Nothing Special   »   [go: up one dir, main page]

CN106779711A - Safe payment method and device based on eID - Google Patents

Safe payment method and device based on eID Download PDF

Info

Publication number
CN106779711A
CN106779711A CN201510813176.3A CN201510813176A CN106779711A CN 106779711 A CN106779711 A CN 106779711A CN 201510813176 A CN201510813176 A CN 201510813176A CN 106779711 A CN106779711 A CN 106779711A
Authority
CN
China
Prior art keywords
eid
payment
information
server
certifications
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Pending
Application number
CN201510813176.3A
Other languages
Chinese (zh)
Inventor
王务志
王军
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
Beijing Qihoo Technology Co Ltd
Qizhi Software Beijing Co Ltd
Original Assignee
Beijing Qihoo Technology Co Ltd
Qizhi Software Beijing Co Ltd
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Beijing Qihoo Technology Co Ltd, Qizhi Software Beijing Co Ltd filed Critical Beijing Qihoo Technology Co Ltd
Priority to CN201510813176.3A priority Critical patent/CN106779711A/en
Publication of CN106779711A publication Critical patent/CN106779711A/en
Pending legal-status Critical Current

Links

Classifications

    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06QINFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES, NOT OTHERWISE PROVIDED FOR
    • G06Q20/00Payment architectures, schemes or protocols
    • G06Q20/38Payment protocols; Details thereof
    • G06Q20/40Authorisation, e.g. identification of payer or payee, verification of customer or shop credentials; Review and approval of payers, e.g. check credit lines or negative lists
    • G06Q20/401Transaction verification
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06QINFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES, NOT OTHERWISE PROVIDED FOR
    • G06Q20/00Payment architectures, schemes or protocols
    • G06Q20/30Payment architectures, schemes or protocols characterised by the use of specific devices or networks
    • G06Q20/32Payment architectures, schemes or protocols characterised by the use of specific devices or networks using wireless devices
    • G06Q20/327Short range or proximity payments by means of M-devices
    • G06Q20/3278RFID or NFC payments by means of M-devices
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06QINFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES, NOT OTHERWISE PROVIDED FOR
    • G06Q20/00Payment architectures, schemes or protocols
    • G06Q20/38Payment protocols; Details thereof
    • G06Q20/382Payment protocols; Details thereof insuring higher security of transaction

Landscapes

  • Business, Economics & Management (AREA)
  • Engineering & Computer Science (AREA)
  • Accounting & Taxation (AREA)
  • Strategic Management (AREA)
  • Physics & Mathematics (AREA)
  • General Business, Economics & Management (AREA)
  • General Physics & Mathematics (AREA)
  • Theoretical Computer Science (AREA)
  • Computer Security & Cryptography (AREA)
  • Finance (AREA)
  • Computer Networks & Wireless Communication (AREA)
  • Financial Or Insurance-Related Operations Such As Payment And Settlement (AREA)

Abstract

The invention provides a kind of safe payment method and device based on eID.The method includes:The payment request from user is received, Pay Bill is generated on the interface for paying class application;When user confirms to pay according to Pay Bill, generation prompting user carries out the message of eID certifications, and has adjusted the reader of the eID information that can be read in eID terminals;Obtain the eID information that reader reads from eID terminals;Payment accounts and the eID information for obtaining are sent to eID unified certifications server carries out authentification of message, and receives the authentication result of eID unified certifications server return;Determined whether to carry out follow-up delivery operation according to authentication result.The embodiment of the present invention realizes the physical isolation of eID information and internet using eID terminals, before delivery operation is carried out, secure payment certification can be carried out to payment accounts according to eID information, such that it is able to improve payment safety.

Description

Safe payment method and device based on eID
Technical field
The present invention relates to technical field of internet application, particularly a kind of safe payment method based on eID and Device.
Background technology
With the fast development of Internet technology, using smart mobile phone, panel computer, palm PC and shifting The user terminals such as dynamic internet device carry out on-line payment has turned into a kind of convenient, popular means of payment.
In actual applications, when user carries out on-line payment using user terminal, user is generally needed in user Payment cipher is manually entered in terminal, to complete on-line payment.In practice, it has been found that this means of payment is needed User is wanted to be manually entered payment cipher so that delivery operation is comparatively laborious, so as to reduce the effect of on-line payment Rate.Also, it is manually entered payment cipher and is easily caused payment cipher leakage, reduces payment safety.
The content of the invention
In view of the above problems, it is proposed that the present invention overcomes above mentioned problem or at least in part to provide one kind The safe payment method and corresponding device based on eID for solving the above problems.
According to an aspect of of the present present invention, there is provided a kind of safe payment method based on eID, it is applied to pay Class application, including:
The payment request from user is received, Pay Bill is generated on the interface of the payment class application, its In, payment accounts are at least included in the Pay Bill;
When user confirms to pay according to the Pay Bill, generation prompting user carries out the message of eID certifications, And adjusted the reader of the eID information that can be read in eID terminals;
Obtain the eID information that the reader reads from eID terminals;
The payment accounts and the eID information for obtaining are sent to eID unified certifications server and carry out letter Breath certification, and receive the authentication result that the eID unified certifications server is returned;
Determined whether to carry out follow-up delivery operation according to the authentication result.
Alternatively, methods described also includes:
By the payment accounts and its eID unified certifications service of corresponding eID information Device.
Alternatively, the payment accounts and its eID unifications of corresponding eID information are recognized Card server, including:
EID information registration requests are sent to the eID unified certifications server, wherein, the eID information Registration request includes the payment accounts;
The response message that the eID unified certifications server is returned is received, and has been adjusted and can be read eID terminals The reader of the eID information in carrier;
The eID information that the reader reads from eID terminals is sent to eID unified certifications clothes Business device, payment accounts and the eID letters for sending as described in the eID unified certifications server associated storage Breath.
Alternatively, methods described also includes:
If receiving that the eID unified certifications server is returned, the registered excessively described payment accounts of expression During message, then the prompt message of the registered excessively described payment accounts of user is pointed out in generation.
Alternatively, determined whether to carry out continuation payment operation according to the authentication result, including:
If the authentication result is the expression successful result of certification, it is determined that carry out follow-up delivery operation;
If the authentication result is the result for representing authentification failure, it is determined that do not carry out follow-up delivery operation.
Alternatively, methods described also includes:
When it is determined that carrying out follow-up delivery operation, the Pay Bill is sent to payment platform server, Delivery operation is carried out according to the Pay Bill by the payment platform server.
Alternatively, methods described also includes:
When it is determined that not carrying out follow-up delivery operation, then the unsanctioned prompt message of eID authentification of messages is generated, And it is prompted to user.
Alternatively, the eID terminals are the contactless eID cards based on NFC technique, the reading Device is taken for NFC unit.
According to another aspect of the present invention, a kind of secure payment device based on eID is additionally provided, be applied to Class application is paid, including:
Pay Bill generation module, is suitable to receive the payment request from user, in the payment class application Pay Bill is generated on interface, wherein, payment accounts are at least included in the Pay Bill;
Reader has adjusted module, is suitable to when user confirms to pay according to the Pay Bill, and generation prompting is used Family carries out the message of eID certifications, and has adjusted the reader of the eID information that can be read in eID terminals;
EID data obtaining modules, are suitable to obtain the eID information that the reader reads from eID terminals;
EID authentification of message modules, are suitable to send the payment accounts and the eID information for obtaining to eID Unified certification server carries out authentification of message;
Authentication result receiver module, is suitable to receive the authentication result that the eID unified certifications server is returned;
Authentication result respond module, is suitable to be determined whether to carry out follow-up payment behaviour according to the authentication result Make.
Alternatively, described device also includes:
EID information registering modules, are suitable to the payment accounts and its corresponding eID information are registered in advance extremely The eID unified certifications server.
Alternatively, the eID information registerings module is further adapted for:
EID information registration requests are sent to the eID unified certifications server, wherein, the eID information Registration request includes the payment accounts;
The response message that the eID unified certifications server is returned is received, and has been adjusted and can be read eID terminals The reader of the eID information in carrier;
The eID information that the reader reads from eID terminals is sent to eID unified certifications clothes Business device, payment accounts and the eID letters for sending as described in the eID unified certifications server associated storage Breath.
Alternatively, the eID information registerings module is further adapted for:
If receiving that the eID unified certifications server is returned, the registered excessively described payment accounts of expression During message, then the prompt message of the registered excessively described payment accounts of user is pointed out in generation.
Alternatively, the authentication result respond module is further adapted for:
If the authentication result is the expression successful result of certification, it is determined that carry out follow-up delivery operation;
If the authentication result is the result for representing authentification failure, it is determined that do not carry out follow-up delivery operation.
Alternatively, the authentication result respond module is further adapted for:
When it is determined that carrying out follow-up delivery operation, the Pay Bill is sent to payment platform server, Delivery operation is carried out according to the Pay Bill by the payment platform server.
Alternatively, the authentication result respond module is further adapted for:
When it is determined that not carrying out follow-up delivery operation, then the unsanctioned prompt message of eID authentification of messages is generated, And it is prompted to user.
Alternatively, the eID terminals are the contactless eID cards based on NFC technique, the reading Device is taken for NFC unit.
In the embodiment of the present invention, eID is network electronic identity, and eID is realized using eID terminals Information and the physical isolation of internet, before delivery operation is carried out, can pay a bill according to eID information to branch Number secure payment certification is carried out, such that it is able to improve payment safety.Also, the embodiment of the present invention is eliminated User is manually entered the troublesome operation that payment cipher brings, and such that it is able to simplify delivery operation, improves online branch The efficiency paid.
Described above is only the general introduction of technical solution of the present invention, in order to better understand technology of the invention Means, and being practiced according to the content of specification, and in order to allow above and other objects of the present invention, Feature and advantage can become apparent, below especially exemplified by specific embodiment of the invention.
According to the accompanying drawings to the detailed description of the specific embodiment of the invention, those skilled in the art will More understand of the invention above-mentioned and other purposes, advantages and features.
Brief description of the drawings
By reading the detailed description of hereafter preferred embodiment, various other advantages and benefit are for ability Domain those of ordinary skill will be clear understanding.Accompanying drawing is only used for showing the purpose of preferred embodiment, and simultaneously It is not considered as limitation of the present invention.And in whole accompanying drawing, identical is denoted by the same reference numerals Part.In the accompanying drawings:
Fig. 1 shows the flow chart of the safe payment method based on eID according to an embodiment of the invention;
Fig. 2 shows that branch of being registered in eID unified certification servers according to an embodiment of the invention is paid a bill Number method flow chart;
Fig. 3 shows the structural representation of the secure payment device based on eID according to an embodiment of the invention Figure;And
Fig. 4 shows that the structure of the secure payment device based on eID in accordance with another embodiment of the present invention is shown It is intended to.
Specific embodiment
The exemplary embodiment of the disclosure is more fully described below with reference to accompanying drawings.Although being shown in accompanying drawing The exemplary embodiment of the disclosure, it being understood, however, that may be realized in various forms the disclosure without should be by Embodiments set forth here is limited.Conversely, there is provided these embodiments are able to be best understood from this It is open, and can by the scope of the present disclosure it is complete convey to those skilled in the art.
Domestic network remote authentication at present commonly uses " association is compared " method, will user input The personal information such as " name+identification card number ", pass to backstage and the correctness of personal information compared to come Assert its identity." association is compared " method is primarily present Railway Project under the scene of large-scale application:(1) Personal information is compared and can not correctly represent my actual wishes, it is impossible to is taken precautions against personal identification and is falsely used or usurped Risk;(2) leakage of personal information is easily caused.Gather the network english teaching mechanism peace of personal information Full level differs, the risk more and more higher that personal information is revealed on a large scale.
In face of problem above, based on cryptographic technique, with intelligent and safe chip as carrier, by the " Ministry of Public Security Citizen's network identity identifying system " is signed and issued to eID (the Electronic Identity, network electronic body of citizen Part mark), online on the premise of identity information is not revealed identity can be remotely recognized, citizen can be met and existed Many security assurance requirements such as individual privacy, network trading and virtual assets.
EID can be in a string of electronic information of one user identity of cyberspace unique mark.EID systems according to The national citizenship information bank of support Ministry of Public Security covering, generates one group of unique network identifier and numeral is demonstrate,proved Book, it is ensured that the authenticity and uniqueness of user identity, at the same itself and do not include any personal identification privacy Information.EID related identification informations are created and management by unifying mechanism, so both ensure that the true of personal identification Reality, and it is possible to prevente effectively from exposed when subscriber identity information is carried at various Virtual network operators and revealed Risk.User can be avoided to frequently enter username and password using eID, ensureing identity security reliability On the premise of realize quick login and other trusted operations.
A kind of safe payment method based on eID is the embodiment of the invention provides, is applied to pay class application, The payment class application can be applied at user's end such as smart mobile phone, PC, panel computer, intelligent watch End.Fig. 1 shows the flow chart of the safe payment method based on eID according to an embodiment of the invention. As shown in figure 1, the method at least comprises the following steps S102 to step S110:
Step S102, receives the payment request from user, and generating branch on the interface for paying class application pays a bill It is single, wherein, payment accounts are at least included in the Pay Bill;
Step S104, when user confirms to pay according to Pay Bill, generation prompting user carries out eID certifications Message, and adjusted the reader of the eID information that can be read in eID terminals;
Step S106, obtains the eID information that reader reads from eID terminals;
Step S108, payment accounts and the eID information for obtaining are sent to eID unified certification servers Row information certification, and receive the authentication result of eID unified certifications server return;
Step S110, determines whether to carry out follow-up delivery operation according to authentication result.
In the embodiment of the present invention, eID is network electronic identity, and eID is realized using eID terminals Information and the physical isolation of internet, before delivery operation is carried out, can pay a bill according to eID information to branch Number secure payment certification is carried out, such that it is able to improve payment safety.Also, the embodiment of the present invention is eliminated User is manually entered the troublesome operation that payment cipher brings, and such that it is able to simplify delivery operation, improves online branch The efficiency paid.
In order to ensure secure and trusted, the personally identifiable information of user is not included in whole identifying procedure (such as Identity card, telephone number etc.), the transmitting procedure of authentication information also uses the encryption mechanism of dual key system.
The payment request referred in above step S102, can be that the payment initiated after user's order products please Ask, or user to good friend or other people transfer accounts initiation payment request, etc., the invention is not restricted to this. For example, user orders 100 yuan of product in service provider, after submitting product order to, in the order page of generation Upper input payment accounts, click on the payment button on the page, so as to initiate to pay request.Again for example, user Into the interface of transferring accounts for paying class application, button of transferring accounts is clicked at the interface of transferring accounts, initiate to pay request, entered And in the payment class bill of generation, user can be manually entered relevant information, such as payment accounts, payment gold Volume, beneficiary account etc..
In order to further improve the level of security of certification, having been adjusted in step S104 can read eID terminals load Before the reader of the eID information in body, the eID certification authorities of the payment class application can be judged, That is, determine whether the payment class application has the authority of eID certifications;If so, then operation has been adjusted in triggering execution. If conversely, authority of the payment class application without eID certifications, generates the payment class application without eID The prompt message of the authority of certification, will be prompted to information alert to user.
Further, when it is determined that whether the payment class application has the authority of eID certifications, the invention provides A kind of optional scheme, in this scenario, pre-sets an eID certification white lists, is set in the white list The payment class application of authority with eID certifications, can inquire about the payment in eID certification white lists Class application, if inquiring, it is determined that the payment class application has the authority of eID certifications;If not inquiring, Then determine authority of the payment class application without eID certifications.Here, eID certifications white list can pass through Local user is set or cloud server rogue program storehouse is updated.
In the optional scheme of another kind that the present invention is provided, it is determined that whether the payment class application has eID During the authority of certification, by eID unified certifications server or class application server can be paid determine, i.e., to EID unified certifications server or payment class application server send searches whether the payment class application has eID The request of the authority of certification, according to the lookup that eID unified certifications server or payment class application server are returned Result determines.
In embodiments of the present invention, before eID terminals are introduced, NFC (Near Field are introduced first Communication, near-field communication) technology.
NFC is a kind of short-distance wireless communication technology of standard, and it is based on RFID (Radio Frequency Identification, radio frequency identification) technology, combine non-contact inductive and wireless connection technology, energy Enough realize in short distance being identified compatible equipment and carrying out data exchange.NFC communication often is being initiated to set It is standby to be produced and target device between, intercoupled in the way of AC magnetic field between the two, and with ASK (Amplitude Shift Keying, amplitude-shift keying) mode or FSK (Frequency Shift Keying, Frequency shift keying) mode carries out carrier modulation, transmits data signal.Initiating equipment produces unlimited signal initial Change communication, target device then responds the order that initiating equipment sends, and select to be sent by initiating equipment or It is that the less radio-frequency magnetic field for voluntarily producing is communicated.
Communication between NFC is divided into active communication mode and passive communication mode, and active communication mode is 20 Centimetre, passive communication mode is 10 centimetres.Under aggressive mode, every equipment sends number to another equipment According to when, it is necessary to produce the radiofrequency field of oneself;And under Passive Mode, NFC initiating equipments communicated entirely Radiofrequency field is provided in journey.Because NFC communication is the point-to-point communication of minimum distance, transmission can be avoided Information is monitored or altered, its security mechanism can also by encryption, decryption system to ensure mobile device between Secure communication.Also, NFC processing speeds are very fast, from detection mobile device, identity validation to data Access only need the time of 0.1 second to be capable of achieving.NFC is compatible with existing contactless smart card technology, mesh Before have become and obtain the official standard that more and more leading firms support.
The eID terminals that above step S104 is referred to can be the contactless eID based on NFC technique Card, then reader is NFC unit.In step s 106, can be with direct access NFC unit from eID Block the eID information for reading.
Further, NFC unit reads the eID information in the contactless eID cards based on NFC technique, And then eID information is obtained from NFC unit, now, the prompting of input PIN is required to user's display, and The correctness of the PIN of preliminary identification user input, if the continuous n times of user (e.g., 3 is inferior) input is wrong PIN, then lock the function of corresponding eID cards by mistake, after PIN is verified, the eID letters that will be obtained Breath sends to eID unified certifications server and carries out authentification of message.In such manner, it is possible to solve eID cards loss may The problem of the eID information leakages for causing.
EID cards can include information storage module, three modules of message processing module and information communication module, Wherein, information storage module by the personal unique eID certificates of the memory storage on piece, private key and PIN (Personal Identification Number, PIN) etc., and not comprising any identity letter Breath (such as ID card information, telephone number), does not result in the leakage of personal information.Due to storing these Space needed for information is smaller (such as 512KB-1024KB), the NFC chip that can write direct itself On-chip memory in.
Message processing module, can include encryption chip and CPU, in passive power supply, before transmission information The content stored on piece is encrypted using specific cryptographic algorithm, enciphering rate is fast, facilitates eID cards Safety storage and convenient use.The Encryption Decryption module that directly can also be provided using NFC chip is added It is close.EID cards based on NFC technique are a reading mode, are identified using specific label, and user can not change Its content.
Information communication module, can include NFC chip and antenna, and antenna is except for transmitting corresponding data Outward, while receiving the radiofrequency field of the NFC device generation of mobile terminal for digital processing is powered, it is ensured that eID The complete procedure of the encryption of information and NFC communication unit transmitting and receiving datas on card.
User only needs to card is placed near mobile phone (within 10 centimetres) several seconds when using eID cards The characteristics such as the reading of eID information, the distinctive safe and efficient convenience of NFC near-field communications can be completed and ensure that use Experience at family.
Additionally, in the embodiment of the present invention, paying class application can apply in the user terminals such as PC, eID Terminals can be USB flash disk, then reader is the USB flash disk driver on the user terminals such as PC.
In an embodiment of the present invention, step S108 by payment accounts and obtain eID information send to , it is necessary to by payment accounts and its corresponding eID information before eID unified certifications server carries out authentification of message It is registered in advance to eID unified certification servers.Fig. 2 shows according to an embodiment of the invention in eID The flow chart of the method for payment accounts is registered in unified certification server.As shown in Fig. 2 the method is at least wrapped Include following steps S202 to step S206:
Step S202, sends eID information registration requests to eID unified certification servers, wherein, the eID Information registration request includes payment accounts;
Step S204, receives the response message that eID unified certifications server is returned, and adjusted and can read The reader of the eID information in eID terminals;
Step S206, the eID information that reader reads from eID terminals is sent to eID unifications and is recognized Card server, by eID unified certifications server associated storage payment accounts and the eID information for sending.
In step S204, after eID unified certification servers receive eID information registration requests, according to Payment accounts in request search whether to have registered, if unregistered, to user's end where payment class application End returns to response message;If registered, the registered mistake of expression is returned to user terminal where class application is paid The message of payment accounts, now, user terminal where paying class application receives eID unified certification servers Return, represent it is registered cross payment accounts message when, then generation prompting user it is registered cross payment accounts Prompt message.
Determined whether to carry out follow-up delivery operation according to authentication result in step s 110, the present invention is provided A kind of optional scheme, in this scenario, if authentication result is to represent certification successful result, it is determined that Carry out follow-up delivery operation;If conversely, authentication result is the result for representing authentification failure, it is determined that do not enter The follow-up delivery operation of row.Further, when it is determined that carrying out follow-up delivery operation, can be by Pay Bill Payment platform server is sent to, delivery operation is carried out according to Pay Bill by payment platform server.True When determining not carry out follow-up delivery operation, then the unsanctioned prompt message of eID authentification of messages is generated, and point out To user.
Based on the safe payment method based on eID that each embodiment above is discussed in detail, based on same invention Design, the embodiment of the present invention additionally provides a kind of secure payment device based on eID.
Fig. 3 shows the structural representation of the secure payment device based on eID according to an embodiment of the invention Figure.As shown in figure 3, the device 300 can at least be adjusted including Pay Bill generation module 310, reader Play module 320, eID data obtaining modules 330, eID authentification of messages module 340, authentication result and receive mould Block 350 and authentication result respond module 360.
Now introduce each composition or the work(of device of the secure payment device 300 based on eID of the embodiment of the present invention Annexation between energy and each several part:
Pay Bill generation module 310, is suitable to receive the payment request from user, is paying class application Pay Bill is generated on interface, wherein, payment accounts are at least included in Pay Bill;
Reader has adjusted module 320, is coupled with Pay Bill generation module 310, be suitable to when user according to When Pay Bill confirms to pay, generation prompting user carries out the message of eID certifications, and has adjusted and can read eID The reader of the eID information in terminals;
EID data obtaining modules 330, have adjusted module 320 to be coupled with reader, are suitable to obtain reader From the eID information that eID terminals read;
EID authentification of messages module 340, is coupled with eID data obtaining modules 330, is suitable to pay a bill branch Number and the eID information that obtains send to eID unified certifications server and carry out authentification of message;
Authentication result receiver module 350, is coupled with eID authentification of messages module 340, is suitable to receive eID The authentication result that unified certification server is returned;
Authentication result respond module 360, is coupled with authentication result receiver module 350, is suitable to according to certification Result determines whether to carry out follow-up delivery operation.
In an embodiment of the present invention, the payment request that Pay Bill generation module 310 is received, can use After the order products of family initiate payment request, or user to good friend or other people transfer accounts initiation payment please Ask, etc., the invention is not restricted to this.For example, user orders 100 yuan of product in service provider, submit to and produce After product order, payment accounts are input on the order page of generation, click on the payment button on the page, so that Initiate to pay request.Again for example, user enters the interface of transferring accounts for paying class application, clicked at the interface of transferring accounts Transfer accounts button, initiate to pay request, and then in the payment class bill of generation, user can be manually entered phase Pass information, such as payment accounts, payment, beneficiary account.
In order to further improve the level of security of certification, having adjusted module 320 to adjust in reader can read Before the reader of the eID information in eID terminals, the eID certifications of the payment class application can be weighed Limit is judged, i.e. determine whether the payment class application has the authority of eID certifications;If so, then triggering Operation has been adjusted in execution.If conversely, authority of the payment class application without eID certifications, generates the payment The prompt message of authority of the class application without eID certifications, will be prompted to information alert to user.
Further, when it is determined that whether the payment class application has the authority of eID certifications, the invention provides A kind of optional scheme, in this scenario, pre-sets an eID certification white lists, is set in the white list The payment class application of authority with eID certifications, can inquire about the payment in eID certification white lists Class application, if inquiring, it is determined that the payment class application has the authority of eID certifications;If not inquiring, Then determine authority of the payment class application without eID certifications.Here, eID certifications white list can pass through Local user is set or cloud server rogue program storehouse is updated.
In the optional scheme of another kind that the present invention is provided, it is determined that whether the payment class application has eID During the authority of certification, by eID unified certifications server or class application server can be paid determine, i.e., to EID unified certifications server or payment class application server send searches whether the payment class application has eID The request of the authority of certification, according to the lookup that eID unified certifications server or payment class application server are returned Result determines.
In an embodiment of the present invention, as shown in figure 4, the device of Fig. 3 displayings can also include:
EID information registerings module 370, is coupled with eID authentification of messages module 340, is suitable to pay a bill branch Number and its corresponding eID information it is registered in advance to eID unified certification servers.
In an embodiment of the present invention, eID information registerings module 370 is further adapted for:
EID information registration requests are sent to eID unified certification servers, wherein, eID information registration requests Include payment accounts;
The response message that eID unified certifications servers is returned is received, and has been adjusted and can be read eID terminals In eID information reader;
The eID information that reader reads from eID terminals is sent to eID unified certification servers, by EID unified certifications server associated storage payment accounts and the eID information for sending.
In an embodiment of the present invention, after eID unified certifications server receives eID information registration requests, Payment accounts in request search whether to have registered, if unregistered, are used to class application place is paid Family terminal returns to response message;If registered, noted to user terminal return expression where class application is paid Volume crosses the message of payment accounts, and now, user terminal where paying class application receives eID unified certifications clothes Business device return, represent it is registered cross payment accounts message when, then generation prompting user it is registered cross pay The prompt message of account.
In an embodiment of the present invention, eID information registerings module 370 is further adapted for:
If receive the return of eID unified certifications server, the registered mistake payment accounts of expression message, User is pointed out in then generation the registered prompt message for crossing payment accounts.
In an embodiment of the present invention, authentication result respond module 360 is further adapted for:
If authentication result is the expression successful result of certification, it is determined that carry out follow-up delivery operation;
If authentication result is the result for representing authentification failure, it is determined that do not carry out follow-up delivery operation.
In an embodiment of the present invention, authentication result respond module 360 is further adapted for:
When it is determined that carrying out follow-up delivery operation, Pay Bill is sent to payment platform server, by propping up Pay Platform Server carries out delivery operation according to Pay Bill.
In an embodiment of the present invention, authentication result respond module 360 is further adapted for:
When it is determined that not carrying out follow-up delivery operation, then the unsanctioned prompt message of eID authentification of messages is generated, And it is prompted to user.
In an embodiment of the present invention, eID terminals are the contactless eID cards based on NFC technique, Reader is NFC unit.Introduction on NFC technique and eID cards may refer to above, herein not Repeat again.
User only needs to card is placed near mobile phone (within 10 centimetres) several seconds when using eID cards The characteristics such as the reading of eID information, the distinctive safe and efficient convenience of NFC near-field communications can be completed and ensure that use Experience at family.
Additionally, in the embodiment of the present invention, paying class application can apply in the user terminals such as PC, eID Terminals can be USB flash disk, then reader is the USB flash disk driver on the user terminals such as PC.
According to the combination of above-mentioned any one preferred embodiment or multiple preferred embodiments, embodiment of the present invention energy Enough reach following beneficial effect:
In the embodiment of the present invention, eID is network electronic identity, and eID is realized using eID terminals Information and the physical isolation of internet, before delivery operation is carried out, can pay a bill according to eID information to branch Number secure payment certification is carried out, such that it is able to improve payment safety.Also, the embodiment of the present invention is eliminated User is manually entered the troublesome operation that payment cipher brings, and such that it is able to simplify delivery operation, improves online branch The efficiency paid.
Further, the eID information of embodiment of the present invention transmission does not include personal information, does not result in personal letter The leakage of breath.Also, NFC technique is used, the applicable situation of eID authentications has been expanded.Additionally, The certification of the embodiment of the present invention is carried out by eID unified certifications server, it is therefore prevented that browser rs cache cookies (cookie) is stolen, and improves the security of certification.
In specification mentioned herein, numerous specific details are set forth.It is to be appreciated, however, that this hair Bright embodiment can be put into practice in the case of without these details.In some instances, not in detail Known method, structure and technology are shown, so as not to obscure the understanding of this description.
Similarly, it will be appreciated that in order to simplify the disclosure and help understand one in each inventive aspect or Multiple, in above to the description of exemplary embodiment of the invention, each feature of the invention is sometimes by one Rise and be grouped into single embodiment, figure or descriptions thereof.However, should not be by the method for the disclosure It is construed to reflect following intention:I.e. the present invention for required protection requirement ratio institute in each claim is clear and definite The more features of feature of record.More precisely, as the following claims reflect, hair Bright aspect is all features less than single embodiment disclosed above.Therefore, it then follows specific embodiment Claims be thus expressly incorporated in the specific embodiment, wherein each claim conduct in itself Separate embodiments of the invention.
Those skilled in the art be appreciated that the module in the equipment in embodiment can be carried out it is adaptive Change to answering property and they are arranged in one or more equipment different from the embodiment.Can be reality Apply module or unit or component in example and be combined into a module or unit or component, and in addition can be it Be divided into multiple submodule or subelement or sub-component.Except in such feature and/or process or unit It is at least some exclude each other outside, can using any combinations to this specification (including adjoint right will Ask, make a summary and accompanying drawing) disclosed in all features and so disclosed any method or equipment it is all Process or unit are combined.Unless expressly stated otherwise, this specification (including adjoint claim, Summary and accompanying drawing) disclosed in each feature can or similar purpose identical, equivalent by offer alternative features To replace.
Although additionally, it will be appreciated by those of skill in the art that some embodiments described herein include other Some included features are rather than further feature, but the combination meaning of the feature of different embodiments in embodiment Taste and is within the scope of the present invention and is formed different embodiments.For example, in detail in the claims, The one of any of embodiment required for protection mode can use in any combination.
All parts embodiment of the invention can realize with hardware, or with one or more processor The software module of upper operation is realized, or is realized with combinations thereof.It will be understood by those of skill in the art that Can be realized using microprocessor or digital signal processor (DSP) in practice according to of the invention real Apply some or all functions of some or all parts in the secure payment device based on eID of example. The present invention be also implemented as some or all equipment for performing method as described herein or Person's program of device (for example, computer program and computer program product).It is such to realize journey of the invention Sequence can be stored on a computer-readable medium, or can have the form of one or more signal.This The signal of sample can be downloaded from internet website and obtained, or be provided on carrier signal, or with any Other forms are provided.
It should be noted that above-described embodiment the present invention will be described rather than limiting the invention, and And those skilled in the art can design replacement implementation without departing from the scope of the appended claims Example.In the claims, any reference symbol being located between bracket should not be configured to claim Limitation.Word "comprising" does not exclude the presence of element or step not listed in the claims.Positioned at element it Preceding word "a" or "an" does not exclude the presence of element as multiple.The present invention can be by means of bag Include the hardware of some different elements and realized by means of properly programmed computer.It is some listing In the unit claim of device, several in these devices can be come specific by same hardware branch Embody.The use of word first, second, and third does not indicate that any order.Can be by these word solutions It is interpreted as title.
So far, although those skilled in the art will appreciate that herein it is detailed have shown and described it is of the invention Multiple exemplary embodiments, but, without departing from the spirit and scope of the present invention, still can be according to this Disclosure of invention directly determines or derives many other variations or modifications for meeting the principle of the invention.Cause This, the scope of the invention should be understood and defined as covering all these other variations or modifications.
The embodiment of the invention also discloses:A1, a kind of safe payment method based on eID, are applied to pay Class application, including:
The payment request from user is received, Pay Bill is generated on the interface of the payment class application, its In, payment accounts are at least included in the Pay Bill;
When user confirms to pay according to the Pay Bill, generation prompting user carries out the message of eID certifications, And adjusted the reader of the eID information that can be read in eID terminals;
Obtain the eID information that the reader reads from eID terminals;
The payment accounts and the eID information for obtaining are sent to eID unified certifications server and carry out letter Breath certification, and receive the authentication result that the eID unified certifications server is returned;
Determined whether to carry out follow-up delivery operation according to the authentication result.
A2, the method according to A1, wherein, also include:
By the payment accounts and its eID unified certifications service of corresponding eID information Device.
A3, the method according to A2, wherein, the payment accounts and its corresponding eID information are pre- The eID unified certifications server is first registered to, including:
EID information registration requests are sent to the eID unified certifications server, wherein, the eID information Registration request includes the payment accounts;
The response message that the eID unified certifications server is returned is received, and has been adjusted and can be read eID terminals The reader of the eID information in carrier;
The eID information that the reader reads from eID terminals is sent to eID unified certifications clothes Business device, payment accounts and the eID letters for sending as described in the eID unified certifications server associated storage Breath.
A4, the method according to A3, wherein, also include:
If receiving that the eID unified certifications server is returned, the registered excessively described payment accounts of expression During message, then the prompt message of the registered excessively described payment accounts of user is pointed out in generation.
A5, the method according to any one of A1-A4, wherein, determined whether according to the authentication result Continuation payment operation is carried out, including:
If the authentication result is the expression successful result of certification, it is determined that carry out follow-up delivery operation;
If the authentication result is the result for representing authentification failure, it is determined that do not carry out follow-up delivery operation.
A6, the method according to A5, wherein, also include:
When it is determined that carrying out follow-up delivery operation, the Pay Bill is sent to payment platform server, Delivery operation is carried out according to the Pay Bill by the payment platform server.
A7, the method according to A5 or A6, wherein, also include:
When it is determined that not carrying out follow-up delivery operation, then the unsanctioned prompt message of eID authentification of messages is generated, And it is prompted to user.
A8, the method according to any one of A1-A7, wherein, the eID terminals are based on NFC The contactless eID cards of technology, the reader is NFC unit.
B9, a kind of secure payment device based on eID, are applied to pay class application, including:
Pay Bill generation module, is suitable to receive the payment request from user, in the payment class application Pay Bill is generated on interface, wherein, payment accounts are at least included in the Pay Bill;
Reader has adjusted module, is suitable to when user confirms to pay according to the Pay Bill, and generation prompting is used Family carries out the message of eID certifications, and has adjusted the reader of the eID information that can be read in eID terminals;
EID data obtaining modules, are suitable to obtain the eID information that the reader reads from eID terminals;
EID authentification of message modules, are suitable to send the payment accounts and the eID information for obtaining to eID Unified certification server carries out authentification of message;
Authentication result receiver module, is suitable to receive the authentication result that the eID unified certifications server is returned;
Authentication result respond module, is suitable to be determined whether to carry out follow-up payment behaviour according to the authentication result Make.
B10, the device according to B9, wherein, also include:
EID information registering modules, are suitable to the payment accounts and its corresponding eID information are registered in advance extremely The eID unified certifications server.
B11, the device according to B10, wherein, the eID information registerings module is further adapted for:
EID information registration requests are sent to the eID unified certifications server, wherein, the eID information Registration request includes the payment accounts;
The response message that the eID unified certifications server is returned is received, and has been adjusted and can be read eID terminals The reader of the eID information in carrier;
The eID information that the reader reads from eID terminals is sent to eID unified certifications clothes Business device, payment accounts and the eID letters for sending as described in the eID unified certifications server associated storage Breath.
B12, the device according to B11, wherein, the eID information registerings module is further adapted for:
If receiving that the eID unified certifications server is returned, the registered excessively described payment accounts of expression During message, then the prompt message of the registered excessively described payment accounts of user is pointed out in generation.
B13, the device according to any one of B9-B12, wherein, the authentication result respond module is also fitted In:
If the authentication result is the expression successful result of certification, it is determined that carry out follow-up delivery operation;
If the authentication result is the result for representing authentification failure, it is determined that do not carry out follow-up delivery operation.
B14, the device according to B13, wherein, the authentication result respond module is further adapted for:
When it is determined that carrying out follow-up delivery operation, the Pay Bill is sent to payment platform server, Delivery operation is carried out according to the Pay Bill by the payment platform server.
B15, the device according to B13 or B14, wherein, the authentication result respond module is further adapted for:
When it is determined that not carrying out follow-up delivery operation, then the unsanctioned prompt message of eID authentification of messages is generated, And it is prompted to user.
B16, the device according to any one of B9-B15, wherein, the eID terminals be based on The contactless eID cards of NFC technique, the reader is NFC unit.

Claims (10)

1. a kind of safe payment method based on eID, is applied to pay class application, including:
The payment request from user is received, Pay Bill is generated on the interface of the payment class application, its In, payment accounts are at least included in the Pay Bill;
When user confirms to pay according to the Pay Bill, generation prompting user carries out the message of eID certifications, And adjusted the reader of the eID information that can be read in eID terminals;
Obtain the eID information that the reader reads from eID terminals;
The payment accounts and the eID information for obtaining are sent to eID unified certifications server and carry out letter Breath certification, and receive the authentication result that the eID unified certifications server is returned;
Determined whether to carry out follow-up delivery operation according to the authentication result.
2. method according to claim 1, wherein, also include:
By the payment accounts and its eID unified certifications service of corresponding eID information Device.
3. method according to claim 2, wherein, by the payment accounts and its corresponding eID The information eID unified certifications server, including:
EID information registration requests are sent to the eID unified certifications server, wherein, the eID information Registration request includes the payment accounts;
The response message that the eID unified certifications server is returned is received, and has been adjusted and can be read eID terminals The reader of the eID information in carrier;
The eID information that the reader reads from eID terminals is sent to eID unified certifications clothes Business device, payment accounts and the eID letters for sending as described in the eID unified certifications server associated storage Breath.
4. method according to claim 3, wherein, also include:
If receiving that the eID unified certifications server is returned, the registered excessively described payment accounts of expression During message, then the prompt message of the registered excessively described payment accounts of user is pointed out in generation.
5. the method according to claim any one of 1-4, wherein, determined according to the authentication result be It is no to carry out continuation payment operation, including:
If the authentication result is the expression successful result of certification, it is determined that carry out follow-up delivery operation;
If the authentication result is the result for representing authentification failure, it is determined that do not carry out follow-up delivery operation.
6. method according to claim 5, wherein, also include:
When it is determined that carrying out follow-up delivery operation, the Pay Bill is sent to payment platform server, Delivery operation is carried out according to the Pay Bill by the payment platform server.
7. the method according to claim 5 or 6, wherein, also include:
When it is determined that not carrying out follow-up delivery operation, then the unsanctioned prompt message of eID authentification of messages is generated, And it is prompted to user.
8. the method according to claim any one of 1-7, wherein, the eID terminals be based on The contactless eID cards of NFC technique, the reader is NFC unit.
9. a kind of secure payment device based on eID, is applied to pay class application, including:
Pay Bill generation module, is suitable to receive the payment request from user, in the payment class application Pay Bill is generated on interface, wherein, payment accounts are at least included in the Pay Bill;
Reader has adjusted module, is suitable to when user confirms to pay according to the Pay Bill, and generation prompting is used Family carries out the message of eID certifications, and has adjusted the reader of the eID information that can be read in eID terminals;
EID data obtaining modules, are suitable to obtain the eID information that the reader reads from eID terminals;
EID authentification of message modules, are suitable to send the payment accounts and the eID information for obtaining to eID Unified certification server carries out authentification of message;
Authentication result receiver module, is suitable to receive the authentication result that the eID unified certifications server is returned;
Authentication result respond module, is suitable to be determined whether to carry out follow-up payment behaviour according to the authentication result Make.
10. device according to claim 9, wherein, also include:
EID information registering modules, are suitable to the payment accounts and its corresponding eID information are registered in advance extremely The eID unified certifications server.
CN201510813176.3A 2015-11-20 2015-11-20 Safe payment method and device based on eID Pending CN106779711A (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
CN201510813176.3A CN106779711A (en) 2015-11-20 2015-11-20 Safe payment method and device based on eID

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
CN201510813176.3A CN106779711A (en) 2015-11-20 2015-11-20 Safe payment method and device based on eID

Publications (1)

Publication Number Publication Date
CN106779711A true CN106779711A (en) 2017-05-31

Family

ID=58886024

Family Applications (1)

Application Number Title Priority Date Filing Date
CN201510813176.3A Pending CN106779711A (en) 2015-11-20 2015-11-20 Safe payment method and device based on eID

Country Status (1)

Country Link
CN (1) CN106779711A (en)

Cited By (4)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN109284999A (en) * 2017-07-20 2019-01-29 上海方付通商务服务有限公司 Business confirmation method and system based on mobile network's terminal
CN109285004A (en) * 2017-07-20 2019-01-29 上海方付通商务服务有限公司 Business confirmation method and system based on mobile network's terminal
CN110942566A (en) * 2019-11-27 2020-03-31 中国银行股份有限公司 Identity authentication method and related equipment
CN111091387A (en) * 2019-12-31 2020-05-01 中国银行股份有限公司 Authentication method, device and system

Citations (6)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN102932333A (en) * 2012-10-07 2013-02-13 潘铁军 Safety equipment with mobile payment function, system and method
CN103150650A (en) * 2011-12-07 2013-06-12 中兴通讯股份有限公司 Processing method, mobile terminal and system for remote payment
CN103259667A (en) * 2013-06-07 2013-08-21 北京邮电大学 Method and system for eID authentication on mobile terminal
CN104574047A (en) * 2015-01-21 2015-04-29 孙国华 Financial IC card payment platform based on Internet
CN104574080A (en) * 2013-10-25 2015-04-29 腾讯科技(深圳)有限公司 Safe payment method as well as related equipment and system
CN104636916A (en) * 2013-11-15 2015-05-20 腾讯科技(深圳)有限公司 Mobile payment method and system and related equipment

Patent Citations (6)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN103150650A (en) * 2011-12-07 2013-06-12 中兴通讯股份有限公司 Processing method, mobile terminal and system for remote payment
CN102932333A (en) * 2012-10-07 2013-02-13 潘铁军 Safety equipment with mobile payment function, system and method
CN103259667A (en) * 2013-06-07 2013-08-21 北京邮电大学 Method and system for eID authentication on mobile terminal
CN104574080A (en) * 2013-10-25 2015-04-29 腾讯科技(深圳)有限公司 Safe payment method as well as related equipment and system
CN104636916A (en) * 2013-11-15 2015-05-20 腾讯科技(深圳)有限公司 Mobile payment method and system and related equipment
CN104574047A (en) * 2015-01-21 2015-04-29 孙国华 Financial IC card payment platform based on Internet

Cited By (5)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN109284999A (en) * 2017-07-20 2019-01-29 上海方付通商务服务有限公司 Business confirmation method and system based on mobile network's terminal
CN109285004A (en) * 2017-07-20 2019-01-29 上海方付通商务服务有限公司 Business confirmation method and system based on mobile network's terminal
CN110942566A (en) * 2019-11-27 2020-03-31 中国银行股份有限公司 Identity authentication method and related equipment
CN110942566B (en) * 2019-11-27 2022-10-21 中国银行股份有限公司 Identity authentication method and related equipment
CN111091387A (en) * 2019-12-31 2020-05-01 中国银行股份有限公司 Authentication method, device and system

Similar Documents

Publication Publication Date Title
US9607298B2 (en) System and method for providing secure data communication functionality to a variety of applications on a portable communication device
CN103259667B (en) The method and system of eID authentication on mobile terminal
CN102737308B (en) The method and system of a kind of mobile terminal and inquiry smart card information thereof
EP2487629B1 (en) Secure smart poster
US9740847B2 (en) Method and system for authenticating a user by means of an application
CN106233689B (en) Method and apparatus for protecting mobile application
US20120123868A1 (en) System and Method for Physical-World Based Dynamic Contactless Data Emulation in a Portable Communication Device
US20120159612A1 (en) System for Storing One or More Passwords in a Secure Element
CN108886687B (en) Managing scheduled credentials on an electronic device
CN104915829B (en) Exchange method and device are applied based on NFC technique
CN101809977A (en) Updating mobile devices with additional elements
CN107181714A (en) Verification method and device, the generation method of service code and device based on service code
US20170357798A1 (en) Removal of credentials from an electronic device
US20140258046A1 (en) Method for managing a transaction
CN104778579A (en) Induction payment method and device based on electronic identity recognition carrier
CN102238193A (en) Data authentication method and system using same
CN103107888B (en) The identity identifying method that the dynamic multi-attribute of facing moving terminal is multi-level
US20210374718A1 (en) Ic card, processing method, and information processing system
CN106779711A (en) Safe payment method and device based on eID
CN104754568A (en) Identity recognition method and device based on NFC (Near Field Communication)
CN112308555A (en) Remote transaction system, method and point-of-sale terminal
CN106779672A (en) The method and device that mobile terminal safety pays
CN106776621A (en) Generate the method and device of bill
CN106789839A (en) The method and device that mobile terminal safety pays
CN109525395B (en) Signature information transmission method and device, storage medium and electronic device

Legal Events

Date Code Title Description
PB01 Publication
PB01 Publication
SE01 Entry into force of request for substantive examination
SE01 Entry into force of request for substantive examination
RJ01 Rejection of invention patent application after publication
RJ01 Rejection of invention patent application after publication

Application publication date: 20170531