The content of the invention
It is an object of the invention to propose a kind of authentication device based on electronic transaction, system and method, to improve electricity
The security of son transaction, and user's stored value card information leakage when avoiding electronic transaction.
For up to this purpose, the present invention uses following technical scheme:
A kind of electronic trade method based on certification, including step:
S1, when the stored value devices for the user profile that user has been encrypted using being stored with carry out electronic transaction, read described
The user profile encrypted simultaneously is authenticated to the user profile encrypted, when the authentication is successful, performs step S2, no
Then, Fail Transaction, terminates;
S2, the transactional operation data for obtaining active user, and the transactional operation data are sent to network friendship by network
Easy platform is to obtain the trade information corresponding with current transaction system being stored in advance in the network trading platform, according to institute
Trade information is stated the user profile encrypted is decrypted;
S3, carry out alignment processing to the user profile decrypted according to the transactional operation data, and to processing after
User profile be authenticated;When the authentication is successful, the user profile after the processing is encrypted, updates right in the stored value devices
The user profile answered;
Wherein, the user profile at least includes:Subscriber identity information and corresponding Stored Value information.
Wherein, the step S1 includes:
S11, when the stored value devices for the user profile that user has been encrypted using being stored with carry out electronic transaction, detection is described
Whether the user profile encrypted is correct, when being, reads the user profile encrypted in the stored value devices;Otherwise, merchandise
Failure, terminates;
S12, the user profile encrypted is authenticated, if certification success, performs S13;Otherwise, Fail Transaction,
Terminate;
Successfully whether the user profile encrypted is correct for S13, detection certification, when being, performs step S2, no
Then, Fail Transaction, terminates.
Wherein, the step S3 includes:
S31, according to the transactional operation data alignment processing is carried out to the user profile decrypted;
S32, the user profile after processing is authenticated;When the authentication is successful, the user profile after the processing is encrypted;
Otherwise, Fail Transaction, terminates;
S33, the user profile after the processing encrypted write into the stored value devices, update correspondence in the stored value devices
User profile.
A kind of system using the electronic trade method based on certification, including:
Stored value devices, for storing user profile and the user profile being encrypted;
Authentication device, the user profile encrypted for reading in the stored value devices is simultaneously believed the user encrypted
Breath is authenticated, and the user profile that certification has successfully been encrypted is transferred into transaction system;
After transaction system, the user profile encrypted for receiving the authentication device transmission, read active user's
Transactional operation data, and the transactional operation data are sent to by network trading platform by network;
Network trading platform, for the database pre-established according to the transactional operation data search, obtain with it is described
The corresponding trade information of transaction system, and the trade information is returned into the transaction system;
The transaction system is additionally operable to, and the user profile encrypted received is carried out according to the trade information
Decryption, and the user profile decrypted according to the transactional operation data processing, and the user profile after processing is returned
To authentication device;
The authentication device is additionally operable to, and the user profile after the processing is authenticated;And to the successful processing of certification
User profile afterwards is encrypted, and the user profile after the processing after encryption is write into the stored value devices;
Wherein, the user profile at least includes:Subscriber identity information and corresponding Stored Value information.
Wherein, the stored value devices include:
First memory cell, for storing user profile;
First ciphering unit, is connected with first memory cell, for the user profile to be encrypted;
First connection unit, for transmitting the user profile encrypted to the authentication device.
Wherein, the stored value devices also include:
First detection unit, is connected with first ciphering unit and first connection unit, for having added in transmission
Before close user profile, whether the user profile encrypted described in detection is correct, when being, triggers first connection unit
The user profile encrypted described in transmission.
Wherein, the authentication device includes:
Second connection unit, for being communicated to connect with the stored value devices, receives having encrypted in the stored value devices
User profile, is additionally operable to the user profile after the processing that will encrypt and writes the stored value devices;
Main control unit, for reading the user profile encrypted that second connection unit is received, and controls certification
Unit is authenticated to the user profile encrypted;
Authentication unit, the user profile encrypted for the stored value devices to receiving is authenticated, and is additionally operable to
User profile after transaction system processing is authenticated, and the user profile after the successful processing of certification is added
It is close;
3rd connection unit, for successfully the user profile encrypted to be transferred to transaction system by certification;
Second memory cell, for storing corresponding authentication procedure and encrypting and decrypting program.
Wherein, the authentication device also includes:
Second detection unit, for detecting the user profile encrypted that second connection unit receives whether just
Really, when being, the user profile that the main control unit starts to have encrypted described in reading is triggered;
3rd detection unit, for detecting whether the user profile that certification has successfully been encrypted is correct, when being, triggers institute
State the 3rd connection unit and transmit the user profile that the certification has successfully been encrypted to transaction system.
Wherein, the authentication device also includes:
Security protection unit, what is prestored for when the user information authentication encrypted fails, searching is described
Stored value devices and the contingency table of corresponding user, obtain the corresponding subscriber phone of the stored value devices, and send out to the subscriber phone
Send the short message of authentification failure.
By the electronic trade method of the present invention based on certification and system, its advantage includes:So that electronics
Transaction system adds new function, the stored value devices and corresponding transaction system being traded can be respectively authenticated, carried
The high security of electronic transaction;Combining encryption decryption mechanisms user profile is transmitted in the form of ciphertext, it is to avoid electronics
User profile leaks in process of exchange;In addition, by Multiple detection mechanism and safety protecting mechanism, further improving electricity
The security of son transaction.
Embodiment
Further illustrate technical scheme below in conjunction with the accompanying drawings and by embodiment.
Fig. 1 is a kind of broad flow diagram for electronic trade method based on certification that the specific embodiment of the invention 1 is provided.
As shown in figure 1, the electronic trade method based on certification of the present embodiment includes step:
S1, when the stored value devices for the user profile that user has been encrypted using being stored with carry out electronic transaction, read described
The user profile encrypted simultaneously is authenticated to the user profile encrypted, when the authentication is successful, performs step S2, no
Then, Fail Transaction, terminates.
In the present embodiment, the user profile at least includes:Subscriber identity information and corresponding Stored Value information.Wherein,
The specific method being authenticated to the user profile encrypted can set different authentication modes according to actual conditions, such as quiet
The modes such as state cipher authentication, dynamic password authentication, biological characteristic authentication, this is not limited by the present invention.Also needed in the present embodiment
In advance by the storage of corresponding authentication procedure into corresponding electronic trading system.Similarly, the user profile in the stored value devices
The mode for being encrypted and decrypting can also be set according to actual conditions, and in advance by corresponding encrypting and decrypting program storage to correspondence
Electronic trading system in.
S2, the transactional operation data for obtaining active user, and the transactional operation data are sent to network friendship by network
Easy platform is to obtain the trade information corresponding with current transaction system being stored in advance in the network trading platform, according to institute
Trade information is stated the user profile encrypted is decrypted.
Wherein, at least include that the data of current transaction system and corresponding user can be identified in the transactional operation data
Operational order data(Such as the inquiry operation director data of user, transfer operation director data, payment operational order data, specific
Dealing money etc.).Also, need to set up a database in the network trading platform in advance, for storing the transaction dress
Put corresponding trade information(The data and corresponding schedule of dealing, decruption key of current transaction system can such as be identified), when
When user carries out electronic transaction using the transaction system, corresponding transaction consulting is found out from the network trading platform, and
The user profile encrypted is decrypted according to the trade information.If not found out in the network trading platform
Corresponding transaction consulting, then Fail Transaction.
S3, according to the transactional operation data alignment processing is carried out to the user profile decrypted;After processing
User profile is authenticated;When the authentication is successful, the user profile after the processing is encrypted, and updates right in the stored value devices
The user profile answered.For example, when user is paid the fees using stored value card, then according to corresponding transactional operation data from it is described
The corresponding amount of money is subtracted in the Stored Value total value of the user profile of decryption;When user is transferred to fund by transaction system, then basis
Corresponding transactional operation data add the corresponding amount of money on the basis of the Stored Value total value of the user profile decrypted.
It is preferred that the step S1 further comprises:
First, when the stored value devices for the user profile encrypted as user using being stored with carry out electronic transaction, institute is detected
State whether the user profile encrypted is correct, if the user profile encrypted described in detecting is incorrect, current Fail Transaction,
Terminate;When being, the user profile encrypted in the stored value devices is read;Wherein, the user encrypted described in the detection
The whether correct process of information may include:Detect the user profile encrypted whether there is loss of learning, whether is form of ciphertext etc..
It is incorrect when detecting the user profile encrypted in the stored value devices(User profile lost in ciphering process as described
Partial information causes the user profile after encryption incomplete, or the interference of person under attack causes user's letter after encryption during encryption
Breath is easy to maliciously be recognized), then current Fail Transaction, can by by the user profile in the stored value devices labeled as can not
The modes such as read states are realized.
Secondly, the user profile encrypted is authenticated, if authentification failure, current Fail Transaction terminates.If
Certification success then carries out detecting for second, that is, detecting certification, successfully whether the user profile encrypted is correct, when being,
Step S2 is performed, otherwise, Fail Transaction terminates;
By above-mentioned detection process twice and verification process, effectively the current user profile for carrying out electronic transaction is carried out
Verification, it is to avoid the generation of maloperation;Also, it can also be reminded filled with current Stored Value by the association pre-established when the authentication fails
The user for putting association, so that user confirms the electronic transaction behavior that currently carries out in time, prevents personal property from being usurped by other people.
It is preferred that the step S3 further comprises:
First, the user profile after processing is authenticated;When the authentication is successful, user's letter after the processing is encrypted
Breath;Then, the user profile after the processing encrypted is written to the stored value devices, updated in the stored value devices
User profile.If authentification failure, the user profile terminated in current transaction, the stored value devices remains unchanged.Thus may be used
It is further to prevent user's property to be stolen, improve the security of electronic transaction.
Pass through the electronic trade method based on certification of above-described embodiment so that electronic trading system adds new work(
Energy:The stored value devices and corresponding transaction system being traded can be respectively authenticated, improve the security of electronic transaction.
Based on the electronic trade method based on certification described in above-described embodiment, present invention also offers one kind using described
The embodiment of the system of electronic trade method based on certification, refers to Fig. 2, and Fig. 2 is the preferable implementation of system of the present invention
The structural representation of example, is specifically included:
Stored value devices 100, for storing user profile and the user profile being encrypted;The stored value devices 100
Including but not limited to storage card, accumulating card, credit card;Cipher mode therein can be set according to actual conditions.
Authentication device 200, the user profile encrypted for reading in the stored value devices 100 has simultaneously been encrypted to described
User profile is authenticated, and the user profile that certification has successfully been encrypted is transferred into transaction system;Specific authentication method
It can be the modes such as static password certification, dynamic password authentication, biological characteristic authentication, this is not limited by the present invention, but need advance
By the storage of corresponding authentication procedure into the authentication device, specifically as described in above-mentioned embodiment.
Transaction system 300, for reading after the user profile encrypted that the authentication device 200 is transmitted, obtains current
The transactional operation data of user, and the transactional operation data are sent to by network trading platform by network;The transaction behaviour
Make at least to include that the data and corresponding user operation instruction data of current transaction system can be identified in data, specifically as described above
Described in embodiment.
Network trading platform 400, for the database pre-established according to the transactional operation data search, is obtained and institute
The corresponding trade information of transaction system is stated, and the trade information is returned into the transaction system 30, wherein, the transaction money
News are as described in above-mentioned embodiment;
The transaction system 300 is additionally operable to, and the user profile encrypted is decrypted according to the trade information,
And the user profile decrypted according to the transactional operation data processing, and the user profile after processing is returned into certification
Device 200;Wherein, for example above-mentioned embodiment institute of the method for the user profile decrypted according to the transactional operation data processing
State.
The authentication device 200 is additionally operable to, and the user profile after the processing is authenticated;And to the successful place of certification
User profile after reason is encrypted, and the user profile after the processing after encryption is write into the stored value devices;So that
User profile in the stored value devices is updated.
In the present embodiment, the user profile at least includes:Subscriber identity information and corresponding Stored Value information.
It is preferred that as shown in figure 3, the stored value devices 100 are specifically included:
First memory cell 101, for storing user profile;
First ciphering unit 102, is connected with first memory cell, for the user profile to be encrypted;
First connection unit 104, for transmitting the user profile encrypted to the authentication device.
Further, with continued reference to Fig. 3, the stored value devices 100 also include:
First detection unit 103, is connected with first ciphering unit 102 and first connection unit 104, for examining
Whether the user profile encrypted described in surveying is correct, when being, triggers the use encrypted described in the first connection unit transmission
Family information.Its specific detection mode is as described in above-mentioned embodiment.
It is preferred that as shown in figure 4, the authentication device 200 further comprises:
Second connection unit 201, for being communicated to connect with the stored value devices, receives adding for the stored value devices transmission
Close user profile, and the user profile after the processing encrypted is write into the stored value devices;
Main control unit 203, for reading the user profile encrypted that second connection unit is received, and controls to recognize
Card unit is authenticated to the user profile encrypted;
Authentication unit 204, for being authenticated to the user profile encrypted, and has successfully been encrypted to certification
User profile be decrypted;And the user profile after the successful processing of certification is encrypted.
3rd connection unit 206, for successfully the user profile encrypted to be transferred to transaction system by certification;
Second memory cell 207, for storing corresponding authentication procedure and encrypting and decrypting program.
It is preferred that with continued reference to Fig. 4, the authentication device 200 also includes:
Second detection unit 202, for detecting whether is the user profile encrypted that second connection unit receives
Correctly, when being, the user profile that the main control unit starts to have encrypted described in reading is triggered;Specifically such as above-mentioned embodiment institute
State.
3rd detection unit 205, for detecting whether the user profile that certification has successfully been encrypted is correct, when being, is touched
Send out the 3rd connection unit described and transmit the user profile that the certification has successfully been encrypted to transaction system.Specifically implement as described above
Example is described.
It is preferred that with continued reference to Fig. 4, the authentication device 200 also includes:
Security protection unit 208, for when the user information authentication encrypted fails, searching the institute prestored
State the contingency table of stored value devices and corresponding user, obtain the corresponding subscriber phone of the stored value devices, and to the subscriber phone
Send the short message of authentification failure.So that the user of the stored value devices can confirm current ongoing electronic transaction feelings in time
Condition, it is to avoid its personal property is usurped by other people.
As can be seen here, by a kind of authentication device based on electronic transaction described in the above embodiment of the present invention, system and
Method, improves the security of electronic transaction;User profile in electronic transaction process can be prevented effectively from simultaneously to leak.
Above are only presently preferred embodiments of the present invention, any one skilled in the art the invention discloses
In technical scope, the change or replacement that can be readily occurred in should all be covered in protection scope of the present invention.