CN105590214A - Payment method and payment system based on virtual card - Google Patents
Payment method and payment system based on virtual card Download PDFInfo
- Publication number
- CN105590214A CN105590214A CN201410845210.0A CN201410845210A CN105590214A CN 105590214 A CN105590214 A CN 105590214A CN 201410845210 A CN201410845210 A CN 201410845210A CN 105590214 A CN105590214 A CN 105590214A
- Authority
- CN
- China
- Prior art keywords
- virtual card
- account
- information
- card
- app
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Pending
Links
Classifications
-
- G—PHYSICS
- G06—COMPUTING OR CALCULATING; COUNTING
- G06Q—INFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES, NOT OTHERWISE PROVIDED FOR
- G06Q20/00—Payment architectures, schemes or protocols
- G06Q20/30—Payment architectures, schemes or protocols characterised by the use of specific devices or networks
- G06Q20/32—Payment architectures, schemes or protocols characterised by the use of specific devices or networks using wireless devices
- G06Q20/326—Payment applications installed on the mobile devices
- G06Q20/3263—Payment applications installed on the mobile devices characterised by activation or deactivation of payment capabilities
Landscapes
- Engineering & Computer Science (AREA)
- Business, Economics & Management (AREA)
- Computer Networks & Wireless Communication (AREA)
- Accounting & Taxation (AREA)
- Strategic Management (AREA)
- Physics & Mathematics (AREA)
- General Business, Economics & Management (AREA)
- General Physics & Mathematics (AREA)
- Theoretical Computer Science (AREA)
- Financial Or Insurance-Related Operations Such As Payment And Settlement (AREA)
Abstract
本发明涉及基于虚拟卡的支付方法。该方法包括:虚拟卡发行步骤;虚拟卡激活步骤;虚拟卡支付步骤,其中在虚拟卡支付步骤中,APP计算消费方的虚拟卡的授权信息,受理方的移动终端获取消费方的虚拟卡的授权信息以及虚拟卡信息,受理方将获取的虚拟卡信息以及消费信息与受理方的账户信息一起通过转接网络发送到消费方的账户发行方,该账户发行方验证虚拟卡信息以及消费信息,在验证成功的情况下完成交易并且将交易结果交由支付转接网络。利用本发明能够用虚拟卡替代实体卡,而且能够提高支付的安全性。
The invention relates to a payment method based on a virtual card. The method includes: a virtual card issuance step; a virtual card activation step; a virtual card payment step, wherein in the virtual card payment step, the APP calculates the authorization information of the consumer's virtual card, and the accepting party's mobile terminal obtains the consumer's virtual card information. Authorization information and virtual card information, the accepting party sends the acquired virtual card information and consumption information together with the accepting party’s account information to the consumer’s account issuer through the transfer network, and the account issuer verifies the virtual card information and consumption information, If the verification is successful, the transaction is completed and the transaction result is handed over to the payment transfer network. By utilizing the present invention, virtual cards can be used to replace physical cards, and the security of payment can be improved.
Description
技术领域 technical field
本发明涉及计算机应用技术领域,特别地涉及一种基于虚拟卡的支付方法以及支付系统。 The invention relates to the technical field of computer applications, in particular to a virtual card-based payment method and payment system.
背景技术 Background technique
随着互联网和电子商务的迅猛发展,越来越多的企业或者个人开始在网上开展业务,这大大方便了公众,足不出户就可以享受到各种服务和信息。通常持卡人在网上接受服务或信息使用银行卡进行网上支付,需要输入银行卡卡号和密码。这种支付方式存在着一定的安全隐患,在网上传输信用卡和密码可能被第三者而已获取而盗用,造成使用者的资金损失。 With the rapid development of the Internet and e-commerce, more and more companies or individuals start to conduct business online, which greatly facilitates the public, who can enjoy various services and information without leaving home. Usually cardholders use bank cards to make online payments when receiving services or information online, and need to enter the bank card number and password. There are certain hidden dangers in this payment method. The credit card and password transmitted on the Internet may be obtained by a third party and stolen, resulting in the loss of the user's funds.
另一方面,随着智能终端的发展,基于智能终端进行的支付方法也越来越得到普及,很多智能终端也能够参与网络支付。 On the other hand, with the development of smart terminals, payment methods based on smart terminals are becoming more and more popular, and many smart terminals can also participate in online payment.
然而,如今网络上恶意行为众多,无论是利用银行卡卡号和密码、还是利用智能终端进行网络交易,都有可能被不法分子盗取帐号,会给用户的用卡带来一定的威胁,容易造成用户的财产损失。 However, there are many malicious acts on the Internet nowadays. Whether using bank card numbers and passwords or using smart terminals for online transactions, criminals may steal account numbers, which will bring certain threats to users’ card use and easily cause users property damage.
发明内容 Contents of the invention
鉴于上述问题,本发明旨在提供一种不需要实体卡就能够实现支付的基于虚拟卡的支付系统以及支付方法。 In view of the above problems, the present invention aims to provide a virtual card-based payment system and payment method that can realize payment without a physical card.
进一步,本发明旨在提供一种能够更有效地保证支付安全性的基于虚拟卡的支付系统以及支付方法。 Further, the present invention aims to provide a virtual card-based payment system and payment method that can more effectively ensure payment security.
本发明的基于虚拟卡的支付方法,其特征在于,包括下述步骤: The payment method based on the virtual card of the present invention is characterized in that it comprises the following steps:
虚拟卡发行步骤,通过移动终端上安装的APP将移动终端设置为虚拟卡的载体并将附加属性信息提供到虚拟卡的账户发行方,账户发行方根据所述附加属性信息开设虚拟账户并向该APP返回账户识别码; The virtual card issuing step is to set the mobile terminal as the carrier of the virtual card through the APP installed on the mobile terminal and provide the additional attribute information to the account issuer of the virtual card. The account issuer opens a virtual account according to the additional attribute information and sends the The APP returns the account identification code;
虚拟卡激活步骤,用户通过APP将包含账户识别码和附加属性信息的激活请求发送到账户发行方来请求激活账户,在通过账户发行方的验证的情况下向移动终端发送激活码,用户通过APP将包含激活码的激活请求发送到账户发行方,经账户发行方验证激活码后完成虚拟卡的激活并且将虚拟卡的卡信息下发到APP; In the virtual card activation step, the user sends an activation request including the account identification code and additional attribute information to the account issuer through the APP to request activation of the account. After passing the verification of the account issuer, the activation code is sent to the mobile terminal, and the user passes the APP. Send the activation request containing the activation code to the account issuer, complete the activation of the virtual card after the account issuer verifies the activation code and send the card information of the virtual card to the APP;
虚拟卡支付步骤,APP计算消费方的虚拟卡的授权信息,受理方的移动终端获取消费方的虚拟卡的授权信息以及消费信息,受理方将获取的虚拟卡的授权信息以及消费信息与受理方的账户信息一起通过转接网络发送到消费方的账户发行方,该账户发行方验证虚拟卡的授权信息以及消费信息,在验证成功的情况下完成交易并且将交易结果交由支付转接网络。 In the virtual card payment step, the APP calculates the authorization information of the virtual card of the consumer, and the mobile terminal of the accepting party obtains the authorization information and consumption information of the virtual card of the consumer, and the authorization information and consumption information of the virtual card that the accepting party will obtain are shared with the accepting party. The account information is sent to the consumer's account issuer through the transfer network. The account issuer verifies the authorization information and consumption information of the virtual card, completes the transaction and submits the transaction result to the payment transfer network if the verification is successful.
优选地,所述虚拟卡发行步骤包括下述子步骤: Preferably, the step of issuing a virtual card includes the following sub-steps:
通过移动终端上安装的APP将移动终端设置为虚拟卡的载体并将附加属性信息提供到虚拟卡的账户发行方,其中,所述附加属性信息包括移动终端的硬件信息以及/或者用户信息,所述硬件信息包括移动终端的主板序号、SIM卡序号、WIFIMAC地址、OS识别码中的一种或任意组合; Set the mobile terminal as the carrier of the virtual card through the APP installed on the mobile terminal and provide additional attribute information to the account issuer of the virtual card, wherein the additional attribute information includes hardware information and/or user information of the mobile terminal, so The hardware information includes one or any combination of the motherboard serial number, SIM card serial number, WIFIMAC address, and OS identification code of the mobile terminal;
账户发行方根据所述附加属性信息开设虚拟账户,其中,该虚拟账户是与已有实体卡关联或者是新开立的账户,账户状态为待激活; The account issuer opens a virtual account according to the additional attribute information, wherein the virtual account is associated with an existing physical card or is a newly opened account, and the account status is pending activation;
账户发行方为用户提供账户识别码,并且将该识别码返回到APP。 The account issuer provides the user with an account identification code, and returns the identification code to the APP.
优选地,所述虚拟卡激活步骤包括下述子步骤: Preferably, the step of activating the virtual card includes the following sub-steps:
用户通过APP将包含账户识别码、移动终端的硬件信息以及私密数据的激活请求发送到账户发行方来请求激活账户,所述私密数据是指个人密码、预设问题的答案、生物特征数据中的一种或任意组合; The user requests to activate the account by sending an activation request including the account identification code, hardware information of the mobile terminal, and private data to the account issuer through the APP. The private data refers to personal passwords, answers to preset questions, and biometric data. one or any combination;
账户发行方验证收到的账户识别码和硬件信息,如果验证正确,则账户发行方保存所述私密数据,同时通过短信方式向移动终端发送激活码; The account issuer verifies the received account identification code and hardware information, and if the verification is correct, the account issuer saves the private data and sends an activation code to the mobile terminal via SMS;
用户在APP上输入该激活码; The user enters the activation code on the APP;
APP将包含激活码的激活请求发送到账户发行方; The APP sends the activation request containing the activation code to the account issuer;
账户发行方验证是否正确,如果验证失败则拒绝该账户激活,如果验证成功则将该账户状态标记为已激活,同时通知APP激活成功,并且向APP下发虚拟卡的卡信息,其中,所述卡信息包括账户使用密钥、账户密钥有效时间范围或长度、虚拟卡卡号。 The account issuer verifies whether it is correct. If the verification fails, the account activation will be rejected. If the verification is successful, the account status will be marked as activated. At the same time, the APP will be notified of the successful activation, and the card information of the virtual card will be issued to the APP. Among them, the Card information includes account use key, account key valid time range or length, and virtual card number.
优选地,所述虚拟卡支付步骤包括下述子步骤: Preferably, the virtual card payment step includes the following sub-steps:
APP检查作为消费方的虚拟卡的有效期,如果无效则拒绝交易,否则根据账户发行方的约定算法计算本次交易的授权信息,其中所述授权信息包含:账户使用密钥、账户密钥有效时间范围或长度、交易类型、交易信息、硬件信息、私密数据中的一个或多个; The APP checks the validity period of the virtual card as the consumer, and if it is invalid, the transaction will be rejected, otherwise, the authorization information of this transaction will be calculated according to the agreed algorithm of the account issuer, where the authorization information includes: account use key, account key validity time One or more of range or length, transaction type, transaction information, hardware information, private data;
受理方的移动终端通过NFC功能、声波或者二维码获取消费方的虚拟卡的虚拟卡信息和授权信息,受理方将获取的虚拟卡信息、授权信息以及消费信息与受理方的账户信息一起通过转接网络发送到消费方的账户发行方; The accepting party's mobile terminal obtains the virtual card information and authorization information of the consumer's virtual card through the NFC function, sound waves or QR codes, and the accepting party passes the obtained virtual card information, authorization information and consumption information together with the accepting party's account information. The transfer network sends to the account issuer of the consumer;
消费方的账户发行方验证虚拟卡信息以及消费信息,在验证成功的情况下消费方的账户发行方完成交易并且将交易结果转发到支付转接网络,在验证失败的情况下则拒绝该交易。 The account issuer of the consumer verifies the virtual card information and consumption information. If the verification is successful, the account issuer of the consumer completes the transaction and forwards the transaction result to the payment transfer network. If the verification fails, the transaction is rejected.
优选地,虚拟卡的发行方为发卡银行或卡组织,如果该虚拟卡和实体卡关联,则虚拟卡卡号和实体卡卡号为互相映射的关系并且该映射关系保存在虚拟卡发行方机构,如果该虚拟卡无实体卡无关联,则由虚拟卡发行方为用户向发卡银行或卡组织申请一个资金账户。 Preferably, the issuer of the virtual card is a card-issuing bank or a card organization. If the virtual card is associated with the physical card, the virtual card number and the physical card number are in a mutual mapping relationship and the mapping relationship is stored in the virtual card issuer institution. If The virtual card has no connection with the physical card, and the virtual card issuer applies for a fund account to the issuing bank or card organization for the user.
本发明的基于虚拟卡的支付系统,其特征在于,包括: The payment system based on the virtual card of the present invention is characterized in that it includes:
消费方的移动终端,安装有APP,用于将该移动终端设置为虚拟卡的载体并将附加属性信息提供到下述虚拟卡的账户发行方,还用于将包含从下述虚拟卡的账户发行方发送来的下述账户识别码、附加属性信息的激活请求发送到账户发行方来请求激活账户,当从下述账户发行方收到激活码后用于输入该激活码,并且将包含激活码的激活请求发送到虚拟卡的账户发行方,还用于计算消费方的虚拟卡的授权信息; The consumer's mobile terminal is installed with an APP, which is used to set the mobile terminal as the carrier of the virtual card and provide additional attribute information to the account issuer of the following virtual card, and is also used to transfer the account containing the virtual card from the following The activation request for the following account identification code and additional attribute information sent by the issuer is sent to the account issuer to request activation of the account. When the activation code is received from the following account issuer, it is used to enter the activation code and will include activation The activation request of the code is sent to the account issuer of the virtual card, and is also used to calculate the authorization information of the virtual card of the consumer;
虚拟卡的账户发行方,用于根据从上述APP提供来的附加属性信息开设虚拟卡的账户并向上述APP返回账户识别码,还用于验证从APP返回来的账户识别码和附加属性信息,在通过验证的情况下向消费方的APP发送激活码,对于从上述消费方的APP返回的激活码进行验证,在通过激活码的验证后完成虚拟卡的激活并且将虚拟卡的卡信息下发到上述消费方的APP,并且在虚拟卡的账户发行方验证授权信息成功的情况下完成交易; The account issuer of the virtual card is used to open a virtual card account based on the additional attribute information provided from the above APP and return the account identification code to the above APP, and is also used to verify the account identification code and additional attribute information returned from the APP, Send the activation code to the APP of the consumer in the case of passing the verification, verify the activation code returned from the APP of the above consumer, complete the activation of the virtual card after passing the verification of the activation code and send the card information of the virtual card Go to the APP of the above consumer, and complete the transaction when the account issuer of the virtual card successfully verifies the authorization information;
受理方的移动终端,用于获取消费方的虚拟卡的授权信息以及虚拟卡信息,并且将获取的虚拟卡信息以及消费信息与受理方的账户信息一起发送到下述支付转接网络; The accepting party's mobile terminal is used to obtain the authorization information and virtual card information of the consumer's virtual card, and send the acquired virtual card information and consumption information together with the accepting party's account information to the following payment transfer network;
支付转接网络,用于将来自上述受理方的移动终端的虚拟卡信息、消费信息、受理方的账户信息发送到消费方的账户发行方,并且在完成交易的情况下将交易结果通知受理方的移动终端。 The payment transfer network is used to send the virtual card information, consumption information, and account information of the accepting party from the mobile terminal of the accepting party to the account issuer of the consumer, and notify the accepting party of the transaction result when the transaction is completed mobile terminal.
优选地,所述消费方的移动终端用于根据账户使用密钥、账户密钥有效时间范围或长度、交易类型、交易信息、移动终端硬件信息、私密数据中的一个或多个信息计算授权信息。 Preferably, the consumer's mobile terminal is used to calculate authorization information based on one or more of the account use key, account key valid time range or length, transaction type, transaction information, mobile terminal hardware information, and private data .
本发明的基于虚拟卡的支付方法,其特征在于,包括下述步骤: The payment method based on the virtual card of the present invention is characterized in that it comprises the following steps:
虚拟卡发行步骤,通过移动终端上安装的APP将移动终端设置为虚拟卡的载体并将移动终端的附加属性信息提供到虚拟卡的账户发行方,账户发行方根据提供的附加属性信息开设虚拟账户并向该APP返回账户识别码; The virtual card issuing step is to set the mobile terminal as the carrier of the virtual card through the APP installed on the mobile terminal and provide the additional attribute information of the mobile terminal to the account issuer of the virtual card, and the account issuer opens a virtual account according to the provided additional attribute information And return the account identification code to the APP;
虚拟卡激活步骤,用户通过APP将包含账户识别码、附加属性信息的激活请求发送到账户发行方来请求激活账户,在通过账户发行方的验证的情况下向移动终端发送激活码,用户通过APP将包含激活码的激活请求发送到账户发行方,经账户发行方验证激活码后完成虚拟卡的激活并且将虚拟卡的卡信息下发到APP; In the virtual card activation step, the user sends an activation request including the account identification code and additional attribute information to the account issuer through the APP to request activation of the account. After passing the verification of the account issuer, the activation code is sent to the mobile terminal, and the user passes the APP. Send the activation request containing the activation code to the account issuer, complete the activation of the virtual card after the account issuer verifies the activation code and send the card information of the virtual card to the APP;
虚拟卡支付步骤,APP计算虚拟卡的授权信息并且显示在移动终端上,用户将虚拟卡的卡信息及授权信息输入商户的支付网页,所述支付网页由支付网关生成,以嵌入或调转的方式显示在商户的支付信息相关的网页上,支付网关将获取的授权信息与商户信息、消费信息一起通过支付转接网络发送到虚拟卡的账户发行方,该虚拟卡的账户发行方验证授权信息以及消费信息,在验证成功的情况下完成交易并且将交易结果转发到支付转接网络。 In the virtual card payment step, the APP calculates the authorization information of the virtual card and displays it on the mobile terminal. The user enters the card information and authorization information of the virtual card into the payment webpage of the merchant, and the payment webpage is generated by the payment gateway, and is embedded or transferred. Displayed on the webpage related to the merchant's payment information, the payment gateway sends the obtained authorization information together with merchant information and consumption information to the account issuer of the virtual card through the payment transfer network, and the account issuer of the virtual card verifies the authorization information and Consumption information, complete the transaction and forward the transaction result to the payment transfer network if the verification is successful.
优选地,所述虚拟卡发行步骤包括下述子步骤: Preferably, the step of issuing a virtual card includes the following sub-steps:
通过移动终端上安装的APP将移动终端设置为虚拟卡的载体并将附加属性信息提供到虚拟卡的账户发行方,其中,所述附加属性信息包括移动终端的硬件信息以及/或者用户信息,所述硬件信息包括移动终端的主板序号、SIM卡序号、OS识别码、WIFIMAC地址中的一个或多个; Set the mobile terminal as the carrier of the virtual card through the APP installed on the mobile terminal and provide additional attribute information to the account issuer of the virtual card, wherein the additional attribute information includes hardware information and/or user information of the mobile terminal, so The hardware information includes one or more of the main board serial number, SIM card serial number, OS identification code, and WIFIMAC address of the mobile terminal;
账户发行方根据提供的附加属性信息开设虚拟账户,其中,该虚拟账户是与已有实体卡关联或者是新开立的账户,账户状态为待激活; The account issuer opens a virtual account according to the additional attribute information provided, wherein the virtual account is associated with an existing physical card or is a newly opened account, and the account status is pending activation;
账户发行方为用户提供账户识别码,并且将该识别码返回到APP。 The account issuer provides the user with an account identification code, and returns the identification code to the APP.
优选地,所述虚拟卡激活步骤包括下述子步骤: Preferably, the step of activating the virtual card includes the following sub-steps:
用户通过APP将包含账户识别码、附加属性信息以及私密数据的激活请求发送到账户发行方来请求激活账户,其中,所述硬件信息包括移动终端的主板序号、SIM卡序号、OS识别码、WIFIMAC地址中的一个或多个,所述私密数据是指个人密码、预设问题的答案、生物特征数据中的一种; The user sends an activation request including the account identification code, additional attribute information and private data to the account issuer through the APP to request account activation, wherein the hardware information includes the serial number of the motherboard of the mobile terminal, the serial number of the SIM card, the OS identification code, WIFIMAC One or more of the addresses, and the private data refers to one of personal passwords, answers to preset questions, and biometric data;
账户发行方验证收到的账户识别码和附加属性信息,如果验证正确,者账户发行方保存所述私密数据,同时通过短信方式向移动终端发送激活码; The account issuer verifies the received account identification code and additional attribute information, and if the verification is correct, the account issuer saves the private data and sends an activation code to the mobile terminal via SMS;
在APP上输入该激活码并设置该虚拟卡的属性信息; Enter the activation code on the APP and set the attribute information of the virtual card;
APP将包含激活码以及属性信息的激活请求发送到账户发行方; The APP sends an activation request containing the activation code and attribute information to the account issuer;
账户发行方验证是否正确,如果验证失败则拒绝该账户激活,如果验证成功则将该账户状态标记为已激活,同时通知APP激活成功,并且向APP下发虚拟卡的卡信息,其中,所述卡信息包括账户使用密钥、账户密钥有效时间范围或长度、虚拟卡卡号。 The account issuer verifies whether it is correct. If the verification fails, the account activation will be rejected. If the verification is successful, the account status will be marked as activated. At the same time, the APP will be notified of the successful activation, and the card information of the virtual card will be issued to the APP. Among them, the Card information includes account use key, account key valid time range or length, and virtual card number.
优选地,虚拟卡的发行方为发卡银行或卡组织,如果该虚拟卡和实体卡关联,则虚拟卡卡号和实体卡卡号为互相映射的关系并且该映射关系保存在虚拟卡发行方机构,如果该虚拟卡无实体卡无关联,则由虚拟卡发行方为用户向发卡银行或卡组织申请一个资金账户。 Preferably, the issuer of the virtual card is a card-issuing bank or a card organization. If the virtual card is associated with the physical card, the virtual card number and the physical card number are in a mutual mapping relationship and the mapping relationship is stored in the virtual card issuer institution. If The virtual card has no connection with the physical card, and the virtual card issuer applies for a fund account to the issuing bank or card organization for the user.
本发明的基于虚拟卡的支付系统,其特征在于,包括: The payment system based on the virtual card of the present invention is characterized in that it includes:
移动终端,安装有APP,该APP用于将该移动终端设置为虚拟卡的载体并将移动终端的附加属性信息提供到下述虚拟卡的账户发行方,还用于将包含从下述虚拟卡的账户发行方发送来的下述账户识别码、附加属性信息的激活请求发送到账户发行方来请求激活账户,当从下述账户发行方收到激活码后用于输入该激活码,并且将包含激活码的激活请求发送到虚拟卡的账户发行方,还用于计算虚拟卡的授权信息并显示于移动终端上; The mobile terminal is installed with an APP, which is used to set the mobile terminal as the carrier of the virtual card and provide the additional attribute information of the mobile terminal to the account issuer of the following virtual card, and is also used to transfer the information contained in the virtual card from the following The activation request of the following account identification code and additional attribute information sent by the account issuer of the account is sent to the account issuer to request activation of the account. When the activation code is received from the account issuer described below, it is used to enter the activation code, and will The activation request containing the activation code is sent to the account issuer of the virtual card, and is also used to calculate the authorization information of the virtual card and display it on the mobile terminal;
虚拟卡的账户发行方,用于根据从上述APP提供来的附加属性信息开设虚拟卡的账户并向上述APP返回账户识别码,还用于验证从上述APP返回来的账户识别码和附加属性信息,在通过验证的情况下向上述APP发送激活码,对于从上述APP返回的激活码进行验证,在通过激活码的验证后完成虚拟卡的激活并且将虚拟卡的卡信息下发到上述APP; The account issuer of the virtual card is used to open a virtual card account based on the additional attribute information provided from the above APP and return the account identification code to the above APP, and also to verify the account identification code and additional attribute information returned from the above APP , in the case of passing the verification, send the activation code to the above-mentioned APP, verify the activation code returned from the above-mentioned APP, complete the activation of the virtual card after passing the verification of the activation code and send the card information of the virtual card to the above-mentioned APP;
收单机构,用于获取虚拟卡的授权信息以及虚拟卡信息,并且基于获取的虚拟卡信息、商户信息以及消费信息组织交易请求报文发送到下述支付转接网络,并且接收来自上述支付转接网络的交易结果; The acquirer is used to obtain the authorization information and virtual card information of the virtual card, and based on the obtained virtual card information, merchant information and consumer information, organize the transaction request message to be sent to the following payment transfer network, and receive information from the above payment transfer network. The transaction results connected to the network;
支付转接网络,用于根据来自上述收单机构的交易请求报文将支付请求发送到账户发行方,还用于接收来自账户发行方的交易结果并转发到收单机构。 The payment transfer network is used to send the payment request to the account issuer according to the transaction request message from the above-mentioned acquirer, and is also used to receive the transaction result from the account issuer and forward it to the acquirer.
优选地,所述移动终端根据账户使用密钥、账户密钥有效时间范围或长度、交易类型、交易信息、硬件信息、私密数据中的一个或多个信息计算授权信息。 Preferably, the mobile terminal calculates the authorization information according to one or more of the account usage key, account key valid time range or length, transaction type, transaction information, hardware information, and private data.
本发明的基于虚拟卡的支付方法,其特征在于,包括下述步骤: The payment method based on the virtual card of the present invention is characterized in that it comprises the following steps:
虚拟卡发行步骤,通过移动终端上安装的APP将移动终端设置为虚拟卡的载体并将附加属性信息提供到虚拟卡的账户发行方,账户发行方根据提供的附加属性信息开设虚拟账户并向该APP返回账户识别码; The virtual card issuing step is to set the mobile terminal as the carrier of the virtual card through the APP installed on the mobile terminal and provide the additional attribute information to the account issuer of the virtual card. The account issuer opens a virtual account according to the additional attribute information provided and sends the The APP returns the account identification code;
虚拟卡激活步骤,用户通过APP将包含账户识别码、附加属性信息的激活请求发送到账户发行方来请求激活账户,账在通过账户发行方的验证的情况下向移动终端发送激活码,用户通过APP将包含激活码的激活请求发送到账户发行方,经账户发行方验证激活码后完成虚拟卡的激活并且将虚拟卡的卡信息下发到APP; In the virtual card activation step, the user sends an activation request including the account identification code and additional attribute information to the account issuer through the APP to request activation of the account. After the account is verified by the account issuer, the activation code is sent to the mobile terminal. The APP sends the activation request containing the activation code to the account issuer, and after the account issuer verifies the activation code, the activation of the virtual card is completed and the card information of the virtual card is sent to the APP;
虚拟卡支付步骤,APP计算虚拟卡的授权信息并且显示在移动终端上,POS终端读取上述授权信息并且将上述授权信息与商户信息、消费信息一起发送到收单机构并通过支付转接网络发送到虚拟卡的账户发行方,该虚拟卡的账户发行方验证授权信息以及消费信息,在验证成功的情况下虚拟卡的账户发行方完成交易并且将交易结果交由支付转接网络处理后转发收单机构。 In the virtual card payment step, the APP calculates the authorization information of the virtual card and displays it on the mobile terminal. The POS terminal reads the above authorization information and sends the above authorization information together with the merchant information and consumption information to the acquirer and sends it through the payment transfer network To the account issuer of the virtual card, the account issuer of the virtual card verifies the authorization information and consumption information, and if the verification is successful, the account issuer of the virtual card completes the transaction and hands over the transaction result to the payment transfer network for processing and then forwards it to the recipient. single agency.
优选地,所述虚拟卡发行步骤包括下述子步骤: Preferably, the step of issuing a virtual card includes the following sub-steps:
通过移动终端上安装的APP将移动终端设置为虚拟卡的载体并将附加属性信息提供到虚拟卡的账户发行方,其中,所述附加属性信息包括移动终端的硬件信息以及/或者用户信息,所述硬件信息包括移动终端的主板序号、SIM卡序号、OS识别码、WIFIMAC地址中的一个或多个; Set the mobile terminal as the carrier of the virtual card through the APP installed on the mobile terminal and provide additional attribute information to the account issuer of the virtual card, wherein the additional attribute information includes hardware information and/or user information of the mobile terminal, so The hardware information includes one or more of the main board serial number, SIM card serial number, OS identification code, and WIFIMAC address of the mobile terminal;
账户发行方根据提供的硬件信息以及用户信息开设虚拟账户,其中,该虚拟账户是与已有实体卡关联或者是新开立的账户,账户状态为待激活; The account issuer opens a virtual account based on the provided hardware information and user information, where the virtual account is associated with an existing physical card or is a newly opened account, and the account status is pending activation;
账户发行方为用户提供账户识别码,并且将该识别码返回到APP。 The account issuer provides the user with an account identification code, and returns the identification code to the APP.
优选地,所述虚拟卡激活步骤包括下述子步骤: Preferably, the step of activating the virtual card includes the following sub-steps:
用户通过APP将包含账户识别码、移动终端的硬件信息以及私密数据的激活请求发送到账户发行方来请求激活账户,所述私密数据是指个人密码、预设问题的答案、生物特征数据中的一种; The user requests to activate the account by sending an activation request including the account identification code, hardware information of the mobile terminal, and private data to the account issuer through the APP. The private data refers to personal passwords, answers to preset questions, and biometric data. A sort of;
账户发行方验证收到的账户识别码和硬件信息,如果验证正确,者账户发行方保存所述私密数据,同时通过短信方式向移动终端发送激活码; The account issuer verifies the received account identification code and hardware information, and if the verification is correct, the account issuer saves the private data and sends an activation code to the mobile terminal via SMS;
在APP上输入该激活码; Enter the activation code on the APP;
APP将包含激活码以及属性信息的激活请求发送到账户发行方; The APP sends an activation request containing the activation code and attribute information to the account issuer;
账户发行方验证是否正确,如果验证失败则拒绝该账户激活,如果验证成功则将该账户状态标记为已激活,同时通知APP激活成功,并且向APP下发虚拟卡的卡信息,其中,所述卡信息包括账户使用密钥、账户密钥有效时间范围或长度、虚拟卡卡号。 The account issuer verifies whether it is correct. If the verification fails, the account activation will be rejected. If the verification is successful, the account status will be marked as activated. At the same time, the APP will be notified of the successful activation, and the card information of the virtual card will be issued to the APP. Among them, the Card information includes account use key, account key valid time range or length, and virtual card number.
优选地,所述虚拟卡支付步骤包括下述子步骤: Preferably, the virtual card payment step includes the following sub-steps:
APP检查虚拟卡的有效期,如果无效则直接拒绝,否则APP计算虚拟卡的授权信息; The APP checks the validity period of the virtual card, and if it is invalid, it directly rejects it, otherwise the APP calculates the authorization information of the virtual card;
APP将计算出的授权信息以二维码形式显示在移动终端上; The APP displays the calculated authorization information on the mobile terminal in the form of a QR code;
POS终端扫描二维码读取授权信息并且将上述授权信息与商户信息息以及消费信息一起发送到收单机构; The POS terminal scans the QR code to read the authorization information and sends the above authorization information together with the merchant information and consumption information to the acquirer;
收单机构通过支付转接网络将上述授权信息与商户信息以及消费信息发送到虚拟卡的账户发行方; The acquirer sends the above authorization information, merchant information and consumption information to the account issuer of the virtual card through the payment transfer network;
该虚拟卡的账户发行方验证虚拟卡信息以及消费信息,在验证成功的情况下完成支付并且将支付结果通知收单机构,由收单机构转发到POS终端。 The account issuer of the virtual card verifies the virtual card information and consumption information, completes the payment if the verification is successful, and notifies the acquirer of the payment result, and the acquirer forwards it to the POS terminal.
优选地,所述虚拟卡支付步骤包括下述子步骤: Preferably, the virtual card payment step includes the following sub-steps:
APP检查虚拟卡的有效期,如果无效则直接拒绝,否则APP计算虚拟卡的授权信息; The APP checks the validity period of the virtual card, and if it is invalid, it directly rejects it, otherwise the APP calculates the authorization information of the virtual card;
移动终端利用NFC功能读取授权信息并且将上述授权信息与商户信息以及消费信息一起发送到收单机构; The mobile terminal uses the NFC function to read the authorization information and send the above authorization information together with the merchant information and consumption information to the acquirer;
收单机构通过支付转接网络将上述授权信息与商户信息以及消费信息发送到虚拟卡的账户发行方; The acquirer sends the above authorization information, merchant information and consumption information to the account issuer of the virtual card through the payment transfer network;
该虚拟卡的账户发行方验证虚拟卡信息以及消费信息,在验证成功的情况下完成支付并且将支付结果通知收单机构,由收单机构转发到POS终端。 The account issuer of the virtual card verifies the virtual card information and consumption information, completes the payment if the verification is successful, and notifies the acquirer of the payment result, and the acquirer forwards it to the POS terminal.
优选地,虚拟卡的发行方为发卡银行或卡组织,如果该虚拟卡和实体卡关联,则虚拟卡卡号和实体卡卡号为互相映射的关系并且该映射关系保存在虚拟卡发行方机构,如果该虚拟卡无实体卡无关联,则由虚拟卡发行方为用户向发卡银行或卡组织申请一个资金账户。 Preferably, the issuer of the virtual card is a card-issuing bank or a card organization. If the virtual card is associated with the physical card, the virtual card number and the physical card number are in a mutual mapping relationship and the mapping relationship is stored in the virtual card issuer institution. If The virtual card has no connection with the physical card, and the virtual card issuer applies for a fund account to the issuing bank or card organization for the user.
本发明的基于虚拟卡的支付系统,其特征在于,包括: The payment system based on the virtual card of the present invention is characterized in that it includes:
移动终端,安装有APP,该APP用于将该移动终端设置为虚拟卡的载体并将附加属性信息提供到下述虚拟卡的账户发行方,还用于将包含从下述虚拟卡的账户发行方发送来的下述账户识别码、附加属性信息的激活请求发送到账户发行方来请求激活账户,当从下述账户发行方收到激活码后用于输入该激活码,并且将包含激活码的激活请求发送到虚拟卡的账户发行方,还用于计算虚拟卡的授权信息并显示于移动终端上; The mobile terminal is installed with an APP, which is used to set the mobile terminal as the carrier of the virtual card and provide additional attribute information to the account issuer of the following virtual card, and is also used to issue the account containing the virtual card from the following The activation request of the following account identification code and additional attribute information sent by the party is sent to the account issuer to request activation of the account. When the activation code is received from the following account issuer, it is used to enter the activation code and will contain the activation code. The activation request is sent to the account issuer of the virtual card, which is also used to calculate the authorization information of the virtual card and display it on the mobile terminal;
虚拟卡的账户发行方,用于根据从上述APP提供来的附加属性信息开设虚拟卡的账户并向上述APP返回账户识别码,还用于验证从上述APP返回来的账户识别码和附加属性信息,在通过验证的情况下向上述APP发送激活码,对于从上述APP返回的激活码进行验证,在通过激活码的验证后完成虚拟卡的激活并且将虚拟卡的卡信息下发到上述APP; The account issuer of the virtual card is used to open a virtual card account based on the additional attribute information provided from the above APP and return the account identification code to the above APP, and also to verify the account identification code and additional attribute information returned from the above APP , in the case of passing the verification, send the activation code to the above-mentioned APP, verify the activation code returned from the above-mentioned APP, complete the activation of the virtual card after passing the verification of the activation code and send the card information of the virtual card to the above-mentioned APP;
POS终端,用于获取虚拟卡的授权信息以及虚拟卡信息,并且基于获取的虚拟卡信息、商户信息以及消费信息组织交易请求报文发送到下述收单机构; The POS terminal is used to obtain the authorization information of the virtual card and the virtual card information, and based on the obtained virtual card information, merchant information and consumption information, send the transaction request message to the following acquirer;
收单机构,用于将从上述POS终端获取的交易请求报文发送到下述支付转接网络,并且将来自下述支付转接网络的交易结果反馈到POS终端; The acquirer is used to send the transaction request message obtained from the above-mentioned POS terminal to the following payment transfer network, and feed back the transaction result from the following payment transfer network to the POS terminal;
支付转接网络,用于根据来自上述收单机构的交易请求报文将支付请求发送到虚拟卡的账户发行方,并且将来自虚拟卡的账户发行方的交易结果转发到收单机构。 The payment transfer network is used to send the payment request to the account issuer of the virtual card according to the transaction request message from the acquirer, and forward the transaction result from the account issuer of the virtual card to the acquirer.
优选地,所述移动终端根据账户使用密钥、账户密钥有效时间范围或长度、交易类型、交易信息、硬件信息、私密数据中的一个或多个信息计算授权信息。 Preferably, the mobile terminal calculates the authorization information according to one or more of the account usage key, account key valid time range or length, transaction type, transaction information, hardware information, and private data.
根据本发明,能够用虚拟卡替代实体卡,而且虚拟卡不仅可以是与实体卡关联,也可以是一张纯虚拟卡,如果和实体卡关联的情况下,可以通过对虚拟卡的相关属性的设置来设置其消费额度、消费类型。由此,能够提高用户账户资金的安全性。而且,在本发明中,通过将虚拟卡与移动终端的硬件信息进行绑定,能够进一步提高虚拟卡的安全性。在用虚拟卡进行转帐支付时,需要事先根据TK、EXPD、交易类型、交易信息、移动终端硬件信息、个人私密数据计算授权信息并由虚拟卡的账户发行方验证该授权信息后才能够进行交易,由此能够有效地提高基于虚拟卡的支付的安全性。 According to the present invention, a virtual card can be used instead of a physical card, and the virtual card can not only be associated with a physical card, but also a pure virtual card. Settings to set the consumption amount and consumption type. In this way, the security of the funds in the user account can be improved. Moreover, in the present invention, by binding the virtual card with the hardware information of the mobile terminal, the security of the virtual card can be further improved. When using a virtual card for transfer payment, it is necessary to calculate the authorization information based on TK, EXPD, transaction type, transaction information, mobile terminal hardware information, and personal private data in advance, and the account issuer of the virtual card can verify the authorization information before the transaction can be carried out , thereby effectively improving the security of payment based on the virtual card.
附图说明 Description of drawings
图1是本发明的基于虚拟卡的支付系统以及支付方法的构思框架。 Fig. 1 is the conceptual framework of the virtual card-based payment system and payment method of the present invention.
图2是表示本发明的基于虚拟卡的支付方法的步序图。 Fig. 2 is a sequence diagram showing the payment method based on the virtual card of the present invention.
具体实施方式 detailed description
下面介绍的是本发明的多个实施例中的一些,旨在提供对本发明的基本了解。并不旨在确认本发明的关键或决定性的要素或限定所要保护的范围。 Introduced below are some of the various embodiments of the invention, intended to provide a basic understanding of the invention. It is not intended to identify key or critical elements of the invention or to delineate the scope of protection.
首先对于本发明的一些构思框架以及一些用语进行解释。 First, some conceptual frameworks and some terminology of the present invention are explained.
图1是本发明的基于虚拟卡的支付系统以及支付方法的构思框架。 Fig. 1 is the conceptual framework of the virtual card-based payment system and payment method of the present invention.
如图1所示,本发明包括实体层、应用层以及设备层。 As shown in Fig. 1, the present invention includes a physical layer, an application layer and a device layer.
实体层包括:多个账户发行方、线上收单服务机构、线下收单服务机构。 The entity layer includes: multiple account issuers, online acquiring service agencies, and offline acquiring service agencies.
账户发行方是指为用户发行虚拟卡的法定机构,如银行。 The account issuer refers to the legal institution, such as a bank, that issues the virtual card for the user.
线上收单服务机构是指为用户提供互联网支付服务的机构。 An online acquiring service institution refers to an institution that provides Internet payment services to users.
线下收单服务机构是为用户提供线下POS支付服务的机构。 An offline acquiring service organization is an organization that provides users with offline POS payment services.
应用层包括:自助设备、自然人(human)、网络(internet)、实体店。 The application layer includes: self-service equipment, natural person (human), network (internet), physical store.
自助设备是指为用户提供自助服务的设备,如ATM取款,ATM转账等。该设备通常由账户发行方布放,也可以由线下收单服务机构布放。 Self-service equipment refers to equipment that provides self-service for users, such as ATM withdrawals, ATM transfers, etc. This device is usually deployed by the account issuer, and can also be deployed by an offline acquiring service agency.
自然人(human)是指拥有账户的自然人。 A natural person refers to a natural person who owns an account.
网络(internet)是指通过互联网为用户提供服务或内容的实体。 Internet refers to entities that provide services or content to users via the Internet.
实体店是指在线下拥有固定场所,为用户提供服务或内容的实体。 A physical store refers to an entity that has a fixed location offline and provides services or content to users.
设备层包括受理手机(或者受理终端)、支付网关、POS终端。 The device layer includes mobile phones (or terminals), payment gateways, and POS terminals.
受理手机是指受理虚拟卡的移动智能设备。 Accepting mobile phones refer to mobile smart devices that accept virtual cards.
支付网关(也称为支付转接网络)是指受理虚拟卡的一种基础设施,由账户发行方或线上收单服务机构提供。 A payment gateway (also known as a payment gateway network) refers to an infrastructure for accepting virtual cards, provided by account issuers or online acquiring services.
POS终端是指受理虚拟卡的一种基础设备,由账户发行方或线下收单服务机构提供。 POS terminal refers to a basic device for accepting virtual cards, which is provided by account issuers or offline acquiring service agencies.
下面对于本发明中提及的一些技术术语进行解释。 Some technical terms mentioned in the present invention are explained below.
账户:特指账户发行方为用户开立的虚拟卡账户。 Account: specifically refers to the virtual card account opened by the account issuer for the user.
账户属性:账户发行方为账户设置的属性,如开户人姓名、性别、证件号码、手机号码、住址、邮件等,同时账户属性还包括账户的状态属性。 Account attribute: the attribute set by the account issuer for the account, such as the account holder's name, gender, ID number, mobile phone number, address, email, etc., and the account attribute also includes the status attribute of the account.
联机:特指用户手机和账户发行方系统之间存在持续的数据链路,如3G网络/WIFI等。 Online: specifically refers to the continuous data link between the user's mobile phone and the account issuer's system, such as 3G network/WIFI, etc.
脱机:特指用户手机和账户发行方系统不存在数据链路,无法进行数据交换。 Offline: specifically refers to the fact that there is no data link between the user's mobile phone and the account issuer's system, and data exchange cannot be performed.
APP:移动终端上安装的应用软件,下面描述的还包括其后端应用服务系统。 APP: the application software installed on the mobile terminal, and the description below also includes its back-end application service system.
(个人)私密数据:私密数据的设置有以下几种方法:一类是密码、另一类是“问题-答案”、还有一类是设置例如指纹、虹膜、声音等。例如,设置个人私密数据:如果是密码类型,则为设置新密码。如果是“问题-答案”类型,则设置问题的内容和对应的答案。还有 (Personal) private data: There are several methods for setting private data: one is password, the other is "question-answer", and the other is setting such as fingerprint, iris, voice, etc. For example, setting personal privacy data: if it is a password type, it is to set a new password. If it is a "question-answer" type, set the content of the question and the corresponding answer. and also
输入个人私密数据:如果是密码类型,则为输入密码,如果是“问题-答案”类型,则输入问题对应的答案。 Enter personal private data: if it is a password type, enter the password, and if it is a "question-answer" type, enter the answer corresponding to the question.
第一实施方式first embodiment
下面,对于本发明的第一实施方式的基于虚拟卡的支付方法进行具体说明。 Next, the payment method based on the virtual card according to the first embodiment of the present invention will be specifically described.
图2是表示本发明的第一实施方式的基于虚拟卡的支付方法的步序图。 Fig. 2 is a sequence diagram showing a payment method by a virtual card according to the first embodiment of the present invention.
如图2所示,本发明的第一实施方式的基于虚拟卡的支付方法包括:虚拟卡发行步骤、虚拟卡激活步骤、虚拟卡支付步骤(移动终端受理模式)。 As shown in FIG. 2 , the virtual card-based payment method of the first embodiment of the present invention includes: a virtual card issuing step, a virtual card activation step, and a virtual card payment step (mobile terminal acceptance mode).
接着,对于这些具体步骤进行说明。 Next, these specific steps will be described.
一、虚拟卡发行步骤 1. Virtual card issuance steps
1)用户安装账户发行方许可的APP,该APP为账户发行方为用户提供用于管理虚拟卡的APP软件,该APP既可能是账户发行方的APP,也可是其授权的第三方APP。 1) The user installs the APP licensed by the account issuer. The APP provides the account issuer with the APP software used to manage the virtual card for the user. The APP may be the account issuer's APP or a third-party APP authorized by it.
2)用户设置APP的访问密码。 2) The user sets the access password of the APP.
3)用户通过APP中的申请功能申请虚拟卡账户,并同意账户发行方的相关申明(通过其他渠道如网点亦可,道理相同) 3) The user applies for a virtual card account through the application function in the APP, and agrees to the relevant statement of the account issuer (through other channels such as outlets, the reason is the same)
4)用户提供账户发行方需要的材料,同时账户发行方通过APP采集并保存用户移动终端的硬件信息,硬件信息例如可以包括但不限定于硬件主板序号、SIM卡序号、OS识别码及附加属性等,同时告知用户该移动终端将作为虚拟卡的载体。 4) The user provides the materials required by the account issuer. At the same time, the account issuer collects and saves the hardware information of the user's mobile terminal through the APP. The hardware information may include, but is not limited to, the hardware motherboard serial number, SIM card serial number, OS identification code and additional attributes etc., while informing the user that the mobile terminal will serve as the carrier of the virtual card.
5)账户发行方为用户开立虚拟卡账户,该账户既可以和用户已有的实体卡进行关联,也可是新开立的账户,设置账户状态为待激活。在本发明中,虚拟卡可以是与实体卡关联,也可以是一张纯虚拟卡,如果和实体卡关联的情况下,可以是实体卡的一个子集(成为什么样的子集可以根据下述“二、虚拟卡激活步骤”中的“4)”来进行具体设置),可以并不完全等同于实体卡。 5) The account issuer opens a virtual card account for the user. This account can be associated with the user's existing physical card, or it can be a newly opened account, and the account status is set to be activated. In the present invention, the virtual card can be associated with the physical card, or a pure virtual card. If it is associated with the physical card, it can be a subset of the physical card (what kind of subset can be determined according to the following "4)" in "2. Virtual Card Activation Steps" above for specific settings), it may not be completely equivalent to a physical card.
在本发明中,虚拟卡的发行方既可能是发卡银行,也可能是卡组织。如果该虚拟卡和实体卡关联,虚拟卡卡号和实体卡卡号无任何直接的关联关系,二者仅为互相映射的关系,该映射关系保存在虚拟卡发行方。虚拟卡卡号的编码规则和实体卡的编码规则完全一致,符合国家金融机构及相关国际机构的要求和标准。如果该虚拟卡无实体卡对应,则可有虚拟卡发行方为用户向具有账户发行资质的账户发行机构申请一个合法的资金账户。 In the present invention, the issuer of the virtual card may be the issuing bank or the card organization. If the virtual card is associated with the physical card, the virtual card number and the physical card number do not have any direct relationship, and the two are only a mutual mapping relationship, and the mapping relationship is stored in the virtual card issuer. The encoding rules of the virtual card number are completely consistent with those of the physical card, and comply with the requirements and standards of national financial institutions and relevant international institutions. If the virtual card does not correspond to the physical card, the virtual card issuer can apply for a legal fund account from an account issuing institution with account issuing qualifications for the user.
6)账户发行方为用户提供账户识别码,用于用户在手机APP上激活自己的虚拟卡。 6) The account issuer provides the user with an account identification code for the user to activate his own virtual card on the mobile APP.
二、虚拟卡激活步骤 2. Virtual card activation steps
1)用户选择APP中提供的激活虚拟卡功能。 1) The user selects the activation virtual card function provided in the APP.
2)用户指定账户发行方并输入账户识别码,APP将账户激活请求发送到对应的账户发行方。其中,上送信息包括移动终端的硬件信息,这里的硬件信息可以包括但不限定于硬件主板序号、SIM卡序号、OS识别码及附加属性等。 2) The user specifies the account issuer and enters the account identification code, and the APP sends the account activation request to the corresponding account issuer. Wherein, the uploaded information includes the hardware information of the mobile terminal, and the hardware information here may include but not limited to the serial number of the hardware motherboard, the serial number of the SIM card, the OS identification code, and additional attributes.
上送信息还可以包括账户发行方需用户设置的个人私密数据。如果是密码类型,用户可用APP的访问密码作为个人私密数据,也可设置一个新的密码。 The uploaded information may also include personal private data that the account issuer requires the user to set. If it is a password type, the user can use the APP access password as personal private data, or set a new password.
3)账户发行方验证上送移动终端的硬件信息、账户识别码,如果正确,则保存个人私密数据,同时通过移动终端短信的方式发送激活码,后台系统维护该虚拟卡的账户状态不变。 3) The account issuer verifies the hardware information and account identification code sent to the mobile terminal. If it is correct, the personal private data will be saved, and the activation code will be sent through the mobile terminal text message. The background system will maintain the account status of the virtual card unchanged.
4)用户在APP上输入账户发行方提供的激活码,设置该虚拟卡的相关属性。 4) The user enters the activation code provided by the account issuer on the APP, and sets the relevant attributes of the virtual card.
例如,可以设置可用额度:XXXXXX.00元; For example, you can set the available amount: XXXXXX.00 yuan;
电子现金:XXXX.00元; Electronic cash: XXXX.00 yuan;
别名:YYY; Alias: YYY;
允许POS消费:最多使用【N】次; Allow POS consumption: use up to [N] times;
允许线上消费。 Online consumption is allowed.
注:如果该账户和实体卡对应,则出现“可用额度”的属性。 Note: If the account corresponds to the physical card, the attribute of "Available Limit" will appear.
5)APP上送包含上述激活码以及虚拟卡的相关属性的激活请求。 5) The APP sends an activation request including the above activation code and the relevant attributes of the virtual card.
6)账户发行方验证该激活码,如果失败,则拒绝该此账户激活;如果成功,则设置账户状态为已激活,并通知APP账户激活成功。同时下发如下数据: 6) The account issuer verifies the activation code, if it fails, it rejects the account activation; if it succeeds, it sets the account status as activated, and notifies the APP that the account activation is successful. Send the following data at the same time:
账户使用密钥(以也记为TK); Account usage key (also denoted as TK);
账户密钥有效时间范围或长度(以下记为EXPD) Valid time range or length of the account key (hereinafter referred to as EXPD)
虚拟卡卡号(可选)。 Virtual card number (optional).
虚拟卡的余额及消费: Virtual card balance and consumption:
用户可通过其他银行卡账户、金融账户或现金等给虚拟卡账户充值,如果该虚拟卡账户本身和实体卡账户相关联,则账户发行方可提供多种方式允许用户将对应账户内的资金划转到虚拟卡账户,也可将对应账户的可用余额(包括真实余额及账户本身的信用额度)的一部分作为虚拟卡的可用额度授信。 Users can recharge the virtual card account through other bank card accounts, financial accounts or cash, etc. If the virtual card account itself is associated with the physical card account, the account issuer can provide multiple ways to allow the user to transfer funds in the corresponding account Transferring to the virtual card account, part of the available balance of the corresponding account (including the real balance and the credit limit of the account itself) can also be used as the available credit limit of the virtual card.
当虚拟卡消费时,如果余额是真实的余额则直接扣减账户余额,如果是额度授信,则扣减信用额度,同时从对应的实体账户中扣减账户余额。 When the virtual card is consumed, if the balance is a real balance, the account balance will be deducted directly; if it is a credit limit, the credit limit will be deducted, and the account balance will be deducted from the corresponding physical account at the same time.
三.虚拟卡支付步骤(移动终端受理模式) three. Virtual Card Payment Steps (Mobile Terminal Acceptance Mode)
以转账为例,双方协商进行转账,转出方作为虚拟卡的消费方,转入方作为受理方。 Taking money transfer as an example, the two parties negotiate to transfer money, the transfer-out party acts as the consumer of the virtual card, and the transfer-in party acts as the accepting party.
1)消费方选择APP中的虚拟卡,此时APP无需联机。同时选择转账交易。 1) The consumer selects the virtual card in the APP, and the APP does not need to be online at this time. At the same time, select the transfer transaction.
2)APP检查该虚拟卡的有效期,如果无效则直接拒绝,否则根据账户发行方约定算法计算本次交易的授权信息(记为INFO_AUTH)。 2) The APP checks the validity period of the virtual card, and if it is invalid, it directly rejects it, otherwise, it calculates the authorization information of this transaction (denoted as INFO_AUTH) according to the algorithm agreed by the account issuer.
INFO_AUTH=f(TK,EXPD、交易类型、交易信息、移动终端硬件信息、个人私密数据) INFO_AUTH=f (TK, EXPD, transaction type, transaction information, mobile terminal hardware information, personal private data)
交易类型包括:交易渠道=移动终端、交易类型=转账等信息; Transaction type includes: transaction channel = mobile terminal, transaction type = transfer and other information;
交易信息包括:交易金额、交易时间、交易日期等信息 Transaction information includes: transaction amount, transaction time, transaction date and other information
如果个人私密数据需用户输入,则APP应当提示用户输入该数据。 If personal private data needs to be input by the user, the APP should prompt the user to enter the data.
如果虚拟卡激活时没有下载卡号,则APP根据与账户发行方约定的算法动态生成虚拟卡号。 If the card number is not downloaded when the virtual card is activated, the APP will dynamically generate the virtual card number according to the algorithm agreed with the account issuer.
3)受理方提示消费方将移动终端靠近受理方移动终端,受理方移动终端通过NFC或二维码读取消费方移动终端中的虚拟卡信息,包括虚拟卡号、有效期、INFO_AUTH、交易类型、交易金额等信息。 3) The accepting party reminds the consumer to bring the mobile terminal close to the accepting party's mobile terminal, and the accepting party's mobile terminal reads the virtual card information in the consumer's mobile terminal through NFC or QR code, including virtual card number, validity period, INFO_AUTH, transaction type, transaction Amount and other information.
4)受理方将读取到的信息和本身的交易所需信息(如转入方账户)一起通过支付转接网络发送到消费方的账户发行方,消费方账户发行方验证交易是否在允许的范围、交易金额是否满足约定条件、交易渠道是否满足条件以及INFO_AUTH是否正确后,批准或拒绝该交易,并返回响应报文。 4) The accepting party sends the read information together with the information required for its own transaction (such as the account of the transferee) to the issuer of the account of the consumer through the payment transfer network, and the issuer of the account of the consumer verifies whether the transaction is allowed After checking the range, whether the transaction amount meets the agreed conditions, whether the transaction channel meets the conditions, and whether INFO_AUTH is correct, approve or reject the transaction and return a response message.
5)支付转接网络根据消费方账户发行方给出的交易结果做必要的处理,如交易被批准,则通知转入方账户的提供方入账,之后将交易结果通知受理方APP。 5) The payment transfer network will do necessary processing according to the transaction result given by the consumer account issuer. If the transaction is approved, it will notify the provider of the transferee account to enter the account, and then notify the accepting party APP of the transaction result.
6)消费方的账户发行方通知消费方的APP本次交易的结果。 6) The consumer's account issuer notifies the consumer's APP of the transaction result.
接着,对于本第一实施方式的基于虚拟卡的支付系统进行说明。 Next, the virtual card-based payment system according to the first embodiment will be described.
第一实施方式的基于虚拟卡的支付系统包括: The virtual card-based payment system of the first embodiment includes:
消费方的移动终端,安装有APP,用于将该移动终端设置为虚拟卡的载体并将移动终端的硬件信息以及用户信息提供到下述虚拟卡的账户发行方,还用于将包含从下述虚拟卡的账户发行方发送来的下述账户识别码、移动终端的硬件信息的激活请求发送到账户发行方来请求激活账户,当从下述账户发行方收到激活码后用于输入该激活码并设置该虚拟卡的属性信息,并且将包含激活码以及属性信息的激活请求发送到虚拟卡的账户发行方,还用于计算消费方的虚拟卡的授权信息; The consumer's mobile terminal is installed with an APP, which is used to set the mobile terminal as the carrier of the virtual card and provide the hardware information and user information of the mobile terminal to the account issuer of the following virtual card, and is also used to transfer the information contained in the virtual card from the following The activation request of the following account identification code and the hardware information of the mobile terminal sent by the account issuer of the above-mentioned virtual card is sent to the account issuer to request activation of the account. After receiving the activation code from the following account issuer, it is used to input the Activate the code and set the attribute information of the virtual card, and send the activation request containing the activation code and attribute information to the account issuer of the virtual card, and also use it to calculate the authorization information of the virtual card of the consumer;
虚拟卡的账户发行方,用于根据从上述APP提供来的硬件信息以及用户信息开设虚拟卡的账户并向上述APP返回账户识别码,还用于验证从APP返回来的账户识别码和硬件信息,在通过验证的情况下向消费方的APP发送激活码,对于从上述消费方的APP返回的激活码进行验证,在通过激活码的验证后完成虚拟卡的激活并且将虚拟卡的卡信息下发到上述消费方的APP,并且在虚拟卡的账户发行方验证授权信息成功的情况下完成交易; The account issuer of the virtual card is used to open a virtual card account based on the hardware information and user information provided by the above APP and return the account identification code to the above APP, and also to verify the account identification code and hardware information returned from the APP , in the case of passing the verification, send the activation code to the APP of the consumer, verify the activation code returned from the APP of the above consumer, complete the activation of the virtual card after passing the verification of the activation code and download the card information of the virtual card Send to the APP of the above-mentioned consumer, and complete the transaction when the account issuer of the virtual card successfully verifies the authorization information;
受理方的移动终端,用于获取消费方的虚拟卡的授权信息以及虚拟卡信息,并且将获取的虚拟卡信息以及消费信息与受理方的账户信息一起发送到下述支付转接网络; The accepting party's mobile terminal is used to obtain the authorization information and virtual card information of the consumer's virtual card, and send the acquired virtual card information and consumption information together with the accepting party's account information to the following payment transfer network;
支付转接网络,用于将来自上述受理方的移动终端的虚拟卡信息、消费信息、受理方的账户信息发送到消费方的账户发行方,并且在完成交易的情况下将交易结果通知受理方的移动终端。 The payment transfer network is used to send the virtual card information, consumption information, and account information of the accepting party from the mobile terminal of the accepting party to the account issuer of the consumer, and notify the accepting party of the transaction result when the transaction is completed mobile terminal.
优选地,所述消费方的移动终端用于根据账户使用密钥、账户密钥有效时间范围或长度、交易类型、交易信息、硬件信息、私密数据中的一个或多个信息计算授权信息。 Preferably, the consumer's mobile terminal is used to calculate the authorization information according to one or more of the account use key, account key valid time range or length, transaction type, transaction information, hardware information, and private data.
在本发明中,虚拟卡不仅可以是与实体卡关联,也可以是一张纯虚拟卡,如果和实体卡关联的情况下,可以通过对虚拟卡的相关属性的设置来设置其消费额度、消费类型。通过这样的设置能够由用户自己控制消费额度、消费类型,从另一方面来看也就是提高了用户账户的安全性。 In the present invention, the virtual card can not only be associated with a physical card, but also a pure virtual card. If it is associated with a physical card, its consumption amount, consumption amount, etc. can be set by setting the relevant attributes of the virtual card. Types of. Through such a setting, the user can control the amount of consumption and the type of consumption. On the other hand, the security of the user account is improved.
如上所述,在本发明中,通过将虚拟卡与移动终端的硬件信息进行绑定,能够提高虚拟卡的安全性。这是因为,虚拟卡已经与特定的移动终端的硬件信息绑定,在用虚拟卡进行转帐支付时,APP就需要先根据TK、EXPD、交易类型、交易信息、移动终端硬件信息、个人私密数据计算授权信息并由虚拟卡的账户发行方验证该授权信息后才能够进行交易,假设不法分子盗取了虚拟卡卡号,但他也没有办法获知移动终端的硬件信息,因此,就不能进行后续的授权信息的计算、以及验证等,这样就不能完成交易,故不法分子就不能盗取虚拟卡账户上的资金,由此能够有效地提高基于虚拟卡的支付的安全性。 As mentioned above, in the present invention, by binding the virtual card with the hardware information of the mobile terminal, the security of the virtual card can be improved. This is because the virtual card has been bound with the hardware information of a specific mobile terminal. When using a virtual card for transfer payment, the APP needs to first base on TK, EXPD, transaction type, transaction information, mobile terminal hardware information, and personal private data. Only after calculating the authorization information and verifying the authorization information by the account issuer of the virtual card can the transaction be carried out, assuming that the criminal has stolen the virtual card number, but he has no way to know the hardware information of the mobile terminal, so subsequent transactions cannot be carried out. Calculation and verification of authorization information, etc., so that the transaction cannot be completed, so criminals cannot steal the funds on the virtual card account, thereby effectively improving the security of payment based on the virtual card.
第二实施方式second embodiment
下面,对于本发明的第二实施方式的基于虚拟卡的支付方法进行具体说明。 Next, the payment method based on the virtual card according to the second embodiment of the present invention will be specifically described.
第二实施方式的基于虚拟卡的支付方法与第一实施方式的基于虚拟卡的支付方法相比,虚拟卡发行步骤和虚拟卡激活步骤相同,不同之处在于虚拟卡支付步骤(internet模式),因此,这里省略对虚拟卡发行步骤和虚拟卡激活步骤的说明,仅对虚拟卡支付步骤进行说明。 Compared with the payment method based on the virtual card of the first embodiment, the payment method based on the virtual card of the second embodiment is the same as the virtual card issuing step and the virtual card activation step, and the difference lies in the virtual card payment step (internet mode), Therefore, the description of the virtual card issuing step and the virtual card activation step is omitted here, and only the virtual card payment step is described.
接着,对于第二实施方式的虚拟卡支付步骤进行说明。 Next, the virtual card payment procedure of the second embodiment will be described.
第二实施方式的虚拟卡支付步骤包括下述子步骤: The virtual card payment step of the second embodiment includes the following sub-steps:
1)用户使用PC/PAD等设备登录网站浏览商户信息并生成订单。 1) Users use PC/PAD and other devices to log in to the website to browse merchant information and generate orders.
2)用户选择线上收单服务提供方提供的虚拟卡支付方式。 2) The user selects the virtual card payment method provided by the online acquiring service provider.
3)线上收单服务提供方的支付页面提示用户输入虚拟卡号、有效期及认证信息。 3) The payment page of the online acquiring service provider prompts the user to enter the virtual card number, validity period and authentication information.
4)用户打开移动终端APP,选择某张虚拟卡并选择在线支付功能。 4) The user opens the mobile terminal APP, selects a virtual card and selects the online payment function.
5)APP检查该虚拟卡的有效期,如果无效则直接拒绝,否则根据账户发行方约定算法计算本次交易的授权信息(记为INFO_AUTH), 5) The APP checks the validity period of the virtual card, and if it is invalid, it will directly reject it; otherwise, it will calculate the authorization information of this transaction (denoted as INFO_AUTH) according to the algorithm agreed by the account issuer,
其中,INFO_AUTH=f(TK,EXPD、交易类型、交易信息、移动终端硬件信息、个人私密数据), Among them, INFO_AUTH=f (TK, EXPD, transaction type, transaction information, mobile terminal hardware information, personal private data),
交易类型包括交易渠道=互联网、交易类型=在线支付等信息, Transaction type includes information such as transaction channel = Internet, transaction type = online payment, etc.
交易信息包括交易金额、交易时间、交易日期等信息, Transaction information includes information such as transaction amount, transaction time, transaction date, etc.
如果个人私密数据需用户输入,则APP应当提示用户输入该数据,如果虚拟卡激活时没有下载卡号,则APP根据与账户提供方约定的算法动态生成虚拟卡号。 If the personal private data needs to be input by the user, the APP should prompt the user to enter the data. If the card number is not downloaded when the virtual card is activated, the APP will dynamically generate the virtual card number according to the algorithm agreed with the account provider.
6)APP将上述信息显示在移动终端屏幕上,用户根据显示信息输入虚拟卡号、有效期和认证信息到网上支付页面。 6) The APP displays the above information on the screen of the mobile terminal, and the user enters the virtual card number, validity period and authentication information to the online payment page according to the displayed information.
7)如果支付网关支持通过二维码收集信息,APP也可将上述信息生成二维码,供PC/PAD上的设备扫描获取上述信息。 7) If the payment gateway supports collecting information through QR codes, the APP can also generate QR codes for the above information, which can be scanned by the device on the PC/PAD to obtain the above information.
8)线上收单服务机构的支付页面收到上述信息后,将上述信息及本身的商户信息(如机构编号、商户编号等信息)一起组织交易请求报文,通过支付转接网络发送到虚拟卡的账户提供方,账户提供方验证交易是否在允许的范围、交易金额是否满足约定条件、交易渠道是否满足条件以及INFO_AUTH是否正确后,批准或拒绝该交易,并返回响应报文。 8) After the payment page of the online acquiring service agency receives the above information, it organizes a transaction request message together with the above information and its own merchant information (such as institution number, merchant number, etc.), and sends it to the virtual network through the payment transfer network. The account provider of the card, after verifying whether the transaction is within the allowed range, whether the transaction amount meets the agreed conditions, whether the transaction channel meets the conditions and whether INFO_AUTH is correct, the account provider approves or rejects the transaction and returns a response message.
9)支付转接网络根据消费方账户提供方给出的交易结果做必要的处理,之后将交易结果通知线上收单服务机构,线上收单服务机构生成支付结果页面提示用户支付结果。 9) The payment transfer network performs necessary processing according to the transaction result given by the consumer account provider, and then notifies the online acquiring service agency of the transaction result, and the online acquiring service agency generates a payment result page to prompt the user for the payment result.
10)虚拟卡账户提供方可选通知消费方的APP本次交易的结果。 10) The virtual card account provider can optionally notify the consumer's APP of the transaction result.
接着,对于本发明第二实施方式的基于虚拟卡的支付系统进行简单说明。 Next, a brief description will be given of a payment system based on a virtual card according to a second embodiment of the present invention.
本发明第二实施方式的基于虚拟卡的支付系统包括: The virtual card-based payment system according to the second embodiment of the present invention includes:
移动终端,安装有APP,该APP用于将该移动终端设置为虚拟卡的载体并将移动终端的硬件信息以及用户信息提供到下述虚拟卡的账户发行方,还用于将包含从下述虚拟卡的账户发行方发送来的下述账户识别码、移动终端的硬件信息的激活请求发送到账户发行方来请求激活账户,当从下述账户发行方收到激活码后用于输入该激活码并设置该虚拟卡的属性信息,并且将包含激活码以及属性信息的激活请求发送到虚拟卡的账户发行方,还用于计算虚拟卡的授权信息并显示于移动终端上; The mobile terminal is installed with an APP, which is used to set the mobile terminal as the carrier of the virtual card and provide the hardware information and user information of the mobile terminal to the account issuer of the virtual card described below, and is also used to transfer the information contained in the virtual card from the following The activation request of the following account identification code and mobile terminal hardware information sent by the account issuer of the virtual card is sent to the account issuer to request activation of the account. After receiving the activation code from the following account issuer, it is used to enter the activation Code and set the attribute information of the virtual card, and send the activation request including the activation code and attribute information to the account issuer of the virtual card, and also calculate the authorization information of the virtual card and display it on the mobile terminal;
虚拟卡的账户发行方,用于根据从上述APP提供来的硬件信息以及用户信息开设虚拟卡的账户并向上述APP返回账户识别码,还用于验证从上述APP返回来的账户识别码和硬件信息,在通过验证的情况下向上述APP发送激活码,对于从上述APP返回的激活码进行验证,在通过激活码的验证后完成虚拟卡的激活并且将虚拟卡的卡信息下发到上述APP; The account issuer of the virtual card is used to open a virtual card account based on the hardware information and user information provided by the above APP and return the account identification code to the above APP, and also to verify the account identification code and hardware returned from the above APP information, send the activation code to the above-mentioned APP in the case of passing the verification, verify the activation code returned from the above-mentioned APP, complete the activation of the virtual card after passing the verification of the activation code and send the card information of the virtual card to the above-mentioned APP ;
收单机构,用于获取虚拟卡的授权信息以及虚拟卡信息,并且基于获取的虚拟卡信息、商户信息以及消费信息组织交易请求报文发送到下述支付转接网络,并且接收来自上述支付转接网络的交易结果; The acquirer is used to obtain the authorization information and virtual card information of the virtual card, and based on the obtained virtual card information, merchant information and consumer information, organize the transaction request message to be sent to the following payment transfer network, and receive information from the above payment transfer network. The transaction results connected to the network;
支付转接网络,用于根据来自上述收单机构的交易请求报文将支付请求发送到账户发行方,还用于接收来自账户发行方的交易结果并转发到收单机构。 The payment transfer network is used to send the payment request to the account issuer according to the transaction request message from the above-mentioned acquirer, and is also used to receive the transaction result from the account issuer and forward it to the acquirer.
优选地,所述移动终端根据账户使用密钥、账户密钥有效时间范围或长度、交易类型、交易信息、硬件信息、私密数据中的一个或多个信息计算授权信息。 Preferably, the mobile terminal calculates the authorization information according to one or more of the account usage key, account key valid time range or length, transaction type, transaction information, hardware information, and private data.
在第二实施方式中,与第一实施方式类似地,利用虚拟卡在网络上进行支付时,需要根据TK、EXPD、交易类型、交易信息、移动终端硬件信息、个人私密数据计算授权信息并由虚拟卡的账户发行方验证该授权信息后才能够进行交易。因此,能够有效地提高基于虚拟卡的支付的安全性。 In the second embodiment, similar to the first embodiment, when using a virtual card to pay on the network, it is necessary to calculate authorization information based on TK, EXPD, transaction type, transaction information, mobile terminal hardware information, and personal private data. The account issuer of the virtual card can only conduct transactions after verifying the authorization information. Therefore, the security of payment based on the virtual card can be effectively improved.
第三实施方式third embodiment
下面,对于本发明的第三实施方式的基于虚拟卡的支付方法进行具体说明。 Next, the payment method based on the virtual card according to the third embodiment of the present invention will be specifically described.
第三实施方式的基于虚拟卡的支付方法与第一实施方式的基于虚拟卡的支付方法相比,虚拟卡发行步骤和虚拟卡激活步骤相同,不同之处在于虚拟卡支付步骤(POS模式),因此,这里省略对虚拟卡发行步骤和虚拟卡激活步骤的说明,仅对虚拟卡支付步骤进行说明。 Compared with the virtual card-based payment method of the first embodiment, the virtual card-based payment method of the third embodiment has the same virtual card issuance step and virtual card activation step, and the difference lies in the virtual card payment step (POS mode), Therefore, the description of the virtual card issuing step and the virtual card activation step is omitted here, and only the virtual card payment step is described.
接着,对于第三实施方式的虚拟卡支付步骤进行说明。 Next, the virtual card payment procedure of the third embodiment will be described.
第三实施方式的虚拟卡支付步骤包括下述子步骤: The virtual card payment step of the third embodiment includes the following sub-steps:
1)用户在线下商店购物完成后,在POS收银处打开移动终端APP,选择某张虚拟卡并选择线下消费功能。 1) After the user finishes shopping in the offline store, he opens the mobile terminal APP at the POS cash register, selects a virtual card and selects the offline consumption function.
2)APP检查该虚拟卡的有效期,如果无效则直接拒绝,否则根据账户发行方约定算法计算本次交易的授权信息(记为INFO_AUTH), 2) The APP checks the validity period of the virtual card, and if it is invalid, it will directly reject it; otherwise, it will calculate the authorization information of this transaction (denoted as INFO_AUTH) according to the algorithm agreed by the account issuer,
其中,INFO_AUTH=f(TK,EXPD、交易类型、交易信息、移动终端硬件信息、个人私密数据), Among them, INFO_AUTH=f (TK, EXPD, transaction type, transaction information, mobile terminal hardware information, personal private data),
交易类型包括交易渠道=互联网、交易类型=在线支付等信息, Transaction type includes information such as transaction channel = Internet, transaction type = online payment, etc.
交易信息包括交易金额、交易时间、交易日期等信息, Transaction information includes information such as transaction amount, transaction time, transaction date, etc.
如果个人私密数据需用户输入,则APP应当提示用户输入该数据,如果虚拟卡激活时没有下载卡号,则APP根据与账户提供方约定的算法动态生成虚拟卡号。 If the personal private data needs to be input by the user, the APP should prompt the user to enter the data. If the card number is not downloaded when the virtual card is activated, the APP will dynamically generate the virtual card number according to the algorithm agreed with the account provider.
3)APP将根据上述信息进行编码,并以二维码图像的方式显示在移动终端APP上,POS通过条码阅读器读取虚拟卡信息。 3) The APP will be encoded according to the above information, and displayed on the mobile terminal APP in the form of a QR code image, and the POS will read the virtual card information through the barcode reader.
4)如果移动终端支持NFC,用户需将移动终端靠近POS的NFC阅读器,POS通过NFC读取虚拟卡信息。 4) If the mobile terminal supports NFC, the user needs to put the mobile terminal close to the NFC reader of the POS, and the POS reads the virtual card information through NFC.
5)POS收单虚拟卡信息后,将上述信息及本身的信息(如机构编号、商户编号等信息)一起组织交易请求报文发送到线下收单服务机构后台,并通过支付转接网络发送到虚拟卡的账户提供方,账户提供方验证交易是否在允许的范围、交易金额是否满足约定条件、交易渠道是否满足条件以及INFO_AUTH是否正确后,批准或拒绝该交易,并返回响应报文。 5) After the POS acquires the virtual card information, the above information and its own information (such as institution number, merchant number, etc.) are organized together and the transaction request message is sent to the background of the offline acquiring service agency, and sent through the payment transfer network To the account provider of the virtual card, the account provider verifies whether the transaction is within the allowed range, whether the transaction amount meets the agreed conditions, whether the transaction channel meets the conditions, and whether INFO_AUTH is correct, approve or reject the transaction, and return a response message.
8)支付转接网络根据消费方账户提供方给出的交易结果做必要的处理,之后将交易结果通知线下收单服务机构,线下收单服务机构发送交易结果到POS,POS根据交易结果通知持卡人交易结果。 8) The payment transfer network performs necessary processing according to the transaction result given by the consumer account provider, and then notifies the offline acquiring service agency of the transaction result, and the offline acquiring service agency sends the transaction result to the POS, and the POS according to the transaction result Notify the cardholder of the transaction result.
9)虚拟卡账户提供方可选通知消费方的APP本次交易的结果。 9) The virtual card account provider can optionally notify the consumer's APP of the transaction result.
接着,对于本发明第三实施方式的基于虚拟卡的支付系统进行说明。本发明第三实施方式的基于虚拟卡的支付系统包括: Next, a payment system based on a virtual card according to a third embodiment of the present invention will be described. The payment system based on the virtual card according to the third embodiment of the present invention includes:
移动终端,安装有APP,该APP用于将该移动终端设置为虚拟卡的载体并将移动终端的硬件信息以及用户信息提供到下述虚拟卡的账户发行方,还用于将包含从下述虚拟卡的账户发行方发送来的下述账户识别码、移动终端的硬件信息的激活请求发送到账户发行方来请求激活账户,当从下述账户发行方收到激活码后用于输入该激活码并设置该虚拟卡的属性信息,并且将包含激活码以及属性信息的激活请求发送到虚拟卡的账户发行方,还用于计算虚拟卡的授权信息并显示于移动终端上; The mobile terminal is installed with an APP, which is used to set the mobile terminal as the carrier of the virtual card and provide the hardware information and user information of the mobile terminal to the account issuer of the virtual card described below, and is also used to transfer the information contained in the virtual card from the following The activation request of the following account identification code and mobile terminal hardware information sent by the account issuer of the virtual card is sent to the account issuer to request activation of the account. After receiving the activation code from the following account issuer, it is used to enter the activation Code and set the attribute information of the virtual card, and send the activation request including the activation code and attribute information to the account issuer of the virtual card, and also calculate the authorization information of the virtual card and display it on the mobile terminal;
虚拟卡的账户发行方,用于根据从上述APP提供来的硬件信息以及用户信息开设虚拟卡的账户并向上述APP返回账户识别码,还用于验证从上述APP返回来的账户识别码和硬件信息,在通过验证的情况下向上述APP发送激活码,对于从上述APP返回的激活码进行验证,在通过激活码的验证后完成虚拟卡的激活并且将虚拟卡的卡信息下发到上述APP; The account issuer of the virtual card is used to open a virtual card account based on the hardware information and user information provided by the above APP and return the account identification code to the above APP, and also to verify the account identification code and hardware returned from the above APP information, send the activation code to the above-mentioned APP in the case of passing the verification, verify the activation code returned from the above-mentioned APP, complete the activation of the virtual card after passing the verification of the activation code and send the card information of the virtual card to the above-mentioned APP ;
POS终端,用于获取虚拟卡的授权信息以及虚拟卡信息,并且基于获取的虚拟卡信息、商户信息以及消费信息组织交易请求报文发送到下述收单机构; The POS terminal is used to obtain the authorization information of the virtual card and the virtual card information, and based on the obtained virtual card information, merchant information and consumption information, send the transaction request message to the following acquirer;
收单机构,用于将从上述POS终端获取的交易请求报文发送到下述支付转接网络,并且将来自下述支付转接网络的交易结果反馈到POS终端; The acquirer is used to send the transaction request message obtained from the above-mentioned POS terminal to the following payment transfer network, and feed back the transaction result from the following payment transfer network to the POS terminal;
支付转接网络,用于根据来自上述收单机构的交易请求报文将支付请求发送到虚拟卡的账户发行方,并且将来自虚拟卡的账户发行方的交易结果转发到收单机构。 The payment transfer network is used to send the payment request to the account issuer of the virtual card according to the transaction request message from the acquirer, and forward the transaction result from the account issuer of the virtual card to the acquirer.
优选地,所述移动终端根据账户使用密钥、账户密钥有效时间范围或长度、交易类型、交易信息、硬件信息、私密数据中的一个或多个信息计算授权信息。 Preferably, the mobile terminal calculates the authorization information according to one or more of the account usage key, account key valid time range or length, transaction type, transaction information, hardware information, and private data.
在第三实施方式中,与第一实施方式类似地,利用虚拟卡在网络上进行支付时,需要根据TK、EXPD、交易类型、交易信息、移动终端硬件信息、个人私密数据计算授权信息并由虚拟卡的账户发行方验证该授权信息后才能够进行交易。因此,能够有效地提高基于虚拟卡的支付的安全性。 In the third embodiment, similar to the first embodiment, when using a virtual card to pay on the network, it is necessary to calculate authorization information based on TK, EXPD, transaction type, transaction information, mobile terminal hardware information, and personal private data. The account issuer of the virtual card can only conduct transactions after verifying the authorization information. Therefore, the security of payment based on the virtual card can be effectively improved.
综上所述,在本发明中,实现了实体卡的虚拟化、去重力化,能够利用虚拟卡来替代实体卡,而且,虚拟卡不仅可以是与实体卡关联,也可以是一张纯虚拟卡,如果和实体卡关联的情况下,可以通过对虚拟卡的相关属性的设置来设置其消费额度、消费类型。由此,能够提高用户账户资金的安全性。 To sum up, in the present invention, the virtualization and degravity of the physical card are realized, and the virtual card can be used to replace the physical card. Moreover, the virtual card can not only be associated with the physical card, but also a pure virtual card. If the card is associated with a physical card, you can set its consumption limit and consumption type by setting the relevant attributes of the virtual card. In this way, the security of the funds in the user account can be improved.
而且,在本发明中,基于虚拟卡的支付方法以及支付系统能够应用于丰富的应用场景,例如,移动终端模式、internet模式、POS模式。 Moreover, in the present invention, the virtual card-based payment method and payment system can be applied to rich application scenarios, for example, mobile terminal mode, internet mode, and POS mode.
而且,在本发明中,通过将虚拟卡与移动终端的硬件信息进行绑定,能够进一步提高虚拟卡的安全性。在用虚拟卡进行转帐支付时,需要事先根据TK、EXPD、交易类型、交易信息、移动终端硬件信息、个人私密数据计算授权信息并由虚拟卡的账户发行方验证该授权信息后才能够进行交易,由此能够有效地提高基于虚拟卡的支付的安全性。 Moreover, in the present invention, by binding the virtual card with the hardware information of the mobile terminal, the security of the virtual card can be further improved. When using a virtual card for transfer payment, it is necessary to calculate the authorization information based on TK, EXPD, transaction type, transaction information, mobile terminal hardware information, and personal private data in advance, and the account issuer of the virtual card can verify the authorization information before the transaction can be carried out , thereby effectively improving the security of payment based on the virtual card.
以上例子主要说明了本发明的基于虚拟卡的支付方法以及支付系统。尽管只对其中一些本发明的具体实施方式进行了描述,但是本领域普通技术人员应当了解,本发明可以在不偏离其主旨与范围内以许多其他的形式实施。因此,所展示的例子与实施方式被视为示意性的而非限制性的,在不脱离如所附各权利要求所定义的本发明精神及范围的情况下,本发明可能涵盖各种的修改与替换。 The above examples mainly illustrate the virtual card-based payment method and payment system of the present invention. Although only some specific embodiments of the present invention have been described, those skilled in the art should understand that the present invention can be implemented in many other forms without departing from the spirit and scope thereof. The examples and embodiments shown are therefore to be regarded as illustrative and not restrictive, and the invention may cover various modifications without departing from the spirit and scope of the invention as defined in the appended claims with replace.
Claims (21)
Priority Applications (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN201410845210.0A CN105590214A (en) | 2014-12-31 | 2014-12-31 | Payment method and payment system based on virtual card |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN201410845210.0A CN105590214A (en) | 2014-12-31 | 2014-12-31 | Payment method and payment system based on virtual card |
Publications (1)
| Publication Number | Publication Date |
|---|---|
| CN105590214A true CN105590214A (en) | 2016-05-18 |
Family
ID=55929779
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN201410845210.0A Pending CN105590214A (en) | 2014-12-31 | 2014-12-31 | Payment method and payment system based on virtual card |
Country Status (1)
| Country | Link |
|---|---|
| CN (1) | CN105590214A (en) |
Cited By (30)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN106022772A (en) * | 2016-05-27 | 2016-10-12 | 深圳市八零年代网络科技有限公司 | Payment card setting method and payment card setting device |
| CN106209378A (en) * | 2016-07-06 | 2016-12-07 | 中国银联股份有限公司 | Safety information interaction method based on virtual secure information carrier |
| CN106355004A (en) * | 2016-08-27 | 2017-01-25 | 挂号网(杭州)科技有限公司 | Resident health card based on entity card virtualization achieving method and system platform |
| CN106980972A (en) * | 2016-12-29 | 2017-07-25 | 中国银联股份有限公司 | Offline payment method and its payment system, mobile terminal based on TEE |
| CN107274168A (en) * | 2017-06-15 | 2017-10-20 | 中国银行股份有限公司 | A kind of method of payment, system, Novel POS machine and payment core system |
| WO2017219270A1 (en) * | 2016-06-22 | 2017-12-28 | 北京小米移动软件有限公司 | Method and device for displaying virtual card |
| CN107527225A (en) * | 2016-06-15 | 2017-12-29 | 维萨国际服务协会 | System and method for wide-scale distribution of the efficient process resource between account |
| CN107993064A (en) * | 2017-11-29 | 2018-05-04 | 深圳消费物联科技有限公司 | A kind of enterprise's stored-value-card issuance method and its system based on NFC |
| CN108009822A (en) * | 2018-01-02 | 2018-05-08 | 中国工商银行股份有限公司 | A kind of cloud method of payment, system and payment mechanism, user terminal |
| CN108090767A (en) * | 2017-12-28 | 2018-05-29 | 中国联合网络通信集团有限公司 | Recharge method and charging system based on block chain |
| TWI626606B (en) * | 2016-07-28 | 2018-06-11 | Electronic card establishment system and method thereof | |
| CN108171504A (en) * | 2017-11-16 | 2018-06-15 | 深圳市微付充科技有限公司 | A kind of polymerization method of payment, mobile equipment and storage device |
| CN108717633A (en) * | 2018-05-31 | 2018-10-30 | 腾讯科技(深圳)有限公司 | Virtual card data processing method, system, device, computer equipment and storage medium |
| CN109034791A (en) * | 2018-07-19 | 2018-12-18 | 国民技术股份有限公司 | Payment code method of commerce, smart card, mobile terminal and cashing machine |
| CN110119941A (en) * | 2018-02-07 | 2019-08-13 | 银联国际有限公司 | Mobile-payment system and method for mobile payment |
| CN110322244A (en) * | 2019-07-05 | 2019-10-11 | 中国工商银行股份有限公司 | It is a kind of based on the inter-bank of virtual account without card enchashment processing method and processing device |
| CN110766394A (en) * | 2019-10-21 | 2020-02-07 | 腾讯科技(深圳)有限公司 | Bus taking payment method and device based on credit degree, electronic equipment and storage medium |
| CN110766395A (en) * | 2019-08-29 | 2020-02-07 | 深圳市微付充科技有限公司 | Mobile payment method, server, mobile terminal and device |
| CN110827020A (en) * | 2018-08-09 | 2020-02-21 | 森斯通株式会社 | Method and system for providing financial transactions using empty cards |
| CN111429132A (en) * | 2020-03-04 | 2020-07-17 | 支付宝(杭州)信息技术有限公司 | A business processing method and device |
| CN111695895A (en) * | 2020-06-12 | 2020-09-22 | 中国银行股份有限公司 | Virtual account management method and device |
| CN112365254A (en) * | 2020-11-20 | 2021-02-12 | 马卓 | Virtual account-based card-free cash withdrawal method and device and storage medium |
| CN112837054A (en) * | 2021-03-26 | 2021-05-25 | 中国工商银行股份有限公司 | An online payment method and device |
| CN112955921A (en) * | 2018-11-09 | 2021-06-11 | 维萨国际服务协会 | Fast transaction settlement using virtual accounts |
| CN113362058A (en) * | 2021-06-29 | 2021-09-07 | 中国农业银行股份有限公司 | Virtual card processing method, device, equipment, readable storage medium and product |
| CN114205078A (en) * | 2021-11-22 | 2022-03-18 | 航天信息股份有限公司 | Virtual tax UKey remote issuing method |
| US11301921B2 (en) | 2017-08-09 | 2022-04-12 | SSenStone Inc. | System for payment based on store's intranet, mobile terminal including payment function based on store's intranet, method for providing payment service based on store's intranet, and program for performing the same |
| TWI816390B (en) * | 2022-05-09 | 2023-09-21 | 兆豐國際商業銀行股份有限公司 | Server and method of performing financial transaction using virtual number |
| EP4123540A4 (en) * | 2020-12-23 | 2023-10-04 | China Unionpay Co., Ltd | Payment function activation method, terminal device, server, system, and storage medium |
| WO2025064399A1 (en) * | 2023-09-18 | 2025-03-27 | Mastercard International Incorporated | Mobile application for corporate payments using virtual payment cards |
Citations (3)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN101414370A (en) * | 2008-12-15 | 2009-04-22 | 阿里巴巴集团控股有限公司 | Payment method, system and payment platform capable of improving payment safety by virtual card |
| CN102984127A (en) * | 2012-11-05 | 2013-03-20 | 武汉大学 | User-centered mobile internet identity managing and identifying method |
| CN203299885U (en) * | 2010-04-13 | 2013-11-20 | 维萨国际服务协会 | System and mobile device used for transaction |
-
2014
- 2014-12-31 CN CN201410845210.0A patent/CN105590214A/en active Pending
Patent Citations (3)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN101414370A (en) * | 2008-12-15 | 2009-04-22 | 阿里巴巴集团控股有限公司 | Payment method, system and payment platform capable of improving payment safety by virtual card |
| CN203299885U (en) * | 2010-04-13 | 2013-11-20 | 维萨国际服务协会 | System and mobile device used for transaction |
| CN102984127A (en) * | 2012-11-05 | 2013-03-20 | 武汉大学 | User-centered mobile internet identity managing and identifying method |
Cited By (44)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN106022772A (en) * | 2016-05-27 | 2016-10-12 | 深圳市八零年代网络科技有限公司 | Payment card setting method and payment card setting device |
| CN107527225A (en) * | 2016-06-15 | 2017-12-29 | 维萨国际服务协会 | System and method for wide-scale distribution of the efficient process resource between account |
| WO2017219270A1 (en) * | 2016-06-22 | 2017-12-28 | 北京小米移动软件有限公司 | Method and device for displaying virtual card |
| US10748137B2 (en) | 2016-06-22 | 2020-08-18 | Beijing Xiaomi Mobile Software Co., Ltd. | Methods, apparatus, and storage medium for displaying virtual cards |
| CN106209378A (en) * | 2016-07-06 | 2016-12-07 | 中国银联股份有限公司 | Safety information interaction method based on virtual secure information carrier |
| CN106209378B (en) * | 2016-07-06 | 2019-10-25 | 中国银联股份有限公司 | Security Information Interaction Method Based on Virtual Security Information Carrier |
| TWI626606B (en) * | 2016-07-28 | 2018-06-11 | Electronic card establishment system and method thereof | |
| CN106355004A (en) * | 2016-08-27 | 2017-01-25 | 挂号网(杭州)科技有限公司 | Resident health card based on entity card virtualization achieving method and system platform |
| CN106980972A (en) * | 2016-12-29 | 2017-07-25 | 中国银联股份有限公司 | Offline payment method and its payment system, mobile terminal based on TEE |
| CN107274168A (en) * | 2017-06-15 | 2017-10-20 | 中国银行股份有限公司 | A kind of method of payment, system, Novel POS machine and payment core system |
| US11301921B2 (en) | 2017-08-09 | 2022-04-12 | SSenStone Inc. | System for payment based on store's intranet, mobile terminal including payment function based on store's intranet, method for providing payment service based on store's intranet, and program for performing the same |
| CN108171504A (en) * | 2017-11-16 | 2018-06-15 | 深圳市微付充科技有限公司 | A kind of polymerization method of payment, mobile equipment and storage device |
| CN108171504B (en) * | 2017-11-16 | 2021-12-31 | 深圳市微付充科技有限公司 | Aggregated payment method, mobile device and storage device |
| CN107993064A (en) * | 2017-11-29 | 2018-05-04 | 深圳消费物联科技有限公司 | A kind of enterprise's stored-value-card issuance method and its system based on NFC |
| CN108090767A (en) * | 2017-12-28 | 2018-05-29 | 中国联合网络通信集团有限公司 | Recharge method and charging system based on block chain |
| CN108090767B (en) * | 2017-12-28 | 2021-07-06 | 中国联合网络通信集团有限公司 | Blockchain-based recharge method and recharge system |
| CN108009822A (en) * | 2018-01-02 | 2018-05-08 | 中国工商银行股份有限公司 | A kind of cloud method of payment, system and payment mechanism, user terminal |
| CN110119941A (en) * | 2018-02-07 | 2019-08-13 | 银联国际有限公司 | Mobile-payment system and method for mobile payment |
| CN110119941B (en) * | 2018-02-07 | 2023-04-18 | 银联国际有限公司 | Mobile payment system and mobile payment method |
| CN108717633A (en) * | 2018-05-31 | 2018-10-30 | 腾讯科技(深圳)有限公司 | Virtual card data processing method, system, device, computer equipment and storage medium |
| WO2020015058A1 (en) * | 2018-07-19 | 2020-01-23 | 国民技术股份有限公司 | Payment code transaction method, smart card, mobile terminal and pos machine |
| CN109034791A (en) * | 2018-07-19 | 2018-12-18 | 国民技术股份有限公司 | Payment code method of commerce, smart card, mobile terminal and cashing machine |
| CN110827020A (en) * | 2018-08-09 | 2020-02-21 | 森斯通株式会社 | Method and system for providing financial transactions using empty cards |
| CN110827020B (en) * | 2018-08-09 | 2023-11-28 | 森斯通株式会社 | Method and system for providing financial transactions using empty cards |
| US11816643B2 (en) | 2018-11-09 | 2023-11-14 | Visa International Service Association | Rapid transaction settlement using virtual account |
| US12511625B2 (en) | 2018-11-09 | 2025-12-30 | Visa International Service Association | Rapid transaction settlement using virtual account |
| CN112955921A (en) * | 2018-11-09 | 2021-06-11 | 维萨国际服务协会 | Fast transaction settlement using virtual accounts |
| CN112955921B (en) * | 2018-11-09 | 2024-03-08 | 维萨国际服务协会 | Fast transaction settlement using virtual accounts |
| CN110322244A (en) * | 2019-07-05 | 2019-10-11 | 中国工商银行股份有限公司 | It is a kind of based on the inter-bank of virtual account without card enchashment processing method and processing device |
| CN110766395A (en) * | 2019-08-29 | 2020-02-07 | 深圳市微付充科技有限公司 | Mobile payment method, server, mobile terminal and device |
| CN110766394A (en) * | 2019-10-21 | 2020-02-07 | 腾讯科技(深圳)有限公司 | Bus taking payment method and device based on credit degree, electronic equipment and storage medium |
| CN111429132B (en) * | 2020-03-04 | 2023-03-24 | 支付宝(杭州)信息技术有限公司 | Service processing method and device |
| CN111429132A (en) * | 2020-03-04 | 2020-07-17 | 支付宝(杭州)信息技术有限公司 | A business processing method and device |
| CN111695895A (en) * | 2020-06-12 | 2020-09-22 | 中国银行股份有限公司 | Virtual account management method and device |
| CN111695895B (en) * | 2020-06-12 | 2023-09-05 | 中国银行股份有限公司 | Virtual account management method and device |
| CN112365254A (en) * | 2020-11-20 | 2021-02-12 | 马卓 | Virtual account-based card-free cash withdrawal method and device and storage medium |
| EP4123540A4 (en) * | 2020-12-23 | 2023-10-04 | China Unionpay Co., Ltd | Payment function activation method, terminal device, server, system, and storage medium |
| US12243044B2 (en) | 2020-12-23 | 2025-03-04 | China Unionpay Co., Ltd. | Method, terminal device, server, system and storage medium for activating payment functions |
| CN112837054A (en) * | 2021-03-26 | 2021-05-25 | 中国工商银行股份有限公司 | An online payment method and device |
| CN113362058A (en) * | 2021-06-29 | 2021-09-07 | 中国农业银行股份有限公司 | Virtual card processing method, device, equipment, readable storage medium and product |
| CN114205078A (en) * | 2021-11-22 | 2022-03-18 | 航天信息股份有限公司 | Virtual tax UKey remote issuing method |
| CN114205078B (en) * | 2021-11-22 | 2024-08-09 | 航天信息股份有限公司 | Virtual tax UKey remote issuing method |
| TWI816390B (en) * | 2022-05-09 | 2023-09-21 | 兆豐國際商業銀行股份有限公司 | Server and method of performing financial transaction using virtual number |
| WO2025064399A1 (en) * | 2023-09-18 | 2025-03-27 | Mastercard International Incorporated | Mobile application for corporate payments using virtual payment cards |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| CN105590214A (en) | Payment method and payment system based on virtual card | |
| US12475456B2 (en) | Secure authentication system with token service | |
| US12074974B2 (en) | Method and system for access token processing | |
| US11157905B2 (en) | Secure on device cardholder authentication using biometric data | |
| JP6238971B2 (en) | Method and system for wallet membership | |
| CN107851254B (en) | Seamless transactions with minimized user input | |
| US9947010B2 (en) | Methods and systems for payments assurance | |
| CN105590198B (en) | A two-dimensional code payment method and payment system | |
| US20160217461A1 (en) | Transaction utilizing anonymized user data | |
| US20140129422A1 (en) | Systems and methods for issuing mobile payment cards via a mobile communication network and internet-connected devices | |
| EP3186739B1 (en) | Secure on device cardholder authentication using biometric data | |
| CN101990676A (en) | Mobile phone transaction system and method | |
| EP3616111B1 (en) | System and method for generating access credentials | |
| TW201419185A (en) | Mobile device, payment transaction system and payment transaction method | |
| US20200265420A1 (en) | Secure remote payment mechanism | |
| JP2016076262A (en) | Method of paying for product or service in commercial website via internet connection and corresponding terminal | |
| CN111886618A (en) | Digital access code | |
| US20250053964A1 (en) | Secure contactless credential exchange | |
| CN108475374A (en) | Payment device with multiple modes for conducting financial transactions | |
| EP3712828A1 (en) | Payment token mechanism | |
| CN111213169A (en) | User authentication and transaction ranking | |
| HK1152439A (en) | Ghosting payment account data in a mobile telephone payment transaction system |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| C06 | Publication | ||
| PB01 | Publication | ||
| C10 | Entry into substantive examination | ||
| SE01 | Entry into force of request for substantive examination | ||
| RJ01 | Rejection of invention patent application after publication |
Application publication date: 20160518 |
|
| RJ01 | Rejection of invention patent application after publication |