CN113487314B

CN113487314B - Transaction processing method and device

Info

Publication number: CN113487314B
Application number: CN202110709214.6A
Authority: CN
Inventors: 徐智劼; 朱涛; 曾望年; 张琦; 戚文彬; 侯腾; 杨阳
Original assignee: China Unionpay Co Ltd
Current assignee: China Unionpay Co Ltd
Priority date: 2021-06-25
Filing date: 2021-06-25
Publication date: 2025-01-17
Anticipated expiration: 2041-06-25
Also published as: CN113487314A

Abstract

The embodiment of the present invention provides a transaction processing method and device. The method includes: sending a payment request to a payment device, and obtaining a first time point for sending the payment request; receiving a payment password sent by the payment device, and obtaining a second time point for receiving the payment password; determining the target distance between the payment device and the payment device according to the first time point and the second time point; if the target distance is less than a preset threshold, sending the payment password to the payment backend, so that the payment backend executes the corresponding transaction according to the payment password. If the target distance is less than the preset threshold, it means that the payment device processing the payment request is not another payment device that is far away from the payment device and may be attacked by relays, and the current transaction environment is safe, and then the payment password is sent to the payment backend for transaction processing. In this way, the risk of the payment device being attacked by relays is reduced.

Description

Transaction processing method and device

Technical Field

The embodiment of the invention relates to the technical field of secure payment, in particular to a transaction processing method, a transaction processing device, a computing device and a computer readable storage medium.

Background

With the rapid development of internet technology, more and more people select electronic payment during shopping, and the existing electronic payment modes include scanning two-dimensional code payment, near Field Communication (NFC) payment and the like, but the payment modes are easily attacked by relay, so that the transaction security is affected.

For example, as shown in fig. 1, in the NFC payment manner, the payment collecting device sends a payment collecting request to the payment device a, and the payment device a sends the payment collecting request to the payment device B, and since the payment device B is set to be free of the secret payment, the payment device B directly responds to the payment device a, and then the payment device a sends the response of the payment device B to the payment collecting device, and the payment collecting device directly deducts from the payment device B, thereby causing property loss of the user on the side of the payment device B.

In summary, the embodiment of the invention provides a transaction processing method, which is used for reducing the risk of relay attack and improving the security of transactions.

Disclosure of Invention

The embodiment of the invention provides a transaction processing method which is used for reducing the risk of relay attack of payment equipment and improving the security of transactions.

In a first aspect, an embodiment of the present invention provides a transaction processing method, including:

sending a collection request to a payment device, and acquiring a first time point for sending the collection request;

Receiving a payment password sent by the payment equipment, and acquiring a second time point for receiving the payment password;

determining a target distance between a collection device and the payment device according to the first time point and the second time point;

And if the target distance is smaller than a preset threshold value, sending the payment password to a payment background so that the payment background executes corresponding transaction according to the payment password.

In the embodiment of the application, the collection device can determine the target distance between the collection device and the payment device by acquiring the first time point for sending the collection request and the second time point for receiving the payment password, if the target distance is smaller than the preset threshold value, the payment device for processing the collection request is closer to the collection device, namely the payment device for processing the collection request is not the other payment device which is far from the collection device and possibly is attacked by the relay, the current transaction environment is safe, and then the payment password is sent to the payment background for transaction processing. Thus, the danger that the payment equipment is attacked by the relay is reduced, and the transaction safety is improved.

Optionally, the method further comprises:

Receiving time-consuming time length sent by the payment equipment for generating the payment password;

The determining a target distance between the collection device and the payment device according to the first time point and the second time point comprises:

And determining a target distance between the collection device and the payment device according to the first time point, the second time point and the time consuming time duration.

Optionally, determining the target distance between the collection device and the payment device according to the first time point, the second time point and the time consuming duration includes:

determining a transmission time length of the payment password from the payment device to the collection device according to the first time point, the second time point and the time consuming time length;

And determining a target distance between the payment equipment and the collection equipment according to the transmission time length and the transmission speed of the payment password.

Optionally, an encryption factor is carried in the collection request, so that the payment device generates the payment password based on the encryption factor;

if the target distance is smaller than a preset threshold, the payment password is sent to a payment background, so that the payment background executes corresponding transaction according to the payment password, and the method comprises the following steps:

and if the target distance is smaller than a preset threshold value, sending the payment password, the encryption factor and the payment bill to the payment background so that the payment background verifies the payment password based on the encryption factor, and after the verification is passed, executing corresponding deduction operation according to the payment bill and the payment password.

Optionally, the sending the collection request to the payment device and obtaining the first time point of sending the collection request include:

Sending a collection request to a payment device through a first ultra wideband UWB message, and acquiring the first time point from an MAC layer data frame of the first UWB message;

the receiving the payment password sent by the payment device and obtaining a second time point of receiving the payment password comprises the following steps:

And receiving a payment password sent by the payment equipment through a second UWB message, and acquiring the second time point from a MAC layer data frame of the second UWB message.

In a second aspect, an embodiment of the present invention further provides a transaction processing method, including:

Receiving a collection request sent by collection equipment;

generating a payment password according to the collection request;

The payment password is sent to the collection device, so that the collection device determines a target distance between the collection device and the payment device according to a first time point of sending the collection request and a second time point of receiving the payment password, and when the target distance is determined to be smaller than a preset threshold value, the payment password is sent to the payment background, and the payment background is used for executing corresponding transaction according to the payment password.

Optionally, the method further comprises:

acquiring a third time point of receiving the collection request;

acquiring a fourth time point for sending the payment password;

And determining a time-consuming time length for generating the payment password according to the third time point and the fourth time point, and sending the time-consuming time length to the collection device, so that the collection device determines a target distance between the collection device and the payment device according to the first time point for sending the collection request, the second time point for receiving the payment password and the time-consuming time length.

Optionally, the collection request carries an encryption factor;

Generating a payment password according to the collection request, including:

Generating a session key according to the encryption factor and the identification of the payment device;

Encrypting the identification of the payment equipment through the session key to obtain a payment ciphertext;

The payment password is generated based on the identification of the payment device and the payment ciphertext.

Optionally, the encrypting the identifier of the payment device by using the session key, to obtain a payment ciphertext includes:

And encrypting the identification of the payment equipment and the payment account information corresponding to the payment equipment through the session key to obtain a payment ciphertext.

Optionally, the acquiring a third point in time of receiving the collection request includes:

Receiving the collection request through a third UWB message, and acquiring the third time point from the MAC layer data frame of the third UWB message;

The obtaining a fourth time point of sending the payment password includes:

And sending the payment password through a fourth UWB message, and acquiring the fourth time point from the MAC layer data frame of the fourth UWB message.

In a third aspect, an embodiment of the present invention further provides a transaction processing method, including:

receiving a payment password sent by a collection device, wherein the payment password is generated by the collection device after receiving a collection request sent by the collection device and is sent to the collection device, and the collection device sends the payment password to the payment background when determining that a target distance between the collection device and the payment device is smaller than a preset threshold value, and the target distance is determined by the collection device according to a first time point for sending the collection request and a second time point for receiving the payment password;

And executing corresponding transaction according to the payment password.

Optionally, the target distance is determined by the collecting device according to a first time point of sending the collecting request and a second time point of receiving the payment password, including:

The target distance is determined by the collection device according to a first point in time when the collection request is sent, a second point in time when the payment password is received, and a time-consuming duration for generating the payment password.

Optionally, executing a corresponding transaction according to the payment password, including:

receiving an encryption factor and a bill payment sent by the collection device;

and verifying the payment password based on the encryption factor, and executing corresponding deduction operation according to the payment bill and the payment password after the verification is passed.

Optionally, the payment password includes a plaintext identification and a payment ciphertext;

verifying the payment password based on the encryption factor, and after the verification is passed, performing corresponding deduction operation according to the payment bill and the payment password, wherein the method comprises the following steps:

generating a session key according to the encryption factor and the plaintext identification;

decrypting the payment ciphertext through the session key to obtain the identifier of the payment equipment;

And if the plaintext identifier is matched with the identifier of the payment equipment, the payment background executes corresponding deduction operation based on the identifier of the payment equipment and the payment bill.

Optionally, the decrypting the payment ciphertext through the session key obtains the identifier of the payment device, including:

Decrypting the payment ciphertext through the session key to obtain the identification and payment account information of the payment equipment;

And if the plaintext identifier is matched with the identifier of the payment equipment, the payment background executes corresponding deduction operation based on the identifier of the payment equipment, the payment account information and the payment bill.

Optionally, the bill for payment includes a scene domain and an identification of the collection device;

before the corresponding deduction operation is executed according to the payment bill and the payment password, the method further comprises the following steps:

And determining that the association relationship between the scene domain and the identification of the collection device meets a preset condition.

Optionally, before the corresponding transaction is executed according to the payment password, the method further includes:

receiving the first time point and the second time point sent by the collection device;

and determining a target distance between the collection device and the payment device according to the first time point and the second time point, and determining that the target distance is smaller than a preset threshold value.

Optionally, the method further comprises:

receiving the time-consuming time duration sent by the collection device;

Determining a target distance between the checkout device and the payment device according to the first point in time and the second point in time, comprising:

In a fourth aspect, an embodiment of the present invention further provides a transaction processing apparatus, including:

a sending unit, configured to send a collection request to a payment device, and obtain a first time point for sending the collection request;

The first receiving unit is used for receiving the payment password sent by the payment equipment and acquiring a second time point for receiving the payment password;

And if the target distance is smaller than a preset threshold value, the payment password is sent to a payment background, so that the payment background executes corresponding transaction according to the payment password.

In a fifth aspect, an embodiment of the present invention further provides a transaction processing apparatus, including:

The second receiving unit is used for receiving a collection request sent by the collection device;

The payment processing unit is used for generating a payment password according to the collection request, sending the payment password to the collection device, enabling the collection device to determine a target distance between the collection device and the payment device according to a first time point of sending the collection request and a second time point of receiving the payment password, and sending the payment password to the payment background when the target distance is determined to be smaller than a preset threshold value, wherein the payment background is used for executing corresponding transaction according to the payment password.

In a sixth aspect, an embodiment of the present invention further provides a transaction processing apparatus, including:

A third receiving unit, configured to receive a payment password sent by a collection device, where the payment password is generated by the collection device after receiving a collection request sent by the collection device and sent to the collection device, and is sent to the payment background by the collection device when determining that a target distance between the collection device and the payment device is smaller than a preset threshold, where the target distance is determined by the collection terminal according to a first time point of sending the collection request and a second time point of receiving the payment password;

and the third processing unit is used for executing corresponding transaction according to the payment password.

In a seventh aspect, an embodiment of the present invention further provides a computer apparatus, including:

A memory for storing a computer program;

and the processor is used for calling the computer program stored in the memory and executing the transaction processing method listed in any mode according to the obtained program.

In an eighth aspect, embodiments of the present invention further provide a computer-readable storage medium storing a computer-executable program for causing a computer to execute the transaction processing method listed in any one of the above-described modes.

In the embodiment of the application, the collection device can determine the target distance between the collection device and the payment device by acquiring the first time point for sending the collection request and the second time point for receiving the payment password, if the target distance is smaller than the preset threshold value, the payment device for processing the collection request is closer to the collection device, namely the payment device for processing the collection request is not the other payment device which is far from the collection device and possibly is attacked by the relay, the current transaction environment is safe, and then the payment password is sent to the payment background for transaction processing. Thus, the danger that the payment equipment is attacked by the relay is reduced, and the transaction safety is improved. The payment background re-verifies the payment password, re-calculates the target distance between the collection device and the payment device, and determines whether the transaction is safe, so that the danger that the payment device is attacked by the relay is reduced, and the transaction safety is improved.

Drawings

In order to more clearly illustrate the technical solutions of the embodiments of the present invention, the drawings that are needed in the description of the embodiments will be briefly described below, and it is obvious that the drawings in the following description are only some embodiments of the present invention, and other drawings may be obtained according to these drawings without inventive effort for a person skilled in the art.

Fig. 1 is a schematic diagram of a payment device attacked by a relay according to an embodiment of the present invention;

FIG. 2 is a schematic diagram of a system architecture according to an embodiment of the present invention;

FIG. 3 is a schematic diagram of an interface displayed by a payment device after a possible user's payment is successful according to an embodiment of the present invention;

FIG. 4 is a schematic flow chart of a transaction processing method according to an embodiment of the present invention;

FIG. 5 shows a message structure of a UWB physical layer according to an embodiment of the present invention;

FIG. 6 is a schematic diagram of a UWB tag and a cashing device according to an embodiment of the present invention;

fig. 7 is a schematic structural diagram of a transaction processing device according to an embodiment of the present invention;

Fig. 8 is a schematic structural diagram of a transaction processing device according to an embodiment of the present invention;

fig. 9 is a schematic structural diagram of a transaction processing device according to an embodiment of the present invention;

Fig. 10 is a schematic structural diagram of a computer device according to an embodiment of the present invention.

Detailed Description

For the purposes of making the objects, embodiments and advantages of the present application more apparent, an exemplary embodiment of the present application will be described more fully hereinafter with reference to the accompanying drawings in which exemplary embodiments of the application are shown, it being understood that the exemplary embodiments described are merely some, but not all, of the examples of the application.

Based on the exemplary embodiments described herein, all other embodiments that may be obtained by one of ordinary skill in the art without making any inventive effort are within the scope of the appended claims. Furthermore, while the present disclosure has been described in terms of an exemplary embodiment or embodiments, it should be understood that each aspect of the disclosure can be practiced separately from the other aspects.

It should be noted that the brief description of the terminology in the present application is for the purpose of facilitating understanding of the embodiments described below only and is not intended to limit the embodiments of the present application. Unless otherwise indicated, these terms should be construed in their ordinary and customary meaning.

The terms first, second, third and the like in the description and in the claims and in the above-described figures are used for distinguishing between similar or similar objects or entities and not necessarily for describing a particular sequential or chronological order, unless otherwise indicated (Unless otherwise indicated). It is to be understood that the terms so used are interchangeable under appropriate circumstances such that the embodiments of the application are, for example, capable of operation in sequences other than those illustrated or otherwise described herein.

Furthermore, the terms "comprise" and "have," and any variations thereof, are intended to cover a non-exclusive inclusion, such that a product or apparatus that comprises a list of elements is not necessarily limited to those elements expressly listed, but may include other elements not expressly listed or inherent to such product or apparatus.

Fig. 2 illustrates a system architecture to which embodiments of the present invention are applicable, which may include a payment device 201, a collection device 202, and a payment backend 203.

The payment device 201 may pre-install a payment application, wherein the payment application may be a client application, a web application, an applet, or the like. The payment device 201 may be a mobile phone, a tablet computer, a notebook computer, a wearable device, etc. For transmitting the identification of the payment device 201 and corresponding payment account information to the payment device 202 in response to the payment request transmitted by the payment device 202.

The collection device 202 is configured to initiate a collection request or automatically initiate a collection request according to an operation of a merchant, interact with the payment device 201, obtain a collection response message corresponding to the collection request, and send the collection response message to the payment background 203 for processing. The checkout device 202 may be a swipe code window, swipe code gun, or the like, as shown in fig. 2. The payment device 201 and the collection device 202 may be directly or indirectly connected through wired or wireless communication, and the present application is not limited herein.

The payment background 203 is a background server for providing corresponding services for payment, and is configured to receive a receipt response message sent by the receipt device 202, and execute a corresponding transaction based on the receipt response message. The payment background 203 may be an independent physical server, a server cluster or a distributed system formed by a plurality of physical servers, or a cloud server providing cloud services, cloud databases, cloud computing, cloud functions, cloud storage, network services, cloud communication, middleware services, domain name services, security services, a content distribution network (Content Delivery Network, CDN), basic cloud computing services such as big data and an artificial intelligence platform. The collection device 202 and the payment backend 203 may be directly or indirectly connected through wired or wireless communication, which is not limited herein.

For example, in connection with a specific scenario, when the user's shopping ends to make a checkout, the merchant inputs a total amount, e.g., 100, that the user needs to pay to the checkout device 202, the checkout device 202 sends a checkout request, and obtains a first point in time to send the checkout request. The user holds the payment device 201 in close proximity to the collection device 202, and the payment device 201 receives the collection request and obtains a third point in time at which the collection request is received. The payment device 201 generates a payment password according to the collection request, the payment password including an identification of the payment device 201 and payment account information, such as a chinese bank deposit card bound on the cell phone C, the account number being 1234×. The payment device 201 transmits the payment password to the collection device 202 and acquires a fourth point in time at which the payment password is transmitted. The payment device 201 calculates a time-consuming period for generating the payment password in combination with the third time point and the fourth time point, and transmits the time-consuming period to the collection device 202. The collecting device 202 receives the payment password transmitted by the payment device 201, and acquires a second point in time at which the payment password is received. The checkout device 202 also receives the time-consuming time period sent by the payment device 201. The payment device 202 determines a target distance between the payment device 202 and the payment device 201 according to the first time point, the second time point and the time consuming duration, and if the target distance is determined to be smaller than the preset threshold, it is indicated that the payment device 201 processing the payment request of the payment device 202 is closer to the payment device 202, that is, the payment device 201 processing the payment request is not another payment device which is far from the payment device 202 and may be attacked by the relay, and the current transaction environment is safe. The payment device 202 uploads the payment password to the payment background 203, after the payment background 203 verifies, the payment mode is determined according to the identification in the payment password and the payment account information, the corresponding money is divided by a China bank deposit buckle with the account number of 1234 x, and adds the corresponding money to a merchant's preset collection account number, such as a China Industrial and commercial Bank savings card with an account number of 4321 x. The payment background 203 sends a successful payment receipt message to the payment device 202, the payment device 202 sends a prompt message of "you have 100 yuan to check out" to the merchant, the payment background 203 also sends a successful deduction message to the payment device 201, the payment device 201 sends a prompt message of "100 yuan successful payment" to the user, and fig. 3 shows a schematic diagram of an interface displayed by the payment device 201 after a possible successful payment of the user.

The embodiment of the invention provides a transaction processing method. As shown in fig. 4, the method comprises the following steps:

in step 401, the collecting device sends a collecting request to the payment device, and obtains a first point in time when the collecting request is sent.

The payment request may be sent in the form of an Ultra Wide Band (UWB) message, specifically, the payment request is sent to the payment device through a first UWB message, and a first time point is obtained from a MAC layer data frame of the first UWB message. Fig. 5 shows a message structure of the UWB physical layer, and as shown in fig. 5, a first time point T1 at which the collecting device sends the collecting request is extracted through a "time stamp" field in the message.

The collection request can also carry an encryption factor, wherein the encryption factor comprises at least one data of characters, random numbers or a combination of the characters and the random numbers, the encryption factor is used for identifying a message of the collection request, the uniqueness of the message is ensured, and meanwhile, the subsequent payment equipment can generate a payment password based on the encryption factor.

In step 402, the payment device receives a receipt request sent by a receipt device.

The payment device may receive the payment request through the third UWB message, and acquire a third time point T3 from the MAC layer data frame of the third UWB message.

In step 403, the payment device generates a payment password from the collection request.

The embodiment of the invention provides the following two methods for generating the payment password.

Mode one

The collection request carries the encryption factor, and the payment device generates a session key according to the encryption factor and the identification of the payment device. And encrypting the identification of the payment equipment through the session key to obtain a payment ciphertext, and then generating a payment password based on the identification of the payment equipment and the payment ciphertext.

Mode two

The collection request carries the encryption factor, and the payment device generates a session key according to the encryption factor and the identification of the payment device. And encrypting the identification of the payment equipment and the payment account information corresponding to the payment equipment through the session key to obtain a payment ciphertext. A payment password is then generated based on the identification of the payment device and the payment ciphertext.

The payment account information may be a payment account preset by the user, or may be a payment account with the highest use frequency when the user makes payment, or a payment account that is used last time by the user, or the like. Other information may be included in the payment secret, and the embodiment of the present invention does not limit the content in the payment secret.

The payment device generates a payment password in the form of an identification of the payment device and a payment ciphertext based on the identification of the payment device and the payment ciphertext.

For example, the payment device receives a collection request sent by the collection device, extracts an encryption factor, such as a random number 5, from a message of the collection request, disperses the encryption factor according to the identification of the payment device and the random number to form a session key, encrypts the identification of the payment device (such as the payment device C) and payment account information (such as "chinese bank deposit card, the account number is 1234×"), and generates a payment ciphertext, wherein the payment ciphertext is the payment device c+chinese bank deposit card, the account number is 1234×. The payment device generates a payment password based on the identification of the payment device and the payment ciphertext, payment device C (identification of the payment device) + (payment device c+chinese bank deposit card account number 1234×) (payment ciphertext).

The payment device sends the payment password to the payee device, step 404.

The payment device sends a payment password through the fourth UWB message, and obtains a fourth time point T4 from the MAC layer data frame of the fourth UWB message.

Optionally, the payment device determines a time-consuming period for generating the payment password according to the third time point and the fourth time point, and sends the time-consuming period to the collection device.

The time required for the payment device to send the payment password from the receipt of the receipt request is called as the time-consuming time period T for generating the payment password, and the time-consuming time period T, i.e., t=t4-T3, can be obtained by performing a difference process between the fourth time point and the third time point. The payment device sends the time duration t to the collection device.

Step 405, the payment receiving device receives the payment password sent by the payment device, and obtains a second time point of receiving the payment password.

The payment receiving device receives the payment password sent by the payment device through the second UWB message, and obtains a second time point T2 from the MAC layer data frame of the second UWB message.

Optionally, the collecting device may also receive the time-consuming period t sent by the payment device, where the payment password and the time-consuming period are not sent by the payment device at the same time, and then the collecting device receives the payment password and receives the time-consuming period at the same time.

In step 406, the collecting device determines a target distance between the collecting device and the payment device according to the first time point and the second time point.

The embodiment of the invention provides two ways for determining the target distance.

Mode one

The difference between the second time point and the first time point is the time difference between the receipt of the payment password by the collection device and the sending of the collection request by the collection device, wherein the time difference comprises a first transmission time length for the collection request to be transmitted from the collection device to the payment device, the time for the payment device to respond according to the collection request, and a second transmission time length for the payment password to be transmitted from the payment device to the collection device. The sum of the first transmission time period for the receipt request to be transmitted from the collection device to the payment device and the second transmission time period for the payment password to be transmitted from the payment device to the collection device is obtained by subtracting the first time period and the time consuming time period, namely T2-T1-T, from the second time period. Because the transmission distances corresponding to the first transmission time length and the second transmission time length are the distances between the payment equipment and the payment equipment, and the transmission speeds are the same, the first transmission time length and the second transmission time length are the same, so that the second transmission time length of the payment password transmitted from the payment equipment to the payment equipment is T= (T2-T1-T)/2, and the transmission speeds of the payment password are combined, so that the distance of the payment password transmitted from the payment equipment to the payment equipment, namely the target distance between the payment equipment and the payment equipment, can be determined.

Taking a UWB technology to send a message as an example, extracting a first time point T1 from a UWB message of a payment request sent by a payment receiving device to be 0ns, extracting a second time point T2 from a UWB message of a payment password received by the payment receiving device to be 374ns, extracting a third time point T3 from a UWB message of a payment request received by the payment receiving device to be 128ns, extracting a fourth time point T4 from a UWB message of a payment password sent by the payment receiving device to be 256ns, and obtaining time-consuming time duration t=256 ns-128 ns=128 ns by the payment receiving device according to T3 and T4. The payment device transmits the time-consuming period T to the collection device, which calculates a transmission period t= (T2-T1-T)/2= (374 ns-0ns-128 ns)/2=123 ns for the transmission of the payment password from the payment device to the collection device. Combining the transmission speed c (light speed) of the UWB message, obtaining a target distance s=t×c=0.37 m between the two.

Mode two

The time-consuming period for the payment device to generate the payment password may be ignored, i.e., the transmission period t= (T2-T1)/2= (374 ns-0 ns)/2=187 ns for the payment password to be sent from the payment device to the checkout device. Combining the transmission speed c (light speed) of the UWB message, obtaining a target distance s=t×c=0.56 m between the two.

It can be found that the target distance calculated in the second mode is larger than that obtained in the first mode. Since the second mode does not take the time-consuming period into account, the error is relatively large. Therefore, the preset threshold corresponding to the target distance determined in the second mode and the preset threshold corresponding to the target distance determined in the first mode can be distinguished, for example, the preset threshold corresponding to the target distance determined in the first mode is 0.3m, and the preset threshold corresponding to the target distance determined in the second mode is 0.5m.

If the collecting device determines that the target distance is less than the preset threshold, the collecting device sends the payment password to the payment background in step 407.

After the target distance determined in step 406 is 0.37m, the target distance is compared to its corresponding preset threshold value of 0.3 m. The preset threshold value can be set by a technician before the cash collecting equipment leaves the factory, and can also be set by a cash collecting merchant. The larger the preset threshold value is, the payment can be completed by the user standing at a position far away from the collecting device, the more convenient the payment process of the user is, but the risk of the payment device being attacked by the relay is increased, and the smaller the preset threshold value is, the stronger the capability of reducing the risk of the relay attack is.

In this example, the target distance 0.37m is greater than the preset threshold value 0.3m, so the possibility that the payment device is considered to be a device attacked by the relay is high, and the transaction is terminated after the collection device marks the payment device as an 'unsafe transaction' in order to ensure the security of the transaction process.

However, if the target distance between the payment devices calculated by the payment device and the payment device is 0.2m and is smaller than the preset threshold value of 0.3m, the transaction process is considered to be safe, and the payment device sends the generated encryption factor, the payment password received from the payment device and the payment bill to the payment background. The bill for payment may include a scene field, identification of the collection device, payment amount, etc.

Optionally, the collecting device may further send an original message for sending a collecting request, an original message for receiving a payment password, and an original message for receiving a time-consuming period to the payment background, so that the payment background calculates the target distance between the payment device and the collecting device again, so as to ensure the security of the transaction process.

In step 408, the payment background receives the payment password sent by the collection device.

In addition to the payment password, the payment background may also receive the encryption factor and the bill for payment sent by the collection device, which is only an example, and the embodiment of the present invention is not limited thereto.

In step 409, the payment background executes the corresponding transaction according to the payment password.

Specifically, the method comprises the following two steps.

And step one, the payment background verifies the payment password.

The format of the payment password received by the payment background is plaintext identification and payment ciphertext, the payment background adopts the plaintext identification and encryption factors to form a session key, and the session key is used for decrypting the payment ciphertext in the payment password.

And in the process that the payment equipment sends the payment password to the collection equipment and then the collection equipment sends the payment password to the payment background, the plaintext identification in the payment password is easy to be tampered maliciously. For example, the payment device C in the clear text identification is tampered with as the payment device E. When plaintext identification in the payment password is maliciously tampered, the payment background adopts the received plaintext identification and encryption factors to generate a session key, at the moment, the session key cannot unlock the payment ciphertext, and the payment background can also determine that malicious attack occurs in the payment process based on the session key, so that the payment failure is caused, and the payment flow is ended. If the payment background adopts a session key formed by the plaintext identifier and the encryption factor to unlock the payment ciphertext, the identifier of the payment device carried in the payment ciphertext is obtained, and the plaintext identifier is not tampered, at the moment, whether the plaintext identifier is matched with the identifier of the payment device carried in the payment ciphertext can be further checked, and if so, the plaintext identifier in the payment password and the payment ciphertext are not tampered.

Optionally, the bill includes a scene domain and an identifier of the collecting device, so that in order to further improve the transaction security, the payment background may first determine that the association relationship between the scene domain and the identifier of the collecting device satisfies a preset condition before executing the corresponding deduction operation.

Specifically, the payment background pre-stores association relations between each scene domain and the corresponding identification of the collection device, after obtaining the scene domain and the identification of the collection device in the bill, the payment background judges whether the association relation between the scene domain and the identification of the collection device in the bill is matched with the stored association relation, if so, corresponding deduction operation is executed, and otherwise, the payment process is ended.

For example, the scene field is a fueling scene, the identification of the collection device is D, and the payment amount is 100 yuan. And the payment background judges whether the association relation between the oiling scene and the identification D is matched with the stored association relation, namely whether the collection device identified as D is applied to the oiling scene, if so, deducts 100 elements of payment account information of the payment device in the payment password according to the payment bill, and adds the deducted money into a collection account corresponding to the collection device.

Optionally, the binding relationship between the identifier of each payment device and the payment account information is also stored in the payment background, and the payment ciphertext can also carry the payment account information. Therefore, the payment background can also verify whether the binding relation between the identification of the payment equipment and the payment account information in the payment text is correct. If the verification is passed, the possibility of being attacked maliciously in the payment process is further reduced. Through multiple times of verification, the transaction safety is improved.

Optionally, the collecting device may send the original message of the collecting request, the original message of the receiving payment password, and the original message of the receiving time-consuming duration to the payment background, where the payment background extracts the first time point T1 from the original message of the collecting device sending the collecting request, extracts the second time point T2 from the original message of the receiving payment password of the collecting device, and extracts the time-consuming duration T from the original message of the receiving time-consuming duration of the collecting device.

The collecting device may also send the original message of the collecting request and the original message of the receiving payment password to the payment background, where the payment background extracts the first time point T1 from the original message of the collecting request sent by the collecting device, and extracts the second time point T2 from the original message of the receiving payment password received by the collecting device. The payment device sends the original message of the receipt request and the original message of the payment password to the receipt device, the receipt device sends the original message of the receipt request and the original message of the payment password to the payment background, the payment background extracts a third time point T3 from the original message of the receipt request received by the payment device, and extracts a fourth time point T4 from the original message of the payment password sent by the payment device. The payment background calculates the time-consuming time duration T according to T3 and T4.

The checkout device may also send the first point in time T1, the second point in time T2, and the time duration T directly to the payment background. Of course, the payment background may also obtain the first time point T1, the second time point T2, and the time period T in other manners, which are not described herein.

The payment background calculates a target distance between the payment device and the collection device through T1, T2 and T, and compares the target distance with a preset threshold value. If the target distance is smaller than the preset threshold value, the verification is passed. And re-calculating the target distance between the payment equipment and the collection equipment through the payment background, and comparing the target distance with a preset threshold value, thereby re-verifying whether the transaction process is safe. In this way, the security of the transaction may be improved.

And step two, the payment background executes corresponding deduction operation according to the payment bill and the payment password.

In one possible implementation, the payment ciphertext is decrypted by the session key to obtain the identification of the payment device. And if the plaintext identifier is matched with the identifier of the payment device, the payment background executes corresponding deduction operation based on the identifier of the payment device and the payment bill.

Specifically, the payment background obtains payment account information bound with the payment device based on the identification of the payment device, and then executes corresponding deduction operation according to the payment account information and the payment bill. The payment account information bound with the payment device can be default payment account information preset by a user, can also be payment account information of the payment device for the last deduction, can also be payment account information with the highest deduction frequency, and the like.

In one possible implementation manner, the payment ciphertext is decrypted through the session key to obtain the identification of the payment device and the payment account information. And if the plaintext identifier is matched with the identifier of the payment equipment, the payment background executes corresponding deduction operation based on the identifier of the payment equipment, the payment account information and the payment bill.

Specifically, the payment password may directly carry payment account information, the payment account information is obtained by decrypting the payment password, and then a corresponding deduction operation is performed based on the identification of the payment device, the payment account information and the payment bill. The payment account information carried in the payment password can be payment account information selected by a user in the payment deduction process, default payment account information preset by the user, payment account information of the payment device for the last payment deduction, payment account information with the highest payment deduction frequency and the like.

It should be noted that, in the above two embodiments, before the payment background executes the corresponding deduction operation based on the identifier of the payment device, the payment account information and the payment bill, verifying whether the plaintext identifier and the identifier of the payment device match is merely an example, and the embodiment of the present application is not limited to this verification manner, and any one or more of various verification manners described in the following steps may be adopted, which is not particularly limited to this.

Further, the payment background obtains the identification of the collection device according to the payment bill, and adds the amount deducted from the deducted account to the collection account according to the collection account information corresponding to the identification of the collection device. The corresponding relation between the identification of the collection device and the collection account information can be set by a merchant, the last collection account of the merchant can be automatically determined as the current collection account by a payment background, and the account with the highest use frequency of the merchant can be determined as the collection account information. The embodiments of the present invention are not limited in this regard.

For example, the payment background determines that the payment account information is 1234×onaccount number of a China bank deposit card according to the payment password, and determines that the payment amount is 100 yuan according to the payment bill, and pays 100 yuan to the deposit card with 1234×onaccount number through a server of the China bank.

The payment background determines that the collection equipment is collection equipment D according to the payment bill, and the collection account information corresponding to the collection equipment D is: if the account number of the savings card of the China industry and commerce bank is 4321 XXXX, the amount of money 100 yuan is added to the savings card with the account number of 4321 XXXX by a server of the China industry and commerce bank.

After the transaction is completed, the payment background sends the information of successful payment to the collection equipment and the payment equipment, the collection equipment sends a prompt of successful payment to the merchant after receiving the information of successful payment, and the payment equipment displays the prompt of successful payment in the display interface after receiving the information of successful payment.

In the embodiment of the application, the collection device can determine the target distance between the collection device and the payment device by acquiring the first time point for sending the collection request, the second time point for receiving the payment password and the time-consuming time period for generating the payment password by the payment device, if the target distance is smaller than the preset threshold value, the payment device for processing the collection request is close to the collection device, namely, the payment device for processing the collection request is not far from the collection device and possibly is another payment device which is attacked by a relay, the current transaction environment is safe, and then the payment password is sent to a payment background for transaction processing. Thus, the danger that the payment equipment is attacked by the relay is reduced, and the transaction safety is improved.

The payment background re-verifies the payment password, re-calculates the target distance between the collection device and the payment device, and determines whether the transaction is safe, so that the danger that the payment device is attacked by the relay is reduced, and the transaction safety is improved.

In order to better explain the embodiments of the present application, a transaction processing method in the embodiments of the present application will be described below by taking payment by UWB tag as an example, and the transaction processing method is interactively performed by a payment device, a payment collecting device, and a payment background provided with UWB tag.

First, the structure of the UWB tag is described as shown in fig. 6:

The UWB tag 601 may be disposed on any device such as a mobile terminal, a vehicle-mounted terminal, or a wearable device, and the embodiment of the present invention does not limit the location of the UWB tag 601, and the device on which the UWB tag 601 is disposed may be used as a payment device.

The UWB tag 601 includes a first MCU (Microcontroller Unit, micro control unit) module, a first UWB communication module, a storage unit, and a magnetic induction coil.

Specifically, the first MCU module is a main control chip of the UWB tag and is responsible for regulating and controlling the first UWB communication module, the storage unit, the magnetic induction coil and other external elements.

The first UWB communication module is responsible for communicating with the checkout device 602.

The storage unit is responsible for storing encryption keys and payment account information, wherein the encryption keys can be general algorithms including SM2, SM3, SM4, AES, RSA and the like at home and abroad and are used for generating session keys. The payment account information and the encryption key are uniformly and safely written in a payment background and cannot be tampered with by stealing.

Since the UWB tag 601 requires power driving for performing the above functions, it may be mounted on a mobile terminal capable of providing power or the UWB tag 601 may be brought into contact with the checkout device 602 to obtain power when payment is made using the UWB tag 601. The embodiment of the invention also provides another method, wherein a magnetic induction coil is arranged on the UWB tag 601 for generating induction power, or a button battery or the like is additionally arranged for providing power, so that the UWB tag 601 can be arranged anywhere.

Next, the structure of the collecting apparatus 602 is described as shown in fig. 6:

the checkout device 602 mainly includes a second MCU module, a second UWB communication module, a payment module, a random number generator, and a 4G communication module.

The second MCU module is a main control chip of the cash register 602 and is responsible for regulating and controlling peripheral elements such as the second UWB communication module, the payment module random number generator, the 4G communication module and the like.

The second UWB communication module is responsible for communication with UWB tag 601.

The random number generator is used for generating random numbers.

The payment module is used for forming a payment bill.

The 4G communication module is used for communicating with the payment background.

The following describes a transaction processing method in the embodiment of the present application in combination with the structure of the UWB tag 601 and the structure of the payment collecting device 602, and the method specifically includes:

The collecting device 602 generates a random number through a random number generator, generates a collecting request through a second MCU module, transmits the collecting request to a first UWB communication module of the UWB tag 601, and extracts a first time point T1 of transmitting the collecting request from a message of transmitting the collecting request through the second UWB communication module.

The UWB tag 601 receives the receipt request through the first UWB communication module and extracts a third time point T3 of receiving the receipt request from the message of receiving the receipt request through the first UWB communication module. The UWB tag 601 generates a payment password according to the receipt request through the first MCU module, and transmits the payment password to the second UWB communication module of the receipt device 602 through the first UWB communication module. The UWB tag 601 extracts a fourth time point T4 of transmitting the payment password from the message of transmitting the payment password through the first UWB communication module. The first MCU module of the UWB tag 601 calculates a time-consuming time period T for generating a payment password according to the third time point T3 and the fourth time point T4, and transmits the time-consuming time period T to the second UWB communication module of the checkout device 602 through the first UWB communication module.

The second UWB communication module of the checkout device 602 receives the payment password and extracts the second point in time T2 from the message of the received payment password. The second MCU module of the checkout device 602 calculates a target distance of the UWB tag 601 and the checkout device 602 according to T1, T2 and T, and compares with a preset threshold. If the target distance is determined to be larger than the preset threshold value, the payment process is ended, and if the target distance is determined to be smaller than the preset threshold value, the random number generated by the random number generator and the payment password are sent to the payment background 603 through the 4G communication module. The checkout device 602 generates a bill for payment through the payment module, including the scene field of the current payment, the amount to be paid, the identification of the checkout device 602, and the like. The collection device 602 sends the bill for payment to the payment backend 603 through the 4G communication module.

The payment background 603 verifies the security of the payment password, and if the verification is passed, corresponding deduction operation is performed according to the payment bill and the payment password.

Based on the same technical concept, fig. 7 illustrates an exemplary structure of a transaction processing apparatus provided in an embodiment of the present invention, which may perform a flow of transaction processing performed by a cash register.

As shown in fig. 7, the apparatus specifically includes:

A transmitting unit 701, configured to transmit a collection request to a payment device, and acquire a first time point at which the collection request is transmitted;

A first receiving unit 702, configured to receive a payment password sent by the payment device, and obtain a second time point of receiving the payment password;

The first processing unit 703 is configured to determine a target distance between the collection device and the payment device according to the first time point and the second time point, and if the target distance is less than a preset threshold, send the payment password to a payment background, so that the payment background executes a corresponding transaction according to the payment password.

Optionally, the first receiving unit 702 is specifically configured to:

the first processing unit 703 is specifically configured to:

Optionally, the first processing unit 703 is specifically configured to:

the first receiving unit 702 is specifically configured to:

Optionally, the sending unit 701 is specifically configured to:

the first receiving unit 702 is specifically configured to:

Based on the same technical concept, fig. 8 exemplarily shows a structure of a transaction processing apparatus provided by an embodiment of the present invention, which may perform a flow of transaction processing performed by a payment device.

As shown in fig. 8, the apparatus specifically includes:

a second receiving unit 801, configured to receive a collection request sent by a collection device;

the second processing unit 802 is configured to generate a payment password according to the collection request, send the payment password to the collection device, so that the collection device determines a target distance between the collection device and the payment device according to a first time point of sending the collection request and a second time point of receiving the payment password, and send the payment password to the payment background when the target distance is determined to be smaller than a preset threshold, where the payment background is configured to execute a corresponding transaction according to the payment password.

Optionally, the second receiving unit 801 is specifically configured to:

acquiring a third time point of receiving the collection request;

acquiring a fourth time point for sending the payment password;

Optionally, the collection request carries an encryption factor;

the second processing unit 802 is specifically configured to:

Optionally, the second processing unit 802 is specifically configured to:

Optionally, the second receiving unit 801 is specifically configured to:

Based on the same technical concept, fig. 9 exemplarily shows a structure of a transaction processing device provided by an embodiment of the present invention, which may perform a flow of transaction processing in a payment background.

As shown in fig. 9, the apparatus specifically includes:

A third receiving unit 901, configured to receive a payment password sent by a payment device, where the payment password is generated by the payment device after receiving a payment request sent by the payment device and sent to the payment device, and is sent to the payment background by the payment device when determining that a target distance between the payment device and the payment device is less than a preset threshold, where the target distance is determined by the payment terminal according to a first time point of sending the payment request and a second time point of receiving the payment password;

And a third processing unit 902, configured to execute a corresponding transaction according to the payment password.

Optionally, the third receiving unit 901 is specifically configured to:

Optionally, the third processing unit 902 is specifically configured to:

the third processing unit 902 is specifically configured to:

Optionally, the third processing unit 902 is specifically configured to:

the third processing unit 902 is specifically configured to:

Optionally, the third processing unit 902 is specifically configured to:

receiving the time-consuming time duration sent by the collection device;

Based on the same technical concept, an embodiment of the present application provides a computer device, as shown in fig. 10, including at least one processor 1001 and a memory 1002 connected to the at least one processor, where a specific connection medium between the processor 1001 and the memory 1002 is not limited in the embodiment of the present application, and in fig. 10, the processor 1001 and the memory 1002 are connected by a bus, for example. The buses may be divided into address buses, data buses, control buses, etc.

In an embodiment of the present application, the memory 1002 stores instructions executable by the at least one processor 1001, and the at least one processor 1001 may perform the steps of the transaction processing method described above by executing the instructions stored in the memory 1002.

The processor 1001 is a control center of a computer device, and may use various interfaces and lines to connect various parts of the computer device, and execute instructions stored in the memory 1002 and call data stored in the memory 1002, so as to perform transaction processing. Alternatively, the processor 1001 may include one or more processing units, and the processor 1001 may integrate an application processor and a modem processor, wherein the application processor primarily processes an operating system, a user interface, an application program, and the like, and the modem processor primarily processes wireless communication. It will be appreciated that the modem processor described above may not be integrated into the processor 1001. In some embodiments, the processor 1001 and the memory 1002 may be implemented on the same chip, and in some embodiments they may be implemented separately on separate chips.

The processor 1001 may be a general purpose processor such as a Central Processing Unit (CPU), digital signal processor, application SPECIFIC INTEGRATED Circuit (ASIC), field programmable gate array or other programmable logic device, discrete gate or transistor logic, discrete hardware components, and may implement or perform the methods, steps, and logic blocks disclosed in embodiments of the present application. The general purpose processor may be a microprocessor or any conventional processor or the like. The steps of a method disclosed in connection with the embodiments of the present application may be embodied directly in a hardware processor for execution, or in a combination of hardware and software modules in the processor for execution.

The memory 1002 is a non-volatile computer-readable storage medium that can be used to store non-volatile software programs, non-volatile computer-executable programs, and modules. The Memory 1002 may include at least one type of storage medium, and may include, for example, flash Memory, hard disk, multimedia card, card Memory, random access Memory (Random Access Memory, RAM), static random access Memory (Static Random Access Memory, SRAM), programmable Read-Only Memory (Programmable Read Only Memory, PROM), read-Only Memory (ROM), charged erasable programmable Read-Only Memory (ELECTRICALLY ERASABLE PROGRAMMABLE READ-Only Memory, EEPROM), magnetic Memory, magnetic disk, optical disk, and the like. Memory 1002 is any other medium that can be used to carry or store desired program code in the form of instructions or data structures and that can be accessed by a computer, but is not limited to such. The memory 1002 in embodiments of the present application may also be circuitry or any other device capable of performing memory functions for storing program instructions and/or data.

Based on the same technical concept, the embodiment of the present invention also provides a computer-readable storage medium storing a computer-executable program for causing a computer to execute the method of transaction processing listed in any of the above modes.

It will be appreciated by those skilled in the art that embodiments of the present application may be provided as a method, system, or computer program product. Accordingly, the present application may take the form of an entirely hardware embodiment, an entirely software embodiment or an embodiment combining software and hardware aspects. Furthermore, the present application may take the form of a computer program product embodied on one or more computer-usable storage media (including, but not limited to, disk storage, CD-ROM, optical storage, and the like) having computer-usable program code embodied therein.

The present application is described with reference to flowchart illustrations and/or block diagrams of methods, apparatus (systems) and computer program products according to the application. It will be understood that each flow and/or block of the flowchart illustrations and/or block diagrams, and combinations of flows and/or blocks in the flowchart illustrations and/or block diagrams, can be implemented by computer program instructions. These computer program instructions may be provided to a processor of a general purpose computer, special purpose computer, embedded processor, or other programmable data processing apparatus to produce a machine, such that the instructions, which execute via the processor of the computer or other programmable data processing apparatus, create means for implementing the functions specified in the flowchart flow or flows and/or block diagram block or blocks.

These computer program instructions may also be stored in a computer-readable memory that can direct a computer or other programmable data processing apparatus to function in a particular manner, such that the instructions stored in the computer-readable memory produce an article of manufacture including instruction means which implement the function specified in the flowchart flow or flows and/or block diagram block or blocks.

These computer program instructions may also be loaded onto a computer or other programmable data processing apparatus to cause a series of operational steps to be performed on the computer or other programmable apparatus to produce a computer implemented process such that the instructions which execute on the computer or other programmable apparatus provide steps for implementing the functions specified in the flowchart flow or flows and/or block diagram block or blocks.

It will be apparent to those skilled in the art that various modifications and variations can be made to the present application without departing from the spirit or scope of the application. Thus, it is intended that the present application also include such modifications and alterations insofar as they come within the scope of the appended claims or the equivalents thereof.

Claims

1. A transaction processing method, comprising:

The method comprises the steps of sending a collection request to a payment device through a first UWB message, and obtaining a first time point from a MAC layer data frame of the first UWB message, wherein the collection request carries an encryption factor so that the payment device generates a session key according to the encryption factor and an identifier of the payment device;

Receiving a payment password sent by the payment device and time-consuming time duration for generating the payment password sent by the payment device through a second UWB message, and acquiring a second time point from a MAC layer data frame of the second UWB message;

Determining a target distance between a collection device and the payment device according to the first time point, the second time point and the time consuming time duration;

If the target distance is smaller than a preset threshold value, the payment password, the encryption factor and a payment bill are sent to a payment background, wherein the payment bill comprises a scene domain and identification of a collection device, so that the payment background executes the following operations:

The method comprises the steps of judging whether the association relation between scene domains in a payment bill and identifications of collection equipment is matched with the pre-stored association relation, pre-storing the association relation between each scene domain and the corresponding identifications of the collection equipment by a payment background, generating a session key based on plaintext identifications in the payment passwords and the encryption factors if the association relation is matched with the pre-stored association relation, decrypting payment ciphertext in the payment passwords by the session key, verifying whether the binding relation between identifications of the payment equipment and the payment account information in the payment passwords is correct based on the binding relation between identifications of the payment equipment and the payment account information stored in the payment background if the decryption is successful, acquiring the first time point, the second time point and the time duration if the verification is passed, determining the target distance between the collection equipment and the payment equipment again based on the first time point, the second time point and the time duration, and executing corresponding transactions according to the payment bill and the payment passwords when the target distance is determined to be smaller than the preset threshold.

2. The method of claim 1, wherein determining a target distance between the checkout device and the payment device based on the first point in time, the second point in time, and the time period of time comprises:

3. A transaction processing method, comprising:

the method comprises the steps of receiving a collection request sent by collection equipment, carrying an encryption factor in the collection request to enable the payment equipment to generate a session key according to the encryption factor and identification of the payment equipment, encrypting the identification of the payment equipment and payment account information corresponding to the payment equipment through the session key to obtain a payment ciphertext, and generating a payment password based on the identification of the payment equipment and the payment ciphertext, wherein the encryption factor is also used for identifying the collection request;

generating a payment password and a time-consuming time period for generating the payment password according to the collection request;

Transmitting the payment password and the time-consuming time period for generating the payment password to the collection device, so that the collection device determines a target distance between the collection device and the payment device according to a first time point for transmitting the collection request and a second time point for receiving the payment password and the time-consuming time period, and transmits the payment password, the encryption factor and a payment bill to a payment background when the target distance is determined to be smaller than a preset threshold value, wherein the payment bill comprises a scene domain and identification of the collection device, so that the payment background carries out the following operations:

The method comprises the steps of judging whether the association relation between a scene domain in a payment bill and an identifier of a collection device is matched with the association relation between a prestored scene domain and the identifier of the corresponding collection device, generating a session key based on a plaintext identifier in the payment password and the encryption factor if the association relation is matched with the association relation, decrypting a payment ciphertext in the payment password by adopting the session key, verifying whether the association relation between the identifier of the payment device in the payment password and the payment account information is correct based on the identifier of each payment device stored in a payment background and the binding relation of the payment account information if the decryption is successful, acquiring the first time point, the second time point and the time consuming time length if the authentication is passed, determining a target distance between the collection device and the payment device based on the first time point, the second time point and the time consuming time length, and executing corresponding transaction according to the payment bill and the payment password when the target distance is determined to be smaller than the preset threshold value, and acquiring the association relation between the identifier of each scene domain and the collection device in the background.

4.A method as recited in claim 3, further comprising:

acquiring a third time point of receiving the collection request;

acquiring a fourth time point for sending the payment password;

5. The method of claim 4, wherein the obtaining a third point in time to receive the checkout request comprises:

The obtaining a fourth time point of sending the payment password includes:

6. A transaction processing method, comprising:

Receiving a payment password, an encryption factor and a payment bill sent by a collection device, wherein the payment password, the encryption factor and the payment bill are generated by the payment device after receiving a collection request sent by the collection device and are sent to the collection device, and are sent to a payment background by the collection device when determining that the target distance between the collection device and the payment device is smaller than a preset threshold value, the payment password is generated by the payment device in a mode of generating a session key according to the encryption factor and the identification of the payment device, encrypting the identification of the payment device and payment account information corresponding to the payment device through the session key to obtain a payment ciphertext, and generating the payment password based on the identification of the payment device and the payment ciphertext;

the encryption factor is also used for identifying the collection request, the target distance is determined by the collection device according to a first time point of sending the collection request, a time-consuming time duration of generating the payment password and a second time point of receiving the payment password, the payment bill comprises an identification of a scene domain and the collection device, and the payment background executes the following operations:

7. The method of claim 6, wherein decrypting the payment ciphertext in the payment password using the session key comprises:

and if the plaintext identification is matched with the identification of the payment equipment, determining that decryption is successful.

8. The method of claim 7, wherein decrypting the payment ciphertext with the session key to obtain the identification of the payment device comprises:

and decrypting the payment ciphertext through the session key to obtain the identification and payment account information of the payment equipment.

9. A transaction processing device, comprising:

The payment system comprises a sending unit, a payment receiving unit, a payment password generation unit and a payment password generation unit, wherein the sending unit is used for sending a payment request to a payment device through a first UWB message and acquiring a first time point from a MAC layer data frame of the first UWB message, the payment request carries an encryption factor so that the payment device generates a session key according to the encryption factor and an identifier of the payment device;

The first receiving unit is used for receiving the payment password sent by the payment device and the time-consuming time length for generating the payment password sent by the payment device through a second UWB message, and acquiring a second time point from a MAC layer data frame of the second UWB message;

a first processing unit, configured to determine a target distance between a collection device and the payment device according to the first time point, the second time point, and the time-consuming period;

10. A transaction processing device, comprising:

The payment system comprises a payment device, a second receiving unit, a payment ciphertext, a payment password, a first receiving unit, a second receiving unit and a payment password, wherein the payment device is used for receiving a payment request sent by the payment device, the payment request carries an encryption factor so that the payment device generates a session key according to the encryption factor and the identification of the payment device;

The second processing unit is used for generating a payment password and time-consuming duration for generating the payment password according to the collection request;

11. A transaction processing device, comprising:

The third receiving unit is used for receiving a payment password, an encryption factor and a payment bill sent by the collection device, wherein the payment password, the encryption factor and the payment bill are generated by the payment device after receiving a collection request sent by the collection device and are sent to the collection device, and the collection device sends the payment password to a payment background when determining that the target distance between the collection device and the payment device is smaller than a preset threshold value, and the payment password is generated by the payment device in such a way that a session key is generated according to the encryption factor and the identification of the payment device, the identification of the payment device and payment account information corresponding to the payment device are encrypted through the session key to obtain a payment ciphertext;

The encryption factor is also used for identifying the collection request, the target distance is determined by the collection device according to a first time point for sending the collection request, a time-consuming time period for generating the payment password and a second time point for receiving the payment password, the payment bill comprises a scene domain and identification of the collection device, so that the payment background can judge whether the association relationship between the scene domain and the identification of the collection device in the payment bill is matched with the association relationship between a pre-stored scene domain and the identification of the corresponding collection device;

The third processing unit is used for generating a session key based on a plaintext identifier in the payment password and the encryption factor if the session key is matched, decrypting a payment ciphertext in the payment password by adopting the session key, if the session key is successfully decrypted, verifying whether the binding relationship between the identifier of the payment device in the payment password and the payment account information is correct or not based on the binding relationship between the identifier of each payment device and the payment account information stored in the payment background, if the authentication is passed, acquiring the first time point, the second time point and the time-consuming time length, determining a target distance between the collection device and the payment device based on the first time point, the second time point and the time-consuming time length, and executing corresponding transaction based on the payment bill and the payment password when the target distance is determined to be smaller than the preset threshold value, wherein the payment background pre-stores the association relationship between each scene domain and the identifier of the corresponding collection device.

12. A computer device, comprising:

A memory for storing a computer program;

a processor for invoking a computer program stored in said memory, performing the method according to any of claims 1 to 8 in accordance with the obtained program.

13. A computer-readable storage medium, characterized in that the computer-readable storage medium stores a computer-executable program for causing a computer to execute the method of any one of claims 1 to 8.