WO2023040416A1 - Cloud hosting method and system for hardware payment device - Google Patents

Cloud hosting method and system for hardware payment device Download PDF

Info

Publication number
WO2023040416A1
WO2023040416A1 PCT/CN2022/102772 CN2022102772W WO2023040416A1 WO 2023040416 A1 WO2023040416 A1 WO 2023040416A1 CN 2022102772 W CN2022102772 W CN 2022102772W WO 2023040416 A1 WO2023040416 A1 WO 2023040416A1
Authority
WO
WIPO (PCT)
Prior art keywords
information
payment
hardware
payment device
transaction
Prior art date
Application number
PCT/CN2022/102772
Other languages
French (fr)
Chinese (zh)
Inventor
李东声
Original Assignee
天地融科技股份有限公司
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by 天地融科技股份有限公司 filed Critical 天地融科技股份有限公司
Publication of WO2023040416A1 publication Critical patent/WO2023040416A1/en

Links

Images

Classifications

    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/30Authentication, i.e. establishing the identity or authorisation of security principals
    • G06F21/31User authentication
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06QINFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES, NOT OTHERWISE PROVIDED FOR
    • G06Q20/00Payment architectures, schemes or protocols
    • G06Q20/30Payment architectures, schemes or protocols characterised by the use of specific devices or networks
    • G06Q20/32Payment architectures, schemes or protocols characterised by the use of specific devices or networks using wireless devices
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/40Network security protocols

Landscapes

  • Engineering & Computer Science (AREA)
  • Computer Security & Cryptography (AREA)
  • Theoretical Computer Science (AREA)
  • General Physics & Mathematics (AREA)
  • Computer Networks & Wireless Communication (AREA)
  • Business, Economics & Management (AREA)
  • Physics & Mathematics (AREA)
  • Accounting & Taxation (AREA)
  • General Business, Economics & Management (AREA)
  • Strategic Management (AREA)
  • Computer Hardware Design (AREA)
  • Software Systems (AREA)
  • General Engineering & Computer Science (AREA)
  • Signal Processing (AREA)
  • Financial Or Insurance-Related Operations Such As Payment And Settlement (AREA)

Abstract

A cloud hosting method and system for a hardware payment device. The method comprises: a cloud hosting server receives an account opening request, allocates and activates a hardware payment device according to identity identification information, binds the user identity identification information with the hardware payment device, receives a transaction request, and sends, according to a binding relationship between the user identity identification information and the hardware payment device, the transaction request to the hardware payment device corresponding to the user identity identification information; the hardware payment device determines a transaction type according to transaction information, obtains a first data packet for payment if the transaction type is payment, and sends the first data packet for payment to the cloud hosting server; if the transaction type is receipt, the hardware payment device extracts a second data packet for payment from the transaction information, and stores the second data packet for payment.

Description

一种硬件支付设备的云托管方法及系统A cloud hosting method and system for hardware payment equipment
相关申请的交叉引用Cross References to Related Applications
本公开基于申请号为202111079446.4,申请日为2021年09月15日的中国专利申请提出,并要求该中国专利申请的优先权,该中国专利申请的全部内容在此引入本公开作为参考。This disclosure is based on a Chinese patent application with application number 202111079446.4 and a filing date of September 15, 2021, and claims the priority of this Chinese patent application. The entire content of this Chinese patent application is hereby incorporated by reference into this disclosure.
技术领域technical field
本公开涉及电子支付技术领域,尤其涉及一种硬件支付设备的云托管方法及系统。The present disclosure relates to the technical field of electronic payment, in particular to a cloud hosting method and system for a hardware payment device.
背景技术Background technique
现有的电子交易中,用户开通账户后通常需要去柜台领取一个用户端硬件支付设备,该设备能够在收付款时与商家或其他用户的设备传输用于支付的数据包,以此完成电子交易。但这种交易方式,需要用户去柜台领用该设备,不够便利。因此亟需一种无需用户领取硬件支付设备,又能完成上述电子交易的新型的方法和系统。In the existing electronic transactions, after the user opens an account, he usually needs to go to the counter to get a user-side hardware payment device, which can transmit the payment data package with the merchant or other user's device when receiving and paying, so as to complete the electronic transaction . However, this transaction method requires the user to go to the counter to get the device, which is not convenient enough. Therefore, there is an urgent need for a new method and system that can complete the above-mentioned electronic transactions without requiring the user to receive a hardware payment device.
公开内容public content
本公开旨在解决上述问题之一。The present disclosure aims to solve one of the above-mentioned problems.
本公开的主要目的在于提供一种硬件支付设备的云托管方法。The main purpose of the present disclosure is to provide a cloud hosting method for a hardware payment device.
本公开的另一目的在于提供一种硬件支付设备的云托管系统。Another object of the present disclosure is to provide a cloud hosting system for hardware payment devices.
为达到上述目的,本公开的技术方案具体是这样实现的:In order to achieve the above purpose, the technical solution of the present disclosure is specifically implemented as follows:
本公开一方面提供了一种硬件支付设备的云托管方法,该方法包括:云托管服务器接收开户请求,开户请求包括用户身份标识信息;云托管服务器根据身份标识信息分配并激活一个硬件支付设备,将用户身份标识信息与硬件支付设备绑定,并保存用户身份标识信息与硬件支付设备的绑定关系,其中,硬件支付设备连接至云托管服务器或者集成在云托管服务器内;云托管服务器接收交易请求,交易请求包括:用户身份标识信息、交易信息和身份认证信息;云托管服务器根据用户身份标识信息和身份认证信息进行认证,认证通过后,根据用户身份标识信息与硬件支付设备的绑定关系,将交易请求发送给用户身份标识信息对应的硬件支付设备;硬件支付设备根据交易信息判断交易类型,如果交易类型为付款,则获取用于支付的第一数据包,将用于支付的第一数据包发送至云托管服务器;如果交易类型为收款,则从交易信息中提取用于支付的第二数据包,存储用于支付的第二数据包;云托管服务器将接收的用于支付的第一数据包外发。One aspect of the present disclosure provides a cloud hosting method for a hardware payment device, the method comprising: the cloud hosting server receives an account opening request, and the account opening request includes user identification information; the cloud hosting server allocates and activates a hardware payment device according to the identity information, Bind the user identity information with the hardware payment device, and save the binding relationship between the user identity information and the hardware payment device, wherein the hardware payment device is connected to the cloud hosting server or integrated in the cloud hosting server; the cloud hosting server receives the transaction Request, the transaction request includes: user identification information, transaction information and identity authentication information; the cloud hosting server performs authentication according to the user identification information and identity authentication information, and after the authentication is passed, according to the binding relationship between the user identification information and the hardware payment device , and send the transaction request to the hardware payment device corresponding to the user’s identity information; the hardware payment device judges the transaction type according to the transaction information, and if the transaction type is payment, then obtains the first data packet for payment, and uses the first data packet for payment The data packet is sent to the cloud hosting server; if the transaction type is payment, the second data packet used for payment is extracted from the transaction information, and the second data packet used for payment is stored; the cloud hosting server will receive the payment for payment The first data packet is sent out.
可选地,身份认证信息包括以下至少一种:指静脉信息、指纹信息或人脸信息。Optionally, the identity authentication information includes at least one of the following: finger vein information, fingerprint information or face information.
本公开另一方面提供了一种硬件支付设备的云托管系统,该系统包括:云托管服务器和至少一个硬件支付设备,硬件支付设备连接至云托管服务器或者集成在云托管服务器内;云托管服务器,用于接收开户请求,开户请求包括用户身份标识信息;根据用户身份标识信息分配并激活一个硬件支付设备,将用户身份标识信息与硬件支付设备绑定,并保存用户身份标识信息与硬件支付设备的绑定关系;接收交易请求,交易请求包括:用户身份标识信息、交易信息和身份认证信息;根据用户身份标识信息和身份认证信息进行认证,认证通过后,根据用户身份标识信息与硬件支付设备的绑定关系,将交易请求发送给用户身份标识信息对应的硬件支付设备;硬件支付设备,用于根据交易信息判断交易类型,如果交易类型为付款,则获取用于支付的第一数据包,将用于支付的第一数据包发送至云托管服务器;如果交易类型为收款,则从交易信息中提取用于支付的第二数据包,存储用于支付的第二数据包;云托管服务器,还用于将接收的用于支付的第一数据包外发。Another aspect of the present disclosure provides a cloud hosting system for a hardware payment device, the system includes: a cloud hosting server and at least one hardware payment device, the hardware payment device is connected to the cloud hosting server or integrated in the cloud hosting server; the cloud hosting server , for receiving an account opening request, the account opening request includes user identification information; allocate and activate a hardware payment device according to the user identification information, bind the user identification information with the hardware payment device, and save the user identification information and the hardware payment device Binding relationship; receive a transaction request, the transaction request includes: user identity information, transaction information and identity authentication information; authenticate according to the user identity information and identity authentication information, after the authentication is passed, according to the user identity information and hardware payment device binding relationship, and send the transaction request to the hardware payment device corresponding to the user identity information; the hardware payment device is used to judge the transaction type according to the transaction information, and if the transaction type is payment, obtain the first data packet for payment, Send the first data packet for payment to the cloud hosting server; if the transaction type is collection, extract the second data packet for payment from the transaction information, and store the second data packet for payment; the cloud hosting server , which is also used to send the received first data packet for payment.
可选地,身份认证信息包括以下至少一种:指静脉信息、指纹信息或人脸信息。Optionally, the identity authentication information includes at least one of the following: finger vein information, fingerprint information or face information.
由上述本公开提供的技术方案可以看出,本公开提供了一种硬件支付设备的云托管方法及系统。采用该技术方案,通过配置与云托管服务器相连接或者集成在云托管服务器中的一个或多个硬件支付设备,使用户在开户后,可以被分配到一个与用户身份标识信息对应的云端硬件支付设备,通过该云端硬件支付设备收付或存储用于支付的数据包,以此完成交易。采用硬件支付设备的云托管方法或系统,无需用户在开户时到银行柜台领用硬件支付设备,在后续使用中也不必持有该硬件支付设备,由此可以简化用户操作,优化用户的使用体验。It can be seen from the above technical solution provided by the present disclosure that the present disclosure provides a cloud hosting method and system for a hardware payment device. With this technical solution, by configuring one or more hardware payment devices connected to or integrated in the cloud hosting server, the user can be assigned to a cloud hardware payment device corresponding to the user's identity information after opening an account. The device, through the cloud hardware payment device, receives and pays or stores the data package used for payment to complete the transaction. The cloud hosting method or system using a hardware payment device does not require the user to go to the bank counter to get the hardware payment device when opening an account, and does not need to hold the hardware payment device in subsequent use, thereby simplifying user operations and optimizing user experience .
附图说明Description of drawings
为了更清楚地说明本公开实施例的技术方案,下面将对实施例描述中所需要使用的附图作简单地介绍,显而易见地,下面描述中的附图仅仅是本公开的一些实施例,对于本领域的普通技术人员来讲,在不付出创造性劳动的前提下,还可以根据这些附图获得其他附图。In order to more clearly illustrate the technical solutions of the embodiments of the present disclosure, the following will briefly introduce the drawings that need to be used in the description of the embodiments. Obviously, the drawings in the following description are only some embodiments of the present disclosure. For Those of ordinary skill in the art can also obtain other drawings based on these drawings without making creative efforts.
图1为本公开实施例1提供的硬件支付设备的云托管方法的流程图;FIG. 1 is a flowchart of a cloud hosting method for a hardware payment device provided in Embodiment 1 of the present disclosure;
图2为本公开实施例2提供的硬件支付设备的云托管系统的结构示意图。Fig. 2 is a schematic structural diagram of a cloud hosting system for a hardware payment device provided by Embodiment 2 of the present disclosure.
具体实施方式Detailed ways
下面结合本公开实施例中的附图,对本公开实施例中的技术方案进行清楚、完整地描述,显然,所描述的实施例仅仅是本公开一部分实施例,而不是全部的实施例。基于本公 开的实施例,本领域普通技术人员在没有做出创造性劳动前提下所获得的所有其他实施例,都属于本公开的保护范围。The technical solutions in the embodiments of the present disclosure are clearly and completely described below in combination with the accompanying drawings in the embodiments of the present disclosure. Obviously, the described embodiments are only some of the embodiments of the present disclosure, not all of them. Based on the embodiments of the present disclosure, all other embodiments obtained by persons of ordinary skill in the art without making creative efforts belong to the protection scope of the present disclosure.
下面将结合附图对本公开实施例作进一步地详细描述。Embodiments of the present disclosure will be further described in detail below in conjunction with the accompanying drawings.
实施例1Example 1
图1为本实施例提供的硬件支付设备的云托管方法的流程图,该方法包括步骤S1-S7,现结合图1,对该方法的具体步骤进行说明:Fig. 1 is a flow chart of the cloud hosting method for the hardware payment device provided in this embodiment, the method includes steps S1-S7, now with reference to Fig. 1, the specific steps of the method are described:
步骤S1,云托管服务器接收开户请求,开户请求包括用户身份标识信息。In step S1, the cloud hosting server receives an account opening request, and the account opening request includes user identification information.
本步骤中,用户在进行开户时,可以通过自身的终端设备(例如手机、电脑等)向云托管服务器发送开户请求,或者用户通过银行APP向银行服务器提交开户请求,由银行服务器向云托管服务器发送开户请求。本实施例中,开户请求中至少包括用户身份标识信息,该用户身份标识信息为标记该用户的唯一标识信息,在实际应用中,可以为用户的身份证号,或者用户的姓名、身份证号的组合等。此外,开户请求中还可以包括其他信息,如开户请求时间、账户类型等,在此不做限制。In this step, when the user opens an account, he can send an account opening request to the cloud hosting server through his own terminal device (such as a mobile phone, computer, etc.), or the user submits an account opening request to the bank server through the bank APP, and the bank server sends the cloud hosting server an account opening request. Send account opening request. In this embodiment, the account opening request includes at least user identification information, which is the unique identification information that marks the user. In practical applications, it can be the user's ID number, or the user's name and ID number. combinations etc. In addition, the account opening request may also include other information, such as account opening request time, account type, etc., which is not limited here.
步骤S2,云托管服务器根据身份标识信息分配并激活一个硬件支付设备,将用户身份标识信息与硬件支付设备绑定,并保存用户身份标识信息与硬件支付设备的绑定关系。Step S2, the cloud hosting server allocates and activates a hardware payment device according to the identity information, binds the user identity information to the hardware payment device, and saves the binding relationship between the user identity information and the hardware payment device.
本实施例中,硬件支付设备内置有安全芯片,有加解密、签名验签、安全存储等安全功能,每个硬件支付设备可以被分配给一个用户,与该用户的身份标识信息绑定后,该硬件支付设备只可以被该用户使用。硬件支付设备可以为独立的设备,且与云托管服务器连接,或者硬件支付设备可以被集成在云托管服务器内。作为一种可选的实施方式,云托管服务器可以根据用户身份标识信息与硬件支付设备的绑定关系建立绑定关系映射表,该绑定关系映射表可以存储用户身份标识信息、硬件支付设备的序列号以及二者的对应关系。In this embodiment, the hardware payment device has a built-in security chip, which has security functions such as encryption and decryption, signature verification, and safe storage. Each hardware payment device can be assigned to a user, and after binding with the user's identity information, The hardware payment device can only be used by the user. The hardware payment device can be an independent device connected to the cloud hosting server, or the hardware payment device can be integrated in the cloud hosting server. As an optional implementation, the cloud hosting server can establish a binding relationship mapping table according to the binding relationship between the user identity information and the hardware payment device, and the binding relationship mapping table can store the user identity information, the hardware payment device Serial number and the corresponding relationship between the two.
步骤S3,云托管服务器接收交易请求,交易请求包括:用户身份标识信息、交易信息和身份认证信息。Step S3, the cloud hosting server receives the transaction request, and the transaction request includes: user identification information, transaction information and identity authentication information.
本步骤中,交易信息可以包括以下一种或多种:交易金额、收款方信息或付款方信息、交易时间、交易地点等。可选地,用户可以利用自身的终端设备(例如手机、电脑等),启动终端设备中搭载的银行APP,用户向该银行APP中输入交易信息并录入身份认证信息,银行APP根据输入的交易信息和录入的身份认证信息生成交易请求,将该交易请求发送至云托管服务器。由此,硬件支付设备可以根据交易信息执行交易操作。作为一种可选的实施方式,身份认证信息包括以下至少一种:指静脉信息、指纹信息或人脸信息,通过对提交交易请求的用户通过生物识别的方式进行身份认证,可以有效地提高电子交易的安全性。In this step, the transaction information may include one or more of the following: transaction amount, payee information or payer information, transaction time, transaction location, and the like. Optionally, the user can use his own terminal device (such as a mobile phone, computer, etc.) to start the bank APP carried in the terminal device, and the user enters transaction information and identity authentication information into the bank APP, and the bank APP Generate a transaction request with the entered identity authentication information, and send the transaction request to the cloud hosting server. Thus, the hardware payment device can perform a transaction operation according to the transaction information. As an optional implementation, the identity authentication information includes at least one of the following: finger vein information, fingerprint information, or face information. By performing identity authentication on the user who submits the transaction request through biometrics, the electronic Transaction security.
步骤S4,云托管服务器根据用户身份标识信息和身份认证信息进行认证,认证通过后, 根据用户身份标识信息与硬件支付设备的绑定关系,将交易请求发送给用户身份标识信息对应的硬件支付设备。Step S4, the cloud hosting server performs authentication according to the user identity information and identity authentication information. After the authentication is passed, according to the binding relationship between the user identity information and the hardware payment device, the transaction request is sent to the hardware payment device corresponding to the user identity information .
本实施中,云托管服务器在对用户身份认证信息进行认证后,就根据用户标识信息与硬件支付设备的绑定关系,查找到属于该用户的硬件支付设备,将交易请求发送给用户的硬件支付设备,由内置有安全芯片的硬件支付设备执行交易操作,如接收或发送用于支付的数据包等。作为一种可选的实施方式,云托管服务器可以存储绑定关系映射表,在该绑定关系映射表中查找与接收到的用户身份标识信息对应的硬件支付设备的序列号,由此可以查找并调用该用户的硬件支付设备。In this implementation, after the cloud hosting server authenticates the user identity authentication information, it finds the hardware payment device belonging to the user according to the binding relationship between the user identification information and the hardware payment device, and sends the transaction request to the user's hardware payment device. The device is a hardware payment device with a built-in security chip that performs transaction operations, such as receiving or sending data packets for payment. As an optional implementation, the cloud hosting server can store a binding relationship mapping table, and look up the serial number of the hardware payment device corresponding to the received user identity information in the binding relationship mapping table, so that the And call the user's hardware payment device.
步骤S5,硬件支付设备根据交易信息判断交易类型,如果交易类型为付款,则执行步骤S6,如果交易类型为收款,则执行步骤S7;Step S5, the hardware payment device judges the transaction type according to the transaction information, if the transaction type is payment, then execute step S6, if the transaction type is payment, then execute step S7;
步骤S6,获取用于支付的第一数据包,将用于支付的第一数据包发送至云托管服务器。Step S6, obtaining the first data packet used for payment, and sending the first data packet used for payment to the cloud hosting server.
本步骤中,硬件支付设备接收到指示付款的交易信息后,可以根据交易信息中的交易金额,从内置的安全芯片中获取自身存储的对应面值的用于支付的第一数据包,将该用于支付的第一数据包发送至云托管服务器。云托管服务器接收到该用于支付的第一数据包后,执行步骤S6-1,云托管服务器将接收的用于支付的第一数据包外发。由此,云托管服务器可以将用于支付的第一数据包发送至收款方设备。In this step, after the hardware payment device receives the transaction information indicating payment, it can obtain the first data package for payment corresponding to the denomination stored by itself from the built-in security chip according to the transaction amount in the transaction information, and use the The first data packet for payment is sent to the cloud hosting server. After the cloud hosting server receives the first data packet for payment, step S6-1 is executed, and the cloud hosting server sends the received first data packet for payment. Thus, the cloud hosting server can send the first data packet for payment to the payee device.
步骤S7,从交易信息中提取用于支付的第二数据包,存储用于支付的第二数据包;Step S7, extracting the second data packet used for payment from the transaction information, and storing the second data packet used for payment;
本步骤中,如果交易类型为收款,则交易信息中携带有付款方发送的用于支付的第二数据包,硬件支付设备提取该用于支付的第二数据包并将其存储在内置的安全芯片中,由此完成收款操作。In this step, if the transaction type is payment, the transaction information carries the second data packet for payment sent by the payer, and the hardware payment device extracts the second data packet for payment and stores it in the built-in In the security chip, the payment collection operation is completed.
由本实施例提供的方法可以看出,该方法通过配置与云托管服务器相连接或者集成在云托管服务器中的一个或多个硬件支付设备,使用户在开户后,可以被分配到一个与用户身份标识信息对应的云端硬件支付设备,通过该云端硬件支付设备收付或存储用于支付的数据包,以此完成交易。采用硬件支付设备的云托管方法或系统,无需用户在开户时到银行柜台领用硬件支付设备,在后续使用中也不必持有该硬件支付设备,由此可以简化用户操作,优化用户的使用体验。It can be seen from the method provided in this embodiment that by configuring one or more hardware payment devices connected to or integrated in the cloud hosting server, the user can be assigned a user identity payment device after opening an account. The cloud hardware payment device corresponding to the identification information, through which the cloud hardware payment device receives and pays or stores the data package used for payment, so as to complete the transaction. The cloud hosting method or system using a hardware payment device does not require the user to go to the bank counter to get the hardware payment device when opening an account, and does not need to hold the hardware payment device in subsequent use, thereby simplifying user operations and optimizing user experience .
实施例2Example 2
图2为本实施例提供的硬件支付设备的云托管方法的结构示意图,现结合图2,对该系统的结构进行说明:FIG. 2 is a schematic structural diagram of the cloud hosting method for the hardware payment device provided in this embodiment. Now in conjunction with FIG. 2, the structure of the system is described:
本实施例提供的云托管系统包括:云托管服务器10和至少一个硬件支付设备20,硬件支付设备20连接至云托管服务器10或者集成在云托管服务器10内。本实施例中,硬件支 付设备20可以为独立的设备,且与云托管服务器10连接,或者硬件支付设备20可以被集成在云托管服务器10内。硬件支付设备可以设置有多个,如图2所示,硬件支付设备20至硬件支付设备2N均分别与云托管服务器10连接或集成在云托管服务器10内。The cloud hosting system provided in this embodiment includes: a cloud hosting server 10 and at least one hardware payment device 20 , and the hardware payment device 20 is connected to the cloud hosting server 10 or integrated in the cloud hosting server 10 . In this embodiment, the hardware payment device 20 may be an independent device connected to the cloud hosting server 10, or the hardware payment device 20 may be integrated in the cloud hosting server 10. There may be multiple hardware payment devices. As shown in FIG. 2 , the hardware payment device 20 to the hardware payment device 2N are respectively connected to the cloud hosting server 10 or integrated in the cloud hosting server 10 .
云托管服务器10,用于接收开户请求,开户请求包括用户身份标识信息。用户在进行开户时,可以通过自身的终端设备(例如手机、电脑等)向云托管服务器10发送开户请求,或者用户通过银行APP向银行服务器提交开户请求,由银行服务器向云托管服务器10发送开户请求。本实施例中,开户请求中至少包括用户身份标识信息,该用户身份标识信息为标记该用户的唯一标识信息,在实际应用中,可以为用户的身份证号,或者用户的姓名、身份证号的组合等。此外,开户请求中还可以包括其他信息,如开户请求时间、账户类型等,在此不做限制。The cloud hosting server 10 is configured to receive an account opening request, and the account opening request includes user identification information. When opening an account, the user can send an account opening request to the cloud hosting server 10 through his own terminal equipment (such as a mobile phone, a computer, etc.), or the user submits an account opening request to the bank server through the bank APP, and the bank server sends an account opening request to the cloud hosting server 10. ask. In this embodiment, the account opening request includes at least user identification information, which is the unique identification information that marks the user. In practical applications, it can be the user's ID number, or the user's name and ID number. combinations etc. In addition, the account opening request may also include other information, such as account opening request time, account type, etc., which is not limited here.
云托管服务器10,还用于根据用户身份标识信息分配并激活一个硬件支付设备20,将用户身份标识信息与硬件支付设备20绑定,并保存用户身份标识信息与硬件支付设备20的绑定关系。硬件支付设备20内置有安全芯片,有加解密、签名验签、安全存储等安全功能,每个硬件支付设备20可以被分配给一个用户,与该用户的身份标识信息绑定后,该硬件支付设备20只可以被该用户使用。作为一种可选的实施方式,云托管服务器10可以根据用户身份标识信息与硬件支付设备的绑定关系建立绑定关系映射表,该绑定关系映射表可以存储用户身份标识信息、硬件支付设备的序列号以及二者的对应关系。The cloud hosting server 10 is also used to allocate and activate a hardware payment device 20 according to the user identity information, bind the user identity information to the hardware payment device 20, and save the binding relationship between the user identity information and the hardware payment device 20 . The hardware payment device 20 has a built-in security chip, which has security functions such as encryption and decryption, signature verification, and safe storage. Each hardware payment device 20 can be assigned to a user, and after binding with the user's identity information, the hardware payment device The device 20 can only be used by this user. As an optional implementation, the cloud hosting server 10 may establish a binding relationship mapping table according to the binding relationship between the user identity information and the hardware payment device, and the binding relationship mapping table may store the user identity information, the hardware payment device serial number and the correspondence between the two.
云托管服务器10,还用于接收交易请求,交易请求包括:用户身份标识信息、交易信息和身份认证信息。交易信息可以包括以下一种或多种:交易金额、收款方信息或付款方信息、交易时间、交易地点等。可选地,用户可以利用自身的终端设备(例如手机、电脑等),启动终端设备中搭载的银行APP,用户向该银行APP中输入交易信息并录入身份认证信息,银行APP根据输入的交易信息和录入的身份认证信息生成交易请求,将该交易请求发送至云托管服务器10。由此,硬件支付设备20可以根据交易信息执行交易操作。作为一种可选的实施方式,身份认证信息包括以下至少一种:指静脉信息、指纹信息或人脸信息,通过对提交交易请求的用户通过生物识别的方式进行身份认证,可以有效地提高电子交易的安全性。The cloud hosting server 10 is also used to receive a transaction request, and the transaction request includes: user identification information, transaction information and identity authentication information. The transaction information may include one or more of the following: transaction amount, payee information or payer information, transaction time, transaction location, and the like. Optionally, the user can use his own terminal device (such as a mobile phone, computer, etc.) to start the bank APP carried in the terminal device, and the user enters transaction information and identity authentication information into the bank APP, and the bank APP Generate a transaction request with the entered identity authentication information, and send the transaction request to the cloud hosting server 10. Thus, the hardware payment device 20 can perform a transaction operation according to the transaction information. As an optional implementation, the identity authentication information includes at least one of the following: finger vein information, fingerprint information, or face information. By performing identity authentication on the user who submits the transaction request through biometrics, the electronic Transaction security.
云托管服务器10,还用于根据用户身份标识信息和身份认证信息进行认证,认证通过后,根据用户身份标识信息与硬件支付设备的绑定关系,将交易请求发送给用户身份标识信息对应的硬件支付设备20。云托管服务器10在对用户身份认证信息进行认证后,就根据用户标识信息与硬件支付设备的绑定关系,查找到属于该用户的硬件支付设备20,将交易请求发送给用户的硬件支付设备20,由内置有安全芯片的硬件支付设备20执行交易操作,如接收或发送用于支付的数据包等。作为一种可选的实施方式,云托管服务器10可以 存储绑定关系映射表,在该绑定关系映射表中查找与接收到的用户身份标识信息对应的硬件支付设备20的序列号,由此可以查找并调用该用户的硬件支付设备20。The cloud hosting server 10 is also used to perform authentication according to the user identity information and identity authentication information. After the authentication is passed, according to the binding relationship between the user identity information and the hardware payment device, the transaction request is sent to the hardware corresponding to the user identity information. Payment device 20 . After the cloud hosting server 10 authenticates the user identity authentication information, it finds the hardware payment device 20 belonging to the user according to the binding relationship between the user identification information and the hardware payment device, and sends the transaction request to the user's hardware payment device 20 , the transaction operation is performed by the hardware payment device 20 with a built-in security chip, such as receiving or sending data packets for payment. As an optional implementation, the cloud hosting server 10 may store a binding relationship mapping table, and look up the serial number of the hardware payment device 20 corresponding to the received user identity information in the binding relationship mapping table, thereby The user's hardware payment device 20 can be looked up and invoked.
硬件支付设备20,用于根据交易信息判断交易类型,如果交易类型为付款,则获取用于支付的第一数据包,将用于支付的第一数据包发送至云托管服务器10;如果交易类型为收款,则从交易信息中提取用于支付的第二数据包,存储用于支付的第二数据包;云托管服务器10,还用于将接收的用于支付的第一数据包外发。硬件支付设备20接收到指示付款的交易信息后,可以根据交易信息中的交易金额,从内置的安全芯片中获取自身存储的对应面值的用于支付的第一数据包,将该用于支付的第一数据包发送至云托管服务器10。云托管服务器10接收到该用于支付的第一数据包后,用于将接收的用于支付的第一数据包外发。由此,云托管服务器10可以将用于支付的第一数据包发送至收款方设备。如果交易类型为收款,则交易信息中携带有付款方发送的用于支付的第二数据包,硬件支付设备20提取该用于支付的第二数据包并将其存储在内置的安全芯片中,由此完成收款操作。The hardware payment device 20 is used to judge the transaction type according to the transaction information, if the transaction type is payment, then obtain the first data packet for payment, and send the first data packet for payment to the cloud hosting server 10; if the transaction type For collection, then extract the second data packet used for payment from the transaction information, and store the second data packet used for payment; the cloud hosting server 10 is also used to send out the received first data packet used for payment . After the hardware payment device 20 receives the transaction information indicating payment, it can obtain the first data packet for payment corresponding to the face value stored by itself from the built-in security chip according to the transaction amount in the transaction information, and use the first data packet for payment The first data packet is sent to the cloud hosting server 10 . After receiving the first data packet for payment, the cloud hosting server 10 is configured to send the received first data packet for payment. Thus, the cloud hosting server 10 can send the first data packet for payment to the payee device. If the transaction type is collection, the transaction information carries the second data packet sent by the payer for payment, and the hardware payment device 20 extracts the second data packet for payment and stores it in the built-in security chip , thus completing the payment operation.
由本实施例提供的系统可以看出,该系统通过配置与云托管服务器10相连接或者集成在云托管服务器10中的一个或多个硬件支付设备,使用户在开户后,可以被分配到一个与用户身份标识信息对应的云端硬件支付设备20,通过该云端硬件支付设备20收付或存储用于支付的数据包,以此完成交易。采用硬件支付设备的云托管方法或系统,无需用户在开户时到银行柜台领用硬件支付设备,在后续使用中也不必持有该硬件支付设备,由此可以简化用户操作,优化用户的使用体验。As can be seen from the system provided in this embodiment, the system configures one or more hardware payment devices connected to or integrated in the cloud hosting server 10, so that after the user opens an account, he can be assigned to a The cloud hardware payment device 20 corresponding to the user identity information receives and pays or stores the data package for payment through the cloud hardware payment device 20 to complete the transaction. The cloud hosting method or system using a hardware payment device does not require the user to go to the bank counter to get the hardware payment device when opening an account, and does not need to hold the hardware payment device in subsequent use, thereby simplifying user operations and optimizing user experience .
在本说明书的描述中,参考术语“一个实施例”、“一些实施例”、“示例”、“具体示例”、或“一些示例”等的描述意指结合该实施例或示例描述的具体特征、结构、材料或者特点包含于本公开的至少一个实施例或示例中。在本说明书中,对上述术语的示意性表述不一定指的是相同的实施例或示例。而且,描述的具体特征、结构、材料或者特点可以在任何的一个或多个实施例或示例中以合适的方式结合。In the description of this specification, descriptions referring to the terms "one embodiment", "some embodiments", "example", "specific examples", or "some examples" mean that specific features described in connection with the embodiment or example , structure, material or characteristic is included in at least one embodiment or example of the present disclosure. In this specification, schematic representations of the above terms do not necessarily refer to the same embodiment or example. Furthermore, the specific features, structures, materials or characteristics described may be combined in any suitable manner in any one or more embodiments or examples.
尽管上面已经示出和描述了本公开的实施例,可以理解的是,上述实施例是示例性的,不能理解为对本公开的限制,本领域的普通技术人员在不脱离本公开的原理和宗旨的情况下在本公开的范围内可以对上述实施例进行变化、修改、替换和变型。本公开的范围由所附权利要求及其等同限定。Although the embodiments of the present disclosure have been shown and described above, it can be understood that the above embodiments are exemplary and should not be construed as limitations on the present disclosure. Variations, modifications, substitutions, and modifications to the above-described embodiments are possible within the scope of the present disclosure. The scope of the present disclosure is defined by the appended claims and their equivalents.

Claims (4)

  1. 一种硬件支付设备的云托管方法,包括:A cloud hosting method for a hardware payment device, comprising:
    云托管服务器接收开户请求,所述开户请求包括用户身份标识信息;The cloud hosting server receives an account opening request, and the account opening request includes user identification information;
    所述云托管服务器根据所述身份标识信息分配并激活一个硬件支付设备,将所述用户身份标识信息与所述硬件支付设备绑定,并保存所述用户身份标识信息与所述硬件支付设备的绑定关系,其中,所述硬件支付设备连接至所述云托管服务器或者集成在所述云托管服务器内;The cloud hosting server allocates and activates a hardware payment device according to the identity information, binds the user identity information with the hardware payment device, and saves the user identity information and the hardware payment device A binding relationship, wherein the hardware payment device is connected to the cloud hosting server or integrated in the cloud hosting server;
    所述云托管服务器接收交易请求,所述交易请求包括:所述用户身份标识信息、交易信息和身份认证信息;The cloud hosting server receives a transaction request, and the transaction request includes: the user identification information, transaction information and identity authentication information;
    所述云托管服务器根据所述用户身份标识信息和所述身份认证信息进行认证,认证通过后,根据所述用户身份标识信息与所述硬件支付设备的绑定关系,将所述交易请求发送给所述用户身份标识信息对应的所述硬件支付设备;The cloud hosting server performs authentication according to the user identity information and the identity authentication information. After passing the authentication, according to the binding relationship between the user identity information and the hardware payment device, the transaction request is sent to The hardware payment device corresponding to the user identity information;
    所述硬件支付设备根据所述交易信息判断交易类型,如果所述交易类型为付款,则获取用于支付的第一数据包,将所述用于支付的第一数据包发送至所述云托管服务器;如果所述交易类型为收款,则从所述交易信息中提取用于支付的第二数据包,存储所述用于支付的第二数据包;The hardware payment device judges the transaction type according to the transaction information, if the transaction type is payment, then obtains the first data packet used for payment, and sends the first data packet used for payment to the cloud hosting server; if the transaction type is payment, extracting a second data packet for payment from the transaction information, and storing the second data packet for payment;
    所述云托管服务器将接收的所述用于支付的第一数据包外发。The cloud hosting server sends out the received first data packet for payment.
  2. 根据权利要求1所述的方法,其中,所述身份认证信息包括以下至少一种:指静脉信息、指纹信息或人脸信息。The method according to claim 1, wherein the identity authentication information includes at least one of the following: finger vein information, fingerprint information or face information.
  3. 一种硬件支付设备的云托管系统,包括:云托管服务器和至少一个硬件支付设备,所述硬件支付设备连接至所述云托管服务器或者集成在所述云托管服务器内;A cloud hosting system for a hardware payment device, comprising: a cloud hosting server and at least one hardware payment device, the hardware payment device being connected to the cloud hosting server or integrated in the cloud hosting server;
    所述云托管服务器,用于接收开户请求,所述开户请求包括用户身份标识信息;根据所述用户身份标识信息分配并激活一个所述硬件支付设备,将所述用户身份标识信息与所述硬件支付设备绑定,并保存所述用户身份标识信息与所述硬件支付设备的绑定关系;接收交易请求,所述交易请求包括:所述用户身份标识信息、交易信息和身份认证信息;根据所述用户身份标识信息和所述身份认证信息进行认证,认证通过后,根据所述用户身份标识信息与所述硬件支付设备的绑定关系,将所述交易请求发送给所述用户身份标识信息对应的所述硬件支付设备;The cloud hosting server is configured to receive an account opening request, and the account opening request includes user identity information; allocate and activate one of the hardware payment devices according to the user identity information, and combine the user identity information with the hardware Bind the payment device, and store the binding relationship between the user identity information and the hardware payment device; receive a transaction request, the transaction request includes: the user identity information, transaction information and identity authentication information; according to the The user identity information and the identity authentication information are authenticated. After the authentication is passed, according to the binding relationship between the user identity information and the hardware payment device, the transaction request is sent to the user identity information corresponding the said hardware payment device;
    所述硬件支付设备,用于根据所述交易信息判断交易类型,如果所述交易类型为付款,则获取用于支付的第一数据包,将所述用于支付的第一数据包发送至所述云托管服务器;如果所述交易类型为收款,则从所述交易信息中提取用于支付的第二数据包,存储所述用 于支付的第二数据包;The hardware payment device is configured to judge the transaction type according to the transaction information, and if the transaction type is payment, obtain a first data packet for payment, and send the first data packet for payment to the The cloud hosting server; if the transaction type is payment, then extract the second data package for payment from the transaction information, and store the second data package for payment;
    所述云托管服务器,还用于将接收的所述用于支付的第一数据包外发。The cloud hosting server is further configured to send the received first data packet for payment to outside.
  4. 根据权利要求3所述的方法,其中,所述身份认证信息包括以下至少一种:指静脉信息、指纹信息或人脸信息。The method according to claim 3, wherein the identity authentication information includes at least one of the following: finger vein information, fingerprint information or face information.
PCT/CN2022/102772 2021-09-15 2022-06-30 Cloud hosting method and system for hardware payment device WO2023040416A1 (en)

Applications Claiming Priority (2)

Application Number Priority Date Filing Date Title
CN202111079446.4A CN115828196A (en) 2021-09-15 2021-09-15 Cloud hosting method and system of hardware payment equipment
CN202111079446.4 2021-09-15

Publications (1)

Publication Number Publication Date
WO2023040416A1 true WO2023040416A1 (en) 2023-03-23

Family

ID=85514933

Family Applications (1)

Application Number Title Priority Date Filing Date
PCT/CN2022/102772 WO2023040416A1 (en) 2021-09-15 2022-06-30 Cloud hosting method and system for hardware payment device

Country Status (2)

Country Link
CN (1) CN115828196A (en)
WO (1) WO2023040416A1 (en)

Citations (5)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN105096118A (en) * 2015-08-21 2015-11-25 廖小谦 Electronic currency transfer payment system and method
CN105516180A (en) * 2015-12-30 2016-04-20 北京金科联信数据科技有限公司 Cloud secret key authentication system based on public key algorithm
CN112184197A (en) * 2020-09-17 2021-01-05 中国银联股份有限公司 Resource account binding method, server, device, system and storage medium
WO2021081705A1 (en) * 2019-10-28 2021-05-06 海付移通科技香港有限公司 Method and device for payment platform management, payment platform, and computer storage medium
CN113240423A (en) * 2021-03-30 2021-08-10 广东华兴银行股份有限公司 Fund payment approval method, device and medium based on enterprise cloud authentication

Patent Citations (5)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN105096118A (en) * 2015-08-21 2015-11-25 廖小谦 Electronic currency transfer payment system and method
CN105516180A (en) * 2015-12-30 2016-04-20 北京金科联信数据科技有限公司 Cloud secret key authentication system based on public key algorithm
WO2021081705A1 (en) * 2019-10-28 2021-05-06 海付移通科技香港有限公司 Method and device for payment platform management, payment platform, and computer storage medium
CN112184197A (en) * 2020-09-17 2021-01-05 中国银联股份有限公司 Resource account binding method, server, device, system and storage medium
CN113240423A (en) * 2021-03-30 2021-08-10 广东华兴银行股份有限公司 Fund payment approval method, device and medium based on enterprise cloud authentication

Also Published As

Publication number Publication date
CN115828196A (en) 2023-03-21

Similar Documents

Publication Publication Date Title
CN104994114B (en) A kind of identity authorization system and method based on electronic ID card
CN105323253B (en) Identity verification method and device
WO2020082885A1 (en) Identity authentication, number saving and sending, and number binding method, apparatus and device
CN109196539B (en) System and method for processing transactions with secure authentication
US20140214673A1 (en) Method for authentication using biometric data for mobile device e-commerce transactions
CN106296199A (en) Payment based on living things feature recognition and identity authorization system
CN110826043B (en) Digital identity application system and method, identity authentication system and method
CN108012268A (en) A kind of mobile phone terminal SIM card and the method for safe handling App, medium
CN105991287A (en) Signature data generation and fingerprint authentication request method and device
CN106416189A (en) Systems, apparatus and methods for improved authentication
WO2020107233A1 (en) Blockchain-based wallet system, method of use of wallet and storage medium
CN106157025A (en) The mobile terminal safety method of payment of identity-based card and system
CN210691384U (en) Face recognition payment terminal platform based on security unit and trusted execution environment
US8463705B2 (en) Systems and methods for transactions on the telecom web
CN105868970B (en) authentication method and electronic equipment
CN102202300A (en) System and method for dynamic password authentication based on dual channels
CN106485851A (en) A kind of nothing card automatic teller machine and nothing card withdrawal system
RU2724351C2 (en) Universal access to electronic wallet
WO2016131386A1 (en) Method and device for service management
WO2022193594A1 (en) Card binding method, terminal device, authentication server and storage medium
CN104778579A (en) Induction payment method and device based on electronic identity recognition carrier
CN114556356A (en) User authentication framework
TW201227556A (en) Electronic transaction system and payment method using telecommunication phone number as account number
TW201604805A (en) Method and system for verifying account
CN110223128A (en) A kind of method and relevant apparatus of data processing

Legal Events

Date Code Title Description
121 Ep: the epo has been informed by wipo that ep was designated in this application

Ref document number: 22868793

Country of ref document: EP

Kind code of ref document: A1