CN106779711A - Safe payment method and device based on eID - Google Patents
Safe payment method and device based on eID Download PDFInfo
- Publication number
- CN106779711A CN106779711A CN201510813176.3A CN201510813176A CN106779711A CN 106779711 A CN106779711 A CN 106779711A CN 201510813176 A CN201510813176 A CN 201510813176A CN 106779711 A CN106779711 A CN 106779711A
- Authority
- CN
- China
- Prior art keywords
- eid
- payment
- information
- server
- certifications
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Pending
Links
Classifications
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06Q—INFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES, NOT OTHERWISE PROVIDED FOR
- G06Q20/00—Payment architectures, schemes or protocols
- G06Q20/38—Payment protocols; Details thereof
- G06Q20/40—Authorisation, e.g. identification of payer or payee, verification of customer or shop credentials; Review and approval of payers, e.g. check credit lines or negative lists
- G06Q20/401—Transaction verification
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06Q—INFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES, NOT OTHERWISE PROVIDED FOR
- G06Q20/00—Payment architectures, schemes or protocols
- G06Q20/30—Payment architectures, schemes or protocols characterised by the use of specific devices or networks
- G06Q20/32—Payment architectures, schemes or protocols characterised by the use of specific devices or networks using wireless devices
- G06Q20/327—Short range or proximity payments by means of M-devices
- G06Q20/3278—RFID or NFC payments by means of M-devices
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06Q—INFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES, NOT OTHERWISE PROVIDED FOR
- G06Q20/00—Payment architectures, schemes or protocols
- G06Q20/38—Payment protocols; Details thereof
- G06Q20/382—Payment protocols; Details thereof insuring higher security of transaction
Landscapes
- Business, Economics & Management (AREA)
- Engineering & Computer Science (AREA)
- Accounting & Taxation (AREA)
- Strategic Management (AREA)
- Physics & Mathematics (AREA)
- General Business, Economics & Management (AREA)
- General Physics & Mathematics (AREA)
- Theoretical Computer Science (AREA)
- Computer Security & Cryptography (AREA)
- Finance (AREA)
- Computer Networks & Wireless Communication (AREA)
- Financial Or Insurance-Related Operations Such As Payment And Settlement (AREA)
Abstract
The invention provides a kind of safe payment method and device based on eID.The method includes:The payment request from user is received, Pay Bill is generated on the interface for paying class application;When user confirms to pay according to Pay Bill, generation prompting user carries out the message of eID certifications, and has adjusted the reader of the eID information that can be read in eID terminals;Obtain the eID information that reader reads from eID terminals;Payment accounts and the eID information for obtaining are sent to eID unified certifications server carries out authentification of message, and receives the authentication result of eID unified certifications server return;Determined whether to carry out follow-up delivery operation according to authentication result.The embodiment of the present invention realizes the physical isolation of eID information and internet using eID terminals, before delivery operation is carried out, secure payment certification can be carried out to payment accounts according to eID information, such that it is able to improve payment safety.
Description
Technical field
The present invention relates to technical field of internet application, particularly a kind of safe payment method based on eID and
Device.
Background technology
With the fast development of Internet technology, using smart mobile phone, panel computer, palm PC and shifting
The user terminals such as dynamic internet device carry out on-line payment has turned into a kind of convenient, popular means of payment.
In actual applications, when user carries out on-line payment using user terminal, user is generally needed in user
Payment cipher is manually entered in terminal, to complete on-line payment.In practice, it has been found that this means of payment is needed
User is wanted to be manually entered payment cipher so that delivery operation is comparatively laborious, so as to reduce the effect of on-line payment
Rate.Also, it is manually entered payment cipher and is easily caused payment cipher leakage, reduces payment safety.
The content of the invention
In view of the above problems, it is proposed that the present invention overcomes above mentioned problem or at least in part to provide one kind
The safe payment method and corresponding device based on eID for solving the above problems.
According to an aspect of of the present present invention, there is provided a kind of safe payment method based on eID, it is applied to pay
Class application, including:
The payment request from user is received, Pay Bill is generated on the interface of the payment class application, its
In, payment accounts are at least included in the Pay Bill;
When user confirms to pay according to the Pay Bill, generation prompting user carries out the message of eID certifications,
And adjusted the reader of the eID information that can be read in eID terminals;
Obtain the eID information that the reader reads from eID terminals;
The payment accounts and the eID information for obtaining are sent to eID unified certifications server and carry out letter
Breath certification, and receive the authentication result that the eID unified certifications server is returned;
Determined whether to carry out follow-up delivery operation according to the authentication result.
Alternatively, methods described also includes:
By the payment accounts and its eID unified certifications service of corresponding eID information
Device.
Alternatively, the payment accounts and its eID unifications of corresponding eID information are recognized
Card server, including:
EID information registration requests are sent to the eID unified certifications server, wherein, the eID information
Registration request includes the payment accounts;
The response message that the eID unified certifications server is returned is received, and has been adjusted and can be read eID terminals
The reader of the eID information in carrier;
The eID information that the reader reads from eID terminals is sent to eID unified certifications clothes
Business device, payment accounts and the eID letters for sending as described in the eID unified certifications server associated storage
Breath.
Alternatively, methods described also includes:
If receiving that the eID unified certifications server is returned, the registered excessively described payment accounts of expression
During message, then the prompt message of the registered excessively described payment accounts of user is pointed out in generation.
Alternatively, determined whether to carry out continuation payment operation according to the authentication result, including:
If the authentication result is the expression successful result of certification, it is determined that carry out follow-up delivery operation;
If the authentication result is the result for representing authentification failure, it is determined that do not carry out follow-up delivery operation.
Alternatively, methods described also includes:
When it is determined that carrying out follow-up delivery operation, the Pay Bill is sent to payment platform server,
Delivery operation is carried out according to the Pay Bill by the payment platform server.
Alternatively, methods described also includes:
When it is determined that not carrying out follow-up delivery operation, then the unsanctioned prompt message of eID authentification of messages is generated,
And it is prompted to user.
Alternatively, the eID terminals are the contactless eID cards based on NFC technique, the reading
Device is taken for NFC unit.
According to another aspect of the present invention, a kind of secure payment device based on eID is additionally provided, be applied to
Class application is paid, including:
Pay Bill generation module, is suitable to receive the payment request from user, in the payment class application
Pay Bill is generated on interface, wherein, payment accounts are at least included in the Pay Bill;
Reader has adjusted module, is suitable to when user confirms to pay according to the Pay Bill, and generation prompting is used
Family carries out the message of eID certifications, and has adjusted the reader of the eID information that can be read in eID terminals;
EID data obtaining modules, are suitable to obtain the eID information that the reader reads from eID terminals;
EID authentification of message modules, are suitable to send the payment accounts and the eID information for obtaining to eID
Unified certification server carries out authentification of message;
Authentication result receiver module, is suitable to receive the authentication result that the eID unified certifications server is returned;
Authentication result respond module, is suitable to be determined whether to carry out follow-up payment behaviour according to the authentication result
Make.
Alternatively, described device also includes:
EID information registering modules, are suitable to the payment accounts and its corresponding eID information are registered in advance extremely
The eID unified certifications server.
Alternatively, the eID information registerings module is further adapted for:
EID information registration requests are sent to the eID unified certifications server, wherein, the eID information
Registration request includes the payment accounts;
The response message that the eID unified certifications server is returned is received, and has been adjusted and can be read eID terminals
The reader of the eID information in carrier;
The eID information that the reader reads from eID terminals is sent to eID unified certifications clothes
Business device, payment accounts and the eID letters for sending as described in the eID unified certifications server associated storage
Breath.
Alternatively, the eID information registerings module is further adapted for:
If receiving that the eID unified certifications server is returned, the registered excessively described payment accounts of expression
During message, then the prompt message of the registered excessively described payment accounts of user is pointed out in generation.
Alternatively, the authentication result respond module is further adapted for:
If the authentication result is the expression successful result of certification, it is determined that carry out follow-up delivery operation;
If the authentication result is the result for representing authentification failure, it is determined that do not carry out follow-up delivery operation.
Alternatively, the authentication result respond module is further adapted for:
When it is determined that carrying out follow-up delivery operation, the Pay Bill is sent to payment platform server,
Delivery operation is carried out according to the Pay Bill by the payment platform server.
Alternatively, the authentication result respond module is further adapted for:
When it is determined that not carrying out follow-up delivery operation, then the unsanctioned prompt message of eID authentification of messages is generated,
And it is prompted to user.
Alternatively, the eID terminals are the contactless eID cards based on NFC technique, the reading
Device is taken for NFC unit.
In the embodiment of the present invention, eID is network electronic identity, and eID is realized using eID terminals
Information and the physical isolation of internet, before delivery operation is carried out, can pay a bill according to eID information to branch
Number secure payment certification is carried out, such that it is able to improve payment safety.Also, the embodiment of the present invention is eliminated
User is manually entered the troublesome operation that payment cipher brings, and such that it is able to simplify delivery operation, improves online branch
The efficiency paid.
Described above is only the general introduction of technical solution of the present invention, in order to better understand technology of the invention
Means, and being practiced according to the content of specification, and in order to allow above and other objects of the present invention,
Feature and advantage can become apparent, below especially exemplified by specific embodiment of the invention.
According to the accompanying drawings to the detailed description of the specific embodiment of the invention, those skilled in the art will
More understand of the invention above-mentioned and other purposes, advantages and features.
Brief description of the drawings
By reading the detailed description of hereafter preferred embodiment, various other advantages and benefit are for ability
Domain those of ordinary skill will be clear understanding.Accompanying drawing is only used for showing the purpose of preferred embodiment, and simultaneously
It is not considered as limitation of the present invention.And in whole accompanying drawing, identical is denoted by the same reference numerals
Part.In the accompanying drawings:
Fig. 1 shows the flow chart of the safe payment method based on eID according to an embodiment of the invention;
Fig. 2 shows that branch of being registered in eID unified certification servers according to an embodiment of the invention is paid a bill
Number method flow chart;
Fig. 3 shows the structural representation of the secure payment device based on eID according to an embodiment of the invention
Figure;And
Fig. 4 shows that the structure of the secure payment device based on eID in accordance with another embodiment of the present invention is shown
It is intended to.
Specific embodiment
The exemplary embodiment of the disclosure is more fully described below with reference to accompanying drawings.Although being shown in accompanying drawing
The exemplary embodiment of the disclosure, it being understood, however, that may be realized in various forms the disclosure without should be by
Embodiments set forth here is limited.Conversely, there is provided these embodiments are able to be best understood from this
It is open, and can by the scope of the present disclosure it is complete convey to those skilled in the art.
Domestic network remote authentication at present commonly uses " association is compared " method, will user input
The personal information such as " name+identification card number ", pass to backstage and the correctness of personal information compared to come
Assert its identity." association is compared " method is primarily present Railway Project under the scene of large-scale application:(1)
Personal information is compared and can not correctly represent my actual wishes, it is impossible to is taken precautions against personal identification and is falsely used or usurped
Risk;(2) leakage of personal information is easily caused.Gather the network english teaching mechanism peace of personal information
Full level differs, the risk more and more higher that personal information is revealed on a large scale.
In face of problem above, based on cryptographic technique, with intelligent and safe chip as carrier, by the " Ministry of Public Security
Citizen's network identity identifying system " is signed and issued to eID (the Electronic Identity, network electronic body of citizen
Part mark), online on the premise of identity information is not revealed identity can be remotely recognized, citizen can be met and existed
Many security assurance requirements such as individual privacy, network trading and virtual assets.
EID can be in a string of electronic information of one user identity of cyberspace unique mark.EID systems according to
The national citizenship information bank of support Ministry of Public Security covering, generates one group of unique network identifier and numeral is demonstrate,proved
Book, it is ensured that the authenticity and uniqueness of user identity, at the same itself and do not include any personal identification privacy
Information.EID related identification informations are created and management by unifying mechanism, so both ensure that the true of personal identification
Reality, and it is possible to prevente effectively from exposed when subscriber identity information is carried at various Virtual network operators and revealed
Risk.User can be avoided to frequently enter username and password using eID, ensureing identity security reliability
On the premise of realize quick login and other trusted operations.
A kind of safe payment method based on eID is the embodiment of the invention provides, is applied to pay class application,
The payment class application can be applied at user's end such as smart mobile phone, PC, panel computer, intelligent watch
End.Fig. 1 shows the flow chart of the safe payment method based on eID according to an embodiment of the invention.
As shown in figure 1, the method at least comprises the following steps S102 to step S110:
Step S102, receives the payment request from user, and generating branch on the interface for paying class application pays a bill
It is single, wherein, payment accounts are at least included in the Pay Bill;
Step S104, when user confirms to pay according to Pay Bill, generation prompting user carries out eID certifications
Message, and adjusted the reader of the eID information that can be read in eID terminals;
Step S106, obtains the eID information that reader reads from eID terminals;
Step S108, payment accounts and the eID information for obtaining are sent to eID unified certification servers
Row information certification, and receive the authentication result of eID unified certifications server return;
Step S110, determines whether to carry out follow-up delivery operation according to authentication result.
In the embodiment of the present invention, eID is network electronic identity, and eID is realized using eID terminals
Information and the physical isolation of internet, before delivery operation is carried out, can pay a bill according to eID information to branch
Number secure payment certification is carried out, such that it is able to improve payment safety.Also, the embodiment of the present invention is eliminated
User is manually entered the troublesome operation that payment cipher brings, and such that it is able to simplify delivery operation, improves online branch
The efficiency paid.
In order to ensure secure and trusted, the personally identifiable information of user is not included in whole identifying procedure (such as
Identity card, telephone number etc.), the transmitting procedure of authentication information also uses the encryption mechanism of dual key system.
The payment request referred in above step S102, can be that the payment initiated after user's order products please
Ask, or user to good friend or other people transfer accounts initiation payment request, etc., the invention is not restricted to this.
For example, user orders 100 yuan of product in service provider, after submitting product order to, in the order page of generation
Upper input payment accounts, click on the payment button on the page, so as to initiate to pay request.Again for example, user
Into the interface of transferring accounts for paying class application, button of transferring accounts is clicked at the interface of transferring accounts, initiate to pay request, entered
And in the payment class bill of generation, user can be manually entered relevant information, such as payment accounts, payment gold
Volume, beneficiary account etc..
In order to further improve the level of security of certification, having been adjusted in step S104 can read eID terminals load
Before the reader of the eID information in body, the eID certification authorities of the payment class application can be judged,
That is, determine whether the payment class application has the authority of eID certifications;If so, then operation has been adjusted in triggering execution.
If conversely, authority of the payment class application without eID certifications, generates the payment class application without eID
The prompt message of the authority of certification, will be prompted to information alert to user.
Further, when it is determined that whether the payment class application has the authority of eID certifications, the invention provides
A kind of optional scheme, in this scenario, pre-sets an eID certification white lists, is set in the white list
The payment class application of authority with eID certifications, can inquire about the payment in eID certification white lists
Class application, if inquiring, it is determined that the payment class application has the authority of eID certifications;If not inquiring,
Then determine authority of the payment class application without eID certifications.Here, eID certifications white list can pass through
Local user is set or cloud server rogue program storehouse is updated.
In the optional scheme of another kind that the present invention is provided, it is determined that whether the payment class application has eID
During the authority of certification, by eID unified certifications server or class application server can be paid determine, i.e., to
EID unified certifications server or payment class application server send searches whether the payment class application has eID
The request of the authority of certification, according to the lookup that eID unified certifications server or payment class application server are returned
Result determines.
In embodiments of the present invention, before eID terminals are introduced, NFC (Near Field are introduced first
Communication, near-field communication) technology.
NFC is a kind of short-distance wireless communication technology of standard, and it is based on RFID (Radio Frequency
Identification, radio frequency identification) technology, combine non-contact inductive and wireless connection technology, energy
Enough realize in short distance being identified compatible equipment and carrying out data exchange.NFC communication often is being initiated to set
It is standby to be produced and target device between, intercoupled in the way of AC magnetic field between the two, and with ASK
(Amplitude Shift Keying, amplitude-shift keying) mode or FSK (Frequency Shift Keying,
Frequency shift keying) mode carries out carrier modulation, transmits data signal.Initiating equipment produces unlimited signal initial
Change communication, target device then responds the order that initiating equipment sends, and select to be sent by initiating equipment or
It is that the less radio-frequency magnetic field for voluntarily producing is communicated.
Communication between NFC is divided into active communication mode and passive communication mode, and active communication mode is 20
Centimetre, passive communication mode is 10 centimetres.Under aggressive mode, every equipment sends number to another equipment
According to when, it is necessary to produce the radiofrequency field of oneself;And under Passive Mode, NFC initiating equipments communicated entirely
Radiofrequency field is provided in journey.Because NFC communication is the point-to-point communication of minimum distance, transmission can be avoided
Information is monitored or altered, its security mechanism can also by encryption, decryption system to ensure mobile device between
Secure communication.Also, NFC processing speeds are very fast, from detection mobile device, identity validation to data
Access only need the time of 0.1 second to be capable of achieving.NFC is compatible with existing contactless smart card technology, mesh
Before have become and obtain the official standard that more and more leading firms support.
The eID terminals that above step S104 is referred to can be the contactless eID based on NFC technique
Card, then reader is NFC unit.In step s 106, can be with direct access NFC unit from eID
Block the eID information for reading.
Further, NFC unit reads the eID information in the contactless eID cards based on NFC technique,
And then eID information is obtained from NFC unit, now, the prompting of input PIN is required to user's display, and
The correctness of the PIN of preliminary identification user input, if the continuous n times of user (e.g., 3 is inferior) input is wrong
PIN, then lock the function of corresponding eID cards by mistake, after PIN is verified, the eID letters that will be obtained
Breath sends to eID unified certifications server and carries out authentification of message.In such manner, it is possible to solve eID cards loss may
The problem of the eID information leakages for causing.
EID cards can include information storage module, three modules of message processing module and information communication module,
Wherein, information storage module by the personal unique eID certificates of the memory storage on piece, private key and
PIN (Personal Identification Number, PIN) etc., and not comprising any identity letter
Breath (such as ID card information, telephone number), does not result in the leakage of personal information.Due to storing these
Space needed for information is smaller (such as 512KB-1024KB), the NFC chip that can write direct itself
On-chip memory in.
Message processing module, can include encryption chip and CPU, in passive power supply, before transmission information
The content stored on piece is encrypted using specific cryptographic algorithm, enciphering rate is fast, facilitates eID cards
Safety storage and convenient use.The Encryption Decryption module that directly can also be provided using NFC chip is added
It is close.EID cards based on NFC technique are a reading mode, are identified using specific label, and user can not change
Its content.
Information communication module, can include NFC chip and antenna, and antenna is except for transmitting corresponding data
Outward, while receiving the radiofrequency field of the NFC device generation of mobile terminal for digital processing is powered, it is ensured that eID
The complete procedure of the encryption of information and NFC communication unit transmitting and receiving datas on card.
User only needs to card is placed near mobile phone (within 10 centimetres) several seconds when using eID cards
The characteristics such as the reading of eID information, the distinctive safe and efficient convenience of NFC near-field communications can be completed and ensure that use
Experience at family.
Additionally, in the embodiment of the present invention, paying class application can apply in the user terminals such as PC, eID
Terminals can be USB flash disk, then reader is the USB flash disk driver on the user terminals such as PC.
In an embodiment of the present invention, step S108 by payment accounts and obtain eID information send to
, it is necessary to by payment accounts and its corresponding eID information before eID unified certifications server carries out authentification of message
It is registered in advance to eID unified certification servers.Fig. 2 shows according to an embodiment of the invention in eID
The flow chart of the method for payment accounts is registered in unified certification server.As shown in Fig. 2 the method is at least wrapped
Include following steps S202 to step S206:
Step S202, sends eID information registration requests to eID unified certification servers, wherein, the eID
Information registration request includes payment accounts;
Step S204, receives the response message that eID unified certifications server is returned, and adjusted and can read
The reader of the eID information in eID terminals;
Step S206, the eID information that reader reads from eID terminals is sent to eID unifications and is recognized
Card server, by eID unified certifications server associated storage payment accounts and the eID information for sending.
In step S204, after eID unified certification servers receive eID information registration requests, according to
Payment accounts in request search whether to have registered, if unregistered, to user's end where payment class application
End returns to response message;If registered, the registered mistake of expression is returned to user terminal where class application is paid
The message of payment accounts, now, user terminal where paying class application receives eID unified certification servers
Return, represent it is registered cross payment accounts message when, then generation prompting user it is registered cross payment accounts
Prompt message.
Determined whether to carry out follow-up delivery operation according to authentication result in step s 110, the present invention is provided
A kind of optional scheme, in this scenario, if authentication result is to represent certification successful result, it is determined that
Carry out follow-up delivery operation;If conversely, authentication result is the result for representing authentification failure, it is determined that do not enter
The follow-up delivery operation of row.Further, when it is determined that carrying out follow-up delivery operation, can be by Pay Bill
Payment platform server is sent to, delivery operation is carried out according to Pay Bill by payment platform server.True
When determining not carry out follow-up delivery operation, then the unsanctioned prompt message of eID authentification of messages is generated, and point out
To user.
Based on the safe payment method based on eID that each embodiment above is discussed in detail, based on same invention
Design, the embodiment of the present invention additionally provides a kind of secure payment device based on eID.
Fig. 3 shows the structural representation of the secure payment device based on eID according to an embodiment of the invention
Figure.As shown in figure 3, the device 300 can at least be adjusted including Pay Bill generation module 310, reader
Play module 320, eID data obtaining modules 330, eID authentification of messages module 340, authentication result and receive mould
Block 350 and authentication result respond module 360.
Now introduce each composition or the work(of device of the secure payment device 300 based on eID of the embodiment of the present invention
Annexation between energy and each several part:
Pay Bill generation module 310, is suitable to receive the payment request from user, is paying class application
Pay Bill is generated on interface, wherein, payment accounts are at least included in Pay Bill;
Reader has adjusted module 320, is coupled with Pay Bill generation module 310, be suitable to when user according to
When Pay Bill confirms to pay, generation prompting user carries out the message of eID certifications, and has adjusted and can read eID
The reader of the eID information in terminals;
EID data obtaining modules 330, have adjusted module 320 to be coupled with reader, are suitable to obtain reader
From the eID information that eID terminals read;
EID authentification of messages module 340, is coupled with eID data obtaining modules 330, is suitable to pay a bill branch
Number and the eID information that obtains send to eID unified certifications server and carry out authentification of message;
Authentication result receiver module 350, is coupled with eID authentification of messages module 340, is suitable to receive eID
The authentication result that unified certification server is returned;
Authentication result respond module 360, is coupled with authentication result receiver module 350, is suitable to according to certification
Result determines whether to carry out follow-up delivery operation.
In an embodiment of the present invention, the payment request that Pay Bill generation module 310 is received, can use
After the order products of family initiate payment request, or user to good friend or other people transfer accounts initiation payment please
Ask, etc., the invention is not restricted to this.For example, user orders 100 yuan of product in service provider, submit to and produce
After product order, payment accounts are input on the order page of generation, click on the payment button on the page, so that
Initiate to pay request.Again for example, user enters the interface of transferring accounts for paying class application, clicked at the interface of transferring accounts
Transfer accounts button, initiate to pay request, and then in the payment class bill of generation, user can be manually entered phase
Pass information, such as payment accounts, payment, beneficiary account.
In order to further improve the level of security of certification, having adjusted module 320 to adjust in reader can read
Before the reader of the eID information in eID terminals, the eID certifications of the payment class application can be weighed
Limit is judged, i.e. determine whether the payment class application has the authority of eID certifications;If so, then triggering
Operation has been adjusted in execution.If conversely, authority of the payment class application without eID certifications, generates the payment
The prompt message of authority of the class application without eID certifications, will be prompted to information alert to user.
Further, when it is determined that whether the payment class application has the authority of eID certifications, the invention provides
A kind of optional scheme, in this scenario, pre-sets an eID certification white lists, is set in the white list
The payment class application of authority with eID certifications, can inquire about the payment in eID certification white lists
Class application, if inquiring, it is determined that the payment class application has the authority of eID certifications;If not inquiring,
Then determine authority of the payment class application without eID certifications.Here, eID certifications white list can pass through
Local user is set or cloud server rogue program storehouse is updated.
In the optional scheme of another kind that the present invention is provided, it is determined that whether the payment class application has eID
During the authority of certification, by eID unified certifications server or class application server can be paid determine, i.e., to
EID unified certifications server or payment class application server send searches whether the payment class application has eID
The request of the authority of certification, according to the lookup that eID unified certifications server or payment class application server are returned
Result determines.
In an embodiment of the present invention, as shown in figure 4, the device of Fig. 3 displayings can also include:
EID information registerings module 370, is coupled with eID authentification of messages module 340, is suitable to pay a bill branch
Number and its corresponding eID information it is registered in advance to eID unified certification servers.
In an embodiment of the present invention, eID information registerings module 370 is further adapted for:
EID information registration requests are sent to eID unified certification servers, wherein, eID information registration requests
Include payment accounts;
The response message that eID unified certifications servers is returned is received, and has been adjusted and can be read eID terminals
In eID information reader;
The eID information that reader reads from eID terminals is sent to eID unified certification servers, by
EID unified certifications server associated storage payment accounts and the eID information for sending.
In an embodiment of the present invention, after eID unified certifications server receives eID information registration requests,
Payment accounts in request search whether to have registered, if unregistered, are used to class application place is paid
Family terminal returns to response message;If registered, noted to user terminal return expression where class application is paid
Volume crosses the message of payment accounts, and now, user terminal where paying class application receives eID unified certifications clothes
Business device return, represent it is registered cross payment accounts message when, then generation prompting user it is registered cross pay
The prompt message of account.
In an embodiment of the present invention, eID information registerings module 370 is further adapted for:
If receive the return of eID unified certifications server, the registered mistake payment accounts of expression message,
User is pointed out in then generation the registered prompt message for crossing payment accounts.
In an embodiment of the present invention, authentication result respond module 360 is further adapted for:
If authentication result is the expression successful result of certification, it is determined that carry out follow-up delivery operation;
If authentication result is the result for representing authentification failure, it is determined that do not carry out follow-up delivery operation.
In an embodiment of the present invention, authentication result respond module 360 is further adapted for:
When it is determined that carrying out follow-up delivery operation, Pay Bill is sent to payment platform server, by propping up
Pay Platform Server carries out delivery operation according to Pay Bill.
In an embodiment of the present invention, authentication result respond module 360 is further adapted for:
When it is determined that not carrying out follow-up delivery operation, then the unsanctioned prompt message of eID authentification of messages is generated,
And it is prompted to user.
In an embodiment of the present invention, eID terminals are the contactless eID cards based on NFC technique,
Reader is NFC unit.Introduction on NFC technique and eID cards may refer to above, herein not
Repeat again.
User only needs to card is placed near mobile phone (within 10 centimetres) several seconds when using eID cards
The characteristics such as the reading of eID information, the distinctive safe and efficient convenience of NFC near-field communications can be completed and ensure that use
Experience at family.
Additionally, in the embodiment of the present invention, paying class application can apply in the user terminals such as PC, eID
Terminals can be USB flash disk, then reader is the USB flash disk driver on the user terminals such as PC.
According to the combination of above-mentioned any one preferred embodiment or multiple preferred embodiments, embodiment of the present invention energy
Enough reach following beneficial effect:
In the embodiment of the present invention, eID is network electronic identity, and eID is realized using eID terminals
Information and the physical isolation of internet, before delivery operation is carried out, can pay a bill according to eID information to branch
Number secure payment certification is carried out, such that it is able to improve payment safety.Also, the embodiment of the present invention is eliminated
User is manually entered the troublesome operation that payment cipher brings, and such that it is able to simplify delivery operation, improves online branch
The efficiency paid.
Further, the eID information of embodiment of the present invention transmission does not include personal information, does not result in personal letter
The leakage of breath.Also, NFC technique is used, the applicable situation of eID authentications has been expanded.Additionally,
The certification of the embodiment of the present invention is carried out by eID unified certifications server, it is therefore prevented that browser rs cache cookies
(cookie) is stolen, and improves the security of certification.
In specification mentioned herein, numerous specific details are set forth.It is to be appreciated, however, that this hair
Bright embodiment can be put into practice in the case of without these details.In some instances, not in detail
Known method, structure and technology are shown, so as not to obscure the understanding of this description.
Similarly, it will be appreciated that in order to simplify the disclosure and help understand one in each inventive aspect or
Multiple, in above to the description of exemplary embodiment of the invention, each feature of the invention is sometimes by one
Rise and be grouped into single embodiment, figure or descriptions thereof.However, should not be by the method for the disclosure
It is construed to reflect following intention:I.e. the present invention for required protection requirement ratio institute in each claim is clear and definite
The more features of feature of record.More precisely, as the following claims reflect, hair
Bright aspect is all features less than single embodiment disclosed above.Therefore, it then follows specific embodiment
Claims be thus expressly incorporated in the specific embodiment, wherein each claim conduct in itself
Separate embodiments of the invention.
Those skilled in the art be appreciated that the module in the equipment in embodiment can be carried out it is adaptive
Change to answering property and they are arranged in one or more equipment different from the embodiment.Can be reality
Apply module or unit or component in example and be combined into a module or unit or component, and in addition can be it
Be divided into multiple submodule or subelement or sub-component.Except in such feature and/or process or unit
It is at least some exclude each other outside, can using any combinations to this specification (including adjoint right will
Ask, make a summary and accompanying drawing) disclosed in all features and so disclosed any method or equipment it is all
Process or unit are combined.Unless expressly stated otherwise, this specification (including adjoint claim,
Summary and accompanying drawing) disclosed in each feature can or similar purpose identical, equivalent by offer alternative features
To replace.
Although additionally, it will be appreciated by those of skill in the art that some embodiments described herein include other
Some included features are rather than further feature, but the combination meaning of the feature of different embodiments in embodiment
Taste and is within the scope of the present invention and is formed different embodiments.For example, in detail in the claims,
The one of any of embodiment required for protection mode can use in any combination.
All parts embodiment of the invention can realize with hardware, or with one or more processor
The software module of upper operation is realized, or is realized with combinations thereof.It will be understood by those of skill in the art that
Can be realized using microprocessor or digital signal processor (DSP) in practice according to of the invention real
Apply some or all functions of some or all parts in the secure payment device based on eID of example.
The present invention be also implemented as some or all equipment for performing method as described herein or
Person's program of device (for example, computer program and computer program product).It is such to realize journey of the invention
Sequence can be stored on a computer-readable medium, or can have the form of one or more signal.This
The signal of sample can be downloaded from internet website and obtained, or be provided on carrier signal, or with any
Other forms are provided.
It should be noted that above-described embodiment the present invention will be described rather than limiting the invention, and
And those skilled in the art can design replacement implementation without departing from the scope of the appended claims
Example.In the claims, any reference symbol being located between bracket should not be configured to claim
Limitation.Word "comprising" does not exclude the presence of element or step not listed in the claims.Positioned at element it
Preceding word "a" or "an" does not exclude the presence of element as multiple.The present invention can be by means of bag
Include the hardware of some different elements and realized by means of properly programmed computer.It is some listing
In the unit claim of device, several in these devices can be come specific by same hardware branch
Embody.The use of word first, second, and third does not indicate that any order.Can be by these word solutions
It is interpreted as title.
So far, although those skilled in the art will appreciate that herein it is detailed have shown and described it is of the invention
Multiple exemplary embodiments, but, without departing from the spirit and scope of the present invention, still can be according to this
Disclosure of invention directly determines or derives many other variations or modifications for meeting the principle of the invention.Cause
This, the scope of the invention should be understood and defined as covering all these other variations or modifications.
The embodiment of the invention also discloses:A1, a kind of safe payment method based on eID, are applied to pay
Class application, including:
The payment request from user is received, Pay Bill is generated on the interface of the payment class application, its
In, payment accounts are at least included in the Pay Bill;
When user confirms to pay according to the Pay Bill, generation prompting user carries out the message of eID certifications,
And adjusted the reader of the eID information that can be read in eID terminals;
Obtain the eID information that the reader reads from eID terminals;
The payment accounts and the eID information for obtaining are sent to eID unified certifications server and carry out letter
Breath certification, and receive the authentication result that the eID unified certifications server is returned;
Determined whether to carry out follow-up delivery operation according to the authentication result.
A2, the method according to A1, wherein, also include:
By the payment accounts and its eID unified certifications service of corresponding eID information
Device.
A3, the method according to A2, wherein, the payment accounts and its corresponding eID information are pre-
The eID unified certifications server is first registered to, including:
EID information registration requests are sent to the eID unified certifications server, wherein, the eID information
Registration request includes the payment accounts;
The response message that the eID unified certifications server is returned is received, and has been adjusted and can be read eID terminals
The reader of the eID information in carrier;
The eID information that the reader reads from eID terminals is sent to eID unified certifications clothes
Business device, payment accounts and the eID letters for sending as described in the eID unified certifications server associated storage
Breath.
A4, the method according to A3, wherein, also include:
If receiving that the eID unified certifications server is returned, the registered excessively described payment accounts of expression
During message, then the prompt message of the registered excessively described payment accounts of user is pointed out in generation.
A5, the method according to any one of A1-A4, wherein, determined whether according to the authentication result
Continuation payment operation is carried out, including:
If the authentication result is the expression successful result of certification, it is determined that carry out follow-up delivery operation;
If the authentication result is the result for representing authentification failure, it is determined that do not carry out follow-up delivery operation.
A6, the method according to A5, wherein, also include:
When it is determined that carrying out follow-up delivery operation, the Pay Bill is sent to payment platform server,
Delivery operation is carried out according to the Pay Bill by the payment platform server.
A7, the method according to A5 or A6, wherein, also include:
When it is determined that not carrying out follow-up delivery operation, then the unsanctioned prompt message of eID authentification of messages is generated,
And it is prompted to user.
A8, the method according to any one of A1-A7, wherein, the eID terminals are based on NFC
The contactless eID cards of technology, the reader is NFC unit.
B9, a kind of secure payment device based on eID, are applied to pay class application, including:
Pay Bill generation module, is suitable to receive the payment request from user, in the payment class application
Pay Bill is generated on interface, wherein, payment accounts are at least included in the Pay Bill;
Reader has adjusted module, is suitable to when user confirms to pay according to the Pay Bill, and generation prompting is used
Family carries out the message of eID certifications, and has adjusted the reader of the eID information that can be read in eID terminals;
EID data obtaining modules, are suitable to obtain the eID information that the reader reads from eID terminals;
EID authentification of message modules, are suitable to send the payment accounts and the eID information for obtaining to eID
Unified certification server carries out authentification of message;
Authentication result receiver module, is suitable to receive the authentication result that the eID unified certifications server is returned;
Authentication result respond module, is suitable to be determined whether to carry out follow-up payment behaviour according to the authentication result
Make.
B10, the device according to B9, wherein, also include:
EID information registering modules, are suitable to the payment accounts and its corresponding eID information are registered in advance extremely
The eID unified certifications server.
B11, the device according to B10, wherein, the eID information registerings module is further adapted for:
EID information registration requests are sent to the eID unified certifications server, wherein, the eID information
Registration request includes the payment accounts;
The response message that the eID unified certifications server is returned is received, and has been adjusted and can be read eID terminals
The reader of the eID information in carrier;
The eID information that the reader reads from eID terminals is sent to eID unified certifications clothes
Business device, payment accounts and the eID letters for sending as described in the eID unified certifications server associated storage
Breath.
B12, the device according to B11, wherein, the eID information registerings module is further adapted for:
If receiving that the eID unified certifications server is returned, the registered excessively described payment accounts of expression
During message, then the prompt message of the registered excessively described payment accounts of user is pointed out in generation.
B13, the device according to any one of B9-B12, wherein, the authentication result respond module is also fitted
In:
If the authentication result is the expression successful result of certification, it is determined that carry out follow-up delivery operation;
If the authentication result is the result for representing authentification failure, it is determined that do not carry out follow-up delivery operation.
B14, the device according to B13, wherein, the authentication result respond module is further adapted for:
When it is determined that carrying out follow-up delivery operation, the Pay Bill is sent to payment platform server,
Delivery operation is carried out according to the Pay Bill by the payment platform server.
B15, the device according to B13 or B14, wherein, the authentication result respond module is further adapted for:
When it is determined that not carrying out follow-up delivery operation, then the unsanctioned prompt message of eID authentification of messages is generated,
And it is prompted to user.
B16, the device according to any one of B9-B15, wherein, the eID terminals be based on
The contactless eID cards of NFC technique, the reader is NFC unit.
Claims (10)
1. a kind of safe payment method based on eID, is applied to pay class application, including:
The payment request from user is received, Pay Bill is generated on the interface of the payment class application, its
In, payment accounts are at least included in the Pay Bill;
When user confirms to pay according to the Pay Bill, generation prompting user carries out the message of eID certifications,
And adjusted the reader of the eID information that can be read in eID terminals;
Obtain the eID information that the reader reads from eID terminals;
The payment accounts and the eID information for obtaining are sent to eID unified certifications server and carry out letter
Breath certification, and receive the authentication result that the eID unified certifications server is returned;
Determined whether to carry out follow-up delivery operation according to the authentication result.
2. method according to claim 1, wherein, also include:
By the payment accounts and its eID unified certifications service of corresponding eID information
Device.
3. method according to claim 2, wherein, by the payment accounts and its corresponding eID
The information eID unified certifications server, including:
EID information registration requests are sent to the eID unified certifications server, wherein, the eID information
Registration request includes the payment accounts;
The response message that the eID unified certifications server is returned is received, and has been adjusted and can be read eID terminals
The reader of the eID information in carrier;
The eID information that the reader reads from eID terminals is sent to eID unified certifications clothes
Business device, payment accounts and the eID letters for sending as described in the eID unified certifications server associated storage
Breath.
4. method according to claim 3, wherein, also include:
If receiving that the eID unified certifications server is returned, the registered excessively described payment accounts of expression
During message, then the prompt message of the registered excessively described payment accounts of user is pointed out in generation.
5. the method according to claim any one of 1-4, wherein, determined according to the authentication result be
It is no to carry out continuation payment operation, including:
If the authentication result is the expression successful result of certification, it is determined that carry out follow-up delivery operation;
If the authentication result is the result for representing authentification failure, it is determined that do not carry out follow-up delivery operation.
6. method according to claim 5, wherein, also include:
When it is determined that carrying out follow-up delivery operation, the Pay Bill is sent to payment platform server,
Delivery operation is carried out according to the Pay Bill by the payment platform server.
7. the method according to claim 5 or 6, wherein, also include:
When it is determined that not carrying out follow-up delivery operation, then the unsanctioned prompt message of eID authentification of messages is generated,
And it is prompted to user.
8. the method according to claim any one of 1-7, wherein, the eID terminals be based on
The contactless eID cards of NFC technique, the reader is NFC unit.
9. a kind of secure payment device based on eID, is applied to pay class application, including:
Pay Bill generation module, is suitable to receive the payment request from user, in the payment class application
Pay Bill is generated on interface, wherein, payment accounts are at least included in the Pay Bill;
Reader has adjusted module, is suitable to when user confirms to pay according to the Pay Bill, and generation prompting is used
Family carries out the message of eID certifications, and has adjusted the reader of the eID information that can be read in eID terminals;
EID data obtaining modules, are suitable to obtain the eID information that the reader reads from eID terminals;
EID authentification of message modules, are suitable to send the payment accounts and the eID information for obtaining to eID
Unified certification server carries out authentification of message;
Authentication result receiver module, is suitable to receive the authentication result that the eID unified certifications server is returned;
Authentication result respond module, is suitable to be determined whether to carry out follow-up payment behaviour according to the authentication result
Make.
10. device according to claim 9, wherein, also include:
EID information registering modules, are suitable to the payment accounts and its corresponding eID information are registered in advance extremely
The eID unified certifications server.
Priority Applications (1)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
CN201510813176.3A CN106779711A (en) | 2015-11-20 | 2015-11-20 | Safe payment method and device based on eID |
Applications Claiming Priority (1)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
CN201510813176.3A CN106779711A (en) | 2015-11-20 | 2015-11-20 | Safe payment method and device based on eID |
Publications (1)
Publication Number | Publication Date |
---|---|
CN106779711A true CN106779711A (en) | 2017-05-31 |
Family
ID=58886024
Family Applications (1)
Application Number | Title | Priority Date | Filing Date |
---|---|---|---|
CN201510813176.3A Pending CN106779711A (en) | 2015-11-20 | 2015-11-20 | Safe payment method and device based on eID |
Country Status (1)
Country | Link |
---|---|
CN (1) | CN106779711A (en) |
Cited By (4)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN109284999A (en) * | 2017-07-20 | 2019-01-29 | 上海方付通商务服务有限公司 | Business confirmation method and system based on mobile network's terminal |
CN109285004A (en) * | 2017-07-20 | 2019-01-29 | 上海方付通商务服务有限公司 | Business confirmation method and system based on mobile network's terminal |
CN110942566A (en) * | 2019-11-27 | 2020-03-31 | 中国银行股份有限公司 | Identity authentication method and related equipment |
CN111091387A (en) * | 2019-12-31 | 2020-05-01 | 中国银行股份有限公司 | Authentication method, device and system |
Citations (6)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN102932333A (en) * | 2012-10-07 | 2013-02-13 | 潘铁军 | Safety equipment with mobile payment function, system and method |
CN103150650A (en) * | 2011-12-07 | 2013-06-12 | 中兴通讯股份有限公司 | Processing method, mobile terminal and system for remote payment |
CN103259667A (en) * | 2013-06-07 | 2013-08-21 | 北京邮电大学 | Method and system for eID authentication on mobile terminal |
CN104574047A (en) * | 2015-01-21 | 2015-04-29 | 孙国华 | Financial IC card payment platform based on Internet |
CN104574080A (en) * | 2013-10-25 | 2015-04-29 | 腾讯科技(深圳)有限公司 | Safe payment method as well as related equipment and system |
CN104636916A (en) * | 2013-11-15 | 2015-05-20 | 腾讯科技(深圳)有限公司 | Mobile payment method and system and related equipment |
-
2015
- 2015-11-20 CN CN201510813176.3A patent/CN106779711A/en active Pending
Patent Citations (6)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN103150650A (en) * | 2011-12-07 | 2013-06-12 | 中兴通讯股份有限公司 | Processing method, mobile terminal and system for remote payment |
CN102932333A (en) * | 2012-10-07 | 2013-02-13 | 潘铁军 | Safety equipment with mobile payment function, system and method |
CN103259667A (en) * | 2013-06-07 | 2013-08-21 | 北京邮电大学 | Method and system for eID authentication on mobile terminal |
CN104574080A (en) * | 2013-10-25 | 2015-04-29 | 腾讯科技(深圳)有限公司 | Safe payment method as well as related equipment and system |
CN104636916A (en) * | 2013-11-15 | 2015-05-20 | 腾讯科技(深圳)有限公司 | Mobile payment method and system and related equipment |
CN104574047A (en) * | 2015-01-21 | 2015-04-29 | 孙国华 | Financial IC card payment platform based on Internet |
Cited By (5)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN109284999A (en) * | 2017-07-20 | 2019-01-29 | 上海方付通商务服务有限公司 | Business confirmation method and system based on mobile network's terminal |
CN109285004A (en) * | 2017-07-20 | 2019-01-29 | 上海方付通商务服务有限公司 | Business confirmation method and system based on mobile network's terminal |
CN110942566A (en) * | 2019-11-27 | 2020-03-31 | 中国银行股份有限公司 | Identity authentication method and related equipment |
CN110942566B (en) * | 2019-11-27 | 2022-10-21 | 中国银行股份有限公司 | Identity authentication method and related equipment |
CN111091387A (en) * | 2019-12-31 | 2020-05-01 | 中国银行股份有限公司 | Authentication method, device and system |
Similar Documents
Publication | Publication Date | Title |
---|---|---|
US9607298B2 (en) | System and method for providing secure data communication functionality to a variety of applications on a portable communication device | |
CN103259667B (en) | The method and system of eID authentication on mobile terminal | |
CN102737308B (en) | The method and system of a kind of mobile terminal and inquiry smart card information thereof | |
EP2487629B1 (en) | Secure smart poster | |
US9740847B2 (en) | Method and system for authenticating a user by means of an application | |
CN106233689B (en) | Method and apparatus for protecting mobile application | |
US20120123868A1 (en) | System and Method for Physical-World Based Dynamic Contactless Data Emulation in a Portable Communication Device | |
US20120159612A1 (en) | System for Storing One or More Passwords in a Secure Element | |
CN108886687B (en) | Managing scheduled credentials on an electronic device | |
CN104915829B (en) | Exchange method and device are applied based on NFC technique | |
CN101809977A (en) | Updating mobile devices with additional elements | |
CN107181714A (en) | Verification method and device, the generation method of service code and device based on service code | |
US20170357798A1 (en) | Removal of credentials from an electronic device | |
US20140258046A1 (en) | Method for managing a transaction | |
CN104778579A (en) | Induction payment method and device based on electronic identity recognition carrier | |
CN102238193A (en) | Data authentication method and system using same | |
CN103107888B (en) | The identity identifying method that the dynamic multi-attribute of facing moving terminal is multi-level | |
US20210374718A1 (en) | Ic card, processing method, and information processing system | |
CN106779711A (en) | Safe payment method and device based on eID | |
CN104754568A (en) | Identity recognition method and device based on NFC (Near Field Communication) | |
CN112308555A (en) | Remote transaction system, method and point-of-sale terminal | |
CN106779672A (en) | The method and device that mobile terminal safety pays | |
CN106776621A (en) | Generate the method and device of bill | |
CN106789839A (en) | The method and device that mobile terminal safety pays | |
CN109525395B (en) | Signature information transmission method and device, storage medium and electronic device |
Legal Events
Date | Code | Title | Description |
---|---|---|---|
PB01 | Publication | ||
PB01 | Publication | ||
SE01 | Entry into force of request for substantive examination | ||
SE01 | Entry into force of request for substantive examination | ||
RJ01 | Rejection of invention patent application after publication | ||
RJ01 | Rejection of invention patent application after publication |
Application publication date: 20170531 |