WO2021196807A1 - Payment order verification method, payment order verification device and activation method therefor, and transaction server - Google Patents

Payment order verification method, payment order verification device and activation method therefor, and transaction server Download PDF

Info

Publication number
WO2021196807A1
WO2021196807A1 PCT/CN2020/142559 CN2020142559W WO2021196807A1 WO 2021196807 A1 WO2021196807 A1 WO 2021196807A1 CN 2020142559 W CN2020142559 W CN 2020142559W WO 2021196807 A1 WO2021196807 A1 WO 2021196807A1
Authority
WO
WIPO (PCT)
Prior art keywords
payment order
verification
order verification
payment
code
Prior art date
Application number
PCT/CN2020/142559
Other languages
French (fr)
Chinese (zh)
Inventor
李佳佳
张垒垒
Original Assignee
支付宝(杭州)信息技术有限公司
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by 支付宝(杭州)信息技术有限公司 filed Critical 支付宝(杭州)信息技术有限公司
Publication of WO2021196807A1 publication Critical patent/WO2021196807A1/en

Links

Images

Classifications

    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06QINFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES, NOT OTHERWISE PROVIDED FOR
    • G06Q20/00Payment architectures, schemes or protocols
    • G06Q20/30Payment architectures, schemes or protocols characterised by the use of specific devices or networks
    • G06Q20/32Payment architectures, schemes or protocols characterised by the use of specific devices or networks using wireless devices
    • G06Q20/327Short range or proximity payments by means of M-devices
    • G06Q20/3276Short range or proximity payments by means of M-devices using a pictured code, e.g. barcode or QR-code, being read by the M-device
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06QINFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES, NOT OTHERWISE PROVIDED FOR
    • G06Q20/00Payment architectures, schemes or protocols
    • G06Q20/38Payment protocols; Details thereof
    • G06Q20/40Authorisation, e.g. identification of payer or payee, verification of customer or shop credentials; Review and approval of payers, e.g. check credit lines or negative lists
    • G06Q20/401Transaction verification

Definitions

  • the present disclosure relates to the field of payment technology, and in particular to a payment order verification method, a payment order verification device, an activation method thereof, and a transaction server.
  • the voice broadcast box will automatically announce the transaction amount.
  • this method takes a long time to broadcast, transactions and broadcasts are performed asynchronously, and the correspondence between a broadcast and a transaction cannot be confirmed, and it cannot be used in high-frequency trading scenarios or time periods.
  • the voice broadcast box needs to be connected to the Internet, and many long-tail payees do not have a network environment and cannot use it.
  • the cost of the voice broadcast box is relatively high.
  • the implementation mode of this specification provides a payment order verification method, a payment order verification device and an activation method thereof, and a transaction server to prevent the phenomenon of order evasion.
  • the method includes: generating a payment order verification code based on the payment order information of the payer after the payment request sent by the payer terminal by scanning the payment code of the designated payee is successfully paid; and providing the payment order verification code On the payment success interface of the payer terminal for the payment order verification device to scan the code for verification.
  • a transaction server which includes a memory and a processor.
  • the memory stores a computer program, and when the processor executes the computer program, the payment order verification method described above is implemented.
  • the method includes: using a payment order verification device to scan the payment order verification code on the payment success interface of the payer’s terminal, the payment order verification code containing the payment order information of the payer to the designated payee; the payment order The verification device performs offline verification on the payment order verification code; and the payment order verification device outputs a verification result.
  • the method includes: the payee terminal scans the device information code on the payment order verification device, and the device information code contains the The device information of the payment order verification device; the payee terminal uploads the device information code to the transaction server, and obtains the payment signed by the activation key of the payment order verification device from the transaction server And the payee terminal encodes the payee certificate signed by the activation key into a certificate graphic code for the payment order verification device to scan the code for activation.
  • the payment order verification device includes an image acquisition unit, a main control unit, a storage unit and an output unit.
  • the image acquisition unit is used to collect the payment order verification code on the payment success interface of the payer’s terminal.
  • the payment order verification code contains the payment order information of the payer to the designated payee and the information of the designated payee. Signature information that the payee key adds to the payment order information.
  • the storage unit stores the payee certificate of the designated payee.
  • the main control unit is used for offline verification of the payment order verification code, and the main control unit includes a graphic code recognition module, a signature verification algorithm module, and a control module.
  • the graphic code recognition module is used to recognize the payment order verification code and obtain the signature information.
  • the signature verification algorithm module is configured to use the payee certificate stored in the storage unit to verify the signature information.
  • the control module is configured to control the output unit to output a signature verification success signal when the signature verification is successful; when the signature verification fails, control the output unit to output a signature verification alarm signal.
  • One or more implementations in this specification can effectively avoid the occurrence of order evasion.
  • One or more implementations of this specification can realize offline verification without manual confirmation, which saves the payee's energy and is not easy to make mistakes.
  • One or more implementations of this specification can achieve fast verification speed, high-frequency trading without waiting, simple operation, and low threshold for use.
  • One or more embodiments of this specification have the advantages of low cost and convenient use.
  • Figure 1 is a production scenario diagram of a payment order verification device according to an embodiment of this specification
  • FIG. 2 is an activation scene diagram of a payment order verification device according to an embodiment of this specification
  • FIG. 3 is a usage scenario diagram of the payment order verification device according to an embodiment of this specification.
  • Fig. 4 is a step of generating a payment order verification code by a transaction server according to an embodiment of this specification
  • FIG. 5 shows the steps of offline verification of a payment order verification device according to an embodiment of this specification
  • FIG. 6 is a schematic structural block diagram of a payment order verification device according to an embodiment of this specification.
  • Fig. 7 is a schematic structural block diagram of a transaction server according to an embodiment of this specification.
  • One embodiment of this specification provides a payment order verification device that can work offline and can be used by many small merchants or mobile vendors without a network environment to prevent order evasion.
  • activation certificate (ie activation public key) refers to the certificate generated by the transaction server for each payment order verification device during production.
  • the activation certificate has a one-to-one relationship with the payment order verification device, and is used to verify the payee certificate protected by the activation key.
  • activation key refers to the private key corresponding to the activation certificate.
  • the activation key is used to sign the payee certificate to ensure that only the payee certificate of the transaction server can be written into the payment order verification device.
  • Payee certificate (ie, payee public key) refers to the certificate generated by the transaction server for each payee account when it is activated.
  • the payee certificate has a one-to-one relationship with the payee account and is used to verify the transaction information protected by the payee's key.
  • Payee's key (ie, payee's private key) refers to the private key corresponding to the payee's certificate.
  • payee key When verifying the transaction, use the payee key to sign transaction information and other data to ensure that only the payment order verification device corresponding to the payee can verify the transaction, and the transaction information cannot be tampered with.
  • Fig. 1 discloses a production scenario diagram of a payment order verification device according to an embodiment of this specification. As shown in Figure 1, during the production process of the payment order verification device, in step 11, the factory production line will generate unique device information, such as a device ID, for each payment order verification device.
  • the factory production line will generate unique device information, such as a device ID, for each payment order verification device.
  • step 12 the factory production line will request the transaction server to issue an activation certificate request corresponding to the payment order verification device based on the unique device information.
  • step 13 the transaction server receives the request and records the device information of the payment order verification device.
  • step 14 the transaction server issues the corresponding activation certificate to the factory production line.
  • step 15 the factory production line writes the activation certificate into the payment order verification device.
  • the factory production line prints the unique device information of the generated payment order verification device into a device information code.
  • the device information code contains the unique device information of the payment order verification device.
  • the device information code may include, but is not limited to, any form of graphic codes such as a two-dimensional code and a barcode. In the illustrations in this specification, it is shown in the form of a two-dimensional code.
  • the device information code is allocated to the payment order verification device.
  • the device information code can be pasted on the housing of the payment order verification device or directly printed in the manual of the payment order verification device.
  • the payment order verification device can be activated by the merchant (referred to as the payee) by scanning the code using the mobile phone application after purchase, or it can specify the merchant account (called the payee account) that you want to associate at the time of purchase. After the system background binding is activated, it will be shipped to the merchant.
  • the merchant referred to as the payee
  • the payee account the merchant account that you want to associate at the time of purchase. After the system background binding is activated, it will be shipped to the merchant.
  • Fig. 2 discloses an activation scene diagram of a payment order verification device according to an embodiment of this specification. After the payee purchases a payment order verification device, the payment order verification device needs to be bound and activated with the payee. As shown in Figure 2, in step 21, the payee terminal (for example, the merchant’s mobile phone) collects the device information code by scanning the device information code on the payment order verification device, and the device information code contains the payment order verification code. Device information of the device.
  • the payee terminal for example, the merchant’s mobile phone
  • step 22 the payee terminal uploads the device information code to the transaction server.
  • step 23 the transaction server generates a payee certificate of the designated payee.
  • step 24 the transaction server stores the device information of the payment order verification device in advance, and the transaction server uses the activation key of the payment order verification device to sign the payee certificate.
  • step 25 the payee terminal obtains the payee certificate signed by the activation key of the payment order verification device from the transaction server.
  • the payee terminal encodes the payee certificate signed by the activation key of the payment order verification device into a certificate graphic code, and displays it on the payee terminal for the payment order verification device to scan the code activation.
  • the graphic code of the certificate may include, but is not limited to, any form of graphic codes such as a two-dimensional code and a barcode.
  • step 27 the payment order verification device is used to scan the certificate graphic code on the designated payee terminal, and the payment order verification device collects the certificate graphic code.
  • the certificate graphic code is encoded by the payee certificate signed by the activation key of the payment order verification device obtained from the transaction server.
  • step 28 the payment order verification device uses a preset activation certificate to verify the payee certificate signed by the activation key, and the activation certificate is associated with the device information of the payment order verification device.
  • step 29 when the signature verification is passed, the payment order verification device saves the payee certificate locally.
  • the payment order verification device After the payment order verification device is bound and activated with the merchant, the payment order verification device can be used as the merchant's device.
  • Figure 3 discloses a usage scenario diagram of the payment order verification device according to an embodiment of this specification. The flow of the payment order verification method in one or more embodiments of this specification will be described in detail below in conjunction with FIG. 3.
  • the payer's terminal (such as a consumer's mobile phone) scans the static payment code of the designated payee to send a payment request for the transaction to the transaction server.
  • step 32 the transaction server receives the payment request, performs payment processing, and successfully completes the payment.
  • the transaction server After successful payment, the transaction server generates a payment order verification code based on the payment order information of the payer.
  • the payment order verification code may include, but is not limited to, any form of graphic codes such as a two-dimensional code and a barcode. In the implementation of this specification, the payment order verification code is displayed in the form of a two-dimensional code.
  • step 34 the transaction server provides the payment order verification code on the payment success interface of the payer terminal for the payment order verification device to scan the code for verification.
  • the generation of the payment order verification code based on the payment order information of the payer in step 33 and the payment success interface provided on the payer terminal in step 34 may include: after the successful payment in step 32 , The transaction server can automatically generate the payment order verification code and directly provide the payment order verification code on the payment success interface of the payer’s terminal.
  • step 35 and step 36 may be further included.
  • step 35 after successful payment, the transaction server provides a verification button on the payment success interface of the payer terminal.
  • step 36 the transaction server receives a message from the payer that the verification button is clicked. After receiving the message that the payer clicks the verification button, the transaction server proceeds to step 33 and step 34 to generate the payment order verification code and provide it on the payment success interface of the payer terminal.
  • Fig. 4 discloses a flow chart of a transaction server generating a payment order verification code according to an embodiment of this specification. The following will describe in detail how the transaction server generates the payment order verification code in conjunction with Figure 4.
  • the generation of the payment order verification code in one embodiment of this specification may include steps 331 to 333.
  • step 331 the transaction server generates the payee key of the designated payee based on the payee code of the designated payee.
  • step 332 the transaction server uses the payee key to sign the payment order information of the payer.
  • step 333 the transaction server encodes the payment order information and the signature information into a payment order verification code, thereby generating a payment order verification code.
  • the payment order verification code contains payment order information and signature information.
  • the payer can deceive the merchant by saving the previous payment order verification code through screenshots and other operations to deceive the merchant.
  • the payment order verification method in one embodiment of this specification may also include : The transaction server saves a counter for each payee; every time a payment order verification code for the designated payee is generated, the transaction server adds 1 to the counter of the designated payee.
  • the payment order verification code contains the counter count.
  • the payment order verification method may further include: every time a payment order verification code of a designated payee is generated, the transaction server records the generation time of the payment order verification code, where the payment order verification code is generated.
  • the order verification code contains the generation time of the payment order verification code.
  • step 37 use the payment order verification device Scan the payment order verification code on the payment success interface of the payer's terminal to collect the payment order verification code, where the payment order verification code contains the payment order information of the payer to the designated payee.
  • step 38 the payment order verification device performs offline verification on the payment order verification code.
  • step 39 the payment order verification device outputs the verification result after the verification is completed.
  • Fig. 5 discloses a flow chart of offline verification of a payment order verification device according to an embodiment of this specification. The following will describe in detail how the payment order verification device performs offline verification in conjunction with FIG. 5.
  • the offline verification in an embodiment of this specification may include step 381 and step 382.
  • the payment order verification code may also include signature information that is signed with the payee key of the designated payee to the payment order information.
  • the payment order verification device recognizes the payment order verification code, and obtains the signature information of the payment order verification code.
  • step 382 the payment order verification device uses the locally stored payee certificate to verify the signature information.
  • the output verification result in step 39 of Figure 3 includes: when the verification is successful, it means that the payment order is normal, and the payment order verification device will output a verification success signal; when the verification fails, it means the payment order If abnormal, the payment order verification device will output a sign verification alarm signal.
  • the payment order information further includes the payment amount
  • the payment order verification device outputting the sign verification success signal includes: when the verification is successful, the payment order verification device can voice broadcast the payment amount.
  • the payment order verification code also includes the count of the counter of the designated payee. As mentioned above, every time the payment order verification code of the designated payee is generated, the payee’s The counter is incremented by 1.
  • the payment order verification method of one embodiment of this specification may also include: the payment order verification device checks the payment order verification code on the payer’s terminal every time the verification is successful. The latest count of the counter of the designated payee on the payment order verification code is stored locally in the payment order verification device.
  • step 38 of Figure 3 verifies the payment order verification code on the payer’s terminal, it is found that the count of the designated payee counter on the payment order verification code on the payer’s terminal is not greater than the payment.
  • the latest count stored locally by the order verification device indicates that the payment order verification code is old and not the latest generated by the transaction server, indicating that the payment order is abnormal.
  • the payment order verification device has failed to verify the signature. The payment order verification device will immediately issue an alarm to avoid losses to the payee.
  • the payment order verification method of an embodiment of this specification may further include: a payment order verification device pair When the payment order verification code on the payer's terminal is successfully verified, the latest generation time on the payment order verification code is stored locally in the payment order verification device.
  • the payment order verification device in step 38 of Figure 3 verifies the payment order verification code on the payer’s terminal, it is found that the generation time of the payment order verification code on the payer’s terminal is not stored locally by the payment order verification device. Within the predetermined time period of the latest generation time, indicating that the payment order verification code is old and not the latest generated by the transaction server, it means that the payment order is abnormal. At this time, the payment order verification device fails to verify the signature. The payment order verification device will immediately issue an alarm to avoid losses to the payee.
  • FIG. 6 discloses a schematic structural block diagram of a payment order verification device 100 according to an embodiment of this specification.
  • the payment order verification device 100 includes an image acquisition unit 110, a main control unit 120, a storage unit 130 and an output unit 140.
  • the image acquisition unit 110 can collect the payment order verification code on the payment success interface of the payer’s terminal, where the payment order verification code contains the payment order information of the payer to the designated payee and the payee secret of the designated payee.
  • the payment order verification code may include any form of graphic codes such as a two-dimensional code and a barcode.
  • the storage unit 130 stores a payee certificate specifying the payee.
  • the main control unit 120 may perform offline verification on the payment order verification code.
  • the main control unit 120 may be a Microcontroller Unit (MCU).
  • the main control unit 120 includes a graphic code recognition module 121, a signature verification algorithm module 122, and a control module 123.
  • the graphic code recognition module 121 can recognize the payment order verification code and obtain signature information.
  • the signature verification algorithm module 122 may use the payee certificate stored in the storage unit 130 to verify the signature information.
  • control module 123 may control the output unit 140 to output a signature verification success signal.
  • control module 123 may control the output unit 140 to output a signature verification alarm signal.
  • the payment order verification code further includes the count of the counter of the designated payee, and each time the payment order verification code of the designated payee is generated, the counter of the designated payee is incremented by one.
  • the control module 123 can also check the payment order verification code on the payer’s terminal every time the signature verification algorithm module 122 successfully verifies the payment order verification code on the payer terminal. The latest count of the counter of the designated payee on the payment order verification code is stored in the storage unit 130.
  • the signature verification algorithm module 122 verifies the payment order verification code on the payer’s terminal, it is found that the count of the designated payee counter on the payment order verification code on the payer’s terminal is not greater than the latest count stored in the storage unit 130 At this time, the signature verification algorithm module 122 determines that the signature verification fails, and the control module 123 controls the output unit 140 to output a signature verification alarm signal.
  • the payment order verification code also includes the generation time of the payment order verification code.
  • the control module 123 may also send the payment order verification code on the payer’s terminal to the payment order verification code on the payer’s terminal by the signature verification algorithm module 122. The latest generation time on the order verification code is stored in the storage unit 130.
  • the signature verification algorithm module 122 verifies the payment order verification code on the payer's terminal and finds that the generation time on the payment order verification code on the payer's terminal is not within the predetermined time period of the latest generation time stored in the storage unit 130 .
  • the signature verification algorithm module 122 determines that the signature verification fails, and the control module 123 controls the output unit 140 to output a signature verification alarm signal.
  • the signature verification success signal and the signature verification alarm signal include at least one of acoustic and optical signals.
  • the payment order information also includes the payment amount
  • the control module 123 controlling the output unit 140 to output a signature verification success signal includes: when the signature verification is successful, the control module 123 may control the output unit 140 to voice the payment amount.
  • the storage unit 130 also stores a preset activation certificate, and the activation certificate is associated with the device information of the payment order verification device 100.
  • the image acquisition unit 110 may also collect the certificate graphic code on the designated payee terminal.
  • the certificate graphic code is obtained from the transaction server 200 using the activation key of the payment order verification device 100
  • the signed payee certificate is encoded.
  • the signature verification algorithm module 122 may also use the activation certificate to verify the payee certificate signed by the activation key, and the control module 123 may also store the payee certificate in the storage unit 130 when the verification is passed.
  • the payment order verification device 100 in one or more embodiments of this specification is a hardware product with a code scanning function, and displays the payment order result in the form of a payment order verification code such as a QR code, and the payment order verification
  • the device 100 checks the result of the transaction by scanning the code, and can notify the payee by sound and light. If an abnormal order is found, it will give an alarm in time to enhance the security of the transaction and avoid the loss of the payee. So that people can not only enjoy the convenience of electronic payment, but also won't suffer losses due to the problem of evading orders.
  • the payment order verification device 100 of one or more embodiments of the present specification can automatically verify the transaction result without manual confirmation, save the payee's energy, and is not easy to make mistakes.
  • the payment order verification device 100 of one or more implementations of this specification guarantees security through a certificate mechanism, which cannot be forged by a third party, cleverly strengthens the transaction security of the ordinary static payment code, and blocks the loopholes of evading orders.
  • the payment order verification device 100 of one or more embodiments of this specification can verify the transaction result in an offline manner, without accessing the network and server, eliminating network-related service costs, and having a faster speed, no waiting for high-frequency transactions, and easy operation. It is simpler and lowers the barrier to use.
  • the payment order verification device 100 of one or more embodiments of this specification is low in cost and convenient to use.
  • FIG. 7 discloses a schematic structural block diagram of a transaction server 200 according to an embodiment of this specification.
  • the transaction server 200 according to an embodiment of this specification includes a memory 210 and a processor 220.
  • the memory 210 stores computer programs.
  • the processor 220 executes the computer program, the payment order verification method on the transaction server side described above can be implemented.
  • One or more implementations described above in this specification can effectively avoid the occurrence of order evasion.
  • One or more implementations described above in this specification can implement offline verification without manual confirmation, save the payee's energy, and are not prone to errors.
  • One or more implementations described above in this specification can achieve fast verification speed, high-frequency trading without waiting, simple operation, and low threshold for use.
  • one or more implementation manners of this specification can be provided as a method, a device, or a computer program product. Therefore, one or more implementation manners of this specification may adopt a form of a complete hardware implementation, a complete software implementation, or a combination of software and hardware implementations. Moreover, one or more implementation manners of this specification may adopt a computer implemented on one or more computer-readable storage media (including but not limited to disk storage, CD-ROM, optical storage, etc.) containing computer usable program codes. The form of the program product.

Landscapes

  • Business, Economics & Management (AREA)
  • Engineering & Computer Science (AREA)
  • Accounting & Taxation (AREA)
  • Strategic Management (AREA)
  • Physics & Mathematics (AREA)
  • General Business, Economics & Management (AREA)
  • General Physics & Mathematics (AREA)
  • Theoretical Computer Science (AREA)
  • Computer Networks & Wireless Communication (AREA)
  • Computer Security & Cryptography (AREA)
  • Finance (AREA)
  • Financial Or Insurance-Related Operations Such As Payment And Settlement (AREA)

Abstract

A payment order verification method, a payment order verification device and an activation method therefor, and a transaction server. The payment order verification method comprises: using a payment order verification device to scan a payment order verification code of a payer terminal on a payment success interface, the payment order verification code comprising payment order information of the payer to a designated payee; the payment order verification device performs offline verification on the payment order verification code; and the payment order verification device outputs a verification result, thereby effectively preventing the phenomenon of order evasion.

Description

支付订单校验方法、支付订单校验设备及其激活方法及交易服务器Payment order verification method, payment order verification device, activation method thereof and transaction server 技术领域Technical field
本公开涉及支付技术领域,尤其涉及支付订单校验方法、支付订单校验设备及其激活方法及交易服务器。The present disclosure relates to the field of payment technology, and in particular to a payment order verification method, a payment order verification device, an activation method thereof, and a transaction server.
背景技术Background technique
目前,收款码贴纸作为社会主流的线下交易方式,每天都有大量的交易产生。但是,这种方式支付结果的查验手段比较单一和原始,付款方支付成功后,出示手机上的支付结果页面给收款方人工查看作为最终凭证。然而,这种人工查看方法需要收款方投入大量的精力,很容易发生错漏,尤其是在高频交易的场景或时段,逃单现象容易发生。同时,一些黑产和恶意逃单的不法分子使用伪造的支付结果页面,使收款方在不知情的情况下蒙受损失,伤害市场的正常交易秩序。因此,这种人工查看方法很难识别和防范恶意逃单伪造的页面。At present, as the mainstream offline transaction method in the society, a large number of transactions are generated every day. However, this method of checking the payment results is relatively simple and original. After the payer has successfully paid, the payment result page on the mobile phone is shown to the payee to manually view it as the final voucher. However, this manual checking method requires the payee to invest a lot of effort, and errors and omissions are prone to occur, especially in high-frequency trading scenarios or time periods, where the phenomenon of order evasion is prone to occur. At the same time, some criminals with illegal products and malicious evasion of orders use fake payment result pages to make the payee suffer losses without knowing it, and harm the normal order of transactions in the market. Therefore, it is difficult for this manual viewing method to identify and prevent maliciously evaded and forged pages.
现在,一些收款方为了防止逃单行为,会购买语音播报盒子,交易成功后,语音播报盒子会自动播报交易金额。然而,这个方法播报时间较长,交易与播报异步进行,无法确认一次播报与交易的对应关系,在高频交易场景或时段无法使用。而且,语音播报盒子需要连接互联网,很多长尾收款方没有网络环境,无法使用。另外,语音播报盒子成本较高。Now, in order to prevent evasion of orders, some payees will purchase a voice broadcast box. After the transaction is successful, the voice broadcast box will automatically announce the transaction amount. However, this method takes a long time to broadcast, transactions and broadcasts are performed asynchronously, and the correspondence between a broadcast and a transaction cannot be confirmed, and it cannot be used in high-frequency trading scenarios or time periods. Moreover, the voice broadcast box needs to be connected to the Internet, and many long-tail payees do not have a network environment and cannot use it. In addition, the cost of the voice broadcast box is relatively high.
发明内容Summary of the invention
本说明书实施方式提供一种支付订单校验方法、支付订单校验设备及其激活方法及交易服务器,以防止逃单现象。The implementation mode of this specification provides a payment order verification method, a payment order verification device and an activation method thereof, and a transaction server to prevent the phenomenon of order evasion.
本说明书实施方式的一个方面提供一种支付订单校验方法。所述方法包括:在对付款方终端通过扫描指定收款方的收款码发送的支付请求成功支付后,基于付款方的支付订单信息生成支付订单核验码;以及将所述支付订单核验码提供于所述付款方终端的支付成功界面上以供支付订单校验设备扫码校验。One aspect of the implementation of this specification provides a payment order verification method. The method includes: generating a payment order verification code based on the payment order information of the payer after the payment request sent by the payer terminal by scanning the payment code of the designated payee is successfully paid; and providing the payment order verification code On the payment success interface of the payer terminal for the payment order verification device to scan the code for verification.
本说明书实施方式的另一方面提供一种交易服务器,其包括存储器及处理器。所述存储器存储计算机程序,当所述处理器执行所述计算机程序时,实现上面所述的支付 订单校验方法。Another aspect of the embodiments of this specification provides a transaction server, which includes a memory and a processor. The memory stores a computer program, and when the processor executes the computer program, the payment order verification method described above is implemented.
本说明书实施方式的另一方面提供一种支付订单校验方法。所述方法包括:使用支付订单校验设备扫描付款方终端的支付成功界面上的支付订单核验码,所述支付订单核验码中包含付款方对指定收款方的支付订单信息;所述支付订单校验设备对所述支付订单核验码进行离线校验;以及所述支付订单校验设备输出校验结果。Another aspect of the embodiments of this specification provides a payment order verification method. The method includes: using a payment order verification device to scan the payment order verification code on the payment success interface of the payer’s terminal, the payment order verification code containing the payment order information of the payer to the designated payee; the payment order The verification device performs offline verification on the payment order verification code; and the payment order verification device outputs a verification result.
本说明书实施方式的另一方面提供一种支付订单校验设备的激活方法,所述方法包括:收款方终端扫描支付订单校验设备上的设备信息码,所述设备信息码中包含所述支付订单校验设备的设备信息;所述收款方终端将所述设备信息码上传给交易服务器,从所述交易服务器获取到使用所述支付订单校验设备的激活密钥加签的收款方证书;以及所述收款方终端将所述激活密钥加签的所述收款方证书编码成证书图形码以供所述支付订单校验设备扫码激活。Another aspect of the implementation of this specification provides a method for activating a payment order verification device. The method includes: the payee terminal scans the device information code on the payment order verification device, and the device information code contains the The device information of the payment order verification device; the payee terminal uploads the device information code to the transaction server, and obtains the payment signed by the activation key of the payment order verification device from the transaction server And the payee terminal encodes the payee certificate signed by the activation key into a certificate graphic code for the payment order verification device to scan the code for activation.
本说明书实施方式的又一方面提供一种支付订单校验设备。所述支付订单校验设备包括图像采集单元、主控单元、存储单元及输出单元。所述图像采集单元用于采集付款方终端的支付成功界面上的支付订单核验码,所述支付订单核验码中包含付款方对指定收款方的支付订单信息和用所述指定收款方的收款方密钥对所述支付订单信息加签的签名信息。所述存储单元中保存有所述指定收款方的收款方证书。主控单元用于对所述支付订单核验码进行离线校验,所述主控单元包括图形码识别模块、签名验签算法模块及控制模块。所述图形码识别模块用于识别所述支付订单核验码,获取所述签名信息。所述签名验签算法模块用于使用所述存储单元保存的所述收款方证书对所述签名信息进行验签。所述控制模块用于当验签成功时,控制所述输出单元输出验签成功信号;当验签失败时,控制所述输出单元输出验签报警信号。Another aspect of the embodiments of this specification provides a payment order verification device. The payment order verification device includes an image acquisition unit, a main control unit, a storage unit and an output unit. The image acquisition unit is used to collect the payment order verification code on the payment success interface of the payer’s terminal. The payment order verification code contains the payment order information of the payer to the designated payee and the information of the designated payee. Signature information that the payee key adds to the payment order information. The storage unit stores the payee certificate of the designated payee. The main control unit is used for offline verification of the payment order verification code, and the main control unit includes a graphic code recognition module, a signature verification algorithm module, and a control module. The graphic code recognition module is used to recognize the payment order verification code and obtain the signature information. The signature verification algorithm module is configured to use the payee certificate stored in the storage unit to verify the signature information. The control module is configured to control the output unit to output a signature verification success signal when the signature verification is successful; when the signature verification fails, control the output unit to output a signature verification alarm signal.
本说明书一个或多个实施方式可以有效避免逃单现象的发生。One or more implementations in this specification can effectively avoid the occurrence of order evasion.
本说明书一个或多个实施方式可以实现离线校验,无需人工确认,节省收款方的精力,且不易出错。One or more implementations of this specification can realize offline verification without manual confirmation, which saves the payee's energy and is not easy to make mistakes.
本说明书一个或多个实施方式可以实现校验速度快,高频交易不等待,操作简单,使用门槛低。One or more implementations of this specification can achieve fast verification speed, high-frequency trading without waiting, simple operation, and low threshold for use.
本说明书一个或多个实施方式具有成本低、使用方便等优点。One or more embodiments of this specification have the advantages of low cost and convenient use.
附图说明Description of the drawings
图1为本说明书一个实施方式的支付订单校验设备的生产场景图;Figure 1 is a production scenario diagram of a payment order verification device according to an embodiment of this specification;
图2为本说明书一个实施方式的支付订单校验设备的激活场景图;FIG. 2 is an activation scene diagram of a payment order verification device according to an embodiment of this specification;
图3为本说明书一个实施方式的支付订单校验设备的使用场景图;FIG. 3 is a usage scenario diagram of the payment order verification device according to an embodiment of this specification;
图4为本说明书一个实施方式的交易服务器生成支付订单核验码的步骤;Fig. 4 is a step of generating a payment order verification code by a transaction server according to an embodiment of this specification;
图5为本说明书一个实施方式的支付订单校验设备离线验签的步骤;FIG. 5 shows the steps of offline verification of a payment order verification device according to an embodiment of this specification;
图6为本说明书一个实施方式的支付订单校验设备的示意性结构框图;FIG. 6 is a schematic structural block diagram of a payment order verification device according to an embodiment of this specification;
图7为本说明书一个实施方式的交易服务器的示意性结构框图。Fig. 7 is a schematic structural block diagram of a transaction server according to an embodiment of this specification.
具体实施方式Detailed ways
这里将对一些举例的实施方式进行说明。下面的描述涉及附图时,除非另有表示,不同附图中的相同数字表示相同或相似的要素。举例的实施方式中所描述的实施方式并不代表与本说明书相一致的所有实施方式。相反,它们仅是与如所附权利要求书中所限定的、本说明书的一些方面相一致的装置的例子。Some example implementations will be described here. When the following description refers to the accompanying drawings, unless otherwise indicated, the same numbers in different drawings represent the same or similar elements. The embodiments described in the exemplified embodiments do not represent all the embodiments consistent with this specification. On the contrary, they are merely examples of devices consistent with some aspects of this specification as defined in the appended claims.
在本说明书实施方式使用的术语是仅仅出于描述特定实施方式的目的,而非旨在限制本说明书。除非另作定义,本说明书实施方式使用的技术术语或者科学术语应当为本说明书所属领域内具有一般技能的人士所理解的通常意义。本说明书以及权利要求书中使用的“第一”、“第二”以及类似的词语并不表示任何顺序、数量或者重要性,而只是用来区分不同的组成部分。同样,“一个”或者“一”等类似词语也不表示数量限制,而是表示存在至少一个。“多个”或者“若干”表示两个及两个以上。除非另行指出,“前部”、“后部”、“下部”和/或“上部”等类似词语只是为了便于说明相对位置关系,而并非限于一个绝对位置或者一种绝对空间定向。“包括”或者“包含”等类似词语意指出现在“包括”或者“包含”前面的元件或者物件涵盖出现在“包括”或者“包含”后面列举的元件或者物件及其等同,并不排除其他元件或者物件。“连接”或者“相连”等类似的词语并非限定于物理的或者机械的连接,而且可以包括电性的连接,不管是直接的还是间接的。在本说明书和所附权利要求书中所使用的单数形式的“一种”、“所述”和“该”也旨在包括多数形式,除非上下文清楚地表示其他含义。还应当理解,本文中使用的术语“和/或”是指并包含一个或多个相关联的列出项目的任何或所有可能 组合。The terms used in the embodiments of this specification are only for the purpose of describing specific embodiments, and are not intended to limit the specification. Unless otherwise defined, the technical terms or scientific terms used in the embodiments of this specification shall have the usual meanings understood by persons with ordinary skills in the field to which this specification belongs. The "first", "second" and similar words used in this specification and claims do not indicate any order, quantity or importance, but are only used to distinguish different components. Similarly, similar words such as "one" or "one" do not mean a quantity limit, but mean that there is at least one. "Multiple" or "several" means two or more. Unless otherwise indicated, similar words such as "front", "rear", "lower" and/or "upper" are only used to facilitate the description of the relative position relationship, and are not limited to an absolute position or an absolute spatial orientation. "Include" or "include" and other similar words mean that the elements or items before "include" or "include" now cover the elements or items listed after "include" or "include" and their equivalents, and do not exclude other elements Or objects. Similar words such as "connected" or "connected" are not limited to physical or mechanical connections, and may include electrical connections, whether direct or indirect. The singular forms of "a", "said" and "the" used in this specification and appended claims are also intended to include plural forms, unless the context clearly indicates other meanings. It should also be understood that the term "and/or" as used herein refers to and includes any or all possible combinations of one or more associated listed items.
本说明书一个实施方式提供了一种支付订单校验设备,该支付订单校验设备可以离线工作,可以供很多没有网络环境的小商家或流动摊贩使用,防止逃单现象。One embodiment of this specification provides a payment order verification device that can work offline and can be used by many small merchants or mobile vendors without a network environment to prevent order evasion.
首先,对本说明书下面所提到的四个术语进行解释。First, explain the four terms mentioned below in this specification.
“激活证书”(即激活公钥)是指交易服务器为每一台支付订单校验设备在生产时生成的证书。该激活证书与支付订单校验设备有一对一关系,用来验证激活密钥保护的收款方证书。"Activation certificate" (ie activation public key) refers to the certificate generated by the transaction server for each payment order verification device during production. The activation certificate has a one-to-one relationship with the payment order verification device, and is used to verify the payee certificate protected by the activation key.
“激活密钥”(即激活私钥)是指激活证书对应的私钥。支付订单校验设备激活时,使用该激活密钥加签收款方证书,确保只有交易服务器的收款方证书可以写入支付订单校验设备。"Activation key" (ie, activation private key) refers to the private key corresponding to the activation certificate. When the payment order verification device is activated, the activation key is used to sign the payee certificate to ensure that only the payee certificate of the transaction server can be written into the payment order verification device.
“收款方证书”(即收款方公钥)是指激活时,交易服务器为每一个收款方账户生成的证书。该收款方证书与收款方账户有一对一关系,用来验证收款方密钥保护的交易信息。"Payee certificate" (ie, payee public key) refers to the certificate generated by the transaction server for each payee account when it is activated. The payee certificate has a one-to-one relationship with the payee account and is used to verify the transaction information protected by the payee's key.
“收款方密钥”(即收款方私钥)是指收款方证书对应的私钥。交易验证时,使用该收款方密钥加签交易信息等数据,确保只有对应收款方的支付订单校验设备可以验证此次交易,且交易信息无法被篡改。"Payee's key" (ie, payee's private key) refers to the private key corresponding to the payee's certificate. When verifying the transaction, use the payee key to sign transaction information and other data to ensure that only the payment order verification device corresponding to the payee can verify the transaction, and the transaction information cannot be tampered with.
图1揭示了本说明书一个实施方式的支付订单校验设备的生产场景图。如图1所示,在支付订单校验设备的生产过程中,在步骤11中,工厂生产线会为每一台支付订单校验设备生成唯一的设备信息,例如设备ID等。Fig. 1 discloses a production scenario diagram of a payment order verification device according to an embodiment of this specification. As shown in Figure 1, during the production process of the payment order verification device, in step 11, the factory production line will generate unique device information, such as a device ID, for each payment order verification device.
在步骤12中,工厂生产线会根据该唯一的设备信息请求交易服务器下发支付订单校验设备对应的激活证书请求。In step 12, the factory production line will request the transaction server to issue an activation certificate request corresponding to the payment order verification device based on the unique device information.
在步骤13中,交易服务器接收到该请求,会记录支付订单校验设备的设备信息。In step 13, the transaction server receives the request and records the device information of the payment order verification device.
在步骤14中,交易服务器下发对应的激活证书到工厂生产线。In step 14, the transaction server issues the corresponding activation certificate to the factory production line.
在步骤15中,工厂生产线将该激活证书写入到该支付订单校验设备中。In step 15, the factory production line writes the activation certificate into the payment order verification device.
在步骤16中,工厂生产线将生成的支付订单校验设备唯一的设备信息打印成设备信息码。该设备信息码中包含支付订单校验设备唯一的设备信息。设备信息码可以包括但不限于二维码、条形码等图形码中的任何一种形式,在本说明书的图示中,以二维码的形式被示出。In step 16, the factory production line prints the unique device information of the generated payment order verification device into a device information code. The device information code contains the unique device information of the payment order verification device. The device information code may include, but is not limited to, any form of graphic codes such as a two-dimensional code and a barcode. In the illustrations in this specification, it is shown in the form of a two-dimensional code.
在步骤17中,将设备信息码配备到该支付订单校验设备中。例如,可以将设备信息码粘贴到支付订单校验设备的壳体上或者直接打印在支付订单校验设备的说明书中。In step 17, the device information code is allocated to the payment order verification device. For example, the device information code can be pasted on the housing of the payment order verification device or directly printed in the manual of the payment order verification device.
支付订单校验设备可以由商户(称之为收款方)购买后自行使用手机应用扫码进行绑定激活,也可以在购买时指定希望关联的商户账户(称之为收款方账户),系统后台绑定激活后发货给商户。The payment order verification device can be activated by the merchant (referred to as the payee) by scanning the code using the mobile phone application after purchase, or it can specify the merchant account (called the payee account) that you want to associate at the time of purchase. After the system background binding is activated, it will be shipped to the merchant.
图2揭示了本说明书一个实施方式的支付订单校验设备的激活场景图。在收款方购买了一台支付订单校验设备后,需要将该支付订单校验设备与收款方进行绑定激活。如图2所示,在步骤21中,收款方终端(例如,商户手机)通过扫描支付订单校验设备上的设备信息码来采集设备信息码,该设备信息码中包含该支付订单校验设备的设备信息。Fig. 2 discloses an activation scene diagram of a payment order verification device according to an embodiment of this specification. After the payee purchases a payment order verification device, the payment order verification device needs to be bound and activated with the payee. As shown in Figure 2, in step 21, the payee terminal (for example, the merchant’s mobile phone) collects the device information code by scanning the device information code on the payment order verification device, and the device information code contains the payment order verification code. Device information of the device.
在步骤22中,收款方终端将设备信息码上传给交易服务器。In step 22, the payee terminal uploads the device information code to the transaction server.
在步骤23中,交易服务器生成该指定收款方的收款方证书。In step 23, the transaction server generates a payee certificate of the designated payee.
在步骤24中,交易服务器中事先保存有该支付订单校验设备的设备信息,交易服务器使用该支付订单校验设备的激活密钥加签该收款方证书。In step 24, the transaction server stores the device information of the payment order verification device in advance, and the transaction server uses the activation key of the payment order verification device to sign the payee certificate.
在步骤25中,收款方终端从交易服务器获取到使用该支付订单校验设备的激活密钥加签的收款方证书。In step 25, the payee terminal obtains the payee certificate signed by the activation key of the payment order verification device from the transaction server.
在步骤26中,收款方终端将该支付订单校验设备的激活密钥加签的收款方证书编码成证书图形码,并展现在收款方终端上以供支付订单校验设备扫码激活。证书图形码可以包括但不限于二维码、条形码等图形码中的任何一种形式。In step 26, the payee terminal encodes the payee certificate signed by the activation key of the payment order verification device into a certificate graphic code, and displays it on the payee terminal for the payment order verification device to scan the code activation. The graphic code of the certificate may include, but is not limited to, any form of graphic codes such as a two-dimensional code and a barcode.
在步骤27中,使用支付订单校验设备扫描该指定收款方终端上的证书图形码,支付订单校验设备采集到该证书图形码。该证书图形码由从交易服务器获取到的使用支付订单校验设备的激活密钥加签的收款方证书编码而成。In step 27, the payment order verification device is used to scan the certificate graphic code on the designated payee terminal, and the payment order verification device collects the certificate graphic code. The certificate graphic code is encoded by the payee certificate signed by the activation key of the payment order verification device obtained from the transaction server.
在步骤28中,支付订单校验设备使用预置的激活证书对该激活密钥加签的收款方证书进行验签,该激活证书与支付订单校验设备的设备信息相关联。In step 28, the payment order verification device uses a preset activation certificate to verify the payee certificate signed by the activation key, and the activation certificate is associated with the device information of the payment order verification device.
在步骤29中,在验签通过时,支付订单校验设备将该收款方证书保存在本地。In step 29, when the signature verification is passed, the payment order verification device saves the payee certificate locally.
在支付订单校验设备与商家绑定激活后,支付订单校验设备可以作为该商家的设备进行使用。After the payment order verification device is bound and activated with the merchant, the payment order verification device can be used as the merchant's device.
本说明书一个或多个实施方式还提供了一种支付订单校验方法。图3揭示了本说 明书一个实施方式的支付订单校验设备的使用场景图。以下将结合图3来详细介绍本说明书一个或多个实施方式的支付订单校验方法的流程。One or more embodiments of this specification also provide a payment order verification method. Figure 3 discloses a usage scenario diagram of the payment order verification device according to an embodiment of this specification. The flow of the payment order verification method in one or more embodiments of this specification will be described in detail below in conjunction with FIG. 3.
如图3所示,在步骤31中,付款方终端(例如消费者手机)通过扫描指定收款方的静态收款码,向交易服务器发送该笔交易的支付请求。As shown in Figure 3, in step 31, the payer's terminal (such as a consumer's mobile phone) scans the static payment code of the designated payee to send a payment request for the transaction to the transaction server.
在步骤32中,交易服务器接收到该支付请求,进行支付处理,成功完成支付。In step 32, the transaction server receives the payment request, performs payment processing, and successfully completes the payment.
在步骤33中,在成功支付后,交易服务器基于该付款方的支付订单信息生成支付订单核验码。该支付订单核验码可以包括但不限于二维码、条形码等图形码中的任何一种形式,在本说明书的实施方式中,支付订单核验码以二维码的形式被展现。In step 33, after successful payment, the transaction server generates a payment order verification code based on the payment order information of the payer. The payment order verification code may include, but is not limited to, any form of graphic codes such as a two-dimensional code and a barcode. In the implementation of this specification, the payment order verification code is displayed in the form of a two-dimensional code.
在步骤34中,交易服务器将支付订单核验码提供于付款方终端的支付成功界面上以供支付订单校验设备扫码校验。In step 34, the transaction server provides the payment order verification code on the payment success interface of the payer terminal for the payment order verification device to scan the code for verification.
在本说明书的一个实施方式中,步骤33中的基于付款方的支付订单信息生成支付订单核验码和步骤34中的提供于付款方终端的支付成功界面上可以包括:在步骤32的成功支付后,交易服务器可以自动生成支付订单核验码并直接将支付订单核验码提供于付款方终端的支付成功界面上。In one embodiment of this specification, the generation of the payment order verification code based on the payment order information of the payer in step 33 and the payment success interface provided on the payer terminal in step 34 may include: after the successful payment in step 32 , The transaction server can automatically generate the payment order verification code and directly provide the payment order verification code on the payment success interface of the payer’s terminal.
在本说明书的其他实施方式中,在步骤33和步骤34之前,还可以包括步骤35和步骤36。在步骤35中,在成功支付后,交易服务器在付款方终端的支付成功界面上提供核验按钮。在步骤36中,交易服务器接收来自付款方点击核验按钮的消息。在接收到付款方点击核验按钮的消息后,交易服务器才进行步骤33和步骤34,生成支付订单核验码并提供于付款方终端的支付成功界面上。In other embodiments of this specification, before step 33 and step 34, step 35 and step 36 may be further included. In step 35, after successful payment, the transaction server provides a verification button on the payment success interface of the payer terminal. In step 36, the transaction server receives a message from the payer that the verification button is clicked. After receiving the message that the payer clicks the verification button, the transaction server proceeds to step 33 and step 34 to generate the payment order verification code and provide it on the payment success interface of the payer terminal.
图4揭示了本说明书一个实施方式的交易服务器生成支付订单核验码的流程图。以下将结合图4来详细说明交易服务器是如何生成支付订单核验码的。本说明书一个实施方式的生成支付订单核验码可以包括步骤331至步骤333。Fig. 4 discloses a flow chart of a transaction server generating a payment order verification code according to an embodiment of this specification. The following will describe in detail how the transaction server generates the payment order verification code in conjunction with Figure 4. The generation of the payment order verification code in one embodiment of this specification may include steps 331 to 333.
如图4所示,在步骤331中,交易服务器基于指定收款方的收款码生成指定收款方的收款方密钥。As shown in FIG. 4, in step 331, the transaction server generates the payee key of the designated payee based on the payee code of the designated payee.
在步骤332中,交易服务器使用收款方密钥对付款方的支付订单信息进行加签。In step 332, the transaction server uses the payee key to sign the payment order information of the payer.
在步骤333中,交易服务器将支付订单信息和签名信息编码成支付订单核验码,从而生成支付订单核验码。支付订单核验码中包含支付订单信息和签名信息。In step 333, the transaction server encodes the payment order information and the signature information into a payment order verification code, thereby generating a payment order verification code. The payment order verification code contains payment order information and signature information.
为了防止重放攻击,例如,付款方通过将之前的支付订单核验码通过截屏等操作 保存下来再次使用以欺骗商家,在交易服务器一侧,本说明书一个实施方式的支付订单校验方法还可以包括:交易服务器为每个收款方保存一个计数器;在每生成一次指定收款方的支付订单核验码时,交易服务器将指定收款方的计数器加1,其中,支付订单核验码中包含计数器的计数。In order to prevent replay attacks, for example, the payer can deceive the merchant by saving the previous payment order verification code through screenshots and other operations to deceive the merchant. On the transaction server side, the payment order verification method in one embodiment of this specification may also include : The transaction server saves a counter for each payee; every time a payment order verification code for the designated payee is generated, the transaction server adds 1 to the counter of the designated payee. The payment order verification code contains the counter count.
在其他实施方式中,在交易服务器一侧,支付订单校验方法还可以包括:在每生成一次指定收款方的支付订单核验码时,交易服务器记录支付订单核验码的生成时间,其中,支付订单核验码中包含支付订单核验码的生成时间。In other embodiments, on the transaction server side, the payment order verification method may further include: every time a payment order verification code of a designated payee is generated, the transaction server records the generation time of the payment order verification code, where the payment order verification code is generated. The order verification code contains the generation time of the payment order verification code.
继续参照图3所示,在支付订单核验码展示在付款方终端的支付成功界面上时,在支付订单校验设备一侧,如步骤37所示,在步骤37中,使用支付订单校验设备扫描付款方终端的支付成功界面上的该支付订单核验码,采集支付订单核验码,其中,该支付订单核验码中包含付款方对指定收款方的支付订单信息。Continuing to refer to Figure 3, when the payment order verification code is displayed on the payment success interface of the payer’s terminal, on the side of the payment order verification device, as shown in step 37, in step 37, use the payment order verification device Scan the payment order verification code on the payment success interface of the payer's terminal to collect the payment order verification code, where the payment order verification code contains the payment order information of the payer to the designated payee.
在步骤38中,支付订单校验设备对支付订单核验码进行离线校验。In step 38, the payment order verification device performs offline verification on the payment order verification code.
在步骤39中,支付订单校验设备校验完成后输出校验结果。In step 39, the payment order verification device outputs the verification result after the verification is completed.
图5揭示了本说明书一个实施方式的支付订单校验设备离线校验的流程图。以下将结合图5来详细说明支付订单校验设备是如何进行离线校验的。本说明书一个实施方式的离线校验可以包括步骤381和步骤382。Fig. 5 discloses a flow chart of offline verification of a payment order verification device according to an embodiment of this specification. The following will describe in detail how the payment order verification device performs offline verification in conjunction with FIG. 5. The offline verification in an embodiment of this specification may include step 381 and step 382.
在一个实施方式中,支付订单核验码中还可以包含用指定收款方的收款方密钥对支付订单信息加签的签名信息。在这种情况下,如图5的步骤381所示,在步骤381中,支付订单校验设备识别支付订单核验码,获取支付订单核验码的签名信息。In one embodiment, the payment order verification code may also include signature information that is signed with the payee key of the designated payee to the payment order information. In this case, as shown in step 381 of FIG. 5, in step 381, the payment order verification device recognizes the payment order verification code, and obtains the signature information of the payment order verification code.
在步骤382中,支付订单校验设备使用本地保存的收款方证书对签名信息进行验签。In step 382, the payment order verification device uses the locally stored payee certificate to verify the signature information.
图3的步骤39中的输出校验结果包括:当验签成功时,说明该笔支付订单正常,支付订单校验设备将会输出验签成功信号;当验签失败时,说明该笔支付订单异常,支付订单校验设备将会输出验签报警信号。The output verification result in step 39 of Figure 3 includes: when the verification is successful, it means that the payment order is normal, and the payment order verification device will output a verification success signal; when the verification fails, it means the payment order If abnormal, the payment order verification device will output a sign verification alarm signal.
在一些实施方式中,支付订单信息中还包含支付金额,支付订单校验设备输出验签成功信号包括:在验签成功时,支付订单校验设备可以语音播报该支付金额。In some implementation manners, the payment order information further includes the payment amount, and the payment order verification device outputting the sign verification success signal includes: when the verification is successful, the payment order verification device can voice broadcast the payment amount.
为了防止重放攻击,在支付订单核验码中还包含指定收款方的计数器的计数的实施方式中,如上所述,每生成一次指定收款方的支付订单核验码时,指定收款方的计数 器加1,在支付订单校验设备一侧,本说明书一个实施方式的支付订单校验方法还可以包括:支付订单校验设备对付款方终端上的支付订单核验码每验签成功时,将支付订单核验码上的指定收款方的计数器的最新计数保存在支付订单校验设备本地。In order to prevent replay attacks, the payment order verification code also includes the count of the counter of the designated payee. As mentioned above, every time the payment order verification code of the designated payee is generated, the payee’s The counter is incremented by 1. On the side of the payment order verification device, the payment order verification method of one embodiment of this specification may also include: the payment order verification device checks the payment order verification code on the payer’s terminal every time the verification is successful. The latest count of the counter of the designated payee on the payment order verification code is stored locally in the payment order verification device.
当在图3的步骤38中的支付订单校验设备对付款方终端上的支付订单核验码验签时发现付款方终端上的支付订单核验码上的指定收款方的计数器的计数不大于支付订单校验设备本地保存的最新计数,说明该支付订单核验码是旧的,而并非交易服务器最新生成的,表示该笔支付订单异常,此时,支付订单校验设备验签失败。支付订单校验设备将会立即发出报警,从而避免收款方蒙受损失。When the payment order verification device in step 38 of Figure 3 verifies the payment order verification code on the payer’s terminal, it is found that the count of the designated payee counter on the payment order verification code on the payer’s terminal is not greater than the payment. The latest count stored locally by the order verification device indicates that the payment order verification code is old and not the latest generated by the transaction server, indicating that the payment order is abnormal. At this time, the payment order verification device has failed to verify the signature. The payment order verification device will immediately issue an alarm to avoid losses to the payee.
在支付订单核验码中还包含支付订单核验码的生成时间的实施方式中,在支付订单校验设备一侧,本说明书一个实施方式的支付订单校验方法还可以包括:支付订单校验设备对付款方终端上的支付订单核验码每验签成功时,将支付订单核验码上的最新生成时间保存在支付订单校验设备本地。In the embodiment in which the payment order verification code also includes the generation time of the payment order verification code, on the side of the payment order verification device, the payment order verification method of an embodiment of this specification may further include: a payment order verification device pair When the payment order verification code on the payer's terminal is successfully verified, the latest generation time on the payment order verification code is stored locally in the payment order verification device.
当在图3的步骤38中的支付订单校验设备对付款方终端上的支付订单核验码验签时发现付款方终端上的支付订单核验码上的生成时间不在支付订单校验设备本地保存的最新生成时间的预定时间段内,说明该支付订单核验码是旧的,而并非交易服务器最新生成的,表示该笔支付订单异常,此时,支付订单校验设备验签失败。支付订单校验设备将会立即发出报警,从而避免收款方蒙受损失。When the payment order verification device in step 38 of Figure 3 verifies the payment order verification code on the payer’s terminal, it is found that the generation time of the payment order verification code on the payer’s terminal is not stored locally by the payment order verification device. Within the predetermined time period of the latest generation time, indicating that the payment order verification code is old and not the latest generated by the transaction server, it means that the payment order is abnormal. At this time, the payment order verification device fails to verify the signature. The payment order verification device will immediately issue an alarm to avoid losses to the payee.
图6揭示了本说明书一个实施方式的支付订单校验设备100的示意性结构框图。如图6所示,本说明书一个实施方式的支付订单校验设备100包括图像采集单元110、主控单元120、存储单元130和输出单元140。图像采集单元110可以采集付款方终端的支付成功界面上的支付订单核验码,其中,支付订单核验码中包含付款方对指定收款方的支付订单信息和用指定收款方的收款方密钥对支付订单信息加签的签名信息。支付订单核验码可以包括二维码、条形码等图形码中的任何一种形式。FIG. 6 discloses a schematic structural block diagram of a payment order verification device 100 according to an embodiment of this specification. As shown in FIG. 6, the payment order verification device 100 according to an embodiment of this specification includes an image acquisition unit 110, a main control unit 120, a storage unit 130 and an output unit 140. The image acquisition unit 110 can collect the payment order verification code on the payment success interface of the payer’s terminal, where the payment order verification code contains the payment order information of the payer to the designated payee and the payee secret of the designated payee. The signature information that the key adds to the payment order information. The payment order verification code may include any form of graphic codes such as a two-dimensional code and a barcode.
存储单元130中保存有指定收款方的收款方证书。The storage unit 130 stores a payee certificate specifying the payee.
主控单元120可以对支付订单核验码进行离线校验。主控单元120可以为微控制单元(Microcontroller Unit,MCU)。主控单元120包括图形码识别模块121、签名验签算法模块122及控制模块123。图形码识别模块121可以识别支付订单核验码,获取签名信息。签名验签算法模块122可以使用存储单元130保存的收款方证书对签名信息进行验签。The main control unit 120 may perform offline verification on the payment order verification code. The main control unit 120 may be a Microcontroller Unit (MCU). The main control unit 120 includes a graphic code recognition module 121, a signature verification algorithm module 122, and a control module 123. The graphic code recognition module 121 can recognize the payment order verification code and obtain signature information. The signature verification algorithm module 122 may use the payee certificate stored in the storage unit 130 to verify the signature information.
当验签成功时,控制模块123可以控制输出单元140输出验签成功信号。当验签失败时,控制模块123可以控制输出单元140输出验签报警信号。When the signature verification is successful, the control module 123 may control the output unit 140 to output a signature verification success signal. When the signature verification fails, the control module 123 may control the output unit 140 to output a signature verification alarm signal.
在一些实施方式中,支付订单核验码中还包含述指定收款方的计数器的计数,每生成一次指定收款方的支付订单核验码时,指定收款方的计数器加1。在支付订单核验码中还包含述指定收款方的计数器的计数的实施方式中,在签名验签算法模块122对付款方终端上的支付订单核验码每验签成功时,控制模块123还可以将支付订单核验码上的指定收款方的计数器的最新计数保存到存储单元130中。In some embodiments, the payment order verification code further includes the count of the counter of the designated payee, and each time the payment order verification code of the designated payee is generated, the counter of the designated payee is incremented by one. In the embodiment in which the payment order verification code also includes the count of the counter of the designated payee, the control module 123 can also check the payment order verification code on the payer’s terminal every time the signature verification algorithm module 122 successfully verifies the payment order verification code on the payer terminal. The latest count of the counter of the designated payee on the payment order verification code is stored in the storage unit 130.
当签名验签算法模块122对付款方终端上的支付订单核验码验签时发现付款方终端上的支付订单核验码上的指定收款方的计数器的计数不大于存储单元130中保存的最新计数时,则签名验签算法模块122确定验签失败,控制模块123控制输出单元140输出验签报警信号。When the signature verification algorithm module 122 verifies the payment order verification code on the payer’s terminal, it is found that the count of the designated payee counter on the payment order verification code on the payer’s terminal is not greater than the latest count stored in the storage unit 130 At this time, the signature verification algorithm module 122 determines that the signature verification fails, and the control module 123 controls the output unit 140 to output a signature verification alarm signal.
在另一些实施方式中,支付订单核验码中还包含支付订单核验码的生成时间。在支付订单核验码中还包含支付订单核验码的生成时间的实施方式中,在签名验签算法模块122对付款方终端上的支付订单核验码每验签成功时,控制模块123还可以将支付订单核验码上的最新生成时间保存到存储单元130中。In other embodiments, the payment order verification code also includes the generation time of the payment order verification code. In the implementation in which the payment order verification code also includes the generation time of the payment order verification code, the control module 123 may also send the payment order verification code on the payer’s terminal to the payment order verification code on the payer’s terminal by the signature verification algorithm module 122. The latest generation time on the order verification code is stored in the storage unit 130.
当签名验签算法模块122对付款方终端上的支付订单核验码验签时发现付款方终端上的支付订单核验码上的生成时间不在存储单元130中保存的最新生成时间的预定时间段内时,则签名验签算法模块122确定验签失败,控制模块123控制输出单元140输出验签报警信号。When the signature verification algorithm module 122 verifies the payment order verification code on the payer's terminal and finds that the generation time on the payment order verification code on the payer's terminal is not within the predetermined time period of the latest generation time stored in the storage unit 130 , The signature verification algorithm module 122 determines that the signature verification fails, and the control module 123 controls the output unit 140 to output a signature verification alarm signal.
在一些实施方式中,验签成功信号和验签报警信号包括声和光信号中的至少一种。In some embodiments, the signature verification success signal and the signature verification alarm signal include at least one of acoustic and optical signals.
在一些实施方式中,支付订单信息中还包含支付金额,控制模块123控制输出单元140输出验签成功信号包括:当验签成功时,控制模块123可以控制输出单元140语音播报该支付金额。In some implementations, the payment order information also includes the payment amount, and the control module 123 controlling the output unit 140 to output a signature verification success signal includes: when the signature verification is successful, the control module 123 may control the output unit 140 to voice the payment amount.
存储单元130中还保存有预置的激活证书,激活证书与支付订单校验设备100的设备信息相关联。在支付订单校验设备100激活时,图像采集单元110还可以采集指定收款方终端上的证书图形码,证书图形码由从交易服务器200获取到的使用支付订单校验设备100的激活密钥加签的收款方证书编码而成。签名验签算法模块122还可以使用激活证书对激活密钥加签的收款方证书验签,控制模块123还可以在验签通过时,将收款方证书保存在存储单元130中。The storage unit 130 also stores a preset activation certificate, and the activation certificate is associated with the device information of the payment order verification device 100. When the payment order verification device 100 is activated, the image acquisition unit 110 may also collect the certificate graphic code on the designated payee terminal. The certificate graphic code is obtained from the transaction server 200 using the activation key of the payment order verification device 100 The signed payee certificate is encoded. The signature verification algorithm module 122 may also use the activation certificate to verify the payee certificate signed by the activation key, and the control module 123 may also store the payee certificate in the storage unit 130 when the verification is passed.
本说明书一个或多个实施方式的支付订单校验设备100为一种带有扫码功能的硬件产品,将支付订单结果以例如二维码的支付订单核验码的形式进行展示,支付订单校验设备100通过扫码检查交易的结果,并可以通过声音、灯光的方式通知到收款方,如发现异常订单,及时报警,增强交易的安全性,避免收款方的损失。使人们既能享受到电子支付的便利,又不会因为逃单问题而蒙受损失。The payment order verification device 100 in one or more embodiments of this specification is a hardware product with a code scanning function, and displays the payment order result in the form of a payment order verification code such as a QR code, and the payment order verification The device 100 checks the result of the transaction by scanning the code, and can notify the payee by sound and light. If an abnormal order is found, it will give an alarm in time to enhance the security of the transaction and avoid the loss of the payee. So that people can not only enjoy the convenience of electronic payment, but also won't suffer losses due to the problem of evading orders.
本说明书一个或多个实施方式的支付订单校验设备100能够自动验证交易结果,不需人工确认,节约收款方精力,并且不易出错。The payment order verification device 100 of one or more embodiments of the present specification can automatically verify the transaction result without manual confirmation, save the payee's energy, and is not easy to make mistakes.
本说明书一个或多个实施方式的支付订单校验设备100通过证书机制保证安全性,第三方无法伪造,巧妙地加强了普通静态收款码的交易安全性,封堵住逃单漏洞。The payment order verification device 100 of one or more implementations of this specification guarantees security through a certificate mechanism, which cannot be forged by a third party, cleverly strengthens the transaction security of the ordinary static payment code, and blocks the loopholes of evading orders.
本说明书一个或多个实施方式的支付订单校验设备100可以离线方式验证交易结果,不需要访问网络和服务器,免去了网络相关的服务成本,速度更快,高频交易不等待,操作也更加简单,降低使用门槛。The payment order verification device 100 of one or more embodiments of this specification can verify the transaction result in an offline manner, without accessing the network and server, eliminating network-related service costs, and having a faster speed, no waiting for high-frequency transactions, and easy operation. It is simpler and lowers the barrier to use.
本说明书一个或多个实施方式的支付订单校验设备100成本低、使用方便。The payment order verification device 100 of one or more embodiments of this specification is low in cost and convenient to use.
图7揭示了本说明书一个实施方式的交易服务器200的示意性结构框图。如图7所示,本说明书一个实施方式的交易服务器200包括存储器210及处理器220。存储器210存储计算机程序。当处理器220执行计算机程序时,可以实现上面所述的交易服务器一侧的支付订单校验方法。FIG. 7 discloses a schematic structural block diagram of a transaction server 200 according to an embodiment of this specification. As shown in FIG. 7, the transaction server 200 according to an embodiment of this specification includes a memory 210 and a processor 220. The memory 210 stores computer programs. When the processor 220 executes the computer program, the payment order verification method on the transaction server side described above can be implemented.
本说明书上面所述的一个或多个实施方式可以有效避免逃单现象的发生。One or more implementations described above in this specification can effectively avoid the occurrence of order evasion.
本说明书上面所述的一个或多个实施方式可以实现离线校验,无需人工确认,节省收款方的精力,且不易出错。One or more implementations described above in this specification can implement offline verification without manual confirmation, save the payee's energy, and are not prone to errors.
本说明书上面所述的一个或多个实施方式可以实现校验速度快,高频交易不等待,操作简单,使用门槛低。One or more implementations described above in this specification can achieve fast verification speed, high-frequency trading without waiting, simple operation, and low threshold for use.
本领域技术人员应明白,本说明书一个或多个实施方式可提供为方法、设备或计算机程序产品。因此,本说明书一个或多个实施方式可采用完全硬件实施方式、完全软件实施方式或结合软件和硬件方面的实施方式的形式。而且,本说明书一个或多个实施方式可采用在一个或多个其中包含有计算机可用程序代码的计算机可读存储介质(包括但不限于磁盘存储器、CD-ROM、光学存储器等)上实施的计算机程序产品的形式。Those skilled in the art should understand that one or more implementation manners of this specification can be provided as a method, a device, or a computer program product. Therefore, one or more implementation manners of this specification may adopt a form of a complete hardware implementation, a complete software implementation, or a combination of software and hardware implementations. Moreover, one or more implementation manners of this specification may adopt a computer implemented on one or more computer-readable storage media (including but not limited to disk storage, CD-ROM, optical storage, etc.) containing computer usable program codes. The form of the program product.
上述对本说明书特定实施方式进行了描述。其他实施方式在所附权利要求书的范 围内。在一些情况下,在权利要求书中记载的动作或步骤可以按照不同于实施方式中的顺序来执行并且仍然可以实现期望的结果。另外,在附图中描绘的过程不一定要求示出的特定顺序或连续顺序才能实现期望的结果。在某些实施方式中,多任务处理和并行处理也是可以的或者可能是有利的。The foregoing describes specific implementations of this specification. Other implementations are within the scope of the appended claims. In some cases, the actions or steps described in the claims can be performed in a different order from the implementation and still achieve desired results. In addition, the processes depicted in the drawings do not necessarily require the specific order or sequential order shown in order to achieve the desired results. In some embodiments, multitasking and parallel processing are also possible or may be advantageous.
以上实施方式的说明只是用于帮助理解本说明书的核心思想。应当指出,对于本技术领域的普通技术人员来说,在不脱离本说明书的精神和原理的前提下,还可以对本说明书进行若干改进和修饰,这些改进和修饰也均应落入本说明书所提出的权利要求书的保护范围内。The description of the above embodiments is only used to help understand the core idea of this specification. It should be pointed out that for those of ordinary skill in the art, without departing from the spirit and principle of this specification, several improvements and modifications can be made to this specification, and these improvements and modifications should also fall into what this specification proposes. Within the scope of protection of the claims.

Claims (26)

  1. 一种支付订单校验方法,所述方法包括:A payment order verification method, the method includes:
    在对付款方终端通过扫描指定收款方的收款码发送的支付请求成功支付后,基于付款方的支付订单信息生成支付订单核验码;以及After the payment request sent by the payer terminal by scanning the payment code of the designated payee is successfully paid, the payment order verification code is generated based on the payment order information of the payer; and
    将所述支付订单核验码提供于所述付款方终端的支付成功界面上以供支付订单校验设备扫码校验。The payment order verification code is provided on the payment success interface of the payer terminal for the payment order verification device to scan the code for verification.
  2. 根据权利要求1所述的方法,所述基于付款方的支付订单信息生成支付订单核验码包括:The method according to claim 1, wherein said generating the payment order verification code based on the payment order information of the payer comprises:
    基于所述指定收款方的所述收款码生成所述指定收款方的收款方密钥;Generating the payee key of the specified payee based on the payee code of the specified payee;
    使用所述收款方密钥对所述支付订单信息进行加签;以及Use the payee key to sign the payment order information; and
    将所述支付订单信息和签名信息编码成支付订单核验码。The payment order information and the signature information are encoded into a payment order verification code.
  3. 根据权利要求1所述的方法,所述基于付款方的支付订单信息生成支付订单核验码并提供于所述付款方终端的支付成功界面上包括:自动生成所述支付订单核验码并直接将所述支付订单核验码提供于所述付款方终端的支付成功界面上。The method according to claim 1, wherein the generating a payment order verification code based on the payment order information of the payer and providing it on the payment success interface of the payer terminal comprises: automatically generating the payment order verification code and directly uploading the verification code to the payment order. The payment order verification code is provided on the payment success interface of the payer terminal.
  4. 根据权利要求1所述的方法,所述基于付款方的支付订单信息生成支付订单核验码并提供于所述付款方终端的支付成功界面上包括:The method according to claim 1, wherein the generating a payment order verification code based on the payment order information of the payer and providing it on the payment success interface of the payer terminal comprises:
    在所述付款方终端的支付成功界面上提供核验按钮;及Provide a verification button on the payment success interface of the payer terminal; and
    在接收到付款方点击所述核验按钮的消息后生成所述支付订单核验码并提供于所述付款方终端的支付成功界面上。After receiving the message that the payer clicks the verification button, the payment order verification code is generated and provided on the payment success interface of the payer terminal.
  5. 根据权利要求1所述的方法,所述方法还包括:The method according to claim 1, further comprising:
    为每个收款方保存一个计数器;Keep a counter for each payee;
    在每生成一次所述指定收款方的支付订单核验码时,将所述指定收款方的计数器加1,所述支付订单核验码中包含所述计数器的计数。Each time the payment order verification code of the designated payee is generated, the counter of the designated payee is incremented by 1, and the payment order verification code includes the count of the counter.
  6. 根据权利要求1所述的方法,所述方法还包括:The method according to claim 1, further comprising:
    在每生成一次所述指定收款方的支付订单核验码时,记录所述支付订单核验码的生成时间,所述支付订单核验码中包含所述支付订单核验码的所述生成时间。Each time the payment order verification code of the designated payee is generated, the generation time of the payment order verification code is recorded, and the payment order verification code includes the generation time of the payment order verification code.
  7. 一种交易服务器,其包括存储器及处理器,所述存储器存储计算机程序,当所述处理器执行所述计算机程序时,实现根据权利要求1到6中任一项所述的支付订单校验方法。A transaction server comprising a memory and a processor, the memory storing a computer program, and when the processor executes the computer program, the payment order verification method according to any one of claims 1 to 6 is implemented .
  8. 一种支付订单校验方法,所述方法包括:A payment order verification method, the method includes:
    使用支付订单校验设备扫描付款方终端的支付成功界面上的支付订单核验码,所述 支付订单核验码中包含付款方对指定收款方的支付订单信息;Use the payment order verification device to scan the payment order verification code on the payment success interface of the payer's terminal, where the payment order verification code contains the payment order information of the payer to the designated payee;
    所述支付订单校验设备对所述支付订单核验码进行离线校验;以及The payment order verification device performs offline verification on the payment order verification code; and
    所述支付订单校验设备输出校验结果。The payment order verification device outputs the verification result.
  9. 根据权利要求8所述的方法,所述支付订单核验码中还包含用所述指定收款方的收款方密钥对所述支付订单信息加签的签名信息,所述对所述支付订单核验码进行离线校验包括:The method according to claim 8, wherein the payment order verification code further includes signature information that uses the payee key of the designated payee to endorse the payment order information, and the payment order Offline verification of verification code includes:
    所述支付订单校验设备识别所述支付订单核验码,获取所述支付订单核验码的签名信息;及The payment order verification device recognizes the payment order verification code, and obtains the signature information of the payment order verification code; and
    所述支付订单校验设备使用本地保存的收款方证书对所述签名信息进行验签。The payment order verification device uses the locally stored payee certificate to verify the signature information.
  10. 根据权利要求9所述的方法,所述输出校验结果包括:The method according to claim 9, wherein said outputting the verification result comprises:
    当验签成功时,所述支付订单校验设备输出验签成功信号;When the signature verification is successful, the payment order verification device outputs a signature verification success signal;
    当验签失败时,所述支付订单校验设备输出验签号。When the verification fails, the payment order verification device outputs the verification number.
  11. 根据权利要求10所述的方法,所述支付订单信息中还包含支付金额,所述支付订单校验设备输出验签成功信号包括:所述支付订单校验设备语音播报所述支付金额。The method according to claim 10, wherein the payment order information further includes a payment amount, and the payment order verification device outputting a sign verification success signal comprises: the payment order verification device voice broadcasts the payment amount.
  12. 根据权利要求9所述方法,所述支付订单核验码中还包含所述指定收款方的计数器的计数,每生成一次所述指定收款方的支付订单核验码时,所述指定收款方的计数器加1,所述方法还包括:The method according to claim 9, wherein the payment order verification code further includes the count of the counter of the designated payee, and each time the payment order verification code of the designated payee is generated, the designated payee The counter of is incremented by 1, and the method further includes:
    所述支付订单校验设备对付款方终端上的支付订单核验码每验签成功时,将所述支付订单核验码上的所述指定收款方的计数器的最新计数保存在所述支付订单校验设备本地。The payment order verification device stores the latest count of the designated payee counter on the payment order verification code in the payment order verification code every time the payment order verification code on the payer’s terminal is successfully verified. Check the equipment locally.
  13. 根据权利要求12所述的方法,当所述支付订单校验设备对付款方终端上的支付订单核验码验签时发现所述付款方终端上的支付订单核验码上的所述指定收款方的计数器的计数不大于所述支付订单校验设备本地保存的所述最新计数时,则验签失败。The method according to claim 12, when the payment order verification device checks the payment order verification code on the payer’s terminal and finds the designated payee on the payment order verification code on the payer’s terminal When the count of the counter is not greater than the latest count stored locally by the payment order verification device, the signature verification fails.
  14. 根据权利要求9所述的方法,所述支付订单核验码中还包含所述支付订单核验码的生成时间,所述方法还包括:The method according to claim 9, wherein the payment order verification code further includes the generation time of the payment order verification code, and the method further comprises:
    所述支付订单校验设备对付款方终端上的支付订单核验码每验签成功时,将所述支付订单核验码上的最新生成时间保存在所述支付订单校验设备本地。Each time the payment order verification device successfully verifies the payment order verification code on the payer terminal, the latest generation time on the payment order verification code is stored locally in the payment order verification device.
  15. 根据权利要求14所述的方法,当所述支付订单校验设备对付款方终端上的支付订单核验码验签时发现所述付款方终端上的支付订单核验码上的所述生成时间不在所述支付订单校验设备本地保存的所述最新生成时间的预定时间段内时,则验签失败。The method according to claim 14, when the payment order verification device verifies the payment order verification code on the payer’s terminal and finds that the generation time on the payment order verification code on the payer’s terminal is not at all When the payment order verification device locally stores within the predetermined time period of the latest generation time, the signature verification fails.
  16. 根据权利要求9所述的方法,所述方法还包括设备激活步骤,所述设备激活 步骤包括:The method according to claim 9, said method further comprising a device activation step, said device activation step comprising:
    使用所述支付订单校验设备扫描指定收款方终端上的证书图形码,所述证书图形码由从交易服务器获取到的使用所述支付订单校验设备的激活密钥加签的收款方证书编码而成;Use the payment order verification device to scan the certificate graphic code on the designated payee terminal, and the certificate graphic code is obtained from the transaction server and signed by the payee using the activation key of the payment order verification device The certificate is encoded;
    所述支付订单校验设备使用预置的激活证书对所述激活密钥加签的收款方证书验签,所述激活证书与所述支付订单校验设备的设备信息相关联;及The payment order verification device verifies the payee certificate signed by the activation key using a preset activation certificate, and the activation certificate is associated with the device information of the payment order verification device; and
    在验签通过时,则将所述收款方证书保存在所述支付订单校验设备本地。When the verification is passed, the payee certificate is stored locally in the payment order verification device.
  17. 一种支付订单校验设备的激活方法,所述方法包括:A method for activating a payment order verification device, the method comprising:
    收款方终端扫描支付订单校验设备上的设备信息码,所述设备信息码中包含所述支付订单校验设备的设备信息;The payee terminal scans the device information code on the payment order verification device, where the device information code contains the device information of the payment order verification device;
    所述收款方终端将所述设备信息码上传给交易服务器,从所述交易服务器获取到使用所述支付订单校验设备的激活密钥加签的收款方证书;以及The payee terminal uploads the device information code to the transaction server, and obtains from the transaction server a payee certificate that is signed with the activation key of the payment order verification device; and
    所述收款方终端将所述激活密钥加签的所述收款方证书编码成证书图形码以供所述支付订单校验设备扫码激活。The payee terminal encodes the payee certificate signed by the activation key into a certificate graphic code for the payment order verification device to scan the code for activation.
  18. 一种支付订单校验设备,所述设备包括:A payment order verification device, the device comprising:
    图像采集单元,用于采集付款方终端的支付成功界面上的支付订单核验码,所述支付订单核验码中包含付款方对指定收款方的支付订单信息和用所述指定收款方的收款方密钥对所述支付订单信息加签的签名信息;The image acquisition unit is used to collect the payment order verification code on the payment success interface of the payer’s terminal. The payment order verification code contains the payment order information of the payer to the designated payee and the payment order information of the designated payee. The signature information that the payer's key adds to the payment order information;
    输出单元;Output unit
    存储单元,所述存储单元中保存有所述指定收款方的收款方证书;以及A storage unit in which the payee certificate of the designated payee is stored; and
    主控单元,用于对所述支付订单核验码进行离线校验,所述主控单元包括:The main control unit is configured to perform offline verification on the payment order verification code, and the main control unit includes:
    图形码识别模块,用于识别所述支付订单核验码,获取所述签名信息:The graphic code recognition module is used to recognize the payment order verification code and obtain the signature information:
    签名验签算法模块,用于使用所述存储单元保存的所述收款方证书对所述签名信息进行验签;及A signature verification algorithm module for verifying the signature information using the payee certificate stored in the storage unit; and
    控制模块,用于当验签成功时,控制所述输出单元输出验签成功信号;当验签失败时,控制所述输出单元输出验签报警信号。The control module is used to control the output unit to output a signature verification success signal when the signature verification is successful; when the signature verification fails, control the output unit to output a signature verification alarm signal.
  19. 根据权利要求18所述的设备,所述支付订单核验码中还包含述指定收款方的计数器的计数,每生成一次所述指定收款方的支付订单核验码时,所述指定收款方的计数器加1,在所述签名验签算法模块对付款方终端上的支付订单核验码每验签成功时,所述控制模块还用于将所述支付订单核验码上的所述指定收款方的计数器的最新计数保存到所述存储单元中。The device according to claim 18, wherein the payment order verification code further includes the count of the counter of the designated payee, and each time the payment order verification code of the designated payee is generated, the designated payee Each time the signature verification algorithm module successfully verifies the payment order verification code on the payer’s terminal, the control module is also used to add the designated payment on the payment order verification code. The latest count of the counter of the square is stored in the storage unit.
  20. 根据权利要求19所述的设备,当所述签名验签算法模块对付款方终端上的支付订单核验码验签时发现所述付款方终端上的支付订单核验码上的所述指定收款方的计数器的计数不大于所述存储单元中保存的所述最新计数时,则所述签名验签算法模块确定验签失败。The device according to claim 19, when the signature verification algorithm module verifies the payment order verification code on the payer’s terminal, it finds the designated payee on the payment order verification code on the payer’s terminal When the count of the counter of is not greater than the latest count stored in the storage unit, the signature verification algorithm module determines that the signature verification fails.
  21. 根据权利要求18所述的设备,所述支付订单核验码中还包含所述支付订单核验码的生成时间,在所述签名验签算法模块对付款方终端上的支付订单核验码每验签成功时,所述控制模块还用于将所述支付订单核验码上的最新生成时间保存到所述存储单元中。The device according to claim 18, wherein the payment order verification code further includes the generation time of the payment order verification code, and the signature verification algorithm module verifies the payment order verification code on the payer’s terminal every time the verification is successful When the time, the control module is also used to save the latest generation time on the payment order verification code in the storage unit.
  22. 根据权利要求21所述的设备,当所述签名验签算法模块对付款方终端上的支付订单核验码验签时发现所述付款方终端上的支付订单核验码上的所述生成时间不在所述存储单元中保存的所述最新生成时间的预定时间段内时,则所述签名验签算法模块确定验签失败。The device according to claim 21, when the signature verification algorithm module verifies the payment order verification code on the payer’s terminal, it finds that the generation time on the payment order verification code on the payer’s terminal is not at all. When within a predetermined time period of the latest generation time stored in the storage unit, the signature verification algorithm module determines that the signature verification fails.
  23. 根据权利要求18所述的设备,所述验签成功信号和所述验签报警信号包括声和光信号中的至少一种。The device according to claim 18, wherein the signature verification success signal and the signature verification alarm signal comprise at least one of an acoustic signal and an optical signal.
  24. 根据权利要求18所述的设备,所述支付订单信息中还包含支付金额,所述控制模块控制所述输出单元输出验签成功信号包括:所述控制模块控制所述输出单元语音播报所述支付金额。The device according to claim 18, wherein the payment order information further includes a payment amount, and the control module controlling the output unit to output a signature verification success signal comprises: the control module controlling the output unit to voice broadcast the payment Amount.
  25. 根据权利要求18所述的支付订单校验设备,所述存储单元中还保存有预置的激活证书,所述激活证书与所述支付订单校验设备的设备信息相关联,在所述支付订单校验设备激活时,所述图像采集单元还用于采集指定收款方终端上的证书图形码,所述证书图形码由从交易服务器获取到的使用所述支付订单校验设备的激活密钥加签的收款方证书编码而成,所述签名验签算法模块还用于使用所述激活证书对所述激活密钥加签的收款方证书验签,所述控制模块还用于在验签通过时,将所述收款方证书保存在所述存储单元中。The payment order verification device according to claim 18, wherein a preset activation certificate is also stored in the storage unit, and the activation certificate is associated with the device information of the payment order verification device. When the verification device is activated, the image acquisition unit is also used to collect the graphic code of the certificate on the terminal of the designated payee, the graphic code of the certificate is obtained from the transaction server using the activation key of the payment order verification device The signed payee certificate is encoded, the signature verification algorithm module is also used to verify the payee certificate signed by the activation key using the activation certificate, and the control module is also used to When the signature verification is passed, the payee certificate is stored in the storage unit.
  26. 根据权利要求18所述的支付订单校验设备,所述支付订单核验码包括条形码或二维码。The payment order verification device according to claim 18, wherein the payment order verification code comprises a barcode or a two-dimensional code.
PCT/CN2020/142559 2020-03-31 2020-12-31 Payment order verification method, payment order verification device and activation method therefor, and transaction server WO2021196807A1 (en)

Applications Claiming Priority (2)

Application Number Priority Date Filing Date Title
CN202010243108.9A CN111461703B (en) 2020-03-31 2020-03-31 Payment order checking method, payment order checking equipment, activation method thereof and transaction server
CN202010243108.9 2020-03-31

Publications (1)

Publication Number Publication Date
WO2021196807A1 true WO2021196807A1 (en) 2021-10-07

Family

ID=71678467

Family Applications (1)

Application Number Title Priority Date Filing Date
PCT/CN2020/142559 WO2021196807A1 (en) 2020-03-31 2020-12-31 Payment order verification method, payment order verification device and activation method therefor, and transaction server

Country Status (2)

Country Link
CN (1) CN111461703B (en)
WO (1) WO2021196807A1 (en)

Cited By (1)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN114299666A (en) * 2021-12-28 2022-04-08 安徽影通智能科技有限公司 Offline charging method of charging station

Families Citing this family (6)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN111461703B (en) * 2020-03-31 2021-12-24 支付宝(杭州)信息技术有限公司 Payment order checking method, payment order checking equipment, activation method thereof and transaction server
CN112288891B (en) * 2020-10-10 2022-07-12 苏州创旅天下信息技术有限公司 Method and device for self-service purchase of vehicle ferry ticket and readable storage medium
CN112581233B (en) * 2020-12-24 2024-01-26 北京顺达同行科技有限公司 Method, apparatus, device and computer readable storage medium for order offline operation
CN113627927A (en) * 2021-08-03 2021-11-09 支付宝(杭州)信息技术有限公司 Offline payment method and system
CN114519572A (en) * 2022-01-30 2022-05-20 上海幻电信息科技有限公司 Automatic detection method, device and system for payment link
CN116798167A (en) * 2023-08-25 2023-09-22 广东星云开物科技股份有限公司 Shared entertainment equipment starting method, system and storage medium

Citations (7)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US20130254114A1 (en) * 2012-03-23 2013-09-26 Ncr Corporation Network-based self-checkout
CN103985038A (en) * 2014-04-16 2014-08-13 深圳市亚略特生物识别科技有限公司 Payment method of mobile terminal based on fingerprint recognition
CN107944577A (en) * 2017-10-31 2018-04-20 珠海格力电器股份有限公司 Equipment application method, device, medium, mobile terminal, server and equipment
CN110060044A (en) * 2019-03-29 2019-07-26 北京未来购电子商务有限公司 A kind of method and self-service device of self-service device Offline consumption
CN110458569A (en) * 2019-07-01 2019-11-15 阿里巴巴集团控股有限公司 A kind of brush face method of payment and device
CN111461703A (en) * 2020-03-31 2020-07-28 支付宝(杭州)信息技术有限公司 Payment order checking method, payment order checking equipment, activation method thereof and transaction server
CN211506666U (en) * 2020-03-31 2020-09-15 支付宝(杭州)信息技术有限公司 Payment order checking equipment

Family Cites Families (6)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US9390414B2 (en) * 2011-09-18 2016-07-12 Google Inc. One-click offline buying
CN107480993B (en) * 2016-06-07 2021-02-23 华为技术有限公司 Data processing method, related device and system
CN108009822A (en) * 2018-01-02 2018-05-08 中国工商银行股份有限公司 A kind of cloud method of payment, system and payment mechanism, user terminal
CN108665304A (en) * 2018-05-02 2018-10-16 安徽奎特伊科技有限公司 A kind of method of mobile payment and system applied in public transport
CN110880106A (en) * 2019-10-30 2020-03-13 支付宝(杭州)信息技术有限公司 Method and device for realizing double offline payment
CN110930147B (en) * 2019-11-01 2021-12-03 北京三快在线科技有限公司 Offline payment method and device, electronic equipment and computer-readable storage medium

Patent Citations (7)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US20130254114A1 (en) * 2012-03-23 2013-09-26 Ncr Corporation Network-based self-checkout
CN103985038A (en) * 2014-04-16 2014-08-13 深圳市亚略特生物识别科技有限公司 Payment method of mobile terminal based on fingerprint recognition
CN107944577A (en) * 2017-10-31 2018-04-20 珠海格力电器股份有限公司 Equipment application method, device, medium, mobile terminal, server and equipment
CN110060044A (en) * 2019-03-29 2019-07-26 北京未来购电子商务有限公司 A kind of method and self-service device of self-service device Offline consumption
CN110458569A (en) * 2019-07-01 2019-11-15 阿里巴巴集团控股有限公司 A kind of brush face method of payment and device
CN111461703A (en) * 2020-03-31 2020-07-28 支付宝(杭州)信息技术有限公司 Payment order checking method, payment order checking equipment, activation method thereof and transaction server
CN211506666U (en) * 2020-03-31 2020-09-15 支付宝(杭州)信息技术有限公司 Payment order checking equipment

Cited By (1)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN114299666A (en) * 2021-12-28 2022-04-08 安徽影通智能科技有限公司 Offline charging method of charging station

Also Published As

Publication number Publication date
CN111461703B (en) 2021-12-24
CN111461703A (en) 2020-07-28

Similar Documents

Publication Publication Date Title
WO2021196807A1 (en) Payment order verification method, payment order verification device and activation method therefor, and transaction server
US10839393B2 (en) Facial profile modification for hands free transactions
US9560033B2 (en) Method and system for authenticating user identity
WO2019237718A1 (en) Method for generating payment receiving code and code-scanning security verification method
US20150269559A1 (en) Systems and methods for a quick card
WO2021082466A1 (en) Offline payment
JP6585038B2 (en) Systems and methods for encryption
WO2017114289A1 (en) Bank-card information authentication method, client terminal, and banking system
JP2014510318A (en) Method and system for generating a signature for authenticating an application
TW201516915A (en) A message sending method, system and device thereof
US9959874B2 (en) One way sound
JP2010536055A (en) Reliable transaction provision method with watermarked document display certification
CN101291226B (en) Method for enhancing security verified by information security device using image information
CN110213251B (en) Method for anonymously reporting reward distribution, method for obtaining reward, equipment and storage medium
WO2019047497A1 (en) 3d glasses rental device, system, and method
TW201816654A (en) Real-name account generating system for smart contract and method thereof
US20230325791A1 (en) Proxied cross-ledger authentication
TW201810130A (en) Mobile device, authentication device and authentication methods thereof
CN111340484A (en) Payment verification method, device, system, storage medium and computer equipment
WO2023122633A1 (en) Verified presentation of non-fungible tokens
WO2015145335A2 (en) Systems and methods for an issuer certified card and a quick card
CN211506666U (en) Payment order checking equipment
JP2009042986A (en) Management system, method and program for marketing sales history of financial product
US11405186B2 (en) Using virtual blockchain protocols to implement a fair electronic exchange
KR102140708B1 (en) Method and server for providing financial service

Legal Events

Date Code Title Description
121 Ep: the epo has been informed by wipo that ep was designated in this application

Ref document number: 20928635

Country of ref document: EP

Kind code of ref document: A1

NENP Non-entry into the national phase

Ref country code: DE

122 Ep: pct application non-entry in european phase

Ref document number: 20928635

Country of ref document: EP

Kind code of ref document: A1