WO2017028404A1 - Method, device and mobile terminal for transmitting transaction information - Google Patents

Method, device and mobile terminal for transmitting transaction information Download PDF

Info

Publication number
WO2017028404A1
WO2017028404A1 PCT/CN2015/096659 CN2015096659W WO2017028404A1 WO 2017028404 A1 WO2017028404 A1 WO 2017028404A1 CN 2015096659 W CN2015096659 W CN 2015096659W WO 2017028404 A1 WO2017028404 A1 WO 2017028404A1
Authority
WO
WIPO (PCT)
Prior art keywords
mobile terminal
verification information
information
legitimate
verification
Prior art date
Application number
PCT/CN2015/096659
Other languages
French (fr)
Chinese (zh)
Inventor
陈柳章
Original Assignee
深圳市文鼎创数据科技有限公司
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by 深圳市文鼎创数据科技有限公司 filed Critical 深圳市文鼎创数据科技有限公司
Publication of WO2017028404A1 publication Critical patent/WO2017028404A1/en

Links

Classifications

    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06QINFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES, NOT OTHERWISE PROVIDED FOR
    • G06Q20/00Payment architectures, schemes or protocols
    • G06Q20/30Payment architectures, schemes or protocols characterised by the use of specific devices or networks
    • G06Q20/32Payment architectures, schemes or protocols characterised by the use of specific devices or networks using wireless devices
    • G06Q20/327Short range or proximity payments by means of M-devices
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06QINFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES, NOT OTHERWISE PROVIDED FOR
    • G06Q20/00Payment architectures, schemes or protocols
    • G06Q20/38Payment protocols; Details thereof
    • G06Q20/382Payment protocols; Details thereof insuring higher security of transaction
    • G06Q20/3829Payment protocols; Details thereof insuring higher security of transaction involving key management

Definitions

  • the embodiments of the present invention belong to the field of wireless communications, and in particular, to a method, an apparatus, and a mobile terminal for transmitting transaction information.
  • the current method for transmitting transaction information mainly uses Bluetooth communication between two devices (the first device and the second device) to transmit transaction information. Since the communication distance of Bluetooth can reach 10 meters, two Bluetooth-enabled devices can be paired within 10 meters to complete the transmission of transaction information.
  • a wide range of communicable distances greatly facilitates the use of users, but peers also increase the risk of illegally acquiring transaction information: because within the effective communication range of Bluetooth, there may be multiple A device is paired with the connected device, and therefore, the user cannot determine whether the transaction information generated by the first device is output to the second device or to other devices.
  • the communication distance of Bluetooth can be adjusted by adjusting the transmission power, the communication distance is also affected by the sensitivity of the receiving device. For example, if the transmission function of the Bluetooth is adjusted to the device A, the ⁇ can be received only in the lm range. At the same transmit power, device B may still receive Bluetooth signals within 5m.
  • the existing transaction information transmission method is less secure, and the transaction information is illegally acquired.
  • Embodiments of the present invention provide a method, a device, and a mobile terminal for transmitting transaction information, which are intended to solve the problem that the existing transaction information transmission method has low security and the transaction information is illegally acquired. Problem solution
  • An embodiment of the present invention is implemented by the method for transmitting transaction information, where the method includes:
  • Another object of the embodiments of the present invention is to provide a transaction information sending apparatus, where the apparatus includes:
  • a verification information receiving unit configured to receive verification information sent by the mobile terminal by short-distance communication
  • a verification information verification unit configured to verify, according to the verification information, whether the mobile terminal is a legal mobile terminal
  • the transaction information sending unit is configured to send transaction information to the legal mobile terminal after the mobile terminal is a legitimate mobile terminal.
  • Another object of the embodiments of the present invention is to provide a mobile terminal, where the mobile terminal includes:
  • the verification information sending unit is configured to send the verification information to the information security device by means of short-distance communication, so that the information security device verifies whether the mobile terminal is a legitimate mobile terminal according to the verification information.
  • the transaction information receiving unit is configured to receive transaction information that is sent by the information security device after determining that the mobile terminal is a legitimate mobile terminal.
  • the information security device can verify the validity of the mobile terminal by verifying the verification information, and then judge The transaction information is sent out after the mobile terminal is legal, so that the sent transaction information can be accurately transmitted to the mobile terminal, which reduces the risk of the transaction information being illegally intercepted.
  • FIG. 1 is a flowchart of a method for transmitting transaction information according to a first embodiment of the present invention
  • FIG. 2 is a structural diagram of a transaction information transmitting apparatus according to a second embodiment of the present invention.
  • FIG. 3 is a structural diagram of a mobile terminal according to a third embodiment of the present invention. Embodiments of the invention
  • the verification information sent by the mobile terminal by means of short-distance communication is received, and the mobile terminal is verified as a legal mobile terminal according to the verification information, and the mobile terminal is a legal mobile terminal. ⁇ , sending transaction information to the legitimate mobile terminal.
  • Embodiment 1 is a diagrammatic representation of Embodiment 1:
  • FIG. 1 is a flowchart of a method for transmitting transaction information according to a first embodiment of the present invention, which is described in detail as follows:
  • Step S1 receiving the verification information sent by the mobile terminal by means of short-distance communication.
  • the short-distance communication methods include: acoustic communication, near field communication (Near Field
  • the sound wave can control the effective range of the communication within the range that is desired to be communicated by adjusting the transmission power, for example, within 10 cm, and most of the mobile terminals within the 10 cm range are visible, and therefore, can be filtered as much as possible.
  • the verification information sent by the non-legitimate mobile terminal thereby improving the reliability of the source of the verification information.
  • the effective communication range is 20 cm at a frequency of 13.56 MHz.
  • visible light communication it is only necessary to block light when it is necessary to control the communication range of visible light.
  • the verifying information that is sent by the receiving mobile terminal by means of short-distance communication specifically includes: receiving the verification information that is sent by the mobile terminal by means of voice communication.
  • the verification information received by the information security device may be pre-stored in the mobile terminal, or may be sent to the mobile terminal first, and then sent by the mobile terminal, when sent to the mobile device for the information security device.
  • Terminal ⁇ before the receiving the verification information sent by the mobile terminal, the following steps are included
  • the verification information may be a random number generated by a random function, Data that can be agreed in advance by the information security device and the mobile terminal, such as a unique identifier of the mobile terminal.
  • the verification information may be unencrypted information or encrypted information.
  • the verification information can be sent to the mobile terminal by means of Bluetooth communication or other short-range communication.
  • Step S12 Verify, according to the verification information, whether the mobile terminal is a legitimate mobile terminal.
  • the verifying whether the mobile terminal is a valid mobile terminal according to the verification information specifically includes:
  • the mobile terminal After the verification information is the same as the stored standard verification information, the mobile terminal is determined to be a legitimate mobile terminal, otherwise, the mobile terminal is determined to be an illegal mobile terminal.
  • the information security device should store standard verification information in advance or pre-store a function for generating standard verification information. For example, if the verification information is sent by the information security device to the mobile terminal, the verification information needs to be stored as the standard verification information after the information security device sends the verification information. If the verification information is generated by the mobile terminal, the information security device also needs to be The function is stored, and after receiving the verification information sent by the mobile terminal, the same function is used to generate a standard verification information under the same conditions as the mobile terminal generates the verification information.
  • the verifying whether the mobile terminal is a valid mobile terminal according to the verification information includes:
  • the preset decryption algorithm is an algorithm for decrypting the verification information agreed with the mobile terminal.
  • the algorithm may be a symmetric algorithm (DES or AES, etc.) or an asymmetric algorithm (RSA or ECC, etc.); those skilled in the art It can be understood that when a symmetric algorithm or an asymmetric algorithm is used, it is also necessary to preset a corresponding key. For example, if the verification information is encrypted by public key, after the verification information is received, the verification information is decrypted by using the corresponding private key.
  • Step S13 Send the transaction information to the legal mobile terminal after the mobile terminal is a legitimate mobile terminal.
  • the transaction information includes: when the information security device is a POS device, the transaction information includes account information (such as an account number and a password); when the information security device is a Bluetooth shield, the transaction information includes a signature; When the information security device is a dynamic token, the transaction information includes a dynamic password.
  • the transaction information may also include the purchased item information and the like, which are not limited herein.
  • the verification information sent by the mobile terminal by means of short-distance communication is received, and it is verified whether the mobile terminal is a legal mobile terminal according to the verification information, and the mobile terminal is legal.
  • the mobile terminal transmits transaction information to the legitimate mobile terminal. Since the verification information sent by the short-distance communication is more secure and reliable, the information security device can verify the validity of the mobile terminal by verifying the verification information, and then issue the transaction information after determining that the mobile terminal is legal. Thereby, the sent transaction information can be accurately transmitted to the mobile terminal, which reduces the risk of the transaction information being illegally intercepted.
  • the size of the sequence numbers of the foregoing processes does not mean the order of execution sequence, and the execution order of each process should be determined by its function and internal logic, and should not be taken to the embodiment of the present invention.
  • the implementation process constitutes any limitation.
  • Embodiment 2 is a diagrammatic representation of Embodiment 1
  • FIG. 2 is a structural diagram of a transaction information transmitting apparatus according to a second embodiment of the present invention.
  • the transaction information transmitting apparatus can be applied to various information security devices, such as a POS machine, a Bluetooth shield. Or a dynamic token or the like, for the convenience of explanation, only parts related to the embodiment of the present invention are shown.
  • the transaction information transmitting apparatus includes: a verification information receiving unit 21, a verification information verifying unit 22, and a transaction information transmitting unit 23. among them:
  • the verification information receiving unit 21 is configured to receive verification information that is sent by the mobile terminal by short-distance communication.
  • the manner of short-distance communication includes: acoustic wave communication, NFC communication, visible light communication, infrared communication, and the like.
  • the effective communication distances of the above-mentioned communication methods are very short in order to control the source of the verification information. Reliability.
  • the verification information receiving unit 21 is specifically configured to receive verification information that is sent by the mobile terminal by means of voice communication.
  • the verification information may be pre-stored in the mobile terminal, or may be sent to the mobile terminal for the information security device, and then sent by the mobile terminal.
  • the transaction information sending apparatus includes:
  • the verification information sending unit is configured to send the verification information to the mobile terminal.
  • the verification information may be generated by a function, or may be data agreed by the information security device and the mobile terminal in advance, such as a unique identifier of the mobile terminal.
  • the verification information may be unencrypted information or encrypted information.
  • the verification information verification unit 22 is configured to verify, according to the verification information, whether the mobile terminal is a legitimate mobile terminal.
  • the verification information verification unit 22 includes:
  • a verification information comparison module configured to compare the verification information with the stored standard verification information.
  • the first mobile terminal legality determining module is configured to determine that the mobile terminal is a legitimate mobile terminal after the verification information is the same as the stored standard verification information, otherwise, determine that the mobile terminal is an illegal mobile terminal.
  • the verification information verification unit 22 includes:
  • the verification information decryption module is configured to decrypt the verification information according to a preset decryption algorithm.
  • the preset decryption algorithm is an algorithm for decrypting the verification information agreed with the mobile terminal.
  • a decryption result comparison module configured to compare the decrypted result with the stored standard verification information.
  • the second mobile terminal legality determining module is configured to determine that the mobile terminal is a legitimate mobile terminal after the decryption result is the same as the stored standard verification information, otherwise, determine that the mobile terminal is an illegal mobile terminal.
  • the transaction information sending unit 23 is configured to send a transaction letter after the mobile terminal is a legitimate mobile terminal Interested in the legitimate mobile terminal.
  • the transaction information includes: when the information security device is a POS device, the transaction information includes account information (such as an account number, a password); when the information security device is a Bluetooth shield, the transaction information includes a signature; When the information security device is a dynamic token, the transaction information includes a dynamic password.
  • the transaction information may also include the purchased item information and the like, which are not limited herein.
  • the information security device can verify the validity of the mobile terminal by verifying the verification information, and further It is judged that the mobile terminal issues the transaction information after being legal, so that the sent transaction information can be accurately transmitted to the mobile terminal, which reduces the risk that the transaction information is illegally intercepted.
  • Embodiment 3 is a diagrammatic representation of Embodiment 3
  • FIG. 3 is a structural diagram of a mobile terminal provided by a third embodiment of the present invention, including a mobile phone, a smart phone, a laptop computer, a digital broadcast terminal, a PDA (Personal Digital Assistant), P MP (portable multimedia player), navigation system, etc.
  • the embodiment described in the present specification can be applied to fixed terminals such as digital televisions, desktop computers, etc., except when applied only to mobile terminals. For the convenience of explanation, only parts related to the embodiment of the present invention are shown.
  • the mobile terminal includes:
  • the verification information sending unit 31 is configured to send the verification information to the information security device by means of short-distance communication, so that the information security device verifies whether the mobile terminal is a legitimate mobile terminal according to the verification information.
  • the manner of short-distance communication includes: acoustic wave communication, NFC communication, visible light communication, infrared communication, and the like.
  • the effective communication distances of the above-listed communication methods are very short in order to control the reliability of the source of the verification information.
  • the verification information sending unit 31 is configured to send the verification information to the information security device by means of voice communication, so that the information security device verifies whether the mobile terminal is a legitimate mobile terminal according to the verification information.
  • the verification information may be pre-stored in the mobile terminal, or may be sent to the mobile terminal first, and then sent by the mobile terminal.
  • the mobile terminal when the information security device is first sent to the mobile terminal, the mobile terminal includes: [0078]
  • the verification information receiving unit is configured to receive the verification information sent by the information security device.
  • the verification information may be generated by a function, or may be data agreed by the information security device and the mobile terminal in advance, such as a unique identifier of the mobile terminal.
  • the verification information may be unencrypted information or encrypted information.
  • the transaction information receiving unit 32 is configured to receive transaction information that is sent by the information security device after determining that the mobile terminal is a legitimate mobile terminal.
  • the transaction information includes: when the information security device is a POS device, the transaction information includes account information (such as an account number, a password); when the information security device is a Bluetooth shield, the transaction information includes a signature; When the information security device is a dynamic token, the transaction information includes a dynamic password.
  • the transaction information may also include the purchased item information and the like, which are not limited herein.
  • the verification information sent by means of short-distance communication is more secure and reliable, it is convenient for the information security device to judge the legitimacy of the mobile terminal that sends the verification information, and thus the information security After the device determines that the mobile terminal is legal, the transaction information is sent, so that the mobile terminal can accurately receive the transaction information, thereby reducing the risk that the transaction information is illegally intercepted.
  • the disclosed system, apparatus, and method may be implemented in other manners.
  • the device embodiments described above are merely illustrative.
  • the division of the unit is only a logical function division, and the actual implementation may have another division manner, for example, multiple units or components may be combined or Can be integrated into another system, or some features can be ignored, or not executed.
  • the mutual coupling or direct coupling or communication connection shown or discussed may be an indirect coupling or communication connection through some interface, device or unit, and may be in an electrical, mechanical or other form.
  • the unit described as a separate component may or may not be physically distributed, and the component displayed as a unit may or may not be a physical unit, that is, may be located in one place, or may be distributed to multiple On the network unit. Some or all of the units may be selected according to actual needs to achieve the purpose of the solution of the embodiment.
  • each functional unit in each embodiment of the present invention may be integrated into one processing unit, or each unit may exist physically separately, or two or more units may be integrated into one unit.
  • the functions, if implemented in the form of software functional units and sold or used as separate products, may be stored in a computer readable storage medium.
  • the technical solution of the present invention which is essential or contributes to the prior art, or a part of the technical solution, may be embodied in the form of a software product, which is stored in a storage medium, including
  • the instructions are used to cause a computer device (which may be a personal computer, server, or network device, etc.) to perform all or part of the steps of the methods described in various embodiments of the present invention.
  • the foregoing storage medium includes: a USB flash drive, a removable hard disk, a read only memory (ROM, Read-Only)
  • RAM random access memory
  • disk disk or optical disk, and other media that can store program code.

Abstract

A method, device and mobile terminal for transmitting transaction information. The method comprises: receiving authentication information transmitted by a mobile terminal via short-range communication (S11); authenticating, according to the authentication information, whether the mobile terminal is a legitimate mobile terminal (S12); and if the mobile terminal is a legitimate mobile terminal, then transmitting transaction information to the legitimate mobile terminal (S13). The method can reduce the risk of illicit interception of transaction information.

Description

交易信息发送方法、 装置以及移动终端 技术领域  Transaction information transmitting method, device and mobile terminal
[0001] 本发明实施例属于无线通信领域, 尤其涉及一种交易信息发送方法、 装置以及 移动终端。  [0001] The embodiments of the present invention belong to the field of wireless communications, and in particular, to a method, an apparatus, and a mobile terminal for transmitting transaction information.
背景技术  Background technique
[0002] 目前的交易信息发送方法, 主要是在两个设备 (第一设备和第二设备) 之间采 用蓝牙通信的方式传输交易信息。 由于蓝牙的通信距离可以达到 10米, 所以两 个具有蓝牙功能的设备可以在 10米范围内进行配对连接, 进而完成交易信息的 传输。  [0002] The current method for transmitting transaction information mainly uses Bluetooth communication between two devices (the first device and the second device) to transmit transaction information. Since the communication distance of Bluetooth can reach 10 meters, two Bluetooth-enabled devices can be paired within 10 meters to complete the transmission of transaction information.
[0003] 大范围的可通信距离给用户的使用带来极大的便利, 但同吋也增加了交易信息 被非法获取的风险: 因为在蓝牙的有效通信范围内, 可能存在多个可与第一设 备配对连接的设备, 因此, 用户不能确定第一设备生成的交易信息是输出给了 第二设备还是传输给了其他设备。 此外, 虽然蓝牙的通信距离可以通过调节发 射功率进行调节, 但该通信距离还受接收端设备的灵敏度影响, 比如, 假设将 蓝牙的发射功能调整到设备 A仅在 lm范围内可以接收到吋, 在同样的发射功率 下, 设备 B可能在 5m范围内仍能接收到蓝牙信号。  [0003] A wide range of communicable distances greatly facilitates the use of users, but peers also increase the risk of illegally acquiring transaction information: because within the effective communication range of Bluetooth, there may be multiple A device is paired with the connected device, and therefore, the user cannot determine whether the transaction information generated by the first device is output to the second device or to other devices. In addition, although the communication distance of Bluetooth can be adjusted by adjusting the transmission power, the communication distance is also affected by the sensitivity of the receiving device. For example, if the transmission function of the Bluetooth is adjusted to the device A, the 吋 can be received only in the lm range. At the same transmit power, device B may still receive Bluetooth signals within 5m.
[0004] 综上, 现有的交易信息发送方法安全性较低, 交易信息被非法获取的风险较高 技术问题  [0004] In summary, the existing transaction information transmission method is less secure, and the transaction information is illegally acquired.
[0005] 本发明实施例提供了一种交易信息发送方法、 装置以及移动终端, 旨在解决现 有的交易信息发送方法安全性较低, 交易信息被非法获取的风险较高的问题。 问题的解决方案  Embodiments of the present invention provide a method, a device, and a mobile terminal for transmitting transaction information, which are intended to solve the problem that the existing transaction information transmission method has low security and the transaction information is illegally acquired. Problem solution
技术解决方案  Technical solution
[0006] 本发明实施例是这样实现的, 一种交易信息发送方法, 所述方法包括:  An embodiment of the present invention is implemented by the method for transmitting transaction information, where the method includes:
[0007] 接收移动终端通过短距离通信的方式发送的验证信息; [0007] receiving verification information that is sent by the mobile terminal by short-distance communication;
[0008] 根据所述验证信息验证所述移动终端是否为合法的移动终端; [0009] 在所述移动终端为合法的移动终端吋, 发送交易信息至所述合法的移动终端。 [0008] verifying, according to the verification information, whether the mobile terminal is a legitimate mobile terminal; [0009] After the mobile terminal is a legitimate mobile terminal, sending transaction information to the legitimate mobile terminal.
[0010] [0010]
[0011] 本发明实施例的另一目的在于提供一种交易信息发送装置, 所述装置包括: [0011] Another object of the embodiments of the present invention is to provide a transaction information sending apparatus, where the apparatus includes:
[0012] 验证信息接收单元, 用于接收移动终端通过短距离通信的方式发送的验证信息 [0012] a verification information receiving unit, configured to receive verification information sent by the mobile terminal by short-distance communication
[0013] 验证信息验证单元, 用于根据所述验证信息验证所述移动终端是否为合法的移 动终端; [0013] a verification information verification unit, configured to verify, according to the verification information, whether the mobile terminal is a legal mobile terminal;
[0014] 交易信息发送单元, 用于在所述移动终端为合法的移动终端吋, 发送交易信息 至所述合法的移动终端。  [0014] The transaction information sending unit is configured to send transaction information to the legal mobile terminal after the mobile terminal is a legitimate mobile terminal.
[0015] 本发明实施例的另一目的在于提供一种移动终端, 所述移动终端包括: [0015] Another object of the embodiments of the present invention is to provide a mobile terminal, where the mobile terminal includes:
[0016] 验证信息发送单元, 用于通过短距离通信的方式将验证信息发送至信息安全设 备, 以便所述信息安全设备根据所述验证信息验证移动终端是否为合法的移动 终端。 [0016] The verification information sending unit is configured to send the verification information to the information security device by means of short-distance communication, so that the information security device verifies whether the mobile terminal is a legitimate mobile terminal according to the verification information.
[0017] 交易信息接收单元, 用于接收所述信息安全设备在判断出所述移动终端为合法 的移动终端吋发送的交易信息。  [0017] The transaction information receiving unit is configured to receive transaction information that is sent by the information security device after determining that the mobile terminal is a legitimate mobile terminal.
发明的有益效果  Advantageous effects of the invention
有益效果  Beneficial effect
[0018] 在本发明实施例中, 由于通过短距离通信的方式发送的验证信息更为安全、 可 靠, 因此, 信息安全设备可通过对验证信息进行验证以判断移动终端的合法性 , 进而在判断出移动终端合法吋才发出交易信息, 从而使得发出的交易信息能 够准确发送至该移动终端, 降低了交易信息被非法截获的风险。  [0018] In the embodiment of the present invention, since the verification information sent by means of short-distance communication is more secure and reliable, the information security device can verify the validity of the mobile terminal by verifying the verification information, and then judge The transaction information is sent out after the mobile terminal is legal, so that the sent transaction information can be accurately transmitted to the mobile terminal, which reduces the risk of the transaction information being illegally intercepted.
对附图的简要说明  Brief description of the drawing
附图说明  DRAWINGS
[0019] 图 1是本发明第一实施例提供的一种交易信息发送方法的流程图;  1 is a flowchart of a method for transmitting transaction information according to a first embodiment of the present invention;
[0020] 图 2是本发明第二实施例提供的一种交易信息发送装置的结构图; 2 is a structural diagram of a transaction information transmitting apparatus according to a second embodiment of the present invention;
[0021] 图 3是本发明第三实施例提供的一种移动终端的结构图。 本发明的实施方式 3 is a structural diagram of a mobile terminal according to a third embodiment of the present invention. Embodiments of the invention
[0022] 为了使本发明的目的、 技术方案及优点更加清楚明白, 以下结合附图及实施例 , 对本发明进行进一步详细说明。 应当理解, 此处所描述的具体实施例仅仅用 以解释本发明, 并不用于限定本发明。  [0022] The present invention will be further described in detail below with reference to the accompanying drawings and embodiments. It is understood that the specific embodiments described herein are merely illustrative of the invention and are not intended to limit the invention.
[0023] 本发明实施例中, 接收移动终端通过短距离通信的方式发送的验证信息, 根据 所述验证信息验证所述移动终端是否为合法的移动终端, 在所述移动终端为合 法的移动终端吋, 发送交易信息至所述合法的移动终端。  [0023] In the embodiment of the present invention, the verification information sent by the mobile terminal by means of short-distance communication is received, and the mobile terminal is verified as a legal mobile terminal according to the verification information, and the mobile terminal is a legal mobile terminal.吋, sending transaction information to the legitimate mobile terminal.
[0024] 为了说明本发明所述的技术方案, 下面通过具体实施例来进行说明。  [0024] In order to explain the technical solution described in the present invention, the following description will be made by way of specific embodiments.
[0025] 实施例一:  [0025] Embodiment 1:
[0026] 图 1示出了本发明第一实施例提供的一种交易信息发送方法的流程图, 详述如 下:  1 is a flowchart of a method for transmitting transaction information according to a first embodiment of the present invention, which is described in detail as follows:
[0027] 步骤 Sl l, 接收移动终端通过短距离通信的方式发送的验证信息。  [0027] Step S1, receiving the verification information sent by the mobile terminal by means of short-distance communication.
[0028] 其中, 短距离通信的方式包括: 声波通信、 近场通信 (Near Field [0028] wherein, the short-distance communication methods include: acoustic communication, near field communication (Near Field
Communication, NFC) 、 可见光通信、 红外通信等。 上述列举的通信方式的有 效通信距离都很短, 以便控制验证信息的来源的可靠性。 例如, 声波可以通过 调节发送功率将通信范围有效的控制在想要通信的范围内, 如, 控制在 10cm内 , 而在该 10cm范围内的大部分移动终端都是可见的, 因此, 能够尽量过滤非合 法的移动终端发送的验证信息, 从而提高验证信息来源的可靠性。 例如, 若采 用 NFC通信方式, 则在频率为 13.56MHz吋, 有效的通信范围为 20厘米内。 又例 如, 若采用可见光通信, 则在需要控制可见光的通信范围吋, 只需遮挡光线即 可。  Communication, NFC), visible light communication, infrared communication, etc. The effective communication distances of the above-listed communication methods are very short in order to control the reliability of the source of the verification information. For example, the sound wave can control the effective range of the communication within the range that is desired to be communicated by adjusting the transmission power, for example, within 10 cm, and most of the mobile terminals within the 10 cm range are visible, and therefore, can be filtered as much as possible. The verification information sent by the non-legitimate mobile terminal, thereby improving the reliability of the source of the verification information. For example, if the NFC communication method is used, the effective communication range is 20 cm at a frequency of 13.56 MHz. For example, if visible light communication is used, it is only necessary to block light when it is necessary to control the communication range of visible light.
[0029] 可选的, 所述接收移动终端通过短距离通信的方式发送的验证信息具体包括: 接收移动终端通过声波通信的方式发送的验证信息。  [0029] Optionally, the verifying information that is sent by the receiving mobile terminal by means of short-distance communication specifically includes: receiving the verification information that is sent by the mobile terminal by means of voice communication.
[0030] 在该步骤中, 信息安全设备接收的验证信息可预先存储在移动终端中, 也可为 信息安全设备先发送至移动终端, 再由移动终端发出, 当为信息安全设备先发 送至移动终端吋, 则在所述接收移动终端发送的验证信息之前, 包括下述步骤  [0030] In this step, the verification information received by the information security device may be pre-stored in the mobile terminal, or may be sent to the mobile terminal first, and then sent by the mobile terminal, when sent to the mobile device for the information security device. Terminal 吋, before the receiving the verification information sent by the mobile terminal, the following steps are included
[0031] 发送验证信息至移动终端。 其中, 验证信息可为由随机函数生成的随机数, 也 可为信息安全设备与移动终端事先约定的数据, 如移动终端的唯一标识等。 当 然, 验证信息可为未加密的信息, 也可为加密后的信息。 在该步骤中, 验证信 息可通过蓝牙通信或其他短距离通信的方式发送至移动终端。 [0031] transmitting the verification information to the mobile terminal. Wherein, the verification information may be a random number generated by a random function, Data that can be agreed in advance by the information security device and the mobile terminal, such as a unique identifier of the mobile terminal. Of course, the verification information may be unencrypted information or encrypted information. In this step, the verification information can be sent to the mobile terminal by means of Bluetooth communication or other short-range communication.
[0032] 步骤 S12, 根据所述验证信息验证所述移动终端是否为合法的移动终端。  [0032] Step S12: Verify, according to the verification information, whether the mobile terminal is a legitimate mobile terminal.
[0033] 该步骤中, 根据接收的验证信息以及预先存储的标准验证信息, 判断移动终端 是否为合法的移动终端。  [0033] In this step, based on the received verification information and the pre-stored standard verification information, it is determined whether the mobile terminal is a legitimate mobile terminal.
[0034] 可选地, 当验证信息为未加密的信息吋, 所述根据所述验证信息验证所述移动 终端是否为合法的移动终端, 具体包括:  [0034] Optionally, when the verification information is the unencrypted information, the verifying whether the mobile terminal is a valid mobile terminal according to the verification information, specifically includes:
[0035] Al、 将所述验证信息与存储的标准验证信息比较。  [0035] Al, comparing the verification information with the stored standard verification information.
[0036] A2、 在所述验证信息与存储的标准验证信息相同吋, 判定所述移动终端为合法 的移动终端, 否则, 判定所述移动终端为非法的移动终端。  [0036] A2. After the verification information is the same as the stored standard verification information, the mobile terminal is determined to be a legitimate mobile terminal, otherwise, the mobile terminal is determined to be an illegal mobile terminal.
[0037] 上述 A1和 A2中, 无论验证信息是否由信息安全设备发送至移动终端, 该信息 安全设备都应预先存储标准验证信息或预先存储生成标准验证信息的函数。 比 如, 假设验证信息由信息安全设备发送至移动终端, 则在信息安全设备发送验 证信息之后需存储该验证信息以作为标准验证信息; 假设验证信息是移动终端 采用函数生成, 则信息安全设备也需存储该函数, 并在收到移动终端发送的验 证信息吋, 在与移动终端生成验证信息的相同条件下, 采用同样的函数生成一 标准验证信息。  [0037] In the above A1 and A2, regardless of whether the verification information is transmitted from the information security device to the mobile terminal, the information security device should store standard verification information in advance or pre-store a function for generating standard verification information. For example, if the verification information is sent by the information security device to the mobile terminal, the verification information needs to be stored as the standard verification information after the information security device sends the verification information. If the verification information is generated by the mobile terminal, the information security device also needs to be The function is stored, and after receiving the verification information sent by the mobile terminal, the same function is used to generate a standard verification information under the same conditions as the mobile terminal generates the verification information.
[0038] 可选地, 当验证信息为加密的信息吋, 所述根据所述验证信息验证所述移动终 端是否为合法的移动终端, 具体包括:  [0038] Optionally, when the verification information is the encrypted information, the verifying whether the mobile terminal is a valid mobile terminal according to the verification information includes:
[0039] Bl、 根据预设的解密算法解密所述验证信息。 其中, 预设的解密算法为与移动 终端约定的解密验证信息的算法, 比如, 算法可为对称算法 (DES或 AES等) , 也可以是非对称算法 (RSA或 ECC等) ; 本领域的技术人员可以理解, 当采用对 称算法或非对称算法吋, 还需要预置相应的密钥。 例如, 假设验证信息为采用 公钥加密, 则在接收到验证信息后, 采用对应的私钥解密所述验证信息。  [0039] Bl, decrypting the verification information according to a preset decryption algorithm. The preset decryption algorithm is an algorithm for decrypting the verification information agreed with the mobile terminal. For example, the algorithm may be a symmetric algorithm (DES or AES, etc.) or an asymmetric algorithm (RSA or ECC, etc.); those skilled in the art It can be understood that when a symmetric algorithm or an asymmetric algorithm is used, it is also necessary to preset a corresponding key. For example, if the verification information is encrypted by public key, after the verification information is received, the verification information is decrypted by using the corresponding private key.
[0040] B2、 将解密结果与存储的标准验证信息比较。  [0040] B2, comparing the decrypted result with the stored standard verification information.
[0041] B3、 在所述解密结果与存储的标准验证信息相同吋, 判定所述移动终端为合法 的移动终端, 否则, 判定所述移动终端为非法的移动终端。 [0042] 上述 B1~B3中, 由于验证信息经过加密操作, 因此, 能够进一步提高验证信息 的安全性。 [0041] B3. After the decryption result is the same as the stored standard verification information, determine that the mobile terminal is a legitimate mobile terminal, otherwise, determine that the mobile terminal is an illegal mobile terminal. [0042] In the above B1 to B3, since the authentication information is subjected to the encryption operation, the security of the verification information can be further improved.
[0043] 步骤 S13, 在所述移动终端为合法的移动终端吋, 发送交易信息至所述合法的 移动终端。  [0043] Step S13: Send the transaction information to the legal mobile terminal after the mobile terminal is a legitimate mobile terminal.
[0044] 通常, 在互联网支付场景下, 交易信息包括: 当信息安全设备为 pos机吋, 交 易信息包括账户信息 (如账号、 密码) ; 当信息安全设备为蓝牙盾吋, 交易信 息包括签名; 当信息安全设备为动态令牌吋, 交易信息包括动态口令。 当然, 交易信息还可以包括购买的物品信息等, 此处不作限定。  [0044] Generally, in an internet payment scenario, the transaction information includes: when the information security device is a POS device, the transaction information includes account information (such as an account number and a password); when the information security device is a Bluetooth shield, the transaction information includes a signature; When the information security device is a dynamic token, the transaction information includes a dynamic password. Of course, the transaction information may also include the purchased item information and the like, which are not limited herein.
[0045] 本发明第一实施例中, 接收移动终端通过短距离通信的方式发送的验证信息, 根据所述验证信息验证所述移动终端是否为合法的移动终端, 在所述移动终端 为合法的移动终端吋, 发送交易信息至所述合法的移动终端。 由于通过短距离 通信的方式发送的验证信息更为安全、 可靠, 因此, 信息安全设备可通过对验 证信息进行验证以判断移动终端的合法性, 进而在判断出移动终端合法吋才发 出交易信息, 从而使得发出的交易信息能够准确发送至该移动终端, 降低了交 易信息被非法截获的风险。  [0045] In the first embodiment of the present invention, the verification information sent by the mobile terminal by means of short-distance communication is received, and it is verified whether the mobile terminal is a legal mobile terminal according to the verification information, and the mobile terminal is legal. The mobile terminal transmits transaction information to the legitimate mobile terminal. Since the verification information sent by the short-distance communication is more secure and reliable, the information security device can verify the validity of the mobile terminal by verifying the verification information, and then issue the transaction information after determining that the mobile terminal is legal. Thereby, the sent transaction information can be accurately transmitted to the mobile terminal, which reduces the risk of the transaction information being illegally intercepted.
[0046] 应理解, 在本发明实施例中, 上述各过程的序号的大小并不意味着执行顺序的 先后, 各过程的执行顺序应以其功能和内在逻辑确定, 而不应对本发明实施例 的实施过程构成任何限定。  It should be understood that, in the embodiment of the present invention, the size of the sequence numbers of the foregoing processes does not mean the order of execution sequence, and the execution order of each process should be determined by its function and internal logic, and should not be taken to the embodiment of the present invention. The implementation process constitutes any limitation.
[0047] 实施例二:  [0047] Embodiment 2:
[0048] 图 2示出了本发明第二实施例提供的一种交易信息发送装置的结构图, 该交易 信息发送装置可应用于各种信息安全设备, 该信息安全设备如 pos机, 蓝牙盾或 动态令牌等, 为了便于说明, 仅示出了与本发明实施例相关的部分。  2 is a structural diagram of a transaction information transmitting apparatus according to a second embodiment of the present invention. The transaction information transmitting apparatus can be applied to various information security devices, such as a POS machine, a Bluetooth shield. Or a dynamic token or the like, for the convenience of explanation, only parts related to the embodiment of the present invention are shown.
[0049] 该交易信息发送装置包括: 验证信息接收单元 21、 验证信息验证单元 22、 交易 信息发送单元 23。 其中:  [0049] The transaction information transmitting apparatus includes: a verification information receiving unit 21, a verification information verifying unit 22, and a transaction information transmitting unit 23. among them:
[0050] 验证信息接收单元 21, 用于接收移动终端通过短距离通信的方式发送的验证信 息。  [0050] The verification information receiving unit 21 is configured to receive verification information that is sent by the mobile terminal by short-distance communication.
[0051] 其中, 短距离通信的方式包括: 声波通信、 NFC通信、 可见光通信、 红外通信 等。 上述列举的通信方式的有效通信距离都很短, 以便控制验证信息的来源的 可靠性。 [0051] The manner of short-distance communication includes: acoustic wave communication, NFC communication, visible light communication, infrared communication, and the like. The effective communication distances of the above-mentioned communication methods are very short in order to control the source of the verification information. Reliability.
[0052] 可选的, 验证信息接收单元 21具体用于接收移动终端通过声波通信的方式发送 的验证信息。  [0052] Optionally, the verification information receiving unit 21 is specifically configured to receive verification information that is sent by the mobile terminal by means of voice communication.
[0053] 其中, 验证信息可预先存储在移动终端中, 也可为信息安全设备先发送至移动 终端, 再由移动终端发出。  [0053] The verification information may be pre-stored in the mobile terminal, or may be sent to the mobile terminal for the information security device, and then sent by the mobile terminal.
[0054] 可选地, 所述交易信息发送装置包括: [0054] Optionally, the transaction information sending apparatus includes:
[0055] 验证信息发送单元, 用于发送验证信息至移动终端。 其中, 验证信息可由函数 生成, 也可为信息安全设备与移动终端事先约定的数据, 如移动终端的唯一标 识等。 当然, 验证信息可为未加密的信息, 也可为加密后的信息。  [0055] The verification information sending unit is configured to send the verification information to the mobile terminal. The verification information may be generated by a function, or may be data agreed by the information security device and the mobile terminal in advance, such as a unique identifier of the mobile terminal. Of course, the verification information may be unencrypted information or encrypted information.
[0056]  [0056]
[0057] 验证信息验证单元 22, 用于根据所述验证信息验证所述移动终端是否为合法的 移动终端。  [0057] The verification information verification unit 22 is configured to verify, according to the verification information, whether the mobile terminal is a legitimate mobile terminal.
[0058] 可选地, 所述验证信息验证单元 22包括:  [0058] Optionally, the verification information verification unit 22 includes:
[0059] 验证信息比较模块, 用于将所述验证信息与存储的标准验证信息比较。  [0059] a verification information comparison module, configured to compare the verification information with the stored standard verification information.
[0060] 第一移动终端合法性判断模块, 用于在所述验证信息与存储的标准验证信息相 同吋, 判定所述移动终端为合法的移动终端, 否则, 判定所述移动终端为非法 的移动终端。  [0060] The first mobile terminal legality determining module is configured to determine that the mobile terminal is a legitimate mobile terminal after the verification information is the same as the stored standard verification information, otherwise, determine that the mobile terminal is an illegal mobile terminal.
[0061] 其中, 标准验证信息或生成标准验证信息的函数预先存储在交易信息发送装置 中。  [0061] wherein the standard verification information or the function of generating the standard verification information is stored in advance in the transaction information transmitting apparatus.
[0062] 可选地, 所述验证信息验证单元 22包括:  [0062] Optionally, the verification information verification unit 22 includes:
[0063] 验证信息解密模块, 用于根据预设的解密算法解密所述验证信息。 其中, 预设 的解密算法为与移动终端约定的解密验证信息的算法。  [0063] The verification information decryption module is configured to decrypt the verification information according to a preset decryption algorithm. The preset decryption algorithm is an algorithm for decrypting the verification information agreed with the mobile terminal.
[0064] 解密结果比较模块, 用于将解密结果与存储的标准验证信息比较。 [0064] a decryption result comparison module, configured to compare the decrypted result with the stored standard verification information.
[0065] 第二移动终端合法性判断模块, 用于在所述解密结果与存储的标准验证信息相 同吋, 判定所述移动终端为合法的移动终端, 否则, 判定所述移动终端为非法 的移动终端。 [0065] The second mobile terminal legality determining module is configured to determine that the mobile terminal is a legitimate mobile terminal after the decryption result is the same as the stored standard verification information, otherwise, determine that the mobile terminal is an illegal mobile terminal.
[0066] 由于验证信息经过加密操作, 因此, 能够进一步提高验证信息的安全性。  [0066] Since the verification information is subjected to an encryption operation, the security of the verification information can be further improved.
[0067] 交易信息发送单元 23, 用于在所述移动终端为合法的移动终端吋, 发送交易信 息至所述合法的移动终端。 [0067] The transaction information sending unit 23 is configured to send a transaction letter after the mobile terminal is a legitimate mobile terminal Interested in the legitimate mobile terminal.
[0068] 通常, 在互联网支付场景下, 交易信息包括: 当信息安全设备为 pos机吋, 交 易信息包括账户信息 (如账号、 密码) ; 当信息安全设备为蓝牙盾吋, 交易信 息包括签名; 当信息安全设备为动态令牌吋, 交易信息包括动态口令。 当然, 交易信息还可以包括购买的物品信息等, 此处不作限定。  [0068] Generally, in the Internet payment scenario, the transaction information includes: when the information security device is a POS device, the transaction information includes account information (such as an account number, a password); when the information security device is a Bluetooth shield, the transaction information includes a signature; When the information security device is a dynamic token, the transaction information includes a dynamic password. Of course, the transaction information may also include the purchased item information and the like, which are not limited herein.
[0069] 本发明第二实施例中, 由于通过短距离通信的方式发送的验证信息更为安全、 可靠, 因此, 信息安全设备可通过对验证信息进行验证以判断移动终端的合法 性, 进而在判断出移动终端合法吋才发出交易信息, 从而使得发出的交易信息 能够准确发送至该移动终端, 降低了交易信息被非法截获的风险。  [0069] In the second embodiment of the present invention, since the verification information sent by means of short-distance communication is more secure and reliable, the information security device can verify the validity of the mobile terminal by verifying the verification information, and further It is judged that the mobile terminal issues the transaction information after being legal, so that the sent transaction information can be accurately transmitted to the mobile terminal, which reduces the risk that the transaction information is illegally intercepted.
[0070] 实施例三:  [0070] Embodiment 3:
[0071] 图 3示出了本发明第三实施例提供的一种移动终端的结构图, 该移动终端包括 移动电话、 智能电话、 膝上型计算机、 数字广播终端、 PDA (个人数字助理)、 P MP (便携式多媒体播放器)、 导航系统等。 除了当仅应用于移动终端吋, 在本公 幵中描述的实施例可以应用于诸如数字电视、 台式计算机等固定终端。 为了便 于说明, 仅示出了与本发明实施例相关的部分。  3 is a structural diagram of a mobile terminal provided by a third embodiment of the present invention, including a mobile phone, a smart phone, a laptop computer, a digital broadcast terminal, a PDA (Personal Digital Assistant), P MP (portable multimedia player), navigation system, etc. The embodiment described in the present specification can be applied to fixed terminals such as digital televisions, desktop computers, etc., except when applied only to mobile terminals. For the convenience of explanation, only parts related to the embodiment of the present invention are shown.
[0072] 该移动终端包括:  [0072] The mobile terminal includes:
[0073] 验证信息发送单元 31, 用于通过短距离通信的方式将验证信息发送至信息安全 设备, 以便所述信息安全设备根据所述验证信息验证移动终端是否为合法的移 动终端。  [0073] The verification information sending unit 31 is configured to send the verification information to the information security device by means of short-distance communication, so that the information security device verifies whether the mobile terminal is a legitimate mobile terminal according to the verification information.
[0074] 其中, 短距离通信的方式包括: 声波通信、 NFC通信、 可见光通信、 红外通信 等。 上述列举的通信方式的有效通信距离都很短, 以便控制验证信息的来源的 可靠性。  [0074] The manner of short-distance communication includes: acoustic wave communication, NFC communication, visible light communication, infrared communication, and the like. The effective communication distances of the above-listed communication methods are very short in order to control the reliability of the source of the verification information.
[0075] 可选的, 验证信息发送单元 31, 用于通过声波通信的方式将验证信息发送至信 息安全设备, 以便所述信息安全设备根据所述验证信息验证移动终端是否为合 法的移动终端。  [0075] Optionally, the verification information sending unit 31 is configured to send the verification information to the information security device by means of voice communication, so that the information security device verifies whether the mobile terminal is a legitimate mobile terminal according to the verification information.
[0076] 具体地, 验证信息可预先存储在移动终端中, 也可为信息安全设备先发送至移 动终端, 再由移动终端发出。  [0076] Specifically, the verification information may be pre-stored in the mobile terminal, or may be sent to the mobile terminal first, and then sent by the mobile terminal.
[0077] 可选地, 当为信息安全设备先发送至移动终端吋, 该移动终端包括: [0078] 验证信息接收单元, 用于接收信息安全设备发送的验证信息。 其中, 验证信息 可由函数生成, 也可为信息安全设备与移动终端事先约定的数据, 如移动终端 的唯一标识等。 当然, 验证信息可为未加密的信息, 也可为加密后的信息。 [0077] Optionally, when the information security device is first sent to the mobile terminal, the mobile terminal includes: [0078] The verification information receiving unit is configured to receive the verification information sent by the information security device. The verification information may be generated by a function, or may be data agreed by the information security device and the mobile terminal in advance, such as a unique identifier of the mobile terminal. Of course, the verification information may be unencrypted information or encrypted information.
[0079] 交易信息接收单元 32, 用于接收所述信息安全设备在判断出所述移动终端为合 法的移动终端吋发送的交易信息。  [0079] The transaction information receiving unit 32 is configured to receive transaction information that is sent by the information security device after determining that the mobile terminal is a legitimate mobile terminal.
[0080] 通常, 在互联网支付场景下, 交易信息包括: 当信息安全设备为 pos机吋, 交 易信息包括账户信息 (如账号、 密码) ; 当信息安全设备为蓝牙盾吋, 交易信 息包括签名; 当信息安全设备为动态令牌吋, 交易信息包括动态口令。 当然, 交易信息还可以包括购买的物品信息等, 此处不作限定。  [0080] Generally, in the Internet payment scenario, the transaction information includes: when the information security device is a POS device, the transaction information includes account information (such as an account number, a password); when the information security device is a Bluetooth shield, the transaction information includes a signature; When the information security device is a dynamic token, the transaction information includes a dynamic password. Of course, the transaction information may also include the purchased item information and the like, which are not limited herein.
[0081] 本发明第三实施例中, 由于通过短距离通信的方式发送的验证信息更为安全、 可靠, 因此, 便于信息安全设备对发送验证信息的移动终端进行合法性判断, 进而在信息安全设备判断出移动终端合法吋才发出交易信息, 从而使得移动终 端能够准确接收到交易信息, 降低了交易信息被非法截获的风险。  [0081] In the third embodiment of the present invention, since the verification information sent by means of short-distance communication is more secure and reliable, it is convenient for the information security device to judge the legitimacy of the mobile terminal that sends the verification information, and thus the information security After the device determines that the mobile terminal is legal, the transaction information is sent, so that the mobile terminal can accurately receive the transaction information, thereby reducing the risk that the transaction information is illegally intercepted.
[0082] 本领域普通技术人员可以意识到, 结合本文中所公幵的实施例描述的各示例的 单元及算法步骤, 能够以电子硬件、 或者计算机软件和电子硬件的结合来实现 。 这些功能究竟以硬件还是软件方式来执行, 取决于技术方案的特定应用和设 计约束条件。 专业技术人员可以对每个特定的应用来使用不同方法来实现所描 述的功能, 但是这种实现不应认为超出本发明的范围。  [0082] Those of ordinary skill in the art will appreciate that the elements and algorithm steps of the various examples described in connection with the embodiments disclosed herein can be implemented in electronic hardware, or a combination of computer software and electronic hardware. Whether these functions are performed in hardware or software depends on the specific application and design constraints of the solution. A person skilled in the art can use different methods for implementing the described functions for each particular application, but such implementation should not be considered to be beyond the scope of the present invention.
[0083] 所属领域的技术人员可以清楚地了解到, 为描述的方便和简洁, 上述描述的系 统、 装置和单元的具体工作过程, 可以参考前述方法实施例中的对应过程, 在 此不再赘述。  [0083] A person skilled in the art can clearly understand that for the convenience and brevity of the description, the specific working process of the system, the device and the unit described above can refer to the corresponding process in the foregoing method embodiment, and details are not described herein again. .
[0084] 在本申请所提供的几个实施例中, 应该理解到, 所揭露的系统、 装置和方法, 可以通过其它的方式实现。 例如, 以上所描述的装置实施例仅仅是示意性的, 例如, 所述单元的划分, 仅仅为一种逻辑功能划分, 实际实现吋可以有另外的 划分方式, 例如多个单元或组件可以结合或者可以集成到另一个系统, 或一些 特征可以忽略, 或不执行。 另一点, 所显示或讨论的相互之间的耦合或直接耦 合或通信连接可以是通过一些接口, 装置或单元的间接耦合或通信连接, 可以 是电性, 机械或其它的形式。 [0085] 所述作为分离部件说明的单元可以是或者也可以不是物理上分幵的, 作为单元 显示的部件可以是或者也可以不是物理单元, 即可以位于一个地方, 或者也可 以分布到多个网络单元上。 可以根据实际的需要选择其中的部分或者全部单元 来实现本实施例方案的目的。 [0084] In the several embodiments provided by the present application, it should be understood that the disclosed system, apparatus, and method may be implemented in other manners. For example, the device embodiments described above are merely illustrative. For example, the division of the unit is only a logical function division, and the actual implementation may have another division manner, for example, multiple units or components may be combined or Can be integrated into another system, or some features can be ignored, or not executed. In addition, the mutual coupling or direct coupling or communication connection shown or discussed may be an indirect coupling or communication connection through some interface, device or unit, and may be in an electrical, mechanical or other form. [0085] The unit described as a separate component may or may not be physically distributed, and the component displayed as a unit may or may not be a physical unit, that is, may be located in one place, or may be distributed to multiple On the network unit. Some or all of the units may be selected according to actual needs to achieve the purpose of the solution of the embodiment.
[0086] 另外, 在本发明各个实施例中的各功能单元可以集成在一个处理单元中, 也可 以是各个单元单独物理存在, 也可以两个或两个以上单元集成在一个单元中。  [0086] In addition, each functional unit in each embodiment of the present invention may be integrated into one processing unit, or each unit may exist physically separately, or two or more units may be integrated into one unit.
[0087] 所述功能如果以软件功能单元的形式实现并作为独立的产品销售或使用吋, 可 以存储在一个计算机可读取存储介质中。 基于这样的理解, 本发明的技术方案 本质上或者说对现有技术做出贡献的部分或者该技术方案的部分可以以软件产 品的形式体现出来, 该计算机软件产品存储在一个存储介质中, 包括若干指令 用以使得一台计算机设备 (可以是个人计算机, 服务器, 或者网络设备等) 执 行本发明各个实施例所述方法的全部或部分步骤。 而前述的存储介质包括: U盘 、 移动硬盘、 只读存储器 (ROM, Read-Only  [0087] The functions, if implemented in the form of software functional units and sold or used as separate products, may be stored in a computer readable storage medium. Based on such understanding, the technical solution of the present invention, which is essential or contributes to the prior art, or a part of the technical solution, may be embodied in the form of a software product, which is stored in a storage medium, including The instructions are used to cause a computer device (which may be a personal computer, server, or network device, etc.) to perform all or part of the steps of the methods described in various embodiments of the present invention. The foregoing storage medium includes: a USB flash drive, a removable hard disk, a read only memory (ROM, Read-Only)
Memory) 、 随机存取存储器 (RAM, Random Access Memory) 、 磁碟或者光盘 等各种可以存储程序代码的介质。  Memory, random access memory (RAM), disk or optical disk, and other media that can store program code.
[0088] 以上所述, 仅为本发明的具体实施方式, 但本发明的保护范围并不局限于此, 任何熟悉本技术领域的技术人员在本发明揭露的技术范围内, 可轻易想到变化 或替换, 都应涵盖在本发明的保护范围之内。 因此, 本发明的保护范围应所述 以权利要求的保护范围为准。 The above description is only a specific embodiment of the present invention, but the scope of the present invention is not limited thereto, and any person skilled in the art can easily think of changes or within the technical scope disclosed by the present invention. Alternatives are intended to be covered by the scope of the present invention. Therefore, the scope of the invention should be determined by the scope of the claims.

Claims

权利要求书 Claim
[权利要求 1] 一种交易信息发送方法, 其特征在于, 所述方法包括:  [Claim 1] A method for transmitting transaction information, the method comprising:
接收移动终端通过短距离通信的方式发送的验证信息;  Receiving verification information sent by the mobile terminal by means of short-distance communication;
根据所述验证信息验证所述移动终端是否为合法的移动终端; 在所述移动终端为合法的移动终端吋, 发送交易信息至所述合法的移 动终端。  And verifying, according to the verification information, whether the mobile terminal is a legitimate mobile terminal; and sending the transaction information to the legal mobile terminal after the mobile terminal is a legitimate mobile terminal.
[权利要求 2] 根据权利要求 1所述的方法, 其特征在于, 所述根据所述验证信息验 证所述移动终端是否为合法的移动终端, 具体包括:  [Claim 2] The method according to claim 1, wherein the verifying whether the mobile terminal is a valid mobile terminal according to the verification information specifically includes:
将所述验证信息与存储的标准验证信息比较;  Comparing the verification information with stored standard verification information;
在所述验证信息与存储的标准验证信息相同吋, 判定所述移动终端为 合法的移动终端, 否则, 判定所述移动终端为非法的移动终端。  After the verification information is the same as the stored standard verification information, the mobile terminal is determined to be a legitimate mobile terminal, otherwise, the mobile terminal is determined to be an illegal mobile terminal.
[权利要求 3] 根据权利要求 1所述的方法, 其特征在于, 所述根据所述验证信息验 证所述移动终端是否为合法的移动终端, 具体包括: [Claim 3] The method according to claim 1, wherein the verifying, by the verification information, whether the mobile terminal is a legitimate mobile terminal, specifically includes:
根据预设的解密算法解密所述验证信息;  Decrypting the verification information according to a preset decryption algorithm;
将解密结果与存储的标准验证信息比较;  Comparing the decrypted result with the stored standard verification information;
在所述解密结果与存储的标准验证信息相同吋, 判定所述移动终端为 合法的移动终端, 否则, 判定所述移动终端为非法的移动终端。  After the decryption result is the same as the stored standard verification information, the mobile terminal is determined to be a legitimate mobile terminal, otherwise, the mobile terminal is determined to be an illegal mobile terminal.
[权利要求 4] 根据权利要求 1所述的方法, 其特征在于, 在所述接收移动终端发送 的验证信息之前, 包括: [Claim 4] The method according to claim 1, wherein before the receiving the verification information sent by the mobile terminal, the method includes:
发送验证信息至移动终端。  Send verification information to the mobile terminal.
[权利要求 5] 根据权利要求 4所述的方法, 其特征在于, 所述验证信息包括由随机 函数生成的随机数和与移动终端事先约定的数据。 [Clave 5] The method according to claim 4, wherein the verification information comprises a random number generated by a random function and data agreed in advance with the mobile terminal.
[权利要求 6] 根据权利要求 1所述的方法, 其特征在于, 所述接收移动终端通过短 距离通信的方式发送的验证信息, 具体包括: [Claim 6] The method according to claim 1, wherein the receiving the verification information that is sent by the mobile terminal by means of short-distance communication includes:
接收移动终端通过声波通信的方式发送的验证信息。  Receiving verification information sent by the mobile terminal by means of voice communication.
[权利要求 7] 根据权利要求 1至 6任一项所述的方法, 其特征在于, 所述短距离通信 的方式包括声波通信、 近场通信 NFC、 可见光通信、 红外通信。 [Claim 7] The method according to any one of claims 1 to 6, wherein the short-distance communication method comprises acoustic wave communication, near field communication NFC, visible light communication, and infrared communication.
[权利要求 8] —种交易信息发送装置, 其特征在于, 所述装置包括: 验证信息接收单元, 用于接收移动终端通过短距离通信的方式发送的 验证信息; [Claim 8] A transaction information transmitting apparatus, wherein the apparatus comprises: a verification information receiving unit, configured to receive verification information sent by the mobile terminal by means of short-distance communication;
验证信息验证单元, 用于根据所述验证信息验证所述移动终端是否为 合法的移动终端;  a verification information verification unit, configured to verify, according to the verification information, whether the mobile terminal is a legitimate mobile terminal;
交易信息发送单元, 用于在所述移动终端为合法的移动终端吋, 发送 交易信息至所述合法的移动终端。  The transaction information sending unit is configured to send transaction information to the legitimate mobile terminal after the mobile terminal is a legitimate mobile terminal.
[权利要求 9] 根据权利要求 8所述的装置, 其特征在于, 所述验证信息验证单元包 括:  [Claim 9] The device according to claim 8, wherein the verification information verification unit comprises:
验证信息比较模块, 用于将所述验证信息与存储的标准验证信息比较 第一移动终端合法性判断模块, 用于在所述验证信息与存储的标准验 证信息相同吋, 判定所述移动终端为合法的移动终端, 否则, 判定所 述移动终端为非法的移动终端;  a verification information comparison module, configured to compare the verification information with the stored standard verification information, the first mobile terminal legality determining module, configured to determine, after the verification information is the same as the stored standard verification information, that the mobile terminal is a legitimate mobile terminal, otherwise, determining that the mobile terminal is an illegal mobile terminal;
或者, 包括:  Or, including:
验证信息解密模块, 用于根据预设的解密算法解密所述验证信息; 解密结果比较模块, 用于将解密结果与存储的标准验证信息比较; 第二移动终端合法性判断模块, 用于在所述解密结果与存储的标准验 证信息相同吋, 判定所述移动终端为合法的移动终端, 否则, 判定所 述移动终端为非法的移动终端。  a verification information decryption module, configured to decrypt the verification information according to a preset decryption algorithm; a decryption result comparison module, configured to compare the decrypted result with the stored standard verification information; and a second mobile terminal legality judgment module, configured to The decryption result is the same as the stored standard verification information, and the mobile terminal is determined to be a legitimate mobile terminal. Otherwise, the mobile terminal is determined to be an illegal mobile terminal.
[权利要求 10] 根据权利要求 8所述的装置, 其特征在于, 所述装置包括:  [Claim 10] The device according to claim 8, wherein the device comprises:
验证信息发送单元, 用于发送验证信息至移动终端。  The verification information sending unit is configured to send the verification information to the mobile terminal.
[权利要求 11] 根据权利要求 8所述的装置, 其特征在于, 所述验证信息接收单元, 用于接收移动终端通过声波通信的方式发送的验证信息。  [Claim 11] The device according to claim 8, wherein the verification information receiving unit is configured to receive verification information that is sent by the mobile terminal by means of voice wave communication.
[权利要求 12] —种移动终端, 其特征在于, 所述移动终端包括:  [Claim 12] The mobile terminal is characterized in that:
验证信息发送单元, 用于通过短距离通信的方式将验证信息发送至信 息安全设备, 以便所述信息安全设备根据所述验证信息验证移动终端 是否为合法的移动终端。  And a verification information sending unit, configured to send the verification information to the information security device by means of short-distance communication, so that the information security device verifies whether the mobile terminal is a legitimate mobile terminal according to the verification information.
交易信息接收单元, 用于接收所述信息安全设备在判断出所述移动终 端为合法的移动终端吋发送的交易信息 a transaction information receiving unit, configured to receive the information security device, and determine the mobile terminal Transaction information sent by a legitimate mobile terminal
PCT/CN2015/096659 2015-08-18 2015-12-08 Method, device and mobile terminal for transmitting transaction information WO2017028404A1 (en)

Applications Claiming Priority (2)

Application Number Priority Date Filing Date Title
CN201510507678.3A CN105184558B (en) 2015-08-18 2015-08-18 Transaction Information sending method, device and mobile terminal
CN201510507678.3 2015-08-18

Publications (1)

Publication Number Publication Date
WO2017028404A1 true WO2017028404A1 (en) 2017-02-23

Family

ID=54906620

Family Applications (1)

Application Number Title Priority Date Filing Date
PCT/CN2015/096659 WO2017028404A1 (en) 2015-08-18 2015-12-08 Method, device and mobile terminal for transmitting transaction information

Country Status (2)

Country Link
CN (1) CN105184558B (en)
WO (1) WO2017028404A1 (en)

Families Citing this family (3)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN105813076A (en) * 2016-03-10 2016-07-27 北京芯杰科技有限公司 Communication method and device
CN108418834A (en) * 2018-04-04 2018-08-17 成都鹏业软件股份有限公司 A kind of internet of things equipment auth method
CN111461705A (en) * 2020-03-10 2020-07-28 北京达龙上东文化艺术传播有限责任公司 Hardware wallet verification method and device

Citations (5)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN1514573A (en) * 2003-04-24 2004-07-21 徐文祥 Identity authentication method and its identity authentication system
US20090075592A1 (en) * 2005-12-16 2009-03-19 Sebastian Nystrom Method and device for controlling and providing indications of communication events
CN102271012A (en) * 2011-08-18 2011-12-07 中兴通讯股份有限公司 Near field communication terminal, system and method
CN102546571A (en) * 2010-12-31 2012-07-04 国民技术股份有限公司 Identity authentication system and method
CN103927655A (en) * 2014-05-04 2014-07-16 谢宇杰 Smart device payment method and system based on Bluetooth

Family Cites Families (6)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
KR101385429B1 (en) * 2011-09-07 2014-04-15 주식회사 팬택 Method for authenticating individual of electronic contract using nfc, authentication server and terminal for performing the method
KR20130035472A (en) * 2011-09-30 2013-04-09 삼성전기주식회사 System for preventing illegal copy of software and method for preventing illegal copy of software
CN103679975A (en) * 2012-09-10 2014-03-26 中国电信股份有限公司 Paying method and system for mobile terminal
CN104301288B (en) * 2013-07-16 2017-11-10 中钞信用卡产业发展有限公司 Online identity certification, online transaction checking, the method and system of online verification protection
CN103812657B (en) * 2013-12-31 2015-02-18 深圳光启创新技术有限公司 Authentication method
CN104363589A (en) * 2014-12-09 2015-02-18 北京大唐智能卡技术有限公司 Identity authentication method, device and terminal

Patent Citations (5)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN1514573A (en) * 2003-04-24 2004-07-21 徐文祥 Identity authentication method and its identity authentication system
US20090075592A1 (en) * 2005-12-16 2009-03-19 Sebastian Nystrom Method and device for controlling and providing indications of communication events
CN102546571A (en) * 2010-12-31 2012-07-04 国民技术股份有限公司 Identity authentication system and method
CN102271012A (en) * 2011-08-18 2011-12-07 中兴通讯股份有限公司 Near field communication terminal, system and method
CN103927655A (en) * 2014-05-04 2014-07-16 谢宇杰 Smart device payment method and system based on Bluetooth

Also Published As

Publication number Publication date
CN105184558A (en) 2015-12-23
CN105184558B (en) 2019-02-01

Similar Documents

Publication Publication Date Title
TWI655875B (en) Method for establishing wireless communication connection, communication master device, communication slave device, server and system
CN109150548B (en) Digital certificate signing and signature checking method and system and digital certificate system
WO2017045539A1 (en) Identity authentication method and device
US11501294B2 (en) Method and device for providing and obtaining graphic code information, and terminal
US10025920B2 (en) Enterprise triggered 2CHK association
US8214890B2 (en) Login authentication using a trusted device
US10033701B2 (en) Enhanced 2CHK authentication security with information conversion based on user-selected persona
WO2015180691A1 (en) Key agreement method and device for verification information
WO2015192670A1 (en) User identity authentication method, terminal and service terminal
KR20150132471A (en) Secure mobile payment using media binding
KR20160097323A (en) Near field communication authentication mechanism
TW201824809A (en) Method and system for distributing attestation key and certificate in trusted computing
WO2015158172A1 (en) User identity identification card
US8918844B1 (en) Device presence validation
EP3668120A1 (en) Hearing device with service mode and related method
CN112823503B (en) Data access method, data access device and mobile terminal
WO2014201907A1 (en) Electronic signature method and system
WO2021051941A1 (en) Information processing method and apparatus
WO2024031868A1 (en) Attribute encryption-based device security authentication method and related apparatus thereof
WO2012034339A1 (en) Method and mobile terminal for realizing network payment
CN106411520B (en) Method, device and system for processing virtual resource data
WO2015109958A1 (en) Data processing method based on negotiation key, and mobile phone
WO2017028404A1 (en) Method, device and mobile terminal for transmitting transaction information
KR101836211B1 (en) Electronic device authentication manager device
KR101388935B1 (en) Two channel based user authentication apparatus and method

Legal Events

Date Code Title Description
121 Ep: the epo has been informed by wipo that ep was designated in this application

Ref document number: 15901607

Country of ref document: EP

Kind code of ref document: A1

NENP Non-entry into the national phase

Ref country code: DE

122 Ep: pct application non-entry in european phase

Ref document number: 15901607

Country of ref document: EP

Kind code of ref document: A1