CN103473677A - Financial certificate transaction system and method by combining action communication device with two-dimensional bar code - Google Patents
Financial certificate transaction system and method by combining action communication device with two-dimensional bar code Download PDFInfo
- Publication number
- CN103473677A CN103473677A CN2013104350813A CN201310435081A CN103473677A CN 103473677 A CN103473677 A CN 103473677A CN 2013104350813 A CN2013104350813 A CN 2013104350813A CN 201310435081 A CN201310435081 A CN 201310435081A CN 103473677 A CN103473677 A CN 103473677A
- Authority
- CN
- China
- Prior art keywords
- communication device
- mobile communication
- transaction
- information
- barcode
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Pending
Links
Images
Landscapes
- Financial Or Insurance-Related Operations Such As Payment And Settlement (AREA)
- Cash Registers Or Receiving Machines (AREA)
- Telephonic Communication Services (AREA)
Abstract
本发明一种行动通讯装置结合二维条码进行金融凭证交易系统及方法,其主要是通过一具金融凭证的行动通讯装置,读取或产生二维条码以进行交易,付款信息及行动通讯装置识别信息可通过行动通讯装置内的条码交易模块或服务式端点销售系统传送至条码交易特店系统,由条码交易特店系统验证所述付款信息的签章有效性后,再传送所述付款信息至金融单位进行交易,通过以用户的凭证签章所述付款信息密文产生交易信息密文,以避免数据遭盗用或窜改的情况。
The present invention is a mobile communication device combined with a two-dimensional barcode for financial voucher transaction system and method, which mainly uses a mobile communication device with a financial voucher to read or generate a two-dimensional barcode for transaction, payment information and mobile communication device identification. The information can be transmitted to the barcode transaction store system through the barcode transaction module or service-based end-point sales system in the mobile communication device. After the barcode transaction store system verifies the validity of the signature of the payment information, it then transmits the payment information to Financial institutions conduct transactions and generate transaction information ciphertext by signing the payment information ciphertext with the user's certificate to avoid data theft or tampering.
Description
技术领域technical field
本发明涉及金融交易领域,特别是涉及一种行动通讯装置结合二维条码进行金融凭证交易系统及方法。The invention relates to the field of financial transactions, in particular to a system and method for conducting financial voucher transactions by combining a mobile communication device with a two-dimensional barcode.
背景技术Background technique
台湾I275037「用以促进使用移动电话装置的电子金融交易的系统及方法」,其交易触发方式由店家手动输入用户行动通讯设备号码,由系统判断店家输入的用户行动通讯设备号码是否已注册,若已注册则传送交易确认讯息给用户,由用户回复是否进行交易;而台湾201126439申请案「网络金融消费处理方法及二维条码金融消费处理装置」包含一显示器中显示至少一商品选择接口;于至少一商品被选定后,再于显示器中显示具有至少一二维条码传送选项之一消费确认接口;以及于二维条码传送选项被选定后输出一二维条码图案,二维条码图案依据一通讯指向数据传送至外部的一特定行动通讯装置。Taiwan I275037 "System and Method for Promoting Electronic Financial Transactions Using Mobile Phone Devices", the transaction is triggered by the merchant manually entering the user's mobile communication device number, and the system judges whether the user's mobile communication device number entered by the store has been registered. If registered, a transaction confirmation message will be sent to the user, and the user will reply whether to proceed with the transaction; and the Taiwan 201126439 application "Internet financial consumption processing method and two-dimensional barcode financial consumption processing device" includes a display that displays at least one commodity selection interface; After a product is selected, a consumption confirmation interface with at least one two-dimensional barcode transmission option is displayed on the display; and after the two-dimensional barcode transmission option is selected, a two-dimensional barcode pattern is output, and the two-dimensional barcode pattern is based on a Communication refers to data transmission to an external specific mobile communication device.
上述两案均是利用行动通讯装置做为交易手段,然而至今仍未广为接受的原因,在于无法确认消费者是否为正确的行动通讯装置用户,或用户数据遭窜改或盗用,导致目前通过行动通讯装置进行消费,仅停留在小额付费,且经常有遭到盗刷的情况发生。The above two cases both use mobile communication devices as a means of transaction, but the reason why they have not been widely accepted is that it is impossible to confirm whether the consumer is the correct user of the mobile communication device, or the user data has been tampered with or embezzled. The consumption of communication devices only stays in small payments, and there are often cases of being stolen.
发明内容Contents of the invention
本发明的主要目的,在于提供一种可避免数据遭盗用或窜改的行动通讯装置结合二维条码进行金融凭证交易系统及方法。The main purpose of the present invention is to provide a financial voucher transaction system and method that can prevent data from being embezzled or tampered with by combining a mobile communication device with a two-dimensional barcode.
本发明的次要目的在于提供一种交易过程中,可确认行动通讯装置持有人是否正在进行交易的行动通讯装置结合二维条码进行金融凭证交易系统及方法。The secondary objective of the present invention is to provide a financial voucher transaction system and method in which a mobile communication device combined with a two-dimensional barcode can confirm whether the owner of the mobile communication device is conducting a transaction during the transaction.
本发明一种行动通讯装置结合二维条码进行金融凭证交易系统及方法,其包括行动通讯装置、条码交易特店系统及服务式端点交易系统,所述行动通讯装置至少包含凭证、条码交易模块。The present invention relates to a mobile communication device combined with a two-dimensional barcode to conduct a financial certificate transaction system and method, which includes a mobile communication device, a barcode transaction store system and a service-type terminal transaction system. The mobile communication device at least includes a voucher and a barcode transaction module.
当用户开启条码交易模块,并输入凭证的PIN码取得凭证后,再输入付款信息,条码交易模块以凭证将付款信息进行签章产生交易信息密文,再将所述密文及所述行动通讯装置内的行动通讯装置识别信息动态产生二维条码,服务式端点销售系统通过二维条码读取器,读取并解读所述二维条码内存记录的交易信息密文及行动通讯装置识别信息,并将交易信息密文及行动通讯装置识别信息转送至条码交易特店系统,条码交易特店系统接收后,先以所述行动通讯装置识别信息查出行动通讯装置所对应的凭证,验证所述交易信息密文,并取出付款信息,且将付款信息传送至对应的金融单位或电子票券单位进行交易付款,并接收其回传的交易结果,将其传送至所述服务式端点销售系统。When the user opens the barcode transaction module, and enters the PIN code of the voucher to obtain the voucher, and then enters the payment information, the barcode transaction module signs the payment information with the voucher to generate transaction information ciphertext, and then sends the ciphertext and the mobile communication The mobile communication device identification information in the device dynamically generates a two-dimensional barcode, and the service-type terminal sales system reads and interprets the transaction information ciphertext and mobile communication device identification information recorded in the two-dimensional barcode memory through the two-dimensional barcode reader, And transfer the transaction information ciphertext and mobile communication device identification information to the barcode transaction special store system. After the barcode transaction special store system receives it, it first uses the mobile communication device identification information to find out the corresponding voucher of the mobile communication device, and verifies the transaction information ciphertext, and take out the payment information, and send the payment information to the corresponding financial unit or electronic coupon unit for transaction payment, and receive the transaction result returned by it, and send it to the service-type terminal sales system.
另外,所述行动通讯装置上进一步可具有条码解析模块,可用以撷取服务式端点销售系统屏幕上显示的二维条码,解析出订单信息并传送至行动通讯装置内的条码交易模块,并于条码交易模块中输入凭证的PIN码取得凭证,再输入付款账号,条码交易模块将订单信息及付款账号合编成付款信息,并以凭证将付款信息进行签章产生交易信息密文,再将此密文及所述行动通讯装置内的行动通讯装置识别信息一并传送至条码交易特店系统,条码交易特店系统接收后,通过行动通讯装置识别信息取得对应的凭证,验证所述交易信息密文并取出付款信息后,再转送至金融单位进行交易付款,并接收其回传的交易结果,将其传送至所述行动通讯装置的条码交易模块及所述服务式端点销售系统。In addition, the mobile communication device can further have a barcode analysis module, which can be used to capture the two-dimensional barcode displayed on the screen of the service-type point-of-sale system, analyze the order information and send it to the barcode transaction module in the mobile communication device, and then Enter the PIN code of the voucher in the barcode transaction module to obtain the voucher, and then enter the payment account number. The barcode transaction module compiles the order information and payment account number into payment information, and signs the payment information with the voucher to generate transaction information ciphertext, and then converts this The ciphertext and the identification information of the mobile communication device in the mobile communication device are sent to the barcode transaction special store system together. After receiving the barcode transaction special store system, the corresponding voucher is obtained through the identification information of the mobile communication device, and the transaction information encryption is verified. After the payment information is retrieved from the file, it is transferred to the financial unit for transaction payment, and the transaction result returned is received and sent to the barcode transaction module of the mobile communication device and the service-type terminal sales system.
再者,所述条码解析模块也可用于读取店家牌照内二维条码的店家信息,并开启行动通讯装置内的条码交易模块,输入凭证的PIN码取得凭证后,输入帐户信息,条码交易模块将店家信息及用户输入的付款账号合编成付款信息,并以凭证将付款信息进行签章产生交易信息密文,再将此密文及所述行动通讯装置内的行动通讯装置识别信息一并传送至条码交易特店系统,条码交易特店系统接收后,通过行动通讯装置识别信息取得对应的凭证,验证所述交易信息密文并取出付款信息后,再转送至金融单位进行交易付款,并接收其回传的交易结果,将其传送至所述行动通讯装置的条码交易模块,同时依据付款信息的店家信息及审查机构的店家注册数据,将付款结果一并通知至所述店家通讯装置。Furthermore, the barcode analysis module can also be used to read the store information of the two-dimensional barcode in the store license plate, and open the barcode transaction module in the mobile communication device. After entering the PIN code of the voucher to obtain the voucher, input the account information, and the barcode transaction module Combine the store information and the payment account number entered by the user into payment information, and use the voucher to sign the payment information to generate transaction information ciphertext, and then combine the ciphertext with the mobile communication device identification information in the mobile communication device After receiving it, the barcode transaction special store system obtains the corresponding certificate through the identification information of the mobile communication device, verifies the ciphertext of the transaction information and takes out the payment information, and then transfers it to the financial unit for transaction payment, and Receive the transaction result returned by it, send it to the barcode transaction module of the mobile communication device, and simultaneously notify the payment result to the store communication device according to the store information of the payment information and the store registration data of the inspection agency.
上述行动通讯装置结合二维条码进行金融凭证交易系统及方法,通过条码交易模块以凭证将付款信息进行签章产生交易信息密文,或条码交易模块将订单信息及付款账号合编成付款信息,并以凭证将付款信息进行签章产生交易信息密文,或条码交易模块将店家信息及用户输入的付款账号合编成付款信息,并以凭证将付款信息进行签章产生交易信息密文,避免了数据遭盗用或窜改的情况。The above-mentioned mobile communication device combines the two-dimensional barcode to carry out the financial certificate transaction system and method, and the payment information is signed by the voucher through the barcode transaction module to generate transaction information ciphertext, or the barcode transaction module combines the order information and payment account number into payment information, And use the voucher to sign the payment information to generate transaction information ciphertext, or the barcode transaction module combines the store information and the payment account number entered by the user into payment information, and uses the voucher to sign the payment information to generate transaction information ciphertext, to avoid data theft or tampering.
附图说明Description of drawings
图1为本发明第一实施例的示意图;Fig. 1 is the schematic diagram of the first embodiment of the present invention;
图2为本发明第二实施例的示意图;Fig. 2 is the schematic diagram of the second embodiment of the present invention;
图3为本发明第三实施例的示意图。Fig. 3 is a schematic diagram of a third embodiment of the present invention.
附图标记说明Explanation of reference signs
1行动通讯装置 11凭证1Mobile communication device 11Certificate
12条码交易模块 13条码解析模块12
2服务式端点销售系统 3条码交易特店系统2 Service
4审查机构 5店家通讯装置4
具体实施方式Detailed ways
请参阅图1所示,本发明提供一种行动通讯装置结合二维条码进行金融凭证交易系统及方法,其包括行动通讯装置1、条码交易特店系统3及服务式端点销售系统2,所述行通动通讯装置1至少包含凭证11、条码交易模块12,所述凭证11至少包含公开金钥基础建设的私钥,且所述凭证提供予条码交易模块12读取及使用,所述条码交易模块12提供用户输入付款信息,并以凭证11对付款信息进行签章产生的交易信息密文,以所述交易信息密文及从所述行动通讯装置1中取出行动通讯装置识别信息,产生一具身份认证的二维条码,并将所述二维条码显示于行动通讯装置屏幕,所述服务式端点销售系统2至少包含一条码读取器用以读取二维条码,以译码取得行动通讯装置识别信息及交易信息密文,并转送至条码交易特店系统3,再接收其回传的交易结果,显示于服务式端点销售系统2上,所述条码交易特店系统3内含凭证与行动通讯装置识别信息对应关联的数据库,所述条码交易特店系统3接收自服务式端点销售系统2传入的行动通讯装置识别信息及交易信息密文后,通过所述行动通讯装置识别信息取得对应的凭证11后,验证所述交易信息密文并取出付款信息后,再转送付款信息至金融单位元进行交易付款后,接收并转送所述金融单位回传的付款结果至所述服务式端点销售系统2。Please refer to Fig. 1, the present invention provides a mobile communication device combined with a two-dimensional barcode for financial voucher transaction system and method, which includes a mobile communication device 1, a barcode transaction
所述行动通讯装置1为一具IMEI(国际移动设备身份码)、SIM(用户识别模块)卡的装置,并提供行动通讯连网功能,用以接收来自用户输入、计算、及传输数据,且所述SIM卡内至少储存了一组唯一的IMSI(国际移动用户识别码),IMSI为电信公司用以提供通讯网络接取设备的身分识别使用,并于识别成功后提供所述接取设备通讯服务。The mobile communication device 1 is a device with an IMEI (International Mobile Equipment Identity) and a SIM (Subscriber Identity Module) card, and provides a mobile communication networking function for receiving input, calculation, and transmission data from the user, and At least one set of unique IMSI (International Mobile Subscriber Identity) is stored in the SIM card. The IMSI is used by the telecommunications company to provide the identity identification of the communication network access equipment, and after the identification is successful, the access equipment communication Serve.
本发明提供一种行动通讯装置结合二维条码进行金融凭证交易系统及方法,其交易步骤如下:The present invention provides a mobile communication device combined with a two-dimensional barcode to conduct a financial certificate transaction system and method, the transaction steps are as follows:
步骤一、用户开启行动通讯装置1内的条码交易模块12,并输入凭证11的PIN(个人身份号码)码取得凭证11后,再输入包含付款帐户识别信息的付款信息,由条码交易模块12以凭证11将付款信息进行签章产生交易信息密文,再将此密文及所述行动通讯装置1内的行动通讯装置识别信息动态产生二维条码;Step 1. The user opens the
步骤二、服务式端点销售系统2通过二维条码读取器将行动通讯装置1屏幕上显示的二维条码读取出并解读二维条码内存记录的交易信息密文及行动通讯装置识别信息;Step 2: The service-type point-of-sale system 2 reads the two-dimensional barcode displayed on the screen of the mobile communication device 1 through the two-dimensional barcode reader and interprets the transaction information ciphertext and the identification information of the mobile communication device recorded in the memory of the two-dimensional barcode;
步骤三、服务式端点销售系统2将所述交易信息密文及行动通讯装置识别信息转送至条码交易特店系统3进行交易作业;Step 3: The service-type terminal sales system 2 transfers the ciphertext of the transaction information and the identification information of the mobile communication device to the barcode
步骤四、条码交易特店系统3接收后,先以所述行动通讯装置识别信息查出行动通讯装置1所对应的凭证11,验证所述交易信息密文,并取出付款信息;Step 4: After receiving the barcode transaction
步骤五、条码交易特店系统3将付款信息传送至对应的金融单位或电子票券单位进行交易付款,并接收其回传的交易结果,将其传送至所述服务式端点销售系统2。Step 5: The barcode
另外,为确保交易不可否认性及数据隐密性,于上述步骤一中,可先将付款信息以金融单位自行核发的金钥、或使用金融单位事先设定于行动通讯装置1的动态密码产生器动态产生一组一次性密码(One Time Password,OTP)将所述付款信息加密成付款信息密文,再以凭证11签章所述付款信息密文产生交易信息密文,以避免数据遭盗用或窜改的情况。In addition, in order to ensure transaction non-repudiation and data privacy, in the above step 1, the payment information can first be generated with the key issued by the financial institution itself, or by using the dynamic password previously set by the financial institution in the mobile communication device 1 The server dynamically generates a set of one-time passwords (One Time Password, OTP) to encrypt the payment information into the payment information ciphertext, and then signs the payment information ciphertext with the
而针对高风险的交易内容或信息安全需求,可于上述步骤四中,所述条码交易特店系统3可加入与电信系统整合,将行动通讯装置识别信息或用户身份证字号传送至电信系统中,以验证行动通讯装置1用户的有效性,确认用户是否有遗失行动通讯装置1等情况,或于上述步骤四后由条码交易特店系统3产生一组一次性密码(One Time Password,OTP),并将所述一次性密码及行动通讯装置识别信息通过电信系统发送简讯至行动通讯装置识别信息指定的行动通讯装置1,并由用户将此密码填入行动通讯装置1中的条码交易模块12,由条码交易模块12将此一次性密码回传至条码交易特店系统3中,以确认行动通讯装置1持有人确实正在进行交易。For high-risk transaction content or information security requirements, in the
再者,付款信息可包含行动通讯装置识别信息、或金融单位可储存付款帐户识别信息与行动通讯装置识别信息对应关系的数据库,于上述步骤五后,由金融单位接收所述付款信息后,产生一组一次性密码(One Time Password,OTP),并将所述一次性密码及行动通讯装置识别信息通过电信系统发送简讯至行动通讯装置识别信息指定的行动通讯装置1,并由用户将此密码填入行动通讯装置1中的条码交易模块12,由条码交易模块12将此一次性密码回传,以确认行动通讯装置1持有人确实正在进行交易。Furthermore, the payment information may include identification information of the mobile communication device, or a database in which the financial institution can store the correspondence between the identification information of the payment account and the identification information of the mobile communication device. After the
请参阅图2所示,为本发明的第二实施例,其包括行动通讯装置1、条码交易特店系统3及服务式端点销售系统2,所述行通动通讯装置1至少包含凭证11、条码交易模块12、条码解析模块13,凭证11至少包含一公开金钥基础建设的私钥,且所述凭证11提供条码交易模块12读取及使用,所述条码解析模块13用以撷取服务式端点销售系统2显示二维条码影像的订单信息,并传送所述订单信息至条码交易模块12,所述条码交易模块12接收所述条码解析模块2传送的订单信息及用户输入的付款账户合编制成付款信息,再以凭证11对所述消费付款信息进行签章产生的交易信息密文后,将所述交易信息密文及从行动通讯装置1中取出行动通讯装置识别信息一并传送至条码交易特店系统3进行交易,以及接收所述条码交易特店系统3的回传交易结果,所述服务式端点销售系统2至少包含一个二维条码产生器,所述二维条码产生器把订单数据及服务式端点销售系统识别信息组成一订单信息后,转换成一个二维条码并显示予用户,并且接收及核对来自条码交易特店系统3的交易结果讯息后,显示于服务式端点销售系统2上,所述条码交易特店系统3包含凭证与行动通讯装置识别信息对应关联的数据库,所述条码交易特店系统3接收来自行动通讯装置1所传送的交易信息密文及行动通讯装置识别信息,通过所述行动通讯装置识别信息取得对应的凭证后,验证所述交易信息密文并取出付款信息,再转送付款信息至金融单位进行交易付款后,接收并转送所述金融单位回传的付款结果至所述行动通讯装置1的条码交易模块12。Please refer to Fig. 2, which is the second embodiment of the present invention, which includes a mobile communication device 1, a barcode transaction
所述行动通讯装置1为一具IMEI、SIM卡的装置,并提供行动通讯连网功能,用以接收来自使用者输入、计算、及传输数据,且所述SIM卡内至少储存了一组唯一的IMSI,IMSI为电信公司用以提供一通讯网络接取设备的身分识别使用,并于识别成功后提供所述接取设备通讯服务,其交易步骤如下:The mobile communication device 1 is a device with an IMEI and a SIM card, and provides a mobile communication networking function for receiving input, calculation, and transmission data from the user, and at least one set of unique data is stored in the SIM card. IMSI, IMSI is used by the telecommunications company to provide a communication network access device for identity identification, and after the identification is successful, the communication service of the access device is provided. The transaction steps are as follows:
步骤一、服务式端点销售系统2将订单数据与服务式端点销售系统识别信息组成订单信息后,转换成一个二维条码并显示于屏幕上;Step 1. After the service-type point-of-sale system 2 forms the order information with the order data and the identification information of the service-type point-of-sale system, it converts it into a two-dimensional barcode and displays it on the screen;
步骤二、用户开启行动通讯装置1的条码解析模块13,读取服务式端点销售系统2屏幕上显示的二维条码,解析出订单信息并传送至行动通讯装置1内的条码交易模块12;Step 2, the user opens the
步骤三、用户于行动通讯装置1的条码交易模块12中输入凭证11的PIN码取得凭证11后,再输入付款账号;Step 3: The user enters the PIN code of the
步骤四、条码交易模块12将订单信息及用户输入的付款账号合编成付款信息,并以凭证11将付款信息进行签章产生交易信息密文,再将此密文及所述行动通讯装置1内的行动通讯装置识别信息一并传送至条码交易特店系统3进行交易;
步骤五、条码交易特店系统3接收后,通过行动通讯装置识别信息取得对应的凭证11,验证所述交易信息密文并取出付款信息后,再转送至金融单位进行交易付款,并接收其回传的交易结果,将其传送至所述行动通讯装置1的条码交易模块12及所述服务式端点销售系统2。Step 5: After the barcode transaction
其中,步骤二与步骤三无先后顺序,用户可于行动通讯装置1的条码交易模块12中输入凭证11的PIN取得凭证11,再输入付款账号,然后再开启行动通讯装置1的条码解析模块13,读取服务式端点销售系统2屏幕上显示的二维条码,解析出订单信息。Among them, step 2 and
另外,为确保交易不可否认性及数据隐密性,于步骤四中,可先将付款信息以金融单位自行核发的金钥、或使用金融单位事先设定于行动通讯装置1的动态密码产生器动态产生一组一次性密码(One Time Password,OTP)将所述付款信息加密成付款信息密文,再以凭证11签章所述付款信息密文产生交易信息密文,以避免数据遭盗用或窜改的情况。In addition, in order to ensure transaction non-repudiation and data confidentiality, in
而针对高风险的交易内容或信息安全需求,于上述步骤五中,条码交易特店系统3可加入与电信系统整合,将行动通讯装置识别信息或用户身份证字号传送至电信系统中,以验证行动通讯装置1用户的有效性,确认用户是否有遗失行动通讯装置1等情况;或于步骤五后由条码交易特店系统3产生一组一次性密码(One Time Password,OTP),并将所述一次性密码及行动通讯装置识别信息通过电信系统发送简讯至行动通讯装置识别信息指定的行动通讯装置1,并由用户将此密码填入行动通讯装置1中的条码交易模块12,由条码交易模块12将此一次性密码回传至条码交易特店系统3中,以确认行动通讯装置1持有人确实正在进行交易。For high-risk transaction content or information security requirements, in the above step five, the barcode transaction
再者,付款信息可包含行动通讯装置识别信息、或金融单位可储存付款帐户识别信息与行动通讯装置识别信息对应关系的数据库,于上述步骤五后,由金融单位接收所述付款信息后,产生一组一次性密码(One Time Password,OTP),并将所述一次性密码及行动通讯装置识别信息通过电信系统发送简讯至行动通讯装置识别信息指定的行动通讯装置1,并由用户将此密码填入行动通讯装置1中的条码交易模块12,由条码交易模块12将此一次性密码回传,以确认行动通讯装置1持有人确实正在进行交易。Furthermore, the payment information may include identification information of the mobile communication device, or a database in which the financial institution can store the correspondence between the identification information of the payment account and the identification information of the mobile communication device. After the
请参阅图3所示,为本发明的第三实施例,包括行动通讯装置1、条码交易特店系统3、审查机构4及店家通讯装置5,其中行通动通讯装置1至少包含凭证11、条码交易模块12、条码解析模块13,所述凭证11至少包含一公开金钥基础建设的私钥,所述凭证11提供条码交易模块12读取及使用,所述条码解析模块13用以撷取出店家牌照内二维条码的店家信息,并传送所述店家信息至条码交易模块12,所述条码交易模块12接收所述条码解析模块13传送的店家信息及用户输入的付款账户合编制成付款信息,再以凭证11对所述消费付款信息进行签章产生交易信息密文后,将所述交易信息密文及从行动通讯装置1中取出行动通讯装置识别信息一并传送至条码交易特店系统3进行交易,以及接收所述条码交易特店系统3的回传交易结果,所述审查机构4为受理店家注册的机构,其中店家注册数据至少包含所述店家通讯装置信息5及金融帐户信息,经数据审核后核发一组店家牌照二维条码,所述店家通讯装置5为店家登记在审查机构4的行动通讯装置,用以接收条码交易特店系统5的付款结果通知讯息,所述条码交易特店系统3包含凭证与行动通讯装置识别信息对应关联的数据库,所述条码交易特店系统系统3接收来自行动通讯装置1所传送的交易信息密文及行动通讯装置识别信息后,通过所述行动通讯装置识别信息取得对应的凭证11后,验证所述交易信息密文并取出付款信息后,再转送付款信息至金融单位进行交易付款后,接收并转送所述金融单位回传的付款结果至所述行动通讯装置1的条码交易模块12,且同时依据付款信息的店家信息及审查机构4的店家注册数据,将付款结果一并通知至所述店家通讯装置5。Please refer to Fig. 3, which is the third embodiment of the present invention, including a mobile communication device 1, a barcode transaction special store system 3, an inspection agency 4 and a store communication device 5, wherein the mobile communication device 1 includes at least a certificate 11, Barcode transaction module 12, barcode analysis module 13, the certificate 11 includes at least a private key of the public key infrastructure, the certificate 11 provides the barcode transaction module 12 to read and use, and the barcode analysis module 13 is used to extract The store information of the two-dimensional barcode in the store license, and transmit the store information to the barcode transaction module 12, and the barcode transaction module 12 receives the store information transmitted by the barcode analysis module 13 and the payment account input by the user and compiles the payment information , and then use the voucher 11 to sign the consumption payment information to generate the transaction information ciphertext, and transmit the transaction information ciphertext and the identification information of the mobile communication device taken out from the mobile communication device 1 to the barcode transaction special store system 3 conducting a transaction, and receiving the transaction result returned by the barcode transaction special store system 3, the review agency 4 is an agency that accepts store registration, wherein the store registration data includes at least the store communication device information 5 and financial account information, After data review, a set of two-dimensional barcodes for store licenses is issued. The
所述行动通讯装置1为一具IMEI、SIM卡的装置,并提供行动通讯连网功能,用以接收来自使用者输入、计算、及传输数据,且所述SIM卡内至少储存了一组唯一的IMSI,IMSI为电信公司用以提供一通讯网络接取设备的身分识别使用,并于识别成功后提供所述接取设备通讯服务,其步骤如下:The mobile communication device 1 is a device with an IMEI and a SIM card, and provides a mobile communication networking function for receiving input, calculation, and transmission data from the user, and at least one set of unique data is stored in the SIM card. IMSI, IMSI is used by the telecommunications company to provide a communication network access device for identity identification, and provide the communication service of the access device after the identification is successful, the steps are as follows:
步骤一、用户开启行动通讯装置1的条码解析模块13,读取店家内二维条码的店家信息,并开启行动通讯装置1内的条码交易模块12,输入凭证11的PIN码取得凭证11后,输入帐户信息;Step 1. The user opens the
步骤二、条码交易模块12将店家信息及用户输入的付款账号合编成付款信息,并以凭证11将付款信息进行签章产生交易信息密文,再将此密文及所述行动通讯装置1内的行动通讯装置识别信息一并传送至条码交易特店系统3进行交易;Step 2, the
步骤三、条码交易特店系统3接收后,通过行动通讯装置识别信息取得对应的凭证,验证所述交易信息密文并取出付款信息后,再转送至金融单位进行交易付款,并接收其回传的交易结果,将其传送至所述行动通讯装置1的条码交易模块12,同时依据付款信息的店家信息及审查机构4的店家注册数据,将付款结果一并通知至所述店家通讯装置5。Step 3: After the barcode
其中,所述步骤一中并无绝对的先后顺序,用户可于行动通讯装置1的条码交易模块12中输入凭证11的PIN取得凭证11,再输入付款账号,然后再开启行动通讯装置1的条码解析模块13,读取店家内二维条码的店家信息。Among them, there is no absolute sequence in the first step, the user can enter the PIN of the
而为确保交易不可否认性及数据隐密性,于步骤二中可先将付款信息以金融单位自行核发的金钥、或使用金融单位事先设定于行动通讯装置1的动态密码产生器动态产生一组一次性密码(One Time Password,OTP)将所述付款信息加密成付款信息密文,再以凭证11签章所述付款信息密文产生交易信息密文,以避免数据遭盗用或窜改的情况。In order to ensure transaction non-repudiation and data privacy, in step 2, the payment information can be dynamically generated with the key issued by the financial institution itself, or by using the dynamic password generator set in advance by the financial institution in the mobile communication device 1 A set of one-time passwords (One Time Password, OTP) encrypts the payment information into payment information ciphertext, and then signs the payment information ciphertext with
另外,针对高风险的交易内容或信息安全需求,于步骤三中,所述条码交易特店系统3可加入与电信系统整合,将行动通讯装置识别信息或用户身份证字号传送至电信系统中,以验证行动通讯装置1用户的有效性,确认用户是否有遗失行动通讯装置1等情况;或于步骤三后由条码交易特店系统3产生一组一次性密码(One Time Password,OTP),并将所述一次性密码及行动通讯装置识别信息通过电信系统发送简讯至行动通讯装置识别信息指定的行动通讯装置1,并由用户将此密码填入行动通讯装置中的条码交易模块12,由条码交易模块12将此一次性密码回传至条码交易特店系统3中,以确认行动通讯装置1持有人确实正在进行交易。In addition, for high-risk transaction content or information security requirements, in
再者,付款信息可包含行动通讯装置识别信息、或金融单位可储存付款帐户识别信息与行动通讯装置识别信息对应关系的数据库,于上述步骤三后,由金融单位接收所述付款信息后,产生一组一次性密码(One Time Password,OTP),并将所述一次性密码及行动通讯装置识别信息通过电信系统发送简讯至行动通讯装置识别信息指定的行动通讯装置1,并由用户将此密码填入行动通讯装置1中的条码交易模块12,由条码交易模块12将此一次性密码回传,以确认行动通讯装置1持有人确实正在进行交易。Furthermore, the payment information may include identification information of the mobile communication device, or a database in which the financial institution can store the correspondence between the identification information of the payment account and the identification information of the mobile communication device. After the
以上所述实施例仅表达了本发明的几种实施方式,其描述较为具体和详细,但并不能因此而理解为对本发明专利范围的限制。应当指出的是,对于本领域的普通技术人员来说,在不脱离本发明构思的前提下,还可以做出若干变形和改进,这些都属于本发明的保护范围。因此,本发明专利的保护范围应以所附权利要求为准。The above-mentioned embodiments only express several implementation modes of the present invention, and the description thereof is relatively specific and detailed, but should not be construed as limiting the patent scope of the present invention. It should be pointed out that those skilled in the art can make several modifications and improvements without departing from the concept of the present invention, and these all belong to the protection scope of the present invention. Therefore, the protection scope of the patent for the present invention should be based on the appended claims.
Claims (26)
Applications Claiming Priority (2)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| TW102116831 | 2013-05-13 | ||
| TW102116831A TWI490799B (en) | 2013-05-13 | 2013-05-13 | Mobile communication device and two - dimensional bar code for financial certificate trading system and method |
Publications (1)
| Publication Number | Publication Date |
|---|---|
| CN103473677A true CN103473677A (en) | 2013-12-25 |
Family
ID=49798519
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN2013104350813A Pending CN103473677A (en) | 2013-05-13 | 2013-09-22 | Financial certificate transaction system and method by combining action communication device with two-dimensional bar code |
Country Status (2)
| Country | Link |
|---|---|
| CN (1) | CN103473677A (en) |
| TW (1) | TWI490799B (en) |
Cited By (3)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN105592456A (en) * | 2014-10-20 | 2016-05-18 | 中国电信股份有限公司 | Method and system for two-dimensional code authentication |
| CN109818735A (en) * | 2017-11-20 | 2019-05-28 | 财团法人工业技术研究院 | Key storage device and transaction method thereof, transaction system and transaction method |
| US11138586B1 (en) | 2020-03-23 | 2021-10-05 | Daxchain Limited | Digital asset exchange system and related methods |
Families Citing this family (1)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN105989483A (en) * | 2015-02-09 | 2016-10-05 | 阿里巴巴集团控股有限公司 | Service realizing method and device and payment method and device |
Citations (5)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| US20030120612A1 (en) * | 2000-06-13 | 2003-06-26 | Kabushiki Kaisha Eighting | Method of electronic settlement with a mobile terminal |
| CN1851762A (en) * | 2005-10-27 | 2006-10-25 | 华为技术有限公司 | Mobile payment system and mobile payment transaction information processing method |
| CN102222294A (en) * | 2011-05-31 | 2011-10-19 | 李镇波 | Novel mobile phone payment method |
| CN102842081A (en) * | 2011-06-23 | 2012-12-26 | 上海易悠通信息科技有限公司 | Method for generating two-dimensional code and implementing mobile payment by mobile phone |
| CN103077460A (en) * | 2012-10-31 | 2013-05-01 | 中华电信股份有限公司 | System and method for financial certificate transaction by mobile device |
Family Cites Families (4)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| WO2005004069A1 (en) * | 2003-07-02 | 2005-01-13 | Mobipay International, S.A. | Digital mobile telephone transaction and payment system |
| EP1906349A1 (en) * | 2003-07-02 | 2008-04-02 | Mobipay International, S.A. | Payment and transaction system using digital mobile telephones |
| US20120143707A1 (en) * | 2010-12-07 | 2012-06-07 | Deepak Jain | Executing Reader Application |
| TW201308225A (en) * | 2011-08-03 | 2013-02-16 | Trade Van Information Services Co | Mobile shopping method |
-
2013
- 2013-05-13 TW TW102116831A patent/TWI490799B/en not_active IP Right Cessation
- 2013-09-22 CN CN2013104350813A patent/CN103473677A/en active Pending
Patent Citations (5)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| US20030120612A1 (en) * | 2000-06-13 | 2003-06-26 | Kabushiki Kaisha Eighting | Method of electronic settlement with a mobile terminal |
| CN1851762A (en) * | 2005-10-27 | 2006-10-25 | 华为技术有限公司 | Mobile payment system and mobile payment transaction information processing method |
| CN102222294A (en) * | 2011-05-31 | 2011-10-19 | 李镇波 | Novel mobile phone payment method |
| CN102842081A (en) * | 2011-06-23 | 2012-12-26 | 上海易悠通信息科技有限公司 | Method for generating two-dimensional code and implementing mobile payment by mobile phone |
| CN103077460A (en) * | 2012-10-31 | 2013-05-01 | 中华电信股份有限公司 | System and method for financial certificate transaction by mobile device |
Cited By (5)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN105592456A (en) * | 2014-10-20 | 2016-05-18 | 中国电信股份有限公司 | Method and system for two-dimensional code authentication |
| CN105592456B (en) * | 2014-10-20 | 2018-10-30 | 中国电信股份有限公司 | The method and system of two-dimentional code authentication |
| CN109818735A (en) * | 2017-11-20 | 2019-05-28 | 财团法人工业技术研究院 | Key storage device and transaction method thereof, transaction system and transaction method |
| US11138586B1 (en) | 2020-03-23 | 2021-10-05 | Daxchain Limited | Digital asset exchange system and related methods |
| US11810096B2 (en) | 2020-03-23 | 2023-11-07 | Daxchain Limited | Digital asset exchange system and related methods |
Also Published As
| Publication number | Publication date |
|---|---|
| TWI490799B (en) | 2015-07-01 |
| TW201443799A (en) | 2014-11-16 |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| CN113507377B (en) | Apparatus and method for transaction processing using a token and password based on transaction specific information | |
| CN113344570B (en) | Method for transmitting and processing transaction messages and data processing device | |
| CN107798531B (en) | Electronic payment method and system | |
| CN102801710B (en) | A kind of network trading method and system | |
| US9900148B1 (en) | System and method for encryption | |
| US20100153273A1 (en) | Systems for performing transactions at a point-of-sale terminal using mutating identifiers | |
| US20200410494A1 (en) | Systems and Methods of Electronic Identity Verification | |
| JP2020005260A (en) | Authentication system and method | |
| CN103380592B (en) | Method, server and system for personal authentication | |
| CN106789018A (en) | Secret key remote acquisition methods and device | |
| KR20120017044A (en) | System and method for personal authentication using mobile device | |
| US12015696B2 (en) | Techniques for secure channel communications | |
| CN105027153A (en) | Method, apparatus and system for secure provisioning, transmission and verification of payment data | |
| CN102045715B (en) | Method, device and system for realizing mobile signature | |
| CN103077460B (en) | System and method for financial certificate transaction by mobile device | |
| CN103473677A (en) | Financial certificate transaction system and method by combining action communication device with two-dimensional bar code | |
| CN103475623B (en) | Dynamic barcode authentication system and its authentication method | |
| JP4800825B2 (en) | Encryption communication method | |
| CN107979470A (en) | For signature server, the method for terminal and signature server, terminal | |
| WO2015196581A1 (en) | Signature method and apparatus, virtual teller machine user terminal device and teller terminal device | |
| EP3699849A1 (en) | A method of supporting identification of a customer using a payment card of said customer and a server arranged for supporting said method | |
| CN120525480A (en) | Multiplex order receiving method, apparatus, device, medium and program product | |
| KR20150119709A (en) | Method and system for billing in mobile by using virtual settlement terminal device | |
| CN103188078A (en) | Dual-channel electronic signature system using graphic code and related method and device |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| C06 | Publication | ||
| PB01 | Publication | ||
| C10 | Entry into substantive examination | ||
| SE01 | Entry into force of request for substantive examination | ||
| C02 | Deemed withdrawal of patent application after publication (patent law 2001) | ||
| WD01 | Invention patent application deemed withdrawn after publication |
Application publication date: 20131225 |