WO2019056343A1 - System and method for avoiding internet and mobile payment fraud - Google Patents

System and method for avoiding internet and mobile payment fraud Download PDF

Info

Publication number
WO2019056343A1
WO2019056343A1 PCT/CN2017/103100 CN2017103100W WO2019056343A1 WO 2019056343 A1 WO2019056343 A1 WO 2019056343A1 CN 2017103100 W CN2017103100 W CN 2017103100W WO 2019056343 A1 WO2019056343 A1 WO 2019056343A1
Authority
WO
WIPO (PCT)
Prior art keywords
target number
mobile terminal
network address
blacklist
payment
Prior art date
Application number
PCT/CN2017/103100
Other languages
French (fr)
Chinese (zh)
Inventor
蒋小平
Original Assignee
深圳传音通讯有限公司
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by 深圳传音通讯有限公司 filed Critical 深圳传音通讯有限公司
Priority to PCT/CN2017/103100 priority Critical patent/WO2019056343A1/en
Publication of WO2019056343A1 publication Critical patent/WO2019056343A1/en

Links

Images

Classifications

    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/32Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials

Definitions

  • the present invention relates to the security field of networks and mobile internet, and in particular to a system and method for preventing the risk of theft of Internet and mobile payment funds.
  • security threats in the field of Internet and mobile payment mainly include the following methods: man-in-the-middle attacks, denial of service attacks, phishing, software secondary packaging, and malware.
  • man-in-the-middle attacks mainly include man-in-the-middle attacks, denial of service attacks, phishing, software secondary packaging, and malware.
  • the mobile operating system can authenticate the client that accesses the SE, prevent malicious programs from accessing the SE, and ensure SE data security.
  • the line payment device discloses an online payment device with visible light and barcode two-way authentication, the online payment device comprises: an electronic wallet, a recharge consumer machine and a server, the electronic wallet comprises a visible light emitting module, a barcode scanning module, a wallet control module, and an input.
  • recharge consumer machine includes visible light receiving module, bar code display module, read/write control module, keyboard module, display, communication module; server grants permission to recharge consumer machine and electronic wallet, one payment is paid by the payee
  • the recharge consumer machine, the payer e-wallet and the server are jointly completed; the data interaction between the recharge consumer machine and the e-wallet is integrated in the visible light and the bar code, and the information verification of the transaction process is mainly completed by the server.
  • the online payment device is capable of providing two online payment methods: the payment is initiated by the payee of the refill consumer and the payment is initiated by the payer of the electronic wallet.
  • receiving data sent by the recharge consumer from the electronic wallet and receiving data sent by the electronic wallet from the recharge consumer may be unrecognizable during the sending and receiving process, so in the payment process, for the unrecognized The data, as well as the unrecognized situation due to the inability to receive the data, the device will unilaterally end the payment process after a set waiting time has expired.
  • the data sent from the electronic wallet to the recharge consumer, and the data sent from the recharge consumer to the electronic wallet may have the possibility of data loss, tampering, and forgery during the sending and receiving process, and thus payment
  • the currently received data is different from the data generated or received in the previous steps of the payment process, and the comparison verification is required, thereby ensuring the authenticity and integrity of the data to be sent and received.
  • the invention disclosed in CN106209383A discloses a method for performing mobile payment security authentication by encryption of a digital certificate, the disclosed method comprising the following steps:
  • the user installs a secure payment APP in the mobile terminal, and obtains a pre-planted certificate KEY ID from the security chip in the mobile terminal through the APP;
  • the secure payment APP sends the KEY ID and the user's name, ID type and ID number to the pre-planted front-end machine for binding, and the pre-planted front-end machine sends the bound information to the pre-planted server for saving.
  • the server server returns the successful binding result to the secure payment APP;
  • the secure payment APP When the user sends a payment request to the secure payment APP of the mobile terminal, the secure payment APP prompts to input a PIN code, and after the user inputs the PIN code, the secure payment APP will send a transaction message. Send to the security chip;
  • the security chip verifies the PIN code and judges whether it passes the verification. If it passes, the transaction message is digitally signed, and the signature value is sent to the signature verification server for verification. If the transaction is confirmed, the payment is successful. Return the payment result to the secure payment APP, otherwise no payment will be made.
  • step 4 the security chip verifies the PIN code and further includes the following specific content.
  • the signature verification server calculates the first message digest value for the signature message by using a preset algorithm, and then decrypts the digital signature with the public key to obtain the second report.
  • the security chip compares the first message digest value with the second message digest value and determines whether they are equal, and if so, determines that the transaction message is from the user; otherwise, determines that the transaction message is not from the user.
  • the prior art solutions listed above all have a certain degree of drawback.
  • the prior art solutions are basically passive defenses, that is, based only on the security of the user input or access to the server, such as the past anti-virus software, etc., basically passive, and no active prevention measures;
  • the existing technology basically does not consider how the account and password information is stolen, how to save, means that once the account and password are hacked, the user will be helpless and unable to take remedial measures.
  • the object of the present invention is to provide a system and method for preventing the risk of theft of Internet and mobile payment funds, by periodically supporting the data of the mobile device software through the network server, and the target number of the mobile device according to the user's selection and intercepting. Or the network address is synchronized to the web server, active It intercepts illegal email transfer requests such as fraudulent SMS and phishing websites, thereby effectively improving payment security in the mobile Internet environment and providing a good payment environment for end users.
  • the present invention provides a system for preventing the risk of theft of Internet and mobile payment funds, comprising: a server M01 and a mobile terminal M02.
  • the server M01 is configured to store a target number or a network address blacklist that accepts the verification code short message; periodically send the blacklist to the mobile terminal M02, and receive the target number or network address updated from the mobile terminal M02.
  • the mobile terminal M02 receives the target number or the blacklist of the network address, and compares when receiving the short message or the data packet containing the payment verification code. If the target number or the network address already exists in the blacklist, the interception is directly performed; if the target number or If the network address does not exist in the blacklist, the user is prompted to make a selection. When the user selects the interception, the user intercepts and updates the intercepted target number or network address to the server M01. There is a network connection between the server M01 and the mobile M02.
  • the server M01 includes: a database module M11, which stores a target number or a blacklist of network addresses; a first communication module M12 of the server has a data channel connection with the database module M11, and periodically takes out a target number or network from the database module M11.
  • the address blacklist is sent to the mobile terminal; and the second communication module M13 on the server side has a data channel connection with the database module M11, and receives the target number or network address uploaded by the mobile terminal and intercepted by the user, and synchronizes Go to the database module M11.
  • the mobile terminal M02 includes: a mobile terminal first communication module M21, which periodically receives a target number or a network address blacklist from the server end; and the mobile terminal second communication module M22 synchronizes the target number or network address intercepted by the user to the server.
  • the discriminating module M23 has a data channel connection with the first communication module M21 of the mobile terminal, receives the target number or the blacklist of the network address, compares with the received short message or data packet containing the payment verification code, and determines the interception.
  • a prompt box is popped up for the user to select, and the user chooses to continue to pay or intercept; the intercepting module M24 is connected with the discriminating module M23, and when the judgment is intercepted, the target number or network address of the payment is intercepted, and the payment module M25 is connected to the discriminating module M23, and when the payment is decided, the short message or the data packet is sent to the target number or the network address.
  • the discriminating module M23 in the mobile terminal M02 includes the following sub-module: a blacklist database sub-module M241, which stores a blacklist of various expressions including a hacker number or a phishing website, such as an IP address, a host name, and a MAC address;
  • the logical combination submodule M242 is connected to the blacklist database submodule M241, and the number, IP address, host name, MAC address, etc.
  • the present invention also provides a method for preventing the risk of theft of Internet and mobile payment funds, based on the aforementioned system for preventing the risk of theft of Internet and mobile payment funds, comprising the following steps:
  • the server periodically sends a target number or a blacklist of network addresses to the mobile terminal, and the mobile terminal receives the blacklist database after being received by the mobile terminal;
  • the mobile terminal receives the network payment request, and receives the short message or the data packet containing the verification code;
  • the mobile terminal compares and identifies the target number or the network address
  • the mobile terminal pops up a prompt box for the user to select whether to continue the payment, and a dialog box for popping up the risk prompt is displayed.
  • the mobile terminal intercepts the payment, and simultaneously uploads the target number or network address intercepted by the user to the server, and returns to execute S1.
  • S3 includes the following steps:
  • the mobile terminal extracts a target number or a network address from the received short message or data packet containing the verification code.
  • the mobile terminal extracts data from the internally stored blacklist database and performs logical combination and comparison of keywords;
  • S5 includes the following steps:
  • the mobile terminal intercepts the payment
  • the mobile terminal uploads the intercepted target number or network address to the server.
  • the server side synchronizes the received target number or network address to the server side. According to the list of Kuran;
  • the server side transmits the updated database blacklist to all users' mobile terminals.
  • step S53 when the server receives the intercepted target number or network address only from a mobile end of the user, the target number or the network address is not immediately updated to the database blacklist; When the mobile end of the user reports the same blocked target number or network address, it is updated to the database blacklist.
  • the system and method for preventing the risk of theft of Internet and mobile payment funds have the following advantages: compared with the prior art, the data server is periodically provided with data updates to the user's mobile terminal, and the user is provided. Based on the user's active judgment, the mobile terminal actively intercepts the verification code of illegal payment such as fraudulent SMS, phishing website, and further synchronous feedback to the network server, overcoming the prior art passive defense, after the account and password information is stolen The lack of rescue measures and other issues have greatly improved the security of online payment, thus protecting the security of users' online payment accounts.
  • FIG. 1 is a schematic diagram of a network architecture of a system for preventing theft of Internet and mobile payment funds in the present invention
  • FIG. 2 is a schematic structural diagram of a server end in a system for preventing theft of Internet and mobile payment funds in the present invention
  • FIG. 3 is a schematic structural diagram of a mobile terminal in a system for preventing theft of Internet and mobile payment funds in the present invention
  • FIG. 4 is a schematic structural diagram of a discriminating module in a mobile terminal according to the present invention.
  • FIG. 5 is a schematic flowchart of a method for preventing the risk of theft of Internet and mobile payment funds in the present invention
  • FIG. 6 is a schematic flowchart of a method for determining, by a mobile terminal, whether to intercept a target number or a network address according to the present invention
  • FIG. 7 is a schematic flowchart of a method for data interaction between a mobile terminal and a server after intercepting a target number or a network address according to the present invention.
  • the terms “including”, “comprising”, “having”, or any other variants are intended to encompass a non-exclusive inclusion, such that a process, method, article, or terminal device that includes a plurality of elements includes not only those elements but also Includes other elements not explicitly listed, or elements that are inherent to such a process, method, item, or terminal device.
  • An element defined by the phrase “including” or “comprising” does not exclude the presence of additional elements in the process, method, article or terminal device including the element.
  • “greater than”, “less than”, “exceeded”, etc. are understood as not including the number; “above”, “below”, “inside”, etc. are understood to include the number.
  • FIG. 1 it is a schematic diagram of a network architecture for preventing a risk of theft of Internet and mobile payment funds.
  • the system can be deployed in various current mainstream Internet and mobile payment application scenarios, such as online banking payment, mobile wallet, mobile payment platform, telecom carrier charging, WeChat payment, Alipay payment, merchant self-built payment platform and the like.
  • the system includes: server M01, which is used to store the target number or network address blacklist that accepts the verification code SMS, and periodically Providing data update support for the mobile device side; the mobile terminal M02 is configured to receive data periodically provided from the server, and determine whether to perform payment according to the blacklist database and the user's active selection. If not, the verification code is sent.
  • the SMS or data packet is intercepted, and the relevant target number and network address are uploaded to the server M01.
  • FIG. 2 it is a schematic diagram of a structure of a server end in a system for preventing theft of payment funds in a network and a mobile internet provided by the present invention.
  • the server includes: a database module M11, storing a destination number of the received verification code short message or a blacklist of the network address; the first communication module M12 of the server periodically takes out the updated data data from the database module M11 and sends the updated data data to the mobile device.
  • the server-side second communication module M13 receives data newly uploaded from the mobile device to the server, and synchronizes the target number or the URL to the blacklist.
  • the database module M11 has a data channel connection with the server first communication module M12 and the server second communication module M13, and interacts with the database data such as the verification code short message or the data packet destination number or the network address blacklist on the data channel.
  • database data such as the verification code short message or the data packet destination number or the network address blacklist on the data channel.
  • technologies for realizing data transmission between the server-side first communication module M12 and the server-side second communication module M13 and the mobile terminal M02 such as through a GPRS/3G/4G network, or a wireless WIFI/WAPI local area network, etc. I won't go into details here.
  • the mobile client includes: a mobile communication first communication module M21, which periodically receives a verification code short message number or a blacklist of a network address from the server end; the mobile terminal second communication module M22 synchronizes the target number or the website address to the server end; The module M23, according to the received blacklist of the verification code short message or the blacklist of the network address, determines whether the target payment number or the website address is intercepted after the keyword logical combination; if the internal blacklist and its keyword logical combination cannot be If the target number or the website address is intercepted, a prompt box is displayed for the user to select, and a risk prompt is prompted, and the user selects to continue to pay or intercept; the intercepting module M24 intercepts the target number or the website address of the payment, and if the user selects the interception, Then, the target number or web address is transmitted to the mobile second communication module M22
  • the mobile terminal first communication module M21 and the discriminating module M23 are connected by the data channel, and transmit the number of the verification code short message or the server address blacklist to the discriminating module M23; the intercepting module M24 and the mobile terminal second communication module M22 are connected by the data channel, The intercepted target number or network address is transmitted to the mobile terminal second communication module M22, and the discriminating module M23 and the intercepting module M24 and the payment respectively.
  • the module M25 is connected, and the intercepting module M24 is controlled to intercept or the payment module performs a payment action.
  • the mobile terminal discriminating module may specifically be an APP software program code inside the mobile terminal in the actual product, or may be integrated in a security chip in the client.
  • FIG. 4 it is a schematic structural diagram of a discriminating module of a mobile terminal according to the present invention, which includes a blacklist database submodule M241, which internally stores a hacker number or a network address of a phishing website.
  • the network address includes an IP address, a host name, and a MAC address.
  • user interface sub-module M243 pop-up prompt box for the user to choose whether to make payment, and then receive the user's instruction, when the actual user uses, the user interface sub-module pops up the payment prompt box At the same time, a risk prompt box is popped up, prompting the user to carefully perform the payment behavior.
  • the server will send a verification code to the user's registered mobile phone, and this verification code becomes the last barrier to protect the security of the user's funds. If the user's account, the password is Theft, protection of the security of the verification code, has achieved the purpose of protecting the security of the account funds.
  • the inventor has devised from the revelation of the protection verification code that the working mode of the system for preventing theft of payment funds in the network and the mobile internet provided by the invention is designed.
  • the following is a detailed introduction.
  • the discriminating module M23 of the mobile terminal M02 is for a short message or Comparing the data packets, if the target number or destination URL is from an illegal source such as a hacker software with multiple cases or a phishing website, then the target number or destination URL already exists in the blacklist database submodule M241, and the interception is directly performed. This protects the security of user account funds.
  • the discriminating module M23 of the mobile terminal M02 compares the short message or the data packet, and the target number or the web address does not exist in the blacklist database submodule M241, and the user interface submodule M243 pops up.
  • the prompt box is for the user to select, and a risk prompt is made. If the user chooses to continue to pay, the payment module M25 of the mobile terminal M02 sends a short message or a data packet to the target number or the target website.
  • the discriminating module M23 of the mobile terminal M02 compares the short message or the data packet, and the target number or the web address does not exist in the blacklist database submodule M241, and the user interface submodule M243 pops up.
  • the prompt box is for the user to select and make a risk prompt, and the user chooses to intercept the payment, and the intercepting module M24 of the mobile terminal M02 intercepts the payment.
  • the discriminating module M23 of the mobile terminal M02 compares the short message or the data packet, and the target number or the web address does not exist in the blacklist database submodule M241, and the user interface submodule M243 pops up.
  • the prompt box is for the user to select and make a risk prompt. If the user chooses to intercept the payment, the intercepting module M24 of the mobile terminal M2 intercepts the payment, and the intercepting module M24 transmits the target number or the website address to the mobile communication second communication module M22, and synchronizes Go to the server side M01.
  • the second communication module M13 of the server M01 receives the intercepted target number or web address from the mobile terminal, stores the target number or the web address in the database module M11, and then the server side A communication module M12 periodically fetches the updated target number or blacklist of network addresses from the database module M11 and transmits them to all user mobile devices.
  • the database module M11 of the server M01 also formulates rules for filtering the target number or network address reported by the mobile terminal, for example, when multiple mobile terminals report The target number or network address is added to the blacklist by the same target number or network address. This avoids payment due to normal users due to a user's misoperation.
  • the present invention also provides a method for preventing the risk of theft of Internet and mobile payment funds, which is implemented based on the aforementioned system for preventing theft of Internet and mobile payment funds, and is applicable to a smart phone, or a tablet computer, or an intelligent device.
  • Wearables include smart watches or smart bracelets, and networks
  • the server consists of the following steps:
  • the network server periodically sends a blacklist of the target number or the network address to the user terminal, and the mobile terminal receives the updated target number or the blacklist of the network address from the network, and saves the blacklist to the internal blacklist database;
  • the mobile terminal receives the network payment request and receives the verification code
  • the mobile terminal compares the target number or the network address, and makes a judgment
  • the mobile terminal pops up a prompt box for the user to select whether to continue the payment, and a dialog box for popping up the risk prompt is displayed.
  • the mobile terminal intercepts the payment, and simultaneously uploads the target number or the network address to the server, and returns to execute S1.
  • S3 specifically includes the following steps:
  • the mobile terminal extracts a target number or a network address from the received verification code short message or data packet.
  • the mobile terminal extracts data from the internally stored blacklist database, and performs logical combination according to the keyword;
  • S5 specifically includes the following steps:
  • the mobile terminal intercepts the payment
  • the mobile terminal uploads the intercepted target number or network address to the server.
  • the server synchronizes the received target number or network address to the database blacklist of the server.
  • the server side transmits the updated database blacklist to all users' mobile terminals.
  • the target number or network address when the server receives the intercepted target number or network address only from the mobile end of a user, the target number or network address is not immediately Update to the database blacklist in the server side; when the mobile terminal from multiple users reports the same destination number or network address, it is updated to the database blacklist.
  • the data is periodically exchanged between the server and the mobile through a GPRS/3G/4G network or a wireless WIFI/WAPI local area network.
  • the method for preventing theft of Internet and mobile payment funds according to the present invention is implemented based on mutual data interaction between the server M01 and the mobile terminal M02, and is already clear from the hacker software or
  • the target number or network address of the phishing website is directly intercepted according to the blacklist periodically sent by the server M01 to the mobile terminal M02.
  • the user decides whether to continue to pay; If the user intercepts the payment from a certain target number or network address, the mobile terminal M02 records the user's interception selection and synchronizes to the server M01, and the server M01 updates its blacklist database, so the blacklist Updates are dynamic and determined by the user's active behavior.
  • the system and method for preventing the risk of theft of Internet and mobile payment funds provided by the present invention have the following advantages: compared with the prior art, the data server is periodically provided with data update to the user mobile terminal, and the user mobile terminal is based on the user's Actively judge, actively intercept the verification code of fraudulent SMS, phishing website and other illegal payment, and further feedback to the network server, overcome the prior art passive defense, lack of rescue measures after the account and password information is stolen The security of network payment is greatly improved, thereby protecting the security of the funds used by the user to use the online payment account.

Landscapes

  • Engineering & Computer Science (AREA)
  • Computer Security & Cryptography (AREA)
  • Computer Networks & Wireless Communication (AREA)
  • Signal Processing (AREA)
  • Telephonic Communication Services (AREA)

Abstract

Disclosed in the present invention are a system and method for avoiding Internet and mobile payment fraud. The system comprises a server terminal and a mobile terminal. A blacklist of target numbers or network addresses to be used upon receiving a verification code SMS message is saved at the server terminal, and is regularly sent to the mobile terminal. Upon receiving an SMS message or a data packet containing a payment verification code, the mobile terminal performs comparison on a target number or network address, and if the same is in the blacklist, then the terminal directly blocks the same, otherwise the terminal prompts a user to perform selection. If the user selects to block the same, then the target number and network address are uploaded to the server terminal. By means of data interaction updates between the server terminal and the mobile terminal, the present invention enables blacklists on both sides to remain synchronized, and overcomes the problems of passive protection and lack of remedial measures for stolen account and password information in the prior art, thus significantly improving security of network payment, and protecting funds in network payment accounts of users.

Description

一种防范互联网和移动支付资金被盗风险的系统和方法System and method for preventing the risk of stolen Internet and mobile payment funds 技术领域Technical field
本发明涉及网络和移动互联网的安全领域,具体涉及一种防范互联网和移动支付资金被盗风险的系统和方法。The present invention relates to the security field of networks and mobile internet, and in particular to a system and method for preventing the risk of theft of Internet and mobile payment funds.
背景技术Background technique
随着网络和移动互联网的不断发展,互联网和移动支付规模越来越大,与之相伴的是网银和手机银行账号等被盗,移动端支付安全和网络环境安全相关的风险逐步放大,据统计,仅2016年,互联网支付和移动支付就分别达到19万亿人民币和38万亿人民币的规模。但同时,互联网和移动支付相关的犯罪案件等,则持续上升。因此,如何有效解决网络支付的安全问题,迫在眉睫。With the continuous development of the network and mobile Internet, the scale of Internet and mobile payment is getting bigger and bigger, accompanied by the theft of online banking and mobile banking accounts, and the risks related to mobile payment security and network environment security are gradually enlarged. In 2016 alone, Internet payments and mobile payments reached RMB 19 trillion and RMB 38 trillion, respectively. At the same time, however, crimes related to the Internet and mobile payments have continued to rise. Therefore, how to effectively solve the security problem of network payment is imminent.
目前互联网和移动支付领域中出现的安全威胁主要有如下这些方式:中间人攻击,拒绝服务攻击,网络钓鱼,软件二次打包和恶意软件等等。为应对移动支付发展面临的安全挑战,目前主要有以下5种技术解决措施。At present, security threats in the field of Internet and mobile payment mainly include the following methods: man-in-the-middle attacks, denial of service attacks, phishing, software secondary packaging, and malware. In order to cope with the security challenges faced by mobile payment development, there are currently five technical solutions.
1.客户端与服务器双向认证1. Client and server mutual authentication
采用HTTPS协议双向认证,防止服务器重定向。Two-way authentication using HTTPS protocol to prevent server redirection.
2.客户端与服务器双向认证2. Client and server mutual authentication
对报文计算MAC值,防止数据篡改,对数据进行数字签名,保证传输过程安全。Calculate the MAC value of the message, prevent data tampering, digitally sign the data, and ensure the security of the transmission process.
3.客户端输入数据安全3. Client input data security
采用动态密码软键盘,对敏感数据即时擦除。Instantly erase sensitive data with a dynamic password soft keyboard.
4.客户端完整性4. Client integrity
通过代码混淆,防止反编译,防止二次打包,将密钥数据进行隐藏。By confusing the code, preventing decompilation, preventing secondary packaging, and hiding the key data.
5.客户端与SE交互安全性5. Client and SE interaction security
通过设定同步访问规则,手机操作系统可对访问SE的客户端进行合法性认证,防止恶意程序访问SE,保证SE数据安全性。By setting the synchronization access rule, the mobile operating system can authenticate the client that accesses the SE, prevent malicious programs from accessing the SE, and ensure SE data security.
例如,公开号为CN106920094A的发明《带可见光与条码双向认证的在 线支付装置》公开了一种带可见光与条码双向认证的在线支付装置,该在线支付装置包括:电子钱包、充值消费机和服务器,电子钱包包括可见光发射模块、条码扫描模块、钱包控制模块、输入模块、显示模块、数据接口;充值消费机包括可见光接收模块、条码显示模块、读写控制模块、键盘模块、显示器、通信模块;服务器给充值消费机和电子钱包发放权限,一次支付由收款方充值消费机、付款方电子钱包和服务器三方共同完成;充值消费机和电子钱包之间的数据交互融合在可见光和条码中,交易过程的信息验证主要由服务器完成。For example, the invention of the publication number CN106920094A "in the two-way authentication with visible light and bar code" The line payment device discloses an online payment device with visible light and barcode two-way authentication, the online payment device comprises: an electronic wallet, a recharge consumer machine and a server, the electronic wallet comprises a visible light emitting module, a barcode scanning module, a wallet control module, and an input. Module, display module, data interface; recharge consumer machine includes visible light receiving module, bar code display module, read/write control module, keyboard module, display, communication module; server grants permission to recharge consumer machine and electronic wallet, one payment is paid by the payee The recharge consumer machine, the payer e-wallet and the server are jointly completed; the data interaction between the recharge consumer machine and the e-wallet is integrated in the visible light and the bar code, and the information verification of the transaction process is mainly completed by the server.
该在线支付装置能够提供2种在线支付方法:由充值消费机的收款方发起支付和由电子钱包的付款方发起支付。The online payment device is capable of providing two online payment methods: the payment is initiated by the payee of the refill consumer and the payment is initiated by the payer of the electronic wallet.
在在线支付流程中,从电子钱包接收充值消费机发送的数据,以及从充值消费机接收电子钱包发送的数据,都可能在收发过程中存在无法识别的可能,所以在支付流程中,对于无法识别的数据,以及因为无法接收数据而导致无法识别的情况,装置都会在一个设定的等待时间超时后,单方面结束支付流程。In the online payment process, receiving data sent by the recharge consumer from the electronic wallet and receiving data sent by the electronic wallet from the recharge consumer may be unrecognizable during the sending and receiving process, so in the payment process, for the unrecognized The data, as well as the unrecognized situation due to the inability to receive the data, the device will unilaterally end the payment process after a set waiting time has expired.
在在线支付流程中,从电子钱包向充值消费机发送的数据,以及从充值消费机向电子钱包发送的数据,可能在收发过程中存在数据的丢失、被篡改、伪造的可能性,因此在支付流程中,对每次收到的关键数据,都假定当前收到的数据与支付流程的前面的步骤生成的或者接收到的数据不一样,都需要对比验证,由此保证收发数据的真实、完整。In the online payment process, the data sent from the electronic wallet to the recharge consumer, and the data sent from the recharge consumer to the electronic wallet may have the possibility of data loss, tampering, and forgery during the sending and receiving process, and thus payment In the process, for each key data received, it is assumed that the currently received data is different from the data generated or received in the previous steps of the payment process, and the comparison verification is required, thereby ensuring the authenticity and integrity of the data to be sent and received. .
又例如,公开号为CN106209383A的发明《一种移动支付安全认证的方法及装置》公开了一种通过数字证书的加密来进行移动支付安全认证的方法,该公开方法包括下列步骤:For another example, the invention disclosed in CN106209383A, "A Method and Apparatus for Mobile Payment Security Authentication" discloses a method for performing mobile payment security authentication by encryption of a digital certificate, the disclosed method comprising the following steps:
1用户在移动终端中安装安全支付APP,通过该APP从移动终端中的安全芯片获取预植证书KEY ID;1 The user installs a secure payment APP in the mobile terminal, and obtains a pre-planted certificate KEY ID from the security chip in the mobile terminal through the APP;
2安全支付APP将该KEY ID以及用户的姓名、证件类型和证件号发送到预植前置机做绑定,同时预植前置机将绑定的信息发送到预植服务器端进行保存,预植服务器端将绑定成功的结果返回给安全支付APP;2 The secure payment APP sends the KEY ID and the user's name, ID type and ID number to the pre-planted front-end machine for binding, and the pre-planted front-end machine sends the bound information to the pre-planted server for saving. The server server returns the successful binding result to the secure payment APP;
3当用户在其移动终端的安全支付APP发出支付请求,该安全支付APP提示输入PIN码,用户输入该PIN码后,该安全支付APP将交易报文 发送到安全芯片;3 When the user sends a payment request to the secure payment APP of the mobile terminal, the secure payment APP prompts to input a PIN code, and after the user inputs the PIN code, the secure payment APP will send a transaction message. Send to the security chip;
4安全芯片对PIN码进行验证,并判断是否通过验证,如通过,则对交易报文做数字签名处理,并将签名值发送到签名验证服务器端进行验签,确认是本人交易,则支付成功并将支付结果返回到安全支付APP,否则不进行支付。4 The security chip verifies the PIN code and judges whether it passes the verification. If it passes, the transaction message is digitally signed, and the signature value is sent to the signature verification server for verification. If the transaction is confirmed, the payment is successful. Return the payment result to the secure payment APP, otherwise no payment will be made.
步骤4中安全芯片对PIN码进行验证进一步包括以下具体内容In step 4, the security chip verifies the PIN code and further includes the following specific content.
a)临时生成RSA密钥对;对包括私钥和公钥;a) temporarily generating an RSA key pair; the pair includes a private key and a public key;
b)将私钥保存在安全芯片中,并将公钥与交易报文组装为签名报文;b) storing the private key in the security chip, and assembling the public key and the transaction message into a signature message;
c)使用预先设定的算法对签名报文按计算得到一个固定位数的报文摘要值,并将固定位数的报文摘要值用私钥加密后得到数字签名;c) using a preset algorithm to calculate a fixed number of message digest values for the signed message, and encrypting the fixed number of message digest values with a private key to obtain a digital signature;
d)将数字签名与签名报文发送给签名验证服务器,签名验证服务器使用预先设定的算法对签名报文计算出第一报文摘要值,然后用公钥对数字签名进行解密得到第二报文摘要值;d) sending the digital signature and the signature message to the signature verification server, the signature verification server calculates the first message digest value for the signature message by using a preset algorithm, and then decrypts the digital signature with the public key to obtain the second report. Abstract value
e)安全芯片将第一报文摘要值和第二报文摘要值进行比较,并判断是否相等,如是,确定交易报文来自用户;否则,确定交易报文不是来自用户。e) The security chip compares the first message digest value with the second message digest value and determines whether they are equal, and if so, determines that the transaction message is from the user; otherwise, determines that the transaction message is not from the user.
以上所列举的现有技术方案都具有一定程度的缺陷。首先,现有技术方案基本上都是被动式防御,即只基于用户端输入或访问服务端的安全性,像以往的杀毒软件等等,基本上是属于被动式的,而没有采用主动防范的措施;其次,现有技术基本上都没考虑到账户和密码信息被盗后,如何进行挽救,意味着一旦账户和密码被黑客攻破,用户就将束手无策,难以采取补救措施。The prior art solutions listed above all have a certain degree of drawback. First of all, the prior art solutions are basically passive defenses, that is, based only on the security of the user input or access to the server, such as the past anti-virus software, etc., basically passive, and no active prevention measures; secondly; The existing technology basically does not consider how the account and password information is stolen, how to save, means that once the account and password are hacked, the user will be helpless and unable to take remedial measures.
总之,在网络和移动互联网支付中采用现有技术来防范支付资金被盗风险的措施都存在着漏洞,而这些漏洞往往都会被黑客利用,从而成为安全隐患。In short, there are loopholes in the use of existing technologies to prevent the risk of stolen funds in network and mobile Internet payments, and these vulnerabilities are often exploited by hackers, thus becoming a security risk.
发明的公开Disclosure of invention
本发明的目的是提供一种防范互联网和移动支付资金被盗风险的系统和方法,通过网络服务器端定期对移动设备端软件的数据支持,以及移动设备端根据用户的选择并将拦截的目标号码或网络地址同步到网络服务器,主动 地拦截掉诈骗短信、钓鱼网站等非法的资金转移请求,从而有效提升在移动互联网环境中的支付安全性,为终端用户提供良好的支付环境。The object of the present invention is to provide a system and method for preventing the risk of theft of Internet and mobile payment funds, by periodically supporting the data of the mobile device software through the network server, and the target number of the mobile device according to the user's selection and intercepting. Or the network address is synchronized to the web server, active It intercepts illegal email transfer requests such as fraudulent SMS and phishing websites, thereby effectively improving payment security in the mobile Internet environment and providing a good payment environment for end users.
为实现上述目的,本发明提供一种防范互联网和移动支付资金被盗风险的系统,包含:服务器端M01和移动端M02。其中,服务器端M01用于存储有接受验证码短信的目标号码或者网络地址黑名单;定期向移动端M02发送该黑名单,并且接收来自移动端M02更新的目标号码或者网络地址。移动端M02接收目标号码或者网络地址黑名单,当收到含有支付验证码的短信或者数据包时进行对比,若目标号码或网络地址已经存在于黑名单中,则直接进行拦截;若目标号码或网络地址不存在于黑名单中,则提示用户进行选择,当用户选择拦截,则进行拦截,并将被拦截的目标号码或者网络地址更新到服务器端M01。服务器端M01与移动端M02之间有网络连接。To achieve the above object, the present invention provides a system for preventing the risk of theft of Internet and mobile payment funds, comprising: a server M01 and a mobile terminal M02. The server M01 is configured to store a target number or a network address blacklist that accepts the verification code short message; periodically send the blacklist to the mobile terminal M02, and receive the target number or network address updated from the mobile terminal M02. The mobile terminal M02 receives the target number or the blacklist of the network address, and compares when receiving the short message or the data packet containing the payment verification code. If the target number or the network address already exists in the blacklist, the interception is directly performed; if the target number or If the network address does not exist in the blacklist, the user is prompted to make a selection. When the user selects the interception, the user intercepts and updates the intercepted target number or network address to the server M01. There is a network connection between the server M01 and the mobile M02.
进一步地,服务器端M01包含:数据库模块M11,存储目标号码或者网络地址黑名单;服务器端第一通信模块M12,与数据库模块M11之间有数据通道连接,定期从数据库模块M11取出目标号码或者网络地址黑名单,并向移动端发送;以及服务器端第二通信模块M13,与数据库模块M11之间有数据通道连接,接收来自于移动端上传的、被用户拦截的目标号码或者网络地址,并同步到数据库模块M11中。Further, the server M01 includes: a database module M11, which stores a target number or a blacklist of network addresses; a first communication module M12 of the server has a data channel connection with the database module M11, and periodically takes out a target number or network from the database module M11. The address blacklist is sent to the mobile terminal; and the second communication module M13 on the server side has a data channel connection with the database module M11, and receives the target number or network address uploaded by the mobile terminal and intercepted by the user, and synchronizes Go to the database module M11.
进一步地,移动端M02包含:移动端第一通信模块M21,定期从服务器端接收目标号码或者网络地址黑名单;移动端第二通信模块M22,将被用户拦截的目标号码或者网络地址同步到服务器端;判别模块M23,与移动端第一通信模块M21和之间有数据通道连接,接收目标号码或者网络地址黑名单,与接收的含有支付验证码的短信或数据包进行对比,判决拦截,若不能判决拦截,则弹出提示框供用户选择,由用户选择继续支付或者拦截;拦截模块M24,与判别模块M23连接,当判决拦截时,对支付的目标号码或网络地址进行拦截,以及,支付模块M25,与判别模块M23连接,当判决支付时,发送短信或数据包到目标号码或者网络地址。Further, the mobile terminal M02 includes: a mobile terminal first communication module M21, which periodically receives a target number or a network address blacklist from the server end; and the mobile terminal second communication module M22 synchronizes the target number or network address intercepted by the user to the server. The discriminating module M23 has a data channel connection with the first communication module M21 of the mobile terminal, receives the target number or the blacklist of the network address, compares with the received short message or data packet containing the payment verification code, and determines the interception. If the interception cannot be judged, a prompt box is popped up for the user to select, and the user chooses to continue to pay or intercept; the intercepting module M24 is connected with the discriminating module M23, and when the judgment is intercepted, the target number or network address of the payment is intercepted, and the payment module M25 is connected to the discriminating module M23, and when the payment is decided, the short message or the data packet is sent to the target number or the network address.
更进一步地,移动端M02中判别模块M23包含有以下子模块:黑名单数据库子模块M241,存储有包括黑客号码或者钓鱼网站的IP地址、主机名、MAC地址等多种表达方式的黑名单;逻辑组合子模块M242,与黑名单数据库子模块M241连接,将黑名单中的号码、IP地址、主机名、MAC地址等 多种表达方式进行关键字的逻辑组合,并与接收的含有支付验证码的短信或者数据包进行对比,并判决拦截;用户界面子模块M243,当逻辑组合子模块M242不能判决拦截时,弹出提示框供用户选择是否继续支付,然后接收用户的指令。Further, the discriminating module M23 in the mobile terminal M02 includes the following sub-module: a blacklist database sub-module M241, which stores a blacklist of various expressions including a hacker number or a phishing website, such as an IP address, a host name, and a MAC address; The logical combination submodule M242 is connected to the blacklist database submodule M241, and the number, IP address, host name, MAC address, etc. in the blacklist are Multiple expressions are used to logically combine the keywords, and compare with the received short message or data packet containing the payment verification code, and judge the interception; the user interface sub-module M243, when the logical combination sub-module M242 can not decide to intercept, pop-up prompt The box is for the user to choose whether to continue to pay and then receive the user's instructions.
本发明还提供一种防范互联网和移动支付资金被盗风险的方法,基于前述的防范互联网和移动支付资金被盗风险的系统实现,包含以下步骤:The present invention also provides a method for preventing the risk of theft of Internet and mobile payment funds, based on the aforementioned system for preventing the risk of theft of Internet and mobile payment funds, comprising the following steps:
S1,服务器端定期向移动端发送目标号码或者网络地址黑名单,移动端接收后,保存到内部的黑名单数据库中;S1, the server periodically sends a target number or a blacklist of network addresses to the mobile terminal, and the mobile terminal receives the blacklist database after being received by the mobile terminal;
S2,当发生用户网银或者支付账号被盗后,移动端接收到网络支付请求,并收到含有验证码的短信或数据包;S2, after the user online banking or the payment account is stolen, the mobile terminal receives the network payment request, and receives the short message or the data packet containing the verification code;
S3,移动端对目标号码或者网络地址进行比对并判别,S3, the mobile terminal compares and identifies the target number or the network address,
若该目标号码或者网络地址已经在黑名单数据库中,则直接进行拦截,If the target number or network address is already in the blacklist database, intercept it directly.
若该目标号码或者网络地址不在黑名单数据库中,则继续执行S4;If the target number or the network address is not in the blacklist database, proceed to S4;
S4,移动端弹出提示框,供用户选择是否继续进行支付,同时弹出风险提示的对话框,S4, the mobile terminal pops up a prompt box for the user to select whether to continue the payment, and a dialog box for popping up the risk prompt is displayed.
若用户选择继续支付,则发送短信或数据包到目标号码或者网络地址,If the user chooses to continue to pay, send a text message or data packet to the target number or network address.
若用户选择拦截,则继续执行S5;If the user chooses to intercept, continue to execute S5;
S5,移动端对本次支付进行拦截,同时将被用户拦截的目标号码或者网络地址同步上传到服务器端,返回执行S1。S5, the mobile terminal intercepts the payment, and simultaneously uploads the target number or network address intercepted by the user to the server, and returns to execute S1.
进一步地,S3中包含以下步骤:Further, S3 includes the following steps:
S31,移动端从接收到的含有验证码的短信或数据包中提取出目标号码或者网络地址;S31. The mobile terminal extracts a target number or a network address from the received short message or data packet containing the verification code.
S32,移动端从内部存储的黑名单数据库中取出数据并进行关键字的逻辑组合和对比;S32, the mobile terminal extracts data from the internally stored blacklist database and performs logical combination and comparison of keywords;
S33,当目标号码或者网络地址符合从黑名单数据库取出的关键字的逻辑组合,则直接进行拦截。S33. When the target number or the network address meets the logical combination of the keywords extracted from the blacklist database, the interception is directly performed.
进一步地,S5中包含以下步骤:Further, S5 includes the following steps:
S51,移动端对支付进行拦截;S51. The mobile terminal intercepts the payment;
S52,移动端将被拦截的目标号码或者网络地址上传到服务器端;S52. The mobile terminal uploads the intercepted target number or network address to the server.
S53,服务器端将接收到的目标号码或者网络地址同步到服务器端的数 据库黑名单中;S53, the server side synchronizes the received target number or network address to the server side. According to the list of Kuran;
S54,服务器端将更新的数据库黑名单传送至所有用户的移动端。S54. The server side transmits the updated database blacklist to all users' mobile terminals.
较优地,步骤S53中,当服务器端只从一个用户移动端处收到被拦截的目标号码或者网络地址时,不立即将该目标号码或者网络地址更新到数据库黑名单中;当来自多个用户的移动端上报相同的被拦截的目标号码或者网络地址时,才更新到数据库黑名单中。Preferably, in step S53, when the server receives the intercepted target number or network address only from a mobile end of the user, the target number or the network address is not immediately updated to the database blacklist; When the mobile end of the user reports the same blocked target number or network address, it is updated to the database blacklist.
综上所述,本发明所述的防范互联网和移动支付资金被盗风险的系统和方法,与现有技术相比,具有以下优点:通过网络服务器端定期提供对用户移动端的数据更新,以及用户移动端根据用户的主动判断,对诈骗短信、钓鱼网站等非法支付的验证码进行主动拦截,以及进一步地向网络服务器的同步反馈,克服了现有技术被动式防御,在账户和密码信息被盗后缺乏挽救措施等问题,使得网络支付的安全性大大提高,从而保护了用户使用网络支付账户的资金安全。In summary, the system and method for preventing the risk of theft of Internet and mobile payment funds according to the present invention have the following advantages: compared with the prior art, the data server is periodically provided with data updates to the user's mobile terminal, and the user is provided. Based on the user's active judgment, the mobile terminal actively intercepts the verification code of illegal payment such as fraudulent SMS, phishing website, and further synchronous feedback to the network server, overcoming the prior art passive defense, after the account and password information is stolen The lack of rescue measures and other issues have greatly improved the security of online payment, thus protecting the security of users' online payment accounts.
附图的简要说明BRIEF DESCRIPTION OF THE DRAWINGS
为了更清楚地说明本发明实施例或现有技术中的技术方案,下面将对实施例或现有技术描述中所需要使用的附图进行简单介绍,显而易见的,下面描述中的附图是本发明的一些实施例,对于本领域普通技术人员来讲,在不付出创造性劳动性的前提下,还可以根据这些附图获得其他的附图。In order to more clearly illustrate the embodiments of the present invention or the technical solutions in the prior art, the drawings used in the embodiments or the prior art description will be briefly described below. It is obvious that the drawings in the following description are Some of the embodiments of the invention may be obtained by those of ordinary skill in the art in view of the drawings without departing from the scope of the invention.
图1为本发明中的防范互联网和移动支付资金被盗风险系统的网络架构示意图;1 is a schematic diagram of a network architecture of a system for preventing theft of Internet and mobile payment funds in the present invention;
图2为本发明中的防范互联网和移动支付资金被盗风险系统中服务器端的结构示意图;2 is a schematic structural diagram of a server end in a system for preventing theft of Internet and mobile payment funds in the present invention;
图3为本发明中的防范互联网和移动支付资金被盗风险系统中移动端的结构示意图;3 is a schematic structural diagram of a mobile terminal in a system for preventing theft of Internet and mobile payment funds in the present invention;
图4为本发明中的移动端中判别模块的结构示意图;4 is a schematic structural diagram of a discriminating module in a mobile terminal according to the present invention;
图5为本发明中的防范互联网和移动支付资金被盗风险方法的流程示意图;FIG. 5 is a schematic flowchart of a method for preventing the risk of theft of Internet and mobile payment funds in the present invention; FIG.
图6为本发明中的移动端判断是否对目标号码或者网络地址进行拦截方法的流程示意图; 6 is a schematic flowchart of a method for determining, by a mobile terminal, whether to intercept a target number or a network address according to the present invention;
图7为本发明中的对目标号码或者网络地址进行拦截后移动端与服务器端进行数据交互方法的流程示意图。FIG. 7 is a schematic flowchart of a method for data interaction between a mobile terminal and a server after intercepting a target number or a network address according to the present invention.
实现本发明的最佳方式The best way to implement the invention
为使本发明实施例的目的、技术方案和优点更加清楚,下面将结合本发明实施例中的附图,对本发明实施例中的技术方案进行清楚、完整地描述,显然,所描述的实施例是本发明一部分实施例,而不是全部的实施例。基于本发明中的实施例,本领域普通技术人员在没有做出创造性劳动前提下所获得的所有其他实施例,都属于本发明保护的范围。The technical solutions in the embodiments of the present invention will be clearly and completely described in conjunction with the drawings in the embodiments of the present invention. It is a partial embodiment of the invention, and not all of the embodiments. All other embodiments obtained by a person of ordinary skill in the art based on the embodiments of the present invention without creative efforts are within the scope of the present invention.
需要说明的是,在本文中,诸如“第一”、“第二”、“第三”等关系术语如果存在仅仅用来将一个实体或者操作与另一个实体或操作区分开来,而不一定要求或者暗示这些实体或操作之间存在任何这种实际的关系或者顺序。应该理解这样使用的术语在适当情况下可以互换,以便这里描述的本发明的实施例,例如能够以除了在这里图示或描述的那些以外的顺序实施。此外,术语“包括”、“包含”、“具有”或者其任何其他变体意在涵盖非排他性的包含,从而使得包括一系列要素的过程、方法、物品或者终端设备不仅包括那些要素,而且还包括没有明确列出的其他要素,或者是还包括为这种过程、方法、物品或者终端设备所固有的要素。在没有更多限制的情况下,由语句“包括……”或“包含……”限定的要素,并不排除在包括所述要素的过程、方法、物品或者终端设备中还存在另外的要素。此外,在本文中,“大于”、“小于”、“超过”等理解为不包括本数;“以上”、“以下”、“以内”等理解为包括本数。It should be noted that, in this context, relational terms such as "first", "second", "third", etc., if present, are merely used to distinguish one entity or operation from another entity or operation, and not necessarily It is required or implied that there is any such actual relationship or order between these entities or operations. It is to be understood that the terms so used are interchangeable, as appropriate, such that the embodiments of the invention described herein can be implemented, for example, in a sequence other than those illustrated or described herein. In addition, the terms "including", "comprising", "having", or any other variants are intended to encompass a non-exclusive inclusion, such that a process, method, article, or terminal device that includes a plurality of elements includes not only those elements but also Includes other elements not explicitly listed, or elements that are inherent to such a process, method, item, or terminal device. An element defined by the phrase "including" or "comprising" does not exclude the presence of additional elements in the process, method, article or terminal device including the element. In addition, in this document, “greater than”, “less than”, “exceeded”, etc. are understood as not including the number; “above”, “below”, “inside”, etc. are understood to include the number.
以下结合图1~图7,以具体地实施例对本发明的技术方案进行详细说明。下面这几个具体的实施例可以相互结合,对于相同或相似的概念或过程可能在某些实施例不再赘述。The technical solutions of the present invention will be described in detail below with reference to FIGS. 1 to 7 in a specific embodiment. The following specific embodiments may be combined with each other, and the same or similar concepts or processes may not be described in some embodiments.
如图1所示,为本发明所提供的一种防范互联网和移动支付资金被盗风险系统的网络架构示意图。该系统可以部署在目前各种主流的互联网和移动支付的应用场景中,如网银支付,移动钱包,移动支付平台,电信运营商代收费,微信支付,支付宝支付,商户自建支付平台等等。系统包含:服务器端M01,用于存储接受验证码短信的目标号码或者网络地址黑名单,以及定期 提供对移动设备端的数据更新支持;移动端M02,用于接收来自于服务器端定期提供的数据,以及根据黑名单数据库和用户主动选择来判断是否要进行支付,若不支付,即对发送验证码的短信或者数据包进行拦截,同时将相关的目标号码和网络地址上传到服务器端M01。As shown in FIG. 1 , it is a schematic diagram of a network architecture for preventing a risk of theft of Internet and mobile payment funds. The system can be deployed in various current mainstream Internet and mobile payment application scenarios, such as online banking payment, mobile wallet, mobile payment platform, telecom carrier charging, WeChat payment, Alipay payment, merchant self-built payment platform and the like. The system includes: server M01, which is used to store the target number or network address blacklist that accepts the verification code SMS, and periodically Providing data update support for the mobile device side; the mobile terminal M02 is configured to receive data periodically provided from the server, and determine whether to perform payment according to the blacklist database and the user's active selection. If not, the verification code is sent. The SMS or data packet is intercepted, and the relevant target number and network address are uploaded to the server M01.
如图2所示,为本发明所提供的网络和移动互联网中防范支付资金被盗系统中服务器端的结构示意图。该服务器端包含:数据库模块M11,存储接收到的验证码短信的目标号码或者网络地址的黑名单;服务器端第一通信模块M12,定期从数据库模块M11中取出更新的数据资料,向移动设备发送;服务器端第二通信模块M13,接收来自于移动设备新上传到服务器端的数据,并将目标号码或网址同步到黑名单。数据库模块M11分别与服务器端第一通信模块M12和服务器端第二通信模块M13有数据通道连接,在数据通道上交互验证码短信或者数据包的目标号码或者网络地址黑名单等数据库数据。有多种技术可以实现服务器端第一通信模块M12和服务器端第二通信模块M13和移动终端M02间的数据传输,比如通过GPRS/3G/4G网络,或者是无线WIFI/WAPI局域网络等,此处不再赘述。As shown in FIG. 2, it is a schematic diagram of a structure of a server end in a system for preventing theft of payment funds in a network and a mobile internet provided by the present invention. The server includes: a database module M11, storing a destination number of the received verification code short message or a blacklist of the network address; the first communication module M12 of the server periodically takes out the updated data data from the database module M11 and sends the updated data data to the mobile device. The server-side second communication module M13 receives data newly uploaded from the mobile device to the server, and synchronizes the target number or the URL to the blacklist. The database module M11 has a data channel connection with the server first communication module M12 and the server second communication module M13, and interacts with the database data such as the verification code short message or the data packet destination number or the network address blacklist on the data channel. There are a variety of technologies for realizing data transmission between the server-side first communication module M12 and the server-side second communication module M13 and the mobile terminal M02, such as through a GPRS/3G/4G network, or a wireless WIFI/WAPI local area network, etc. I won't go into details here.
如图3所示,为本发明所提供的防范互联网和移动支付资金被盗风险系统中移动客户端的结构示意图。该移动客户端包含:移动端第一通信模块M21,定期从服务器端接收验证码短信的号码或者网络地址的黑名单;移动端第二通信模块M22,将目标号码或网址同步到服务器端;判别模块M23,根据接收到的验证码短信的号码或者网络地址的黑名单,经过关键字逻辑组合以后进行判断是否对目标支付号码或者网址进行拦截;若根据内部的黑名单及其关键字逻辑组合不能判断对目标号码或者网址进行拦截,则弹出提示框供用户选择,并做风险提示,由用户选择继续支付或者拦截;拦截模块M24,对支付的目标号码或网址进行拦截,若用户选择了拦截,则将该目标号码或网址传送到移动端第二通信模块M22;支付模块M25,发送短信或数据包到目标号码或目标网址。As shown in FIG. 3, it is a schematic structural diagram of a mobile client in a system for preventing theft of Internet and mobile payment funds. The mobile client includes: a mobile communication first communication module M21, which periodically receives a verification code short message number or a blacklist of a network address from the server end; the mobile terminal second communication module M22 synchronizes the target number or the website address to the server end; The module M23, according to the received blacklist of the verification code short message or the blacklist of the network address, determines whether the target payment number or the website address is intercepted after the keyword logical combination; if the internal blacklist and its keyword logical combination cannot be If the target number or the website address is intercepted, a prompt box is displayed for the user to select, and a risk prompt is prompted, and the user selects to continue to pay or intercept; the intercepting module M24 intercepts the target number or the website address of the payment, and if the user selects the interception, Then, the target number or web address is transmitted to the mobile second communication module M22; the payment module M25 sends a short message or data packet to the target number or the destination website.
移动端第一通信模块M21与判别模块M23由数据通道连接,向判别模块M23传输接受验证码短信的号码或者服务器地址黑名单;拦截模块M24与移动端第二通信模块M22由数据通道连接,将被拦截的目标号码或者网络地址传输到移动端第二通信模块M22,判别模块M23分别与拦截模块M24和支付 模块M25连接,控制拦截模块M24进行拦截或者是支付模块进行支付动作。The mobile terminal first communication module M21 and the discriminating module M23 are connected by the data channel, and transmit the number of the verification code short message or the server address blacklist to the discriminating module M23; the intercepting module M24 and the mobile terminal second communication module M22 are connected by the data channel, The intercepted target number or network address is transmitted to the mobile terminal second communication module M22, and the discriminating module M23 and the intercepting module M24 and the payment respectively The module M25 is connected, and the intercepting module M24 is controlled to intercept or the payment module performs a payment action.
进一步地,移动端判别模块在实际产品中具体可以是移动端内部的APP软件程序代码,也可以是集成在客户端内的安全芯片中。Further, the mobile terminal discriminating module may specifically be an APP software program code inside the mobile terminal in the actual product, or may be integrated in a security chip in the client.
如图4所示,为本发明中移动端的判别模块的结构示意图,包含黑名单数据库子模块M241,内部存储着黑客号码或者钓鱼网站的网络地址,进一步地,网络地址包括IP地址、主机名、MAC地址等多种网络地址的表达方式;逻辑组合子模块M242,根据黑名单数据库中号码或者网络地址以及自身关键字进行逻辑组合和判断,若目标号码或目标网址已经在黑名单数据库中则判断进行拦截,否则转至用户界面子模块处理;用户界面子模块M243,弹出提示框供用户选择是否进行支付,然后接收用户的指令,在实际用户使用时,用户界面子模块在弹出支付提示框的同时还同时弹出风险提示框,提示用户谨慎地进行支付行为。As shown in FIG. 4, it is a schematic structural diagram of a discriminating module of a mobile terminal according to the present invention, which includes a blacklist database submodule M241, which internally stores a hacker number or a network address of a phishing website. Further, the network address includes an IP address, a host name, and a MAC address. The expression of a plurality of network addresses, such as an address; the logical combination sub-module M242 performs logical combination and judgment according to the number or network address in the blacklist database and the own keyword, and if the target number or the target URL is already in the blacklist database, the judgment is performed. Intercept, otherwise go to the user interface sub-module processing; user interface sub-module M243, pop-up prompt box for the user to choose whether to make payment, and then receive the user's instruction, when the actual user uses, the user interface sub-module pops up the payment prompt box At the same time, a risk prompt box is popped up, prompting the user to carefully perform the payment behavior.
首先,介绍一下移动支付在网络和移动互联网中的应用场景。目前随着移动通信技术的发展,手机支付已经成为一种新的支付手段,消费者用手机进行支付时,支付的处理是在远程的服务器端中进行的,支付的信息需要通过移动网络传送到远程服务器中才可完成支付过程。例如我们常说的“手机钱包”,使用者需要事先将手机号和银行卡绑定,在购买商品时,可以用短信、WAP或客户端的方式将支付信息传递到支付平台的后台服务器,支付平台就会在银行帐户中扣除相应的费用,这样一次支付就完成了。还有一些移动支付不需要使用银行帐户,比如,可以直接用手机话费帐户来支付,支付的金额就直接在手机话费帐户中扣除。通常在移动支付的过程中进行到最后一个付款步骤时,服务器端会发送验证码到用户注册的手机,而这个验证码就成了保护用户资金安全的最后一道屏障,如果用户的账户,密码被盗,保护验证码的安全,就达到了保护账户资金安全的目的。First, introduce the application scenarios of mobile payment in the network and mobile Internet. At present, with the development of mobile communication technology, mobile payment has become a new payment method. When a consumer makes a payment by mobile phone, the payment processing is performed in a remote server, and the payment information needs to be transmitted to the mobile network. The payment process can only be completed in the remote server. For example, we often say "mobile wallet", the user needs to bind the mobile phone number and the bank card in advance. When purchasing the goods, the payment information can be transmitted to the background server of the payment platform by means of short message, WAP or client, and the payment platform. The corresponding fee will be deducted from the bank account so that the payment is completed. There are also some mobile payments that do not require a bank account. For example, you can pay directly with your mobile phone account, and the amount paid is directly deducted from your mobile phone account. Usually in the process of mobile payment to the last payment step, the server will send a verification code to the user's registered mobile phone, and this verification code becomes the last barrier to protect the security of the user's funds. If the user's account, the password is Theft, protection of the security of the verification code, has achieved the purpose of protecting the security of the account funds.
因此,发明人从保护验证码的启示出发,设计了本发明所提供的网络和移动互联网中防范支付资金被盗系统的工作方式。下面进行详细的介绍。Therefore, the inventor has devised from the revelation of the protection verification code that the working mode of the system for preventing theft of payment funds in the network and the mobile internet provided by the invention is designed. The following is a detailed introduction.
假设在前述的移动支付应用场景中,用户网银或者支付账号被盗,黑客软件或者恶意网站向服务器端发生支付请求,用户的移动端M02收到含有验证码的短信或者数据包。It is assumed that in the foregoing mobile payment application scenario, the user online banking or the payment account is stolen, the hacking software or the malicious website generates a payment request to the server, and the mobile terminal M02 of the user receives the short message or the data packet containing the verification code.
在本发明的第一个优选实施例中,移动端M02的判别模块M23对短信或 者数据包进行对比,若目标号码或目标网址来源于有多次案底的黑客软件或者是钓鱼网站等非法来源,那么该目标号码或目标网址已经存在于黑名单数据库子模块M241,则直接进行拦截,这样就保护了用户账户资金的安全。In a first preferred embodiment of the present invention, the discriminating module M23 of the mobile terminal M02 is for a short message or Comparing the data packets, if the target number or destination URL is from an illegal source such as a hacker software with multiple cases or a phishing website, then the target number or destination URL already exists in the blacklist database submodule M241, and the interception is directly performed. This protects the security of user account funds.
在本发明的第二个优选实施例中,移动端M02的判别模块M23对短信或者数据包进行对比,该目标号码或者网址不存在于黑名单数据库子模块M241中,则用户界面子模块M243弹出提示框供用户选择,并做出风险提示,用户选择继续支付,则移动端M02的支付模块M25发送短信或数据包到目标号码或目标网址。In the second preferred embodiment of the present invention, the discriminating module M23 of the mobile terminal M02 compares the short message or the data packet, and the target number or the web address does not exist in the blacklist database submodule M241, and the user interface submodule M243 pops up. The prompt box is for the user to select, and a risk prompt is made. If the user chooses to continue to pay, the payment module M25 of the mobile terminal M02 sends a short message or a data packet to the target number or the target website.
在本发明的第三个优选实施例中,移动端M02的判别模块M23对短信或者数据包进行对比,该目标号码或者网址不存在于黑名单数据库子模块M241中,则用户界面子模块M243弹出提示框供用户选择,并做出风险提示,用户选择拦截支付,则移动端M02的拦截模块M24拦截支付。In the third preferred embodiment of the present invention, the discriminating module M23 of the mobile terminal M02 compares the short message or the data packet, and the target number or the web address does not exist in the blacklist database submodule M241, and the user interface submodule M243 pops up. The prompt box is for the user to select and make a risk prompt, and the user chooses to intercept the payment, and the intercepting module M24 of the mobile terminal M02 intercepts the payment.
在本发明的第四个优选实施例中,移动端M02的判别模块M23对短信或者数据包进行对比,该目标号码或者网址不存在于黑名单数据库子模块M241中,则用户界面子模块M243弹出提示框供用户选择,并做出风险提示,用户选择拦截支付,则移动端M02的拦截模块M24拦截支付,同时拦截模块M24将该目标号码或者网址传递至移动端第二通信模块M22,并同步到服务器端M01。In the fourth preferred embodiment of the present invention, the discriminating module M23 of the mobile terminal M02 compares the short message or the data packet, and the target number or the web address does not exist in the blacklist database submodule M241, and the user interface submodule M243 pops up. The prompt box is for the user to select and make a risk prompt. If the user chooses to intercept the payment, the intercepting module M24 of the mobile terminal M2 intercepts the payment, and the intercepting module M24 transmits the target number or the website address to the mobile communication second communication module M22, and synchronizes Go to the server side M01.
在本发明的第五个优选实施例中,服务器端M01的第二通信模块M13从移动端接收到被拦截的目标号码或者网址,将该目标号码或者网址存入数据库模块M11,然后服务器端第一通信模块M12定期地从数据库模块M11取出更新的目标号码或者网络地址的黑名单,向所有用户移动设备发送。需要说明的是,为了避免误操作,在实际的应用中,服务器端M01的数据库模块M11还会制定一些规则来过滤由移动端上报来的目标号码或者网络地址,例如只有当多个移动端上报相同的目标号码或者网络地址,才将该目标号码或者网络地址加入黑名单。这样就避免了由于一个用户的误操作而影响到正常用户的支付收款。In a fifth preferred embodiment of the present invention, the second communication module M13 of the server M01 receives the intercepted target number or web address from the mobile terminal, stores the target number or the web address in the database module M11, and then the server side A communication module M12 periodically fetches the updated target number or blacklist of network addresses from the database module M11 and transmits them to all user mobile devices. It should be noted that, in order to avoid misoperation, in the actual application, the database module M11 of the server M01 also formulates rules for filtering the target number or network address reported by the mobile terminal, for example, when multiple mobile terminals report The target number or network address is added to the blacklist by the same target number or network address. This avoids payment due to normal users due to a user's misoperation.
如图5所示,本发明还提供一种防范互联网和移动支付资金被盗风险的方法,基于前述的防范互联网和移动支付资金被盗风险系统实现,适用于智能手机、或平板电脑、或智能可穿戴设备包括智能手表或智能手环,以及网络 服务器,包含以下步骤:As shown in FIG. 5, the present invention also provides a method for preventing the risk of theft of Internet and mobile payment funds, which is implemented based on the aforementioned system for preventing theft of Internet and mobile payment funds, and is applicable to a smart phone, or a tablet computer, or an intelligent device. Wearables include smart watches or smart bracelets, and networks The server consists of the following steps:
S1,网络服务器定期向用户终端发送目标号码或者网络地址的黑名单,移动端从网络接接收更新的目标号码或者网络地址的黑名单,并保存到内部的黑名单数据库中;S1, the network server periodically sends a blacklist of the target number or the network address to the user terminal, and the mobile terminal receives the updated target number or the blacklist of the network address from the network, and saves the blacklist to the internal blacklist database;
S2,当发生用户网银或者支付账号被盗后,移动端接收到网络支付请求,并收到验证码;S2, after the user online banking or the payment account is stolen, the mobile terminal receives the network payment request and receives the verification code;
S3,移动端根据对目标号码或者网络地址进行比对,并进行判断,S3, the mobile terminal compares the target number or the network address, and makes a judgment,
若该目标号码或者网络地址已经在黑名单数据库中,则直接进行拦截,If the target number or network address is already in the blacklist database, intercept it directly.
若该目标号码或者网络地址不在黑名单数据库中,则继续执行S4;If the target number or the network address is not in the blacklist database, proceed to S4;
S4,移动端弹出提示框,供用户选择是否继续进行支付,同时弹出风险提示的对话框,S4, the mobile terminal pops up a prompt box for the user to select whether to continue the payment, and a dialog box for popping up the risk prompt is displayed.
若用户选择继续支付,则发送短信或数据包到目标号码或者网络地址,If the user chooses to continue to pay, send a text message or data packet to the target number or network address.
若用户选择拦截,则继续执行S5;If the user chooses to intercept, continue to execute S5;
S5,移动端对本次支付进行拦截,同时将目标号码或者网络地址同步上传到服务器端,返回执行S1。S5, the mobile terminal intercepts the payment, and simultaneously uploads the target number or the network address to the server, and returns to execute S1.
如图6所示,进一步地,S3具体包含以下步骤:As shown in FIG. 6, further, S3 specifically includes the following steps:
S31,移动端从接收到的发送验证码短信或者数据包提取出目标号码或者网络地址;S31. The mobile terminal extracts a target number or a network address from the received verification code short message or data packet.
S32,移动端从内部存储的黑名单数据库中取出数据,并根据关键字进行逻辑组合;S32, the mobile terminal extracts data from the internally stored blacklist database, and performs logical combination according to the keyword;
S33,当该目标号码或者网络地址符合从黑名单数据库取出数据的逻辑组合,则直接进行拦截。S33. When the target number or the network address meets a logical combination of data extracted from the blacklist database, the interception is directly performed.
如图7所示,进一步地,S5具体包含以下步骤:As shown in FIG. 7, further, S5 specifically includes the following steps:
S51,移动端对支付进行拦截;S51. The mobile terminal intercepts the payment;
S52,移动端将被拦截的目标号码或者网络地址上传到服务器端;S52. The mobile terminal uploads the intercepted target number or network address to the server.
S53,服务器端将接收到的目标号码或者网络地址同步到服务器端的数据库黑名单中;S53. The server synchronizes the received target number or network address to the database blacklist of the server.
S54,服务器端将更新的数据库黑名单传送至所有用户的移动端。S54. The server side transmits the updated database blacklist to all users' mobile terminals.
在本发明的一个优选实施例中,当服务器端只从一个用户的移动端那里收到被拦截的目标号码或者网络地址时,不立即将该目标号码或者网络地址 更新到服务器端内的数据库黑名单中;当来自多个用户的移动端上报相同的目标号码或者网络地址时,才将其更新到数据库黑名单中。In a preferred embodiment of the present invention, when the server receives the intercepted target number or network address only from the mobile end of a user, the target number or network address is not immediately Update to the database blacklist in the server side; when the mobile terminal from multiple users reports the same destination number or network address, it is updated to the database blacklist.
在本发明的另一优优选实施例中,服务器端和移动端之间定期通过GPRS/3G/4G网络,或者是无线WIFI/WAPI局域网络进行数据的交互。In another preferred embodiment of the present invention, the data is periodically exchanged between the server and the mobile through a GPRS/3G/4G network or a wireless WIFI/WAPI local area network.
综上所述,本发明所提供防范互联网和移动支付资金被盗风险的方法,是基于服务器端M01和移动端M02之间相互的数据交互而实现的,对于已经能够明确来自于黑客软件或者是钓鱼网站等的目标号码或者网络地址,根据服务器端M01向移动端M02定期发送的黑名单直接进行拦截,对于还不能确定性质的目标号码或者网络地址,由用户自行决定是否继续支付;另一方面,若用户拦截了来自于某目标号码或者网络地址的支付,移动端M02便将用户的拦截选择记录下来,并同步到服务器端M01,由服务器端M01更新其黑名单数据库,因此该黑名单的更新是动态、有用户的主动行为而决定的。In summary, the method for preventing theft of Internet and mobile payment funds according to the present invention is implemented based on mutual data interaction between the server M01 and the mobile terminal M02, and is already clear from the hacker software or The target number or network address of the phishing website is directly intercepted according to the blacklist periodically sent by the server M01 to the mobile terminal M02. For the target number or network address that cannot be determined, the user decides whether to continue to pay; If the user intercepts the payment from a certain target number or network address, the mobile terminal M02 records the user's interception selection and synchronizes to the server M01, and the server M01 updates its blacklist database, so the blacklist Updates are dynamic and determined by the user's active behavior.
本发明所提供的防范互联网和移动支付资金被盗风险的系统和方法,与现有技术相比,具有以下优点:通过网络服务器端定期提供对用户移动端的数据更新,以及用户移动端根据用户的主动判断,对诈骗短信、钓鱼网站等非法支付的验证码进行主动拦截,以及进一步地向网络服务器的同步反馈,克服了现有技术被动式防御,在账户和密码信息被盗后缺乏挽救措施等问题,使得网络支付的安全性大大提高,从而保护了用户使用网络支付账户的资金安全。The system and method for preventing the risk of theft of Internet and mobile payment funds provided by the present invention have the following advantages: compared with the prior art, the data server is periodically provided with data update to the user mobile terminal, and the user mobile terminal is based on the user's Actively judge, actively intercept the verification code of fraudulent SMS, phishing website and other illegal payment, and further feedback to the network server, overcome the prior art passive defense, lack of rescue measures after the account and password information is stolen The security of network payment is greatly improved, thereby protecting the security of the funds used by the user to use the online payment account.
本领域内的技术人员应明白,上述各实施例可提供为方法、装置、或计算机程序产品。这些实施例可采用完全硬件实施例、完全软件实施例、或结合软件和硬件方面的实施例的形式。上述各实施例涉及的方法中的全部或部分步骤可以通过程序来指令相关的硬件完成,所述的程序可以存储于计算机设备可读取的存储介质中,用于执行上述各实施例方法所述的全部或部分步骤。Those skilled in the art will appreciate that the various embodiments described above can be provided as a method, apparatus, or computer program product. These embodiments may take the form of an entirely hardware embodiment, an entirely software embodiment, or a combination of software and hardware aspects. All or part of the steps involved in the foregoing embodiments may be implemented by a program to instruct related hardware, and the program may be stored in a storage medium readable by a computer device for performing the methods of the foregoing embodiments. All or part of the steps.
上述各实施例是参照根据实施例所述的方法、设备(系统)、和计算机程序产品的流程图和/或方框图来描述的。应理解可由计算机程序指令实现流程图和/或方框图中的每一流程和/或方框、以及流程图和/或方框图中的流程和/或方框的结合。可提供这些计算机程序指令到计算机设备的处理器以产生一个机器,使得通过计算机设备的处理器执行的指令产生用于实现在流程图一 个流程或多个流程和/或方框图一个方框或多个方框中指定的功能的装置。The above embodiments are described with reference to flowcharts and/or block diagrams of methods, apparatus (systems), and computer program products according to the embodiments. It will be understood that each flow and/or block of the flowchart illustrations and/or FIG. These computer program instructions can be provided to a processor of a computer device to generate a machine such that instructions executed by a processor of the computer device are generated for implementation in flowchart one Means of a process or a plurality of processes and/or block diagrams of a function specified in a block or blocks.
尽管本发明的内容已经通过上述优选实施例作了详细介绍,但应当认识到上述的描述不应被认为是对本发明的限制。在本领域技术人员阅读了上述内容后,对于本发明的多种修改和替代都将是显而易见的。因此,本发明的保护范围应由所附的权利要求来限定。 Although the present invention has been described in detail by the preferred embodiments thereof, it should be understood that the foregoing description should not be construed as limiting. Various modifications and alterations of the present invention will be apparent to those skilled in the art. Therefore, the scope of the invention should be defined by the appended claims.

Claims (10)

  1. 一种防范互联网和移动支付资金被盗风险的系统,包含:服务器端(M01)和移动端(M02),其特征在于,A system for preventing the risk of theft of Internet and mobile payment funds, comprising: a server end (M01) and a mobile end (M02), wherein
    所述服务器端(M01)存储有接受验证码短信的目标号码或者网络地址黑名单,定期向所述移动端(M02)发送所述目标号码或者网络地址黑名单,接收来自所述移动端(M02)更新的目标号码或者网络地址;The server (M01) stores a target number or a network address blacklist that accepts the verification code short message, and periodically sends the target number or the network address blacklist to the mobile terminal (M02), and receives the mobile terminal (M02). ) the updated target number or network address;
    所述的移动端(M02)接收所述的目标号码或者网络地址黑名单;当所述的移动端(M02)收到含有支付验证码的短信或者数据包,则进行对比,The mobile terminal (M02) receives the target number or the network address blacklist; when the mobile terminal (M02) receives the short message or the data packet containing the payment verification code, the comparison is performed.
    若目标号码或网络地址已经存在于所述的目标号码或者网络地址黑名单中,则直接进行拦截,If the target number or network address already exists in the target number or the blacklist of the network address, interception is performed directly.
    若目标号码或网络地址不存在于所述的目标号码或者网络地址黑名单中,则提示用户进行选择,当用户选择拦截,则进行拦截,并将所述的目标号码或者网络地址更新到所述的服务器端(M01);If the target number or the network address does not exist in the target number or the network address blacklist, the user is prompted to make a selection, when the user selects the interception, the interception is performed, and the target number or network address is updated to the Server side (M01);
    所述的服务器端(M01)与所述的移动端(M02)之间有网络连接。There is a network connection between the server end (M01) and the mobile end (M02).
  2. 如权利要求1所述的防范互联网和移动支付资金被盗风险的系统,其特征在于,所述的服务器端(M01)包含:The system for preventing the risk of theft of Internet and mobile payment funds according to claim 1, wherein said server end (M01) comprises:
    数据库模块(M11),存储所述的目标号码或者网络地址黑名单;a database module (M11) storing the target number or a blacklist of network addresses;
    服务器端第一通信模块(M12),与所述的数据库模块(M11)之间有数据通道连接,定期从所述的数据库模块(M11)取出所述的目标号码或者网络地址黑名单,向所述的移动端(M02)发送;The first communication module (M12) of the server has a data channel connection with the database module (M11), and the target number or the blacklist of the network address is periodically taken out from the database module (M11). The mobile terminal (M02) is sent;
    服务器端第二通信模块(M13),与所述的数据库模块(M11)之间有数据通道连接,接收来自于所述的移动端(M02)上传的、被用户拦截的目标号码或者网络地址,并同步到所述的数据库模块(M11)。The server-side second communication module (M13) has a data channel connection with the database module (M11), and receives a target number or a network address that is uploaded by the mobile terminal (M02) and intercepted by the user. And synchronized to the database module (M11).
  3. 如权利要求2所述的防范互联网和移动支付资金被盗风险的系统,其特征在于,A system for preventing the risk of theft of Internet and mobile payment funds as claimed in claim 2, characterized in that
    所述服务器端第一通信模块(M12)向所述的移动端(M02)发送所述的目标号码或者网络地址黑名单,以及所述的服务器端第二通信模块(M13)接收来自于所述的移动端(M02)上传的、被用户拦截的目标号码或者网络 地址,是通过GPRS/3G/4G网络,或者无线WIFI/WAPI局域网络来通信。The server-side first communication module (M12) sends the target number or network address blacklist to the mobile terminal (M02), and the server-side second communication module (M13) receives the Target number or network uploaded by the mobile terminal (M02) and blocked by the user The address is communicated via a GPRS/3G/4G network or a wireless WIFI/WAPI local area network.
  4. 如权利要求1所述的防范互联网和移动支付资金被盗风险的系统,其特征在于,所述的移动端(M02)包含:The system for preventing the risk of theft of Internet and mobile payment funds according to claim 1, wherein said mobile terminal (M02) comprises:
    移动端第一通信模块(M21),定期从所述的服务器端(M01)接收所述的目标号码或者网络地址黑名单;The mobile terminal first communication module (M21) periodically receives the target number or network address blacklist from the server end (M01);
    移动端第二通信模块(M22),将被用户拦截的目标号码或者网络地址同步到所述的服务器端(M01);The mobile second communication module (M22) synchronizes the target number or network address intercepted by the user to the server end (M01);
    判别模块(M23),与所述的移动端第一通信模块(M21)之间有数据通道连接,接收来自于所述的移动端第一通信模块(M21)发送的所述的目标号码或者网络地址黑名单,与接收的含有支付验证码的短信或数据包进行对比,判决拦截,若不能判决拦截,则弹出提示框供用户选择,由用户选择继续支付或者拦截;a discriminating module (M23) having a data channel connection with the mobile terminal first communication module (M21), receiving the target number or network sent by the mobile terminal first communication module (M21) The address blacklist is compared with the received short message or data packet containing the payment verification code, and the judgment is intercepted. If the interception cannot be decided, a prompt box is displayed for the user to select, and the user chooses to continue to pay or intercept;
    拦截模块(M24),与所述的判别模块(M23)连接,当所述的判别模块(M23)判决拦截时,对支付的目标号码或网络地址进行拦截,以及,与所述的移动端第二通信模块(M22)之间有数据通道连接,将用户选择拦截的目标号码或者网络地址传送到所述的移动端第二通信模块(M22);The intercepting module (M24) is connected to the discriminating module (M23), and when the discriminating module (M23) decides to intercept, intercepts the target number or network address of the payment, and, with the mobile terminal There is a data channel connection between the two communication modules (M22), and the target number or network address selected by the user is transmitted to the mobile terminal second communication module (M22);
    支付模块(M25),与所述的判别模块(M23)连接,当所述的判别模块(M23)判决支付时,发送短信或数据包到目标号码或者网络地址。The payment module (M25) is connected to the discriminating module (M23), and when the discriminating module (M23) decides to pay, sends a short message or a data packet to a target number or a network address.
  5. 如权利要求4所述的防范互联网和移动支付资金被盗风险的系统,其特征在于,所述的判别模块(M23)包含A system for preventing the risk of theft of Internet and mobile payment funds according to claim 4, wherein said discriminating module (M23) comprises
    黑名单数据库子模块(M241),存储有包括黑客号码或者钓鱼网站的IP地址、主机名、MAC地址等多种表达方式的所述的目标号码或者网络地址黑名单;The blacklist database sub-module (M241) stores the target number or network address blacklist including a hacker number or an IP address, a host name, a MAC address, and the like of the phishing website;
    逻辑组合子模块(M242),与所述的黑名单数据库子模块(M241)连接,将黑名单中的号码、IP地址、主机名、MAC地址等多种表达方式进行关键字的逻辑组合,并与所述的移动端(M02)接收的含有支付验证码的短信或者数据包进行对比,并判决拦截;The logical combination sub-module (M242) is connected to the blacklist database sub-module (M241), and logically combines various expressions such as a number, an IP address, a host name, and a MAC address in the blacklist, and Comparing with the short message or data packet received by the mobile terminal (M02) containing the payment verification code, and determining the interception;
    用户界面子模块(M243),当所述的逻辑组合子模块(M242)不能判决拦截时,弹出提示框供用户选择是否继续支付,然后接收用户的指令;The user interface sub-module (M243), when the logical combination sub-module (M242) cannot determine the interception, pops up a prompt box for the user to select whether to continue to pay, and then receives the user's instruction;
  6. 如权利要求4所述的防范互联网和移动支付资金被盗风险的系统,其特 征在于,所述的判别模块(M23)具体可以是所述的移动端(M02)内部的APP软件程序,也可以集成在所述的移动端(M02)内的安全芯片中。A system for preventing the risk of theft of Internet and mobile payment funds as claimed in claim 4 The discriminating module (M23) may specifically be an APP software program inside the mobile terminal (M02), or may be integrated in a security chip in the mobile terminal (M02).
  7. 一种防范互联网和移动支付资金被盗风险的方法,其特征在于,采用如权利要求1~6中任意一项权利要求所述的防范互联网和移动支付资金被盗风险的系统实现,包含以下步骤:A method for preventing the risk of theft of Internet and mobile payment funds, characterized by using the system for preventing the risk of theft of Internet and mobile payment funds according to any one of claims 1 to 6, comprising the following steps :
    S1,服务器端定期向移动端发送目标号码或者网络地址黑名单,移动端接收后,保存到内部的黑名单数据库中;S1, the server periodically sends a target number or a blacklist of network addresses to the mobile terminal, and the mobile terminal receives the blacklist database after being received by the mobile terminal;
    S2,当发生用户网银或者支付账号被盗后,所述移动端接收到网络支付请求,并收到含有验证码的短信或数据包;S2, after the user online banking or the payment account is stolen, the mobile terminal receives the network payment request, and receives the short message or the data packet containing the verification code;
    S3,所述的移动端对目标号码或者网络地址进行比对并判别,S3, the mobile terminal compares and identifies the target number or the network address,
    若所述目标号码或者网络地址已经在黑名单数据库中,则直接进行拦截,If the target number or network address is already in the blacklist database, interception is performed directly.
    若所述目标号码或者网络地址不在黑名单数据库中,则继续执行S4;If the target number or the network address is not in the blacklist database, proceed to S4;
    S4,所述的移动端弹出提示框,供用户选择是否继续进行支付,同时弹出风险提示的对话框,S4, the mobile terminal pops up a prompt box for the user to select whether to continue to pay, and a dialog box for popping up the risk prompt is displayed.
    若用户选择继续支付,则发送短信或数据包到所述目标号码或者网络地址,If the user chooses to continue to pay, send a text message or a data packet to the target number or network address,
    若用户选择拦截,则继续执行S5;If the user chooses to intercept, continue to execute S5;
    S5,所述的移动端对本次支付进行拦截,同时将所述目标号码或者网络地址同步上传到所述的服务器端,返回执行S1。S5. The mobile terminal intercepts the current payment, and simultaneously uploads the target number or the network address to the server end, and returns to execute S1.
  8. 如权利要求7所述的防范互联网和移动支付资金被盗风险的方法,其特征在于,所述的S3包含:The method for preventing the risk of theft of Internet and mobile payment funds according to claim 7, wherein said S3 comprises:
    S31,所述的移动端从接收到的含有验证码的短信或数据包中提取出目标号码或者网络地址;S31. The mobile terminal extracts a target number or a network address from the received short message or data packet containing the verification code.
    S32,所述的移动端从内部存储的黑名单数据库中取出所述目标号码或者网络地址,并进行关键字的逻辑组合和对比;S32. The mobile terminal extracts the target number or network address from an internally stored blacklist database, and performs logical combination and comparison of keywords.
    S33,当所述目标号码或者网络地址符合从黑名单数据库取出的关键字的逻辑组合,则直接进行拦截。S33. When the target number or the network address meets the logical combination of the keywords extracted from the blacklist database, the interception is directly performed.
  9. 如权利要求7所述的防范互联网和移动支付资金被盗风险的方法,其特征在于,所述的S5包含:The method for preventing the risk of theft of Internet and mobile payment funds according to claim 7, wherein said S5 comprises:
    S51,所述的移动端对支付进行拦截; S51. The mobile terminal intercepts the payment.
    S52,所述的移动端将被拦截的所述目标号码或者网络地址上传到所述的服务器端;S52. The mobile terminal uploads the intercepted target number or network address to the server end.
    S53,所述的服务器端将接收到的所述目标号码或者网络地址同步到服务器端的数据库黑名单中;S53. The server end synchronizes the received target number or network address to a database blacklist in the server.
    S54,所述的服务器端将更新的数据库黑名单传送至所有用户的移动端。S54. The server end transmits the updated database blacklist to all users' mobile terminals.
  10. 如权利要求9所述的防范互联网和移动支付资金被盗风险的方法,其特征在于,当所述的服务器端只从一个用户的移动端收到被拦截的目标号码或者网络地址时,不立即将所述目标号码或者网络地址更新到数据库黑名单中,当来自多个用户的移动端上报相同的被拦截的目标号码或者网络地址时,才更新到数据库黑名单中。 A method for preventing the risk of theft of Internet and mobile payment funds according to claim 9, wherein when said server receives only the intercepted target number or network address from the mobile terminal of a user, it is not immediately The target number or the network address is updated to the database blacklist, and when the mobile terminal from the multiple users reports the same intercepted target number or network address, the database blacklist is updated.
PCT/CN2017/103100 2017-09-25 2017-09-25 System and method for avoiding internet and mobile payment fraud WO2019056343A1 (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
PCT/CN2017/103100 WO2019056343A1 (en) 2017-09-25 2017-09-25 System and method for avoiding internet and mobile payment fraud

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
PCT/CN2017/103100 WO2019056343A1 (en) 2017-09-25 2017-09-25 System and method for avoiding internet and mobile payment fraud

Publications (1)

Publication Number Publication Date
WO2019056343A1 true WO2019056343A1 (en) 2019-03-28

Family

ID=65810938

Family Applications (1)

Application Number Title Priority Date Filing Date
PCT/CN2017/103100 WO2019056343A1 (en) 2017-09-25 2017-09-25 System and method for avoiding internet and mobile payment fraud

Country Status (1)

Country Link
WO (1) WO2019056343A1 (en)

Cited By (2)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
TWI718941B (en) * 2019-06-20 2021-02-11 南韓商韓領有限公司 System and method for generating alerts and non-transitory computer-readable medium
CN113596844A (en) * 2021-07-29 2021-11-02 恒安嘉新(北京)科技股份公司 Early warning method, device, medium and electronic equipment based on data information

Citations (3)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
WO2013044797A1 (en) * 2011-09-26 2013-04-04 广州市动景计算机科技有限公司 Method and system for handling communication event
CN104038504A (en) * 2014-06-25 2014-09-10 深圳市鸿宇顺科技有限公司 System and method for preventing Internet payment information from being stolen
CN106453808A (en) * 2015-08-13 2017-02-22 中兴通讯股份有限公司 Method and apparatus for processing terminal data

Patent Citations (3)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
WO2013044797A1 (en) * 2011-09-26 2013-04-04 广州市动景计算机科技有限公司 Method and system for handling communication event
CN104038504A (en) * 2014-06-25 2014-09-10 深圳市鸿宇顺科技有限公司 System and method for preventing Internet payment information from being stolen
CN106453808A (en) * 2015-08-13 2017-02-22 中兴通讯股份有限公司 Method and apparatus for processing terminal data

Cited By (3)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
TWI718941B (en) * 2019-06-20 2021-02-11 南韓商韓領有限公司 System and method for generating alerts and non-transitory computer-readable medium
TWI773071B (en) * 2019-06-20 2022-08-01 南韓商韓領有限公司 Computer-implemented method and system for pipeline data stream processing
CN113596844A (en) * 2021-07-29 2021-11-02 恒安嘉新(北京)科技股份公司 Early warning method, device, medium and electronic equipment based on data information

Similar Documents

Publication Publication Date Title
CN113396569B (en) System and method for second factor authentication of customer support calls
US11695576B2 (en) Transaction verification through enhanced authentication
KR102304778B1 (en) System and method for initially establishing and periodically confirming trust in a software application
US8893237B2 (en) Secure and efficient login and transaction authentication using iphones# and other smart mobile communication devices
US20150310427A1 (en) Method, apparatus, and system for generating transaction-signing one-time password
JP2020005260A (en) Authentication system and method
Raina Overview of mobile payment: technologies and security
AU2013216868A1 (en) Tokenization in mobile and payment environments
JP2014529273A (en) Secure authentication method and system for online transactions
Hudaib E-payment security analysis in depth
CN113661699A (en) System and method for pre-authentication of customer support calls
WO2019056343A1 (en) System and method for avoiding internet and mobile payment fraud
TW201305935A (en) One time password generation and application method and system using the same
US9871890B2 (en) Network authentication method using a card device
Kyrillidis et al. Card-present transactions on the internet using the smart card web server
Williams et al. Follow the Money Through Apple Pay
Rivers et al. A Study on Cyber Attacks and Vulnerabilities in Mobile Payment Applications
Yuan et al. Safety analysis and strategy of Alipay
Ammayappan TSM centric privacy preserving NFC mobile payment framework with formal verification
Tran Mobile Payment Security: A case study of Digital Wallet MOMO

Legal Events

Date Code Title Description
121 Ep: the epo has been informed by wipo that ep was designated in this application

Ref document number: 17925884

Country of ref document: EP

Kind code of ref document: A1

NENP Non-entry into the national phase

Ref country code: DE

122 Ep: pct application non-entry in european phase

Ref document number: 17925884

Country of ref document: EP

Kind code of ref document: A1