CN105046489A - Mobile payment method, mobile payment device and mobile payment - Google Patents

Mobile payment method, mobile payment device and mobile payment Download PDF

Info

Publication number
CN105046489A
CN105046489A CN201510366135.4A CN201510366135A CN105046489A CN 105046489 A CN105046489 A CN 105046489A CN 201510366135 A CN201510366135 A CN 201510366135A CN 105046489 A CN105046489 A CN 105046489A
Authority
CN
China
Prior art keywords
payment
mobile terminal
data
request
devices
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Pending
Application number
CN201510366135.4A
Other languages
Chinese (zh)
Inventor
林志明
王俊杰
余勇
杨军
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
Shenzhen state micro Financial Technologies Ltd
Original Assignee
Shenzhen State Micro Technology Co Ltd
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Shenzhen State Micro Technology Co Ltd filed Critical Shenzhen State Micro Technology Co Ltd
Priority to CN201510366135.4A priority Critical patent/CN105046489A/en
Publication of CN105046489A publication Critical patent/CN105046489A/en
Priority to PCT/CN2016/084890 priority patent/WO2016206530A1/en
Pending legal-status Critical Current

Links

Classifications

    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06QINFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES, NOT OTHERWISE PROVIDED FOR
    • G06Q20/00Payment architectures, schemes or protocols
    • G06Q20/38Payment protocols; Details thereof
    • G06Q20/382Payment protocols; Details thereof insuring higher security of transaction
    • G06Q20/3829Payment protocols; Details thereof insuring higher security of transaction involving key management
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06QINFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES, NOT OTHERWISE PROVIDED FOR
    • G06Q20/00Payment architectures, schemes or protocols
    • G06Q20/08Payment architectures
    • G06Q20/16Payments settled via telecommunication systems
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06QINFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES, NOT OTHERWISE PROVIDED FOR
    • G06Q20/00Payment architectures, schemes or protocols
    • G06Q20/30Payment architectures, schemes or protocols characterised by the use of specific devices or networks
    • G06Q20/32Payment architectures, schemes or protocols characterised by the use of specific devices or networks using wireless devices
    • G06Q20/322Aspects of commerce using mobile devices [M-devices]

Landscapes

  • Business, Economics & Management (AREA)
  • Engineering & Computer Science (AREA)
  • Accounting & Taxation (AREA)
  • Strategic Management (AREA)
  • Physics & Mathematics (AREA)
  • General Business, Economics & Management (AREA)
  • General Physics & Mathematics (AREA)
  • Theoretical Computer Science (AREA)
  • Finance (AREA)
  • Computer Security & Cryptography (AREA)
  • Computer Networks & Wireless Communication (AREA)
  • Financial Or Insurance-Related Operations Such As Payment And Settlement (AREA)

Abstract

The present invention is suitable for the electronic payment filed, and provides a mobile payment method, a mobile payment device and a mobile payment. The method comprises the steps of using a mobile terminal to send a consumption request to a payment device; using the payment device to generate a payment request according to the consumption request, and sending the consumption request to the mobile terminal, wherein the payment request carries the sensitive data, and the sensitive data is encrypted by the payment device; using the mobile terminal to send the payment request to a background server; using the background server to decrypt the encrypted sensitive data after receiving the payment request, and interact with a payment background based on the payment request to finish the payment. According to the present invention, the sensitive data is encrypted by the secret keys, and then the payment request containing the sensitive data is sent to the background server by the mobile terminal to be decrypted to finish the payment, the secret keys are managed by the background server uniformly, and the mobile terminal just forwards the data, so that the different secret keys can be issued in allusion to different payment devices or every transaction, and the payment safety is improved.

Description

A kind of method of mobile payment, Apparatus and system
Technical field
The invention belongs to E-Payment field, particularly relate to a kind of method of mobile payment, Apparatus and system.
Background technology
Along with the development of science and technology, mobile POS (MobilePointofsale, mobile sale point terminal) etc. mobile payment device have also been obtained and apply widely, but mobile payment device payment information such as password, Transaction Information in the process paid easily is intercepted, copy, cause the stolen brush of the fund of user.Therefore the security of mobile payment device more and more comes into one's own.
Prior art is typically employed in payment devices and is encrypted payment information, the mode be decrypted by mobile terminal again improves the security of payment cipher, Transaction Information, but all mobile terminals all adopt identical key to adopt this kind of mode to require, when the password of some mobile terminals is cracked, the password of whole system will all be cracked/copy, and security is lower.
Summary of the invention
The embodiment of the present invention provides a kind of method of mobile payment and system, is intended to solve prior art when the password of some mobile terminals is cracked, and the password of whole system will all be cracked/copy, the problem that security is lower.
The embodiment of the present invention realizes like this, a kind of method of mobile payment, said method comprising the steps of: the payment request that mobile terminal receive sends, described payment request is generated by payment devices, described payment request carries sensitive data, and has carried out cryptographic operation by described payment devices to sensitive data; The sensitive data of encryption is decrypted; Carry out mutual to complete payment according to described payment request and payment platform; Wherein, carry payer account, payment cipher, beneficiary account and spending amount in described payment request, described sensitive data at least comprises payment cipher.
The embodiment of the present invention also provides another kind of method of mobile payment, said method comprising the steps of: mobile terminal sends consumer requests to payment devices, carries beneficiary account and spending amount in described consumer requests; Described payment devices generates according to described consumer requests the request of payment, and described consumer requests is sent to mobile terminal, and described payment request carries sensitive data, and has carried out cryptographic operation by described payment devices to sensitive data; Described payment request is sent to background server by described mobile terminal; Described background server is decrypted the sensitive data of encryption after receiving described payment request, and carries out mutual to complete payment based on described payment request and payment backstage.Wherein, payer account, payment cipher, beneficiary account and spending amount are at least carried in described payment request, and described sensitive data at least comprises payment cipher.
The embodiment of the present invention also provides a kind of mobile payment device, described device comprises: receiving element, for the payment request that mobile terminal receive sends, described payment request is generated by payment devices, described payment request carries sensitive data, and has carried out cryptographic operation by described payment devices to sensitive data; Decryption unit, for being decrypted the sensitive data of encryption; Payment unit, for carrying out mutual to complete payment according to described payment request and payment platform; Wherein, described payment request carries payer account, payment cipher, beneficiary account and spending amount, and described sensitive data at least comprises payment cipher.
The embodiment of the present invention also provides a kind of mobile-payment system, described system comprises: mobile terminal, for sending consumer requests to payment devices, receive the payment request of described payment devices transmission and described payment request is sent to background server, in described consumer requests, carrying beneficiary account and spending amount; Payment devices, for generating according to described consumer requests the request of payment, being encrypted the described sensitive data carried in request that pays and described payment request is sent to described mobile terminal; Background server, is decrypted the sensitive data of encryption after receiving the request of payment, and asks based on described payment and pay backstage to carry out mutual to complete payment.Wherein, payer account, payment cipher, beneficiary account and spending amount are at least carried in described payment request, and described sensitive data at least comprises payment cipher.
Payment has been decrypted through the payment request comprising sensitive data being sent to background server by mobile terminal after payment devices of the present invention is encrypted by double secret key sensitive data, like this, deciphering is carried out at background server, key carries out unified management by background server, mobile terminal only carries out the forwarding of data, therefore can issue different keys for different payment devices or transaction each time, improve the security of payment.
Accompanying drawing explanation
Fig. 1 is the Organization Chart of the mobile-payment system that the embodiment of the present invention provides;
Fig. 2 is the realization flow figure of the method for mobile payment that the embodiment of the present invention provides;
Fig. 3 is that the background server that the embodiment of the present invention provides carries out certification to payment devices, issues the realization flow figure for the first key encrypted sensitive data after authentication success to payment devices;
Fig. 4 is the realization flow figure of the method for mobile payment that second embodiment of the invention of the present invention provides;
Fig. 5 is that the background server that second embodiment of the invention provides carries out certification to payment devices, issues the realization flow figure for the first key encrypted sensitive data after authentication success to payment devices;
Fig. 6 is the structural drawing of the mobile-payment system that third embodiment of the invention provides;
Fig. 7 is the structural drawing of the background server that the 4th embodiment provides;
Fig. 8 shows the structural drawing of the authentication ' unit that fourth embodiment of the invention provides.
Embodiment
In order to make object of the present invention, technical scheme and advantage clearly understand, below in conjunction with drawings and Examples, the present invention is further elaborated.Should be appreciated that specific embodiment described herein only in order to explain the present invention, be not intended to limit the present invention.
Payment has been decrypted through the payment request comprising sensitive data being sent to background server by mobile terminal after embodiment of the present invention payment devices is encrypted by double secret key sensitive data, key carries out unified management by background server, mobile terminal only carries out the forwarding of data, therefore can issue different keys for different payment devices or transaction each time, improve the security of payment.
Fig. 1 shows the Organization Chart of the mobile-payment system that the embodiment of the present invention provides, and for convenience of explanation, illustrate only the part relevant to the embodiment of the present invention.
As shown in Figure 1, mobile-payment system comprises mobile terminal 11, payment devices 12 and background server 13.
Mobile terminal 11 can be the mobile terminals such as mobile phone, personal digital assistant (PersonalDigitalAssistant, PDA), digital camera, notebook computer, panel computer.
Payment devices 12 can be the terminal device that POS, automatic vending machine etc. can generate the request of payment.
Background server 13 can be the server of the payment services business such as Third-party payment platform, bank.
As one embodiment of the present of invention, mobile terminal 11 can be communicated by communication links such as the Internet, LAN (Local Area Network), wide area networks with background server 13, and mobile terminal 11 and payment devices 12 are communicated by near-field communication, the infrared or mode such as bluetooth, audio interface.
In embodiments of the present invention, when user needs to consume, mobile terminal 11 initiates consumer requests to payment devices 12, payment devices 12 generates the request of payment after receiving consumer requests, and send the request of payment to mobile terminal 11, background server 13 obtains the payment request that mobile terminal 11 forwards, and completes payment according to payment request.
Fig. 2 shows the realization flow figure of the method for mobile payment that the embodiment of the present invention provides, and the method is applied to background server, and details are as follows:
In step s 201, the payment request of mobile terminal receive transmission.
In embodiments of the present invention, the consumer requests that the request that pays is sent according to mobile terminal by payment devices generates, the information such as payer account, payment cipher, beneficiary account and spending amount are at least carried in the request of payment, in order to improve the security of transaction, payment devices is encrypted sensitive informations such as payment ciphers, when payment request is sent to mobile terminal by payment devices, background server obtains the request of payment from mobile terminal.
In step S202, the sensitive data of encryption is decrypted.
In embodiments of the present invention, after receiving the payment request from mobile terminal, first background server is decrypted the sensitive data paying encryption in request, obtains the sensitive datas such as payment cipher.
In step S203, carry out mutual to complete payment according to payment request and payment platform.
In embodiments of the present invention, deciphered rear background server, according to the requirement of the payment platform such as bank, third-party platform, corresponding information has been sent to payment platform, completed payment.Can carry out as any applicable conventional financial transaction prescribed by standard alternately between background server and payment platform, does not repeat them here.
As one embodiment of the present of invention, in order to improve the security of payment, before step S201, background server also carries out certification to payment devices, issues the first key for encrypting sensitive data after authentication success to payment devices.
As one embodiment of the present of invention, after payment completes, payment success notification is sent in mobile terminal by background server, to notify that user pays successful message.
Payment has been decrypted through the payment request comprising sensitive data being sent to background server by mobile terminal after embodiment of the present invention payment devices is encrypted by double secret key sensitive data, key carries out unified management by background server, mobile terminal only carries out the forwarding of data, therefore different keys can be issued for different payment devices or transaction each time, avoid when carrying out encryption and decryption by mobile terminal and need to use identical key, cause mobile terminal key to be broken rear whole payment system be cracked or copy, improve the security of payment.
The background server that Fig. 3 shows the embodiment of the present invention to be provided carries out certification to payment devices, and issue the realization flow figure for the first key encrypted sensitive data to payment devices after authentication success, details are as follows:
In step S301, background server, in response to the data acquisition request of mobile terminal, sends random data by mobile terminal to payment devices.
In embodiments of the present invention, background server sends random number according to the data acquisition request of mobile terminal to mobile terminal, after mobile terminal receives this random number, random number is sent in payment devices, by payment devices, corresponding verify data is calculated to the random number received, and be encrypted by the second double secret key verify data preset before sending verify data.
As one embodiment of the present of invention, background server is that payment devices is equipped with unique identity code proving payment devices identity information, and preset second key corresponding with identity code at payment devices, before certified transmission data, utilize the second default double secret key verify data to be encrypted, and carry identity code when return authentication data.
As one embodiment of the present of invention, payment devices adopts 3DES (TripleDataEncryptionAlgorithm, triple data encryption algorithm) encryption method to be encrypted verify data.
In step s 302, the verify data of the encryption that mobile terminal sends is obtained.
In embodiments of the present invention, the verify data of encryption is sent to mobile terminal by payment devices, the verify data that background server is encrypted from acquisition for mobile terminal.
In step S303, the verify data of encryption is decrypted, obtains verify data and carry out certification.
In embodiments of the present invention, server is found out corresponding key according to the identity code carried in verify data and is decrypted the verify data of encryption.After certification is passed through, to mobile terminal return authentication result.
In step s 304, in response to the cipher key acquisition request of mobile terminal, sent the first key be used for sensitive data encryption to payment devices by mobile terminal.
In embodiments of the present invention, after certification is passed through, in response to the cipher key acquisition request of mobile terminal, background server sends the first key be used for sensitive data encryption to mobile terminal, be sent on payment devices by the first key by mobile terminal.
As one embodiment of the present of invention, in order to prevent being stolen in transmitting procedure of the first key, background server is encrypted the first key before issuing the first key.Preferably, background server adopts 3DES (TripleDataEncryptionAlgorithm, triple data encryption algorithm) encryption method to be encrypted the first key.
In the embodiment of the present invention, background server all sends different keys by mobile terminal to payment devices after certification each time, payment devices utilizes the payment double secret key verify data issued to be encrypted, the key issued due to certification is each time different, can prevent payment devices from being broken through the information leakage causing paying and ask to carry in advance, improve the security of payment.
Fig. 4 shows the realization flow figure of the method for mobile payment that second embodiment of the invention provides, and details are as follows:
In step S401, mobile terminal sends consumer requests to payment devices.
In embodiments of the present invention, consumer requests comprises the consumption information such as beneficiary account and spending amount.
As one embodiment of the present of invention, user can do shopping on other-end or this mobile terminal, and after selected commodity, generates goods orders and be sent on mobile terminal, and mobile terminal sends consumer requests according to goods orders to payment devices.Be appreciated that goods orders comprises beneficiary account and spending amount.
As another embodiment of the present invention, user sends consumer requests directly to payment devices after directly can also inputting beneficiary account and spending amount on mobile terminals.
In step S402, payment devices generates according to consumer requests the request of payment, and payment request is sent to mobile terminal.
In embodiments of the present invention, payment devices generates the request of payment and payment request is sent to mobile terminal after receiving consumer requests, wherein, the information such as payer account, payment cipher, beneficiary account and spending amount are at least carried in the request of payment, in order to improve the security of transaction, payment devices is encrypted sensitive informations such as payment ciphers.
As one embodiment of the present of invention, payment devices is mobile pos machine, after receiving consumer requests, mobile pos machine demonstrates spending amount and reminding user carries out swiping the card and input the delivery operations such as password to obtain the information such as payer account, payment cipher on the payment device, when delivery operation completes, the sensitive datas such as payment cipher are encrypted, payment request is sent to mobile terminal.
In step S403, payment request is sent to background server by mobile terminal.
In step s 404, background server is decrypted the sensitive data of encryption after receiving payment request, and asks based on payment and pay backstage to carry out mutual to complete payment.
In embodiments of the present invention, after receiving the payment request from mobile terminal, first background server is decrypted the sensitive data paying encryption in request, obtains the sensitive datas such as payment cipher.Decipher rear background server, according to the requirement of the payment platform such as bank, third-party platform, corresponding information has been sent to payment platform, complete payment.Can carry out as any applicable conventional financial transaction prescribed by standard alternately between background server and payment platform, does not repeat them here
As one embodiment of the present of invention, in order to improve the security of payment, before step S401, background server to also carrying out certification to payment devices, if certification by; issue the first key for encrypting sensitive data by mobile terminal to payment devices.
As one embodiment of the present of invention, in order to prevent being stolen in transmitting procedure of the first key, background server is encrypted the first key before issuing the first key.Preferably, background server adopts 3DES (TripleDataEncryptionAlgorithm, triple data encryption algorithm) encryption method to be encrypted the first key.
As one embodiment of the present of invention, after payment completes, payment success notification is sent in mobile terminal by background server, to notify that user pays successful message.
Payment has been decrypted through the payment request comprising sensitive data being sent to background server by mobile terminal after embodiment of the present invention payment devices is encrypted by double secret key sensitive data, key carries out unified management by background server, mobile terminal only carries out the forwarding of data, therefore different keys can be issued for different payment devices or transaction each time, avoid when carrying out encryption and decryption by mobile terminal and need to use identical key, cause mobile terminal key to be broken rear whole payment system be cracked or copy, improve the security of payment.
The background server that Fig. 5 shows second embodiment of the invention to be provided carries out certification to payment devices, and issue the realization flow figure for the first key encrypted sensitive data to payment devices after authentication success, details are as follows:
In step S501, mobile terminal sends data acquisition request to background server, obtains random data and random data is sent to payment devices.
In embodiments of the present invention, mobile terminal sends data acquisition request to background server, background server sends random number according to the data acquisition request of mobile terminal to mobile terminal, this random number is sent in payment devices after mobile terminal receives this random number.
In step S502, payment devices calculates verify data to random data, and is encrypted by the double secret key verify data preset.
In embodiments of the present invention, payment devices calculates corresponding verify data to the random number received, and is encrypted by the second double secret key verify data preset before sending verify data.
As one embodiment of the present of invention, background server is that payment devices is equipped with unique identity code proving payment devices identity information, and preset second key corresponding with identity code at payment devices, before certified transmission data, utilize the second default double secret key verify data to be encrypted, and carry identity code when return authentication data.
As one embodiment of the present of invention, payment devices adopts 3DES (TripleDataEncryptionAlgorithm, triple data encryption algorithm) encryption method to be encrypted verify data.
In step S503, the verify data that background server is encrypted by acquisition for mobile terminal, is decrypted the verify data of encryption, obtains verify data and carry out certification.
In embodiments of the present invention, find out corresponding key according to the identity code carried in verify data and the verify data of encryption is decrypted, and certification being carried out to verify data, after certification is passed through, to mobile terminal return authentication result.
In step S504, background server, in response to the cipher key acquisition request of mobile terminal, sends the first key be used for sensitive data encryption to payment devices by mobile terminal.
In embodiments of the present invention, after certification is passed through, in response to the cipher key acquisition request of mobile terminal, background server sends the first key be used for sensitive data encryption to mobile terminal, be sent on payment devices by the first key by mobile terminal.
In the embodiment of the present invention, background server all sends different keys by mobile terminal to payment devices after certification each time, payment devices utilizes the payment double secret key verify data issued to be encrypted, the key issued due to certification is each time different, can prevent payment devices from being broken through the information leakage causing paying and ask to carry in advance, improve the security of payment.
One of ordinary skill in the art will appreciate that, the all or part of step realized in above-described embodiment method can carry out by program the hardware that instruction is correlated with to have come, above-mentioned program can be stored in a computer read/write memory medium, above-mentioned storage medium, as ROM/RAM, disk, CD, flash memory disk etc.
Fig. 6 shows the structural drawing of the mobile-payment system that third embodiment of the invention provides, and for convenience of explanation, illustrate only the part relevant to the embodiment of the present invention.
As shown in Figure 6, mobile security payment system comprises mobile terminal 11, the payment devices 12 be connected with mobile terminal and background server 13.
Mobile terminal 11, for sending consumer requests to payment devices, receiving the payment request of payment devices transmission and payment request is sent to background server.
In embodiments of the present invention, beneficiary account and spending amount is carried in consumer requests.The consumer requests that the request that pays is sent according to mobile terminal by payment devices generates, the information such as payer account, payment cipher, beneficiary account and spending amount are at least carried in the request of payment, when payment request is sent to mobile terminal by payment devices, background server obtains the request of payment from mobile terminal.
As one embodiment of the present of invention, user can do shopping on other-end or this mobile terminal, and after selected commodity, generates goods orders and be sent on mobile terminal, and mobile terminal sends consumer requests according to goods orders to payment devices.Be appreciated that goods orders comprises beneficiary account and spending amount.
As an alternative embodiment of the invention, user sends consumer requests directly to payment devices after directly can also inputting beneficiary account and spending amount on mobile terminals.
Payment devices 12, generates for the consumer requests sent according to mobile terminal the request of payment, is encrypted paying the sensitive data carried in request and payment request is sent to mobile terminal.
In embodiments of the present invention, payment devices generates the request of payment and payment request is sent to mobile terminal after receiving consumer requests.Wherein, the information such as payer account, payment cipher, beneficiary account and spending amount are at least carried in the request of payment, and in order to improve the security of transaction, payment devices is encrypted sensitive informations such as payment ciphers.
As one embodiment of the present of invention, payment devices is mobile pos machine, after receiving consumer requests, mobile pos machine demonstrates spending amount and reminding user carries out swiping the card and input the delivery operations such as payment cipher to obtain the information such as account, payment cipher of payer on the payment device, when delivery operation completes, the sensitive datas such as payment cipher are encrypted, and payment request is sent to mobile terminal.
Background server 13, is decrypted the sensitive data of encryption after receiving payment request, and asks based on payment and pay backstage to carry out mutual to complete payment.
Fig. 7 shows the structural drawing of the background server that fourth embodiment of the invention provides, and for convenience of explanation, illustrate only the part relevant to the embodiment of the present invention.
Background server comprises receiving element 131, decryption unit 132 and payment unit 133.
Receiving element 131, for the payment request that mobile terminal receive sends.
In embodiments of the present invention, the consumer requests that the request that pays is sent according to mobile terminal by payment devices generates, the information such as payer account, payment cipher, beneficiary account and spending amount are at least carried in the request of payment, in order to improve the security of transaction, payment devices is encrypted sensitive informations such as payment ciphers, when payment request is sent to mobile terminal by payment devices, receiving element 131 obtains the request of payment from mobile terminal.
Decryption unit 132, for being decrypted the sensitive data of encryption.
In embodiments of the present invention, after receiving the payment request from mobile terminal, first decryption unit 131 is decrypted the sensitive data paying encryption in request, obtains the sensitive datas such as payment cipher.
Payment unit 133, mutual to complete payment for carrying out according to payment request and payment platform.
In embodiments of the present invention, deciphered rear payment unit 133, according to the requirement of the payment platform such as bank, third-party platform, corresponding information has been sent to payment platform, completed payment.Can carry out as any applicable conventional financial transaction prescribed by standard alternately between background server and payment platform, does not repeat them here.
As one embodiment of the present of invention, background server 13 also comprises authentication ' unit 134, for carrying out certification to payment devices, issues the first key for encrypting sensitive data after authentication success to payment devices.
As one embodiment of the present of invention, background server 13 also comprises notification unit 135, for being sent in mobile terminal by payment success notification, to notify that user pays successful message paying successfully.
Payment has been decrypted through the payment request comprising sensitive data being sent to background server by mobile terminal after embodiment of the present invention payment devices is encrypted by double secret key sensitive data, key carries out unified management by background server, mobile terminal only carries out the forwarding of data, therefore different keys can be issued for different payment devices or transaction each time, avoid when carrying out encryption and decryption by mobile terminal and need to use identical key, cause some mobile terminal keys to be broken rear whole payment system be cracked or copy, improve the security of payment.
Fig. 8 shows the structural drawing of the authentication ' unit that fourth embodiment of the invention provides, and for convenience of explanation, illustrate only the part relevant to the embodiment of the present invention.
Authentication ' unit comprises data transmission blocks 1341, verify data receiver module 1342, authentication module 1,343 first delivering key module 1344.
Data transmission blocks 1341, for the data acquisition request in response to mobile terminal, sends random data by mobile terminal to payment devices.
In embodiments of the present invention, authentication ' unit 1341 sends random number according to the data acquisition request of mobile terminal to mobile terminal, mobile terminal is sent in payment devices after receiving this random number and calculates corresponding verify data by payment devices to the random number received, and is encrypted by the second double secret key verify data preset before sending verify data.
As one embodiment of the present of invention, background server is that payment devices is equipped with unique identity code proving payment devices identity information, and preset second key corresponding with identity code at payment devices, before certified transmission data, utilize the second default double secret key verify data to be encrypted, and carry identity code when return authentication data.
As one embodiment of the present of invention, payment devices adopts 3DES (TripleDataEncryptionAlgorithm, triple data encryption algorithm) encryption method to be encrypted verify data.
Verify data receiver module 1342, for obtaining the verify data of the encryption that mobile terminal sends.
In embodiments of the present invention, the verify data of encryption is sent to mobile terminal by payment devices, the verify data that verify data receiver module 1342 is encrypted from acquisition for mobile terminal.
Authentication module 1343, for being decrypted the verify data of encryption, obtaining verify data and carrying out certification.
In embodiments of the present invention, authentication module 1343 is found out corresponding key according to the identity code carried in verify data and is decrypted the verify data of encryption.After certification is passed through, to mobile terminal return authentication result.
First delivering key module 1344, for the cipher key acquisition request in response to mobile terminal, sends the first key be used for sensitive data encryption to payment devices by mobile terminal.
In embodiments of the present invention, after certification is passed through, in response to the cipher key acquisition request of mobile terminal, close first delivering key module 1344 sends the first key be used for sensitive data encryption to mobile terminal, be sent on payment devices by the first key by mobile terminal.
As one embodiment of the present of invention, in order to prevent being stolen in transmitting procedure of the first key, the first delivering key module 1344 is encrypted the first key before issuing the first key.Preferably, the first delivering key module 1344 adopts 3DES (TripleDataEncryptionAlgorithm, triple data encryption algorithm) encryption method to be encrypted the first key.
In the embodiment of the present invention, background server all sends different keys by mobile terminal to payment devices after certification each time, payment devices utilizes the payment double secret key verify data issued to be encrypted, the key issued due to certification is each time different, can prevent payment devices from being broken through the information leakage causing paying and ask to carry in advance, improve the security of payment.
The foregoing is only preferred embodiment of the present invention, not in order to limit the present invention, all any amendments done within the spirit and principles in the present invention, equivalent replacement and improvement etc., all should be included within protection scope of the present invention.

Claims (17)

1. a method of mobile payment, is characterized in that, said method comprising the steps of:
The payment request that mobile terminal receive sends, described payment request is generated by payment devices, and described payment request carries sensitive data, and has carried out cryptographic operation by described payment devices to sensitive data;
The sensitive data of encryption is decrypted;
Carry out mutual to complete payment according to described payment request and payment platform;
Wherein, carry payer account, payment cipher, beneficiary account and spending amount in described payment request, described sensitive data at least comprises payment cipher.
2. method of mobile payment as claimed in claim 1, is characterized in that, also comprises before the step of the payment request sent from mobile terminal in described reception:
Carry out certification to described payment devices, the backward described payment devices of authentication success issues the first key for encrypting described sensitive data.
3. method of mobile payment as claimed in claim 2, is characterized in that, describedly carries out certification to payment devices, and the step of the first key that the backward described payment devices of authentication success issues for encrypting described sensitive data is specially:
In response to the data acquisition request of described mobile terminal, send random data by described mobile terminal to described payment devices;
Obtain the verify data that described mobile terminal sends, the random data that described verify data is sent according to described mobile terminal by described payment devices calculates, and is encrypted by verify data described in the second double secret key preset;
The verify data of described encryption is decrypted, obtains described verify data and carry out certification;
In response to the cipher key acquisition request of described mobile terminal, sent the first key be used for sensitive data encryption to described payment devices by described mobile terminal.
4. method of mobile payment as claimed in claim 1, it is characterized in that, described method also comprises:
Pay successfully and payment success notification is sent to mobile terminal.
5. a method of mobile payment, is characterized in that, said method comprising the steps of:
Mobile terminal sends consumer requests to payment devices, carries beneficiary account and spending amount in described consumer requests;
Described payment devices generates according to described consumer requests the request of payment, and described consumer requests is sent to mobile terminal, and described payment request carries sensitive data, and has carried out cryptographic operation by described payment devices to sensitive data;
Described payment request is sent to background server by described mobile terminal;
Described background server is decrypted the sensitive data of encryption after receiving described payment request, and carries out mutual to complete payment based on described payment request and payment backstage.
Wherein, payer account, payment cipher, beneficiary account and spending amount are at least carried in described payment request, and described sensitive data at least comprises payment cipher.
6. method of mobile payment as claimed in claim 5, it is characterized in that, described method is further comprising the steps of:
Described background server carries out certification to described payment devices, if certification by; issue the first key for encrypting described sensitive data by described mobile terminal to described payment devices.
7. method of mobile payment as claimed in claim 6, it is characterized in that, described background server carries out certification to described payment devices, if certification by; the step of the first key issued for encrypting sensitive data to payment devices by described mobile terminal is specially:
Described mobile terminal sends data acquisition request to described background server, obtains random data and described random data is sent to described payment devices;
Described payment devices calculates verify data to random data, and is encrypted by verify data described in the double secret key preset.
The verify data that background server is encrypted by acquisition for mobile terminal, is decrypted the verify data of described encryption, obtains verify data and carries out certification;
Background server, in response to the cipher key acquisition request of mobile terminal, sends the first key being used for encrypting described sensitive data to payment devices by mobile terminal.
8. method of mobile payment as claimed in claim 5, it is characterized in that, described method also comprises:
Described background server is paying successfully to described mobile terminal transmission payment success notification.
9. a mobile payment device, is characterized in that, described device comprises:
Receiving element, for the payment request that mobile terminal receive sends, described payment request is generated by payment devices, and described payment request carries sensitive data, and has carried out cryptographic operation by described payment devices to sensitive data;
Decryption unit, for being decrypted the sensitive data of encryption;
Payment unit, for carrying out mutual to complete payment according to described payment request and payment platform;
Wherein, described payment request carries payer account, payment cipher, beneficiary account and spending amount, and described sensitive data at least comprises payment cipher.
10. mobile payment device as claimed in claim 9, it is characterized in that, described device also comprises:
Authentication ' unit, for carrying out certification to payment devices, the backward described payment devices of authentication success issues the first key for encrypting described sensitive data.
11. mobile payment devices as claimed in claim 10, it is characterized in that, described authentication ' unit comprises:
Data transmission blocks, for the data acquisition request in response to described mobile terminal, sends random data by described mobile terminal to described payment devices;
Verify data receiver module, for obtaining the verify data that described mobile terminal sends, the random data that described verify data is sent according to described mobile terminal by described payment devices calculates, and is encrypted by verify data described in the second double secret key preset;
Authentication module, for being decrypted the verify data of described encryption, obtaining described verify data and carrying out certification;
First delivering key module, for the cipher key acquisition request in response to described mobile terminal, sends the first key be used for sensitive data encryption to described payment devices by described mobile terminal.
12. mobile payment devices as claimed in claim 9, it is characterized in that, described device also comprises:
Notification unit, is sent to mobile terminal for paying successfully by payment success notification.
13. 1 kinds of mobile-payment systems, is characterized in that, described system comprises:
Mobile terminal, for sending consumer requests to payment devices, receiving the payment request of described payment devices transmission and described payment request is sent to background server, carrying beneficiary account and spending amount in described consumer requests;
Payment devices, for generating according to described consumer requests the request of payment, being encrypted the described sensitive data carried in request that pays and described payment request is sent to described mobile terminal;
Background server, is decrypted the sensitive data of encryption after receiving the request of payment, and asks based on described payment and pay backstage to carry out mutual to complete payment.
Wherein, payer account, payment cipher, beneficiary account and spending amount are at least carried in described payment request, and described sensitive data at least comprises payment cipher.
14. mobile-payment systems as claimed in claim 13, it is characterized in that, described background server comprises:
Receiving element, for receiving the payment request that described mobile terminal sends;
Decryption unit, for being decrypted the sensitive data of encryption;
Payment unit, for carrying out mutual to complete payment according to described payment request and payment platform.
15. mobile-payment systems as claimed in claim 14, it is characterized in that, described background server also comprises:
Authentication ' unit, for carrying out certification to described payment devices, issues the first key for encrypting sensitive data to payment devices after authentication success.
16. mobile-payment systems as claimed in claim 15, it is characterized in that, described authentication ' unit comprises:
Data transmission blocks, for the data acquisition request in response to described mobile terminal, sends random data by described mobile terminal to described payment devices;
Verify data receiver module, for obtaining the verify data that described mobile terminal sends, the random data that described verify data is sent according to described mobile terminal by described payment devices calculates, and is encrypted by verify data described in the second double secret key preset;
Authentication module, for being decrypted the verify data of described encryption, obtaining described verify data and carrying out certification;
First delivering key module, for the cipher key acquisition request in response to described mobile terminal, sends the first key be used for sensitive data encryption to described payment devices by described mobile terminal.
17. mobile-payment systems as claimed in claim 14, it is characterized in that, described background server also comprises:
Notification unit, is sent to described mobile terminal for paying successfully by payment success notification.
CN201510366135.4A 2015-06-26 2015-06-26 Mobile payment method, mobile payment device and mobile payment Pending CN105046489A (en)

Priority Applications (2)

Application Number Priority Date Filing Date Title
CN201510366135.4A CN105046489A (en) 2015-06-26 2015-06-26 Mobile payment method, mobile payment device and mobile payment
PCT/CN2016/084890 WO2016206530A1 (en) 2015-06-26 2016-06-06 Highly secure mobile payment method, apparatus, and system

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
CN201510366135.4A CN105046489A (en) 2015-06-26 2015-06-26 Mobile payment method, mobile payment device and mobile payment

Publications (1)

Publication Number Publication Date
CN105046489A true CN105046489A (en) 2015-11-11

Family

ID=54453014

Family Applications (1)

Application Number Title Priority Date Filing Date
CN201510366135.4A Pending CN105046489A (en) 2015-06-26 2015-06-26 Mobile payment method, mobile payment device and mobile payment

Country Status (2)

Country Link
CN (1) CN105046489A (en)
WO (1) WO2016206530A1 (en)

Cited By (8)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN106209386A (en) * 2016-10-10 2016-12-07 中国银行股份有限公司 A kind of methods, devices and systems realizing safety certification
CN106228356A (en) * 2016-07-13 2016-12-14 广东商联支付网络技术有限公司 A kind of use bracelet to substitute entity member card to carry out the method and device that pays
WO2016206530A1 (en) * 2015-06-26 2016-12-29 深圳国微技术有限公司 Highly secure mobile payment method, apparatus, and system
CN107085791A (en) * 2017-04-19 2017-08-22 深圳市金立通信设备有限公司 A kind of electric paying method and terminal
CN107516196A (en) * 2017-09-04 2017-12-26 杭州哲信信息技术有限公司 A kind of mobile-payment system and its method of mobile payment
CN108804942A (en) * 2018-05-29 2018-11-13 广东通莞科技股份有限公司 Sensitive data identifying system in a kind of mobile payment
CN109493023A (en) * 2018-10-17 2019-03-19 珠海横琴现联盛科技发展有限公司 Mobile payment settle accounts calculation method based on anti-tamper Encryption Algorithm
CN112036859A (en) * 2020-08-31 2020-12-04 深圳市兆珑科技有限公司 Secure payment method and device

Families Citing this family (1)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US11645642B2 (en) * 2017-10-26 2023-05-09 Jack Shauh Mobile payment system and method using a mobile payment device without an installed application

Citations (1)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN104094302A (en) * 2012-01-05 2014-10-08 维萨国际服务协会 Data protection with translation

Family Cites Families (5)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US8041646B2 (en) * 2005-06-15 2011-10-18 E. E. System Corporation Method and system for real time online debit transactions
CN102354418B (en) * 2011-10-09 2014-07-16 钱袋网(北京)信息技术有限公司 System for processing trade information and method therefor
CN103136668A (en) * 2011-11-28 2013-06-05 中兴通讯股份有限公司 Terminal payment method, terminal and payment platform
CN104240073A (en) * 2014-10-11 2014-12-24 上海众人科技有限公司 Offline payment method and offline payment system on basis of prepaid cards
CN105046489A (en) * 2015-06-26 2015-11-11 深圳国微技术有限公司 Mobile payment method, mobile payment device and mobile payment

Patent Citations (1)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN104094302A (en) * 2012-01-05 2014-10-08 维萨国际服务协会 Data protection with translation

Cited By (12)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
WO2016206530A1 (en) * 2015-06-26 2016-12-29 深圳国微技术有限公司 Highly secure mobile payment method, apparatus, and system
CN106228356A (en) * 2016-07-13 2016-12-14 广东商联支付网络技术有限公司 A kind of use bracelet to substitute entity member card to carry out the method and device that pays
CN106209386A (en) * 2016-10-10 2016-12-07 中国银行股份有限公司 A kind of methods, devices and systems realizing safety certification
CN106209386B (en) * 2016-10-10 2019-09-27 中国银行股份有限公司 A kind of methods, devices and systems for realizing safety certification
CN107085791A (en) * 2017-04-19 2017-08-22 深圳市金立通信设备有限公司 A kind of electric paying method and terminal
CN107516196A (en) * 2017-09-04 2017-12-26 杭州哲信信息技术有限公司 A kind of mobile-payment system and its method of mobile payment
CN108804942A (en) * 2018-05-29 2018-11-13 广东通莞科技股份有限公司 Sensitive data identifying system in a kind of mobile payment
CN109493023A (en) * 2018-10-17 2019-03-19 珠海横琴现联盛科技发展有限公司 Mobile payment settle accounts calculation method based on anti-tamper Encryption Algorithm
CN109493023B (en) * 2018-10-17 2022-01-25 珠海横琴井通容智科技信息有限公司 Mobile payment settlement method based on tamper-proof encryption algorithm
CN112036859A (en) * 2020-08-31 2020-12-04 深圳市兆珑科技有限公司 Secure payment method and device
WO2022042106A1 (en) * 2020-08-31 2022-03-03 百富计算机技术(深圳)有限公司 Secure payment method and apparatus
CN112036859B (en) * 2020-08-31 2022-05-27 百富计算机技术(深圳)有限公司 Secure payment method and device

Also Published As

Publication number Publication date
WO2016206530A1 (en) 2016-12-29

Similar Documents

Publication Publication Date Title
CN112602300B (en) System and method for password authentication of contactless cards
US11068883B2 (en) Apparatus and methods for secure element transactions and management of assets
EP3050247B1 (en) Method for securing over-the-air communication between a mobile application and a gateway
CN105046489A (en) Mobile payment method, mobile payment device and mobile payment
US11741461B2 (en) Method for performing non-repudiation, and payment managing server and user device therefor
US10972257B2 (en) Multi-level communication encryption
US20210117957A1 (en) Systems and methods for performing a reissue of a contactless card
US20150066778A1 (en) Digital card-based payment system and method
Husni et al. Efficient tag-to-tag near field communication (NFC) protocol for secure mobile payment
JP2022501872A (en) Systems and methods for cryptographic authentication of non-contact cards
JP2022511281A (en) Systems and methods for cryptographic authentication of non-contact cards
CN112639785A (en) System and method for signaling potential attacks on contactless cards
AU2020343996B2 (en) Systems and methods for performing a reissue of a contactless card
US8819431B2 (en) Methods and device for electronic entities for the exchange and use of rights
KR101710950B1 (en) Method for distributing encrypt key, card reader and system for distributing encrypt key thereof
JP2022501861A (en) Systems and methods for cryptographic authentication of non-contact cards
KR101691169B1 (en) Method for distributing encrypt key, card reader, authentification server and system for distributing encrypt key thereof
US11960581B2 (en) Mobile device secret protection system and method
US20210350364A1 (en) Secure method for transmitting data between a payment terminal and a wireless printer.
AU2023258357A1 (en) Systems and methods for performing a reissue of a contactless card
CN203151541U (en) Electronic service system
KR20180040869A (en) Method for processing payment, potable terminal and payment system thereof

Legal Events

Date Code Title Description
C06 Publication
PB01 Publication
C10 Entry into substantive examination
SE01 Entry into force of request for substantive examination
TA01 Transfer of patent application right
TA01 Transfer of patent application right

Effective date of registration: 20181029

Address after: 518000 Nanshan District, Shenzhen, Guangdong, Guangdong Province, South China's high street, 1 new building, 106

Applicant after: Shenzhen state micro Financial Technologies Ltd

Address before: 518057 Guangdong Province Shenzhen Nanshan District High-tech Industrial Park South District High-tech Nandao National Micro-R&D Building 1 Floor West Part 2 Floor

Applicant before: Guowei Teih Co., Ltd., Shenzhen

RJ01 Rejection of invention patent application after publication
RJ01 Rejection of invention patent application after publication

Application publication date: 20151111