CN108881000A - Gateway, third-party platform, payment system and method - Google Patents

Abstract

The invention discloses a gateway device, a third-party platform, a payment system and a method. When a household device purchases a service, the gateway device generates a payment signature based on a first key stored by itself, and sends the payment signature to the third-party platform. The third-party platform completes the verification of the payment signature and processes the service request for the purchase service according to the verification result. Since the first key used for payment verification is stored on the gateway device, the gateway device generates a payment signature based on the first key for the third-party platform to complete security verification in the payment process according to the payment signature. The verification process of the payment signature by the third-party platform is essentially the process of using the second key to verify the correctness of the first key on the gateway device side. Therefore, the payment process is based on the gateway device, and the home devices under the gateway device Both can realize the purchase payment through the gateway device, so this solution also optimizes the management of the purchase and payment of household equipment.

Description

Gateway device, third-party platform, payment system and method

technical field

The present invention relates to the technical field of communication, and more specifically, to a gateway device, a third-party platform, a payment system and a method.

Background technique

The emergence of smart home devices has brought great convenience to users and improved and improved people's quality of life. All smart home devices in a family can be directly connected to the home wireless gateway through WiFi, and then connected to the Internet through the home wireless gateway to realize various remote smart applications. Different smart home devices are usually provided by different service providers, such as water, electricity, gas, cable TV, broadband network, etc., which belong to different industry fields. When users want to use these related services, they must pay fees to the corresponding service providers. Whether it is prepaid or postpaid, there are usually several ways for users to pay fees: the user pays at the counter of the business hall; the special staff visits the door to charge; the user logs into the online business hall opened by the relevant service provider or uses Relevant clients make online payment.

Although the first two payment methods can guarantee the safety of payment, they consume a lot of human resources. Among them, the first payment method requires users to go to the corresponding business hall to pay one by one when the family enjoys multiple smart home services, which is not smart enough and unreasonable. The second payment method requires relevant service providers to hire a large number of staff members to settle the expenses one by one in the household, which not only consumes a lot of human resources, but also is not conducive to the optimal allocation of resources. And also require the user to be in the home in specific time period, to wait for payment, also caused great inconvenience to the user. Compared with the first two payment methods, the third payment method has the advantages of convenient and fast payment and low resource consumption, but it requires the user to use the terminal to make the payment.

As far as the management of home smart home devices is concerned, since the communication framework between smart home devices and the outside world has determined that they must establish communication with the gateway device located in the home, therefore, from the perspective of payment management, it will be difficult for the gateway device to undertake the payment work. more reasonable. Although when the terminal makes payment at home, messages such as payment requests are transmitted through the gateway device, but the gateway device only plays the role of forwarding information, and currently there is no payment method that can be directly based on the gateway device.

Contents of the invention

The technical problem to be solved by the present invention is to solve the problem in the prior art that the payment cannot be completed directly based on the gateway device when purchasing services for household devices. To solve this technical problem, a gateway device, a third-party platform, a payment system and method.

In order to solve the above technical problems, the present invention provides a payment method, including:

The gateway device generates a payment signature based on the locally stored first key during the process of purchasing services by the home device, and the gateway device communicates with the home device;

The gateway device sends the payment signature to the third-party platform, so that the third-party platform can complete the signature verification on the payment signature based on the second key stored locally, and verify the service purchase of the service according to the verification result. The request is processed.

Further, the gateway device sending the payment signature to a third-party platform includes:

The gateway device directly sends the payment signature to a third-party platform;

or,

The gateway device forwards the payment signature to a third-party platform through the home device.

Further, the method further includes: sending the service request to the third-party platform by the gateway device or the home device.

Further, the first key is a private key of the gateway device, and the second key is a public key corresponding to the private key.

Further, the gateway device generating the payment signature based on the locally stored first key includes:

The gateway device receives the payment request sent by the client, and encrypts the payment request with a first key to obtain a payment signature;

or,

The gateway device receives the payment request sent by the home device, and uses the first key to encrypt the payment request to obtain a payment signature.

Further, the present invention also provides a payment method, including:

The third-party platform obtains the payment signature generated by the gateway device, the payment signature is generated by the gateway device based on its storage of the first key during the process of purchasing the service by the home device, and the gateway device communicates with the home device;

The third-party platform uses the locally pre-stored second key to perform signature verification on the payment signature, and processes the service request for purchasing the service according to the verification result.

Further, the acquisition of the payment signature generated by the gateway device by the third-party platform includes:

The third-party platform receives the payment signature sent by the gateway device;

or,

The third-party platform receives the payment signature generated by the gateway device and forwarded by the home device.

Further, the third-party platform includes an application platform and a payment platform;

The processing of the service request for purchasing the service by the third-party platform according to the verification result includes:

The application platform uses the locally pre-stored second key to perform signature verification on the payment signature; when the verification result is passed, the payment platform completes the payment deduction corresponding to the service request; the payment The platform sends the deduction result to the application platform, so that the application platform can provide the home device with the service corresponding to the service request when the deduction is successful;

or,

The payment platform uses the locally pre-stored second key to perform signature verification on the payment signature, and completes the payment deduction corresponding to the service request when the verification result is passed; the payment platform will deduct The payment result is sent to the application platform, so that the application platform provides the service corresponding to the service request to the home device when the deduction is successful.

Further, the method further includes: the application platform receiving the service request sent by the gateway device or the home device.

Further, the present invention also provides a gateway device, including:

A storage module, used for pre-storing the first key used for payment;

The first processing module is configured to generate a payment signature based on the first key during the process of purchasing services by the home device, and the gateway device is communicatively connected to the home device;

The first communication module is configured to send the payment signature to a third-party platform, so that the third-party platform can complete signature verification on the payment signature based on the locally stored second key, and verify the payment signature according to the verification result. Service requests for services are processed.

Further, the first communication module is used to directly send the payment signature to the third-party platform, or forward the payment signature to the third-party platform through the home device.

Further, the first communication module is further configured to send a service request to the third-party platform.

Further, the first communication module is configured to receive a payment request sent by a client, or receive a payment request sent by the home device;

The first processing module is configured to use the locally stored first key to encrypt the payment request acquired by the first communication module to obtain a payment signature.

Further, the present invention provides a third-party platform, including:

The second communication module is used to obtain the payment signature generated by the gateway device, the payment signature is generated by the gateway device based on its storage of the first key during the process of purchasing services by the home device, and the gateway device and the home device communication connection;

The second processing module is configured to use a locally pre-stored second key to perform signature verification on the payment signature, and process the service request for purchasing the service according to the verification result.

Further, the second communication module is configured to receive the payment signature sent by the gateway device, or receive the payment signature generated by the gateway device and forwarded by the home device.

Further, the second communication module is further configured to receive a service request sent by the gateway device or the home device.

Further, the present invention also provides a payment system, including the gateway device described in any one of the above, the third-party platform described in any one of the above, and a home device communicatively connected with the gateway device.

Further, the home device is also used to monitor its own service providing capability, and automatically purchase and pay for the required service when its own service providing capability is lower than a preset threshold, the service providing capability characterizes the home device Ability to provide services to users.

Beneficial effect

The present invention provides a gateway device, a third-party platform, a payment system and a method. When a home device under the gateway device purchases a service, the gateway device generates a payment signature based on a first key stored by itself. Then the payment signature is sent to the third-party platform, and the third-party platform completes the verification of the payment signature and processes the service request for the purchase service according to the verification result. In this solution, the first key for payment verification is stored on the gateway device, which can generate a payment signature based on the first key for the third-party platform to complete security verification in the payment process based on the payment signature. The verification process of the payment signature by the third-party platform is essentially the verification process of using the second key to verify the correctness of the first key on the gateway device side. Therefore, the payment process in the present invention is based on the gateway device. All household devices can be purchased and paid through the gateway device, so the solution of the present invention optimizes the management of the purchase and payment of household devices.

Description of drawings

The present invention will be further described below in conjunction with accompanying drawing and embodiment, in the accompanying drawing:

Fig. 1 is a flow chart of the payment method provided by Embodiment 1 of the present invention;

Fig. 2 is a kind of implementation flowchart of payment method on the third-party platform side;

Fig. 3 is another implementation flowchart of the payment method on the third-party platform side;

FIG. 4 is a schematic structural diagram of a gateway device provided in Embodiment 2 of the present invention;

FIG. 5 is a schematic structural diagram of a third-party platform provided by Embodiment 3 of the present invention;

FIG. 6 is a schematic structural diagram of a payment system provided by Embodiment 4 of the present invention;

FIG. 7 is a schematic structural diagram of a household device provided by Embodiment 4 of the present invention;

Fig. 8 is a flow chart of the first payment method provided in Embodiment 4 of the present invention;

FIG. 9 is a second flow chart of the payment method provided in Embodiment 4 of the present invention;

Fig. 10 is a third flow chart of the payment method provided in Embodiment 4 of the present invention;

Fig. 11 is a fourth flowchart of the payment method provided in Embodiment 4 of the present invention;

Fig. 12 is a flow chart of the first payment method provided in Embodiment 5 of the present invention;

Fig. 13 is a second flow chart of the payment method provided in Embodiment 5 of the present invention.

Detailed ways

It should be understood that the specific embodiments described here are only used to explain the present invention, not to limit the present invention.

Embodiment one:

In order to make those skilled in the art more aware of the details and advantages of the present invention, this embodiment will describe the payment method provided by the present invention in detail, below, please refer to Figure 1:

S102. The gateway device generates a payment signature based on the locally stored first key during the process of purchasing a service by the home device.

One or more home devices can be connected to one gateway device, including but not limited to common smart TVs, smart refrigerators, smart water meters, smart electricity meters, smart gas meters, smart air conditioners, smart washing machines, etc. The gateway device can communicate with these household devices through short-range communication, for example, through wireless communication such as WiFi (Wireless Fidelity), ZigBee (Zigbee Communication), and Bluetooth. It should be understood that the gateway device can also interact with the outside world through remote communication.

In this embodiment, home device purchase service is not limited to the process of home device purchase action, it may also refer to other devices, such as the situation where a gateway device helps a home device to purchase a service from a third-party platform. Whether the home device purchases the service itself or the gateway device helps the home device purchase the service, successful payment is required before the service is successfully purchased. In order to pay successfully, payment verification is required. In this embodiment, the first key used for payment verification is stored in the gateway device. Therefore, when the home device purchases services, the gateway device needs to use its locally stored first key to generate a payment signature.

Specifically, after receiving the payment request, the gateway device will use the first key to encrypt the payment request to obtain the payment signature. Wherein, the payment request may come from a home device or a client. In the case that the home device purchases the service itself, the payment request is sent by the home device to the gateway device. When the home device itself cannot initiate a purchase action, the user can send a payment request to the gateway device through the client, instructing the gateway device to generate a payment signature for payment verification.

S104. The gateway device sends the payment signature to the third-party platform.

After the gateway device generates the payment signature, it will send the payment signature to the third-party platform for the third-party platform to verify the payment signature according to the stored second key. There are two ways for the gateway device to send the payment signature to the third-party platform:

First, the gateway device sends the payment signature generated by itself directly to the third-party platform. It can be understood that the third-party platform includes one or more servers, therefore, the communication between the gateway device and the third-party platform belongs to long-distance communication, which needs to be carried out based on WAN (wide area network) long-distance communication.

In the second type, the gateway device first transmits the payment signature to the home device, and then the home device sends the payment signature to the third-party platform. In this transmission method, the gateway device can transmit the payment signature to the home device based on the short-range communication method. After the home device receives the payment signature, it sends the payment signature to the third-party platform. If the home device supports remote communication, such as cellular communication, the home device can directly communicate with the third-party platform based on cellular communication.

S106. The third-party platform obtains the payment signature generated by the gateway device.

Correspondingly, the third-party platform can receive the payment signature from the gateway device or the home device, and then verify the payment signature. In this embodiment, the third-party platform includes an application platform and a payment platform. Wherein, the application platform is operated by a service provider, which can manage corresponding services. For example, a power management platform operated by a power company is used to provide corresponding power service management to smart meters. The payment platform is the payment platform supported by the application platform, or in other words, the payment platform has a cooperative relationship with the application platform. At present, the more common payment platforms include Alipay, WeChat Pay, etc.

It should be understood that when purchasing services for home equipment, the specific service management is completed by the application platform, while the payment deduction work is completed by the payment platform. For example, if the gateway device initiates a service request to pre-store 200 yuan of electricity charges for the family, the application platform will first increase the available amount of the smart meter in the family by 200 yuan after the payment platform completes the deduction of 200 yuan.

S108. The third-party platform uses the locally pre-stored second key to perform signature verification on the payment signature, and processes the service request for purchasing the service according to the verification result.

The second key may be the same as the first key, that is, the verification and verification process between the gateway device and the third-party platform is based on a symmetric encryption mechanism. It can be understood that when the first key and the second key are symmetric keys, when the gateway device transmits the second key to the third-party platform, it also needs to encrypt the second key to ensure its transmission security . Of course, the second key can also be different from the first key. For example, in this embodiment, the verified and verified process between the gateway device and the third-party platform is based on an asymmetric encryption mechanism, the first key is a private key, and the second key owned by the third-party platform is the same as the The public key corresponding to the private key. If the data is encrypted with the public key, it can only be decrypted with the corresponding private key; if the data is encrypted with the private key, it can only be decrypted with the corresponding public key. At the same time, the information that can be decrypted by the public key must be encrypted by the corresponding private key. Although the public key owned by the third-party platform is publicly known, only the corresponding gateway device has the first key. Therefore, in this case, when the third-party platform can successfully decrypt the payment signature, it means that the gateway device has The saved private key is correct, which also verifies the legal identity of the gateway device.

In this embodiment, it is feasible for the payment signature to be received by the application platform or by the payment platform. Because the verification of the payment signature can be completed by the application platform or the payment platform. In addition, even if the platform receiving the payment signature does not have the ability to verify, it can also send the payment signature to another platform to complete the verification. The scheme of signature verification completed by the application platform and the payment platform is introduced below in conjunction with Figure 2 and Figure 3 respectively:

S202. The application platform acquires the payment signature generated by the gateway device.

There are several ways for the application platform to obtain the payment signature: receiving the payment signature from the gateway device or the home device; or receiving the payment signature from the payment platform. In an example of this embodiment, the application platform directly receives the payment signature sent by the gateway device.

S204. The application platform performs signature verification on the payment signature.

The application platform uses the locally pre-stored second key to perform signature verification on the payment signature. It should be understood that an application platform is not only for one gateway device, and different gateway devices have different first keys, and correspondingly, the application platform will also store multiple second keys. Before verifying the payment signature generated by the gateway device, the application platform should extract the correct second key. Therefore, the corresponding relationship between the gateway device or the home device and the second key can be established on the application platform side. After the application platform obtains the payment signature, it inquires to obtain the corresponding second key to complete the signature verification.

S206. When the verification is passed, the payment platform deducts the money.

Even if the verification result shows that the payment signature has passed the verification, it does not mean that the service request for the purchase service will be responded, because the payment deduction by the payment platform may not be successful. There are many reasons why the payment platform cannot successfully debit the payment. The main reason is that the balance of the account corresponding to the payment signature is not enough to pay the corresponding fee. Therefore, after the payment deduction is completed, the payment platform will also send the deduction result to the application platform.

S208. The application platform receives the deduction result and processes the service request according to the deduction result.

If the application platform determines that the deduction by the payment platform has been successful, the application platform may respond to the service request for purchasing the service. In addition, the application platform does not respond to the corresponding service request, including the case that the signature verification fails and the deduction fails. For different situations, the application platform can send corresponding prompt information to the gateway device, such as prompting the gateway The device signature verification failed or the account balance corresponding to the gateway device is not enough.

For the scheme of signature verification by the payment platform, please refer to Figure 3:

S302. The payment platform obtains the payment signature generated by the gateway device.

Similar to the solution shown in FIG. 2 , the payment platform can also receive the payment signature from the gateway device or the home device; or receive the payment signature from the application platform.

S304. The payment platform performs signature verification on the payment signature.

The payment platform uses the locally pre-stored second key to perform signature verification on the payment signature. It should be understood that a payment platform is not only for one gateway device, but different gateway devices have different first keys, and correspondingly, the payment platform will also store multiple second keys. Before verifying the payment signature generated by the gateway device, the payment platform should extract the correct second key. Therefore, the corresponding relationship between the gateway device or the home device and the second key can be established on the payment platform side. After the payment platform obtains the payment signature, it queries to obtain the corresponding second key to complete the signature verification.

S306. When the verification is passed, the payment platform deducts the money.

The only difference from the scheme shown in Figure 2 is that here the payment platform deducts payment based on the verification result obtained by itself, while in the scheme shown in Figure 2, the payment platform deducts payment based on the verification result of the application platform .

S308. The application platform receives the deduction result and processes the service request according to the deduction result.

For the process in S308, reference may be made to S208 in FIG. 2 , so details will not be repeated here.

In this embodiment, the third-party platform needs to determine the amount of payment deduction and the service items purchased by the home device according to the payment signature and service request. Moreover, after the deduction is successful, the application platform will provide corresponding services to the home equipment according to the service request. Therefore, in this embodiment, the service request may contain information that can characterize the service item purchased by the household device. The payment signature can only serve to verify the first key on the gateway device side, that is, the deduction amount is calculated by the application platform or the payment platform according to the information in the service request. In another solution of this embodiment, the payment signature contains information representing the deduction amount, and the payment platform can directly debit the payment based on the amount obtained from the payment signature.

In this embodiment, the service request can be sent by the home device to the third-party platform, or sent by the gateway device to the third-party platform. If the home device does not have the purchase and payment function, the service request is sent by the gateway device. In addition, the service request is sent during the process of purchasing the service by the home device, but this embodiment does not specifically limit the time for sending the service request, and the timing of sending the service request can be before sending the payment signature, or after sending the payment signature, or even, In some examples of this embodiment, the service request can be sent to the third-party platform together with the payment signature.

On the third-party platform side, any one of the application platform and the payment platform can receive the service request. Of course, even if the application platform does not obtain the service request, it should at least learn about the service item corresponding to the service request through other feasible means. In an example of this embodiment, the service request sent by the home device or the gateway device is received by the application platform.

In this embodiment, the gateway device stores the first key for payment signature, and in the process of purchasing services for home devices, the gateway device can generate a payment signature based on the first key for the third-party platform to use according to the payment signature. The signature completes the security verification in the payment process. After the verification of the payment signature by the third-party platform, the purchase service will be provided to the home device. At the same time, since all household devices under the gateway device can realize purchase and payment through the gateway device, this embodiment provides a payment solution based on the gateway device, and this solution can optimize the management of purchase and payment of household devices.

Embodiment two:

This embodiment provides a gateway device that can jointly execute the payment method provided in Embodiment 1 with a third-party platform, please refer to Figure 4:

The gateway device 40 includes a storage module 402, a first processing module 404, and a first communication module 406, wherein the storage module 402 stores a first key for payment. The first processing module 404 is configured to generate a payment signature based on the first key during the process of purchasing a service by the home device connected in communication with itself. The first communication module 406 is used to send the payment signature to a third-party platform.

In this embodiment, the purchase service of the home device is not limited to the process of the purchase action performed by the home device, it may also refer to other devices, such as the situation where the gateway device 40 helps the home device to purchase services from a third-party platform. Whether the home device purchases the service itself or the gateway device 40 helps the home device purchase the service, successful payment is required before the service is successfully purchased. In order to pay successfully, payment verification is required. In this embodiment, the first key used for payment verification is stored in the storage module 402 of the gateway device 40. Therefore, in the process of purchasing services for the home device, the first processing module 404 needs to use the first key stored in the storage module 402. A key generates payment signatures.

Specifically, after receiving the payment request, the first processing module 404 encrypts the payment request with the first key to obtain a payment signature. Wherein, the payment request may come from a home device or a client. In the case that the home device purchases the service itself, the payment request is sent by the home device to the gateway device. When the household device itself cannot initiate a purchase action, for example, the model of the household device is relatively old and does not support purchase payment, the user can send a payment request to the first communication module 406 of the gateway device 40 through the client to instruct the first processing module 404 Generate a payment signature to deal with payment verification.

After the first processing module 404 generates the payment signature, the first communication module 406 will send the payment signature to the third-party platform for the third-party platform to verify the payment signature according to the stored second key. There are two ways for the first communication module 406 to send the payment signature to the third-party platform:

In the first way, the first communication module 406 directly sends the payment signature generated by the first processing module 404 to the third-party platform. It can be understood that the third-party platform includes one or more servers, therefore, the communication between the first communication module 406 and the third-party platform belongs to long-distance communication and needs to be performed based on WAN (wide area network) communication.

In the second way, the first communication module 406 first transmits the payment signature to the home device, and then the home device sends the payment signature to the third-party platform. In this transmission manner, the first communication module 406 may transmit the payment signature to the household device based on the short-range communication manner. After the home device receives the payment signature, it sends the payment signature to the third-party platform. If the home device has remote communication capabilities, such as supporting cellular communication, the home device can directly communicate with the third-party platform.

One or more household devices can be connected to one gateway device 40, including but not limited to common smart TVs, smart refrigerators, smart water meters, smart electricity meters, smart gas meters, smart air conditioners, smart washing machines, etc. . The first communication module 406 can communicate with these household devices through short-range communication, for example, through wireless communication such as WiFi, ZigBee, and Bluetooth.

After the first communication module 406 sends the payment signature to the third-party platform directly or indirectly, the application platform or payment platform in the third-party platform will use the second key to verify the payment signature. After the verification is successful, the payment platform completes the payment deduction corresponding to the service request. If the deduction is successful, the application platform will provide the home device with the service corresponding to the service request.

The service request can be sent to the third-party platform by the home device, or can be sent to the third-party platform by the first communication module 406 of the gateway device 40 . In an example of this embodiment, the service request may contain information such as the service item that can represent the purchase of the home device, and the payment signature may only serve to verify the first key on the gateway device side, that is, the deducted amount is determined by the application. The platform or payment platform calculates it based on the information in the service request. In another example of this embodiment, the payment signature sent by the first communication module 406 includes information representing the deduction amount, and the payment platform may directly debit the payment according to the amount obtained from the payment signature.

The first communication module 406 of the gateway device 40 may send the service request together with the payment signature to the third-party platform, or separately. For example, in an example of this embodiment, the gateway device first sends a service request to the application platform in the third-party platform, and then generates a payment signature by encrypting the obtained payment request according to the first key, and then the payment signature Send it to the application platform or payment platform to complete the signature verification.

Part of the functions of the gateway device in the above example can be realized by computer programs. For example, some of the processes are written as computer programs and stored in the memory of the gateway device. When the communication device of the gateway device receives the payment request sent by the user through the client or When receiving the payment request sent by the home device and determining that payment is required, the processor of the gateway device extracts the computer program in the memory, compiles and executes it, specifically, the processor extracts the first key pair received from the memory The payment request is encrypted to obtain the payment signature. Then, the processor transmits the payment signature to the communication device, and the communication device directly or indirectly sends the payment signature to the third-party platform.

In another example of this embodiment, the functions of the storage module and the first processing module in the gateway device may be implemented by a security chip. That is to say, the first key is stored by the security chip, and the payment signature is generated by the security chip. The security chip, also known as the trusted platform module, is a device that can independently generate keys, encrypt and decrypt, and has an independent processor and storage unit inside, which can store keys and feature data. When using a security chip to store the key, the key is stored in the hardware in the secure storage area of the chip and cannot be read out of the chip, thus ensuring the security of the key. The storage and processing functions of the security chip can prevent hacker attacks and virus damage.

In this embodiment, the gateway device stores the first key for payment signature, and in the process of purchasing services for home devices, the gateway device can generate a payment signature based on the first key for the third-party platform to use according to the payment signature. The signature completes the security verification in the payment process. After the verification of the payment signature by the third-party platform, the purchase service will be provided to the home device. At the same time, since all household devices under the gateway device can realize purchase and payment through the gateway device, this embodiment provides a payment solution based on the gateway device, and this solution can optimize the management of purchase and payment of household devices.

On the other hand, a security chip is added to the gateway device, and the security chip uses hardware to store the first key, which greatly enhances the security of the first key and avoids the risk of the first key being stolen. At the same time, the work of generating the payment signature according to the payment request is also undertaken by the security chip. Compared with the encryption work of the payment request realized by software in the prior art, this solution encrypts the payment request by hardware, which is effective in preventing hacker attacks and virus damage. It has more significant advantages, better guarantees the safety of the user's property, and improves the user experience.

Embodiment three:

This embodiment provides a third-party platform that can implement the payment method provided in Embodiment 1 together with the gateway device in Embodiment 2.

As shown in Figure 5, the third-party platform 50 includes a second communication module 502 and a second processing module 504, wherein the second communication module 502 is used to obtain the payment signature generated by the gateway device; the second processing module 504 is used to use the local pre-stored The second key is used to perform signature verification on the payment signature, and process the service request for purchasing the service according to the verification result.

The second communication module 502 may receive the payment signature from the gateway device or the home device, and then verify the payment signature. In this embodiment, the third-party platform 50 can be divided into an application platform and a payment platform. The payment platform and the application platform can be deployed on different servers. When the payment platform and the application platform are in one-to-one correspondence, the payment platform and the application platform can be deployed on one server. Wherein, the application platform is operated by a service provider, which can manage corresponding services. For example, a power management platform operated by a power company is used to provide corresponding power service management to smart meters. The payment platform is the payment platform supported by the application platform, or in other words, the payment platform has a cooperative relationship with the application platform. At present, the more common payment platforms include Alipay, WeChat Pay, etc.

It should be understood that when purchasing services for home equipment, the specific service management is completed by the application platform, while the payment deduction work is completed by the payment platform. For example, if the gateway device initiates a service request to pre-store 200 yuan of electricity charges for the family, the application platform will first increase the available amount of the smart meter in the family by 200 yuan after the payment platform completes the deduction of 200 yuan.

After the second communication module 502 obtains the payment signature, the second processing module 504 will use the locally pre-stored second key to verify the payment signature, and process the service request for purchasing services according to the verification result.

The second key may be the same as the first key, that is to say, the verified and verified process between the gateway device and the third-party platform 50 is based on a symmetric encryption mechanism. It can be understood that when the first key and the second key are symmetric keys, when the gateway device transmits the second key to the third-party platform 50, it also needs to encrypt the second key to ensure its transmission security sex. Of course, the second key can also be different from the first key. For example, in this embodiment, the verified and verified process between the gateway device and the third-party platform 50 is based on an asymmetric encryption mechanism, the first key is a private key, and the second key owned by the third-party platform 50 is The public key corresponding to this private key. If the data is encrypted with the public key, it can only be decrypted with the corresponding private key; if the data is encrypted with the private key, it can only be decrypted with the corresponding public key. At the same time, the information that can be decrypted by the public key must be encrypted by the corresponding private key. Although the public key owned by the third-party platform 50 is publicly known, only the corresponding gateway device has the first key, so in this case, when the second processing module 504 can successfully decrypt the payment signature, it means The private key stored by the gateway device is correct, which also verifies the legal identity of the gateway device.

In this embodiment, it is feasible for the payment signature to be received by the application platform or by the payment platform. Because the verification of the payment signature can be completed by the application platform or the payment platform. In addition, even if the platform receiving the payment signature does not have the ability to verify, it can also send the payment signature to another platform to complete the verification. Therefore, the function of the second communication module 502 can be realized by the server where the payment platform is located or the communication device of the server where the application platform is located. The function of the second processing module 504 needs to be realized jointly by the server where the payment platform is located and the server where the application platform is located. The schemes of signature verification completed by the application platform and the payment platform are introduced respectively as follows:

If the signature verification process is completed on the application platform, there are several ways for the application platform to obtain the payment signature: receiving the payment signature from the gateway device or home device; or receiving the payment signature from the payment platform. In an example of this embodiment, the application platform directly receives the payment signature sent by the gateway device.

After obtaining the payment signature, the application platform uses the locally pre-stored second key to perform signature verification on the payment signature. It should be understood that an application platform is not only for one gateway device, and different gateway devices have different first keys, and correspondingly, the application platform will also store multiple second keys. Before verifying the payment signature generated by the gateway device, the application platform should extract the correct second key. Therefore, the corresponding relationship between the gateway device or the home device and the second key can be established on the application platform side. After the application platform obtains the payment signature, it inquires to obtain the corresponding second key to complete the signature verification.

Even if the verification result shows that the payment signature has passed the verification, it does not mean that the service request for the purchase service will be responded, because the payment deduction by the payment platform may not be successful. There are many reasons why the payment platform cannot successfully debit the payment. The main reason is that the balance of the account corresponding to the payment signature is not enough to pay the corresponding fee. Therefore, after the payment deduction is completed, the payment platform will also send the deduction result to the application platform, so that the application platform can determine whether the deduction is successful.

If the application platform determines that the deduction of the payment platform has been successful, it can respond to the service request for purchasing the service. In addition, the application platform does not respond to the corresponding service request, including the case that the signature verification fails and the deduction fails. For different situations, the application platform can send corresponding prompt information to the gateway device, such as prompting the gateway The device signature verification failed or the account balance corresponding to the gateway device is not enough.

If the signature verification process is completed on the payment platform, the payment platform can also receive the payment signature from the gateway device or the home device; or receive the payment signature from the application platform.

After obtaining the payment signature, the payment platform uses the locally pre-stored second key to perform signature verification on the payment signature. It should be understood that a payment platform is not only for one gateway device, and different gateway devices have different first keys, and correspondingly, the payment platform will also store multiple second keys. Before verifying the payment signature generated by the gateway device, the payment platform should extract the correct second key. Therefore, the corresponding relationship between the gateway device or the home device and the second key can be established on the payment platform side. After the payment platform obtains the payment signature, it queries to obtain the corresponding second key to complete the signature verification.

Even if the verification result shows that the payment signature has passed the verification, it does not mean that the service request for the purchase service will be responded, because the payment deduction by the payment platform may not be successful. There are many reasons why the payment platform cannot successfully debit the payment. The main reason is that the balance of the account corresponding to the payment signature is not enough to pay the corresponding fee. Therefore, the payment platform will send the deduction result to the application platform after the payment signature verification is passed and the payment is deducted.

If the application platform determines that the deduction of the payment platform has been successful, it can respond to the service request for purchasing the service. In addition, the application platform does not respond to the corresponding service request, including the case that the signature verification fails and the deduction fails. For different situations, the application platform can send corresponding prompt information to the gateway device, such as prompting the gateway The device signature verification failed or the account balance corresponding to the gateway device is not enough.

In this embodiment, the second processing module 504 needs to determine the amount of payment deduction and the service items purchased by the household device according to the payment signature and the service request. Moreover, after the deduction is successful, the application platform will provide corresponding services to the home equipment according to the service request. Therefore, the service request may contain information that can characterize the service item purchased by the household device. The payment signature can only serve to verify the first key on the gateway device side, that is, the deduction amount is calculated by the application platform or the payment platform according to the information in the service request. In another solution of this embodiment, the payment signature contains information representing the deduction amount, and the payment platform can directly debit the payment based on the amount obtained from the payment signature.

In this embodiment, the service request can be sent by the home device to the second communication module 502, or sent by the gateway device to the second communication module 502. In the case that the home device does not have the purchase payment function, the service request is sent by the gateway device . In addition, the service request is sent during the process of purchasing the service by the home device, but this embodiment does not specifically limit the time for sending the service request, and the timing of sending the service request can be before sending the payment signature, or after sending the payment signature, or even, In some examples of this embodiment, the service request may be sent to the second communication module 502 together with the payment signature.

On the side of the third-party platform 50, any one of the application platform and the payment platform can receive the service request. Of course, even if the application platform does not obtain the service request, it should at least learn about the service item and other information corresponding to the service request through other feasible ways. In an example of this embodiment, the service request sent by the home device or the gateway device is received by the application platform.

In this embodiment, the second key for verifying the payment signature is stored on the third-party platform. During the process of purchasing services for home devices, the third-party platform can sign the payment signature generated by the gateway device based on the first key. Verification, judging whether the first key stored on the gateway device side is correct, and then determining the payment qualification of the gateway device. After the verification of the payment signature is passed, the third-party platform will provide the purchase service to the home device. At the same time, since the home devices under the gateway device can realize the purchase and payment through the gateway device, the third-party platform in this embodiment can cooperate with the gateway device to provide a new payment solution based on the gateway device, and the The solution can optimize the management of home equipment purchase and payment.

Embodiment four:

This embodiment provides a payment system. As shown in FIG. 6 , the payment system 6 includes the gateway device 40 provided in the second embodiment, the third-party platform 50 and the home device 60 provided in the third embodiment.

The structure of the gateway device 40 and the third-party platform 50 will not be described in detail in this embodiment, and the household device 60 will be briefly introduced below in conjunction with FIG. 7 :

The household device 60 includes a third communication module 602 and a third processing module 604, wherein the third processing module 604 can generate a payment request and send it to the gateway device 40 through the third communication module 602, so that the gateway device 40 can communicate with the payment request according to the payment request. The locally stored first key generates a payment signature.

In an example of this embodiment, the third communication module 602 can realize short-range communication and long-distance communication, so the third communication module 602 can also receive the payment signature sent by the gateway device 40, and send the payment signature based on remote communication technologies such as cellular. The signature is sent to the third-party platform 50 . It can be understood that, in some examples, after the gateway device 40 generates the payment signature, it directly sends the payment signature to the third-party platform. Therefore, in these examples, the third communication module 602 does not need to receive the payment signature and send The third-party platform 50 forwards. In addition, the third communication module 602 can also send a service request to the third-party platform, and the service request can indicate to the third-party platform 50 information such as service items that the household device 60 needs to purchase. The third communication module 602 may send the service request to the third-party platform before sending the payment signature, or may send the service request after sending the payment signature, and in some examples of this embodiment, the third communication module 602 will The payment signature is sent to the third-party platform 50 together with the service request.

In an example of this embodiment, the household device 60 further includes a monitoring module 606 , and the monitoring module 606 is configured to monitor its own service providing capability and send the monitoring result to the third processing module 604 . The service provision capability of home equipment represents the ability of home equipment to provide services to users. For example, the service provision capability of a smart meter is the remaining available electricity, and the service provision capability of a smart gas meter is the remaining available gas. When the third processing module 604 determines according to the monitoring result of the monitoring module 606 that the service provision capability of the household device 60 is lower than the preset threshold, it can automatically generate a payment request, and control the third communication module 602 to send the payment request to the gateway device 40 In order to complete the payment and realize the purchase of services. It can be understood that the generation of the payment request by the third processing module 604 in this embodiment may be performed not only according to the monitoring result of the monitoring module 606, but also according to the user's instruction.

After the user registers as a legitimate user of the third-party platform, and before the home device or gateway device uses the remote online payment function for the first time, the user identity key must be set on the gateway device and the third-party platform, and then it can be reset periodically or when needed. Set that key. The user identity key may be a symmetric key, that is, the first key stored on the gateway device may be the same as the second key stored on the third-party platform. It can be understood that when the first key and the second key are symmetric keys, when the gateway device 40 transmits the second key to the third-party platform 50, it also needs to encrypt the second key to ensure its transmission safety. However, in this embodiment, the user identity key used by the gateway device and the third-party platform is an asymmetric key, and the first key used by the gateway device is a private key, while the second key used by the third-party platform is public key. The first key and the second key can be generated by the security chip in the gateway device. After the security chip generates the user identity key, it stores the private key itself and sends the public key to the third-party platform through the communication device in the gateway device. . The private key is stored in the hardware of the security chip, which can effectively improve its security.

The following assumes that the third-party platform is jointly composed of an application platform and a payment platform, and that home devices have the ability to purchase services. The payment system in this embodiment will be further introduced in combination with some specific scenario examples. In these examples, the gateway device is triggered to generate a payment The reason for the signature is that the home device sent a payment request to it:

Scenario 1, as shown in Figure 8:

S801. The home device sends a payment request to the gateway device.

It is understandable that although the payment request is actively sent by the home device to the gateway device, the reason that triggers the home device to send the payment request may be that the user purchases the service through the home device, or it may be that the home device provides capabilities for its own services. Monitoring thus initiates service purchases.

S802. The gateway device uses the private key to sign the payment request.

The process of the gateway device using the private key to sign the payment request is essentially the process of using the private key to encrypt the payment request.

S803. The gateway device returns the payment signature result to the home device.

The gateway device can send the payment signature to the home device through the short-range communication unit in its communication device, using WiFi, Bluetooth, ZigBee and other methods.

S804. The home device sends the service request and the payment signature to the application platform.

When home devices send service requests and payment signatures, they can be sent separately, or they can be sent together. In addition, if the home device has remote communication capabilities, for example, the home device supports cellular communication, the service request and payment signature can be sent directly without going through the gateway device.

S805. The application platform uses the public key to verify the payment signature.

Since the public key stored on the application platform and the private key used by the gateway device are a pair of keys, the payment signature sent by the gateway device can only be decrypted using the corresponding public key. However, tens of thousands of public keys may be stored on the application platform. These public keys are the identity keys of different users. Therefore, after receiving the payment signature, the application platform needs to extract The only correct public key to perform signature verification on the payment signature.

S806. After the verification is passed, the application platform notifies the payment platform to deduct the payment.

It can be understood that the payment signature received by the application platform is obtained by encrypting the payment request sent by the home device. Therefore, what is obtained after the application platform decrypts the payment signature is the payment request sent by the home device to the gateway device. Therefore, when the payment request sent by the home device contains information such as the deduction amount, the application platform can directly send the payment request to the payment platform after decrypting the payment request, so as to notify the payment platform to perform payment deduction and the deduction amount the goal of.

However, if the payment request sent by the home device to the gateway device is only to trigger the gateway device to generate a payment signature for the purpose of subsequent signature verification, then the application platform may need to reset the payment request based on the service items requested in the service request and other information after the verification is passed. Generate a new payment request and send it to the payment platform, and the payment request includes information such as the deducted amount.

S807. The payment platform performs payment deduction.

S808. The payment platform notifies the application platform of the deduction result.

The deduction by the payment platform may be successful, or the deduction may fail due to insufficient balance in the user account. Therefore, after the deduction is completed, the payment platform can notify the application platform of the deduction result for the application platform to decide Whether to provide services to home devices.

Of course, the payment platform and the application platform can also agree to only give feedback to the application platform when the deduction fails, otherwise the default deduction is successful.

S809. The application platform completes relevant application services after confirming that the deduction is successful.

While the application platform provides corresponding services to the household equipment, it can also send prompt information to the household equipment to inform the household equipment that the service has been successfully purchased. Of course, when the application platform determines that the service cannot be provided to the home device due to signature verification failure or deduction failure, it can also feed back relevant information to it. Undoubtedly, if it is due to deduction failure, the notification information can be sent by the payment platform; if it is due to verification failure, the verification party, that is, the application platform, will notify the home device.

Scenario 2, as shown in Figure 9:

S901. The home device sends a service request to the application platform.

S902. The home device sends the payment request to the gateway device.

It is understandable that although the payment request is actively sent by the home device to the gateway device, the reason that triggers the home device to send the payment request may be that the user purchases the service through the home device, or it may be that the home device provides capabilities for its own services. Monitoring thus initiates service purchases.

S903. The gateway device uses the private key to sign the payment request.

The process of the gateway device using the private key to sign the payment request is essentially the process of using the private key to encrypt the payment request.

S904. The gateway device sends the payment signature result to the application platform.

The gateway device can send the payment signature to the application platform through the remote communication unit in its communication device.

S905. The application platform uses the public key to verify the payment signature.

Since the public key stored on the application platform and the private key used by the gateway device are a pair of keys, the payment signature sent by the gateway device can only be decrypted using the corresponding public key. However, tens of thousands of public keys may be stored on the application platform. These public keys are the identity keys of different users. Therefore, after receiving the payment signature, the application platform needs to extract The only correct public key to perform signature verification on the payment signature.

S906. After the verification is passed, the application platform notifies the payment platform to deduct the payment.

It can be understood that the payment signature received by the application platform is obtained by encrypting the payment request sent by the home device. Therefore, what is obtained after the application platform decrypts the payment signature is the payment request sent by the home device to the gateway device. Therefore, when the payment request sent by the home device contains information such as the deduction amount, the application platform can directly send the payment request to the payment platform after decrypting the payment request, so as to notify the payment platform to perform payment deduction and the deduction amount the goal of.

However, if the payment request sent by the home device to the gateway device is only to trigger the gateway device to generate a payment signature for the purpose of subsequent signature verification, then the application platform may need to reset the payment request based on the service items requested in the service request and other information after the verification is passed. Generate a new payment request and send it to the payment platform, and the payment request includes information such as the deducted amount.

S907. The payment platform performs payment deduction.

S908. The payment platform notifies the application platform of the deduction result.

The deduction by the payment platform may be successful, or the deduction may fail due to insufficient balance in the user account. Therefore, after the deduction is completed, the payment platform can notify the application platform of the deduction result for the application platform to decide Whether to provide services to home devices.

Of course, the payment platform and the application platform can also agree to only give feedback to the application platform when the deduction fails, otherwise the default deduction is successful.

S909. The application platform completes relevant application services after confirming that the deduction is successful.

While the application platform provides corresponding services to the household equipment, it can also send prompt information to the household equipment to inform the household equipment that the service has been successfully purchased. Of course, when the application platform determines that the service cannot be provided to the home device due to signature verification failure or deduction failure, it can also feed back relevant information to it. Undoubtedly, if it is due to deduction failure, the notification information can be sent by the payment platform; if it is due to verification failure, the verification party, that is, the application platform, will notify the home device.

Scenario three, as shown in Figure 10:

S1001. The home device sends a service request to the application platform.

S1002. The home device sends the payment request to the gateway device.

It is understandable that although the payment request is actively sent by the home device to the gateway device, the reason that triggers the home device to send the payment request may be that the user purchases the service through the home device, or it may be that the home device provides capabilities for its own services. Monitoring thus initiates service purchases.

S1003. The gateway device uses the private key to sign the payment request.

The process of the gateway device using the private key to sign the payment request is essentially the process of using the private key to encrypt the payment request.

S1004. The gateway device returns the payment signature to the home device.

The gateway device can send the payment signature to the home device through the short-range communication unit in its communication device, using WiFi, Bluetooth, ZigBee and other methods.

S1005. The home device sends the payment signature to the payment platform.

In this example, the home device has remote communication capabilities, such as cellular communication capabilities, and can directly send service requests and payment signatures without going through the gateway device.

S1006. The payment platform uses the public key to verify the payment signature.

Since the public key stored on the payment platform and the private key used by the gateway device are a pair of keys, the payment signature sent by the home device can only be decrypted using the corresponding public key. However, tens of thousands of public keys may be stored on the payment platform. These public keys are the identity keys of different users. Therefore, after receiving the payment signature, the payment platform needs to extract The only correct public key to perform signature verification on the payment signature.

S1007. The payment platform deducts the payment after the verification is passed.

It can be understood that the payment signature received by the payment platform is obtained by encrypting the payment request sent by the home device. Therefore, what is obtained after the payment platform decrypts the payment signature is the payment request sent by the home device to the gateway device. Therefore, when the payment request sent by the home device contains information such as the deduction amount, the payment platform can directly complete the deduction according to the payment request after decrypting the payment request.

However, if the payment request sent by the home device to the gateway device is only to trigger the gateway device to generate a payment signature for the purpose of subsequent signature verification, then the payment platform may need to obtain relevant information about the service request from the application platform after the verification is passed. Only information such as the service items requested to be purchased in the service request can be deducted.

In this example, information such as the deducted amount is included in the payment request sent by the home device.

S1008. The payment platform notifies the application platform of the deduction result.

The deduction by the payment platform may be successful, or the deduction may fail due to insufficient balance in the user account. Therefore, after the deduction is completed, the payment platform can notify the application platform of the deduction result for the application platform to decide Whether to provide services to home devices.

Of course, the payment platform and the application platform can also agree to only give feedback to the application platform when the deduction fails, otherwise the default deduction is successful.

S1009. The application platform completes relevant application services after confirming that the deduction is successful.

While the application platform provides corresponding services to the household equipment, it can also send prompt information to the household equipment to inform the household equipment that the service has been successfully purchased. Of course, when the application platform determines that the service cannot be provided to the home device due to signature verification failure or deduction failure, it can also feed back relevant information to it. Undoubtedly, if it is due to deduction failure, the notification information can be sent by the payment platform; if it is due to verification failure, the verification party, that is, the payment platform, will notify the home device.

Scenario example four, as shown in Figure 11:

S1101. The home device sends a service request to the application platform.

S1102. The home device sends the payment request to the gateway device.

It is understandable that although the payment request is actively sent by the home device to the gateway device, the reason that triggers the home device to send the payment request may be that the user purchases the service through the home device, or it may be that the home device provides capabilities for its own services. Monitoring thus initiates service purchases.

S1103. The gateway device uses the private key to sign the payment request.

The process of the gateway device using the private key to sign the payment request is essentially the process of using the private key to encrypt the payment request.

S1104. The gateway device sends the payment signature result to the payment platform.

The gateway device can send the payment signature to the payment platform through the remote communication unit in its communication device.

S1105. The payment platform uses the public key to verify the payment signature.

Since the public key stored on the payment platform and the private key used by the gateway device are a pair of keys, the payment signature sent by the home device can only be decrypted using the corresponding public key. However, tens of thousands of public keys may be stored on the payment platform. These public keys are the identity keys of different users. Therefore, after receiving the payment signature, the payment platform needs to extract The only correct public key to perform signature verification on the payment signature.

S1106. The payment platform deducts the payment after the verification is passed.

It can be understood that the payment signature received by the payment platform is obtained by encrypting the payment request sent by the home device. Therefore, what is obtained after the payment platform decrypts the payment signature is the payment request sent by the home device to the gateway device. Therefore, when the payment request sent by the home device contains information such as the deduction amount, the payment platform can directly complete the deduction according to the payment request after decrypting the payment request.

However, if the payment request sent by the home device to the gateway device is only to trigger the gateway device to generate a payment signature for the purpose of subsequent signature verification, then the payment platform may need to obtain relevant information about the service request from the application platform after the verification is passed. Only information such as the service items requested to be purchased in the service request can be deducted.

In this example, information such as the deducted amount is included in the payment request sent by the home device.

S1107. The payment platform notifies the application platform of the deduction result.

The deduction by the payment platform may be successful, or the deduction may fail due to insufficient balance in the user account. Therefore, after the deduction is completed, the payment platform can notify the application platform of the deduction result for the application platform to decide Whether to provide services to home devices.

Of course, the payment platform and the application platform can also agree to only give feedback to the application platform when the deduction fails, otherwise the default deduction is successful.

S1108. The application platform completes relevant application services after confirming that the deduction is successful.

While the application platform provides corresponding services to the household equipment, it can also send prompt information to the household equipment to inform the household equipment that the service has been successfully purchased. Of course, when the application platform determines that the service cannot be provided to the home device due to signature verification failure or deduction failure, it can also feed back relevant information to it. Undoubtedly, if it is due to deduction failure, the notification information can be sent by the payment platform; if it is due to verification failure, the verification party, that is, the payment platform, will notify the home device.

In the payment system provided by this embodiment, the gateway device generates the first key and the second key for purchase payment, and stores the first key in a security chip of the gateway device. The hardware is used to store the security key, thereby ensuring the security of the first key. On the other hand, the first key and the second key belong to the private key and the public key in the asymmetric key respectively, so the payment platform or application platform in the third-party platform can use the second key to implement the first Key verification. When home devices need to purchase services, the gateway device uses a security chip to generate a payment signature, and the process is not easy to be attacked, which fully guarantees payment security.

Embodiment five:

This embodiment continues to introduce the payment system provided in the fourth embodiment, and it is still assumed that the third-party platform is composed of an application platform and a payment platform. The difference from Embodiment 4 is that the home equipment does not have the ability to purchase services, for example, the model of the home equipment is relatively old and does not support purchase. Therefore, in this embodiment, the purchase and payment process does not require the participation of household devices. The payment request received by the gateway device may be initiated by the user through the client to the gateway device, or initiated by the user directly operating on the gateway device. Here are some specific scenario examples:

Scenario example five, as shown in Figure 12:

S1201. The gateway device uses the private key to sign the payment request.

The process of the gateway device using the private key to sign the payment request is essentially the process of using the private key to encrypt the payment request.

S1202. The gateway device sends the payment signature and service request to the application platform.

The gateway device can send the payment signature and service request to the application platform through the remote communication unit in its communication device. When the gateway device sends the service request and the payment signature, it can send them separately or send them together.

S1203. The application platform uses the public key to verify the payment signature.

Since the public key stored on the application platform and the private key used by the gateway device are a pair of keys, the payment signature sent by the gateway device can only be decrypted using the corresponding public key. However, tens of thousands of public keys may be stored on the application platform. These public keys are the identity keys of different users. Therefore, after receiving the payment signature, the application platform needs to extract The only correct public key to perform signature verification on the payment signature.

S1204. After the verification is passed, the application platform notifies the payment platform to deduct the payment.

It can be understood that the payment signature received by the application platform is obtained by encrypting the payment request sent by the client. Therefore, what is obtained after the application platform decrypts the payment signature is the payment request sent by the client to the gateway device. Therefore, when the payment request sent by the client includes information such as the deduction amount, the application platform can directly send the payment request to the payment platform after decrypting the payment request, so as to notify the payment platform to perform payment deduction and the deduction amount the goal of.

However, if the payment request sent by the client to the gateway device is only to trigger the gateway device to generate a payment signature for the purpose of subsequent signature verification, then the application platform may need to renew the payment request based on the service items requested in the service request and other information after the verification is passed. Generate a new payment request and send it to the payment platform, and the payment request includes information such as the deducted amount.

S1205. The payment platform performs payment deduction.

S1206. The payment platform notifies the application platform of the deduction result.

The deduction by the payment platform may be successful, or the deduction may fail due to insufficient balance in the user account. Therefore, after the deduction is completed, the payment platform can notify the application platform of the deduction result for the application platform to decide Whether to provide services to home devices.

Of course, the payment platform and the application platform can also agree to only give feedback to the application platform when the deduction fails, otherwise the default deduction is successful.

S1207. The application platform completes relevant application services after confirming that the deduction is successful.

While the application platform provides corresponding services to the household equipment, it can also send prompt information to the client to inform the household equipment that the service has been successfully purchased. Of course, when the application platform determines that the service cannot be provided to the home device due to signature verification failure or deduction failure, it can also feed back relevant information to it. Undoubtedly, if it is due to deduction failure, the notification information can be sent by the payment platform, and if it is due to verification failure, the verification party, that is, the application platform, will notify the client.

Scenario example six, as shown in Figure 13:

S1301. The gateway device sends a service request to the application platform.

S1302. The gateway device uses the private key to sign the payment request.

The process of the gateway device using the private key to sign the payment request is essentially the process of using the private key to encrypt the payment request.

S1303. The gateway device sends the payment signature result to the payment platform.

The gateway device can send the payment signature to the payment platform through the remote communication unit in its communication device.

S1304. The payment platform uses the public key to verify the payment signature.

Since the public key stored on the payment platform and the private key used by the gateway device are a pair of keys, the payment signature sent by the gateway device can only be decrypted using the corresponding public key. However, tens of thousands of public keys may be stored on the payment platform. These public keys are the identity keys of different users. Therefore, after receiving the payment signature, the payment platform needs to extract The only correct public key to perform signature verification on the payment signature.

S1305. The payment platform deducts the payment after the verification is passed.

It can be understood that the payment signature received by the payment platform is obtained by encrypting the payment request by the gateway device. Therefore, what is obtained after the payment platform decrypts the payment signature is the payment request. Therefore, when the payment request of the gateway device includes information such as the deduction amount, the payment platform can directly complete the deduction according to the payment request after decrypting the payment request.

However, if the payment request received by the gateway device is only to trigger the gateway device to generate a payment signature for the purpose of subsequent signature verification, then the payment platform may need to obtain relevant information about the service request from the application platform after the verification is passed. In order to realize the deduction of information such as the service items requested to be purchased.

In this example, the payment request received by the gateway device includes information such as the deducted amount.

S1306. The payment platform notifies the application platform of the deduction result.

The deduction by the payment platform may be successful, or the deduction may fail due to insufficient balance in the user account. Therefore, after the deduction is completed, the payment platform can notify the application platform of the deduction result for the application platform to decide Whether to provide services to home devices.

Of course, the payment platform and the application platform can also agree to only give feedback to the application platform when the deduction fails, otherwise the default deduction is successful.

S1307. The application platform completes relevant application services after confirming that the deduction is successful.

While the application platform provides corresponding services to the home equipment, it can also send prompt information to the client corresponding to the gateway device to inform the home equipment that the service has been successfully purchased. Of course, when the application platform determines that the service cannot be provided to the home device due to signature verification failure or deduction failure, it can also feed back relevant information to the client. Undoubtedly, if the deduction fails, the notification information can be sent by the payment platform, and if the verification fails, the verification party, that is, the payment platform, will notify the client.

In the payment system provided by this embodiment, the client and the gateway device can directly help the home device to purchase services and complete the payment, which does not require the participation of the home device. Therefore, it can well help those home devices that do not support the purchase payment function due to their old models to realize service purchases, avoid the huge economic burden brought by users to update these home devices, and improve user experience.

It should be noted that, in this document, the term "comprising", "comprising" or any other variation thereof is intended to cover a non-exclusive inclusion such that a process, method, article or apparatus comprising a set of elements includes not only those elements, It also includes other elements not expressly listed, or elements inherent in the process, method, article, or device. Without further limitations, an element defined by the phrase "comprising a ..." does not preclude the presence of additional identical elements in the process, method, article, or apparatus comprising that element.

The serial numbers of the above embodiments of the present invention are for description only, and do not represent the advantages and disadvantages of the embodiments.

Through the description of the above embodiments, those skilled in the art can clearly understand that the methods of the above embodiments can be implemented by means of software plus a necessary general-purpose hardware platform, and of course also by hardware, but in many cases the former is better implementation. Based on such an understanding, the essence of the technical solution of the present invention or the part that contributes to the prior art can be embodied in the form of software products, and the computer software products are stored in a storage medium (such as ROM/RAM, disk, CD) contains several instructions to make a terminal device (which may be a mobile phone, a computer, a server, an air conditioner, or a network device, etc.) execute the methods described in various embodiments of the present invention.

Embodiments of the present invention have been described above in conjunction with the accompanying drawings, but the present invention is not limited to the above-mentioned specific implementations, and the above-mentioned specific implementations are only illustrative, rather than restrictive, and those of ordinary skill in the art will Under the enlightenment of the present invention, many forms can also be made without departing from the gist of the present invention and the protection scope of the claims, and these all belong to the protection of the present invention.

Claims (18)

1. A payment method, characterized in that it comprises: The gateway device generates a payment signature based on the locally stored first key during the process of purchasing services by the home device, and the gateway device communicates with the home device; The gateway device sends the payment signature to the third-party platform, so that the third-party platform can complete the signature verification on the payment signature based on the second key stored locally, and verify the service purchase of the service according to the verification result. The request is processed. 2. The payment method according to claim 1, wherein the gateway device sending the payment signature to a third-party platform comprises: The gateway device directly sends the payment signature to a third-party platform; or, The gateway device forwards the payment signature to a third-party platform through the home device. 3. The payment method according to claim 1, further comprising: sending a service request to the third-party platform by the gateway device or the home device. 4. The payment method according to claim 1, wherein the first key is a private key of the gateway device, and the second key is a public key corresponding to the private key . 5. The payment method according to any one of claims 1-4, wherein the gateway device generating a payment signature based on a locally stored first key comprises: The gateway device receives the payment request sent by the client, and encrypts the payment request with a first key to obtain a payment signature; or, The gateway device receives the payment request sent by the home device, and uses the first key to encrypt the payment request to obtain a payment signature. 6. A payment method, characterized in that it comprises: The third-party platform obtains the payment signature generated by the gateway device, the payment signature is generated by the gateway device based on its storage of the first key during the process of purchasing the service by the home device, and the gateway device communicates with the home device; The third-party platform uses the locally pre-stored second key to perform signature verification on the payment signature, and processes the service request for purchasing the service according to the verification result. 7. The payment method according to claim 6, wherein said third-party platform obtaining the payment signature generated by the gateway device comprises: The third-party platform receives the payment signature sent by the gateway device; or, The third-party platform receives the payment signature generated by the gateway device and forwarded by the home device. 8. The payment method according to claim 6 or 7, wherein the third-party platform includes an application platform and a payment platform; The processing of the service request for purchasing the service by the third-party platform according to the verification result includes: The application platform uses the locally pre-stored second key to perform signature verification on the payment signature; when the verification result is passed, the payment platform completes the payment deduction corresponding to the service request; the payment The platform sends the deduction result to the application platform, so that the application platform can provide the home device with the service corresponding to the service request when the deduction is successful; or, The payment platform uses the locally pre-stored second key to perform signature verification on the payment signature, and completes the payment deduction corresponding to the service request when the verification result is passed; the payment platform will deduct The payment result is sent to the application platform, so that the application platform provides the service corresponding to the service request to the home device when the deduction is successful. 9. The payment method according to claim 8, further comprising: the application platform receiving the service request sent by the gateway device or the home device. 10. A gateway device, characterized in that, comprising: A storage module, used for pre-storing the first key used for payment; The first processing module is configured to generate a payment signature based on the first key during the process of purchasing services by the home device, and the gateway device is communicatively connected to the home device; The first communication module is configured to send the payment signature to a third-party platform, so that the third-party platform can complete signature verification on the payment signature based on the locally stored second key, and verify the payment signature according to the verification result. Service requests for services are processed. 11. The gateway device according to claim 10, wherein the first communication module is used to directly send the payment signature to the third-party platform, or forward the payment signature through the home device to the third-party platform. 12. The gateway device according to claim 10, wherein the first communication module is further configured to send a service request to the third-party platform. 13. The gateway device according to any one of claims 10-12, wherein the first communication module is configured to receive a payment request sent by a client, or receive a payment request sent by the home device; The first processing module is configured to use the locally stored first key to encrypt the payment request acquired by the first communication module to obtain a payment signature. 14. A third-party platform, characterized in that, comprising: The second communication module is used to obtain the payment signature generated by the gateway device, the payment signature is generated by the gateway device based on its storage of the first key during the process of purchasing services by the home device, and the gateway device and the home device communication connection; The second processing module is configured to use a locally pre-stored second key to perform signature verification on the payment signature, and process the service request for purchasing the service according to the verification result. 15. The third-party platform according to claim 14, wherein the second communication module is used to receive the payment signature sent by the gateway device, or receive the payment signature generated by the gateway device and forwarded by the home device payment signature. 16. The third-party platform according to claim 14 or 15, wherein the second communication module is further configured to receive a service request sent by the gateway device or the home device. 17. A payment system, characterized in that it comprises the gateway device according to any one of claims 10-13, the third-party platform according to any one of claims 14-16, and a communication connection with the gateway device household equipment. 18. The payment system according to claim 17, wherein the household device is also used to monitor its own service providing capability, and when its own service providing capability is lower than a preset threshold, automatically purchase the required service and Payment is made, and the service provision capability represents the capability of the home device to provide services to the user.