CN103413220A - Information output method and device and information processing method and system - Google Patents
Information output method and device and information processing method and system Download PDFInfo
- Publication number
- CN103413220A CN103413220A CN201310343189XA CN201310343189A CN103413220A CN 103413220 A CN103413220 A CN 103413220A CN 201310343189X A CN201310343189X A CN 201310343189XA CN 201310343189 A CN201310343189 A CN 201310343189A CN 103413220 A CN103413220 A CN 103413220A
- Authority
- CN
- China
- Prior art keywords
- information
- transaction
- module
- data packet
- instruction
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Pending
Links
- 238000000034 method Methods 0.000 title claims abstract description 39
- 230000010365 information processing Effects 0.000 title claims abstract description 18
- 238000003672 processing method Methods 0.000 title claims abstract description 9
- 238000012545 processing Methods 0.000 claims abstract description 42
- 238000012790 confirmation Methods 0.000 claims description 48
- 238000004806 packaging method and process Methods 0.000 claims description 23
- 238000012795 verification Methods 0.000 claims description 15
- 230000004044 response Effects 0.000 claims description 6
- 238000010586 diagram Methods 0.000 description 6
- 230000008569 process Effects 0.000 description 4
- 230000006870 function Effects 0.000 description 3
- 230000005540 biological transmission Effects 0.000 description 2
- 238000011161 development Methods 0.000 description 2
- 102100034112 Alkyldihydroxyacetonephosphate synthase, peroxisomal Human genes 0.000 description 1
- 101000799143 Homo sapiens Alkyldihydroxyacetonephosphate synthase, peroxisomal Proteins 0.000 description 1
- 230000004075 alteration Effects 0.000 description 1
- 230000002155 anti-virotic effect Effects 0.000 description 1
- 230000000694 effects Effects 0.000 description 1
- 238000005516 engineering process Methods 0.000 description 1
- 238000012986 modification Methods 0.000 description 1
- 230000004048 modification Effects 0.000 description 1
- 238000012544 monitoring process Methods 0.000 description 1
- 230000003287 optical effect Effects 0.000 description 1
- 238000012856 packing Methods 0.000 description 1
- 238000006467 substitution reaction Methods 0.000 description 1
Images
Landscapes
- Mobile Radio Communication Systems (AREA)
Abstract
The invention discloses an information output method and device and an information processing method and system. The information output method includes the steps of receiving a transaction request, obtaining transaction information and locating information, performing signing on a first information data package, obtaining signing data, and outputting the signing data and the first information data package, wherein the first information data package is obtained through processing of first information, and the first information at least comprises the transaction information and the locating information. According to the information output method and device and the information processing method and system, the locating information is at least added in information to be signed, when safety equipment is used for conducting a transaction, the safety equipment sends the locating information of the safety equipment to a background system server while sending the signing data to the background system server, if the safety equipment is lost or stolen, the safety equipment can be tracked according to the locating information of the safety equipment, and the safety equipment is monitored in real time; or, the safety equipment is merely allowed to perform the transaction at a specific geographic position, transaction safety can also be guaranteed, and economic loss of a user is avoided.
Description
Technical Field
The present invention relates to the field of electronic technologies, and in particular, to an information output method and apparatus, and an information processing method and system.
Background
With the development of the network, the internet banking (also called online banking) has become an indispensable part of the overall development strategy of financial institutions, the number of users using the internet banking is greatly increased, and the internet banking bears a lot of security risks while bringing a lot of convenient services to the users, saving expenses for the banking and bringing more profits to increase. At present, besides installing antivirus software and Trojan-proof software, many banks perform identity authentication in a manner of a USB Key of hardware or a dynamic password token and the like to ensure the transaction safety of users.
Taking a USB Key as an example, the USB Key stores a digital certificate representing the unique identity of the user and a private Key of the user. In this monolithic solution based on Public Key Infrastructure (PKI) system, the private Key of the user is generated within a USB Key of high security and cannot be derived outside the USB Key for life; in the application of internet banking, the digital signature of transaction data is completed inside the USB Key and protected by a Personal Identification Number (PIN) of the USB Key, so that the transaction security of a user can be ensured.
Once the security device is lost or stolen, the user cannot terminate the online banking service in time for some reasons, the finder or thief has time to break the password or take other measures to steal the fund, and the user cannot monitor the security device in real time, which may cause serious economic loss. At present, no effective solution has been proposed for the above problems.
Disclosure of Invention
The invention provides an information output method, an information output device, an information processing method and an information processing system, which at least solve the problem of economic loss of a user caused by loss of safety equipment and incapability of monitoring the safety equipment in real time by the user.
According to an aspect of the present invention, there is provided an information output method including: receiving a transaction request, and acquiring transaction information and positioning information; signing a first information data packet to obtain signature data, wherein the first information data packet is obtained by processing first information, and the first information at least comprises: the transaction information and the positioning information; and outputting the signature data and the first information data packet.
In addition, the first information further includes identification information.
Further, processing the first information includes: directly packaging the first information to obtain a first information data packet; or, the first information is encrypted and then packaged to obtain the first information data packet.
According to another aspect of the present invention, there is also provided an information output apparatus including: a first receiving module for receiving a transaction request; the first acquisition module is used for acquiring transaction information and positioning information; the first signature module is configured to sign a first information data packet to obtain signature data, where the first information data packet is obtained by processing first information, and the first information at least includes: the transaction information and the positioning information; and the first output module is used for outputting the signature data and the first information data packet.
In addition, the first information further includes identification information.
Furthermore, the apparatus further comprises: the first processing module is used for directly packaging the first information to obtain a first information data packet; and the second processing module is used for encrypting the first information and packaging the encrypted first information to obtain the first information data packet.
According to still another aspect of the present invention, there is also provided an information processing system including: the system comprises a safety device and a background system server; the security device comprises any one of the above information output means for outputting the signature data and the first information packet; the background system server comprises: the system comprises a second receiving module, a second obtaining module, a judging module, a first verifying module and a second outputting module, wherein the second receiving module is used for receiving the signature data and the first information data packet; the second obtaining module is configured to obtain the first information and obtain preset positioning range information after the second receiving module receives the signature data and the first information data packet; the judging module is used for judging whether the positioning information is in the positioning range information; the first verification module is configured to verify the signature data if the positioning information is included in the positioning range information; and the second output module is used for outputting second information to respond to the signature data after the signature data passes verification.
Further, the security device further comprises: a third receiving module, configured to receive the second information; the first generating module is used for generating a first transaction confirmation instruction after receiving the second information; and the first sending module is used for sending the first transaction confirmation instruction to a terminal connected with the safety equipment, wherein the terminal executes the transaction after receiving the first transaction confirmation instruction.
In addition, the background system server further comprises: the second generation module is used for generating a second confirmation transaction instruction after the signature data passes the verification; the second signature module is used for signing a confirmed transaction instruction data packet to obtain the second information, wherein the confirmed transaction instruction data packet is obtained by processing the second confirmed transaction instruction; and the third output module is used for outputting the second information and the confirmed transaction instruction data packet.
In addition, the background system server further comprises: the third processing module is used for directly packaging the second confirmed transaction instruction to obtain a confirmed transaction instruction data packet; and the fourth processing module is used for encrypting the second confirmed transaction instruction, and packaging the encrypted second confirmed transaction instruction to obtain the confirmed transaction instruction data packet.
Further, the security device further comprises: the fourth receiving module is used for receiving the second information and the confirmed transaction instruction data packet and then acquiring the second confirmed transaction instruction; a second verification module for verifying the second information; and the second sending module is used for sending the second transaction confirmation instruction to a terminal connected with the safety equipment after the second information is verified to pass, wherein the terminal executes the transaction after receiving the second transaction confirmation instruction.
In addition, the background system server further comprises: a storage module for storing the positioning information after the first information is acquired and/or storing the positioning information after the signature data is verified.
According to still another aspect of the present invention, there is also provided an information processing method including: the safety equipment outputs signature data and a first information data packet by adopting any one method, and the background system server receives the signature data and the first information data packet, acquires first information and acquires preset positioning range information; the background system server judges whether the positioning information is in the positioning range information or not, and verifies the signature data under the condition that the positioning information is contained in the positioning range information; and after the background system server verifies that the signature data passes, outputting second information to respond to the signature data.
In addition, after the backend system server outputs the second information in response to the signature data, the method further comprises: the safety equipment receives the second information and generates a first transaction confirmation instruction; and the safety equipment sends the first transaction confirmation instruction to a terminal connected with the safety equipment, wherein the terminal executes the transaction after receiving the first transaction confirmation instruction.
In addition, after the background system server verifies that the signature data passes, outputting second information in response to the signature data includes: the background system server generates a second transaction confirmation instruction after the signature data passes the verification; the background system server signs a confirmed transaction instruction data packet to obtain the second information, wherein the confirmed transaction instruction data packet is obtained by processing the second confirmed transaction instruction; and the background system server outputs the second information and the confirmed transaction instruction data packet.
Further, processing the second confirmation transaction instruction includes: directly packaging the second confirmed transaction instruction to obtain a confirmed transaction instruction data packet; or, the second confirmed transaction instruction is encrypted and then packaged to obtain the confirmed transaction instruction data packet.
In addition, after the backend system server outputs the second information and the confirmed transaction instruction data packet, the method further comprises: after the safety equipment receives the second information and the confirmed transaction instruction data packet, acquiring a second confirmed transaction instruction; and the safety equipment verifies the second information, and sends the second transaction confirmation instruction to a terminal connected with the safety equipment after the second information is verified to pass, wherein the terminal executes the transaction after receiving the second transaction confirmation instruction.
Furthermore, the method further comprises: the background system server stores the positioning information after acquiring the first information and/or stores the positioning information after verifying the signature data.
According to the technical scheme provided by the invention, the positioning information is added in the data to be signed, so that the safety equipment can be tracked according to the positioning information after being lost, and the anti-theft effect is achieved.
According to the scheme, at least positioning information is added in the information to be signed, when the safety equipment is used for transaction, the safety equipment sends signature data to the background system server and sends the positioning information to the background system server, if the safety equipment is lost or stolen, the safety equipment can be tracked according to the positioning information, monitored in real time, or only the safety equipment is allowed to perform transaction at a specific geographical position, the security of the transaction can be ensured, and the economic loss of a user is avoided;
in addition, the background system server acquires the positioning information sent by the safety equipment, acquires preset positioning range information, and verifies the received signature data only under the condition that the positioning information belongs to the positioning range information, so that the transaction can be carried out at a specific geographic position, and the safety of the transaction is ensured;
in addition, the background system server can also store the positioning information, so that the safety equipment can be monitored in real time according to the stored positioning information, and the safety equipment can be conveniently found after being lost.
Drawings
In order to more clearly illustrate the technical solutions of the embodiments of the present invention, the drawings needed to be used in the description of the embodiments are briefly introduced below, and it is obvious that the drawings in the following description are only some embodiments of the present invention, and it is obvious for those skilled in the art to obtain other drawings based on the drawings without creative efforts.
FIG. 1 is a flowchart of an information output method according to an embodiment of the present invention;
fig. 2 is a block diagram of an information output apparatus according to a second embodiment of the present invention;
FIG. 3 is a block diagram of an information processing system according to a third embodiment of the present invention;
fig. 4 is a block diagram of a second configuration of an information processing system according to a third embodiment of the present invention;
fig. 5 is a block diagram of an information processing system according to a fourth embodiment of the present invention.
Detailed Description
The technical solutions in the embodiments of the present invention are clearly and completely described below with reference to the drawings in the embodiments of the present invention, and it is obvious that the described embodiments are only a part of the embodiments of the present invention, and not all embodiments. All other embodiments, which can be derived by a person skilled in the art from the embodiments of the present invention without making any creative effort, shall fall within the protection scope of the present invention.
In the description of the present invention, it is to be understood that the terms "center", "longitudinal", "lateral", "up", "down", "front", "back", "left", "right", "vertical", "horizontal", "top", "bottom", "inner", "outer", and the like, indicate orientations or positional relationships based on those shown in the drawings, and are used only for convenience in describing the present invention and for simplicity in description, and do not indicate or imply that the referenced devices or elements must have a particular orientation, be constructed and operated in a particular orientation, and thus, are not to be construed as limiting the present invention. Furthermore, the terms "first," "second," and the like are used for descriptive purposes only and are not to be construed as indicating or implying a relative importance or quantity or location.
In the description of the present invention, it should be noted that, unless otherwise explicitly specified or limited, the terms "mounted," "connected," and "connected" are to be construed broadly, e.g., as meaning either a fixed connection, a removable connection, or an integral connection; can be mechanically or electrically connected; they may be connected directly or indirectly through intervening media, or they may be interconnected between two elements. The specific meanings of the above terms in the present invention can be understood in specific cases to those skilled in the art.
Embodiments of the present invention will be described in further detail below with reference to the accompanying drawings.
Example one
The embodiment provides an information output method which can be applied to a network transaction process. Fig. 1 is a flowchart of an information output method according to an embodiment of the present invention, and as shown in fig. 1, the method includes the following steps:
step S101, receiving a transaction request, and acquiring transaction information and positioning information; here, the location information refers to location information of the secure device (e.g., USB Key, Key with display screen and/or keys, audio Key, etc.); the location information may be obtained by the security device from a location module provided in the security device. The positioning module may be any one of the following positioning modules: GPS, AGPS, or Beidou positioning, etc. The transaction information may be obtained from a transaction request, and may include: transaction type, account information, transaction amount, transaction time, transaction password and the like.
Step S102, signing a first information data packet to obtain signature data, wherein the first information data packet is obtained by processing first information, and the first information at least comprises: transaction information and location information.
Step S103, outputting the signature data and the first information packet.
Preferably, the first information may further include identification information, which may be a serial number or the like uniquely identifying the security device. This ensures that the server knows which security device is located.
In step S102, the first information packet is obtained by processing the first information, and specifically, the following processing may be performed on the first information:
(1) directly packaging the first information to obtain a first information data packet; for example, a header and a trailer may be added to the first information to form a data packet; or,
(2) and encrypting the first information, and packaging after encryption to obtain a first information data packet.
For the processing mode in (2), if the first information includes the transaction information and the positioning information, the transaction information and the positioning information can be encrypted respectively, and then the information obtained after encryption is packaged into a data packet, so that a first information data packet can be obtained; or encrypting the transaction information and the positioning information together, and packaging into a data packet to obtain a first information data packet. Similarly, if the first information comprises transaction information, positioning information and identification information, the transaction information, the positioning information and the identification information can be encrypted respectively, and then the information obtained after encryption is packaged into a data packet to obtain a first information data packet; or the transaction information, the positioning information and the identification information can be encrypted together and then packaged into a data packet to obtain a first information data packet. The encrypted package can ensure the safety of information transmission.
It can be seen from the above solutions that, in this embodiment, at least positioning information is added to information to be signed, when a transaction is performed by using a security device, the security device sends signature data to a backend system server and also sends the positioning information to the backend system server, and if the security device is lost or stolen, the security device can be tracked and monitored in real time according to the positioning information, or only the security device is allowed to perform a transaction at a specific geographic location, so that the security of the transaction can be ensured, and the economic loss of a user can be avoided.
Example two
The present embodiment provides an information output apparatus that can be used to implement the information output method described in the first embodiment. Fig. 2 is a block diagram of an information output apparatus according to a second embodiment of the present invention, and as shown in fig. 2, the information output apparatus 20 includes a first receiving module 201, a first obtaining module 202, a first signature module 203, and a first output module 204, wherein,
a first receiving module 201, configured to receive a transaction request;
a first obtaining module 202 connected to the first receiving module 201, for obtaining the transaction information and the positioning information;
a first signature module 203, connected to the first obtaining module 202, configured to sign a first information data packet to obtain signature data, where the first information data packet is obtained by processing first information, and the first information at least includes: transaction information and positioning information;
the first output module 204 is connected to the first signature module 203, and is configured to output the signature data and the first information packet.
Preferably, the first information may further include identification information, which may be a serial number or the like uniquely identifying the security device. This ensures that the server knows which security device is located.
The apparatus may further include a first processing module 205 and a second processing module 206, as shown in dashed boxes in fig. 2. The first processing module 205 is connected to the obtaining module 202, and configured to directly package the first information to obtain a first information data packet; the second processing module 206 is connected to the obtaining module 202, and configured to encrypt the first information, and package the encrypted first information to obtain a first information data packet.
Specifically, the direct packing may add a header and a trailer to the first information to form a data packet. For the encrypted packaging mode, if the first information comprises transaction information and positioning information, the transaction information and the positioning information can be respectively encrypted, and then the information obtained after encryption is packaged into a data packet, so that a first information data packet can be obtained; or encrypting the transaction information and the positioning information together, and packaging into a data packet to obtain a first information data packet. If the first information comprises transaction information, positioning information and identification information, the transaction information, the positioning information and the identification information can be respectively encrypted, and then the information obtained after encryption is packaged into a data packet to obtain a first information data packet; or the transaction information, the positioning information and the identification information can be encrypted together and then packaged into a data packet to obtain a first information data packet. The encrypted package can ensure the safety of information transmission.
It can be seen from the above solutions that, in this embodiment, at least positioning information is added to information to be signed, and when a transaction is performed by using a security device, the security device sends signature data to a backend system server and also sends the positioning information to the backend system server, and if the security device is lost or stolen, tracking can be performed according to the positioning information, or only the security device is allowed to perform a transaction at a specific geographic location, and security of the transaction can also be ensured.
EXAMPLE III
The embodiment provides an information processing system which can be used for network transaction. Fig. 3 is a block diagram of an information processing system according to a third embodiment of the present invention, and as shown in fig. 3, the system includes: secure device 30 and backend system server 40.
The secure device 30 includes the information output apparatus 20 shown in the second embodiment, which is configured to output the signature data and the first information packet;
the background system server 40 includes: the system comprises a second receiving module 401, a second obtaining module 402, a judging module 403, a first verifying module 404 and a second outputting module 405, wherein the second receiving module 401 is configured to receive signature data and a first information data packet, and the second obtaining module 402 is connected to the second receiving module 401 and configured to obtain first information and preset positioning range information after the second receiving module 401 receives the signature data and the first information data packet; a determining module 403, connected to the second obtaining module 402, configured to determine whether the positioning information is in the positioning range information after the second obtaining module 402 obtains the first information and the positioning range information; a first verifying module 404, connected to the judging module 403, for verifying the signature data if the judging module 403 judges that the positioning information is included in the positioning range information; and a second output module 405, connected to the first verification module 404, for outputting the second information response signature data after the first verification module 404 verifies that the signature data passes.
In this embodiment, the background system server obtains the positioning information sent by the security device, obtains the preset positioning range information, and verifies the received signature data only when the positioning information belongs to the positioning range information, so that the transaction can be performed at a specific geographic location, and the security of the transaction is ensured. If the positioning information is judged not to belong to the positioning range information, the transaction failure or the information error can be returned. For example, if the positioning range information is beijing and the positioning information is a certain cell of the sunny district, the signature data is verified, and if the verification is passed, the transaction can be smoothly carried out; if the positioning information is Nanjing, the signature data is not verified, and further the transaction cannot be carried out. Moreover, the operation of modifying the positioning range information can set higher limit, and the positioning range information can not be modified even if people or thieves who pick up the safety equipment know the transaction password, so that the fund safety of users after the safety equipment is lost is ensured.
As shown in fig. 4, the security device 30 may further include: a third receiving module 301, configured to receive second information; the first generating module 302 is connected to the third receiving module 301, and is configured to generate a first transaction confirmation instruction after the third receiving module 301 receives the second information; the first sending module 303 is connected to the first generating module 302, and is configured to send the first confirmed transaction instruction generated by the first generating module 302 to a terminal connected to the security device, where the terminal executes a transaction after receiving the first confirmed transaction instruction. The transaction is executed according to the confirmed transaction instruction, the transaction safety can be guaranteed to a certain extent, and the confirmed transaction instruction is generated by the safety equipment, so that the burden of the server can be relieved.
Preferably, the backend system server 40 may further include: a storage module 406, connected to the obtaining module 402 and the first verifying module 404, is used for storing the positioning information after the obtaining module 402 obtains the first information, and/or storing the positioning information after the first verifying module 404 verifies the signature data. The background system server stores the positioning information, can monitor the safety equipment in real time according to the stored positioning information, and can be conveniently found after being lost. After the signature data is verified, the positioning information is saved so that the saved result is only the positioning information included in the positioning range information; the positioning information can also be stored after the first information is acquired, so that all the positioning information can be stored no matter whether the current position of the safety equipment is within a preset positioning range or not, for example, when the safety equipment is not within the preset positioning range, signature data cannot be verified, a transaction cannot be completed, and the safety equipment can still be monitored in real time according to the stored positioning information.
Example four
The difference between this embodiment and the third embodiment is that, in this embodiment, the background system server generates a transaction confirmation instruction, signs the transaction confirmation instruction, and sends the transaction confirmation instruction to the security device, and after obtaining the transaction confirmation instruction, the security device sends the transaction confirmation instruction to the terminal to execute the transaction. As shown in fig. 5, the backend system server 40 further includes: a second generating module 407, a second signature module 408 and a third output module 409, wherein the second generating module 407 is connected to the first verifying module 404, and is configured to generate a second confirmed transaction instruction after the first verifying module 404 verifies that the signature data passes; the second signature module 408 is connected to the second generating module 407, and configured to sign the transaction confirmation instruction data packet generated by the second generating module 407 to obtain second information, where the transaction confirmation instruction data packet is obtained by processing the second transaction confirmation instruction; and a third output module 409 connected to the second signature module 408, for outputting the second information and confirming the transaction instruction data packet.
Background system server 40 further includes: a third processing module and a fourth processing module (not shown in the figure), wherein the first processing module is connected to the second generating module 407, and is configured to directly package the second confirmed transaction instruction to obtain a confirmed transaction instruction data packet; and the second processing module is connected to the second generating module 407 and configured to encrypt the second confirmed transaction instruction, and package the encrypted second confirmed transaction instruction to obtain a confirmed transaction instruction data packet. The direct packaging mode can add a packet head and a packet tail to the second confirmed transaction instruction to form a data packet; the mode of packaging after encryption can ensure the safety of information.
Preferably, the security device 30 further comprises: a fourth receiving module 304, configured to obtain a second confirmed transaction instruction after receiving the second information and the confirmed transaction instruction data packet; a second verifying module 305, connected to the fourth receiving module 304, for verifying the second information received by the fourth receiving module 304; and a second sending module 306, connected to the second verifying module 305, configured to send a second transaction confirmation instruction to the terminal connected to the security device after the second verifying module 305 verifies that the second information passes, where the terminal executes the transaction after receiving the second transaction confirmation instruction. The transaction is executed according to the confirmed transaction instruction, and the transaction safety can be ensured to a certain extent.
In practical application, the background system server can send the stored positioning information of the safety equipment to the user in time in a short message or mail mode and the like, so that the user can monitor in real time.
EXAMPLE five
The present embodiment provides an information processing method, which can be used for network transaction, and is implemented based on the information processing systems described in the third embodiment and the fourth embodiment, and the method includes the following steps:
1. the security device outputs the signature data and the first information data packet, wherein the security device outputs the signature data and the first information data packet by adopting the method described in the first embodiment, and the security device may include the information output apparatus described in the second embodiment; the process of outputting the signature data and the first information data packet specifically refers to the first embodiment and the second embodiment;
2. the background system server receives the signature data and the first information data packet, acquires first information and acquires preset positioning range information;
3. the background system server judges whether the positioning information is in the positioning range information; verifying the signature data in a case where the positioning information is included in the positioning range information;
4. and after the background system server passes the verification of the signature data, outputting second information response signature data.
In this embodiment, the background system server obtains the positioning information sent by the security device, obtains the preset positioning range information, and verifies the received signature data only when the positioning information belongs to the positioning range information, so that the transaction can be performed at a specific geographic location, and the security of the transaction is ensured. If the positioning information is judged not to belong to the positioning range information, the transaction failure or the information error can be returned. For example, if the positioning range information is beijing and the positioning information is a certain cell of the sunny district, the signature data is verified, and if the verification is passed, the transaction can be smoothly carried out; if the positioning information is Nanjing, the signature data is not verified, and further the transaction cannot be carried out. Moreover, the operation of modifying the positioning range information can set higher limit, and the positioning range information can not be modified even if people or thieves who pick up the safety equipment know the transaction password, so that the fund safety of users after the safety equipment is lost is ensured.
After step 4, the safety device receives the second information and generates a first confirmed transaction instruction; and sending the first transaction confirmation instruction to a terminal connected with the safety equipment, wherein the terminal executes the transaction after receiving the first transaction confirmation instruction. The transaction is executed according to the confirmed transaction instruction, the transaction safety can be guaranteed to a certain extent, and the confirmed transaction instruction is generated by the safety equipment, so that the burden of the server can be relieved.
Certainly, the background system server may also generate a transaction confirmation instruction, sign the transaction confirmation instruction, and send the transaction confirmation instruction to the security device, and the security device sends the transaction confirmation instruction to the terminal to execute the transaction after obtaining the transaction confirmation instruction.
Specifically, in step 4, the background system server generates a second transaction confirmation instruction after the signature data is verified; signing the confirmed transaction instruction data packet to obtain second information, wherein the confirmed transaction instruction data packet is obtained by processing the second confirmed transaction instruction; and outputting the second information and confirming the transaction instruction data packet.
The background system server processing the second confirmation transaction instruction comprises: the background system server directly packages the second confirmed transaction instruction to obtain a confirmed transaction instruction data packet; or encrypting the second confirmed transaction instruction, and packaging after encryption to obtain a confirmed transaction instruction data packet. The direct packaging mode can add a packet head and a packet tail to the second confirmed transaction instruction to form a data packet; the mode of packaging after encryption can ensure the safety of information.
After the safety equipment receives the second information and the confirmed transaction instruction data packet, a second confirmed transaction instruction is obtained; verifying the received second information; and after the second information is verified to pass, sending a second transaction confirmation instruction to the terminal connected with the safety equipment, wherein the terminal executes the transaction after receiving the second transaction confirmation instruction. The transaction is executed according to the confirmed transaction instruction, and the transaction safety can be ensured to a certain extent.
Preferably, the backend system server stores the location information after acquiring the first information and/or stores the location information after verifying the signature data. The background system server stores the positioning information, can monitor the safety equipment in real time according to the stored positioning information, and can be conveniently found after being lost. After the signature data is verified, the positioning information is saved so that the saved result is only the positioning information included in the positioning range information; the positioning information can also be stored after the first information is acquired, so that all the positioning information can be stored no matter whether the current position of the safety equipment is within a preset positioning range or not, for example, when the safety equipment is not within the preset positioning range, signature data cannot be verified, a transaction cannot be completed, and the safety equipment can still be monitored in real time according to the stored positioning information.
In practical application, the background system server can send the stored positioning information of the safety equipment to the user in time in a short message or mail mode and the like, so that the user can monitor in real time.
Any process or method descriptions in flow charts or otherwise described herein may be understood as representing modules, segments, or portions of code which include one or more executable instructions for implementing specific logical functions or steps of the process, and alternate implementations are included within the scope of the preferred embodiment of the present invention in which functions may be executed out of order from that shown or discussed, including substantially concurrently or in reverse order, depending on the functionality involved, as would be understood by those reasonably skilled in the art of the present invention.
It should be understood that portions of the present invention may be implemented in hardware, software, firmware, or a combination thereof. In the above embodiments, the various steps or methods may be implemented in software or firmware stored in memory and executed by a suitable instruction execution system. For example, if implemented in hardware, as in another embodiment, any one or combination of the following techniques, which are known in the art, may be used: a discrete logic circuit having a logic gate circuit for implementing a logic function on a data signal, an application specific integrated circuit having an appropriate combinational logic gate circuit, a Programmable Gate Array (PGA), a Field Programmable Gate Array (FPGA), or the like.
It will be understood by those skilled in the art that all or part of the steps carried by the method for implementing the above embodiments may be implemented by hardware related to instructions of a program, which may be stored in a computer readable storage medium, and when the program is executed, the program includes one or a combination of the steps of the method embodiments.
In addition, functional units in the embodiments of the present invention may be integrated into one processing module, or each unit may exist alone physically, or two or more units are integrated into one module. The integrated module can be realized in a hardware mode, and can also be realized in a software functional module mode. The integrated module, if implemented in the form of a software functional module and sold or used as a stand-alone product, may also be stored in a computer readable storage medium.
The storage medium mentioned above may be a read-only memory, a magnetic or optical disk, etc.
In the description herein, references to the description of the term "one embodiment," "some embodiments," "an example," "a specific example," or "some examples," etc., mean that a particular feature, structure, material, or characteristic described in connection with the embodiment or example is included in at least one embodiment or example of the invention. In this specification, the schematic representations of the terms used above do not necessarily refer to the same embodiment or example. Furthermore, the particular features, structures, materials, or characteristics described may be combined in any suitable manner in any one or more embodiments or examples.
Although embodiments of the present invention have been shown and described above, it is understood that the above embodiments are exemplary and should not be construed as limiting the present invention, and that variations, modifications, substitutions and alterations can be made in the above embodiments by those of ordinary skill in the art without departing from the principle and spirit of the present invention. The scope of the invention is defined by the appended claims and equivalents thereof.
Claims (18)
1. An information output method, comprising:
receiving a transaction request, and acquiring transaction information and positioning information;
signing a first information data packet to obtain signature data, wherein the first information data packet is obtained by processing first information, and the first information at least comprises: the transaction information and the positioning information;
and outputting the signature data and the first information data packet.
2. The method of claim 1, wherein the first information further comprises identification information.
3. The method of claim 1 or 2, wherein processing the first information comprises:
directly packaging the first information to obtain a first information data packet; or,
and encrypting the first information, and packaging after encryption to obtain the first information data packet.
4. An information output apparatus, characterized by comprising:
a first receiving module for receiving a transaction request;
the first acquisition module is used for acquiring transaction information and positioning information;
the first signature module is configured to sign a first information data packet to obtain signature data, where the first information data packet is obtained by processing first information, and the first information at least includes: the transaction information and the positioning information;
and the first output module is used for outputting the signature data and the first information data packet.
5. The apparatus of claim 4, wherein the first information further comprises identification information.
6. The apparatus of claim 4 or 5, further comprising: a first processing module and a second processing module, wherein,
the first processing module is configured to directly package the first information to obtain the first information data packet;
and the second processing module is used for encrypting the first information and packaging the encrypted first information to obtain the first information data packet.
7. An information processing system, the system comprising: the system comprises a safety device and a background system server;
the security device includes the information output apparatus of any one of claims 4 to 6, for outputting the signature data and the first information packet;
the background system server comprises: a second receiving module, a second obtaining module, a judging module, a first verifying module and a second outputting module,
the second receiving module is configured to receive the signature data and the first information data packet;
the second obtaining module is configured to obtain the first information and obtain preset positioning range information after the second receiving module receives the signature data and the first information data packet;
the judging module is used for judging whether the positioning information is in the positioning range information;
the first verification module is configured to verify the signature data if the positioning information is included in the positioning range information;
and the second output module is used for outputting second information to respond to the signature data after the signature data passes verification.
8. The system of claim 7, wherein the security device further comprises:
a third receiving module, configured to receive the second information;
the first generating module is used for generating a first transaction confirmation instruction after receiving the second information;
and the first sending module is used for sending the first transaction confirmation instruction to a terminal connected with the safety equipment, wherein the terminal executes the transaction after receiving the first transaction confirmation instruction.
9. The system of claim 7, wherein the backend system server further comprises:
the second generation module is used for generating a second confirmation transaction instruction after the signature data passes the verification;
the second signature module is used for signing a confirmed transaction instruction data packet to obtain the second information, wherein the confirmed transaction instruction data packet is obtained by processing the second confirmed transaction instruction;
and the third output module is used for outputting the second information and the confirmed transaction instruction data packet.
10. The system of claim 9, wherein the backend system server further comprises: a third processing module and a fourth processing module, wherein,
the third processing module is used for directly packaging the second confirmed transaction instruction to obtain a confirmed transaction instruction data packet;
and the fourth processing module is used for encrypting the second confirmed transaction instruction, and packaging the encrypted second confirmed transaction instruction to obtain the confirmed transaction instruction data packet.
11. The system of claim 10, wherein the security device further comprises:
the fourth receiving module is used for receiving the second information and the confirmed transaction instruction data packet and then acquiring the second confirmed transaction instruction;
a second verification module for verifying the second information;
and the second sending module is used for sending the second transaction confirmation instruction to a terminal connected with the safety equipment after the second information is verified to pass, wherein the terminal executes the transaction after receiving the second transaction confirmation instruction.
12. The system of any of claims 7 to 11, wherein the backend system server further comprises: a storage module for storing the positioning information after the first information is acquired and/or storing the positioning information after the signature data is verified.
13. An information processing method characterized by comprising:
the security device outputting the signature data and the first information data packet using the method of any one of claims 1 to 3;
the background system server receives the signature data and the first information data packet, acquires first information and acquires preset positioning range information;
the background system server judges whether the positioning information is in the positioning range information or not, and verifies the signature data under the condition that the positioning information is contained in the positioning range information;
and after the background system server verifies that the signature data passes, outputting second information to respond to the signature data.
14. The method of claim 13, wherein after the backend system server outputs a second message in response to the signature data, the method further comprises:
the safety equipment receives the second information and generates a first transaction confirmation instruction;
and the safety equipment sends the first transaction confirmation instruction to a terminal connected with the safety equipment, wherein the terminal executes the transaction after receiving the first transaction confirmation instruction.
15. The method of claim 13, wherein the backend system server outputting a second message in response to the signature data after verifying the signature data comprises:
the background system server generates a second transaction confirmation instruction after the signature data passes the verification;
the background system server signs a confirmed transaction instruction data packet to obtain the second information, wherein the confirmed transaction instruction data packet is obtained by processing the second confirmed transaction instruction;
and the background system server outputs the second information and the confirmed transaction instruction data packet.
16. The method of claim 15, wherein processing the second confirmation transaction instruction comprises:
directly packaging the second confirmed transaction instruction to obtain a confirmed transaction instruction data packet; or,
and encrypting the second confirmed transaction instruction, and packaging after encryption to obtain the confirmed transaction instruction data packet.
17. The method of claim 16, wherein after the backend system server outputs the second information and the confirmed transaction instruction data packet, the method further comprises:
after the safety equipment receives the second information and the confirmed transaction instruction data packet, acquiring a second confirmed transaction instruction;
and the safety equipment verifies the second information, and sends the second transaction confirmation instruction to a terminal connected with the safety equipment after the second information is verified to pass, wherein the terminal executes the transaction after receiving the second transaction confirmation instruction.
18. The method according to any one of claims 13 to 17, further comprising:
the background system server stores the positioning information after acquiring the first information and/or stores the positioning information after verifying the signature data.
Priority Applications (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN201310343189XA CN103413220A (en) | 2013-08-08 | 2013-08-08 | Information output method and device and information processing method and system |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN201310343189XA CN103413220A (en) | 2013-08-08 | 2013-08-08 | Information output method and device and information processing method and system |
Publications (1)
| Publication Number | Publication Date |
|---|---|
| CN103413220A true CN103413220A (en) | 2013-11-27 |
Family
ID=49606226
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN201310343189XA Pending CN103413220A (en) | 2013-08-08 | 2013-08-08 | Information output method and device and information processing method and system |
Country Status (1)
| Country | Link |
|---|---|
| CN (1) | CN103413220A (en) |
Cited By (3)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN104899503A (en) * | 2014-03-03 | 2015-09-09 | 联想(北京)有限公司 | Information processing method and first electronic equipment |
| CN106062750A (en) * | 2014-03-31 | 2016-10-26 | 迈克菲股份有限公司 | Provable geo-location |
| US20230213660A1 (en) * | 2014-04-23 | 2023-07-06 | Opentv, Inc. | Techniques for securing live positioning signals |
Citations (3)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN101394615A (en) * | 2007-09-20 | 2009-03-25 | 中国银联股份有限公司 | A mobile payment terminal and payment method based on PKI technology |
| CN102468960A (en) * | 2010-11-16 | 2012-05-23 | 卓望数码技术(深圳)有限公司 | Offline mode identity and transaction authentication method and terminal |
| WO2012079170A1 (en) * | 2010-12-14 | 2012-06-21 | Xtreme Mobility Inc. | Authenticating transactions using a mobile device identifier |
-
2013
- 2013-08-08 CN CN201310343189XA patent/CN103413220A/en active Pending
Patent Citations (3)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN101394615A (en) * | 2007-09-20 | 2009-03-25 | 中国银联股份有限公司 | A mobile payment terminal and payment method based on PKI technology |
| CN102468960A (en) * | 2010-11-16 | 2012-05-23 | 卓望数码技术(深圳)有限公司 | Offline mode identity and transaction authentication method and terminal |
| WO2012079170A1 (en) * | 2010-12-14 | 2012-06-21 | Xtreme Mobility Inc. | Authenticating transactions using a mobile device identifier |
Non-Patent Citations (1)
| Title |
|---|
| 陈炜喆: "更为安全的_钥匙_GNSSUSB_Key", 《卫星与网络》 * |
Cited By (6)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN104899503A (en) * | 2014-03-03 | 2015-09-09 | 联想(北京)有限公司 | Information processing method and first electronic equipment |
| CN104899503B (en) * | 2014-03-03 | 2018-08-10 | 联想(北京)有限公司 | A kind of information processing method and the first electronic equipment |
| CN106062750A (en) * | 2014-03-31 | 2016-10-26 | 迈克菲股份有限公司 | Provable geo-location |
| CN106062750B (en) * | 2014-03-31 | 2020-03-03 | 迈克菲有限公司 | Provable geolocation |
| US20230213660A1 (en) * | 2014-04-23 | 2023-07-06 | Opentv, Inc. | Techniques for securing live positioning signals |
| US11892548B2 (en) * | 2014-04-23 | 2024-02-06 | Opentv, Inc. | Techniques for securing live positioning signals |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| US10021113B2 (en) | System and method for an integrity focused authentication service | |
| US20170359185A1 (en) | Method for loading website security information and browser apparatus | |
| CN112887282B (en) | An identity authentication method, device, system and electronic equipment | |
| CN109067801A (en) | A kind of identity identifying method, identification authentication system and computer-readable medium | |
| CN103248491B (en) | A kind of backup method of electronic signature token private key and system | |
| CN107645381B (en) | Security verification implementation method and device | |
| CN112788042A (en) | Method for determining equipment identifier of Internet of things and Internet of things equipment | |
| TWI526871B (en) | Server, user device, and user device and server interaction method | |
| CN110505185A (en) | Auth method, equipment and system | |
| CN109509099A (en) | Data trade method and device calculates equipment, storage medium | |
| US11991294B2 (en) | Peer-to-peer secure conditional transfer of cryptographic data | |
| CN110929231A (en) | Digital asset authorization method and device and server | |
| CN103413220A (en) | Information output method and device and information processing method and system | |
| CN112383577A (en) | Authorization method, device, system, equipment and storage medium | |
| KR20110124088A (en) | Cloud computing billing notary, billing system and billing method | |
| CN104518880A (en) | Big data reliability validation method and system based on random sampling detection | |
| CN103716328B (en) | Operation request processing method and system | |
| CN117370463A (en) | Block chain-based data storage method, device and storage medium | |
| CN110492989A (en) | The processing method of private key, the medium of access method and corresponding method, device | |
| CN105959249A (en) | Method and system for management of electronic device | |
| CN103888259B (en) | A kind of subscriber identification card | |
| CN110766407A (en) | Transaction verification method, accounting node and medium based on block chain | |
| Oliveira | Dynamic QR codes for Ticketing Systems | |
| JP6236151B2 (en) | Smart card, verification data output method, operation request response method and system | |
| CN116796299A (en) | Fraud-related application detection method, system and storage medium based on login authentication |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| C06 | Publication | ||
| PB01 | Publication | ||
| C10 | Entry into substantive examination | ||
| SE01 | Entry into force of request for substantive examination | ||
| RJ01 | Rejection of invention patent application after publication | ||
| RJ01 | Rejection of invention patent application after publication |
Application publication date: 20131127 |