CN113837744B - Transaction data processing method, transaction data processing system and terminal - Google Patents
Transaction data processing method, transaction data processing system and terminal Download PDFInfo
- Publication number
- CN113837744B CN113837744B CN202010586087.0A CN202010586087A CN113837744B CN 113837744 B CN113837744 B CN 113837744B CN 202010586087 A CN202010586087 A CN 202010586087A CN 113837744 B CN113837744 B CN 113837744B
- Authority
- CN
- China
- Prior art keywords
- terminal
- communication
- transaction
- communication channel
- key
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Active
Links
Classifications
-
- G—PHYSICS
- G06—COMPUTING OR CALCULATING; COUNTING
- G06Q—INFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES, NOT OTHERWISE PROVIDED FOR
- G06Q20/00—Payment architectures, schemes or protocols
- G06Q20/08—Payment architectures
- G06Q20/20—Point-of-sale [POS] network systems
- G06Q20/206—Point-of-sale [POS] network systems comprising security or operator identification provisions, e.g. password entry
-
- G—PHYSICS
- G06—COMPUTING OR CALCULATING; COUNTING
- G06Q—INFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES, NOT OTHERWISE PROVIDED FOR
- G06Q20/00—Payment architectures, schemes or protocols
- G06Q20/38—Payment protocols; Details thereof
- G06Q20/382—Payment protocols; Details thereof insuring higher security of transaction
- G06Q20/3829—Payment protocols; Details thereof insuring higher security of transaction involving key management
-
- G—PHYSICS
- G06—COMPUTING OR CALCULATING; COUNTING
- G06Q—INFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES, NOT OTHERWISE PROVIDED FOR
- G06Q20/00—Payment architectures, schemes or protocols
- G06Q20/38—Payment protocols; Details thereof
- G06Q20/40—Authorisation, e.g. identification of payer or payee, verification of customer or shop credentials; Review and approval of payers, e.g. check credit lines or negative lists
- G06Q20/401—Transaction verification
- G06Q20/4014—Identity check for transactions
-
- G—PHYSICS
- G06—COMPUTING OR CALCULATING; COUNTING
- G06Q—INFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES, NOT OTHERWISE PROVIDED FOR
- G06Q20/00—Payment architectures, schemes or protocols
- G06Q20/30—Payment architectures, schemes or protocols characterised by the use of specific devices or networks
- G06Q20/32—Payment architectures, schemes or protocols characterised by the use of specific devices or networks using wireless devices
- G06Q20/327—Short range or proximity payments by means of M-devices
- G06Q20/3274—Short range or proximity payments by means of M-devices using a pictured code, e.g. barcode or QR-code, being displayed on the M-device
-
- G—PHYSICS
- G06—COMPUTING OR CALCULATING; COUNTING
- G06Q—INFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES, NOT OTHERWISE PROVIDED FOR
- G06Q20/00—Payment architectures, schemes or protocols
- G06Q20/30—Payment architectures, schemes or protocols characterised by the use of specific devices or networks
- G06Q20/32—Payment architectures, schemes or protocols characterised by the use of specific devices or networks using wireless devices
- G06Q20/327—Short range or proximity payments by means of M-devices
- G06Q20/3276—Short range or proximity payments by means of M-devices using a pictured code, e.g. barcode or QR-code, being read by the M-device
-
- G—PHYSICS
- G06—COMPUTING OR CALCULATING; COUNTING
- G06Q—INFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES, NOT OTHERWISE PROVIDED FOR
- G06Q20/00—Payment architectures, schemes or protocols
- G06Q20/30—Payment architectures, schemes or protocols characterised by the use of specific devices or networks
- G06Q20/32—Payment architectures, schemes or protocols characterised by the use of specific devices or networks using wireless devices
- G06Q20/327—Short range or proximity payments by means of M-devices
- G06Q20/3278—RFID or NFC payments by means of M-devices
Landscapes
- Business, Economics & Management (AREA)
- Engineering & Computer Science (AREA)
- Accounting & Taxation (AREA)
- Computer Security & Cryptography (AREA)
- Finance (AREA)
- Strategic Management (AREA)
- Physics & Mathematics (AREA)
- General Business, Economics & Management (AREA)
- General Physics & Mathematics (AREA)
- Theoretical Computer Science (AREA)
- Mobile Radio Communication Systems (AREA)
- Telephone Function (AREA)
Abstract
本发明涉及交易数据处理方法。该方法包括:第一终端产生交易密码输入要求;第一终端和第二终端之间基于第一触发事件建立第一通信通道,通过第一通信通道从第一终端将第一终端的标签信息发送到第二终端;基于标签信息中包含的通信连接信息建立第一终端和第二终端之间的第二通道;基于所述触发事件,第二终端具备的密码键盘被唤起,所述密码键盘被用于用户输入交易密码;将从所述密码键盘输入的交易密码通过所述第二通信通道发送到第一终端;以及第一终端基于获得的交易密码完成交易。根据本发明,不需要在商户终端输入密码,而可以在用户终端输入密码来完成交易。
The present invention relates to a transaction data processing method. The method comprises: a first terminal generates a transaction password input requirement; a first communication channel is established between the first terminal and the second terminal based on a first trigger event, and the tag information of the first terminal is sent from the first terminal to the second terminal through the first communication channel; a second channel is established between the first terminal and the second terminal based on the communication connection information contained in the tag information; based on the trigger event, a password keyboard provided by the second terminal is awakened, and the password keyboard is used by the user to input a transaction password; the transaction password input from the password keyboard is sent to the first terminal through the second communication channel; and the first terminal completes the transaction based on the obtained transaction password. According to the present invention, it is not necessary to input a password at a merchant terminal, but the password can be input at a user terminal to complete the transaction.
Description
技术领域Technical Field
本发明涉及计算机技术,具体地涉及一种交易数据处理方法、交易数据处理系统以及终端。The present invention relates to computer technology, and in particular to a transaction data processing method, a transaction data processing system and a terminal.
背景技术Background technique
在现有技术中,某些手机钱包已集成手机POS功能。商户在手机上使用手机钱包,将商家手机作为手机POS,输入交易金额发起收款,消费者在商家手机上刷银行卡,手机POS弹出密码键盘,消费者要在商家的手机上输入交易密码。图1是表示现有技术中在商家手机上输入交易密码情形下的示意图。In the prior art, some mobile wallets have integrated mobile POS functions. Merchants use mobile wallets on their mobile phones, use the merchant's mobile phone as a mobile POS, enter the transaction amount to initiate payment, and consumers swipe their bank cards on the merchant's mobile phone. The mobile POS pops up a password keyboard, and the consumer has to enter the transaction password on the merchant's mobile phone. Figure 1 is a schematic diagram showing the situation of entering a transaction password on a merchant's mobile phone in the prior art.
目前阶段缺少消费者不要在别人的手机(商户手机)上输入自己的交易密码的方案。At the current stage, there is a lack of solutions to prevent consumers from entering their transaction passwords on other people’s phones (merchant phones).
发明内容Summary of the invention
鉴于上述问题,本发明旨在提出一种不需要在商户终端输入交易密码而能够实现交易的交易数据处理方法、交易数据处理系统以及终端。In view of the above problems, the present invention aims to provide a transaction data processing method, a transaction data processing system and a terminal that can realize transactions without inputting a transaction password at a merchant terminal.
本发明的一方面的交易数据处理方法,其特征在于,包括:A transaction data processing method according to one aspect of the present invention is characterized by comprising:
输入要求步骤,第一终端产生交易密码输入要求;In a request input step, the first terminal generates a transaction password input request;
第一通道建立步骤,第一终端和第二终端之间基于触发事件建立第一通信通道,通过第一通信通道从第一终端将标签信息发送到第二终端,其中,标签信息中包含通信连接信息和订单信息;A first channel establishment step, in which a first communication channel is established between the first terminal and the second terminal based on a trigger event, and label information is sent from the first terminal to the second terminal through the first communication channel, wherein the label information includes communication connection information and order information;
第二通道建立步骤,基于所述通信连接信息建立第一终端和第二终端之间的第二通信通道;A second channel establishing step, establishing a second communication channel between the first terminal and the second terminal based on the communication connection information;
键盘唤起步骤,基于所述触发事件,第二终端具备的密码键盘被唤起,所述密码键盘被用于用户输入交易密码;A keyboard awakening step, based on the triggering event, awakening a password keyboard provided in the second terminal, wherein the password keyboard is used by the user to input a transaction password;
密码发送步骤,将从所述密码键盘输入的交易密码通过所述第二通信通道发送到第一终端;以及A password sending step, sending the transaction password input from the password keyboard to the first terminal through the second communication channel; and
交易执行步骤,第一终端基于获得的交易密码执行交易。In the transaction execution step, the first terminal executes the transaction based on the obtained transaction password.
可选地,在所述第二通道建立步骤和所述密码发送步骤之间进一步包括:Optionally, the second channel establishing step and the password sending step further include:
鉴权协商步骤,在第二终端和第一终端之间通过所述第二通信通道实现鉴权并通过密钥协商获得通信密钥。The authentication negotiation step is to implement authentication between the second terminal and the first terminal through the second communication channel and obtain a communication key through key negotiation.
可选地,在所述密码发送步骤中,第二终端采用所述通信密钥加密所述交易密码后发送到第一终端。Optionally, in the password sending step, the second terminal encrypts the transaction password using the communication key and then sends it to the first terminal.
可选地,所述第一通信通道是NFC通道,所述第二通信通道是蓝牙通道。Optionally, the first communication channel is an NFC channel, and the second communication channel is a Bluetooth channel.
可选地,在所述键盘唤起步骤中,第二终端具备的多个密码键盘被唤起并选择其中之一。Optionally, in the keyboard awakening step, a plurality of PIN keyboards provided in the second terminal are awakened and one of them is selected.
可选地,所述触发事件为NFC触发事件。Optionally, the trigger event is an NFC trigger event.
可选地,所述触发事件为二维码扫码触发事件。Optionally, the trigger event is a QR code scanning trigger event.
本发明的交易数据处理方法,其特征在于,包括:The transaction data processing method of the present invention is characterized by comprising:
输入要求步骤,产生交易密码输入要求;Input requirement step, generating transaction password input requirement;
第一通道建立步骤,基于触发事件与外部终端建立第一通信通道,其中,通过第一通信通道将标签信息发送到外部终端,其中,标签信息中包含通信连接信息和订单信息;A first channel establishment step, establishing a first communication channel with an external terminal based on a triggering event, wherein label information is sent to the external terminal through the first communication channel, wherein the label information includes communication connection information and order information;
第二通道建立步骤,基于所述通信连接信息建立第二通信通道;A second channel establishing step, establishing a second communication channel based on the communication connection information;
密码获取步骤,获取从所述外部终端通过所述第二通信通道发送来的交易密码;以及a password obtaining step of obtaining the transaction password sent from the external terminal through the second communication channel; and
交易执行步骤,基于获得的交易密码执行交易。The transaction execution step executes the transaction based on the obtained transaction password.
可选地,在所述第二通道建立步骤和所述密码发送步骤之间进一步包括:Optionally, the second channel establishing step and the password sending step further include:
鉴权协商步骤,与外部终端之间通过所述第二通信通道实现鉴权并通过密钥协商获得通信密钥。The authentication negotiation step is to realize authentication with the external terminal through the second communication channel and obtain the communication key through key negotiation.
可选地,在所述密码获取步骤中,获取从上述外部终端发送来的用所述通信密钥加密后的交易密码。Optionally, in the password acquisition step, a transaction password encrypted with the communication key and sent from the external terminal is acquired.
可选地,所述第一通信通道是NFC通道,所述第二通信通道是蓝牙通道。Optionally, the first communication channel is an NFC channel, and the second communication channel is a Bluetooth channel.
可选地,所述触发事件为NFC触发事件。Optionally, the trigger event is an NFC trigger event.
可选地,所述触发事件为二维码扫码触发事件。Optionally, the trigger event is a QR code scanning trigger event.
本发明的交易数据处理方法,其特征在于,包括:The transaction data processing method of the present invention is characterized by comprising:
第一通道建立步骤,与外部终端之间基于触发事件建立第一通信通道,通过第一通信通道从外部终端获得标签信息,其中所述标签信息包括通信连接信息和订单信息;A first channel establishment step, establishing a first communication channel with an external terminal based on a trigger event, and obtaining label information from the external terminal through the first communication channel, wherein the label information includes communication connection information and order information;
第二通道建立步骤,基于所述通信连接信息建立与外部终端之间的第二通信通道;A second channel establishing step, establishing a second communication channel with an external terminal based on the communication connection information;
键盘唤起步骤,基于所述触发事件,唤起密码键盘,所述密码键盘被用于用户输入交易密码;以及A keyboard awakening step, based on the trigger event, awakening the PIN keyboard, the PIN keyboard is used by the user to input the transaction password; and
密码发送步骤,将从所述密码键盘输入的交易密码通过所述第二通信通道发送到外部终端。The password sending step sends the transaction password input from the password keyboard to the external terminal through the second communication channel.
可选地,在所述第二通道建立步骤和所述密码发送步骤之间进一步包括:Optionally, the second channel establishing step and the password sending step further include:
鉴权协商步骤,与外部终端之间通过所述第二通信通道实现鉴权并通过密钥协商获得通信密钥,an authentication negotiation step, achieving authentication with the external terminal through the second communication channel and obtaining a communication key through key negotiation,
在所述密码发送步骤中,采用所述通信密钥加密所述交易密码后发送到外部终端。In the password sending step, the transaction password is encrypted with the communication key and then sent to an external terminal.
可选地,所述第一通信通道是NFC通道,所述第二通信通道是蓝牙通道。Optionally, the first communication channel is an NFC channel, and the second communication channel is a Bluetooth channel.
可选地,在所述键盘唤起步骤中,多个密码键盘被唤起并选择其中之一。Optionally, in the keyboard awakening step, multiple password keyboards are awakened and one of them is selected.
可选地,所述触发事件为NFC触发事件。Optionally, the trigger event is an NFC trigger event.
可选地,所述触发事件为二维码扫码触发事件。Optionally, the trigger event is a QR code scanning trigger event.
本发明的交易数据处理方法,其特征在于,包括:The transaction data processing method of the present invention is characterized by comprising:
输入要求步骤,第一终端产生交易密码输入要求;In a request input step, the first terminal generates a transaction password input request;
第一通道建立步骤,第一终端和第二终端之间基于触发事件建立第一通信通道,通过第一通信通道从第一终端将标签信息发送到第二终端,其中,标签信息中包含通信连接信息和订单信息;A first channel establishment step, in which a first communication channel is established between the first terminal and the second terminal based on a trigger event, and label information is sent from the first terminal to the second terminal through the first communication channel, wherein the label information includes communication connection information and order information;
第二通道建立步骤,基于所述通信连接信息建立第一终端和第二终端之间的第二通道;A second channel establishing step, establishing a second channel between the first terminal and the second terminal based on the communication connection information;
键盘唤起步骤,基于所述触发事件,第二终端具备的密码键盘被唤起,所述密码键盘被用于用户输入交易密码;以及a keyboard awakening step, based on the triggering event, awakening a PIN keyboard provided in the second terminal, wherein the PIN keyboard is used by the user to input a transaction password; and
密码发送步骤,第二终端将通过所述密码键盘输入的交易密码以及订单信息从第二终端发送到由所述订单信息指向的服务端。In the password sending step, the second terminal sends the transaction password and the order information input through the password keyboard from the second terminal to the service end pointed to by the order information.
可选地,在所述键盘唤起步骤中,第二终端具备的多个密码键盘以供用户选择其中之一。Optionally, in the keyboard awakening step, the second terminal is provided with a plurality of password keyboards for the user to select one of them.
可选地,所述触发事件为NFC触发事件。Optionally, the trigger event is an NFC trigger event.
可选地,所述触发事件为二维码扫码触发事件。Optionally, the trigger event is a QR code scanning trigger event.
本发明的交易数据处理系统,其特征在于,包括商户终端和用户终端,The transaction data processing system of the present invention is characterized by comprising a merchant terminal and a user terminal,
其中,所述商户终端包括:Wherein, the merchant terminal includes:
交易模块,用于产生交易密码输入要求并且基于交易信息以及获得的交易密码执行交易;A transaction module, for generating a transaction password input requirement and executing a transaction based on the transaction information and the obtained transaction password;
第一商户通信模块,用于与所述用户终端之间建立第一通信通道,其中,基于触发事件被触发建立第一通信通道,通过第一通信通道将标签信息从商户终端发送到用户终端,其中,标签信息中包含通信连接信息和订单信息;以及A first merchant communication module, configured to establish a first communication channel with the user terminal, wherein the first communication channel is established based on a triggering event, and tag information is sent from the merchant terminal to the user terminal through the first communication channel, wherein the tag information includes communication connection information and order information; and
第二商户通信模块,用于基于所述通信连接西悉尼与所述用户终端之间建立第二通信通道并用于接收来自所述用户终端的交易密码,A second merchant communication module is used to establish a second communication channel between Western Sydney and the user terminal based on the communication connection and to receive a transaction password from the user terminal.
所述用户终端包括:The user terminal comprises:
第一用户通信模块,用于与商户终端之间建立第一通信通道;A first user communication module, used to establish a first communication channel with a merchant terminal;
密码键盘模块,基于所述触发事件被唤起并提供用户输入交易密码用的密码键盘;A password keyboard module, which is aroused based on the trigger event and provides a password keyboard for the user to input the transaction password;
第二用户通信模块,用于与商户终端之间建立第二通信通道并将通过所述密码键盘输入的交易密码通过所述第二通信通道发送到商户终端。The second user communication module is used to establish a second communication channel with the merchant terminal and send the transaction password input through the password keyboard to the merchant terminal through the second communication channel.
可选地,所述第二用户通信模块还用于与所述第二商户通信模块之间实现鉴权协商,以使得在所述第二商户通信模块与第二用户通信模块之间通过所述第二通信通道实现鉴权并通过密钥协商获得通信密钥,Optionally, the second user communication module is further used to implement authentication negotiation with the second merchant communication module, so that authentication is implemented between the second merchant communication module and the second user communication module through the second communication channel and a communication key is obtained through key negotiation.
所述用户终端进一步包括加密模块,用于采用所述通信密钥对通过所述密码键盘输入的交易密码进行加密,The user terminal further comprises an encryption module, which is used to encrypt the transaction password input through the password keyboard using the communication key.
所述第二用户通信模块将加密后的交易密码发送到所述商户终端。The second user communication module sends the encrypted transaction password to the merchant terminal.
可选地,所述第一通信通道是NFC通道,所述第二通信通道是蓝牙通道。Optionally, the first communication channel is an NFC channel, and the second communication channel is a Bluetooth channel.
本发明的商户终端,其特征在于,包括:The merchant terminal of the present invention is characterized by comprising:
交易模块,用于产生交易密码输入要求并且基于交易信息以及获得的交易密码执行交易;以及a transaction module, configured to generate a transaction password input requirement and execute a transaction based on the transaction information and the obtained transaction password; and
第一商户通信模块,用于与外部终端之间建立第一通信通道,其中,基于触发事件被触发建立第一通信通道,通过第一通信通道将标签信息发送到外部终端,其中,标签信息中包含通信连接信息和订单信息;A first merchant communication module, configured to establish a first communication channel with an external terminal, wherein the first communication channel is established based on a triggering event, and tag information is sent to the external terminal through the first communication channel, wherein the tag information includes communication connection information and order information;
第二商户通信模块,用于与所述外部终端之间基于所述通信连接信息建立第二通信通道并且用于接收来自所述外部终端的交易密码。The second merchant communication module is used to establish a second communication channel with the external terminal based on the communication connection information and to receive a transaction password from the external terminal.
本发明的用户终端,其特征在于,包括:The user terminal of the present invention is characterized by comprising:
第一用户通信模块,用于与外部终端之间建立第一通信通道,通过第一通信通道从外部终端接收标签信息,其中,标签信息中包含通信连接信息和订单信息;A first user communication module, used to establish a first communication channel with an external terminal, and receive label information from the external terminal through the first communication channel, wherein the label information includes communication connection information and order information;
密码键盘模块,基于触发事件被唤起并提供密码键盘;以及A PIN pad module is invoked based on a trigger event and provides a PIN pad; and
第二用户通信模块,用于与外部终端之间基于所述通信连接信息建立第二通信通道并将通过所述密码键盘输入的交易密码通过所述第二通信通道发送到外部终端。The second user communication module is used to establish a second communication channel with the external terminal based on the communication connection information and send the transaction password input through the password keyboard to the external terminal through the second communication channel.
本发明的交易数据处理系统,其特征在于,包括商户终端和用户终端,The transaction data processing system of the present invention is characterized by comprising a merchant terminal and a user terminal,
其中,所述商户终端包括:Wherein, the merchant terminal includes:
交易模块,用于产生交易密码输入要求并且基于交易信息以及获得的交易密码执行交易;A transaction module, for generating a transaction password input requirement and executing a transaction based on the transaction information and the obtained transaction password;
二维码模块,用于以二维码图片形式展示标签信息,其中,标签信息中包含通信连接信息和订单信息;以及A QR code module, used to display label information in the form of a QR code image, wherein the label information includes communication connection information and order information; and
商户通信模块,用于与用户终端之间建立基于所述通信连接信息通信通道并用于接收来自用户终端的交易密码,A merchant communication module, used to establish a communication channel based on the communication connection information with the user terminal and to receive a transaction password from the user terminal,
其中,所述用户终端包括:Wherein, the user terminal includes:
信息接收模块,用于通过扫描二维码图片获得所述标签信息;An information receiving module, used to obtain the label information by scanning a QR code image;
密码键盘模块,基于二维码扫描事件被唤起并提供密码键盘;以及A password keyboard module is invoked based on a QR code scanning event and provides a password keyboard; and
用户通信模块,用于与所述商户终端之间通过所述通信连接信息建立通信通道并将通过所述密码键盘输入的交易密码通过所述通信通道发送到商户终端。The user communication module is used to establish a communication channel with the merchant terminal through the communication connection information and send the transaction password input through the password keyboard to the merchant terminal through the communication channel.
可选地,所述用户通信模块还用于与所述商户通信模块之间实现鉴权协商,以使得在所述商户通信模块与用户通信模块之间通过所述通信通道实现鉴权并通过密钥协商获得将通信密钥发送给商户通信模块,所述用户终端进一步包括:加密模块,用于采用所述通信密钥对通过所述密码键盘输入的交易密码进行加密。Optionally, the user communication module is also used to implement authentication negotiation with the merchant communication module, so that authentication is achieved between the merchant communication module and the user communication module through the communication channel and the communication key is obtained through key negotiation and sent to the merchant communication module. The user terminal further includes: an encryption module, which is used to use the communication key to encrypt the transaction password entered through the password keyboard.
本发明的商户终端,其特征在于,包括:The merchant terminal of the present invention is characterized by comprising:
交易模块,用于产生交易密码输入要求并且基于交易信息以及获得的交易密码执行交易;A transaction module, for generating a transaction password input requirement and executing a transaction based on the transaction information and the obtained transaction password;
二维码模块,用于以二维码图片形式展示标签信息,其中,标签信息中包含通信连接信息和订单信息;以及A QR code module, used to display label information in the form of a QR code image, wherein the label information includes communication connection information and order information; and
商户通信模块,用于与外部终端之间建立通信通道并用于接收来自外部终端的交易密码。The merchant communication module is used to establish a communication channel with an external terminal and to receive a transaction password from the external terminal.
本发明的用户终端,其特征在于,包括:The user terminal of the present invention is characterized by comprising:
信息接收模块,用于通过扫描二维码图片获得外部终端提供的标签信息,其中,标签信息中包含通信连接信息和订单信息;An information receiving module, used to obtain label information provided by an external terminal by scanning a QR code image, wherein the label information includes communication connection information and order information;
密码键盘模块,基于二维码扫描事件被唤起并提供密码键盘,用于用户输入交易密码;以及A password keyboard module is invoked based on a QR code scanning event and provides a password keyboard for a user to input a transaction password; and
用户通信模块,用于与所述外部终端之间基于所述通信连接信息建立通信通道并将通过所述密码键盘输入的交易密码通过所述通信通道发送到外部终端。The user communication module is used to establish a communication channel with the external terminal based on the communication connection information and send the transaction password input through the password keyboard to the external terminal through the communication channel.
本发明的交易数据处理系统,其特征在于,包括商户终端和和用户终端,其特征在于,The transaction data processing system of the present invention is characterized in that it includes a merchant terminal and a user terminal, and is characterized in that:
其中,所述商户终端包括:Wherein, the merchant terminal includes:
交易模块,用于产生交易密码输入要求;A transaction module, used to generate transaction password input requirements;
第一商户通信模块,用于与所述用户终端之间建立第一通信通道,其中,基于触发事件被触发建立第一通信通道,通过第一通信通道将标签信息发送到用户终端,其中,标签信息中包含通信连接信息和订单信息;以及A first merchant communication module, configured to establish a first communication channel with the user terminal, wherein the first communication channel is established based on a triggering event, and tag information is sent to the user terminal through the first communication channel, wherein the tag information includes communication connection information and order information; and
第二商户通信模块,用于与所述用户终端之间基于所述通信连接信息建立第二通信通道,A second merchant communication module is used to establish a second communication channel with the user terminal based on the communication connection information,
所述用户终端包括:The user terminal comprises:
第一用户通信模块,用于与所述商户终端之间建立第一通信通道,通过第一通信通道从商户终端接收所述标签信息;A first user communication module, configured to establish a first communication channel with the merchant terminal and receive the tag information from the merchant terminal through the first communication channel;
密码键盘模块,基于所述触发事件被唤起并提供密码键盘;以及A PIN pad module is invoked based on the trigger event and provides a PIN pad; and
第二用户通信模块,用于与所述商户终端之间基于所述通信连接信息建立第二通信通道并将下述的交易结果通过所述第二通信通道发送到商户终端;以及A second user communication module, configured to establish a second communication channel with the merchant terminal based on the communication connection information and send the following transaction result to the merchant terminal through the second communication channel; and
第三户通信模块,用于与外部的服务端进行通信将与交易相关的信息发送到服务端并且接受来自服务端的交易结果。The third communication module is used to communicate with an external server to send transaction-related information to the server and receive transaction results from the server.
本发明的商户终端,其特征在于,包括:The merchant terminal of the present invention is characterized by comprising:
交易模块,用于产生交易密码输入要求;A transaction module, used to generate transaction password input requirements;
第一商户通信模块,用于与外部终端之间建立第一通信通道,其中,基于触发事件被触发建立第一通信通道,通过第一通信通道将标签信息发送到外部终端,其中,标签信息中包含通信连接信息和订单信息;以及A first merchant communication module, configured to establish a first communication channel with an external terminal, wherein the first communication channel is established based on a triggering event, and tag information is sent to the external terminal through the first communication channel, wherein the tag information includes communication connection information and order information; and
第二商户通信模块,用于与外部终端之间基于所述通信连接信息建立第二通信通道。The second merchant communication module is used to establish a second communication channel with the external terminal based on the communication connection information.
本发明的用户终端,其特征在于,包括:The user terminal of the present invention is characterized by comprising:
第一用户通信模块,用于与外部终端之间建立第一通信通道,通过第一通信通道从外部终端接收所述标签信息,其中,标签信息中包含通信连接信息和订单信息;A first user communication module, used to establish a first communication channel with an external terminal, and receive the label information from the external terminal through the first communication channel, wherein the label information includes communication connection information and order information;
密码键盘模块,基于所述触发事件被唤起并提供密码键盘;以及A PIN pad module is invoked based on the trigger event and provides a PIN pad; and
第二用户通信模块,用于与外部终端之间基于所述通信连接信息建立第二通信通道并将下述的交易结果通过所述第二通信通道发送到外部终端;以及A second user communication module, configured to establish a second communication channel with an external terminal based on the communication connection information and send the following transaction results to the external terminal through the second communication channel; and
第三用户通信模块,用于与外部的服务端进行通信将与交易相关的信息发送到服务端并且接受来自服务端的交易结果。The third user communication module is used to communicate with an external server to send transaction-related information to the server and receive transaction results from the server.
本发明的计算机可读介质,其上存储有计算机程序,其特征在于,The computer readable medium of the present invention stores a computer program thereon, characterized in that:
该计算机程序被处理器执行时实现上述的交易数据处理方法。When the computer program is executed by a processor, the above-mentioned transaction data processing method is implemented.
本发明的计算机设备,包括存储模块、处理器以及存储在存储模块上并可在处理器上运行的计算机程序,其特征在于,所述处理器执行所述计算机程序时实现上述的交易数据处理方法。The computer device of the present invention comprises a storage module, a processor and a computer program stored in the storage module and executable on the processor, and is characterized in that the processor implements the above-mentioned transaction data processing method when executing the computer program.
如上所述,根据发明的交易数据处理方法、交易数据处理系统以及终端,不需要在商户终端输入密码,而可以在用户终端输入密码来完成交易。As described above, according to the transaction data processing method, transaction data processing system and terminal of the invention, it is not necessary to input a password at the merchant terminal, but the password can be input at the user terminal to complete the transaction.
附图说明BRIEF DESCRIPTION OF THE DRAWINGS
图1是表示现有技术中在商家手机上输入交易密码情形下的示意图。FIG. 1 is a schematic diagram showing a situation in which a transaction password is input on a merchant's mobile phone in the prior art.
图2是表示本发明的交易数据处理方法的流程概要示意图。FIG. 2 is a schematic diagram showing an overview of the process of the transaction data processing method of the present invention.
图3是表示本发明的第一实施方式的交易数据处理方法的流程示意图。FIG. 3 is a schematic flow chart showing a transaction data processing method according to the first embodiment of the present invention.
图4是表示本发明的第一实施方式的交易数据处理方法的具体流程图。FIG. 4 is a specific flowchart showing the transaction data processing method according to the first embodiment of the present invention.
图5是表示鉴权和通信密钥的生成过程示意图。FIG5 is a schematic diagram showing the process of generating authentication and communication keys.
图6是表示本发明的第一实施方式的交易数据处理系统的结构框图。FIG. 6 is a block diagram showing the structure of a transaction data processing system according to the first embodiment of the present invention.
图7是表示本发明的第二实施方式的交易数据处理方法的流程示意图。FIG. 7 is a schematic flow chart showing a transaction data processing method according to a second embodiment of the present invention.
图8是表示本发明的第二实施方式的交易数据处理系统的结构框图。FIG8 is a block diagram showing the structure of a transaction data processing system according to a second embodiment of the present invention.
图9是表示本发明的第三实施方式的交易数据处理方法的流程示意图。FIG. 9 is a schematic flow chart showing a transaction data processing method according to a third embodiment of the present invention.
图10是表示本发明的第三实施方式的交易数据处理系统的结构框图。FIG. 10 is a block diagram showing the structure of a transaction data processing system according to a third embodiment of the present invention.
具体实施方式Detailed ways
下面介绍的是本发明的多个实施例中的一些,旨在提供对本发明的基本了解。并不旨在确认本发明的关键或决定性的要素或限定所要保护的范围。The following describes some of the various embodiments of the present invention, which are intended to provide a basic understanding of the present invention, but are not intended to identify the key or decisive elements of the present invention or to limit the scope of protection.
出于简洁和说明性目的,本文主要参考其示范实施例来描述本发明的原理。但是,本领域技术人员将容易地认识到,相同的原理可等效地应用于所有类型的交易数据处理方法、交易数据处理系统以及终端,并且可以在其中实施这些相同的原理,以及任何此类变化不背离本专利申请的真实精神和范围。For the purpose of brevity and illustration, the principles of the present invention are described herein mainly with reference to its exemplary embodiments. However, those skilled in the art will readily recognize that the same principles are equally applicable to all types of transaction data processing methods, transaction data processing systems, and terminals, and that these same principles can be implemented therein, and that any such changes do not depart from the true spirit and scope of the present patent application.
而且,在下文描述中,参考了附图,这些附图图示特定的示范实施例。在不背离本发明的精神和范围的前提下可以对这些实施例进行电、机械、逻辑和结构上的更改。此外,虽然本发明的特征是结合若干实施/实施例的仅其中之一来公开的,但是如针对任何给定或可识别的功能可能是期望和/或有利的,可以将此特征与其他实施/实施例的一个或多个其他特征进行组合。因此,下文描述不应视为在限制意义上的,并且本发明的范围由所附权利要求及其等效物来定义。Moreover, in the following description, reference is made to the accompanying drawings, which illustrate specific exemplary embodiments. Electrical, mechanical, logical and structural changes may be made to these embodiments without departing from the spirit and scope of the present invention. In addition, although the features of the present invention are disclosed in conjunction with only one of several implementations/embodiments, this feature may be combined with one or more other features of other implementations/embodiments as may be desirable and/or advantageous for any given or identifiable function. Therefore, the following description should not be regarded as limiting, and the scope of the present invention is defined by the appended claims and their equivalents.
诸如“具备”和“包括”之类的用语表示除了具有在说明书和权利要求书中有直接和明确表述的单元(模块)和步骤以外,本发明的技术方案也不排除具有未被直接或明确表述的其它单元(模块)和步骤的情形。Terms such as “having” and “including” indicate that in addition to the units (modules) and steps directly and explicitly stated in the specification and claims, the technical solution of the present invention does not exclude the situation where it has other units (modules) and steps that are not directly or explicitly stated.
图2是表示本发明的交易数据处理方法的流程的概要示意图。FIG. 2 is a schematic diagram showing a general flow of the transaction data processing method of the present invention.
如图2所示,本发明的交易数据处理方法包括以下步骤:As shown in FIG2 , the transaction data processing method of the present invention comprises the following steps:
步骤S100:在第一终端和第二终端之间基于第一触发事件建立第一通信通道,通过第一通信通道从第一终端将标签信息发送到第二终端,其中,标签信息中包含通信连接信息和订单信息;Step S100: establishing a first communication channel between the first terminal and the second terminal based on a first trigger event, and sending label information from the first terminal to the second terminal through the first communication channel, wherein the label information includes communication connection information and order information;
步骤S200:基于所述通信连接信息建立第一终端和第二终端之间的第二通道;Step S200: establishing a second channel between the first terminal and the second terminal based on the communication connection information;
步骤S300:基于所述触发事件,第二终端所具备的密码键盘被唤起,所述密码键盘被用于用户输入交易密码;Step S300: Based on the trigger event, the PIN keyboard of the second terminal is awakened, and the PIN keyboard is used by the user to input the transaction password;
步骤S400:将从所述密码键盘输入的交易密码通过所述第二通信通道发送到第一终端;以及Step S400: sending the transaction password input from the password keyboard to the first terminal through the second communication channel; and
步骤S500:第一终端基于获得的交易密码以及订单信息等执行交易。Step S500: The first terminal executes the transaction based on the obtained transaction password and order information.
进一步,为了确保交易密码传输的安全性,进一步采取对交易密码进行加密的方式来传输交易密码。Furthermore, in order to ensure the security of the transaction password transmission, the transaction password is further encrypted to transmit the transaction password.
这里,作为优选方式,在步骤S200和步骤S300之间进一步增加设置:鉴权协商步骤,在第二终端和第一终端之间通过所述第二通信通道实现鉴权并通过密钥协商获得通信密钥。Here, as a preferred method, a setting is further added between step S200 and step S300: an authentication negotiation step, in which authentication is implemented between the second terminal and the first terminal through the second communication channel and a communication key is obtained through key negotiation.
这样,在步骤S400中,第二终端采用获得的通信密钥加密所述交易密码后发送到第一终端。Thus, in step S400, the second terminal encrypts the transaction password using the acquired communication key and sends the encrypted password to the first terminal.
其中,作为一个示例,第一通信通道是NFC通道,第二通信通道是蓝牙通道。As an example, the first communication channel is an NFC channel, and the second communication channel is a Bluetooth channel.
在步骤S300中,第二终端具备的多个密码键盘被唤起并由用户选择其中之一。In step S300, a plurality of PIN pads provided in the second terminal are called up and one of them is selected by the user.
作为一个示例,触发事件为NFC触发,作为再一个示例,触发事件为二维码扫码触发。As an example, the trigger event is NFC triggering, and as another example, the trigger event is QR code scanning triggering.
接着,对于本发明的第一实施方式的交易数据处理方法以及本发明的第一实施方式的交易数据处理系统进行具体说明。Next, the transaction data processing method according to the first embodiment of the present invention and the transaction data processing system according to the first embodiment of the present invention will be described in detail.
第一实施方式First embodiment
图3是表示本发明的第一实施方式的交易数据处理方法的流程示意图。FIG. 3 is a schematic flow chart showing a transaction data processing method according to the first embodiment of the present invention.
在第一实施方式中以在商户和消费者之间通过消费者手机和商户手机实现的交易数据处理方法为例进行说明。In the first embodiment, a transaction data processing method implemented between a merchant and a consumer through a consumer mobile phone and a merchant mobile phone is taken as an example for description.
如图3所示,本发明的第一实施方式的交易数据处理方法包括下述步骤:As shown in FIG3 , the transaction data processing method of the first embodiment of the present invention includes the following steps:
步骤S101:消费者使用银行卡在商户手机上刷卡;Step S101: The consumer uses a bank card to swipe the card on the merchant's mobile phone;
步骤S102:商户手机展示密码键盘,要求输入密码;Step S102: The merchant's mobile phone displays a password keyboard and requires the merchant to enter a password;
步骤S103:消费者不在商户手机上输入密码,而是消费者手机与商户手机“碰一碰”(即触发NFC事件);Step S103: the consumer does not enter a password on the merchant's mobile phone, but instead "touches" the consumer's mobile phone with the merchant's mobile phone (i.e. triggers an NFC event);
步骤S104:消费者手机和商户手机之间实现蓝牙配对;Step S104: Bluetooth pairing between the consumer's mobile phone and the merchant's mobile phone;
步骤S105:消费者在消费者手机上输入交易密码;Step S105: The consumer enters the transaction password on the consumer's mobile phone;
步骤S106:通过蓝牙传输将交易密码传送到商户手机;以及Step S106: transmitting the transaction password to the merchant's mobile phone via Bluetooth transmission; and
步骤S107:交易结束。Step S107: The transaction is completed.
如图3所示,消费者使用银行卡在商户手机上刷卡,如果不愿意在商户手机上输交易密码,则可以用自己的手机靠近商户手机“碰一碰”,消费者手机会启动手机钱包,弹出密码键盘,消费者在自己手机输入交易密码完成交易。本发明的交易数据处理方法适用于消费者使用银行卡刷卡支付的场景,但不适用于手机PAY支付,因为使用手机PAY时可通过输密/刷脸/指纹完成了身份认证,可直接完成支付。As shown in Figure 3, the consumer uses a bank card to swipe the merchant's mobile phone. If the consumer does not want to enter the transaction password on the merchant's mobile phone, he can use his own mobile phone to "touch" the merchant's mobile phone. The consumer's mobile phone will start the mobile wallet and pop up the password keyboard. The consumer enters the transaction password on his mobile phone to complete the transaction. The transaction data processing method of the present invention is suitable for the scenario where consumers use bank cards to pay by swiping, but is not suitable for mobile phone PAY payment, because when using mobile phone PAY, identity authentication can be completed by entering a password/swiping face/fingerprint, and payment can be completed directly.
接着,进一步参照图6对于本发明的第一实施方式的交易数据处理方法进行具体说明。Next, the transaction data processing method according to the first embodiment of the present invention will be described in detail with further reference to FIG. 6 .
图4是表示本发明的第一实施方式的交易数据处理方法的具体流程图。FIG. 4 is a specific flowchart showing the transaction data processing method according to the first embodiment of the present invention.
如图4所示,在步骤S1中,商户手机的手机钱包启动后,在商户手机展示交易金额,等待刷卡。在步骤S2中,消费者在商户手机上刷银行卡。在步骤S3中在商户手机上展示密码键盘,在步骤S4中用户判断是否在商户手机上输入密码,若是则在步骤S5中输入密码并完成交易,若否则继续步骤S6。As shown in FIG4 , in step S1, after the mobile wallet of the merchant's mobile phone is started, the transaction amount is displayed on the merchant's mobile phone, waiting for the card to be swiped. In step S2, the consumer swipes the bank card on the merchant's mobile phone. In step S3, the password keyboard is displayed on the merchant's mobile phone. In step S4, the user determines whether to enter the password on the merchant's mobile phone. If yes, the password is entered in step S5 and the transaction is completed. If not, proceed to step S6.
在步骤S6中,消费者手机与商户手机“碰一碰”(即触发NFC事件)。In step S6, the consumer's mobile phone touches the merchant's mobile phone (i.e. triggers an NFC event).
在步骤S7中,消费者手机侧唤醒手机钱包的支付模块(相当于密码键盘模块)。在步骤S8中,实现消费者手机与商户手机的蓝牙配对。在步骤S9中,实现鉴权并生成通信密钥。在步骤S10中,在消费者手机侧在弹出的密码键盘中输入交易密码。在步骤S11中,采用通信密钥对输入的交易密码进行签名和加密。在步骤S12中,在商户手机侧对加密的交易密码进行验证签名和解密。在步骤S13中完成交易。In step S7, the payment module (equivalent to the password keyboard module) of the mobile wallet is awakened on the consumer's mobile phone. In step S8, the Bluetooth pairing of the consumer's mobile phone and the merchant's mobile phone is realized. In step S9, authentication is realized and a communication key is generated. In step S10, the transaction password is entered in the pop-up password keyboard on the consumer's mobile phone. In step S11, the input transaction password is signed and encrypted using the communication key. In step S12, the encrypted transaction password is verified and decrypted on the merchant's mobile phone. In step S13, the transaction is completed.
其中,消费者用银行卡刷卡以后,商户手机启动NFC卡模拟模式,其中,标签信息(TAG info)中包含蓝牙mac地址和该笔订单信息,此时在步骤S6消费者用手机靠近商户手机,在步骤S8读取以上信息,实现手机的蓝牙配对。After the consumer swipes the bank card, the merchant's mobile phone starts the NFC card simulation mode, in which the tag information (TAG info) contains the Bluetooth mac address and the order information. At this time, in step S6, the consumer brings the mobile phone close to the merchant's mobile phone, and in step S8, the above information is read to achieve Bluetooth pairing of the mobile phone.
在步骤S9中,实现鉴权并生成通信密钥,具体地,在消费者手机中,利用手机钱包的私钥签名token,向商户手机传token、deviceId(设备ID)以及密钥种子并且从商户手机接收鉴权结果,由此完成鉴权过程。其中,token每次交易生成,作为发起网络请求的凭证,过期将失效。同时,密钥种子通过采用特定算法生成通信密钥,最终完成整个协商密钥的过程。图5是表示鉴权和通信密钥的生成过程示意图。In step S9, authentication is implemented and communication keys are generated. Specifically, in the consumer's mobile phone, the private key of the mobile wallet is used to sign the token, transmit the token, deviceId (device ID) and key seed to the merchant's mobile phone, and receive the authentication result from the merchant's mobile phone, thereby completing the authentication process. Among them, the token is generated for each transaction as a credential for initiating a network request, and will become invalid when it expires. At the same time, the key seed generates a communication key by using a specific algorithm, and finally completes the entire process of negotiating the key. Figure 5 is a schematic diagram showing the process of generating authentication and communication keys.
其中,在步骤S6中消费者手机与商户手机“碰一碰”,即NFC触发事件,消费者手机的系统会传递出Intent消息(即意图消息),消费者的手机钱包监听到该Intent消息,则会弹框提示用户选择哪个应用程序,如果选择了手机钱包,则会唤起手机钱包APP相关的密码键盘页面至系统前台。这里是通过Android系统的intent消息实现几码键盘的调用,Intent可以携带参数,打开钱包APP应用程序,并跳转到指定页面。其中,所有注册了NFC事件的APP应用程序都会弹出密码键盘提供的提示框,因此,消费者可以从中选择其中一个。Among them, in step S6, the consumer's mobile phone "touches" the merchant's mobile phone, that is, the NFC triggers the event, and the system of the consumer's mobile phone will transmit an Intent message (i.e., the intention message). When the consumer's mobile wallet listens to the Intent message, a pop-up box will be displayed to prompt the user to select which application. If the mobile wallet is selected, the password keyboard page related to the mobile wallet APP will be called to the system foreground. Here, the call of the code keyboard is realized through the intent message of the Android system. The Intent can carry parameters, open the wallet APP application, and jump to the specified page. Among them, all APP applications that have registered NFC events will pop up the prompt box provided by the password keyboard, so consumers can choose one of them.
图6是表示本发明的第一实施方式的交易数据处理系统的结构框图。FIG. 6 is a block diagram showing the structure of a transaction data processing system according to the first embodiment of the present invention.
如图6所示,本发明的第一实施方式的交易数据处理系统包括商户终端(即商户手机)100和用户终端(即用户手机)200。As shown in FIG. 6 , the transaction data processing system of the first embodiment of the present invention includes a merchant terminal (ie, a merchant mobile phone) 100 and a user terminal (ie, a user mobile phone) 200 .
其中,商户终端100包括:The merchant terminal 100 includes:
交易模块110,用于产生交易密码输入要求,并且基于交易信息以及获得的交易密码执行交易;The transaction module 110 is used to generate a transaction password input requirement and execute a transaction based on the transaction information and the obtained transaction password;
第一商户通信模块120,用于与用户终端200之间建立第一通信通道,其中,基于触发事件被触发建立第一通信通道,通过第一通信通道将商户终端100标签信息发送到用户终端200,其中,标签信息中包含通信连接信息和订单信息;以及A first merchant communication module 120 is configured to establish a first communication channel with the user terminal 200, wherein the first communication channel is established based on a triggering event, and the tag information of the merchant terminal 100 is sent to the user terminal 200 through the first communication channel, wherein the tag information includes communication connection information and order information; and
第二商户通信模块130,用于基于所述通信连接信息与用户终端200之间建立第二通信通道并用于接收来自用户终端200的交易密码。The second merchant communication module 130 is used to establish a second communication channel with the user terminal 200 based on the communication connection information and to receive a transaction password from the user terminal 200 .
用户终端200包括:The user terminal 200 includes:
第一用户通信模块210,用于与商户终端100之间建立第一通信通道,通过第一通信通道从商户终端100接收所述标签信息;The first user communication module 210 is used to establish a first communication channel with the merchant terminal 100 and receive the tag information from the merchant terminal 100 through the first communication channel;
密码键盘模块220,基于所述触发事件被唤起并用于提供密码键盘以供用户输入交易密码;以及A PIN pad module 220 is invoked based on the trigger event and is used to provide a PIN pad for the user to input a transaction password; and
第二用户通信模块230,用于与商户终端100之间基于所述通信连接信息建立第二通信通道并将通过所述密码键盘输入的交易密码通过所述第二通信通道发送到商户终端100。The second user communication module 230 is used to establish a second communication channel with the merchant terminal 100 based on the communication connection information and send the transaction password input through the password keyboard to the merchant terminal 100 through the second communication channel.
第二用户通信模块230还用于与第二商户通信模块130之间实现鉴权协商,以使得在所述第二商户通信模块130与第二用户通信模块230之间通过所述第二通信通道实现鉴权并通过密钥协商获得将通信密钥发送给商户通信模块130。The second user communication module 230 is also used to implement authentication negotiation with the second merchant communication module 130, so that authentication is implemented between the second merchant communication module 130 and the second user communication module 230 through the second communication channel and the communication key is obtained through key negotiation and sent to the merchant communication module 130.
用户终端200进一步包括:加密模块240,用于采用所述通信密钥对通过所述密码键盘输入的交易密码进行加密。The user terminal 200 further includes: an encryption module 240, which is used to encrypt the transaction password input through the password keyboard using the communication key.
这样,第二用户通信模块230将由加密模块240加密后的交易密码发送到商户终端100。In this way, the second user communication module 230 sends the transaction password encrypted by the encryption module 240 to the merchant terminal 100 .
其中,作为一个示例,第一通信通道是NFC通道,第二通信通道是蓝牙通道。As an example, the first communication channel is an NFC channel, and the second communication channel is a Bluetooth channel.
根据本发明的第一实施方式的交易数据处理方法以及交易数据处理系统,不需要用户在商户终端输入交易密码,而是通过“碰一碰”(NFC触发事件)唤起用户终端的密钥键盘,并通过用户终端的密码键盘输入交易密码,由此,不仅能够保护交易密码的安全性,而且还能提升用户的感受。According to the transaction data processing method and transaction data processing system of the first embodiment of the present invention, the user does not need to enter the transaction password at the merchant terminal. Instead, the key keyboard of the user terminal is awakened by "touch and pay" (NFC trigger event), and the transaction password is entered through the password keyboard of the user terminal. This not only protects the security of the transaction password, but also improves the user experience.
第二实施方式Second embodiment
接着,对于本发明的第二实施方式的交易数据处理方法以及交易数据处理系统进行具体说明。Next, a transaction data processing method and a transaction data processing system according to a second embodiment of the present invention will be described in detail.
图7是表示本发明的第二实施方式的交易数据处理方法的流程示意图。FIG. 7 is a schematic flow chart showing a transaction data processing method according to a second embodiment of the present invention.
在第二实施方式中,以在商户和消费者之间通过消费者手机和商户手机实现的交易数据处理方法为例进行说明,与第一实施方式不同之处在于,取代NFC触发方式,采用二维码扫描触发方式。In the second embodiment, a transaction data processing method implemented between a merchant and a consumer through a consumer mobile phone and a merchant mobile phone is used as an example for explanation. The difference from the first embodiment is that a QR code scanning trigger method is used instead of an NFC trigger method.
如图7所示,本发明的第二实施方式的交易数据处理方法包括下述步骤:As shown in FIG. 7 , the transaction data processing method according to the second embodiment of the present invention comprises the following steps:
步骤S201:消费者使用银行卡在商户手机上刷卡;Step S201: The consumer uses a bank card to swipe the card on the merchant's mobile phone;
步骤S202:商户手机展示密码键盘,要求输入密码,并且同时显示二维码图片,在二维码图片之中使得包含标签信息(TAG info),并且标签信息中包含蓝牙mac地址和该笔订单信息;Step S202: The merchant's mobile phone displays a password keyboard, requiring the merchant to enter a password, and displays a QR code image at the same time. The QR code image includes tag information (TAG info), and the tag information includes a Bluetooth MAC address and the order information.
步骤S203: 消费者手机扫描商户手机显示的二维码图片(即触发二维码扫码事件),获得二维码图片中包含的蓝牙mac地址和该笔订单信息;Step S203: The consumer's mobile phone scans the QR code image displayed on the merchant's mobile phone (i.e. triggers a QR code scanning event) to obtain the Bluetooth MAC address and order information contained in the QR code image;
步骤S204:利用蓝牙mac地址,消费者手机和商户手机之间实现蓝牙配对;Step S204: Bluetooth pairing is achieved between the consumer's mobile phone and the merchant's mobile phone using the Bluetooth MAC address;
步骤S205:基于二维码扫码事件,消费者手机自动启动手机钱包以弹出密码键盘,消费者在消费者手机的密码键盘上输入交易密码;Step S205: based on the QR code scanning event, the consumer's mobile phone automatically starts the mobile wallet to pop up a password keyboard, and the consumer enters the transaction password on the password keyboard of the consumer's mobile phone;
步骤S206:通过蓝牙传输将输入的交易密码传送到商户手机;以及Step S206: transmitting the input transaction password to the merchant's mobile phone via Bluetooth transmission; and
步骤S207:交易结束。Step S207: The transaction ends.
如图7所示,消费者使用银行卡在商户手机上刷卡,如果不愿意在商户手机上输交易密码,则可以用手机扫描商户手机中显示的二维码图片,基于二维码扫描触发事件,该消费者手机会启动手机钱包弹出密码键盘,消费者在自己手机输入交易密码完成交易。As shown in Figure 7, consumers use bank cards to swipe on the merchant's mobile phone. If they do not want to enter the transaction password on the merchant's mobile phone, they can use their mobile phone to scan the QR code image displayed on the merchant's mobile phone. Based on the QR code scanning trigger event, the consumer's mobile phone will start the mobile wallet and pop up the password keyboard. The consumer enters the transaction password on his or her mobile phone to complete the transaction.
接着,进一步参照图8对于本发明的第二实施方式的交易数据处理方法进行具体说明。Next, the transaction data processing method according to the second embodiment of the present invention will be described in detail with reference to FIG. 8 .
图8是表示本发明的第二实施方式的交易数据处理系统的结构框图。FIG8 is a block diagram showing the structure of a transaction data processing system according to a second embodiment of the present invention.
如图8所示,本发明的第二实施方式的交易数据处理系统包括商户终端(即商户手机)300和用户终端(即用户手机)400。As shown in FIG. 8 , the transaction data processing system according to the second embodiment of the present invention includes a merchant terminal (ie, a merchant mobile phone) 300 and a user terminal (ie, a user mobile phone) 400 .
其中,商户终端300包括:The merchant terminal 300 includes:
交易模块310,用于产生交易密码输入要求,并且基于交易信息以及获得的交易密码执行交易;The transaction module 310 is used to generate a transaction password input requirement and execute a transaction based on the transaction information and the obtained transaction password;
二维码模块320,用于将以二维码图片形式展示标签信息,其中,标签信息中包含通信连接信息和订单信息;以及A QR code module 320, used to display the label information in the form of a QR code image, wherein the label information includes communication connection information and order information; and
商户通信模块330,用于与用户终端400之间基于所述通信连接信息建立通信通道并用于接收来自用户终端400的交易密码。The merchant communication module 330 is used to establish a communication channel with the user terminal 400 based on the communication connection information and to receive a transaction password from the user terminal 400 .
用户终端400包括:The user terminal 400 includes:
信息接收模块410,用于扫描二维码图片获得所述标签信息;The information receiving module 410 is used to scan the QR code image to obtain the label information;
密码键盘模块420,基于二维码扫描事件被唤起并提供密码键盘,用于用户输入交易密码;以及A password keyboard module 420 is invoked based on a QR code scanning event and provides a password keyboard for a user to input a transaction password; and
用户通信模块430,用于与商户终端300之间建立通信通道并将通过所述密码键盘输入的交易密码通过所述通信通道发送到商户终端300。The user communication module 430 is used to establish a communication channel with the merchant terminal 300 and send the transaction password input through the password keyboard to the merchant terminal 300 through the communication channel.
用户通信模块430还用于与商户通信模块330之间实现鉴权协商,以使得在所述商户通信模块330与用户通信模块230之间通过所述通信通道实现鉴权并通过密钥协商获得将通信密钥发送给商户通信模块330。The user communication module 430 is also used to implement authentication negotiation with the merchant communication module 330, so that authentication is implemented between the merchant communication module 330 and the user communication module 230 through the communication channel and the communication key is obtained through key negotiation and sent to the merchant communication module 330.
用户终端400进一步包括:加密模块440,用于采用所述通信密钥对通过所述密码键盘输入的交易密码进行加密。The user terminal 400 further includes: an encryption module 440, which is used to encrypt the transaction password input through the password keyboard using the communication key.
这样,用户通信模块430将由加密模块440加密后的交易密码发送到商户终端300,并由商户通信模块330实现解密。In this way, the user communication module 430 sends the transaction password encrypted by the encryption module 440 to the merchant terminal 300 , and the merchant communication module 330 implements decryption.
其中,作为一个示例,所述通信通道是蓝牙通道。As an example, the communication channel is a Bluetooth channel.
本发明的第二实施方式的交易数据处理方法以及交易数据处理系统,不需要用户在商户终端输入交易密码,而是通过“扫描二维码”(二维码扫描事件)唤起用户终端的密钥键盘,并在用户终端输入交易密码,由此,不仅能够保护交易密码的安全性,而且还能提升用户的感受。The transaction data processing method and transaction data processing system of the second embodiment of the present invention do not require the user to enter the transaction password at the merchant terminal. Instead, the key keyboard of the user terminal is awakened by "scanning the QR code" (QR code scanning event) and the transaction password is entered at the user terminal. This not only protects the security of the transaction password, but also improves the user experience.
第三实施方式Third embodiment
接着,对于本发明的第三实施方式的交易数据处理方法以及交易数据处理系统进行具体说明。Next, a transaction data processing method and a transaction data processing system according to a third embodiment of the present invention will be described in detail.
在第三实施方式中与第一实施方式不同之处在于,取代通过蓝牙将交易报文发送到商户手机侧,而是从消费者手机侧将交易报文上送到服务端。The third embodiment is different from the first embodiment in that, instead of sending the transaction message to the merchant's mobile phone via Bluetooth, the transaction message is sent from the consumer's mobile phone to the service end.
如图9所示,本发明的第三实施方式的交易数据处理方法包括下述步骤:As shown in FIG9 , the transaction data processing method of the third embodiment of the present invention includes the following steps:
步骤S301:消费者使用银行卡在商户手机上刷卡;Step S301: The consumer uses a bank card to swipe the card on the merchant's mobile phone;
步骤S302:商户手机展示密码键盘,要求输入密码;Step S302: The merchant's mobile phone displays a password keyboard and requires the merchant to enter a password;
步骤S303: 消费者手机与商户手机“碰一碰”(即触发NFC事件);Step S303: The consumer's mobile phone touches the merchant's mobile phone (i.e. triggers an NFC event);
步骤S304:消费者手机和商户手机之间实现蓝牙配对;Step S304: Bluetooth pairing between the consumer's mobile phone and the merchant's mobile phone;
步骤S305:在消费者手机上弹出密码键盘,消费者在消费者手机的密码键盘上输入交易密码;Step S305: a password keyboard pops up on the consumer's mobile phone, and the consumer enters the transaction password on the password keyboard of the consumer's mobile phone;
步骤S306:从消费者手机将交易报文上送服务端,其中,消费者手机通过服务端的URL确定对应的服务端,消费者手机可以访问指定的服务端,完成数据通信,上送的信息主要就是订单支付信息,包括商品名称、金额等的订单信息以及消费者的支付方式、消费者的手机信息(包括交易密码)等;Step S306: The transaction message is sent from the consumer's mobile phone to the server. The consumer's mobile phone determines the corresponding server through the URL of the server. The consumer's mobile phone can access the designated server to complete data communication. The information sent is mainly the order payment information, including the order information such as the product name and amount, as well as the consumer's payment method, the consumer's mobile phone information (including the transaction password), etc.
步骤S307:图中示出的是对应的服务端将支付结果返回到消费者手机并且从消费者手机将支付结果通过蓝牙通道通知到商户手机,或者也可以对应的服务端将支付结果直接返回到商户手机(未图示);以及Step S307: As shown in the figure, the corresponding server returns the payment result to the consumer's mobile phone and notifies the payment result from the consumer's mobile phone to the merchant's mobile phone through the Bluetooth channel, or the corresponding server directly returns the payment result to the merchant's mobile phone (not shown); and
步骤S308:交易结束。Step S308: The transaction is completed.
图10是表示本发明的第三实施方式的交易数据处理系统的结构框图。FIG. 10 is a block diagram showing the structure of a transaction data processing system according to a third embodiment of the present invention.
如图10所示,本发明的第三实施方式的交易数据处理系统包括:商户终端(即商户手机)500和用户终端(即消费者手机)600。As shown in FIG. 10 , the transaction data processing system of the third embodiment of the present invention includes: a merchant terminal (ie, a merchant mobile phone) 500 and a user terminal (ie, a consumer mobile phone) 600 .
其中,商户终端500包括:The merchant terminal 500 includes:
交易模块510,用于产生交易密码输入要求;Transaction module 510, used to generate transaction password input requirements;
第一商户通信模块520,用于与用户终端600之间建立第一通信通道,其中,基于触发事件被触发建立第一通信通道,通过第一通信通道将商户终端500标签信息发送到用户终端600,其中,标签信息中包含通信连接信息和订单信息;以及A first merchant communication module 520, configured to establish a first communication channel with the user terminal 600, wherein the first communication channel is established based on a triggering event, and the tag information of the merchant terminal 500 is sent to the user terminal 600 through the first communication channel, wherein the tag information includes communication connection information and order information; and
第二商户通信模块530,用于与用户终端600之间建立第二通信通道。The second merchant communication module 530 is used to establish a second communication channel with the user terminal 600 .
用户终端600包括:The user terminal 600 includes:
第一用户通信模块610,用于与商户终端500之间建立第一通信通道,通过第一通信通道从商户终端100接收所述标签信息;The first user communication module 610 is used to establish a first communication channel with the merchant terminal 500 and receive the tag information from the merchant terminal 100 through the first communication channel;
密码键盘模块620,基于所述触发事件被唤起并提供密码键盘;A password keyboard module 620 is invoked based on the trigger event and provides a password keyboard;
第二用户通信模块630,用于与商户终端500之间建立第二通信通道并将下述的交易结果通过所述第二通信通道发送到商户终端600;以及A second user communication module 630, configured to establish a second communication channel with the merchant terminal 500 and send the following transaction results to the merchant terminal 600 through the second communication channel; and
第三户通信模块640,用于与服务端进行通信将与交易相关的信息发送到服务端并且接受来自服务端的交易结果。The third communication module 640 is used to communicate with the server to send transaction-related information to the server and receive transaction results from the server.
如上所述,根据发明的交易数据处理方法、交易数据处理系统以及终端,不需要在商户终端输入密码,而可以在用户终端输入密码来完成交易。As described above, according to the transaction data processing method, transaction data processing system and terminal of the invention, it is not necessary to input a password at the merchant terminal, but the password can be input at the user terminal to complete the transaction.
以上例子主要说明了本发明的交易数据处理方法、交易数据处理系统以及终端。尽管只对其中一些本发明的具体实施方式进行了描述,但是本领域普通技术人员应当了解,本发明可以在不偏离其主旨与范围内以许多其他的形式实施。因此,所展示的例子与实施方式被视为示意性的而非限制性的,在不脱离如所附各权利要求所定义的本发明精神及范围的情况下,本发明可能涵盖各种的修改与替换。The above examples mainly illustrate the transaction data processing method, transaction data processing system and terminal of the present invention. Although only some of the specific embodiments of the present invention are described, it should be understood by those skilled in the art that the present invention can be implemented in many other forms without departing from its subject matter and scope. Therefore, the examples and embodiments shown are regarded as illustrative rather than restrictive, and the present invention may cover various modifications and substitutions without departing from the spirit and scope of the present invention as defined in the appended claims.
Claims (17)
Priority Applications (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN202010586087.0A CN113837744B (en) | 2020-06-24 | 2020-06-24 | Transaction data processing method, transaction data processing system and terminal |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN202010586087.0A CN113837744B (en) | 2020-06-24 | 2020-06-24 | Transaction data processing method, transaction data processing system and terminal |
Publications (2)
| Publication Number | Publication Date |
|---|---|
| CN113837744A CN113837744A (en) | 2021-12-24 |
| CN113837744B true CN113837744B (en) | 2024-07-19 |
Family
ID=78964539
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN202010586087.0A Active CN113837744B (en) | 2020-06-24 | 2020-06-24 | Transaction data processing method, transaction data processing system and terminal |
Country Status (1)
| Country | Link |
|---|---|
| CN (1) | CN113837744B (en) |
Citations (3)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN103136668A (en) * | 2011-11-28 | 2013-06-05 | 中兴通讯股份有限公司 | Terminal payment method, terminal and payment platform |
| WO2017185349A1 (en) * | 2016-04-29 | 2017-11-02 | 华为技术有限公司 | Transaction method and device based on near-field communication (nfc) |
| CN107833046A (en) * | 2017-11-28 | 2018-03-23 | 恒宝股份有限公司 | A kind of method of mobile payment and its checkout terminal |
Family Cites Families (10)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN102096972A (en) * | 2009-12-15 | 2011-06-15 | 中国移动通信集团公司 | Method and system for finishing on-line payment based on user terminal, and user terminal |
| US20120185306A1 (en) * | 2011-01-18 | 2012-07-19 | Fang Cheng | Electronic Transaction Record Distribution System |
| CN103164911B (en) * | 2011-12-09 | 2016-02-03 | 国民技术股份有限公司 | A kind of Swiping-card payment system and method |
| US10460314B2 (en) * | 2013-07-10 | 2019-10-29 | Ca, Inc. | Pre-generation of session keys for electronic transactions and devices that pre-generate session keys for electronic transactions |
| CN104123645B (en) * | 2014-07-15 | 2018-08-31 | 北京金科联信数据科技有限公司 | Mobile Internet intelligent payment terminal and payment system based on financial security certification |
| CN105590193A (en) * | 2014-11-03 | 2016-05-18 | 中国银联股份有限公司 | Dual-channel payment information uploading payment method and payment system |
| CN104574078B (en) * | 2014-11-27 | 2018-03-13 | 深圳市淘淘谷信息技术有限公司 | Bank card and the method for user social contact media account binding are realized based on POS transaction |
| KR102488691B1 (en) * | 2017-05-25 | 2023-01-13 | 강수향 | Method for a customer initiated payment transaction |
| CN109359968A (en) * | 2018-09-28 | 2019-02-19 | 中国工商银行股份有限公司 | A kind of method of payment, device, electronic equipment and payment label |
| CN110738490A (en) * | 2019-10-08 | 2020-01-31 | 拉卡拉支付股份有限公司 | Near field mobile payment method, device, acceptance terminal and storage medium |
-
2020
- 2020-06-24 CN CN202010586087.0A patent/CN113837744B/en active Active
Patent Citations (3)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN103136668A (en) * | 2011-11-28 | 2013-06-05 | 中兴通讯股份有限公司 | Terminal payment method, terminal and payment platform |
| WO2017185349A1 (en) * | 2016-04-29 | 2017-11-02 | 华为技术有限公司 | Transaction method and device based on near-field communication (nfc) |
| CN107833046A (en) * | 2017-11-28 | 2018-03-23 | 恒宝股份有限公司 | A kind of method of mobile payment and its checkout terminal |
Also Published As
| Publication number | Publication date |
|---|---|
| CN113837744A (en) | 2021-12-24 |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| US10917405B2 (en) | Methods and systems for providing FIDO authentication services | |
| CN112805757B (en) | System and method for password authentication of contactless cards | |
| US9852418B2 (en) | Trusted service manager (TSM) architectures and methods | |
| CN110770774B (en) | Authentication and encryption schemes in data storage | |
| CN103380592B (en) | Method, server and system for personal authentication | |
| EP2481230B1 (en) | Authentication method, payment authorisation method and corresponding electronic equipments | |
| US7788500B2 (en) | Biometric authentication device and terminal | |
| US20090265544A1 (en) | Method and system for using personal devices for authentication and service access at service outlets | |
| US20190087814A1 (en) | Method for securing a payment token | |
| JP2019521620A (en) | Establish secure channel | |
| KR20170139658A (en) | Mobile payment terminal and method with trusted execution environment | |
| KR101792220B1 (en) | Method, mobile terminal, device and program for providing user authentication service of combining biometric authentication | |
| WO2022001176A1 (en) | Method for applying for payment token, apparatus, system, and server | |
| CN118014566A (en) | Transaction method and transaction system based on digital currency hardware wallet | |
| JP2002259866A (en) | Mobile terminal connection type card reader device and authentication settlement method using the same | |
| US11960581B2 (en) | Mobile device secret protection system and method | |
| CN113837744B (en) | Transaction data processing method, transaction data processing system and terminal | |
| CN106462850A (en) | Secure transmission of payment credentials | |
| CN116097686B (en) | Secure end-to-end pairing of a secure element with a mobile device | |
| CN105405010B (en) | Trading device, trading system and trading method using the same | |
| TW201804384A (en) | Electronic card creating system and method thereof capable of effectively improving security of card information | |
| US12547686B2 (en) | Mobile device secret protection system and method | |
| EP4250210A1 (en) | Devices, methods and a system for secure electronic payment transactions | |
| EP4250207A1 (en) | Devices, methods and a system for secure electronic payment transactions | |
| EP3116159A1 (en) | Method and apparatus for securing data transmission |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| PB01 | Publication | ||
| PB01 | Publication | ||
| SE01 | Entry into force of request for substantive examination | ||
| SE01 | Entry into force of request for substantive examination | ||
| GR01 | Patent grant | ||
| GR01 | Patent grant |