WO2017080355A1 - Method for confirming on-line transaction security by means of mobile phone and system thereof - Google Patents

Method for confirming on-line transaction security by means of mobile phone and system thereof Download PDF

Info

Publication number
WO2017080355A1
WO2017080355A1 PCT/CN2016/103047 CN2016103047W WO2017080355A1 WO 2017080355 A1 WO2017080355 A1 WO 2017080355A1 CN 2016103047 W CN2016103047 W CN 2016103047W WO 2017080355 A1 WO2017080355 A1 WO 2017080355A1
Authority
WO
WIPO (PCT)
Prior art keywords
transaction
mobile phone
security
dimensional code
online
Prior art date
Application number
PCT/CN2016/103047
Other languages
French (fr)
Chinese (zh)
Inventor
邓煜平
杨贤伟
Original Assignee
国民技术股份有限公司
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by 国民技术股份有限公司 filed Critical 国民技术股份有限公司
Publication of WO2017080355A1 publication Critical patent/WO2017080355A1/en

Links

Images

Classifications

    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06QINFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES, NOT OTHERWISE PROVIDED FOR
    • G06Q20/00Payment architectures, schemes or protocols
    • G06Q20/38Payment protocols; Details thereof
    • G06Q20/382Payment protocols; Details thereof insuring higher security of transaction
    • G06Q20/3825Use of electronic signatures
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06QINFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES, NOT OTHERWISE PROVIDED FOR
    • G06Q20/00Payment architectures, schemes or protocols
    • G06Q20/38Payment protocols; Details thereof
    • G06Q20/382Payment protocols; Details thereof insuring higher security of transaction

Definitions

  • Client for conducting online transactions, the client generates transaction data and a request according to the online transaction;
  • a transaction security confirmation module for receiving and parsing the two-dimensional code sent by the mobile phone APP, restoring the transaction data and the request, confirming the transaction data and the request through a STK menu of the mobile phone, and generating a transaction confirmation result;
  • Transaction security operation module for digitally signing the transaction confirmation result by using a mobile phone smart card security module function
  • Transaction security operation step for digitally signing the transaction confirmation result by using a mobile phone smart card security module function
  • a two-dimensional code scanning step scanning, by using the mobile phone APP, the two-dimensional code displayed on the client of the Internet terminal corresponding to the transaction data and the request;
  • the transaction security operation module performs the transaction confirmation result signature using the security module function on the SIM card.
  • the short message transaction completion step the transaction security confirmation module directly returns the signed transaction confirmation result to the system platform through the data short message;
  • the present invention also provides a SIM card implemented based on a method for confirming online transaction security by using a mobile phone, which adopts a method for confirming online transaction security by using a mobile phone as described above, and the SIM card includes:
  • Card end communication module used for data communication with a mobile phone
  • Transaction security operation module used to digitally sign the transaction confirmation result of online transaction by using the mobile phone smart card security module function
  • the main control module is configured to centrally control and process the card end communication module and the transaction security operation module, and send the digitally signed transaction confirmation result to the system platform via the mobile phone to complete the online transaction.
  • the present invention also provides a mobile phone implemented based on a method for confirming online transaction security by using a mobile phone, which adopts a method for confirming online transaction security through a mobile phone as described above, the mobile phone comprising:
  • the present invention also provides an online transaction system based on a method for confirming online transaction security by using a mobile phone, which adopts a method for confirming online transaction security through a mobile phone as described above, and the online transaction system includes:
  • the present invention also provides an online transaction system based on a method for confirming online transaction security by using a mobile phone, which adopts a method for confirming online transaction security through a mobile phone as described above, and the online transaction system includes:
  • Client used for online transaction, the client generates transaction data and request according to the online transaction, and generates and displays a two-dimensional code;
  • System platform related background service processing for performing the online transaction
  • the online transaction system based on the method for confirming the security of online transactions by using a mobile phone as described above, the SIM card includes:
  • the system of the invention enables the user to insert and unplug the USBKey in the process of conducting the transaction in the Internet terminal, and confirms the transaction through the two-dimensional code;
  • FIG. 8 is a logic block diagram of a mobile phone implemented by a method for confirming online transaction security by using a mobile phone according to the present invention
  • FIG. 1 is a logic diagram of a system for confirming online transaction security through a mobile phone according to the present invention. As shown in FIG. 1, the system of the present invention includes:
  • Client 1 For online transactions, the client generates transaction data and requests based on online transactions;
  • System platform 2 related background business processing for conducting online transactions, generating a two-dimensional code based on the transaction data and the request, and transmitting the two-dimensional code to the client for display;
  • the transaction security confirmation module 4 is configured to receive and parse the two-dimensional code sent by the mobile phone APP3, restore the transaction data and the request, confirm the transaction data and the request through the STK menu of the mobile phone, and generate a transaction confirmation result;
  • Transaction security operation module 5 for digitally signing the transaction confirmation result by using the smart card security module function
  • the main control module 6 is configured to perform central control on the transaction security operation module 5, send the digitally signed transaction confirmation result to the system platform 2 via the transaction security confirmation module 4, complete the online transaction, or the main control module 6 will digitally sign the transaction.
  • the confirmation result is sent to the system platform 2 via the mobile APP3 to complete the online transaction.
  • FIG. 1 is a logic diagram of a system for confirming online transaction security by using a mobile phone according to the present invention.
  • the system of the present invention includes:
  • Client 1 is used for online transactions, and client 1 generates transaction data and requests according to online transactions, and generates and displays a two-dimensional code;
  • System platform 2 related background business processing for online transactions
  • Mobile APP3 used to obtain and send a two-dimensional code by scanning a two-dimensional code displayed by the client;
  • the transaction security confirmation module 4 is configured to receive and parse the two-dimensional code sent by the mobile phone APP3, restore the transaction data and the request, confirm the transaction data and the request through the STK menu of the mobile phone, and generate a transaction confirmation result;
  • Transaction security operation module 5 for digitally signing the transaction confirmation result by using the smart card security module function
  • the main control module 6 is configured to perform central control on the transaction security operation module 5, send the digitally signed transaction confirmation result to the system platform 2 via the transaction security confirmation module 4, complete the online transaction, or the main control module 6 will digitally sign the transaction.
  • the confirmation result is sent to the system platform 2 via the mobile APP3 to complete the online transaction.
  • the transaction confirmation module calls the transaction operation module for signature by the main control module
  • the main control module returns the transaction signature confirmation result to the transaction confirmation module
  • the transaction confirmation module sends the data message to the system platform.
  • the main control module After the transaction confirmation module calls the transaction operation module signature by the main control module, the main control module returns the transaction signature confirmation result to the APP through the high-speed data channel of the machine card, and the APP sends the information to the system platform through the mobile network.
  • the client of the present invention is a personal device or self-service terminal that can support online transactions and has a display screen, including but not limited to a PC, an IPAD, a mobile phone, an ATM machine, and the like.
  • the STK (Sim Tool Kit) menu in this solution is a system function call triggered by the SIM or system platform.
  • the malicious program in the mobile phone cannot intervene and change the display and input in the STK.
  • the user sees the transaction in the STK menu.
  • the situation is the transaction data and request to be signed and confirmed by the two-dimensional code transmitted by the system platform through the data short message, or the two-dimensional code transmitted by the APP through the high-speed data channel of the machine card to be signed and confirmed.
  • Transaction Data and request if the user wishes to continue the transaction, the transaction is “confirmed” in the STK menu, otherwise the transaction is “cancelled”.
  • the transaction is signed by the security function provided by the security module in the SIM.
  • the high-speed data channel of the machine card of the present invention can be any communication method that can be provided between the mobile phone and the smart card, such as Bluetooth, WiFi, Zigbee and the like.
  • the high-speed data channel of the card is a Bluetooth channel between the mobile phone and the smart card, that is, the method of the present invention can make the Bluetooth SIM have the "second generation Key” security function, thereby enabling the smart phone with the Bluetooth SIM. It can be equipped with the "second generation Key” security function of Internet terminal online transaction, which can be used to replace the USBKey used in Internet terminal online transactions to ensure the security of online transactions on the Internet terminal.
  • the security smart card of the present invention refers to a smart card integrated with a security module (SE) or a security component hardware, including but not limited to standard SIM, UIM, USIM, MicroSIM, NanoSIM and other communication smart cards of various forms and sizes.
  • SE security module
  • a security component hardware including but not limited to standard SIM, UIM, USIM, MicroSIM, NanoSIM and other communication smart cards of various forms and sizes.
  • the system platform of the present invention refers to a remote server platform for processing transaction processing.
  • FIG. 2 is a schematic flow chart of a method for confirming online transaction security by using a mobile phone according to the present invention.
  • the present invention also provides a method for confirming online transaction security through a mobile phone, which is applied to a system for confirming online transaction security through a mobile phone as described above.
  • the system includes: a client, a system platform, a mobile APP, a transaction security confirmation module, a transaction security operation module, and a main control module, and the method includes:
  • the two-dimensional code generating step S1 is: generating transaction code and request based on the online transaction, generating a two-dimensional code, and displaying the two-dimensional code on the client; in the client transaction process, the client generates the transaction data to be signed and confirmed request.
  • Step 2 acquiring the two-dimensional code displayed by the client through the mobile phone APP, and acquiring and transmitting the two-dimensional code;
  • Transaction security confirmation step S3 for receiving and parsing the QR code sent by the mobile APP, restoring the transaction data and the request, confirming the transaction data and the request through the STK menu of the mobile phone, and generating a transaction confirmation result;
  • Transaction security operation step S4 for digitally signing the transaction confirmation result by using the smart card security module function
  • the transaction completion step S5 the transaction security confirmation module sends the signed transaction confirmation result to the system platform, and the system platform determines whether to continue the transaction based on the signed transaction confirmation result. If the transaction continues, the system platform executes the transaction request to complete the entire online transaction.
  • the two-dimensional code generating step S1 includes:
  • Client QR code generation step S11 the client generates transaction data and requests according to the online transaction, and directly generates and displays the two-dimensional code;
  • the system platform two-dimensional code generating step S12 generating a two-dimensional code based on the transaction data and the request, and transmitting the two-dimensional code to the client for display.
  • the client If the two-dimensional code is generated by the client, the client generates a two-dimensional code based on the transaction data and the request to be signed and confirmed, and then sends the two-dimensional code to the system platform via the Internet.
  • the two-dimensional code obtaining step S2 includes:
  • the two-dimensional code scanning step S21 scanning, by using the mobile phone APP, a two-dimensional code corresponding to the transaction data and the request displayed on the client of the Internet terminal;
  • the two-dimensional code is transmitted in step S22: the mobile phone APP transmits the two-dimensional code to the transaction security confirmation module.
  • the two-dimensional code transmitting step S22 includes:
  • the mobile network sends a step S221: the mobile phone APP sends the two-dimensional code to the system platform through the mobile network, and the system platform sends the two-dimensional code to the transaction security confirmation module by using a data message.
  • the transaction security confirmation step S3 includes:
  • the two-dimensional code parsing step S31 the transaction security confirmation module obtains the transaction data and the request to be signed and confirmed by parsing the two-dimensional code;
  • the transaction confirmation step S32 the STK menu pops up in the transaction security confirmation module displays the transaction data and the request to be signed and confirmed, and waits for the user to confirm the transaction in the STK menu to generate a transaction confirmation result.
  • the transaction security operation step S4 includes:
  • the transaction security operation module uses the security module function on the SIM card to perform a transaction confirmation result signature.
  • the transaction completion step S5 includes:
  • the SMS transaction completion step S501 the transaction security confirmation module directly returns the signed transaction confirmation result to the system platform through the data short message;
  • the communication channel transaction completion step S502 the transaction security confirmation module sends the signed transaction confirmation result to the mobile phone APP through the data channel between the mobile phone and the SIM card, and the mobile phone APP is sent to the system platform through the mobile network.
  • FIG. 6 is a schematic flowchart of a method for confirming online transaction security by using a mobile phone according to an embodiment of the present invention, as shown in FIG. 6 :
  • Step S50 During the client online transaction process, the client generates transaction data and a transfer request to be signed and confirmed. For example, in the online banking transfer page of the client, the user is prompted to input transaction data, such as the account number of the other party, the amount of the transfer, and the like.
  • Step S53 The user scans the QR code on the client by using the mobile phone APP.
  • the SIM After the SIM receives the two-dimensional code through the card-end Bluetooth module, the SIM sets the specific response status word in the subsequent 7816 normal command response, and notifies the mobile phone system to obtain the two-dimensional code/signature data and request on the card. .
  • the mobile phone system After obtaining the "read data" notification of the SIM, the mobile phone system obtains the two-dimensional code/to-signature data and the request from the SIM by using a specified command. For example, the mobile phone system can obtain the two-dimensional code/to-signature data and the request from the SIM through the Fetch command.
  • Step S55 The mobile phone system parses the two-dimensional code to obtain the to-be-signed verification data and the transfer request, or obtains the data to be signed and the request from the SIM, and then pops up the STK menu to display the transaction data and the transfer request to be signed and confirmed, waiting for the user to be in the STK menu. Confirm the transaction.
  • Step S57 If the user confirms to continue the transaction, the mobile phone system uses the security function provided by the security module on the card to perform security operations such as transaction signature.
  • Step S58 the mobile phone system directly returns the signature confirmation result to the system platform through the data short message; or when the machine card has the Bluetooth channel, the mobile phone system returns the signature confirmation result to the APP through the Bluetooth channel of the machine card, and the APP sends the solution to the system through the mobile network. platform.
  • Step S59 After receiving the signature confirmation result, the system platform determines whether to continue the subsequent transaction process according to the user signature confirmation result. If the system platform determines to continue the transaction, the system platform executes the transaction request and then sends the transaction result to the client via the Internet.
  • the SIM card includes:
  • the main control module 12 is configured to centrally control and process the card end communication module and the transaction security operation module, and send the digital signature transaction confirmation result to the system platform via the mobile phone to complete the online transaction.
  • the mobile phone APP22 is configured to: acquire the two-dimensional code by scanning a two-dimensional code displayed by the client, and send the two-dimensional code by using the mobile phone end communication module;
  • Client 31 for conducting an online transaction, the client 31 generates transaction data and a request according to the online transaction;
  • System platform 32 related background service processing for performing online transactions, generating a two-dimensional code based on the transaction data and the request, and transmitting the two-dimensional code to the client for display;
  • the SIM card 34 is configured to digitally sign the transaction confirmation result by using a smart card security module function, and send the digitally signed transaction confirmation result to the system platform via the mobile phone system to complete the entire online transaction.
  • the client 31 is configured to perform online transactions, and the client 31 generates transaction data and requests according to the online transaction, and generates and displays a two-dimensional code;
  • System platform 32 related background business processing for conducting online transactions
  • the mobile phone APP 332 is configured to obtain and send a two-dimensional code through the mobile terminal communication module by scanning the two-dimensional code displayed by the client;
  • the card end communication module 341 is configured to perform data communication with the mobile phone system

Landscapes

  • Business, Economics & Management (AREA)
  • Accounting & Taxation (AREA)
  • Engineering & Computer Science (AREA)
  • Physics & Mathematics (AREA)
  • Finance (AREA)
  • Strategic Management (AREA)
  • Computer Security & Cryptography (AREA)
  • General Business, Economics & Management (AREA)
  • General Physics & Mathematics (AREA)
  • Theoretical Computer Science (AREA)
  • Telephonic Communication Services (AREA)
  • Mobile Radio Communication Systems (AREA)
  • Financial Or Insurance-Related Operations Such As Payment And Settlement (AREA)
  • Telephone Function (AREA)

Abstract

Disclosed are a method and system for confirming on-line transaction security by means of a mobile phone. The method comprises: a two-dimensional code generation step, used for generating a two-dimensional code based on transaction data, which is generated by means of an on-line transaction, and a request, and displaying the two-dimensional code on a client; a two-dimensional code acquisition step, used for scanning the two-dimensional code displayed on the client by means of a mobile phone APP to acquire and send the two-dimensional code; a transaction security confirmation step, used for receiving and parsing the two-dimensional code sent by the mobile phone APP, restoring the transaction data and the request, confirming the transaction data and the request by means of a mobile phone STK menu, and generating a transaction confirmation result; a transaction security operation step, used for adopting a mobile phone smart card security module function to perform digital signature on the transaction confirmation result; and a transaction completion step, used for sending a signature confirmation result to a system platform and completing the entire on-line transaction.

Description

一种通过手机确认网上交易安全的方法及其系统Method and system for confirming online transaction security by mobile phone 技术领域Technical field
本发明涉及网上交易安全领域,尤其涉及一种通过手机确认网上交易安全的方法及其系统。The invention relates to the field of online transaction security, and in particular to a method and system for confirming online transaction security through a mobile phone.
背景技术Background technique
随着智能互联网终端技术的发展,手机扫描二维码由于其使用方便快捷、用户体验好,因而应用场合越来越广泛。并且,随着IC技术的不断演进,蓝牙(Bluetooth)通信等许多无线通讯技术被集成到手机SIM卡等智能卡中,从而在传统数据短信通道之外,还打通了移动互联网终端与智能卡之间的机卡高速数据通道,使得手机SIM卡不仅提供电信功能,还可支持各种新业务新应用的下载和运行。此外,手机SIM卡等智能卡中还提供安全模块(SE Security Element)的硬件用于数据加密/解密、签名/验签等安全操作,实现金融级别的安全性,从而构成安全智能卡。With the development of intelligent Internet terminal technology, mobile phone scanning QR code is more and more widely used due to its convenient use and good user experience. Moreover, with the continuous evolution of IC technology, many wireless communication technologies, such as Bluetooth communication, are integrated into smart cards such as mobile phone SIM cards, thereby opening up a gap between mobile Internet terminals and smart cards in addition to traditional data short message channels. The high-speed data channel of the machine card enables the mobile phone SIM card to not only provide telecom functions, but also support the downloading and operation of new applications and new applications. In addition, the smart card such as the mobile phone SIM card also provides the security module (SE Security Element) hardware for data encryption/decryption, signature/checking and other security operations to achieve financial level security, thereby forming a security smart card.
目前的现有技术中,在互联网终端上普遍使用独立的智能密码钥匙(USBKey)完成交易显示、数字签名和用户确认等功能,即完成所谓“二代KEY”的功能。但该种在互联网终端上配套使用单独的智能密码钥匙的技术具有很多的缺点,如:In the current prior art, a separate smart cipher key (USBKey) is commonly used on an Internet terminal to perform functions such as transaction display, digital signature, and user confirmation, that is, the function of the so-called "second generation KEY" is completed. However, this kind of technology that uses a separate smart cipher key on an Internet terminal has many disadvantages, such as:
1)用户使用不方便,在互联网终端进行交易的过程中必须插拔USBKey,才能进行网上交易认证;1) The user is inconvenient to use, and the USBKey must be inserted and removed during the transaction of the Internet terminal to perform online transaction authentication;
2)安全性低,单独的智能密码钥匙容易忘记携带,并且容易丢失后被他人盗取,造成了用户账户的隐患。2) The security is low, and the individual smart password key is easy to forget to carry, and is easily stolen and stolen by others, causing hidden dangers of the user account.
发明内容Summary of the invention
本发明期望提供一种通过手机确认网上交易安全的方法及其系统,能通过采用手机STK(SIM Tool Kit,用户识别应用发展工具)菜单确认网上交易安全,既保证互联网终端网上交易的安全性,又便于随时携带,方便用户使用。The present invention is intended to provide a method and system for confirming online transaction security through a mobile phone, and can confirm online transaction security by using a mobile phone STK (SIM Tool Kit) menu to ensure the security of online transactions on the Internet terminal. It is also easy to carry at any time and is convenient for users to use.
本发明实施例的技术方案是这样实现的:The technical solution of the embodiment of the present invention is implemented as follows:
本发明提供一种通过手机确认网上交易安全的系统,包括: The invention provides a system for confirming online transaction security through a mobile phone, comprising:
客户端:用于进行网上交易,所述客户端根据所述网上交易生成交易数据与请求;Client: for conducting online transactions, the client generates transaction data and a request according to the online transaction;
系统平台:用于进行所述网上交易的相关后台业务处理,基于所述交易数据与请求生成二维码,并将所述二维码发送给所述客户端进行显示;a system platform: related background service processing for performing the online transaction, generating a two-dimensional code based on the transaction data and the request, and sending the two-dimensional code to the client for display;
手机APP:用于通过扫描所述客户端显示的所述二维码,获取并发送所述二维码;a mobile phone APP: configured to acquire and send the two-dimensional code by scanning the two-dimensional code displayed by the client;
交易安全确认模块:用于接收并解析所述手机APP发送的所述二维码,还原所述交易数据与请求,通过手机STK菜单对所述交易数据与请求进行确认,生成交易确认结果;a transaction security confirmation module: for receiving and parsing the two-dimensional code sent by the mobile phone APP, restoring the transaction data and the request, confirming the transaction data and the request through a STK menu of the mobile phone, and generating a transaction confirmation result;
交易安全操作模块:用于采用手机智能卡安全模块功能对所述交易确认结果进行数字签名;Transaction security operation module: for digitally signing the transaction confirmation result by using a mobile phone smart card security module function;
主控模块:用于对所述交易安全操作模块进行中央控制,并将数字签名的所述交易确认结果经由所述交易安全确认模块发送到所述系统平台,完成网上交易,或所述主控模块将数字签名的所述交易确认结果经由所述手机APP发送到所述系统平台,完成网上交易。a main control module: configured to centrally control the transaction security operation module, and send the digitally signed transaction confirmation result to the system platform via the transaction security confirmation module to complete an online transaction, or the main control The module sends the digitally signed transaction confirmation result to the system platform via the mobile phone APP to complete the online transaction.
本发明还提供一种通过手机确认网上交易安全的系统,包括:The invention also provides a system for confirming the security of online transactions through a mobile phone, comprising:
客户端:用于进行网上交易,所述客户端根据所述网上交易生成交易数据与请求,生成并显示二维码;Client: used for online transaction, the client generates transaction data and request according to the online transaction, and generates and displays a two-dimensional code;
系统平台:用于进行所述网上交易的相关后台业务处理;System platform: related background service processing for performing the online transaction;
手机APP:用于通过扫描所述客户端显示的所述二维码,获取并发送所述二维码;a mobile phone APP: configured to acquire and send the two-dimensional code by scanning the two-dimensional code displayed by the client;
交易安全确认模块:用于接收并解析所述手机APP发送的所述二维码,还原所述交易数据与请求,通过手机STK菜单对所述交易数据与请求进行确认,生成交易确认结果;a transaction security confirmation module: for receiving and parsing the two-dimensional code sent by the mobile phone APP, restoring the transaction data and the request, confirming the transaction data and the request through a STK menu of the mobile phone, and generating a transaction confirmation result;
交易安全操作模块:用于采用手机智能卡安全模块功能对所述交易确认结果进行数字签名;Transaction security operation module: for digitally signing the transaction confirmation result by using a mobile phone smart card security module function;
主控模块:用于对所述交易安全操作模块进行中央控制,并将数字签名的所述交易确认结果经由所述交易安全确认模块发送到所述系统平台,完成网上交易,或所述主控模块将数字签名的所述交易确认结果经由所述手机APP发送到所述系统平台,完成网上交易。a main control module: configured to centrally control the transaction security operation module, and send the digitally signed transaction confirmation result to the system platform via the transaction security confirmation module to complete an online transaction, or the main control The module sends the digitally signed transaction confirmation result to the system platform via the mobile phone APP to complete the online transaction.
本发明还提供一种通过手机确认网上交易安全的方法,应用于如上所述通过手机确认网上交易安全的系统,所述系统包括:客户端、系统平台、手机APP、交易安全确认模块、交易安全操作模块及主控模块,所述方法包括:The invention also provides a method for confirming the security of online transactions by using a mobile phone, which is applied to a system for confirming online transaction security through a mobile phone as described above, the system comprising: a client, a system platform, a mobile APP, a transaction security confirmation module, and transaction security. An operation module and a main control module, the method comprising:
二维码生成步骤:用于基于网上交易生成的交易数据与请求,生成二维码,并在所述客户端显示所述二维码;a two-dimensional code generating step: generating a two-dimensional code based on the transaction data and the request generated by the online transaction, and displaying the two-dimensional code on the client;
二维码获取步骤:用于通过所述手机APP扫描所述客户端显示的所述二维码,获取并发送所述二维码;a two-dimensional code acquisition step of: scanning, by the mobile phone APP, the two-dimensional code displayed by the client, acquiring and transmitting the two-dimensional code;
交易安全确认步骤:用于接收并解析所述手机APP发送的所述二维码,还原所述交易数据与请求,通过手机STK菜单对所述交易数据与请求进行确认,生成交易确认结果; a transaction security confirmation step: receiving and parsing the two-dimensional code sent by the mobile phone APP, restoring the transaction data and the request, and confirming the transaction data and the request through a STK menu of the mobile phone to generate a transaction confirmation result;
交易安全操作步骤:用于采用手机智能卡安全模块功能对所述交易确认结果进行数字签名;Transaction security operation step: for digitally signing the transaction confirmation result by using a mobile phone smart card security module function;
交易完成步骤:所述交易安全确认模块将签名的所述交易确认结果发送给所述系统平台,所述系统平台基于签名的所述交易确认结果决定是否继续交易,如果继续交易则所述系统平台执行交易请求,完成整个网上交易。a transaction completion step: the transaction security confirmation module sends the signed transaction confirmation result to the system platform, and the system platform determines whether to continue the transaction based on the signed transaction confirmation result, and if the transaction continues, the system platform Execute the transaction request and complete the entire online transaction.
如上所述通过手机确认网上交易安全的方法,所述二维码生成步骤包括:The method for confirming online transaction security by using a mobile phone as described above, the two-dimensional code generating step includes:
客户端二维码生成步骤:所述客户端根据所述网上交易生成交易数据与请求,直接生成并显示二维码;Client QR code generation step: the client generates transaction data and request according to the online transaction, and directly generates and displays a two-dimensional code;
or
系统平台二维码生成步骤:基于所述交易数据与请求生成二维码,将所述二维码发送给所述客户端进行显示。The system platform two-dimensional code generating step: generating a two-dimensional code based on the transaction data and the request, and transmitting the two-dimensional code to the client for display.
如上所述通过手机确认互联网终端网上交易安全的方法,所述二维码获取步骤包括:The method for confirming the security of the online transaction of the Internet terminal by using the mobile phone as described above, the step of acquiring the two-dimensional code includes:
二维码扫描步骤:使用所述手机APP扫描在所述互联网终端的客户端上显示的与所述交易数据与请求相应的所述二维码;a two-dimensional code scanning step: scanning, by using the mobile phone APP, the two-dimensional code displayed on the client of the Internet terminal corresponding to the transaction data and the request;
二维码发送步骤:所述手机APP将所述二维码传递给所述交易安全确认模块。The two-dimensional code transmitting step: the mobile phone APP transmits the two-dimensional code to the transaction security confirmation module.
如上所述通过手机确认网上交易安全的方法,所述二维码发送步骤,包括:The method for confirming the security of online transactions by using a mobile phone as described above, the step of transmitting the two-dimensional code includes:
移动网络发送步骤:所述手机APP将所述二维码通过移动网络发送给所述系统平台,所述系统平台再通过数据短信将所述二维码下发给所述交易安全确认模块;a mobile network sending step: the mobile phone APP sends the two-dimensional code to the system platform through a mobile network, and the system platform sends the two-dimensional code to the transaction security confirmation module by using a data short message;
or
通信通道发送步骤:所述手机APP将所述二维码通过手机与SIM卡之间的数据通道发送给所述SIM卡,所述交易安全确认模块从所述SIM卡获取所述二维码。The communication channel sending step: the mobile phone APP sends the two-dimensional code to the SIM card through a data channel between the mobile phone and the SIM card, and the transaction security confirmation module acquires the two-dimensional code from the SIM card.
如上所述通过手机确认网上交易安全的方法,所述交易安全确认步骤包括:The method for confirming online transaction security through a mobile phone as described above, the transaction security confirmation step includes:
二维码解析步骤:所述交易安全确认模块通过解析所述二维码,获得待签名确认的所述交易数据与请求;The two-dimensional code parsing step: the transaction security confirmation module obtains the transaction data and the request to be signed and confirmed by parsing the two-dimensional code;
交易确认步骤:所述交易安全确认模块中弹出STK菜单显示所述待签名确认的交易数据与请求,等待用户在所述STK菜单中对交易进行确认,生成交易确认结果。The transaction confirmation step: the STK menu pops up in the transaction security confirmation module displays the transaction data and the request to be signed and confirmed, and waits for the user to confirm the transaction in the STK menu to generate a transaction confirmation result.
如上所述通过手机确认网上交易安全的方法,所述交易安全操作步骤包括:The method for confirming online transaction security by using a mobile phone as described above, the transaction security operation steps include:
签名步骤:如果用户确认交易,则所述交易安全操作模块使用SIM卡上安全模块功能进行所述交易确认结果签名。Signature step: If the user confirms the transaction, the transaction security operation module performs the transaction confirmation result signature using the security module function on the SIM card.
如上所述的通过手机确认网上交易安全的方法,所述交易完成步骤包括:The method for confirming the security of online transactions by a mobile phone as described above, the transaction completion steps include:
短信交易完成步骤:所述交易安全确认模块直接将签名的所述交易确认结果通过数据短信返回给所述系统平台; The short message transaction completion step: the transaction security confirmation module directly returns the signed transaction confirmation result to the system platform through the data short message;
or
通信通道交易完成步骤:所述交易安全确认模块将签名的所述交易确认结果通过手机与SIM卡之间的数据通道发送给所述手机APP,所述手机APP通过移动网络发送给所述系统平台。a communication channel transaction completion step: the transaction security confirmation module sends the signed transaction confirmation result to the mobile phone APP through a data channel between the mobile phone and the SIM card, and the mobile phone APP is sent to the system platform through the mobile network. .
本发明还提供一种基于通过手机确认网上交易安全的方法实现的SIM卡,采用如上所述通过手机确认网上交易安全的方法,所述SIM卡包括:The present invention also provides a SIM card implemented based on a method for confirming online transaction security by using a mobile phone, which adopts a method for confirming online transaction security by using a mobile phone as described above, and the SIM card includes:
卡端通信模块:用于与手机进行数据通信;Card end communication module: used for data communication with a mobile phone;
交易安全操作模块:用于采用手机智能卡安全模块功能对网上交易的交易确认结果进行数字签名;Transaction security operation module: used to digitally sign the transaction confirmation result of online transaction by using the mobile phone smart card security module function;
主控模块:用于对所述卡端通信模块与所述交易安全操作模块进行中央控制与处理,将数字签名的所述交易确认结果经由手机发送到系统平台,完成网上交易。The main control module is configured to centrally control and process the card end communication module and the transaction security operation module, and send the digitally signed transaction confirmation result to the system platform via the mobile phone to complete the online transaction.
本发明还提供一种基于通过手机确认网上交易安全的方法实现的手机,采用如上所述通过手机确认网上交易安全的方法,所述手机包括:The present invention also provides a mobile phone implemented based on a method for confirming online transaction security by using a mobile phone, which adopts a method for confirming online transaction security through a mobile phone as described above, the mobile phone comprising:
手机端通信模块:用于与SIM卡进行数据通信;Mobile terminal communication module: used for data communication with the SIM card;
手机APP:用于通过扫描客户端显示的二维码,获取所述二维码并通过所述手机端通信模块发送所述二维码;The mobile phone APP is configured to: acquire the two-dimensional code by scanning a two-dimensional code displayed by the client, and send the two-dimensional code by using the mobile terminal communication module;
交易安全确认模块:用于接收并解析所述手机APP发送的所述二维码,还原网上交易的交易数据与请求,通过手机STK菜单对所述交易数据与请求进行确认,生成交易确认结果。The transaction security confirmation module is configured to receive and parse the two-dimensional code sent by the mobile phone APP, restore the transaction data and the request of the online transaction, and confirm the transaction data and the request through the STK menu of the mobile phone to generate a transaction confirmation result.
本发明还提供一种基于通过手机确认网上交易安全的方法实现的网上交易系统,采用如上所述通过手机确认网上交易安全的方法,所述网上交易系统包括:The present invention also provides an online transaction system based on a method for confirming online transaction security by using a mobile phone, which adopts a method for confirming online transaction security through a mobile phone as described above, and the online transaction system includes:
客户端:用于进行网上交易,所述客户端根据所述网上交易生成交易数据与请求;Client: for conducting online transactions, the client generates transaction data and a request according to the online transaction;
系统平台:用于进行所述网上交易的相关后台业务处理,基于所述交易数据与请求生成二维码,并将所述二维码发送给所述客户端进行显示;a system platform: related background service processing for performing the online transaction, generating a two-dimensional code based on the transaction data and the request, and sending the two-dimensional code to the client for display;
手机系统:用于通过扫描所述客户端显示的所述二维码,获取所述二维码,解析所述二维码,还原所述交易数据与请求,通过手机STK菜单对所述交易数据与请求进行确认,生成交易确认结果;a mobile phone system: configured to scan the two-dimensional code by scanning the two-dimensional code displayed by the client, parse the two-dimensional code, restore the transaction data and request, and use the mobile phone STK menu to process the transaction data. Confirm with the request to generate a transaction confirmation result;
SIM卡:用于采用手机智能卡安全模块功能对所述交易确认结果进行数字签名,将数字签名的所述交易确认结果经由所述手机系统发送到所述系统平台,完成整个网上交易。SIM card: used to digitally sign the transaction confirmation result by using the mobile phone smart card security module function, and send the digitally signed transaction confirmation result to the system platform via the mobile phone system to complete the entire online transaction.
本发明还提供一种基于通过手机确认网上交易安全的方法实现的网上交易系统,采用如上所述通过手机确认网上交易安全的方法,所述网上交易系统包括: The present invention also provides an online transaction system based on a method for confirming online transaction security by using a mobile phone, which adopts a method for confirming online transaction security through a mobile phone as described above, and the online transaction system includes:
客户端:用于进行网上交易,所述客户端根据所述网上交易生成交易数据与请求,生成并显示二维码;Client: used for online transaction, the client generates transaction data and request according to the online transaction, and generates and displays a two-dimensional code;
系统平台:用于进行所述网上交易的相关后台业务处理;System platform: related background service processing for performing the online transaction;
手机系统:用于通过扫描所述客户端显示的所述二维码,获取所述二维码,解析所述二维码,还原所述交易数据与请求,通过手机STK菜单对所述交易数据与请求进行确认,生成交易确认结果;a mobile phone system: configured to scan the two-dimensional code by scanning the two-dimensional code displayed by the client, parse the two-dimensional code, restore the transaction data and request, and use the mobile phone STK menu to process the transaction data. Confirm with the request to generate a transaction confirmation result;
SIM卡:用于采用手机智能卡安全模块功能对所述交易确认结果进行数字签名,将数字签名的所述交易确认结果经由所述手机系统发送到所述系统平台,完成整个网上交易。SIM card: used to digitally sign the transaction confirmation result by using the mobile phone smart card security module function, and send the digitally signed transaction confirmation result to the system platform via the mobile phone system to complete the entire online transaction.
如上所述基于通过手机确认网上交易安全的方法实现的网上交易系统,所述手机系统,包括:An online transaction system based on a method for confirming online transaction security by a mobile phone as described above, the mobile phone system comprising:
手机端通信模块:用于与所述SIM卡进行数据通信;Mobile terminal communication module: used for data communication with the SIM card;
手机APP:用于通过扫描所述客户端显示的所述二维码,获取并通过所述手机端通信模块发送所述二维码;The mobile phone APP is configured to acquire and send the two-dimensional code by using the mobile phone end communication module by scanning the two-dimensional code displayed by the client;
交易安全确认模块:用于接收并解析所述手机APP发送的所述二维码,还原所述交易数据与请求,通过手机STK菜单对所述交易数据与请求进行确认,生成交易确认结果。The transaction security confirmation module is configured to receive and parse the two-dimensional code sent by the mobile phone APP, restore the transaction data and the request, and confirm the transaction data and the request through the STK menu of the mobile phone to generate a transaction confirmation result.
如上所述基于通过手机确认网上交易安全的方法实现的网上交易系统,所述SIM卡,包括:The online transaction system based on the method for confirming the security of online transactions by using a mobile phone as described above, the SIM card includes:
卡端通信模块:用于与所述手机系统进行数据通信;Card end communication module: used for data communication with the mobile phone system;
交易安全操作模块:用于采用手机智能卡安全模块功能对所述交易确认结果进行数字签名;Transaction security operation module: for digitally signing the transaction confirmation result by using a mobile phone smart card security module function;
主控模块:用于对所述卡端通信模块与所述交易安全操作模块进行中央控制与处理,将数字签名的所述交易确认结果经由手机发送到系统平台,完成网上交易。The main control module is configured to centrally control and process the card end communication module and the transaction security operation module, and send the digitally signed transaction confirmation result to the system platform via the mobile phone to complete the online transaction.
本发明实施例所提供的一种通过手机确认网上交易安全的方法及其系统,利用手机扫描客户端上显示的二维码,获得待签名确认的交易数据与请求,利用STK菜单对交易进行安全确认,使用安全智能卡上的安全模块对待签名确认的交易数据与请求进行数字签名。本发明使得带安全智能卡的智能手机具备互联网终端网上交易“二代Key”功能,既保证互联网终端网上交易的安全性,又便于随时携带,方便用户使用。A method and system for confirming online transaction security by using a mobile phone according to an embodiment of the present invention, using a mobile phone to scan a QR code displayed on a client, obtaining transaction data and a request to be signed and confirming, and using the STK menu to secure the transaction Confirm that the transaction data and the request for signature verification are digitally signed using the security module on the security smart card. The invention enables the smart phone with the security smart card to have the "second generation Key" function of the online transaction of the internet terminal, which not only ensures the security of the online transaction of the internet terminal, but also is convenient to carry at any time and is convenient for the user to use.
本发明有益效果在于:The beneficial effects of the invention are:
1)使用简便,本发明系统使用户在互联网终端进行交易的过程中不需要插拔USBKey,而是通过二维码进行交易的确认; 1) Easy to use, the system of the invention enables the user to insert and unplug the USBKey in the process of conducting the transaction in the Internet terminal, and confirms the transaction through the two-dimensional code;
2)安全性高,本发明二维码交易确认方式不易丢失并被他人盗取,极大提高了用户账户的安全性。2) The security is high, and the verification method of the QR code transaction of the invention is not easy to be lost and stolen by others, which greatly improves the security of the user account.
附图说明DRAWINGS
图1为本发明通过手机确认网上交易安全的系统逻辑框图;1 is a logic block diagram of a system for confirming online transaction security by using a mobile phone according to the present invention;
图2为本发明通过手机确认网上交易安全的方法流程示意图;2 is a schematic flow chart of a method for confirming online transaction security by using a mobile phone according to the present invention;
图3~图5为本发明通过手机确认网上交易安全的方法详细流程示意图;3 to FIG. 5 are schematic diagrams showing a detailed flow of a method for confirming online transaction security by using a mobile phone according to the present invention;
图6为本发明方法具体实施例流程示意图;6 is a schematic flow chart of a specific embodiment of a method according to the present invention;
图7为本发明基于通过手机确认网上交易安全的方法实现的SIM卡逻辑框图;7 is a logic block diagram of a SIM card implemented by a method for confirming online transaction security by using a mobile phone according to the present invention;
图8为本发明基于通过手机确认网上交易安全的方法实现的手机逻辑框图;8 is a logic block diagram of a mobile phone implemented by a method for confirming online transaction security by using a mobile phone according to the present invention;
图9为本发明基于通过手机确认网上交易安全的方法实现的网上交易系统逻辑框图。FIG. 9 is a logic block diagram of an online transaction system implemented by a method for confirming online transaction security through a mobile phone according to the present invention.
具体实施方式detailed description
为了更清楚地说明本发明实施例和技术方案,下面将结合附图及实施例对本发明的技术方案进行更详细的说明,显然,所描述的实施例是本发明的一部分实施例,而不是全部实施例。基于本发明的实施例,本领域普通技术人员在不付出创造性劳动的前提下所获得的所有其他实施例,都属于本发明保护的范围。In order to explain the embodiments and technical solutions of the present invention more clearly, the technical solutions of the present invention will be described in more detail below with reference to the accompanying drawings and embodiments. It is obvious that the described embodiments are a part of the embodiments of the present invention, and not all Example. All other embodiments obtained by a person of ordinary skill in the art based on the embodiments of the present invention without departing from the inventive scope are the scope of the present invention.
本发明提供一种通过手机确认网上交易安全的系统,图1为本发明通过手机确认网上交易安全的系统逻辑框图,如图1所示,本发明系统,包括:The invention provides a system for confirming online transaction security through a mobile phone. FIG. 1 is a logic diagram of a system for confirming online transaction security through a mobile phone according to the present invention. As shown in FIG. 1, the system of the present invention includes:
客户端1:用于进行网上交易,客户端根据网上交易生成交易数据与请求;Client 1: For online transactions, the client generates transaction data and requests based on online transactions;
系统平台2:用于进行网上交易的相关后台业务处理,基于交易数据与请求生成二维码,并将二维码发送给客户端进行显示;System platform 2: related background business processing for conducting online transactions, generating a two-dimensional code based on the transaction data and the request, and transmitting the two-dimensional code to the client for display;
手机APP3:用于通过扫描客户端显示的二维码,获取并发送二维码;Mobile APP3: used to obtain and send a two-dimensional code by scanning a two-dimensional code displayed by the client;
交易安全确认模块4:用于接收并解析手机APP3发送的二维码,还原交易数据与请求,通过手机STK菜单对交易数据与请求进行确认,生成交易确认结果;The transaction security confirmation module 4 is configured to receive and parse the two-dimensional code sent by the mobile phone APP3, restore the transaction data and the request, confirm the transaction data and the request through the STK menu of the mobile phone, and generate a transaction confirmation result;
交易安全操作模块5:用于采用智能卡安全模块功能对交易确认结果进行数字签名; Transaction security operation module 5: for digitally signing the transaction confirmation result by using the smart card security module function;
主控模块6:用于对交易安全操作模块5进行中央控制,将数字签名的交易确认结果经由交易安全确认模块4发送到系统平台2,完成网上交易,或主控模块6将数字签名的交易确认结果经由手机APP3发送到系统平台2,完成网上交易。The main control module 6 is configured to perform central control on the transaction security operation module 5, send the digitally signed transaction confirmation result to the system platform 2 via the transaction security confirmation module 4, complete the online transaction, or the main control module 6 will digitally sign the transaction. The confirmation result is sent to the system platform 2 via the mobile APP3 to complete the online transaction.
本发明系统另一具体实施例中,图1为本发明通过手机确认网上交易安全的系统逻辑框图,如图1所示,本发明系统,包括:In another specific embodiment of the system of the present invention, FIG. 1 is a logic diagram of a system for confirming online transaction security by using a mobile phone according to the present invention. As shown in FIG. 1, the system of the present invention includes:
客户端1用于进行网上交易,客户端1根据网上交易生成交易数据与请求,生成并显示二维码; Client 1 is used for online transactions, and client 1 generates transaction data and requests according to online transactions, and generates and displays a two-dimensional code;
系统平台2:用于进行网上交易的相关后台业务处理;System platform 2: related background business processing for online transactions;
手机APP3:用于通过扫描客户端显示的二维码,获取并发送二维码;Mobile APP3: used to obtain and send a two-dimensional code by scanning a two-dimensional code displayed by the client;
交易安全确认模块4:用于接收并解析手机APP3发送的二维码,还原交易数据与请求,通过手机STK菜单对交易数据与请求进行确认,生成交易确认结果;The transaction security confirmation module 4 is configured to receive and parse the two-dimensional code sent by the mobile phone APP3, restore the transaction data and the request, confirm the transaction data and the request through the STK menu of the mobile phone, and generate a transaction confirmation result;
交易安全操作模块5:用于采用智能卡安全模块功能对交易确认结果进行数字签名;Transaction security operation module 5: for digitally signing the transaction confirmation result by using the smart card security module function;
主控模块6:用于对交易安全操作模块5进行中央控制,将数字签名的交易确认结果经由交易安全确认模块4发送到系统平台2,完成网上交易,或主控模块6将数字签名的交易确认结果经由手机APP3发送到系统平台2,完成网上交易。The main control module 6 is configured to perform central control on the transaction security operation module 5, send the digitally signed transaction confirmation result to the system platform 2 via the transaction security confirmation module 4, complete the online transaction, or the main control module 6 will digitally sign the transaction. The confirmation result is sent to the system platform 2 via the mobile APP3 to complete the online transaction.
交易安全操作模块提供加解密和数字签名服务等安全功能。The Transaction Security Module provides security features such as encryption and decryption and digital signature services.
将交易签名确认结果发送到所述系统平台的工作,分两种情况:The work of sending a transaction signature confirmation result to the system platform is divided into two cases:
1、由交易确认模块完成:1. Completed by the transaction confirmation module:
交易确认模块通过主控模块调用交易操作模块进行签名后,由主控模块将交易签名确认结果返回给交易确认模块,由交易确认模块通过数据短信发送到系统平台。After the transaction confirmation module calls the transaction operation module for signature by the main control module, the main control module returns the transaction signature confirmation result to the transaction confirmation module, and the transaction confirmation module sends the data message to the system platform.
2、由APP完成:2. Completed by the APP:
交易确认模块通过主控模块调用交易操作模块签名后,由主控模块将交易签名确认结果通过机卡高速数据通道返回给APP,APP通过移动网络发送到系统平台。After the transaction confirmation module calls the transaction operation module signature by the main control module, the main control module returns the transaction signature confirmation result to the APP through the high-speed data channel of the machine card, and the APP sends the information to the system platform through the mobile network.
本发明客户端为可支持网上交易且带显示屏幕的个人设备或自助终端,包括但不限于PC、IPAD、手机、ATM机等。The client of the present invention is a personal device or self-service terminal that can support online transactions and has a display screen, including but not limited to a PC, an IPAD, a mobile phone, an ATM machine, and the like.
本方案中的STK(Sim Tool Kit)菜单是由SIM或系统平台触发的系统功能调用,手机中的恶意程序无法介入和改变STK中的显示和输入,这时用户在STK菜单中看到的交易情况,是由系统平台通过数据短信传递过来的二维码解析出来的待签名确认的交易数据与请求,或者是由APP通过机卡高速数据通道传递过来的二维码解析出来的待签名确认的交易 数据与请求,如果用户希望继续交易,则在STK菜单中对交易进行“确认”,否则“取消”交易。在STK菜单中获得人工确认操作结果后,利用SIM中的安全模块提供的安全功能对交易进行签名等操作。The STK (Sim Tool Kit) menu in this solution is a system function call triggered by the SIM or system platform. The malicious program in the mobile phone cannot intervene and change the display and input in the STK. At this time, the user sees the transaction in the STK menu. The situation is the transaction data and request to be signed and confirmed by the two-dimensional code transmitted by the system platform through the data short message, or the two-dimensional code transmitted by the APP through the high-speed data channel of the machine card to be signed and confirmed. Transaction Data and request, if the user wishes to continue the transaction, the transaction is “confirmed” in the STK menu, otherwise the transaction is “cancelled”. After obtaining the result of the manual confirmation operation in the STK menu, the transaction is signed by the security function provided by the security module in the SIM.
本发明所述机卡高速数据通道,可以是手机与智能卡之间可具备的任何通讯方式,如蓝牙、WiFi、Zigbee等通讯方式。典型的,机卡高速数据通道为手机与智能卡之间的蓝牙通道,也就是说,采用本发明所述方法,可使得蓝牙SIM具备“二代Key”安全功能,从而使得带蓝牙SIM的智能手机可具备互联网终端网上交易“二代Key”安全功能,可用于替代互联网终端网上交易中使用的USBKey,保证互联网终端网上交易的安全性。The high-speed data channel of the machine card of the present invention can be any communication method that can be provided between the mobile phone and the smart card, such as Bluetooth, WiFi, Zigbee and the like. Typically, the high-speed data channel of the card is a Bluetooth channel between the mobile phone and the smart card, that is, the method of the present invention can make the Bluetooth SIM have the "second generation Key" security function, thereby enabling the smart phone with the Bluetooth SIM. It can be equipped with the "second generation Key" security function of Internet terminal online transaction, which can be used to replace the USBKey used in Internet terminal online transactions to ensure the security of online transactions on the Internet terminal.
本发明所述安全智能卡,指集成有安全模块(SE)或安全元件硬件的智能卡,包括但不限于标准SIM、UIM、USIM、MicroSIM、NanoSIM等各种形态和尺寸的通信智能卡。The security smart card of the present invention refers to a smart card integrated with a security module (SE) or a security component hardware, including but not limited to standard SIM, UIM, USIM, MicroSIM, NanoSIM and other communication smart cards of various forms and sizes.
本发明所述系统平台,指进行交易业务处理的远程服务器平台。The system platform of the present invention refers to a remote server platform for processing transaction processing.
图2为本发明通过手机确认网上交易安全的方法流程示意图,如图2所示,本发明还提供一种通过手机确认网上交易安全的方法,应用于如上所述通过手机确认网上交易安全的系统,所述系统包括:客户端、系统平台、手机APP、交易安全确认模块、交易安全操作模块及主控模块,该方法,包括:2 is a schematic flow chart of a method for confirming online transaction security by using a mobile phone according to the present invention. As shown in FIG. 2, the present invention also provides a method for confirming online transaction security through a mobile phone, which is applied to a system for confirming online transaction security through a mobile phone as described above. The system includes: a client, a system platform, a mobile APP, a transaction security confirmation module, a transaction security operation module, and a main control module, and the method includes:
二维码生成步骤S1:用于基于网上交易生成的交易数据与请求,生成二维码,并在客户端显示二维码;在客户端交易过程中,客户端生成待签名确认的交易数据与请求。The two-dimensional code generating step S1 is: generating transaction code and request based on the online transaction, generating a two-dimensional code, and displaying the two-dimensional code on the client; in the client transaction process, the client generates the transaction data to be signed and confirmed request.
二维码获取步骤S2:用于通过手机APP扫描客户端显示的二维码,获取并发送二维码;Step 2: acquiring the two-dimensional code displayed by the client through the mobile phone APP, and acquiring and transmitting the two-dimensional code;
交易安全确认步骤S3:用于接收并解析手机APP发送的二维码,还原交易数据与请求,通过手机STK菜单对交易数据与请求进行确认,生成交易确认结果;Transaction security confirmation step S3: for receiving and parsing the QR code sent by the mobile APP, restoring the transaction data and the request, confirming the transaction data and the request through the STK menu of the mobile phone, and generating a transaction confirmation result;
交易安全操作步骤S4:用于采用智能卡安全模块功能对交易确认结果进行数字签名;Transaction security operation step S4: for digitally signing the transaction confirmation result by using the smart card security module function;
交易完成步骤S5:交易安全确认模块将签名的交易确认结果发送给系统平台,系统平台基于签名的交易确认结果决定是否继续交易,如果继续交易则系统平台执行交易请求,完成整个网上交易。The transaction completion step S5: the transaction security confirmation module sends the signed transaction confirmation result to the system platform, and the system platform determines whether to continue the transaction based on the signed transaction confirmation result. If the transaction continues, the system platform executes the transaction request to complete the entire online transaction.
图3~图5为本发明通过手机确认网上交易安全的方法详细流程示意图,如图3所示,其中,二维码生成步骤S1包括:3 to FIG. 5 are schematic flowcharts of a method for confirming online transaction security by using a mobile phone according to the present invention. As shown in FIG. 3, the two-dimensional code generating step S1 includes:
客户端二维码生成步骤S11:客户端根据网上交易生成交易数据与请求,直接生成并显示二维码;Client QR code generation step S11: the client generates transaction data and requests according to the online transaction, and directly generates and displays the two-dimensional code;
或者, Or,
系统平台二维码生成步骤S12:基于交易数据与请求生成二维码,将二维码发送给客户端进行显示。The system platform two-dimensional code generating step S12: generating a two-dimensional code based on the transaction data and the request, and transmitting the two-dimensional code to the client for display.
如果由客户端生成二维码,则客户端基于所述待签名确认的交易数据与请求,生成二维码,再将二维码通过互联网发送给系统平台。If the two-dimensional code is generated by the client, the client generates a two-dimensional code based on the transaction data and the request to be signed and confirmed, and then sends the two-dimensional code to the system platform via the Internet.
如图3所示,其中,二维码获取步骤S2包括:As shown in FIG. 3, the two-dimensional code obtaining step S2 includes:
二维码扫描步骤S21:使用手机APP扫描在互联网终端的客户端上显示的与交易数据与请求相应的二维码;The two-dimensional code scanning step S21: scanning, by using the mobile phone APP, a two-dimensional code corresponding to the transaction data and the request displayed on the client of the Internet terminal;
二维码发送步骤S22:手机APP将二维码传递给交易安全确认模块。The two-dimensional code is transmitted in step S22: the mobile phone APP transmits the two-dimensional code to the transaction security confirmation module.
如图4所示,其中,二维码发送步骤S22,包括:As shown in FIG. 4, the two-dimensional code transmitting step S22 includes:
移动网络发送步骤S221:所述手机APP将所述二维码通过移动网络发送给所述系统平台,所述系统平台再通过数据短信将所述二维码下发给所述交易安全确认模块;The mobile network sends a step S221: the mobile phone APP sends the two-dimensional code to the system platform through the mobile network, and the system platform sends the two-dimensional code to the transaction security confirmation module by using a data message.
或者,or,
通信通道发送步骤S222:手机APP将二维码通过手机与SIM卡之间的数据通道发送给SIM卡,交易安全确认模块从SIM卡获取二维码。The communication channel sends a step S222: the mobile phone APP sends the two-dimensional code to the SIM card through the data channel between the mobile phone and the SIM card, and the transaction security confirmation module acquires the two-dimensional code from the SIM card.
其中,如图3所示,交易安全确认步骤S3,包括:Wherein, as shown in FIG. 3, the transaction security confirmation step S3 includes:
二维码解析步骤S31:交易安全确认模块通过解析二维码,获得待签名确认的交易数据与请求;The two-dimensional code parsing step S31: the transaction security confirmation module obtains the transaction data and the request to be signed and confirmed by parsing the two-dimensional code;
交易确认步骤S32:交易安全确认模块中弹出STK菜单显示待签名确认的交易数据与请求,等待用户在STK菜单中对交易进行确认,生成交易确认结果。The transaction confirmation step S32: the STK menu pops up in the transaction security confirmation module displays the transaction data and the request to be signed and confirmed, and waits for the user to confirm the transaction in the STK menu to generate a transaction confirmation result.
其中,如图3所示,交易安全操作步骤S4,包括:Wherein, as shown in FIG. 3, the transaction security operation step S4 includes:
签名步骤S41:如果用户确认交易,则交易安全操作模块使用SIM卡上安全模块功能进行交易确认结果签名。Signature Step S41: If the user confirms the transaction, the transaction security operation module uses the security module function on the SIM card to perform a transaction confirmation result signature.
其中,如图5所示,交易完成步骤S5,包括:Wherein, as shown in FIG. 5, the transaction completion step S5 includes:
短信交易完成步骤S501:交易安全确认模块直接将签名的交易确认结果通过数据短信返回给系统平台;The SMS transaction completion step S501: the transaction security confirmation module directly returns the signed transaction confirmation result to the system platform through the data short message;
或者,or,
通信通道交易完成步骤S502:交易安全确认模块将签名的交易确认结果通过手机与SIM卡之间的数据通道发送给手机APP,手机APP通过移动网络发送给系统平台。 The communication channel transaction completion step S502: the transaction security confirmation module sends the signed transaction confirmation result to the mobile phone APP through the data channel between the mobile phone and the SIM card, and the mobile phone APP is sent to the system platform through the mobile network.
图6为本发明具体实施例通过手机确认网上交易安全的方法流程示意图,如图6所示:FIG. 6 is a schematic flowchart of a method for confirming online transaction security by using a mobile phone according to an embodiment of the present invention, as shown in FIG. 6 :
以手机网上银行转账为例,对所述通过手机确认网上交易安全的方法进一步说明如下:Taking the mobile online banking transfer as an example, the method for confirming the security of online transactions through the mobile phone is further explained as follows:
本发明具体实施例中客户端为可支持网上交易且带显示屏幕的个人设备或自助终端,包括但不限于PC、IPAD、手机、ATM机等。In a specific embodiment of the present invention, the client is a personal device or a self-service terminal that can support online transactions and has a display screen, including but not limited to a PC, an IPAD, a mobile phone, an ATM machine, and the like.
步骤S50:在客户端网上交易过程中,客户端生成待签名确认的交易数据与转账请求。例如在客户端的网银转账页面中提示用户输入交易数据,如:对方账号、转账金额等。Step S50: During the client online transaction process, the client generates transaction data and a transfer request to be signed and confirmed. For example, in the online banking transfer page of the client, the user is prompted to input transaction data, such as the account number of the other party, the amount of the transfer, and the like.
步骤S51:系统平台生成二维码:客户端将待签名确认的交易数据与转账请求通过互联网发送给系统平台,系统平台基于所述待签名确认的交易数据与转账请求,生成相应的二维码,再将二维码通过互联网发送给客户端;或者客户端生成二维码:客户端基于所述待签名确认的交易数据与转账请求,生成相应的二维码,再将二维码通过互联网发送给系统平台。Step S51: The system platform generates a two-dimensional code: the client sends the transaction data and the transfer request to be signed and confirmed to the system platform via the Internet, and the system platform generates a corresponding two-dimensional code based on the transaction data and the transfer request to be signed and confirmed. And sending the two-dimensional code to the client through the Internet; or the client generates the two-dimensional code: the client generates a corresponding two-dimensional code based on the transaction data and the transfer request to be signed and confirmed, and then passes the two-dimensional code through the Internet. Send to the system platform.
步骤S52:客户端显示二维码:客户端在交易确认页面上显示待签名确认的交易数据与转账请求、以及相应的二维码。Step S52: The client displays the two-dimensional code: the client displays the transaction data and the transfer request to be signed and confirmed, and the corresponding two-dimensional code on the transaction confirmation page.
步骤S53:用户使用手机APP扫描客户端上的二维码。Step S53: The user scans the QR code on the client by using the mobile phone APP.
步骤S54:APP将二维码传递给手机系统:APP将二维码通过移动网络发送给系统平台,系统平台再通过数据短信将二维码下发给手机系统;或者当具有机卡蓝牙通道时,APP将二维码通过机卡蓝牙通道发送给SIM,SIM解析二维码获得待签名数据与请求,手机系统再从SIM获取二维码/待签名数据与请求,其中手机系统从SIM获取二维码/待签名数据与请求的具体方式如下:Step S54: The APP transmits the two-dimensional code to the mobile phone system: the APP sends the two-dimensional code to the system platform through the mobile network, and the system platform sends the two-dimensional code to the mobile phone system through the data short message; or when there is a Bluetooth channel of the machine card The APP sends the QR code to the SIM through the Bluetooth channel of the machine card, and the SIM parses the QR code to obtain the data and the request to be signed, and the mobile phone system acquires the QR code/to be signed data and the request from the SIM, wherein the mobile phone system obtains the second data from the SIM. The specific method of the dimension code/to be signed data and request is as follows:
(1)APP通过手机端蓝牙模块将二维码发送给SiM卡后,APP通知系统平台向手机发送特定的数据短信,触发手机系统从SIM上去获取二维码/待签名数据与请求,和/或(1) After the APP sends the QR code to the SiM card through the Bluetooth module of the mobile phone, the APP notifies the system platform to send a specific data message to the mobile phone, triggering the mobile phone system to obtain the QR code/to be signed data and the request from the SIM, and/ or
(2)SIM通过卡端蓝牙模块接收到二维码后,SIM在随后的7816正常命令响应中设置特定应答状态字的方式,通知手机系统来获取卡上的二维码/待签名数据与请求。手机系统在得到SIM的“读数据”通知后,通过指定命令从SIM获取二维码/待签名数据与请求,例如:手机系统可通过Fetch命令从SIM获取二维码/待签名数据与请求。(2) After the SIM receives the two-dimensional code through the card-end Bluetooth module, the SIM sets the specific response status word in the subsequent 7816 normal command response, and notifies the mobile phone system to obtain the two-dimensional code/signature data and request on the card. . After obtaining the "read data" notification of the SIM, the mobile phone system obtains the two-dimensional code/to-signature data and the request from the SIM by using a specified command. For example, the mobile phone system can obtain the two-dimensional code/to-signature data and the request from the SIM through the Fetch command.
所述移动网络包括但不限于运营商提供的移动数据网络和/或WiFi无线网络。The mobile network includes, but is not limited to, a mobile data network and/or a WiFi wireless network provided by an operator.
步骤S55:手机系统解析二维码获得待签名确认数据与转账请求、或者从SIM获取到待签名数据与请求,然后弹出STK菜单显示待签名确认的交易数据与转账请求,等待用户在STK菜单中对交易进行确认。 Step S55: The mobile phone system parses the two-dimensional code to obtain the to-be-signed verification data and the transfer request, or obtains the data to be signed and the request from the SIM, and then pops up the STK menu to display the transaction data and the transfer request to be signed and confirmed, waiting for the user to be in the STK menu. Confirm the transaction.
步骤S56:用户在STK菜单中对交易进行确认。用户在STK菜单上选择“确认”或“取消”等操作对交易进行人工确认。Step S56: The user confirms the transaction in the STK menu. The user manually confirms the transaction by selecting "confirm" or "cancel" on the STK menu.
步骤S57:若用户确认继续交易,则手机系统使用卡上安全模块提供的安全功能进行交易签名等安全操作。Step S57: If the user confirms to continue the transaction, the mobile phone system uses the security function provided by the security module on the card to perform security operations such as transaction signature.
步骤S58:手机系统直接将签名确认结果通过数据短信返回给系统平台;或者当具有机卡蓝牙通道时,手机系统将签名确认结果通过机卡蓝牙通道返回给APP,APP再通过移动网络发送给系统平台。Step S58: the mobile phone system directly returns the signature confirmation result to the system platform through the data short message; or when the machine card has the Bluetooth channel, the mobile phone system returns the signature confirmation result to the APP through the Bluetooth channel of the machine card, and the APP sends the solution to the system through the mobile network. platform.
步骤S59:系统平台接收到签名确认结果后,根据用户签名确认结果决定是否继续进行后续交易流程。如果系统平台判定继续交易,则系统平台执行该交易请求,然后通过互联网将交易结果发送给客户端。Step S59: After receiving the signature confirmation result, the system platform determines whether to continue the subsequent transaction process according to the user signature confirmation result. If the system platform determines to continue the transaction, the system platform executes the transaction request and then sends the transaction result to the client via the Internet.
步骤S60:客户端收到交易结果后显示出来供用户查看。Step S60: After receiving the transaction result, the client displays it for the user to view.
本发明还提供一种基于通过手机确认网上交易安全的方法实现的SIM卡,采用如上所述通过手机确认网上交易安全的方法,图7为本发明基于通过手机确认网上交易安全的方法实现的SIM卡逻辑框图,如图7所示,SIM卡端至少包括一卡端通信模块10、一交易安全操作模块11、一主控模块12。卡端通信模块10用于与手机端通信模块10进行蓝牙连接和通讯,传递二维码以及签名确认结果等信息;主控模块12用于卡端流程的安全控制和处理;交易安全操作模块11用于数字签名等安全操作,安全模块可以是卡上独立的模块,也可以与安全主控模块集成在一个模块内。The present invention also provides a SIM card implemented based on a method for confirming online transaction security by using a mobile phone, and adopting a method for confirming online transaction security by using a mobile phone as described above, and FIG. 7 is a SIM implemented by the method for confirming online transaction security by using a mobile phone according to the present invention. The card logic block diagram, as shown in FIG. 7, includes at least one card end communication module 10, a transaction security operation module 11, and a main control module 12. The card end communication module 10 is configured to perform Bluetooth connection and communication with the mobile terminal communication module 10, and transmit information such as a two-dimensional code and a signature confirmation result; the main control module 12 is used for security control and processing of the card end process; and the transaction security operation module 11 For security operations such as digital signatures, the security module can be a separate module on the card or integrated into a module with the security master module.
SIM卡包括:The SIM card includes:
卡端通信模块10:用于与手机进行数据通信;Card end communication module 10: for data communication with a mobile phone;
交易安全操作模块11:用于采用智能卡安全模块功能对网上交易的交易确认结果进行数字签名;The transaction security operation module 11 is configured to digitally sign the transaction confirmation result of the online transaction by using the smart card security module function;
主控模块12:用于对卡端通信模块与交易安全操作模块进行中央控制与处理,将数字签名的交易确认结果经由手机发送到系统平台,完成网上交易。The main control module 12 is configured to centrally control and process the card end communication module and the transaction security operation module, and send the digital signature transaction confirmation result to the system platform via the mobile phone to complete the online transaction.
本发明还提供一种基于通过手机确认网上交易安全的方法实现的手机,图8为本发明基于通过手机确认网上交易安全的方法实现的手机逻辑框图,如图8所示,采用如上所述通过手机确认网上交易安全的方法,手机包括:The invention also provides a mobile phone realized based on a method for confirming online transaction security by using a mobile phone, and FIG. 8 is a logic block diagram of a mobile phone realized by a method for confirming online transaction security by using a mobile phone, as shown in FIG. The mobile phone confirms the security of online transactions. The mobile phone includes:
手机端通信模块21:用于与SIM卡进行数据通信; The mobile terminal communication module 21 is configured to perform data communication with the SIM card;
手机APP22:用于通过扫描客户端显示的二维码,获取所述二维码并通过所述手机端通信模块发送所述二维码;The mobile phone APP22 is configured to: acquire the two-dimensional code by scanning a two-dimensional code displayed by the client, and send the two-dimensional code by using the mobile phone end communication module;
交易安全确认模块23:用于接收并解析所述手机APP发送的所述二维码,还原网上交易的交易数据与请求,通过手机STK菜单对所述交易数据与请求进行确认,生成交易确认结果。The transaction security confirmation module 23 is configured to receive and parse the two-dimensional code sent by the mobile phone APP, restore transaction data and request of the online transaction, and confirm the transaction data and the request through the STK menu of the mobile phone to generate a transaction confirmation result. .
手机APP22负责完成二维码的扫描和处理;手机端通信模块21用于与SIM卡端蓝牙模块进行蓝牙连接和通讯,传递二维码以及签名确认结果等信息;交易安全确认模块23用于解析二维码,弹出STK菜单显示待签名数据和交易请求,并接受用户的确认输入等。The mobile phone APP22 is responsible for completing the scanning and processing of the two-dimensional code; the mobile terminal communication module 21 is configured to perform Bluetooth connection and communication with the SIM card terminal Bluetooth module, and transmit information such as the two-dimensional code and the signature confirmation result; the transaction security confirmation module 23 is configured to analyze The QR code pops up the STK menu to display the data to be signed and the transaction request, and accepts the user's confirmation input.
本发明还提供一种基于通过手机确认网上交易安全的方法实现的网上交易系统,采用如上所述通过手机确认网上交易安全的方法,图9为本发明基于通过手机确认网上交易安全的方法实现的网上交易系统逻辑框图,如图9所示,网上交易系统包括:The present invention also provides an online transaction system based on a method for confirming online transaction security through a mobile phone, which adopts a method for confirming online transaction security through a mobile phone as described above, and FIG. 9 is a method for confirming online transaction security by using a mobile phone. The logical block diagram of the online trading system, as shown in Figure 9, the online trading system includes:
客户端31:用于进行网上交易,客户端31根据所述网上交易生成交易数据与请求;Client 31: for conducting an online transaction, the client 31 generates transaction data and a request according to the online transaction;
系统平台32:用于进行网上交易的相关后台业务处理,基于交易数据与请求生成二维码,并将二维码发送给所述客户端进行显示;System platform 32: related background service processing for performing online transactions, generating a two-dimensional code based on the transaction data and the request, and transmitting the two-dimensional code to the client for display;
手机系统33:用于通过扫描所述客户端显示的所述二维码,获取所述二维码,解析所述二维码,还原所述交易数据与请求,通过手机STK菜单对所述交易数据与请求进行确认,生成交易确认结果;The mobile phone system 33 is configured to: acquire the two-dimensional code by scanning the two-dimensional code displayed by the client, parse the two-dimensional code, restore the transaction data and request, and use the mobile phone STK menu to perform the transaction. The data is confirmed with the request to generate a transaction confirmation result;
SIM卡34:用于采用智能卡安全模块功能对所述交易确认结果进行数字签名,将数字签名的交易确认结果经由手机系统发送到所述系统平台,完成整个网上交易。The SIM card 34 is configured to digitally sign the transaction confirmation result by using a smart card security module function, and send the digitally signed transaction confirmation result to the system platform via the mobile phone system to complete the entire online transaction.
本发明另一具体实施例中,还提供一种基于通过手机确认网上交易安全的方法实现的网上交易系统,采用如上所述通过手机确认网上交易安全的方法,图9为本发明基于通过手机确认网上交易安全的方法实现的网上交易系统逻辑框图,如图9所示,网上交易系统包括:In another embodiment of the present invention, an online transaction system based on a method for confirming online transaction security by using a mobile phone is provided, and a method for confirming online transaction security by using a mobile phone as described above is used. FIG. 9 is based on the present invention. The online trading system logic block diagram implemented by the online transaction security method, as shown in Figure 9, the online trading system includes:
客户端31用于进行网上交易,客户端31根据网上交易生成交易数据与请求,生成并显示二维码;The client 31 is configured to perform online transactions, and the client 31 generates transaction data and requests according to the online transaction, and generates and displays a two-dimensional code;
系统平台32:用于进行网上交易的相关后台业务处理;System platform 32: related background business processing for conducting online transactions;
手机系统33:用于通过扫描所述客户端显示的所述二维码,获取所述二维码,解析所述二维码,还原所述交易数据与请求,通过手机STK菜单对所述交易数据与请求进行确认,生成交易确认结果;The mobile phone system 33 is configured to: acquire the two-dimensional code by scanning the two-dimensional code displayed by the client, parse the two-dimensional code, restore the transaction data and request, and use the mobile phone STK menu to perform the transaction. The data is confirmed with the request to generate a transaction confirmation result;
SIM卡34:用于采用智能卡安全模块功能对所述交易确认结果进行数字签名,将数字签名的交易确认结果经由手机系统发送到所述系统平台,完成整个网上交易。 The SIM card 34 is configured to digitally sign the transaction confirmation result by using a smart card security module function, and send the digitally signed transaction confirmation result to the system platform via the mobile phone system to complete the entire online transaction.
其中,如图9所示,手机系统33,包括:As shown in FIG. 9, the mobile phone system 33 includes:
手机端通信模块331:用于与SIM卡进行数据通信;The mobile terminal communication module 331 is configured to perform data communication with the SIM card;
手机APP 332:用于通过扫描客户端显示的二维码,获取并通过手机端通信模块发送二维码;The mobile phone APP 332 is configured to obtain and send a two-dimensional code through the mobile terminal communication module by scanning the two-dimensional code displayed by the client;
交易安全确认模块333:用于接收并解析手机APP发送的二维码,还原交易数据与请求,通过手机STK菜单对交易数据与请求进行确认,生成交易确认结果。The transaction security confirmation module 333 is configured to receive and parse the two-dimensional code sent by the mobile phone APP, restore the transaction data and the request, and confirm the transaction data and the request through the STK menu of the mobile phone to generate a transaction confirmation result.
其中,如图9所示,SIM卡34,包括:As shown in FIG. 9, the SIM card 34 includes:
卡端通信模块341:用于与手机系统进行数据通信;The card end communication module 341 is configured to perform data communication with the mobile phone system;
交易安全操作模块342:用于采用智能卡安全模块功能对交易确认结果进行数字签名;Transaction security operation module 342: for digitally signing the transaction confirmation result by using the smart card security module function;
主控模块343:用于对卡端通信模块与交易安全操作模块进行中央控制与处理,将数字签名的交易确认结果经由手机发送到系统平台,完成网上交易。The main control module 343 is configured to perform central control and processing on the card end communication module and the transaction security operation module, and send the digital signature transaction confirmation result to the system platform via the mobile phone to complete the online transaction.
综上所述,本发明所述通过手机确认网上交易安全的方法及其系统,可使得带安全智能卡的智能手机具备网上交易“二代Key”功能,用户无需使用专门的智能密码钥匙(USBKey)而是使用本发明所述带安全智能卡的智能手机,既可保证网上交易的安全性,又便于随时携带,用户使用更加方便。In summary, the method and system for confirming online transaction security through a mobile phone according to the present invention can enable a smart phone with a secure smart card to have a "second generation Key" function for online transactions, and the user does not need to use a special smart key (USBKey). Rather, the smart phone with the smart smart card of the present invention can ensure the security of the online transaction, and is convenient to carry at any time, and the user is more convenient to use.
以上所述,仅为本发明的较佳实施例而已,并非用于限定本发明的保护范围。 The above is only the preferred embodiment of the present invention and is not intended to limit the scope of the present invention.

Claims (15)

  1. 一种通过手机确认网上交易安全的系统,其特征在于,包括:A system for confirming the security of online transactions through a mobile phone, which is characterized by comprising:
    客户端:用于进行网上交易,所述客户端根据所述网上交易生成交易数据与请求;Client: for conducting online transactions, the client generates transaction data and a request according to the online transaction;
    系统平台:用于进行所述网上交易的相关后台业务处理,基于所述交易数据与请求生成二维码,并将所述二维码发送给所述客户端进行显示;a system platform: related background service processing for performing the online transaction, generating a two-dimensional code based on the transaction data and the request, and sending the two-dimensional code to the client for display;
    手机APP:用于通过扫描所述客户端显示的所述二维码,获取并发送所述二维码;a mobile phone APP: configured to acquire and send the two-dimensional code by scanning the two-dimensional code displayed by the client;
    交易安全确认模块:用于接收并解析所述手机APP发送的所述二维码,还原所述交易数据与请求,通过手机STK菜单对所述交易数据与请求进行确认,生成交易确认结果;a transaction security confirmation module: for receiving and parsing the two-dimensional code sent by the mobile phone APP, restoring the transaction data and the request, confirming the transaction data and the request through a STK menu of the mobile phone, and generating a transaction confirmation result;
    交易安全操作模块:用于采用手机智能卡安全模块功能对所述交易确认结果进行数字签名;Transaction security operation module: for digitally signing the transaction confirmation result by using a mobile phone smart card security module function;
    主控模块:用于对所述交易安全操作模块进行控制,并将数字签名的所述交易确认结果经由所述交易安全确认模块发送到所述系统平台,完成网上交易,或所述主控模块将数字签名的所述交易确认结果经由所述手机APP发送到所述系统平台,完成网上交易。a main control module: configured to control the transaction security operation module, and send the digitally signed transaction confirmation result to the system platform via the transaction security confirmation module to complete an online transaction, or the main control module The transaction confirmation result of the digital signature is sent to the system platform via the mobile phone APP to complete the online transaction.
  2. 一种通过手机确认网上交易安全的系统,其特征在于,包括:A system for confirming the security of online transactions through a mobile phone, which is characterized by comprising:
    客户端:用于进行网上交易,所述客户端根据所述网上交易生成交易数据与请求,生成并显示二维码;Client: used for online transaction, the client generates transaction data and request according to the online transaction, and generates and displays a two-dimensional code;
    系统平台:用于进行所述网上交易的相关后台业务处理;System platform: related background service processing for performing the online transaction;
    手机APP:用于通过扫描所述客户端显示的所述二维码,获取并发送所述二维码;a mobile phone APP: configured to acquire and send the two-dimensional code by scanning the two-dimensional code displayed by the client;
    交易安全确认模块:用于接收并解析所述手机APP发送的所述二维码,还原所述交易数据与请求,通过手机STK菜单对所述交易数据与请求进行确认,生成交易确认结果;a transaction security confirmation module: for receiving and parsing the two-dimensional code sent by the mobile phone APP, restoring the transaction data and the request, confirming the transaction data and the request through a STK menu of the mobile phone, and generating a transaction confirmation result;
    交易安全操作模块:用于采用手机智能卡安全模块功能对所述交易确认结果进行数字签名;Transaction security operation module: for digitally signing the transaction confirmation result by using a mobile phone smart card security module function;
    主控模块:用于对所述交易安全操作模块进行中央控制,并将数字签名的所述交易确认结果经由所述交易安全确认模块发送到所述系统平台,完成网上交易,或所述主控模块将数字签名的所述交易确认结果经由所述手机APP发送到所述系统平台,完成网上交易。a main control module: configured to centrally control the transaction security operation module, and send the digitally signed transaction confirmation result to the system platform via the transaction security confirmation module to complete an online transaction, or the main control The module sends the digitally signed transaction confirmation result to the system platform via the mobile phone APP to complete the online transaction.
  3. 一种通过手机确认网上交易安全的方法,应用于如权利要求1或2中所述通过手机确认网上交易安全的系统,所述系统包括:客户端、系统平台、手机APP、交易安全确认模块、交易安全操作模块及主控模块,其特征在于,所述方法包括: A method for confirming online transaction security by using a mobile phone, which is applied to a system for confirming online transaction security by using a mobile phone according to claim 1 or 2, the system comprising: a client, a system platform, a mobile phone APP, a transaction security confirmation module, The transaction security operation module and the main control module are characterized in that: the method comprises:
    二维码生成步骤:用于基于网上交易生成的交易数据与请求,生成二维码,并在所述客户端显示所述二维码;a two-dimensional code generating step: generating a two-dimensional code based on the transaction data and the request generated by the online transaction, and displaying the two-dimensional code on the client;
    二维码获取步骤:用于通过所述手机APP扫描所述客户端显示的所述二维码,获取并发送所述二维码;a two-dimensional code acquisition step of: scanning, by the mobile phone APP, the two-dimensional code displayed by the client, acquiring and transmitting the two-dimensional code;
    交易安全确认步骤:用于接收并解析所述手机APP发送的所述二维码,还原所述交易数据与请求,通过手机STK菜单对所述交易数据与请求进行确认,生成交易确认结果;a transaction security confirmation step: receiving and parsing the two-dimensional code sent by the mobile phone APP, restoring the transaction data and the request, and confirming the transaction data and the request through a STK menu of the mobile phone to generate a transaction confirmation result;
    交易安全操作步骤:用于采用手机智能卡安全模块功能对所述交易确认结果进行数字签名;Transaction security operation step: for digitally signing the transaction confirmation result by using a mobile phone smart card security module function;
    交易完成步骤:所述交易安全确认模块将签名的所述交易确认结果发送给所述系统平台,所述系统平台基于签名的所述交易确认结果决定是否继续交易,如果继续交易则所述系统平台执行交易请求,完成整个网上交易。a transaction completion step: the transaction security confirmation module sends the signed transaction confirmation result to the system platform, and the system platform determines whether to continue the transaction based on the signed transaction confirmation result, and if the transaction continues, the system platform Execute the transaction request and complete the entire online transaction.
  4. 根据权利要求3所述通过手机确认网上交易安全的方法,其特征在于,所述二维码生成步骤包括:The method for confirming the security of an online transaction by using a mobile phone according to claim 3, wherein the step of generating the two-dimensional code comprises:
    客户端二维码生成步骤:所述客户端根据所述网上交易生成交易数据与请求,直接生成并显示二维码;Client QR code generation step: the client generates transaction data and request according to the online transaction, and directly generates and displays a two-dimensional code;
    or
    系统平台二维码生成步骤:基于所述交易数据与请求生成二维码,将所述二维码发送给所述客户端进行显示。The system platform two-dimensional code generating step: generating a two-dimensional code based on the transaction data and the request, and transmitting the two-dimensional code to the client for display.
  5. 根据权利要求3所述通过手机确认互联网终端网上交易安全的方法,其特征在于,所述二维码获取步骤包括:The method for confirming the security of an online transaction of an internet terminal by using a mobile phone according to claim 3, wherein the step of acquiring the two-dimensional code comprises:
    二维码扫描步骤:使用所述手机APP扫描在所述互联网终端的客户端上显示的与所述交易数据与请求相应的所述二维码;a two-dimensional code scanning step: scanning, by using the mobile phone APP, the two-dimensional code displayed on the client of the Internet terminal corresponding to the transaction data and the request;
    二维码发送步骤:所述手机APP将所述二维码传递给所述交易安全确认模块。The two-dimensional code transmitting step: the mobile phone APP transmits the two-dimensional code to the transaction security confirmation module.
  6. 根据权利要求5所述通过手机确认网上交易安全的方法,其特征在于,所述二维码发送步骤,包括:The method for confirming the security of an online transaction by using a mobile phone according to claim 5, wherein the step of transmitting the two-dimensional code comprises:
    移动网络发送步骤:所述手机APP将所述二维码通过移动网络发送给所述系统平台,所述系统平台再通过数据短信将所述二维码下发给所述交易安全确认模块;a mobile network sending step: the mobile phone APP sends the two-dimensional code to the system platform through a mobile network, and the system platform sends the two-dimensional code to the transaction security confirmation module by using a data short message;
    Or
    通信通道发送步骤:所述手机APP将所述二维码通过手机与SIM卡之间的数据通道发送给所述SIM卡,所述交易安全确认模块从所述SIM卡获取所述二维码。The communication channel sending step: the mobile phone APP sends the two-dimensional code to the SIM card through a data channel between the mobile phone and the SIM card, and the transaction security confirmation module acquires the two-dimensional code from the SIM card.
  7. 根据权利要求3所述通过手机确认网上交易安全的方法,其特征在于,所述交易安全确认步骤包括:The method for confirming online transaction security by using a mobile phone according to claim 3, wherein the transaction security confirmation step comprises:
    二维码解析步骤:所述交易安全确认模块通过解析所述二维码,获得待签名确认的所述交易数据与请求;The two-dimensional code parsing step: the transaction security confirmation module obtains the transaction data and the request to be signed and confirmed by parsing the two-dimensional code;
    交易确认步骤:所述交易安全确认模块中弹出STK菜单显示所述待签名确认的交易数据与请求,等待用户在所述STK菜单中对交易进行确认,生成交易确认结果。The transaction confirmation step: the STK menu pops up in the transaction security confirmation module displays the transaction data and the request to be signed and confirmed, and waits for the user to confirm the transaction in the STK menu to generate a transaction confirmation result.
  8. 根据权利要求3所述通过手机确认网上交易安全的方法,其特征在于,所述交易安全操作步骤包括:The method for confirming the security of an online transaction by using a mobile phone according to claim 3, wherein the transaction security operation step comprises:
    签名步骤:如果用户确认交易,则所述交易安全操作模块使用SIM卡上安全模块功能进行所述交易确认结果签名。Signature step: If the user confirms the transaction, the transaction security operation module performs the transaction confirmation result signature using the security module function on the SIM card.
  9. 根据权利要求3所述的通过手机确认网上交易安全的方法,其特征在于,所述交易完成步骤包括:The method for confirming online transaction security by using a mobile phone according to claim 3, wherein the transaction completion step comprises:
    短信交易完成步骤:所述交易安全确认模块直接将签名的所述交易确认结果通过数据短信返回给所述系统平台;The short message transaction completion step: the transaction security confirmation module directly returns the signed transaction confirmation result to the system platform through the data short message;
    or
    通信通道交易完成步骤:所述交易安全确认模块将签名的所述交易确认结果通过手机与SIM卡之间的数据通道发送给所述手机APP,所述手机APP通过移动网络发送给所述系统平台。a communication channel transaction completion step: the transaction security confirmation module sends the signed transaction confirmation result to the mobile phone APP through a data channel between the mobile phone and the SIM card, and the mobile phone APP is sent to the system platform through the mobile network. .
  10. 一种基于通过手机确认网上交易安全的方法实现的SIM卡,采用如权利要求2-9中任一项所述通过手机确认网上交易安全的方法,其特征在于,所述SIM卡包括:A SIM card implemented by a method for confirming the security of an online transaction by using a mobile phone, the method for confirming the security of an online transaction by using a mobile phone according to any one of claims 2-9, wherein the SIM card comprises:
    卡端通信模块:用于与手机进行数据通信;Card end communication module: used for data communication with a mobile phone;
    交易安全操作模块:用于采用手机智能卡安全模块功能对网上交易的交易确认结果进行数字签名;Transaction security operation module: used to digitally sign the transaction confirmation result of online transaction by using the mobile phone smart card security module function;
    主控模块:用于对所述卡端通信模块与所述交易安全操作模块进行中央控制与处理,将数字签名的所述交易确认结果经由手机发送到系统平台,完成网上交易。 The main control module is configured to centrally control and process the card end communication module and the transaction security operation module, and send the digitally signed transaction confirmation result to the system platform via the mobile phone to complete the online transaction.
  11. 一种基于通过手机确认网上交易安全的方法实现的手机,采用如权利要求2-9中任一项所述通过手机确认网上交易安全的方法,其特征在于,所述手机包括:A mobile phone based on a method for confirming the security of an online transaction by a mobile phone, the method for confirming the security of an online transaction by using a mobile phone according to any one of claims 2-9, wherein the mobile phone comprises:
    手机端通信模块:用于与SIM卡进行数据通信;Mobile terminal communication module: used for data communication with the SIM card;
    手机APP:用于通过扫描客户端显示的二维码,获取所述二维码并通过所述手机端通信模块发送所述二维码;The mobile phone APP is configured to: acquire the two-dimensional code by scanning a two-dimensional code displayed by the client, and send the two-dimensional code by using the mobile terminal communication module;
    交易安全确认模块:用于接收并解析所述手机APP发送的所述二维码,还原网上交易的交易数据与请求,通过手机STK菜单对所述交易数据与请求进行确认,生成交易确认结果。The transaction security confirmation module is configured to receive and parse the two-dimensional code sent by the mobile phone APP, restore the transaction data and the request of the online transaction, and confirm the transaction data and the request through the STK menu of the mobile phone to generate a transaction confirmation result.
  12. 一种基于通过手机确认网上交易安全的方法实现的网上交易系统,采用如权利要求2-9中任一项所述通过手机确认网上交易安全的方法,其特征在于,所述网上交易系统包括:An online transaction system based on a method for confirming the security of an online transaction by using a mobile phone, the method for confirming the security of an online transaction by using a mobile phone according to any one of claims 2-9, wherein the online transaction system comprises:
    客户端:用于进行网上交易,所述客户端根据所述网上交易生成交易数据与请求;Client: for conducting online transactions, the client generates transaction data and a request according to the online transaction;
    系统平台:用于进行所述网上交易的相关后台业务处理,基于所述交易数据与请求生成二维码,并将所述二维码发送给所述客户端进行显示;a system platform: related background service processing for performing the online transaction, generating a two-dimensional code based on the transaction data and the request, and sending the two-dimensional code to the client for display;
    手机系统:用于通过扫描所述客户端显示的所述二维码,获取所述二维码,解析所述二维码,还原所述交易数据与请求,通过手机STK菜单对所述交易数据与请求进行确认,生成交易确认结果;a mobile phone system: configured to scan the two-dimensional code by scanning the two-dimensional code displayed by the client, parse the two-dimensional code, restore the transaction data and request, and use the mobile phone STK menu to process the transaction data. Confirm with the request to generate a transaction confirmation result;
    SIM卡:用于采用手机智能卡安全模块功能对所述交易确认结果进行数字签名,将数字签名的所述交易确认结果经由所述手机系统发送到所述系统平台,完成整个网上交易。SIM card: used to digitally sign the transaction confirmation result by using the mobile phone smart card security module function, and send the digitally signed transaction confirmation result to the system platform via the mobile phone system to complete the entire online transaction.
  13. 一种基于通过手机确认网上交易安全的方法实现的网上交易系统,采用如权利要求2-9中任一项所述通过手机确认网上交易安全的方法,其特征在于,所述网上交易系统包括:An online transaction system based on a method for confirming the security of an online transaction by using a mobile phone, the method for confirming the security of an online transaction by using a mobile phone according to any one of claims 2-9, wherein the online transaction system comprises:
    客户端:用于进行网上交易,所述客户端根据所述网上交易生成交易数据与请求,生成并显示二维码;Client: used for online transaction, the client generates transaction data and request according to the online transaction, and generates and displays a two-dimensional code;
    系统平台:用于进行所述网上交易的相关后台业务处理;System platform: related background service processing for performing the online transaction;
    手机系统:用于通过扫描所述客户端显示的所述二维码,获取所述二维码,解析所述二维码,还原所述交易数据与请求,通过手机STK菜单对所述交易数据与请求进行确认,生成交易确认结果;a mobile phone system: configured to scan the two-dimensional code by scanning the two-dimensional code displayed by the client, parse the two-dimensional code, restore the transaction data and request, and use the mobile phone STK menu to process the transaction data. Confirm with the request to generate a transaction confirmation result;
    SIM卡:用于采用手机智能卡安全模块功能对所述交易确认结果进行数字签名,将数字签名的所述交易确认结果经由所述手机系统发送到所述系统平台,完成整个网上交易。 SIM card: used to digitally sign the transaction confirmation result by using the mobile phone smart card security module function, and send the digitally signed transaction confirmation result to the system platform via the mobile phone system to complete the entire online transaction.
  14. 根据权利要求13所述基于通过手机确认网上交易安全的方法实现的网上交易系统,其特征在于,所述手机系统,包括:The online transaction system based on the method for confirming the security of an online transaction by using a mobile phone according to claim 13, wherein the mobile phone system comprises:
    手机端通信模块:用于与所述SIM卡进行数据通信;Mobile terminal communication module: used for data communication with the SIM card;
    手机APP:用于通过扫描所述客户端显示的所述二维码,获取并通过所述手机端通信模块发送所述二维码;The mobile phone APP is configured to acquire and send the two-dimensional code by using the mobile phone end communication module by scanning the two-dimensional code displayed by the client;
    交易安全确认模块:用于接收并解析所述手机APP发送的所述二维码,还原所述交易数据与请求,通过手机STK菜单对所述交易数据与请求进行确认,生成交易确认结果。The transaction security confirmation module is configured to receive and parse the two-dimensional code sent by the mobile phone APP, restore the transaction data and the request, and confirm the transaction data and the request through the STK menu of the mobile phone to generate a transaction confirmation result.
  15. 根据权利要求13所述基于通过手机确认网上交易安全的方法实现的网上交易系统,其特征在于,所述SIM卡,包括:The online transaction system based on the method for confirming the security of an online transaction by using a mobile phone according to claim 13, wherein the SIM card comprises:
    卡端通信模块:用于与所述手机系统进行数据通信;Card end communication module: used for data communication with the mobile phone system;
    交易安全操作模块:用于采用手机智能卡安全模块功能对所述交易确认结果进行数字签名;Transaction security operation module: for digitally signing the transaction confirmation result by using a mobile phone smart card security module function;
    主控模块:用于对所述卡端通信模块与所述交易安全操作模块进行中央控制与处理,将数字签名的所述交易确认结果经由手机发送到系统平台,完成网上交易。 The main control module is configured to centrally control and process the card end communication module and the transaction security operation module, and send the digitally signed transaction confirmation result to the system platform via the mobile phone to complete the online transaction.
PCT/CN2016/103047 2015-11-10 2016-10-24 Method for confirming on-line transaction security by means of mobile phone and system thereof WO2017080355A1 (en)

Applications Claiming Priority (2)

Application Number Priority Date Filing Date Title
CN201510761063.3A CN106682899A (en) 2015-11-10 2015-11-10 Method for confirming online transaction safety through mobile phone and system thereof
CN201510761063.3 2015-11-10

Publications (1)

Publication Number Publication Date
WO2017080355A1 true WO2017080355A1 (en) 2017-05-18

Family

ID=58694437

Family Applications (1)

Application Number Title Priority Date Filing Date
PCT/CN2016/103047 WO2017080355A1 (en) 2015-11-10 2016-10-24 Method for confirming on-line transaction security by means of mobile phone and system thereof

Country Status (3)

Country Link
CN (1) CN106682899A (en)
TW (1) TWI619042B (en)
WO (1) WO2017080355A1 (en)

Cited By (1)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN108664621A (en) * 2018-05-11 2018-10-16 哈尔滨工业大学 The design method of display system based on Labview and STK

Families Citing this family (3)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN107508685B (en) * 2017-10-13 2021-03-16 吉林工程技术师范学院 Method for implementing application electronic signature service system in cloud computing environment
TWI657399B (en) * 2017-11-17 2019-04-21 匯智通訊有限公司 Method for performing anti-counterfeiting authentication on transaction voucher by using ultrasonic verification code and transaction verification method
CN110245938B (en) * 2019-06-06 2021-02-09 深圳市维京城信息技术有限公司 Electronic commerce platform transaction safety payment method based on Internet of things

Citations (5)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN1308454A (en) * 2001-02-12 2001-08-15 深圳市众力讯电脑应用技术有限公司 Hand set paying method
WO2010057405A1 (en) * 2008-11-24 2010-05-27 国民技术股份有限公司 Identity authentication method using short messages
CN102449651A (en) * 2011-01-21 2012-05-09 深圳市年年卡网络科技有限公司 Short-distance payment system and payment procedure based on graphs
CN103150650A (en) * 2011-12-07 2013-06-12 中兴通讯股份有限公司 Processing method, mobile terminal and system for remote payment
CN103854170A (en) * 2012-12-07 2014-06-11 海尔集团公司 Payment system and payment method based on two-dimension code

Family Cites Families (2)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US20110099107A1 (en) * 2009-10-23 2011-04-28 Infosys Technologies Limited Method for money transfer using a mobile device
CN102289893A (en) * 2011-04-29 2011-12-21 中国联合网络通信集团有限公司 Method for earmarking electronic wallet and device and system

Patent Citations (5)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN1308454A (en) * 2001-02-12 2001-08-15 深圳市众力讯电脑应用技术有限公司 Hand set paying method
WO2010057405A1 (en) * 2008-11-24 2010-05-27 国民技术股份有限公司 Identity authentication method using short messages
CN102449651A (en) * 2011-01-21 2012-05-09 深圳市年年卡网络科技有限公司 Short-distance payment system and payment procedure based on graphs
CN103150650A (en) * 2011-12-07 2013-06-12 中兴通讯股份有限公司 Processing method, mobile terminal and system for remote payment
CN103854170A (en) * 2012-12-07 2014-06-11 海尔集团公司 Payment system and payment method based on two-dimension code

Cited By (2)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN108664621A (en) * 2018-05-11 2018-10-16 哈尔滨工业大学 The design method of display system based on Labview and STK
CN108664621B (en) * 2018-05-11 2021-09-07 哈尔滨工业大学 Design method of display system based on Labview and STK

Also Published As

Publication number Publication date
CN106682899A (en) 2017-05-17
TW201717081A (en) 2017-05-16
TWI619042B (en) 2018-03-21

Similar Documents

Publication Publication Date Title
US10475015B2 (en) Token-based security processing
EP2701416B1 (en) Mobile Electronic Device And Use Thereof For Electronic Transactions
US20160112437A1 (en) Apparatus and Method for Authenticating a User via Multiple User Devices
US12112310B2 (en) Authentication for third party digital wallet provisioning
KR20150026233A (en) Payment system and method t based on digital card
WO2017080355A1 (en) Method for confirming on-line transaction security by means of mobile phone and system thereof
JP6430544B2 (en) O2O secure settlement method and O2O secure settlement system
WO2017190633A1 (en) Method and device for reliably verifying identity of financial card user
CN113190724B (en) User bank information query method, mobile terminal and server
US20210385093A1 (en) Digital signature terminal and secure communication method
KR20230049101A (en) Systems and methods for verified messaging over short-range transceivers
CN111539713B (en) Mobile payment account end user certificate generation and conversion method, system and storage medium
CN103997730A (en) Method for decrypting, copying and pasting encrypted data
KR101407737B1 (en) Apparatus and Method for Processing Finance Banking Information of Smart Device Using QR Code
CN108389040A (en) Mobile handheld terminal, payment system and method for payment
US11257063B2 (en) Telephone call purchase with payment using mobile payment device
WO2016138743A1 (en) Secure payment method, mobile terminal, and payment authentication server
CN103136881A (en) Payment method and payment system
CN107172718B (en) Information processing method and electronic equipment
CN110210831B (en) Office examination and approval method and system based on data short message technology
WO2020142994A1 (en) Control method, ticketing rule server, ticket checking rule server and apparatus
EP3686827A1 (en) Information display method and apparatus, storage medium and electronic device
CN111491064A (en) Voice service identity authentication method and system
WO2020058861A1 (en) A payment authentication device, a payment authentication system and a method of authenticating payment
CN106713218B (en) Resource exchange method and device

Legal Events

Date Code Title Description
121 Ep: the epo has been informed by wipo that ep was designated in this application

Ref document number: 16863532

Country of ref document: EP

Kind code of ref document: A1

NENP Non-entry into the national phase

Ref country code: DE

32PN Ep: public notification in the ep bulletin as address of the adressee cannot be established

Free format text: NOTING OF LOSS OF RIGHTS PURSUANT TO RULE 112(1) EPC (EPO FORM 1205N DATED 17/07/2018)

122 Ep: pct application non-entry in european phase

Ref document number: 16863532

Country of ref document: EP

Kind code of ref document: A1