WO2015188434A1 - 互联网支付的注册认证、实现方法及装置 - Google Patents
互联网支付的注册认证、实现方法及装置 Download PDFInfo
- Publication number
- WO2015188434A1 WO2015188434A1 PCT/CN2014/083923 CN2014083923W WO2015188434A1 WO 2015188434 A1 WO2015188434 A1 WO 2015188434A1 CN 2014083923 W CN2014083923 W CN 2014083923W WO 2015188434 A1 WO2015188434 A1 WO 2015188434A1
- Authority
- WO
- WIPO (PCT)
- Prior art keywords
- feature information
- feature
- terminal
- payment
- payment platform
- Prior art date
Links
Classifications
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06Q—INFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES, NOT OTHERWISE PROVIDED FOR
- G06Q20/00—Payment architectures, schemes or protocols
- G06Q20/08—Payment architectures
- G06Q20/10—Payment architectures specially adapted for electronic funds transfer [EFT] systems; specially adapted for home banking systems
Definitions
- the present invention relates to the field of Internet payment, and in particular, to a registration authentication, implementation method, and apparatus for Internet payment.
- BACKGROUND OF THE INVENTION Internet payment refers to an act in which a customer purchases a specific commodity or service, and uses a computer or the like to initiate a payment instruction based on the Internet to realize the transfer of money funds.
- the Internet payment is divided into a bank account mode and a payment account mode.
- the bank account mode refers to the payment method in which the payer submits the payment instruction to the deposit bank through the payment institution, and directly transfers the monetary funds in the bank account to the designated account of the payee.
- the payment account mode refers to the payment method in which the payer directly submits a payment instruction to the payment institution, and transfers the money in the payment account to the designated account of the payee.
- the payment institution when an individual customer applies to open a payment account, the payment institution should register the customer's name, sex, nationality, occupation, address, contact information, and the type, number, and expiration date of the valid identity document of the customer. , and review the authenticity of basic identity information such as customer name, gender, type and number of valid ID documents.
- the payment institution shall also Keep a copy or photocopy of the valid ID of the individual customer.
- the payment institution when establishing a business association for the first time, it must be authenticated by a third-party payment institution and a bank; the customer is enhanced by a large amount of funds to ensure identity transfer, and the client himself is required to issue a fund transfer request.
- the Internet payment does not verify the authenticity of the valid identity document when the user opens the account, and may bury various hidden strings
- the invention content is related to the related technology, and there are technical problems such as security risks in the internet payment process, and the present invention provides an internet.
- the registration certification, implementation method and device for payment to solve at least the above technical problems.
- a registration authentication method for an Internet payment including: acquiring, by a terminal in real time, first characteristic information of a biometric feature when an end user pays online, and acquiring the end user Second feature information of the specified biometric feature stored in the identity document; the terminal comparing the first feature information and the second feature information; the first feature information and the second feature information When the matching is successful, the terminal notifies the payment platform to create an account for the terminal user to complete the registration.
- the terminal obtains the first feature information of the biometric feature when the terminal user pays the online payment in real time
- the method includes: the terminal collecting at least one of the following information of the terminal user in real time: a head image, a fingerprint image; and extracting the header
- the part image and/or the feature data of the fingerprint image obtains head feature data and/or fingerprint feature data, and the head feature data and/or the fingerprint feature data is used as the first feature information.
- the method further includes: the terminal generating third feature information according to the acquired head image and/or the fingerprint image, where The third feature information is different from the first feature information generating algorithm, and the first feature information is generated in the same manner as the second feature information generating algorithm; and the third feature information is uploaded to the payment platform.
- the comparing, by the terminal, the first feature information and the second feature information includes: when the first feature information includes the fingerprint feature data and the avatar feature data, the terminal preferentially compares Comparing the fingerprint feature data in the first feature information with the fingerprint feature data in the second feature information, after matching, comparing the avatar feature data in the first feature information with the avatar in the second feature information Feature data.
- the method further includes: the terminal, the head image corresponding to the first feature information, The header image corresponding to the second feature information is uploaded to the payment platform, and the image matching is manually performed.
- the terminal notifying the payment platform to create an account for the terminal user to complete the registration the method further includes: the terminal verifying whether the first feature information is legally obtained, wherein, when the verification is passed, the terminal notifies the The payment platform creates an account.
- the terminal verifies whether the first feature information is legally obtained the method includes: the terminal collecting physiological feature information of the terminal user; and the terminal verifying, according to the physiological feature information, whether the first feature information is For legal access.
- the physiological feature information comprises: an electrocardiogram ECG signal and/or a pulse wave signal.
- a method for registering and authenticating an Internet payment including: the payment platform receiving first feature information of the biometric feature specified by the terminal user when the terminal user obtains the online payment in real time; And the second feature information that is used by the payment platform to invoke the specified biometric feature from the designated authentication center to match the first feature information, where the second feature information is stored in the identity document of the terminal user.
- the feature information of the specified biometric feature adopts the same generation algorithm; when the matching is successful, the payment platform creates an account for the terminal user to complete registration.
- the first feature information includes at least one of the following: the terminal according to the real-time acquired head image, the header feature data generated by the fingerprint image, and the fingerprint feature data.
- the calling, by the payment platform, the second feature information of the designated identification feature to be matched with the first feature information includes: the first feature information includes the fingerprint feature data and the
- the payment platform preferentially compares the fingerprint feature data in the first feature information with the fingerprint feature data in the second feature information, and after matching, compares the first feature information The avatar feature data and the avatar feature data in the second feature information.
- the method further includes: the payment platform notifying the terminal to use the first feature information
- the header image corresponding to the header image and the second feature information is uploaded to the payment platform for manual image matching.
- the method further includes: the payment platform receiving, by the terminal, whether the first feature information is legally obtained by the terminal, where the verification result is When the indication is legal acquisition, the payment platform creates an account for the terminal user.
- the method before the receiving, by the payment platform, the terminal, whether the first feature information is a legally obtained verification result, the method includes: the terminal collecting physiological characteristic information of the terminal user; The information is verified whether the first feature information is legally obtained; the terminal sends a verification result to the payment platform.
- the physiological feature information comprises: an electrocardiogram ECG signal and/or a pulse wave signal.
- a method for implementing an Internet payment including: receiving, by a payment platform, first feature information of a specified biometric feature of a terminal user acquired by a terminal in real time; The platform acquires second feature information of the specified biometric feature, wherein the second feature information and the feature information of the specified biometric feature stored in the end user identity file are used The same generation algorithm; the payment platform matches the first feature information and the second feature information; when the matching is successful, the payment platform performs a payment process corresponding to the payment request initiated by the terminal user.
- the second feature information of the payment platform for acquiring the specified biometric feature comprises one of: the payment platform is obtained from pre-stored second feature information; and the payment platform obtains from the designated authentication center The second feature information is described.
- the method before the receiving, by the payment platform, the first feature information of the specified biometric feature of the terminal user acquired by the terminal in real time, the method further includes: the terminal storing the first feature information of the terminal user.
- the method before the payment platform performs the payment process corresponding to the payment request initiated by the terminal user, the method further includes: the payment platform receiving, by the payment platform, whether the first feature information is legally obtained by the terminal, where When the verification result indicates that the verification is legal, the payment platform executes the payment process.
- the method before the receiving, by the payment platform, the terminal, whether the first feature information is a legally obtained verification result, the method includes: the terminal collecting physiological characteristic information of the terminal user; The information is verified whether the first feature information is legally obtained; the terminal sends a verification result to the payment platform.
- the physiological feature information comprises: an electrocardiogram ECG signal and/or a pulse wave signal.
- a registration authentication device for internet payment is further provided, which is applied to a terminal, and includes: an acquiring module, configured to acquire a biometric feature when the terminal user pays online in real time.
- the device further includes: a verification module, configured to verify whether the first feature information is legally obtained, wherein, when the verification is passed, the terminal notifies the payment platform to create an account.
- a registration authentication device for an Internet payment is further provided, which is applied to a payment platform, and includes: a receiving module, configured to receive a real-time acquired by a terminal user when the terminal user pays online Identifying the first feature information of the feature; the matching module is configured to match the second feature information of the specified biometric feature from the specified authentication center to the first feature information, where the second feature information and the Characterizing the specified biometric feature stored in the identity document of the end user The information uses the same generation algorithm; the registration module is set to create an account for the end user to complete the registration when the match is successful.
- the receiving module is further configured to receive, by the terminal, a verification result that the first feature information is legally obtained, where the registration module is notified to be the terminal when the verification result indicates that the authentication is legally obtained.
- the user creates an account.
- an apparatus for implementing an Internet payment is provided, which is applied to a payment platform, and includes: a receiving module, configured to receive a specified biometric feature of a terminal user acquired by the terminal in real time.
- the receiving module is further configured to receive, by the terminal, a verification result that the first feature information is legally obtained, where the verification module is configured to perform the Payment process.
- FIG. 2a is a structural block diagram of a registration authentication device for internet payment according to an embodiment of the present invention
- FIG. 2b is a block diagram according to the present invention. Another structural block diagram of a registration authentication device for Internet payment
- FIG. 3 is another flowchart of a registration authentication method for Internet payment according to an embodiment of the present invention
- FIG. 4 is a registration authentication device for Internet payment according to an embodiment of the present invention
- Another structural block diagram of the present invention
- FIG. 5 is a flowchart of a method for implementing internet payment according to an embodiment of the present invention
- 6 is a structural block diagram of an apparatus for implementing internet payment according to an embodiment of the present invention
- FIG. 7 is a schematic structural diagram of the internet payment system according to a preferred embodiment of the present invention.
- FIG. 1 is a flowchart of a registration authentication method for internet payment according to an embodiment of the present invention.
- the method includes steps S102-S106: Step S102, the terminal acquires first feature information of the biometric feature when the terminal user pays online, and acquires the specified biometric feature stored in the identity document of the terminal user.
- the second feature information that is, for the same biometric feature, the feature information obtained in real time and the feature information in the identity document (such as ID card, but not limited to) are obtained for matching.
- Step S104 The terminal compares the first feature information with the second feature information.
- Step S106 When the first feature information and the second feature information are successfully matched, the terminal notifies the payment platform to create an account for the terminal user to complete the registration.
- the terminal since the first feature information of the specified biometric feature collected in real time and the second feature information in the identity document are matched and authenticated when the end user pays online, the security of the payment process is enhanced.
- the designated biometric feature may be any biometric that distinguishes other users or a combination of a plurality of different biometric features, such as at least one of a head image and a fingerprint image.
- the feature information may be expressed in the following form:
- the terminal collects at least one of the following information of the terminal user in real time: a head image, a fingerprint image; extracting feature data of the head image and/or the fingerprint image, to obtain head feature data and/or Or fingerprint feature data, and the above-described head feature data and/or the fingerprint feature data are used as the first feature information.
- the iris image can also be applied to the above process as one of the biometric features, but since it is not yet recognized as an identification feature of the ID card, the head image and the fingerprint image can be preferentially selected.
- the terminal user does not want to save the feature information on the identity document on the payment platform, and before the terminal informs the payment platform to create an account for the terminal user, the terminal obtains the
- the third image information is generated by the header image and/or the fingerprint image, wherein the third feature information is different from the first feature information generation algorithm.
- the second feature information and the third feature information may be considered to be different.
- Characteristic information the first feature information is the same as the second feature information generating algorithm (in this case, the first feature information and the second feature information are considered to be the same feature information); and the third feature information is uploaded to The above payment platform.
- the terminal when the first feature information includes the fingerprint feature data and the avatar feature data, the terminal preferentially compares the fingerprint feature data and the second feature information in the first feature information. After the matching, the fingerprint feature data is compared with the avatar feature data in the first feature information and the avatar feature data in the second feature information. In a preferred implementation process, if the fingerprint feature data in the first feature information does not match the fingerprint feature data in the second feature information, the user may be prompted to go to the business hall for processing. When the avatar feature data in the first feature information does not match the avatar feature data in the second feature information, the terminal uploads the header image corresponding to the first feature information and the header image corresponding to the second feature information. Go to the above payment platform and prompt manual image matching.
- the terminal collects physiological characteristic information of the terminal user; and the terminal verifies whether the first feature information is legally acquired according to the physiological characteristic information.
- the physiological feature information includes: an electrocardiogram ECG signal and/or a pulse wave signal.
- a registration authentication device for the Internet payment is also provided, which is used in the terminal to implement the foregoing method. As shown in FIG.
- the device includes: an obtaining module 20, configured to acquire the online payment of the terminal user in real time. Specifying first feature information of the biometric feature, and acquiring second feature information of the specified biometric feature stored in the identity document of the terminal user; the matching module 22 is connected to the obtaining module 20, and configured to compare the first feature information and The second feature information is sent to the matching module 24.
- the notification module 24 is configured to notify the payment platform to create an account for the terminal user to complete registration when the first feature information and the second feature information are successfully matched. It should be noted that each module provided may be implemented by hardware or software.
- the former may be implemented in the following manner: the obtaining module 20, the matching module 22, and the notification module 24 are located in the same processor; or acquiring the module 20
- the matching module 22 and the notification module 24 are located in the first processor, the second processor, and the third processor, respectively.
- the foregoing apparatus may further include: a verification module 26, connected to the notification module 24, configured to verify whether the first feature information is legally obtained, wherein, when the verification is passed, The terminal notifies the payment platform to create an account.
- a registration authentication method for the Internet payment is provided on the payment platform side. As shown in FIG.
- the method includes: Step S302: The payment platform receives the first feature information of the biometric feature when the terminal user obtains the online payment by the terminal in real time; in step S304, the payment platform invokes the second feature information of the specified biometric feature from the designated authentication center and the first feature information. Matching, wherein the second feature information is the same as the feature information of the specified biometric feature stored in the identity document of the terminal user; in step S306, when the matching is successful, the payment platform creates an account for the terminal user to complete registered.
- the foregoing first feature information includes, but is not limited to, at least one of the following: the terminal according to the real-time acquired head image, the header feature data generated by the fingerprint image, and the fingerprint feature data.
- the matching process in step S304 may be expressed as follows: when the first feature information includes the fingerprint feature data and the avatar feature data, the payment platform preferentially compares the fingerprint feature data and the second feature information in the first feature information. After the matching, the fingerprint feature data in the first feature information is compared with the avatar feature data in the second feature information. When the avatar feature data in the first feature information does not match the avatar feature data in the second feature information, the payment platform notifies the terminal to display the header image corresponding to the first feature information and the second feature information.
- the corresponding header image is uploaded to the payment platform for manual image matching.
- the payment platform receives the verification result of whether the first feature information is legally obtained by the terminal, where the verification result indicates that the authentication is legally obtained.
- the payment platform creates an account for the end user.
- the first mode is used to verify the first feature information: the terminal collects the physiological feature information of the terminal user; the terminal verifies whether the first feature information is legally acquired according to the physiological feature information; and the terminal sends the verification result to the payment platform.
- the physiological feature information includes: an electrocardiogram (ECG) signal and/or a pulse wave signal.
- ECG electrocardiogram
- a registration authentication device for Internet payment is applied to the payment platform.
- the device includes: a receiving module 40, configured to receive biometric identification when the terminal user obtains online payment in real time by the receiving terminal. a first feature information of the feature; the matching module 42 is connected to the receiving module 40, and is configured to match the second feature information of the specified biometric feature from the specified authentication center to the first feature information, wherein the second feature The information is the same as the feature information of the specified biometric feature stored in the identity document of the terminal user, and the registration module 44 is connected to the matching module 42 and configured to create an account for the terminal user when the matching is successful. Complete the registration.
- the receiving module 40 is further configured to receive, by the terminal, a verification result that the first feature information is legally obtained by the terminal, where the notification registration module 44 creates an account for the terminal user when the verification result indicates that the verification result is legal acquisition.
- the method includes: Step S502: The payment platform receives the first biometric identification feature of the terminal user acquired by the terminal in real time.
- Step S504 the payment platform acquires the second feature information of the specified biometric feature, wherein the second feature information and the feature information of the specified biometric feature stored in the identity document of the terminal user adopt a corresponding generation algorithm
- Step S506 The payment platform matches the first feature information and the second feature information.
- Step S508 When the matching is successful, when the matching is successful, the payment platform performs a payment process corresponding to the payment request initiated by the terminal user. In a preferred implementation process, before the step S508, the payment platform also needs to receive the payment request from the terminal. Of course, before the terminal initiates the payment request, the terminal user may be authenticated first by using the embodiment shown in FIG. 1-4. Certification. In step S504, the payment platform obtains the second feature information in multiple manners.
- the payment platform may be obtained from the second feature information stored in advance.
- the terminal when the user registers, the terminal may be based on the collected terminal user.
- the second feature information is uploaded to the payment platform for storage); the second feature information may also be obtained from the designated certificate center.
- the terminal needs to store the first feature information of the terminal user, so that the terminal can be verified after payment. User validity.
- the terminal in order to further improve the security of the payment process, before the payment platform performs the payment process corresponding to the payment request initiated by the terminal user, the terminal may also receive the verification that the first feature information is legally acquired by the terminal.
- the process of the terminal verifying the first feature information is as follows: The terminal collects the physiological feature information of the terminal user; the terminal verifies whether the first feature information is legally acquired according to the physiological feature information; and the terminal sends the verification result to the payment platform.
- the physiological feature information includes: an electrocardiogram (ECG) signal and/or a pulse wave signal.
- ECG electrocardiogram
- the embodiment further provides an implementation device for the Internet payment, which is applied to the payment platform. As shown in FIG. 6, the device includes: a receiving module 60, configured to receive the first feature of the specified biometric feature of the terminal user acquired by the terminal in real time.
- the information obtaining unit 62 is connected to the receiving module 60, and configured to acquire the second feature information of the specified biometric feature, wherein the second feature information and the feature information of the specified biometric feature stored in the terminal user identity document
- the same generating algorithm is used;
- the matching module 64 is connected to the obtaining module 62, and is configured to match the first feature information and the second feature information;
- the executing module 66 is connected to the matching module 64, and is set to be successful when the matching is successful. And executing a payment process corresponding to the payment request initiated by the terminal user.
- the receiving module 60 is further configured to receive, by the terminal, a verification result that the first feature information is legally obtained by the terminal, where the notification execution module 66 performs the foregoing payment process when the verification result indicates that the verification result is legal acquisition.
- the design idea of the following embodiment is to complete the consistency authentication of the customer and the identity document by fingerprint identification and avatar matching, and the authentication is performed by scanning the fingerprint and the avatar and the fingerprint and avatar stored in the identity document by the on-site scanning; Matching the authenticity authentication of the customer when the large-value payment is completed, and the identification is compared with the fingerprint and the avatar stored by the payment platform by scanning the fingerprint and the avatar on site.
- the Internet payment system includes: Near field communication, also known as Near Field Communication (NFC) portable terminal 70, which supports wireless fidelity.
- NFC Near Field Communication
- WiFi Wireless Fidelity
- Long Term Evolution Long-Term Evolution
- NFC Wireless communication and Near Field Communication
- LTE Evolution
- the NFC portable terminal will run the payment application client.
- the NFC portable terminal 70 has a built-in SAM security module socket, and can be inserted into a SAM security module card authorized by the national public security department, and is set to read the second generation resident ID card information by the NFC portable terminal; the SAM security module can also be a software module authorized to be released. Download the installation at the specified website. Or the NFC portable terminal connects to the second generation resident ID card reader through the USB port. At the same time, the NFC portable terminal has a built-in fingerprint identification module, which can scan the fingerprint of the user and generate corresponding fingerprint feature data through the security module.
- the NFC portable terminal has an ECG (electrocardiogram) sensor and a reflective pulse wave photoelectric sensor.
- the ECG sensor collects the ECG signal through the finger
- the reflective pulse wave photoelectric sensor collects the pulse wave signal through the finger.
- the pulse wave photoelectric sensor detects the change of the blood flow according to the reflected infrared light change by collecting the infrared light reflected by the finger. Both the ECG signal and the pulse wave signal have a normal range. Refer to the medical index. If the ECG signal and the pulse wave signal are abnormally large, it means that the detected finger is abnormal, which can effectively prevent fingerprint counterfeiting, such as using a fingerprint film.
- the NFC portable terminal has a built-in camera with a resolution of at least 300,000 pixels (VGA: 640 x 480).
- the NFC portable terminal runs a payment application client, which is an application running on the NFC portable terminal device (web application or local client application), is distributed by the payment platform, and provides related operations for the Internet payment for the user.
- the payment application client reads the second generation resident identity information, performs face shooting on the user, completes image processing, and performs image matching, and finally uploads customer information and images to the payment platform.
- the payment application client scans the user fingerprint, and generates corresponding fingerprint feature data through the security module, or generates fingerprint feature data by using an own algorithm, and matches the fingerprint information of the second generation resident identity.
- the payment platform 72 is a connection established between the consumer, the merchant and the UnionPay system 74 by the platform provider, and realizes online money payment, cash flow, fund clearing, query statistics, etc. from the consumer to the financial institution, the merchant cash.
- the payment platform provides various authentication functions, including user authenticity verification, large-value payment authentication, etc.; UnionPay system 74, which is set to provide support for payment platform to complete payment. Based on the architecture shown in Figure 7, the specific payment process is illustrated from the following two embodiments.
- Example 1 Example 1
- the NFC portable terminal acts as a payment terminal and needs to be initialized.
- the initialization process is as follows:
- the S100 user initiates the payment application client, and the payment application client completes the mutual authentication with the payment platform.
- the S110 user selects to create a user, and the payment application client prompts the user to input customer information, including name, ID card, address, contact information, etc.; the user selects the identity verification, and the payment application client prompts the user to use the NFC portable terminal to read the identity information, prompting Scan fingerprints and face shots (without glasses).
- the S120 payment application client first checks the identity card number: whether the number entered by the user matches the identity number read by the NFC portable terminal; if it does not match, the prompt ID card input error is re-entered; after the identity number is matched, the fingerprint matching is performed.
- the payment application client generates a fingerprint of the scanned fingerprint image through the security module. The data is collected, and the fingerprint feature data scanned by the NFC portable terminal is matched with the fingerprint data read by the NFC portable terminal. When the fingerprint is scanned, the NFC portable terminal simultaneously monitors the ECG signal and pulse of the user through the ECG sensor and the reflective pulse wave photoelectric sensor.
- Wave signal if the ECG signal and the pulse wave signal cannot be detected at the same time, the fingerprint matching is invalid; finally, the face matching is performed, and the face image of the ID card read by the NFC portable terminal is first enlarged to obtain the feature data, and then the face is photographed. The image is cropped and the feature data is extracted and then matched. If the fingerprint feature data matches and the facial feature data is highly similar (the similarity can be set, for example, 90%), it means that the application is issued by the person. If it does not match, the process proceeds to step S150.
- the similarity can be set, for example, 90%
- the S130 payment application client generates the fingerprint feature data again by using the scanned fingerprint image (the newly generated fingerprint feature data may be different from the fingerprint feature data generated by the security module), and the face image is cropped and then compressed, together with the user input.
- the customer information and the identity information read by the NFC portable terminal are uploaded to the payment platform.
- the S140 payment platform creates an account according to the customer information, and saves the identity information, the fingerprint feature data and the face image, and sends the identity information and the bank card number to the issuing bank for verification. After the verification is successful, the user account takes effect and returns to the payment application client. Account creation success message.
- the S150 prompts the fingerprint to fail, prompting the user to go to the business hall; if the fingerprints match and the faces do not match, the payment application client uploads the customer information, facial images and other data to the payment platform, prompting manual image matching. Identification, if the manual audit matching is successful, the process proceeds to step S140. If the manual review fails, the payment platform returns an account creation failure message to the payment application client, prompting the user to go to the business hall.
- Pre-processing The avatar of the second-generation ID card is a low-quality image compressed by wavelet transform, each image is only 1 Kbytes, and the size is 102 X 126 (pixels).
- the center distance between the two eyes is about 25 pixels, which is enlarged before the face detection, and the image captured by the camera will be rotated and zoomed so that the two eyes are at the same horizontal line, and the distance from the jaw point to the center of the two eyes is a preset.
- the fixed constant is then cropped to a fixed-size image. After the pre-processing is completed, the size and pixel of the two images are close.
- Removing glasses Most people wearing glasses are required to wear a frame without a lens when they are collecting photo of the second-generation ID card to prevent reflection. By calculating the number of edge points in a specific area, it is judged whether the avatar wears glasses or not. Extracted from the edge map obtained by the Sobel algorithm.
- the glasses are removed by two steps: First, the closed area formed by the edge of the glasses is extracted, and then the error is compensated according to the extracted area and the reconstructed image, and the occlusion part of the glasses is compensated by a plurality of iterative PCA (principal component analysis) reconstruction methods.
- PCA principal component analysis
- Face recognition Multi-Model Part face recognition method based on Principal Component Analysis (MMP-PCA): Position the eye and jaw point first, then position the tip of the nose. According to these key points, the face is divided into five parts: naked face, eyebrow, eyes, nose and mouth; then Principal Component Analysis (PCA) is performed to calculate the feature values of each component and select the d largest feature values ( Each component uses a different d, d is a natural number), and the corresponding feature vector is calculated, so that the feature face, the feature eyebrow, the feature eye, the feature nose, and the feature mouth can be respectively obtained; the second generation certificate image and the video image are calculated. After the projection parameters, the similarity between them is calculated.
- MMP-PCA Principal Component Analysis
- the weighted average of each component is used to obtain the final similarity to adapt to different situations.
- the payment platform can save the image captured by the camera with successful authentication, which can greatly improve the accuracy of subsequent matching. If the system fails, the manual can be prompted to judge again.
- the S210 user selects the payment, the payment application client prompts the user to input the payment amount, and if the payment amount exceeds the predetermined amount, the payment is large; the payment application client prompts the identity verification, and the payment application client prompts to scan the fingerprint and face shooting (not wear glasses).
- the S220 payment application client generates fingerprint feature data by using the scanned fingerprint image, and then crops the face image and then compresses the image.
- the NFC portable terminal When scanning the fingerprint, the NFC portable terminal simultaneously monitors the user's ECG through the ECG sensor and the reflective pulse wave photoelectric sensor. The signal and the pulse wave signal, if the ECG signal and the pulse wave signal cannot be detected at the same time, prompt the user that the fingerprint scan is invalid; the payment application client uploads the amount information input by the user, the generated fingerprint feature data, and the compressed face image data to the payment. platform.
- the S230 payment platform first performs fingerprint matching, and matches the fingerprint feature data scanned by the NFC portable terminal with the fingerprint feature data stored by the payment platform.
- the face matching is performed, and the feature data is extracted from the captured facial data, and the platform is stored.
- the facial image is matched with the feature data. If both the fingerprint feature data and the face feature data are successfully matched, it means that the payment is made by the person. If it does not match, go to step S250.
- the S240 payment platform initiates a transfer payment request to the card issuing bank, and after the bank system transfers the payment successfully, the payment platform returns a payment transfer success message to the payment application client.
- the S250 prompts the fingerprint identification to fail, prompting the user to go to the business hall; if the fingerprint matches, the face does not match, prompting the image matching identification manually, if the manual audit matching is successful, go to step S240, if the manual review fails, the payment is made.
- the platform returns a payment transfer failure message to the payment application client, prompting the user to go to the business hall for processing.
- Embodiment 2 Since personal avatar and fingerprint data belong to personal privacy data, some users want the payment platform not to save fingerprint feature data.
- the portable terminal may not support NFC and cannot read the second-generation ID card information, the following scheme is adopted: Payment platform initialization
- the S000 payment platform is connected to the identity system of the national public security department, and can call the application interface issued by the system to complete the personal identity authentication.
- the portable terminal downloads the software security module and completes the installation on the designated website.
- the software security module installed in the portable terminal and the corresponding certification center complete the authentication, which is used to complete the fingerprint scanning to generate the fingerprint feature data.
- Identity authentication process When creating a user, you need to identify the user first. The process is as follows:
- the S300 user starts the payment application client, and the payment application client completes the mutual authentication with the payment platform.
- the S310 user selects to create a user, and the payment application client prompts the user to input customer information, including name, ID card, address, contact information, etc.; the user selects the identity verification, and the payment application client prompts to scan the fingerprint and face shooting (without glasses) ).
- the S320 payment application client generates fingerprint feature data by scanning the fingerprint image through the security module, and then crops the face image and then compresses the image.
- the NFC portable terminal simultaneously passes the ECG sensing.
- the reflective pulse wave photoelectric sensor monitors the user's ECG signal and pulse wave signal. If the ECG signal and the pulse wave signal cannot be detected at the same time, the user is prompted to have the fingerprint scan invalid, and the payment application client finishes processing together with the user input of the customer information. To the payment platform.
- the S330 payment platform invokes the application interface of the national identity system, obtains personal identity information according to the identity card number, including the avatar and fingerprint feature data, first performs fingerprint matching, and the fingerprint feature data scanned by the portable terminal and the fingerprint feature data acquired by the payment platform. Matching is performed; after the matching is successful, the face matching is performed, and the captured facial image is matched with the extracted facial image obtained by the payment platform to extract the feature data. If the fingerprint feature data and the face feature data are successfully matched, the payment is sent by the person. If it does not match, go to step S350.
- the S340 payment platform creates an account according to the customer information, and saves the identity information, and sends the identity information and the bank card number to the issuing bank for verification. After the verification is successful, the user account takes effect and returns a account creation success message to the payment application client.
- the S350 prompts the fingerprint to fail, prompting the user to go to the business hall; if the fingerprint matches, the face does not match, the payment application client uploads the customer information, the facial image and other data to the payment platform, prompting the artificial image matching. Identification, if the manual audit match is successful, go to step S340. If the manual review fails, the payment platform returns an account creation failure message to the payment application client, prompting the user to go to the business hall.
- the S400 user activates the payment application client, and the payment application client completes the mutual authentication with the payment platform.
- S410 user selects payment, and the payment application client prompts the user to input the payment amount. If the payment amount exceeds the predetermined amount, the payment is large; the payment application client prompts for identity verification, and the payment application client prompts to scan the fingerprint and face shooting (not wear glasses).
- the S420 payment application client generates fingerprint feature data by scanning the fingerprint image through the security module, and then crops the face image and then compresses the image.
- the NFC portable terminal simultaneously monitors the ECG sensor and the reflective pulse wave photoelectric sensor. The user's ECG signal and pulse wave signal, if the ECG signal and the pulse wave signal cannot be detected at the same time, the user is prompted to have the fingerprint scan invalid; the payment application client inputs the amount information, the generated fingerprint feature data, and the compressed face image data. Upload to the payment platform.
- the S430 payment platform invokes the application interface of the national identity system, obtains personal identity information according to the ID number, including avatar and fingerprint feature data, first performs fingerprint matching, and scans the number of fingerprint features scanned by the portable terminal. According to the fingerprint feature data acquired by the payment platform, the matching is performed; after the matching is successful, the face matching is performed, and the captured facial image is matched with the extracted facial image obtained by the payment platform to extract the feature data. If both the fingerprint feature data and the face feature data are successfully matched, it means that the payment is made by the person. If it does not match, go to the step
- the S440 payment platform initiates a transfer payment request to the card issuing bank, and after the bank system transfers the payment successfully, the payment platform returns a payment transfer success message to the payment application client.
- the S450 prompts the fingerprint identification to fail, prompting the user to go to the business hall; if the fingerprint matches, the face does not match, prompting the image matching identification manually, if the manual audit matching is successful, go to step S440, if the manual review fails, the payment is made.
- the platform returns a payment transfer failure message to the payment application client, prompting the user to go to the business hall for processing.
- the portable terminal As long as the portable terminal has the NFC function, after installing the security module, it can become a mobile authentication terminal, which can be implemented anywhere, such as at home, on a business trip, and The office has completed the online account opening certification, and does not have to go to the business hall. In terms of the security of large-value payment, it is necessary to have the fingerprint authentication of the person, and the face avatar recognition will greatly reduce the risk of taking the card.
- software is also provided for performing the technical solutions described in the above embodiments and preferred embodiments.
- a storage medium is provided, the software being stored, including but not limited to: an optical disk, a floppy disk, a hard disk, a rewritable memory, and the like.
- modules or steps of the present invention can be implemented by a general-purpose computing device, which can be concentrated on a single computing device or distributed over a network composed of multiple computing devices. Alternatively, they may be implemented by program code executable by the computing device, such that they may be stored in the storage device by the computing device and, in some cases, may be different from the order herein.
- the steps shown or described are performed, or they are separately fabricated into individual integrated circuit modules, or a plurality of modules or steps are fabricated as a single integrated circuit module.
- the invention is not limited to any specific combination of hardware and software.
- the above are only the preferred embodiments of the present invention, and are not intended to limit the present invention, and various modifications and changes can be made to the present invention.
Landscapes
- Business, Economics & Management (AREA)
- Accounting & Taxation (AREA)
- Finance (AREA)
- Physics & Mathematics (AREA)
- Economics (AREA)
- Strategic Management (AREA)
- Development Economics (AREA)
- General Business, Economics & Management (AREA)
- General Physics & Mathematics (AREA)
- Engineering & Computer Science (AREA)
- Theoretical Computer Science (AREA)
- Collating Specific Patterns (AREA)
- Financial Or Insurance-Related Operations Such As Payment And Settlement (AREA)
Abstract
本发明提供了一种互联网支付的注册认证、实现方法及装置,其中,该注册认证方法包括:终端实时获取终端用户在线支付时指定生物识别特征的第一特征信息,以及获取所述终端用户的身份证件中存储的所述指定生物识别特征的第二特征信息;所述终端比较所述第一特征信息和所述第二特征信息;在所述第一特征信息和所述第二特征信息匹配成功时,所述终端通知支付平台为所述终端用户创建账户以完成注册。采用本发明提供的上述技术方案,解决了相关技术中互联网支付过程中存在安全隐患等技术问题,提高了互联网支付的安全性。
Description
互联网支付的注册认证、 实现方法及装置 技术领域 本发明涉及互联网支付领域, 尤其是涉及一种互联网支付的注册认证、 实现方法 及装置。 背景技术 互联网支付是指客户为购买特定商品或服务, 通过计算机等设备, 依托互联网发 起支付指令, 实现货币资金转移的行为。 按照支付机构提供的支付服务方式不同, 互联网支付分为银行账户模式和支付账 户模式。 银行账户模式是指付款人通过支付机构向开户银行提交支付指令, 直接将银 行账户内的货币资金转入收款人指定账户的支付方式。 支付账户模式是指付款人直接 向支付机构提交支付指令,将支付账户内的货币资金转入收款人指定账户的支付方式。 在相关技术中, 个人客户申请开立支付账户时, 支付机构应登记客户的姓名、 性 另 |J、 国籍、 职业、 住址、 联系方式以及客户有效身份证件的种类、 号码和有效期限等 身份信息, 并对客户姓名、 性别、 有效身份证件的种类和号码等基本身份信息的真实 性进行审核。 对个人支付账户单笔收付金额超过第一指定金额, 个人客户开立的所有 支付账户月收付金额累计超过第二指定金额或资金余额连续一段时间超过第三指定金 额的, 支付机构还应留存个人客户的有效身份证件的复印件或者影印件。 并且, 在相关技术中, 首次建立业务关联时, 必须通过第三方支付机构和银行的 双重身份鉴别; 对客户通过大额资金划转强化身份认证, 确保由客户本人发出资金划 转要求。 目前互联网支付在用户开户时都没审核有效身份证件的真实性, 可能埋下各种隐 串、 发明内容 针对相关技术中, 互联网支付过程中存在安全隐患等技术问题, 本发明提供了一 种互联网支付的注册认证、 实现方法及装置, 以至少解决上述技术问题。
为了达到上述目的, 根据本发明的一个实施例, 提供了一种互联网支付的注册认 证方法,包括: 终端实时获取终端用户在线支付时指定生物识别特征的第一特征信息, 以及获取所述终端用户的身份证件中存储的所述指定生物识别特征的第二特征信息; 所述终端比较所述第一特征信息和所述第二特征信息; 在所述第一特征信息和所述第 二特征信息匹配成功时,所述终端通知支付平台为所述终端用户创建账户以完成注册。 优选地, 终端实时获取终端用户在线支付时指定生物识别特征的第一特征信息, 包括: 所述终端实时采集所述终端用户的以下至少之一信息: 头部图像、 指纹图像; 提取所述头部图像和 /或所述指纹图像的特征数据,得到头部特征数据和 /或指纹特征数 据, 并将所述头部特征数据和 /或所述指纹特征数据作为所述第一特征信息。 优选地, 所述终端通知支付平台为所述终端用户创建账户之前, 还包括: 所述终 端根据获取的所述头部图像和 /或所述指纹图像生成第三特征信息, 其中, 所述第三特 征信息与所述第一特征信息的生成算法不同, 所述第一特征信息与所述第二特征信息 的生成算法相同; 将所述第三特征信息上传至所述支付平台。 优选地, 所述终端比较所述第一特征信息和所述第二特征信息, 包括: 在所述第 一特征信息包括所述指纹特征数据和所述头像特征数据时, 所述终端优先比较所述第 一特征信息中的指纹特征数据和所述第二特征信息中的指纹特征数据, 在匹配后, 再 比较所述第一特征信息中的头像特征数据和所述第二特征信息中的头像特征数据。 优选地, 在所述第一特征信息中的头像特征数据和所述第二特征信息中的头像特 征数据不匹配时, 还包括: 所述终端将所述第一特征信息所对应头部图像和所述第二 特征信息所对应头部图像上传至所述支付平台, 并提示人工进行图像匹配。 优选地,所述终端通知支付平台为所述终端用户创建账户完成注册之前,还包括: 所述终端验证所述第一特征信息是否为合法获取, 其中, 在验证通过时, 所述终端通 知所述支付平台创建账户。 优选地, 所述终端验证所述第一特征信息是否为合法获取, 包括: 所述终端采集 所述终端用户的生理特征信息; 所述终端根据所述生理特征信息验证所述第一特征信 息是否为合法获取。 优选地,在所述第一特征信息至少包括指纹特征数据时,所述生理特征信息包括: 心电图 ECG信号和 /或脉搏波信号。
为了达到上述目的, 根据本发明的再一个实施例, 还提供了一种互联网支付的注 册认证方法, 包括: 支付平台接收终端实时获取的终端用户在线支付时指定生物识别 特征的第一特征信息; 所述支付平台从指定认证中心中调用所述指定生物识别特征的 第二特征信息与所述第一特征信息进行匹配, 其中, 所述第二特征信息与所述终端用 户的身份证件中所存储所述指定生物识别特征的特征信息采用了相同的生成算法; 在 匹配成功时, 所述支付平台为所述终端用户创建账户以完成注册。 优选地, 所述第一特征信息包括以下至少之一: 所述终端根据实时获取的头部图 像、 指纹图像生成的头部特征数据、 指纹特征数据。 优选地, 所述支付平台从指定认证中心中调用所述指定识别特征的第二特征信息 与所述第一特征信息进行匹配, 包括: 在所述第一特征信息包括所述指纹特征数据和 所述头像特征数据时, 所述支付平台优先比较所述第一特征信息中的指纹特征数据和 所述第二特征信息中的指纹特征数据, 在匹配后, 再比较所述第一特征信息中的头像 特征数据和所述第二特征信息中的头像特征数据。 优选地, 在所述第一特征信息中的头像特征数据和所述第二特征信息中的头像特 征数据不匹配时, 还包括: 所述支付平台通知所述终端将所述第一特征信息所对应头 部图像和所述第二特征信息所对应头部图像上传至所述支付平台进行人工图像匹配。 优选地, 所述支付平台为所述终端用户创建账户以完成注册之前, 还包括: 所述 支付平台接收所述终端对所述第一特征信息是否为合法获取的验证结果, 其中, 在验 证结果指示为合法获取时, 所述支付平台为所述终端用户创建账户。 优选地, 所述支付平台接收所述终端对所述第一特征信息是否为合法获取的验证 结果之前, 包括: 所述终端采集所述终端用户的生理特征信息; 所述终端根据所述生 理特征信息验证所述第一特征信息是否为合法获取; 所述终端向所述支付平台发送验 证结果。 优选地,在所述第一特征信息至少包括指纹特征数据时,所述生理特征信息包括: 心电图 ECG信号和 /或脉搏波信号。 为了达到上述目的, 根据本发明的再一个实施例, 还提供了一种互联网支付的实 现方法, 包括: 支付平台接收终端实时获取的终端用户的指定生物识别特征的第一特 征信息; 所述支付平台获取所述指定生物识别特征的第二特征信息, 其中, 该第二特 征信息与所述终端用户身份证件中存储的所述指定生物识别特征的特征信息采用了相
同的生成算法; 所述支付平台对所述第一特征信息和所述第二特征信息进行匹配; 在 匹配成功时, 所述支付平台执行与所述终端用户发起的支付请求对应的支付流程。 优选地,所述支付平台获取所述指定生物识别特征的第二特征信息包括以下之一: 所述支付平台从预先存储的第二特征信息中获取; 所述支付平台从指定认证中心中获 取所述第二特征信息。 优选地, 支付平台接收终端实时获取的终端用户的指定生物识别特征的第一特征 信息之前, 还包括: 所述终端存储所述终端用户的所述第一特征信息。 优选地,所述支付平台执行与所述终端用户发起的支付请求对应的支付流程之前, 还包括:所述支付平台接收所述终端对所述第一特征信息是否为合法获取的验证结果, 其中, 在验证结果指示为合法获取时, 所述支付平台执行所述支付流程。 优选地, 所述支付平台接收所述终端对所述第一特征信息是否为合法获取的验证 结果之前, 包括: 所述终端采集所述终端用户的生理特征信息; 所述终端根据所述生 理特征信息验证所述第一特征信息是否为合法获取; 所述终端向所述支付平台发送验 证结果。 优选地,在所述第一特征信息至少包括指纹特征数据时,所述生理特征信息包括: 心电图 ECG信号和 /或脉搏波信号。 为了达到上述目的, 根据本发明的再一个实施例, 还提供了一种互联网支付的注 册认证装置, 应用于终端中, 包括: 获取模块, 设置为实时获取终端用户在线支付时 指定生物识别特征的第一特征信息, 以及获取所述终端用户的身份证件中存储的所述 指定生物识别特征的第二特征信息; 匹配模块, 设置为比较所述第一特征信息和所述 第二特征信息; 通知模块, 设置为在所述第一特征信息和所述第二特征信息匹配成功 时, 通知支付平台为所述终端用户创建账户以完成注册。 优选地, 所述装置还包括: 验证模块, 设置为验证所述第一特征信息是否为合法 获取, 其中, 在验证通过时, 所述终端通知所述支付平台创建账户。 为了达到上述目的, 根据本发明的再一个实施例, 还提供了一种互联网支付的注 册认证装置, 应用于支付平台, 包括: 接收模块, 设置为接收终端实时获取的终端用 户在线支付时指定生物识别特征的第一特征信息; 匹配模块, 设置为从指定认证中心 中调用所述指定生物识别特征的第二特征信息与所述第一特征信息进行匹配, 其中, 所述第二特征信息与所述终端用户的身份证件中所存储所述指定生物识别特征的特征
信息采用了相同的生成算法; 注册模块, 设置为在匹配成功时, 为所述终端用户创建 账户以完成注册。 优选地, 所述接收模块, 还设置为接收所述终端对所述第一特征信息是否为合法 获取的验证结果, 其中, 在验证结果指示为合法获取时, 通知所述注册模块为所述终 端用户创建账户。 为了达到上述目的, 根据本发明的再一个实施例, 还提供了一种互联网支付的实 现装置, 应用于支付平台, 包括: 接收模块, 设置为接收终端实时获取的终端用户的 指定生物识别特征的第一特征信息; 获取模块, 设置为获取所述指定生物识别特征的 第二特征信息, 其中, 该第二特征信息与所述终端用户身份证件中存储的所述指定生 物识别特征的特征信息采用了相同的生成算法; 匹配模块, 设置为对所述第一特征信 息和所述第二特征信息进行匹配; 执行模块, 设置为在匹配成功时, 执行与所述终端 用户发起的支付请求对应的支付流程。 优选地, 所述接收模块, 还设置为接收所述终端对所述第一特征信息是否为合法 获取的验证结果, 其中, 在验证结果指示为合法获取时, 通知所述执行模块为执行所 述支付流程。 通过本发明, 采用对终端用户和身份证件进行一致性认证的技术手段, 解决了相 关技术中互联网支付过程中存在安全隐患等技术问题, 提高了互联网支付的安全性。 附图说明 此处所说明的附图用来提供对本发明的进一步理解, 构成本申请的一部分, 本发 明的示意性实施例及其说明用于解释本发明, 并不构成对本发明的不当限定。 在附图 中: 图 1为根据本发明实施例的互联网支付的注册认证方法的流程图; 图 2a为根据本发明实施例的互联网支付的注册认证装置的结构框图; 图 2b为根据本发明实施例的互联网支付的注册认证装置的另一结构框图; 图 3为根据本发明实施例的互联网支付的注册认证方法的另一流程图; 图 4为根据本发明实施例的互联网支付的注册认证装置的另一结构框图; 图 5为根据本发明实施例的互联网支付的实现方法的流程图;
图 6为根据本发明实施例的互联网支付的实现装置的结构框图; 图 7为根据本发明优选实施例的所述互联网支付系统的架构示意图。 具体实施方式 下文中将参考附图并结合实施例来详细说明本发明。 需要说明的是, 在不冲突的 情况下, 本申请中的实施例及实施例中的特征可以相互组合。 图 1为根据本发明实施例的互联网支付的注册认证方法的流程图。 如图 1所示, 该方法包括步骤 S102-S106: 步骤 S102, 终端实时获取终端用户在线支付时指定生物识别特征的第一特征信 息, 以及获取终端用户的身份证件中存储的指定生物识别特征的第二特征信息; 即针 对相同的生物识别特征, 获取实时采集得到的特征信息与身份证件 (如身份证, 但不 限于此) 中的特征信息, 以进行匹配。 步骤 S104, 终端比较上述第一特征信息和上述第二特征信息; 步骤 S106,在上述第一特征信息和上述第二特征信息匹配成功时,终端通知支付 平台为终端用户创建账户以完成注册。 通过上述处理步骤, 由于在终端用户在线支付时将实时采集的指定生物识别特征 的第一特征信息与身份证件中的第二特征信息进行了匹配认证, 因此, 增强了支付过 程的安全性。 优选地, 该指定生物识别特征可以为可以区别其它用户的任意生物特征或多个不 同生物特征的组合, 例如头部图像、 指纹图像中的至少之一, 此时步骤 S102中, 终 端获取第一特征信息可以表现为以下形式: 终端实时采集上述终端用户的以下至少之 一信息: 头部图像、 指纹图像; 提取上述头部图像和 /或上述指纹图像的特征数据, 得 到头部特征数据和 /或指纹特征数据,并将上述头部特征数据和 /或上述指纹特征数据作 为上述第一特征信息。 当然, 虹膜图像作为生物识别特征之一也可以应用到上述处理过程中, 只不过由 于目前还未作为身份证的识别特征, 因此, 可以优先选用头部图像和指纹图像。 考虑到终端用户的隐私保护要求, 例如终端用户不想在支付平台上保存身份证件 上的特征信息, 在终端通知支付平台为上述终端用户创建账户之前, 终端根据获取的
上述头部图像和 /或上述指纹图像生成第三特征信息, 其中, 上述第三特征信息与上述 第一特征信息的生成算法不同 (此时, 可以认为第二特征信息与第三特征信息是不同 的特征信息), 上述第一特征信息与上述第二特征信息的生成算法相同(此时, 可以认 为第一特征信息与第二特征信息是相同的特征信息);将上述第三特征信息上传至上述 支付平台。 在本实施例的一个优选实施方式中, 在上述第一特征信息包括上述指纹特征数据 和上述头像特征数据时, 终端优先比较上述第一特征信息中的指纹特征数据和上述第 二特征信息中的指纹特征数据, 在匹配后, 再比较上述第一特征信息中的头像特征数 据和上述第二特征信息中的头像特征数据。 在一个优选实施过程中, 如果上述第一特征信息中的指纹特征数据和上述第二特 征信息中的指纹特征数据不匹配, 则可以提示用户去营业厅办理。 在上述第一特征信 息中的头像特征数据和上述第二特征信息中的头像特征数据不匹配时, 终端将上述第 一特征信息所对应头部图像和上述第二特征信息所对应头部图像上传至上述支付平 台, 并提示人工进行图像匹配。 在一个优选实施过程中, 为了避免非法用户盗用别人的特征信息, 例如盗用或仿 造别人的指纹, 因此, 需要对上述第一特征信息是否为合法获取进行验证, 在验证通 过时, 终端通知支付平台创建账户。 可以通过以下处理过程实现上述目的: 终端采集 终端用户的生理特征信息; 终端根据上述生理特征信息验证上述第一特征信息是否为 合法获取。 在上述第一特征信息至少包括指纹特征数据时, 上述生理特征信息包括: 心电图 ECG信号和 /或脉搏波信号。 在本实施例中还提供一种互联网支付的注册认证装置, 应用于终端中, 用于实现 上述方法, 如图 2a所示, 该装置包括: 获取模块 20,设置为实时获取终端用户在线支付时指定生物识别特征的第一特征 信息,以及获取终端用户的身份证件中存储的上述指定生物识别特征的第二特征信息; 匹配模块 22, 连接至获取模块 20, 设置为比较上述第一特征信息和上述第二特 征信息; 通知模块 24, 连接至匹配模块 24, 设置为在上述第一特征信息和上述第二特征 信息匹配成功时, 通知支付平台为上述终端用户创建账户以完成注册。
需要说明的是,提供的各个模块是可以通过硬件或软件来实现的,例如对于前者, 可以采用以下方式实现:获取模块 20、匹配模块 22和通知模块 24位于同一处理器中; 或者获取模块 20、匹配模块 22和通知模块 24分别位于第一处理器、第二处理器和第 三处理器中。 在一个优选实施例中, 如图 2b所示, 上述装置还可以包括: 验证模块 26, 连接 至通知模块 24,设置为验证所述第一特征信息是否为合法获取,其中,在验证通过时, 所述终端通知所述支付平台创建账户 在本实施例中, 为了完善整个支付流程, 还在支付平台侧提供一种互联网支付的 注册认证方法, 如图 3所示, 该方法包括: 步骤 S302,支付平台接收终端实时获取的终端用户在线支付时指定生物识别特征 的第一特征信息; 步骤 S304,支付平台从指定认证中心中调用上述指定生物识别特征的第二特征信 息与上述第一特征信息进行匹配, 其中, 上述第二特征信息与终端用户的身份证件中 所存储上述指定生物识别特征的特征信息采用了相同的生成算法; 步骤 S306, 在匹配成功时, 支付平台为终端用户创建账户以完成注册。 通过上述各个处理步骤, 由于支付平台对实时采集的终端用户的特征信息与身份 证件中的特征信息进行了匹配认证, 因此, 同样可以提高支付过程的安全性。 在优选实施例中, 上述第一特征信息包括但不限于以下至少之一: 终端根据实时 获取的头部图像、 指纹图像生成的头部特征数据、 指纹特征数据。 步骤 S304中的匹配过程可以表现为以下形式: 在上述第一特征信息包括上述指 纹特征数据和上述头像特征数据时, 支付平台优先比较上述第一特征信息中的指纹特 征数据和上述第二特征信息中的指纹特征数据, 在匹配后, 再比较上述第一特征信息 中的头像特征数据和上述第二特征信息中的头像特征数据。 其中, 在上述第一特征信 息中的头像特征数据和上述第二特征信息中的头像特征数据不匹配时, 支付平台通知 上述终端将上述第一特征信息所对应头部图像和上述第二特征信息所对应头部图像上 传至上述支付平台进行人工图像匹配。 为了进一步保证支付过程的安全性, 在支付平台为终端用户创建账户以完成注册 之前, 支付平台接收终端对上述第一特征信息是否为合法获取的验证结果, 其中, 在 验证结果指示为合法获取时, 支付平台为终端用户创建账户。 其中, 终端可以通过以
下方式对上述第一特征信息进行验证: 终端采集所述终端用户的生理特征信息; 终端 根据生理特征信息验证上述第一特征信息是否为合法获取; 终端向支付平台发送验证 结果。 在上述第一特征信息至少包括指纹特征数据时, 上述生理特征信息包括: 心电图 (ECG) 信号和 /或脉搏波信号。 在本实施例中, 还一种互联网支付的注册认证装置, 应用于支付平台, 如图 4所 示, 该装置包括: 接收模块 40,设置为接收终端实时获取的终端用户在线支付时指定生物识别特征 的第一特征信息; 匹配模块 42, 连接至接收模块 40, 设置为从指定认证中心中调用上述指定生物 识别特征的第二特征信息与上述第一特征信息进行匹配, 其中, 上述第二特征信息与 上述终端用户的身份证件中所存储上述指定生物识别特征的特征信息采用了相同的生 成算法; 注册模块 44, 连接至匹配模块 42, 设置为在匹配成功时, 为上述终端用户创建 账户以完成注册。 在一个优选实施例中, 接收模块 40, 还设置为接收终端对上述第一特征信息是否 为合法获取的验证结果, 其中, 在验证结果指示为合法获取时, 通知注册模块 44为终 端用户创建账户。 在本实施例中, 为了完善整个支付流程, 还提供一种互联网支付的实现方法, 如 图 5所示, 包括: 步骤 S502,支付平台接收终端实时获取的终端用户的指定生物识别特征的第一特 征信息; 步骤 S504, 支付平台获取上述指定生物识别特征的第二特征信息, 其中, 该第二 特征信息与终端用户身份证件中存储的上述指定生物识别特征的特征信息采用了相冋 的生成算法; 步骤 S506, 支付平台对上述第一特征信息和上述第二特征信息进行匹配; 步骤 S508, 在匹配成功时, 在匹配成功时, 支付平台执行与终端用户发起的支付 请求对应的支付流程。
在一个优选实施过程中, 在步骤 S508之前, 支付平台还需要接收来自终端的支 付请求, 当然, 在终端发起支付请求之前, 还可以利用图 1 -4所示实施例先对终端用 户进行真实性认证。 步骤 S504中, 支付平台获取第二特征信息的方式有多种, 例如, 支付平台可以 从预先存储的第二特征信息中获取 (对于该实现方式, 在用户注册时, 终端可以根据 采集的终端用户的第二特征信息上传至支付平台进行存储);也可以从指定认证中心中 获取上述第二特征信息。 为了增强支付过程的安全性, 支付平台接收终端实时获取的终端用户的指定生物 识别特征的第一特征信息之前, 终端需要存储终端用户的上述第一特征信息, 这样, 便可以在支付后核实终端用户的有效性。 在一个优选实施例中, 为进一步提高支付过程的安全性, 支付平台执行与所述终 端用户发起的支付请求对应的支付流程之前, 还可以接收终端对上述第一特征信息是 否为合法获取的验证结果, 其中, 在验证结果指示为合法获取时, 支付平台执行上述 支付流程。 其中, 终端验证上述第一特征信息的过程如下: 终端采集终端用户的生理 特征信息; 终端根据该生理特征信息验证上述第一特征信息是否为合法获取; 终端向 支付平台发送验证结果。 在上述第一特征信息至少包括指纹特征数据时, 上述生理特 征信息包括: 心电图 (ECG ) 信号和 /或脉搏波信号。 本实施例还提供一种互联网支付的实现装置, 应用于支付平台, 如图 6所示, 该 装置包括: 接收模块 60,设置为接收终端实时获取的终端用户的指定生物识别特征的第一特 征信息; 获取模块 62, 连接至接收模块 60, 设置为获取上述指定生物识别特征的第二特 征信息, 其中, 该第二特征信息与上述终端用户身份证件中存储的上述指定生物识别 特征的特征信息采用了相同的生成算法; 匹配模块 64, 连接至获取模块 62, 设置为对上述第一特征信息和上述第二特征 信息进行匹配; 执行模块 66, 连接至匹配模块 64, 设置为在匹配成功时, 执行与所述终端用户 发起的支付请求对应的支付流程。
在一个优选实施例中, 接收模块 60, 还设置为接收终端对上述第一特征信息是否 为合法获取的验证结果, 其中, 在验证结果指示为合法获取时, 通知执行模块 66为执 行上述支付流程 以下结合优选实施例详细说明。 以下实施例的设计思想在于, 通过指纹识别和头 像匹配完成客户本人和身份证件的一致性认证, 其认证通过现场扫描指纹和头像与身 份证件存储的指纹和头像进行比对; 通过指纹识别和头像匹配完成大额支付时客户本 人的真实性认证, 其识别通过现场扫描指纹和头像与支付平台存储的指纹和头像进行 比对。 以下实施例可以基于图 7所示架构, 如图 7所示, 互联网支付系统包括: 近场通信, 又称为近距离无线通信 (Near Field Communication, 简称为 NFC)便 携终端 70, 支持无线保真 (Wireless Fidelity, 简称为 WiFi)、 长期演进 (Long-Term
Evolution, 简称为 LTE ) 等无线通信及近场通信 (NFC ), 该设备通过无线方式连接 支付平台。 NFC便携终端将运行支付应用客户端。
NFC便携终端 70内置 SAM安全模块插口, 可插入由国家公安部门授权生产的 SAM安全模块卡, 设置为 NFC便携终端读取二代居民身份证信息; SAM安全模块也 可以是授权发布的软件模块, 在指定的网站下载安装。 或者 NFC便携终端通过 USB 插口连接二代居民身份证阅读器。 同时, NFC便携终端内置指纹识别模块, 可以扫描 用户的指纹并通过安全模块生成相应的指纹特征数据。
NFC便携终端内置 ECG (心电图)传感器和反射式脉搏波光电传感器,其中 ECG 传感器通过手指采集心电信号, 反射式脉搏波光电传感器通过手指采集脉搏波信号。 使用 ECG传感器, 必须保证手指直接接触便携终端, 探测人体微弱生物电信号, 脉 搏波光电传感器通过收集手指反射的红外光, 根据反射红外光变化来探测血液流量变 化。 ECG信号和脉搏波信号都有正常的范围, 可参考医学指标, 如果 ECG信号和脉 搏波信号异常较大, 则表示检测的手指有异常, 这样可有效防止指纹仿造, 如使用指 纹膜等。
NFC便携终端内置摄像头, 分辨率不小于 30万像素 (VGA: 640 x 480)。 其中, NFC便携终端中运行有支付应用客户端, 是运行在 NFC便携终端设备上 的应用程序 (Web 应用或本地客户端应用), 由支付平台发布, 并为用户提供互联网 支付的相关操作等。
支付应用客户端读取二代居民身份信息, 以及对用户进行脸部拍摄, 完成图像处 理, 并进行图像匹配, 最后将客户信息及图像等数据上传到支付平台。 支付应用客户端扫描用户指纹, 并通过安全模块生成相应的指纹特征数据, 或采 用自有算法生成指纹特征数据, 并与二代居民身份的指纹信息进行匹配。 支付平台与支付应用客户端之间需进行双向认证, 具体认证方式此处不再赘述。 支付平台 72是平台提供商在消费者、 商家和银联系统 74之间建立的连接, 实现 从消费者到金融机构、 商家现金的在线货币支付、 现金流转、 资金清算、 查询统计等。 支付平台提供各种认证功能, 包括用户有效证件真实性审核、 大额支付认证等; 银联系统 74, 设置为为支付平台完成支付提供支撑。 基于图 7所示架构, 从以下两个实施例说明一下具体的支付流程。 实施例 1
1、 NFC便携终端作为支付终端, 需要进行初始化, 其初始化流程如下:
S000 如果是安装授权发布的软件安全模块, 用户需到指定网站下载软件安全模 块并完成安装, NFC便携终端安装的软件安全模块与相应的认证中心完成认证。 S010用户到支付平台门户下载支付应用客户端并完成安装,并完成与支付平台的 认证。
2、 身份认证流程: 创建用户时, 先需要对用户进行身份, 其流程如下:
S100用户启动支付应用客户端, 支付应用客户端完成与支付平台的双向认证。 S110用户选择创建用户, 支付应用客户端提示用户输入客户信息, 包括姓名、身 份证、住址、联系方式等信息;用户选择身份验证,支付应用客户端提示用户使用 NFC 便携终端读取身份信息, 提示扫描指纹及脸部拍摄 (不戴眼镜)。
S120支付应用客户端首先核对身份证号码: 用户输入的号码与 NFC便携终端读 取的身份号码是否匹配; 如果不匹配, 提示身份证输入错误请重新输入; 身份号码匹 配通过后再进行指纹匹配, 支付应用客户端通过安全模块生成扫描指纹图像的指纹特
征数据, 将 NFC便携终端扫描的指纹特征数据与 NFC便携终端读取的指纹数据进行 匹配, 在扫描指纹时, NFC便携终端同时通过 ECG传感器和反射式脉搏波光电传感 器监测用户的 ECG信号和脉搏波信号,如果不能同时检测到 ECG信号和脉搏波信号, 指纹匹配无效;最后进行脸部匹配,先对 NFC便携终端读取身份证的脸部图像进行放 大并获取特征数据, 再对拍摄的脸部图像进行裁剪后提取特征数据, 然后进行匹配。 如果指纹特征数据匹配, 而脸部特征数据高度相似 (相似度可设置, 比如 90%), 表 示由本人发出申请。 如果不匹配转步骤 S150。
S130 支付应用客户端利用扫描的指纹图像再次生成指纹特征数据 (新生成的指 纹特征数据与安全模块生成的指纹特征数据可能不同),并对脸部图像进行裁剪后再压 缩处理, 连同用户输入的客户信息、 NFC便携终端读取的身份信息上传到支付平台。
S140 支付平台根据客户信息创建账户, 并保存身份信息、 指纹特征数据和脸部 图像, 并将身份信息及银行卡号发给发卡银行进行验证, 验证成功后, 用户账户生效 并向支付应用客户端返回账户创建成功消息。
S150如果指纹不匹配, 提示指纹识别失败, 提示用户去营业厅办理; 如果指纹匹 配, 脸部不匹配, 支付应用客户端将客户信息、 脸部图像等数据上传到支付平台, 提 示人工进行图像匹配识别,如果人工审核匹配成功转步骤 S140。如果人工审核未通过, 支付平台向支付应用客户端返回账户创建失败消息, 提示用户去营业厅办理。
( 1 )、 脸部匹配的具体示例过程: 预处理: 二代身份证的头像是通过小波变换压缩存储的低质量图像, 每幅图像只 有 1 K字节, 大小是 102 X 126 ( 像素 ), 两眼中心距离大约为 25像素, 在进行 人脸检测前先放大处理, 而摄像头采集的图像将通过旋转与放缩使得两眼处于同一水 平线 , 且下颌点到两眼中心的距离为一个预先设定好的常数, 再裁剪为固定大小的图 像, 预处理完成后, 两幅图像的大小和像素接近。 去除眼镜: 大多数戴眼镜的人在进行二代身份证照片采集的时候都被要求戴上没 有镜片的镜框, 以防止反光,通过计算特定区域的边缘点数量来判断头像是否戴眼镜, 边缘点由 Sobel算法得到的边缘图中提取。 通过两个步骤去掉眼镜: 首先提取出眼镜 边缘形成的封闭区域, 接着根据提取的区域与重建的图像进行误差补偿, 采用多次迭 代 PCA(principal component analysis)重建方法对眼镜遮挡部分进行补偿。 人脸识别: 基于主成分分析的人脸多部件融合算法 (Multi-Model Part face recognition method based on Principal Component Analysis , 简称为 MMP-PCA):
先定位眼睛与下颌点, 接着定位鼻尖点。 根据这些关键点, 人脸被分为 5个部分: 裸 脸、 眼眉、 眼睛、 鼻子和嘴; 接着进行主成分分析 (PCA), 计算每个部件的特征值, 选择 d 个最大的特征值 ( 每个部件使用不同的 d, d为自然数), 计算得出对应的特 征向量, 于是可以分别得到特征脸、 特征眼眉、 特征眼、 特征鼻子、 特征嘴; 在计算 出二代证图像和视频图像的投影参数后, 计算它们之间的相似度, 最后采用各部件加 权平均的方法得到最终的相似度, 以适应不同的情况。 支付平台可保存认证成功的摄像头采集的图像, 可大大提高后续匹配的准确性, 如果系统认证失败后可提示人工再进行判断。
(2) 指纹匹配的具体示例过程: 读取指纹图象: 通过指纹识别模块读取到人体指纹的图象, 并对原始图象进行初 步的处理, 使之更清晰。 提取特征: 支付应用客户端通过安全模块生成指纹的数字表示——特征数据, 一 种单方向的转换, 可以从指纹图像转换成特征数据但不能从特征数据还原成指纹, 特 征数据唯一, 两枚不同的指纹不会产生相同的特征数据。 指纹匹配: 将扫描生成的指纹特征与二代身份证所存储的指纹特征进行比较, 计 算他们的匹配程度, 输出比对结果, 从而判断这二代身份证与具有这枚指纹的人是否 为同一人。
3、 大额支付流程: 大额支付时, 需要对用户进行身份认证并存留影像件, 其流程如下: S200用户启动支付应用客户端, 支付应用客户端完成与支付平台的双向认证。
S210用户选择支付,支付应用客户端提示用户输入支付金额,如果支付金额超过 预定的额度则为大额支付; 支付应用客户端提示进行身份验证, 支付应用客户端提示 扫描指纹及脸部拍摄 (不戴眼镜)。
S220 支付应用客户端利用扫描的指纹图像生成指纹特征数据, 并对脸部图像进 行裁剪后再压缩处理, 在扫描指纹时, NFC便携终端同时通过 ECG传感器和反射式 脉搏波光电传感器监测用户的 ECG信号和脉搏波信号,如果不能同时检测到 ECG信 号和脉搏波信号, 则提示用户指纹扫描无效;支付应用客户端将用户输入的金额信息、 生成的指纹特征数据和压缩脸部图像数据上传到支付平台。
S230支付平台先进行指纹匹配,将 NFC便携终端扫描的指纹特征数据与支付平 台存储的指纹特征数据进行匹配; 匹配成功后再进行脸部匹配, 对拍摄的脸部数据提 取特征数据, 与平台存储的脸部图像进行特征数据匹配。 如果指纹特征数据和脸部特 征数据都成功匹配, 表示支付由本人发出。 如果不匹配, 转步骤 S250。 S240支付平台向发卡银行发起转移支付请求,银行系统转移支付成功后,支付平 台向支付应用客户端返回支付转移成功消息。
S250如果指纹不匹配, 提示指纹识别失败, 提示用户去营业厅办理; 如果指纹匹 配, 脸部不匹配, 提示人工进行图像匹配识别, 如果人工审核匹配成功转步骤 S240, 如果人工审核未通过, 支付平台向支付应用客户端返回支付转移失败消息, 提示用户 去营业厅办理。 实施例 2 由于个人头像和指纹数据属于个人隐私数据, 有些用户希望支付平台不保存指纹 特征数据; 另外, 便携终端可能不支持 NFC, 没法读取二代身份证信息, 则采取如下 的方案: 支付平台初始化
S000支付平台与国家公安部门的身份系统连接,并能调用该系统发布的应用程序 接口完成个人的身份认证。
S010 便携终端在指定网站下载软件安全模块并完成安装, 便携终端安装的软件 安全模块与相应的认证中心完成认证, 用于完成指纹扫描生成指纹特征数据。 2、 身份认证流程: 创建用户时, 先需要对用户进行身份, 其流程如下:
S300用户启动支付应用客户端, 支付应用客户端完成与支付平台的双向认证。
S310用户选择创建用户, 支付应用客户端提示用户输入客户信息, 包括姓名、身 份证、 住址、 联系方式等信息; 用户选择身份验证, 支付应用客户端提提示扫描指纹 及脸部拍摄 (不戴眼镜)。
S320 支付应用客户端通过安全模块将扫描的指纹图像生成指纹特征数据, 并对 脸部图像进行裁剪后再压缩处理, 在扫描指纹时, NFC便携终端同时通过 ECG传感
器和反射式脉搏波光电传感器监测用户的 ECG信号和脉搏波信号, 如果不能同时检 测到 ECG信号和脉搏波信号, 则提示用户指纹扫描无效, 支付应用客户端处理完成 连同用户输入的客户信息上传到支付平台。
S330 支付平台调用国家身份系统的应用程序接口, 根据身份证号码获取个人身 份信息, 包括头像及指纹特征数据, 先进行指纹匹配, 将便携终端扫描的指纹特征数 据与支付平台调用获取的指纹特征数据进行匹配; 匹配成功后再进行脸部匹配, 对拍 摄的脸部图像与支付平台调用获取的脸部图像放大后提取特征数据进行匹配。 如果指 纹特征数据和脸部特征数据都成功匹配, 表示支付由本人发出。 如果不匹配, 转步骤 S350。 S340 支付平台根据客户信息创建账户, 并保存身份信息, 并将身份信息及银行 卡号发给发卡银行进行验证, 验证成功后, 用户账户生效并向支付应用客户端返回账 户创建成功消息。
S350如果指纹不匹配, 提示指纹识别失败, 提示用户去营业厅办理; 如果指纹匹 配, 脸部不匹配, 支付应用客户端将客户信息、 脸部图像等数据上传到支付平台, 提 示人工进行图像匹配识别,如果人工审核匹配成功转步骤 S340。如果人工审核未通过, 支付平台向支付应用客户端返回账户创建失败消息, 提示用户去营业厅办理。
3、 大额支付流程: 大额支付时, 需要对用户进行身份认证并存留影像件, 其流程如下:
S400用户启动支付应用客户端, 支付应用客户端完成与支付平台的双向认证。 S410用户选择支付,支付应用客户端提示用户输入支付金额,如果支付金额超过 预定的额度则为大额支付; 支付应用客户端提示进行身份验证, 支付应用客户端提示 扫描指纹及脸部拍摄 (不戴眼镜)。
S420 支付应用客户端通过安全模块将扫描的指纹图像生成指纹特征数据, 并对 脸部图像进行裁剪后再压缩处理, 在扫描指纹时, NFC便携终端同时通过 ECG传感 器和反射式脉搏波光电传感器监测用户的 ECG信号和脉搏波信号, 如果不能同时检 测到 ECG信号和脉搏波信号, 则提示用户指纹扫描无效; 支付应用客户端将用户输 入的金额信息、 生成的指纹特征数据和压缩脸部图像数据上传到支付平台。
S430 支付平台调用国家身份系统的应用程序接口, 根据身份证号码获取个人身 份信息, 包括头像及指纹特征数据, 先进行指纹匹配, 将便携终端扫描的指纹特征数
据与支付平台调用获取的指纹特征数据进行匹配; 匹配成功后再进行脸部匹配, 对拍 摄的脸部图像与支付平台调用获取的脸部图像放大后提取特征数据进行匹配。 如果指 纹特征数据和脸部特征数据都成功匹配, 表示支付由本人发出。 如果不匹配, 转步骤
S450。 S440支付平台向发卡银行发起转移支付请求,银行系统转移支付成功后,支付平 台向支付应用客户端返回支付转移成功消息。
S450如果指纹不匹配, 提示指纹识别失败, 提示用户去营业厅办理; 如果指纹匹 配, 脸部不匹配, 提示人工进行图像匹配识别, 如果人工审核匹配成功转步骤 S440, 如果人工审核未通过, 支付平台向支付应用客户端返回支付转移失败消息, 提示用户 去营业厅办理。 采用以上实施例提供的技术方案, 可以扩大网上支付创建用户的便利性, 只要便 携终端具有 NFC功能, 安装安全模块后, 就可以成为移动的认证终端, 可以实现在任 何地方如家里、 出差、 及办公室等完成网上开户的认证, 而不必本人跑到营业厅。 大 额支付的安全性方面, 需要有本人指纹的认证, 且有脸部头像识别, 会大大减少冒刷 卡的风险。 在另外一个实施例中, 还提供了一种软件, 该软件用于执行上述实施例及优选实 施方式中描述的技术方案。 在另外一个实施例中, 还提供了一种存储介质, 该存储介质中存储有上述软件, 该存储介质包括但不限于: 光盘、 软盘、 硬盘、 可擦写存储器等。 显然, 本领域的技术人员应该明白, 上述的本发明的各模块或各步骤可以用通用 的计算装置来实现, 它们可以集中在单个的计算装置上, 或者分布在多个计算装置所 组成的网络上, 可选地, 它们可以用计算装置可执行的程序代码来实现, 从而, 可以 将它们存储在存储装置中由计算装置来执行, 并且在某些情况下, 可以以不同于此处 的顺序执行所示出或描述的步骤, 或者将它们分别制作成各个集成电路模块, 或者将 它们中的多个模块或步骤制作成单个集成电路模块来实现。 这样, 本发明不限制于任 何特定的硬件和软件结合。 以上仅为本发明的优选实施例而已, 并不用于限制本发明, 对于本领域的技术人 员来说, 本发明可以有各种更改和变化。 凡在本发明的精神和原则之内, 所作的任何 修改、 等同替换、 改进等, 均应包含在本发明的保护范围之内。
工业实用性 本发明实施例提供的上述技术方案, 可以应用于互联网支付中, 解决了相关技术 中互联网支付过程中存在安全隐患等技术问题, 提高了互联网支付的安全性。
Claims
1. 一种互联网支付的注册认证方法, 包括: 终端实时获取终端用户在线支付时指定生物识别特征的第一特征信息, 以 及获取所述终端用户的身份证件中存储的所述指定生物识别特征的第二特征信 息; 所述终端比较所述第一特征信息和所述第二特征信息;
在所述第一特征信息和所述第二特征信息匹配成功时, 所述终端通知支付 平台为所述终端用户创建账户以完成注册。
2. 根据权利要求 1所述的方法, 其中, 终端实时获取终端用户在线支付时指定生 物识别特征的第一特征信息, 包括:
所述终端实时采集所述终端用户的以下至少之一信息: 头部图像、 指纹图 像;
提取所述头部图像和 /或所述指纹图像的特征数据, 得到头部特征数据和 / 或指纹特征数据,并将所述头部特征数据和 /或所述指纹特征数据作为所述第一 特征信息。
3. 根据权利要求 2所述的方法, 其中, 所述终端通知支付平台为所述终端用户创 建账户之前, 还包括: 所述终端根据获取的所述头部图像和 /或所述指纹图像生成第三特征信息, 其中, 所述第三特征信息与所述第一特征信息的生成算法不同, 所述第一特征 信息与所述第二特征信息的生成算法相同;
将所述第三特征信息上传至所述支付平台。
4. 根据权利要求 2所述的方法, 其中, 所述终端比较所述第一特征信息和所述第 二特征信息, 包括:
在所述第一特征信息包括所述指纹特征数据和所述头像特征数据时, 所述 终端优先比较所述第一特征信息中的指纹特征数据和所述第二特征信息中的指 纹特征数据, 在匹配后, 再比较所述第一特征信息中的头像特征数据和所述第 二特征信息中的头像特征数据。
5. 根据权利要求 4所述的方法, 其中, 在所述第一特征信息中的头像特征数据和 所述第二特征信息中的头像特征数据不匹配时, 还包括: 所述终端将所述第一特征信息所对应头部图像和所述第二特征信息所对应 头部图像上传至所述支付平台, 并提示人工进行图像匹配。
6. 根据权利要求 1所述的方法, 其中, 所述终端通知支付平台为所述终端用户创 建账户完成注册之前, 还包括:
所述终端验证所述第一特征信息是否为合法获取, 其中, 在验证通过时, 所述终端通知所述支付平台创建账户。
7. 根据权利要求 6所述的方法, 其中, 所述终端验证所述第一特征信息是否为合 法获取, 包括:
所述终端采集所述终端用户的生理特征信息;
所述终端根据所述生理特征信息验证所述第一特征信息是否为合法获取。
8. 根据权利要求 7所述的方法, 其中, 在所述第一特征信息至少包括指纹特征数 据时, 所述生理特征信息包括: 心电图 ECG信号和 /或脉搏波信号。
9. 一种互联网支付的注册认证方法, 包括: 支付平台接收终端实时获取的终端用户在线支付时指定生物识别特征的第 一特征信息;
所述支付平台从指定认证中心中调用所述指定生物识别特征的第二特征信 息与所述第一特征信息进行匹配, 其中, 所述第二特征信息与所述终端用户的 身份证件中所存储所述指定生物识别特征的特征信息采用了相同的生成算法; 在匹配成功时, 所述支付平台为所述终端用户创建账户以完成注册。
10. 根据权利要求 9所述的方法, 其中, 所述第一特征信息包括以下至少之一: 所述终端根据实时获取的头部图像、 指纹图像生成的头部特征数据、 指纹 特征数据。
11. 根据权利要求 10所述的方法,其中,所述支付平台从指定认证中心中调用所述 指定识别特征的第二特征信息与所述第一特征信息进行匹配, 包括: 在所述第一特征信息包括所述指纹特征数据和所述头像特征数据时, 所述 支付平台优先比较所述第一特征信息中的指纹特征数据和所述第二特征信息中
的指纹特征数据, 在匹配后, 再比较所述第一特征信息中的头像特征数据和所 述第二特征信息中的头像特征数据。
12. 根据权利要求 11所述的方法,其中,在所述第一特征信息中的头像特征数据和 所述第二特征信息中的头像特征数据不匹配时, 还包括:
所述支付平台通知所述终端将所述第一特征信息所对应头部图像和所述第 二特征信息所对应头部图像上传至所述支付平台进行人工图像匹配。
13. 根据权利要求 9所述的方法, 其中, 所述支付平台为所述终端用户创建账户以 完成注册之前, 还包括: 所述支付平台接收所述终端对所述第一特征信息是否为合法获取的验证结 果, 其中, 在验证结果指示为合法获取时, 所述支付平台为所述终端用户创建 账户。
14. 根据权利要求 13所述的方法,其中,所述支付平台接收所述终端对所述第一特 征信息是否为合法获取的验证结果之前, 包括:
所述终端采集所述终端用户的生理特征信息;
所述终端根据所述生理特征信息验证所述第一特征信息是否为合法获取; 所述终端向所述支付平台发送验证结果。
15. 根据权利要求 14所述的方法,其中,在所述第一特征信息至少包括指纹特征数 据时, 所述生理特征信息包括: 心电图 ECG信号和 /或脉搏波信号。
16. 一种互联网支付的实现方法, 包括: 支付平台接收终端实时获取的终端用户的指定生物识别特征的第一特征信 息;
所述支付平台获取所述指定生物识别特征的第二特征信息, 其中, 该第二 特征信息与所述终端用户身份证件中存储的所述指定生物识别特征的特征信息 采用了相同的生成算法;
所述支付平台对所述第一特征信息和所述第二特征信息进行匹配; 在匹配成功时, 所述支付平台执行与所述终端用户发起的支付请求对应的 支付流程。
17. 根据权利要求 16所述的方法,其中,所述支付平台获取所述指定生物识别特征 的第二特征信息包括以下之一: 所述支付平台从预先存储的第二特征信息中获取;
所述支付平台从指定认证中心中获取所述第二特征信息。
18. 根据权利要求 16所述的方法,其中,支付平台接收终端实时获取的终端用户的 指定生物识别特征的第一特征信息之前, 还包括:
所述终端存储所述终端用户的所述第一特征信息。
19. 根据权利要求 16所述的方法,其中,所述支付平台执行与所述终端用户发起的 支付请求对应的支付流程之前, 还包括:
所述支付平台接收所述终端对所述第一特征信息是否为合法获取的验证结 果, 其中, 在验证结果指示为合法获取时, 所述支付平台执行所述支付流程。
20. 根据权利要求 19所述的方法,其中,所述支付平台接收所述终端对所述第一特 征信息是否为合法获取的验证结果之前, 包括:
所述终端采集所述终端用户的生理特征信息;
所述终端根据所述生理特征信息验证所述第一特征信息是否为合法获取; 所述终端向所述支付平台发送验证结果。
21. 根据权利要求 20所述的方法,其中,在所述第一特征信息至少包括指纹特征数 据时, 所述生理特征信息包括: 心电图 ECG信号和 /或脉搏波信号。
22. 一种互联网支付的注册认证装置, 应用于终端中, 包括: 获取模块, 设置为实时获取终端用户在线支付时指定生物识别特征的第一 特征信息, 以及获取所述终端用户的身份证件中存储的所述指定生物识别特征 的第二特征信息;
匹配模块, 设置为比较所述第一特征信息和所述第二特征信息; 通知模块, 设置为在所述第一特征信息和所述第二特征信息匹配成功时, 通知支付平台为所述终端用户创建账户以完成注册。
23. 根据权利要求 22所述的装置, 其中, 还包括:
验证模块, 设置为验证所述第一特征信息是否为合法获取, 其中, 在验证 通过时, 所述终端通知所述支付平台创建账户。
24. 一种互联网支付的注册认证装置, 应用于支付平台, 包括: 接收模块, 设置为接收终端实时获取的终端用户在线支付时指定生物识别 特征的第一特征信息;
匹配模块, 设置为从指定认证中心中调用所述指定生物识别特征的第二特 征信息与所述第一特征信息进行匹配, 其中, 所述第二特征信息与所述终端用 户的身份证件中所存储所述指定生物识别特征的特征信息采用了相同的生成算 法;
注册模块, 设置为在匹配成功时, 为所述终端用户创建账户以完成注册。
25. 根据权利要求 24所述的装置, 其中, 所述接收模块, 还设置为接收所述终端对 所述第一特征信息是否为合法获取的验证结果, 其中, 在验证结果指示为合法 获取时, 通知所述注册模块为所述终端用户创建账户。
26. 一种互联网支付的实现装置, 应用于支付平台, 包括: 接收模块, 设置为接收终端实时获取的终端用户的指定生物识别特征的第 一特征信息;
获取模块, 设置为获取所述指定生物识别特征的第二特征信息, 其中, 该 第二特征信息与所述终端用户身份证件中存储的所述指定生物识别特征的特征 信息采用了相同的生成算法;
匹配模块, 设置为对所述第一特征信息和所述第二特征信息进行匹配; 执行模块, 设置为在匹配成功时, 执行与所述终端用户发起的支付请求对 应的支付流程。
27. 根据权利要求 26所述的装置, 其中, 所述接收模块, 还设置为接收所述终端对 所述第一特征信息是否为合法获取的验证结果, 其中, 在验证结果指示为合法 获取时, 通知所述执行模块为执行所述支付流程。
Applications Claiming Priority (2)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
CN201410261791.3 | 2014-06-12 | ||
CN201410261791.3A CN105279641A (zh) | 2014-06-12 | 2014-06-12 | 互联网支付的注册认证、实现方法及装置 |
Publications (1)
Publication Number | Publication Date |
---|---|
WO2015188434A1 true WO2015188434A1 (zh) | 2015-12-17 |
Family
ID=54832765
Family Applications (1)
Application Number | Title | Priority Date | Filing Date |
---|---|---|---|
PCT/CN2014/083923 WO2015188434A1 (zh) | 2014-06-12 | 2014-08-07 | 互联网支付的注册认证、实现方法及装置 |
Country Status (2)
Country | Link |
---|---|
CN (1) | CN105279641A (zh) |
WO (1) | WO2015188434A1 (zh) |
Families Citing this family (10)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
US10891617B2 (en) * | 2016-09-30 | 2021-01-12 | Mastercard International Incorporated | Systems and methods for biometric identity authentication |
CN106447340A (zh) * | 2016-11-30 | 2017-02-22 | 桂林市逸仙中学 | 一种基于虹膜技术的学校学生账户系统 |
CN106408305A (zh) * | 2016-11-30 | 2017-02-15 | 桂林市逸仙中学 | 一种基于人脸识别的学校学生账户系统 |
CN106373059A (zh) * | 2016-11-30 | 2017-02-01 | 桂林市逸仙中学 | 一种基于指纹识别的学校学生账户系统 |
CN107038569B (zh) | 2016-12-05 | 2021-05-25 | 创新先进技术有限公司 | 信息交互方法及装置 |
CN108804884B (zh) * | 2017-05-02 | 2020-08-07 | 北京旷视科技有限公司 | 身份认证的方法、装置及计算机存储介质 |
CN108401458A (zh) * | 2017-12-12 | 2018-08-14 | 福建联迪商用设备有限公司 | 一种基于人脸和心电图的支付认证方法及终端 |
CN109145875B (zh) * | 2018-09-28 | 2021-04-20 | 深圳市一心视觉科技有限公司 | 一种人脸图像中的黑框眼镜去除方法及装置 |
CN110334546B (zh) * | 2019-07-08 | 2021-11-23 | 辽宁工业大学 | 基于主成分分析优化的差分隐私高维数据发布保护方法 |
CN111611571A (zh) * | 2020-06-01 | 2020-09-01 | 支付宝(杭州)信息技术有限公司 | 一种实名认证方法及装置 |
Citations (5)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
US20020145050A1 (en) * | 2001-02-07 | 2002-10-10 | Jayaratne Yohan R. | Security in mag-stripe card transactions |
CN101261709A (zh) * | 2008-04-21 | 2008-09-10 | 中兴通讯股份有限公司 | 使用支持eNFC功能移动终端的在线支付方法及系统 |
CN103150553A (zh) * | 2013-02-06 | 2013-06-12 | 北京中科虹霸科技有限公司 | 实现多模态身份特征识别的移动终端以及方法 |
CN203204630U (zh) * | 2013-04-25 | 2013-09-18 | 深圳市雄帝科技股份有限公司 | 基于射频身份认证卡证的usbkey认证装置 |
CN103825744A (zh) * | 2014-03-13 | 2014-05-28 | 上海市数字证书认证中心有限公司 | 非现场个人数字证书申请方法及系统 |
Family Cites Families (4)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
MX2010002874A (es) * | 2007-09-14 | 2010-08-04 | Steven D Cabouli | Cartera inteligente. |
CN101901517A (zh) * | 2009-05-27 | 2010-12-01 | 上海点佰趣信息科技有限公司 | 指纹支付认证服务端、及指纹支付方法与系统 |
CN102195778A (zh) * | 2010-03-16 | 2011-09-21 | 无锡指网生物识别科技有限公司 | 互联网电子支付指纹认证方法 |
CN103761647A (zh) * | 2014-01-24 | 2014-04-30 | 金硕澳门离岸商业服务有限公司 | 电子支付系统及电子支付方法 |
-
2014
- 2014-06-12 CN CN201410261791.3A patent/CN105279641A/zh not_active Withdrawn
- 2014-08-07 WO PCT/CN2014/083923 patent/WO2015188434A1/zh active Application Filing
Patent Citations (5)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
US20020145050A1 (en) * | 2001-02-07 | 2002-10-10 | Jayaratne Yohan R. | Security in mag-stripe card transactions |
CN101261709A (zh) * | 2008-04-21 | 2008-09-10 | 中兴通讯股份有限公司 | 使用支持eNFC功能移动终端的在线支付方法及系统 |
CN103150553A (zh) * | 2013-02-06 | 2013-06-12 | 北京中科虹霸科技有限公司 | 实现多模态身份特征识别的移动终端以及方法 |
CN203204630U (zh) * | 2013-04-25 | 2013-09-18 | 深圳市雄帝科技股份有限公司 | 基于射频身份认证卡证的usbkey认证装置 |
CN103825744A (zh) * | 2014-03-13 | 2014-05-28 | 上海市数字证书认证中心有限公司 | 非现场个人数字证书申请方法及系统 |
Also Published As
Publication number | Publication date |
---|---|
CN105279641A (zh) | 2016-01-27 |
Similar Documents
Publication | Publication Date | Title |
---|---|---|
WO2015188434A1 (zh) | 互联网支付的注册认证、实现方法及装置 | |
AU2017361132B2 (en) | "identifying an entity" | |
US11023757B2 (en) | Method and apparatus with liveness verification | |
CN107292150B (zh) | 保全信息处理中用户身份确认方法和装置 | |
WO2018094584A1 (zh) | 基于生物特征识别的支付及身份认证系统 | |
US20200034807A1 (en) | Method and system for securing transactions in a point of sale | |
CN105989263A (zh) | 身份认证方法、开户方法、装置及系统 | |
JP2002251380A (ja) | 利用者照合システム | |
CN109426963B (zh) | 认证生物统计请求的生物统计系统 | |
CN103310339A (zh) | 身份识别装置和方法以及支付系统和方法 | |
KR102112682B1 (ko) | 보상보험에 의한 디지털 가상화폐를 생체인증신호와 연동시켜 전송하는 디지털 가상화폐의 거래방법 | |
JP2020525964A (ja) | 店内支払い許可のための顔バイオメトリクスカードエミュレーション | |
US20190065874A1 (en) | System and method of authentication using image of a user | |
CN107886330A (zh) | 结算方法、装置及系统 | |
KR20180017317A (ko) | 홍채 또는/및 얼굴 인식을 이용한 전자 결제 시스템 및 그 방법 | |
KR20200070986A (ko) | 디지털 가상화폐를 생체인증신호와 매칭시켜 발행되는 디지털 가상화폐 및 그 거래방법 | |
CN112396004A (zh) | 用于人脸识别的方法、装置和计算机可读存储介质 | |
WO2021025627A1 (en) | A transaction processing system and a transaction method based on facial recognition | |
JP2019028660A (ja) | 本人情報登録システム、及び本人情報登録方法 | |
KR20220136963A (ko) | 보안성이 우수한 비대면 본인인증 시스템 및 그 방법 | |
KR102024372B1 (ko) | 디지털 가상화폐를 생체인증신호와 연동시켜 전송하는 디지털 가상화폐의 거래방법 | |
KR101334744B1 (ko) | 무인대출 처리방법 | |
JP6318293B1 (ja) | カードが必要ない生体情報を利用した金融決済システム及びそれを利用した金融決済方法 | |
JP7495973B2 (ja) | 安全な支払いの方法およびシステム | |
WO2020232889A1 (zh) | 支票取现方法、装置、设备及计算机可读存储介质 |
Legal Events
Date | Code | Title | Description |
---|---|---|---|
121 | Ep: the epo has been informed by wipo that ep was designated in this application |
Ref document number: 14894414 Country of ref document: EP Kind code of ref document: A1 |
|
NENP | Non-entry into the national phase |
Ref country code: DE |
|
122 | Ep: pct application non-entry in european phase |
Ref document number: 14894414 Country of ref document: EP Kind code of ref document: A1 |