[go: up one dir, main page]

WO2018149367A1 - Transaction payment method and system - Google Patents

Transaction payment method and system Download PDF

Info

Publication number
WO2018149367A1
WO2018149367A1 PCT/CN2018/075998 CN2018075998W WO2018149367A1 WO 2018149367 A1 WO2018149367 A1 WO 2018149367A1 CN 2018075998 W CN2018075998 W CN 2018075998W WO 2018149367 A1 WO2018149367 A1 WO 2018149367A1
Authority
WO
WIPO (PCT)
Prior art keywords
ciphertext
biometric
code
transaction
smart terminal
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Ceased
Application number
PCT/CN2018/075998
Other languages
French (fr)
Chinese (zh)
Inventor
孙权
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
China Unionpay Co Ltd
Original Assignee
China Unionpay Co Ltd
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by China Unionpay Co Ltd filed Critical China Unionpay Co Ltd
Publication of WO2018149367A1 publication Critical patent/WO2018149367A1/en
Anticipated expiration legal-status Critical
Ceased legal-status Critical Current

Links

Images

Classifications

    • GPHYSICS
    • G06COMPUTING OR CALCULATING; COUNTING
    • G06QINFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES, NOT OTHERWISE PROVIDED FOR
    • G06Q20/00Payment architectures, schemes or protocols
    • G06Q20/30Payment architectures, schemes or protocols characterised by the use of specific devices or networks
    • G06Q20/32Payment architectures, schemes or protocols characterised by the use of specific devices or networks using wireless devices
    • G06Q20/327Short range or proximity payments by means of M-devices
    • G06Q20/3274Short range or proximity payments by means of M-devices using a pictured code, e.g. barcode or QR-code, being displayed on the M-device
    • GPHYSICS
    • G06COMPUTING OR CALCULATING; COUNTING
    • G06QINFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES, NOT OTHERWISE PROVIDED FOR
    • G06Q20/00Payment architectures, schemes or protocols
    • G06Q20/38Payment protocols; Details thereof
    • G06Q20/382Payment protocols; Details thereof insuring higher security of transaction
    • G06Q20/3821Electronic credentials
    • G06Q20/38215Use of certificates or encrypted proofs of transaction rights
    • GPHYSICS
    • G06COMPUTING OR CALCULATING; COUNTING
    • G06QINFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES, NOT OTHERWISE PROVIDED FOR
    • G06Q20/00Payment architectures, schemes or protocols
    • G06Q20/38Payment protocols; Details thereof
    • G06Q20/40Authorisation, e.g. identification of payer or payee, verification of customer or shop credentials; Review and approval of payers, e.g. check credit lines or negative lists
    • G06Q20/401Transaction verification
    • G06Q20/4014Identity check for transactions
    • G06Q20/40145Biometric identity checks

Definitions

  • the present invention relates to the field of electronic commerce technology, and more particularly to a transaction payment method and system.
  • Two-dimensional code scan code payment can be divided into two modes: main scan and swept mode.
  • the sweep mode is widely used in WeChat payment and Alipay.
  • the client application of the mobile terminal encodes the user account information into a two-dimensional code.
  • the barcode the cashier terminal scan code to determine the user account information to complete the payment transaction.
  • QR code information/barcode is easily copied, which leads to leakage of user account information, thereby posing a risk of fraudulent use and misappropriation.
  • the QR code/barcode does not simply display the account information/transaction information in plain text, but there is still a risk of being easily broken, giving the criminals a chance.
  • the present invention provides a technical solution as follows:
  • a transaction payment method comprising: a registration phase, comprising the steps of: the biometric authentication server acquires a biometric of the registered user from the smart terminal based on the registration request of the smart terminal, and the transaction payment server sends the public key to the smart terminal based on the registration request;
  • the biometric feature is obtained by collecting the biometrics collection device of the smart terminal; and the transaction phase includes the following steps: the smart terminal collects the biometric characteristics of the current user, and generates the first ciphertext based on at least the public key and the biometric characteristics of the current user.
  • the intelligent terminal generates a Hanxin code based on the first ciphertext, generates a two-dimensional code based on the user information of the current user, and displays the Hanxin code and the two-dimensional code for scanning and recognizing the cash register terminal;
  • the transaction payment server obtains the cash register from the cash register terminal.
  • the first ciphertext and the user information scanned and identified by the terminal, and decrypting the first ciphertext by using the private key to obtain the biometric feature of the current user and forwarding to the biometric authentication server; and the transaction payment server is based on the biometric authentication server Current user's biometric authentication And user information to complete the transaction.
  • the Hanxin code and the two-dimensional code are respectively displayed on different parts of the screen or display window of the smart terminal.
  • the Hanxin code is displayed on the central portion of the screen or display window, and the two-dimensional code is displayed on the peripheral portion of the screen or display window.
  • the Hanxin code and the two-dimensional code are displayed synchronously.
  • the smart terminal is further based on the time code of the current time when generating the first ciphertext.
  • the smart terminal performs a hash algorithm on the current user's biometrics to obtain a digest, and encrypts the digest with the public key to generate a first ciphertext.
  • the invention also discloses a transaction payment system, comprising: a transaction execution unit, communicatively coupled with at least one intelligent terminal, comprising: a biometric authentication server for authenticating biometrics of the current user; and a transaction payment server
  • a transaction execution unit communicatively coupled with at least one intelligent terminal, comprising: a biometric authentication server for authenticating biometrics of the current user; and a transaction payment server
  • the cash register terminal acquires the first ciphertext and the user information of the current user, and decrypts the first ciphertext by using the private key to obtain the biometric feature of the current user and forwards the biometric to the biometric authentication server, and the transaction payment server is further based on the biometric authentication server.
  • the authentication result is completed to complete the transaction; at least one cash register terminal, the cash register terminal scans and identifies the Hanxin code and the two-dimensional code displayed by the smart terminal; and at least one smart terminal, the intelligent terminal includes a biometrics collection device, and the smart terminal is based at least on the transaction payment
  • the first ciphertext is generated by the public key delivered by the server and the biometric feature of the current user, and the Chinese cipher code is generated based on the first ciphertext, and the two-dimensional code is generated based on the user information.
  • the transaction payment method and system provided by the invention can effectively prevent the information such as the QR code/barcode from being copied, thereby bringing security risks to the user account and realizing the biometric information of the user while realizing the electronic transaction in a simple manner.
  • the authentication is implemented to prevent the criminals from stealing the user's smart terminal.
  • the transaction payment system can realize more secure electronic transactions, protect user account security, and bring a good user experience.
  • FIG. 1 is a schematic flowchart diagram of a transaction payment method according to a first embodiment of the present invention.
  • FIG. 2 is a block diagram showing a transaction payment system provided by a second embodiment of the present invention.
  • a first embodiment of the present invention provides a transaction payment method, which is implemented by a smart terminal generating a two-dimensional code for scanning by a cashier terminal.
  • the method includes two phases: a registration phase and a transaction phase.
  • the registration phase includes the step S10: the biometric authentication server acquires the biometric of the registered user based on the registration request of the smart terminal, and the transaction payment server delivers the public key to the smart terminal based on the registration request.
  • the biometrics are obtained by collecting biometrics collection devices of the intelligent terminal.
  • the user who wants to register submits a registration request to the biometric authentication server through the smart terminal, and the biometric authentication server instructs the smart terminal to collect the biometric characteristics of the registered user, and the biometric feature is uploaded to the biometric authentication server after the smart terminal collects, and the biometric feature is collected.
  • the authentication server saves the biometric of the registered user and instructs the transaction payment server to deliver the public key to the smart terminal.
  • the registration phase only needs to be performed once, and the transaction phase can be performed as many times as many times.
  • transaction phase information exchange occurs between the intelligent terminal and the cashier terminal through scanning, and the cash register terminal and the transaction payment server interact with each other through network communication, and the transaction phase specifically includes the following steps.
  • Step S11 The smart terminal collects biometric features of the current user, and generates a first ciphertext based on at least the public key and the biometric characteristics of the current user.
  • the smart terminal after collecting the biometrics of the current user, the smart terminal performs a hash algorithm on the biometrics of the current user to obtain a digest, and encrypts the digest by using the public key sent by the transaction payment server in the registration phase to generate the first A ciphertext.
  • the smart terminal may also be based on the time code of the current time when generating the first ciphertext. Further, in the subsequent step, the transaction payment server can judge the timeliness of the transaction by using the time code, which can also increase the security of the transaction.
  • the smart terminal can also combine the device ID of the mobile terminal when generating the first ciphertext.
  • the device ID of the mobile terminal is not replaceable.
  • it can be beneficial to increase the security of user information (such as an account).
  • Step S12 The intelligent terminal generates a Hanxin code based on the first ciphertext, generates a two-dimensional code based on the user information of the current user, and displays the Hanxin code and the two-dimensional code for scanning and identifying by the cash register terminal.
  • the Hanxin code and the two-dimensional code can be respectively displayed on different parts of the screen or display window of the smart terminal.
  • the Hanxin code is displayed in the central part of the screen or the display window, and the two-dimensional code is displayed on the peripheral part of the screen or the display window; or, the Hanxin code is displayed on the left part, and the two-dimensional code is displayed on the right part.
  • the smart terminal when the smart terminal displays the Hanxin code and the two-dimensional code, the smart terminal can be scaled, and the two can be displayed in different time sequences.
  • the two-dimensional code surrounds the Hanxin code, and the two are synchronously displayed in the display window of the smart terminal for scanning and identification by the cash register terminal.
  • Step S13 The transaction payment server acquires the first ciphertext and the user information scanned and identified by the cash register terminal, and decrypts the first ciphertext by using the private key to obtain the biometric feature of the current user.
  • the transaction payment server decrypts the first ciphertext by using the private key to obtain the current user. Biological characteristics. In this process, although the cashier terminal obtains the first ciphertext, the first ciphertext cannot be parsed or saved. The transaction payment server then forwards the current user's biometrics to the biometric authentication server.
  • Step S14 The transaction payment server completes the transaction based on the result of the biometric authentication of the current user and the user information by the biometric authentication server.
  • the biometric authentication server first authenticates the biometrics of the current user, and notifies the transaction payment server of the authentication result, and the transaction payment server completes the transaction based on the authentication result and the user information.
  • the biometric authentication server will give a negative authentication result, and the transaction payment server will reject the current transaction; otherwise, the biometric authentication server will give With a positive certification result, the transaction payment server will continue the current transaction and realize the circulation of funds.
  • the transaction payment method can effectively prevent information such as a two-dimensional code/barcode from being copied while realizing electronic transactions in a simple manner, and can also authenticate biometric information of the user. These measures help to improve the security of electronic transactions and effectively protect user accounts from misappropriation.
  • a second embodiment of the present invention provides a transaction payment system including a transaction execution unit 20, a plurality of cashier terminals 21 (only one is shown in the drawings for simplicity), and a plurality of smart terminals 22 (for simplicity, attached) Only one is shown in the figure, as shown in Figure 2.
  • the transaction execution unit 20 and the plurality of smart terminals 22 can communicate using the mobile communication network, and the transaction execution unit 20 and the plurality of cashier terminals 21 can communicate using the Internet (for example, the Internet).
  • the Internet for example, the Internet
  • the transaction execution unit 20 includes a biometric authentication server 201 and a transaction payment server 202.
  • the smart terminal 22 includes a biometrics collection device for collecting biometric features of the user, such as fingerprints, irises, voice prints, facial images, and the like.
  • the smart terminal 22 generates the first ciphertext based on at least the public key sent by the transaction payment server 202 during the user registration phase and the biometric feature of the current user, and generates a Chinese cryptographic code based on the first ciphertext and generates two based on the user information.
  • the code is displayed, and the Hanxin code and the two-dimensional code are displayed for scanning and recognition by the cash register terminal 21.
  • the cash register terminal 21 includes a scanning device to scan and recognize the Hanxin code and the two-dimensional code displayed by the smart terminal 22.
  • the transaction payment server 202 acquires the first ciphertext and the user information of the current user from the cash register terminal 21, and decrypts the first ciphertext by using the private key to obtain the biometric feature of the current user and forwards the biometric to the biometric authentication server 201.
  • the transaction payment server 202 also completes the transaction based on the authentication result of the biometric authentication server 201.
  • the smart terminal 22 can display the Hanxin code and the two-dimensional code on different parts of the screen or the display window, respectively.
  • the smart terminal 22 displays the Hanxin code on the central portion of the screen or the display window, and displays the two-dimensional code on the peripheral portion of the screen or the display window. Further, the smart terminal 22 preferably simultaneously displays the Hanxin code and the two-dimensional code.
  • the transaction execution unit 20 is disposed at the financial institution end (local end), and the cash register terminal 21 is disposed at the remote end.
  • the above transaction payment system can be deployed based on a cloud computing system to facilitate system upgrade and maintenance.
  • the transaction payment system has low implementation cost and is convenient for popularization and application.

Landscapes

  • Business, Economics & Management (AREA)
  • Engineering & Computer Science (AREA)
  • Accounting & Taxation (AREA)
  • Strategic Management (AREA)
  • Physics & Mathematics (AREA)
  • General Business, Economics & Management (AREA)
  • General Physics & Mathematics (AREA)
  • Theoretical Computer Science (AREA)
  • Computer Security & Cryptography (AREA)
  • Finance (AREA)
  • Computer Networks & Wireless Communication (AREA)
  • Financial Or Insurance-Related Operations Such As Payment And Settlement (AREA)

Abstract

The present invention relates to a transaction payment method. The method comprises: a registration stage comprising: a biometric feature authentication server obtaining, based on a registration request of an intelligent terminal, a biometric feature of a registered user, and a transaction payment server issuing a public key to the intelligent terminal; and a transaction stage comprising: the intelligent terminal generating, at least based on the public key and the biometric feature of the current user, a first ciphertext; the intelligent terminal generating, based on the first ciphertext, a Han Xin code, and generating, based on user information of the current user, a two-dimensional code; the transaction payment server obtaining the first ciphertext and the user information scanned and recognized by a cashier terminal, and decrypting the first ciphertext by using a private key to obtain the biometric feature of the current user; and the transaction payment server completing a transaction by using the user information and an authentication result of the biometric feature authentication server with respect to the biometric feature of the current user. The present invention can realize securer electronic transactions and protect user account security.

Description

交易支付方法及系统Transaction payment method and system 技术领域Technical field

本发明涉及电子商务技术领域,更具体地说,涉及一种交易支付方法及系统。The present invention relates to the field of electronic commerce technology, and more particularly to a transaction payment method and system.

背景技术Background technique

现今,扫码支付在生活中得到了广泛应用。二维码扫码支付又可分为主扫和被扫两种模式,其中被扫模式在微信支付、支付宝中被广泛使用,例如,移动终端的客户端应用将用户帐户信息编码成二维码或者条形码,收银终端扫码来确定用户帐户信息以完成支付交易。Today, scan code payment has been widely used in life. Two-dimensional code scan code payment can be divided into two modes: main scan and swept mode. The sweep mode is widely used in WeChat payment and Alipay. For example, the client application of the mobile terminal encodes the user account information into a two-dimensional code. Or the barcode, the cashier terminal scan code to determine the user account information to complete the payment transaction.

该支付方式的一个重要问题是存在安全性问题,二维码信息/条形码容易被复制,进而导致用户帐户信息泄露,从而带来冒用、盗用风险。一些应用虽然对帐户信息/交易信息进行了处理,使得二维码/条形码不是简单地以明文显示帐户信息/交易信息,但仍然存在比较容易攻破的风险,给不法分子可乘之机。An important problem with this payment method is that there is a security problem, and the QR code information/barcode is easily copied, which leads to leakage of user account information, thereby posing a risk of fraudulent use and misappropriation. Although some applications have processed the account information/transaction information, the QR code/barcode does not simply display the account information/transaction information in plain text, but there is still a risk of being easily broken, giving the criminals a chance.

另一方面,现有技术中,已存在利用生物特征(例如指纹)来验证交易的方案,但是,一些收银终端可以直接获取甚至保留用户的指纹特征数据,这同样给用户带来了安全风险。On the other hand, in the prior art, there are already solutions for verifying transactions using biometrics (such as fingerprints), but some cashier terminals can directly acquire or even retain fingerprint feature data of users, which also brings security risks to users.

发明内容Summary of the invention

本发明的目的在于以供一种更加安全可靠的、基于扫描二维码的交易支付方法。It is an object of the present invention to provide a more secure and reliable transaction method based on scanning a two-dimensional code.

为实现上述目的,本发明提供一种技术方案如下:To achieve the above object, the present invention provides a technical solution as follows:

一种交易支付方法,包括:注册阶段,包括如下步骤:生物特征认证服务器基于智能终端的注册请求而从智能终端获取注册用户的生物特征,交易支付服务器基于注册请求向智能终端下发公钥;其中生物特征由智能终端的生物特征采集设备进行采集而得到;以及交易阶段,包括如下步骤:智能终端采集当前用户的生物特征,并至少基于公钥及当前用户的生物特征而生成第一密文;智能终端基于第一密文生成汉信码、基于当前用户的用户信息生成二维码,并显示汉信码及二维码以供收银终端扫描并识别;交易支付服务器从收银终端获取经收银终端扫描并 识别的第一密文及用户信息,并利用私钥对第一密文进行解密,以获得当前用户的生物特征并转送至生物特征认证服务器;以及交易支付服务器基于生物特征认证服务器对当前用户的生物特征认证的结果及用户信息来完成交易。A transaction payment method, comprising: a registration phase, comprising the steps of: the biometric authentication server acquires a biometric of the registered user from the smart terminal based on the registration request of the smart terminal, and the transaction payment server sends the public key to the smart terminal based on the registration request; The biometric feature is obtained by collecting the biometrics collection device of the smart terminal; and the transaction phase includes the following steps: the smart terminal collects the biometric characteristics of the current user, and generates the first ciphertext based on at least the public key and the biometric characteristics of the current user. The intelligent terminal generates a Hanxin code based on the first ciphertext, generates a two-dimensional code based on the user information of the current user, and displays the Hanxin code and the two-dimensional code for scanning and recognizing the cash register terminal; the transaction payment server obtains the cash register from the cash register terminal. The first ciphertext and the user information scanned and identified by the terminal, and decrypting the first ciphertext by using the private key to obtain the biometric feature of the current user and forwarding to the biometric authentication server; and the transaction payment server is based on the biometric authentication server Current user's biometric authentication And user information to complete the transaction.

优选地,汉信码及二维码分别显示在智能终端的屏幕或显示窗口的不同部分。Preferably, the Hanxin code and the two-dimensional code are respectively displayed on different parts of the screen or display window of the smart terminal.

优选地,汉信码显示于屏幕或显示窗口的中央部分,二维码显示于屏幕或显示窗口的外围部分。Preferably, the Hanxin code is displayed on the central portion of the screen or display window, and the two-dimensional code is displayed on the peripheral portion of the screen or display window.

优选地,汉信码及二维码同步显示。Preferably, the Hanxin code and the two-dimensional code are displayed synchronously.

优选地,智能终端在生成第一密文时还基于当前时间的时间码。Preferably, the smart terminal is further based on the time code of the current time when generating the first ciphertext.

优选地,智能终端对当前用户的生物特征执行哈希算法而获得摘要,并利用公钥对摘要进行加密而生成第一密文。Preferably, the smart terminal performs a hash algorithm on the current user's biometrics to obtain a digest, and encrypts the digest with the public key to generate a first ciphertext.

本发明还公开一种交易支付系统,包括:交易执行单元,与至少一智能终端在通信上耦合,其包括:生物特征认证服务器,用于对当前用户的生物特征进行认证;交易支付服务器,从收银终端获取第一密文及当前用户的用户信息,并利用私钥对第一密文进行解密,以获得当前用户的生物特征并转送至生物特征认证服务器,交易支付服务器还基于生物特征认证服务器的认证结果来完成交易;至少一收银终端,收银终端扫描并识别智能终端所显示的汉信码及二维码;以及至少一智能终端,智能终端包括生物特征采集设备,智能终端至少基于交易支付服务器下发的公钥及当前用户的生物特征而生成第一密文,以及基于第一密文生成汉信码、基于用户信息生成二维码。The invention also discloses a transaction payment system, comprising: a transaction execution unit, communicatively coupled with at least one intelligent terminal, comprising: a biometric authentication server for authenticating biometrics of the current user; and a transaction payment server The cash register terminal acquires the first ciphertext and the user information of the current user, and decrypts the first ciphertext by using the private key to obtain the biometric feature of the current user and forwards the biometric to the biometric authentication server, and the transaction payment server is further based on the biometric authentication server. The authentication result is completed to complete the transaction; at least one cash register terminal, the cash register terminal scans and identifies the Hanxin code and the two-dimensional code displayed by the smart terminal; and at least one smart terminal, the intelligent terminal includes a biometrics collection device, and the smart terminal is based at least on the transaction payment The first ciphertext is generated by the public key delivered by the server and the biometric feature of the current user, and the Chinese cipher code is generated based on the first ciphertext, and the two-dimensional code is generated based on the user information.

本发明所提供的交易支付方法及系统,在以简单方式实现电子交易的同时,能够有效防止二维码/条形码等信息被复制从而给用户帐户带来安全隐患,还能够对用户的生物特征信息进行认证从而防止不法分子盗用用户的智能终端,进而,该交易支付系统能够实现更加安全的电子交易、保护用户帐户安全,也给用户带来了良好的使用体验。The transaction payment method and system provided by the invention can effectively prevent the information such as the QR code/barcode from being copied, thereby bringing security risks to the user account and realizing the biometric information of the user while realizing the electronic transaction in a simple manner. The authentication is implemented to prevent the criminals from stealing the user's smart terminal. Further, the transaction payment system can realize more secure electronic transactions, protect user account security, and bring a good user experience.

附图说明DRAWINGS

图1示出本发明第一实施例提供的交易支付方法的流程示意图。FIG. 1 is a schematic flowchart diagram of a transaction payment method according to a first embodiment of the present invention.

图2示出本发明第二实施例提供的交易支付系统的框图。2 is a block diagram showing a transaction payment system provided by a second embodiment of the present invention.

具体实施方式detailed description

如图1所示,本发明第一实施例提供一种交易支付方法,其以智能终端生成二维码供收银终端扫描的方式来实现,该方法包括两个阶段:注册阶段与交易阶段。As shown in FIG. 1 , a first embodiment of the present invention provides a transaction payment method, which is implemented by a smart terminal generating a two-dimensional code for scanning by a cashier terminal. The method includes two phases: a registration phase and a transaction phase.

注册阶段包括步骤S10:生物特征认证服务器基于智能终端的注册请求而获取注册用户的生物特征,交易支付服务器基于注册请求向智能终端下发公钥。其中生物特征由智能终端的生物特征采集设备进行采集而得到。The registration phase includes the step S10: the biometric authentication server acquires the biometric of the registered user based on the registration request of the smart terminal, and the transaction payment server delivers the public key to the smart terminal based on the registration request. The biometrics are obtained by collecting biometrics collection devices of the intelligent terminal.

具体地,希望注册的用户通过所持智能终端向生物特征认证服务器提交注册请求,生物特征认证服务器指示智能终端采集注册用户的生物特征,智能终端采集后将生物特征上传到生物特征认证服务器,生物特征认证服务器保存该注册用户的生物特征,并指示交易支付服务器向该智能终端下发公钥。Specifically, the user who wants to register submits a registration request to the biometric authentication server through the smart terminal, and the biometric authentication server instructs the smart terminal to collect the biometric characteristics of the registered user, and the biometric feature is uploaded to the biometric authentication server after the smart terminal collects, and the biometric feature is collected. The authentication server saves the biometric of the registered user and instructs the transaction payment server to deliver the public key to the smart terminal.

上述注册阶段完成后,即可进入交易阶段。本领域技术人员可以理解,注册阶段只需进行一次,而交易阶段可以进行任意多次。After the above registration phase is completed, you can enter the trading phase. Those skilled in the art will appreciate that the registration phase only needs to be performed once, and the transaction phase can be performed as many times as many times.

在交易阶段中,智能终端与收银终端之间通过扫描的方式发生信息交互,收银终端与交易支付服务器之间通过网络通信发生信息交互,交易阶段具体包括如下各步骤。In the transaction phase, information exchange occurs between the intelligent terminal and the cashier terminal through scanning, and the cash register terminal and the transaction payment server interact with each other through network communication, and the transaction phase specifically includes the following steps.

步骤S11、智能终端采集当前用户的生物特征,并至少基于公钥及当前用户的生物特征而生成第一密文。Step S11: The smart terminal collects biometric features of the current user, and generates a first ciphertext based on at least the public key and the biometric characteristics of the current user.

具体地,作为示例,智能终端采集当前用户的生物特征后,对当前用户的生物特征执行哈希算法而获得摘要,并利用交易支付服务器在注册阶段下发的公钥对摘要进行加密而生成第一密文。Specifically, as an example, after collecting the biometrics of the current user, the smart terminal performs a hash algorithm on the biometrics of the current user to obtain a digest, and encrypts the digest by using the public key sent by the transaction payment server in the registration phase to generate the first A ciphertext.

进一步地,智能终端在生成第一密文时还可以基于当前时间的时间码。进而,在后续步骤中,交易支付服务器可以通过时间码来判断交易的时效性,这也能够增加交易的安全性。Further, the smart terminal may also be based on the time code of the current time when generating the first ciphertext. Further, in the subsequent step, the transaction payment server can judge the timeliness of the transaction by using the time code, which can also increase the security of the transaction.

此外,智能终端在生成第一密文时还可以结合移动终端的设备ID。通常,移动终端的设备ID是不可更换的。结合了设备ID后,能够有利于增加用户信息(例如帐户)的安全性。In addition, the smart terminal can also combine the device ID of the mobile terminal when generating the first ciphertext. Usually, the device ID of the mobile terminal is not replaceable. When the device ID is combined, it can be beneficial to increase the security of user information (such as an account).

步骤S12、智能终端基于第一密文生成汉信码、基于当前用户的用户信息生成二维码,并显示汉信码及二维码以供收银终端扫描并识别。Step S12: The intelligent terminal generates a Hanxin code based on the first ciphertext, generates a two-dimensional code based on the user information of the current user, and displays the Hanxin code and the two-dimensional code for scanning and identifying by the cash register terminal.

在该步骤中,汉信码及二维码可以分别显示在智能终端的屏幕或显示窗口的不同部分。例如,汉信码显示于屏幕或显示窗口的中央部分,二维码显示于屏幕或显示窗口的外围部分;或者,汉信码显示于左侧部分,二维码显示于右侧部分。In this step, the Hanxin code and the two-dimensional code can be respectively displayed on different parts of the screen or display window of the smart terminal. For example, the Hanxin code is displayed in the central part of the screen or the display window, and the two-dimensional code is displayed on the peripheral part of the screen or the display window; or, the Hanxin code is displayed on the left part, and the two-dimensional code is displayed on the right part.

可以理解,智能终端在显示汉信码、二维码时,可以对两者进行缩放,还可以以不同的时间顺序来先后显示两者。It can be understood that when the smart terminal displays the Hanxin code and the two-dimensional code, the smart terminal can be scaled, and the two can be displayed in different time sequences.

优选情况下,二维码环绕汉信码,两者同步显示于智能终端的显示窗口内,供收银终端进行扫描、识别。Preferably, the two-dimensional code surrounds the Hanxin code, and the two are synchronously displayed in the display window of the smart terminal for scanning and identification by the cash register terminal.

步骤S13、交易支付服务器获取经收银终端扫描并识别的第一密文及用户信息,并利用私钥对第一密文进行解密,以获得当前用户的生物特征。Step S13: The transaction payment server acquires the first ciphertext and the user information scanned and identified by the cash register terminal, and decrypts the first ciphertext by using the private key to obtain the biometric feature of the current user.

具体地,收银终端扫描并识别汉信码、二维码后,将第一密文及用户信息上送至交易支付服务器,交易支付服务器利用私钥对第一密文进行解密,获得当前用户的生物特征。在此过程中,收银终端虽然获得第一密文,但无法解析或保存第一密文。随后,交易支付服务器将当前用户的生物特征转送到生物特征认证服务器。Specifically, after the cashier terminal scans and recognizes the Hanxin code and the two-dimensional code, the first ciphertext and the user information are sent to the transaction payment server, and the transaction payment server decrypts the first ciphertext by using the private key to obtain the current user. Biological characteristics. In this process, although the cashier terminal obtains the first ciphertext, the first ciphertext cannot be parsed or saved. The transaction payment server then forwards the current user's biometrics to the biometric authentication server.

步骤S14、交易支付服务器基于生物特征认证服务器对当前用户的生物特征认证的结果及用户信息来完成交易。Step S14: The transaction payment server completes the transaction based on the result of the biometric authentication of the current user and the user information by the biometric authentication server.

其中,生物特征认证服务器首先对当前用户的生物特征进行认证,并将认证结果通知交易支付服务器,交易支付服务器再基于认证结果、用户信息来完成交易。The biometric authentication server first authenticates the biometrics of the current user, and notifies the transaction payment server of the authentication result, and the transaction payment server completes the transaction based on the authentication result and the user information.

具体地,若当前用户的生物特征未在已注册用户的生物特征库中得到匹配,生物特征认证服务器将给出否定的认证结果,交易支付服务器将拒绝当前交易;反之,生物特征认证服务器将给出肯定的认证结果,交易支付服务器将继续进行当前交易,实现款项的流转。Specifically, if the current user's biometrics are not matched in the biometric database of the registered user, the biometric authentication server will give a negative authentication result, and the transaction payment server will reject the current transaction; otherwise, the biometric authentication server will give With a positive certification result, the transaction payment server will continue the current transaction and realize the circulation of funds.

该交易支付方法在以简单方式实现电子交易的同时,能够有效防止二维码/条形码等信息被复制,还能够对用户的生物特征信息进行认证。这些措施有利于提高电子交易的安全性、并有效保护用户帐户不受盗用。The transaction payment method can effectively prevent information such as a two-dimensional code/barcode from being copied while realizing electronic transactions in a simple manner, and can also authenticate biometric information of the user. These measures help to improve the security of electronic transactions and effectively protect user accounts from misappropriation.

本发明第二实施例提供一种交易支付系统,其包括交易执行单元20、多个收银终端21(为简单起见,附图中仅示出一个)以及多个智能终端22(为简 单起见,附图中仅示出一个),如图2所示。A second embodiment of the present invention provides a transaction payment system including a transaction execution unit 20, a plurality of cashier terminals 21 (only one is shown in the drawings for simplicity), and a plurality of smart terminals 22 (for simplicity, attached) Only one is shown in the figure, as shown in Figure 2.

其中,交易执行单元20与多个智能终端22可以利用移动通信网络进行通信,交易执行单元20与多个收银终端21可以利用互联网(例如Internet网)进行通信。The transaction execution unit 20 and the plurality of smart terminals 22 can communicate using the mobile communication network, and the transaction execution unit 20 and the plurality of cashier terminals 21 can communicate using the Internet (for example, the Internet).

交易执行单元20包括生物特征认证服务器201、交易支付服务器202。智能终端22包括生物特征采集设备,用于采集用户的生物特征,例如,指纹、虹膜、声纹、面部图像等。The transaction execution unit 20 includes a biometric authentication server 201 and a transaction payment server 202. The smart terminal 22 includes a biometrics collection device for collecting biometric features of the user, such as fingerprints, irises, voice prints, facial images, and the like.

具体地,智能终端22至少基于交易支付服务器202在用户注册阶段下发的公钥及当前用户的生物特征而生成第一密文,以及基于第一密文生成汉信码、基于用户信息生成二维码,并显示汉信码及二维码以供收银终端21进行扫描、识别。Specifically, the smart terminal 22 generates the first ciphertext based on at least the public key sent by the transaction payment server 202 during the user registration phase and the biometric feature of the current user, and generates a Chinese cryptographic code based on the first ciphertext and generates two based on the user information. The code is displayed, and the Hanxin code and the two-dimensional code are displayed for scanning and recognition by the cash register terminal 21.

收银终端21包括扫描设备,以扫描并识别智能终端22所显示的汉信码及二维码。The cash register terminal 21 includes a scanning device to scan and recognize the Hanxin code and the two-dimensional code displayed by the smart terminal 22.

随后,交易支付服务器202从收银终端21获取第一密文及当前用户的用户信息,并利用私钥对第一密文进行解密,以获得当前用户的生物特征并转送至生物特征认证服务器201,在生物特征认证服务器201进行认证之后,交易支付服务器202还基于生物特征认证服务器201的认证结果来完成交易。Subsequently, the transaction payment server 202 acquires the first ciphertext and the user information of the current user from the cash register terminal 21, and decrypts the first ciphertext by using the private key to obtain the biometric feature of the current user and forwards the biometric to the biometric authentication server 201. After the biometric authentication server 201 performs authentication, the transaction payment server 202 also completes the transaction based on the authentication result of the biometric authentication server 201.

进一步地,智能终端22可以将汉信码及二维码分别显示在屏幕或显示窗口的不同部分。优选情况下,智能终端22将汉信码显示于屏幕或显示窗口的中央部分,将二维码显示于屏幕或显示窗口的外围部分。此外,智能终端22优选地同步显示汉信码、二维码。Further, the smart terminal 22 can display the Hanxin code and the two-dimensional code on different parts of the screen or the display window, respectively. Preferably, the smart terminal 22 displays the Hanxin code on the central portion of the screen or the display window, and displays the two-dimensional code on the peripheral portion of the screen or the display window. Further, the smart terminal 22 preferably simultaneously displays the Hanxin code and the two-dimensional code.

进一步地,交易执行单元20设置于金融机构端(本地端),收银终端21设置于远端。上述交易支付系统可以基于云计算系统来部署,以促进系统升级与维护。Further, the transaction execution unit 20 is disposed at the financial institution end (local end), and the cash register terminal 21 is disposed at the remote end. The above transaction payment system can be deployed based on a cloud computing system to facilitate system upgrade and maintenance.

用户在向上述交易支付系统注册完成后,即能够安全、快捷地进行电子交易,获得良好的使用体验。该交易支付系统实现成本低、便于推广应用。After the user completes the registration with the above transaction payment system, the user can conduct electronic transactions safely and quickly, and obtain a good use experience. The transaction payment system has low implementation cost and is convenient for popularization and application.

上述说明仅针对于本发明的优选实施例,并不在于限制本发明的保护范围。本领域技术人员可作出各种变形设计,而不脱离本发明的思想及附随的权利要求。The above description is only for the preferred embodiments of the present invention and is not intended to limit the scope of the present invention. Various modifications may be made by those skilled in the art without departing from the spirit of the invention and the appended claims.

Claims (10)

一种交易支付方法,包括:A transaction payment method, comprising: 注册阶段,包括如下步骤:The registration phase includes the following steps: a)、生物特征认证服务器基于智能终端的注册请求而从所述智能终端获取注册用户的生物特征,交易支付服务器基于所述注册请求向所述智能终端下发公钥;其中所述生物特征由所述智能终端的生物特征采集设备进行采集而得到;以及a) the biometric authentication server acquires a biometric of the registered user from the smart terminal based on the registration request of the smart terminal, and the transaction payment server sends a public key to the smart terminal based on the registration request; wherein the biometric feature is The biometric collection device of the smart terminal performs acquisition; and 交易阶段,包括如下步骤:The trading phase includes the following steps: b)、所述智能终端采集当前用户的所述生物特征,并至少基于所述公钥及所述当前用户的生物特征而生成第一密文;b) The smart terminal collects the biometric feature of the current user, and generates a first ciphertext based on at least the public key and the biometric feature of the current user; c)、所述智能终端基于所述第一密文生成汉信码、基于所述当前用户的用户信息生成二维码,并显示所述汉信码及所述二维码以供收银终端扫描并识别;c) the smart terminal generates a Hanxin code based on the first ciphertext, generates a two-dimensional code based on the user information of the current user, and displays the Hanxin code and the two-dimensional code for scanning by the cash register terminal. And identify; d)、所述交易支付服务器从所述收银终端获取经所述收银终端扫描并识别的所述第一密文及所述用户信息,并利用私钥对所述第一密文进行解密,以获得所述当前用户的生物特征并转送至所述生物特征认证服务器;以及d), the transaction payment server obtains the first ciphertext and the user information scanned and identified by the cash register terminal from the cash register terminal, and decrypts the first ciphertext by using a private key, Obtaining a biometric of the current user and forwarding to the biometric authentication server; e)、所述交易支付服务器基于所述生物特征认证服务器对所述当前用户的生物特征认证的结果及所述用户信息来完成交易。e) The transaction payment server completes the transaction based on the result of the biometric authentication of the current user and the user information by the biometric authentication server. 根据权利要求1所述的方法,其特征在于,所述汉信码及所述二维码分别显示在所述智能终端的屏幕或显示窗口的不同部分。The method according to claim 1, wherein said Hanxin code and said two-dimensional code are respectively displayed on different portions of a screen or a display window of said smart terminal. 根据权利要求2所述的方法,其特征在于,所述汉信码显示于所述屏幕或显示窗口的中央部分,所述二维码显示于所述屏幕或显示窗口的外围部分。The method according to claim 2, wherein said Hanxin code is displayed on a central portion of said screen or display window, and said two-dimensional code is displayed on a peripheral portion of said screen or display window. 根据权利要求2所述的方法,其特征在于,所述汉信码及所述二维码同步显示。The method according to claim 2, wherein said Hanxin code and said two-dimensional code are displayed synchronously. 根据权利要求1所述的方法,其特征在于,所述智能终端在生成所述第一密文时还基于当前时间的时间码。The method according to claim 1, wherein the smart terminal is further based on a time code of a current time when generating the first ciphertext. 根据权利要求1所述的方法,其特征在于,所述智能终端对所述当前用户的生物特征执行哈希算法而获得摘要,并利用所述公钥对所述摘要进行加密而生成所述第一密文。The method according to claim 1, wherein the smart terminal performs a hash algorithm on the biometric of the current user to obtain a digest, and encrypts the digest by using the public key to generate the digest. A ciphertext. 一种交易支付系统,包括:A transaction payment system comprising: 交易执行单元,与至少一智能终端在通信上耦合,其包括:The transaction execution unit is communicatively coupled with the at least one intelligent terminal, and includes: 生物特征认证服务器,用于对当前用户的生物特征进行认证;a biometric authentication server for authenticating biometrics of the current user; 交易支付服务器,从收银终端获取第一密文及当前用户的用户信息,并利用私钥对所述第一密文进行解密,以获得所述当前用户的生物特征并转送至所述生物特征认证服务器,所述交易支付服务器还基于所述生物特征认证服务器的认证结果来完成交易;Transaction payment server, obtaining first ciphertext and user information of the current user from the cash register terminal, and decrypting the first ciphertext by using a private key to obtain biometric characteristics of the current user and forwarding to the biometric authentication a server, the transaction payment server further completing the transaction based on the authentication result of the biometric authentication server; 至少一所述收银终端,所述收银终端扫描并识别所述智能终端所显示的汉信码及二维码;以及At least one of the cash register terminals, the cash register terminal scans and identifies the Hanxin code and the two-dimensional code displayed by the smart terminal; 至少一所述智能终端,所述智能终端包括生物特征采集设备,所述智能终端至少基于所述交易支付服务器下发的公钥及所述当前用户的生物特征而生成第一密文,以及基于所述第一密文生成所述汉信码、基于所述用户信息生成所述二维码。At least one of the smart terminals, the smart terminal includes a biometric collection device, and the smart terminal generates a first ciphertext based on at least a public key delivered by the transaction payment server and a biometric feature of the current user, and is based on The first ciphertext generates the Hanxin code, and generates the two-dimensional code based on the user information. 根据权利要求7所述的系统,其特征在于,所述智能终端将所述汉信码及所述二维码分别显示在屏幕或显示窗口的不同部分。The system according to claim 7, wherein said smart terminal displays said Hanxin code and said two-dimensional code on different parts of a screen or a display window, respectively. 根据权利要求8所述的系统,其特征在于,所述智能终端将所述汉信码显示于所述屏幕或显示窗口的中央部分,将所述二维码显示于所述屏幕或显示窗口的外围部分。The system according to claim 8, wherein said smart terminal displays said Hanxin code in a central portion of said screen or display window, and displays said two-dimensional code on said screen or display window Peripheral part. 根据权利要求7至9中任一项所述的系统,其特征在于,所述交易执行单元设置于金融机构端,所述收银终端设置于远端。The system according to any one of claims 7 to 9, wherein the transaction execution unit is disposed at a financial institution end, and the cash register terminal is disposed at a remote end.
PCT/CN2018/075998 2017-02-15 2018-02-09 Transaction payment method and system Ceased WO2018149367A1 (en)

Applications Claiming Priority (2)

Application Number Priority Date Filing Date Title
CN201710080394.X 2017-02-15
CN201710080394.XA CN107146079B (en) 2017-02-15 2017-02-15 Transaction payment method and system

Publications (1)

Publication Number Publication Date
WO2018149367A1 true WO2018149367A1 (en) 2018-08-23

Family

ID=59783347

Family Applications (1)

Application Number Title Priority Date Filing Date
PCT/CN2018/075998 Ceased WO2018149367A1 (en) 2017-02-15 2018-02-09 Transaction payment method and system

Country Status (3)

Country Link
CN (1) CN107146079B (en)
TW (1) TWI720287B (en)
WO (1) WO2018149367A1 (en)

Families Citing this family (4)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN107146079B (en) * 2017-02-15 2020-05-22 中国银联股份有限公司 Transaction payment method and system
CN108038529B (en) * 2017-12-08 2020-10-09 北京中星仝创科技有限公司 Method for generating and reading circular two-dimensional code with image
CN115189898B (en) * 2021-04-01 2024-05-24 富联精密电子(天津)有限公司 Transaction processing method, terminal and storage medium
CN116629887A (en) * 2023-07-20 2023-08-22 鼎铉商用密码测评技术(深圳)有限公司 Registration method, authentication method, device and storage medium based on biological characteristics

Citations (5)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US20130275309A1 (en) * 2012-04-13 2013-10-17 Francis King Hei KWONG Electronic-payment authentication process with an eye-positioning method for unlocking a pattern lock
CN103489102A (en) * 2013-09-13 2014-01-01 惠州Tcl移动通信有限公司 Method and system for preventing unauthorized credit card swiping through mobile phone based on two-dimensional code
CN104835039A (en) * 2015-04-03 2015-08-12 成都爱维科创科技有限公司 Data label generation method
CN105590199A (en) * 2014-11-14 2016-05-18 中国银联股份有限公司 Payment method and payment system based on dynamic two-dimensional code
CN107146079A (en) * 2017-02-15 2017-09-08 中国银联股份有限公司 Transaction payment method and system

Family Cites Families (6)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN102254380A (en) * 2010-05-31 2011-11-23 北京汇冠金财科技有限公司 Safe mobile phone payment method and system based on hybrid encryption mechanism
CN104486356A (en) * 2014-12-29 2015-04-01 芜湖乐锐思信息咨询有限公司 Data transmission method based on internet online tractions
CN104835030A (en) * 2015-05-26 2015-08-12 丹阳飓风物流股份有限公司 Inquiry service flow management method used for logistics industry
CN106296197A (en) * 2015-06-25 2017-01-04 深圳市中兴微电子技术有限公司 A kind of method, apparatus and system of payment
CN105631501A (en) * 2015-11-24 2016-06-01 上海透云物联网科技有限公司 Composite identification code structure, products using composite identification code structure, and monitoring method
CN105574743A (en) * 2016-01-18 2016-05-11 上海透云物联网科技有限公司 Identification code structure, manufacturing method thereof, and product monitoring method

Patent Citations (5)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US20130275309A1 (en) * 2012-04-13 2013-10-17 Francis King Hei KWONG Electronic-payment authentication process with an eye-positioning method for unlocking a pattern lock
CN103489102A (en) * 2013-09-13 2014-01-01 惠州Tcl移动通信有限公司 Method and system for preventing unauthorized credit card swiping through mobile phone based on two-dimensional code
CN105590199A (en) * 2014-11-14 2016-05-18 中国银联股份有限公司 Payment method and payment system based on dynamic two-dimensional code
CN104835039A (en) * 2015-04-03 2015-08-12 成都爱维科创科技有限公司 Data label generation method
CN107146079A (en) * 2017-02-15 2017-09-08 中国银联股份有限公司 Transaction payment method and system

Also Published As

Publication number Publication date
TW201832153A (en) 2018-09-01
TWI720287B (en) 2021-03-01
CN107146079B (en) 2020-05-22
CN107146079A (en) 2017-09-08

Similar Documents

Publication Publication Date Title
US11847652B2 (en) Wireless biometric authentication system and method
US11777736B2 (en) Use of biometrics and privacy preserving methods to authenticate account holders online
US8775814B2 (en) Personalized biometric identification and non-repudiation system
CN103679436B (en) A kind of electronic contract security system and method based on biological information identification
CN108460593B (en) Offline two-dimensional code payment method and device
CN114358793A (en) Server-based biometric authentication
US11451394B2 (en) Efficient hands free interaction using biometrics
US11783336B2 (en) Camera device enabled identification and disambiguation system and method
CN105809447A (en) Payment authentication method and system based on face recognition and HCE
WO2018094584A1 (en) Payment and identity authentication system based on biometric feature recognition
WO2018149367A1 (en) Transaction payment method and system
US20240380597A1 (en) Remote identity interaction
WO2016083987A1 (en) Method of and system for obtaining proof of authorisation of a transaction
EP3718035A1 (en) Two-step central matching of fingerprints
WO2018148900A1 (en) Fingerprint identification-based authentication method and device, and transaction system
CN111353144A (en) Identity authentication method and device
HK1242453B (en) Transaction payment method and system
KR102079667B1 (en) System for proving financial transaction service
HK1242453A1 (en) Transaction payment method and system
HK1242453A (en) Transaction payment method and system
TW202347148A (en) Biometric-based authentication device and method therefor

Legal Events

Date Code Title Description
121 Ep: the epo has been informed by wipo that ep was designated in this application

Ref document number: 18753638

Country of ref document: EP

Kind code of ref document: A1

NENP Non-entry into the national phase

Ref country code: DE

122 Ep: pct application non-entry in european phase

Ref document number: 18753638

Country of ref document: EP

Kind code of ref document: A1