CN102868688B - Certification system and method and electronic signature tool - Google Patents
Certification system and method and electronic signature tool Download PDFInfo
- Publication number
- CN102868688B CN102868688B CN201210326240.1A CN201210326240A CN102868688B CN 102868688 B CN102868688 B CN 102868688B CN 201210326240 A CN201210326240 A CN 201210326240A CN 102868688 B CN102868688 B CN 102868688B
- Authority
- CN
- China
- Prior art keywords
- certification
- account
- server
- electronic tag
- presented
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Active
Links
Landscapes
- Financial Or Insurance-Related Operations Such As Payment And Settlement (AREA)
Abstract
The invention discloses a certification system which comprises a client end used for receiving information seleced by a user, a server prestored with a radio frequency identification and a first account number and used for generating a two-dimensional code according to the radio frequency identification, the first account number and the information selected by the user, and an electronic signature tool, wherein the electronic signature tool is prestored with a certification identification issued to the server by a third party certification mechanism, and is used for obtaining the two-dimensional code from the server through the client end, and certifying the server and the first account number according to the two-dimensional code and the prestored certification identification issued to the server by the third party certification mechanism. The certification system provided by the embodiment of the invention can be used for certifying the legality and the reliability of two transaction parties, thereby ensuring correctness of transaction. The invention also discloses an electronic signature tool and a certification method.
Description
Technical field
The present invention relates to field of information security technology, particularly a kind of Verification System, authentication method and electric signing tools.
Background technology
At present, universal along with ecommerce and Web bank, increasing user's selection ecommerce is concluded the business, and the transaction of ecommerce must bring the universal of Web bank, and in order to ensure the fail safe of concluding the business, the user of Web bank uses electric signing tools more and more.For user, Web bank uses electric signing tools to ensure that the account property safety of user, but but can not ensure the legitimacy of businessman, such as fishing website, but user does not also know that it is truly legal e-commerce website or fishing website, thus, money, when online transaction, may forward in the account of incorrect fishing website, cause user's property loss by user.
Summary of the invention
The present invention is intended at least one of solve the problems of the technologies described above.
For this reason, one object of the present invention is to propose a kind of can checking the legitimacy of both parties and reliability, thus guarantee the Verification System of transaction correctness, such as, when online transaction, legitimacy and the reliability of trade company can be guaranteed, such as, take precautions against fishing website and user is caused any property loss.
Another object of the present invention is to propose a kind of electric signing tools.
Another object of the present invention is to propose a kind of authentication method.
To achieve these goals, the embodiment of first aspect present invention provides a kind of Verification System, comprising: client, for receiving the information that user selects; Server, described server prestores electronic tag and the first account, Quick Response Code is generated according to the information that described electronic tag, described first account and described user select, wherein, described electronic tag comprises the certification mark and the second account that are presented to described server by Third Party Authentication mechanism; Electric signing tools, the certification mark being presented to described server by Third Party Authentication mechanism is prestored in described electric signing tools, obtain described Quick Response Code by described client from server, according to described Quick Response Code and prestore by Third Party Authentication mechanism be presented to described server certification identify certification is carried out to described server and described first account.
According to the Verification System of the embodiment of the present invention, according to Quick Response Code and prestore by Third Party Authentication mechanism be presented to server certification identify certification is carried out to server and the first account, adopt the safety that both can ensure individual subscriber account in this way, the checking of legitimacy and reliability can be carried out again trade company, thus improve the fail safe of transaction.Effective strick precaution fishing website brings property loss to user, meanwhile, and can also conveniently to the supervision of trade company, and and network bank business based docking.This Verification System ensure that the safety of individual subscriber account, and has accuracy and ease for use.
In one embodiment of the invention, described electric signing tools comprises: memory module, stores the certification mark that the first PKI, the second PKI and Third Party Authentication mechanism are presented to described server; First decoder module, according to described first PKI obtained from described memory module, decodes to described Quick Response Code, obtains described electronic tag and described first account; Second decoder module, according to the second PKI obtained from described memory module, decodes to the described electronic tag that described first decoder module obtains, and obtains the certification mark and the second account of carrying in electronic tag; Comparing module, the certification mark of carried in the electronic tag obtained by described second decoder module identifies with the certification of Third Party Authentication mechanism obtained from described memory module compares, comparison unanimously then server described in certification be trusted servers; Second account of carrying in the first account obtain described first decoder module and the electronic tag that obtains of described second decoder module is compared, comparison unanimously then the first account described in certification be legal account.
Thus, the comparison that the comparison achieving the first account and the second account of efficiently and accurately and certification identify, ensure that the safety of individual subscriber account, has timeliness and ease for use.
In one embodiment of the invention, described signature instrument also comprises: update module, and the Third Party Authentication mechanism upgraded in described memory module issues the certification mark of described server.
Thus, the certification mark making Third Party Authentication mechanism issue server has timeliness.
In one embodiment of the invention, described certification is designated digital signature or the digital finger-print that Third Party Authentication mechanism is presented to described server.
Thus, improve the diversity of certification form of identification.
In one embodiment of the invention, the information that described user selects comprises: merchandise news, trade name and goods amount.In one embodiment of the invention, described electric signing tools is USBKey.
The embodiment of second aspect present invention proposes a kind of electric signing tools, comprising: memory module, stores the certification mark that the first PKI, the second PKI and Third Party Authentication mechanism are presented to described server; First decoder module, according to described first PKI obtained from described memory module, decodes to described Quick Response Code, obtains described electronic tag and described first account; Second decoder module, according to the second PKI obtained from described memory module, decodes to the electronic tag that described first decoder module obtains, and obtains the certification mark and the second account of carrying in electronic tag; Comparing module, the certification mark of carried in the electronic tag obtained by described second decoder module identifies with the certification of Third Party Authentication mechanism obtained from described memory module compares, comparison unanimously then server described in certification be trusted servers; Second account of carrying in the first account obtain described first decoder module and the electronic tag that obtains of described second decoder module contrasts, comparison unanimously then the first account described in certification be legal account.
According to the electric signing tools of the embodiment of the present invention, electric signing tools prestores the certification mark being presented to server by Third Party Authentication mechanism, obtain from server the Quick Response Code that server generates according to the information that electronic tag, the first account and user select by client, identify according to Quick Response Code and the certification of being presented to server by Third Party Authentication mechanism that prestores and certification is carried out to server and the first account.Both can ensure the safety of individual subscriber account, the checking of legitimacy and reliability can have been carried out again trade company, thus improve the fail safe of transaction.Effective strick precaution fishing website brings property loss to user.
In one embodiment of the invention, described electric signing tools also comprises: update module, and the Third Party Authentication mechanism upgraded in described memory module is presented to the certification mark of described server.
Thus, the certification mark making Third Party Authentication mechanism issue server has timeliness.
In one embodiment of the invention, described electronic tag comprises the certification mark and the second account that are presented to described server by Third Party Authentication mechanism; The information that described user selects comprises: merchandise news and goods amount, to carry out adaptive certification for different commodity, improves the efficiency of certification.
The embodiment of third aspect present invention proposes a kind of authentication method, comprise: the information that server is selected according to user and the electronic tag that described server prestores and the first account generate Quick Response Code, wherein, described electronic tag comprises the certification mark and the second account that are presented to described server by Third Party Authentication mechanism; Electric signing tools obtains described Quick Response Code from described server, according to described Quick Response Code and described electric signing tools prestore by Third Party Authentication mechanism be presented to described server certification identify certification is carried out to described server and described first account.
According to the authentication method of the embodiment of the present invention, according to Quick Response Code and prestore by Third Party Authentication mechanism be presented to server certification identify certification is carried out to server and the first account, adopt the safety that both can ensure individual subscriber account in this way, the checking of legitimacy and reliability can be carried out again trade company, thus improve the fail safe of transaction.Effective strick precaution fishing website brings property loss to user, meanwhile, and can also conveniently to the supervision of trade company, and and network bank business based docking.This authentication method ensure that the safety of individual subscriber account, and has accuracy and ease for use.
In one embodiment of the invention, the described certification of being presented to described server by Third Party Authentication mechanism prestored according to described Quick Response Code and described electric signing tools identifies and carries out certification to described server and described first account and comprise:
According to the first PKI that described electric signing tools prestores, described Quick Response Code is decoded, obtain described electronic tag and described first account; According to the second PKI that described electric signing tools prestores, described electronic tag is decoded, obtain the certification mark and the second account of carrying in electronic tag; The certification of the Third Party Authentication mechanism certification of carrying in the electronic tag of acquisition mark prestored with described electric signing tools identifies compares, comparison unanimously then server described in certification be trusted servers; Second account of carrying in the electronic tag of the first account obtained and acquisition is compared, comparison unanimously then the first account described in certification be legal account.
Thus, the comparison that the comparison achieving the first account and the second account of efficiently and accurately and certification identify, ensure that the safety of individual subscriber account, has timeliness and ease for use.
In one embodiment of the invention, described method also comprises: upgrade the certification mark that Third Party Authentication mechanism that described electric signing tools prestores is presented to described server.
Thus, the certification mark making Third Party Authentication mechanism issue server has timeliness.
Total in one embodiment of the present of invention, described certification is designated digital signature or the digital finger-print that Third Party Authentication mechanism is presented to described server.
Thus, improve the diversity of certification form of identification.In one embodiment of the invention, the information that described user selects comprises: merchandise news and goods amount.
Additional aspect of the present invention and advantage will part provide in the following description, and part will become obvious from the following description, or be recognized by practice of the present invention.
Accompanying drawing explanation
Above-mentioned and/or additional aspect of the present invention and advantage will become obvious and easy understand from accompanying drawing below combining to the description of embodiment, wherein:
Fig. 1 is the structure chart of Verification System according to an embodiment of the invention;
Fig. 2 is the structure chart of electric signing tools according to an embodiment of the invention;
Fig. 3 is the structure chart of electric signing tools according to another embodiment of the present invention; And
Fig. 4 is the flow chart of authentication method according to an embodiment of the invention.
Embodiment
Be described below in detail embodiments of the invention, the example of described embodiment is shown in the drawings, and wherein same or similar label represents same or similar element or has element that is identical or similar functions from start to finish.Be exemplary below by the embodiment be described with reference to the drawings, only for explaining the present invention, and can not to understand be limitation of the present invention.On the contrary, embodiments of the invention comprise fall into attached claims spirit and intension within the scope of all changes, amendment and equivalent.
In describing the invention, it should be noted that, unless otherwise clearly defined and limited, term " is connected ", " connection " should be interpreted broadly, such as: can be fixedly connected with, also can make to removably connect, or connect integratedly; Can make mechanical connection, also can be electrical connection; Can make directly to be connected, also indirectly can be connected by intermediary.For the ordinary skill in the art, concrete condition above-mentioned term concrete meaning in the present invention can be understood.In addition, in describing the invention, except as otherwise noted, the implication of " multiple " is two or more.
In describing the invention, it is to be appreciated that term " first ", " second " only for describing object, and can not be interpreted as instruction or hint relative importance.
Below with reference to the accompanying drawings Verification System according to the embodiment of the present invention and electric signing tools are described.
Fig. 1 is the structure chart of Verification System according to an embodiment of the invention.
As shown in Figure 1, according to the Verification System of the embodiment of the present invention, comprising: client 100, electric signing tools 300 and server 200.
The information that client 100 is selected for receiving user.Particularly, client is but is not limited to: computer, mobile phone or mobile terminal device, and the information that user selects comprises: merchandise news and goods amount, certainly, also can comprise the out of Memory of the commodity such as trade name.
Server 200 prestores electronic tag and the first account, Quick Response Code is generated according to the information that electronic tag, the first account and user select, wherein, electronic tag comprises the certification mark and the second account that are presented to server by Third Party Authentication mechanism, in this example, certification is designated digital signature or the digital finger-print that Third Party Authentication mechanism is presented to server, and the first account is seller's account, and the second account is the legal account that seller truly puts on record.
The certification mark being presented to server 200 by Third Party Authentication mechanism is prestored in electric signing tools 300, obtain Quick Response Code by client from server, according to Quick Response Code and prestore by Third Party Authentication mechanism be presented to server 200 certification identify certification is carried out to server 200 and the first account.In this example, electric signing tools is USB-Key.Certification is designated digital signature or the digital finger-print that Third Party Authentication mechanism is presented to server.The information that Quick Response Code is electronic tag, the first account and user select generates.
According to the Verification System of the embodiment of the present invention, according to Quick Response Code and prestore by Third Party Authentication mechanism be presented to server certification identify certification is carried out to server and the first account, both the safety of individual subscriber account can have been ensured, the checking of legitimacy and reliability can be carried out again trade company, thus improve the fail safe of transaction.Effective strick precaution fishing website brings property loss to user, meanwhile, and can also conveniently to the supervision of trade company, and and network bank business based docking.This Verification System ensure that the safety of individual subscriber account, and has accuracy and ease for use.
As shown in Figure 2, in an embodiment of the invention, electric signing tools comprises: memory module 301, first decoder module 302, second decoder module 303 and contrast module 304.
Specifically, memory module 301 is presented to the certification mark of server for storing the first PKI, the second PKI and Third Party Authentication mechanism.In one embodiment of the invention, wherein, the first PKI is server public key; Second PKI is Third Party Authentication authority public key; Certification mark can be presented to the digital signature of server or the combination of digital finger-print or digital signature and digital finger-print two kinds of forms for Third Party Authentication mechanism, is not restricted to a kind of mode here.First decoder module 302, according to the first PKI obtained from memory module 301, is decoded to Quick Response Code, obtains electronic tag and the first account.Second decoder module 303, according to the second PKI obtained from memory module, is decoded to the electronic tag that the first decoder module obtains, and obtains the certification mark and the second account of carrying in electronic tag.
The certification mark of carrying in the electronic tag that the second decoder module 303 obtains by comparing module 304 identifies with the certification of Third Party Authentication mechanism stored from memory module 301 compares, comparison unanimously then certificate server be trusted servers; Second account of carrying in the electronic tag that the first account obtain the first decoder module 302 and the second decoder module 303 obtain is compared, comparison unanimously then certification first account be legal account.
As a concrete example, suppose in e-commerce website process of exchange, individual subscriber PC is client 100, e-business network site server is server 200.The authoritative institution of authorized by state is Third Party Authentication mechanism.Specifically, e-business network site server is put on record in the authoritative institution of authorized by state, time network bank business based, Quick Response Code can be sent in the electric signing tools 300 of user by the PC of user by e-business network site server, as USBKey etc., the PKI of the signature that authoritative institution issues is included in USBKey, when Quick Response Code is sent on USBKey, the digital signature that USBKey utilizes PKI to issue the authoritative institution in the Quick Response Code sended over or fingerprint certificate are decrypted, then the certificate prestored in the certificate of the electronic signature of the authoritative institution after deciphering and USBKey is verified, if correct, then illustrate that e-business network site server is legal, authentic.
Further, after USBKey has verified the legitimacy of e-business network site server, again the accounts information in the electronic signature of the authoritative institution after deciphering and the accounts information being sent to USBKey are verified, if checking is correct, then illustrate that account is legal account, thus further ensure that the safety of transaction, if verify incorrect, then user is pointed out.
As shown in Figure 3, in one embodiment of the invention, electric signing tools comprises: update module 305, and the Third Party Authentication mechanism upgraded in memory module 301 is presented to the certification mark of server.
By the Verification System that the present invention adopts, can verify the legitimacy of both parties and reliability, thus guarantee correctness of concluding the business.Such as, when online transaction, both can improve the fail safe of individual subscriber account, legitimacy and the reliability of trade company can be guaranteed again, such as, take precautions against fishing website and user is caused any property loss.Further, according to the electric signing tools of the embodiment of the present invention, prestore the certification mark being presented to server by Third Party Authentication mechanism, obtain from server the Quick Response Code that server generates according to the information that electronic tag, the first account and user select by client, identify according to Quick Response Code and the certification of being presented to server by Third Party Authentication mechanism that prestores and certification is carried out to server and the first account.Both can ensure the safety of individual subscriber account, the checking of legitimacy and reliability can have been carried out again trade company, thus improve the fail safe of transaction.Effective strick precaution fishing website brings property loss to user.
Fig. 4 is the flow chart of authentication method according to an embodiment of the invention.
A kind of authentication method, comprise the following steps: the information that server is selected according to user and the electronic tag that server prestores and the first account generate Quick Response Code, wherein, electronic tag comprises the certification mark and the second account that are presented to server by Third Party Authentication mechanism; Electric signing tools obtains Quick Response Code from server, according to Quick Response Code and electric signing tools prestore by Third Party Authentication mechanism be presented to server certification identify certification is carried out to server and the first account.
As shown in Figure 4, according to the authentication method of the embodiment of the present invention, comprise the following steps:
Step S401, the information that server is selected according to user and the electronic tag that server prestores and the first account generate Quick Response Code, wherein, electronic tag comprises the certification mark and the second account that are presented to server by Third Party Authentication mechanism, in this example, the information that user selects includes but not limited to: merchandise news, trade name and goods amount.Certainly, the out of Memory of the commodity such as trade name can also be comprised.In this example, certification is designated digital signature or the digital finger-print that Third Party Authentication mechanism is presented to server, and the first account is seller's account, and the second account is the legal account that seller truly puts on record.
Step S402, electric signing tools obtains Quick Response Code from server, the mode wherein obtaining Quick Response Code can be, but not limited to: directly obtain or obtain from client, such as electric signing tools has communication device, directly be connected with server by network etc., thus directly from server, obtain Quick Response Code, also obtain the Quick Response Code on server by client, client is connected with server.
Step S403, carries out certification to server and the first account.Particularly, according to Quick Response Code and electric signing tools prestore by Third Party Authentication mechanism be presented to server certification identify certification is carried out to server and the first account.In this example, electric signing tools is USB-Key.The information that Quick Response Code is electronic tag, the first account and user select generates.
In one embodiment of the invention, the certification of being presented to server by Third Party Authentication mechanism prestored according to Quick Response Code and electric signing tools identifies to be stated server and described first account and carries out certification and comprise: the first PKI prestored according to electric signing tools, Quick Response Code is decoded, obtains electronic tag and the first account; According to the second PKI that electric signing tools prestores, electronic tag is decoded, obtain the certification mark and the second account of carrying in electronic tag; The certification of the Third Party Authentication mechanism certification mark of carrying in the electronic tag of acquisition and electric signing tools prestored identifies compares, comparison unanimously then certificate server be trusted servers; Second account of carrying in the electronic tag of the first account obtained and acquisition is compared, comparison unanimously then certification first account be legal account.
As a concrete example, suppose in e-commerce website process of exchange, e-business network site server is server.The authoritative institution of authorized by state is Third Party Authentication mechanism.Specifically, e-business network site server is put on record in the authoritative institution of authorized by state, time network bank business based, Quick Response Code can be sent in the electric signing tools 300 of user by e-business network site server, as USBKey etc., the PKI of the signature that authoritative institution issues is included in USBKey, when Quick Response Code is sent on USBKey, the digital signature that USBKey utilizes PKI to issue the authoritative institution in the Quick Response Code sended over or fingerprint certificate are decrypted, then the certificate prestored in the certificate of the electronic signature of the authoritative institution after deciphering and USBKey is verified, if correct, then illustrate that e-business network site server is legal, authentic.
Further, after USBKey has verified the legitimacy of e-business network site server, again the accounts information in the electronic signature of the authoritative institution after deciphering and the accounts information being sent to USBKey are verified, if checking is correct, then illustrate that account is legal account, thus further ensure that the safety of transaction, if verify incorrect, then user is pointed out.
As shown in Figure 4, authentication method also can comprise the steps:
Step S404, the Third Party Authentication mechanism that renewal electric signing tools prestores is presented to the certification mark of server.
According to the authentication method of the embodiment of the present invention, according to Quick Response Code and prestore by Third Party Authentication mechanism be presented to server certification identify certification is carried out to server and the first account, both the safety of individual subscriber account can have been ensured, the checking of legitimacy and reliability can be carried out again trade company, thus improve the fail safe of transaction.Effective strick precaution fishing website brings property loss to user, meanwhile, and can also conveniently to the supervision of trade company, and and network bank business based docking.This authentication method ensure that the safety of individual subscriber account, and has accuracy and ease for use.
Describe and can be understood in flow chart or in this any process otherwise described or method, represent and comprise one or more for realizing the module of the code of the executable instruction of the step of specific logical function or process, fragment or part, and the scope of the preferred embodiment of the present invention comprises other realization, wherein can not according to order that is shown or that discuss, comprise according to involved function by the mode while of basic or by contrary order, carry out n-back test, this should understand by embodiments of the invention person of ordinary skill in the field.
Should be appreciated that each several part of the present invention can realize with hardware, software, firmware or their combination.In the above-described embodiment, multiple step or method can with to store in memory and the software performed by suitable instruction execution system or firmware realize.Such as, if realized with hardware, the same in another embodiment, can realize by any one in following technology well known in the art or their combination: the discrete logic with the logic gates for realizing logic function to data-signal, there is the application-specific integrated circuit (ASIC) of suitable combinational logic gate circuit, programmable gate array (PGA), field programmable gate array (FPGA) etc.
Those skilled in the art are appreciated that realizing all or part of step that above-described embodiment method carries is that the hardware that can carry out instruction relevant by program completes, described program can be stored in a kind of computer-readable recording medium, this program perform time, step comprising embodiment of the method one or a combination set of.
In addition, each functional unit in each embodiment of the present invention can be integrated in a processing module, also can be that the independent physics of unit exists, also can be integrated in a module by two or more unit.Above-mentioned integrated module both can adopt the form of hardware to realize, and the form of software function module also can be adopted to realize.If described integrated module using the form of software function module realize and as independently production marketing or use time, also can be stored in a computer read/write memory medium.
The above-mentioned storage medium mentioned can be read-only memory, disk or CD etc.
In the description of this specification, specific features, structure, material or feature that the description of reference term " embodiment ", " some embodiments ", " example ", " concrete example " or " some examples " etc. means to describe in conjunction with this embodiment or example are contained at least one embodiment of the present invention or example.In this manual, identical embodiment or example are not necessarily referred to the schematic representation of above-mentioned term.And the specific features of description, structure, material or feature can combine in an appropriate manner in any one or more embodiment or example.
Although illustrate and describe embodiments of the invention above, be understandable that, above-described embodiment is exemplary, can not be interpreted as limitation of the present invention, those of ordinary skill in the art can change above-described embodiment within the scope of the invention when not departing from principle of the present invention and aim, revising, replacing and modification.Scope of the present invention is by claims extremely equivalency.
Claims (15)
1. a Verification System, is characterized in that, comprising:
Client, for receiving the information that user selects;
Server, described server prestores electronic tag and the first account, Quick Response Code is generated according to the information that described electronic tag, described first account and described user select, wherein, described electronic tag comprises the certification mark and the second account that are presented to described server by Third Party Authentication mechanism;
Electric signing tools, described electric signing tools comprises: the module prestoring the certification mark being presented to described server by Third Party Authentication mechanism, obtained the module of described Quick Response Code by described client from described server, and identify the module of described server and described first account being carried out to certification according to described Quick Response Code and the certification of being presented to described server by Third Party Authentication mechanism that prestores.
2. system according to claim 1, is characterized in that, described electric signing tools comprises:
Memory module, stores the certification mark that the first PKI, the second PKI and Third Party Authentication mechanism are presented to described server;
First decoder module, according to described first PKI obtained from described memory module, decodes to described Quick Response Code, obtains described electronic tag and described first account;
Second decoder module, according to the second PKI obtained from described memory module, decodes to the described electronic tag that described first decoder module obtains, and obtains the certification mark and the second account of carrying in electronic tag;
Comparing module, the certification mark of carried in the electronic tag obtained by described second decoder module identifies with the certification of being presented to described server by Third Party Authentication mechanism obtained from described memory module compares, comparison unanimously then server described in certification be trusted servers; Second account of carrying in the first account obtain described first decoder module and the electronic tag that obtains of described second decoder module is compared, comparison unanimously then the first account described in certification be legal account.
3. system according to claim 2, is characterized in that, described electric signing tools also comprises: update module, and the Third Party Authentication mechanism upgraded in described memory module is presented to the certification mark of described server.
4. the system according to any one of claim 1-3, is characterized in that, described certification is designated digital signature or the digital finger-print that Third Party Authentication mechanism is presented to described server.
5. the system according to any one of claim 1-3, is characterized in that, the information that described user selects comprises: merchandise news and goods amount.
6. the system according to any one of claim 1-3, is characterized in that, described electric signing tools is USB Key.
7. an electric signing tools, is characterized in that, described electric signing tools comprises:
Prestore the module of the certification mark being presented to server by Third Party Authentication mechanism,
Obtained the module of the Quick Response Code that described server generates according to the information that electronic tag, the first account and user select from described server by client, and
The module of described server and described first account being carried out to certification is identified according to described Quick Response Code and the certification of being presented to described server by Third Party Authentication mechanism that prestores.
8. electric signing tools according to claim 7, is characterized in that, described electric signing tools comprises:
Memory module, stores the certification mark that the first PKI, the second PKI and Third Party Authentication mechanism are presented to described server;
First decoder module, according to described first PKI obtained from described memory module, decodes to described Quick Response Code, obtains described electronic tag and described first account;
Second decoder module, according to the second PKI obtained from described memory module, decodes to the described electronic tag that described first decoder module obtains, and obtains the certification mark and the second account of carrying in electronic tag;
Comparing module, the certification mark of carried in the electronic tag obtained by described second decoder module identifies with the certification of being presented to described server by Third Party Authentication mechanism obtained from described memory module compares, comparison unanimously then server described in certification be trusted servers; Second account of carrying in the first account obtain described first decoder module and the electronic tag that obtains of described second decoder module is compared, comparison unanimously then the first account described in certification be legal account.
9. electric signing tools according to claim 8, is characterized in that, described electric signing tools also comprises: update module, and the Third Party Authentication mechanism upgraded in described memory module is presented to the certification mark of described server.
10. the electric signing tools according to any one of claim 7-9, is characterized in that, described electronic tag comprises the certification mark and the second account that are presented to described server by Third Party Authentication mechanism; The information that described user selects comprises: merchandise news and goods amount.
11. 1 kinds of authentication methods, is characterized in that, comprising:
The information that server is selected according to user and the electronic tag that described server prestores and the first account generate Quick Response Code, and wherein, described electronic tag comprises the certification of being presented to described server by Third Party Authentication mechanism and identifies and the second account;
Electric signing tools obtains described Quick Response Code from described server, according to described Quick Response Code and described electric signing tools prestore by Third Party Authentication mechanism be presented to described server certification identify certification is carried out to described server and described first account.
12. methods according to claim 11, it is characterized in that, the described certification of being presented to described server by Third Party Authentication mechanism prestored according to described Quick Response Code and described electric signing tools identifies to be carried out certification to described server and described first account and comprises:
According to the first PKI that described electric signing tools prestores, described Quick Response Code is decoded, obtain described electronic tag and described first account;
According to the second PKI that described electric signing tools prestores, described electronic tag is decoded, obtain the certification mark and the second account of carrying in electronic tag;
The certification of being presented to described server by Third Party Authentication mechanism that the certification of carrying in the electronic tag of acquisition mark and described electric signing tools prestore is identified and compares, comparison unanimously then server described in certification be trusted servers; Second account of carrying in the electronic tag of the first account obtained and acquisition is compared, comparison unanimously then the first account described in certification be legal account.
13. methods according to claim 12, is characterized in that, described method also comprises:
Upgrade the certification mark that Third Party Authentication mechanism that described electric signing tools prestores is presented to described server.
14. methods according to any one of claim 11-13, it is characterized in that, described certification is designated digital signature or the digital finger-print that Third Party Authentication mechanism is presented to described server.
15. methods according to any one of claim 11-13, is characterized in that, the information that described user selects comprises: merchandise news and goods amount.
Priority Applications (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN201210326240.1A CN102868688B (en) | 2012-09-05 | 2012-09-05 | Certification system and method and electronic signature tool |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN201210326240.1A CN102868688B (en) | 2012-09-05 | 2012-09-05 | Certification system and method and electronic signature tool |
Publications (2)
| Publication Number | Publication Date |
|---|---|
| CN102868688A CN102868688A (en) | 2013-01-09 |
| CN102868688B true CN102868688B (en) | 2015-05-06 |
Family
ID=47447279
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN201210326240.1A Active CN102868688B (en) | 2012-09-05 | 2012-09-05 | Certification system and method and electronic signature tool |
Country Status (1)
| Country | Link |
|---|---|
| CN (1) | CN102868688B (en) |
Families Citing this family (12)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN103747012B (en) * | 2013-08-01 | 2017-12-19 | 戴林巧 | Safe verification method, the apparatus and system of network trading |
| CN104599112B (en) * | 2013-10-30 | 2018-01-12 | 腾讯科技(深圳)有限公司 | A kind of information transferring method, device and system |
| US10977650B2 (en) | 2013-10-30 | 2021-04-13 | Tencent Technology (Shenzhen) Company Limited | Information transmission method, apparatus and system |
| CN104735028B (en) * | 2013-12-19 | 2018-02-23 | 中国移动通信集团辽宁有限公司 | A kind of website authenticity identification method, system, device and mobile device |
| CN104301105A (en) * | 2014-06-24 | 2015-01-21 | 齐亚斌 | Digital certificate signing method based on mobile device with communication function, and equipment for realizing the same |
| CN104320253B (en) * | 2014-09-28 | 2017-06-09 | 东北大学 | A kind of Quick Response Code Verification System and method based on CBS signature mechanisms |
| CN105809433A (en) * | 2014-12-29 | 2016-07-27 | 北京握奇智能科技有限公司 | Online banking transaction method |
| CN105809419A (en) * | 2014-12-29 | 2016-07-27 | 北京握奇智能科技有限公司 | Online banking transaction system |
| CN105844520A (en) * | 2015-01-13 | 2016-08-10 | 伍彬 | Electronic receipt generating and verifying method |
| CN106161037B (en) * | 2016-08-19 | 2019-05-10 | 北京小米移动软件有限公司 | Digital signature method and device |
| CN106599952A (en) * | 2016-12-16 | 2017-04-26 | 广东优替信息科技股份有限公司 | Method and device for acquiring article information based on electronic tag |
| CN109600228B (en) * | 2018-10-31 | 2021-07-27 | 如般量子科技有限公司 | Anti-quantum-computation signature method and system based on public key pool |
Citations (3)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| WO2008148118A2 (en) * | 2007-05-25 | 2008-12-04 | Metafos Inc. | Anonymous online payment systems and methods |
| CN101471770A (en) * | 2007-12-24 | 2009-07-01 | 毛华 | Method for determining inquiry answer type bidirectional identification and business, and encipher device applying the method |
| CN102170437A (en) * | 2011-04-19 | 2011-08-31 | 上海众人网络安全技术有限公司 | System and method for realizing Phishing identification based on challenge password token |
Family Cites Families (1)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| US20090192944A1 (en) * | 2008-01-24 | 2009-07-30 | George Sidman | Symmetric verification of web sites and client devices |
-
2012
- 2012-09-05 CN CN201210326240.1A patent/CN102868688B/en active Active
Patent Citations (3)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| WO2008148118A2 (en) * | 2007-05-25 | 2008-12-04 | Metafos Inc. | Anonymous online payment systems and methods |
| CN101471770A (en) * | 2007-12-24 | 2009-07-01 | 毛华 | Method for determining inquiry answer type bidirectional identification and business, and encipher device applying the method |
| CN102170437A (en) * | 2011-04-19 | 2011-08-31 | 上海众人网络安全技术有限公司 | System and method for realizing Phishing identification based on challenge password token |
Non-Patent Citations (2)
| Title |
|---|
| "基于双向认证"网络钓鱼"攻击防范技术";叶涛等;《商场现代化》;20080515;第132页 * |
| "如何防御网上诈骗盗窃";马丁;《网络安全技术与应用》;20071115;第68-69页 * |
Also Published As
| Publication number | Publication date |
|---|---|
| CN102868688A (en) | 2013-01-09 |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| CN102868688B (en) | Certification system and method and electronic signature tool | |
| AU2011205391B2 (en) | Anytime validation for verification tokens | |
| CN110535648B (en) | Electronic certificate generation and verification and key control method, device, system and medium | |
| US8924714B2 (en) | Authentication with an untrusted root | |
| KR101418799B1 (en) | System for providing mobile OTP service | |
| US20170359185A1 (en) | Method for loading website security information and browser apparatus | |
| CN105027153A (en) | Method, apparatus and system for secure provisioning, transmission and verification of payment data | |
| CN104537293A (en) | Authentication device and system | |
| CN202771476U (en) | Security certification system | |
| CN101977193A (en) | Method and system for safely downloading certificate | |
| EP4139869A1 (en) | An ownership data management system and method | |
| CN103107996A (en) | On-line download method and system of digital certificate and digital certificate issuing platform | |
| CN110535807B (en) | Service authentication method, device and medium | |
| CN105162607A (en) | Authentication method and system of payment bill voucher | |
| JP2015162694A (en) | Article authentication system, authentication server and article authentication method | |
| US20180205714A1 (en) | System and Method for Authenticating Electronic Tags | |
| CN101582876A (en) | Method, device and system for registering user generated content (UGC) | |
| US20140208105A1 (en) | Automated Content Signing for Point-of-Sale Applications in Fuel Dispensing Environments | |
| US20240289798A1 (en) | Techniques to provide secure cryptographic authentication, verification, functionality access, and payments between contactless cards and communication devices | |
| US20240354741A1 (en) | Systems and methods for provisioning transaction cards to multiple merchants | |
| CN102236862A (en) | System and method for identifying authenticity of general commodities | |
| KR101581663B1 (en) | Authentication and non-repudiation method and system using trusted third party | |
| US20250005555A1 (en) | Systems and methods to provide contactless cards for transactions | |
| CN105450404A (en) | Service operation processing method and device | |
| AU2015200701B2 (en) | Anytime validation for verification tokens |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| C06 | Publication | ||
| PB01 | Publication | ||
| C10 | Entry into substantive examination | ||
| SE01 | Entry into force of request for substantive examination | ||
| C53 | Correction of patent for invention or patent application | ||
| CB02 | Change of applicant information |
Address after: 100083, room 1810, block B, 38 clear road, Haidian District, Beijing Applicant after: Tendyron Technology Co., Ltd. Address before: 100083, room 1810, block B, golden building, No. 17, Qinghua East Road, Beijing, Haidian District Applicant before: Tendyron Technology Co., Ltd. |
|
| C14 | Grant of patent or utility model | ||
| GR01 | Patent grant |