WO2015176364A1 - Procédé de paiement, terminal mobile, module d'identité d'abonné et support d'informations pour ordinateur - Google Patents
Procédé de paiement, terminal mobile, module d'identité d'abonné et support d'informations pour ordinateur Download PDFInfo
- Publication number
- WO2015176364A1 WO2015176364A1 PCT/CN2014/081630 CN2014081630W WO2015176364A1 WO 2015176364 A1 WO2015176364 A1 WO 2015176364A1 CN 2014081630 W CN2014081630 W CN 2014081630W WO 2015176364 A1 WO2015176364 A1 WO 2015176364A1
- Authority
- WO
- WIPO (PCT)
- Prior art keywords
- payment
- mobile terminal
- key
- subscriber identity
- payment key
- Prior art date
Links
Classifications
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06Q—INFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES, NOT OTHERWISE PROVIDED FOR
- G06Q20/00—Payment architectures, schemes or protocols
- G06Q20/30—Payment architectures, schemes or protocols characterised by the use of specific devices or networks
- G06Q20/34—Payment architectures, schemes or protocols characterised by the use of specific devices or networks using cards, e.g. integrated circuit [IC] cards or magnetic cards
Definitions
- the present invention relates to the field of payment, and in particular, to a payment method, a mobile terminal, a user identification card, and a computer storage medium. Background technique
- the main technical problem to be solved by the present invention is to provide a payment method, a mobile terminal, a user identification card, and a computer storage medium, which solves the problem of low security factor of the existing mobile payment.
- an embodiment of the present invention provides a payment method, which is applied to a mobile terminal, and includes:
- the corresponding payment key is obtained from the secure element chip of the user identification card according to the payment account information input by the user.
- the method when the detecting the payment operation, the method further includes: acquiring a clear text payment password input by the user;
- the method further includes:
- the embodiment of the present invention further provides a payment method, which is applied to a user identification card, and includes:
- the corresponding payment key is obtained from the secure element chip and then transmitted to the mobile terminal.
- the method further includes:
- the access authority of the mobile terminal When receiving the payment key acquisition request of the mobile terminal, the access authority of the mobile terminal is authenticated; after the authentication is passed, the corresponding payment key is obtained from the secure component chip, and then sent to the mobile terminal.
- the subscriber identity card is a one-line protocol subscriber identity card.
- an embodiment of the present invention further provides a mobile terminal, including: an account management module, and a first information acquisition module.
- the account management module is configured to store the payment account information and the corresponding payment key in the secure element chip of the user identification card;
- the information obtaining module is configured to acquire a corresponding payment key from the secure element chip of the user identification card according to the payment account information input by the user when the payment is detected.
- the method further includes a second information acquiring module and a payment processing module, where the second information acquiring module is configured to acquire a plaintext payment password input by the user when the payment is detected;
- the payment processing module is configured to encrypt the plaintext payment password and the obtained payment key into a ciphertext and send the payment to the network side for payment authentication.
- an embodiment of the present invention further provides a user identification card, including a storage module and a sending module;
- the storage module is configured to store payment account information and a corresponding payment key in a secure element chip of the user identification card;
- the sending module is configured to, after receiving the payment key acquisition request of the mobile terminal, acquire the corresponding payment key from the secure element chip, and then send the corresponding payment key to the mobile terminal.
- the method further includes an authentication module configured to authenticate the access authority of the mobile terminal when receiving the payment key acquisition request of the mobile terminal.
- the subscriber identity card is a one-line protocol subscriber identity card.
- an embodiment of the present invention further provides a computer storage medium storing computer executable instructions for executing the above method.
- the payment method, the mobile terminal, the user identification card, and the computer storage medium provided by the embodiment of the present invention pre-store the payment account information and the corresponding payment key into the secure component chip of the user identification card; when paying, according to the payment input by the user
- the account information is obtained from the secure element chip of the user identification card, and then the payment is completed according to the obtained payment key. Since the payment key is stored in the secure component chip of the user identification card, the access of the malware can be effectively blocked, and the security of the mobile payment is improved; and the implementation of the solution does not require an additional encryption chip, and does not increase. Hardware cost; At the same time, if the mobile terminal is lost, other users can be blocked from obtaining the payment key by reporting the loss of the user identification card at the operator.
- the embodiment of the present invention encrypts the plaintext payment password and the payment key into a ciphertext and exchanges with the financial server; even if the plaintext password is intercepted by the malware, it will not be stolen, which can further improve the security of the payment.
- FIG. 1 is a schematic flowchart of a payment method according to Embodiment 1 of the present invention.
- FIG. 2 is a schematic diagram of a mobile payment process according to Embodiment 1 of the present invention.
- FIG. 3 is a schematic structural diagram of a payment system according to Embodiment 2 of the present invention.
- FIG. 4 is a schematic structural diagram 1 of a mobile terminal according to Embodiment 2 of the present invention.
- FIG. 5 is a schematic structural diagram of a user identification card according to Embodiment 2 of the present invention - detailed description
- the invention pre-stores the payment account information and the corresponding payment key into the secure element chip (Secure Element, SE chip, which can be packaged in the SWP-SIM card and can run the java virtual machine) of the user identification card; Obtaining a corresponding payment key from the secure element chip of the user identification card according to the payment account information input by the user, and then completing the payment according to the obtained payment key.
- the payment key is stored in the security component chip of the user identification card, which can effectively block the access of the malware and improve the security of the mobile payment; and the implementation of the solution does not require an additional encryption chip, and does not increase the hardware cost; If the mobile terminal is lost, other users can be blocked from obtaining the payment key by reporting the loss of the subscriber identity card at the operator.
- the embodiment of the present invention encrypts the plaintext payment password and the payment key into a ciphertext by using a key to interact with the financial server; even if the plaintext password is intercepted by the malware, it will not be stolen, and the payment may be further improved. safety.
- Embodiment 1 is a diagrammatic representation of Embodiment 1:
- the payment method provided in this embodiment includes the following steps:
- Step 101 The payment account information and the corresponding payment key are stored in a secure component chip (ie, a SE chip) of the user identification card (SIM card);
- a secure component chip ie, a SE chip
- SIM card user identification card
- Step 102 When paying, obtain a corresponding payment key from the security element chip of the user identification card according to the payment account information input by the user;
- Step 103 Complete the payment according to the obtained payment key.
- the SIM card may be a single-line protocol subscriber identity card (SWP-SIM card).
- SWP-SIM card single-line protocol subscriber identity card
- NFC mobile terminal such as a mobile phone
- the authentication step may be further included. Specifically, the access to the current acquisition payment key is performed. Authority judgment.
- the client authenticated by the operator the client can be set in various mobile terminals
- the client has legal access rights, and other clients have no right to access, so that the malicious client can prevent the user from identifying the card. Threat. Further improve the security of mobile payments.
- the user inputs the payment account information and the plaintext payment password, and then finds the corresponding payment key according to the payment account information to the SE chip; and then encrypts the plaintext password and the payment key into encrypted ciphertexts by encryption to the financial server.
- the complete specific process illustrated by mobile payment as an example, as shown in Figure 2, including:
- Step 201 When the mobile phone pays, the user inputs the payment account information and the clear text payment password to confirm the payment;
- Step 202 Determine the access authority of the mobile phone in response to the client, if there is permission, go to step 203; otherwise, go to step 206;
- Step 203 Acquire a corresponding payment key from the SE chip of the SIM card according to the account information input by the user;
- Step 204 Encrypt the plaintext payment password and the payment key into a ciphertext, and send the message to the financial server.
- Step 205 The financial server performs payment authentication and completes the payment.
- Step 206 No access, denied access, prompt "Payment failed.”
- Embodiment 2
- the payment system in this embodiment is shown in FIG. 3, and includes a financial server and a mobile terminal.
- the mobile terminal includes an account management module, a first information acquiring module, and a payment processing module.
- the account management module is configured to store the payment account information and the corresponding payment key into the secure component chip of the user identification card;
- the first information acquiring module is configured to acquire, according to the payment account information input by the user, a corresponding payment key from the secure component chip of the user identification card;
- the payment processing module is configured to complete the payment according to the obtained payment key.
- the SIM card may be a single-line protocol subscriber identity card (SWP-SIM card).
- SWP-SIM card single-line protocol subscriber identity card
- NFC mobile terminal such as a mobile phone
- an additional encryption chip is not needed, and the hardware cost is not increased.
- the mobile terminal further includes a second information obtaining module configured to receive the user input plaintext payment password before acquiring the corresponding payment key from the secure element chip of the user identification card according to the payment account information input by the user.
- the payment processing module includes an encryption sub-module and a transmission sub-module; the encryption sub-module is configured to encrypt the plaintext payment password and the obtained payment key into a ciphertext; the sending sub-module is configured to send the ciphertext to The financial server performs payment authentication.
- the embodiment further provides a user identification card, which can be applied to various mobile terminals.
- a user identification card which can be applied to various mobile terminals.
- it includes a storage processing module and a sending module.
- the storage processing module is configured to The payment account information and the corresponding payment key are stored in the secure element chip of the user identification card;
- the sending module is configured to, after receiving the payment key acquisition request of the mobile terminal, acquire the corresponding payment key from the secure element chip, and then send the corresponding payment key to the mobile terminal; the first information obtaining module of the mobile terminal receives the payment key.
- the user identification card further includes an authentication module configured to access the mobile terminal when receiving the payment key acquisition request sent by the first information acquiring module of the mobile terminal. Perform authentication;
- the access permission of the first information acquiring module is authenticated.
- the access permission of the first information acquiring module is authenticated.
- only the first information acquiring module that has been authenticated by the operator has legal access rights, and other clients have no right to access, thereby preventing malicious clients.
- Threat to the user identification card. Further improve the security of mobile payments.
- Embodiments of the present invention also provide a computer storage medium in which computer executable instructions are stored, the computer executable instructions being used to perform the above method. It can be seen that the solution provided by the embodiment of the present invention has the following advantages:
- the account management module described in the embodiment of the present invention can completely prevent the illegal access of the malware. If the mobile terminal is lost, you can report the loss of the SIM card at the carrier.
- the plaintext payment password is encrypted by the key into a ciphertext and interacts with the financial server; even if the plaintext password is intercepted by the malware, it will not be stolen.
- Each of the above modules may be implemented by a central processing unit (CPU), a digital signal processor (DSP) or a Field-Programmable Gate Array (FPGA) in the electronic device.
- CPU central processing unit
- DSP digital signal processor
- FPGA Field-Programmable Gate Array
- embodiments of the present invention can be provided as a method, system, or computer program product. Accordingly, the present invention may take the form of a hardware embodiment, a software embodiment, or an embodiment of a combination of software and hardware. Moreover, the invention can be embodied in the form of a computer program product embodied on one or more computer usable storage media (including but not limited to disk storage and optical storage, etc.) including computer usable program code.
- These computer program instructions can also be stored in a bootable computer or other programmable data processing
- the apparatus is readable in a computer readable memory in a particular manner, such that instructions stored in the computer readable memory produce an article of manufacture comprising an instruction device implemented in one or more flows and/or block diagrams of the flowchart The function specified in the box or in multiple boxes.
- These computer program instructions can also be loaded onto a computer or other programmable data processing device such that a series of operational steps are performed on a computer or other programmable device to produce computer-implemented processing for execution on a computer or other programmable device.
- the instructions provide steps for implementing the functions specified in one or more of the flow or in a block or blocks of a flow diagram.
- the payment method, the mobile terminal, the user identification card, and the computer storage medium provided by the embodiments of the present invention deposit the payment account information and the corresponding payment key into the secure component chip of the user identification card in advance;
- the input payment account information is obtained from the secure element chip of the user identification card, and then the payment is completed according to the obtained payment key.
- the embodiment of the present invention encrypts the plaintext payment password and the payment key into a ciphertext and exchanges with the financial server; even if the plaintext password is intercepted by the malware, it will not be stolen, which can further improve the security of the payment.
Landscapes
- Engineering & Computer Science (AREA)
- Business, Economics & Management (AREA)
- Microelectronics & Electronic Packaging (AREA)
- Computer Networks & Wireless Communication (AREA)
- Accounting & Taxation (AREA)
- Strategic Management (AREA)
- Physics & Mathematics (AREA)
- General Business, Economics & Management (AREA)
- General Physics & Mathematics (AREA)
- Theoretical Computer Science (AREA)
- Financial Or Insurance-Related Operations Such As Payment And Settlement (AREA)
Abstract
L'invention concerne un procédé de paiement, un terminal mobile, un module d'identité d'abonné et un support d'informations pour ordinateur. Un procédé est appliqué au terminal mobile, et ce procédé consiste : à mémoriser au préalable des informations de compte de paiement et une clé de paiement correspondante dans une puce d'élément de sécurité du module d'identité d'abonné ; pendant le paiement, à obtenir la clé de paiement correspondante à partir de la puce d'élément de sécurité du module d'identité d'abonné en fonction des informations de compte de paiement entrées par un utilisateur, puis à achever le paiement selon la clé de paiement obtenue. Un autre procédé est appliqué au module d'identité d'abonné, et ce procédé consiste : à mémoriser les informations de compte de paiement et la clé de paiement correspondante dans la puce d'élément de sécurité ; et, lors de la réception d'une demande d'obtention de clé de paiement en provenance du terminal mobile, à obtenir la clé de paiement correspondante à partir de la puce d'élément de sécurité puis à envoyer cette clé de paiement au terminal mobile. En conséquence, l'invention porte également, selon le mode de réalisation, sur un terminal mobile, un module d'identité d'abonné et un support d'informations pour ordinateur.
Applications Claiming Priority (2)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
CN201410211182.7A CN105096116A (zh) | 2014-05-19 | 2014-05-19 | 支付方法、移动终端及用户识别卡 |
CN201410211182.7 | 2014-05-19 |
Publications (1)
Publication Number | Publication Date |
---|---|
WO2015176364A1 true WO2015176364A1 (fr) | 2015-11-26 |
Family
ID=54553280
Family Applications (1)
Application Number | Title | Priority Date | Filing Date |
---|---|---|---|
PCT/CN2014/081630 WO2015176364A1 (fr) | 2014-05-19 | 2014-07-04 | Procédé de paiement, terminal mobile, module d'identité d'abonné et support d'informations pour ordinateur |
Country Status (2)
Country | Link |
---|---|
CN (1) | CN105096116A (fr) |
WO (1) | WO2015176364A1 (fr) |
Families Citing this family (1)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN106330888B (zh) * | 2016-08-19 | 2019-08-27 | 中国银行股份有限公司 | 一种保证互联网线上支付安全性的方法及装置 |
Citations (4)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN101216915A (zh) * | 2008-01-21 | 2008-07-09 | 深圳市路通网络技术有限公司 | 安全移动支付方法 |
CN101261708A (zh) * | 2008-04-21 | 2008-09-10 | 中兴通讯股份有限公司 | 基于支持eNFC功能移动终端的在线支付方法和系统 |
EP2216742A1 (fr) * | 2009-02-09 | 2010-08-11 | C. Patrick Reich | Procédé de paiement mobile et dispositifs |
CN103679444A (zh) * | 2012-09-26 | 2014-03-26 | 浙江省公众信息产业有限公司 | 一种利用移动电话智能卡实现手机支付的系统和方法 |
Family Cites Families (5)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN101252729A (zh) * | 2008-04-10 | 2008-08-27 | 上海柯源软件有限公司 | 采用sim卡增强支付类芯片功能的方法 |
CN102194175A (zh) * | 2010-03-16 | 2011-09-21 | 中国移动通信集团公司 | 一种安全支付方法和安全支付终端 |
CN103093353A (zh) * | 2011-10-31 | 2013-05-08 | 深圳光启高等理工研究院 | 基于rfid-sim卡的账号安全保护方法及装置 |
CN102737308B (zh) * | 2012-06-08 | 2015-08-12 | 中兴通讯股份有限公司 | 一种移动终端及其查询智能卡信息的方法和系统 |
CN103164738B (zh) * | 2013-02-06 | 2015-09-30 | 厦门盛华电子科技有限公司 | 一种基于移动支付多通道数字认证的手机用户识别卡 |
-
2014
- 2014-05-19 CN CN201410211182.7A patent/CN105096116A/zh active Pending
- 2014-07-04 WO PCT/CN2014/081630 patent/WO2015176364A1/fr active Application Filing
Patent Citations (4)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN101216915A (zh) * | 2008-01-21 | 2008-07-09 | 深圳市路通网络技术有限公司 | 安全移动支付方法 |
CN101261708A (zh) * | 2008-04-21 | 2008-09-10 | 中兴通讯股份有限公司 | 基于支持eNFC功能移动终端的在线支付方法和系统 |
EP2216742A1 (fr) * | 2009-02-09 | 2010-08-11 | C. Patrick Reich | Procédé de paiement mobile et dispositifs |
CN103679444A (zh) * | 2012-09-26 | 2014-03-26 | 浙江省公众信息产业有限公司 | 一种利用移动电话智能卡实现手机支付的系统和方法 |
Also Published As
Publication number | Publication date |
---|---|
CN105096116A (zh) | 2015-11-25 |
Similar Documents
Publication | Publication Date | Title |
---|---|---|
US20210367795A1 (en) | Identity-Linked Authentication Through A User Certificate System | |
EP3100171B1 (fr) | Authentification de client à l'aide de données de relations sociales | |
US9780950B1 (en) | Authentication of PKI credential by use of a one time password and pin | |
US9231925B1 (en) | Network authentication method for secure electronic transactions | |
US11501294B2 (en) | Method and device for providing and obtaining graphic code information, and terminal | |
CN110299996B (zh) | 认证方法、设备及系统 | |
US20190173873A1 (en) | Identity verification document request handling utilizing a user certificate system and user identity document repository | |
WO2015180691A1 (fr) | Procédé et dispositif d'accord sur des clés pour informations de validation | |
EP2954448B1 (fr) | Transmission de données sensibles à des dispositifs tiers compatibles réseau | |
WO2016177052A1 (fr) | Procédé et appareil d'authentification d'utilisateur | |
CN109039652B (zh) | 一种数字通证的生成及应用方法 | |
TWI632798B (zh) | 伺服器、行動終端機、網路實名認證系統及方法 | |
US11146554B2 (en) | System, method, and apparatus for secure identity authentication | |
EP2692162A1 (fr) | Connexion de dispositifs mobiles, de véhicules connectés à internet et de services en nuage | |
JP2012530311A5 (fr) | ||
US8397281B2 (en) | Service assisted secret provisioning | |
CN111131416A (zh) | 业务服务的提供方法和装置、存储介质、电子装置 | |
WO2015180689A1 (fr) | Procédé et appareil d'acquisition d'informations de vérification | |
WO2017050147A1 (fr) | Procédé et dispositif d'enregistrement et d'authentification d'informations | |
CN105516066B (zh) | 一种对中间人的存在进行辨识的方法及装置 | |
CN108768941B (zh) | 一种远程解锁安全设备的方法及装置 | |
CN110838919B (zh) | 通信方法、存储方法、运算方法及装置 | |
CN108900595B (zh) | 访问云存储服务器数据的方法、装置、设备及计算介质 | |
CN117063174A (zh) | 用于通过基于app的身份的app间相互信任的安全模块及方法 | |
WO2015176364A1 (fr) | Procédé de paiement, terminal mobile, module d'identité d'abonné et support d'informations pour ordinateur |
Legal Events
Date | Code | Title | Description |
---|---|---|---|
121 | Ep: the epo has been informed by wipo that ep was designated in this application |
Ref document number: 14892620 Country of ref document: EP Kind code of ref document: A1 |
|
NENP | Non-entry into the national phase |
Ref country code: DE |
|
122 | Ep: pct application non-entry in european phase |
Ref document number: 14892620 Country of ref document: EP Kind code of ref document: A1 |