WO2015154536A1 - Payment method and system having multiple security composition mechanisms based on visible code - Google Patents

Payment method and system having multiple security composition mechanisms based on visible code Download PDF

Info

Publication number
WO2015154536A1
WO2015154536A1 PCT/CN2014/095525 CN2014095525W WO2015154536A1 WO 2015154536 A1 WO2015154536 A1 WO 2015154536A1 CN 2014095525 W CN2014095525 W CN 2014095525W WO 2015154536 A1 WO2015154536 A1 WO 2015154536A1
Authority
WO
WIPO (PCT)
Prior art keywords
code
payment
card
transaction
cardholder
Prior art date
Application number
PCT/CN2014/095525
Other languages
French (fr)
Chinese (zh)
Inventor
闻进
Original Assignee
闻进
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by 闻进 filed Critical 闻进
Publication of WO2015154536A1 publication Critical patent/WO2015154536A1/en

Links

Images

Classifications

    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06QINFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES, NOT OTHERWISE PROVIDED FOR
    • G06Q20/00Payment architectures, schemes or protocols
    • G06Q20/02Payment architectures, schemes or protocols involving a neutral party, e.g. certification authority, notary or trusted third party [TTP]
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06QINFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES, NOT OTHERWISE PROVIDED FOR
    • G06Q20/00Payment architectures, schemes or protocols
    • G06Q20/38Payment protocols; Details thereof
    • G06Q20/40Authorisation, e.g. identification of payer or payee, verification of customer or shop credentials; Review and approval of payers, e.g. check credit lines or negative lists
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06QINFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES, NOT OTHERWISE PROVIDED FOR
    • G06Q20/00Payment architectures, schemes or protocols
    • G06Q20/38Payment protocols; Details thereof
    • G06Q20/40Authorisation, e.g. identification of payer or payee, verification of customer or shop credentials; Review and approval of payers, e.g. check credit lines or negative lists
    • G06Q20/401Transaction verification

Definitions

  • the invention relates to an enhancement based on an existing payment system (Internet channel, mobile intelligent client, ATM, POS, counter, etc.), based on visible codes (two-dimensional code, barcode and text code or mixed combination) Payment method and system for secure combination mechanism.
  • an existing payment system Internet channel, mobile intelligent client, ATM, POS, counter, etc.
  • visible codes two-dimensional code, barcode and text code or mixed combination
  • the holding amount of each person's payment voucher cannot be very large, and the result is that the amount of funds involved in a single payment voucher account is large, and the amount of loss is large once the payment voucher is copied and stolen.
  • the design of the POS payment system is also based on the communication considerations. It adopts the mode of setting the conditions for one-time package uploading and seeking the authorization of the host. The payer cannot visually judge whether the payment terminal is legally authenticated before inputting the security information. Therefore, it is possible for the illegal payment terminal to copy and steal the payment information of the payer, and it is also impossible to use a high security mechanism such as a dynamic verification code.
  • Visible codes two-dimensional codes, bar codes, and text codes or mixed combinations
  • the visible code like other payment vouchers, cannot eliminate the readable copyability, and it is necessary to ensure the security of payment through multiple security combination mechanisms.
  • the object of the present invention is to solve the above problems, and to provide a payment method and system based on a multiple security combination mechanism of visible codes.
  • the cardholder uses the self-service equipment such as online banking and mobile banking to generate the payment card information for the transaction in the issuing bank or the card issuing institution system.
  • the payment card information includes but not limited to the following contents: payment card number, personality Welcome message, acquiring line identification code, merchant name, merchant number, card machine terminal identification code, actual validity period, single-time card/multi-digit card, service code/service constraint, card verification code (CVN), personal identification Code, dynamic verification code receiving number, number of allowed retransmissions, transaction currency code, amount of amount, cardholder identity authentication information (cardholder ID number, fingerprint, digital certificate, seal, etc.), etc., with the combination of the above information
  • the authorization element of the payment card realizes multiple security combination mechanisms for payment of payment card transactions.
  • the payment card number, the generated payment card number conforms to the relevant standard specifications, and has no explicit relationship with the main account, so as to prevent the thief from calculating the main account information by using the payment card number.
  • the primary account card number is a special case of the payment card number.
  • the actual validity period is subject to the validity period of the main account, and the time is accurate to the minute (YYMMDDhhmm), and the security of the payment card is improved by the short validity period.
  • Card verification code (CVN), personal identification code (independent), dynamic verification code receiving number, cardholder identity authentication information, etc., zero or all combinations, to improve the security of payment, cardholder identity authentication information (holding The card holder ID number, fingerprint, digital certificate, seal, etc.) can be the primary account owner or other person authorized by the primary account (mainly used for company cards, official cards, etc.).
  • the amount of the amount, the special lock amount (the amount of the payment card is locked from the main account for this payment card, not shared with other payment cards, the main account, until the payment card is invalidated or revoked);
  • the amount of the payment card and other payment cards, The main account is shared, which improves the efficiency of capital utilization.
  • the payment card information is stored in the authorization authentication system for the authorization authentication of the payment card transaction payment.
  • the generated payment card number is sent and saved (copy, download, MMS, SMS, etc.) to the storage medium by visible code (two-dimensional code, barcode and text code or mixed combination) for transaction payment (payer)
  • visible code two-dimensional code, barcode and text code or mixed combination
  • the device can be offline.
  • the offline use mode of the payer device (presenting the payment card number), on the one hand, reduces the roaming charges brought by the online use mode of the payer device, and on the other hand avoids the use of the payer device to use the payee transaction place.
  • the security risks associated with the unknown security WIFI provided.
  • the transaction payment terminal of the payee reads (acquires) the payment card number, and the online authorization authentication system completes the authorization process of payment with multiple security combination mechanisms.
  • the relevant reservation information such as: the receipt line identification code, the merchant name, the merchant number, the actual validity period, the amount of the amount, the cardholder identity authentication information (cardholder ID card) Number), etc.
  • the collection of information on the use of official card is not concentrated, difficult to supervise and involve individuals in advance Privacy and other drawbacks, but the use of visible code payment card as a business card, special card dedicated (business card is only used for official expenses), strengthen the pre-existence (pre-approval budget before the public expenditure), in the event (public expenditures timely feedback to the account system, Because it is necessary to verify the identity information of the official card users, avoid being fraudulently used, and at the same time facilitate financial and timely separate statistics) supervision, fixed-point procurement, improve the utilization of funds, and simplify the centralized management of funds.
  • the technical solution of the present invention is established on the basis of an existing payment system (Internet channel, mobile intelligent terminal, ATM, POS, counter, etc.) that has obtained security authentication, and is strengthened by a multiple security combination mechanism, and the payment method thereof
  • the system is easy to pass the safety certification of the relevant department/institution.
  • the invention has the characteristics of unified authorization authentication methods of various transaction payment systems (Internet channels, mobile intelligent terminals, ATMs, POSs, counters, etc.), and effectively reduces operation and maintenance costs.
  • the third party except the cardholder and the issuing bank/issuing institution) can only access and obtain the payment card information, only the payment card number, so as to protect the cardholder's account information security to the utmost extent.
  • Figure 1 is a simplified flow diagram of the present invention.
  • FIG. 2 is a schematic diagram of a related field of payment card information of the present invention.
  • FIG. 3 is a simplified flow diagram of an embodiment of the present invention in a POS application.
  • the cardholder uses the terminal account (200) device (online banking, mobile banking, mobile smart client, etc.) to log in to the issuing bank/issuing institution system (100) of the primary account, and self-generates payment card information for transaction payment ( Including but not limited to the following: payment card number, personalized welcome message, acquiring line identification code, merchant name, merchant number, card machine terminal identification code, actual validity period, single-time card/multi-digit card, service code/service Constraint, card verification code (CVN), personal identification code, dynamic verification code receiving number, number of allowed retransmissions, transaction currency code, amount of amount, cardholder identity authentication information (cardholder ID number, fingerprint, digital certificate, seal Etc) and will The payment card information is saved to the authorized authentication system for authorization processing when the transaction is paid.
  • payment card information is saved to the authorized authentication system for authorization processing when the transaction is paid.
  • the payment card number is sent and saved (copy, download, MMS, SMS, etc.) to the card holder's storage medium (200) by visible code (QR code, barcode and text code or mixed combination), for Transaction payment (offline mode of the payer device).
  • the storage medium (200) may be a computer, a mobile phone, a mobile intelligent terminal, and a printable material, and may be stored in an encrypted manner, and then decrypted and converted into a visible code (a two-dimensional code, a bar code, a text code or a combination) when used, and enhanced. safety.
  • the cardholder displays the storage medium (200) of the visible code (two-dimensional code, bar code, and text code or mixed combination) of the payment card number, which is presented to the transaction payment terminal (300), and is increased by the transaction payment terminal (300).
  • the payment card can be displayed with a personalized welcome message, which is convenient for the cardholder to judge the legality of the transaction payment terminal (300) and improve the security payment level.
  • the issuing process of the transaction payment authorization request submitted by the issuing bank/issuing institution authorization authentication system (100) to the transaction payment terminal (100) may be performed in two ways: (a) indirect mode, the transaction payment terminal (300) is connected to the online acquiring bank/ The acquiring institution (400) completes the legality identification of the transaction payment terminal (300), and then completes the transaction payment authorization authentication process between the acquiring bank/acquisition institution (400) and the issuing bank/issuing institution (100), and authorizes the authentication. The result is fed back to the transaction payment terminal (300).
  • the simplified flow of the terminal processing operation of the transaction payment terminal (300) for the POS terminal is as follows.
  • step 301 prompt transaction function selection: the function key and the number key are simultaneously available.
  • Step 302 For the transaction that needs to verify the operator or administrator password, prompt for input and verify.
  • Step 303 According to the transaction requirement, prompt to read the card or input the card number: if the card is not read, press the designated function key to enter the manual input card number prompt.
  • Step 304 According to the transaction requirement, select prompt to input relevant data: including: transaction amount, pre-authorization amount, return amount, original authorization code, original POS serial number, original retrieval reference number, and the like.
  • Step 305 Judging: the traditional POS transaction processing flow?
  • the traditional POS transaction processing process adopts a mode in which the condition is set to upload and upload the authorization for the host once, and the paying party cannot visually judge whether the payment terminal is legally authenticated before inputting the security information.
  • This step is to be compatible with the existing POS transaction processing flow, and the present invention can enable the cardholder to authenticate the transaction payment terminal by adding a step of obtaining a feedback cardholder to reserve a personalized welcome message in the existing POS transaction processing flow. Legitimacy.
  • step 305 the traditional POS transaction processing flow? If yes, go to step 307.
  • Step 307 According to the transaction request, the cardholder is prompted to input a password: if the confirmation key is directly pressed, it is regarded as no password.
  • Step 311 Prompt processing: display processing and communication status, such as dialing, sending, receiving, automatic flushing, sending, and sending.
  • Step 312 Display the transaction result and print the purchase order according to the transaction and response code.
  • step 305 the traditional POS transaction processing flow? If the result is no, the process proceeds to step 306.
  • Step 306 Online, send a message, wait for a response message, and obtain cardholder reservation information (personalized welcome message) from the authorization system.
  • Step 308 Judging: Is the reservation information (personalized welcome message) and the cardholder reservation information consistent? This is a security enhancement measure for the existing POS transaction processing flow of the present invention.
  • step 308 Is the reservation information (personalized welcome message) and the cardholder reservation information consistent? If the result is inconsistent, the process proceeds to step 309.
  • Step 309 Displaying the reservation information (personalized welcome message) and the cardholder reservation information are inconsistent, which may be an illegal authorization transaction terminal, and the cardholder terminates the candidate payment operation.
  • step 308 Is the reservation information (personalized welcome message) and the cardholder reservation information consistent? If the result is consistent, then step 310 is entered.
  • Step 310 In accordance with the transaction reservation verification requirement, the cardholder is prompted to input relevant reserved security verification information: such as a password, a dynamic verification code, and an identity information.
  • relevant reserved security verification information such as a password, a dynamic verification code, and an identity information.
  • Step 311 Prompt processing: display processing and communication status, such as dialing, sending, receiving, automatic flushing, sending, and sending.
  • Step 312 Display the transaction result and print the purchase order according to the transaction and response code.

Landscapes

  • Business, Economics & Management (AREA)
  • Engineering & Computer Science (AREA)
  • Accounting & Taxation (AREA)
  • Computer Security & Cryptography (AREA)
  • Strategic Management (AREA)
  • Physics & Mathematics (AREA)
  • General Business, Economics & Management (AREA)
  • General Physics & Mathematics (AREA)
  • Theoretical Computer Science (AREA)
  • Finance (AREA)
  • Financial Or Insurance-Related Operations Such As Payment And Settlement (AREA)
  • Cash Registers Or Receiving Machines (AREA)

Abstract

The present invention relates to a payment method and system having multiple security combination mechanisms based on a visible code (such as a two-dimensional code, a bar code and a literal code or a mixed combination). The present invention is characterized in that on the basis of the existing transaction payment system (such as the Internet channel, a mobile intelligent client, an ATM, a POS, a counter, etc.), payment card information for authorization and authentication during transaction payment is generated by a cardholder in a self-service manner in a system of a card issuing bank/a card issuing mechanism, the payment card information comprising but not limited to the following contents: a payment card number, personalized welcomes, an acquiring bank identification code, a merchant name, a merchant number, a card acceptor terminal identification code, an actual expiry date, a single-use card/a repeated-use card, a service code/service constraint, a card verification number (CVN), a personal identification number, a dynamic verification code receiving number, the number of times of retyping allowed, a transaction currency code, a credit amount, cardholder identity authentication information (a cardholder identification number, fingerprint, digital certificate, seal impression and the like), etc.; and the payment card information is taken as a basis of multiple security composition authorization mechanisms, thereby realizing the method and system for applying the payment card number to the transaction payment in the manner of a visible code (such as a two-dimensional code, a bar code and a literal code or a mixed combination).

Description

一种基于可见码的多重安全组合机制的支付方法和系统Payment method and system based on visible code multiple security combination mechanism 技术领域Technical field
本发明涉及一种在现有支付系统(互联网渠道、移动智能客户端、ATM、POS、柜台等)基础上加强的,基于可见码(二维码、条码和文字码或混合组合)的具有多重安全组合机制的支付方法和系统。The invention relates to an enhancement based on an existing payment system (Internet channel, mobile intelligent client, ATM, POS, counter, etc.), based on visible codes (two-dimensional code, barcode and text code or mixed combination) Payment method and system for secure combination mechanism.
背景技术Background technique
在传统上过去因为通讯技术的限制,安全支付的侧重点放在对支付方持有的支付凭证(磁卡、IC卡、声波、NFC、SIM卡等)的软硬件加密和支付设备的绑定上,但这些支付凭证最终都是需要通过支付终端设备的读取才能完成支付过程,理论上也就不可避免的存在被读取复制的可能性,差异只在读取复制的成本。同时这类依靠软硬件加密的支付凭证(磁卡、IC卡、声波、NFC、SIM卡等)因为成本(制作、分发、更换等)关系,导致这类支付凭证的使用有效周期不可能太短,每人的支付凭证的持有量不可能很大,带来的结果就是单个支付凭证账户涉及的资金金额较大,一旦支付凭证被复制盗用也就导致损失金额较大。同时POS支付系统设计之初也因为通讯方面的考虑,采用的是设定好条件一次性打包上传寻求主机的授权的模式,支付方在输入安全信息之前无法直观的视觉判断支付终端是否为合法认证的,也就给非法支付终端复制窃取支付方支付凭证信息带来了可能,同时也无法使用类似动态验证码这类高安全机制。Traditionally, due to the limitations of communication technology, the focus of secure payment is on the binding of software and hardware encryption and payment devices to payment certificates (magnetic cards, IC cards, sound waves, NFC, SIM cards, etc.) held by the payer. However, these payment vouchers ultimately need to be read by the payment terminal device to complete the payment process. In theory, there is inevitably the possibility of being read and copied, and the difference is only in the cost of reading the copy. At the same time, such payment vouchers (magnetic cards, IC cards, sound waves, NFC, SIM cards, etc.) relying on software and hardware encryption may not be too short in the effective period of use of such payment vouchers due to cost (production, distribution, replacement, etc.). The holding amount of each person's payment voucher cannot be very large, and the result is that the amount of funds involved in a single payment voucher account is large, and the amount of loss is large once the payment voucher is copied and stolen. At the same time, the design of the POS payment system is also based on the communication considerations. It adopts the mode of setting the conditions for one-time package uploading and seeking the authorization of the host. The payer cannot visually judge whether the payment terminal is legally authenticated before inputting the security information. Therefore, it is possible for the illegal payment terminal to copy and steal the payment information of the payer, and it is also impossible to use a high security mechanism such as a dynamic verification code.
可见码(二维码、条码和文字码或混合组合)具有成本廉价和分发便捷的特点,为实现支付手段的一次性或有限次数提供了可能。但可见码和其他支付凭证一样都无法杜绝可读取复制性,就需要通过多重安全组合机制来保证支付的安全性。Visible codes (two-dimensional codes, bar codes, and text codes or mixed combinations) are inexpensive and easy to distribute, providing a one-time or limited number of means of payment. However, the visible code, like other payment vouchers, cannot eliminate the readable copyability, and it is necessary to ensure the security of payment through multiple security combination mechanisms.
发明内容Summary of the invention
本发明的目的就是为了解决上述问题,提供一种基于可见码的多重安全组合机制的支付方法和系统。The object of the present invention is to solve the above problems, and to provide a payment method and system based on a multiple security combination mechanism of visible codes.
本发明的技术方案包括以下步骤:The technical solution of the present invention includes the following steps:
(1)持卡人以主账户通过网银、手机银行等自助设备,在发卡行或发卡机构系统里自助生成用于交易的支付卡信息,支付卡信息包括但不仅限下列内容:支付卡号、个性化欢迎语、收单行标识码、商户名称、商户编号、受卡机终端标识码、实际有效期、单次性卡/多次性卡、服务代码/服务约束、卡片验证码(CVN)、个人标识码、动态验证码接收号码、允许重输次数、交易货币代码、额度金额、持卡人身份认证信息(持卡人证件号码、指纹、数字证书、印鉴等)等,以上述各信息的组合作为支付卡的授权认证要素,实现支付卡交易支付的多重安全组合机制。(1) The cardholder uses the self-service equipment such as online banking and mobile banking to generate the payment card information for the transaction in the issuing bank or the card issuing institution system. The payment card information includes but not limited to the following contents: payment card number, personality Welcome message, acquiring line identification code, merchant name, merchant number, card machine terminal identification code, actual validity period, single-time card/multi-digit card, service code/service constraint, card verification code (CVN), personal identification Code, dynamic verification code receiving number, number of allowed retransmissions, transaction currency code, amount of amount, cardholder identity authentication information (cardholder ID number, fingerprint, digital certificate, seal, etc.), etc., with the combination of the above information The authorization element of the payment card realizes multiple security combination mechanisms for payment of payment card transactions.
(a)支付卡号,生成的支付卡号符合相关标准规范,同时和主账户没有明示关系,避免盗取者通过支付卡号推算出主账户信息。主账户卡号作为支付卡号的一个特例。(a) The payment card number, the generated payment card number conforms to the relevant standard specifications, and has no explicit relationship with the main account, so as to prevent the thief from calculating the main account information by using the payment card number. The primary account card number is a special case of the payment card number.
(b)个性化欢迎语,用于鉴别支付终端的合法性,避免钓鱼网站和非法交易终端盗取持卡人账户信息。(b) Personalized welcome language for identifying the legality of the payment terminal and preventing the phishing website and the illegal transaction terminal from stealing the cardholder account information.
(c)收单行标识码、商户名称、商户编号、受卡机终端标识码、服务代码/服务约束等零或全部组合,用来限制支付卡的范围,提高支付卡的支付安全性,避免钓鱼网站欺骗。(c) Zero or all combinations of the acquirer identification code, merchant name, merchant number, card machine terminal identification code, service code/service constraint, etc., used to limit the scope of the payment card, improve the payment security of the payment card, and avoid fishing. Website fraud.
(d)实际有效期受主账户有效期约束,时间精确到分钟(YYMMDDhhmm),以短有效期方式提高支付卡的安全性。(d) The actual validity period is subject to the validity period of the main account, and the time is accurate to the minute (YYMMDDhhmm), and the security of the payment card is improved by the short validity period.
(e)卡片验证码(CVN)、个人标识码(独立的)、动态验证码接收号码、持卡人身份认证信息等零或全部组合,提高支付的安全性,持卡人身份认证信息(持卡人证件号码、指纹、数字证书、印鉴等)可以是主账户本人,也可以是主账户授权的其他人(主要用于公司卡、公务卡等方面的应用)。(e) Card verification code (CVN), personal identification code (independent), dynamic verification code receiving number, cardholder identity authentication information, etc., zero or all combinations, to improve the security of payment, cardholder identity authentication information (holding The card holder ID number, fingerprint, digital certificate, seal, etc.) can be the primary account owner or other person authorized by the primary account (mainly used for company cards, official cards, etc.).
(f)额度金额,分专用锁定金额(支付卡的额度金额从主账户中锁定专用于此支付卡,不和其他支付卡、主账户共享额度,直到此支付卡失效或撤销);共享金额(支付卡的额度金额和其他支付卡、 主账户共享,提高了资金的利用效率。(f) the amount of the amount, the special lock amount (the amount of the payment card is locked from the main account for this payment card, not shared with other payment cards, the main account, until the payment card is invalidated or revoked); The amount of the payment card and other payment cards, The main account is shared, which improves the efficiency of capital utilization.
(2)支付卡信息保存于授权认证系统,用于支付卡交易支付的授权认证。(2) The payment card information is stored in the authorization authentication system for the authorization authentication of the payment card transaction payment.
(3)生成的支付卡号以可见码(二维码、条码和文字码或混合组合)方式发送、保存(复制、下载、彩信、短信等方式)到存储媒介中,用于交易支付(支付方设备的可脱机方式)。(3) The generated payment card number is sent and saved (copy, download, MMS, SMS, etc.) to the storage medium by visible code (two-dimensional code, barcode and text code or mixed combination) for transaction payment (payer) The device can be offline.)
(4)支付方设备(出示支付卡号)的可脱机使用方式,一方面降低了支付方设备联机使用方式时带来的漫游费用,另一方面也避免了支付方设备使用收款方交易场所提供的未知安全性WIFI可能带来的安全风险。(4) The offline use mode of the payer device (presenting the payment card number), on the one hand, reduces the roaming charges brought by the online use mode of the payer device, and on the other hand avoids the use of the payer device to use the payee transaction place. The security risks associated with the unknown security WIFI provided.
(5)收款方的交易支付终端读取(获取)支付卡号,联机授权认证系统,以多重安全组合机制完成支付的授权过程。(5) The transaction payment terminal of the payee reads (acquires) the payment card number, and the online authorization authentication system completes the authorization process of payment with multiple security combination mechanisms.
(6)因为支付卡的预留授权认证信息的多重安全组合特性,可以兼顾不同支付环境下对便捷性和安全性的不同要求,例如:(6) Because of the multiple security combination features of the payment card's reserved authorization authentication information, different requirements for convenience and security in different payment environments can be considered, for example:
(a)公交、地铁、高速公路过桥过路费、话费充值等小额支付,便捷性是优先考虑,通过支付卡信息中的收单行标识码、商户名称、商户编号、实际有效期(短有效期)、额度金额(小额)等的设定来限制使用范围和可用金额,免二次验证(返回个性化欢迎语等),直接支付,满足安全便捷的要求。(a) Small payment such as bus, subway, expressway toll, and recharge of call charges, convenience is a priority, through the receipt line identification code, merchant name, merchant number, and actual validity period (short validity period) in the payment card information The amount of the amount (small amount) is limited to limit the scope of use and available amount, avoid secondary verification (return to personalized greetings, etc.), and pay directly to meet the requirements of security and convenience.
(b)普通消费,通过增加预留的个性化欢迎语、卡片验证码(CVN)、个人标识码、动态验证码等信息验证满足安全性要求。(b) Ordinary consumption, by adding reserved personalized greetings, card verification code (CVN), personal identification code, dynamic verification code and other information verification to meet the security requirements.
(c)转账、汇款等大额交易支付时,通过增加预留的持卡人身份认证信息(持卡人证件号码、指纹、U盾、印鉴等)验证来满足高安全性的要求。(c) When transferring large transactions such as transfers and remittances, the requirements for high security are met by increasing the cardholder identity authentication information (cardholder ID number, fingerprint, U shield, seal, etc.).
(d)对公务卡一类的应用情况,通过设定相关预留信息,例如:收单行标识码、商户名称、商户编号、实际有效期、额度金额、持卡人身份认证信息(持卡人证件号码)等,避免现行公务卡使用中一人一张卡(资源浪费),公私混用(公务卡同时可以用于公私消费),公务卡支付使用信息采集不集中,难以事前、事中监督和涉及个人隐私等弊端,而采用可见码支付卡作为公务卡,专卡专用(公务卡只用于公务支出),强化事前(公务支出前要审批预算)、事中(公务支出及时反馈到账户系统中,因为需要验证公务卡使用人的身份信息,避免被冒用,同时方便财务及时分别统计)监督,定点采购消费,提高资金的利用率,简化了资金的集中管理。(d) For the application of the official card, set the relevant reservation information, such as: the receipt line identification code, the merchant name, the merchant number, the actual validity period, the amount of the amount, the cardholder identity authentication information (cardholder ID card) Number), etc., to avoid one card (waste of resources) in the use of the current official card, public and private use (business card can also be used for public and private consumption), the collection of information on the use of official card is not concentrated, difficult to supervise and involve individuals in advance Privacy and other drawbacks, but the use of visible code payment card as a business card, special card dedicated (business card is only used for official expenses), strengthen the pre-existence (pre-approval budget before the public expenditure), in the event (public expenditures timely feedback to the account system, Because it is necessary to verify the identity information of the official card users, avoid being fraudulently used, and at the same time facilitate financial and timely separate statistics) supervision, fixed-point procurement, improve the utilization of funds, and simplify the centralized management of funds.
本发明的技术方案实现是建立在现有的已获得安全认证的支付系统(互联网渠道、移动智能终端、ATM、POS、柜台等)基础上,并通过多重安全组合机制得到加强,其支付方法和系统便于通过有关部门/机构的安全认证。本发明具有各交易支付系统(互联网渠道、移动智能终端、ATM、POS、柜台等)授权认证方式统一的特点,有效降低运营维护成本。并且在整个环节中第三方(除持卡人和发卡行/发卡机构之外)唯一可接触、获取到的支付卡信息只有支付卡号,从而可以最大限度的保护持卡人的账户信息安全。The technical solution of the present invention is established on the basis of an existing payment system (Internet channel, mobile intelligent terminal, ATM, POS, counter, etc.) that has obtained security authentication, and is strengthened by a multiple security combination mechanism, and the payment method thereof The system is easy to pass the safety certification of the relevant department/institution. The invention has the characteristics of unified authorization authentication methods of various transaction payment systems (Internet channels, mobile intelligent terminals, ATMs, POSs, counters, etc.), and effectively reduces operation and maintenance costs. And in the whole process, the third party (except the cardholder and the issuing bank/issuing institution) can only access and obtain the payment card information, only the payment card number, so as to protect the cardholder's account information security to the utmost extent.
附图说明DRAWINGS
图1是本发明的简化流程图。Figure 1 is a simplified flow diagram of the present invention.
图2是本发明的支付卡信息相关字段示意图。2 is a schematic diagram of a related field of payment card information of the present invention.
图3是本发明在POS应用中实施例的简化流程图。3 is a simplified flow diagram of an embodiment of the present invention in a POS application.
具体实施方式detailed description
下面结合附图和实施例对本发明作进一步的描述。The invention will now be further described with reference to the drawings and embodiments.
持卡人以主账户通过终端(200)设备(网银、手机银行、移动智能客户端等)联机登陆主账户的发卡行/发行机构系统(100),自助生成用于交易支付的支付卡信息(包括但不仅限下列内容:支付卡号、个性化欢迎语、收单行标识码、商户名称、商户编号、受卡机终端标识码、实际有效期、单次性卡/多次性卡、服务代码/服务约束、卡片验证码(CVN)、个人标识码、动态验证码接收号码、允许重输次数、交易货币代码、额度金额、持卡人身份认证信息(持卡人证件号码、指纹、数字证书、印鉴等),并将此支 付卡信息保存到授权认证系统中用于交易支付时授权处理。同时将支付卡号以可见码(二维码、条码和文字码或混合组合)方式发送、保存(复制、下载、彩信、短信等方式)到持卡人拥有的存储媒介中(200),用于交易支付(支付方设备的可脱机方式)。存储媒介(200)可以是电脑、手机、移动智能终端和可印制材料等,并可以加密方式存储,使用时再解密转换成可见码(二维码、条码和文字码或组合),增强其安全性。持卡人将存储有支付卡号的可见码(二维码、条码和文字码或混合组合)的存储媒介(200),出示给交易支付终端(300),而通过在交易支付终端(300)增加可显示支付卡预留个性化欢迎语,方便持卡人判断交易支付终端(300)的合法性,提升了安全支付水平。发卡行/发卡机构授权认证系统(100)对交易支付终端(100)提交的交易支付授权认证请求的处理过程可以采用2种方式:(a)间接方式,交易支付终端(300)联机收单行/收单机构(400)完成交易支付终端(300)合法性鉴别,然后由收单行/收单机构(400)和发卡行/发卡机构(100)之间完成交易支付授权认证过程,并将授权认证结果反馈给交易支付终端(300)。(b)直接方式,交易支付终端(300)联机收单行/收单机构(400)完成交易支付终端(300)合法性鉴别后,由收单行/收单机构(400)发起交易支付终端(300)和发卡行/发卡机构(100)之间直接的安全连接或会话,实现交易支付终端(300)和发卡行/发卡机构(100)之间直接的交易支付授权认证过程,并将交易支付授权认证结果反馈给收单行/收单机构(400)。The cardholder uses the terminal account (200) device (online banking, mobile banking, mobile smart client, etc.) to log in to the issuing bank/issuing institution system (100) of the primary account, and self-generates payment card information for transaction payment ( Including but not limited to the following: payment card number, personalized welcome message, acquiring line identification code, merchant name, merchant number, card machine terminal identification code, actual validity period, single-time card/multi-digit card, service code/service Constraint, card verification code (CVN), personal identification code, dynamic verification code receiving number, number of allowed retransmissions, transaction currency code, amount of amount, cardholder identity authentication information (cardholder ID number, fingerprint, digital certificate, seal Etc) and will The payment card information is saved to the authorized authentication system for authorization processing when the transaction is paid. At the same time, the payment card number is sent and saved (copy, download, MMS, SMS, etc.) to the card holder's storage medium (200) by visible code (QR code, barcode and text code or mixed combination), for Transaction payment (offline mode of the payer device). The storage medium (200) may be a computer, a mobile phone, a mobile intelligent terminal, and a printable material, and may be stored in an encrypted manner, and then decrypted and converted into a visible code (a two-dimensional code, a bar code, a text code or a combination) when used, and enhanced. safety. The cardholder displays the storage medium (200) of the visible code (two-dimensional code, bar code, and text code or mixed combination) of the payment card number, which is presented to the transaction payment terminal (300), and is increased by the transaction payment terminal (300). The payment card can be displayed with a personalized welcome message, which is convenient for the cardholder to judge the legality of the transaction payment terminal (300) and improve the security payment level. The issuing process of the transaction payment authorization request submitted by the issuing bank/issuing institution authorization authentication system (100) to the transaction payment terminal (100) may be performed in two ways: (a) indirect mode, the transaction payment terminal (300) is connected to the online acquiring bank/ The acquiring institution (400) completes the legality identification of the transaction payment terminal (300), and then completes the transaction payment authorization authentication process between the acquiring bank/acquisition institution (400) and the issuing bank/issuing institution (100), and authorizes the authentication. The result is fed back to the transaction payment terminal (300). (b) In a direct manner, after the transaction payment terminal (300) completes the transaction payment terminal (300) legality identification by the online payment acquiring terminal (300), the transaction payment terminal (300) is initiated by the acquiring bank/acquisition institution (400). ) and a direct secure connection or session between the issuing bank/card issuer (100) to implement a direct transaction payment authorization process between the transaction payment terminal (300) and the issuer/issuer (100), and authorize the transaction payment The certification result is fed back to the acquirer/acquisition agency (400).
其中交易支付终端(300)为POS终端的终端处理操作简化流程如下。The simplified flow of the terminal processing operation of the transaction payment terminal (300) for the POS terminal is as follows.
POS终端操作员如下操作,步骤301:提示交易功能选择:功能键和数字键同时可用。The POS terminal operator operates as follows, step 301: prompt transaction function selection: the function key and the number key are simultaneously available.
步骤302:对于需验证操作员或管理员密码的交易,提示输入并进行验证。Step 302: For the transaction that needs to verify the operator or administrator password, prompt for input and verify.
步骤303:按照交易要求,提示读卡或手输入卡号:如不读卡,可按指定功能键,进入手工输入卡号提示。Step 303: According to the transaction requirement, prompt to read the card or input the card number: if the card is not read, press the designated function key to enter the manual input card number prompt.
步骤304:按照交易要求,选择提示输入有关数据:包括:交易金额、预授权金额、退货金额、原授权码、原POS流水号、原检索参考号等。Step 304: According to the transaction requirement, select prompt to input relevant data: including: transaction amount, pre-authorization amount, return amount, original authorization code, original POS serial number, original retrieval reference number, and the like.
步骤305:判断:传统POS交易处理流程?传统POS交易处理流程,采用的是设定好条件一次性打包上传寻求主机的授权的模式,支付方在输入安全信息之前无法直观的视觉判断支付终端是否为合法认证的。此步骤是为了兼容现有POS交易处理流程,本发明可以在现有POS交易处理流程中,通过增加一个获取反馈持卡人预留个性化欢迎语的步骤,让持卡人能鉴别交易支付终端的合法性。Step 305: Judging: the traditional POS transaction processing flow? The traditional POS transaction processing process adopts a mode in which the condition is set to upload and upload the authorization for the host once, and the paying party cannot visually judge whether the payment terminal is legally authenticated before inputting the security information. This step is to be compatible with the existing POS transaction processing flow, and the present invention can enable the cardholder to authenticate the transaction payment terminal by adding a step of obtaining a feedback cardholder to reserve a personalized welcome message in the existing POS transaction processing flow. Legitimacy.
如步骤305判断结果:传统POS交易处理流程?结果为是,则进入步骤307。As determined in step 305: the traditional POS transaction processing flow? If yes, go to step 307.
步骤307:按交易要求,提示持卡人输入密码:如直接按确认键,则视为无密码。Step 307: According to the transaction request, the cardholder is prompted to input a password: if the confirmation key is directly pressed, it is regarded as no password.
步骤311:提示处理中:显示处理和通讯状态,如拨号、发送、接收、自动冲正上送、批上送等。Step 311: Prompt processing: display processing and communication status, such as dialing, sending, receiving, automatic flushing, sending, and sending.
步骤312:按照交易和应答码,显示交易结果及打印签购单。Step 312: Display the transaction result and print the purchase order according to the transaction and response code.
如步骤305判断结果:传统POS交易处理流程?结果为否,则进入步骤306。As determined in step 305: the traditional POS transaction processing flow? If the result is no, the process proceeds to step 306.
步骤306:联机、发送报文,等待响应报文,从授权系统获取持卡人预留信息(个性化欢迎语)。Step 306: Online, send a message, wait for a response message, and obtain cardholder reservation information (personalized welcome message) from the authorization system.
步骤308:判断:显示预留信息(个性化欢迎语)和持卡人预留信息是否一致?此为本发明对现有POS交易处理流程的安全性增强措施。Step 308: Judging: Is the reservation information (personalized welcome message) and the cardholder reservation information consistent? This is a security enhancement measure for the existing POS transaction processing flow of the present invention.
如步骤308判断结果:显示预留信息(个性化欢迎语)和持卡人预留信息是否一致?结果为不一致,则进入步骤309。If the result is determined in step 308: Is the reservation information (personalized welcome message) and the cardholder reservation information consistent? If the result is inconsistent, the process proceeds to step 309.
步骤309:显示预留信息(个性化欢迎语)和持卡人预留信息不一致,可能为非法授权交易终端,持卡人终止候选支付操作。Step 309: Displaying the reservation information (personalized welcome message) and the cardholder reservation information are inconsistent, which may be an illegal authorization transaction terminal, and the cardholder terminates the candidate payment operation.
如步骤308判断结果:显示预留信息(个性化欢迎语)和持卡人预留信息是否一致?结果为一致,则进入步骤310。If the result is determined in step 308: Is the reservation information (personalized welcome message) and the cardholder reservation information consistent? If the result is consistent, then step 310 is entered.
步骤310:按照交易预留验证要求,提示持卡人输入相关预留安全验证信息:如密码、动态验证码、身份信息等。Step 310: In accordance with the transaction reservation verification requirement, the cardholder is prompted to input relevant reserved security verification information: such as a password, a dynamic verification code, and an identity information.
步骤311:提示处理中:显示处理和通讯状态,如拨号、发送、接收、自动冲正上送、批上送等。Step 311: Prompt processing: display processing and communication status, such as dialing, sending, receiving, automatic flushing, sending, and sending.
步骤312:按照交易和应答码,显示交易结果及打印签购单。 Step 312: Display the transaction result and print the purchase order according to the transaction and response code.

Claims (10)

  1. 一种基于可见码的多重安全组合机制的支付方法和系统,包括:A payment method and system for multiple security combination mechanisms based on visible codes, including:
    (1)持卡人通过网银、手机银行等自助设备,在发卡行/发卡机构系统里自助生成、管理用于交易支付的支付卡信息,并保存于授权认证系统中用来作为交易支付授权认证许可的安全依据。(1) Cardholders self-generate and manage payment card information for transaction payment in the issuing bank/card issuer system through self-service devices such as online banking and mobile banking, and store them in the authorization authentication system for use as transaction payment authorization certification. The security basis for the license.
    (2)支付卡信息中的支付卡号以可见码(二维码、条码和文字码或混合组合)方式发送、保存(复制、下载、彩信、短信等方式)到持卡人的存储媒介中,作为交易支付的凭证。(2) The payment card number in the payment card information is sent and saved (copy, download, MMS, SMS, etc.) to the cardholder's storage medium by visible code (two-dimensional code, barcode and text code or mixed combination). As a voucher for transaction payments.
    (3)交易支付终端在读取持卡人出示的支付卡可见码凭证后,联机收单行/收单机构系统,以直接或间接方式向发卡行/发卡机构的授权认证系统发出交易支付授权认证请求,并获得反馈信息。(3) After the transaction payment terminal reads the visible code certificate of the payment card presented by the cardholder, the online acquiring bank/acquisition institution system directly or indirectly issues the transaction payment authorization certificate to the issuing and issuing authority's authorization authentication system. Request and get feedback.
    (4)发卡行/发卡机构的授权认证系统在获得交易支付授权请求后,以预留的支付卡信息作为安全依据,执行相应的交易支付授权程序,并将授权结果反馈给交易支付终端。(4) After obtaining the transaction payment authorization request, the issuing authority/issuing authority authorization authentication system uses the reserved payment card information as a security basis, executes the corresponding transaction payment authorization procedure, and feeds back the authorization result to the transaction payment terminal.
  2. 如权利要求1所述的系统,其特征在于:步骤(1)中的支付卡信息,包括但不仅限下列内容:支付卡号、个性化欢迎语、收单行标识码、商户名称、商户编号、受卡机终端标识码、实际有效期(精确到分钟)、单次性卡/多次性卡、服务代码/服务约束、卡片验证码(CVN)、个人标识码、动态验证码接收号码、允许重输次数、交易货币代码、额度金额、持卡人身份认证信息(持卡人证件号码、指纹、数字证书、印鉴等)等,以上述各信息的组合作为支付卡的授权认证的安全要素,实现支付卡交易支付的多重安全组合机制。The system according to claim 1, wherein the payment card information in the step (1) includes but not limited to the following: a payment card number, a personalized welcome message, an acquirer identification code, a merchant name, a merchant number, and a Card machine terminal identification code, actual validity period (accurate to minute), single-time card/multi-digit card, service code/service constraint, card verification code (CVN), personal identification code, dynamic verification code receiving number, allow for re-transmission The number of times, the transaction currency code, the amount of the amount, the cardholder identity authentication information (cardholder ID number, fingerprint, digital certificate, seal, etc.), etc., using the combination of the above information as the security element of the authorization authentication of the payment card, to realize the payment Multiple security combination mechanisms for card transaction payments.
  3. 如权利要求1所述的系统,其特征在于:步骤(2)中的作为支付卡号表现形式的可见码(二维码、条码和文字码或混合组合)具有成本廉价、分发便捷的特点,同时,二维码、条形码具有便捷读取特性,而文字码具有最好的兼容适应性,兼容现有各种交易支付系统,用于交易支付(支付方设备的可脱机方式)。The system according to claim 1, wherein the visible code (two-dimensional code, bar code, and text code or mixed combination) in the step (2) as a form of payment card number expression is characterized by low cost and convenient distribution, and at the same time The two-dimensional code and barcode have convenient reading characteristics, and the text code has the best compatibility adaptability, and is compatible with various transaction payment systems for transaction payment (offline mode of the payer device).
  4. 如权利要求1所述的系统,其特征在于:步骤(2)中的存储媒介可以是电脑、手机、移动智能终端和可印制的材料(如卡片、支票、汇票和旅行支票等)等。The system of claim 1 wherein the storage medium in step (2) is a computer, a cell phone, a mobile smart terminal, and a printable material (such as a card, check, money order, traveler's check, etc.).
  5. 如权利要求1所述的系统,其特征在于:步骤(3),交易支付终端(互联网渠道、移动智能终端、ATM、POS、柜台等)获取支付卡号后,联机发出授权认证请求,获得并显示反馈信息,反馈信息中的持卡人预留的支付卡信息内容:个性化欢迎语,以便持卡人鉴别交易支付终端(互联网渠道、移动智能终端、ATM、POS、柜台等)的合法性。The system according to claim 1, wherein in step (3), after the transaction payment terminal (Internet channel, mobile intelligent terminal, ATM, POS, counter, etc.) obtains the payment card number, the authorization authentication request is issued online, and is obtained and displayed. Feedback information, the information of the payment card information reserved by the cardholder in the feedback information: personalized greetings, so that the cardholder can authenticate the legality of the transaction payment terminal (Internet channel, mobile intelligent terminal, ATM, POS, counter, etc.).
  6. 如权利要求1所述的系统,其特征在于:在整个交易支付环节中,无须向第三方(除账户所有人和发卡行/发卡机构之外)提供支付人的账户信息。The system of claim 1 wherein the third party (except for the account holder and the issuer/issuer) is not required to provide the payer's account information throughout the transaction payment session.
  7. 如权利要求2所述系统的处理方法,其特征在于:支付卡信息内容:收单行标识码、商户名称、商户编号、受卡机终端标识码的组合,构成有效交易对象范围限定,就如同汇款、转账交易中明确收款交易方的账户名和账号,避免欺诈交易。The processing method of the system according to claim 2, characterized in that: the payment card information content: the combination of the receipt line identification code, the merchant name, the merchant number, and the card acceptor terminal identification code, which constitutes a valid transaction object range, just like remittance In the transfer transaction, the account name and account number of the receiving party are clearly identified to avoid fraudulent transactions.
  8. 如权利要求2所述系统的处理方法,其特征在于:支付卡信息内容:收单行标识码、商户名称、商户编号、单次性卡/多次性卡、实际有效期(短有效期)和额度金额(小额)的组合,便于公交、地铁等小额快捷支付。The processing method of the system according to claim 2, characterized in that: the payment card information content: the receipt line identification code, the merchant name, the merchant number, the single card/multiple card, the actual validity period (short validity period) and the amount of the amount The combination of (small amount) is convenient for small and fast payment such as public transportation and subway.
  9. 如权利要求2所述系统的处理方法,其特征在于:支付卡信息内容:单次性卡/多次性卡、卡片验证码(CVN)、个人标识码、动态验证码接收号码(获取动态验证码)、额度金额、持卡人身份认证信息(持卡人证件号码、指纹、数字证书、印鉴等)的组合,构成合法有效持卡人安全交易限定。The processing method of the system according to claim 2, characterized in that: the payment card information content: a single-pass/multi-card, a card verification code (CVN), a personal identification code, and a dynamic verification code receiving number (acquiring dynamic verification) The combination of the code, the amount of the amount, the cardholder's identity authentication information (cardholder's ID number, fingerprint, digital certificate, seal, etc.) constitutes a valid and valid cardholder's secure transaction limit.
  10. 如权利要求3所述的处理方法,其特征在于:以可见码(二维码、条码和文字码或混合组合)形式表现的支付卡号加密存储于存储媒介中。 The processing method according to claim 3, wherein the payment card number represented in the form of a visible code (a two-dimensional code, a bar code, and a text code or a mixed combination) is encrypted and stored in the storage medium.
PCT/CN2014/095525 2014-04-11 2014-12-30 Payment method and system having multiple security composition mechanisms based on visible code WO2015154536A1 (en)

Applications Claiming Priority (2)

Application Number Priority Date Filing Date Title
CN2014101432591 2014-04-11
CN201410143259.1A CN103886449A (en) 2014-04-11 2014-04-11 Visible-code-based payment method and system with multiple security combination mechanisms

Publications (1)

Publication Number Publication Date
WO2015154536A1 true WO2015154536A1 (en) 2015-10-15

Family

ID=50955330

Family Applications (1)

Application Number Title Priority Date Filing Date
PCT/CN2014/095525 WO2015154536A1 (en) 2014-04-11 2014-12-30 Payment method and system having multiple security composition mechanisms based on visible code

Country Status (2)

Country Link
CN (1) CN103886449A (en)
WO (1) WO2015154536A1 (en)

Cited By (5)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN108171507A (en) * 2017-12-29 2018-06-15 广东汇卡商务服务有限公司 A kind of Quick Response Code payment transaction processing platform
CN109167666A (en) * 2018-08-31 2019-01-08 深圳众赢维融科技有限公司 Identifying code generation, decryption, method of mobile payment and device
CN110392041A (en) * 2019-06-17 2019-10-29 平安银行股份有限公司 Electronic authorization method, apparatus, storage equipment and storage medium
CN111464295A (en) * 2020-03-30 2020-07-28 中国工商银行股份有限公司 Bank card making method and device
CN111625380A (en) * 2020-07-28 2020-09-04 上海海栎创微电子有限公司 Control method for remote calling of calibration program

Families Citing this family (9)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN103886449A (en) * 2014-04-11 2014-06-25 闻进 Visible-code-based payment method and system with multiple security combination mechanisms
CN105427169B (en) * 2014-09-17 2021-05-11 中国银联股份有限公司 Security information interaction method for resource transfer
CN104318434A (en) * 2014-10-23 2015-01-28 尹玲 Safe payment method based on payment identification code
CN105590213A (en) * 2014-12-31 2016-05-18 中国银联股份有限公司 Security information interaction record generation and verification method
CN104702417A (en) * 2015-04-03 2015-06-10 成都爱维科创科技有限公司 Security authentication system and method
CN106204006A (en) * 2015-04-30 2016-12-07 深圳市银信网银科技有限公司 Based on across the payment system of fund server and method, device and server
US20170169432A1 (en) * 2015-12-15 2017-06-15 Mastercard International Incorporated System and method of identifying baker's fraud in transactions
CN106251148B (en) * 2016-08-12 2021-09-10 闻进 Safe payment method for interactively acquiring acceptance terminal information and associating payment card information
CN107688940A (en) * 2017-05-10 2018-02-13 平安科技(深圳)有限公司 Bio-identification transaction processing method and system

Citations (4)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
KR20130009890A (en) * 2013-01-04 2013-01-23 변동삼 The security online payment system and those methods based on two dimensions code scanning with a device containing encrypted payment authentication information
CN103020818A (en) * 2013-01-09 2013-04-03 重庆新亚盟电子科技有限公司 Payment system utilizing dynamic two-dimensional verification codes
CN103473674A (en) * 2012-11-20 2013-12-25 苏州沃通信息科技有限公司 Mobile payment system based on two-dimensional code
CN103886449A (en) * 2014-04-11 2014-06-25 闻进 Visible-code-based payment method and system with multiple security combination mechanisms

Patent Citations (4)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN103473674A (en) * 2012-11-20 2013-12-25 苏州沃通信息科技有限公司 Mobile payment system based on two-dimensional code
KR20130009890A (en) * 2013-01-04 2013-01-23 변동삼 The security online payment system and those methods based on two dimensions code scanning with a device containing encrypted payment authentication information
CN103020818A (en) * 2013-01-09 2013-04-03 重庆新亚盟电子科技有限公司 Payment system utilizing dynamic two-dimensional verification codes
CN103886449A (en) * 2014-04-11 2014-06-25 闻进 Visible-code-based payment method and system with multiple security combination mechanisms

Cited By (8)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN108171507A (en) * 2017-12-29 2018-06-15 广东汇卡商务服务有限公司 A kind of Quick Response Code payment transaction processing platform
CN109167666A (en) * 2018-08-31 2019-01-08 深圳众赢维融科技有限公司 Identifying code generation, decryption, method of mobile payment and device
CN110392041A (en) * 2019-06-17 2019-10-29 平安银行股份有限公司 Electronic authorization method, apparatus, storage equipment and storage medium
CN110392041B (en) * 2019-06-17 2022-05-06 平安银行股份有限公司 Electronic authorization method, device, storage equipment and storage medium
CN111464295A (en) * 2020-03-30 2020-07-28 中国工商银行股份有限公司 Bank card making method and device
CN111464295B (en) * 2020-03-30 2022-11-15 中国工商银行股份有限公司 Bank card making method and device
CN111625380A (en) * 2020-07-28 2020-09-04 上海海栎创微电子有限公司 Control method for remote calling of calibration program
CN111625380B (en) * 2020-07-28 2021-02-23 上海海栎创科技股份有限公司 Control method for remote calling of calibration program

Also Published As

Publication number Publication date
CN103886449A (en) 2014-06-25

Similar Documents

Publication Publication Date Title
WO2015154536A1 (en) Payment method and system having multiple security composition mechanisms based on visible code
US20180053167A1 (en) Processing of financial transactions using debit networks
CN105960776B (en) Token authentication using limited-use credentials
RU2648944C2 (en) Methods, devices, and systems for secure provisioning, transmission and authentication of payment data
CA2860586C (en) Systems, methods, and computer program products providing payment in cooperation with emv card readers
KR101903709B1 (en) Method and system for generating an advanced storage key in a mobile device without secure elements
CN104599408B (en) Third party's account ATM withdrawal method and system based on dynamic two-dimension code
CN107230068B (en) Method and system for paying digital currency using a visual digital currency chip card
KR20010025234A (en) A certification method of credit of a financing card based on fingerprint and a certification system thereof
US11138593B1 (en) Systems and methods for contactless smart card authentication
US20100280946A1 (en) Transaction authorisation system
WO2014108916A1 (en) A computer implemented system and method for cashless and cardless transactions
US20180308076A1 (en) Electronic financial processing system using personal atm terminal and method for processing thereof
CN107230072B (en) Method and system for online payment using digital currency chip card
CN105590193A (en) Dual-channel payment information uploading payment method and payment system
DE102013212646A1 (en) Electronic transaction procedure and computer system
JP6132923B2 (en) System and method for securely storing and transferring electronic money
CN112970234A (en) Account assertions
US20060186191A1 (en) Methods and apparatus for providing a security value for a payment device
CN107230300B (en) Method and system for exchanging physical cash by using digital currency chip card
TWI464699B (en) And a payment system and a method for trading with an ID card containing an IC card
Nassar et al. Method for secure credit card transaction
WO2012070923A1 (en) A method and a system to ensure a secured online transaction for a debit card
CN108780547B (en) Proxy device for representing multiple certificates
US20200410493A1 (en) Computer Implemented System and Method for Cashless and Cardless Transactions

Legal Events

Date Code Title Description
121 Ep: the epo has been informed by wipo that ep was designated in this application

Ref document number: 14888868

Country of ref document: EP

Kind code of ref document: A1

NENP Non-entry into the national phase

Ref country code: DE

122 Ep: pct application non-entry in european phase

Ref document number: 14888868

Country of ref document: EP

Kind code of ref document: A1