CN105787718A

CN105787718A - Business logistics safe payment method based on cash on delivery

Info

Publication number: CN105787718A
Application number: CN201610078559.5A
Authority: CN
Inventors: 王艳玲
Original assignee: Zhejiang Wanli College
Current assignee: Zhejiang Wanli College
Priority date: 2016-02-03
Filing date: 2016-02-03
Publication date: 2016-07-20

Abstract

The invention relates to a secure payment method for business logistics based on cash on delivery. After the dispatcher's hand-held POS terminal is connected to the recipient's mobile smart terminal, the hand-held POS terminal and the mobile smart terminal both send their current location, current location noise and air flow respectively. The humidity is sent to the certification agency, and the certification agency judges that the two parties to the payment are located in a safe transaction space distance, and the difference between the current location noise and the air humidity of the two parties are both within the safe range, and send the transaction key to the payment party of the cash on delivery. The mobile smart The terminal judges that the current payment password is entered by its legal owner according to the pressure database of the left and right hands of each button it has built, and transfers the fee to the account of the logistics company; during the cash-on-delivery transaction process, the tax supervision system monitors the completion of the transaction order in real time The situation, and after the transaction is successful, the banking system will deduct the business tax of the merchant and the logistics company on its behalf.

Description

Safe payment method for business logistics based on cash on delivery

技术领域technical field

本发明涉及商务物流领域，尤其涉及一种基于货到付款的商务物流安全支付方法。The invention relates to the field of commercial logistics, in particular to a cash-on-delivery-based secure payment method for commercial logistics.

背景技术Background technique

近年来，随着电子商务的快速发展，越来越多的消费者喜欢通过网络平台进行购物，以此选择自己心爱的商品。在商品选择完成后，网络平台会提供在线支付或货到付款的方式对所选商品进行支付。其中，消费者为了避免因所选商品实物与描述不一致的情况，消费者会倾向于选择货到付款的方式支付所购物品。货到付款方式是指，在消费者提交基本订单信息后，由物流公司在商家处取货后，将商品派送至消费者处，消费者满意后，则利用现金或者POS刷卡的方式支付商品费用以及物流公司的快速费用，消费者支付的这两笔费用由物流公司暂时保存，并按期规定，在一定时期内将商品的费用转移给商家，从而完成货到付款的整个过程。In recent years, with the rapid development of e-commerce, more and more consumers like to shop through online platforms to choose their favorite products. After the selection of goods is completed, the network platform will provide online payment or cash on delivery to pay for the selected goods. Among them, in order to avoid the inconsistency between the actual product and the description of the selected product, the consumer will tend to choose the method of cash on delivery to pay for the purchased product. The cash on delivery method means that after the consumer submits the basic order information, the logistics company picks up the goods at the merchant and then delivers the goods to the consumer. After the consumer is satisfied, he pays for the goods by cash or POS card. As well as the express fee of the logistics company, the two fees paid by the consumer are temporarily saved by the logistics company, and the cost of the goods is transferred to the merchant within a certain period of time according to the schedule, so as to complete the entire process of cash on delivery.

在现有物流公司替代商家收费的货到付款中，仍然存在一些问题：首先，当消费者利用POS进行刷卡时会存在支付安全问题，例如，在货到付款的支付过程中，交易信息容易被恶意第三方破解，对消费者或物流公司带来经济损失；其次，现有的货到付款方式缺少对商家和物流公司更为准确的税收监管，导致部分商家或物流公司出现逃税行为，减少了国家的税收收入。There are still some problems in the cash-on-delivery payment that the existing logistics companies replace merchants' charges: First, there will be payment security problems when consumers use POS to swipe their cards. For example, during the cash-on-delivery payment process, transaction information is easily Malicious third-party cracking will bring economic losses to consumers or logistics companies; secondly, the existing cash on delivery method lacks more accurate tax supervision for merchants and logistics companies, resulting in tax evasion by some merchants or logistics companies, reducing the State tax revenue.

发明内容Contents of the invention

本发明所要解决的技术问题是针对上述现有技术提供一种既能便捷、安全地完成商品的货到付款、保证货到付款交易安全，又可以对网购平台的商家和物流公司进行有效税收监管的基于货到付款的商务物流安全支付方法。The technical problem to be solved by the present invention is to provide a cash-on-delivery system that can conveniently and safely complete the cash on delivery of goods and ensure the security of the cash-on-delivery transaction, and can effectively supervise the taxation of merchants and logistics companies on online shopping platforms. A safe payment method for business logistics based on cash on delivery.

本发明解决上述技术问题所采用的技术方案为：基于货到付款的商务物流安全支付方法，用于商家终端、网上购物平台、消费者终端、物流公司管理平台、认证机构、银行系统以及税务监管系统构成的商务物流支付交易系统，其特征在于，依次包括如下步骤：The technical solution adopted by the present invention to solve the above-mentioned technical problems is: a cash-on-delivery-based commercial logistics security payment method, which is used for merchant terminals, online shopping platforms, consumer terminals, logistics company management platforms, certification agencies, banking systems and tax supervision The commercial logistics payment transaction system composed of the system is characterized in that it includes the following steps in sequence:

(1)商家和物流公司分别在银行系统注册各自的收款账户，在税务监管系统登记各自的纳税识别号，并在网上购物平台登记各自的纳税识别号；(1) Merchants and logistics companies register their respective collection accounts in the banking system, register their respective tax identification numbers in the tax supervision system, and register their respective tax identification numbers on the online shopping platform;

(2)物流公司管理平台对其具有NFC功能的各手持POS终端均进行备案，建立各手持POS终端分别与银行系统、认证机构的通信连接，利用手持POS终端分别发送认证请求给银行系统和认证机构，银行系统生成其与手持POS终端通信的公钥、手持POS终端的金融认证证书集合，并发送金融认证证书集合和公钥给手持POS终端；认证机构生成其与手持POS终端通信的公钥、手持POS终端的信用认证证书集合，并发送信用认证证书集合和公钥给手持POS终端；其中：(2) The management platform of the logistics company records all handheld POS terminals with NFC functions, establishes communication connections between each handheld POS terminal and the banking system and certification agency, and uses the handheld POS terminal to send certification requests to the banking system and certification authority respectively. Institutions and banking systems generate their public keys for communication with handheld POS terminals, financial authentication certificate sets for handheld POS terminals, and send financial authentication certificate sets and public keys to handheld POS terminals; certification agencies generate public keys for communication with handheld POS terminals , the set of credit authentication certificates of the handheld POS terminal, and send the set of credit authentication certificates and the public key to the handheld POS terminal; where:

所述手持POS终端记为POS，银行系统记为BANK，认证机构记为TSM，手持POS终端的金融认证证书集合标记为Cert(BANK_POS)，银行系统与手持POS终端的公钥记为k(POS,BANK)；手持POS终端的信用认证证书集合标记为Cert(TSM_POS)，认证机构与手持POS终端公钥记为k(POS,TSM)；其中：Described hand-held POS terminal is marked as POS, and bank system is marked as BANK, and certification agency is marked as TSM, and the financial authentication certificate set mark of hand-held POS terminal is Cert(BANK _POS ), and the public key of bank system and hand-held POS terminal is marked as k( POS, BANK); the credit authentication certificate set of the handheld POS terminal is marked as Cert(TSM _POS ), and the certification authority and the public key of the handheld POS terminal are marked as k(POS,TSM); where:

Cert(TSM_POS)＝{Cert¹(TSM_POS),Cert²(TSM_POS),···,Cert^m(TSM_POS)}；Cert(TSM _POS )＝{Cert ¹ (TSM _POS ),Cert ² (TSM _POS ),...,Cert ^m (TSM _POS )};

Cert(BANK_POS)＝{Cert¹(BANK_POS),Cert²(BANK_POS),···,Cert^m(BANK_POS)}；m≥3；Cert(BANK _POS )＝{Cert ¹ (BANK _POS ),Cert ² (BANK _POS ),...,Cert ^m (BANK _POS )}; m≥3;

其中，m表示手持POS终端可用的金融认证证书和信用认证证书个数，手持POS终端的信用认证证书与其金融认证证书为一一对应关系；手持POS终端信用认证证书集合中的各信用认证证书以及其金融认证证书集合中的各金融认证证书遵循遍历使用规则且均限制使用一次；Among them, m represents the number of financial authentication certificates and credit authentication certificates available for handheld POS terminals, and the credit authentication certificates of handheld POS terminals have a one-to-one correspondence with their financial authentication certificates; each credit authentication certificate in the credit authentication certificate set of handheld POS terminals and Each financial authentication certificate in its financial authentication certificate set follows the traversal usage rules and is limited to one use;

(3)商家在网上购物平台登记纳税识别号，并通过商家终端在网上购物平台发布商品信息，消费者利用消费者终端在网上购物平台选择目标商品后，登记所购商品的收件人联系信息，并选择货到付款，由网上购物平台生成、保存针对所购商品的交易订单后，网上购物平台发送该待支付的商品交易订单给税务监管系统存储；其中，交易订单包括交易订单号、订单生成时间、目标商品名称及价格、目标商品所属商家联系信息和商家纳税识别号、收件人信息以及货到付款方式；(3) The merchant registers the tax identification number on the online shopping platform, and publishes product information on the online shopping platform through the merchant terminal, and the consumer uses the consumer terminal to select the target product on the online shopping platform, and registers the recipient's contact information for the purchased product , and choose cash on delivery, after the online shopping platform generates and saves the transaction order for the purchased goods, the online shopping platform sends the commodity transaction order to be paid to the tax supervision system for storage; the transaction order includes the transaction order number, order Generation time, target commodity name and price, merchant contact information and merchant tax identification number of the target commodity, recipient information and cash on delivery method;

(4)网上购物平台发送取货通知和交易订单给物流公司管理平台，物流公司管理平台保存交易订单后，通知物流公司取货员根据交易订单信息在商家处取货，并根据交易订单中的收件人信息，由物流公司管理平台通知物流公司派件员携带已备案的手持POS终端按照交易订单中的收件人信息派送商品；(4) The online shopping platform sends the pick-up notice and transaction order to the logistics company management platform. After the logistics company management platform saves the transaction order, it notifies the logistics company’s picker to pick up the goods at the merchant according to the transaction order information, and according to the information in the transaction order Recipient information, the logistics company management platform will notify the logistics company dispatcher to carry the registered handheld POS terminal to deliver the goods according to the recipient information in the transaction order;

(5)收件人利用其具有NFC功能的移动智能终端分别发送认证请求给银行系统和认证机构，银行系统生成其与移动智能终端通信的公钥、移动智能终端的金融认证证书集合，并发送金融认证证书集合、公钥给移动智能终端；认证机构生成其与移动智能终端通信的公钥、移动智能终端的信用认证证书集合，并发送信用认证证书集合、公钥给移动智能终端；其中：(5) The recipient uses its mobile smart terminal with NFC function to send authentication requests to the banking system and the certification agency respectively, and the banking system generates its public key for communication with the mobile smart terminal and the set of financial authentication certificates of the mobile smart terminal, and sends The set of financial authentication certificates and the public key are given to the mobile smart terminal; the certification authority generates its public key for communication with the mobile smart terminal, the set of credit authentication certificates of the mobile smart terminal, and sends the set of credit authentication certificates and the public key to the mobile smart terminal; where:

所述移动智能终端记为Mobile，移动智能终端的金融认证证书集合标记为Cert(BANK_Mobile)，银行系统与移动智能终端的公钥记为k(Mobile,BANK)；移动智能终端的信用认证证书集合标记为Cert(TSM_Mobile)，认证机构与移动智能终端的公钥记为k(Mobile,TSM)；其中：The mobile smart terminal is marked as Mobile, the financial authentication certificate set of the mobile smart terminal is marked as Cert (BANK _Mobile ), and the public key of the banking system and the mobile smart terminal is marked as k (Mobile, BANK); the credit authentication certificate of the mobile smart terminal The set is marked as Cert(TSM _Mobile ), and the public key of the certification authority and the mobile smart terminal is marked as k(Mobile,TSM); where:

Cert(TSM_Mobile)＝{Cert¹(TSM_Mobile),Cert²(TSM_Mobile),···,Cert^m(TSM_Mobile)}；Cert(TSM _Mobile )＝{Cert ¹ (TSM _Mobile ),Cert ² (TSM _Mobile ),...,Cert ^m (TSM _Mobile )};

Cert(BANK_Mobile)＝{Cert¹(BANK_Mobile),Cert²(BANK_Mobile),···,Cert^m(BANK_Mobile)}；m≥3；其中，移动智能终端的信用认证证书与其金融认证证书为一一对应关系；移动智能终端信用认证证书集合中的各信用认证证书以及其金融认证证书集合中的各金融认证证书遵循遍历使用规则且均限制使用一次；Cert(BANK _Mobile )＝{Cert ¹ (BANK _Mobile ),Cert ² (BANK _Mobile ),...,Cert ^m (BANK _Mobile )}; m≥3; Among them, the credit authentication certificate of the smart mobile terminal and its financial authentication certificate It is a one-to-one correspondence relationship; each credit authentication certificate in the mobile smart terminal credit authentication certificate set and each financial authentication certificate in its financial authentication certificate set follow the traversal usage rules and are limited to one use;

(6)移动智能终端在预设时间周期内实时采集其合法拥有者在支付操作时，在键盘上各按键的摁压力数值及摁压力方向，构建移动智能终端合法拥有者在支付操作时利用左手和右手分别针对各按键的左手摁压力数据库和右手摁压力数据库，并分别计算各按键左手摁压力数据库和右手摁压力数据库的方差；其中：(6) The mobile smart terminal collects in real time the value and direction of pressing pressure of each button on the keyboard by its legal owner during the payment operation during the preset time period, and constructs that the legal owner of the mobile smart terminal uses the left hand during the payment operation. and the right hand are respectively for the left hand press pressure database and the right hand press pressure database of each button, and calculate the variance of each button left hand press pressure database and right hand press pressure database respectively; Wherein:

所述移动智能终端上第i个按键记为Button_i，针对按键Button_i所构建的移动智能终端合法拥有者的左手摁压力数据库记为右手摁压力数据库记为N为左手摁压力数据库以及右手摁压力数据库中分别存储的摁压力数据个数；表示针对按键Button_i采集的移动智能终端合法拥有者左手的第n个摁压力数据，表示针对按键Button_i采集的移动智能终端合法拥有者右手的第n个摁压力数据；所述按键Button_i所受移动智能终端合法拥有者左手摁压力的方差记为移动智能终端合法拥有者右手摁压力的方差记为其中，方差和的计算公式分别如下：The i-th button on the mobile smart terminal is marked as Button _i , and the pressure database of the legal owner of the mobile smart terminal built for the button Button _i is marked as Right hand pressure database is recorded as N is the number of press pressure data stored respectively in the left hand press pressure database and the right hand press pressure database; Indicates the nth pressing pressure data of the left hand of the legal owner of the mobile smart terminal collected for Button _i , Represents the nth press pressure data of the right hand of the legal owner of the mobile intelligent terminal _collected for the button Button _i ; The variance of the pressure of the right hand of the legal owner of the mobile smart terminal is denoted as Among them, variance and The calculation formulas are as follows:

${σ σ}_{L L e e f f t t}^{22} (({Button Button}_{i i})) = = {Σ Σ}_{n no = = 11}^{N N} \frac{{(({F f}_{B B u u t t t t o o n no i i}^{L L e e f f t t} ((n no)) - - \overset{&OverBar; &OverBar;}{{F f}_{B B u u t t t t o o n no i i}^{L L e e f f t t}}))}^{22}}{N N},, \overset{&OverBar; &OverBar;}{{F f}_{B B u u t t t t o o n no i i}^{L L e e f f t t}} = = {Σ Σ}_{n no = = 11}^{N N} \frac{{F f}_{B B u u t t t t o o n no i i}^{L L e e f f t t} ((n no))}{N N};;$

${σ σ}_{R R i i g g h h t t}^{22} (({Button Button}_{i i})) = = {Σ Σ}_{n no = = 11}^{N N} \frac{{(({F f}_{B B u u t t t t o o n no i i}^{R R i i g g h h t t} ((n no)) - - \overset{&OverBar; &OverBar;}{{F f}_{B B u u t t t t o o n no i i}^{R R i i g g h h t t}}))}^{22}}{N N},, \overset{&OverBar; &OverBar;}{{F f}_{B B u u t t t t o o n no i i}^{R R i i g g h h t t}} = = {Σ Σ}_{n no = = 11}^{N N} \frac{{F f}_{B B u u t t t t o o n no i i}^{R R i i g g h h t t} ((n no))}{N N};;$

(7)物流公司派件员派送商品至收件人处且等待收件人付款时，物流公司派件员开启手持POS终端的NFC功能以及收件人开启其移动智能终端的NFC功能后，手持POS终端生成、存储第一随机数和第一随机数的有效时间值，获取当前位置以及当前位置的噪声和空气湿度，然后将包括手持POS终端自身签名的付款请求信息发送给收件人的移动智能终端，并发送手持POS终端当前位置、当前位置噪声和空气湿度数据给认证机构；其中：(7) When the dispatcher of the logistics company delivers the goods to the recipient and waits for the recipient to pay, the dispatcher of the logistics company turns on the NFC function of the hand-held POS terminal and the recipient turns on the NFC function of his mobile smart terminal, and the hand-held The POS terminal generates and stores the first random number and the effective time value of the first random number, obtains the current location and the noise and air humidity of the current location, and then sends the payment request information including the signature of the handheld POS terminal to the recipient's mobile Intelligent terminal, and send the current location of the handheld POS terminal, current location noise and air humidity data to the certification body; among them:

所述付款请求信息包括手持POS终端生成的第一随机数RP₁、该第一随机数RP₁的有效时间值TP、付款请求ReqM、手持POS终端选取的金融认证证书Cert^t(BANK_POS)、手持POS终端选取的信用认证证书Cert^t(TSM_POS)、手持POS终端的自身签名Sig_POS以及手持POS终端的私钥sk(POS)；其中，该付款请求信息记为Message_P-M，付款请求信息Message_P-M由公式标记如下：The payment request information includes the first random number RP ₁ generated by the handheld POS terminal, the valid time value TP of the first random number RP ₁ , the payment request ReqM, the financial authentication certificate Cert ^t (BANK _POS ) selected by the handheld POS terminal, The credit authentication certificate Cert ^t (TSM _POS ) selected by the handheld POS terminal, the self-signature Sig _POS of the handheld POS terminal, and the private key sk(POS) of the handheld POS terminal; wherein, the payment request information is recorded as Message _PM , and the payment request information Message _PM is marked by the formula as follows:

${Message message}_{P P - - M m} = = \{\begin{matrix} P P O o S S,, M m o o b b i i l l e e,, {RP RP}_{11},, T T P P,, {Cert Cert}^{t t} (({BANK BANK}_{P P O o S S})),, {Cert Cert}^{t t} (({TSM TSM}_{P P O o S S})),, Re Re M m,, \\ {Sig Sig}_{P P O o S S},, s the s k k ((P P O o S S)) \end{matrix}\};; t t &Element; &Element; [[11,, m m]];;$

(8)移动智能终端接收手持POS终端发送的付款请求信息，生成防窃密的第一随机数，获取移动智能终端当前位置以及当前位置的噪声和空气湿度，并发送包括手持POS终端付款请求信息的认证请求信息以及移动智能终端当前位置、当前位置噪声和空气湿度给认证机构；其中：(8) The mobile smart terminal receives the payment request information sent by the handheld POS terminal, generates the first random number for anti-theft, obtains the current position of the mobile smart terminal and the noise and air humidity of the current position, and sends the payment request information including the handheld POS terminal Certification request information and the current location of the mobile smart terminal, current location noise and air humidity to the certification agency; among them:

所述移动智能终端发送的认证请求信息包括手持POS终端的付款请求信息Message_P-M、移动智能终端生成的防窃密的第一随机数RW₁、认证请求ReqT、其与手持POS终端会话请求ReqSession以及移动智能终端与认证机构间通信的公钥k(Wallet,TSM)；其中，移动智能终端的该认证请求信息标记为Message_M-T，其中：The authentication request information sent by the mobile intelligent terminal includes the payment request information Message _PM of the handheld POS terminal, the anti-theft first random number RW ₁ generated by the mobile intelligent terminal, the authentication request ReqT, the session request ReqSession with the handheld POS terminal, and the mobile The public key k(Wallet,TSM) for communication between the smart terminal and the certification authority; wherein, the authentication request information of the mobile smart terminal is marked as Message _MT , where:

Message_M-T＝{Message_P-M,TSM,RM₁,ReqT,ReqSession,k(Mobile,TSM)}；Message _MT ＝{Message _PM ,TSM,RM ₁ ,ReqT,ReqSession,k(Mobile,TSM)};

(9)认证机构接收、提取移动智能终端发送的认证请求信息以及移动智能终端当前位置及当前位置噪声和空气湿度，记录接收移动智能终端认证请求的时间，并根据所提取的移动智能终端的认证请求信息、移动智能终端当前位置及当前位置噪声和空气湿度、手持POS终端当前位置及当前位置噪声和空气湿度对移动智能终端做出是否进行交易的反馈；其中，该步骤依次包括步骤(9-1)至步骤(9-3)：(9) The certification agency receives and extracts the certification request information sent by the smart mobile terminal, the current location of the smart mobile terminal, the noise and air humidity at the current location, records the time when the smart mobile terminal certification request is received, and based on the certification information of the smart mobile terminal extracted, Request information, the current position of the mobile smart terminal and the current position noise and air humidity, the current position of the hand-held POS terminal and the current position noise and the air humidity make a feedback to the mobile smart terminal whether to conduct transactions; wherein, the steps include steps (9- 1) to step (9-3):

(9-1)当认证机构判断提取的手持POS终端信用认证证书存在于认证机构已存储的信用认证证书数据库中且认证机构接收移动智能终端认证请求的时间位于第一随机数的有效时间值内时，表明该信用认证证书有效且对应的手持POS终端为安全终端，认证机构生成移动智能终端与该手持POS终端之间的交易秘钥，并执行步骤(9-2)；否则，认证机构发送拒绝交易信息给移动智能终端；(9-1) When the certification authority judges that the extracted handheld POS terminal credit authentication certificate exists in the credit authentication certificate database stored by the certification authority and the time when the certification authority receives the mobile smart terminal authentication request is within the effective time value of the first random number , it indicates that the credit authentication certificate is valid and the corresponding handheld POS terminal is a secure terminal, the certification authority generates a transaction key between the mobile smart terminal and the handheld POS terminal, and executes step (9-2); otherwise, the certification authority sends Refuse to send transaction information to the mobile smart terminal;

(9-2)认证机构根据提取的手持POS终端和移动智能终端的当前位置及当前位置噪声，判断手持POS终端与移动智能终端所分别对应的当前位置噪声之差位于预设的差值范围内，且手持POS终端与移动智能终端间的空间距离小于预设的安全交易空间距离阈值时，则执行步骤(9-3)；否则，认证机构发送拒绝交易信息给移动智能终端(9-2) According to the extracted current location and current location noise of the handheld POS terminal and the mobile smart terminal, the certification body judges that the difference between the current location noise corresponding to the handheld POS terminal and the mobile smart terminal is within the preset difference range , and the spatial distance between the handheld POS terminal and the mobile smart terminal is less than the preset safe transaction space distance threshold, then perform step (9-3); otherwise, the certification authority sends a transaction rejection message to the mobile smart terminal

(9-3)认证机构判断手持POS终端与移动智能终端所分别对应的空气湿度之差位于预设的差值范围内时，则认证机构发送确认交易信息给移动智能终端；否则，认证机构发送拒绝交易信息给移动智能终端；其中：(9-3) When the certification body judges that the difference in air humidity corresponding to the handheld POS terminal and the mobile smart terminal is within the preset difference range, the certification body sends confirmation transaction information to the mobile smart terminal; otherwise, the certification body sends Refuse to send transaction information to the mobile smart terminal; among them:

所述认证机构发送的确认交易信息标记为Message_T-M-Confirm，移动智能终端与手持POS终端间的交易秘钥记为K，认证机构发送的拒绝交易信息标记为Message_T-M-Reject；其中：The confirmation transaction information sent by the certification body is marked as Message _TM-Confirm , the transaction secret key between the mobile smart terminal and the handheld POS terminal is marked as K, and the rejection transaction information sent by the certification body is marked as Message _TM-Reject ; wherein:

Message_T-M-Confirm＝{TSM,Mobile,POS,RP₁,RM₁,TP,Cert^t(TSM_POS),K,k(Mobile,TSM)}；Message _TM-Confirm ＝{TSM,Mobile,POS,RP ₁ ,RM ₁ ,TP,Cert ^t (TSM _POS ),K,k(Mobile,TSM)};

Message_T-M-Reject＝{TSM,Mobile,POS,RP₁,RM₁,RejectP,k(Mobile,TSM)}；Message _TM-Reject = {TSM, Mobile, POS, RP ₁ , RM ₁ , RejectP, k(Mobile, TSM)};

(10)移动智能终端接收认证机构发送的确认交易信息，并将包括移动智能终端签名的交易交互信息发送给手持POS终端；其中：(10) The mobile smart terminal receives the confirmation transaction information sent by the certification authority, and sends the transaction interaction information including the signature of the mobile smart terminal to the handheld POS terminal; wherein:

所述交易交互信息包括移动智能终端的签名Sig_Mobile、移动智能终端生成的防窃密的第一随机数、移动智能终端与手持POS终端间的交易秘钥、移动智能终端选取的金融认证证书Cert^s(BANK_Mobile)、移动智能终端选取的信用认证证书Cert^s(TSM_Mobile)以及手持POS终端的选取的信用认证证书Cert^t(TSM_POS)；其中，所述移动智能终端发送的交易交互信息标记为Message_M-P，交易交互信息Message_M-P由公式标记如下：The transaction interaction information includes the signature Sig _Mobile of the mobile smart terminal, the first anti-theft random number generated by the mobile smart terminal, the transaction secret key between the mobile smart terminal and the handheld POS terminal, and the financial authentication certificate Cert ^s selected by the mobile smart terminal. (BANK _Mobile ), the credit authentication certificate Cert ^s (TSM _Mobile ) selected by the mobile intelligent terminal, and the selected credit authentication certificate Cert ^t (TSM _POS ) of the handheld POS terminal; wherein, the transaction interaction information sent by the mobile intelligent terminal is marked as Message _MP , transaction interaction information Message _MP is marked by the formula as follows:

${Message message}_{M m - - P P} = = \{\begin{matrix} M m o o b b i i l l e e,, P P O o S S,, T T S S M m,, {RM RM}_{11},, {Cert Cert}^{s the s} (({BANK BANK}_{M m o o b b i i l l e e})),, {Cert Cert}^{s the s} (({TSM TSM}_{M m o o b b i i l l e e})),, K K,, \\ {Sig Sig}_{M m o o b b i i l l e e},, {Cert Cert}^{t t} (({TSM TSM}_{P P O o S S})) \end{matrix}\};; s the s &Element; &Element; [[11,, m m]];;$

(11)手持POS终端接收、提取移动智能终端发送的交易交互信息，并根据在交易交互信息中提取的信息做出判断：当手持POS终端在交易交互信息中提取到的手持POS终端信用认证证书已经存储于其存储的信用认证证书数据库中时，则执行步骤(12)；否则，手持POS终端拒绝与移动智能终端进行支付交易；(11) The handheld POS terminal receives and extracts the transaction interaction information sent by the mobile smart terminal, and makes a judgment based on the information extracted from the transaction interaction information: when the handheld POS terminal extracts the credit authentication certificate of the handheld POS terminal from the transaction interaction information When it has been stored in its stored credit authentication certificate database, then perform step (12); otherwise, the handheld POS terminal refuses to carry out payment transactions with the mobile smart terminal;

(12)手持POS终端生成第二随机数，并发送包括其生成的第二随机数、第一随机数、移动智能终端防窃密的第一随机数、移动智能终端所需支付款项的支付款项信息给移动智能终端；其中，所述支付款项信息标记为Message_P-M-Payment：(12) The handheld POS terminal generates a second random number, and sends payment information including the second random number generated by it, the first random number, the first random number for anti-theft of the mobile smart terminal, and the payment required by the mobile smart terminal To the mobile intelligent terminal; wherein, the payment information is marked as Message _PM-Payment :

Message_P-M-Payment＝{POS,Mobile,RP₂,RM₁,RP₁,Payment,K}；Message _PM-Payment ＝{POS,Mobile,RP ₂ ,RM ₁ ,RP ₁ ,Payment,K};

其中，RP₂表示手持POS终端生成的第二随机数，Payment表示移动智能终端所需支付款项，K为手持POS终端与移动智能终端之间的交易秘钥；Among them, RP ₂ represents the second random number generated by the handheld POS terminal, Payment represents the payment required by the mobile smart terminal, and K is the transaction secret key between the handheld POS terminal and the mobile smart terminal;

(13)移动智能终端接收手持POS终端发送的支付款项信息，并生成防窃密的第二随机数，由移动智能终端将包括所接收支付款项信息以及新生成防窃密第二随机数的支付交易记录信息发送给认证机构存储；其中，所述支付交易记录信息标记为S_M-T-Payment：S_M-T-Payment＝{Mobile,TSM,POS,RM₂,k(Mobile,TSM)}；RM₂表示移动智能终端生成的防窃密的第二随机数；(13) The mobile intelligent terminal receives the payment information sent by the handheld POS terminal, and generates a second random number to prevent theft, and the mobile intelligent terminal will include the received payment information and the newly generated payment transaction record of the second random number to prevent theft The information is sent to the certification body for storage; wherein, the payment transaction record information is marked as S _MT-Payment : S _MT-Payment = {Mobile, TSM, POS, RM ₂ , k(Mobile, TSM)}; RM ₂ represents mobile smart The anti-theft second random number generated by the terminal;

(14)移动智能终端接收外部通过各按键输入的支付密码，由移动智能终端根据各按键所受摁压力方向判断摁压各按键的为左手或右手后，移动智能终端将此时各按键所受摁压力添加到所判断结果对应的摁压力数据库中，重新计算此时各按键对应摁压力数据库的方差；(14) The mobile intelligent terminal receives the payment password inputted through each key from the outside. After the mobile intelligent terminal judges whether the key is pressed by the left hand or the right hand according to the pressing pressure direction of each key, the mobile intelligent terminal calculates the pressure received by each key at this time. The pressing pressure is added to the pressing pressure database corresponding to the judged result, and the variance of each button corresponding to the pressing pressure database is recalculated at this time;

(15)移动智能终端根据步骤(14)中各按键重新所得摁压力数据库方差与步骤(6)中所对应摁压力数据库方差之间的差值，对是否执行支付操作做出判断：(15) The mobile intelligent terminal makes a judgment on whether to execute the payment operation according to the difference between the variance of the pressing pressure database newly obtained by each button in step (14) and the corresponding pressing pressure database variance in step (6):

当各按键所得差值均小于或等于预设阈值时，表示该支付密码为移动智能终端合法拥有者所输入，移动智能终端发送包括该支付密码和其金融认证证书的支付命令给银行系统，由银行系统判断支付密码与预设支付密码一致时，将移动智能终端付款账户的款项转移至物流公司在银行系统的收款账户内，并由银行系统发送转款成功通知给手持POS终端、物流公司管理平台和移动智能终端；否则，表示该支付密码不是移动智能终端合法拥有者输入，移动智能终端拒绝执行支付操作；When the difference obtained by each button is less than or equal to the preset threshold, it means that the payment password is input by the legal owner of the mobile smart terminal, and the mobile smart terminal sends a payment command including the payment password and its financial authentication certificate to the banking system, which is then When the bank system judges that the payment password is consistent with the preset payment password, it transfers the payment from the payment account of the mobile smart terminal to the collection account of the logistics company in the bank system, and the bank system sends a notification of successful transfer to the handheld POS terminal and the logistics company management platform and mobile smart terminal; otherwise, it means that the payment password is not entered by the legal owner of the mobile smart terminal, and the mobile smart terminal refuses to perform the payment operation;

(16)手持POS终端在接收到银行系统发送的转款成功通知后，物流公司派件员将商品交给收件人，完成物流公司对该商品的派送；物流公司管理平台按照其与网上购物平台预设的派送费用，在扣除其派送费用后，物流公司管理平台按照订单信息中的目标商品价格，发送其纳税识别号以及支付命令给银行系统，由银行系统将物流公司管理平台收款账户中的对应款项转移给订单信息中商家的收款账户，完成货到付款的交易过程；(16) After the hand-held POS terminal receives the notification of successful transfer from the banking system, the dispatcher of the logistics company will hand over the goods to the recipient, and complete the delivery of the goods by the logistics company; After deducting the delivery fee preset by the platform, the logistics company management platform will send its tax identification number and payment order to the bank system according to the price of the target commodity in the order information, and the bank system will transfer the logistics company management platform collection account The corresponding payment in the order information is transferred to the receiving account of the merchant in the order information, and the transaction process of cash on delivery is completed;

(17)银行系统将该笔成功交易订单号发送给税务监管系统，税务监管系统经核对该成功交易订单号与其已存储的交易订单号一致时，则分别计算得到物流公司和商家针对该笔成功交易订单应缴纳的营业税款，并通知银行系统替代税务监管系统分别代扣物流公司和商家的营业税款，以完成对商务购物支付交易系统的税收监管。(17) The banking system sends the successful transaction order number to the tax supervision system. When the tax supervision system checks that the successful transaction order number is consistent with the stored transaction order number, the logistics company and the merchant will calculate the successful transaction order number for the successful transaction. The business tax that should be paid for the transaction order, and notify the banking system to replace the tax supervision system to withhold the business tax of the logistics company and the merchant respectively, so as to complete the tax supervision of the commercial shopping payment transaction system.

与现有技术相比，本发明的优点在于：Compared with the prior art, the present invention has the advantages of:

首先，物流公司取货员根据各交易订单信息在商家处取货，物流公司的各手持POS终端在银行系统和认证机构处分别获得对应的金融认证证书和信用认证证书，各交易订单对应的不同收件人的移动智能终端获取其金融认证证书和信用认证证书，以保证货到付款中交易双方终端的合法身份，保证交易双方的财产安全；First, the pick-up personnel of the logistics company pick up the goods at the merchant according to the information of each transaction order, and each handheld POS terminal of the logistics company obtains the corresponding financial authentication certificate and credit authentication certificate from the banking system and the certification institution respectively. The recipient's mobile smart terminal obtains its financial authentication certificate and credit authentication certificate to ensure the legal identity of the terminals of both parties in the cash-on-delivery payment and ensure the property safety of both parties;

其次，利用同一位置处空气湿度相同的这一特点，认证机构判断移动智能终端与手持POS终端位于安全交易空间距离，且两者所对应的当前位置噪声以及当前位置空气湿度之差均位于安全的范围之内时，判断手持POS终端与移动智能终端处于同一位置处，两者位于安全的距离之内，则认证机构发送交易秘钥给移动智能终端和手持POS终端，以确保交易双方在支付时处于安全的位置范围之内；Secondly, taking advantage of the fact that the air humidity at the same location is the same, the certification agency judges that the mobile smart terminal and the handheld POS terminal are located in a safe transaction space, and the noise of the current location and the difference between the current location air humidity corresponding to the two are located in a safe space. If it is judged that the handheld POS terminal and the mobile smart terminal are at the same location, and the two are within a safe distance, the certification authority will send the transaction key to the mobile smart terminal and the handheld POS terminal to ensure that both parties to the transaction within a safe location;

再次，根据人体行为特征的唯一性的这一特点，移动智能终端构建其合法拥有者正常状态时针对各按键的左右手摁压力数据库，并根据重新构建移动智能终端支付时各按键的左右手摁压力数据库方差情况，在判断当前支付密码为其合法拥有者输入时，转移费用到物流公司的账户内；否则，移动智能终端拒绝支付交易，以此保证货到付款中收件人的财产安全；Again, according to the uniqueness of human behavior characteristics, the mobile smart terminal constructs the pressure database of the left and right hands pressing each button when its legal owner is in a normal state, and according to the reconstruction of the left and right hand pressing pressure database of each button when the mobile smart terminal pays In the case of variance, when it is judged that the current payment password is entered by its legal owner, the transfer fee is transferred to the account of the logistics company; otherwise, the mobile smart terminal refuses to pay the transaction, so as to ensure the property safety of the recipient in the cash on delivery;

最后，在货到付款起始到结束的整个过程中，税务监管系统实时监控各交易订单的支付情况，并在支付成功后，由银行系统代替税务监管系统扣除商家和物流公司相对应的营业税款，以实现对网购平台的商家和物流公司进行有效税收监管。Finally, during the entire process from the beginning to the end of cash on delivery, the tax supervision system monitors the payment status of each transaction order in real time, and after the payment is successful, the banking system replaces the tax supervision system to deduct the corresponding business tax of merchants and logistics companies , in order to achieve effective tax supervision of merchants and logistics companies on online shopping platforms.

附图说明Description of drawings

图1为本发明实施例中商务物流支付交易系统的结构示意图。FIG. 1 is a schematic structural diagram of a commercial logistics payment transaction system in an embodiment of the present invention.

具体实施方式detailed description

以下结合附图实施例对本发明作进一步详细描述。The present invention will be further described in detail below in conjunction with the accompanying drawings and embodiments.

本实施例中基于货到付款的商务物流安全支付方法，用于商家终端、网上购物平台、消费者终端、物流公司管理平台、认证机构、银行系统以及税务监管系统构成的商务物流支付交易系统，该支付系统参考图1所示，网上购物平台分别连接商家终端、消费者终端和物流公司管理平台，商家终端连接银行系统和税务监管系统，银行系统分别连接商家终端、消费者终端物流公司管理平台和税务监管系统，商家终端和消费者终端均连接认证机构。本实施例中，基于货到付款的商务物流安全支付方法，依次包括如下步骤：In this embodiment, the secure payment method for business logistics based on cash on delivery is used in a business logistics payment transaction system composed of merchant terminals, online shopping platforms, consumer terminals, logistics company management platforms, certification agencies, banking systems, and tax supervision systems. The payment system is shown in Figure 1. The online shopping platform is connected to the merchant terminal, the consumer terminal and the logistics company management platform respectively. The merchant terminal is connected to the banking system and the tax supervision system. The banking system is connected to the merchant terminal and the consumer terminal respectively to the logistics company management platform. And the tax supervision system, both the merchant terminal and the consumer terminal are connected to the certification agency. In this embodiment, the secure payment method for business logistics based on cash on delivery includes the following steps in sequence:

(2)物流公司管理平台对其具有NFC功能的各手持POS终端均进行备案，建立各手持POS终端分别与银行系统、认证机构的通信连接，利用手持POS终端分别发送认证请求给银行系统和认证机构，银行系统生成其与手持POS终端通信的公钥、手持POS终端的金融认证证书集合，并发送金融认证证书集合和公钥给手持POS终端；认证机构生成其与手持POS终端通信的公钥、手持POS终端的信用认证证书集合，并发送信用认证证书集合和公钥给手持POS终端；(2) The management platform of the logistics company records all handheld POS terminals with NFC functions, establishes communication connections between each handheld POS terminal and the banking system and certification agency, and uses the handheld POS terminal to send certification requests to the banking system and certification authority respectively. Institutions and banking systems generate their public keys for communication with handheld POS terminals, financial authentication certificate sets for handheld POS terminals, and send financial authentication certificate sets and public keys to handheld POS terminals; certification agencies generate public keys for communication with handheld POS terminals 1. Set the credit authentication certificate set of the handheld POS terminal, and send the credit authentication certificate set and public key to the handheld POS terminal;

此处的金融认证证书用以表明手持POS终端对支付交易信息的确认，使手持POS终端对经过自己已经确认的支付交易不具有抵赖性，从而保证支付交易的正常进行；此处的信用认证证书作为手持POS终端的可信凭证，用以核准支付交易双方的合法身份，以保证交易的安全；其中：The financial authentication certificate here is used to indicate the confirmation of the payment transaction information by the handheld POS terminal, so that the handheld POS terminal has no repudiation of the payment transaction that has been confirmed by itself, so as to ensure the normal progress of the payment transaction; the credit authentication certificate here As a trusted certificate for handheld POS terminals, it is used to verify the legal identities of both parties to the payment transaction to ensure the security of the transaction; among them:

手持POS终端记为POS，银行系统记为BANK，认证机构记为TSM，手持POS终端的金融认证证书集合标记为Cert(BANK_POS)，银行系统与手持POS终端的公钥记为k(POS,BANK)；手持POS终端的信用认证证书集合记为Cert(TSM_POS)，认证机构与手持POS终端公钥记为k(POS,TSM)；其中：The handheld POS terminal is marked as POS, the banking system is marked as BANK, the certification body is marked as TSM, the set of financial authentication certificates of the handheld POS terminal is marked as Cert(BANK _POS ), the public key of the banking system and the handheld POS terminal is marked as k(POS, BANK); the set of credit authentication certificates of the handheld POS terminal is marked as Cert(TSM _POS ), and the public key of the certification authority and the handheld POS terminal is marked as k(POS,TSM); where:

手持POS终端在需要使用信用认证证书时，则在其信用认证证书集合Cert(TSM_POS)的m个信用认证证书中依次遍历地选择使用，同一个信用认证证书不会被重复使用，以此防止恶意第三方在窥探到手持POS终端已使用的信用认证证书后，再次对该信用认证证书使用，威胁手持POS终端交易安全；同样地，移动智能终端也遵循与手持POS终端相同的使用规则，依次遍历选择使用其信用认证证书集合Cert(TSM_Mobile)中的信用认证证书，且同一个信用认证证书不会被重复使用，即各信用认证证书遵循遍历使用规则且仅限制使用一次，信用认证证书被重复使用即为作废；When the handheld POS terminal needs to use the credit authentication certificate, it chooses to use it sequentially among the m credit authentication certificates of its credit authentication certificate set Cert (TSM _POS ), and the same credit authentication certificate will not be used repeatedly, so as to prevent After spying on the credit authentication certificate used by the handheld POS terminal, the malicious third party uses the credit authentication certificate again, threatening the transaction security of the handheld POS terminal; similarly, the mobile smart terminal also follows the same usage rules as the handheld POS terminal, and in turn The traversal chooses to use the credit authentication certificate in its credit authentication certificate set Cert (TSM _Mobile ), and the same credit authentication certificate will not be reused, that is, each credit authentication certificate follows the traversal usage rules and can only be used once, and the credit authentication certificate is used Reuse is invalid;

(5)收件人利用其具有NFC功能的移动智能终端分别发送认证请求给银行系统和认证机构，银行系统生成其与移动智能终端通信的公钥、移动智能终端的金融认证证书集合，并发送金融认证证书集合、公钥给移动智能终端；认证机构生成其与移动智能终端通信的公钥、移动智能终端的信用认证证书集合，并发送信用认证证书集合、公钥给移动智能终端；移动智能终端所对应的金融认证证书以及信用认证证书的作用对应的参见步骤2中对物流公司的手持POS终端各对应认证证书的详细说明，此处不再赘述；其中：(5) The recipient uses its mobile smart terminal with NFC function to send authentication requests to the banking system and the certification agency respectively, and the banking system generates its public key for communication with the mobile smart terminal and the set of financial authentication certificates of the mobile smart terminal, and sends The set of financial authentication certificates and the public key are sent to the mobile smart terminal; the certification authority generates its public key for communication with the mobile smart terminal, the set of credit authentication certificates of the mobile smart terminal, and sends the set of credit authentication certificates and the public key to the mobile smart terminal; the mobile smart For the functions of the financial authentication certificates and credit authentication certificates corresponding to the terminals, please refer to the detailed description of the corresponding authentication certificates of the handheld POS terminals of the logistics company in step 2, which will not be repeated here; among them:

移动智能终端记为Mobile，移动智能终端的金融认证证书集合标记为Cert(BANK_Mobile)，银行系统与移动智能终端的公钥记为k(Mobile,BANK)；移动智能终端的信用认证证书集合标记为Cert(TSM_Mobile)，认证机构与移动智能终端的公钥记为k(Mobile,TSM)；其中：The smart mobile terminal is denoted as Mobile, the set of financial authentication certificates of the smart mobile terminal is marked as Cert(BANK _Mobile ), the public key of the banking system and the smart mobile terminal is marked as k(Mobile,BANK); the set of credit authentication certificates of the smart mobile terminal is marked as is Cert(TSM _Mobile ), the public key of the certification authority and the mobile smart terminal is marked as k(Mobile,TSM); where:

Cert(BANK_Mobile)＝{Cert¹(BANK_Mobile),Cert²(BANK_Mobile),···,Cert^m(BANK_Mobile)}；m≥3；其中，移动智能终端的信用认证证书与其金融认证证书为一一对应关系；移动智能终端信用认证证书集合中的各信用认证证书以及其金融认证证书集合中的各金融认证证书遵循遍历使用规则且均限制使用一次；也就是说，当手持POS终端使用其信用认证证书集合Cert(TSM_POS)中的第2个信用认证证书Cert²(TSM_POS)时，手持POS终端则对应的使用其金融认证证书集合Cert(BANK_POS)中的第二个金融认证证书Cert²(BANK_POS)；当移动智能终端使用其信用认证证书集合Cert(TSM_Mobile)中的第五个信用认证证书Cert⁵(TSM_Mobile)时，手持POS终端则对应的使用其金融认证证书集合Cert(BANK_Mobile)中的第五个金融认证证书Cert⁵(BANK_Mobile)；Cert(BANK _Mobile )＝{Cert ¹ (BANK _Mobile ),Cert ² (BANK _Mobile ),...,Cert ^m (BANK _Mobile )}; m≥3; Among them, the credit authentication certificate of the smart mobile terminal and its financial authentication certificate It is a one-to-one correspondence relationship; each credit authentication certificate in the mobile smart terminal credit authentication certificate set and each financial authentication certificate in its financial authentication certificate set follow the traversal usage rules and are limited to one use; that is, when a handheld POS terminal uses When the second credit authentication certificate Cert ² (TSM _POS ) in its credit authentication certificate set Cert (TSM _POS ), the handheld POS terminal uses the second financial authentication certificate in its financial authentication certificate set Cert (BANK _POS ) correspondingly Certificate Cert ² (BANK _POS ); when the mobile smart terminal uses the fifth credit authentication certificate Cert ⁵ (TSM _Mobile ) in its credit authentication certificate set Cert (TSM _Mobile ), the handheld POS terminal uses its financial authentication certificate correspondingly The fifth financial authentication certificate Cert ⁵ (BANK _{Mobile ) in the set Cert (BANK Mobile} ₎ ;

(6)移动智能终端在预设时间周期内实时采集其合法拥有者在支付操作时，在键盘上各按键的摁压力数值及摁压力方向，构建移动智能终端合法拥有者在支付操作时利用左手和右手分别针对各按键的左手摁压力数据库和右手摁压力数据库，并分别计算各按键左手摁压力数据库和右手摁压力数据库的方差；(6) The mobile smart terminal collects in real time the value and direction of pressing pressure of each button on the keyboard by its legal owner during the payment operation during the preset time period, and constructs that the legal owner of the mobile smart terminal uses the left hand during the payment operation. and the right hand respectively for the left hand press pressure database and the right hand press pressure database of each button, and calculate the variance of each button left hand press pressure database and right hand press pressure database respectively;

其中，在人们处于安全且没有收到外部威胁、惊讶或惶恐等因素干扰时，人们手掌表面的温度、手掌表面的湿度以及手掌表面的汗液排出量均处于各自正常的数据范围之内，且三者之间具有相关性；一旦收到外部因素的干扰，如惊讶、惶恐、惊吓或恐吓等外部不利因素干扰，人体自身会发生相对应的生理变化，导致手掌表面温度过低或过高、手掌表面湿度出汗导致湿度增加等。因此，在采集移动智能终端合法拥有者一定数量的手掌表面温度、湿度以及汗液排出量数据后，可以通过构建手掌表面温度、湿度以及汗液排出量之间的关系，来对移动智能终端合法拥有者的身份以及其所处的当前环境安全情况做出判断；其中：Among them, when people are safe and are not disturbed by factors such as external threats, surprise, or fear, the temperature of the surface of the palm, the humidity of the surface of the palm, and the amount of sweat discharged from the surface of the palm are all within their respective normal data ranges, and the three There is a correlation between them; once the interference of external factors, such as surprise, fear, fright or intimidation and other external unfavorable factors, the human body itself will undergo corresponding physiological changes, resulting in the temperature of the palm surface being too low or too high, and the temperature of the palm Surface humidity Sweating leads to increased humidity, etc. Therefore, after collecting a certain amount of palm surface temperature, humidity, and sweat output data of the legal owner of the mobile smart terminal, the relationship between the palm surface temperature, humidity, and sweat output can be constructed to identify the legal owner of the mobile smart terminal. to make a judgment on their identity and the current environmental security situation in which they are located; among them:

移动智能终端上第i个按键记为Button_i，针对按键Button_i所构建的移动智能终端合法拥有者的左手摁压力数据库记为右手摁压力数据库记为n∈N，N为左手摁压力数据库以及右手摁压力数据库中分别存储的摁压力数据个数；表示针对按键Button_i采集的移动智能终端合法拥有者左手的第n个摁压力数据，表示针对按键Button_i采集的移动智能终端合法拥有者右手的第n个摁压力数据；所述按键Button_i所受移动智能终端合法拥有者左手摁压力的方差记为移动智能终端合法拥有者右手摁压力的方差记为其中，方差和的计算公式分别如下：The i-th button on the mobile smart terminal is marked as Button _i , and the left-hand pressure database of the legal owner of the mobile smart terminal constructed for the button Button _i is marked as Right hand pressure database is recorded as n∈N, N is the number of press pressure data stored in the left hand press pressure database and the right hand press pressure database respectively; Indicates the nth pressing pressure data of the left hand of the legal owner of the mobile smart terminal collected for Button _i , Represents the nth press pressure data of the right hand of the legal owner of the mobile intelligent terminal _collected for the button Button _i ; The variance of the pressure of the right hand of the legal owner of the mobile smart terminal is denoted as Among them, variance and The calculation formulas are as follows:

由于移动智能终端的合法拥有者每次利用左手或者右手通过键盘上按键输入密码时，其合法拥有者在每个键盘上施加的摁压力大小及方向是不同的，因此，根据人体行为特征的唯一性的这一特点，可以通过采集一段时间内各键盘上所受摁压力数值及对应的摁压力方向情况，以构建移动智能终端合法拥有者针对支付时的左手摁压力数据库和右手摁压力数据库，从而可以利用构建的左手摁压力数据库或右手摁压力数据库作为表征移动智能终端合法拥有者的身份认证信息，以确保支付交易的安全；Since the legal owner of the mobile intelligent terminal uses the left or right hand to input the password through the keys on the keyboard each time, the size and direction of the pressing pressure exerted by the legal owner on each keyboard are different. Therefore, according to the unique Due to this characteristic, by collecting the value of pressing pressure on each keyboard and the corresponding direction of pressing pressure over a period of time, a legal owner of a mobile smart terminal can construct a database of left-hand pressing pressure and right-hand pressing pressure for payment. Thereby, the constructed left-hand press pressure database or right-hand press pressure database can be used as the identity authentication information representing the legal owner of the mobile smart terminal to ensure the security of payment transactions;

其中，键盘上某个按键的左手摁压力数据库中包含了在支付状态下，移动智能终端合法拥有者利用左手摁压该按键时的摁压力数值及摁压力方向；同样地，键盘上某个按键的右手摁压力数据库中包含了在支付状态时，移动智能终端合法拥有者的右手摁压该按键时的摁压力数值及摁压力方向；Among them, the left-hand pressing pressure database of a key on the keyboard contains the value and direction of the pressing pressure when the legal owner of the mobile smart terminal presses the key with his left hand in the payment state; The right-hand pressing pressure database of the mobile smart terminal contains the value and direction of the pressing pressure when the right hand of the legal owner of the mobile smart terminal presses the button in the payment state;

(7)物流公司派件员派送商品至收件人处且等待收件人付款时，物流公司派件员开启手持POS终端的NFC功能以及收件人开启其移动智能终端的NFC功能后，手持POS终端生成、存储第一随机数和第一随机数的有效时间值，获取当前位置数据以及当前位置的噪声和空气湿度，然后将包括手持POS终端自身签名的付款请求信息发送给收件人的移动智能终端，并发送手持POS终端当前位置以及当前位置的噪声和空气湿度数据给认证机构；其中：(7) When the dispatcher of the logistics company delivers the goods to the recipient and waits for the recipient to pay, the dispatcher of the logistics company turns on the NFC function of the hand-held POS terminal and the recipient turns on the NFC function of his mobile smart terminal, and the hand-held The POS terminal generates and stores the first random number and the effective time value of the first random number, obtains the current location data and the noise and air humidity of the current location, and then sends the payment request information including the signature of the handheld POS terminal to the recipient's Mobile smart terminal, and send the current location of the handheld POS terminal and the noise and air humidity data of the current location to the certification body; among them:

付款请求信息包括手持POS终端生成的第一随机数RP₁、该第一随机数RP₁的有效时间值TP、付款请求ReqM、手持POS终端选取的金融认证证书Cert^t(BANK_POS)、手持POS终端选取的信用认证证书Cert^t(TSM_POS)、手持POS终端的自身签名Sig_POS以及手持POS终端的私钥sk(POS)；其中，该付款请求信息记为Message_P-M，付款请求信息Message_P-M由公式标记如下：The payment request information includes the first random number RP ₁ generated by the handheld POS terminal, the valid time value TP of the first random number RP ₁ , the payment request ReqM, the financial authentication certificate Cert ^t (BANK _POS ) selected by the handheld POS terminal, the handheld POS The credit authentication certificate Cert ^t (TSM _POS ) selected by the terminal, the self-signature Sig _POS of the handheld POS terminal and the private key sk(POS) of the handheld POS terminal; wherein, the payment request information is recorded as Message _PM , and the payment request information Message _PM is composed of The formula markup is as follows:

(8)移动智能终端接收手持POS终端发送的付款请求信息，生成防窃密的第一随机数，获取移动智能终端当前位置以及当前位置的噪声和空气湿度，并发送包括手持POS终端付款请求信息的认证请求信息以及移动智能终端当前位置、当前位置噪声和空气湿度给认证机构；其中：(8) The mobile smart terminal receives the payment request information sent by the handheld POS terminal, generates the first random number for anti-theft, obtains the current position of the mobile smart terminal and the noise and air humidity of the current position, and sends the payment request information including the handheld POS terminal The certification request information and the current location of the mobile smart terminal, current location noise and air humidity are sent to the certification agency; among them:

移动智能终端发送的认证请求信息包括手持POS终端的付款请求信息Message_P-M、移动智能终端生成的防窃密的第一随机数RW₁、认证请求ReqT、其与手持POS终端会话请求ReqSession以及移动智能终端与认证机构间通信的公钥k(Wallet,TSM)；其中，移动智能终端的该认证请求信息标记为Message_M-T，其中：The authentication request information sent by the mobile intelligent terminal includes the payment request information Message _PM of the handheld POS terminal, the first anti-theft random number RW ₁ generated by the mobile intelligent terminal, the authentication request ReqT, the session request ReqSession with the handheld POS terminal, and the mobile intelligent terminal The public key k(Wallet,TSM) communicated with the certification authority; wherein, the certification request information of the mobile smart terminal is marked as Message _MT , where:

(9)认证机构接收、提取移动智能终端发送的认证请求信息以及移动智能终端当前位置及当前位置噪声和空气湿度，记录接收移动智能终端认证请求的时间，并根据所提取的移动智能终端的认证请求信息、移动智能终端当前位置及当前位置的噪声和空气湿度、手持POS终端当前位置及当前位置的噪声和空气湿度对移动智能终端做出是否进行交易的反馈；其中，该步骤依次包括步骤(9-1)至步骤(9-3)：(9) The certification agency receives and extracts the certification request information sent by the smart mobile terminal, the current location of the smart mobile terminal, the noise and air humidity at the current location, records the time when the smart mobile terminal certification request is received, and based on the certification information of the smart mobile terminal extracted, The request information, the current position of the mobile intelligent terminal and the noise and air humidity of the current position, the current position of the handheld POS terminal and the noise and air humidity of the current position make feedback on whether to conduct transactions to the mobile intelligent terminal; wherein, the steps include the steps ( 9-1) to step (9-3):

(9-1)当认证机构判断提取的手持POS终端信用认证证书存在于认证机构已存储的信用认证证书数据库中且认证机构接收移动智能终端认证请求的时间位于第一随机数的有效时间值内时，表明该信用认证证书有效且对应的手持POS终端为安全终端，该交易行为可信，认证机构生成移动智能终端与该手持POS终端之间的交易秘钥，并执行步骤(9-2)；否则，认证机构发送拒绝交易信息给移动智能终端；(9-1) When the certification authority judges that the extracted handheld POS terminal credit authentication certificate exists in the credit authentication certificate database stored by the certification authority and the time when the certification authority receives the mobile smart terminal authentication request is within the effective time value of the first random number , it indicates that the credit authentication certificate is valid and the corresponding handheld POS terminal is a secure terminal, and the transaction behavior is credible. The certification authority generates a transaction key between the mobile smart terminal and the handheld POS terminal, and performs step (9-2) ; Otherwise, the certification authority sends a transaction rejection message to the mobile smart terminal;

(9-2)认证机构根据提取的手持POS终端和移动智能终端的当前位置及当前位置噪声，判断手持POS终端与移动智能终端所分别对应的当前位置噪声之差位于预设的差值范围内，且手持POS终端与移动智能终端间的空间距离小于预设的安全交易空间距离阈值时，表明认证机构初步确定手持POS终端和移动智能终端当前处于同一个地理位置，则执行步骤(9-3)，以进行准确确定；否则，认证机构发送拒绝交易信息给移动智能终端(9-2) According to the extracted current location and current location noise of the handheld POS terminal and the mobile smart terminal, the certification body judges that the difference between the current location noise corresponding to the handheld POS terminal and the mobile smart terminal is within the preset difference range , and the spatial distance between the handheld POS terminal and the mobile smart terminal is less than the preset safe transaction space distance threshold, it indicates that the certification body initially determines that the handheld POS terminal and the mobile smart terminal are currently in the same geographic location, and then execute step (9-3 ) to make an accurate determination; otherwise, the certification authority sends transaction rejection information to the mobile smart terminal

(9-3)认证机构判断手持POS终端与移动智能终端所分别对应的空气湿度之差位于预设的差值范围内时，表明在步骤(9-2)已初步确定的基础上，此时手持POS终端和移动智能终端当前确实处于安全的同一个地理位置，则认证机构发送确认交易信息给移动智能终端；否则，认证机构发送拒绝交易信息给移动智能终端；其中：(9-3) When the certification body judges that the difference in air humidity corresponding to the handheld POS terminal and the mobile smart terminal is within the preset difference range, it indicates that the step (9-2) has been preliminarily determined, and at this time If the handheld POS terminal and the mobile smart terminal are indeed in the same safe geographical location, the certification body will send confirmation transaction information to the mobile smart terminal; otherwise, the certification body will send a transaction rejection message to the mobile smart terminal; among them:

认证机构发送的确认交易信息标记为Message_T-M-Confirm，移动智能终端与手持POS终端间的交易秘钥记为K，认证机构发送的拒绝交易信息标记为Message_T-M-Reject；其中：The confirmation transaction information sent by the certification body is marked as Message _TM-Confirm , the transaction key between the mobile smart terminal and the handheld POS terminal is marked as K, and the transaction rejection information sent by the certification body is marked as Message _TM-Reject ; where:

交易交互信息包括移动智能终端的签名Sig_Mobile、移动智能终端生成的防窃密的第一随机数、移动智能终端与手持POS终端间的交易秘钥、移动智能终端选取的金融认证证书Cert^s(BANK_Mobile)、移动智能终端选取的信用认证证书Cert^s(TSM_Mobile)以及手持POS终端的选取的信用认证证书Cert^t(TSM_POS)；其中，所述移动智能终端发送的交易交互信息标记为Message_M-P，交易交互信息Message_M-P由公式标记如下：The transaction interaction information includes the signature Sig _Mobile of the mobile smart terminal, the anti-theft first random number generated by the mobile smart terminal, the transaction secret key between the mobile smart terminal and the handheld POS terminal, and the financial authentication certificate Cert ^s (BANK _Mobile ), the credit authentication certificate Cert ^s (TSM _Mobile ) selected by the mobile intelligent terminal, and the selected credit authentication certificate Cert ^t (TSM _POS ) of the handheld POS terminal; wherein, the transaction interaction information sent by the mobile intelligent terminal is marked as Message _MP , the transaction interaction information Message _MP is marked by the formula as follows:

(11)手持POS终端接收、提取移动智能终端发送的交易交互信息，并根据在交易交互信息中提取的信息做出判断：当手持POS终端在交易交互信息中提取到的手持POS终端信用认证证书已经存储于其存储的信用认证证书数据库中时，说明手持POS终端发起的支付交易请求已经得到了移动智能终端的确认，即移动智能终端同意手持POS终端发起的该笔支付交易行为，则执行步骤(12)；否则，表明移动智能终端不同意该笔支付交易行为，手持POS终端拒绝与移动智能终端进行支付交易；(11) The handheld POS terminal receives and extracts the transaction interaction information sent by the mobile smart terminal, and makes a judgment based on the information extracted from the transaction interaction information: when the handheld POS terminal extracts the credit authentication certificate of the handheld POS terminal from the transaction interaction information When it has been stored in the credit authentication certificate database stored in it, it means that the payment transaction request initiated by the handheld POS terminal has been confirmed by the mobile smart terminal, that is, the mobile smart terminal agrees to the payment transaction initiated by the handheld POS terminal, then execute the step (12); otherwise, it indicates that the mobile smart terminal does not agree with the payment transaction, and the handheld POS terminal refuses to conduct payment transactions with the mobile smart terminal;

(12)手持POS终端生成第二随机数，并发送包括其生成的第二随机数、第一随机数、移动智能终端防窃密的第一随机数、移动智能终端所需支付款项的支付款项信息给移动智能终端；其中，支付款项信息标记为Message_P-M-Payment：(12) The handheld POS terminal generates a second random number, and sends payment information including the second random number generated by it, the first random number, the first random number for anti-theft of the mobile smart terminal, and the payment required by the mobile smart terminal To the smart mobile terminal; among them, the payment information is marked as Message _PM-Payment :

(13)移动智能终端接收手持POS终端发送的支付款项信息，并生成防窃密的第二随机数，由移动智能终端将包括所接收支付款项信息以及新生成防窃密第二随机数的支付交易记录信息发送给认证机构存储；其中，支付交易记录信息标记为S_M-T-Payment：S_M-T-Payment＝{Mobile,TSM,POS,RM₂,k(Mobile,TSM)}；RM₂表示移动智能终端生成的防窃密的第二随机数；(13) The mobile intelligent terminal receives the payment information sent by the handheld POS terminal, and generates a second random number to prevent theft, and the mobile intelligent terminal will include the received payment information and the newly generated payment transaction record of the second random number to prevent theft The information is sent to the certification body for storage; wherein, the payment transaction record information is marked as S _MT-Payment : S _MT-Payment = {Mobile, TSM, POS, RM ₂ , k(Mobile, TSM)}; RM ₂ indicates that the mobile smart terminal generates The anti-theft second random number;

例如，移动智能终端经判断当前操作移动智能终端进行支付操作的为左手，则移动智能终端将其已实时采集的手掌表面温度、手掌表面湿度以及手掌汗液排出量数据添加到其合法拥有者原来的各按键左手摁压力数据库中，然后对新形成的左手摁压力数据库计算其方差，以在步骤15中计算、了解新形成左手摁压力数据库中的数据波动情况；For example, if the mobile smart terminal judges that the person currently operating the mobile smart terminal to perform payment operations is left-handed, the mobile smart terminal will add the real-time collected palm surface temperature, palm surface humidity, and palm sweat discharge data to its legal owner's original data. Press the left hand of each button in the pressure database, and then calculate its variance to the newly formed left hand press pressure database, so as to calculate and understand the data fluctuation situation in the newly formed left hand press pressure database in step 15;

当各按键所得差值均小于或等于预设阈值时，表示各按键重新所得摁压力数据库中的数据没有因新添加的数据产生大的波动，该支付密码为移动智能终端合法拥有者所输入，移动智能终端发送包括该支付密码、其金融认证证书和信用认证证书的支付命令给银行系统，由银行系统判断支付密码与预设支付密码一致时，将移动智能终端付款账户的款项转移至物流公司在银行系统的收款账户内，并由银行系统发送转款成功通知给手持POS终端、物流公司管理平台和移动智能终端；否则，说明此时各按键所受的摁压力数值出现了较大的波动，该支付密码不是移动智能终端合法拥有者输入，移动智能终端拒绝执行支付操作；When the difference obtained by each button is less than or equal to the preset threshold value, it means that the data in the press pressure database obtained by each button does not fluctuate greatly due to the newly added data, and the payment password is input by the legal owner of the mobile smart terminal. The mobile smart terminal sends a payment command including the payment password, its financial authentication certificate and credit authentication certificate to the bank system, and when the bank system judges that the payment password is consistent with the preset payment password, it transfers the money in the payment account of the mobile smart terminal to the logistics company In the receiving account of the banking system, the banking system sends a successful transfer notification to the handheld POS terminal, logistics company management platform and mobile smart terminal; If the payment password is not entered by the legal owner of the smart mobile terminal, the smart mobile terminal refuses to perform the payment operation;

(17)银行系统将该笔成功交易订单号发送给税务监管系统，税务监管系统经核对该成功交易订单号与其已存储的交易订单号一致时，说明则分别计算得到物流公司和商家针对该笔成功交易订单应缴纳的营业税款，并通知银行系统替代税务监管系统分别代扣物流公司和商家的营业税款，以完成对商务购物支付交易系统的税收监管，防止漏税行为的发生，增加了国家的税收收入。(17) The banking system sends the successful transaction order number to the tax supervision system. When the tax supervision system checks that the successful transaction order number is consistent with the stored transaction order number, it indicates that the logistics company and the merchant will calculate the transaction order number for the transaction. The business tax that should be paid for the successful transaction order, and notify the banking system to replace the tax supervision system to withhold the business tax of the logistics company and the merchant respectively, so as to complete the tax supervision of the business shopping payment transaction system, prevent tax evasion, and increase the country's tax income.

Claims

1. based on the business logistics safe payment method cashed on delivery, for the business logistics payment transaction system that merchant terminal, shopping online platform, consumer end, logistics company management platform, certification authority, banking system and tax supervisory systems are constituted, it is characterized in that, in turn include the following steps:

(1) businessman and logistics company register respective collecting account in banking system respectively, register respective identifier of paying taxes in tax supervisory systems, and respective identifier of paying taxes registered by shopping on the web platform；

(2) its each handheld POS terminal with NFC function is all put on record by logistics company management platform, set up each handheld POS terminal respectively with the communication connection of banking system, certification authority, utilize handheld POS terminal to send certification respectively and ask to banking system and certification authority, banking system generates the financial certification authority set of certificates of itself and the PKI of handheld POS terminal communication, handheld POS terminal, and sends financial certification authority set of certificates and PKI to handheld POS terminal；Certification authority generates the credit accreditation set of certificates of itself and the PKI of handheld POS terminal communication, handheld POS terminal, concurrently delivers letters and uses certification set of certificates and PKI to handheld POS terminal；Wherein:

Described handheld POS terminal is designated as POS, and banking system is designated as BANK, and certification authority is designated as TSM, and the financial certification authority set of certificates of handheld POS terminal is labeled as Cert (BANK_POS), the PKI of banking system and handheld POS terminal is designated as k (POS, BANK)；The credit accreditation set of certificates of handheld POS terminal is labeled as Cert (TSM_POS), certification authority and handheld POS terminal public key are designated as k (POS, TSM)；Wherein:

Cert(TSM_POS)={ Cert¹(TSM_POS),Cert²(TSM_POS),…,Cert^m(TSM_POS)}；

Cert(BANK_POS)={ Cert¹(BANK_POS),Cert²(BANK_POS),…,Cert^m(BANK_POS)}；m≥3；

Wherein, m represent handheld POS terminal can financial certification authority certificate and credit accreditation certificate number, the credit accreditation certificate of handheld POS terminal and its financial certification authority certificate are one-to-one relationship；Each credit accreditation certificate in handheld POS terminal credit accreditation set of certificates and each financial certification authority certificate in its financial certification authority set of certificates are followed traversal and are used rule and all limit use once；

(3) identifier of paying taxes registered by businessman's shopping on the web platform, and by merchant terminal shopping on the web platform publishing commodity information, after consumer utilizes consumer end's shopping on the web platform selecting end article, register addressee's contact details of purchased commodity, and select to cash on delivery, after the generation of shopping online platform, preserving the trading order form for purchased commodity, shopping online platform sends this commodity transaction order to be paid and stores to tax supervisory systems；Wherein, trading order form includes trading order form number, order generates Business Contact Information and businessman belonging to time, end article title and price, end article and pays taxes identifier, addressee information and mode of cashing on delivery；

(4) shopping online platform sends picking notice and trading order form to logistics company management platform, after logistics company management platform preserves trading order form, notice logistics company picking person locates picking according to trading order form information in businessman, and according to the addressee information in trading order form, logistics company management platform notify that logistics company is sent part person to carry the handheld POS terminal put on record and sent commodity with charge free according to the addressee information in trading order form；

(5) addressee utilizes it to have the mobile intelligent terminal of NFC function to send certification respectively and ask to banking system and certification authority, banking system generates the financial certification authority set of certificates of its PKI communicated with mobile intelligent terminal, mobile intelligent terminal, and sends financial certification authority set of certificates, PKI to mobile intelligent terminal；Certification authority generates the credit accreditation set of certificates of its PKI communicated with mobile intelligent terminal, mobile intelligent terminal, concurrently delivers letters with certification set of certificates, PKI to mobile intelligent terminal；Wherein:

Described mobile intelligent terminal is designated as Mobile, and the financial certification authority set of certificates of mobile intelligent terminal is labeled as Cert (BANK_Mobile), the PKI of banking system and mobile intelligent terminal is designated as k (Mobile, BANK)；The credit accreditation set of certificates of mobile intelligent terminal is labeled as Cert (TSM_Mobile), the PKI of certification authority and mobile intelligent terminal is designated as k (Mobile, TSM)；Wherein:

Cert(TSM_Mobile)={ Cert¹(TSM_Mobile),Cert²(TSM_Mobile),…,Cert^m(TSM_Mobile)}；

Cert(BANK_Mobile)={ Cert¹(BANK_Mobile),Cert²(BANK_Mobile),…,Cert^m(BANK_Mobile)}；m≥3；Wherein, the credit accreditation certificate of mobile intelligent terminal and its financial certification authority certificate are one-to-one relationship；Each credit accreditation certificate in mobile intelligent terminal credit accreditation set of certificates and each financial certification authority certificate in its financial certification authority set of certificates are followed traversal and are used rule and all limit use once；

(6) mobile intelligent terminal in preset time period its lawful owner of Real-time Collection when delivery operation, on keyboard, each button presses pressure value and presses pressure direction, build mobile intelligent terminal lawful owner utilizes the left hand that left hand and the right hand are respectively directed to each button to press pressure data storehouse and the right hand presses pressure data storehouse when delivery operation, and calculates each button left hand respectively and press pressure data storehouse and the right hand presses the variance in pressure data storehouse；Wherein:

On described mobile intelligent terminal, i-th button is designated as Button_i, for button Button_iThe left hand of constructed mobile intelligent terminal lawful owner is pressed pressure data storehouse and is designated asThe right hand is pressed pressure data storehouse and is designated asN ∈ N, N be left hand press pressure data storehouse and the right hand press pressure data storehouse stores respectively press pressure data number；Represent for button Button_iThe n-th of the mobile intelligent terminal lawful owner's left hand gathered presses pressure data,Represent for button Button_iThe n-th of the mobile intelligent terminal lawful owner's right hand gathered presses pressure data；Described button Button_iThe variance that suffered mobile intelligent terminal lawful owner's left hand presses pressure is designated asMobile intelligent terminal lawful owner's right hand is pressed the variance of pressure and is designated asWherein, varianceWithComputing formula respectively as follows:

σ_{L e f t}^{2} ({Button}_{i}) = Σ_{n = 1}^{N} \frac{{(F_{B u t t o n i}^{L e f t} (n) - \overset{&OverBar;}{F_{B u t t o n i}^{L e f t}})}^{2}}{N},

\overset{&OverBar;}{F_{B u t t o n i}^{L e f t}} = Σ_{n = 1}^{N} \frac{F_{B u t t o n i}^{L e f t} (n)}{N};

σ_{R i g h t}^{2} ({Button}_{i}) = Σ_{n = 1}^{N} \frac{{(F_{B u t t o n i}^{R i g h t} (n) - \overset{&OverBar;}{F_{B u t t o n i}^{R i g h t}})}^{2}}{N},

\overset{&OverBar;}{F_{B u t t o n i}^{R i g h t}} = Σ_{n = 1}^{N} \frac{F_{B u t t o n i}^{R i g h t} (n)}{N};

(7) logistics company send part person send with charge free commodity to addressee place and wait addressee pay the bill time, after logistics company sends part person to open the NFC function of handheld POS terminal and addressee opens the NFC function of its mobile intelligent terminal, handheld POS terminal generates, store the effective time value of the first random number and the first random number, obtain noise and the air humidity of current location and current location, then the payment request information including handheld POS terminal self signature is sent to the mobile intelligent terminal of addressee, and send handheld POS terminal current location, current location noise and air humidity data are to certification authority；Wherein:

Described payment request information includes the first random number R P that handheld POS terminal generates₁, this first random number R P₁Effective time value TP, the financial certification authority certificate Cert that chooses of payment request ReqM, handheld POS terminal^t(BANK_POS), the credit accreditation certificate Cert that chooses of handheld POS terminal^t(TSM_POS), handheld POS terminal self signature Sig_POSAnd the private key sk (POS) of handheld POS terminal；Wherein, this payment request information is designated as Message_P-M, payment request information Message_P-MAs follows by formula labelling:

{Message}_{P - M} = \{\begin{matrix} P O S, M o b i l e, {RP}_{1} T P, {Cert}^{t} ({BANK}_{P O S}), {Cert}^{t} ({TSM}_{P O S}), Re M, \\ {Sig}_{P O M}, s k (P O S) \end{matrix}\}; t &Element; [1, m];

(8) mobile intelligent terminal receives the payment request information that handheld POS terminal sends, generate anti-the first random number stolen secret information, obtain noise and the air humidity of mobile intelligent terminal current location and current location, and send the certification solicited message and mobile intelligent terminal current location, current location noise and air humidity that include handheld POS terminal payment request information to certification authority；Wherein:

The certification solicited message that described mobile intelligent terminal sends includes the payment request information Message of handheld POS terminal_P-M, mobile intelligent terminal generate anti-the first random number R W stolen secret information₁, certification request ReqT, its ask PKI k (Wallet, TSM) of communicating between ReqSession and mobile intelligent terminal with certification authority with handheld POS terminal session；Wherein, this certification solicited message of mobile intelligent terminal is labeled as Message_M-T, wherein:

Message_M-T={ Message_P-M,TSM,RM₁,ReqT,ReqSession,k(Mobile,TSM)}；

(9) certification authority receives, extracts certification solicited message and mobile intelligent terminal current location and current location noise and air humidity that mobile intelligent terminal sends, record receives the time of mobile intelligent terminal certification request, and mobile intelligent terminal is made whether the feedback being traded according to the certification solicited message of the mobile intelligent terminal extracted, mobile intelligent terminal current location and current location noise and air humidity, handheld POS terminal current location and current location noise and air humidity；Wherein, this step includes step (9-1) successively to step (9-3):

(9-1) when certification authority judges the effective time value that the time that the handheld POS terminal credit accreditation certificate extracted is present in the credit accreditation certificate database that certification authority has stored and certification authority's reception mobile intelligent terminal certification is asked is positioned at the first random number, show that the handheld POS terminal that this credit accreditation certificate is effective and corresponding is security terminal, certification authority generates the transaction key between mobile intelligent terminal and this handheld POS terminal, and performs step (9-2)；Otherwise, certification authority sends refusal Transaction Information to mobile intelligent terminal；

(9-2) certification authority is according to the handheld POS terminal extracted and the current location of mobile intelligent terminal and current location noise, judge handheld POS terminal and mobile intelligent terminal the difference of current location noise corresponding respectively be positioned at default difference range, and the space length between handheld POS terminal and mobile intelligent terminal less than default Secure Transaction word space threshold time, then perform step (9-3)；Otherwise, certification authority sends refusal Transaction Information to mobile intelligent terminal

(9-3) certification authority judge handheld POS terminal and mobile intelligent terminal the difference of air humidity corresponding respectively when being positioned at default difference range, then certification authority sends and confirms that Transaction Information is to mobile intelligent terminal；Otherwise, certification authority sends refusal Transaction Information to mobile intelligent terminal；Wherein:

The confirmation Transaction Information that described certification authority sends is labeled as Message_T-M-Confirm, the transaction key of mobile intelligent terminal and handheld POS terminal room is designated as K, and the refusal Transaction Information that certification authority sends is labeled as Message_T-M-Reject；Wherein:

Message_T-M-Confirm={ TSM, Mobile, POS, RP₁,RM₁,TP,Cert^t(TSM_POS),K,k(Mobile,TSM)}；

Message_T-M-Reject={ TSM, Mobile, POS, RP₁,RM₁,RejectP,k(Mobile,TSM)}；

(10) mobile intelligent terminal receives the confirmation Transaction Information that certification authority sends, and the transaction interactive information including mobile intelligent terminal signature is sent to handheld POS terminal；Wherein:

Described transaction interactive information includes the signature Sig of mobile intelligent terminal_Mobile, the financial certification authority certificate Cert that chooses of the anti-transaction key of the first random number, mobile intelligent terminal and handheld POS terminal room stolen secret information that generates of mobile intelligent terminal, mobile intelligent terminal^s(BANK_Mobile), the credit accreditation certificate Cert that chooses of mobile intelligent terminal^s(TSM_Mobile) and the credit accreditation certificate Cert chosen of handheld POS terminal^t(TSM_POS)；Wherein, the transaction interactive information that described mobile intelligent terminal sends is labeled as Message_M-P, conclude the business interactive information Message_M-PAs follows by formula labelling:

{Message}_{M - P} = \{\begin{matrix} M o b i l e, P O S, T S M, {PM}_{1}, {Cert}^{s} ({BANK}_{M o b i l e}), {Cert}^{s} ({TSM}_{M o b i l e}), K, \\ {Sig}_{M o b i l e}, {Cert}^{t} ({TSM}_{P O S}) \end{matrix}\}; s &Element; [1, m];

(11) handheld POS terminal receives, extracts the transaction interactive information that mobile intelligent terminal sends, and judge according to the information extracted in interactive information of concluding the business: when the handheld POS terminal credit accreditation certificate that handheld POS terminal is extracted in interactive information of concluding the business has been stored in the credit accreditation certificate database of its storage, then perform step (12)；Otherwise, handheld POS terminal refusal carries out payment transaction with mobile intelligent terminal；

(12) handheld POS terminal generates the second random number, and send include the second random number of its generation, the first random number, mobile intelligent terminal prevent that the payment information of payment is to mobile intelligent terminal needed for the first random number stolen secret information, mobile intelligent terminal；Wherein, described payment information flag is Message_P-M-Payment:

Message_P-M-Payment={ POS, Mobile, RP₂,RM₁,RP₁,Payment,K}；

Wherein, RP₂Representing the second random number that handheld POS terminal generates, Payment represents payment needed for mobile intelligent terminal, and K is the transaction key between handheld POS terminal and mobile intelligent terminal；

(13) mobile intelligent terminal receives the payment information that handheld POS terminal sends, and generate anti-the second random number stolen secret information, mobile intelligent terminal the payment transaction records information including received payment information and newly-generated anti-second random number of stealing secret information is sent to certification authority's storage；Wherein, described payment transaction records information flag is S_M-T-Payment: S_M-T-Payment={ Mobile, TSM, POS, RM₂,k(Mobile,TSM)}；RM₂Represent anti-the second random number stolen secret information that mobile intelligent terminal generates；

(14) mobile intelligent terminal receives the outside payment cipher by each key-press input, by mobile intelligent terminal press suffered by each button pressure direction judge to press press each button as after left hand or the right hand, mobile intelligent terminal adds corresponding the pressing in pressure data storehouse of institute's judged result to by pressing pressure suffered by now each button, recalculates now each button correspondence and presses the variance in pressure data storehouse；

(15) mobile intelligent terminal is pressed according to each button gained again in step (14) corresponding in pressure data storehouse variance and step (6) and is pressed the difference between the variance of pressure data storehouse, judges whether performing delivery operation:

When each button gained difference is respectively less than or is equal to predetermined threshold value, represent that this payment cipher is inputted by mobile intelligent terminal lawful owner, mobile intelligent terminal sends the pay warrant including this payment cipher and its financial certification authority certificate to banking system, when being judged that payment cipher is consistent with default payment cipher by banking system, the fund of mobile intelligent terminal Send only Account is transferred to logistics company in the collecting account of banking system, and is turned money success notification to handheld POS terminal, logistics company management platform and mobile intelligent terminal by banking system transmission；Otherwise, representing that this payment cipher is not mobile intelligent terminal lawful owner input, mobile intelligent terminal refusal performs delivery operation；

(16) handheld POS terminal receive banking system send turn money success notification after, logistics company sends part person to give addressee by commodity, completes logistics company sending with charge free these commodity；Logistics company management platform sends expense with charge free according to what it was preset with shopping online platform, after at deduction, it sends expense with charge free, logistics company management platform is according to the end article price in sequence information, send its pay taxes identifier and pay warrant to banking system, the collecting account being transferred in sequence information by the corresponding fund in logistics company management platform collecting account businessman by banking system, completes the process of exchange cashed on delivery；

(17) this Successful Transaction order number is sent to tax supervisory systems by banking system, when trading order form number that tax supervisory systems this Successful Transaction order number being checked has stored with it is consistent, then calculate respectively and obtain the business tax that logistics company and businessman should pay for this Successful Transaction order, and transmitting bank's system substitutes tax supervisory systems and withholds the business tax of logistics company and businessman respectively, to complete the taxation supervision to commercial affairs shopping payment transaction system.