CN112200530B - Distributed collaborative authentication design method based on trusted exhibition industry equipment - Google Patents
Distributed collaborative authentication design method based on trusted exhibition industry equipment Download PDFInfo
- Publication number
- CN112200530B CN112200530B CN202010947712.XA CN202010947712A CN112200530B CN 112200530 B CN112200530 B CN 112200530B CN 202010947712 A CN202010947712 A CN 202010947712A CN 112200530 B CN112200530 B CN 112200530B
- Authority
- CN
- China
- Prior art keywords
- trusted
- equipment
- merchant
- exhibition
- information
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Active
Links
- 238000000034 method Methods 0.000 title claims abstract description 40
- 238000013461 design Methods 0.000 title claims abstract description 24
- 238000012795 verification Methods 0.000 claims abstract description 75
- 238000007689 inspection Methods 0.000 claims abstract description 54
- 238000013475 authorization Methods 0.000 claims abstract description 8
- 230000000007 visual effect Effects 0.000 claims abstract description 7
- 238000004891 communication Methods 0.000 claims description 17
- 238000005516 engineering process Methods 0.000 claims description 15
- 239000003795 chemical substances by application Substances 0.000 claims description 10
- 230000006870 function Effects 0.000 claims description 10
- 230000008569 process Effects 0.000 claims description 9
- 230000005540 biological transmission Effects 0.000 claims description 8
- 238000012790 confirmation Methods 0.000 claims description 7
- 230000000977 initiatory effect Effects 0.000 claims description 6
- XLYOFNOQVPJJNP-UHFFFAOYSA-N water Substances O XLYOFNOQVPJJNP-UHFFFAOYSA-N 0.000 claims description 6
- 210000001747 pupil Anatomy 0.000 claims description 2
- 230000007246 mechanism Effects 0.000 abstract description 9
- 238000007726 management method Methods 0.000 description 11
- 230000004048 modification Effects 0.000 description 4
- 238000012986 modification Methods 0.000 description 4
- 238000012015 optical character recognition Methods 0.000 description 4
- 230000008901 benefit Effects 0.000 description 3
- 238000011161 development Methods 0.000 description 3
- 230000006872 improvement Effects 0.000 description 3
- 238000012550 audit Methods 0.000 description 2
- 230000007547 defect Effects 0.000 description 2
- 238000010586 diagram Methods 0.000 description 2
- 230000003993 interaction Effects 0.000 description 2
- 239000000047 product Substances 0.000 description 2
- 238000012954 risk control Methods 0.000 description 2
- 230000011664 signaling Effects 0.000 description 2
- 230000009466 transformation Effects 0.000 description 2
- 241000565357 Fraxinus nigra Species 0.000 description 1
- 230000001419 dependent effect Effects 0.000 description 1
- 230000003828 downregulation Effects 0.000 description 1
- 238000013210 evaluation model Methods 0.000 description 1
- 230000002349 favourable effect Effects 0.000 description 1
- 230000036541 health Effects 0.000 description 1
- 238000004519 manufacturing process Methods 0.000 description 1
- 238000012544 monitoring process Methods 0.000 description 1
- 230000008520 organization Effects 0.000 description 1
- 230000008447 perception Effects 0.000 description 1
- 230000002265 prevention Effects 0.000 description 1
- 230000009467 reduction Effects 0.000 description 1
- 239000013589 supplement Substances 0.000 description 1
Classifications
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06Q—INFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES, NOT OTHERWISE PROVIDED FOR
- G06Q10/00—Administration; Management
- G06Q10/10—Office automation; Time management
- G06Q10/103—Workflow collaboration or project management
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06Q—INFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES, NOT OTHERWISE PROVIDED FOR
- G06Q30/00—Commerce
- G06Q30/018—Certifying business or products
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/08—Network architectures or network communication protocols for network security for authentication of entities
- H04L63/0861—Network architectures or network communication protocols for network security for authentication of entities using biometrical features, e.g. fingerprint, retina-scan
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/08—Network architectures or network communication protocols for network security for authentication of entities
- H04L63/0876—Network architectures or network communication protocols for network security for authentication of entities based on the identity of the terminal or configuration, e.g. MAC address, hardware or software configuration or device fingerprint
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04N—PICTORIAL COMMUNICATION, e.g. TELEVISION
- H04N7/00—Television systems
- H04N7/14—Systems for two-way working
- H04N7/141—Systems for two-way working between two video terminals, e.g. videophone
-
- Y—GENERAL TAGGING OF NEW TECHNOLOGICAL DEVELOPMENTS; GENERAL TAGGING OF CROSS-SECTIONAL TECHNOLOGIES SPANNING OVER SEVERAL SECTIONS OF THE IPC; TECHNICAL SUBJECTS COVERED BY FORMER USPC CROSS-REFERENCE ART COLLECTIONS [XRACs] AND DIGESTS
- Y02—TECHNOLOGIES OR APPLICATIONS FOR MITIGATION OR ADAPTATION AGAINST CLIMATE CHANGE
- Y02D—CLIMATE CHANGE MITIGATION TECHNOLOGIES IN INFORMATION AND COMMUNICATION TECHNOLOGIES [ICT], I.E. INFORMATION AND COMMUNICATION TECHNOLOGIES AIMING AT THE REDUCTION OF THEIR OWN ENERGY USE
- Y02D30/00—Reducing energy consumption in communication networks
- Y02D30/70—Reducing energy consumption in communication networks in wireless communication networks
Landscapes
- Engineering & Computer Science (AREA)
- Business, Economics & Management (AREA)
- Strategic Management (AREA)
- Human Resources & Organizations (AREA)
- Signal Processing (AREA)
- Entrepreneurship & Innovation (AREA)
- General Business, Economics & Management (AREA)
- General Physics & Mathematics (AREA)
- Computer Networks & Wireless Communication (AREA)
- Theoretical Computer Science (AREA)
- General Engineering & Computer Science (AREA)
- Physics & Mathematics (AREA)
- Computing Systems (AREA)
- Computer Security & Cryptography (AREA)
- Computer Hardware Design (AREA)
- Marketing (AREA)
- Economics (AREA)
- Health & Medical Sciences (AREA)
- Development Economics (AREA)
- Accounting & Taxation (AREA)
- General Health & Medical Sciences (AREA)
- Power Engineering (AREA)
- Biomedical Technology (AREA)
- Finance (AREA)
- Multimedia (AREA)
- Data Mining & Analysis (AREA)
- Operations Research (AREA)
- Quality & Reliability (AREA)
- Tourism & Hospitality (AREA)
- Management, Administration, Business Operations System, And Electronic Commerce (AREA)
Abstract
The invention discloses a distributed collaborative authentication design method based on trusted exhibition equipment, which comprises the following steps: the intelligent terminal and the trusted exhibition industry equipment are utilized to cooperatively carry out multiple identity verification and merchant information verification, customer service personnel are provided with end-to-end double-record visual service for users through a video agent, and the cooperative verification capability provided by the trusted exhibition industry equipment comprises: the method comprises the steps of key blank issuing, key updating, certificate reading, bank card reading, encryption/decryption, signature/verification, a password keyboard and terminal position information, and performing extremely-fast authorization, extremely-fast part feeding and extremely-fast inspection by adopting a distributed collaborative authentication design of trusted exhibition equipment. The invention solves the problems that the existing order receiving mechanism only manages the commercial tenant offline, and has low efficiency, high cost and nonstandard flow.
Description
Technical Field
The invention relates to the field of financial security, in particular to a distributed collaborative authentication design method based on trusted exhibition industry equipment.
Background
The current acquiring mechanism is in an offline mode for special merchant equipment management, off-line credit card of financial institutions and credit canvasing, and has the problems of low efficiency, high cost and nonstandard flow. The problem that the bill receiving mechanism has high difficulty in managing the equipment of the merchant and flows in the form, and the like, and the false merchant and the illegal use of the bill receiving equipment are caused to be outstanding, the risk of the black ash industry involved in the bill receiving service is increased, the health and sustainable development of the bill receiving service are not favorable, and the requirement of the latest supervision cannot be met. The defects of the prior art scheme are as follows:
1. The order receiving equipment applies that the traditional mode order receiving mechanism adopts an offline mode for the management of merchants, users need to go to a fixed network point to queue for business handling in business hours, the cost is high, long-time queuing is probably needed, and the user satisfaction is low. And due to the factors of supervision and approval, the cost of the bank for opening the website is high.
2. The order receiving equipment is used for inspection, in the current technical mode, the order receiving mechanism passes through an on-line mode on the equipment of the commercial tenant, the cost is high, the efficiency is low, and the pushing resistance of relevant supervision policies is increased.
3. The information of the order receiving equipment is changed, the information of the merchant equipment is changed or the equipment is replaced, and the conditions all need to go to off-line flow, the flow is complex, the input cost is high and the efficiency is low.
4. The order receiving device key management is performed by writing a device key into the order receiving device in a fixed place and managing the order receiving device in an offline mode after the key is changed. Low efficiency and high time cost. The prior art has the defects of off-line mode, manual auditing and fixed location, and based on single equipment limitation, the technical requirement of on-line associated authentication of merchants and equipment is not met.
Disclosure of Invention
Therefore, the invention provides a distributed collaborative authentication design method based on trusted exhibition equipment, which aims to solve the problems that the existing order receiving organization only manages merchants offline, and has low efficiency, high cost and nonstandard flow.
In order to achieve the above object, the present invention provides the following technical solutions:
The invention discloses a distributed collaborative authentication design method based on trusted exhibition equipment, which comprises the following steps:
And the close-range data transmission is carried out by adopting a Bluetooth transmission protocol between the order receiving device of the trusted exhibition industry device and the intelligent terminal, wherein the intelligent terminal comprises: the mobile phone and Pad utilize the intelligent terminal to assist in multiple identity verification and merchant information verification, customer service personnel provide end-to-end double-record visual service for users through video agents, and the collaborative verification capability provided by the trusted exhibition industry equipment comprises: the method comprises the steps of key blank issuing, key updating, certificate reading, bank card reading, encryption/decryption, signature/verification, a password keyboard and terminal position information, and performing extremely-fast authorization, extremely-fast part feeding and extremely-fast inspection by adopting a distributed collaborative authentication design of trusted exhibition equipment.
Further, the trusted exhibition industry equipment can read identity card information through NFC near field communication, fingerprint identification codes are acquired through the fingerprint module, each trusted exhibition industry equipment is provided with a unique tamper-proof equipment code, and accurate positioning of the trusted exhibition industry equipment is acquired based on LBS mobile location service.
Further, the intelligent terminal verifies the identity of the merchant, and the hardware environment is verified by adopting a video agent technology and an eID electronic identity identification technology based on a common execution environment REE, a trusted execution environment TEE and a secure element environment SE of the mobile phone.
Further, the video agent enables customer service personnel to provide end-to-end double-record visual service for users, through a remote video technology, the customer service personnel can receive video call connection initiated by a user end in a business handling process through an end-side application program, so that end-to-end double-record service is provided for the users remotely, meanwhile, online identity verification, business information confirmation, real-time online verification, remote verification and other business handling related services can be performed on the users, eID personnel certification integrated application service provides eID Internet real-name authentication, eID/cloud decoding, network identity certificate generation, bank card identification and business license two-dimensional code identification basic functions.
Further, the process of the fast-forward part is as follows:
s1, customer service personnel enter a business entry page, connection is established between an intelligent terminal and trusted exhibition industry equipment through Bluetooth, and the intelligent terminal is provided with an exhibition industry applet;
s2, the trusted exhibition industry equipment reads identity card information of a merchant legal person and an authorized person through NFC, sends the information to an exhibition industry applet through Bluetooth, and initiates network identity verification through application service to carry out identity verification after face living body identification;
S3, inputting basic information of the merchant through the intelligent terminal, reading business license information, supporting filling of other basic information of the merchant, and verifying whether the legal information of the merchant is consistent with the current transacted license information at the application server;
s4, after verification is passed, the exhibition industry applet reads the equipment code and the current coordinate address of the trusted exhibition industry equipment through Bluetooth, and the equipment code and the current coordinate address are stored in an application server;
s5, the exhibition industry applet transmits the business data to a background server for auditing, and the auditing is notified by pushing information at the exhibition industry;
S6, the merchant applies for and acquires the key from the application server through the trusted exhibition facility, and the key is written in the trusted exhibition facility.
Further, the merchant basic information in S3 includes: common contact names, common contact mobile phone numbers and common mailboxes, and other merchant basic information filled in comprises: merchant name, merchant abbreviation, contact phone, merchant address, company website, business category, business profile, province, city, legal name, legal identification number, authorizer name, authorization identification number.
Further, the extremely fast inspection flow is as follows:
a1, entering a merchant self-help inspection page through a merchant canvasing applet, wherein the intelligent terminal is connected with trusted exhibition equipment through Bluetooth;
A2, the merchant applet end sends a GPS acquisition instruction, and the trusted exhibition industry equipment end returns GPS longitude and latitude information;
a3, the small program end of the merchant initiates inspection parameters to check the inspection parameters to the background server, the background server checks the inspection parameters, if the instruction is not resent to acquire GPS longitude and latitude information, if the instruction is successful to inquire the latest payment running water of the equipment to the order receiving platform, the order receiving platform returns an inquiry result, and if the payment operation of the merchant does not exist, the inspection is restarted;
A4, initiating a certificate reading instruction by the merchant exhibition applet, reading the identity card information by the trusted exhibition equipment, feeding back to the merchant applet end, calling an identity verification page by the merchant applet end, carrying out live experience verification and sending network identity verification;
A5, pulling up the video seat, pushing a self-service inspection page, and reconfirming by an online teller and a merchant;
A6, the merchant canvasing applet initiates a signature instruction, an operator at the trusted exhibition industry equipment end performs signature confirmation, the merchant applet receives signature information, the background stores the signature information, the remote video end obtains the operator signature information, the remote video end sends a notice of successful inspection storage, and the application server end stores an inspection record.
Further, the trusted exhibition industry equipment end in the A2 is provided with a built-in positioning module, and the current position information is obtained through the positioning module in the trusted exhibition industry equipment and fed back to the merchant exhibition industry applet.
Further, the living experience certificate in the A4 comprises face recognition verification, fingerprint recognition verification and pupil recognition verification.
Further, after the intelligent terminal and the order receiving equipment are successfully authenticated in a distributed cooperation manner, the intelligent terminal and the order receiving equipment perform remote key blank issuing, equipment updating and equipment locking functions through a background service, the equipment communicates with the background service through a remote communication channel, remote key blank issuing is performed, equipment information and a corresponding trusted exhibition equipment key are stored in an encryption machine, and a background server is directly connected with the encryption machine to complete key generation and issuing.
The invention has the following advantages:
The invention discloses a distributed collaborative authentication design method based on trusted exhibition equipment, which effectively optimizes the auditing flow of a receipt business, and carries out on-line and off-line integrated, digital and intelligent transformation on a pure on-line and off-line management flow and a paper file interaction and manual management flow through the on-line distributed collaborative authentication design method, thereby greatly saving the auditing time of special merchants and improving the transaction efficiency;
according to the invention, equipment safety elements (equipment codes, equipment address positions, fingerprint feature codes and the like) are acquired through a trusted exhibition industry equipment side, data exchange communication is carried out through a near-field communication technology and a mobile terminal APP, and the data exchange communication is sent to a background for automatic recording, so that the problem that the authentication and verification of special merchants can only be completed through paper file exchange in a traditional offline mode through APP remote video capability is solved;
The invention realizes the flow of remote on-line equipment inspection, avoids the problem of non-uniform and nonstandard flow inspection of off-line equipment, improves inspection efficiency, meets the requirement of supervision, and saves the operation cost of an acquirer;
The invention discloses a distributed collaborative authentication method, which is characterized in that an NFC (near field communication) identity card of trusted exhibition industry equipment is used for reading an identity card, a fingerprint identification code and related equipment information are collected, and the remote inspection authentication of equipment and merchants is carried out in cooperation with the remote audio and video capability of a mobile phone APP;
the invention is based on a trusted exhibition industry device TSM security management architecture, and combines a distributed collaborative authentication method to realize functions of key blank issue, key update, device locking and the like under risk control;
After the authentication of the equipment and the merchant is successful through the distributed collaboration, the remote key issuing, equipment updating and equipment locking functions are performed through the background service. The device communicates with the background service through a remote communication channel to perform remote key blank transmission. The background server is directly connected with the encryption machine to complete key generation and issuing;
the invention can rapidly complete the identity authentication, the authorization, the business part feeding and the business inspection of the business based on the video agent technology and the eID network identity authentication technology.
Drawings
In order to more clearly illustrate the embodiments of the present invention or the technical solutions in the prior art, the drawings used in the description of the embodiments or the prior art will be briefly described below. It will be apparent to those skilled in the art from this disclosure that the drawings described below are merely exemplary and that other embodiments may be derived from the drawings provided without undue effort.
The structures, proportions, sizes, etc. shown in the present specification are shown only for the purposes of illustration and description, and are not intended to limit the scope of the invention, which is defined by the claims, so that any structural modifications, changes in proportions, or adjustments of sizes, which do not affect the efficacy or the achievement of the present invention, should fall within the ambit of the technical disclosure.
Fig. 1 is a collaborative authentication data flow chart of a distributed collaborative authentication design method based on trusted display industry equipment according to an embodiment of the present invention;
FIG. 2 is a signaling diagram of a business process of a distributed collaborative authentication design method based on trusted display industry equipment according to an embodiment of the present invention;
FIG. 3 is a signaling diagram of a business inspection flow of a distributed collaborative authentication design method based on trusted display industry equipment according to an embodiment of the present invention;
Detailed Description
Other advantages and advantages of the present invention will become apparent to those skilled in the art from the following detailed description, which, by way of illustration, is to be read in connection with certain specific embodiments, but not all embodiments. All other embodiments, which can be made by those skilled in the art based on the embodiments of the invention without making any inventive effort, are intended to be within the scope of the invention.
Examples
The invention discloses a distributed collaborative authentication design method based on trusted exhibition equipment, which comprises the following steps:
The acquisition equipment of the trusted exhibition industry equipment and the intelligent terminal are used for carrying out close-range data transmission by adopting a Bluetooth transmission protocol, the intelligent terminal is used for assisting in carrying out multiple identity verification and checking of merchant information, customer service personnel are provided with end-to-end double-record visual service through a video agent, and the collaborative verification capability provided by the trusted exhibition industry equipment comprises the following steps: the method comprises the steps of key blank issuing, key updating, certificate reading, bank card reading, encryption/decryption, signature/verification, a password keyboard and terminal position information, and performing extremely-fast authorization, extremely-fast part feeding and extremely-fast inspection by adopting a distributed collaborative authentication design of trusted exhibition equipment.
The trusted exhibition industry equipment can read identity card information through NFC near field communication, fingerprint identification codes are acquired by utilizing the fingerprint module, each trusted exhibition industry equipment is provided with a unique tamper-proof equipment code, and accurate positioning of the trusted exhibition industry equipment is acquired based on LBS mobile location service. The intelligent terminal verifies the identity of the merchant, and based on the common execution environment REE, the trusted execution environment TEE and the secure element environment SE of the mobile phone, the hardware environment performs identity verification by adopting a video agent technology and an eID electronic identity identification technology.
The risk prevention and control capability of the order-receiving service is improved, the identity verification strength of network clients is improved through a sound network identity authentication system, continuous consistency verification of special merchants, responsible persons, accounts, terminals, addresses and the like is realized, and the digital service management and risk monitoring capability is effectively enhanced
The video seat enables customer service personnel to provide end-to-end double-record visual service for users, through a remote video technology, the customer service personnel can receive video call connection initiated by a user end in a business handling process through an end-side application program, thereby providing end-to-end double-record service for users remotely, and simultaneously performing online identity verification, business information confirmation, real-time online verification, remote verification and other business handling related services with the users, wherein the eID personnel integrated application service provides eID Internet real-name authentication, eID/cloud decoding, network identity credential generation, bank card identification and business license two-dimensional code identification basic functions. The eID is mainly used for solving the online identity recognition problem under privacy protection, is not clear text identity information, but cipher information carried on a bank card safety intelligent chip, and is used for future online identity recognition, a user only needs to insert the bank card carrying the eID into a universal intelligent card reader and input a cipher or is close to the back of a mobile phone with NFC near field communication function, and a website can judge the authenticity and the effectiveness of the eID on line in the background, but does not grasp the identity information of an eID holder and does not need to store the identity information of the user.
The business environment of the optimal combined rule bill collection mechanism is expanded, the traditional business management flow is mainly dependent on off-line paper business acceptance through widening financial service channels, and is innovated into an on-line and off-line integrated business development system, an automatic and intelligent business processing center is explored and constructed according to bill collection business datamation and based on large-digital multi-channel identity verification and business risk evaluation models, the bill collection service operation efficiency and operation cost are improved through a light financial service mode, the market competitiveness of payment products of the combined rule bill collection mechanism is enhanced, the continuous down regulation of bill collection price is partially offset, and the direct profit level of the bill collection mechanism is greatly reduced. The payment order-receiving service supply capability is improved, the order-receiving mechanism production capability is effectively released through cost reduction and efficiency improvement, the service supply capability of the middle and small micro-merchants, particularly the service supply capability of the small micro-merchants, the availability of regular payment products of the small micro-merchants is improved, and the payment business and fund security of the small micro-merchants are improved. The financial customer service experience can be improved, the original lengthy receipt service waiting time is effectively shortened, the quick exhibition mode of on-site acceptance, on-site opening and immediate use is gradually realized, services such as full-day online remote video handling about merchant reservation, pre-handling, pre-approval and the like can be provided, and the online and offline integrated service extreme experience of multiple channels is constructed.
The process of the fast feeding part comprises the following steps:
s1, customer service personnel enter a business entry page, connection is established between an intelligent terminal and trusted exhibition industry equipment through Bluetooth, and the intelligent terminal is provided with an exhibition industry applet;
s2, the trusted exhibition industry equipment reads identity card information of a merchant legal person and an authorized person through NFC, sends the information to an exhibition industry applet through Bluetooth, and initiates network identity verification through application service to carry out identity verification after face living body identification;
S3, inputting basic information of the merchant through the intelligent terminal, reading business license information, supporting filling of other basic information of the merchant, and verifying whether the legal information of the merchant is consistent with the current transacted license information at the application server;
s4, after verification is passed, the exhibition industry applet reads the equipment code and the current coordinate address of the trusted exhibition industry equipment through Bluetooth, and the equipment code and the current coordinate address are stored in an application server;
s5, the exhibition industry applet transmits the business data to a background server for auditing, and the auditing is notified by pushing information at the exhibition industry;
S6, the merchant applies for and acquires the key from the application server through the trusted exhibition facility, and the key is written in the trusted exhibition facility.
The specific merchant part feeding process is that canvasing small programs of the intelligent terminal enter a merchant part feeding page, the intelligent terminal is connected with trusted exhibition industry equipment through Bluetooth, and the trusted exhibition industry equipment reads identity card information of a merchant legal person and an authorized person through NFC by contacting with the identity card. And transmits the relevant information to the showcase applet via bluetooth. The method comprises the steps that a camera of an intelligent terminal is used for carrying out living body face recognition, network identity verification is initiated at an application server after recognition is completed, an identity verification platform is used for carrying out identity verification, a verification result is fed back to the application server, a development applet judges whether the identity verification is passed or not, a common contact name, a common contact mobile phone number and a common mailbox of a merchant are input after the identity verification is passed, and OCR optical character recognition is carried out; if the user does not pass, the user reenters the merchant package page and re-verifies the user.
OCR optical character recognition reads business license information and supports the supplement of other merchant names, merchant short names, contact phones, merchant addresses, company websites, business categories, business profiles, provinces, cities, regions, legal names, legal identification numbers, authorizer names and authorized identification numbers. Verifying whether the legal person is matched with the current customer identity or not in a network identity verification platform, and feeding a verification result back to the exhibition industry applet; and if the verification is not passed, re-entering the merchant feed page for re-verification, and if the verification is passed, applying for reading the equipment codes of the trusted display equipment. The unique device code and the current coordinate address are acquired from the trusted display industry device through Bluetooth, and canvasing small programs are submitted to an application server after being combined with other information, and the information of the package is saved.
Canvasing applet transmits merchant data to a mobile phone counter for remote video acceptance, pulls up a video seat to enter an online counter business handling process, confirms application willingness, initiates application to a receipt platform for auditing after non-perception identity verification, the receipt system carries out auditing and feeds back auditing results, a background server records and displays auditing results, if auditing is not passed, the video seat checks auditing failure reasons, the merchant is fed back for modification and then submits model auditing again, and the receipt system is submitted again for auditing; and the audit of the order receiving system is passed, and the application server receives the audit result of the order receiving system and pushes the message to the exhibition industry applet.
The merchant applies for obtaining the key from the application server through the trusted exhibition industry equipment, the application server applies for the key from the order receiving platform, the application server feeds back the key to the application server after obtaining the key, the application server performs blank issuing to the trusted exhibition industry equipment, and the key is filled into the trusted exhibition industry equipment, so that the verification of the merchant in-package is completed. The distributed collaborative authentication method is realized, and the on-site remote inspection authentication of the equipment and the merchant is carried out by the NFC (near field communication) identification card of the trusted exhibition industry equipment, the acquisition of the fingerprint identification code and the related equipment information and the cooperation of the remote audio and video capability of the mobile phone APP.
The extremely fast inspection flow is as follows:
a1, entering a merchant self-help inspection page through a merchant canvasing applet, wherein the intelligent terminal is connected with trusted exhibition equipment through Bluetooth;
A2, the merchant applet end sends a GPS acquisition instruction, and the trusted exhibition industry equipment end returns GPS longitude and latitude information;
a3, the small program end of the merchant initiates inspection parameters to check the inspection parameters to the background server, the background server checks the inspection parameters, if the instruction is not resent to acquire GPS longitude and latitude information, if the instruction is successful to inquire the latest payment running water of the equipment to the order receiving platform, the order receiving platform returns an inquiry result, and if the payment operation of the merchant does not exist, the inspection is restarted;
A4, initiating a certificate reading instruction by the merchant exhibition applet, reading the identity card information by the trusted exhibition equipment, feeding back to the merchant applet end, calling an identity verification page by the merchant applet end, carrying out live experience verification and sending network identity verification;
A5, pulling up the video seat, pushing a self-service inspection page, and reconfirming by an online teller and a merchant;
A6, the merchant canvasing applet initiates a signature instruction, an operator at the trusted exhibition industry equipment end performs signature confirmation, the merchant applet receives signature information, the background stores the signature information, the remote video end obtains the operator signature information, the remote video end sends a notice of successful inspection storage, and the application server end stores an inspection record.
The specific flow of the merchant patrol is that a merchant exhibition applet is opened, a merchant self-help patrol functional page is entered, and the intelligent terminal is connected with the trusted exhibition device through Bluetooth. The exhibition industry applet sends an instruction to request to acquire GPS information, and the GPS longitude and latitude information is acquired through a positioning module in the trusted exhibition industry device and fed back to the exhibition industry applet. Initiating inspection parameter verification through an exhibition industry applet, verifying the inspection parameters at an application server, and entering a GPS information acquisition step again if the inspection is not passed; and if the verification is passed, inquiring the latest payment flow information of the device. Inquiring the latest payment running water of the trusted exhibition industry equipment through the order receiving platform, feeding back an inquiry result to an application server, judging whether the latest payment running water exists through canvasing small programs, and prompting card swiping payment if the latest payment running water does not exist; if so, sending a certificate reading instruction.
And reading the identity card information of the legal person or the authorized person by using the trusted exhibition industry equipment, feeding back to the merchant exhibition industry applet, then carrying out living face recognition, and initiating network identity verification through the application server after the living face recognition passes. Performing identity verification on a network identity verification platform, feeding back a verification result to the exhibition industry applet, judging whether the identity verification is passed or not, and if not, performing living face recognition again; and if the video passes, initiating remote video re-verification.
Remote video acceptance is carried out through the mobile phone counter, a self-service inspection page is pushed, and online teller and commercial tenant confirm again. Canvasing applet receives or checks self-help inspection page information, initiates a signature instruction, performs signature confirmation on an operator at a trusted display industry equipment end, receives signature information by a merchant canvasing applet, sends the signature information to an application server end to store the signature information, and a remote video end obtains the operator signature information. And the remote video end sends a notice of successful storage inspection, and the application server end stores an inspection record to finish inspection. The remote on-line equipment inspection flow is realized, the problem that the off-line equipment flow is not uniform and is not standard is avoided, the inspection efficiency is improved, the supervision requirement is met, and the operation cost of an acquirer is saved.
The embodiment discloses a distributed collaborative authentication design method based on trusted exhibition equipment, which effectively optimizes the auditing flow of receipt business, and carries out on-line and off-line integrated, digital and intelligent transformation on the purely on-line and off-line management flow of paper file interaction and manual management flow through the on-line distributed collaborative authentication design method, thereby greatly saving auditing time of special merchants and improving handling efficiency;
according to the invention, equipment safety elements (equipment codes, equipment address positions, fingerprint feature codes and the like) are acquired through a trusted exhibition industry equipment side, data exchange communication is carried out through a near-field communication technology and a mobile terminal APP, and the data exchange communication is sent to a background for automatic recording, so that the problem that the authentication and verification of special merchants can only be completed through paper file exchange in a traditional offline mode through APP remote video capability is solved;
The invention realizes the flow of remote on-line equipment inspection, avoids the problem of non-uniform and nonstandard flow inspection of off-line equipment, improves inspection efficiency, meets the requirement of supervision, and saves the operation cost of an acquirer;
The invention discloses a distributed collaborative authentication method, which is characterized in that an NFC (near field communication) identity card of trusted exhibition industry equipment is used for reading an identity card, a fingerprint identification code and related equipment information are collected, and the remote inspection authentication of equipment and merchants is carried out in cooperation with the remote audio and video capability of a mobile phone APP;
the invention is based on a trusted exhibition industry device TSM security management architecture, and combines a distributed collaborative authentication method to realize functions of key blank issue, key update, device locking and the like under risk control;
After the authentication of the equipment and the merchant is successful through the distributed collaboration, the remote key issuing, equipment updating and equipment locking functions are performed through the background service. The device communicates with the background service through a remote communication channel to perform remote key blank transmission. The background server is directly connected with the encryption machine to complete key generation and issuing;
the invention can rapidly complete the identity authentication, the authorization, the business part feeding and the business inspection of the business based on the video agent technology and the eID network identity authentication technology.
While the invention has been described in detail in the foregoing general description and specific examples, it will be apparent to those skilled in the art that modifications and improvements can be made thereto. Accordingly, such modifications or improvements may be made without departing from the spirit of the invention and are intended to be within the scope of the invention as claimed.
Claims (6)
1. The distributed collaborative authentication design method based on the trusted exhibition industry equipment is characterized by comprising the following steps of:
The method comprises the steps that short-distance data transmission is carried out by utilizing a receipt device of the trusted exhibition industry device and an intelligent terminal through a Bluetooth transmission protocol, multiple identity verification and merchant information verification are carried out cooperatively by utilizing the intelligent terminal and the trusted exhibition industry device, customer service personnel provide end-to-end double-record visual service for users through a video agent, and collaborative verification capability provided by the trusted exhibition industry device comprises the following steps: the method comprises the steps of key blank issuing, key updating, certificate reading, bank card reading, encryption/decryption, signature/verification, a password keyboard and terminal position information, and performing extremely-fast authorization, extremely-fast part feeding and extremely-fast inspection by adopting a distributed collaborative authentication design of trusted exhibition equipment;
the trusted exhibition industry equipment can read identity card information through NFC near field communication, fingerprint identification codes are acquired by utilizing a fingerprint module, each trusted exhibition industry equipment has unique untampered equipment codes, and accurate positioning of the trusted exhibition industry equipment is acquired based on LBS mobile location service;
the intelligent terminal verifies the identity of the commercial tenant, and based on a common execution environment REE, a trusted execution environment TEE and a secure element environment SE of the mobile phone, the hardware environment verifies the identity by adopting a video agent technology and an eID electronic identity identification technology;
The video agent enables customer service personnel to provide end-to-end double-record visual service for users, the customer service personnel receives video call connection initiated by a user end in the business handling process through an end-side application program by a remote video technology, so that end-to-end double-record service is provided for the users remotely, meanwhile, online identity verification, business information confirmation, real-time online verification and remote verification and business handling related service with the users are performed for the users, and eID personnel card integrated application service provides eID Internet real-name authentication, eID/cloud decoding, network identity credential generation, bank card identification and business license two-dimensional code identification basic functions;
The process of the fast feeding part comprises the following steps:
s1, customer service personnel enter a business entry page, connection is established between an intelligent terminal and trusted exhibition industry equipment through Bluetooth, and the intelligent terminal is provided with an exhibition industry applet;
s2, the trusted exhibition industry equipment reads identity card information of a merchant legal person and an authorized person through NFC, sends the information to an exhibition industry applet through Bluetooth, and initiates network identity verification through application service to carry out identity verification after face living body identification;
S3, inputting basic information of the merchant through the intelligent terminal, reading business license information, supporting filling of other basic information of the merchant, and verifying whether the legal information of the merchant is consistent with the current transacted license information at the application server;
s4, after verification is passed, the exhibition industry applet reads the equipment code and the current coordinate address of the trusted exhibition industry equipment through Bluetooth, and the equipment code and the current coordinate address are stored in an application server;
s5, the exhibition industry applet transmits the business data to a background server for auditing, and the auditing is notified by pushing information at the exhibition industry;
S6, the merchant applies for and acquires the key from the application server through the trusted exhibition facility, and the key is written in the trusted exhibition facility.
2. The distributed collaborative authentication design method based on trusted display industry equipment according to claim 1, wherein the merchant basic information in S3 comprises: common contact names, common contact mobile phone numbers and common mailboxes, and other merchant basic information filled in comprises: merchant name, merchant abbreviation, contact phone, merchant address, company website, business category, business profile, province, city, legal name, legal identification number, authorizer name, authorization identification number.
3. The distributed collaborative authentication design method based on trusted display industry equipment as set forth in claim 1, wherein the extremely fast inspection flow is:
a1, entering a merchant self-help inspection page through a merchant canvasing applet, wherein the intelligent terminal is connected with trusted exhibition equipment through Bluetooth;
A2, the merchant applet end sends a GPS acquisition instruction, and the trusted exhibition industry equipment end returns GPS longitude and latitude information;
a3, the small program end of the merchant initiates inspection parameters to check the inspection parameters to the background server, the background server checks the inspection parameters, if the instruction is not resent to acquire GPS longitude and latitude information, if the instruction is successful to inquire the latest payment running water of the equipment to the order receiving platform, the order receiving platform returns an inquiry result, and if the payment operation of the merchant does not exist, the inspection is restarted;
A4, initiating a certificate reading instruction by the merchant exhibition applet, reading the identity card information by the trusted exhibition equipment, feeding back to the merchant applet end, calling an identity verification page by the merchant applet end, carrying out live experience verification and sending network identity verification;
A5, pulling up the video seat, pushing a self-service inspection page, and reconfirming by an online teller and a merchant;
A6, the merchant canvasing applet initiates a signature instruction, an operator at the trusted exhibition industry equipment end performs signature confirmation, the merchant applet receives signature information, the background stores the signature information, the remote video end obtains the operator signature information, the remote video end sends a notice of successful inspection storage, and the application server end stores an inspection record.
4. The distributed collaborative authentication design method based on trusted display equipment as claimed in claim 3, wherein the trusted display equipment end in the A2 is provided with a built-in positioning module, and the current position information is acquired through the positioning module in the trusted display equipment and fed back to the merchant display applet.
5. The distributed collaborative authentication design method based on trusted display devices of claim 3, wherein the living experience in A4 includes face recognition verification, fingerprint recognition verification, pupil recognition verification.
6. The distributed collaborative authentication design method based on trusted display equipment as claimed in claim 1, wherein after the intelligent terminal and the acquiring equipment are successfully authenticated by the distributed collaborative authentication of the equipment and the merchant, the intelligent terminal performs remote key blank issuing, equipment updating and equipment locking functions through a background service, the equipment communicates with the background service through a remote communication channel to perform remote key blank issuing, wherein equipment information and a corresponding trusted display equipment key are stored in an encryption machine, and a background server is directly connected with the encryption machine to complete key generation and issuing.
Priority Applications (1)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
CN202010947712.XA CN112200530B (en) | 2020-09-10 | 2020-09-10 | Distributed collaborative authentication design method based on trusted exhibition industry equipment |
Applications Claiming Priority (1)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
CN202010947712.XA CN112200530B (en) | 2020-09-10 | 2020-09-10 | Distributed collaborative authentication design method based on trusted exhibition industry equipment |
Publications (2)
Publication Number | Publication Date |
---|---|
CN112200530A CN112200530A (en) | 2021-01-08 |
CN112200530B true CN112200530B (en) | 2024-07-05 |
Family
ID=74015538
Family Applications (1)
Application Number | Title | Priority Date | Filing Date |
---|---|---|---|
CN202010947712.XA Active CN112200530B (en) | 2020-09-10 | 2020-09-10 | Distributed collaborative authentication design method based on trusted exhibition industry equipment |
Country Status (1)
Country | Link |
---|---|
CN (1) | CN112200530B (en) |
Families Citing this family (3)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN113536273A (en) * | 2021-08-09 | 2021-10-22 | 北京国民安盾科技有限公司 | Method and system for collaborative biometric identification between devices |
CN115664689B (en) * | 2022-07-07 | 2024-03-08 | 湖南汉马科技有限公司 | Internet identity verification service system |
CN118736720B (en) * | 2024-09-04 | 2024-11-15 | 成都智安易智能设备有限公司 | Multiple authentication method and system based on service library remote authorization |
Citations (2)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN104936128A (en) * | 2014-12-08 | 2015-09-23 | 深圳市腾讯计算机系统有限公司 | Off-line data transfer method, device and system |
CN111585966A (en) * | 2020-04-08 | 2020-08-25 | 北京科蓝软件系统股份有限公司 | End, pipe and cloud integrated internet credible exhibition industry safety system |
Family Cites Families (4)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
KR102329258B1 (en) * | 2014-10-28 | 2021-11-19 | 삼성전자주식회사 | Apparatus and method for payment using a secure module |
WO2017084013A1 (en) * | 2015-11-16 | 2017-05-26 | 华为技术有限公司 | Transaction authentication method, device, mobile terminal, pos terminal and server |
CN108512862B (en) * | 2018-05-30 | 2023-12-05 | 博潮科技(北京)有限公司 | Internet of things terminal security authentication management and control platform based on certificate-free identification authentication technology |
CN109711133B (en) * | 2018-12-26 | 2020-05-15 | 巽腾(广东)科技有限公司 | Identity information authentication method and device and server |
-
2020
- 2020-09-10 CN CN202010947712.XA patent/CN112200530B/en active Active
Patent Citations (2)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN104936128A (en) * | 2014-12-08 | 2015-09-23 | 深圳市腾讯计算机系统有限公司 | Off-line data transfer method, device and system |
CN111585966A (en) * | 2020-04-08 | 2020-08-25 | 北京科蓝软件系统股份有限公司 | End, pipe and cloud integrated internet credible exhibition industry safety system |
Also Published As
Publication number | Publication date |
---|---|
CN112200530A (en) | 2021-01-08 |
Similar Documents
Publication | Publication Date | Title |
---|---|---|
US8938793B2 (en) | System and method for secure management of transactions | |
US7757945B2 (en) | Method for electronic payment | |
CN112200530B (en) | Distributed collaborative authentication design method based on trusted exhibition industry equipment | |
US20120030108A1 (en) | System and method for the remote identification and verification of a client's identity during the provision of financial services | |
US20180225659A1 (en) | Information processing device and information processing method | |
US20080017702A1 (en) | System and Method for Conducting Electronic Account Transactions | |
JP5405965B2 (en) | Fund transfer system | |
CN111294398A (en) | Method and device for carrying out digital currency payment based on service providing equipment and mobile terminal | |
KR20140125449A (en) | Transaction processing system and method | |
US20110029428A1 (en) | Mobile Remittance Network | |
CA2946426A1 (en) | Systems and methods for onsite or remote dispensing of credit instruments | |
KR20170141930A (en) | System for providing financial service and method for transfer thereof | |
CN113688362B (en) | ID card information security processing method and device | |
KR101794831B1 (en) | Electronic financial processing system using personal atm terminal and method for processing thereof | |
JP2009140352A (en) | System and method for confirming service consumption | |
KR102140708B1 (en) | Method and server for providing financial service | |
KR20120013047A (en) | Method and system for providing the service | |
KR100977028B1 (en) | Remittance system and remittance method | |
JP4714575B2 (en) | Recipient identity authentication system and method in product delivery, computer program | |
KR20120132729A (en) | Method of remittance proxy service using CMS and the remittance proxy system | |
KR20110007940A (en) | Remittance system and remittance method | |
KR20090104215A (en) | Gold trading method and system and program recording medium therefor | |
KR101740911B1 (en) | System, apparatus and method for servicing loan based on code | |
AU2011101729A4 (en) | Accessing information | |
KR20110078147A (en) | Authentication method and system using text message for payment using payment card |
Legal Events
Date | Code | Title | Description |
---|---|---|---|
PB01 | Publication | ||
PB01 | Publication | ||
SE01 | Entry into force of request for substantive examination | ||
SE01 | Entry into force of request for substantive examination | ||
GR01 | Patent grant | ||
GR01 | Patent grant |