[go: up one dir, main page]

TWI775820B - Mobile payment subauthorization method and payment system realized by the method - Google Patents

Mobile payment subauthorization method and payment system realized by the method Download PDF

Info

Publication number
TWI775820B
TWI775820B TW107107855A TW107107855A TWI775820B TW I775820 B TWI775820 B TW I775820B TW 107107855 A TW107107855 A TW 107107855A TW 107107855 A TW107107855 A TW 107107855A TW I775820 B TWI775820 B TW I775820B
Authority
TW
Taiwan
Prior art keywords
transaction
user terminal
token
authorization
sub
Prior art date
Application number
TW107107855A
Other languages
Chinese (zh)
Other versions
TW201835824A (en
Inventor
孫權
Original Assignee
大陸商中國銀聯股份有限公司
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by 大陸商中國銀聯股份有限公司 filed Critical 大陸商中國銀聯股份有限公司
Publication of TW201835824A publication Critical patent/TW201835824A/en
Application granted granted Critical
Publication of TWI775820B publication Critical patent/TWI775820B/en

Links

Images

Classifications

    • GPHYSICS
    • G06COMPUTING OR CALCULATING; COUNTING
    • G06QINFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES, NOT OTHERWISE PROVIDED FOR
    • G06Q20/00Payment architectures, schemes or protocols
    • G06Q20/38Payment protocols; Details thereof
    • G06Q20/382Payment protocols; Details thereof insuring higher security of transaction
    • G06Q20/3829Payment protocols; Details thereof insuring higher security of transaction involving key management

Landscapes

  • Business, Economics & Management (AREA)
  • Accounting & Taxation (AREA)
  • Engineering & Computer Science (AREA)
  • Physics & Mathematics (AREA)
  • Finance (AREA)
  • Strategic Management (AREA)
  • Computer Security & Cryptography (AREA)
  • General Business, Economics & Management (AREA)
  • General Physics & Mathematics (AREA)
  • Theoretical Computer Science (AREA)
  • Financial Or Insurance-Related Operations Such As Payment And Settlement (AREA)
  • Cash Registers Or Receiving Machines (AREA)
  • Inspection Of Paper Currency And Valuable Securities (AREA)
  • Credit Cards Or The Like (AREA)

Abstract

本發明係有關一種移動支付授權方法及其系統。該方法包括下述步驟:主使用者終端綁定支付帳戶;主使用者終端、從使用者終端分別登錄伺服器,主使用者終端向伺服器發出轉授權請求;伺服器對於轉授權請求進行核實,在通過核實後,頒發Token和交易金鑰給從使用者終端;以及從使用者終端根據所述Token和交易金鑰實現支付。根據本發明,能夠實現家庭成員以及朋友之間基於信任的移動支付轉授權,能夠利用Token和交易金鑰確保交易的安全性,同時,用戶在支付時,無需輸入密碼,快捷方便,用戶體驗良好。另一方面,用戶端手機無需聯網即可進行支付交易。The invention relates to a mobile payment authorization method and a system thereof. The method includes the following steps: binding a payment account to the main user terminal; logging in to the server by the main user terminal and the slave user terminal respectively, the main user terminal sending a sub-authorization request to the server; and the server verifying the sub-authorization request , after passing the verification, issue the Token and the transaction key to the slave user terminal; and the slave user terminal realizes payment according to the Token and the transaction key. According to the present invention, trust-based mobile payment transfer authorization between family members and friends can be realized, and Token and transaction key can be used to ensure the security of the transaction. At the same time, the user does not need to enter a password when making payment, which is fast and convenient, and has a good user experience. . On the other hand, the client mobile phone can conduct payment transactions without being connected to the Internet.

Description

移動支付轉授權方法、及利用該方法實現的支付系統Mobile payment subauthorization method and payment system realized by the method

本發明係有關電腦通信技術,具體上有關基於支付標記(Token)實現的移動支付轉授權方法、利用該移動支付轉授權方法實現的支付系統、移動終端以及伺服器。 The invention relates to computer communication technology, in particular to a mobile payment sub-authorization method based on a payment token (Token), a payment system, a mobile terminal and a server realized by using the mobile payment sub-authorization method.

現有的主流的支付方式都需要密碼來驗證使用者身份實現支付。這具有以下缺點, Existing mainstream payment methods all require a password to verify the user's identity to realize payment. This has the following disadvantages,

第一、使用者需要輸入密碼才能支付,支付過程麻煩,用戶體驗較差。 First, the user needs to enter a password to pay, the payment process is troublesome, and the user experience is poor.

第二、移動支付需要綁定自己的銀行卡,無法實現家庭或者朋友之間的共用銀行卡支付。 Second, mobile payment needs to bind your own bank card, and cannot realize shared bank card payment between families or friends.

第三、使用者帳戶密碼可能被竊取,帶來安全隱患。 Third, the user account password may be stolen, bringing security risks.

鑒於上述問題,本發明的目的在於,旨在提出了一種在確保支付安全的前提下能夠實現家庭成員或者朋友之間基於信任的移動支付轉授權方法以及利用該方法 實現的移動支付轉授權系統。 In view of the above problems, the purpose of the present invention is to propose a trust-based mobile payment transfer authorization method between family members or friends under the premise of ensuring payment security, and use the method Implemented mobile payment sub-authorization system.

本發明的移動支付授權方法,由主使用者終端、從使用者終端、伺服器以及商戶終端來實現,該方法包括下述步驟:綁定步驟,主使用者終端綁定支付帳戶;轉授權請求提出步驟,主使用者終端、從使用者終端分別登錄伺服器,主使用者終端向伺服器發出轉授權請求;轉授權請求核實步驟,伺服器對於轉授權請求進行核實,在通過核實後,頒發Token給從使用者終端;以及轉授權支付步驟,從使用者終端根據所述Token和交易金鑰來實現支付。 The mobile payment authorization method of the present invention is realized by the master user terminal, the slave user terminal, the server and the merchant terminal, and the method includes the following steps: a binding step, the master user terminal is bound to a payment account; a sub-authorization request Proposing steps, the main user terminal and the slave user terminal log in to the server respectively, and the main user terminal sends a sub-authorization request to the server; in the sub-authorization request verification step, the server verifies the sub-authorization request, and after passing the verification, issues a sub-authorization request. The Token is given to the slave user terminal; and the sub-authorization payment step is performed, and the slave user terminal realizes payment according to the Token and the transaction key.

較佳地,在所述轉授權請求中,主使用者終端預先設定授權限定金額、授權限定時間、授權限定地點、授權限定商戶以及是否需要交易確認中的一項或者多項。 Preferably, in the sub-authorization request, the main user terminal presets one or more of the authorization limit amount, the authorization limit time, the authorization limit location, the authorization limit merchant, and whether transaction confirmation is required.

較佳地,所述轉授權請求核實步驟包括下述子步驟:伺服器對於轉授權請求進行核對;在通過核對後,一次性頒發Token和交易金鑰給從使用者終端;從使用者終端將Token和交易金鑰儲存在安全元件裡或者儲存在雲端。 Preferably, the sub-authorization request verification step includes the following sub-steps: the server checks the sub-authorization request; Tokens and transaction keys are stored in the secure element or in the cloud.

較佳地,所述轉授權支付步驟包括下述子步 驟:從使用者終端進行支付交易時,使用在雲端或者本地安全元件產生一個Token代替PAN,利用該Token,每次交易使用一個交易金鑰,將交易要素(包括Token、交易金額、商戶號、終端號等資訊)進行加密而形成交易密文,在交易終端進行消費交易;商戶終端將包括目前消費位置、商戶號、交易金額以及交易Token、交易密文的交易資訊發送到伺服器;伺服器驗證交易Token,對交易密文資訊進行解密,驗證確認交易身份合法性;在驗證成功的情況,伺服器向商戶終端返回驗證成功並完成支付。 Preferably, the sub-authorization payment step includes the following sub-steps Step: When making a payment transaction from the user terminal, use the cloud or local security element to generate a Token instead of PAN, use the Token to use a transaction key for each transaction, and convert the transaction elements (including Token, transaction amount, merchant number, Terminal number and other information) are encrypted to form transaction ciphertext, and consumer transactions are carried out at the transaction terminal; the merchant terminal sends the transaction information including the current consumption location, merchant number, transaction amount, transaction Token, and transaction ciphertext to the server; the server Verify the transaction Token, decrypt the transaction ciphertext information, and verify the legitimacy of the transaction identity; in the case of successful verification, the server returns the verification success to the merchant terminal and completes the payment.

較佳地,在伺服器驗證交易Token的子步驟中,伺服器驗證交易Token並根據需要來判斷交易金額、交易時間、交易地點、交易商戶中的一項或多項是否在所述轉授權請求中的預先設定。 Preferably, in the sub-step of the server verifying the transaction Token, the server verifies the transaction Token and determines whether one or more of the transaction amount, transaction time, transaction location, and transaction merchant are included in the sub-authorization request as needed. preset.

較佳地,在伺服器驗證交易Token的子步驟中,進一步包括:伺服器發送交易資訊給主使用者終端進行交易確認,在主使用者終端確認交易可執行的情況下伺服器向商戶終端返回驗證成功。 Preferably, in the sub-step of the server verifying the transaction Token, it further includes: the server sends the transaction information to the main user terminal for transaction confirmation, and when the main user terminal confirms that the transaction can be executed, the server returns to the merchant terminal. Verification succeeded.

本發明的移動支付轉授權系統,其特徵在於,該系統具備:主使用者終端,用於與支付帳戶進行綁定並且用於向下述的伺服器提交轉授權請求; 從使用者終端,用於接收下述伺服器發送來的Token和交易金鑰,將其儲存在安全單元中或者儲存在雲端,並且利用該Token結合交易金鑰來進行交易;伺服器,用於對來自主使用者終端的所述轉授權請求進行核對並且在通過核對的情況下產生Token和交易金鑰並下發給所述從使用者終端,在進行交易支付時用於驗證從所述從使用者終端發送來的交易Token和交易密文並且在驗證通過情況下完成交易;以及商戶終端,在所述從使用者終端在商戶終端進行消費時,用於將來自從所述使用者終端包含交易Token、商戶號、交易金額、交易密文的交易資訊提交到伺服器。 The mobile payment sub-authorization system of the present invention is characterized in that the system is provided with: a main user terminal for binding with the payment account and for submitting a sub-authorization request to the following server; From the user terminal, it is used to receive the Token and transaction key sent by the following server, store it in the security unit or in the cloud, and use the Token in combination with the transaction key to conduct transactions; the server, used for Check the sub-authorization request from the master user terminal and generate a Token and a transaction key under the condition of passing the check and issue it to the slave user terminal, which is used to verify the slave user terminal when making transaction payment. The transaction Token and the transaction cipher text sent by the user terminal, and the transaction is completed when the verification is passed; and the merchant terminal, when the user terminal consumes at the merchant terminal, it is used to include the transaction from the user terminal in the future. The transaction information of Token, merchant number, transaction amount, and transaction ciphertext is submitted to the server.

較佳地,所述主使用者終端在轉授權請求中設定授權限定金額、授權限定時間、授權限定地點、授權限定商戶等中的一項或多項。 Preferably, the master user terminal sets one or more of the authorization limit amount, the authorization limit time, the authorization limit location, and the authorization limit merchant in the sub-authorization request.

較佳地,所述商戶終端具備:LBS模組,用於獲取產生交易的交易地點;以及通訊模組,用於將交易產生的交易地點和交易資訊上傳到所述伺服器。 Preferably, the merchant terminal is provided with: an LBS module for acquiring the transaction location where the transaction is generated; and a communication module for uploading the transaction location and transaction information generated by the transaction to the server.

較佳地,所述伺服器具備:Token授權模組,用於產生Token和交易金鑰,將該Token和交易金鑰下發給所述從使用者終端;以及位置計算模組,用於計算交易地點與授權限制地點之間的距離,比對是否符合在所述轉授權請求中設定的有關授權限定地點的條件。 Preferably, the server is provided with: a Token authorization module for generating a Token and a transaction key, and issuing the Token and the transaction key to the slave user terminal; and a position calculation module for calculating The distance between the transaction location and the authorization-restricted location is compared to whether the conditions for the authorization-restricted location set in the sub-authorization request are met.

較佳地,所述Token授權模組進一步用於對該 Token設定一定的生命週期。 Preferably, the Token authorization module is further used for this Token sets a certain life cycle.

較佳地,所述主使用者終端在轉授權請求中設定是否需要交易確認,在設定為需要交易確認的情況下,所述伺服器將有關的交易的資訊轉發到主使用者終端並由主使用者終端進行確認,僅在通過主使用者終端確認後才允許交易。 Preferably, the main user terminal sets in the sub-authorization request whether transaction confirmation is required, and in the case that the transaction confirmation is required, the server forwards the relevant transaction information to the main user terminal and the main The user terminal makes the confirmation, and the transaction is only allowed after confirmation through the main user terminal.

本發明的移動終端,其特徵在於,所述移動終端用於接收伺服器發送來的Token和交易金鑰,將Token和交易金鑰儲存在安全單元中或者儲存在雲端,並且利用該Token結合交易金鑰來進行交易。 The mobile terminal of the present invention is characterized in that the mobile terminal is used to receive the Token and the transaction key sent by the server, store the Token and the transaction key in the security unit or in the cloud, and use the Token to combine the transaction key to trade.

本發明的伺服器用於實現主使用者終端向使用者終端進行轉支付授權,其特徵在於,用於對來自主使用者終端的轉授權請求進行核對並且在通過核對的情況下產生Token和交易金鑰並下發給從使用者終端,在進行交易支付時用於驗證從所述從使用者終端發送來的交易Token和交易密文並且在驗證通過情況下完成交易支付。 The server of the present invention is used to realize the authorization of sub-payment from the main user terminal to the user terminal, and is characterized in that it is used to check the sub-authorization request from the main user terminal and generate Token and transaction under the condition of passing the check. The key is issued to the slave user terminal, and is used to verify the transaction Token and transaction ciphertext sent from the slave user terminal when the transaction payment is performed, and the transaction payment is completed when the verification is passed.

較佳地,本發明的伺服器具備:Token授權模組,用於產生Token和交易金鑰,將該Token和交易金鑰下發給從使用者終端;以及位置計算模組,用於計算交易地點與授權限制地點之間的距離,比對是否符合在所述轉授權請求中設定的有關授權限定地點的條件。 Preferably, the server of the present invention is provided with: a Token authorization module for generating a Token and a transaction key, and issuing the Token and the transaction key to a slave user terminal; and a position calculation module for calculating the transaction The distance between the location and the authorized-restricted location is compared to whether it complies with the conditions for the authorized restricted location set in the sub-authorization request.

根據本發明,能夠從主使用者終端向從使用 者終端進行移動支付轉授權,由此能夠實現家庭成員以及朋友之間基於信任的移動支付轉授權。其中,能夠利用Token和交易金鑰來實現交易,由此能夠確保交易的安全性。而且,使用者在支付時,無需輸入密碼,快捷方便,用戶體驗良好。另一方面,由於在從使用者終端可以預先接收和儲存多個Token和多個交易金鑰,因此,從使用者終端無需聯網即可進行支付交易。 According to the present invention, it is possible to use from the master user terminal to the slave The user terminal can perform mobile payment sub-authorization, thereby realizing trust-based mobile payment sub-authorization between family members and friends. Among them, the Token and the transaction key can be used to realize the transaction, thereby ensuring the security of the transaction. Moreover, the user does not need to enter a password when making payment, which is fast and convenient, and provides a good user experience. On the other hand, since multiple tokens and multiple transaction keys can be received and stored in advance from the user terminal, payment transactions can be performed from the user terminal without being connected to the Internet.

100:主使用者終端 100: main user terminal

200:從使用者終端 200: from the user terminal

300:伺服器 300: Server

310:Token授權模組 310:Token authorization module

320:位置計算模組 320: Position calculation module

400:商戶終端 400: Merchant Terminal

410:通訊模組 410: Communication module

420:LBS模組 420: LBS module

圖1是表示本發明的移動支付轉授權方法的流程圖。 FIG. 1 is a flow chart showing the mobile payment sub-authorization method of the present invention.

圖2是表示本發明的移動支付轉授權方法的一個實施方式的流程圖。 FIG. 2 is a flowchart showing an embodiment of the mobile payment subauthorization method of the present invention.

圖3是表示本發明的移動支付轉授權系統的一個實施方式的構造方塊圖。 FIG. 3 is a block diagram showing the configuration of an embodiment of the mobile payment deauthorization system of the present invention.

下面介紹的是本發明的多個實施例中的一些,旨在提供對本發明的基本瞭解。並不旨在確認本發明的關鍵或決定性的要素或限定所要保護的範圍。 Introduced below are some of the various embodiments of the present invention and are intended to provide a basic understanding of the present invention. It is not intended to identify key or critical elements of the invention or to delineate the scope of what is claimed.

首先,對於本發明中會出現的一些名詞進行說明。 First, some terms that appear in the present invention will be explained.

卡模擬技術是將NFC終端整體上模擬成為一張卡片並接受讀卡器訪問的一種技術。 Card simulation technology is a technology that simulates the NFC terminal as a card as a whole and accepts access from the card reader.

Token技術是指Token SP根據Token Requestor提供的PAN(主帳號)產生Token後,將Token作為PAN的替代值流轉在支付的各個環節,使得在支付流程中,獨一無二的PAN只在Token SP、轉接方、發卡方間傳遞,由於三者專線連接且彼此互信,且當Token被檢測到風險或到期時,將再次產生新Token替代,從而大幅降低支付過程中PAN洩漏的可能性,極大地提高了PAN的安全性。 Token technology means that after the Token SP generates the Token according to the PAN (main account) provided by the Token Requestor, the Token is used as the substitute value of the PAN to circulate in all aspects of the payment, so that in the payment process, the unique PAN is only in the Token SP, the transfer Since the three parties are connected by dedicated lines and trust each other, and when the Token is detected as a risk or expires, a new Token will be generated to replace it, which greatly reduces the possibility of PAN leakage during the payment process and greatly improves PAN security.

LBS定位服務又叫做移動定位服務(Location Based Service,LBS),它是透過電信移動運營商的網路(如GSM網、CDMA網)來獲取移動終端使用者的位置資訊(經緯度座標)。 LBS location service, also known as Location Based Service (LBS), obtains the location information (latitude and longitude coordinates) of mobile terminal users through the network of telecom mobile operators (eg GSM network, CDMA network).

PAN是指銀行發行的銀行卡主帳號,一般是由發卡機構標識、個人帳戶標識和校驗位元組成。 PAN refers to the main account number of the bank card issued by the bank, which is generally composed of the identity of the card issuer, the identity of the personal account and the check digit.

HCE(host-based card emulation)是指基於主機的卡模擬,是在配備NFC功能的移動終端上實現卡模擬。 HCE (host-based card emulation) refers to host-based card emulation, which implements card emulation on mobile terminals equipped with NFC functions.

首先,對於本發明的移動支付轉授權方法進行說明。 First, the mobile payment subauthorization method of the present invention will be described.

圖1是表示本發明的移動支付轉授權方法的流程圖。 FIG. 1 is a flow chart showing the mobile payment sub-authorization method of the present invention.

如圖1所示,本發明的移動支付授權方法由主使用者終端、從使用者終端、伺服器以及商戶終端來實現,該方法包括下述步驟:綁定步驟S100:主使用者終端綁定支付帳戶;轉授權請求提出步驟S200:主使用者終端、從使用者 終端分別登錄伺服器,主使用者終端向伺服器發出轉授權請求,其中,在轉授權請求中,主使用者終端可以根據需要來設定授權限定金額、授權限定時間、授權限定地點、授權限定商戶等,也可以根據需要來設定是否需要交易確認;轉授權請求核實步驟S300:伺服器對於轉授權請求進行核實,在通過核實後,一次性頒發Token和交易金鑰給從使用者終端;以及轉授權支付步驟S400:從使用者終端利用該Token和交易金鑰實現支付,其中,從使用者終端將Token和交易金鑰儲存在其安全元件(SE)裡或者儲存在雲端,從使用者終端進行支付交易時,雲端或者本地安全元件(SE)產生一個Token,利用該Token在商戶側支援雲閃付的交易終端進行消費交易,商戶終端將包括目前消費位置、商戶號、交易金額以及交易Token、交易密文等在內的相關消費資訊傳送至伺服器,伺服器驗證交易Token和交易密文,在驗證成功的情況下完成支付。 As shown in FIG. 1 , the mobile payment authorization method of the present invention is implemented by a master user terminal, a slave user terminal, a server and a merchant terminal, and the method includes the following steps: Binding step S100: binding the master user terminal Payment account; sub-authorization request submission step S200: master user terminal, slave user The terminals log in to the server respectively, and the main user terminal sends a sub-authorization request to the server. In the sub-authorization request, the main user terminal can set the authorization limit amount, authorization limit time, authorization limit location, and authorization limit merchant according to the needs. and so on, it is also possible to set whether transaction confirmation is required as needed; sub-authorization request verification step S300: the server verifies the sub-authorization request, and after passing the verification, issues a Token and a transaction key to the slave user terminal at one time; Authorizing payment step S400: using the Token and the transaction key from the user terminal to realize payment, wherein the user terminal stores the Token and transaction key in its secure element (SE) or in the cloud, and performs payment from the user terminal. During the payment transaction, the cloud or local security element (SE) generates a Token, and the Token is used to conduct consumption transactions on the transaction terminal that supports the cloud flash payment on the merchant side. The merchant terminal will include the current consumption location, merchant number, transaction amount, and transaction Token, Relevant consumption information, including transaction cipher text, is sent to the server, and the server verifies the transaction Token and transaction cipher text, and completes the payment if the verification is successful.

接著,對於本發明的移動支付轉授權方法的具體應用的實施方式進行說明。 Next, specific application embodiments of the mobile payment sub-authorization method of the present invention will be described.

圖2是表示本發明的移動支付轉授權方法的一個實施方式的流程圖。 FIG. 2 is a flowchart showing an embodiment of the mobile payment subauthorization method of the present invention.

該實施方式的移動支付轉授權方法由主使用者終端100、從使用者終端200、伺服器300以及商戶終端400來實現。 The mobile payment sub-authorization method of this embodiment is implemented by the master user terminal 100 , the slave user terminal 200 , the server 300 and the merchant terminal 400 .

如圖2所示,本發明的一個實施方式的移動支付轉授權方法包括下述具體步驟: As shown in Figure 2, a mobile payment subauthorization method according to an embodiment of the present invention includes the following specific steps:

Figure 107107855-A0305-02-0011-1
主使用者終端100通過例如移動支付應用等綁定支付帳戶(例如,銀行卡、支付卡、消費卡等)。
Figure 107107855-A0305-02-0011-1
The main user terminal 100 binds a payment account (eg, bank card, payment card, consumption card, etc.) through, for example, a mobile payment application.

Figure 107107855-A0305-02-0011-2
主使用者終端100、從使用者終端200分別登錄到伺服器300。
Figure 107107855-A0305-02-0011-2
The master user terminal 100 and the slave user terminal 200 log in to the server 300, respectively.

Figure 107107855-A0305-02-0011-3
主使用者終端100向伺服器300發出轉授權請求,以允許從使用者終端200通過能夠使用主使用者終端100的支付功能,其中,在轉授權請求中,主使用者終端100可以根據需要來設定授權限定金額、授權限定時間、授權限定地點、授權限定商戶等,也可以根據需要來設定是否需要交易確認。
Figure 107107855-A0305-02-0011-3
The master user terminal 100 sends a sub-authorization request to the server 300 to allow the slave user terminal 200 to use the payment function of the master user terminal 100. Set the authorization limit amount, authorization limit time, authorization limit location, authorization limit merchant, etc. You can also set whether transaction confirmation is required according to your needs.

Figure 107107855-A0305-02-0011-4
伺服器300對於轉授權請求的相關資訊進行核對,在通過核對後,一次性頒發Token和交易金鑰給從使用者終端200(該臨時Token對應於主使用者終端100所綁定的支付帳號),從使用者終端200將Token和交易金鑰儲存在其安全元件(SE)裡或者儲存在雲端,此時從使用者終端200具有支付功能。根據主使用者終端100的設定,具有Token的從使用者終端100的支付交易具有授權限定金額、授權限定時間、授權限定地點、授權限定商戶等的各類限制範圍,如果超越限制範圍,從使用者終端200將失去支付功能。
Figure 107107855-A0305-02-0011-4
The server 300 verifies the relevant information of the sub-authorization request, and after the verification, issues a Token and a transaction key to the secondary user terminal 200 at one time (the temporary Token corresponds to the payment account bound to the primary user terminal 100) , the slave user terminal 200 stores the Token and the transaction key in its secure element (SE) or in the cloud. At this time, the slave user terminal 200 has a payment function. According to the settings of the master user terminal 100, the payment transaction of the slave user terminal 100 with Token has various restrictions such as authorized limited amount, authorized limited time, authorized limited location, authorized limited merchants, etc. The user terminal 200 will lose the payment function.

Figure 107107855-A0305-02-0011-5
從使用者終端200進行支付交易時,雲端或者本地安全元件(SE)產生一個Token,透過HCE(host- based cardemulation)或者SE(Secure Element),在商戶側支援雲閃付的交易終端400進行消費交易。另外,通常雲端會提前產生一個以上Token,以便使用者在設備未聯網時仍可使用HCE支付。
Figure 107107855-A0305-02-0011-5
When a payment transaction is performed from the user terminal 200, the cloud or local secure element (SE) generates a Token, and through HCE (host-based cardemulation) or SE (Secure Element), the transaction terminal 400 that supports cloud flash payment on the merchant side conducts consumption trade. In addition, usually the cloud will generate more than one Token in advance, so that users can still use HCE to pay when the device is not connected to the Internet.

Figure 107107855-A0305-02-0012-6
商戶終端400將包括目前消費位置、商戶號、交易金額以及交易Token、交易密文等在內的相關消費資訊傳送至伺服器300。
Figure 107107855-A0305-02-0012-6
The merchant terminal 400 transmits relevant consumption information including the current consumption location, merchant number, transaction amount, transaction Token, transaction ciphertext, etc. to the server 300 .

Figure 107107855-A0305-02-0012-7
伺服器300驗證交易Token和交易密文,並根據需要來判斷交易金額、交易時間、交易地點、交易商戶是否符合授權限定金額、授權限定時間、授權限定地點、授權限定商戶等。
Figure 107107855-A0305-02-0012-7
The server 300 verifies the transaction Token and the transaction ciphertext, and determines the transaction amount, transaction time, transaction location, and whether the transaction merchant meets the authorized limit amount, authorization limit time, authorization limit location, authorized limit merchant, etc. as required.

Figure 107107855-A0305-02-0012-8
根據需要可選地進行交易確認,伺服器300發送交易資訊給主使用者終端100進行交易確認。
Figure 107107855-A0305-02-0012-8
Optionally perform transaction confirmation as required, and the server 300 sends transaction information to the main user terminal 100 for transaction confirmation.

Figure 107107855-A0305-02-0012-9
驗證成功的情況(可選地包含交易確認成功的情況)下,伺服器300向商戶終端400返回驗證成功並完成支付。
Figure 107107855-A0305-02-0012-9
In the case of successful verification (optionally including the case of successful transaction confirmation), the server 300 returns the verification success to the merchant terminal 400 and completes the payment.

在本發明中,Token為解決卡號資訊洩露問題,以由13至19個位元的虛擬數字串來替代卡號。伺服器300頒發Token和交易金鑰給從使用者終端200,透過交易金鑰,針對每次刷卡交易,計算出一個交易密文,用於交易身份合法性確認。透過Token、交易金鑰相結合,實現交易安全保障。 In the present invention, in order to solve the problem of card number information leakage, Token replaces the card number with a virtual number string of 13 to 19 bits. The server 300 issues a Token and a transaction key to the slave user terminal 200. Through the transaction key, a transaction ciphertext is calculated for each card swiping transaction, which is used to confirm the legitimacy of the transaction identity. Through the combination of Token and transaction key, transaction security is realized.

圖3是表示本發明的移動支付轉授權系統的一個實施方式的構造方塊圖。 FIG. 3 is a block diagram showing the configuration of an embodiment of the mobile payment deauthorization system of the present invention.

如圖3所示,本發明的移動支付轉授權系統包括主使用者終端100、從使用者終端200、伺服器300以及商戶終端400。 As shown in FIG. 3 , the mobile payment sub-authorization system of the present invention includes a master user terminal 100 , a slave user terminal 200 , a server 300 and a merchant terminal 400 .

主使用者終端100是指主使用者的移動支付設備,例如可以是智慧手機、平板電腦或可穿戴設備等,它可以包含支付APP,綁定支付帳戶(例如,銀行卡、支付卡等),可以利用支付APP實現用戶登錄以及之後的支付轉授權。主使用者終端100用於綁定支付帳戶,用於向伺服器300提交轉授權請求。其中,主使用者終端100可以根據需要而在轉授權請求中設定授權限定金額、授權限定時間、授權限定地點、授權限定商戶等中的一項或多項,也可以根據需要來設定是否需要交易確認。 The main user terminal 100 refers to the mobile payment device of the main user, for example, it can be a smart phone, a tablet computer or a wearable device, etc. It can include a payment APP and bind a payment account (for example, a bank card, a payment card, etc.), User login and subsequent payment transfer authorization can be realized by using the payment APP. The main user terminal 100 is used for binding a payment account and for submitting a sub-authorization request to the server 300 . The main user terminal 100 can set one or more of the authorization limit amount, the authorization limit time, the authorization limit location, the authorization limit merchant, etc. in the sub-authorization request according to the needs, and also can set whether the transaction confirmation is required according to the needs. .

從使用者終端200是指從使用者的移動設備,它安裝有支付APP,例如可以是智慧手機、平板電腦或可穿戴設備等,接收來自伺服器300傳送的Token證書(或者儲存於雲端),完成支付。從使用者終端200接收伺服器300發送來的Token和交易金鑰,將Token和交易金鑰儲存在安全單元中或者儲存在雲端,並且利用該Token和交易金鑰進行交易。 The slave user terminal 200 refers to the user's mobile device, which is installed with a payment APP, such as a smart phone, a tablet computer or a wearable device, etc., to receive the Token certificate sent from the server 300 (or stored in the cloud), Complete the payment. Receive the Token and the transaction key sent by the server 300 from the user terminal 200, store the Token and the transaction key in the security unit or in the cloud, and use the Token and the transaction key to conduct transactions.

伺服器300用於對來自主使用者終端100的轉授權請求進行核對並且在通過核對的情況下產生Token和交易金鑰並下發給從使用者終端200,在進行交易支付時用於驗證從從使用者終端200發送來的交易Token和交易密文並且在驗證通過情況下完成交易支付。 The server 300 is used to check the sub-authorization request from the master user terminal 100 and generate a Token and a transaction key under the condition of passing the check and issue it to the slave user terminal 200, which is used to verify the slave user terminal 200 when making transaction payment. The transaction Token and the transaction ciphertext sent from the user terminal 200 and the transaction payment is completed when the verification is passed.

伺服器300具備:Token授權模組310以及位置計算模組320,其中,位置計算模組320是可選模組。 The server 300 includes: a token authorization module 310 and a position calculation module 320, wherein the position calculation module 320 is an optional module.

Token授權模組310用於產生Token和交易金鑰,並綁定此Token與主交易終端所對應的卡號,將該Token授權與給從使用者終端200。進一步地,Token授權模組310還能夠對該Token設定一定的生命週期。 The Token authorization module 310 is used to generate a Token and a transaction key, bind the Token to the card number corresponding to the master transaction terminal, and authorize the Token to the slave user terminal 200 . Further, the token authorization module 310 can also set a certain life cycle for the token.

位置計算模組320用於計算交易地點與授權限制地點之間的距離,比對是否符合在所述轉授權請求中設定的有關授權限定地點的條件。 The location calculation module 320 is used for calculating the distance between the transaction location and the authorization-restricted location, and compares whether the conditions for the authorization-restricted location set in the sub-authorization request are met.

商戶終端400例如可以是商戶的POS機等的終端設備,商戶終端400具備:通信模組410和LBS功能模組420,其中,LBS功能模組420是可選模組。通訊模組410用於將交易產生的交易地點(可選)和交易資訊上傳到伺服器300。LBS模組420用於探測交易發生的地點。 The merchant terminal 400 may be, for example, a terminal device such as a merchant's POS machine. The merchant terminal 400 includes a communication module 410 and an LBS function module 420, wherein the LBS function module 420 is an optional module. The communication module 410 is used for uploading the transaction location (optional) and transaction information generated by the transaction to the server 300 . The LBS module 420 is used to detect where the transaction takes place.

根據本發明,能夠從主使用者終端向從使用者終端進行移動支付轉授權,由此能夠實現家庭成員以及朋友之間基於信任的移動支付轉授權。其中,能夠利用Token和交易金鑰來實現交易,由此能夠確保交易的安全性。而且,使用者在支付時,無需輸入密碼,快捷方便,用戶體驗良好。另一方面,由於在從使用者終端可以預先接收和儲存多個Token和交易金鑰,因此,從使用者終端無需聯網即可進行支付交易。 According to the present invention, mobile payment transfer authorization can be performed from the master user terminal to the slave user terminal, thereby realizing trust-based mobile payment transfer authorization among family members and friends. Among them, the Token and the transaction key can be used to realize the transaction, thereby ensuring the security of the transaction. Moreover, the user does not need to enter a password when making payment, which is fast and convenient, and provides a good user experience. On the other hand, since multiple tokens and transaction keys can be received and stored in advance from the user terminal, payment transactions can be performed from the user terminal without being connected to the Internet.

以上例子主要說明了本發明的移動支付轉授權方法、利用該移動支付轉授權方法實現的支付系統、移 動終端以及伺服器。儘管只對其中一些本發明的具體實施方式進行了描述,但是本領域普通技術人員應當瞭解,本發明可以在不偏離其主旨與範圍內以許多其他的形式實施。因此,所展示的例子與實施方式被視為示意性的而非限制性的,在不脫離如所附之各申請專利範圍所定義的本發明精神及範圍的情況下,本發明可能涵蓋各種的修改與替換。 The above examples mainly illustrate the mobile payment transfer authorization method of the present invention, the payment system realized by using the mobile payment transfer authorization method, and the mobile payment transfer authorization method. Mobile terminal and server. Although only a few of these specific embodiments of the present invention have been described, it will be understood by those of ordinary skill in the art that the present invention may be embodied in many other forms without departing from the spirit and scope thereof. Accordingly, the examples and embodiments shown are to be regarded as illustrative and not restrictive, and the present invention may encompass a variety of Modification and replacement.

Claims (12)

一種移動支付授權方法,由主使用者終端、從使用者終端、伺服器以及商戶終端來實現,該方法包括下述步驟:綁定步驟,主使用者終端綁定支付帳戶;轉授權請求提出步驟,主使用者終端、從使用者終端分別登錄伺服器,主使用者終端向伺服器發出轉授權請求;轉授權請求核實步驟,伺服器對於轉授權請求進行核實,在通過核實後,頒發多個Token和多個交易金鑰給從使用者終端;以及轉授權支付步驟,從使用者終端使用該Token以及交易金鑰來實現支付,其中,針對每次交易,採用該Token代替PAN,從使用者終端使用一個交易金鑰計算出一個交易密文用於交易身份合法性的確認,利用該Token在商戶終端支援雲閃付的交易終端進行消費交易,在該轉授權請求核實步驟中,伺服器對來自主使用者終端的轉授權請求進行核對並且在通過核對的情況下一次性地產生多個Token和多個交易金鑰並下發給從使用者終端,並且其中,該伺服器產生Token和交易金鑰,將該Token和交易金鑰下發給從使用者終端,並且計算交易地點與授權 限制地點之間的距離,比對是否符合在該轉授權請求中設定的有關授權限定地點的條件。 A mobile payment authorization method is implemented by a master user terminal, a slave user terminal, a server and a merchant terminal. The method includes the following steps: a binding step, the master user terminal is bound to a payment account; a sub-authorization request is submitted. , the main user terminal and the slave user terminal log in to the server respectively, and the main user terminal sends a sub-authorization request to the server; in the sub-authorization request verification step, the server verifies the sub-authorization request, and after passing the verification, issues multiple Token and a plurality of transaction keys are given to the slave user terminal; and the sub-authorization payment step, the slave user terminal uses the Token and the transaction key to realize payment, wherein, for each transaction, the Token is used instead of the PAN, and the slave user terminal uses the Token and the transaction key to realize payment. The terminal uses a transaction key to calculate a transaction ciphertext for confirming the legitimacy of the transaction identity, and uses the Token to perform consumption transactions at the merchant terminal that supports the cloud flash payment transaction terminal. In the verification step of the sub-authorization request, the server The sub-authorization request from the master user terminal is checked, and when the check is passed, multiple Tokens and multiple transaction keys are generated at one time and issued to the slave user terminal, and wherein the server generates Tokens and transactions. key, issue the Token and transaction key to the slave user terminal, and calculate the transaction location and authorization The distance between restricted locations is compared to whether they meet the conditions set in the sub-authorization request for authorized restricted locations. 如請求項1所述的移動支付授權方法,其中,在該轉授權請求中,主使用者終端預先設定授權限定金額、授權限定時間、授權限定地點、授權限定商戶以及是否需要交易確認中的一項或者多項。 The mobile payment authorization method according to claim 1, wherein, in the sub-authorization request, the main user terminal presets one of the authorization limit amount, authorization limit time, authorization limit location, authorization limit merchant, and whether transaction confirmation is required. item or multiple items. 如請求項2所述的移動支付授權方法,其中,該轉授權請求核實步驟包括下述子步驟:伺服器對於轉授權請求進行核對;在通過核對後,一次性頒發Token和多個交易金鑰給從使用者終端;以及從使用者終端將Token和交易金鑰儲存在安全元件裡或者儲存在雲端。 The mobile payment authorization method according to claim 2, wherein the sub-authorization request verification step includes the following sub-steps: the server checks the sub-authorization request; after passing the verification, a Token and multiple transaction keys are issued at one time To the slave user terminal; and from the user terminal to store the Token and the transaction key in the secure element or in the cloud. 如請求項3所述的移動支付授權方法,其中,該轉授權支付步驟包括下述子步驟:從使用者終端在交易終端進行支付交易時,使用在雲端或者本地安全元件的Token代替PAN,每次交易使用一個交易金鑰,將作為交易要素的Token、交易金額、商戶號、終端號進行加密而形成交易密文,發送商戶終端進行消費交易;商戶終端將包括目前消費位置、商戶號、交易金額以 及交易Token、交易密文的交易資訊發送到伺服器;伺服器驗證交易Token,對交易密文資訊進行解密,驗證確認交易身份合法性;以及在驗證成功的情況,伺服器向商戶終端返回驗證成功並完成支付。 The mobile payment authorization method according to claim 3, wherein the sub-authorization payment step includes the following sub-steps: when the user terminal performs the payment transaction at the transaction terminal, the Token on the cloud or the local security element is used instead of the PAN, and each The transaction uses a transaction key, encrypts the Token, transaction amount, merchant number, and terminal number as transaction elements to form a transaction ciphertext, and sends the merchant terminal for consumption transaction; the merchant terminal will include the current consumption location, merchant number, transaction amount to and transaction Token and transaction ciphertext transaction information are sent to the server; the server verifies the transaction Token, decrypts the transaction ciphertext information, and verifies and confirms the legitimacy of the transaction identity; and if the verification is successful, the server returns the verification to the merchant terminal Successful and completed payment. 如請求項4所述的移動支付授權方法,其中,在伺服器驗證交易Token的子步驟中,伺服器驗證交易Token並根據需要來判斷交易金額、交易時間、交易地點、交易商戶中的一項或多項是否在該轉授權請求中的預先設定。 The mobile payment authorization method according to claim 4, wherein, in the sub-step of the server verifying the transaction Token, the server verifies the transaction Token and determines one of the transaction amount, transaction time, transaction location, and transaction merchant as needed Whether or not multiple items are preset in the sub-authorization request. 如請求項5所述的移動支付授權方法,其中,在伺服器驗證交易Token的子步驟中,進一步包括:伺服器發送交易資訊給主使用者終端進行交易確認,在主使用者終端確認交易可執行的情況下伺服器向商戶終端返回驗證成功。 The mobile payment authorization method according to claim 5, wherein, in the sub-step of the server verifying the transaction Token, it further comprises: the server sending transaction information to the main user terminal for transaction confirmation, and confirming the transaction at the main user terminal In the case of execution, the server returns the verification success to the merchant terminal. 一種移動支付轉授權系統,該系統具備:主使用者終端,用於與支付帳戶進行綁定並且用於向下述的伺服器提交轉授權請求;從使用者終端,用於接收下述伺服器發送來的Token和交易金鑰儲存在安全單元中或者儲存在雲端,並且利用該Token和交易金鑰來進行交易; 伺服器,用於對來自主使用者終端的該轉授權請求進行核對並且在通過核對的情況下產生多個Token和多個交易金鑰並下發給該從使用者終端,在進行交易支付時用於驗證從該從使用者終端發送來的交易Token和交易密文並且在驗證通過情況下完成交易;以及商戶終端,在該從使用者終端在商戶終端進行消費時,用於將來自從該使用者終端包含交易Token、商戶號、交易金額、交易密文的交易資訊提交到伺服器,其特徵在於,針對每次交易,採用該Token代替PAN,從使用者終端使用一個交易金鑰計算出一個交易密文用於交易身份合法性的確認,利用該Token在商戶終端支援雲閃付的交易終端進行消費交易,該伺服器具備:Token授權模組,用於產生Token和交易金鑰,將該Token和交易金鑰下發給該從使用者終端;以及位置計算模組,用於計算交易地點與授權限制地點之間的距離,比對是否符合在該轉授權請求中設定的有關授權限定地點的條件。 A mobile payment sub-authorization system, the system is provided with: a main user terminal for binding with a payment account and for submitting a sub-authorization request to the following server; a slave user terminal for receiving the following server The sent Token and transaction key are stored in the secure unit or in the cloud, and the Token and transaction key are used to conduct transactions; The server is used to check the sub-authorization request from the master user terminal and generate multiple Tokens and multiple transaction keys under the condition of passing the check and issue them to the slave user terminal, when making transaction payment It is used to verify the transaction Token and the transaction ciphertext sent from the user terminal and complete the transaction if the verification is passed; and the merchant terminal, when the slave user terminal consumes at the merchant terminal, is used for future use from the user terminal. The user terminal submits transaction information including transaction Token, merchant number, transaction amount, and transaction ciphertext to the server. It is characterized in that, for each transaction, the Token is used instead of the PAN, and a transaction key is used from the user terminal to calculate a The transaction ciphertext is used to confirm the legitimacy of the transaction identity, and the Token is used to conduct consumption transactions at the transaction terminal of the merchant terminal that supports the cloud flash payment. The Token and the transaction key are issued to the slave user terminal; and the location calculation module is used to calculate the distance between the transaction location and the authorized restricted location, and compare whether it conforms to the relevant authorized restricted location set in the sub-authorization request. conditions of. 如請求項7所述的移動支付轉授權系統,其中,該主使用者終端在轉授權請求中設定授權限定金額、授權限定時間、授權限定地點、授權限定商戶等中的一項或多項。 The mobile payment sub-authorization system according to claim 7, wherein the main user terminal sets one or more of the authorization limit amount, authorization limit time, authorization limit location, authorization limit merchant, etc. in the sub-authorization request. 如請求項8所述的移動支付轉授權系統,其中,該商戶終端具備:LBS模組,用於獲取產生交易的交易地點;以及通訊模組,用於將交易產生的交易地點和交易資訊上傳到該伺服器。 The mobile payment subauthorization system according to claim 8, wherein the merchant terminal is provided with: an LBS module for acquiring the transaction location where the transaction is generated; and a communication module for uploading the transaction location and transaction information generated by the transaction to the server. 如請求項9所述的移動支付轉授權系統,其中,該Token授權模組進一步用於對該Token設定一定的生命週期。 The mobile payment sub-authorization system according to claim 9, wherein the Token authorization module is further configured to set a certain life cycle for the Token. 如請求項9所述的移動支付轉授權系統,其中,該主使用者終端在轉授權請求中設定是否需要交易確認,在設定為需要交易確認的情況下,該伺服器將有關的交易的資訊轉發到主使用者終端並由主使用者終端進行確認,僅在通過主使用者終端確認後才允許交易。 The mobile payment sub-authorization system according to claim 9, wherein the main user terminal sets in the sub-authorization request whether transaction confirmation is required, and in the case that the transaction confirmation is required, the server sends the relevant transaction information Forwarded to and confirmed by the main user terminal, the transaction is only allowed after confirmation by the main user terminal. 一種伺服器,用於實現主使用者終端向使用者終端進行轉支付授權,其特徵在於,用於對來自主使用者終端的轉授權請求進行核對並且在通過核對的情況下一次性地產生多個Token和多個交易金鑰並下發給從使用者終端,在進行交易支付時用於驗證從該從使用者終端發送來的交易Token和交易密文並且在驗證通過情況下完成交易支付, 其中,該伺服器具備:Token授權模組,用於產生Token和交易金鑰,將該Token和交易金鑰下發給從使用者終端;以及位置計算模組,用於計算交易地點與授權限制地點之間的距離,比對是否符合在該轉授權請求中設定的有關授權限定地點的條件。 A server is used to realize the authorization of sub-payment from the main user terminal to the user terminal. A Token and multiple transaction keys are issued to the slave user terminal, which is used to verify the transaction Token and transaction ciphertext sent from the slave user terminal when making transaction payment, and complete the transaction payment when the verification is passed. Among them, the server has: a Token authorization module, which is used to generate a Token and a transaction key, and issue the Token and transaction key to the slave user terminal; and a location calculation module, which is used to calculate the transaction location and authorization restrictions. The distance between the locations is compared to whether they meet the conditions set in the sub-authorization request regarding the authorized location.
TW107107855A 2017-03-17 2018-03-08 Mobile payment subauthorization method and payment system realized by the method TWI775820B (en)

Applications Claiming Priority (3)

Application Number Priority Date Filing Date Title
??201710160386.6 2017-03-17
CN201710160386.6A CN107256484B (en) 2017-03-17 2017-03-17 Mobile payment authorization transfer method and payment system realized by using same
CN201710160386.6 2017-03-17

Publications (2)

Publication Number Publication Date
TW201835824A TW201835824A (en) 2018-10-01
TWI775820B true TWI775820B (en) 2022-09-01

Family

ID=60027216

Family Applications (1)

Application Number Title Priority Date Filing Date
TW107107855A TWI775820B (en) 2017-03-17 2018-03-08 Mobile payment subauthorization method and payment system realized by the method

Country Status (3)

Country Link
CN (1) CN107256484B (en)
TW (1) TWI775820B (en)
WO (1) WO2018166359A1 (en)

Families Citing this family (11)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN107256484B (en) * 2017-03-17 2021-01-15 中国银联股份有限公司 Mobile payment authorization transfer method and payment system realized by using same
CN108960818A (en) * 2018-05-04 2018-12-07 中国银联股份有限公司 A kind of virtual card generation method, user terminal and token server
CN110009348B (en) * 2019-03-25 2022-03-11 杭州秘猿科技有限公司 Block chain proxy signature method and system and electronic equipment
CN110267264B (en) * 2019-05-20 2022-10-25 广西蛋壳机器人科技有限公司 System for binding non-networked intelligent terminal and user mobile terminal
CN111192052B (en) * 2020-01-03 2023-05-09 广东岭南通股份有限公司 Payment method, payment server and payment terminal
CN113743927B (en) * 2020-05-27 2024-06-07 中国银联股份有限公司 Data processing method and system based on user payment tag, user payment tag
CN112435031A (en) * 2020-08-06 2021-03-02 中国银联股份有限公司 Data processing method and system based on user binding relationship
CN112633888A (en) * 2020-09-22 2021-04-09 中国银联股份有限公司 Token-based data processing method and system and mobile terminal
CN114493565A (en) * 2020-11-11 2022-05-13 银联国际有限公司 Account association method and account association management system
CN114548976A (en) * 2020-11-26 2022-05-27 银联国际有限公司 Bank card binding method based on TOKEN, system thereof and mobile terminal
CN113159761B (en) * 2021-01-06 2025-04-01 中国银联股份有限公司 Payment authorization transfer system and payment authorization transfer method based on device connection

Citations (3)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN105450691A (en) * 2014-08-21 2016-03-30 阿里巴巴集团控股有限公司 Service processing method, device and server
CN105593883A (en) * 2013-08-30 2016-05-18 金雅拓股份有限公司 Method for authenticating transactions
CN106464492A (en) * 2013-10-11 2017-02-22 维萨国际服务协会 Network token system

Family Cites Families (7)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN103065240B (en) * 2013-01-11 2018-04-27 中兴通讯股份有限公司 A kind of mobile payment processing method and system
CN103051459B (en) * 2013-01-17 2016-04-06 北京印天网真科技有限公司 The management method of the transaction key of safety card and device
US20160063487A1 (en) * 2014-08-29 2016-03-03 Capital One Services, Llc System and method for double blind authentication
CN105528695B (en) * 2014-09-28 2019-12-24 中国银联股份有限公司 A mark-based mobile payment method and mobile payment system
CN106127467A (en) * 2016-06-20 2016-11-16 上海易码信息科技有限公司 The method of mobile payment integrating financial card paying and settle accounts
CN106251140A (en) * 2016-08-02 2016-12-21 中国银联股份有限公司 Method of payment, payment application system and payment system
CN107256484B (en) * 2017-03-17 2021-01-15 中国银联股份有限公司 Mobile payment authorization transfer method and payment system realized by using same

Patent Citations (3)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN105593883A (en) * 2013-08-30 2016-05-18 金雅拓股份有限公司 Method for authenticating transactions
CN106464492A (en) * 2013-10-11 2017-02-22 维萨国际服务协会 Network token system
CN105450691A (en) * 2014-08-21 2016-03-30 阿里巴巴集团控股有限公司 Service processing method, device and server

Also Published As

Publication number Publication date
TW201835824A (en) 2018-10-01
WO2018166359A1 (en) 2018-09-20
CN107256484A (en) 2017-10-17
CN107256484B (en) 2021-01-15

Similar Documents

Publication Publication Date Title
TWI775820B (en) Mobile payment subauthorization method and payment system realized by the method
US11710120B2 (en) Secure remote payment transaction processing including consumer authentication
US12008088B2 (en) Recurring token transactions
US11928678B2 (en) Variable authentication process and system
US10742419B2 (en) Validation cryptogram for transaction
US10311433B2 (en) Secure authorizations using independent communications and different one-time-use encryption keys for each party to a transaction
RU2710897C2 (en) Methods for safe generation of cryptograms
US8725638B2 (en) Method and system for payment authorization and card presentation using pre-issued identities
US10614457B2 (en) Secure authorizations using independent communications and different one-time-use encryption keys for each party to a transaction
CA3003917A1 (en) Unique code for token verification
WO2015106248A1 (en) Efficient methods for protecting identity in authenticated transmissions
WO2020086668A1 (en) Validation service for account verification
CN105427106B (en) Authorization processing method, payment processing method and virtual card of electronic cash data
CN104871186A (en) Application system for mobile payment and method for providing and using mobile payment tool
KR101505847B1 (en) Method for Validating Alliance Application for Payment
WO2016195764A1 (en) Secure authorizations using independent communications and different one-time-use encryption keys for each party to a transaction
HK1242457A1 (en) A sublicense method for mobile payment and a payment system implemented by using said method
HK1242457A (en) A sublicense method for mobile payment and a payment system implemented by using said method
AU2008254851B2 (en) Method and system for payment authorization and card presentation using pre-issued identities
HK1242457B (en) A sublicense method for mobile payment and a payment system implemented by using said method

Legal Events

Date Code Title Description
GD4A Issue of patent certificate for granted invention patent