[go: up one dir, main page]

WO2014146286A1 - Secure payment system and method for bank card by using real-time communication - Google Patents

Secure payment system and method for bank card by using real-time communication Download PDF

Info

Publication number
WO2014146286A1
WO2014146286A1 PCT/CN2013/073030 CN2013073030W WO2014146286A1 WO 2014146286 A1 WO2014146286 A1 WO 2014146286A1 CN 2013073030 W CN2013073030 W CN 2013073030W WO 2014146286 A1 WO2014146286 A1 WO 2014146286A1
Authority
WO
WIPO (PCT)
Prior art keywords
account
user
bank card
bank
network
Prior art date
Application number
PCT/CN2013/073030
Other languages
French (fr)
Chinese (zh)
Inventor
黄凯铃
Original Assignee
Wong Hoiling
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Wong Hoiling filed Critical Wong Hoiling
Priority to PCT/CN2013/073030 priority Critical patent/WO2014146286A1/en
Priority to CN201380074977.1A priority patent/CN105247549A/en
Priority to HK16107977.4A priority patent/HK1220025A1/en
Publication of WO2014146286A1 publication Critical patent/WO2014146286A1/en

Links

Classifications

    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06QINFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES, NOT OTHERWISE PROVIDED FOR
    • G06Q20/00Payment architectures, schemes or protocols
    • G06Q20/30Payment architectures, schemes or protocols characterised by the use of specific devices or networks
    • G06Q20/32Payment architectures, schemes or protocols characterised by the use of specific devices or networks using wireless devices
    • G06Q20/322Aspects of commerce using mobile devices [M-devices]
    • G06Q20/3223Realising banking transactions through M-devices
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06QINFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES, NOT OTHERWISE PROVIDED FOR
    • G06Q20/00Payment architectures, schemes or protocols
    • G06Q20/08Payment architectures
    • G06Q20/085Payment architectures involving remote charge determination or related payment systems
    • G06Q20/0855Payment architectures involving remote charge determination or related payment systems involving a third party
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06QINFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES, NOT OTHERWISE PROVIDED FOR
    • G06Q20/00Payment architectures, schemes or protocols
    • G06Q20/38Payment protocols; Details thereof
    • G06Q20/40Authorisation, e.g. identification of payer or payee, verification of customer or shop credentials; Review and approval of payers, e.g. check credit lines or negative lists
    • G06Q20/401Transaction verification
    • G06Q20/4014Identity check for transactions

Definitions

  • the present invention relates to the field of financial payment, and more particularly to a bank card security payment system and method using real-time communication.
  • the bank card Since the bank card is convenient to carry and easy to use, it brings a quick and convenient payment method to the card owner, so the use of the bank card is more and more common, and many people have more than one bank card.
  • the bank card gives the card owner a quick and convenient payment method, it also brings some security problems. Some criminals steal the bank card information of others through various means, then copy the fake card for consumer payment, or steal the card card information of the card owner.
  • the card owner In the online consumption, the card owner generally finds that his bank card account has been stolen after receiving the monthly statement, which causes the card owner to suffer losses, which is an extremely problem to be solved.
  • the bank card security payment system and method using the real-time communication of the present invention are proposed.
  • the object of the present invention is achieved by the use of such a bank card secure payment system, characterized in that the system comprises a user's bank card account and a mobile phone (2), a merchant's transaction terminal (3), and a payment network ( 4), an account security server (5), wherein the account security server (5) is connected to the payment network (4), the account security server (5) is provided with real-time communication server software, and the user's mobile phone (2) is provided Real-time communication application, mobile phone (2) through the real-time communication application via a communication network such as mobile phone network, WIFI network, etc.
  • a bank card secure payment system characterized in that the system comprises a user's bank card account and a mobile phone (2), a merchant's transaction terminal (3), and a payment network ( 4), an account security server (5), wherein the account security server (5) is connected to the payment network (4), the account security server (5) is provided with real-time communication server software, and the user's mobile phone (2) is provided Real-time communication application, mobile phone (2) through the real-
  • wireless network access account security server (5) transaction terminal (3) through wired / wireless network example
  • account security server (5) records the user's bank card account account information, the user's bank card account and the user
  • the mobile phone (2) is associated with, and, when the payment network (4) receives the transaction request from the merchant's transaction terminal (3) that belongs to the user's bank card account, the payment network (4) passes the account security server (5) Mobile phone associated with the bank card account
  • a bank card secure payment method comprises setting an account security server (5), recording account information of the user's bank card account in the account security server (5), and The bank card account is associated with the user's mobile phone (2), the account security server (5) is connected to the payment network (4), and the account security server
  • the user's mobile phone (2) has a real-time communication application, and the mobile phone (2) accesses the wireless network through a communication network such as a mobile phone network, a WIFI network, etc. through the real-time communication application.
  • Account security server (5) and, when the payment network
  • the payment network (4) passes the account security server (5) and the associated mobile phone of the bank card account (2) Perform security verification to verify the identity of the user, and secure the network after payment verification
  • the payment system and method of the invention can communicate with the user's mobile phone (2) through real-time communication mode when the user pays, and instantly verify the authenticity of the user identity to ensure the security of the user's bank card account.
  • the real-time communication between the account security server (5) and the user's mobile phone (2) is a step of verifying the identity of the user by using a communication path independent of the original bank card payment network, so even if the user's bank card account is stolen by the thief As long as the user's mobile phone (2) is in hand, the thief can't succeed, and the user's bank card account is secure.
  • FIG. 1 is a schematic explanatory view of a bank card secure payment system according to a first embodiment of the present invention
  • FIG. 2 is a schematic explanatory view of a bank card secure payment system according to a second embodiment of the present invention
  • FIG. 4 is a schematic explanatory diagram of a bank card secure payment system according to a fourth embodiment of the present invention
  • FIG. 5 is a fifth embodiment of the present invention
  • FIG. 6 is a schematic diagram showing the image of a bank card secure payment system according to a sixth embodiment of the present invention
  • FIG. 7 is a bank card according to a seventh embodiment of the present invention
  • FIG. 8 is a schematic diagram showing the image of a secure payment system for a bank card according to an eighth embodiment of the present invention.
  • FIG. In the figures, the same numerals represent the same systems, devices, and components, and the drawings are schematic for illustrating the constitution and main features of the present invention.
  • Figure 1 is a schematic illustration of the image of a bank card secure payment system in accordance with a first embodiment of the present invention.
  • the system shown in Figure 1 includes a bank card representing a user's bank card account.
  • a real-time communication application is provided, and the mobile phone (2) accesses the account security server via the communication network via a communication network such as a mobile phone network, a WIFI network, or the like.
  • the merchant's transaction terminal (3) accesses the payment network (4) through various wired/wireless networks such as mobile phone network, WIFI network, regional network, internet, etc., and the user needs to be in the account security server (5)
  • the account security server (5) records the account information of the user's bank card account, and associates the user's bank card account with the user's mobile phone (2).
  • the end (3) uses its bank card account for payment, and when the payment network (4) receives the transaction request of the merchant's transaction terminal (3) that belongs to the user's bank card account, the payment network (4) passes the account security server ( 5) The mobile phone (2) associated with the bank card account performs a security verification to verify the identity of the user. After the security verification is successful, the payment network (4) continues the subsequent steps of the transaction, otherwise the transaction is rejected.
  • the account security server (5) of the present invention is added, and when the payment is made, the step of securely verifying the identity of the user is additionally added, through the account security server (5) Secure the user's identity with the user's mobile phone (2) in real-time communication. After the security verification is successful, the payment network
  • the transaction terminal (3) with the merchant also needs to continue to perform the operations that have not been performed before. These operations are the subsequent steps described in this specification, such as verifying user account balances, account credits, etc., since these are existing.
  • the operation steps of the bank card payment which are not the features of the present invention, are not described in detail in this specification.
  • the method used by the bank card secure payment system shown in FIG. 1 includes setting an account security server (5), recording account information of the user's bank card account in the account security server (5), and
  • the bank card account is associated with the user's mobile phone (2)
  • the account security server (5) is connected to the payment network (4)
  • the account security server (5) is provided with real-time communication server software, the user's mobile phone (2) Real-time communication app, mobile phone
  • the payment network (4) accessing the account security server (5) via the communication network via a communication network such as a mobile phone network, a WIFI network, etc., and, when the payment network (4) receives the transaction terminal (3) of the merchant, When the transaction request belongs to the user's bank card account, the payment network (4) verifies the security verification of the user identity through the account security server (5) and the associated mobile phone (2) of the bank card account, after the security verification is successful. The payment network (4) will proceed with the next steps of the transaction, otherwise the transaction will be rejected.
  • a communication network such as a mobile phone network, a WIFI network, etc.
  • FIG. 2 is a schematic explanatory diagram of a bank card security payment system according to a second embodiment of the present invention
  • FIG. 3 is a schematic representation of a bank card security payment system according to a third embodiment of the present invention.
  • Figure 4 is an image of a bank card secure payment system according to a fourth embodiment of the present invention 2 to 4 show the second to fourth embodiments of the present invention, respectively, showing an example of implementing the present invention in a different manner of the payment network (4), the following differences The implementation examples are described in further detail.
  • the payment network (4) of the second embodiment shown in FIG. 2 includes a bank card network (401), an acquiring bank (402) having a bank account of the merchant, and a bank card account provided with the user.
  • the payment network (4) of the third embodiment shown in FIG. 3 includes a bank card network (401), an acquiring bank (402) having a bank account of the merchant, and a bank card account provided with the user.
  • the issuing bank (403) is connected to the account security server (5), and the transaction terminal (3) is connected via a wired/wireless network such as a mobile phone network, a WIFI network, Regional network, internet and other network access payment networks
  • the account security server (5) is connected to the issuing bank (403) by telecommunications, and the account security server (5) can be Integrated into the issuing bank (403), all transaction payments for bank card accounts belonging to the issuing bank (403) can be securely verified by the account security server (5) to protect the identity of the user, thereby securing the bank card account of the bank. Safety.
  • the payment network (4) of the fourth embodiment shown in FIG. 4 includes a bank card network (401), an acquiring bank (402) having a bank account of the merchant, and a bank card account provided with the user.
  • a payment gateway (404) is included in the payment network (4), and the payment gateway (404) provides network services to the merchant's transaction terminal (3) and the acquiring bank (402), many existing The credit card payment system uses this architecture.
  • the account security server (5) is in telecommunication connection with the payment gateway (404), and the account security server (5) can be integrated into the payment gateway (404), and all transactions processed by the payment gateway (404) are processed. The payment can be performed through the account security server (5) to perform security verification steps on the user's identity, thereby ensuring the security of the user's bank card account.
  • the bank card network (401) includes a VISA card network, a China UnionPay card network terminal, a MasterCard network terminal, an American Express card (American Express) network terminal, a Japanese JCB card network, a Diner card network, and the like.
  • the network can be applied to these different payment networks as well as the network that accepts bank card payments.
  • the transaction terminal (3) is Refers to equipment that can generate payment transactions, including POS machines used by general merchants for collections, credit card machines that can accept credit cards, credit card machines for debit card payments, card readers for contactless financial cards, etc.
  • a computer or server such as a server for a shopping website, a server for providing telephone/television shopping services, an account server for public transfer charges, a bank ATM, or an online banking service.
  • Computers that generate transactions based on user account operations, etc., for convenience of explanation, are referred to as transaction terminals in this specification.
  • the bank card (1) described in this specification includes a credit card, a debit card, a charge card, a charge card, a debit card, a withdrawal card, a withdrawal card, etc., issued by a bank or financial institution.
  • the card for payment or transaction is always referred to as a bank card (1) in this manual.
  • the mobile phone (2) described in this manual it refers to a communication tool that can communicate, including a smartphone, a tablet, a personal digital assistant (PDA), etc., which can communicate via a network.
  • PDA personal digital assistant
  • the main feature of the present invention is to securely authenticate the identity of the user through the account security server (5) and the user's mobile phone (2) at the time of payment, the account security server.
  • a simpler level of security verification can be used, such as an account security server (5) to check whether the user's mobile phone (2) has successfully accessed the account security server.
  • the security verification if the mobile phone (2) has successfully accessed the account security server (5), the security verification is successful, otherwise the security verification fails, as long as the user's mobile phone (2) is powered on, and the account security server is accessed (5) ), the user can make a small amount of payment.
  • the prompt information may be sent to the user's mobile phone as the security verification.
  • the account security server (5) transmits the prompt information about the transaction to the user's mobile phone (2), such as the prompt. If the information has been successfully transmitted to the phone, the security verification is successful, otherwise the security verification fails.
  • the security verification is successfully completed, and the user can From the prompt information, I know that my bank card account has just made a payment transaction. If the user does not make a payment and receives a prompt message indicating that someone may have stolen the user's bank card account, the user can immediately report to the bank or Alarm handling, reducing losses.
  • a higher level of security verification can be used.
  • a confirmation message for confirmation must be set up in advance for the user on the account security server (5).
  • This confirmation message can be a password or a dynamically changeable message.
  • the security verification includes, in addition to the account security server (5) transmitting the prompt information about the transaction to the user's mobile phone (2), and including the account security server (5) to check The confirmation message returned by the user through the user's mobile phone (2); if the account security server (5) verifies that the confirmation information is correct, the security verification is successful, otherwise the security verification fails.
  • the account security server (5) is also required to store the user's personal information, such as the user's name, age, address, phone number, hobby, occupation, company name and address, etc. It may include personal information of the relatives of the user, etc., may also include the user's recent transaction record, etc., and may be used as the personal information of the user.
  • the account security server (5) performs security verification, randomly select some of the personal information of the user.
  • each verification question can be combined with a correct answer and multiple similar and erroneous answers, and the user can answer the question in a multiple-choice manner, so that the user can return the answer information more quickly.
  • the different levels of security verification described above may be selected solely for use in the system and method of the present invention, or may be selected in whole or in part for the system and method of the present invention, and may be determined based on payment amount or transaction risk.
  • the level of security verification For example, a small amount of payment only needs to check the user's mobile phone (2) has access to the account security server (5); for example, when the user makes a large amount of payment in the store, the user needs to return the correct confirmation information through the mobile phone (2); For online payment, since online payment is a high-risk category, in addition to requiring the user to return the correct confirmation message via the mobile phone (2), the user is required to answer multiple verification questions through the mobile phone (2), and all the correct answers can pass the security verification.
  • the object of the present invention is well achieved regardless of the level of safety verification described above, and is within the scope of the present invention.
  • Fig. 5 is a schematic explanatory view showing the image of a bank card secure payment system according to a fifth embodiment of the present invention
  • Fig. 5 is a view showing an embodiment of the present invention applied to an ATM cash machine.
  • the transaction terminal (3) is a bank ATM machine
  • the payment network (4) is a bank having a user bank card account and its ATM network, and the user uses his bank card (1) to withdraw money at the ATM.
  • the payment network (4) immediately verifies through the account security server (5) and the associated mobile phone (2) of the bank card account. The user's identity is verified securely, and the user can successfully perform the transaction after the security verification is successful, otherwise the payment network (4) rejects the transaction.
  • Fig. 6 there is shown a schematic diagram of the image of the bank card secure payment system of the sixth embodiment of the present invention, and Fig. 6 shows an example of the application of the present invention to the online banking service.
  • the transaction terminal (3) is an online banking server, and the user accesses the online banking server through the internet (6) using an internet-connected computer (7) to perform account operations, such as transfer, Payment, purchase of stocks, etc.
  • the online banking server generates transaction information according to the user's operation, and to the payment network (4) Issue a transaction request, request payment from the user's bank card account, and the payment network (4) immediately verify the identity of the user through the account security server (5) and the mobile phone (2) associated with the bank card account, security verification After the successful payment network (4), the payment of the transaction is performed, and the online banking server can complete the operation of the account, otherwise the payment network (4) rejects the payment of the transaction, and the online banking server cannot complete the operation of the account.
  • this embodiment allows the user to grasp the security of his bank card account through the mobile phone (2), even if the hacker steals the user's bank card account information, the hacker does not have the user's mobile phone.
  • Figure 7 is a schematic illustration of the image of a bank card secure payment system in accordance with a seventh embodiment of the present invention, and Figure 7 shows an embodiment of the present invention applied to online shopping.
  • the transaction terminal (3) is a shopping website/online mall/online store/software website/music website/movie website/etc., which sells goods/software/services/videos, etc. through the network.
  • E-commerce server of the class network store the user uses the internet terminal (7) through the internet
  • the e-commerce server Logging in to the e-commerce server, ie, the transaction terminal (3) placing an order, the e-commerce server generates transaction information according to the user's order, and issues a transaction request to the payment network (4), requesting payment from the user's bank card account, and paying the network.
  • the payment network (4) Immediately verify the identity of the user through the account security server (5) and the mobile phone (2) associated with the bank card account. After the security verification is successful, the payment network (4) will pay for the order transaction, otherwise the payment will be made. The network (4) rejects the payment for the order transaction.
  • the embodiment is also applicable to an electronic merchant such as a TV shopping and a telephone shopping.
  • the payment network (4) When the user places an order for payment, the payment network (4) immediately verifies the account through the account security server (5) and the user's mobile phone (2). The security verification of the user identity, after the security verification is successful, the payment network (4) will pay for the order transaction, otherwise the payment network
  • FIG. 8 is a schematic explanatory diagram of a bank card secure payment system according to an eighth embodiment of the present invention
  • FIG. 8 is a view showing an embodiment of the present invention applied to automatic transfer payment.
  • the transaction terminal (3) is an automatic transfer accounting system
  • the automatic transfer account The system is the accounting system server of a public institution such as a power company, a gas company, a telephone company, etc.
  • These automatic transfer accounting systems usually transfer funds from the user's bank account through the bank on a regular basis. Although automatic transfer is convenient and fast, many automatic transfer bills are not fixed amount, but depending on the usage. Users usually receive the monthly statement after the automatic transfer is completed, and many users know that they will be charged more.
  • the automatic transfer accounting system that is, the transaction terminal (3) requests the bank's payment network (4) to automatically transfer money from the user's bank card account, for example, the power company automatically transfers money from the user's bank card account.
  • the payment network (4) immediately verify the identity of the user through the account security server (5) and the associated mobile phone (2) of the bank card account. After the security verification is successful, the bank is the payment network (4).
  • the automatic transfer payment is made, otherwise the payment network (4) refuses to execute the automatic transfer branch, and the user does not have to worry about being charged more, which is beneficial to the promotion of automatic transfer.
  • the bank card secure payment system and method using the real-time communication of the invention can protect the security of the user's bank card account.
  • the implementation of the present invention brings good benefits and is beneficial to both banks and users.

Landscapes

  • Business, Economics & Management (AREA)
  • Engineering & Computer Science (AREA)
  • Accounting & Taxation (AREA)
  • Strategic Management (AREA)
  • Physics & Mathematics (AREA)
  • General Business, Economics & Management (AREA)
  • General Physics & Mathematics (AREA)
  • Theoretical Computer Science (AREA)
  • Finance (AREA)
  • Computer Networks & Wireless Communication (AREA)
  • Computer Security & Cryptography (AREA)
  • Financial Or Insurance-Related Operations Such As Payment And Settlement (AREA)

Abstract

A secure payment system and method for a bank card by using real-time communication, comprising a bank card account and a mobile phone (2) of a user, a transaction terminal (3) of a commercial tenant, a payment network (4), and an account security server (5). The account security server (5) is provided with real-time communication server end software. The mobile phone (2) of the user is provided with a real-time communication application pattern. The mobile phone (2) accesses the account security server (5) by using the real-time communication application pattern. The bank card account of the user is associated with the mobile phone (2). When the payment network (4) receives a transaction request transferred by the transaction terminal (3) of the commercial tenant and belonging to the bank card account of the user, the payment network (4) performs, by using the account security server (5) and the mobile phone (2) associated with the bank card account, security verification for verifying an identity of the user in a real-time communication manner, and after the verification succeeds, continues to perform a subsequent step of the transaction; otherwise, refuses the transaction.

Description

利用实时通讯的银行卡安全支付系统和方法 Bank card secure payment system and method using real-time communication
【技术领域】 [Technical Field]
本发明涉及金融支付领域, 特别是涉及一种利用实时通讯的银行卡安 全支付系统和方法。  The present invention relates to the field of financial payment, and more particularly to a bank card security payment system and method using real-time communication.
【背景技术】 【Background technique】
由于银行卡携带方便, 而且容易使用, 给卡主带来快捷方便的支付方 法, 所以银行卡的使用越来越普遍, 很多人拥有超过一张银行卡。 虽然银 行卡给予卡主快捷方便的支付方法, 但是也带来一些保安问题, 一些犯罪 分子通过种种手段盗取他人的银行卡资料, 然后复制假卡进行消费付款, 或者盗用卡主的银行卡资料在网上消费, 卡主一般要收到月结单后才会发 觉自己的银行卡账户被人盗用, 令卡主蒙受损失, 是一个极待解决的问 题。 为保护银行卡账户安全, 防止卡主的银行卡账户被盗用, 而提出本发 明的利用实时通讯的银行卡安全支付系统和方法。  Since the bank card is convenient to carry and easy to use, it brings a quick and convenient payment method to the card owner, so the use of the bank card is more and more common, and many people have more than one bank card. Although the bank card gives the card owner a quick and convenient payment method, it also brings some security problems. Some criminals steal the bank card information of others through various means, then copy the fake card for consumer payment, or steal the card card information of the card owner. In the online consumption, the card owner generally finds that his bank card account has been stolen after receiving the monthly statement, which causes the card owner to suffer losses, which is an extremely problem to be solved. In order to protect the security of the bank card account and prevent the card card account of the card owner from being stolen, the bank card security payment system and method using the real-time communication of the present invention are proposed.
【发明内容】 [Summary of the Invention]
本发明的目的, 在于提供一种利用实时通讯的银行卡安全支付系统和 方法, 以实现在安全支付中的多种应用。  It is an object of the present invention to provide a bank card secure payment system and method utilizing real time communication to achieve multiple applications in secure payment.
本发明的目的是这样实现的, 采用这样一种银行卡安全支付系统, 其 特征在于, 所述的系统包括用户的银行卡账户和手机(2 ) 、 商户的交易 终端 (3 ) 、 支付网络(4 ) 、 账户安全服务器 (5 ) , 其中, 账户安全服 务器 (5 ) 与支付网络(4 )相电讯连接, 账户安全服务器 (5 )设有实时 通讯服务器端软件,用户的手机( 2 )设有实时通讯应用程式, 手机( 2 ) 通过该实时通讯应用程式经通讯网络例如移动电话网络、 WIFI 网络等等无 线网络接入账户安全服务器 (5 ) , 交易终端 (3 )通过有线 /无线网络例 如移动电话网络、 WIFI 网络、 区域网络、 互联网络等等各类网络接入支付 网络( 4 ) , 账户安全服务器( 5 )记录用户的银行卡账户的账户资料, 用 户的银行卡账户与该用户的手机(2)相关联, 以及, 当支付网络(4) 收 到商户的交易终端 (3)传送来属于用户的银行卡账户的交易请求时, 支 付网络 (4 ) 通过账户安全服务器 ( 5 ) 和该银行卡账户相关联的手机The object of the present invention is achieved by the use of such a bank card secure payment system, characterized in that the system comprises a user's bank card account and a mobile phone (2), a merchant's transaction terminal (3), and a payment network ( 4), an account security server (5), wherein the account security server (5) is connected to the payment network (4), the account security server (5) is provided with real-time communication server software, and the user's mobile phone (2) is provided Real-time communication application, mobile phone (2) through the real-time communication application via a communication network such as mobile phone network, WIFI network, etc. wireless network access account security server (5), transaction terminal (3) through wired / wireless network example Such as mobile phone network, WIFI network, regional network, Internet and other types of network access payment network (4), account security server (5) records the user's bank card account account information, the user's bank card account and the user The mobile phone (2) is associated with, and, when the payment network (4) receives the transaction request from the merchant's transaction terminal (3) that belongs to the user's bank card account, the payment network (4) passes the account security server (5) Mobile phone associated with the bank card account
( 2) 进行验证该用户身份的安全验证, 安全验证成功后支付网络(4) 才 继续进行该交易的后续步骤, 否则拒绝该交易。 (2) Perform a security verification to verify the identity of the user. After the security verification is successful, the payment network (4) will continue the subsequent steps of the transaction, otherwise the transaction will be rejected.
以及, 还采用这样一种银行卡安全支付方法, 其特征在于, 所述的方 法包括设置账户安全服务器(5 ) , 在账户安全服务器(5 )记录用户的银 行卡账户的账户资料, 并将用户的银行卡账户与该用户的手机(2 )相关 联, 账户安全服务器(5 ) 与支付网络(4)相电讯连接, 账户安全服务器 And, a bank card secure payment method is also adopted, characterized in that the method comprises setting an account security server (5), recording account information of the user's bank card account in the account security server (5), and The bank card account is associated with the user's mobile phone (2), the account security server (5) is connected to the payment network (4), and the account security server
( 5 )设有实时通讯服务器端软件,用户的手机(2 )设有实时通讯应用程 式, 手机(2)通过该实时通讯应用程式经通讯网络例如移动电话网络、 WIFI 网络等等无线网络接入账户安全服务器 ( 5 ) , 以及, 当支付网络(5) With real-time communication server software, the user's mobile phone (2) has a real-time communication application, and the mobile phone (2) accesses the wireless network through a communication network such as a mobile phone network, a WIFI network, etc. through the real-time communication application. Account security server (5), and, when the payment network
(4) 收到商户的交易终端 (3)传送来属于用户的银行卡账户的交易请求 时, 支付网络(4)通过账户安全服务器(5)和该银行卡账户的相关联的 手机 (2 ) 进行验证该用户身份的安全验证, 安全验证成功后支付网络(4) When the transaction terminal (3) of the receiving merchant receives the transaction request belonging to the user's bank card account, the payment network (4) passes the account security server (5) and the associated mobile phone of the bank card account (2) Perform security verification to verify the identity of the user, and secure the network after payment verification
(4) 才继续进行该交易的后续步骤, 否则拒绝该交易。 (4) Continue the subsequent steps of the transaction, otherwise reject the transaction.
这样就很好地实现本发明的目的。  This achieves the object of the present invention well.
本发明的支付系统和方法, 在用户支付时, 通过实时通讯方式与用户 的手机(2)通讯, 即时验证用户身份的真确性, 以保障用户的银行卡账 户安全。 此外, 账户安全服务器(5 ) 与用户手机(2)之间的实时通讯, 是采用独立于原来银行卡支付网络的通讯路径来进行验证用户身份的步 骤, 所以即使用户的银行卡账户被贼人盗用, 只要用户的手机 (2 ) 在 手, 贼人就无法得逞, 保障了用户的银行卡账户安全。 【附图说明】 The payment system and method of the invention can communicate with the user's mobile phone (2) through real-time communication mode when the user pays, and instantly verify the authenticity of the user identity to ensure the security of the user's bank card account. In addition, the real-time communication between the account security server (5) and the user's mobile phone (2) is a step of verifying the identity of the user by using a communication path independent of the original bank card payment network, so even if the user's bank card account is stolen by the thief As long as the user's mobile phone (2) is in hand, the thief can't succeed, and the user's bank card account is secure. [Description of the Drawings]
图 1是本发明第一实施例的银行卡安全支付系统的形像化示意说明图; 图 2是本发明第二实施例的银行卡安全支付系统的形像化示意说明图; 图 3是本发明第三实施例的银行卡安全支付系统的形像化示意说明图; 图 4是本发明第四实施例的银行卡安全支付系统的形像化示意说明图; 图 5是本发明第五实施例的银行卡安全支付系统的形像化示意说明图; 图 6是本发明第六实施例的银行卡安全支付系统的形像化示意说明图; 图 7是本发明第七实施例的银行卡安全支付系统的形像化示意说明图; 图 8是本发明第八实施例的银行卡安全支付系统的形像化示意说明图。 图中, 相同的数字代表相同的系统、 装置、 部件器件, 附图是示意性 的, 用以说明本发明的构成和主要特征。  1 is a schematic explanatory view of a bank card secure payment system according to a first embodiment of the present invention; FIG. 2 is a schematic explanatory view of a bank card secure payment system according to a second embodiment of the present invention; FIG. 4 is a schematic explanatory diagram of a bank card secure payment system according to a fourth embodiment of the present invention; FIG. 5 is a fifth embodiment of the present invention; FIG. 6 is a schematic diagram showing the image of a bank card secure payment system according to a sixth embodiment of the present invention; FIG. 7 is a bank card according to a seventh embodiment of the present invention; FIG. 8 is a schematic diagram showing the image of a secure payment system for a bank card according to an eighth embodiment of the present invention. FIG. In the figures, the same numerals represent the same systems, devices, and components, and the drawings are schematic for illustrating the constitution and main features of the present invention.
【具体实施方式】 【detailed description】
下面结合附图, 对本发明的方法作进一步详细说明。  The method of the present invention will be further described in detail below with reference to the accompanying drawings.
参阅图 1 , 图 1 是本发明第一实施例的银行卡安全支付系统的形像化 示意说明图, 图 1 中示出的系统包括代表用户的银行卡账户的银行卡 Referring to Figure 1, Figure 1 is a schematic illustration of the image of a bank card secure payment system in accordance with a first embodiment of the present invention. The system shown in Figure 1 includes a bank card representing a user's bank card account.
( 1 ) 和用户的手机(2 ) 、 商户的交易终端 (3 ) 、 支付网络(4 ) 、 账户 安全服务器 (5 ) , 其中, 账户安全服务器 (5 ) 与支付网络(4 )相电讯 连接, 账户安全服务器 ( 5 ) 设有实时通讯服务器端软件,用户的手机(1) with the user's mobile phone (2), the merchant's transaction terminal (3), the payment network ( 4 ), the account security server (5), wherein the account security server (5) is connected to the payment network (4), Account Security Server (5) with real-time communication server software, user's mobile phone
( 2 )设有实时通讯应用程式, 手机 ( 2 )通过该实时通讯应用程式经通讯 网络例如移动电话网络、 WIFI 网络等等无线网络接入账户安全服务器(2) A real-time communication application is provided, and the mobile phone (2) accesses the account security server via the communication network via a communication network such as a mobile phone network, a WIFI network, or the like.
( 5 ) , 商户的交易终端 ( 3 ) 通过有线 /无线网络例如移动电话网络、 WIFI 网络、 区域网络、 互联网络等等各类网络接入支付网络(4 ) , 用户 需要在账户安全服务器( 5 )登记他的银行卡账户的账户资料和手机( 2 ) 资料, 账户安全服务器 ( 5 )记录用户的银行卡账户的账户资料, 将用户 的银行卡账户与该用户的手机(2 )相关联, 以及, 用户在商户的交易终 端 (3)使用其银行卡账户进行支付, 当支付网络(4) 收到商户的交易终 端 (3)传送来属于用户的银行卡账户的交易请求时, 支付网络(4)通过 账户安全服务器(5 )和该银行卡账户相关联的手机(2)进行验证该用户 身份的安全验证, 安全验证成功后支付网络(4) 才继续进行该交易的后 续步骤, 否则拒绝该交易。 在本发明中, 是在原有一般的银行卡支付系统 中, 增加本发明的账户安全服务器 (5 ) , 并在进行支付时, 额外增加安 全验证用户身份的步骤, 通过这账户安全服务器(5 ) 与用户的手机(2) 以实时通讯方式对用户的身份进行安全验证, 安全验证成功后, 支付网络(5), the merchant's transaction terminal (3) accesses the payment network (4) through various wired/wireless networks such as mobile phone network, WIFI network, regional network, internet, etc., and the user needs to be in the account security server (5) Registering the account information and mobile phone (2) data of his bank card account, the account security server (5) records the account information of the user's bank card account, and associates the user's bank card account with the user's mobile phone (2). And, the user’s transaction at the merchant’s end The end (3) uses its bank card account for payment, and when the payment network (4) receives the transaction request of the merchant's transaction terminal (3) that belongs to the user's bank card account, the payment network (4) passes the account security server ( 5) The mobile phone (2) associated with the bank card account performs a security verification to verify the identity of the user. After the security verification is successful, the payment network (4) continues the subsequent steps of the transaction, otherwise the transaction is rejected. In the present invention, in the original general bank card payment system, the account security server (5) of the present invention is added, and when the payment is made, the step of securely verifying the identity of the user is additionally added, through the account security server (5) Secure the user's identity with the user's mobile phone (2) in real-time communication. After the security verification is successful, the payment network
(4)和商户的交易终端 (3)还须要继续执行原来尚未执行的操作, 这些 操作就是本说明书所述的后续步骤, 例如验证用户账户结余、 账户信用额 等等, 由于这些是属于现有银行卡支付应有的操作步骤, 这部分并非本发 明的特征, 所以本说明书不作详细说明。 (4) The transaction terminal (3) with the merchant also needs to continue to perform the operations that have not been performed before. These operations are the subsequent steps described in this specification, such as verifying user account balances, account credits, etc., since these are existing The operation steps of the bank card payment, which are not the features of the present invention, are not described in detail in this specification.
继续参阅图 1,图 1中示出的银行卡安全支付系统所采用的方法包括设 置账户安全服务器(5 ) , 在账户安全服务器(5 )记录用户的银行卡账户 的账户资料, 并将用户的银行卡账户与该用户的手机(2)相关联, 账户 安全服务器 ( 5 ) 与支付网络( 4 )相电讯连接, 账户安全服务器 ( 5 )设 有实时通讯服务器端软件,用户的手机(2)设有实时通讯应用程式, 手机 Continuing to refer to FIG. 1, the method used by the bank card secure payment system shown in FIG. 1 includes setting an account security server (5), recording account information of the user's bank card account in the account security server (5), and The bank card account is associated with the user's mobile phone (2), the account security server (5) is connected to the payment network (4), and the account security server (5) is provided with real-time communication server software, the user's mobile phone (2) Real-time communication app, mobile phone
( 2 )通过该实时通讯应用程式经通讯网络例如移动电话网络、 WIFI 网络 等等无线网络接入账户安全服务器(5 ) , 以及, 当支付网络(4) 收到商 户的交易终端 (3)传送来属于用户的银行卡账户的交易请求时, 支付网 络( 4 )通过账户安全服务器 ( 5 ) 和该银行卡账户的相关联的手机( 2 ) 进行验证该用户身份的安全验证, 安全验证成功后支付网络(4) 才继续 进行该交易的后续步骤, 否则拒绝该交易。 (2) accessing the account security server (5) via the communication network via a communication network such as a mobile phone network, a WIFI network, etc., and, when the payment network (4) receives the transaction terminal (3) of the merchant, When the transaction request belongs to the user's bank card account, the payment network (4) verifies the security verification of the user identity through the account security server (5) and the associated mobile phone (2) of the bank card account, after the security verification is successful. The payment network (4) will proceed with the next steps of the transaction, otherwise the transaction will be rejected.
参阅图 2至图 4, 图 2是本发明第二实施例的银行卡安全支付系统的 形像化示意说明图, 图 3是本发明第三实施例的银行卡安全支付系统的形 像化示意说明图, 图 4 是本发明第四实施例的银行卡安全支付系统的形像 化示意说明图, 图 2至图 4 中分别示出了本发明第二至第四实施例, 分别 示出了采用不同的方式的支付网络(4) 来实现本发明的例子, 以下对这 些不同的实施例子作进一步详细说明。 2 to FIG. 4, FIG. 2 is a schematic explanatory diagram of a bank card security payment system according to a second embodiment of the present invention, and FIG. 3 is a schematic representation of a bank card security payment system according to a third embodiment of the present invention. Figure 4 is an image of a bank card secure payment system according to a fourth embodiment of the present invention 2 to 4 show the second to fourth embodiments of the present invention, respectively, showing an example of implementing the present invention in a different manner of the payment network (4), the following differences The implementation examples are described in further detail.
继续参阅图 2, 图 2示出的第二实施例的支付网络(4) 包括银行卡网 络(401 ) 、 设有商户的银行账户的收单银行( 402 ) 、 设有用户的银行卡 账户的发卡银行 ( 403 ) , 其中, 银行卡网络 (401 ) 分别与收单银行 With continued reference to FIG. 2, the payment network (4) of the second embodiment shown in FIG. 2 includes a bank card network (401), an acquiring bank (402) having a bank account of the merchant, and a bank card account provided with the user. Card issuing bank (403), wherein the bank card network (401) and the acquiring bank respectively
( 402 ) 和发卡银行 ( 403 ) 相电讯连接, 并与所述的账户安全服务器(402) and the issuing bank (403) are connected by telecommunications, and with the account security server
( 5 ) 相电讯连接, 交易终端 ( 3 ) 通过有线 /无线网络例如移动电话网 络、 WIFI 网络、 区域网络、 互联网络等等各类网络接入支付网络(4) 的 收单银行( 402 ) , 银行卡网络(401 ) 于处理属于用户的银行卡账户的交 易请求时, 通过账户安全服务器(5 )和该银行卡账户相关联的手机(2) 进行验证该用户身份的安全验证。 在第二实施例中, 账户安全服务器(5) Phase telecommunications connection, transaction terminal (3) through the wired/wireless network such as mobile phone network, WIFI network, regional network, Internet, etc., various types of network access payment network (4), the acquiring bank (402), The bank card network (401), when processing a transaction request belonging to the user's bank card account, performs security verification of the identity of the user through the account security server (5) and the mobile phone (2) associated with the bank card account. In the second embodiment, the account security server
( 5 ) 与银行卡网络(401 )相电讯连接, 可以将账户安全服务器 (5 ) 整 合于银行卡网络(401 ) 中, 所有通过银行卡网络(401 )处理的交易支付 都可以通过账户安全服务器 (5 )对用户的身份进行安全验证步骤, 从而 保障用户的银行卡账户的安全。 (5) A telecom connection with the bank card network (401), the account security server (5) can be integrated into the bank card network (401), and all transaction payments processed through the bank card network (401) can pass through the account security server. (5) Perform a security verification step on the identity of the user to ensure the security of the user's bank card account.
继续参阅图 3, 图 3示出的第三实施例的支付网络(4) 包括银行卡网 络(401 ) 、 设有商户的银行账户的收单银行( 402 ) 、 设有用户的银行卡 账户的发卡银行 ( 403 ) , 其中, 银行卡网络 (401 ) 分别与收单银行 With continued reference to FIG. 3, the payment network (4) of the third embodiment shown in FIG. 3 includes a bank card network (401), an acquiring bank (402) having a bank account of the merchant, and a bank card account provided with the user. Card issuing bank (403), wherein the bank card network (401) and the acquiring bank respectively
( 402 ) 和发卡银行( 403 )相电讯连接, 发卡银行( 403 ) 与所述的账户 安全服务器 ( 5 )相电讯连接, 交易终端 ( 3 )通过有线 /无线网络例如移 动电话网络、 WIFI 网络、 区域网络、 互联网络等等各类网络接入支付网络(402) and the issuing bank (403) are connected by telecommunications, the issuing bank (403) is connected to the account security server (5), and the transaction terminal (3) is connected via a wired/wireless network such as a mobile phone network, a WIFI network, Regional network, internet and other network access payment networks
( 4 ) 的收单银行(402 ) , 发卡银行( 403 ) 于处理属于用户的银行卡账 户的交易请求时, 通过账户安全服务器 (5 ) 和该银行卡账户相关联的手 机(2) 进行验证该用户身份的安全验证。 在第三实施例中, 账户安全服 务器 ( 5 ) 与发卡银行( 403 )相电讯连接, 可以将账户安全服务器 ( 5 ) 整合于发卡银行( 403 ) 中, 所有属于发卡银行( 403 ) 的银行卡账户的交 易支付都可以通过账户安全服务器 (5 ) 对用户的身份进行安全验证步 骤, 从而保障该银行的银行卡账户的安全。 (4) The acquiring bank (40 2 ), the issuing bank (403), when processing the transaction request belonging to the user's bank card account, through the account security server (5) and the mobile phone (2) associated with the bank card account Verify the security verification of the user's identity. In the third embodiment, the account security server (5) is connected to the issuing bank (403) by telecommunications, and the account security server (5) can be Integrated into the issuing bank (403), all transaction payments for bank card accounts belonging to the issuing bank (403) can be securely verified by the account security server (5) to protect the identity of the user, thereby securing the bank card account of the bank. Safety.
继续参阅图 4, 图 4示出的第四实施例的支付网络(4) 包括银行卡网 络(401 ) 、 设有商户的银行账户的收单银行( 402 ) 、 设有用户的银行卡 账户的发卡银行( 403 ) 、 支付网关 ( 404 ) , 其中, 银行卡网络(401 ) 与发卡银行 ( 403 ) 相电讯连接, 支付网关 ( 404 ) 分别与收单银行 ( 402 ) 和银行卡网络(401 )相电讯连接, 并与所述的账户安全服务器 ( 5 ) 相电讯连接, 交易终端 ( 3 ) 通过有线 /无线网络例如移动电话网 络、 WIFI 网络、 区域网络、 互联网络等等各类网络接入支付网络(4) 的 支付网关 ( 404 ) , 支付网关 ( 404 ) 于处理属于用户的银行卡账户的交易 请求时, 通过账户安全服务器(5 )和该银行卡账户相关联的手机(2)进 行验证该用户身份的安全验证。 在第四实施例中, 支付网络(4) 中包括 了支付网关 ( 404 ) , 这支付网关 ( 404 )是向商户的交易终端 (3) 和收 单银行( 402 )提供网络服务, 很多现有的信用卡支付系统都是采用这种 架构。 在本实施例中, 账户安全服务器(5 ) 与支付网关 ( 404 )相电讯连 接, 可以将账户安全服务器(5 )整合于支付网关 ( 404 ) 中, 所有通过支 付网关 ( 404 ) 的处理的交易支付都可以通过账户安全服务器 (5)对用户 的身份进行安全验证步骤, 从而保障用户的银行卡账户的安全。  With continued reference to FIG. 4, the payment network (4) of the fourth embodiment shown in FIG. 4 includes a bank card network (401), an acquiring bank (402) having a bank account of the merchant, and a bank card account provided with the user. a card issuing bank (403), a payment gateway (404), wherein the bank card network (401) is connected to the issuing bank (403), and the payment gateway (404) is respectively associated with the acquiring bank (402) and the bank card network (401) Phase telecommunications connection, and telecommunications connection with the account security server (5), the transaction terminal (3) through a wired/wireless network such as mobile phone network, WIFI network, regional network, Internet, etc. The payment gateway (404) of the network (4), the payment gateway (404), when processing the transaction request belonging to the user's bank card account, is verified by the account security server (5) and the mobile phone (2) associated with the bank card account. Security verification of this user identity. In the fourth embodiment, a payment gateway (404) is included in the payment network (4), and the payment gateway (404) provides network services to the merchant's transaction terminal (3) and the acquiring bank (402), many existing The credit card payment system uses this architecture. In this embodiment, the account security server (5) is in telecommunication connection with the payment gateway (404), and the account security server (5) can be integrated into the payment gateway (404), and all transactions processed by the payment gateway (404) are processed. The payment can be performed through the account security server (5) to perform security verification steps on the user's identity, thereby ensuring the security of the user's bank card account.
以上已经详细说明本发明的第二至第四实施例, 无论支付网络(4 ) 采用第二实施例或第三实施例或第四实施例的方式来实现, 都可以 ^艮好地 实现本发明的目的, 都是属于本发明的保护范围。  The second to fourth embodiments of the present invention have been described in detail above, and the present invention can be implemented satisfactorily regardless of whether the payment network (4) is implemented by the second embodiment or the third embodiment or the fourth embodiment. The purpose is all within the scope of protection of the present invention.
在本说明书中, 所述的银行卡网络(401 ) 包括 VISA卡网络、 中国银 联卡网终、 万事达卡网终、 美国运通卡 (American Express ) 网终、 日本 JCB 卡网络、 大来卡网络等等受理银行卡支付的网络, 本发明都可以 ^艮好 地应用于这些不同的支付网络。 在本说明书中, 所述的交易终端 (3)是 指可以生成支付交易的设备, 包括一般商户用于收款的 P0S机、 可以受理 信用卡的刷卡机、 用于借记卡支付的刷卡机、 用于非接触式金融卡的读卡 机等等, 也可以是一台计算机或服务器, 例如购物网站的服务器, 提供电 话 /电视购物服务的服务器, 也可以是公共机构用于自动转账收费的账户 服务器, 也可以是银行 ATM取款机, 或网上银行服务中根据用户帐户操作 生成交易的计算机等等, 为了方便说明, 在本说明书中一律称为交易终端In the present specification, the bank card network (401) includes a VISA card network, a China UnionPay card network terminal, a MasterCard network terminal, an American Express card (American Express) network terminal, a Japanese JCB card network, a Diner card network, and the like. The network can be applied to these different payment networks as well as the network that accepts bank card payments. In this specification, the transaction terminal (3) is Refers to equipment that can generate payment transactions, including POS machines used by general merchants for collections, credit card machines that can accept credit cards, credit card machines for debit card payments, card readers for contactless financial cards, etc. It can also be a computer or server, such as a server for a shopping website, a server for providing telephone/television shopping services, an account server for public transfer charges, a bank ATM, or an online banking service. Computers that generate transactions based on user account operations, etc., for convenience of explanation, are referred to as transaction terminals in this specification.
( 3) 。 此外, 在本说明书中所述的银行卡 (1 ) 包括信用卡、 借记卡、 货 记卡、 准货记卡、 转账卡、 取款卡、 提款卡等等之类由银行或金融机构发 行用于支付或交易的卡, 在本说明书中一律称为银行卡 (1 ) 。 至于在本 说明书中所述的手机(2) , 是指可以进行通讯的通讯工具, 包括智能手 机、 平板电脑、 个人数字助理 ( Personal Digital Assistant , 筒称 PDA) 等等可以通过网络进行移动通讯的电子设备, 为了方便说明, 在本 说明书中一律称为手机(2) 。 (3). In addition, the bank card (1) described in this specification includes a credit card, a debit card, a charge card, a charge card, a debit card, a withdrawal card, a withdrawal card, etc., issued by a bank or financial institution. The card for payment or transaction is always referred to as a bank card (1) in this manual. As for the mobile phone (2) described in this manual, it refers to a communication tool that can communicate, including a smartphone, a tablet, a personal digital assistant (PDA), etc., which can communicate via a network. Electronic equipment, for convenience of explanation, is always referred to as mobile phone (2) in this manual.
本发明的主要特征, 是在支付时通过账户安全服务器 (5 ) 与用户的 手机(2) 以实时通讯方式对用户的身份进行安全验证, 账户安全服务器 The main feature of the present invention is to securely authenticate the identity of the user through the account security server (5) and the user's mobile phone (2) at the time of payment, the account security server.
( 5 ) 可以根据风险高低或支付金额采用不同等级的安全验证, 以下对不 同等级的安全验证作进一步详细说明。 (5) Different levels of security verification can be used according to the risk level or payment amount. The following is a detailed description of different levels of security verification.
对于一些小金额支付, 可以采用较筒单等级的安全验证, 例如账户安 全服务器 (5 )核对用户的手机(2 ) 是否已经成功接入账户安全服务器 For some small amount payments, a simpler level of security verification can be used, such as an account security server (5) to check whether the user's mobile phone (2) has successfully accessed the account security server.
( 5 ) , 如该手机(2 ) 已经成功接入账户安全服务器 (5 ) 则安全验证成 功, 否则安全验证失败, 只要用户的手机(2) 处于开机状态, 并且接入 了账户安全服务器 (5 ) , 用户就可以进行小金额支付。 此外, 也可以通 过向用户的手机发送提示信息作为安全验证, 所述的安全验证于支付时, 由账户安全服务器(5 )将有关交易的提示信息传送给用户的手机(2) , 如该提示信息已成功传送给该手机, 则安全验证成功, 否则安全验证失 败。 只要用户的手机(2) 收到提示信息, 就成功完成安全验证, 用户可 以从提示信息中, 知道自己的银行卡账户刚进行了一笔支付交易, 如果用 户并没有进行支付而收到提示信息, 表示可能有人盗用用户的银行卡账 户, 用户就可以立即向银行报告或报警处理, 减少损失。 (5), if the mobile phone (2) has successfully accessed the account security server (5), the security verification is successful, otherwise the security verification fails, as long as the user's mobile phone (2) is powered on, and the account security server is accessed (5) ), the user can make a small amount of payment. In addition, the prompt information may be sent to the user's mobile phone as the security verification. When the security verification is performed, the account security server (5) transmits the prompt information about the transaction to the user's mobile phone (2), such as the prompt. If the information has been successfully transmitted to the phone, the security verification is successful, otherwise the security verification fails. As long as the user's mobile phone (2) receives the prompt message, the security verification is successfully completed, and the user can From the prompt information, I know that my bank card account has just made a payment transaction. If the user does not make a payment and receives a prompt message indicating that someone may have stolen the user's bank card account, the user can immediately report to the bank or Alarm handling, reducing losses.
除了上述筒单等级的安全验证, 对于一些大金额支付, 可以采用较高 等级的安全验证。 要实现这较高等级的安全验证, 须要预先为用户在账户 安全服务器 (5 )设定一个用于确认的确认信息, 这确认信息可以是一个 密码, 或是一个可动态改变的信息。 在用户使用他的银行卡账户进行支付 时, 所述的安全验证除了由账户安全服务器 (5 )将有关交易的提示信息 传送给用户的手机(2 )外, 还包括账户安全服务器(5 )核对用户通过用 户的手机( 2 )返回的确认信息; 如账户安全服务器( 5 )核对该确认信息 正确无误则安全验证成功, 否则安全验证失败。 即使用户的手机(2 ) 和 银行卡 (1 ) 同时被贼人盗取了, 贼人没有正确的确认信息, 是无法进行 大金额支付, 这样就保障了用户的银行卡账户安全。  In addition to the above-mentioned single-level security verification, for some large amounts of payment, a higher level of security verification can be used. To achieve this higher level of security verification, a confirmation message for confirmation must be set up in advance for the user on the account security server (5). This confirmation message can be a password or a dynamically changeable message. When the user uses his bank card account for payment, the security verification includes, in addition to the account security server (5) transmitting the prompt information about the transaction to the user's mobile phone (2), and including the account security server (5) to check The confirmation message returned by the user through the user's mobile phone (2); if the account security server (5) verifies that the confirmation information is correct, the security verification is successful, otherwise the security verification fails. Even if the user's mobile phone (2) and the bank card (1) are stolen by the thief at the same time, the thief does not have the correct confirmation information, and cannot make a large amount of payment, thus ensuring the security of the user's bank card account.
对于一些大金额支付或风险较高的交易支付, 还可以采用更进一步的 安全验证, 要求用户回答一些有关他个人信息的问题来验证用户的身份。 要实现这样的安全验证, 须要在所述的账户安全服务器 (5 )还储存有用 户的个人信息, 例如用户的姓名、 年龄、 地址、 电话号码、 嗜好、 职业、 公司名称和地址等等, 还可以包括用户的亲属的个人信息等等, 也可以包 括用户的最近交易记录等等, 都可以作为用户的个人信息, 账户安全服务 器 (5 ) 进行安全验证时, 随机选取用户的其中部分个人信息来生成一条 或多条验证问题信息, 然后将该验证问题信息传送给该用户的手机 ( 2 ) , 用户要在指定时间内 (例如 15 秒内 )根据该验证问题信息向账户 安全服务器( 5 )返回答案信息, 账户安全服务器( 5 )核对返回的答案信 息是否符合该验证问题信息的正确答案, 如核对全部答案信息都符合验证 问题信息的正确答案无误则安全验证成功, 否则安全验证失败。 例如, 验 证问题信息是 "你的出生地是什么城市" , 或者 "你配隅的职业是什么" 等等与用户个人有关的问题, 用户必须正确回答才能通过安全验证。 此 外, 更可以将每一条验证问题配合一个正确答案和多个类似而错误的答 案, 以选择题方式让用户回答, 方便用户更快返回答案信息。 For some large-value payments or higher-risk transaction payments, further security verification can be used, asking the user to answer some questions about his personal information to verify the identity of the user. To achieve such security verification, the account security server (5) is also required to store the user's personal information, such as the user's name, age, address, phone number, hobby, occupation, company name and address, etc. It may include personal information of the relatives of the user, etc., may also include the user's recent transaction record, etc., and may be used as the personal information of the user. When the account security server (5) performs security verification, randomly select some of the personal information of the user. Generate one or more verification problem information, and then transmit the verification problem information to the user's mobile phone (2), and the user should return to the account security server (5) according to the verification problem information within a specified time (for example, within 15 seconds) Answer information, the account security server (5) checks whether the returned answer information meets the correct answer of the verification question information. If the correct answer to the verification question information is correct, the security verification is successful, otherwise the security verification fails. For example, verify that the question information is "What city is your birthplace," or "What is your occupation?" And other issues related to the user, the user must answer correctly to pass the security verification. In addition, each verification question can be combined with a correct answer and multiple similar and erroneous answers, and the user can answer the question in a multiple-choice manner, so that the user can return the answer information more quickly.
以上所述的不同等级的安全验证, 可以只选择其中之一单独用于本发 明的系统和方法, 也可以选择全部或部分应用于本发明的系统和方法, 并 根据支付金额或交易风险来决定安全验证的等级。 例如小金额支付只须核 对用户的手机(2 ) 已接入账户安全服务器(5 ) ; 又例如用户在商店进行 大金额支付时, 须要用户通过手机(2 )返回正确的确认信息; 又例如用 户进行网上支付, 由于网上支付属于高风险类别, 除了须要用户通过手机 ( 2 )返回正确的确认信息, 还须要用户通过手机(2 ) 回答多条验证问 题, 全部正确回答后才能通过安全验证。 无论采用上述的那一个等级的安 全验证, 都可很好地实现本发明的目的, 都是属于本发明的保护范围。  The different levels of security verification described above may be selected solely for use in the system and method of the present invention, or may be selected in whole or in part for the system and method of the present invention, and may be determined based on payment amount or transaction risk. The level of security verification. For example, a small amount of payment only needs to check the user's mobile phone (2) has access to the account security server (5); for example, when the user makes a large amount of payment in the store, the user needs to return the correct confirmation information through the mobile phone (2); For online payment, since online payment is a high-risk category, in addition to requiring the user to return the correct confirmation message via the mobile phone (2), the user is required to answer multiple verification questions through the mobile phone (2), and all the correct answers can pass the security verification. The object of the present invention is well achieved regardless of the level of safety verification described above, and is within the scope of the present invention.
参阅图 5 , 图 5 是本发明第五实施例的银行卡安全支付系统的形像化 示意说明图, 图 5示出了本发明应用于 ATM取款机的实施例子。 在第五实 施例中, 交易终端 (3 )是银行的 ATM取款机, 支付网络(4 )就是设有用 户银行卡账户的银行及其 ATM 网络, 用户使用他的银行卡(1 )在 ATM取 款机进行交易时, 例如取款、 转账等属于从用户的银行卡账户支出款项的 交易, 支付网络(4 )立即通过账户安全服务器(5 )和该银行卡账户的相 关联的手机(2 ) 进行验证该用户身份的安全验证, 安全验证成功后用户 才能成功进行该交易, 否则支付网络(4 )拒绝该交易。  Referring to Fig. 5, Fig. 5 is a schematic explanatory view showing the image of a bank card secure payment system according to a fifth embodiment of the present invention, and Fig. 5 is a view showing an embodiment of the present invention applied to an ATM cash machine. In the fifth embodiment, the transaction terminal (3) is a bank ATM machine, and the payment network (4) is a bank having a user bank card account and its ATM network, and the user uses his bank card (1) to withdraw money at the ATM. When the machine conducts a transaction, such as withdrawal, transfer, etc., which belongs to the payment from the user's bank card account, the payment network (4) immediately verifies through the account security server (5) and the associated mobile phone (2) of the bank card account. The user's identity is verified securely, and the user can successfully perform the transaction after the security verification is successful, otherwise the payment network (4) rejects the transaction.
参阅图 6 , 图 6 是本发明第六实施例的银行卡安全支付系统的形像化 示意说明图, 图 6 示出了本发明应用于网上银行服务的实施例子。 在第六 实施例中, 所述的交易终端 (3 )是网上银行服务器, 用户使用可上网的 计算机即上网终端 (7 )通过互联网络(6 )接入网上银行服务器进行账户 操作, 例如转账、 缴费、 买股票等属于从用户的银行卡账户支出款项的交 易, 网上银行服务器根据用户的操作生成交易信息, 并向支付网络(4 ) 发出交易请求, 要求从用户的银行卡账户进行支付, 支付网络(4) 立即 通过账户安全服务器(5)和该银行卡账户相关联的手机(2)进行验证该 用户身份的安全验证, 安全验证成功后支付网络(4) 才进行该交易的支 付, 网上银行服务器才能完成该账户操作, 否则支付网络(4)拒绝该交 易的支付, 令网上银行服务器不能完成该账户操作。 本实施例与一般的网 上银行系统相比, 本实施例让用户通过手机(2) 掌握自己的银行卡账户 的安全, 即使黑客盗取了用户的银行卡账户资料, 黑客没有用户的手机Referring to Fig. 6, there is shown a schematic diagram of the image of the bank card secure payment system of the sixth embodiment of the present invention, and Fig. 6 shows an example of the application of the present invention to the online banking service. In the sixth embodiment, the transaction terminal (3) is an online banking server, and the user accesses the online banking server through the internet (6) using an internet-connected computer (7) to perform account operations, such as transfer, Payment, purchase of stocks, etc. belong to the transaction of the payment from the user's bank card account, the online banking server generates transaction information according to the user's operation, and to the payment network (4) Issue a transaction request, request payment from the user's bank card account, and the payment network (4) immediately verify the identity of the user through the account security server (5) and the mobile phone (2) associated with the bank card account, security verification After the successful payment network (4), the payment of the transaction is performed, and the online banking server can complete the operation of the account, otherwise the payment network (4) rejects the payment of the transaction, and the online banking server cannot complete the operation of the account. Compared with the general online banking system, this embodiment allows the user to grasp the security of his bank card account through the mobile phone (2), even if the hacker steals the user's bank card account information, the hacker does not have the user's mobile phone.
( 2 )是无法成功通过网上银行盗用用户的银行卡账户。 (2) It is impossible to successfully steal the user's bank card account through online banking.
参阅图 7, 图 7 是本发明第七实施例的银行卡安全支付系统的形像化 示意说明图, 图 7 示出了本发明应用于网络购物的实施例子。 在第七实施 例中, 所述的交易终端 (3)是购物网站 /网上商城 /网上商店 /软件网站 / 音乐网站 /电影网站 /等等通过网络进行销售货品 /软件 /服务 /影音等等之 类的网络商店的电子商务服务器, 用户使用上网终端 (7)通过互联网络 Referring to Figures 7, Figure 7 is a schematic illustration of the image of a bank card secure payment system in accordance with a seventh embodiment of the present invention, and Figure 7 shows an embodiment of the present invention applied to online shopping. In the seventh embodiment, the transaction terminal (3) is a shopping website/online mall/online store/software website/music website/movie website/etc., which sells goods/software/services/videos, etc. through the network. E-commerce server of the class network store, the user uses the internet terminal (7) through the internet
(6)登入电子商务服务器即交易终端 (3) 下订单, 电子商务服务器根据 用户的订单生成交易信息, 并向支付网络(4)发出交易请求, 要求从用 户的银行卡账户进行支付, 支付网络( 4 )立即通过账户安全服务器( 5 ) 和该银行卡账户相关联的手机(2) 进行验证用户身份的安全验证, 安全 验证成功后支付网络(4) 才进行该订单交易的支付, 否则支付网络(4) 拒绝该订单交易的支付。 此外, 本实施例也同样适用于电视购物和电话购 物等等的电子商户, 用户下订单购物付款时, 支付网络(4) 立即通过账 户安全服务器( 5 )和用户的手机( 2 )进行验证该用户身份的安全验证, 安全验证成功后支付网络(4) 才进行该订单交易的支付, 否则支付网络(6) Logging in to the e-commerce server, ie, the transaction terminal (3) placing an order, the e-commerce server generates transaction information according to the user's order, and issues a transaction request to the payment network (4), requesting payment from the user's bank card account, and paying the network. (4) Immediately verify the identity of the user through the account security server (5) and the mobile phone (2) associated with the bank card account. After the security verification is successful, the payment network (4) will pay for the order transaction, otherwise the payment will be made. The network (4) rejects the payment for the order transaction. In addition, the embodiment is also applicable to an electronic merchant such as a TV shopping and a telephone shopping. When the user places an order for payment, the payment network (4) immediately verifies the account through the account security server (5) and the user's mobile phone (2). The security verification of the user identity, after the security verification is successful, the payment network (4) will pay for the order transaction, otherwise the payment network
(4)拒绝该订单交易的支付。 (4) Refusal of payment for the order transaction.
参阅图 8, 图 8 是本发明第八实施例的银行卡安全支付系统的形像化 示意说明图, 图 8 示出了本发明应用于自动转账付费的实施例子。 在第八 实施例中, 所述的交易终端 ( 3)是自动转账账务系统, 这自动转账账务 系统就是公共机构例如: 电力公司、 煤气公司、 电话公司等等之类的公司 的账务系统服务器, 这些自动转账账务系统通常会定期通过银行从用户的 银行账户转账交费。 自动转账虽然方便快捷, 但是很多自动转账账单并不 是固定金额的, 而是根据用量而定, 用户一般在自动转账完成后收到月结 单才知道转账金额, 很多用户因担心会被多收费用而不敢使用自动转账, 令自动转账难以广泛推行。 在本实施例中, 当自动转账账务系统即交易终 端 (3 ) 向银行即支付网络(4 )要求从用户的银行卡账户自动转账收取费 用时, 例如电力公司从用户的银行卡账户自动转账收取电费, 支付网络 ( 4 ) 立即通过账户安全服务器 ( 5 ) 和该银行卡账户的相关联的手机 ( 2 ) 进行验证该用户身份的安全验证, 安全验证成功后银行即支付网络 ( 4 ) 才进行该自动转账支付, 否则支付网络( 4 )拒绝执行该自动转账支 用户就不用担心会被多收费用, 有利于自动转账的推广。 以上述的实施例加以说明, 但是本发明并不仅限于此, 在不离开本发明的 精神和所附权利要求书的范围的情况下, 可以作多种改变和变化。 Referring to FIG. 8, FIG. 8 is a schematic explanatory diagram of a bank card secure payment system according to an eighth embodiment of the present invention, and FIG. 8 is a view showing an embodiment of the present invention applied to automatic transfer payment. In the eighth embodiment, the transaction terminal (3) is an automatic transfer accounting system, and the automatic transfer account The system is the accounting system server of a public institution such as a power company, a gas company, a telephone company, etc. These automatic transfer accounting systems usually transfer funds from the user's bank account through the bank on a regular basis. Although automatic transfer is convenient and fast, many automatic transfer bills are not fixed amount, but depending on the usage. Users usually receive the monthly statement after the automatic transfer is completed, and many users know that they will be charged more. I don't dare to use automatic transfer, making automatic transfer difficult to implement widely. In this embodiment, when the automatic transfer accounting system, that is, the transaction terminal (3) requests the bank's payment network (4) to automatically transfer money from the user's bank card account, for example, the power company automatically transfers money from the user's bank card account. To charge the electricity fee, the payment network (4) immediately verify the identity of the user through the account security server (5) and the associated mobile phone (2) of the bank card account. After the security verification is successful, the bank is the payment network (4). The automatic transfer payment is made, otherwise the payment network (4) refuses to execute the automatic transfer branch, and the user does not have to worry about being charged more, which is beneficial to the promotion of automatic transfer. The invention is described in the above-described embodiments, but the invention is not limited thereto, and various changes and modifications can be made without departing from the spirit and scope of the invention.
本发明的利用实时通讯的银行卡安全支付系统和方法, 可以保障用户 的银行卡账户的安全。 本发明的实施, 会带来良好的效益, 对银行和用户 都十分裨益。  The bank card secure payment system and method using the real-time communication of the invention can protect the security of the user's bank card account. The implementation of the present invention brings good benefits and is beneficial to both banks and users.

Claims

权利要求 Rights request
1. 一种银行卡安全支付系统, 其特征在于, 所述的系统包括用户的银行 卡账户和手机(2) 、 商户的交易终端 (3) 、 支付网络(4) 、 账户 安全服务器 (5) , 其中, 账户安全服务器 (5) 与支付网络(4)相 电讯连接, 账户安全服务器(5)设有实时通讯服务器端软件,用户的 手机 ( 2 )设有实时通讯应用程式, 手机 ( 2 )通过该实时通讯应用程 式接入账户安全服务器 ( 5 ) , 交易终端 ( 3 )接入支付网络( 4 ) , 账户安全服务器 ( 5 )记录用户的银行卡账户的账户资料, 用户的银 行卡账户与该用户的手机(2)相关联, 以及, 当支付网络(4) 收到 商户的交易终端 (3)传送来属于用户的银行卡账户的交易请求时, 支付网络(4)通过账户安全服务器(5)和该银行卡账户相关联的手 机(2) 进行验证该用户身份的安全验证, 安全验证成功后支付网络A bank card secure payment system, characterized in that the system comprises a user's bank card account and a mobile phone (2), a merchant's transaction terminal (3), a payment network (4), and an account security server (5) , wherein the account security server (5) is connected to the payment network (4), the account security server (5) is provided with real-time communication server software, and the user's mobile phone (2) is provided with a real-time communication application, the mobile phone (2) The real-time communication application accesses the account security server (5), the transaction terminal (3) accesses the payment network (4), the account security server (5) records the account information of the user's bank card account, and the user's bank card account and The user's mobile phone (2) is associated, and, when the payment network (4) receives the merchant's transaction terminal (3) to transmit a transaction request belonging to the user's bank card account, the payment network (4) passes the account security server ( 5) The mobile phone (2) associated with the bank card account is used to verify the security of the user identity, and the payment network is successful after the security verification is successful.
(4) 才继续进行该交易的后续步骤, 否则拒绝该交易。 (4) Continue the subsequent steps of the transaction, otherwise reject the transaction.
2. 如权利要求 1 所述的银行卡安全支付系统, 其特征在于, 所述的支付 网络(4) 包括银行卡网络(401) 、 设有商户的银行账户的收单银行2. The bank card secure payment system according to claim 1, wherein said payment network (4) comprises a bank card network (401), an acquiring bank having a bank account of the merchant
( 402 ) 、 设有用户的银行卡账户的发卡银行( 403 ) , 其中, 银行卡 网络 (401 ) 分别与收单银行 (402 ) 和发卡银行 ( 403 ) 相电讯连 接, 并与所述的账户安全服务器(5)相电讯连接, 交易终端 (3)接 入支付网络( 4 ) 的收单银行( 402 ) , 银行卡网络( 401 ) 于处理属 于用户的银行卡账户的交易请求时, 通过账户安全服务器 (5) 和该 银行卡账户相关联的手机(2)进行验证该用户身份的安全验证。 (402), a card issuing bank (403) having a user's bank card account, wherein the bank card network (401) is respectively connected with the acquiring bank (40 2 ) and the issuing bank (403), and when the account security server (5) connected with telecommunications transaction terminal (3) access payment network (4) acquiring bank (402), a network card (401) to process the transaction request is the user's bank card account The security verification of the identity of the user is verified by the account security server (5) and the mobile phone (2) associated with the bank card account.
3. 如权利要求 1 所述的银行卡安全支付系统, 其特征在于, 所述的支付 网络(4) 包括银行卡网络(401) 、 设有商户的银行账户的收单银行 ( 402 ) 、 设有用户的银行卡账户的发卡银行( 403 ) , 其中, 银行卡 网络 (401 ) 分别与收单银行 (402 ) 和发卡银行 ( 403 ) 相电讯连 接, 发卡银行( 403 ) 与所述的账户安全服务器(5 )相电讯连接, 交 易终端 ( 3 ) 接入支付网络 ( 4 ) 的收单银行 ( 402 ) , 发卡银行3. The bank card secure payment system according to claim 1, wherein said payment network (4) comprises a bank card network (401), an acquiring bank having a bank account of the merchant (402), a card issuing bank (403) having a user's bank card account, wherein the bank card network (401) is respectively connected with the acquiring bank (40 2 ) and the issuing bank (403), and the issuing bank (403) Telecommunications connection with the security server account (5), the transaction terminal (3) access payment network (4) acquiring bank (402), the issuing bank
( 403 ) 于处理属于用户的银行卡账户的交易请求时, 通过账户安全 服务器( 5 )和该银行卡账户相关联的手机( 2 )进行验证该用户身份 的安全 3全证。 (403) When processing a transaction request belonging to the user's bank card account, the security of the user identity is verified by the account security server (5) and the mobile phone (2) associated with the bank card account.
4. 如权利要求 1 所述的银行卡安全支付系统, 其特征在于, 所述的支付 网络(4 ) 包括银行卡网络(401 ) 、 设有商户的银行账户的收单银行 ( 402 ) 、 设有用户的银行卡账户的发卡银行 ( 403 ) 、 支付网关 ( 404 ) , 其中, 银行卡网络 (401 ) 与发卡银行 ( 403 ) 相电讯连 接, 支付网关 ( 404 ) 分别与收单银行(402 ) 和银行卡网络(401 ) 相电讯连接, 并与所述的账户安全服务器 (5 )相电讯连接, 交易终 端 (3 )接入支付网络(4 ) 的支付网关 ( 404 ) , 支付网关 ( 404 ) 于 处理属于用户的银行卡账户的交易请求时, 通过账户安全服务器 ( 5 )和该银行卡账户相关联的手机( 2 )进行验证该用户身份的安全 验证。 4. The bank card secure payment system according to claim 1, wherein the payment network (4) comprises a bank card network (401), an acquiring bank (402) having a bank account of the merchant, and a card issuing bank (403) having a bank card account of the user, and a payment gateway (404), wherein the bank card network (401) is connected to the issuing bank (403), and the payment gateway (404) is separately associated with the acquiring bank (40 2 ) is connected to the bank card network (401) by telecommunications, and is connected to the account security server (5), and the transaction terminal (3) accesses the payment gateway (404) of the payment network (4), and the payment gateway (404) When the transaction request belonging to the user's bank card account is processed, the account security server (5) and the mobile phone (2) associated with the bank card account are used to verify the security of the user identity.
5. 如权利要求 2至 4任一项所述的银行卡安全支付系统, 其特征在于, 所述的银行卡网络(401 ) 包括 VISA卡网络、 中国银联卡网络、 万事 达卡网络、 美国运通卡网络、 日本 JCB卡网络、 大来卡网络。 The bank card security payment system according to any one of claims 2 to 4, wherein the bank card network (401) comprises a VISA card network, a China UnionPay card network, a MasterCard network, an American Express card. Network, Japan JCB card network, Diners card network.
6. 如权利要求 1至 4任一项所述的银行卡安全支付系统, 其特征在于, 所述的交易终端 ( 3 )是银行的 ATM取款机。 The bank card secure payment system according to any one of claims 1 to 4, characterized in that the transaction terminal (3) is a bank ATM machine.
7. 如权利要求 1至 4任一项所述的银行卡安全支付系统, 其特征在于, 所述的交易终端 (3 )是网上银行服务器。 The bank card secure payment system according to any one of claims 1 to 4, characterized in that the transaction terminal (3) is an online banking server.
8. 如权利要求 1至 4任一项所述的银行卡安全支付系统, 其特征在于, 所述的交易终端 (3 )是网络商店的电子商务服务器。 The bank card secure payment system according to any one of claims 1 to 4, characterized in that the transaction terminal (3) is an e-commerce server of a network store.
9. 如权利要求 1至 4任一项所述的银行卡安全支付系统, 其特征在于, 所述的交易终端 (3 )是自动转账账务系统。 The bank card secure payment system according to any one of claims 1 to 4, characterized in that the transaction terminal (3) is an automatic transfer accounting system.
10. 一种银行卡安全支付方法, 其特征在于, 所述的方法包括设置账户安 全服务器( 5 ) , 在账户安全服务器( 5 )记录用户的银行卡账户的账 户资料, 并将用户的银行卡账户与该用户的手机(2 )相关联, 账户 安全服务器 ( 5 ) 与支付网络 ( 4 ) 相电讯连接, 账户安全服务器10. A method for secure payment of a bank card, characterized in that the method comprises setting an account security server (5), recording account information of a user's bank card account at the account security server (5), and placing the user's bank card The account is associated with the user's mobile phone (2), the account security server (5) is connected to the payment network (4), and the account security server
( 5 )设有实时通讯服务器端软件,用户的手机( 2 )设有实时通讯应 用程式, 手机 (2 ) 通过该实时通讯应用程式接入账户安全服务器(5) With real-time communication server software, the user's mobile phone (2) has a real-time communication application, and the mobile phone (2) accesses the account security server through the real-time communication application.
( 5 ) , 以及, 当支付网络(4 ) 收到商户的交易终端 (3 )传送来属 于用户的银行卡账户的交易请求时, 支付网络(4 )通过账户安全服 务器( 5 )和该银行卡账户的相关联的手机( 2 )进行验证该用户身份 的安全验证, 安全验证成功后支付网络(4 ) 才继续进行该交易的后 续步骤, 否则拒绝该交易。 (5), and, when the payment network (4) receives the transaction request of the merchant's transaction terminal (3) belonging to the user's bank card account, the payment network (4) passes the account security server (5) and the bank card The associated mobile phone of the account (2) performs a security verification to verify the identity of the user. After the security verification is successful, the payment network (4) continues the subsequent steps of the transaction, otherwise the transaction is rejected.
11. 如权利要求 10 所述的银行卡安全支付方法, 其特征在于, 所述的安 全验证包括账户安全服务器 (5 ) 将有关所述交易的提示信息传送给 用户的手机(2 ) , 如该提示信息已成功传送给该手机, 则安全验证 成功, 否则安全 3全证失败。 11. The bank card secure payment method according to claim 10, wherein the security verification comprises the account security server (5) transmitting the prompt information about the transaction to the user's mobile phone (2), such as If the prompt information has been successfully transmitted to the mobile phone, the security verification is successful, otherwise the security 3 fails.
2. 如权利要求 11 所述的银行卡安全支付方法, 其特征在于, 所述的安 全验证还包括账户安全服务器( 5 )核对用户通过用户的手机( 2 )返 回的确认信息; 如账户安全服务器 (5 )核对该确认信息正确无误则 安全验证 功 , 否则安全 3全证失败。 3. 如权利要求 10 至 12 任一项所述的银行卡安全支付方法, 其特征在 于, 所述的账户安全服务器 (5 )储存有用户的个人信息, 账户安全 服务器 (5 ) 进行安全验证时, 随机选取用户的其中部分个人信息来 生成验证问题信息, 然后将该验证问题信息传送给该用户的手机2. The bank card secure payment method according to claim 11, wherein the security verification further comprises an account security server (5) checking the confirmation information returned by the user through the user's mobile phone (2); for example, an account security server (5) If the verification information is correct and correct, the security verification function is obtained, otherwise the security 3 fails. The bank card secure payment method according to any one of claims 10 to 12, wherein the account security server (5) stores personal information of the user, and the account security server (5) performs security verification. , randomly selecting some of the personal information of the user to generate verification problem information, and then transmitting the verification problem information to the user's mobile phone
( 2 ) , 用户要在指定时间内根据该验证问题信息向账户安全服务器 ( 5 )返回答案信息, 账户安全服务器( 5 )核对返回的答案信息是否 符合该验证问题信息的正确答案, 如核对答案信息符合正确答案无误 则安全 3全证成功, 否则安全 3全证失败。 (2), the user needs to return the answer information to the account security server (5) according to the verification question information within a specified time, and the account security server (5) checks whether the returned answer information meets the correct answer of the verification question information, such as checking the answer. If the information meets the correct answer, then the security 3 is successful, otherwise the security 3 fails.
PCT/CN2013/073030 2013-03-22 2013-03-22 Secure payment system and method for bank card by using real-time communication WO2014146286A1 (en)

Priority Applications (3)

Application Number Priority Date Filing Date Title
PCT/CN2013/073030 WO2014146286A1 (en) 2013-03-22 2013-03-22 Secure payment system and method for bank card by using real-time communication
CN201380074977.1A CN105247549A (en) 2013-03-22 2013-03-22 Bank card security payment system and method using real-time communication
HK16107977.4A HK1220025A1 (en) 2013-03-22 2013-03-22 Secure payment system and method for bank card by using real-time communication

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
PCT/CN2013/073030 WO2014146286A1 (en) 2013-03-22 2013-03-22 Secure payment system and method for bank card by using real-time communication

Publications (1)

Publication Number Publication Date
WO2014146286A1 true WO2014146286A1 (en) 2014-09-25

Family

ID=51579299

Family Applications (1)

Application Number Title Priority Date Filing Date
PCT/CN2013/073030 WO2014146286A1 (en) 2013-03-22 2013-03-22 Secure payment system and method for bank card by using real-time communication

Country Status (3)

Country Link
CN (1) CN105247549A (en)
HK (1) HK1220025A1 (en)
WO (1) WO2014146286A1 (en)

Cited By (2)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
WO2016108783A1 (en) 2014-12-31 2016-07-07 Turkcell Teknoloji Arastirma Ve Gelistirme A. S. A payment system and method
CN114760315A (en) * 2022-01-28 2022-07-15 上海皓卡网络技术有限公司 Method for comprehensively solving security of bank card end to end

Families Citing this family (1)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN110728580A (en) * 2019-10-16 2020-01-24 神州数码融信软件有限公司 Financial transaction control method

Citations (4)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
WO2002029742A1 (en) * 2000-10-05 2002-04-11 Societe Ntsys Sa Secure internet paying agent with mobile telephone validation
CN101599192A (en) * 2009-04-24 2009-12-09 北京华大智宝电子系统有限公司 Realize the method for security guard of bank card
CN102208069A (en) * 2010-03-31 2011-10-05 黄金富 Bank online payment system of confirmation by using mobile phone as another way and method thereof
CN102542452A (en) * 2011-11-09 2012-07-04 王筱雨 Method and system for verifying transaction passwords of point-of-sale (POS) machine terminal

Patent Citations (4)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
WO2002029742A1 (en) * 2000-10-05 2002-04-11 Societe Ntsys Sa Secure internet paying agent with mobile telephone validation
CN101599192A (en) * 2009-04-24 2009-12-09 北京华大智宝电子系统有限公司 Realize the method for security guard of bank card
CN102208069A (en) * 2010-03-31 2011-10-05 黄金富 Bank online payment system of confirmation by using mobile phone as another way and method thereof
CN102542452A (en) * 2011-11-09 2012-07-04 王筱雨 Method and system for verifying transaction passwords of point-of-sale (POS) machine terminal

Cited By (2)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
WO2016108783A1 (en) 2014-12-31 2016-07-07 Turkcell Teknoloji Arastirma Ve Gelistirme A. S. A payment system and method
CN114760315A (en) * 2022-01-28 2022-07-15 上海皓卡网络技术有限公司 Method for comprehensively solving security of bank card end to end

Also Published As

Publication number Publication date
HK1220025A1 (en) 2017-04-21
CN105247549A (en) 2016-01-13

Similar Documents

Publication Publication Date Title
JP5430701B2 (en) System and method for validating financial instruments
US20140297435A1 (en) Bank card secured payment system and method using real-time communication technology
US9256869B2 (en) Authentication and verification services for third party vendors using mobile devices
RU2556453C2 (en) System and method for authentication of transactions without car with help of mobile device
US20170024738A1 (en) System and method for electronic payment using payment server provided transaction link codes
US20120028612A1 (en) Method and system for verifying an identification of a person
CN101072384A (en) Mobile phone payment method and system based on mobile phone bank
CN111784347B (en) Resource transfer method and device
JP2010506262A (en) System and method for making payments
CN101964090A (en) Unionpay payment system and method for respectively authenticating identity and payment amount by using double cards
US20230120485A1 (en) Token-For-Token Provisioning
KR20120133706A (en) Apparatus for registration card and method of the same
WO2016088087A1 (en) Third party access to a financial account
WO2014032206A1 (en) Quick payment system and corresponding method
TWM577549U (en) Virtual wallet account payment system
WO2014146286A1 (en) Secure payment system and method for bank card by using real-time communication
CN113837762B (en) Digital currency payment method and device
KR102081836B1 (en) Method for authenticating real name in non-facing by using account of financial institution server
KR101604656B1 (en) System for consenting settlement and automacic transfer
TWI662493B (en) Debit authorization method and system
EP4552284A1 (en) Token services for non-fungible tokens
HK40039076B (en) Resource transfer method and device
KR20050009330A (en) Billing in credit method in internet with mobile communicating device without any accessory instrument and programs about it to be readable by the computer
KR20170118661A (en) On/Off-line Banking Transaction Method for Preventing illegal use of Card
KR20070033233A (en) Wired and wireless terminals and methods for electronic payment

Legal Events

Date Code Title Description
121 Ep: the epo has been informed by wipo that ep was designated in this application

Ref document number: 13879152

Country of ref document: EP

Kind code of ref document: A1

NENP Non-entry into the national phase

Ref country code: DE

122 Ep: pct application non-entry in european phase

Ref document number: 13879152

Country of ref document: EP

Kind code of ref document: A1