection.
  • the service server of the embodiment can verify the user authentication information stored in the wearable device of the user sent by the service terminal, and if the verification succeeds, perform service processing on the service request sent by the service terminal, so that the process of the service processing is further Safe and convenient.
  • FIG. 10 is a schematic structural diagram of a secure payment system according to an embodiment of the present invention.
  • the security verification system in the embodiment of the present invention includes a payment terminal 1001, a wearable device 1002, and a payment server 1003, where:
  • the payment terminal 1001 communicates with the wearable device 1002 in a short-range communication manner, and is configured to acquire, from the wearable device 1002, user authentication information pre-stored in the wearable device 1002, to the payment server. 1003. Send a payment request, where the payment request includes payment information and the user verification information;
  • the payment server 1003 is configured to check the user verification information, and if the verification is successful, perform payment processing on the payment request.
  • the payment terminal 1001 is configured to acquire the device of the wearable device 1002 before acquiring the user verification information pre-stored in the wearable device 1002 from the wearable device 1002 of the user. Identifying, sending the device identifier of the wearable device 1002 to the payment server 1003;
  • the payment server 1003 is further configured to perform binding verification according to the device identifier and the identifier information of the payment terminal, and send the device relationship confirmation information to the payment terminal 1001 if the verification succeeds;
  • the payment terminal 1001 carries the device relationship confirmation information when the payment request is sent to the payment server 1003, and the payment server 1003 checks the user verification information and the device relationship confirmation information. Then, payment processing is performed on the payment request.
  • the obtaining, by the payment terminal 1001, the user verification information pre-stored in the wearable device 1002 from the wearable device 1002 of the user includes:
  • the payment terminal 1001 obtains the third party verification information of the payment server 1003 and sends the third party verification information of the payment server 1003 to the wearable device 1002;
  • the wearable device 1002 is configured to check the third-party verification information, and if the verification is successful, send the pre-stored user verification information to the payment terminal 1001.
  • the third-party verification information sent by the payment terminal 1001 to the wearable device 1002 is encrypted by the payment server 1003 using a third-party private key;
  • the verification of the third-party verification information by the wearable device 1002 includes:
  • the wearable device 1002 decrypts the encrypted third-party verification information by using a third-party public key corresponding to the payment server 1003, and performs decrypted third-party verification information according to the pre-stored reference third-party verification information. check.
  • the short-range communication mode may include a Bluetooth connection or NFC, etc., for example, after the user clicks “confirm payment”, the service terminal turns on the Bluetooth function and performs a Bluetooth device search, and the user wearable device keeps the Bluetooth by default. In the on state, the Bluetooth connection to the wearable device can be automatically established after the service terminal searches for the user's wearable device.
  • the payment terminal 1001 obtains user authentication information pre-stored in the wearable device 1002 from the wearable device 1002 of the user as being encrypted by the user private key;
  • the verifying, by the payment server 1003, the user verification information includes:
  • the payment server 1003 decrypts the encrypted user verification information by using the user public key corresponding to the user, and verifies the decrypted user verification information according to the pre-stored reference user verification information.
  • the payment terminal 1001 is further configured to perform a Bluetooth device search before acquiring the user verification information pre-stored in the wearable device 1002 from the wearable device 1002 of the user, thereby The wearable device 1002 establishes a Bluetooth connection.
  • the payment server of the embodiment can verify the user verification information stored in the wearable device of the user sent by the payment terminal, and if the verification succeeds, perform payment processing on the payment request sent by the payment terminal, so that the online payment is safer and more convenient. .
  • FIG. 11 is a schematic structural diagram of a service terminal according to an embodiment of the present application.
  • the service terminal may be used to implement the security verification method provided in the foregoing embodiment. Specifically:
  • the service terminal 2000 may include a communication unit 2110, a memory 2120 including one or more computer readable storage media, an input unit 2130, a display unit 2140, a sensor 2150, an audio circuit 2160, and a WIFI (Wireless Fidelity) module 2170. Including one or One or more processing core processor 2180, and power supply 2190 and other components. It will be understood by those skilled in the art that the service terminal structure shown in the figure does not constitute a limitation of the service terminal, and may include more or less components than those illustrated, or a combination of certain components, or different component arrangements. among them:
  • the communication unit 2110 can be used for transmitting and receiving information or receiving and transmitting signals during a call.
  • the communication unit 2110 can be an RF (Radio Frequency) circuit, a router, a modem, or the like.
  • RF circuits as communication units include, but are not limited to, an antenna, at least one amplifier, a tuner, one or more oscillators, a Subscriber Identity Module (SIM) card, a transceiver, a coupler, and a LNA (Low Noise Amplifier, low).
  • SIM Subscriber Identity Module
  • the communication unit 2110 can also communicate with the network and other devices through wireless communication.
  • the wireless communication may use any communication standard or protocol, including but not limited to GSM (Global System of Mobile communication), GPRS (General Packet Radio Service), CDMA (Code Division Multiple Access). , Code Division Multiple Access), WCDMA (Wideband Code Division Multiple Access), LTE (Long Term Evolution), e-mail, SMS (Short Messaging Service), and the like.
  • the memory 2120 can be used to store software programs and modules, and the processor 2180 executes various functional applications and data processing by running software programs and modules stored in the memory 2120.
  • the memory 2120 may mainly include a storage program area and a storage data area, wherein the storage program area may store an operating system, an application required for at least one function (such as a sound playing function, an image playing function, etc.), and the like; the storage data area may be stored according to Data created by the use of the business terminal 2000 (such as audio data, phone book, etc.).
  • memory 2120 can include high speed random access memory, and can also include non-volatile memory, such as at least one magnetic disk storage device, flash memory device, or other volatile solid state storage device. Accordingly, the memory 2120 can also include a memory controller to provide access to the memory 2120 by the processor 2180 and the input unit 2130.
  • the input unit 2130 can be configured to receive input numeric or character information and to generate keyboard, mouse, joystick, optical or trackball signal inputs related to user settings and function controls.
  • the input unit 2130 can include a touch-sensitive surface 2131 as well as other input devices 2132.
  • Touch-sensitive surface 2131 also referred to as a touch display or trackpad, can collect touch operations on or near the user (eg, the user uses a finger, stylus, etc., on any suitable object or accessory on touch-sensitive surface 2131 or The operation near the touch-sensitive surface 2131) and driving the corresponding connecting device according to a preset program.
  • the sensitive surface 2131 can include two portions of a touch detection device and a touch controller.
  • the touch detection device detects the touch orientation of the user, and detects a signal brought by the touch operation, and transmits the signal to the touch controller; the touch controller receives the touch information from the touch detection device, converts the touch information into contact coordinates, and sends the touch information.
  • the processor 2180 is provided and can receive commands from the processor 2180 and execute them.
  • the touch sensitive surface 2131 can be implemented in various types such as resistive, capacitive, infrared, and surface acoustic waves.
  • the input unit 2130 can also include other input devices 2132.
  • other input devices 2132 may include, but are not limited to, one or more of a physical keyboard, function keys (such as volume control buttons, switch buttons, etc.), trackballs, mice, joysticks, and the like.
  • the display unit 2140 can be used to display information entered by the user or information provided to the user and various graphical user interfaces of the service terminal 2000, which can be composed of graphics, text, icons, video, and any combination thereof.
  • the display unit 2140 may include a display panel 2141.
  • the display panel 2141 may be configured in the form of an LCD (Liquid Crystal Display), an OLED (Organic Light-Emitting Diode), or the like.
  • the touch-sensitive surface 2131 can cover the display panel 2141, and when the touch-sensitive surface 2131 detects a touch operation thereon or nearby, it is transmitted to the processor 2180 to determine the type of the touch event, and then the processor 2180 according to the touch event The type provides a corresponding visual output on the display panel 2141.
  • touch-sensitive surface 2131 and display panel 2141 are implemented as two separate components to implement input and input functions, in some embodiments, touch-sensitive surface 2131 can be integrated with display panel 2141 for input. And output function.
  • the service terminal 2000 can also include at least one type of sensor 2150, such as a light sensor, motion sensor, and other sensors.
  • the light sensor may include an ambient light sensor and a proximity sensor, wherein the ambient light sensor may adjust the brightness of the display panel 2141 according to the brightness of the ambient light, and the proximity sensor may close the display panel 2141 and/or when the service terminal 2000 moves to the ear.
  • Backlighting As a kind of motion sensor, the gravity acceleration sensor can detect the magnitude of acceleration in all directions (usually three axes). When it is stationary, it can detect the magnitude and direction of gravity.
  • the gesture of the mobile phone can be used to identify the gesture of the mobile phone (such as horizontal and vertical screen switching, related Game, magnetometer attitude calibration), vibration recognition related functions (such as pedometer, tapping), etc.; as for the business terminal 2000 can also be configured with gyroscopes, barometers, hygrometers, thermometers, infrared sensors and other sensors, here No longer.
  • An audio circuit 2160, a speaker 2161, and a microphone 2162 can provide an audio interface between the user and the service terminal 2000.
  • the audio circuit 2160 can transmit the converted electrical data of the received audio data to the speaker 2161, and convert it into a sound signal output by the speaker 2161; on the other hand, the microphone 2162
  • the collected sound signal is converted into an electrical signal, which is received by the audio circuit 2160 and converted into audio data, and then processed by the audio data output processor 2180, sent to the other service terminal via the RF circuit 2110, or output the audio data.
  • the audio circuit 2160 may also include an earbud jack to provide communication of the peripheral earphones with the service terminal 2000.
  • the service terminal may be configured with a wireless communication unit 2170, which may be a WIFI module.
  • WIFI is a short-range wireless transmission technology.
  • the service terminal 2000 can help users to send and receive emails, browse web pages, and access streaming media through the wireless communication unit 2170, which provides wireless broadband Internet access for users.
  • the wireless communication unit 2170 is shown in the drawing, it can be understood that it does not belong to the essential configuration of the service terminal 2000, and may be omitted as needed within the scope of not changing the essence of the disclosure.
  • the processor 2180 is the control center of the service terminal 2000, which connects various portions of the entire handset using various interfaces and lines, by running or executing software programs and/or modules stored in the memory 2120, and recalling data stored in the memory 2120.
  • the various functions and processing data of the service terminal 2000 are executed to perform overall monitoring of the mobile phone.
  • the processor 2180 may include one or more processing cores; preferably, the processor 2180 may integrate an application processor and a modem processor, where the application processor mainly processes an operating system, a user interface, an application, and the like.
  • the modem processor primarily handles wireless communications. It can be understood that the above modem processor may not be integrated into the processor 2180.
  • the service terminal 2000 further includes a power source 2190 (such as a battery) for supplying power to various components.
  • the power source can be logically connected to the processor 2180 through a power management system to manage functions such as charging, discharging, and power management through the power management system.
  • the power supply 2190 may also include any one or more of a DC or AC power source, a recharging system, a power failure detection circuit, a power converter or inverter, a power status indicator, and the like.
  • the service terminal 2000 may further include a camera, a Bluetooth module, and the like, and details are not described herein.
  • the service terminal includes a memory, and one or more programs, wherein one or more programs are stored in the memory and configured to execute the one or more programs by one or more processors Instructions for doing the following:
  • the method before the obtaining the user verification information pre-stored in the wearable device from the wearable device of the user by using the short-range communication manner, the method further includes:
  • the sending a service request to the service server includes:
  • the obtaining the user verification information pre-stored in the wearable device from the wearable device of the user by using the short-range communication manner includes:
  • the short-range communication mode includes a Bluetooth mode or an NFC mode.
  • the method before the obtaining the user verification information pre-stored in the wearable device from the wearable device of the user by using the short-range communication manner, the method further includes:
  • a Bluetooth device search is performed to establish a Bluetooth connection with the wearable device.
  • the service terminal of the embodiment obtains user authentication information pre-stored in the wearable device from the wearable device of the user, and sends a service request to the service server, where the service request includes the service information and the user verification information.
  • the service server In order to enable the service server to verify the user verification information, if the verification is successful, perform service processing on the service request, and perform verification by using the verification information stored in the user's wearable device, so that Business processing of business requests is safer and more convenient.
  • FIG. 12 is a schematic structural diagram of a wearable device according to an embodiment of the present application.
  • the wearable device can be used to implement the security verification method provided in the foregoing embodiment. Specifically:
  • the wearable device 3000 can include a communication unit 3110 including one or more computers A memory 3120 of a readable storage medium, an input unit 3130, a display unit 3140, a sensor 3150, an audio circuit 3160, a WIFI (Wireless Fidelity) module 3170, a processor 3180 including one or more processing cores, and a power supply 3190 and other components.
  • a communication unit 3110 including one or more computers
  • a memory 3120 of a readable storage medium an input unit 3130, a display unit 3140, a sensor 3150, an audio circuit 3160, a WIFI (Wireless Fidelity) module 3170, a processor 3180 including one or more processing cores, and a power supply 3190 and other components.
  • WIFI Wireless Fidelity
  • the communication unit 3110 can be used for transmitting and receiving information and receiving and transmitting signals during a call.
  • the communication unit 3110 can be an RF (Radio Frequency) circuit, a router, a modem, or the like.
  • RF circuits as communication units include, but are not limited to, an antenna, at least one amplifier, a tuner, one or more oscillators, a Subscriber Identity Module (SIM) card, a transceiver, a coupler, and a LNA (Low Noise Amplifier, low).
  • SIM Subscriber Identity Module
  • the communication unit 3110 can also communicate with the network and other devices through wireless communication.
  • the wireless communication may use any communication standard or protocol, including but not limited to GSM (Global System of Mobile communication), GPRS (General Packet Radio Service), CDMA (Code Division Multiple Access). , Code Division Multiple Access), WCDMA (Wideband Code Division Multiple Access), LTE (Long Term Evolution), e-mail, SMS (Short Messaging Service), and the like.
  • the memory 3120 can be used to store software programs and modules, and the processor 3180 executes various functional applications and data processing by running software programs and modules stored in the memory 3120.
  • the memory 3120 may mainly include a storage program area and a storage data area, wherein the storage program area may store an operating system, an application required for at least one function (such as a sound playing function, an image playing function, etc.), and the like; the storage data area may be stored according to Data created by the use of the wearable device 3000 (such as audio data, phone book, etc.), and the like.
  • memory 3120 can include high speed random access memory, and can also include non-volatile memory, such as at least one magnetic disk storage device, flash memory device, or other volatile solid state storage device. Accordingly, memory 3120 can also include a memory controller to provide access to memory 3120 by processor 3180 and input unit 3130.
  • the input unit 3130 can be configured to receive input numeric or character information and to generate keyboard, mouse, joystick, optical or trackball signal inputs related to user settings and function controls.
  • the input unit 3130 can include a touch-sensitive surface 3131 as well as other input devices 3132.
  • Touch sensitive surface 3131 Also known as a touch display or trackpad, it can collect touch operations on or near the user (eg, the user uses a finger, stylus, etc., any suitable object or accessory on or near the touch-sensitive surface 3131) Operation) and drive the corresponding connection device according to a preset program.
  • the touch sensitive surface 3131 can include two portions of a touch detection device and a touch controller.
  • the touch detection device detects the touch orientation of the user, and detects a signal brought by the touch operation, and transmits the signal to the touch controller; the touch controller receives the touch information from the touch detection device, converts the touch information into contact coordinates, and sends the touch information.
  • the processor 3180 is provided and can receive commands from the processor 3180 and execute them.
  • the touch sensitive surface 3131 can be implemented in various types such as resistive, capacitive, infrared, and surface acoustic waves.
  • the input unit 3130 can also include other input devices 3132.
  • other input devices 3132 may include, but are not limited to, one or more of a physical keyboard, function keys (such as volume control buttons, switch buttons, etc.), trackballs, mice, joysticks, and the like.
  • Display unit 3140 can be used to display information entered by the user or information provided to the user and various graphical user interfaces of wearable device 3000, which can be composed of graphics, text, icons, video, and any combination thereof.
  • the display unit 3140 may include a display panel 3141.
  • the display panel 3141 may be configured in the form of an LCD (Liquid Crystal Display), an OLED (Organic Light-Emitting Diode), or the like.
  • the touch-sensitive surface 3131 can cover the display panel 3141, and when the touch-sensitive surface 3131 detects a touch operation thereon or nearby, it is transmitted to the processor 3180 to determine the type of the touch event, and then the processor 3180 according to the touch event The type provides a corresponding visual output on display panel 3141.
  • touch-sensitive surface 3131 and display panel 3141 are implemented as two separate components to implement input and input functions, in some embodiments, touch-sensitive surface 3131 can be integrated with display panel 3141 to effect input. And output function.
  • the wearable device 3000 can also include at least one type of sensor 3150, such as a light sensor, motion sensor, and other sensors.
  • the light sensor may include an ambient light sensor and a proximity sensor, wherein the ambient light sensor may adjust the brightness of the display panel 3141 according to the brightness of the ambient light, and the proximity sensor may close the display panel 3141 and/or when the wearable device 3000 moves to the ear. Or backlight.
  • the gravity acceleration sensor can detect the magnitude of acceleration in all directions (usually three axes). When it is stationary, it can detect the magnitude and direction of gravity. It can be used to identify the gesture of the mobile phone (such as horizontal and vertical screen switching, related Game, magnetometer attitude calibration), vibration recognition related functions (such as pedometer, tapping), etc.
  • other sensors such as gyroscope, barometer, hygrometer, thermometer, infrared sensor, etc. This will not be repeated here.
  • An audio circuit 3160, a speaker 3161, and a microphone 3162 can provide an audio interface between the user and the wearable device 3000.
  • the audio circuit 3160 can transmit the converted electrical data of the received audio data to the speaker 3161, and convert it into a sound signal output by the speaker 3161; on the other hand, the microphone 3162 converts the collected sound signal into an electrical signal, by the audio circuit 3160. After receiving, it is converted into audio data, and then processed by the audio data output processor 3180, transmitted to the, for example, another wearable device via the RF circuit 3110, or outputted to the memory 3120 for further processing.
  • the audio circuit 3160 may also include an earbud jack to provide communication of the peripheral earphones with the wearable device 3000.
  • the wearable device may be configured with a wireless communication unit 3170, which may be a WIFI module.
  • WIFI belongs to short-range wireless transmission technology, and the wearable device 3000 can help users to send and receive emails, browse web pages, and access streaming media through the wireless communication unit 3170, which provides wireless broadband Internet access for users.
  • the wireless communication unit 3170 is shown in the drawings, it can be understood that it does not belong to the essential configuration of the wearable device 3000, and may be omitted as needed within the scope of not changing the essence of the disclosure.
  • the processor 3180 is the control center of the wearable device 3000, connecting various portions of the entire handset with various interfaces and lines, by running or executing software programs and/or modules stored in the memory 3120, and recalling stored in the memory 3120. Data, performing various functions and processing data of the wearable device 3000, thereby performing overall monitoring of the mobile phone.
  • the processor 3180 may include one or more processing cores; preferably, the processor 3180 may integrate an application processor and a modem processor, where the application processor mainly processes an operating system, a user interface, an application, and the like.
  • the modem processor primarily handles wireless communications. It can be understood that the above modem processor may not be integrated into the processor 3180.
  • the wearable device 3000 further includes a power source 3190 (such as a battery) for powering various components.
  • the power source can be logically connected to the processor 3180 through a power management system to manage charging, discharging, and power management through the power management system.
  • the power supply 3190 may also include any one or more of a DC or AC power source, a recharging system, a power failure detection circuit, a power converter or inverter, a power status indicator, and the like.
  • the wearable device 3000 may further include a camera, a Bluetooth module, and the like, and details are not described herein.
  • the wearable device includes a memory, and one or more programs, wherein one or more programs are stored in the memory and configured to execute the one or more programs by one or more processors Contains instructions for making the following methods:
  • the service terminal sends a service request to the service server, where the service request includes the service information and the user verification information, and the service server checks the user verification information, and if the verification succeeds, the service is The business request is for business processing.
  • the method before the sending, by the near-end communication mode, the pre-stored user authentication information to the service terminal, the method further includes:
  • the identification information is used for binding verification, and if the verification is passed, the device relationship confirmation information is sent to the service terminal, and the service terminal sends a service request carrying the device relationship confirmation information to the service server, so that the service is performed.
  • the server verifies the user verification information and the device relationship confirmation information, and if the verification is successful, performs service processing on the service request.
  • the sending the user verification information pre-stored locally to the service terminal by using the short-range communication manner includes:
  • the third-party verification information is verified, and if the verification is successful, the pre-stored user verification information is sent to the service terminal by using the short-range communication method.
  • the third-party verification information is encrypted by using the third-party private key by the service server;
  • the verifying the third-party verification information includes:
  • the encrypted third-party authentication information is decrypted by using a third-party public key corresponding to the service server, and the decrypted third-party verification information is verified according to the pre-stored reference third-party verification information.
  • the wearable device of the embodiment may send user authentication information to the service terminal, so that the service server checks the user authentication information sent by the service terminal, and if the verification succeeds, performs service on the service request sent by the service terminal. Processing makes the process of business processing safer and more convenient.
  • the storage medium may be a magnetic disk, an optical disk, a read-only memory (ROM), or a random access memory (RAM).

Landscapes

  • Engineering & Computer Science (AREA)
  • Computer Security & Cryptography (AREA)
  • Computer Networks & Wireless Communication (AREA)
  • Signal Processing (AREA)
  • Telephone Function (AREA)
  • Financial Or Insurance-Related Operations Such As Payment And Settlement (AREA)
  • Telephonic Communication Services (AREA)

Abstract

La présente invention concerne un procédé de vérification de sécurité et un dispositif et un système associés. Le procédé de vérification de sécurité comprend les étapes suivantes : l'acquisition, depuis un dispositif pouvant être porté sur soi d'un utilisateur, par un terminal de service, d'informations de vérification d'utilisateur mémorisées au préalable dans le dispositif à porter sur soi par une communication en champ proche ; l'envoi, par le terminal de service, d'une requête de service à un serveur de service, la requête de service comprenant des informations de service et les informations de vérification d'utilisateur ; et la vérification, par le serveur de service, des informations de vérification d'utilisateur et, si la vérification réussit, la réalisation d'un traitement de service sur la requête de service. Grâce à la présente invention, la vérification peut être réalisée à l'aide des informations de vérification mémorisées dans un dispositif à porter sur soi d'un utilisateur, de sorte que le traitement de service par rapport à une requête de service soit plus sécurisé et plus pratique.
PCT/CN2014/095467 2013-12-30 2014-12-30 Procédé de vérification de sécurité et dispositif et système associés WO2015101273A1 (fr)

Applications Claiming Priority (2)

Application Number Priority Date Filing Date Title
CN201310746079.8 2013-12-30
CN201310746079.8A CN104601327B (zh) 2013-12-30 2013-12-30 一种安全验证方法、相关设备和系统

Publications (1)

Publication Number Publication Date
WO2015101273A1 true WO2015101273A1 (fr) 2015-07-09

Family

ID=53126857

Family Applications (1)

Application Number Title Priority Date Filing Date
PCT/CN2014/095467 WO2015101273A1 (fr) 2013-12-30 2014-12-30 Procédé de vérification de sécurité et dispositif et système associés

Country Status (2)

Country Link
CN (1) CN104601327B (fr)
WO (1) WO2015101273A1 (fr)

Cited By (9)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN108604341A (zh) * 2016-11-21 2018-09-28 华为技术有限公司 交易方法、支付设备、校验设备和服务器
CN111242605A (zh) * 2018-11-29 2020-06-05 中国移动通信集团广东有限公司 一种移动支付方法
CN111641505A (zh) * 2020-04-20 2020-09-08 广东乐心医疗电子股份有限公司 信息处理方法、装置、电子设备及可读存储介质
TWI747287B (zh) * 2020-05-15 2021-11-21 華南商業銀行股份有限公司 交易驗證系統及方法
CN113784295A (zh) * 2021-11-09 2021-12-10 深圳市伦茨科技有限公司 一种便携式物品的防丢方法及系统
CN113869074A (zh) * 2021-09-09 2021-12-31 维沃移动通信(杭州)有限公司 基于业务码的业务处理方法、装置和电子设备
CN114944922A (zh) * 2022-05-19 2022-08-26 中国银行股份有限公司 一种数据处理方法、装置、设备及存储介质
TWI789972B (zh) * 2020-05-15 2023-01-11 華南商業銀行股份有限公司 可中斷連接之交易驗證系統及方法
TWI789971B (zh) * 2020-05-15 2023-01-11 華南商業銀行股份有限公司 交互判斷合法性的交易驗證系統及方法

Families Citing this family (31)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN104951938A (zh) * 2015-05-07 2015-09-30 高科技术有限公司 Nfc安全交易方法及系统
CN105678553A (zh) * 2015-08-05 2016-06-15 腾讯科技(深圳)有限公司 一种处理订单信息的方法、装置和系统
WO2017049478A1 (fr) * 2015-09-23 2017-03-30 深圳还是威健康科技有限公司 Procédé de paiement et bracelet intelligent
CN105162605A (zh) * 2015-09-28 2015-12-16 东南大学 一种数字签名及认证方法
CN106603237B (zh) * 2015-10-16 2022-02-08 中兴通讯股份有限公司 一种安全支付方法及装置
CN106789852B (zh) * 2015-11-24 2021-03-30 创新先进技术有限公司 一种注册及认证的方法及装置
CN105719138A (zh) * 2016-01-19 2016-06-29 宇龙计算机通信科技(深圳)有限公司 一种支付处理方法、装置、终端以及系统
WO2017141389A1 (fr) * 2016-02-18 2017-08-24 株式会社E3 Système de notification d'urgence
CN107196890A (zh) * 2016-03-14 2017-09-22 阿里巴巴集团控股有限公司 账户授权的实现方法和装置、账户鉴权的实现方法和装置
CN107220828B (zh) * 2016-03-22 2020-09-08 阿里巴巴集团控股有限公司 通过穿戴式设备进行支付授权与支付的方法、系统及装置
CN107295052B (zh) 2016-04-11 2020-06-09 阿里巴巴集团控股有限公司 一种业务处理方法及装置
CN105956644A (zh) * 2016-04-12 2016-09-21 上海海漾软件技术有限公司 一种可穿戴设备的编码、数据同步方法、装置及系统
CN105871867B (zh) * 2016-04-27 2018-01-16 腾讯科技(深圳)有限公司 身份认证方法、系统及设备
CN107358419B (zh) * 2016-05-09 2020-12-11 阿里巴巴集团控股有限公司 机载终端支付鉴权方法、装置以及系统
CN113411317B (zh) 2016-05-11 2023-05-26 创新先进技术有限公司 一种验证身份的方法和系统、智能穿戴设备
CN108377563B (zh) * 2016-11-08 2021-08-20 北京京东尚科信息技术有限公司 管理可穿戴设备的方法、服务端以及客户端
CN106533695B (zh) * 2016-11-15 2019-10-25 北京华大智宝电子系统有限公司 一种安全认证方法以及设备
CN108154364A (zh) * 2016-12-06 2018-06-12 上海方付通商务服务有限公司 可穿戴设备及具有所述可穿戴设备的支付系统及支付方法
CN106713890A (zh) * 2016-12-09 2017-05-24 宇龙计算机通信科技(深圳)有限公司 一种图像处理方法及其装置
CN106981003B (zh) * 2016-12-30 2020-08-25 中国银联股份有限公司 用于虚拟现实环境的交易方法、装置及系统
CN107194696A (zh) * 2017-05-25 2017-09-22 深圳可戴设备文化发展有限公司 物品支付方法、装置及计算机可读存储介质
CN107294987A (zh) * 2017-06-30 2017-10-24 江西博瑞彤芸科技有限公司 信息处理方法
CN107491966A (zh) * 2017-08-04 2017-12-19 北京小米移动软件有限公司 支付方法、装置及系统、存储介质
CN108737442B (zh) * 2018-06-12 2019-05-10 北京多采多宜网络科技有限公司 一种加密校验处理方法
CN111835824B (zh) * 2018-08-31 2023-02-03 创新先进技术有限公司 绑定、迁移方法和装置、计算设备及存储介质
CN109544159A (zh) * 2018-11-12 2019-03-29 东莞市大易产业链服务有限公司 一种快捷授权支付的方法
CN109379388B (zh) * 2018-12-17 2021-04-06 福建联迪商用设备有限公司 一种身份识别方法、终端及可穿戴设备
CN110995454A (zh) * 2019-11-08 2020-04-10 厦门网宿有限公司 一种业务验证方法及系统
CN112215598A (zh) * 2019-12-12 2021-01-12 华为技术有限公司 一种语音支付方法和电子设备
WO2021179144A1 (fr) * 2020-03-09 2021-09-16 华为技术有限公司 Procédé de connexion à un système d'ordinateur de bord et dispositif associé
CN111835869B (zh) * 2020-07-30 2023-06-16 上海茂声智能科技有限公司 一种集中管控终端内容的方法、系统、设备以及存储介质

Citations (3)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN101770619A (zh) * 2008-12-31 2010-07-07 中国银联股份有限公司 一种用于网上支付的多因子认证方法和认证系统
US20130009756A1 (en) * 2011-07-07 2013-01-10 Nokia Corporation Verification using near field communications
CN103310142A (zh) * 2013-05-22 2013-09-18 复旦大学 基于可穿戴设备的人机融合安全认证方法

Patent Citations (3)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN101770619A (zh) * 2008-12-31 2010-07-07 中国银联股份有限公司 一种用于网上支付的多因子认证方法和认证系统
US20130009756A1 (en) * 2011-07-07 2013-01-10 Nokia Corporation Verification using near field communications
CN103310142A (zh) * 2013-05-22 2013-09-18 复旦大学 基于可穿戴设备的人机融合安全认证方法

Cited By (13)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN108604341B (zh) * 2016-11-21 2022-04-12 华为技术有限公司 交易方法、支付设备、校验设备和服务器
CN108604341A (zh) * 2016-11-21 2018-09-28 华为技术有限公司 交易方法、支付设备、校验设备和服务器
CN111242605A (zh) * 2018-11-29 2020-06-05 中国移动通信集团广东有限公司 一种移动支付方法
CN111242605B (zh) * 2018-11-29 2023-09-19 中国移动通信集团广东有限公司 一种移动支付方法
CN111641505A (zh) * 2020-04-20 2020-09-08 广东乐心医疗电子股份有限公司 信息处理方法、装置、电子设备及可读存储介质
CN111641505B (zh) * 2020-04-20 2023-04-25 广东乐心医疗电子股份有限公司 信息处理方法、装置、电子设备及可读存储介质
TWI747287B (zh) * 2020-05-15 2021-11-21 華南商業銀行股份有限公司 交易驗證系統及方法
TWI789972B (zh) * 2020-05-15 2023-01-11 華南商業銀行股份有限公司 可中斷連接之交易驗證系統及方法
TWI789971B (zh) * 2020-05-15 2023-01-11 華南商業銀行股份有限公司 交互判斷合法性的交易驗證系統及方法
CN113869074A (zh) * 2021-09-09 2021-12-31 维沃移动通信(杭州)有限公司 基于业务码的业务处理方法、装置和电子设备
CN113784295B (zh) * 2021-11-09 2022-04-15 深圳市伦茨科技有限公司 一种便携式物品的防丢方法及系统
CN113784295A (zh) * 2021-11-09 2021-12-10 深圳市伦茨科技有限公司 一种便携式物品的防丢方法及系统
CN114944922A (zh) * 2022-05-19 2022-08-26 中国银行股份有限公司 一种数据处理方法、装置、设备及存储介质

Also Published As

Publication number Publication date
CN104601327B (zh) 2019-01-29
CN104601327A (zh) 2015-05-06

Similar Documents

Publication Publication Date Title
WO2015101273A1 (fr) Procédé de vérification de sécurité et dispositif et système associés
US20210336780A1 (en) Key updating method, apparatus, and system
US11488234B2 (en) Method, apparatus, and system for processing order information
JP6576555B2 (ja) サービス処理方法、デバイス及びシステム
US11057376B2 (en) Method, apparatus, and system for controlling intelligent device, and storage medium
CN111066284B (zh) 一种业务证书管理方法、终端及服务器
WO2018176781A1 (fr) Procédé d'envoi d'informations, procédé de réception d'informations, appareil et système
US9635018B2 (en) User identity verification method and system, password protection apparatus and storage medium
CN110417543B (zh) 一种数据加密方法、装置和存储介质
WO2017041599A1 (fr) Procédé de traitement de service et dispositif électronique
EP3401864A1 (fr) Procédé pour sélectionner une application de transaction, et terminal
US9710846B2 (en) Method, terminal, and server for submitting and processing order
US20150302215A1 (en) Sensitive operation verification method, terminal device, server, and verification system
WO2017084288A1 (fr) Procédé et dispositif de vérification d'identité
CN104954126B (zh) 敏感操作验证方法、装置及系统
WO2014000652A1 (fr) Terminal, dispositif et procédé d'installation d'un module complémentaire de navigateur
WO2018108123A1 (fr) Procédé, dispositif, et système d'authentification d'identité
CN106255102B (zh) 一种终端设备的鉴定方法及相关设备
WO2018108062A1 (fr) Procédé et dispositif de vérification d'identité, et support de stockage
WO2016192511A1 (fr) Procédé et appareil permettant de supprimer à distance des informations
WO2019128179A1 (fr) Procédé et appareil de transmission de données entre terminaux mobiles, et terminal mobile
CN108475304A (zh) 一种关联应用程序和生物特征的方法、装置以及移动终端
WO2015101254A1 (fr) Procédé, appareil et système d'interaction d'informations
WO2017166976A1 (fr) Procédé, dispositif et système pour distribuer et vérifier un service d'application
CN108737341B (zh) 业务处理方法、终端及服务器

Legal Events

Date Code Title Description
121 Ep: the epo has been informed by wipo that ep was designated in this application

Ref document number: 14876557

Country of ref document: EP

Kind code of ref document: A1

NENP Non-entry into the national phase

Ref country code: DE

122 Ep: pct application non-entry in european phase

Ref document number: 14876557

Country of ref document: EP

Kind code of ref document: A1