WO2018107988A1 - 二维码的处理方法、装置及系统 - Google Patents

二维码的处理方法、装置及系统 Download PDF

Info

Publication number
WO2018107988A1
WO2018107988A1 PCT/CN2017/114382 CN2017114382W WO2018107988A1 WO 2018107988 A1 WO2018107988 A1 WO 2018107988A1 CN 2017114382 W CN2017114382 W CN 2017114382W WO 2018107988 A1 WO2018107988 A1 WO 2018107988A1
Authority
WO
WIPO (PCT)
Prior art keywords
server
client
electronic
user
signature information
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Ceased
Application number
PCT/CN2017/114382
Other languages
English (en)
French (fr)
Chinese (zh)
Inventor
沈凌楠
陈戈
刘杨辉
靳慧峰
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
Alibaba Group Holding Ltd
Original Assignee
Alibaba Group Holding Ltd
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Priority to AU2017376036A priority Critical patent/AU2017376036B2/en
Priority to PL17880448T priority patent/PL3557831T3/pl
Priority to MYPI2019003371A priority patent/MY189760A/en
Priority to EP17880448.0A priority patent/EP3557831B1/en
Priority to BR112019012149A priority patent/BR112019012149A2/pt
Priority to MX2019006968A priority patent/MX2019006968A/es
Priority to ES17880448T priority patent/ES2841724T3/es
Priority to RU2019121938A priority patent/RU2726831C1/ru
Priority to CA3046858A priority patent/CA3046858C/en
Priority to KR1020197020063A priority patent/KR102220087B1/ko
Priority to JP2019532002A priority patent/JP6768960B2/ja
Application filed by Alibaba Group Holding Ltd filed Critical Alibaba Group Holding Ltd
Publication of WO2018107988A1 publication Critical patent/WO2018107988A1/zh
Priority to US16/384,607 priority patent/US10581597B2/en
Priority to PH12019501375A priority patent/PH12019501375A1/en
Anticipated expiration legal-status Critical
Priority to ZA2019/04592A priority patent/ZA201904592B/en
Priority to US16/802,640 priority patent/US10790970B2/en
Priority to US17/035,359 priority patent/US11032070B2/en
Priority to US17/341,188 priority patent/US11336435B2/en
Ceased legal-status Critical Current

Links

Images

Classifications

    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/08Key distribution or management, e.g. generation, sharing or updating, of cryptographic keys or passwords
    • H04L9/0816Key establishment, i.e. cryptographic processes or cryptographic protocols whereby a shared secret becomes available to two or more parties, for subsequent use
    • H04L9/0819Key transport or distribution, i.e. key establishment techniques where one party creates or otherwise obtains a secret value, and securely transfers it to the other(s)
    • H04L9/0825Key transport or distribution, i.e. key establishment techniques where one party creates or otherwise obtains a secret value, and securely transfers it to the other(s) using asymmetric-key encryption or public key infrastructure [PKI], e.g. key signature or public key certificates
    • GPHYSICS
    • G06COMPUTING OR CALCULATING; COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/30Authentication, i.e. establishing the identity or authorisation of security principals
    • G06F21/31User authentication
    • G06F21/36User authentication by graphic or iconic representation
    • GPHYSICS
    • G06COMPUTING OR CALCULATING; COUNTING
    • G06KGRAPHICAL DATA READING; PRESENTATION OF DATA; RECORD CARRIERS; HANDLING RECORD CARRIERS
    • G06K19/00Record carriers for use with machines and with at least a part designed to carry digital markings
    • G06K19/06Record carriers for use with machines and with at least a part designed to carry digital markings characterised by the kind of the digital marking, e.g. shape, nature, code
    • G06K19/06009Record carriers for use with machines and with at least a part designed to carry digital markings characterised by the kind of the digital marking, e.g. shape, nature, code with optically detectable marking
    • G06K19/06037Record carriers for use with machines and with at least a part designed to carry digital markings characterised by the kind of the digital marking, e.g. shape, nature, code with optically detectable marking multi-dimensional coding
    • GPHYSICS
    • G06COMPUTING OR CALCULATING; COUNTING
    • G06KGRAPHICAL DATA READING; PRESENTATION OF DATA; RECORD CARRIERS; HANDLING RECORD CARRIERS
    • G06K19/00Record carriers for use with machines and with at least a part designed to carry digital markings
    • G06K19/06Record carriers for use with machines and with at least a part designed to carry digital markings characterised by the kind of the digital marking, e.g. shape, nature, code
    • G06K19/08Record carriers for use with machines and with at least a part designed to carry digital markings characterised by the kind of the digital marking, e.g. shape, nature, code using markings of different kinds or more than one marking of the same kind in the same record carrier, e.g. one marking being sensed by optical and the other by magnetic means
    • G06K19/10Record carriers for use with machines and with at least a part designed to carry digital markings characterised by the kind of the digital marking, e.g. shape, nature, code using markings of different kinds or more than one marking of the same kind in the same record carrier, e.g. one marking being sensed by optical and the other by magnetic means at least one kind of marking being used for authentication, e.g. of credit or identity cards
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/10Network architectures or network communication protocols for network security for controlling access to devices or network resources
    • H04L63/108Network architectures or network communication protocols for network security for controlling access to devices or network resources when the policy decisions are valid for a limited amount of time
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/12Applying verification of the received information
    • H04L63/123Applying verification of the received information received data contents, e.g. message integrity
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/12Applying verification of the received information
    • H04L63/126Applying verification of the received information the source of the received data
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/32Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials
    • H04L9/3247Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials involving digital signatures

Definitions

  • the present invention relates to the field of information processing technologies, and in particular, to a method, an apparatus, and a system for processing a two-dimensional code.
  • an application scenario in which voucher verification can be completed by a specific entity can be obtained by acquiring a corresponding specific entity, for example, for a ticket, a concert ticket, purchasing a paper ticket from a ticket window, and checking the ticket. After completing the test, you can take a ride or watch a concert.
  • This type of verification relies on a specific entity (ticket or concert ticket), requiring the user to carry a specific entity with him, but if the particular entity is lost or damaged, the process of logging out or re-subscribing a particular entity is complicated and cumbersome.
  • the prerequisite for ensuring security is to increase the security authentication auxiliary device, for example, through the security keyboard, fingerprint identification device, etc., which increases the use cost, which can prevent the leakage of private information.
  • the security authentication auxiliary device for example, through the security keyboard, fingerprint identification device, etc., which increases the use cost, which can prevent the leakage of private information.
  • the user can purchase the electronic voucher online by using the electronic voucher.
  • a random code is recorded, and the verification is completed by verifying the random code in the electronic voucher when verifying the voucher, which improves the convenience and security of the voucher verification and reduces the issuance cost of the voucher issuer.
  • the static voucher is used in the electronic voucher. If the electronic voucher is copied or photographed and stolen, the security of the electronic voucher cannot be guaranteed.
  • the method, device and system for processing a two-dimensional code mainly aim to solve the problem that in the prior art, when generating an electronic voucher, relying on a static random code, once the electronic voucher is copied or photographed, Take the problem that leads to the leakage of electronic credentials.
  • the present invention provides a method for processing a two-dimensional code, comprising:
  • the present invention provides a method for processing a two-dimensional code, comprising:
  • the client receives the server signature information and the electronic credential sent by the server, where the server signature information is obtained by the server using the server private key to sign the electronic credential and the user public key of the client;
  • the present invention provides a method for processing a two-dimensional code, comprising:
  • the voucher verification end acquires a two-dimensional code in the client, where the two-dimensional code is generated by the client according to preset security information, client signature information, server signature information, electronic voucher, and user public key.
  • the end signature information is obtained by the client signing the electronic voucher
  • the server signature information is obtained by the server signing the electronic voucher and the user public key;
  • the valid time of the service included in the electronic credential is obtained for verification
  • the present invention provides a server comprising:
  • a receiving unit configured to receive a request for acquiring an electronic voucher sent by the client, where the request for obtaining the electronic voucher includes a user identity identifier;
  • a first acquiring unit configured to acquire an electronic credential corresponding to the user identity identifier received by the receiving unit
  • a signature unit configured to sign the electronic credential and the user public key of the client by using a server private key to obtain server signature information
  • a sending unit configured to send the server signature information obtained by the signature unit and the electronic certificate obtained by the first acquiring unit to the client, so that the client is within a valid time of the user key Performing verification on the server signature information, and generating a two-dimensional code according to the electronic voucher, so that the voucher verification end verifies the electronic voucher included in the two-dimensional code; wherein the voucher verification end is used according to The user identity generates an electronic voucher.
  • the present invention provides a client, including:
  • a first receiving unit configured to receive server signature information and an electronic credential sent by the server, where the server signature information is obtained by the server using the server private key to sign the electronic credential and the user public key of the client;
  • the verification unit is configured to perform verification on the signature information of the server to obtain an electronic voucher
  • An obtaining unit configured to acquire a user key corresponding to the user public key
  • a signature unit configured to sign the electronic voucher by using the user key acquired by the acquiring unit, to obtain client signature information
  • a generating unit configured to generate a two-dimensional code according to the preset security information, the client signature information, the server signature information, the electronic credential, and the user public key, so that the credential verification end is configured according to the preset security information And the user public key validating the electronic voucher included in the two-dimensional code; wherein the preset security information has a valid duration, and the credential verification end is configured to generate an electronic voucher according to the user identity.
  • the present invention provides a credential verification terminal, including:
  • a first acquiring unit configured to acquire a two-dimensional code in the client, where the two-dimensional code is the client according to preset security information, client signature information, server signature information, and electronic And the user public key is generated, the client signature information is obtained by the client signing the electronic voucher, and the server signature information is obtained by the server by signing the electronic voucher and the user public key;
  • a first verification unit configured to verify a valid duration of the preset security information acquired by the first acquiring unit
  • a second verification unit configured to verify the client signature information and the server signature information
  • a third verification unit configured to: when the first verification unit verifies the preset security information, the second verification unit verifies that the client signature information, and the server signature information are all successfully verified, acquiring an electronic credential The valid time of the included business is verified;
  • a determining unit configured to determine that the electronic credential verification is successful when the third verification unit verifies that the service valid time verification included in the electronic credential is successful.
  • the present invention provides a processing system for a two-dimensional code, the system comprising:
  • a client configured to send a request for obtaining an electronic voucher to the server, where the request for obtaining the electronic voucher includes a user identity identifier;
  • the server is configured to receive an electronic voucher request sent by the client, and obtain an electronic voucher from the credential verification end according to the user identity identifier;
  • a voucher verification end configured to receive and respond to the request information of the electronic voucher sent by the server, and send the electronic voucher to the server;
  • the server is further configured to receive the electronic credential sent by the credential verification end, the electronic credential and the user public key of the client are signed, obtain server signature information, and send the server signature information and the electronic credential To the client;
  • the client is configured to receive server signature information and an electronic credential sent by the server, perform verification on the server signature information, obtain an electronic credential, and obtain a user key corresponding to the user public key, and use the user.
  • the key is used to sign the electronic voucher to obtain client signature information, and generate a two-dimensional code according to the preset security information, the client signature information, the server signature information, the electronic voucher, and the user public key;
  • the credential verification end is configured to obtain a two-dimensional code in the client, verify the valid duration of the preset security information, and sign the client signature information and the server signature The information is verified. If the preset security information, the client signature information, and the server signature information are all successfully verified, the valid time of the service included in the electronic certificate is obtained for verification, if the service included in the electronic certificate If the valid time verification is successful, it is determined that the electronic voucher verification is successful.
  • the server after receiving a request for acquiring an electronic voucher sent by a client, uses the server private key to the electronic voucher and the user public key of the client.
  • the terminal can verify whether the electronic voucher is tampered with during the transmission process by verifying the server signature information, the client signature information and the preset security information in the two-dimensional code, and ensure the security of the electronic voucher in use.
  • FIG. 1 is a schematic diagram of interaction between a client, a server, and a credential verification end according to an embodiment of the present invention
  • FIG. 2 is a flowchart of a method for processing a first two-dimensional code according to an embodiment of the present invention
  • FIG. 3 is a flowchart of a method for processing a second two-dimensional code according to an embodiment of the present invention
  • FIG. 4 is a flowchart of a method for processing a third two-dimensional code according to an embodiment of the present invention.
  • FIG. 5 is a schematic diagram of a signature and an authentication check according to an embodiment of the present invention.
  • FIG. 6 is a flowchart of a fourth method for processing a two-dimensional code according to an embodiment of the present invention.
  • FIG. 7 is a flowchart of a fifth method for processing a two-dimensional code according to an embodiment of the present invention.
  • FIG. 8 is a block diagram showing the composition of a server according to an embodiment of the present invention.
  • FIG. 9 is a block diagram showing the composition of another server according to an embodiment of the present invention.
  • FIG. 10 is a block diagram showing the composition of a client according to an embodiment of the present invention.
  • FIG. 11 is a block diagram showing another composition of a client according to an embodiment of the present invention.
  • FIG. 12 is a block diagram showing the composition of a credential verification end according to an embodiment of the present invention.
  • FIG. 13 is a block diagram showing the composition of another credential verification end according to an embodiment of the present invention.
  • FIG. 14 is a block diagram showing the composition of a processing system for providing a two-dimensional code according to an embodiment of the present invention.
  • the embodiment of the present invention provides a method for processing a two-dimensional code, which is implemented by a cooperation between a server, a client, and a credential verification end.
  • the verification end has at least a function of generating and transmitting data for transmitting the generated electronic voucher to the server, and having a data acquisition and data verification function for acquiring the electronic voucher from the two-dimensional code in the client, and verifying the Is the electronic voucher correct?
  • the server has at least a data transceiving function, and is configured to receive an electronic credential sent by the credential verification end, and send the electronic credential to the client to implement data transmission.
  • the client has at least a data interaction function with a server for receiving an electronic credential sent by the server, and an image generating function for generating a two-dimensional code or the like based on the electronic credential information.
  • an interaction framework diagram between the client, the server, and the credential verification end provided by the embodiment of the present invention is first given, as shown in FIG.
  • the voucher verification end After the voucher verification end generates an electronic voucher according to the user identity (such as an ID card number, a mobile phone number, a mailbox, etc.), the voucher is sent to the server, and the server has access to the electronic voucher generated by the voucher verification end.
  • the server After receiving the request for obtaining the electronic credential by the client, the server sends the electronic credential to the client, so that the client generates a two-dimensional code based on the electronic credential for verification by the credential verification end.
  • the embodiment of the present invention uses an electronic voucher to take a two-dimensional code as a carrier as an example.
  • the electronic can also rely on other media, such as some clients with NFC technology such as SE, HCE, etc.
  • the electronic voucher in the embodiment of the present invention is described by using a two-dimensional code as a carrier. The reason is that the two-dimensional code has lower requirements and better versatility for the electronic credential user and the credential verification end.
  • this description is not intended to be limiting, and the electronic voucher can only be based on the two-dimensional code.
  • the method includes:
  • the server receives a request for obtaining an electronic voucher sent by the client.
  • the client After successfully logging in to the server, the client sends a request for obtaining an electronic voucher to the server, where the request for obtaining the electronic voucher includes a user identity, so that the server searches for the corresponding electronic voucher information according to the user identity.
  • the electronic voucher may include, but is not limited to, the following contents, such as: air tickets, bus tickets, train tickets, concert tickets, bank cards, access cards, various park tickets, ID cards, merchants, and merchants. E-vouchers corresponding to vouchers, membership cards, driving licenses, driver's license access cards, bus cards, etc.
  • the client is an application (Application, APP) or a website installed in an electronic device, and before the client interacts with the server, the client may register with the server based on the user identity.
  • the user identity may include but is not limited to the user ID card, the real name of the ID card, the mobile phone number, the email address, the account name, etc.
  • the login password of the login server may be set, and after registration and successful login, The client can communicate with the server for connection.
  • the server acquires an electronic credential corresponding to the user identifier, and uses the server private key to sign the electronic credential and the user public key of the client to obtain server signature information.
  • the server itself does not generate an electronic voucher, and after receiving the request for obtaining the electronic voucher sent by the client, the server obtains the electronic voucher corresponding to the user identity from the voucher verification end side that generates the electronic voucher.
  • the server carries a bridge between the electronic credential consumer (client) and the electronic credential verification end (credential verification end), and is responsible for forwarding the electronic credential generated by the credential verification end to the electronic credential user. It should be noted that, under the premise that the server meets the national regulatory requirements, the server of the embodiment of the present invention needs to obtain the authorization of the credential verification end to enable the server to access the credential verification end.
  • the server responds Before the client obtains the electronic voucher request, the server needs to use the service private key to sign the user public key of the client to obtain the server signature information.
  • the purpose of signing the user public key of the client is to serve the client.
  • the end and the server verify each other's identity, and securely authenticate the identity information to ensure that the information is not tampered with during the data transmission process.
  • the server signs the electronic voucher using the server private key and is able to determine the integrity of the original electronic voucher.
  • the server signs the user's public key and the electronic voucher
  • the function is that the server signature information obtained by signing the electronic voucher and the user public key by the server can be used as the QR code when the subsequent client generates the two-dimensional code.
  • the attribute information ensures that the electronic voucher transmitted by the client is sent by the server and is verified by the client, which is legal and reliable, so that the electronic voucher cannot be forged and non-repudiation.
  • the server sends the server signature information and the electronic credential to the client.
  • the credential verification end is configured to generate an electronic credential according to the user identity.
  • the method for processing the two-dimensional code provided by the embodiment of the present invention, after receiving the request for acquiring the electronic voucher sent by the client, and using the server private key to sign the electronic voucher and the user public key of the client, the server obtains the server signature information; Sending the server signature information and the electronic voucher to the client; the client receives the signature information and the electronic voucher of the server sent by the server, and the client checks the server signature information, and after the verification is successful, the electronic voucher Performing a client signature, and generating a two-dimensional code according to preset security information, the client signature information, the server signature information, the electronic credential, and the user public key; after the credential verification end obtains the two-dimensional code, By verifying the server signature information, the client signature information and the preset security information in the two-dimensional code, it is possible to determine whether the electronic voucher is tampered with during the transmission process, and to ensure the security of the electronic voucher in use.
  • the user of the electronic voucher and the client of the client is executed at step 102 using the server private key.
  • the public key is signed, it can be implemented by, but not limited to, the following methods, for example:
  • Manner 1 The server allocates a user signature key for the electronic voucher, and signs the first user public key and the electronic voucher by using the server private key; wherein the allocated user signature key includes the first user public key .
  • the server When the server receives the request for obtaining the electronic voucher sent by the client, if the user public key of the client is not obtained from the request for obtaining the electronic voucher, the server authenticates the user identity of the client to ensure that the electronic voucher is not tampered with. Assigning a pair of user signature keys to the electronic voucher, the assigned user signature key including a first user public key, and a first user private key, and signing the first user private key using the server private key for receiving After the server signature information, it is securely authenticated.
  • the server Because the server temporarily assigns the user signature key to the electronic credential, the server signature information in the server cannot be checked if the client does not obtain the user signature key.
  • the server adopts the above.
  • the server needs to send the user signature key assigned to the electronic credential to the client when transmitting the server signature information and the electronic credential to the client.
  • the client so that the client checks the server signature information according to the user signature key.
  • the client may directly discard the user signature key,
  • the user signature key can be used as a common user key and a user public key of the client. Specifically, the embodiment of the present invention does not limit this.
  • Manner 2 The server acquires a second user public key sent by the client, and signs the second user public key and the electronic certificate by using the server private key.
  • the second public key of the client is synchronously sent to the server, so that the server authenticates the client, and the server uses the server private key.
  • the second user public key and the electronic voucher of the client are signed. After the client receives the signed second user public key and the electronic voucher, the client can obtain the electronic voucher information after the successful verification, and the electronic voucher is not ensured. Was tampered with.
  • first user public key and the second user public key are used to distinguish different user public keys in the client, and the first and second have no other meanings, and are not used.
  • the naming manner of the user public key in the client is not limited in the embodiment of the present invention.
  • the user public key and the user private key are used as an asymmetric key as an example.
  • the user public key and the user private key are not limited to being asymmetric.
  • the key may also be a symmetric key.
  • the embodiment of the present invention does not limit this.
  • the server's signature process takes the server's signature on the user's public key and electronic voucher as an example.
  • the specific process includes: after the server obtains the user's public key and electronic voucher, the user can use the hash algorithm to the user. The key and the electronic certificate are hashed, the hash value is obtained, and then the hash value is signed by using the private key of the server to obtain the server signature information.
  • the specific algorithm of the present invention uses the algorithm used in the signature process (such as hash operation). ) is not limited.
  • the server After the server completes the signature of the electronic voucher and the user public key, the electronic voucher, the signed user public key and the electronic voucher are sent to the client, so that the client checks the signature information of the server to ensure the data transmission process. In the meantime, the electronic voucher is not tampered with by malicious users.
  • the server also needs to broadcast the public key corresponding to the server private key used to obtain the signature information, so that the client and the credential verification end receive the public key broadcasted by the server, and use the server public key to verify the signature information. .
  • the server in the embodiment of the present invention serves as a bridge between the client and the credential information authenticator, and is capable of verifying the legitimacy of using the electronic credential in addition to authenticating the legitimacy of the user.
  • the electronic voucher distinguishes different service types in the specific use process, and different service types are defined by different service specifications. For example, when the electronic voucher is a ticket, the ticket service includes the departure time of the aircraft (this application scenario is limited to The plane takes off normally, there is no late scene); or, when the electronic voucher is a concert ticket, the ticket business will also include the start time of the concert, the admission time, and so on.
  • the server before the server obtains the corresponding electronic voucher according to the user identity, the server needs to parse the request for obtaining the electronic voucher, obtain the valid time of the service included in the request for obtaining the electronic voucher, and verify the valid time of the service. Whether the service specification conforms to the service specification, when the service valid time meets the service specification, the server obtains the electronic certificate corresponding to the user identity; when the service valid time does not meet the service specification, the client returns the prompt information without the corresponding electronic certificate.
  • the electronic voucher is a car ticket business
  • the voucher verification terminal can be pre-
  • the time for the sale of the bus ticket is 7 days.
  • the current date is November 1, 2016.
  • the user sends a request for obtaining an electronic voucher based on the client to the server.
  • the valid time of the service included in the request is November 2016.
  • the maximum valid time for generating the electronic voucher by the voucher verification terminal is November 8, 2016. Therefore, the server can determine that the service valid time does not meet the business specifications.
  • the above is only an exemplary example, and the embodiment of the present invention does not limit the service type, service effective time, and service specification of the electronic voucher.
  • the method may be implemented by using, but not limited to, the following methods, for example:
  • the implementation manner is that the credential verification end sends the generated electronic voucher to the server actively after generating the electronic voucher.
  • the server may generate a preset list locally, and the preset list is used to record the mapping relationship between the user identity and the electronic voucher, and when receiving the voucher verification After the electronic voucher is synchronized, the corresponding relationship between the newly received electronic voucher and the user identity is recorded in the preset list; when the server sends an electronic voucher to the client, the successfully transmitted electronic in the preset list can be Credentials are deleted to save server resources.
  • Manner 2 Send request information for obtaining an electronic voucher to the voucher verification terminal according to the user identity to obtain the electronic voucher.
  • the server plays a role of relaying.
  • the electronic credential is requested from the credential verification end based on the user identity identifier in the e-voucher request, and then the proxy is obtained.
  • the incoming electronic voucher is forwarded to the client.
  • the manner in which the server obtains the electronic certificate is not limited in the embodiment of the present invention.
  • the embodiment of the present invention further provides a method for processing a two-dimensional code.
  • the client is mainly used as an Alipay
  • the electronic voucher is an electronic concert.
  • the ticket is described as an example, but it should be clarified that the description is not intended to limit the client described in the embodiment of the present invention to only Alipay, as shown in FIG. 3, the method includes:
  • the server receives a request for acquiring an electronic concert ticket sent by the Alipay, and the request for obtaining the electronic concert ticket includes a mobile phone number and a valid time of the service.
  • the service effective time may be the booking time of the electronic concert ticket, or the opening time of the electronic concert ticket, or any time irrelevant to the electronic concert ticket, which is in the embodiment of the present invention.
  • the effective time of the business is not limited.
  • the server parses the obtained electronic concert ticket request, and obtains a service effective time included in the acquiring the electronic concert ticket request.
  • the service in the request is valid for the opening time of the concert at 16:00 on September 20, 2016, and the current date is September 1, 2016.
  • step 204 is performed; if the service validity time does not meet the service specification, step 205 is performed.
  • the purpose of obtaining an electronic concert ticket is that when the paper concert ticket is lost or damaged, the electronic concert ticket can be verified to enter the concert without having to re-send the paper concert ticket.
  • Save the cumbersome process of reissuing tickets in this example, you can set the business specification to allow you to get electronic concert tickets within 30 days before the opening of the concert, or allow you to get electronic concert tickets within half an hour after the concert starts, as long as the business is valid.
  • step 202b may be performed; and the effective time described in step 201 is the opening time of the concert on September 20, 2016, and the service specification is met, then step 202b is performed.
  • the server parses the obtained electronic concert ticket request, and obtains the mobile phone number in the request for acquiring the electronic concert ticket.
  • step 204 is performed; if the mobile phone number is invalid, step 205 is performed.
  • step 202a when step 202a is executed and step 202b is executed, there is no sequence description between the two steps, and the execution is continued only after the service valid time and the user identity (mobile phone number) are successfully verified. Next steps.
  • the server acquires an electronic concert ticket corresponding to the mobile phone number, and uses a server private key to sign the user key of the Alipay and the electronic certificate to obtain server signature information.
  • Electronic concert tickets include: concert venue, grandstand, and specific The seat number, the name of the concert, the price, and the like are not limited in this embodiment of the present invention.
  • the obtained electronic concert ticket request is intercepted, and the prompt information that the request fails is sent to the Alipay.
  • the electronic device such as a mobile phone
  • the user can switch the mobile phone, and after successfully logging in to Alipay, continue to use the electronic voucher, eliminating the loss of the paper voucher, canceling, and reissuing
  • the problem is that the application scenario is limited to Alipay's successful use of the user's private key, server public key and electronic voucher; if Alipay does not verify the server's signature information, Alipay needs to perform server signature information based on the server's public key. Verify that the electronic voucher is obtained after the verification is successful.
  • the valid period for verifying the public key of the server may be set, and the client needs to be restricted.
  • the verification of the server signature is completed within the specified time limit. If the verification of the server public key is valid, the server signature information cannot be verified.
  • the embodiment of the present invention further provides a method for processing a two-dimensional code, and the method is applied to the client side shown in FIG. 1. As shown in FIG. 4, the method includes:
  • the client receives server signature information and an electronic credential sent by the server.
  • the client After successfully logging in using the user account name and the login password, the client sends a request for obtaining an electronic voucher to the server, and the server responds to the request for obtaining the electronic voucher, and the server sends the server signature information and the electronic voucher in order to ensure that the electronic voucher is tampered with during the transmission process.
  • the identity of the authenticated client is legal.
  • the server signature information is obtained by the server using the server private key to sign the electronic credential and the user public key of the client.
  • the client checks the server signature information to obtain an electronic credential.
  • FIG. 5 is a schematic diagram of a signature and an authentication provided by an embodiment of the present invention. Specifically, after obtaining the user public key and the electronic voucher, the server hashes the user public key and the electronic voucher by using a hash algorithm to obtain a first hash value, and then uses the private key of the server to the first hash.
  • the hash value is encrypted to obtain the server signature information, and the server sends the server signature information and the electronic credential to the client; after receiving the server signature information and the electronic credential, the client extracts the electronic credential and performs the hash calculation on the electronic credential.
  • the client obtains a user key corresponding to the user public key, and uses the user key to sign the electronic certificate to obtain client signature information.
  • the electronic voucher In the client to generate the electronic voucher with the QR code as the carrier, in order to prevent the electronic voucher from being illegally falsified and leaking the electronic voucher information, the electronic voucher needs to be signed by the user private key to obtain the client signature information, when the client is based on the client.
  • the signature information is used as the attribute information for generating the two-dimensional code
  • the credential verification end can verify the signature information of the client, thereby authenticating the validity of the client.
  • the client generates a two-dimensional code according to preset security information, the client signature information, the server signature information, the electronic credential, and the user public key.
  • the authentication information may be added to the generated two-dimensional code, and the authentication information may include but is not limited to the client signature information. , server signature information and preset security information.
  • the voucher verification end can authenticate the electronic voucher to be verified by the client by signing the verification of the signature information of the client, and the voucher verification end can determine the electronic code in the two-dimensional code by verifying the signature information of the server.
  • the voucher is an electronic voucher issued by the server to ensure that the voucher is not tampered with.
  • the preset security information is dynamically implemented as a two-dimensional code, that is, as a client.
  • the end and the credential verification end establish a credential for "trusted" data transmission; the credential verification end verifies the validity and security of the preset security information before receiving the two-dimensional code sent by the client, to ensure that the client sends the electronic credential Security.
  • the preset security information may include, but is not limited to, the following content, such as: dynamic password information, time information, random code information, and the like. Specifically, the embodiment of the present invention does not limit this.
  • the preset security information is used as an example for the current system time. If the client generates a two-dimensional code at 08:00, it can be determined that the preset security information is 08/00, and if the client generates the second at 10:21.
  • the dimension code can determine that the preset security information is 10/21.
  • the above example is based on the preset security information as an example of the current system time, but it should be clear that the description manner is not intended to limit the embodiment of the present invention.
  • the preset security information can only be the current system time of the client.
  • the user public key is directly used as the attribute information for generating the two-dimensional code, instead of broadcasting the user's public key of the client, which can effectively reduce the overhead and cost of the client.
  • the method for processing the two-dimensional code provided by the embodiment of the present invention, after receiving the request for acquiring the electronic voucher sent by the client, and using the server private key to sign the electronic voucher and the user public key of the client, the server obtains the server signature information; Sending the server signature information and the electronic voucher to the client; the client receives the signature information and the electronic voucher of the server sent by the server, and the client checks the server signature information, and after the verification is successful, the electronic voucher Performing a client signature, and generating a two-dimensional code according to preset security information, the client signature information, the server signature information, the electronic credential, and the user public key; after the credential verification end obtains the two-dimensional code, By verifying the server signature information, the client signature information and the preset security information in the two-dimensional code, it is possible to determine whether the electronic voucher is tampered with during the transmission process, and to ensure the security of the electronic voucher in use.
  • the client when the client obtains the user key corresponding to the user public key, the user sends a user signature key that is sent by the server for the electronic credential, and the user signature key includes one
  • the first user public key and a first user key, the user key and the user public key are asymmetric keys, and the client obtains the first user key in the user signature key allocated by the server for the electronic credential.
  • the client when the client obtains the user key corresponding to the user public key, the client itself may be acquired and used.
  • the second user key corresponding to the public key of the user is not limited in the embodiment of the present invention.
  • the method includes: receiving and storing a server public key broadcast by the server, and performing verification on the server signature information according to the server public key and the electronic credential. sign.
  • the server signature information is verified according to the server public key, the electronic certificate, and the first user public key;
  • the server signature information is verified according to the server public key, the electronic credential and the second user public key.
  • the client-to-server signature information please refer to the detailed description of FIG. 5, which is not limited by the embodiment of the present invention.
  • the server when the server sends the electronic voucher to the client, the electronic voucher and the user public key need to be signed to obtain the server signature information, and the purpose is that the server signature information can be generated when the subsequent client generates the two-dimensional code.
  • the server signature information can be generated when the subsequent client generates the two-dimensional code.
  • the user uses his private key to sign the information sent by the server, ensures the correctness of the original information of the electronic voucher, and the user public key is verified to be legal and reliable, and cannot be forged and cannot be deny.
  • the client may use the first user key to sign the electronic voucher, and the second user key may be used to sign the electronic voucher.
  • the embodiment of the present invention does not limit this.
  • the client when the client generates the two-dimensional code, the client also uses the client signature information in the process of generating the two-dimensional code, so that the voucher verification end authenticates the client and ensures that the electronic voucher is Client generation and client use of electronic credentials are legal and reliable and cannot be forged or denied.
  • the two-dimensional code is generated according to the preset security information, the client signature information, the server signature information, the electronic credential, and the user public key, the following manner may be adopted: setting the preset security information effectively.
  • the user public key, the effective duration of the preset security information, and the user identity generate a two-dimensional code.
  • the embodiment of the present invention requires the client to use the user identity as the attribute information for generating the two-dimensional code, and can be applied to an application scenario where the voucher verification end requires the user real name system, for example,
  • the electronic voucher is a ticket, a bus ticket, a train ticket, a bank card, etc.
  • the voucher verification end verifies the electronic voucher of the type
  • the user ID entity can be used to verify the real name system condition, and the verification is completed to satisfy some The requirements of the real name system are required in the application scenario.
  • the generation is generated.
  • the biometrics of the electronic voucher can be added to the two-dimensional code, for example, the biometrics such as the fingerprint of the electronic voucher are built into the two-dimensional code, and when the two-dimensional code is verified at the voucher verification end, Require verification of my biometrics to further ensure the security of e-vouchers.
  • the foregoing embodiment details the specific functions and specific implementations of the server and the client when processing the two-dimensional code, and when verifying the generated electronic voucher that depends on the two-dimensional code, It also needs to be completed by the credential verification end shown in Figure 1.
  • a method for processing a two-dimensional code is provided. The method is applied to the credential verification end. As shown in FIG. 6, the method includes:
  • the credential verification end acquires the two-dimensional code in the client.
  • the two-dimensional code is generated by the client according to preset security information, client signature information, server signature information, an electronic credential, and a user public key, where the client signature information is the client to the electronic
  • the voucher signature is obtained, and the server signature information is obtained by the server signing the electronic voucher and the user public key.
  • the method may be implemented by using, but not limited to, obtaining a two-dimensional code by using a preset data acquisition instruction, where the preset data acquisition instruction includes: scanning mode, shaking Data sender mode, button trigger mode, voice trigger mode, and track slide mode.
  • the button triggering method includes: the credential verification end monitors the trigger state of the preset button, and the preset button can be a physical button or a virtual button.
  • the credential verification monitors the trigger state of the preset button
  • the preset button can be a physical button or a virtual button.
  • the credential verification The terminal can obtain the two-dimensional code displayed in the client; for the touch screen client, when the voucher verification terminal presets the track sliding mode, the sliding state of the touch screen in the client is performed. Listening, when the client user triggers a sliding operation on the screen, acquires the QR code.
  • the above is a description of the preset data acquisition instruction.
  • the embodiment of the present invention does not limit the type of the preset data acquisition instruction in the actual application.
  • the credential verification end verifies the valid duration of the preset security information, and verifies the client signature information and the server signature information.
  • the voucher verification end parses the acquired two-dimensional code, obtains the preset security information and the electronic voucher included in the two-dimensional code, and verifies the effective duration of the preset security information and the validity of the service effective time in the electronic voucher.
  • the preset security information is the current system time of the client, the preset security information is 10/21, and the preset security information has a valid duration of 60s
  • the credential verification end obtains the current system time and preset security. Whether the time difference corresponding to the information exceeds 60s, if it is determined to exceed 60s, the certificate verification end determines that the two-dimensional code is invalid.
  • the effective duration of the preset security information may be set to 2 minutes, etc., and the effective duration of the preset security information in the embodiment of the present invention is not limited.
  • the method for processing the two-dimensional code provided by the embodiment of the present invention, after receiving the request for acquiring the electronic voucher sent by the client, and using the server private key to sign the electronic voucher and the user public key of the client, the server obtains the server signature information; Sending the server signature information and the electronic voucher to the client; the client receives the signature information and the electronic voucher of the server sent by the server, and the client checks the server signature information, and after the verification is successful, the electronic voucher Performing a client signature, and generating a two-dimensional code according to preset security information, the client signature information, the server signature information, the electronic credential, and the user public key; after the credential verification end obtains the two-dimensional code, By verifying the server signature information, the client signature information and the preset security information in the two-dimensional code, it is possible to determine whether the electronic voucher is tampered with during the transmission process, and to ensure the security of the electronic voucher in use.
  • the step of performing all the steps is the electronic credential generated by the credential verification end, and therefore, in the embodiment of the present invention, in the acquiring client Before the two-dimensional code, the voucher verification end generates an electronic voucher according to the user identity.
  • the timing of generating the electronic voucher may include, but is not limited to, the following content. For example, after the user purchases the ticket from the ticket window, the ticket voucher system generates the paper voucher.
  • the embodiment of the present invention does not limit the application scenario of whether the voucher verification end provides the paper ticket after the electronic voucher is generated.
  • the purpose of using the electronic voucher in the embodiment of the present invention is to prevent the paper voucher from being lost or damaged. The problem of complicated procedures, at the same time, when the voucher verification end obtains the electronic voucher with the dynamic two-dimensional code as the carrier, the security of the electronic voucher can be ensured.
  • the corresponding electronic credential may be synchronized to the server according to the user identification information, so that the server client obtains the electronic credential.
  • the voucher verification end after receiving the request information of the electronic voucher sent by the server, the voucher verification end sends the electronic voucher to the servant, wherein the request information for obtaining the electronic voucher includes the user identity.
  • the method may be implemented by using, but not limited to, obtaining the user public key included in the two-dimensional code, and And authenticating the client signature information according to the user public key and the electronic voucher; receiving and storing a server public key corresponding to the server private key broadcasted by the server; according to the server public key and the electronic voucher And verifying the server signature information.
  • the client uses the user identification information as information for generating an attribute of the two-dimensional code, so that the credential verification end can identify the user identity information.
  • the client uses the user ID as the attribute information for generating the two-dimensional code.
  • the credential verification end parses the two-dimensional code, obtains the user identity identifier it contains, and verifies the user identity identifier. If the credential verification end determines that the user identity identifier verification is successful, it determines that the electronic credential verification is successful.
  • the electronic voucher in the two-dimensional code is a train ticket
  • the user's ID card can be verified synchronously, and the verification of the electronic voucher can be completed.
  • the electronic voucher verification is performed. Success; if one or part of the content contained in the QR code is not verified, the electronic voucher verification is unsuccessful.
  • the preset security information, the client signature information, the server signature information, and the user identity are included in the two-dimensional code, only the preset security information, the client signature information, the server signature information, and the user are included. After all the identity verification is successful, it is determined that the electronic certificate is successfully verified.
  • the voucher verification end is in the process of verifying the electronic voucher with the two-dimensional code as the carrier, and the convenience and security of the electronic voucher in daily life and work can be seen.
  • the above example is described by taking an electronic voucher in the client as an example.
  • the client may include multiple types of electronic voucher, and the electronic voucher may be separately recorded in different dynamic two-dimensional codes. It is also possible to record a plurality of types of electronic vouchers in the same two-dimensional code.
  • the embodiment of the present invention does not limit this.
  • the electronic voucher can replace the entity voucher information in the prior art, can prevent the problem of information leakage in the entity voucher, and can prevent the cumbersome steps of canceling or replenishing the entity voucher when it is lost.
  • the terminal device (handset) that installs the client can be carried only without carrying any entity credentials.
  • user A only carries a mobile phone with a client installed, and takes a bus from the home to the company at 8:00 in the morning.
  • the user can smoothly travel through the QR code of the bus electronic voucher in the client.
  • the user can pass the access control.
  • the voucher enters the company and is signed by the electronic voucher.
  • user A needs to go to a bank to handle the banking business, and can handle the business through electronic ID card and electronic bank card.
  • user A needs to go to the train station.
  • verifying the electronic voucher the above two-dimensional code security processing method is adopted.
  • the example is intended to illustrate that the electronic voucher is convenient and safe for life and work, and is not intended to limit the specific application scenarios of the electronic voucher.
  • the credential verification end generates an electronic credential according to the user identity, and synchronizes the corresponding electronic credential to the server according to the user identity, so that the server sends the electronic credential to the client.
  • the client sends a request for obtaining an electronic voucher to the server, where the request for obtaining the electronic voucher includes a user identity and a valid time of the service.
  • the server receives the request for obtaining an electronic voucher sent by the client, parses the request for obtaining the electronic voucher, and obtains a valid time of the service included in the request for obtaining the electronic voucher.
  • the server verifies whether the valid time of the service meets a service specification.
  • step 505 is performed; if the service valid time does not meet the service specification, the obtaining the electronic voucher request is ignored.
  • the request information for obtaining the electronic voucher may be sent to the voucher verification terminal according to the user identity to obtain the electronic voucher.
  • the server uses the server private key to sign the user public key of the client with the electronic certificate, obtains the server signature information, and sends the server signature information and the electronic certificate to the client.
  • the server broadcasts the public key corresponding to the private key of the server, so that the client and the credential verification end verify the signature information according to the public key of the server.
  • the client receives and stores a public key broadcast by the server.
  • the client receiving server sends the server signature information and the electronic credential sent by the receiving server.
  • the client performs an authentication on the server signature information based on a public key broadcast by the server, to obtain an electronic credential.
  • step 511 is performed; if the verification of the server signature information fails, the electronic certificate provided by the server cannot be obtained.
  • the client signs the electronic voucher by using the user key to obtain client signature information, according to preset security information, the client signature information, the server signature information, the electronic credential, and the
  • the user public key generates a two-dimensional code.
  • the credential verification end obtains the two-dimensional code in the client, and verifies the valid duration of the preset security information, and verifies the client signature information and the server signature information.
  • another embodiment of the present invention further provides a server.
  • the device embodiment corresponds to the foregoing method embodiment.
  • the device embodiment does not describe the details in the foregoing method embodiments one by one, but it should be clear that the device in this embodiment can implement the foregoing method. All the contents of the example.
  • the embodiment of the present invention provides a server. As shown in FIG. 8, the device includes:
  • the receiving unit 61 is configured to receive a request for acquiring an electronic voucher sent by the client, where the request for obtaining the electronic voucher includes a user identity identifier;
  • the first obtaining unit 62 is configured to acquire an electronic credential corresponding to the user identity identifier received by the receiving unit;
  • the signing unit 63 is configured to sign the electronic voucher and the user public key of the client by using a server private key to obtain server signature information;
  • a sending unit 64 configured to send the server signature information obtained by the signature unit 63 and the electronic certificate obtained by the first acquiring unit to the client, so that the client is valid in the user key And verifying the server signature information, and generating a two-dimensional code according to the electronic voucher, so that the voucher verification end verifies the electronic voucher included in the two-dimensional code; wherein the voucher verification end uses Generate an electronic voucher based on the user identity.
  • the signature unit 63 includes:
  • An allocating module 631 configured to allocate a user signature key for the electronic voucher
  • a first signing module 632 configured to sign, by using the server private key, the electronic credential and a first user public key allocated by the allocating module; wherein the allocated user signing key comprises a first user public key ;
  • the obtaining module 633 is configured to obtain a second user public key sent by the client.
  • the second signature module 634 is configured to sign the electronic credential and the second user public key acquired by the obtaining module by using the server private key.
  • the sending unit 64 is further configured to send the allocated user signature key, the server signature information, and the electronic certificate to The client.
  • the server further includes:
  • the parsing unit 65 is configured to parse the acquiring electronic voucher request before the first obtaining unit 62 acquires the electronic voucher corresponding to the user identity identifier;
  • the second obtaining unit 66 is configured to obtain, after the parsing unit 65 parses the acquiring electronic voucher request, the service valid time included in the acquiring e-voucher request;
  • a verification unit 67 configured to verify whether the service valid time acquired by the second obtaining unit 66 meets a service specification
  • the first obtaining unit 62 is further configured to: when the verifying unit 67 verifies that the service valid time meets a service specification, perform an electronic credential corresponding to the user identity identifier.
  • the first acquiring unit 62 includes:
  • the receiving module 621 is configured to: after the credential verification end generates the electronic credential according to the user identifier, receive the electronic credential synchronized by the credential verification end;
  • the processing module 622 is configured to send, to the credential verification end, request information for acquiring an electronic credential according to the user identity to obtain the electronic credential.
  • the user signature key is an asymmetric key.
  • the server further includes:
  • the broadcast unit 68 is configured to broadcast the public key corresponding to the server private key, so that the client and the credential verification end verify the signature information according to the public key of the server.
  • the embodiment of the present invention further provides a client, as shown in FIG. 10, including:
  • the first receiving unit 71 is configured to receive server signature information and an electronic credential sent by the server.
  • the server signature information is obtained by the server using the server private key to sign the electronic credential and the user public key of the client;
  • the verification unit 72 is configured to perform verification on the server signature information to obtain an electronic certificate
  • An obtaining unit 73 configured to acquire a user key corresponding to the user public key
  • the signing unit 74 is configured to sign the electronic voucher by using the user key acquired by the obtaining unit 73 to obtain client signature information;
  • the generating unit 75 is configured to generate a two-dimensional code according to the preset security information, the client signature information, the server signature information, the electronic credential, and the user public key, so that the credential verification end is secure according to the preset
  • the information and the user public key verify the electronic voucher included in the two-dimensional code; wherein the preset security information has a valid duration, and the credential verification end is configured to generate an electronic voucher according to the user identity.
  • the client further includes:
  • the second receiving unit 76 is configured to receive, before acquiring the user key corresponding to the user public key, a user signature key that is sent by the server and allocated for the electronic credential;
  • the obtaining unit 73 is further configured to acquire, by the second receiving unit, a first user key included in a user signature key allocated by the server to the electronic credential;
  • the obtaining unit 73 is further configured to acquire a second user key that is generated by the client itself and corresponding to the user public key.
  • the signature unit 74 includes:
  • a first signing module 741 configured to sign the electronic voucher by using the first user key
  • the second signature module 742 signs the electronic voucher using the second user key.
  • the verification unit 72 includes:
  • the receiving module 721 is configured to receive a server public key broadcast by the server;
  • the first verification module 723 is configured to perform verification on the server signature information according to the server public key, the client public key, and the electronic certificate stored by the storage module.
  • the user private key and the user key are asymmetric keys.
  • the generating unit 75 includes:
  • a setting module 751, configured to set an effective duration of the preset security information
  • the generating module 752 is configured to generate, according to the preset security information, the client signature information, the server signature information, the electronic credential, the user public key, the effective duration of the preset security information, and the user identity identifier. QR code.
  • the embodiment of the present invention further provides a credential verification end, as shown in FIG. 12, including:
  • the first obtaining unit 81 is configured to acquire a two-dimensional code in the client, where the two-dimensional code is the client according to preset security information, client signature information, server signature information, electronic credentials, and user public key. Generating, the client signature information is obtained by the client signing the electronic voucher, and the server signature information is obtained by the server signing the electronic voucher and the user public key;
  • the first verification unit 82 is configured to verify the valid duration of the preset security information acquired by the first acquiring unit.
  • a second verification unit 83 configured to verify the client signature information and the server signature information
  • a third verification unit 84 configured to acquire an electronic credential when the first verification unit verifies the preset security information, the second verification unit verifies that the client signature information, and the server signature information are all successfully verified. Verify the valid time of the business included in the business;
  • the determining unit 85 is configured to determine that the electronic credential verification is successful when the third verification unit verifies that the service valid time verification included in the electronic credential is successful.
  • the credential verification end further includes:
  • a generating unit 86 configured to generate an electronic voucher according to the user identity before the first acquiring unit 81 acquires the two-dimensional code in the client;
  • the synchronization unit 87 is configured to synchronize the corresponding electronic credential to the server according to the user identity, so that the server sends the electronic credential to the client;
  • the receiving unit 88 is configured to receive request information for acquiring an electronic voucher sent by the server;
  • the sending unit 89 is configured to send the electronic credential to the server, where the request information for acquiring the electronic credential includes the user identity identifier.
  • the second verification unit 83 includes:
  • the obtaining module 831 is configured to obtain a user public key included in the two-dimensional code
  • a first check module 832 configured to: use the user public key acquired by the acquiring module, and the The electronic voucher checks the signature information of the client;
  • the receiving module 833 is configured to receive a server public key corresponding to the server private key broadcast by the server;
  • a storage module 834 configured to store the server public key received by the receiving module
  • the second verification module 835 is configured to verify the server signature information according to the server public key, the client public key, and the electronic certificate stored by the storage module.
  • the credential verification end further includes:
  • a second obtaining unit 810 configured to acquire a user identity identifier included in the two-dimensional code before the determining unit 85 determines that the electronic certificate verification is successful;
  • the fourth verification unit 811 is configured to verify the user identity identifier acquired by the second obtaining unit 810;
  • the determining unit 85 is further configured to: when the fourth verification unit 811 determines that the user identity verification is successful, determine that the electronic certificate verification is successful.
  • the embodiment of the present invention further provides a processing system for a two-dimensional code.
  • the system includes:
  • a client 91 configured to send a request for obtaining an electronic voucher to the server 92, where the request for obtaining an electronic voucher includes a user identity identifier;
  • the server 92 is configured to receive an electronic voucher request sent by the client 91, and obtain an electronic voucher from the voucher verification terminal 93 according to the user identity identifier;
  • the voucher verification end 93 is configured to receive and respond to the request information of the e-voucher sent by the server 92, and send the electronic voucher to the server 92;
  • the server 92 is further configured to receive the electronic credential sent by the credential verification terminal 93, the electronic credential and the user public key of the client 91 are signed, obtain signature information of the server 92, and sign the information of the server 92. And the electronic voucher is sent to the client 91;
  • the client 91 is configured to receive the server 92 signature information and the electronic credential sent by the server 92, perform verification on the signature information of the server 92, obtain an electronic credential, and obtain a user key corresponding to the user public key. Signing the electronic voucher by using the user key to obtain signature information of the client 91, according to preset security information, signature information of the client 91, signature information of the server 92, the electronic voucher, and the user
  • the public key generates a two-dimensional code
  • the credential verification end 93 is configured to acquire a two-dimensional code in the client 91, and the preset Verifying the valid duration of the security information, and verifying the signature information of the client 91 and the signature information of the server 92, if the preset security information, the signature information of the client 91, and the signature information of the server 92 are both If the verification succeeds, the valid time of the service included in the electronic voucher is obtained for verification, and if the valid time of the service included in the electronic voucher is successfully verified, the verification of the electronic voucher is determined to be successful.
  • the server, the client, the credential verification end and the two-dimensional code processing system provided by the server after receiving the request for obtaining the electronic credential sent by the client, the server uses the server private key to perform the electronic credential and the user public key of the client. Signing, obtaining server signature information; sending the server signature information and the electronic credential to the client; the client receiving the server's signature information and the electronic credential sent by the server, and the client verifies the server signature information, and the client checks After the signing is successful, the electronic voucher is signed by the client, and the two-dimensional code is generated according to the preset security information, the client signature information, the server signature information, the electronic voucher and the user public key; the voucher verification end After obtaining the two-dimensional code, by verifying the server signature information, the client signature information and the preset security information in the two-dimensional code, it is possible to determine whether the electronic voucher is tampered with during the transmission process, and to ensure the security of the electronic voucher in use.
  • modules in the devices of the embodiments can be adaptively changed and placed in one or more devices different from the embodiment.
  • the modules or units or components of the embodiments may be combined into one module or unit or component, and further they may be divided into a plurality of sub-modules or sub-units or sub-components.
  • any combination of the features disclosed in the specification, including the accompanying claims, the abstract and the drawings, and any methods so disclosed, or All processes or units of the device are combined.
  • Each feature disclosed in this specification (including the accompanying claims, the abstract and the drawings) may be replaced by alternative features that provide the same, equivalent or similar purpose.
  • the various component embodiments of the present invention may be implemented in hardware, or in a software module running on one or more processors, or in a combination thereof.
  • a microprocessor or digital signal processor may be used in practice to implement some or all of the components of the inventive name (e.g., means for determining the level of link within a website) in accordance with embodiments of the present invention.
  • the invention can also be implemented as a device or device program (e.g., a computer program and a computer program product) for performing some or all of the methods described herein.
  • Such a program implementing the invention may be stored on a computer readable medium or may be in the form of one or more signals. Such signals may be downloaded from an Internet website, provided on a carrier signal, or provided in any other form.

Landscapes

  • Engineering & Computer Science (AREA)
  • Computer Security & Cryptography (AREA)
  • Signal Processing (AREA)
  • Computer Networks & Wireless Communication (AREA)
  • General Engineering & Computer Science (AREA)
  • Computer Hardware Design (AREA)
  • Theoretical Computer Science (AREA)
  • Computing Systems (AREA)
  • Physics & Mathematics (AREA)
  • General Physics & Mathematics (AREA)
  • Software Systems (AREA)
  • Storage Device Security (AREA)
  • Financial Or Insurance-Related Operations Such As Payment And Settlement (AREA)
  • Management, Administration, Business Operations System, And Electronic Commerce (AREA)
  • Information Transfer Between Computers (AREA)
PCT/CN2017/114382 2016-12-14 2017-12-04 二维码的处理方法、装置及系统 Ceased WO2018107988A1 (zh)

Priority Applications (17)

Application Number Priority Date Filing Date Title
JP2019532002A JP6768960B2 (ja) 2016-12-14 2017-12-04 2次元バーコード処理方法、デバイス、およびシステム
MYPI2019003371A MY189760A (en) 2016-12-14 2017-12-04 Method, apparatus, and system for processing two-dimensional barcodes
EP17880448.0A EP3557831B1 (en) 2016-12-14 2017-12-04 System for processing two-dimensional barcodes in connection with mobile payment transactions
BR112019012149A BR112019012149A2 (pt) 2016-12-14 2017-12-04 método para processar códigos de barras bidimensionais e sistema para processar códigos de barras bidimensionais
MX2019006968A MX2019006968A (es) 2016-12-14 2017-12-04 Metodo, aparato y sistema para procesar codigos de barras bidimensionales.
ES17880448T ES2841724T3 (es) 2016-12-14 2017-12-04 Sistema para procesar códigos de barras bidimensionales en conexión con transacciones de pago móviles
RU2019121938A RU2726831C1 (ru) 2016-12-14 2017-12-04 Способ, оборудование и система обработки двумерных штрих-кодов
CA3046858A CA3046858C (en) 2016-12-14 2017-12-04 Method, apparatus, and system for processing two-dimensional barcodes
KR1020197020063A KR102220087B1 (ko) 2016-12-14 2017-12-04 이차원 바코드를 프로세싱하기 위한 방법, 장치, 및 시스템
AU2017376036A AU2017376036B2 (en) 2016-12-14 2017-12-04 Two-dimensional barcode processing method, device, and system
PL17880448T PL3557831T3 (pl) 2016-12-14 2017-12-04 Układ przetwarzania dwuwymiarowych kodów kreskowych w związku z transakcjami płatności mobilnych
US16/384,607 US10581597B2 (en) 2016-12-14 2019-04-15 Method, apparatus, and system for processing two-dimensional barcodes
PH12019501375A PH12019501375A1 (en) 2016-12-14 2019-06-14 Method, apparatus, and system for processing two-dimensional barcodes
ZA2019/04592A ZA201904592B (en) 2016-12-14 2019-07-12 Method, apparatus, and system for processing two-dimensional barcodes in connection with mobile payment transaction
US16/802,640 US10790970B2 (en) 2016-12-14 2020-02-27 Method, apparatus, and system for processing two-dimensional barcodes
US17/035,359 US11032070B2 (en) 2016-12-14 2020-09-28 Method, apparatus, and system for processing two-dimensional barcodes
US17/341,188 US11336435B2 (en) 2016-12-14 2021-06-07 Method, apparatus, and system for processing two-dimensional barcodes

Applications Claiming Priority (2)

Application Number Priority Date Filing Date Title
CN201611154671.9 2016-12-14
CN201611154671.9A CN106899570B (zh) 2016-12-14 2016-12-14 二维码的处理方法、装置及系统

Related Child Applications (1)

Application Number Title Priority Date Filing Date
US16/384,607 Continuation US10581597B2 (en) 2016-12-14 2019-04-15 Method, apparatus, and system for processing two-dimensional barcodes

Publications (1)

Publication Number Publication Date
WO2018107988A1 true WO2018107988A1 (zh) 2018-06-21

Family

ID=59197788

Family Applications (1)

Application Number Title Priority Date Filing Date
PCT/CN2017/114382 Ceased WO2018107988A1 (zh) 2016-12-14 2017-12-04 二维码的处理方法、装置及系统

Country Status (18)

Country Link
US (4) US10581597B2 (enExample)
EP (1) EP3557831B1 (enExample)
JP (1) JP6768960B2 (enExample)
KR (1) KR102220087B1 (enExample)
CN (1) CN106899570B (enExample)
AU (1) AU2017376036B2 (enExample)
BR (1) BR112019012149A2 (enExample)
CA (1) CA3046858C (enExample)
ES (1) ES2841724T3 (enExample)
MX (1) MX2019006968A (enExample)
MY (1) MY189760A (enExample)
PH (1) PH12019501375A1 (enExample)
PL (1) PL3557831T3 (enExample)
RU (1) RU2726831C1 (enExample)
SG (1) SG10202100196WA (enExample)
TW (2) TWI749577B (enExample)
WO (1) WO2018107988A1 (enExample)
ZA (1) ZA201904592B (enExample)

Cited By (3)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN111061885A (zh) * 2018-10-17 2020-04-24 联易软件有限公司 电子文书制作方法和系统
WO2020142993A1 (zh) * 2019-01-10 2020-07-16 环球雅途集团有限公司 一种控制方法、售检票系统及存储介质
WO2020142994A1 (zh) * 2019-01-10 2020-07-16 环球雅途集团有限公司 一种控制方法、售票规则服务器、检票规则服务器及装置

Families Citing this family (56)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US10008057B2 (en) * 2014-08-08 2018-06-26 Live Nation Entertainment, Inc. Short-range device communications for secured resource access
CN106899570B (zh) 2016-12-14 2019-11-05 阿里巴巴集团控股有限公司 二维码的处理方法、装置及系统
CN107247553A (zh) * 2017-06-30 2017-10-13 联想(北京)有限公司 选择对象的方法和电子设备
CN107451643B (zh) * 2017-08-15 2019-08-20 北京航空航天大学 动态二维码的生成、识别方法和装置
CN107451902A (zh) * 2017-08-17 2017-12-08 郑州云海信息技术有限公司 车票的管理方法和装置
CN109495268B (zh) * 2017-09-12 2020-12-29 中国移动通信集团公司 一种二维码认证方法、装置及计算机可读存储介质
CN109922029A (zh) * 2017-12-13 2019-06-21 航天信息股份有限公司 电子凭据验证方法及装置
KR102530441B1 (ko) * 2018-01-29 2023-05-09 삼성전자주식회사 전자 장치와 외부 전자 장치 및 이를 포함하는 시스템
EP3531362A1 (en) * 2018-02-22 2019-08-28 Banco Bilbao Vizcaya Argentaria, S.A. Method for validating a voucher
CN110247882B (zh) 2018-03-09 2022-04-08 阿里巴巴集团控股有限公司 通信方法及系统、数据处理方法
CN108696510B (zh) * 2018-04-17 2021-08-03 新大陆(福建)公共服务有限公司 一种基于云端多渠道协同生产二维码方法以及系统
CN108734615A (zh) * 2018-04-17 2018-11-02 新大陆(福建)公共服务有限公司 基于动态二维码取代证件的业务处理方法及计算机设备
CN108900302A (zh) * 2018-06-19 2018-11-27 广州佳都数据服务有限公司 二维码生成、认证方法、生成终端及认证设备
CN108876375B (zh) * 2018-06-29 2020-09-08 全链通有限公司 区块链实名参与方法和系统
US10778444B2 (en) * 2018-07-11 2020-09-15 Verizon Patent And Licensing Inc. Devices and methods for application attestation
CN109379181A (zh) * 2018-08-10 2019-02-22 航天信息股份有限公司 生成、验证二维码的方法和装置,存储介质和电子设备
CN109102291B (zh) * 2018-08-15 2020-04-07 阿里巴巴集团控股有限公司 一种二维码支付的安全控制方法和装置
CN111881386B (zh) * 2018-08-31 2024-03-12 创新先进技术有限公司 一种基于扫码操作的页面访问方法、装置及系统
CN111242248B (zh) * 2018-11-09 2023-07-21 中移(杭州)信息技术有限公司 一种人员信息监控的方法、装置及计算机存储介质
CN109492434A (zh) * 2018-11-12 2019-03-19 北京立思辰新技术有限公司 一种电子凭据的安全操作方法和系统
CN109684801B (zh) * 2018-11-16 2023-06-16 创新先进技术有限公司 电子证件的生成、签发和验证方法及装置
CN109815660B (zh) * 2019-01-11 2023-05-12 公安部第三研究所 身份电子证照信息获取验证系统及方法
CN109992976B (zh) * 2019-02-27 2024-07-02 平安科技(深圳)有限公司 访问凭证验证方法、装置、计算机设备及存储介质
CN110046687A (zh) * 2019-03-01 2019-07-23 阿里巴巴集团控股有限公司 条码展示方法、设备以及装置
CN110138835A (zh) * 2019-04-15 2019-08-16 阿里巴巴集团控股有限公司 特殊凭证发放方法和装置
US11503072B2 (en) * 2019-07-01 2022-11-15 Mimecast Israel Ltd. Identifying, reporting and mitigating unauthorized use of web code
CN110378091B (zh) * 2019-07-24 2023-05-09 创新先进技术有限公司 一种身份验证方法、装置及设备
CN111181909B (zh) * 2019-08-07 2022-02-15 腾讯科技(深圳)有限公司 一种身份信息的获取方法及相关装置
CN110430054B (zh) * 2019-08-09 2022-10-21 北京智汇信元科技有限公司 一种身份管理方法及系统
CN110519294B (zh) * 2019-09-12 2021-08-31 创新先进技术有限公司 身份认证方法、装置、设备及系统
CN110955917B (zh) * 2019-10-28 2024-02-02 航天信息股份有限公司 一种对涉及多个参与方的电子凭据进行验证的方法及系统
CN111144531B (zh) * 2019-12-10 2023-11-17 深圳左邻永佳科技有限公司 二维码生成方法和装置、电子设备、计算机可读存储介质
JP7724492B2 (ja) * 2020-02-21 2025-08-18 株式会社ビットキー 利用管理装置、利用管理方法、およびプログラム
TWI736280B (zh) 2020-05-22 2021-08-11 國立虎尾科技大學 基於生物特徵的身分驗證方法
US11811776B2 (en) * 2020-06-30 2023-11-07 Western Digital Technologies, Inc. Accessing shared pariiiions on a storage drive of a remote device
CN111932692A (zh) * 2020-08-19 2020-11-13 中国银行股份有限公司 车票校验系统及方法
CN111932262B (zh) * 2020-09-27 2021-01-15 南京吉拉福网络科技有限公司 识别关于消费凭证的交易风险的方法、计算设备和介质
KR102876141B1 (ko) * 2020-11-18 2025-10-28 한국전자통신연구원 디지털 신분증을 이용한 얼굴 인증 장치 및 방법
CN112258257A (zh) * 2020-12-23 2021-01-22 深圳市思乐数据技术有限公司 一种数据处理方法、终端设备、服务器及存储介质
JP2022117847A (ja) * 2021-02-01 2022-08-12 株式会社あミューズ 情報処理システム
CN113407748A (zh) * 2021-05-11 2021-09-17 银雁科技服务集团股份有限公司 重要空白凭证管理方法及装置
US11765166B1 (en) * 2021-05-25 2023-09-19 United Services Automobile Association (Usaa) Systems and methods for secure data transfer
JP7713319B2 (ja) * 2021-06-18 2025-07-25 株式会社日立製作所 電子署名装置および電子署名利用システム
CN113592484B (zh) * 2021-07-16 2024-07-12 支付宝(杭州)信息技术有限公司 一种账户的开立方法、系统及装置
US11880479B2 (en) * 2021-08-05 2024-01-23 Bank Of America Corporation Access control for updating documents in a digital document repository
CN116260583A (zh) * 2021-12-02 2023-06-13 中兴通讯股份有限公司 身份认证方法、电子设备和计算机可读存储介质
CN114679276B (zh) * 2022-02-18 2024-04-23 支付宝(杭州)信息技术有限公司 基于时间的一次性密码算法的身份认证方法和装置
KR102666296B1 (ko) * 2022-04-07 2024-05-16 대한민국(농촌진흥청장) 형광 실크 정보 코드 인식 방법 및 이를 이용한 장치
CN115037475B (zh) * 2022-05-17 2025-04-22 北京三快在线科技有限公司 门票订单校验方法、装置、服务器及存储介质
CN115150126B (zh) * 2022-05-24 2024-04-19 从法信息科技有限公司 一种法律服务远程处理方法、装置和电子设备
CN114863597B (zh) * 2022-07-04 2022-10-11 成都桐领智能科技有限公司 一种基于可信条码的出入管理方法、系统和装置
CN115243243B (zh) * 2022-09-22 2022-11-29 上海纬百科技有限公司 健康状态电子凭证核验方法、生成方法、设备及介质
CN115865369B (zh) * 2022-11-24 2024-11-05 中国联合网络通信集团有限公司 一种身份认证方法及装置
CN116436629A (zh) * 2022-12-27 2023-07-14 中国银联股份有限公司 基于物联网的双向认证方法及其系统
CN116112178B (zh) * 2023-01-05 2025-07-25 博雅中科(北京)信息技术有限公司 验证标识生成方法、系统、电子设备及存储介质
CN119887212B (zh) * 2025-03-20 2025-07-25 思迈数字科技(宁波)有限公司 一种会员票务管理系统及其方法

Citations (6)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN104836776A (zh) * 2014-02-10 2015-08-12 阿里巴巴集团控股有限公司 数据交互方法和装置
US20160042352A1 (en) * 2014-08-07 2016-02-11 International Business Machines Corporation Authentication on mobile device using two-dimensional code
CN105515783A (zh) * 2016-02-05 2016-04-20 中金金融认证中心有限公司 身份认证方法、服务器及认证终端
US20160241405A1 (en) * 2015-02-13 2016-08-18 Crucialtec Co., Ltd. Method, Apparatus and Computer Program for Issuing User Certificate and Verifying User
CN105978688A (zh) * 2016-05-30 2016-09-28 葛峰 一种基于信息分离管理的跨网域安全认证方法
CN106899570A (zh) * 2016-12-14 2017-06-27 阿里巴巴集团控股有限公司 二维码的处理方法、装置及系统

Family Cites Families (30)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US6381696B1 (en) * 1998-09-22 2002-04-30 Proofspace, Inc. Method and system for transient key digital time stamps
RU2195021C1 (ru) * 2001-03-27 2002-12-20 Дочернее Государственное Унитарное Предприятие Научно-Технический Центр "Атлас-Северо-Запад" Система защитной маркировки и верификации документов
JP2003223493A (ja) * 2002-01-30 2003-08-08 Nec Corp ロジスティックpkiサービスシステム、携帯端末及びそれに用いるロジスティックpkiサービス方法
JP4343567B2 (ja) * 2003-03-27 2009-10-14 みずほ情報総研株式会社 チケット管理方法及び電子チケットシステム
JP2006039728A (ja) * 2004-07-23 2006-02-09 Nec Corp 認証システム及び認証方法
CN1744135A (zh) * 2005-09-06 2006-03-08 北京魅力之旅商业管理有限公司 一种电子凭证实现方法和实现装置
CN101030278A (zh) * 2007-04-04 2007-09-05 王忠杰 一种基于互联网服务的纸质票据支付系统
BRPI0802251A2 (pt) * 2008-07-07 2011-08-23 Tacito Pereira Nobre sistema, método e dispositivo para autenticação em relacionamentos por meios eletrÈnicos
US8707404B2 (en) * 2009-08-28 2014-04-22 Adobe Systems Incorporated System and method for transparently authenticating a user to a digital rights management entity
JP5710627B2 (ja) * 2009-10-13 2015-04-30 スクエア インコーポレイテッド 環境情報を含む動的領収書作成のためのシステム及び方法
US20120308003A1 (en) * 2011-05-31 2012-12-06 Verisign, Inc. Authentic barcodes using digital signatures
CN102842081A (zh) * 2011-06-23 2012-12-26 上海易悠通信息科技有限公司 一种移动电话生成二维码并实现移动支付的方法
US8984276B2 (en) * 2012-01-10 2015-03-17 Jpmorgan Chase Bank, N.A. System and method for device registration and authentication
US20150288670A1 (en) * 2012-09-28 2015-10-08 Hewlett-Packard Development Company, L.P. Qr code utilization in self-registration in a network
CN103812837B (zh) * 2012-11-12 2017-12-12 腾讯科技(深圳)有限公司 一种电子凭证发送方法
US20140254796A1 (en) * 2013-03-08 2014-09-11 The Chinese University Of Hong Kong Method and apparatus for generating and/or processing 2d barcode
US9646150B2 (en) * 2013-10-01 2017-05-09 Kalman Csaba Toth Electronic identity and credentialing system
US9923879B1 (en) 2014-01-16 2018-03-20 Microstrategy Incorporated Sharing keys
CN103854061A (zh) * 2014-03-27 2014-06-11 腾讯科技(深圳)有限公司 电子票应用、生成、验证方法和系统
TWI529641B (zh) * 2014-07-17 2016-04-11 捷碼數位科技股份有限公司 驗證行動端動態顯示之資料之系統及其方法
US10008057B2 (en) * 2014-08-08 2018-06-26 Live Nation Entertainment, Inc. Short-range device communications for secured resource access
CN105530099A (zh) * 2015-12-11 2016-04-27 捷德(中国)信息科技有限公司 基于ibc的防伪验证方法、装置、系统和防伪凭证
US10645068B2 (en) 2015-12-28 2020-05-05 United States Postal Service Methods and systems for secure digital credentials
GB2547472A (en) * 2016-02-19 2017-08-23 Intercede Ltd Method and system for authentication
CN105763323A (zh) * 2016-03-04 2016-07-13 韦业明 一种电子凭证生成和存储的系统和方法
GB2546459B (en) * 2017-05-10 2018-02-28 Tomlinson Martin Data verification
US11316897B2 (en) * 2017-05-19 2022-04-26 Vmware, Inc. Applying device policies using a management token
GB2583218B (en) * 2017-11-16 2023-02-15 Prisec Innovation Ltd A system and method for authenticating a user
US11057366B2 (en) * 2018-08-21 2021-07-06 HYPR Corp. Federated identity management with decentralized computing platforms
US10601828B2 (en) 2018-08-21 2020-03-24 HYPR Corp. Out-of-band authentication based on secure channel to trusted execution environment on client device

Patent Citations (6)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN104836776A (zh) * 2014-02-10 2015-08-12 阿里巴巴集团控股有限公司 数据交互方法和装置
US20160042352A1 (en) * 2014-08-07 2016-02-11 International Business Machines Corporation Authentication on mobile device using two-dimensional code
US20160241405A1 (en) * 2015-02-13 2016-08-18 Crucialtec Co., Ltd. Method, Apparatus and Computer Program for Issuing User Certificate and Verifying User
CN105515783A (zh) * 2016-02-05 2016-04-20 中金金融认证中心有限公司 身份认证方法、服务器及认证终端
CN105978688A (zh) * 2016-05-30 2016-09-28 葛峰 一种基于信息分离管理的跨网域安全认证方法
CN106899570A (zh) * 2016-12-14 2017-06-27 阿里巴巴集团控股有限公司 二维码的处理方法、装置及系统

Cited By (3)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN111061885A (zh) * 2018-10-17 2020-04-24 联易软件有限公司 电子文书制作方法和系统
WO2020142993A1 (zh) * 2019-01-10 2020-07-16 环球雅途集团有限公司 一种控制方法、售检票系统及存储介质
WO2020142994A1 (zh) * 2019-01-10 2020-07-16 环球雅途集团有限公司 一种控制方法、售票规则服务器、检票规则服务器及装置

Also Published As

Publication number Publication date
TWI749577B (zh) 2021-12-11
US10790970B2 (en) 2020-09-29
ZA201904592B (en) 2020-07-29
CA3046858C (en) 2021-08-31
CN106899570B (zh) 2019-11-05
JP6768960B2 (ja) 2020-10-14
US11336435B2 (en) 2022-05-17
CA3046858A1 (en) 2018-06-21
JP2020502674A (ja) 2020-01-23
US20210028930A1 (en) 2021-01-28
AU2017376036A1 (en) 2019-06-27
EP3557831A4 (en) 2019-10-30
AU2017376036B2 (en) 2020-05-21
RU2726831C1 (ru) 2020-07-15
KR20190093640A (ko) 2019-08-09
PL3557831T3 (pl) 2021-06-14
MY189760A (en) 2022-03-03
US10581597B2 (en) 2020-03-03
TW202117603A (zh) 2021-05-01
PH12019501375A1 (en) 2020-02-24
CN106899570A (zh) 2017-06-27
US11032070B2 (en) 2021-06-08
EP3557831A1 (en) 2019-10-23
ES2841724T3 (es) 2021-07-09
BR112019012149A2 (pt) 2019-12-17
KR102220087B1 (ko) 2021-03-02
TWI697842B (zh) 2020-07-01
US20200204359A1 (en) 2020-06-25
US20190245684A1 (en) 2019-08-08
US20210297247A1 (en) 2021-09-23
TW201822072A (zh) 2018-06-16
MX2019006968A (es) 2019-09-06
SG10202100196WA (en) 2021-02-25
EP3557831B1 (en) 2020-09-30

Similar Documents

Publication Publication Date Title
CN106899570B (zh) 二维码的处理方法、装置及系统
CN109150548B (zh) 一种数字证书签名、验签方法及系统、数字证书系统
EP3460691B1 (en) Methods and apparatus for management of intrusion detection systems using verified identity
US10829088B2 (en) Identity management for implementing vehicle access and operation management
US11055802B2 (en) Methods and apparatus for implementing identity and asset sharing management
KR102358546B1 (ko) 장치에 대해 클라이언트를 인증하기 위한 시스템 및 방법
EP2721764B1 (en) Revocation status using other credentials
CN110677376B (zh) 认证方法、相关设备和系统及计算机可读存储介质
KR20210142180A (ko) 효율적인 챌린지-응답 인증을 위한 시스템 및 방법
JP2015194879A (ja) 認証システム、方法、及び提供装置
CN102904883A (zh) 在线交易系统的中间人攻击防御方法
CN115935318A (zh) 一种信息处理方法、装置、服务器、客户端及存储介质
KR20150083178A (ko) 인증서 관리 방법
HK1238437A1 (en) Two-dimensional code processing method, apparatus and system
HK1238437A (en) Two-dimensional code processing method, apparatus and system
KR20150083177A (ko) 인증서 관리 방법
CN114549190A (zh) 一种基于可信机构代理的数字货币交易系统
KR20150083180A (ko) 인증서 관리 방법

Legal Events

Date Code Title Description
121 Ep: the epo has been informed by wipo that ep was designated in this application

Ref document number: 17880448

Country of ref document: EP

Kind code of ref document: A1

ENP Entry into the national phase

Ref document number: 3046858

Country of ref document: CA

ENP Entry into the national phase

Ref document number: 2019532002

Country of ref document: JP

Kind code of ref document: A

NENP Non-entry into the national phase

Ref country code: DE

REG Reference to national code

Ref country code: BR

Ref legal event code: B01A

Ref document number: 112019012149

Country of ref document: BR

ENP Entry into the national phase

Ref document number: 2017376036

Country of ref document: AU

Date of ref document: 20171204

Kind code of ref document: A

ENP Entry into the national phase

Ref document number: 20197020063

Country of ref document: KR

Kind code of ref document: A

ENP Entry into the national phase

Ref document number: 2017880448

Country of ref document: EP

Effective date: 20190715

REG Reference to national code

Ref country code: BR

Ref legal event code: B01E

Ref document number: 112019012149

Country of ref document: BR

Free format text: REAPRESENTE A DECLARACAO REFERENTE AO DOCUMENTO DE PRIORIDADE DEVIDAMENTE ASSINADA, CONFORME ART. 408 C/C ART. 410, II, DO CODIGO DE PROCESSO CIVIL.

ENP Entry into the national phase

Ref document number: 112019012149

Country of ref document: BR

Kind code of ref document: A2

Effective date: 20190613