[go: up one dir, main page]

CN106656969A - Payment state management method and system thereof, and network payment system - Google Patents

Payment state management method and system thereof, and network payment system Download PDF

Info

Publication number
CN106656969A
CN106656969A CN201610894778.0A CN201610894778A CN106656969A CN 106656969 A CN106656969 A CN 106656969A CN 201610894778 A CN201610894778 A CN 201610894778A CN 106656969 A CN106656969 A CN 106656969A
Authority
CN
China
Prior art keywords
payment
module
application
information
user
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Pending
Application number
CN201610894778.0A
Other languages
Chinese (zh)
Inventor
谈剑锋
张雪松
姜立稳
胡剑波
谢勇
钱金金
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
Shanghai Peoplenet Security Technology Co Ltd
Original Assignee
Shanghai Peoplenet Security Technology Co Ltd
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Shanghai Peoplenet Security Technology Co Ltd filed Critical Shanghai Peoplenet Security Technology Co Ltd
Priority to CN201610894778.0A priority Critical patent/CN106656969A/en
Publication of CN106656969A publication Critical patent/CN106656969A/en
Pending legal-status Critical Current

Links

Classifications

    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/08Network architectures or network communication protocols for network security for authentication of entities
    • H04L63/083Network architectures or network communication protocols for network security for authentication of entities using passwords
    • H04L63/0838Network architectures or network communication protocols for network security for authentication of entities using passwords using one-time-passwords
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06QINFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES, NOT OTHERWISE PROVIDED FOR
    • G06Q20/00Payment architectures, schemes or protocols
    • G06Q20/38Payment protocols; Details thereof
    • G06Q20/382Payment protocols; Details thereof insuring higher security of transaction
    • G06Q20/3829Payment protocols; Details thereof insuring higher security of transaction involving key management
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06QINFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES, NOT OTHERWISE PROVIDED FOR
    • G06Q20/00Payment architectures, schemes or protocols
    • G06Q20/38Payment protocols; Details thereof
    • G06Q20/40Authorisation, e.g. identification of payer or payee, verification of customer or shop credentials; Review and approval of payers, e.g. check credit lines or negative lists
    • G06Q20/401Transaction verification
    • G06Q20/4014Identity check for transactions
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/08Key distribution or management, e.g. generation, sharing or updating, of cryptographic keys or passwords
    • H04L9/0861Generation of secret information including derivation or calculation of cryptographic keys or passwords
    • H04L9/0863Generation of secret information including derivation or calculation of cryptographic keys or passwords involving passwords or one-time passwords

Landscapes

  • Engineering & Computer Science (AREA)
  • Business, Economics & Management (AREA)
  • Computer Security & Cryptography (AREA)
  • Accounting & Taxation (AREA)
  • General Business, Economics & Management (AREA)
  • Computer Networks & Wireless Communication (AREA)
  • Signal Processing (AREA)
  • Finance (AREA)
  • Strategic Management (AREA)
  • Physics & Mathematics (AREA)
  • General Physics & Mathematics (AREA)
  • Theoretical Computer Science (AREA)
  • General Engineering & Computer Science (AREA)
  • Computing Systems (AREA)
  • Computer Hardware Design (AREA)
  • Financial Or Insurance-Related Operations Such As Payment And Settlement (AREA)

Abstract

The invention provides a payment state management method and system thereof, and a network payment system. The payment state management method comprises: S10, receiving a payment state changing request sent by a payment application; S20, sending an identity authentication request of a user to an authentication server according to the payment state changing request; S30, responding to the payment state changing request based on the identity authentication result from the authentication server; and S40, issuing a payment state changing result to the payment application to realize management of the payment state of the network payment system. Therefore, a payment security problem of the related payment account of the user in the network payment system can be solved; and security of the payment state management process can be improved.

Description

Payment state management method and system and network payment system
Technical Field
The invention relates to the technical field of communication, in particular to a payment state management method and system and a network payment system.
Background
As the popularity of the internet increases, more and more people access the internet through payment applications. Statistically, the number of users shopping by payment applications, such as cell phones, tablet computers, etc., by the end of 2015 has reached 4.130 billion, with 3.58 billion people selecting to pay through the payment application. In addition, the report of' 2016 annual quarterly payment system running general situation shows that the mobile payment service reaches 56.15 billion, the amount reaches 52.130 trillion, the year-on-year payment service increases 308% and 31.05% respectively, and the situation of more than one time of increase is kept.
Therefore, the mobile internet already forms a brand new social life form, and changes the daily life of people unconsciously. Meanwhile, the type of financial business is changed from a PC (Personal Computer) end to a mobile end, and a point-to-point payment mode is changed into a social payment mode according to the connection of many-to-many. In this process, for the bank, the security solution of the PC side, such as bluetooth shield, audio key, cipher token, etc., is still used at the mobile side, which is greatly discounted in the user experience compared to the payment method of the third party payment, and the usage results in the service being popular and the loss of the customer.
Moreover, after the user opens the payment servers such as the internet bank server and the mobile phone bank server, the corresponding payment server is always in an open state, and the user can transfer accounts at any time, so that convenience is brought to the user. However, the process also has potential safety hazard, once the payment information is stolen by hackers, the money can be transferred and consumed at any time, and the money can be sent to customers.
Disclosure of Invention
Aiming at the problems, the invention provides a payment state management method and a system thereof and a network payment system, which effectively solve the payment safety of a user related payment account in the network payment system.
The technical scheme provided by the invention is as follows:
a payment state management method is applied to a network payment system, the network payment system is respectively in communication connection with a payment application and an authentication server in a mobile terminal, and the payment state management method comprises the following steps:
s10, receiving a payment state change request sent by the payment application;
s20, sending the identity authentication request of the user to an authentication server according to the payment state change request;
s30, responding the payment state change request according to the identity authentication result of the authentication server;
s40, issuing the payment state change result to the payment application, and realizing the management of the payment state of the network payment system.
Further preferably, a security plug-in uniquely associated with the payment application is stored in the mobile terminal and the authentication server, respectively, so as to implement the identity authentication of the authentication server for the user, where the security plug-in includes application information and an operation algorithm uniquely associated with the payment application.
Further preferably, in step S30, before the authentication server authenticates the identity of the user, the method further includes a step of obtaining an operation algorithm by the authentication server according to the application information operation submitted by the payment application and compiling the operation algorithm into the security plug-in, and specifically includes:
s01 generating a random number according to the received application information and setting the random number as a key parameter;
s02, reconstructing a preset algorithm according to the key parameters to obtain an operation algorithm;
s03, the received application information and the generated operation algorithm are compiled together to obtain a security plug-in and the security plug-in is issued to the payment application.
Further preferably, in step S02, the step of reconstructing the preset algorithm to obtain the operation algorithm specifically includes:
changing the operation sequence of a preset algorithm according to the key parameter to obtain an operation algorithm; and/or the presence of a gas in the gas,
changing the structure of the grouped data blocks of the preset algorithm and the operation sequence of the corresponding grouped data blocks according to the key parameters to obtain an operation algorithm; and/or the presence of a gas in the gas,
and changing the fixed parameters of the preset algorithm according to the key parameters to obtain the operation algorithm.
Further preferably, in step S30, the step of authenticating the identity of the user by the authentication server specifically includes:
in the mobile terminal, the challenge code issued by the authentication server according to the identity authentication request and the application information extracted from the security plug-in are used as calculation factors, an operation algorithm is used for performing operation to generate an identity authentication code, and the generated identity authentication code is sent to a network payment system through payment application;
in the authentication server, the challenge code generated according to the identity authentication request and the application information extracted from the security plug-in are used as calculation factors, an operation algorithm is used for operation to generate an authentication check code, and the identity authentication code forwarded by the network payment system is verified according to the generated authentication check code, so that the identity authentication of the user is realized.
Further preferably, in step S10, the step of receiving the payment status change request sent by the payment application specifically includes:
s11, receiving and verifying login information sent by the payment application, wherein the login information at least comprises a user name and a login password;
s12 receives the payment status change request sent by the payment application after the login information is successfully verified.
Further preferably, in step S10, after the step of receiving the payment status change request sent by the payment application, the method further includes:
and searching and confirming the current payment state of the user according to the received payment state change request, and generating a current payment state list of the user associated payment account, wherein the current payment state comprises a payment opening state and a payment locking state.
Further preferably, in step S30, the step of responding to the payment status change request according to the identity authentication result of the authentication server specifically includes: and if the authentication server successfully authenticates the user identity, changing the payment state of the corresponding payment account according to the received payment state change request.
The invention also provides a network payment system which is respectively in communication connection with the payment application and the authentication server in the mobile terminal, wherein the network payment system specifically comprises:
the first information transceiver module is used for receiving a payment state change request sent by the payment application and an identity authentication result sent by the authentication server, and sending an identity authentication request of a user to the authentication server;
the payment state changing module responds to the payment state changing request according to the identity authentication result received by the first information transceiver module;
and the change state issuing module is used for issuing the payment state change result of the payment state change module to the payment application so as to realize the management of the payment state of the network payment system.
Further preferably, the network payment system further comprises an information verification module and a storage module, wherein,
the storage module is used for storing a registered user list, and the registered user list comprises login information of registered users in the network payment system;
the information verification module verifies the login information received by the first information transceiver module according to the login information of each registered user stored in the storage module, so as to realize the login of the user in the network payment system.
Further preferably, the network payment system further comprises a payment status query module and a payment status confirmation module, wherein,
the payment state query module is used for querying the current payment state of the user according to the payment state change request received by the first information transceiver module, wherein the current payment state comprises a payment opening state and a payment locking state; the payment state change module is used for further inquiring whether the corresponding payment account number completes the payment state change after responding to the payment state change request;
the payment state confirmation module is used for confirming the current payment state searched by the payment state inquiry module;
the invention also provides a payment state management system, which comprises the network payment system as claimed in any one of claims 9-11, and further comprises a payment application and an authentication server in the mobile terminal, wherein the mobile terminal and the authentication server respectively store a security plug-in uniquely associated with the payment application, and the security plug-in comprises application information and an operation algorithm uniquely associated with a user; wherein,
the payment application comprises:
the second information transceiver module is used for sending a payment state change request, receiving a challenge code issued by the authentication server and sending an identity authentication code generated by the security plug-in to the authentication server;
the safety plug-in unit comprises:
the first information extraction module is used for extracting the application information and the challenge code received in the payment application;
the authentication code generation module is used for taking the extracted application information and the challenge code as calculation factors and performing operation by using an and operation algorithm to generate an identity authentication code;
the authentication server includes:
the third information transceiver module is used for receiving the identity authentication request sent by the network payment system, receiving the identity authentication code generated by the payment application, sending the generated challenge code to the payment application and sending the identity authentication result to the network payment system;
the challenge code generating module randomly generates a challenge code according to the identity authentication request received by the third information transceiver module;
the second information extraction module is used for extracting the application information and the generated challenge code;
the check code generating module is used for taking the extracted application information and the challenge code as calculation factors and performing operation by using an and operation algorithm to generate an authentication check code;
and the authentication code verification module is used for verifying the identity authentication code received by the third information transceiver module according to the authentication check code generated by the check code generation module.
Further preferably, the authentication server further includes:
the random number generation module is used for generating a random number according to the received application information and setting the random number as a key parameter;
the algorithm reconstruction module is used for changing the operation sequence of the preset algorithm according to the key parameter to obtain an operation algorithm, and/or changing the structure of the grouped data blocks of the preset algorithm and the operation sequence of the corresponding grouped data blocks according to the key parameter to obtain the operation algorithm, and/or changing the fixed parameter of the preset algorithm according to the key parameter to obtain the operation algorithm;
and the plug-in compiling module is used for compiling the application information and the operation algorithm into the security plug-in, and the third information receiving and sending module returns the generated security plug-in to the payment application.
Compared with the prior art, the invention has the beneficial effects that:
in the payment state management method and the system thereof provided by the invention, during the registration process of a user in a network payment system, an authentication server reconstructs a preset algorithm according to application information (specifically, a secret key parameter is randomly generated according to the application information) and a preset rule to obtain an operation algorithm, and generates a security plug-in uniquely associated with the user and respectively stores the security plug-in a mobile terminal (a built-in payment application and the security plug-in) and the authentication server. The generated random key naturally has uniqueness due to the uniqueness of the application information, so that the uniqueness of the obtained operation algorithm is guaranteed, and the safety plug-in generated by compiling the operation algorithm naturally has uniqueness (the safety plug-ins stored in each mobile terminal are unique, and the realization mechanisms are different), so that the safety performance is greatly improved, and the safety plug-in is not easy to crack. Even if the operation algorithm in the safety plug-in installed in a certain mobile terminal is cracked, the safety performance of other users cannot be influenced; meanwhile, personalized services of the payment application are added, and user experience is improved.
In addition, in the process of payment state management, the safety plug-in the mobile terminal uses multiple factors such as challenge values returned by the authentication server and the like as safety factors to generate an identity authentication code with randomness, the purpose is realized through a novel irreversible cipher system with one-time one-key and one-person one-key, and the safety in the process of payment state management is greatly improved.
Finally, the network payment system provided by the invention is suitable for any existing system which needs to manage the payment function of the user payment account (such as the payment function of each bank card in a bank system), has universality in application and greatly expands the application field.
Drawings
The foregoing features, technical features, advantages and embodiments are further described in the following detailed description of the preferred embodiments, which is to be read in connection with the accompanying drawings.
FIG. 1 is a flow chart of a payment status management method according to the present invention;
FIG. 2 is a schematic diagram of an embodiment of a network payment system according to the present invention;
FIG. 3 is a schematic diagram of another embodiment of a network payment system according to the present invention;
FIG. 4 is a schematic diagram of another embodiment of a network payment system according to the present invention;
fig. 5 is a schematic diagram of a payment status management system according to the present invention.
The reference numbers illustrate:
100-network payment system, 110-first information transceiver module, 120-payment state change module, 130-change state issuing module, 140-information verification module, 150-payment state query module, 160-payment state confirmation module, 170-storage module, 200-authentication server, 210-third information transceiver module, 220-challenge code generation module, 230-authentication code verification module, 240-second information extraction module, 250-check code generation module, 300-mobile terminal, 310-payment application, 320-security plug-in, 311-second information transceiver module, 321-first information extraction module, 322-authentication code generation module.
Detailed Description
In order to more clearly illustrate the embodiments of the present invention or the technical solutions in the prior art, the following description will be made with reference to the accompanying drawings. It is obvious that the drawings in the following description are only some examples of the invention, and that for a person skilled in the art, other drawings and embodiments can be derived from them without inventive effort.
As shown in fig. 1, a schematic flow chart of a payment state management method provided by the present invention is applied to a network payment system which is in communication connection with a payment application and an authentication server, and as can be seen from the diagram, the payment state management method specifically includes the following steps: s10, receiving a payment state change request sent by the payment application; s20, sending the identity authentication request of the user to the authentication server according to the payment state change request; s30, responding the payment state change request according to the identity authentication result of the authentication server; s40, issuing the payment state change result to the payment application, and realizing the management of the payment state of the network payment system. In a specific embodiment, the payment application is an application APP of a network payment system, such as a bank system application APP; the network payment system can be an online banking system and the like.
In one embodiment, step S10 specifically includes: s11, receiving and verifying login information sent by the payment application, wherein the login information at least comprises a user name and a login password; s12 receives the payment status change request sent by the payment application after the login information is successfully verified. In a specific embodiment, the payment Application is an Application APP (Application program) of an internet payment system, and during a login process, a user logs in the Application APP of the internet payment system using login information to establish a communication channel between the payment Application and the internet payment system. Specifically, after receiving the login information, the network payment system compares the login information with a registered user list stored in the network payment system (the registered user list generated by registering each user in the network payment system before managing the payment state), and completes the verification of the login information. And if the relevant information is searched in the registered user list, the authentication is successful, the homepage of the user is displayed in the APP interface, and the subsequent payment state change operation is completed in the homepage. On the contrary, if the network payment system fails to verify the login information, the verification failure information is fed back to the login interface immediately, and the user is prompted to input the verification failure information again.
Specifically, assuming that the network payment system is an online banking system, the payment state change specifically includes a change of a payment function of a bank account associated with the user, such as an online transfer function and an offline payment function for opening or locking the bank account. Assuming that the network payment system is a third-party network payment system, the payment state change specifically includes a change of a payment function of the user associated account, such as opening or locking an online transfer function, an online payment function and the like of the user associated account, and so on. In a specific embodiment, the network payment system is an online bank system, and when the user does not need to perform online account transfer, after the user successfully logs in the application APP, a one-key locking function is selected from business options of a homepage of the application APP, that is, the payment state of each bank account is changed from open to locked. Therefore, after the identity authentication of the user is carried out, the online transfer function of the user-associated bank account is closed one by the online payment system according to the one-key locking function, all the bank accounts under the personal name are locked, the online transfer service is closed, and the safety of all the bank accounts is guaranteed.
In another embodiment, after the step of receiving the payment status change request sent by the payment application at step S10, the method further includes: and searching and confirming the current payment state of the user according to the received payment state change request, and generating a current payment state list of the user-associated payment account, wherein the current payment state comprises a payment opening state and a payment locking state. In a specific embodiment, after the user successfully logs in the APP of the network payment system using the login information, the network payment system searches the current payment state of the user-associated account according to the received payment state change request, for example, queries a bank account associated with the user and generates a query list, and also searches the current payment function of the user-associated bank account. Specifically, if the received payment state change request is to start the online transfer function of the bank account, searching whether the current state of the bank account is in an open state, if the search result is that the bank account is currently in a locked state, sending a confirmation request to a payment application to confirm the state change, and then entering step S20; otherwise, sending a current state prompt message to the payment application to prompt the user that the current state of the bank account is an open state and does not need to be opened again.
Based on the above description, specifically, a security plug-in uniquely associated with the payment application is stored in the mobile terminal and the authentication server, respectively, so as to implement the identity authentication of the authentication server for the user, where the security plug-in includes application information and an operation algorithm uniquely associated with the payment application. More specifically, the step of authenticating the identity of the user by the authentication server in step S20 specifically includes: in the mobile terminal, the challenge code issued by the authentication server according to the identity authentication request and the application information extracted from the security plug-in are used as calculation factors, an operation algorithm is used for performing operation to generate an identity authentication code, and the generated identity authentication code is sent to a network payment system through payment application; in the authentication server, the challenge code generated according to the identity authentication request and the application information extracted from the security plug-in are used as calculation factors, an operation algorithm is used for operation to generate an authentication check code, and the identity authentication code forwarded by the network payment system is verified according to the generated authentication check code, so that the identity authentication of the user is realized.
In this process, the generating, by the security plug-in, the identity authentication code according to the challenge code specifically includes: the network payment system application APP receives the challenge code issued by the authentication server; subsequently, extracting application information stored in the security plug-in, using the application information and the challenge code as calculation factors together, performing operation by using an and operation algorithm to generate an identity authentication code, and forwarding the identity authentication code to a network payment system Application (APP); and finally, the network payment system applies the APP to send the identity authentication code to an authentication server.
After receiving the identity authentication code, the authentication server searches for a security plug-in corresponding to the user according to the application information of the user (the authentication server stores security plug-ins associated with each registered user therein); similar to payment application, the found application information in the security plug-in and the generated challenge code are used as calculation factors, and an operation algorithm uniquely associated with the user is used for operation to generate an authentication check code; and comparing the generated authentication check code with the received identity authentication code to complete the identity authentication of the user.
If the identity authentication code is verified successfully, the user is a legal user, the network payment system is authorized to change the payment state of the payment account number related to the user, namely, the network payment system responds to a payment state change request, and if the online transfer function of each bank account number in the query list is started or closed one by one according to the payment state change request; otherwise, the user is an illegal user and does not enter subsequent operation. In addition, after responding to the payment state change request, the network payment system queries whether the relevant payment account numbers of the user are in the functional state (that is, queries whether each relevant payment account number is in the open state) again, and after confirmation, feeds information back to the interface of the network payment system application APP and displays the information, for example, displays that the payment locking is successful, and realizes the unification of the payment states of the payment application and the network payment system.
In a specific embodiment, the security plug-in is a software package for providing a mobile terminal cryptosystem service, and a computing algorithm and application information uniquely associated with a user are embedded in the software package, and specifically, if the mobile terminal is an android system, the security plug-in exists in a so library form; if the mobile terminal is an ios system, the mobile terminal exists in a zip compressed packet form. According to the method, before the safety plug-in generates the identity authentication code, firstly, the running environment of the mobile terminal is detected, including whether the safety plug-in is ROOT or not, the integrity of the application APP is detected, the integrity of the safety plug-in is detected, the hardware information of the detection equipment is detected, and only if the running environment meets the conditions, the subsequent steps are entered, otherwise, the user is prompted to check the running environment.
In addition, the application information is all information related to the payment application, including user information used for identifying all information of the current identity or state of the user, such as a user name, a login password, a geographic location, and the like; also includes payment application usage behavior, such as payment time, transaction information, etc.; in addition, all information for identifying the device is also included, such as IMEI (International Mobile Equipment Identity), IMSI (International Mobile Subscriber Identity), device model, device brand, manufacturer, CPU (Central Processing Unit), MAC (Media Access Control) address, IP (Internet Protocol, Protocol for interconnection between networks) address, and the like.
According to the embodiment, if a user logs in the network payment system for the first time, the user needs to register in the network payment system and generate and issue a security plug-in the authentication server, and the specific steps include:
a user inputs a user name and a login password in a login interface of an APP (application) of the network payment system, generates a registration request and sends the registration request to the network payment system; after receiving the registration request, the network payment system firstly verifies the user name input by the user (specifically, in the process, the network payment system searches in the current registered user list according to the received user name, and if the same user name is not found, the verification is successful); and if the user name passes the verification, the network payment system stores the user name and the login password in a related manner in the current registered user list to form a new registered user list, and returns the verification result to the application APP.
The application APP receives the verification result, extracts application information (such as a user mobile phone and the like) capable of uniquely identifying the user, generates a short message verification code request and sends the short message verification code request to the network payment system; after receiving the verification code request, the network payment system randomly generates a verification code and feeds the verification code back to the payment application; the mobile phone receives and displays the verification code, inputs the verification code in the application APP, and simultaneously generates a verification code authentication request to the network payment system by the application APP; the network payment system receives a verification code authentication request to authenticate the verification code; and if the authentication is successful, sending the application information and the safety plug-in generation request to the authentication server.
The authentication server receives a security plug-in generation request, firstly, a random number is generated according to received application information, and the random number is set as a key parameter; then, reconstructing a preset algorithm according to the key parameters to obtain an operation algorithm; and finally, compiling the received application information and the generated operation algorithm together to obtain a security plug-in, issuing the security plug-in to the payment application, and storing the security plug-in the mobile terminal. In a specific embodiment, the preset algorithm may be an algorithm such as SM 3. Further, the step of reconstructing the preset algorithm by the authentication server to obtain the operation algorithm specifically includes: changing the operation sequence of a preset algorithm according to the key parameter to obtain an operation algorithm; and/or changing the structure of the grouped data blocks of the preset algorithm and the operation sequence of the corresponding grouped data blocks according to the key parameter to obtain an operation algorithm; and/or changing fixed parameters of a preset algorithm according to the key parameters to obtain an operation algorithm.
The following describes the procedure of generating the operation algorithm by the authentication server in detail with reference to specific embodiments:
one specific embodiment of generating the operation algorithm by changing the operation priority of the preset algorithm is as follows: and randomly generating an 8-bit random key according to the application information of the unique identification user, and rearranging the operation priorities of the steps of the budget algorithm according to the generated random key. At this time, if the preset algorithm includes 8 steps and the generated random key is 31245768, the generated operation algorithm has the operation priority of the 3 rd step in the original preset algorithm, and then the 1 st step, the 2 nd step, the 4 th step, the 5 th step, the 7 th step, the 6 th step and the 8 th step are operated in sequence, so that the operation sequence of the original preset algorithm is changed, and a brand new operation algorithm is generated. Of course, according to the random key, the rule for changing the preset algorithm may be changed according to the actual situation, for example, bit 1 and bit 3 in the random key represent that the 1 st step of 8 steps in the original preset algorithm is used as the 3 rd step in the operation algorithm for operation; and 1 in the 2 nd bit in the random key represents that the 2 nd step in 8 steps in the original preset algorithm is taken as the 1 st step in the operation algorithm for operation, and the rest can be done in the same way to obtain a brand new operation algorithm according to the operation algorithm. Of course, the above is only a simple introduction of two rules for changing the operation priority, and the two rules can be re-set according to the actual situation, if the preset algorithm includes only 6 steps, the adjustment can be performed by changing the number of bits of the generated random key, or the adaptive adjustment can be performed by ignoring two bits of the generated 8-bit random key.
One specific embodiment of obtaining a new operation algorithm by changing the packet structure of the preset algorithm and the operation priority of the packet structure is as follows: if the information to be operated is divided into n data blocks according to the grouping structure rule of the preset algorithm, and each data block includes 8 small blocks (a1, a2, a3, a4, a5, a6, a7, and a8), at this time, if the random key randomly generated according to the application information uniquely identifying the user is 73124568, and the 1 st bit in the 8-bit random key represents the operation order, and the 2 nd bit represents the corresponding block. Then during the operation, the 3 rd bit at the 2 nd bit indicates that the block a3 is exchanged with the block a1 to change the packet structure, and the 7 th bit at the 1 st bit indicates that the block a7 is operated preferentially, thereby achieving the purpose. While we have given an exemplary embodiment, in other embodiments, the grouping rule (length of each data), meaning corresponding to each digit in the random key (e.g. block exchange), etc. may be set according to practical situations.
One specific embodiment of obtaining a new operation algorithm by changing the operation parameters of the preset algorithm is as follows: if the preset algorithm includes two constants, 1 and 2, respectively, and also includes an unknown term X. And a random key obtained randomly according to the application information of the unique identification user is 73124568, specifically, the 3 rd bit in the random key represents the fixed parameter, and X in the preset algorithm is 1, so as to form a new operation algorithm. Of course, in another embodiment, the existing constant term in the preset algorithm may also be changed according to 1 in bit 3, such as changing the existing second constant 2 to 1 in bit 3, i.e. the generated operation algorithm has both constants of 1.
As a complete example, if the first bit in the generated random key represents the operation priority, the second bit represents the packet structure, and the third bit represents the constant term. At this time, if the generated random key is 35781246, a5 and a1 in the packet block perform adjustment to change the packet structure, and a3 performs a priority operation while changing a constant to 7 in the operation algorithm, thereby generating an operation algorithm uniquely associated with the user.
As another embodiment, the mobile terminal is a mobile phone or a tablet computer, the payment application is a mobile banking application APP, and the network payment system is a mobile banking system. When the user logs in the mobile banking APP for the first time, after the user name and the login password are input in the login interface of the mobile banking APP, the mobile banking system verifies the user name and the login password, then verifies the short message verification code, finally generates a security plug-in the authentication server, and returns the security plug-in to the mobile terminal for storage.
As shown in fig. 2, which is a schematic structural diagram of an embodiment of a network payment system provided by the present invention, the network payment system is respectively in communication connection with a payment application and an authentication server, and as can be seen from the figure, the network payment system 100 specifically includes: the payment system comprises a first information transceiver module 110, a payment state changing module 120 and a change state issuing module 130, wherein the first information transceiver module is respectively connected with the payment state changing module 120 and the change state issuing module 130, and the payment state changing module 120 is connected with the change state issuing module 130.
In the working process, first, the first information transceiver module 110 receives a payment state change request sent by the payment application 310, and sends an identity authentication request of a user to the authentication server according to the payment state change request; subsequently, the payment status change module 120 responds to the payment status change request according to the identity authentication result of the authentication server; finally, the change state issuing module 130 issues the payment state change result to the payment application, so as to implement the management of the payment state of the network payment system 100.
As shown in fig. 3, in the present embodiment, the network payment system 100 includes an information verification module 140 and a storage module 170 for verifying the login information received by the first information transceiver module 110, in addition to the first information transceiver module 110, the payment status changing module 120 and the change status issuing module 130.
In a specific embodiment, the user logs in the network payment system APP using the login information to establish a communication channel between the network payment system APP and the network payment system 100. Specifically, after the first information transceiver module 110 receives the login information, the information verification module 140 compares the login information with a registered user list (a registered user list generated by registering each user in the network payment system 100 before managing the payment status) stored in the storage module 170, and completes verification of the login information. If the relevant information is found in the registered user list, the authentication is successful, the homepage of the user is displayed in the APP interface, and further, relevant functions (such as a one-key locking function) are selected from the service options in the homepage, and the subsequent payment state change operation is completed by using the payment state change module 120. On the contrary, if the network payment system 100 fails to verify the login information, the verification failure information is fed back to the login interface immediately, and the user is prompted to re-input the verification information.
As shown in fig. 4, in this embodiment, the network payment system 100 includes, in addition to the first information transceiver module 110, the payment state changing module 120, the change state issuing module 130, the information verifying module 140, and the storage module 170, a payment state querying module 150 and a payment state confirming module 160, where the payment state querying module 150 is configured to search for a current payment state of the user according to a payment state change request received by the first information transceiver module 110, and the current payment state includes a payment unlocked state and a payment locked state; the payment status confirmation module 160 is used to confirm the current payment status found by the payment status inquiry module 150.
In a specific embodiment, after the user successfully logs in the APP, the payment status query module 150 searches for the current payment status of the account associated with the user according to the received payment status change request, such as querying a bank account associated with the user and generating a query list, and also searches for the current payment function of the bank account associated with the user. Specifically, if the received payment state change request is to open the online transfer function of the bank account, the payment state query module 150 searches whether the current state of the bank account is an open state, and if the search result is that the bank account is currently in a locked state, the payment state confirmation module 160 sends a confirmation request to the payment application to confirm the state change; otherwise, sending a current state prompt message to the payment application to prompt the user that the current state of the bank account is an open state and does not need to be opened again.
As shown in fig. 5, a schematic diagram of a payment state management system provided by the present invention is applied to the payment state management method, the payment state management system includes the network payment system 100, and further includes a payment application 310, a security plug-in 320 located in the same mobile terminal 300 as the payment application, and an authentication server, specifically, the security plug-in 320 includes application information and an operation algorithm uniquely associated with a user, and the security plug-in 320 can be in communication connection with the payment application.
Wherein, the payment application comprises: the second information transceiver module 311 is configured to send a payment status change request, receive a challenge code issued by the authentication server, and send an identity authentication code generated by the security plug-in 320 to the authentication server.
The security plug-in 320 includes: a first information extraction module 321, configured to extract application information and a challenge code received in a payment application; and the authentication code generation module 322 is configured to use the extracted application information and challenge code as calculation factors and perform an operation using an operation algorithm uniquely associated with the user to generate an identity authentication code.
The authentication server 200 includes: the third information transceiver module 210, the challenge code generation module 220, the authentication code verification module 230, the second information extraction module 240, and the verification code generation module 250, wherein the challenge code generation module 220 and the authentication code verification module 230 are respectively connected to the third information transceiver module 210, the second information extraction module 240 is respectively connected to the challenge code generation module 220 and the verification code generation module 250, and the verification code generation module 250 is connected to the authentication code verification module 230. The third information transceiver module 210 is configured to receive an identity authentication request sent by the network payment system 100, receive an identity authentication code generated by the payment application 310, send a generated challenge code to the payment application 310, and send an identity authentication result to the network payment system 100; the challenge code generating module 220 randomly generates a challenge code according to the identity authentication request received by the third information transceiver module 210; the second information extraction module is used for extracting the application information and the generated challenge code; the check code generation module is used for taking the extracted application information and the challenge code as calculation factors and carrying out operation by using an AND operation algorithm to generate an authentication check code; the authentication code verifying module 230 is used for verifying the identity authentication code received by the third information transceiver module 210.
In the working process, the second information transceiver module 311 in the payment application 310 receives the challenge code issued by the third information transceiver module 210 in the authentication server 200 and forwards the received challenge code to the first information extraction module 310 in the security plug-in 320; meanwhile, the first information extraction module 321 extracts the application information, and forwards the challenge code and the application information to the challenge code generation module 220 at the same time; then, the challenge code generating module 220 takes the application information and the challenge code as calculation factors, performs calculation by using a calculation algorithm uniquely associated with the user to generate an identity authentication code, and forwards the identity authentication code to the second information transceiving module 311; finally, the second information transceiver module 311 sends the authentication code to the authentication server 200.
After the third information transceiver module 210 in the authentication server 200 receives the identity authentication code, the second information extraction module 240 extracts the application information in the security plug-in and the generated challenge code (stored in the authentication server 200 and used for uniquely associating with the security plug-in) and sends the extracted application information and the generated challenge code to the check code generation module 250, and the check code generation module 250 generates the authentication check code by using the application information and the generated challenge code as calculation factors and by using an operation algorithm uniquely associated with the user; finally, the authentication code verification module 230 compares the generated authentication check code with the received identity authentication code to complete the identity authentication of the user.
If the identity authentication code is successfully verified, the user is a legal user, and the user is authorized to change the payment state of the related payment account, namely, the payment state change module 120 in the network payment system 100 responds to the payment state change request, and if the online transfer functions of all the bank accounts in the query list are turned on or turned off one by one according to the payment state change request; otherwise, the user is an illegal user and does not enter subsequent operation. In addition, after responding to the payment state change request, the network payment system 100 queries whether the payment account related to the user is in the functional state again, and after confirmation, the change state issuing module 130 feeds information back to the interface of the network payment system APP and displays the information, for example, the payment locking is successfully displayed, so that the payment states of the payment application 310 and the network payment system 100 are unified.
More specifically, the application information is all information related to the payment application, including user information used to identify all information of the current identity or state of the user, such as a user name, a login password, a geographic location, and the like; also includes payment application usage behavior, such as payment time, transaction information, etc.; in addition, all information for identifying the device is also included, such as IMEI (International Mobile Equipment Identity), IMSI (International Mobile Subscriber Identity), device model, device brand, manufacturer, CPU (Central Processing Unit), MAC (Media Access Control) address, IP (Internet Protocol, Protocol for interconnection between networks) address, and the like.
According to the above embodiment, if a user logs in the network payment system 100 for the first time, the user needs to register in the network payment system 100 and generate and issue a security plug-in the authentication server 200, which includes the following specific steps:
a user inputs a user name and a login password in a login interface of an APP (application) of the network payment system, generates a registration request and sends the registration request to the network payment system 100; after receiving the registration request, the network payment system 100 first verifies the user name input by the user (specifically, in this process, the network payment system 100 searches in the current registered user list according to the received user name, and if the same user name is not found, the verification is successful); if the user name passes the verification, the network payment system 100 stores the user name and the login password in association with each other in the current registered user list to form a new registered user list, and returns the verification result to the application APP.
The application APP receives the verification result, extracts application information (such as a user mobile phone and the like) capable of uniquely identifying the user, generates a short message verification code request and sends the short message verification code request to the network payment system 100; after receiving the verification code request, the network payment system 100 randomly generates a verification code and feeds the verification code back to the mobile phone; the mobile phone receives and displays the verification code, inputs the verification code in the application APP, and simultaneously generates a verification code authentication request to the network payment system 100 by the application APP; the network payment system 100 receives the verification code authentication request to authenticate the verification code; if the authentication is successful, the application information and security plug-in 320 generates a request to the authentication server 200.
The authentication server 200 receives the security plug-in generation request, changes the operation priority and/or the grouping structure and/or the operation parameter of the preset algorithm according to the application information of the unique identification user, and generates an operation algorithm; the generated operation algorithm is compiled into a security plug-in, and the generated security plug-in is returned to the payment application via the network payment system 100 and stored in the mobile terminal.
As can be seen, the authentication server 200 further includes: an algorithm reconstruction module and a plug-in compiling module, wherein the algorithm reconstruction module is used for changing the operation priority and/or the grouping structure and/or the operation parameters of the preset algorithm according to the safety plug-in generation request received by the third information transceiver module 210 and the application information of the unique identification user to generate an operation algorithm; and the plug-in compiling module is configured to compile an operation algorithm generated by the algorithm reconstruction into a security plug-in, and return the generated security plug-in to the payment application 310 through the network payment system 100 by the third information transceiver module 210, where a specific algorithm reconstruction process is described in the payment state management method for making a corresponding description, which is not described herein again.
It should be noted that the above embodiments can be freely combined as necessary. The foregoing is only a preferred embodiment of the present invention, and it should be noted that, for those skilled in the art, various modifications and decorations can be made without departing from the principle of the present invention, and these modifications and decorations should also be regarded as the protection scope of the present invention.

Claims (13)

1. A payment state management method is applied to a network payment system, the network payment system is respectively in communication connection with a payment application and an authentication server in a mobile terminal, and the payment state management method comprises the following steps:
s10, receiving a payment state change request sent by the payment application;
s20, sending the identity authentication request of the user to an authentication server according to the payment state change request;
s30, responding the payment state change request according to the identity authentication result of the authentication server;
s40, issuing the payment state change result to the payment application, and realizing the management of the payment state of the network payment system.
2. The payment status management method according to claim 1, wherein a security plug-in uniquely associated with the payment application is stored in the mobile terminal and the authentication server, respectively, for implementing the authentication of the authentication server to the user, and the security plug-in includes application information and an operation algorithm uniquely associated with the payment application.
3. The payment state management method of claim 2, wherein in step S30, before the authentication server authenticates the identity of the user, the method further comprises a step of the authentication server obtaining an operation algorithm by operation according to application information submitted by the payment application and compiling the operation algorithm into a security plug-in, and specifically comprises:
s01 generating a random number according to the received application information and setting the random number as a key parameter;
s02, reconstructing a preset algorithm according to the key parameters to obtain an operation algorithm;
s03, the received application information and the generated operation algorithm are compiled together to obtain a security plug-in and the security plug-in is issued to the payment application.
4. The payment state management method of claim 3, wherein in the step S02, the step of reconstructing the preset algorithm to obtain the operation algorithm specifically comprises:
changing the operation sequence of a preset algorithm according to the key parameter to obtain an operation algorithm; and/or the presence of a gas in the gas,
changing the structure of the grouped data blocks of the preset algorithm and the operation sequence of the corresponding grouped data blocks according to the key parameters to obtain an operation algorithm; and/or the presence of a gas in the gas,
and changing the fixed parameters of the preset algorithm according to the key parameters to obtain the operation algorithm.
5. The payment state management method of any one of claims 2 to 4, wherein in the step S30, the step of authenticating the identity of the user by the authentication server specifically comprises:
in the mobile terminal, the challenge code issued by the authentication server according to the identity authentication request and the application information extracted from the security plug-in are used as calculation factors, an operation algorithm is used for performing operation to generate an identity authentication code, and the generated identity authentication code is sent to a network payment system through payment application;
in the authentication server, the challenge code generated according to the identity authentication request and the application information extracted from the security plug-in are used as calculation factors, an operation algorithm is used for operation to generate an authentication check code, and the identity authentication code forwarded by the network payment system is verified according to the generated authentication check code, so that the identity authentication of the user is realized.
6. The payment state management method of any one of claims 1 to 4, wherein in step S10, the step of receiving the payment state change request sent by the payment application specifically comprises:
s11, receiving and verifying login information sent by the payment application, wherein the login information at least comprises a user name and a login password;
s12 receives the payment status change request sent by the payment application after the login information is successfully verified.
7. The payment state management method of claim 6, wherein the step of receiving the payment state change request transmitted by the payment application at step S10 further comprises:
and searching and confirming the current payment state of the user according to the received payment state change request, and generating a current payment state list of the user associated payment account, wherein the current payment state comprises a payment opening state and a payment locking state.
8. The payment state management method of any one of claims 1 to 4, wherein the step of responding to the payment state change request according to the identity authentication result of the authentication server at step S30 specifically comprises: and if the authentication server successfully authenticates the user identity, changing the payment state of the corresponding payment account according to the received payment state change request.
9. The network payment system is characterized by being in communication connection with a payment application and an authentication server in a mobile terminal respectively, and specifically comprises the following components:
the first information transceiver module is used for receiving a payment state change request sent by the payment application and an identity authentication result sent by the authentication server, and sending an identity authentication request of a user to the authentication server;
the payment state changing module responds to the payment state changing request according to the identity authentication result received by the first information transceiver module;
and the change state issuing module is used for issuing the payment state change result of the payment state change module to the payment application so as to realize the management of the payment state of the network payment system.
10. The network payment system of claim 9,
the network payment system also comprises an information verification module and a storage module, wherein,
the storage module is used for storing a registered user list, and the registered user list comprises login information of registered users in the network payment system;
the information verification module verifies the login information received by the first information transceiver module according to the login information of each registered user stored in the storage module, so as to realize the login of the user in the network payment system.
11. The network payment system of claim 10, further comprising a payment status inquiry module and a payment status confirmation module, wherein,
the payment state query module is used for querying the current payment state of the user according to the payment state change request received by the first information transceiver module, wherein the current payment state comprises a payment opening state and a payment locking state; the payment state change module is used for further inquiring whether the corresponding payment account number completes the payment state change after responding to the payment state change request;
and the payment state confirmation module is used for confirming the current payment state searched by the payment state inquiry module.
12. A payment status management system, wherein the payment status management system comprises the network payment system according to any one of claims 9 to 11, and further comprises a payment application and an authentication server in a mobile terminal, wherein a security plug-in uniquely associated with the payment application is stored in the mobile terminal and the authentication server, respectively, and the security plug-in comprises application information and an operation algorithm uniquely associated with a user; wherein,
the payment application comprises:
the second information transceiver module is used for sending a payment state change request, receiving a challenge code issued by the authentication server and sending an identity authentication code generated by the security plug-in to the authentication server;
the safety plug-in unit comprises:
the first information extraction module is used for extracting the application information and the challenge code received in the payment application;
the authentication code generation module is used for taking the extracted application information and the challenge code as calculation factors and performing operation by using an and operation algorithm to generate an identity authentication code;
the authentication server includes:
the third information transceiver module is used for receiving the identity authentication request sent by the network payment system, receiving the identity authentication code generated by the payment application, sending the generated challenge code to the payment application and sending the identity authentication result to the network payment system;
the challenge code generating module randomly generates a challenge code according to the identity authentication request received by the third information transceiver module;
the second information extraction module is used for extracting the application information and the generated challenge code;
the check code generating module is used for taking the extracted application information and the challenge code as calculation factors and performing operation by using an and operation algorithm to generate an authentication check code;
and the authentication code verification module is used for verifying the identity authentication code received by the third information transceiver module according to the authentication check code generated by the check code generation module.
13. The payment status management system of claim 12, wherein the authentication server further comprises:
the random number generation module is used for generating a random number according to the received application information and setting the random number as a key parameter;
the algorithm reconstruction module is used for changing the operation sequence of the preset algorithm according to the key parameter to obtain an operation algorithm, and/or changing the structure of the grouped data blocks of the preset algorithm and the operation sequence of the corresponding grouped data blocks according to the key parameter to obtain the operation algorithm, and/or changing the fixed parameter of the preset algorithm according to the key parameter to obtain the operation algorithm;
and the plug-in compiling module is used for compiling the application information and the operation algorithm into the security plug-in, and the third information receiving and sending module returns the generated security plug-in to the payment application.
CN201610894778.0A 2016-10-13 2016-10-13 Payment state management method and system thereof, and network payment system Pending CN106656969A (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
CN201610894778.0A CN106656969A (en) 2016-10-13 2016-10-13 Payment state management method and system thereof, and network payment system

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
CN201610894778.0A CN106656969A (en) 2016-10-13 2016-10-13 Payment state management method and system thereof, and network payment system

Publications (1)

Publication Number Publication Date
CN106656969A true CN106656969A (en) 2017-05-10

Family

ID=58856704

Family Applications (1)

Application Number Title Priority Date Filing Date
CN201610894778.0A Pending CN106656969A (en) 2016-10-13 2016-10-13 Payment state management method and system thereof, and network payment system

Country Status (1)

Country Link
CN (1) CN106656969A (en)

Cited By (7)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN107358425A (en) * 2017-06-29 2017-11-17 湖南搜云网络科技股份有限公司 The calculating of tranaction costs and method of payment and device, transaction platform and storage medium
CN107392616A (en) * 2017-07-19 2017-11-24 上海众人网络安全技术有限公司 A kind of risk determination method and device for payment authentication system
WO2020133028A1 (en) * 2018-12-27 2020-07-02 深圳市优必选科技有限公司 Electronic payment transaction system and method
CN111932244A (en) * 2020-07-24 2020-11-13 中国银联股份有限公司 Information processing method, apparatus, equipment and medium
CN112036891A (en) * 2020-09-01 2020-12-04 中国银行股份有限公司 Transaction control method and device, computer equipment and computer-readable storage medium
CN112418852A (en) * 2019-08-23 2021-02-26 中兴通讯股份有限公司 Secure payment method, terminal, server and payment system
CN113379418A (en) * 2021-06-21 2021-09-10 上海盛付通电子支付服务有限公司 Information verification method, device, medium, and program product based on security plug-in

Citations (4)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN103944737A (en) * 2014-05-06 2014-07-23 中国联合网络通信集团有限公司 User identity authentication method, third-party authentication platform and operator authentication platform
CN104579671A (en) * 2013-10-29 2015-04-29 中国银联股份有限公司 Authentication method and system
CN105516195A (en) * 2016-01-19 2016-04-20 上海众人网络安全技术有限公司 Security authentication system and security authentication method based on application platform login
CN105959942A (en) * 2016-04-25 2016-09-21 上海众人网络安全技术有限公司 Identification authentication system and identification authentication method based on wireless access

Patent Citations (4)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN104579671A (en) * 2013-10-29 2015-04-29 中国银联股份有限公司 Authentication method and system
CN103944737A (en) * 2014-05-06 2014-07-23 中国联合网络通信集团有限公司 User identity authentication method, third-party authentication platform and operator authentication platform
CN105516195A (en) * 2016-01-19 2016-04-20 上海众人网络安全技术有限公司 Security authentication system and security authentication method based on application platform login
CN105959942A (en) * 2016-04-25 2016-09-21 上海众人网络安全技术有限公司 Identification authentication system and identification authentication method based on wireless access

Cited By (13)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN107358425A (en) * 2017-06-29 2017-11-17 湖南搜云网络科技股份有限公司 The calculating of tranaction costs and method of payment and device, transaction platform and storage medium
CN107358425B (en) * 2017-06-29 2021-04-20 湖南搜云网络科技股份有限公司 Transaction fee calculation and payment method and device, transaction platform and storage medium
CN107392616A (en) * 2017-07-19 2017-11-24 上海众人网络安全技术有限公司 A kind of risk determination method and device for payment authentication system
WO2020133028A1 (en) * 2018-12-27 2020-07-02 深圳市优必选科技有限公司 Electronic payment transaction system and method
CN112418852A (en) * 2019-08-23 2021-02-26 中兴通讯股份有限公司 Secure payment method, terminal, server and payment system
CN111932244A (en) * 2020-07-24 2020-11-13 中国银联股份有限公司 Information processing method, apparatus, equipment and medium
WO2022016843A1 (en) * 2020-07-24 2022-01-27 中国银联股份有限公司 Information processing method and apparatus, device and medium
TWI797638B (en) * 2020-07-24 2023-04-01 大陸商中國銀聯股份有限公司 Information processing method, device, equipment and medium
CN111932244B (en) * 2020-07-24 2023-10-20 中国银联股份有限公司 Information processing method, device, equipment and medium
CN112036891A (en) * 2020-09-01 2020-12-04 中国银行股份有限公司 Transaction control method and device, computer equipment and computer-readable storage medium
CN112036891B (en) * 2020-09-01 2023-09-19 中国银行股份有限公司 Transaction control method and device, computer equipment and computer readable storage medium
CN113379418A (en) * 2021-06-21 2021-09-10 上海盛付通电子支付服务有限公司 Information verification method, device, medium, and program product based on security plug-in
CN113379418B (en) * 2021-06-21 2024-04-05 上海盛付通电子支付服务有限公司 Information verification method, device, medium and program product based on security plug-in

Similar Documents

Publication Publication Date Title
CN108496382B (en) Secure information transmission system and method for personal identity authentication
CN106656969A (en) Payment state management method and system thereof, and network payment system
US8132243B2 (en) Extended one-time password method and apparatus
CN105516195B (en) A kind of security certification system and its authentication method based on application platform login
CN102088353B (en) Two-factor authentication method and system based on mobile terminal
CN1852094B (en) Method and system for protecting network business application accounts
CN111275419B (en) Block chain wallet signature right confirming method, device and system
WO2015158874A1 (en) Method and system for user authentication
CN106096947B (en) The half off-line anonymous method of payment based on NFC
CN1921395B (en) Method for improving security of network software
CN103249045A (en) Identification method, device and system
CN108259502A (en) For obtaining the identification method of interface access rights, server-side and storage medium
US20200196143A1 (en) Public key-based service authentication method and system
CN103905194B (en) Identity traceability authentication method and system
CN106302332B (en) User data access control method, device and system
CN104125230B (en) A kind of short message certification service system and authentication method
CN105959942A (en) Identification authentication system and identification authentication method based on wireless access
CN105338000B (en) A kind of verification method, verification system
CN105868975B (en) Management method, management system and the mobile terminal of electronic banking account
CN104469736B (en) A kind of data processing method, server and terminal
CN114157438A (en) Network equipment management method and device and computer readable storage medium
CN108228211A (en) Smart card, the method and system of intelligent card data security update
CN105119716A (en) Secret key negotiation method based on SD cards
CN102790757B (en) User identification method and system for network transaction
KR20050071768A (en) System and method for one time password service

Legal Events

Date Code Title Description
PB01 Publication
PB01 Publication
SE01 Entry into force of request for substantive examination
SE01 Entry into force of request for substantive examination
RJ01 Rejection of invention patent application after publication
RJ01 Rejection of invention patent application after publication

Application publication date: 20170510