WO2015176364A1 - Procédé de paiement, terminal mobile, module d'identité d'abonné et support d'informations pour ordinateur - Google Patents

Procédé de paiement, terminal mobile, module d'identité d'abonné et support d'informations pour ordinateur Download PDF

Info

Publication number
WO2015176364A1
WO2015176364A1 PCT/CN2014/081630 CN2014081630W WO2015176364A1 WO 2015176364 A1 WO2015176364 A1 WO 2015176364A1 CN 2014081630 W CN2014081630 W CN 2014081630W WO 2015176364 A1 WO2015176364 A1 WO 2015176364A1
Authority
WO
WIPO (PCT)
Prior art keywords
payment
mobile terminal
key
subscriber identity
payment key
Prior art date
Application number
PCT/CN2014/081630
Other languages
English (en)
Chinese (zh)
Inventor
杨立敏
王余雷
Original Assignee
中兴通讯股份有限公司
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by 中兴通讯股份有限公司 filed Critical 中兴通讯股份有限公司
Publication of WO2015176364A1 publication Critical patent/WO2015176364A1/fr

Links

Classifications

    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06QINFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES, NOT OTHERWISE PROVIDED FOR
    • G06Q20/00Payment architectures, schemes or protocols
    • G06Q20/30Payment architectures, schemes or protocols characterised by the use of specific devices or networks
    • G06Q20/34Payment architectures, schemes or protocols characterised by the use of specific devices or networks using cards, e.g. integrated circuit [IC] cards or magnetic cards

Definitions

  • the present invention relates to the field of payment, and in particular, to a payment method, a mobile terminal, a user identification card, and a computer storage medium. Background technique
  • the main technical problem to be solved by the present invention is to provide a payment method, a mobile terminal, a user identification card, and a computer storage medium, which solves the problem of low security factor of the existing mobile payment.
  • an embodiment of the present invention provides a payment method, which is applied to a mobile terminal, and includes:
  • the corresponding payment key is obtained from the secure element chip of the user identification card according to the payment account information input by the user.
  • the method when the detecting the payment operation, the method further includes: acquiring a clear text payment password input by the user;
  • the method further includes:
  • the embodiment of the present invention further provides a payment method, which is applied to a user identification card, and includes:
  • the corresponding payment key is obtained from the secure element chip and then transmitted to the mobile terminal.
  • the method further includes:
  • the access authority of the mobile terminal When receiving the payment key acquisition request of the mobile terminal, the access authority of the mobile terminal is authenticated; after the authentication is passed, the corresponding payment key is obtained from the secure component chip, and then sent to the mobile terminal.
  • the subscriber identity card is a one-line protocol subscriber identity card.
  • an embodiment of the present invention further provides a mobile terminal, including: an account management module, and a first information acquisition module.
  • the account management module is configured to store the payment account information and the corresponding payment key in the secure element chip of the user identification card;
  • the information obtaining module is configured to acquire a corresponding payment key from the secure element chip of the user identification card according to the payment account information input by the user when the payment is detected.
  • the method further includes a second information acquiring module and a payment processing module, where the second information acquiring module is configured to acquire a plaintext payment password input by the user when the payment is detected;
  • the payment processing module is configured to encrypt the plaintext payment password and the obtained payment key into a ciphertext and send the payment to the network side for payment authentication.
  • an embodiment of the present invention further provides a user identification card, including a storage module and a sending module;
  • the storage module is configured to store payment account information and a corresponding payment key in a secure element chip of the user identification card;
  • the sending module is configured to, after receiving the payment key acquisition request of the mobile terminal, acquire the corresponding payment key from the secure element chip, and then send the corresponding payment key to the mobile terminal.
  • the method further includes an authentication module configured to authenticate the access authority of the mobile terminal when receiving the payment key acquisition request of the mobile terminal.
  • the subscriber identity card is a one-line protocol subscriber identity card.
  • an embodiment of the present invention further provides a computer storage medium storing computer executable instructions for executing the above method.
  • the payment method, the mobile terminal, the user identification card, and the computer storage medium provided by the embodiment of the present invention pre-store the payment account information and the corresponding payment key into the secure component chip of the user identification card; when paying, according to the payment input by the user
  • the account information is obtained from the secure element chip of the user identification card, and then the payment is completed according to the obtained payment key. Since the payment key is stored in the secure component chip of the user identification card, the access of the malware can be effectively blocked, and the security of the mobile payment is improved; and the implementation of the solution does not require an additional encryption chip, and does not increase. Hardware cost; At the same time, if the mobile terminal is lost, other users can be blocked from obtaining the payment key by reporting the loss of the user identification card at the operator.
  • the embodiment of the present invention encrypts the plaintext payment password and the payment key into a ciphertext and exchanges with the financial server; even if the plaintext password is intercepted by the malware, it will not be stolen, which can further improve the security of the payment.
  • FIG. 1 is a schematic flowchart of a payment method according to Embodiment 1 of the present invention.
  • FIG. 2 is a schematic diagram of a mobile payment process according to Embodiment 1 of the present invention.
  • FIG. 3 is a schematic structural diagram of a payment system according to Embodiment 2 of the present invention.
  • FIG. 4 is a schematic structural diagram 1 of a mobile terminal according to Embodiment 2 of the present invention.
  • FIG. 5 is a schematic structural diagram of a user identification card according to Embodiment 2 of the present invention - detailed description
  • the invention pre-stores the payment account information and the corresponding payment key into the secure element chip (Secure Element, SE chip, which can be packaged in the SWP-SIM card and can run the java virtual machine) of the user identification card; Obtaining a corresponding payment key from the secure element chip of the user identification card according to the payment account information input by the user, and then completing the payment according to the obtained payment key.
  • the payment key is stored in the security component chip of the user identification card, which can effectively block the access of the malware and improve the security of the mobile payment; and the implementation of the solution does not require an additional encryption chip, and does not increase the hardware cost; If the mobile terminal is lost, other users can be blocked from obtaining the payment key by reporting the loss of the subscriber identity card at the operator.
  • the embodiment of the present invention encrypts the plaintext payment password and the payment key into a ciphertext by using a key to interact with the financial server; even if the plaintext password is intercepted by the malware, it will not be stolen, and the payment may be further improved. safety.
  • Embodiment 1 is a diagrammatic representation of Embodiment 1:
  • the payment method provided in this embodiment includes the following steps:
  • Step 101 The payment account information and the corresponding payment key are stored in a secure component chip (ie, a SE chip) of the user identification card (SIM card);
  • a secure component chip ie, a SE chip
  • SIM card user identification card
  • Step 102 When paying, obtain a corresponding payment key from the security element chip of the user identification card according to the payment account information input by the user;
  • Step 103 Complete the payment according to the obtained payment key.
  • the SIM card may be a single-line protocol subscriber identity card (SWP-SIM card).
  • SWP-SIM card single-line protocol subscriber identity card
  • NFC mobile terminal such as a mobile phone
  • the authentication step may be further included. Specifically, the access to the current acquisition payment key is performed. Authority judgment.
  • the client authenticated by the operator the client can be set in various mobile terminals
  • the client has legal access rights, and other clients have no right to access, so that the malicious client can prevent the user from identifying the card. Threat. Further improve the security of mobile payments.
  • the user inputs the payment account information and the plaintext payment password, and then finds the corresponding payment key according to the payment account information to the SE chip; and then encrypts the plaintext password and the payment key into encrypted ciphertexts by encryption to the financial server.
  • the complete specific process illustrated by mobile payment as an example, as shown in Figure 2, including:
  • Step 201 When the mobile phone pays, the user inputs the payment account information and the clear text payment password to confirm the payment;
  • Step 202 Determine the access authority of the mobile phone in response to the client, if there is permission, go to step 203; otherwise, go to step 206;
  • Step 203 Acquire a corresponding payment key from the SE chip of the SIM card according to the account information input by the user;
  • Step 204 Encrypt the plaintext payment password and the payment key into a ciphertext, and send the message to the financial server.
  • Step 205 The financial server performs payment authentication and completes the payment.
  • Step 206 No access, denied access, prompt "Payment failed.”
  • Embodiment 2
  • the payment system in this embodiment is shown in FIG. 3, and includes a financial server and a mobile terminal.
  • the mobile terminal includes an account management module, a first information acquiring module, and a payment processing module.
  • the account management module is configured to store the payment account information and the corresponding payment key into the secure component chip of the user identification card;
  • the first information acquiring module is configured to acquire, according to the payment account information input by the user, a corresponding payment key from the secure component chip of the user identification card;
  • the payment processing module is configured to complete the payment according to the obtained payment key.
  • the SIM card may be a single-line protocol subscriber identity card (SWP-SIM card).
  • SWP-SIM card single-line protocol subscriber identity card
  • NFC mobile terminal such as a mobile phone
  • an additional encryption chip is not needed, and the hardware cost is not increased.
  • the mobile terminal further includes a second information obtaining module configured to receive the user input plaintext payment password before acquiring the corresponding payment key from the secure element chip of the user identification card according to the payment account information input by the user.
  • the payment processing module includes an encryption sub-module and a transmission sub-module; the encryption sub-module is configured to encrypt the plaintext payment password and the obtained payment key into a ciphertext; the sending sub-module is configured to send the ciphertext to The financial server performs payment authentication.
  • the embodiment further provides a user identification card, which can be applied to various mobile terminals.
  • a user identification card which can be applied to various mobile terminals.
  • it includes a storage processing module and a sending module.
  • the storage processing module is configured to The payment account information and the corresponding payment key are stored in the secure element chip of the user identification card;
  • the sending module is configured to, after receiving the payment key acquisition request of the mobile terminal, acquire the corresponding payment key from the secure element chip, and then send the corresponding payment key to the mobile terminal; the first information obtaining module of the mobile terminal receives the payment key.
  • the user identification card further includes an authentication module configured to access the mobile terminal when receiving the payment key acquisition request sent by the first information acquiring module of the mobile terminal. Perform authentication;
  • the access permission of the first information acquiring module is authenticated.
  • the access permission of the first information acquiring module is authenticated.
  • only the first information acquiring module that has been authenticated by the operator has legal access rights, and other clients have no right to access, thereby preventing malicious clients.
  • Threat to the user identification card. Further improve the security of mobile payments.
  • Embodiments of the present invention also provide a computer storage medium in which computer executable instructions are stored, the computer executable instructions being used to perform the above method. It can be seen that the solution provided by the embodiment of the present invention has the following advantages:
  • the account management module described in the embodiment of the present invention can completely prevent the illegal access of the malware. If the mobile terminal is lost, you can report the loss of the SIM card at the carrier.
  • the plaintext payment password is encrypted by the key into a ciphertext and interacts with the financial server; even if the plaintext password is intercepted by the malware, it will not be stolen.
  • Each of the above modules may be implemented by a central processing unit (CPU), a digital signal processor (DSP) or a Field-Programmable Gate Array (FPGA) in the electronic device.
  • CPU central processing unit
  • DSP digital signal processor
  • FPGA Field-Programmable Gate Array
  • embodiments of the present invention can be provided as a method, system, or computer program product. Accordingly, the present invention may take the form of a hardware embodiment, a software embodiment, or an embodiment of a combination of software and hardware. Moreover, the invention can be embodied in the form of a computer program product embodied on one or more computer usable storage media (including but not limited to disk storage and optical storage, etc.) including computer usable program code.
  • These computer program instructions can also be stored in a bootable computer or other programmable data processing
  • the apparatus is readable in a computer readable memory in a particular manner, such that instructions stored in the computer readable memory produce an article of manufacture comprising an instruction device implemented in one or more flows and/or block diagrams of the flowchart The function specified in the box or in multiple boxes.
  • These computer program instructions can also be loaded onto a computer or other programmable data processing device such that a series of operational steps are performed on a computer or other programmable device to produce computer-implemented processing for execution on a computer or other programmable device.
  • the instructions provide steps for implementing the functions specified in one or more of the flow or in a block or blocks of a flow diagram.
  • the payment method, the mobile terminal, the user identification card, and the computer storage medium provided by the embodiments of the present invention deposit the payment account information and the corresponding payment key into the secure component chip of the user identification card in advance;
  • the input payment account information is obtained from the secure element chip of the user identification card, and then the payment is completed according to the obtained payment key.
  • the embodiment of the present invention encrypts the plaintext payment password and the payment key into a ciphertext and exchanges with the financial server; even if the plaintext password is intercepted by the malware, it will not be stolen, which can further improve the security of the payment.

Landscapes

  • Engineering & Computer Science (AREA)
  • Business, Economics & Management (AREA)
  • Microelectronics & Electronic Packaging (AREA)
  • Computer Networks & Wireless Communication (AREA)
  • Accounting & Taxation (AREA)
  • Strategic Management (AREA)
  • Physics & Mathematics (AREA)
  • General Business, Economics & Management (AREA)
  • General Physics & Mathematics (AREA)
  • Theoretical Computer Science (AREA)
  • Financial Or Insurance-Related Operations Such As Payment And Settlement (AREA)

Abstract

L'invention concerne un procédé de paiement, un terminal mobile, un module d'identité d'abonné et un support d'informations pour ordinateur. Un procédé est appliqué au terminal mobile, et ce procédé consiste : à mémoriser au préalable des informations de compte de paiement et une clé de paiement correspondante dans une puce d'élément de sécurité du module d'identité d'abonné ; pendant le paiement, à obtenir la clé de paiement correspondante à partir de la puce d'élément de sécurité du module d'identité d'abonné en fonction des informations de compte de paiement entrées par un utilisateur, puis à achever le paiement selon la clé de paiement obtenue. Un autre procédé est appliqué au module d'identité d'abonné, et ce procédé consiste : à mémoriser les informations de compte de paiement et la clé de paiement correspondante dans la puce d'élément de sécurité ; et, lors de la réception d'une demande d'obtention de clé de paiement en provenance du terminal mobile, à obtenir la clé de paiement correspondante à partir de la puce d'élément de sécurité puis à envoyer cette clé de paiement au terminal mobile. En conséquence, l'invention porte également, selon le mode de réalisation, sur un terminal mobile, un module d'identité d'abonné et un support d'informations pour ordinateur.
PCT/CN2014/081630 2014-05-19 2014-07-04 Procédé de paiement, terminal mobile, module d'identité d'abonné et support d'informations pour ordinateur WO2015176364A1 (fr)

Applications Claiming Priority (2)

Application Number Priority Date Filing Date Title
CN201410211182.7A CN105096116A (zh) 2014-05-19 2014-05-19 支付方法、移动终端及用户识别卡
CN201410211182.7 2014-05-19

Publications (1)

Publication Number Publication Date
WO2015176364A1 true WO2015176364A1 (fr) 2015-11-26

Family

ID=54553280

Family Applications (1)

Application Number Title Priority Date Filing Date
PCT/CN2014/081630 WO2015176364A1 (fr) 2014-05-19 2014-07-04 Procédé de paiement, terminal mobile, module d'identité d'abonné et support d'informations pour ordinateur

Country Status (2)

Country Link
CN (1) CN105096116A (fr)
WO (1) WO2015176364A1 (fr)

Families Citing this family (1)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN106330888B (zh) * 2016-08-19 2019-08-27 中国银行股份有限公司 一种保证互联网线上支付安全性的方法及装置

Citations (4)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN101216915A (zh) * 2008-01-21 2008-07-09 深圳市路通网络技术有限公司 安全移动支付方法
CN101261708A (zh) * 2008-04-21 2008-09-10 中兴通讯股份有限公司 基于支持eNFC功能移动终端的在线支付方法和系统
EP2216742A1 (fr) * 2009-02-09 2010-08-11 C. Patrick Reich Procédé de paiement mobile et dispositifs
CN103679444A (zh) * 2012-09-26 2014-03-26 浙江省公众信息产业有限公司 一种利用移动电话智能卡实现手机支付的系统和方法

Family Cites Families (5)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN101252729A (zh) * 2008-04-10 2008-08-27 上海柯源软件有限公司 采用sim卡增强支付类芯片功能的方法
CN102194175A (zh) * 2010-03-16 2011-09-21 中国移动通信集团公司 一种安全支付方法和安全支付终端
CN103093353A (zh) * 2011-10-31 2013-05-08 深圳光启高等理工研究院 基于rfid-sim卡的账号安全保护方法及装置
CN102737308B (zh) * 2012-06-08 2015-08-12 中兴通讯股份有限公司 一种移动终端及其查询智能卡信息的方法和系统
CN103164738B (zh) * 2013-02-06 2015-09-30 厦门盛华电子科技有限公司 一种基于移动支付多通道数字认证的手机用户识别卡

Patent Citations (4)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN101216915A (zh) * 2008-01-21 2008-07-09 深圳市路通网络技术有限公司 安全移动支付方法
CN101261708A (zh) * 2008-04-21 2008-09-10 中兴通讯股份有限公司 基于支持eNFC功能移动终端的在线支付方法和系统
EP2216742A1 (fr) * 2009-02-09 2010-08-11 C. Patrick Reich Procédé de paiement mobile et dispositifs
CN103679444A (zh) * 2012-09-26 2014-03-26 浙江省公众信息产业有限公司 一种利用移动电话智能卡实现手机支付的系统和方法

Also Published As

Publication number Publication date
CN105096116A (zh) 2015-11-25

Similar Documents

Publication Publication Date Title
US20210367795A1 (en) Identity-Linked Authentication Through A User Certificate System
EP3100171B1 (fr) Authentification de client à l'aide de données de relations sociales
US9780950B1 (en) Authentication of PKI credential by use of a one time password and pin
US9231925B1 (en) Network authentication method for secure electronic transactions
US11501294B2 (en) Method and device for providing and obtaining graphic code information, and terminal
CN110299996B (zh) 认证方法、设备及系统
US20190173873A1 (en) Identity verification document request handling utilizing a user certificate system and user identity document repository
WO2015180691A1 (fr) Procédé et dispositif d'accord sur des clés pour informations de validation
EP2954448B1 (fr) Transmission de données sensibles à des dispositifs tiers compatibles réseau
WO2016177052A1 (fr) Procédé et appareil d'authentification d'utilisateur
CN109039652B (zh) 一种数字通证的生成及应用方法
TWI632798B (zh) 伺服器、行動終端機、網路實名認證系統及方法
US11146554B2 (en) System, method, and apparatus for secure identity authentication
EP2692162A1 (fr) Connexion de dispositifs mobiles, de véhicules connectés à internet et de services en nuage
JP2012530311A5 (fr)
US8397281B2 (en) Service assisted secret provisioning
CN111131416A (zh) 业务服务的提供方法和装置、存储介质、电子装置
WO2015180689A1 (fr) Procédé et appareil d'acquisition d'informations de vérification
WO2017050147A1 (fr) Procédé et dispositif d'enregistrement et d'authentification d'informations
CN105516066B (zh) 一种对中间人的存在进行辨识的方法及装置
CN108768941B (zh) 一种远程解锁安全设备的方法及装置
CN110838919B (zh) 通信方法、存储方法、运算方法及装置
CN108900595B (zh) 访问云存储服务器数据的方法、装置、设备及计算介质
CN117063174A (zh) 用于通过基于app的身份的app间相互信任的安全模块及方法
WO2015176364A1 (fr) Procédé de paiement, terminal mobile, module d'identité d'abonné et support d'informations pour ordinateur

Legal Events

Date Code Title Description
121 Ep: the epo has been informed by wipo that ep was designated in this application

Ref document number: 14892620

Country of ref document: EP

Kind code of ref document: A1

NENP Non-entry into the national phase

Ref country code: DE

122 Ep: pct application non-entry in european phase

Ref document number: 14892620

Country of ref document: EP

Kind code of ref document: A1