WO2017012069A1 - 网上交易方法、装置和系统 - Google Patents
网上交易方法、装置和系统 Download PDFInfo
- Publication number
- WO2017012069A1 WO2017012069A1 PCT/CN2015/084667 CN2015084667W WO2017012069A1 WO 2017012069 A1 WO2017012069 A1 WO 2017012069A1 CN 2015084667 W CN2015084667 W CN 2015084667W WO 2017012069 A1 WO2017012069 A1 WO 2017012069A1
- Authority
- WO
- WIPO (PCT)
- Prior art keywords
- bank server
- server
- data
- client
- bank
- Prior art date
Links
Classifications
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06Q—INFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES, NOT OTHERWISE PROVIDED FOR
- G06Q20/00—Payment architectures, schemes or protocols
- G06Q20/22—Payment schemes or models
Definitions
- the present invention relates to the field of Internet technologies, and in particular, to an online transaction method, apparatus, and system.
- online trading methods mainly use third-party payment platforms.
- the buyer transfers the transaction funds to the third-party payment platform.
- the third-party payment platform also stores the relevant information in the transaction.
- the third-party payment platform transfers the transaction funds to the seller, and the transaction is completed. .
- the user is exposed to the risk of capital risks, and the transaction funds and transaction information have the risk of being stolen in the third-party payment platform information, and the security is not high. It can be seen that an improved transaction method is needed at this stage to reduce the risk of capital risks and improve the security of transaction information.
- the technical problem to be solved by the present invention is to provide an online transaction method, apparatus and system to reduce capital risk and improve transaction security.
- an online transaction method comprising the steps of:
- the client generates order information according to the goods subscribed by the buyer, and sends the order information to the commodity server; [0008] The client sends a request for a silver credit card to the first bank server according to the order information;
- the first bank server After receiving the request for the bank letter certificate, the first bank server generates a bank letter to be valid;
- the first bank server obtains the buyer's payment verification information from the client and performs verification
- the second bank server updates the status of the silver letter certificate to the received certificate, and sends the received certificate notification to the commodity server;
- the client sends the received delivery notification to the first bank server;
- the first bank server transfers the funds frozen by the buyer account to the seller account of the second bank server.
- an online transaction method for a client, the method comprising the following steps:
- the receipt notification is sent to the first bank server.
- an online transaction method for use in a first banking server
- the method includes the following steps:
- an online transaction apparatus for a client, the apparatus comprising the following modules:
- an order sending module configured to generate order information according to the goods ordered by the buyer, and send the goods to the goods service Device
- the verification request module is configured to send a silver credit certificate request to the first bank server according to the order information;
- the verification information sending module is configured to receive the payment verification request sent by the first bank server , feeding back to the first bank server the payment verification information input by the buyer;
- the goods receipt notification module is configured to send the received goods notification to the first bank server after the buyer confirms the goods receipt.
- an online transaction apparatus for use in a first banking server
- the device includes the following modules:
- the first receiving module is configured to receive a silver credit certificate request sent by the client, and a received delivery notification sent by the client;
- the silver credit generation module is configured to generate a silver credit certificate to be valid after receiving the silver credit certificate request sent by the client;
- the verification module is configured to obtain the payment verification information of the buyer from the client according to the silver certificate to be validated, and perform verification;
- the freezing module is configured to, if the verification is passed, freeze the funds corresponding to the order amount in the buyer account, update the status of the silver credit card to have been validated, and send it to the second bank server;
- the payment module is configured to, after receiving the received delivery notification sent by the client, transfer the funds frozen by the buyer account to the seller account of the second bank server.
- an online transaction system comprising: a commodity server for receiving order information, further comprising a client, a first bank server, and a second bank server, wherein: [0037] a customer End, set to generate order information according to the goods subscribed by the buyer, and send to the commodity server; send a silver letter certificate request to the first bank server according to the order information; also set to the first bank server after the buyer confirms the receipt Send a receipt notification.
- the first bank server is configured to generate a bank letter to be valid after receiving the request for the bank letter certificate; obtain the buyer's payment verification information from the client and perform verification, and if the verification is passed, freeze the buyer account The funds corresponding to the order amount, and the status of the bank letter is updated to be valid, and sent to the second bank server; after receiving the received goods notification sent by the client, the funds frozen by the buyer account are transferred to the second bank server. In the seller's account.
- the second bank server is configured to, after receiving the valid silver certificate, update the status of the bank certificate to the received certificate, and send the received certificate notification to the commodity server.
- the online transaction method, device and system of the present invention send a request for a certificate to the first bank server (the buyer's bank), and send the received goods to the first bank server (the buyer's bank).
- the transaction is completed in the interaction between the buyer and the seller and their bank, and the transaction funds and transaction information in the transaction process are not transferred to the third-party payment platform, and the transaction status is monitored by generating the silver letter certificate, so that the funds are made.
- There is no deviation between the liquidity and the actual transaction so that the effective flow of funds to deliver the goods in one hand can effectively reduce the risk of funds and improve the security of transactions.
- FIG. 1 is a flowchart of an online transaction method according to an embodiment of the present invention.
- FIG. 2 is a flow chart of information interaction of an online transaction method according to an embodiment of the present invention.
- FIG. 3 is a flowchart of a data transmission method according to an embodiment of the present invention.
- FIG. 4 is a flowchart of an online transaction method applied to a client according to an embodiment of the present invention.
- FIG. 5 is a flowchart of an online transaction method applied to a first bank server according to an embodiment of the present invention.
- FIG. 6 is a system structural diagram of an online transaction system according to an embodiment of the present invention.
- FIG. 7 is a block diagram of a network transaction system according to an embodiment of the present invention.
- an online transaction method provided by an embodiment of the present invention includes the following steps: [0051] S101.
- a client generates order information according to a product subscribed by a buyer, and sends the order information to the commodity server.
- the seller pre-stores the product information in the product server, and the buyer communicates with the product server through the client, acquires the product information from the product server, and selects the product to be purchased.
- the client generates order information based on the item information selected by the buyer, and submits the order information to the product server.
- the product package Includes tangible physical products and intangible services.
- Product information includes information such as the price and parameters of the product.
- the commodity server may be a commercial computer server or a computer server set up by the seller himself.
- the client is a communication terminal operated by the buyer, including but not limited to a terminal device such as a mobile phone, a tablet device, or a computer.
- S102 Send a silver credit certificate request to the first bank server according to the order information.
- the client first bank server (to the server where the buyer's bank is located) sends a silver certificate certificate request, and the bank letter is an electronic certificate paid by the bank credit commitment, which can be understood as an electronic data.
- the first bank server After receiving the request for the bank certificate, the first bank server generates a bank letter Z1 to be valid according to the request information of the bank letter certificate.
- step S104 Acquire payment verification information of the buyer to the client and perform verification. If the verification is passed, execute step S105, otherwise, the process ends.
- the first bank server generates payment verification information according to the silver credit card to be in a valid state, and sends the payment verification information to the client, and the client receives the payment verification information input by the buyer, and submits the first to the first
- the bank server verifies.
- the payment verification information may be a payment page, and the buyer inputs information such as verification information and payment amount on the payment page on the client.
- the verification information includes at least a bank account and a password, and may further include information such as a verification code, an expiration date, and the like.
- S105 Freeze the funds corresponding to the order amount in the buyer account, update the status of the bank letter to be valid, and send it to the second bank server.
- the funds corresponding to the order amount in the buyer's bank account are frozen according to the bank letter Z1, and the bank letter Z1 to be validated is updated to the valid bank letter Z2, and will be effective.
- the silver letter Z2 is sent to the second bank server.
- the second bank server updates the status of the received silver letter certificate to the received certificate, and sends the received certificate notification to the product server.
- the second bank server updates the status to the received status. And the sent notification is sent to the commodity server, and the commodity server notifies the seller of the delivery after receiving the notification of the receipt. [0063] S107. After the buyer confirms the receipt, the client sends the received delivery notification to the first bank server.
- the client After receiving the receipt confirmation input by the buyer, the client sends the receipt notification to the first banking service, thereby notifying the first bank server to make a payment.
- the first bank server transfers the funds frozen by the buyer account to the seller account of the second bank server.
- the second bank server transfers the frozen funds in the buyer's bank account to the seller's bank account. Thereby the transaction is completed.
- the method further includes: if the first bank server does not receive the received goods notification sent by the client within the preset time zone, After setting up the room, the funds frozen by the buyer account are transferred to the seller account of the second bank server.
- the transaction funds and transaction information in the transaction process are not transferred to the third-party payment platform, and the transaction status is monitored through the generation of the silver credit card, so that the funds flow in the daytime. There is no deviation from the actual transaction, so that the effective flow of funds to deliver the goods in one hand can effectively reduce the risk of funds and improve the security of transaction information.
- the client, the commodity server, the first bank server, and the second bank server use the digital envelope to secure the communication data after data transmission and data reception. transmission. Thereby further improving the security of data transmission and ensuring the security of transactions.
- a method for securely transmitting communication data by using digital envelope technology includes the following steps.
- Step S301 The data sender generates a symmetric key, and the communication data is encrypted by using a symmetric key to form a first ciphertext.
- the data sender randomly generates a symmetric key every time the data is sent, thereby achieving the effect of dynamic anti-counterfeiting.
- the data sender After encrypting the communication data, the data sender preferably encrypts the communication data by the AES algorithm using the symmetric key to form the first ciphertext.
- Step S302 The data sender encrypts the symmetric key by using the public key of the data receiver to form a second ciphertext.
- Step S103 After the data sender signs the first ciphertext and the second ciphertext respectively by using the private key of the user, Send to the data receiver.
- Step S304 After receiving the first ciphertext and the second ciphertext, the data receiver verifies the signatures of the first ciphertext and the second ciphertext by using the public key of the data sender.
- Step S305 After the verification is passed, the data receiver decrypts the second ciphertext by using its own private key to obtain a symmetric key.
- Step S106 The data receiver decrypts the first ciphertext by using a symmetric key to obtain communication data.
- the signing step in step S303 and the verifying sign step in step S304 may also be omitted.
- a dual-track verification technique is employed. Specifically, in the data transmission process, the monitoring system collects the data sent by the data sender and the data received by the data receiver, and checks the consistency of the sent data and the received data, and the collected data to be collected. Compare with the received data to determine whether the two are consistent. Thereby determining whether the data has been tampered with during the communication process.
- a two-network combination technique is employed. That is, the client, the first bank server, the second bank server, and the commodity server communicate through the public network, and the monitoring system communicates with the first bank server and the second bank server respectively through a dedicated line. Thereby further ensuring the security of the transaction.
- an online transaction method provided by an embodiment of the present invention is applied to a client, and the method includes the following steps:
- S401 Generate order information according to the goods reserved by the buyer, and send the order information to the commodity server.
- the client acquires the item information from the product server, generates order information based on the item subscribed by the buyer, and transmits the order information to the item server.
- S402. Send a silver credit certificate request to the first bank server according to the order information.
- Embodiment 3 As shown in FIG. 5, an online transaction method provided by an embodiment of the present invention is applied to a first bank server.
- the method includes the following steps:
- step S502. Acquire payment verification information of the buyer to the client and perform verification. If the verification is passed, step S503 is performed, otherwise the process ends.
- an online transaction system provided by an embodiment of the present invention includes a client 10, a first bank server 20, a second bank server 30, and a commodity server 40.
- the client 10 is configured to acquire the product information from the product server 40, generate order information according to the product subscribed by the buyer, and send the order information to the commodity server 40; and send a silver credit card certification request to the first bank server 20 according to the order information; It is also used to send a receipt notification to the first bank server 20.
- the online transaction device applied to the client 10 includes the following modules:
- the order sending module 101 is set to generate order information according to the goods ordered by the buyer, and sent to the commodity server 40;
- the certificate requesting module 102 is configured to send a silver credit certificate request to the first bank server 20 according to the order information;
- the verification information sending module 103 is configured to, after receiving the payment verification information sent by the first bank server 20, feed back the payment verification information input by the buyer to the first bank server 20;
- the received goods notification module 104 is configured to send the received goods notification to the first bank server 20 after the buyer confirms the receipt.
- the first bank server 20 is configured to: after receiving the request for the bank credit certificate, generate a bank letter to be valid; obtain the buyer's payment verification information from the client 10 and perform verification, if the verification is passed, freeze the buyer The funds corresponding to the order amount in the account, and the status of the bank letter is updated to be valid, sent to the second bank server 30; after receiving the received goods notification sent by the client, the funds frozen by the buyer account are transferred Go to the seller account of the second bank server 30.
- the online transaction device applied to the first bank server 20 includes the following modules: [0104]
- the first receiving module 201 is configured to receive a silver credit certificate request sent by the client 10, and Client 1
- the silver credit generation module 202 is configured to generate a silver credit certificate to be valid after receiving the silver credit certificate request sent by the client 10;
- the verification module 203 is configured to obtain the payment verification information of the buyer from the client 10 according to the silver certificate to be validated, and perform verification;
- the freezing module 204 is set to freeze the funds corresponding to the order amount in the buyer account if the verification is passed, update the status of the silver credit card to have been valid, and send it to the second bank server 30;
- the payment module 205 is configured to, after receiving the received notification sent by the client 10, transfer the funds frozen by the buyer account to the seller account of the second bank server 30.
- the payment module 205 is further configured to: if the first bank server does not receive the received delivery notification sent by the client within the preset time, After the preset time is exceeded, the funds frozen by the buyer account are transferred to the seller account of the second bank server.
- the second bank server 30 is configured to update the status of the silver credit to the received certificate after receiving the valid silver certificate, and send the received notification to the commodity server 40.
- the online transaction device applied to the second bank server 30 includes the following modules:
- the second receiving module 301 is configured to receive the valid silver certificate and update the status of the silver certificate to the received certificate.
- the received notification 302 is set to send the received notification to the commodity server 40.
- the commodity server 40 is configured to receive the order information sent by the client 10; after receiving the received notification sent by the second banking server 30, notify the seller of the shipment.
- the online transaction device applied to the commodity server 40 includes the following modules:
- the third receiving module 401 is configured to receive the order information sent by the client 10 and the received notification sent by the second banking server 30.
- the delivery notification module 402 is configured to notify the seller of the shipment after receiving the received notification sent by the second bank server 30.
- the monitoring server 50 is configured to collect data sent by the data sender and data received by the data receiver during the data transmission process, and verify the consistency of the transmitted data and the received data. Wherein, when the client 10, the first bank server 20, the second bank server 30, or the commodity server 40 is transmitting data as a data sender, when the client 10, the first bank server 20, the second bank server 30, or the commodity server 40 is the data receiver after receiving the data.
- the seller pre-stores the product information in the product server 40, and the buyer communicates with the product server 40 via the client 10, acquires the product information from the product server 40, and selects the product to be purchased.
- the client 10 generates order information based on the item selected by the buyer, and submits the order information to the item server 40.
- commodities include tangible physical products and intangible services.
- Product information includes information such as the price and parameters of the product.
- the merchandise server 40 may be a commercial computer server or a computer server built by the seller himself.
- the client 10 is a communication terminal operated by the buyer, including but not limited to a terminal device such as a mobile phone, a tablet device, or a computer.
- the first bank server 20 refers to the bank server where the buyer's bank account is located
- the second bank server 30 refers to the bank server where the seller's bank account is located
- the first bank server 20 and the second bank server 30 may be servers of the same bank. (ie, the buyer and the seller's Seto Bank are the same), or it may be the server of a different bank (ie, the buyer and the seller's Seto Bank are different).
- a bank letter is an electronic certificate that a bank credit promises to pay. It can be understood as an electronic data that can be stored in a computer system and transmitted over a network.
- monitoring server 50 is a dual-track verification mechanism that prevents data from being tampered with during communication, and in some embodiments, may be omitted.
- the transaction funds and transaction information in the transaction process are not transferred to the third-party payment platform, and the transaction status is monitored through the generation of the silver credit card, so that the funds flow and There is no deviation between the actual transactions, so that the effective flow of funds to deliver the goods in one hand and the next hand is effective, reducing the risk of funds and improving the security of transaction information.
- the client 10 in order to prevent transaction information from being stolen, when the client 10, the first bank server 20, the second bank server 30, and the commodity server 40 are further set to: after data transmission and data reception, Digital envelope technology securely transmits communication data. Thereby further improving the security of data transmission and ensuring the security of transactions.
- the sending party is further configured to: generate a symmetric key, encrypt the communication data by using a symmetric key to form a first ciphertext; encrypt the symmetric key by using a public key of the data receiver to form a second ciphertext; The private key respectively signs the first ciphertext and the second ciphertext and sends them to the data receiver.
- the data sender randomly generates a symmetric key each time the data is transmitted, thereby achieving the effect of dynamic anti-counterfeiting.
- the data sender After encrypting the communication data, the data sender preferably encrypts the communication data with the AES algorithm using the symmetric key to form the first ciphertext.
- the client 10 When the client 10, the first bank server 20, the second bank server 30, and the commodity server 40 are used as data senders, they are also set to:
- the data sender may not sign the first ciphertext and the second ciphertext, and the corresponding data receiver does not need to perform signature verification on the first ciphertext and the second ciphertext.
- the present embodiment in order to balance the convenience of communication and ensure data security, also employs a two-network combination technique. That is, the client 10, the first bank server 20, the second bank server 30, and the commodity server 40 communicate via a public network, and the monitoring server 50 communicates with the first bank server 20 and the second bank server 30 via a dedicated line, respectively.
- the online transaction method, device and system of the present invention send a request for a certificate to the first bank server (the buyer's bank), and send the received goods to the first bank server (the buyer's bank).
- the transaction is completed in the interaction between the buyer and the seller and their bank, and the transaction funds and transaction information in the transaction process are not transferred to the third-party payment platform, and the transaction status is monitored by generating the silver letter certificate, so that the funds are made.
- There is no deviation between the liquidity and the actual transaction so that the effective flow of funds to deliver the goods in one hand can effectively reduce the risk of funds and improve the security of transactions.
- the use of digital envelopes and dynamic anti-counterfeiting technology for secure transmission of communication data can ensure the security of communication data; the use of dual-track verification can prevent data from being tampered with; the use of two networks can balance the convenience and security of communication.
- the use of digital envelopes and dynamic anti-counterfeiting technology for secure transmission of communication data can ensure the security of communication data; the use of dual-track verification can prevent data from being tampered with; the use of two networks can balance the convenience and security of communication.
Landscapes
- Business, Economics & Management (AREA)
- Accounting & Taxation (AREA)
- Strategic Management (AREA)
- Physics & Mathematics (AREA)
- General Business, Economics & Management (AREA)
- General Physics & Mathematics (AREA)
- Engineering & Computer Science (AREA)
- Theoretical Computer Science (AREA)
- Financial Or Insurance-Related Operations Such As Payment And Settlement (AREA)
Abstract
Description
Claims
Priority Applications (2)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
CA2993110A CA2993110C (en) | 2015-07-21 | 2015-07-21 | Online transaction method, device and system |
PCT/CN2015/084667 WO2017012069A1 (zh) | 2015-07-21 | 2015-07-21 | 网上交易方法、装置和系统 |
Applications Claiming Priority (1)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
PCT/CN2015/084667 WO2017012069A1 (zh) | 2015-07-21 | 2015-07-21 | 网上交易方法、装置和系统 |
Publications (1)
Publication Number | Publication Date |
---|---|
WO2017012069A1 true WO2017012069A1 (zh) | 2017-01-26 |
Family
ID=57833741
Family Applications (1)
Application Number | Title | Priority Date | Filing Date |
---|---|---|---|
PCT/CN2015/084667 WO2017012069A1 (zh) | 2015-07-21 | 2015-07-21 | 网上交易方法、装置和系统 |
Country Status (2)
Country | Link |
---|---|
CA (1) | CA2993110C (zh) |
WO (1) | WO2017012069A1 (zh) |
Families Citing this family (1)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN114331765A (zh) * | 2022-03-03 | 2022-04-12 | 北京焦点新干线信息技术有限公司 | 一种线上交易方法及系统 |
Citations (4)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN1845164A (zh) * | 2006-04-30 | 2006-10-11 | 西安电子科技大学 | 无需第三方的公平安全电子交易方法 |
JP2012174075A (ja) * | 2011-02-23 | 2012-09-10 | Dainippon Printing Co Ltd | 自動構築システム、自動構築サーバ、およびプログラム |
CN103827903A (zh) * | 2013-03-18 | 2014-05-28 | 深圳市银信网银科技有限公司 | 一种利用网络支付的方法及系统 |
CN103827902A (zh) * | 2013-03-18 | 2014-05-28 | 深圳市银信网银科技有限公司 | 一种网络支付的方法及系统 |
-
2015
- 2015-07-21 WO PCT/CN2015/084667 patent/WO2017012069A1/zh active Application Filing
- 2015-07-21 CA CA2993110A patent/CA2993110C/en active Active
Patent Citations (4)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN1845164A (zh) * | 2006-04-30 | 2006-10-11 | 西安电子科技大学 | 无需第三方的公平安全电子交易方法 |
JP2012174075A (ja) * | 2011-02-23 | 2012-09-10 | Dainippon Printing Co Ltd | 自動構築システム、自動構築サーバ、およびプログラム |
CN103827903A (zh) * | 2013-03-18 | 2014-05-28 | 深圳市银信网银科技有限公司 | 一种利用网络支付的方法及系统 |
CN103827902A (zh) * | 2013-03-18 | 2014-05-28 | 深圳市银信网银科技有限公司 | 一种网络支付的方法及系统 |
Also Published As
Publication number | Publication date |
---|---|
CA2993110C (en) | 2023-01-10 |
CA2993110A1 (en) | 2017-01-26 |
Similar Documents
Publication | Publication Date | Title |
---|---|---|
EP3540671B1 (en) | Systems and methods for software based encryption | |
EP1984890A2 (en) | A point-of-sale terminal transaction using mutating identifiers | |
CN105809417A (zh) | 一种安全可信的实时电子支付结算商户终端、用户终端、银行前端系统及系统与方法 | |
JP2024003002A (ja) | 公正な電子交換を実施するための仮想ブロックチェーンプロトコルの利用 | |
WO2017012069A1 (zh) | 网上交易方法、装置和系统 | |
WO2017012070A1 (zh) | 网上交易方法、装置和系统 | |
WO2017012066A1 (zh) | 网上交易方法、装置和系统 | |
CA2993091C (en) | Online transaction method, device and system | |
CA2993088C (en) | Online transaction method, device and system | |
CA2993112C (en) | Online transaction method, device and system | |
WO2017012068A1 (zh) | 网上交易方法、装置和系统 | |
US11842338B2 (en) | Payment encryption system | |
WO2017012065A1 (zh) | 网上交易方法、装置和系统 | |
WO2017012063A1 (zh) | 网上交易方法、装置和系统 |
Legal Events
Date | Code | Title | Description |
---|---|---|---|
121 | Ep: the epo has been informed by wipo that ep was designated in this application |
Ref document number: 15898625 Country of ref document: EP Kind code of ref document: A1 |
|
ENP | Entry into the national phase |
Ref document number: 2993110 Country of ref document: CA |
|
NENP | Non-entry into the national phase |
Ref country code: DE |
|
32PN | Ep: public notification in the ep bulletin as address of the adressee cannot be established |
Free format text: NOTING OF LOSS OF RIGHTS PURSUANT TO RULE 112(1) EPC (EPO FORM 1205A DATED 15.05.18) |
|
122 | Ep: pct application non-entry in european phase |
Ref document number: 15898625 Country of ref document: EP Kind code of ref document: A1 |