Summary of the invention
But inventor finds in research process, due to Third-party payment industry data safety criterion (PaymentCardIndustryDataSecurityStandard, PCIDSS) do not allow international payments system storage user at the beginning to the confirmation code (CVN) of international payments system input, so, international payments system after initiate authorized application to Third-party payment platform in, just the confirmation code that user inputs at the beginning cannot be passed to Third-party payment platform.And in 3D payment process, if final Third-party payment platform cannot get the confirmation code that user inputs at the beginning, also just cannot realize information authentication.Therefore, the successful efficiency of prior art information authentication in implementation process is very low, further, also have impact on the experience that user uses 3D to pay.
Technical problems to be solved in this application are to provide a kind of information authentication method based on confirmation code, in order to avoid in prior art owing to international payments system can not store the low success rate of problem of information authentication that confirmation code causes as far as possible, further, moreover it is possible to promote user and use the 3D experience paid.
Present invention also provides a kind of information authentication device based on confirmation code and information authentication system, in order to ensure said method realization in practice and application.
In order to solve the problems referred to above, this application discloses a kind of information authentication method based on confirmation code, including:
Described method for authenticating is applied in the payment system in right discriminating system, and described right discriminating system also includes: Third-party payment platform;Described method includes:
Receive the confirmation code that is currently entered of user and treat authentication information;
Described confirmation code correspondence is stored to buffer memory;Wherein, described buffer memory for storing described confirmation code in Preset Time;
By described treat authentication information send to described Third-party payment platform and receive described Third-party payment platform return information after, with reference to described information trigger described payment system jump to a password authentification interface for display;
The payment cipher inputted at described password authentification interface in response to user is by verifying, by the confirmation code in described buffer memory with described treat that authentication information sends to described Third-party payment platform to realize authenticating, and deletes described confirmation code in described buffer memory.
This application discloses a kind of information authentication device based on confirmation code, including:
Described device is integrated in the payment system in right discriminating system, and described right discriminating system also includes Third-party payment platform, and described device includes:
Receiver module, for receiving confirmation code that user is currently entered and treating authentication information;
Cache module, for storing described confirmation code correspondence to buffer memory;Wherein, described buffer memory for storing described confirmation code in Preset Time;
Trigger module, for by described treat authentication information send to described Third-party payment platform and receive described Third-party payment platform return information after, with reference to described information trigger described payment system jump to a password authentification interface for display;
Sending module, for the payment cipher that input at described password authentification interface in response to user by verifying, by the confirmation code in described buffer memory with described treat that authentication information sends to described Third-party payment platform to realize authenticating;
Removing module, for deleting described confirmation code in described buffer memory.
This application discloses a kind of information authentication system based on confirmation code, including:
Including aforesaid information authentication device, and, Third-party payment platform.
Compared with prior art, the application includes advantages below:
In the embodiment of the present application, international payments system stores, by arranging an independent spatial cache, the confirmation code that user starts to input most, and from buffer memory, this confirmation code is deleted again after authentication completes, thus the requirement of PCIDSS can be met, also can avoid the low success rate of problem of information authentication in prior art as far as possible, further, moreover it is possible to promote user and use the 3D experience paid.
Certainly, the arbitrary product implementing the application it is not absolutely required to reach all the above advantage simultaneously.
Detailed description of the invention
Below in conjunction with the accompanying drawing in the embodiment of the present application, the technical scheme in the embodiment of the present application is clearly and completely described, it is clear that described embodiment is only some embodiments of the present application, rather than whole embodiments.Based on the embodiment in the application, the every other embodiment that those of ordinary skill in the art obtain under not making creative work premise, broadly fall into the scope of the application protection.
The application can be used in numerous general or special purpose calculation element environment or configuration.Such as: personal computer, server computer, handheld device or portable set, laptop device, multi-processor device, the distributed computing environment including any of the above device or equipment etc..
The application can described in the general context of computer executable instructions, for instance program module.Usually, program module includes performing particular task or realizing the routine of particular abstract data type, program, object, assembly, data structure etc..The application can also be put into practice in a distributed computing environment, in these distributed computing environment, the remote processing devices connected by communication network perform task.In a distributed computing environment, program module may be located in the local and remote computer-readable storage medium including storage device.
With reference to Fig. 1, it is shown that the flow chart of a kind of information authentication embodiment of the method based on confirmation code of the application, the method for authenticating of the embodiment of the present application can apply in the international payments system in right discriminating system, and this right discriminating system can also include: Third-party payment platform;The present embodiment may comprise steps of:
Step 101: receive the confirmation code that is currently entered of user and treat authentication information.
First, international payments system receives the confirmation code of user's input and treats authentication information, wherein, treats that authentication information includes the information such as bank card number, bank card effect duration, and the security code of the fixing figure place that confirmation code is the bank card back side, for instance the credit card 3 stationary digital " 567 " behind.Wherein, the bank card in the embodiment of the present application can be the credit card or the debit card with confirmation code.And international payments system refers to and carries out the international payments system of information authentication with international credit card issuer.
Step 102: described confirmation code correspondence is stored to buffer memory;Wherein, described buffer memory for storing described confirmation code in Preset Time.
In the embodiment of the present application, international payments system can be separately provided a buffer memory for of short duration storage confirmation code, and in order to avoid not meeting the regulation of PCIDSS, in this buffer memory, confirmation code can only be present in this buffer memory in Preset Time.Such as, the one section of set time (such as 1 hour) preset, or, to treat the trigger instants that authentication information successful authentication is trigger condition, if namely treating authentication information successful authentication at step 104, trigger the deletion of confirmation code in buffer memory.
Wherein it is possible to be understood by, buffer memory can be the memory space one piece independent within international payments system, it is also possible to be the separate server etc. being connected with international payments system.
Step 103: by described treat authentication information send to described Third-party payment platform and receive described Third-party payment platform return information after, with reference to described information trigger described payment system jump to a password authentification interface for display.
With reference to shown in Fig. 2, it is being a scene structure figure in practical application for the embodiment of the present application.International payments system 201 will confirm that code stores in the process to buffer memory, the information such as bank card number and effect duration also can be sent to coupled Third-party payment platform 202, Third-party payment platform 202 is after receiving the information such as bank card number and effect duration, can judge that this bank card is either with or without registering, if had, then returning an information to international payments system, browser is jumped to the password authentification interface of this bank card and shows user by prompting international payments system.
Step 104: the payment cipher inputted at described password authentification interface in response to user is by verifying, by the confirmation code in described buffer memory with described treat that authentication information sends to described Third-party payment platform to realize authenticating.
User can input the payment cipher of the bank card of oneself and send to the credit card issuer of bank card and be verified at password authentification interface, if the verification passes, credit card issuer can transmit verification result to international payments system, and trigger international payments system with this result and it was once stored confirmation code in the buffer, bank card number and effect duration wait that authentication information sends to described Third-party payment platform, Third-party payment platform can according to confirmation code with treat to authenticate the 3D that this user currently initiates by authentication information whether pay request effective, thus realizing authentication.
Step 105: delete described confirmation code in described buffer memory.
Then international payments system deletes the confirmation code of storage in the buffer.
Visible, in the embodiment of the present application, international payments system stores, by arranging an independent spatial cache, the confirmation code that user starts to input most, and from buffer memory, this confirmation code is deleted again after authentication completes, thus the requirement of PCIDSS can be met, also can avoid the low success rate of problem of information authentication in prior art, further, moreover it is possible to promote user and use the 3D experience paid as far as possible.
In order to facilitate those skilled in the art's understanding to the application process that realizes in actual applications, a specific example is described below.
Step A1: international payments system receives the confirmation code that is currently entered of user and treats authentication information.
Wherein, step A1 to realize process similar with step 101, do not repeat them here.
At this object lesson or, the process that realizes of step 102 can include step A2~step A3.
Step A2: international payments system will confirm that code is encrypted according to the Third-party payment industry data safety criterion PCIDSS AES approved, and store corresponding with current business mark for the confirmation code after encryption to buffer memory.
International payments system is after receiving confirmation code, in the present example, stores to buffer memory after will confirm that code encryption again.Wherein, international payments system can adopt the PCIDSS AES approved to be encrypted, and stores corresponding with current business mark for the confirmation code after encryption to buffer memory.Wherein, current business is designated: international payments system is the identification information for uniquely identifying current authentication services that Client-initiated current 3D payment transaction generates.Such as, it is the serial number etc. of a regular length.Shown in table 1, for the storage mode of the confirmation code after the encryption of storage in buffer memory, wherein, key is current business mark, and value is the confirmation code after encryption.
Table 1
Key |
Value |
Current business identifies |
CVN information after encryption |
Step A3: the encryption key of employing is stored to key management infrastructure KMI system by international payments system.
In the present example, the encryption key in step A2, confirmation code encryption adopted can also be stored to KMI (KeyMangementInfrastruture, key management infrastructure) by international payments system.Wherein, for the convenient use to confirmation code, it is possible to adopt unified encryption key that confirmation code is encrypted.
This example and the embodiment shown in Fig. 1 also differ in that, this example includes step A4:
Step A4: the mission bit stream of described confirmation code is preserved to data base by international payments system, the mission bit stream of described confirmation code may include that described current business mark, described confirmation code preserves in the buffer Preset Time and the authentication status of current business.
In the present example, the mission bit stream relevant to confirmation code can also be stored to data base by international payments system, and this data base can adopt any memory space of international payments system to realize.Wherein, the authentication status of current business mark, Preset Time that confirmation code preserves in the buffer and current business, for instance authenticate or do not authenticate.When initial preservation, authentication status is and does not authenticate.
Table 2
Payment_order_id |
Trigger_time |
Status |
Current business identifies |
Preset Time |
The state whether consumed |
Subsequently enter step A5: by described treat authentication information send to described Third-party payment platform and receive described Third-party payment platform return information after, international payments system with reference to described information trigger described payment system jump to a password authentification interface for display.
It is understood that step A5 and step 103 to realize process identical, do not repeat them here.
It should be noted that in the present example, step 104 can include step A6~step A8.
Step A6: the payment cipher inputted at described password authentification interface in response to user passes through to verify, international payments system reads the confirmation code after the encryption of correspondence according to described current business mark from described buffer memory, and obtains encryption key from described KMI system.
First, if the user while the payment cipher of password authentification interface input has passed through the checking of credit card issuer, so international payments system is after the notification message receiving credit card issuer, the confirmation code after the encryption of correspondence can be got according to current business mark from table 1, and the encryption key adopted when encrypting into confirmation code can be got from KMI system.
Step A7: international payments system adopts described encryption key that the confirmation code after described encryption is decrypted, and is confirmed code.
International payments system re-uses encryption key and the confirmation code after encryption is decrypted, thus obtaining unencrypted confirmation code.
Step A8: international payments system will confirm that code and treats that authentication information sends to Third-party payment platform to realize authentication.
International payments system will confirm that code, bank card number and effect duration wait that authentication information sends and realize authenticating to Third-party payment platform.
Step A9: whether international payments system real-time judge current time arrives the Preset Time that confirmation code is deleted, if it is, enter step A0.
After authenticating successfully, international payments system judges whether current time arrives the Preset Time deleting confirmation code, for instance whether arrive 1 hour.If in table 1, storage is a trigger condition, for instance treat authentication information successful authentication, then then judge whether step A8 has authenticated successfully in this step.If it is understood that current time does not also arrive the Preset Time that confirmation code is deleted, then not carrying out any operation.
Step A10: international payments system is according to the confirmation code after encryption corresponding in buffer memory described in described current business identifier lookup.
If arriving the Preset Time deleting confirmation code, then from buffer memory, search the confirmation code after the encryption of correspondence again according to current business mark.
Step A11: international payments system deletes the confirmation code after described encryption in described buffer memory, and the authentication status of described current business is revised as completes in the database.
International payments system deletes the confirmation code after encryption more in the buffer, after deleting successfully, just no longer has confirmation code in buffer memory, and the authentication status in table 2 is revised as from data base and completes.
For aforesaid embodiment of the method, in order to be briefly described, therefore it is all expressed as a series of combination of actions, but those skilled in the art should know, the application is not by the restriction of described sequence of movement, because according to the application, some step can adopt other orders or carry out simultaneously.Secondly, those skilled in the art also should know, embodiment described in this description belongs to preferred embodiment, necessary to involved action and module not necessarily the application.
The method that based on the information authentication embodiment of the method for confirmation code provide a kind of with above-mentioned the application is corresponding, referring to Fig. 3, present invention also provides a kind of information authentication device embodiment based on confirmation code, in the present embodiment, device can be integrated in the payment system in right discriminating system, this right discriminating system can also include Third-party payment platform, and this device may include that
Receiver module 301, for receiving confirmation code that user is currently entered and treating authentication information.
Cache module 302, for storing described confirmation code correspondence to buffer memory;Wherein, described buffer memory for storing described confirmation code in Preset Time.
Trigger module 303, for by described treat authentication information send to described Third-party payment platform and receive described Third-party payment platform return information after, with reference to described information trigger described payment system jump to a password authentification interface for display.
Sending module 304, for the payment cipher that input at described password authentification interface in response to user by verifying, by the confirmation code in described buffer memory with described treat that authentication information sends to described Third-party payment platform to realize authenticating.
Removing module 305, for deleting described confirmation code in described buffer memory.
Optionally, in various embodiments, described cache module 302 specifically may include that
Encryption submodule, for being encrypted described confirmation code according to the Third-party payment industry data safety criterion PCIDSS AES approved;First sub module stored, for storing corresponding with current business mark for the confirmation code after encryption to buffer memory;Described current business is designated: the identification information for the current authentication services of unique mark that described payment system generates;With, the second sub module stored, for storing the encryption key of employing to key management infrastructure KMI system;
Then corresponding described sending module, 304 specifically may include that
Reading submodule, for reading the confirmation code after corresponding encryption according to described current business mark from described buffer memory;Obtain submodule, for obtaining encryption key from described KMI system;Deciphering submodule, for adopting described encryption key that the confirmation code after described encryption is decrypted, is confirmed code;With, send submodule, for by described confirmation code and described treat authentication information send to described Third-party payment platform with realizes authenticate.
Optionally, in various embodiments, this device can also include:
Preserving task module, for the mission bit stream of described confirmation code being preserved to data base, the mission bit stream of described confirmation code includes: the authentication status of described current business mark, the erasing time of described confirmation code and current business;Then corresponding described removing module 305, specifically may include that
Judge submodule, for judging whether current time arrives the erasing time of described confirmation code;Described erasing time is: the one period of set time preset, or, with the described trigger instants treating that authentication information successful authentication is trigger condition;Search submodule, for when the result of described judgement submodule is for being, according to the confirmation code after encryption corresponding in buffer memory described in described current business identifier lookup;Delete submodule, be used for the confirmation code after deleting described encryption in described buffer memory;With, revise submodule, complete in the database the authentication status of described current business being revised as.
In the embodiment of the present application, international payments system stores, by arranging an independent spatial cache, the confirmation code that user starts to input most, and from buffer memory, this confirmation code is deleted again after authentication completes, thus the requirement of PCIDSS can be met, also can avoid the low success rate of problem of information authentication in prior art as far as possible, further, moreover it is possible to promote user and use the 3D experience paid.
The embodiment of the present application additionally provides a kind of international payments system based on confirmation code, and this system can include the information authentication device shown in Fig. 3, and, Third-party payment platform.
In the embodiment of the present application, international payments system stores, by arranging an independent spatial cache, the confirmation code that user starts to input most, and from buffer memory, this confirmation code is deleted again after authentication completes, thus the requirement of PCIDSS can be met, also can avoid the inefficient problem of information authentication success in prior art as far as possible, further, moreover it is possible to promote user and use the 3D experience paid.
It should be noted that each embodiment in this specification all adopts the mode gone forward one by one to describe, what each embodiment stressed is the difference with other embodiments, between each embodiment identical similar part mutually referring to.For device class embodiment, due to itself and embodiment of the method basic simlarity, so what describe is fairly simple, relevant part illustrates referring to the part of embodiment of the method.
Finally, it can further be stated that, in this article, the relational terms of such as first and second or the like is used merely to separate an entity or operation with another entity or operating space, and not necessarily requires or imply the relation that there is any this reality between these entities or operation or sequentially.And, term " includes ", " comprising " or its any other variant are intended to comprising of nonexcludability, so that include the process of a series of key element, method, article or equipment not only include those key elements, but also include other key elements being not expressly set out, or also include the key element intrinsic for this process, method, article or equipment.When there is no more restriction, statement " including ... " key element limited, it is not excluded that there is also other identical element in including the process of described key element, method, article or equipment.
Above provided herein is described in detail based on the information authentication method of confirmation code, Apparatus and system, principle and the embodiment of the application are set forth by specific case used herein, and the explanation of above example is only intended to help and understands the present processes and core concept thereof;Simultaneously for one of ordinary skill in the art, according to the thought of the application, all will change in specific embodiments and applications, in sum, this specification content should not be construed as the restriction to the application.