CN106920091A - A kind of method of payment and SOS - Google Patents
A kind of method of payment and SOS Download PDFInfo
- Publication number
- CN106920091A CN106920091A CN201510997423.XA CN201510997423A CN106920091A CN 106920091 A CN106920091 A CN 106920091A CN 201510997423 A CN201510997423 A CN 201510997423A CN 106920091 A CN106920091 A CN 106920091A
- Authority
- CN
- China
- Prior art keywords
- backstage
- information
- module
- sos
- single system
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Pending
Links
Classifications
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06Q—INFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES, NOT OTHERWISE PROVIDED FOR
- G06Q20/00—Payment architectures, schemes or protocols
- G06Q20/38—Payment protocols; Details thereof
- G06Q20/382—Payment protocols; Details thereof insuring higher security of transaction
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06Q—INFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES, NOT OTHERWISE PROVIDED FOR
- G06Q20/00—Payment architectures, schemes or protocols
- G06Q20/30—Payment architectures, schemes or protocols characterised by the use of specific devices or networks
- G06Q20/34—Payment architectures, schemes or protocols characterised by the use of specific devices or networks using cards, e.g. integrated circuit [IC] cards or magnetic cards
- G06Q20/341—Active cards, i.e. cards including their own processing means, e.g. including an IC or chip
Landscapes
- Business, Economics & Management (AREA)
- Engineering & Computer Science (AREA)
- Accounting & Taxation (AREA)
- Physics & Mathematics (AREA)
- Strategic Management (AREA)
- General Business, Economics & Management (AREA)
- General Physics & Mathematics (AREA)
- Theoretical Computer Science (AREA)
- Computer Networks & Wireless Communication (AREA)
- Microelectronics & Electronic Packaging (AREA)
- Computer Security & Cryptography (AREA)
- Finance (AREA)
- Financial Or Insurance-Related Operations Such As Payment And Settlement (AREA)
Abstract
It is SOS due to there are two systems one in this programme the invention discloses a kind of method of payment and SOS, another is open operation system.During all of application can be only installed at open operation system in the prior art, and open operation system is unable to the data in access safety operating system.So, being paid in the embodiment of the present invention and completed by SOS, payment information is all processed by SOS and receives single system with backstage and interacted.Malware can be only installed in open operation system, but its cannot access safety operating system, so payment information cannot be obtained, also cannot just intercept and change transaction data, so, in the embodiment of the present invention, the security of user profile can be improved.
Description
Technical field
The present invention relates to communication technical field, more particularly to a kind of method of payment and SOS.
Background technology
With the continuous culture that the continuous popularization of smart card (including financial IC card) and customer consumption are accustomed to,
Smart card in user's hand both can be used for daily consumption clearing, while the application that can download trade company is carried out
Integration and preferential activity etc., realize the function of one card for multiple uses.MPOS (mobile POS, mobile phone card-brushing
Device) it is more cheap than traditional POS (point of sale, point-of-sale terminal) due to it so that and hold consumption
Applicable trade company is more, thereby facilitating customer consumption.For example, as shown in figure 1, to lead in the prior art
Cross the structural representation that mPOS completes to pay.
MPOS mainly includes that single system group is received on accepting terminal, intelligent terminal, open transmission network and backstage
Into.Initiate to pay request by the secure payment application carried on intelligent terminal, obtained by accepting terminal and concluded the business
Information (user profile of such as smart card, payment cipher, payment of input etc.).Accepting terminal will
Transaction Information is transmitted to rear by opening transmission network by intelligent terminal after the Transaction Information encryption of acquisition
Platform receives single system.Backstage is received single system and is responsible for decrypted transaction information, and is processed, and result is anti-
Feed intelligent terminal.
But due to the safety problem of current intelligent terminal, cause user's existence information during being traded to be let out
The risk of leakage, for example:Because intelligent terminal carries some open operation systems (such as Android system), when
By root or after escaping from prison, attacker probably obtains intelligence eventually to operating system by being implanted into malicious application
Data in end, and the interactive information of intelligent terminal and accepting terminal is monitored, while can intercept and change receiving
The transaction data that reason terminal sends, the risk for causing user profile to reveal.So a kind of, it is necessary to new payment
Method is improving the security of user profile.
The content of the invention
A kind of method of payment and SOS are the embodiment of the invention provides, is used to solve what be presently, there are
In payment process, user profile easily leakage problem.
A kind of method of payment is the embodiment of the invention provides, including:
After SOS receives the startup information that open operation system sends, the preset of intelligent terminal is obtained
The exclusive control of peripheral module;Wherein, intelligent terminal includes SOS and open operation system;
Open operation system is used to install various applications;During SOS has and does not allow open operation system
The function of the data in any application access safety operating system;Preset peripheral module at least includes providing user
It is input into the module of informational function;And,
Single system foundation is received with backstage to be connected, and receive single system with backstage consult encryption rule and decryption rule;
The payment information of preset peripheral module input is obtained, and is sent out after payment information is encrypted according to encryption rule
Give backstage and receive single system;The payment information at least including paying party smart card information, dealing money with
And the accounts information of beneficiary;
Receive backstage and receive the result that single system is returned;Wherein, result be backstage receive single system according to
Decrypt the result after rule is decrypted and processed to payment information.
Further, the embodiment of the present invention additionally provides a kind of SOS, including:
Start message processing module, for after the startup information for receiving the transmission of open operation system, obtaining intelligence
The exclusive control of the preset peripheral module of device;Wherein, intelligent apparatus include SOS and open
Put operating system;Open operation system is used to install various applications;SOS has not to be allowed to open
The function of the data in any application access safety operating system in operating system;Preset peripheral module is at least
Module including providing user input informational function;And,
Link block, is connected for receiving single system foundation with backstage, and receives single system negotiation encryption rule with backstage
Then with decryption rule;
Payment information processing module, the payment information for obtaining preset peripheral module input, and according to encryption
Rule is sent to backstage and receives single system after payment information is encrypted;The payment information at least includes paying party
The accounts information of smart card information, dealing money and beneficiary;
Result receiver module, the result that single system is returned is received for receiving backstage;Wherein, process
Result is that the result after single system is decrypted and processed according to decryption rule to payment information is received on backstage.
The present invention has the beneficial effect that:In technical scheme described in the embodiment of the present invention, due to being in the presence of two
Unified is SOS, and another is open operation system.All of application can only in the prior art
In open operation system, and open operation system is unable to the data in access safety operating system.Therefore
This, pays in the embodiment of the present invention and is completed by SOS, and payment information is all by SOS
Manage and receive single system with backstage and interact.Malware be can be only installed in open operation system, but it cannot be visited
SOS is asked, so payment information cannot be obtained, also cannot just be intercepted and be changed transaction data, therefore
This, in the embodiment of the present invention, can improve the security of user profile.
Brief description of the drawings
Technical scheme in order to illustrate more clearly the embodiments of the present invention, institute in being described to embodiment below
The accompanying drawing for needing to use is briefly introduced, it should be apparent that, drawings in the following description are only of the invention
Some embodiments, for one of ordinary skill in the art, on the premise of not paying creative work,
Other accompanying drawings can also be obtained according to these accompanying drawings.
Fig. 1 show the structural representation for completing payment by mPOS in the prior art;
Fig. 2 show the schematic flow sheet of method of payment described in the embodiment of the present invention one;
Fig. 3 show the schematic diagram of payment interface described in the embodiment of the present invention one;
Fig. 4 (a) show the first schematic diagram of random keyboard described in the embodiment of the present invention one;
Fig. 4 (b) show second schematic diagram of random keyboard described in the embodiment of the present invention one;
Fig. 5 show the schematic flow sheet of method of payment described in the embodiment of the present invention two;
Equipment connection structure when realizing that Fig. 6 show method of payment described in the embodiment of the present invention two is illustrated
One of figure;
Equipment connection structure when realizing that Fig. 7 show method of payment described in the embodiment of the present invention two is illustrated
The two of figure;
Fig. 8 show the structural representation of SOS described in the embodiment of the present invention three.
Specific embodiment
The embodiment of the invention provides a kind of method of payment and SOS.Described in the embodiment of the present invention
It is SOS due to there are two systems one in technical scheme, another is open operation system
System.During all of application can be only installed at open operation system in the prior art, and open operation system can not
Data in access safety operating system.So, paid in the embodiment of the present invention and completed by SOS,
Payment information is all processed by SOS and receives single system with backstage and interacted.Malware can be only installed at
In open operation system, but its cannot access safety operating system, so payment information cannot be obtained, also
Transaction data cannot be intercepted and change, so, in the embodiment of the present invention, the safety of user profile can be improved
Property.
In order that the object, technical solutions and advantages of the present invention are clearer, below in conjunction with accompanying drawing to this hair
It is bright to be described in further detail, it is clear that described embodiment is only a part of embodiment of the invention,
Rather than whole embodiments.Based on the embodiment in the present invention, those of ordinary skill in the art are not doing
Go out all other embodiment obtained under the premise of creative work, belong to the scope of protection of the invention.
Embodiment one:
As shown in Fig. 2 it is the schematic flow sheet of method of payment described in the embodiment of the present invention one, the branch
The method of paying may include following steps:
Step 201:After SOS receives the startup information that open operation system sends, intelligence is obtained
The exclusive control of the preset peripheral module of terminal;Wherein, intelligent terminal includes SOS and opens
Put operating system;Open operation system is used to install various applications;SOS has not to be allowed to open
The function of the data in any application access safety operating system in operating system;Preset peripheral module is at least
Module including providing user input informational function.
Wherein, in one embodiment, in payment process, preset peripheral module is available for user input to pay
The payment informations such as password, payment.
Wherein, in one embodiment, open operation system is constantly in running status under normal circumstances, and
With the exclusive control to preset peripheral module, and in order to save electric energy, the safety operation of intelligent terminal
System in open operation system operation in a dormant state.When open operation system sends startup information to peace
After full operation system, SOS is waken up, and obtains the unique of the preset peripheral module of intelligent terminal
Control.And now, open operation system loses the exclusive control to preset peripheral module, for the purposes of
Electric energy is saved, open operation system is in a dormant state.And open operation system is lost to preset peripheral module
Exclusive control after, due to uncontrollable peripheral module, also cannot just obtain user by peripheral module
The information of input, such as payment cipher, payment etc., so, SOS obtains preset peripheral hardware
The exclusive control of module can improve the security of payment information.
Wherein, in one embodiment, the exclusive control of preset peripheral module refers to the same time, safety
Only having a system in operating system and open operation system can carry out information exchange with preset peripheral module.
During specific implementation, the mode that SOS obtains exclusive control can be according to prior art reality
Existing, the present invention is not limited this.For example, under ARM platforms, SOS receives startup letter
During breath, by the SCR (Secure of the CPU (Central Processing Unit, central processing unit) of intelligent terminal
Configuration Register, secure configuration registers) in Nsbit (Non-secure bit, non-security shape
State flag bit) 0 is set to, demonstrate the need for for CPU switching to SOS, and preserve the upper of CPU
Context information is used for restoring scene after pattern switching, then by SMC (Secure Monitor Call, peace
Syntype is called) enter SOS, can dynamically configure internal memory, pre- using safety protection controller
Peripheral module is put for secure and non-secure region, the number of content and preset peripheral module in SOS
According to being all stored in safety zone;Application program access safety region under from open operation system
When, CPU will refuse the request, and thus SOS obtains exclusive control;It is similar in Intel
Can equally be completed using SMX (Safer Mode Extensions, safe mode extension) instruction under platform
State operation.The specific mode for obtaining exclusive control, can be different according to operating platform difference, of the invention
This is not limited.
Payment application can be installed, the startup information in step 201 can be paid in open operation system
Using being sent to SOS.For example, paying application interface as shown in figure 3, user clicks on the boundary
After " receiving single " button in face, pay application and just generate startup information, and startup information is sent to safety
Operating system.It should be noted that Fig. 3 is only used for illustrating the embodiment of the present invention, it is not used to limit this hair
Bright embodiment, during specific implementation, can according to actual needs design the interface for paying application.
Wherein, in one embodiment, startup information can also be open operation system detectio to predetermined registration operation
Startup information is generated and sent afterwards to SOS.If for example, intelligent terminal be intelligent touch screen terminal,
Open operation system detects the gesture operation that user performs in the process of running, if detecting the hand of user's execution
When gesture operation is for default gesture, then open operation system generates and sends startup information to SOS.
Wherein, gesture is preset, e.g. gesture draws preset pattern (such as circle), Huo Zhe on the touchscreen
Point touching screen preset times etc. in preset duration.It should be noted that during specific implementation, can regard actual
Need to set default gesture, the present invention does not limit this.
Step 202:With backstage receive single system set up be connected, and with backstage receive single system negotiation encryption rule and
Decryption rule.
Step 203:Obtain the payment information of preset peripheral module input, and according to encryption rule by disbursement letter
Backstage is sent to after encryption for information and receives single system;The payment information at least smart card information including paying party,
The accounts information of dealing money and beneficiary.
Step 204:Receive backstage and receive the result that single system is returned;Wherein, result is that backstage is received
Single system according to decryption rule payment information is decrypted and processed after result.
For ease of understanding method of payment provided in an embodiment of the present invention, the method is carried out further below
It is bright, including herein below:
1), wherein, in one embodiment, for ease of being further ensured that the safety of payment information, step 201
In startup information include encryption identification authentication data;The preset of intelligent terminal is obtained in step 201
Before the exclusive control of peripheral module, identification authentication data can also be solved in the embodiment of the present invention
It is close, and whether the identification authentication data compared after decryption is consistent with the identification authentication data for prestoring;If consistent,
The step of then performing the exclusive control of the preset peripheral module for obtaining intelligent terminal;If inconsistent, to opening
Put operating system and send authentication failure message.
For example, when installation payment is applied in open operation system, paying the authentication number that application will be encrypted
According to carrying SOS is sent in startup information.After SOS receives startup information,
The identification authentication data in startup information is decrypted first, then compares the identification authentication data after decryption
It is whether consistent with the identification authentication data for prestoring.If consistent, then it is assumed that it is legal application to pay application, is opened
Dynamic information is legal and effective, and unique control of the preset peripheral module of intelligent terminal is just obtained afterwards
Power.So, the legitimacy certification to starting information is actually completed, it is to avoid disabled user's (or application)
Startup information is sent, and carries out follow-up delivery operation.In such manner, it is possible to safety of guaranteeing payment.
2), on step 202:
Wherein, receive single system to consult encryption rule and decryption rule with backstage in one embodiment is, for example, to assist
Business is encrypted and decrypted using which kind of enciphering and deciphering algorithm, or both sides' negotiations process cryptographic key protection transaction data
Deng.For example:The result of negotiation is that SOS and backstage are received single system and possess public key and private key, is pacified
Full operation system is encrypted using private key, and backstage is received single system and is decrypted using private key;And backstage receives single
System is encrypted using public key, and SOS is decrypted using private key.It should be noted that can
It is easy between SOS and backstage receipts single system with using algorithms for encryption and decryption of the prior art
Communicated by ciphertext, the embodiment of the present invention is not limited this.
Wherein, in one embodiment, in order to be further ensured that communication security, in the embodiment of the present invention, peace
Full operation system receives single system and sets up VPN (Virtual Private Network, VPN) with backstage.
So, SOS can send payment information to backstage and receive single system by VPN, and backstage is received
Result can also be returned to SOS by single system by VPN.
Wherein, in one embodiment, in order to be further ensured that the safety of payment information, ip intelligent peripherals module
ESE (embedded Secure Element, embedded security chip) can be included.So safety operation
System can be completed (such as to deposit the encryption and decryption of payment information in eSE by the eSE of intelligent terminal
Storage key, and encryption is completed according to key and is decrypted).Specifically, delivery operation system sends out payment information
ESE is given, SOS is sent to after being encrypted to payment information by eSE.Because eSE is one only
Vertical module simultaneously has resistance against physical attacking ability higher, can prevent attacker from being obtained by physical attacks mode
To key information, so, can further improve the security of payment information.
3), wherein, in one embodiment, in order to further reduce the equipment needed for paying, the present invention is real
Apply and can save accepting terminal in example, the information of smart card is read by intelligent terminal or cheap card reader
(such as account, holder name, or account, holder name and additional information, the additional information
E.g. card Expiration Date, transaction count etc.).Specifically, the preset peripheral module can also include
Card reading unit;The card reading unit includes nearly NFC (Near Field Communication, near radio
The communication technology) module or card reader;
The payment information of preset peripheral module input is so obtained in step 203, it may include following steps:
Step A1:The smart card information of paying party is obtained from smart card by card reading unit.
Step A2:The dealing money of input is received, and obtains the accounts information of beneficiary.
Wherein, the execution sequence of step A1 and step A2 is unrestricted.
Wherein, in one embodiment, the dealing money of input is received in step A2, is specifically can perform and be
The dealing money of input is obtained by the touch screen of intelligent terminal.
Wherein, in one embodiment, in step A2, the accounts information of beneficiary is obtained, can be specifically held
Behavior:The accounts information of the beneficiary of input is obtained by the touch screen of intelligent terminal;Can also in advance by gathering
The accounts information storage of side, then, in step A2, the accounts information of acquisition beneficiary specifically can perform and be:
The accounts information of the beneficiary that reading is prestored.
Wherein, the accounts information of beneficiary is, for example, smart card (such as gold of beneficiary in one embodiment
Melt IC-card (Integrated Circuit Card, integrated circuit card))).
4), wherein, in one embodiment, completing payment needs to obtain payment cipher, the embodiment of the present invention
In, if preset peripheral module at least includes the module for providing user input informational function for touch screen is (such as intelligent
Terminal is intelligent touch screen terminal), after being sent to after payment information is encrypted in step 203 according to encryption rule
Before platform receives single system, can also be comprised the following steps in the embodiment of the present invention:
Step B1:Random keyboard is generated and shown, and asks to be input into trading password.
Step B2:The trading password of input is received and sent to smart card authentication, and determination receives intelligence
Block the trading password for sending and be verified information;Or, trading password is sent to backstage and being received single system and being determined
The trading password for receiving backstage receipts single system transmission is verified information.
Wherein, it is that trading password is sent to smart card authentication or backstage receipts single system checking in step B2,
Can be determined according to prior art, the present invention is not limited this.
So, in the embodiment of the present invention, the keyboard for being input into payment cipher is random keyboard, such as schemed
Shown in 4 (a), for the first time during display random keyboard, character A is in the upper left corner of keyboard.Second display with
During switch disk as shown in Fig. 4 (b), character A is in the lower right corner of keyboard.In such manner, it is possible to avoid illegal use
Family goes out payment cipher according to position judgment.So as to further ensure the safety of payment information.
Wherein, in one embodiment for the safety for ensureing to conclude the business, preset peripheral module can also include referring to
Line identification module, so, without user input trading password, during trading password can be avoided to be input into
Leakage encrypted message, so as to transaction security can be further ensured that by fingerprint recognition.
5), wherein, in one embodiment, SOS receives backstage and receives the treatment that single system is returned
After result, can be shown by SOS control display screen.Can also by SOS will
After reason result is sent to open operation system, the unique of preset peripheral module is regained by open operation system
After control, shown in open operation system.
For example, being provided with payment application in open operation system, pay application and receive SOS hair
The result is shown after the result sent.If paid successfully, treatment can also be tied by paying application
Fruit is sent to printer printing, used as transaction voucher.Paying application can also store result, in order to
Inquire about in the future.
To sum up, it is SOS due to there are two systems one in the embodiment of the present invention, another
It is open operation system.During all of application can be only installed at open operation system in the prior art, and open
Operating system is unable to the data in access safety operating system.So, paid by safety in the embodiment of the present invention
Operating system is completed, and payment information is all processed by SOS and receives single system with backstage and interacted.Maliciously
Software can be only installed in open operation system, but its cannot access safety operating system, so cannot obtain
Payment information, also cannot just intercept and change transaction data, so, in the embodiment of the present invention, can improve
The security of user profile.
Additionally, in the embodiment of the present invention, intelligent terminal can all read intelligence by NFC or card reader
Card information, can save accepting terminal, so, the equipment cost for paying and disposing can be reduced to.
Additionally, in the embodiment of the present invention, by the identification authentication data of the encryption in startup information, Neng Goushi
Now to the certification of startup information, prevent disabled user from sending startup information, so can further ensure user
Information security.Improve the security for paying.
Additionally, in the embodiment of the present invention, it is defeated by random keyboard in order to user by generating random keyboard
Enter payment cipher, safety of payment can be further ensured that.
Embodiment two
For ease of further understanding method of payment provided in an embodiment of the present invention, opened using transmission with paying below
Dynamic information, SOS is received as a example by single system communication completion payment with backstage, and traveling one is entered to the method
Step explanation.As shown in figure 5, being the exemplary process diagram of the method, comprise the following steps:
Step 501:Payment in open operation system carries the identification authentication data of encryption using transmission
Startup information is to SOS.
Step 502:After SOS receives startup information, identification authentication data is decrypted,
And compare decryption after identification authentication data it is whether consistent with the identification authentication data for prestoring;If consistent, perform
Step 504;If inconsistent, step 503 is performed.
Step 503:SOS sends authentication failure message to application is paid.
Step 504:SOS obtains the exclusive control of the preset peripheral module of intelligent terminal.
Step 505:SOS is received single system foundation and is connected with backstage, and receives single system association with backstage
Business's encryption rule and decryption rule.
Step 506:SOS is believed by the smart card that NFC module obtains paying party from smart card
Breath, and the dealing money of input is received by touch-screen, and obtain the accounts information of beneficiary.
Step 507:SOS is generated and shows random keyboard, and asks to be input into trading password.
Step 508:SOS is received and sends the trading password of input to smart card authentication, and really
Surely when the trading password for receiving smart card transmission is verified information, payment information is added according to encryption rule
Backstage is sent to after close and receives single system;The payment information at least smart card information including paying party, transaction
The accounts information of the amount of money and beneficiary.
It should be noted that as described in embodiment one, if trading password is to need backstage to receive single system to verify
When, step 508 is that trading password is sent into backstage to receive single system checking here, and determination receives backstage
The trading password for receiving single system transmission is verified information.
Step 509:SOS receives backstage and receives the result that single system is returned;Wherein, process
Result is that the result after single system is decrypted and processed according to decryption rule to payment information is received on backstage.
Step 510:Result is sent to payment application by SOS, triggers open operation system
Obtain the exclusive control of the preset peripheral module of intelligent terminal.
Step 511:Pay and apply display processing result.
Step 512:Pay the treatment request that application receives print processing result.
Step 513:Pay application and result is sent to printer printing.
Wherein, as shown in fig. 6, the structural representation of the system to realize above-mentioned steps 601- steps 612.
Wherein, in one embodiment, as shown in fig. 7, can also be read using accepting terminal or card reader
Smart card information is taken, is connection accepting terminal or the structural representation of card reader in Fig. 7.It should be noted that
Accepting terminal or card reader are only connected during specific implementation.
Wherein, in one embodiment, can be applied by paying by bluetooth or other wireless communication technologys
Result is sent to printer printing.
To sum up, it is SOS due to there are two systems one in the embodiment of the present invention, another
It is open operation system.During all of application can be only installed at open operation system in the prior art, and open
Operating system is unable to the data in access safety operating system.So, paid by safety in the embodiment of the present invention
Operating system is completed, and payment information is all processed by SOS and receives single system with backstage and interacted.Maliciously
Software can be only installed in open operation system, but its cannot access safety operating system, so cannot obtain
Payment information, also cannot just intercept and change transaction data, so, in the embodiment of the present invention, can improve
The security of user profile.
Embodiment three
Based on identical inventive concept, the present invention also provides a kind of SOS, as shown in figure 8, bag
Include:
Start message processing module 801, for after the startup information for receiving the transmission of open operation system, obtaining
The exclusive control of the preset peripheral module of intelligent apparatus;Wherein, intelligent apparatus include SOS
With open operation system;Open operation system is used to install various applications;SOS has not to be allowed
The function of the data in any application access safety operating system in open operation system;Preset peripheral module
At least include providing the module of user input informational function;And,
Link block 802, is connected for receiving single system foundation with backstage, and consults to add with backstage receipts single system
Close rule and decryption rule;
Payment information processing module 803, the payment information for obtaining preset peripheral module input, and according to
Encryption rule is sent to backstage and receives single system after payment information is encrypted;The payment information at least includes payment
The accounts information of the smart card information of side, dealing money and beneficiary;
Result receiver module 804, the result that single system is returned is received for receiving backstage;Wherein,
Result is that the result after single system is decrypted and processed according to decryption rule to payment information is received on backstage.
Wherein, in one embodiment, the link block 802, specifically for receiving monosystem construction in a systematic way with backstage
Vertical virtual private network.
Wherein, in one embodiment, the preset peripheral module also includes card reading unit;The Card Reader list
Unit includes the short distance wireless communication technology NFC module or card reader;
The payment information processing module 803, specifically includes:
Smart card information acquiring unit, the smart card for obtaining paying party from smart card by card reading unit
Information;And,
Other acquiring units, for receiving the dealing money of input, and obtain the accounts information of beneficiary.
Wherein, in one embodiment, the startup information includes the identification authentication data of encryption;It is described
SOS also includes:
Authentication module, for the preset peripheral module for starting message processing module acquisition intelligent apparatus only
Before one control, identification authentication data is decrypted, and compare decryption after identification authentication data with it is pre-
Whether the identification authentication data deposited is consistent;
First performing module, if identification authentication data and the identification authentication data one for prestoring after for decrypting
Cause, then triggering performs the preset peripheral module for starting message processing module execution acquisition intelligent apparatus only
The step of one control;
Second performing module, if differing with the identification authentication data for prestoring for the identification authentication data after decrypting
Cause, then send authentication failure message to open operation system.
Wherein, in one embodiment, if preset peripheral module at least includes providing user input informational function
Module be touch screen, the SOS also includes:
Random keyboard generation module, for the payment information processing module according to encryption rule by payment information
Before backstage receipts single system is sent to after encryption, random keyboard is generated and shown, and ask to be input into trading password;
Confirm module, for receiving and send the trading password of input and received to smart card authentication, and determination
The trading password that smart card sends is verified information;Or, trading password is sent to backstage receiving single system simultaneously
It is determined that the trading password for receiving backstage receipts single system transmission is verified information.
To sum up, it is SOS due to there are two systems one in the embodiment of the present invention, another
It is open operation system.During all of application can be only installed at open operation system in the prior art, and open
Operating system is unable to the data in access safety operating system.So, paid by safety in the embodiment of the present invention
Operating system is completed, and payment information is all processed by SOS and receives single system with backstage and interacted.Maliciously
Software can be only installed in open operation system, but its cannot access safety operating system, so cannot obtain
Payment information, also cannot just intercept and change transaction data, so, in the embodiment of the present invention, can improve
The security of user profile.
On the SOS in above-described embodiment, wherein modules have performed the concrete mode for operating
It has been described in detail through in the embodiment about the method, explanation will be not set forth in detail herein.
It should be understood by those skilled in the art that, embodiments of the invention can be provided as method, device, system,
Or computer program product.Therefore, the present invention can using complete hardware embodiment, complete software embodiment,
Or the form of the embodiment in terms of combination software and hardware.And, the present invention can use at one or more it
In include computer-usable storage medium (the including but not limited to disk storage of computer usable program code
Device, CD-ROM, optical memory etc.) on implement computer program product form.
The present invention is with reference to method according to embodiments of the present invention, device (device) and computer program product
Flow chart and/or block diagram describe.It should be understood that can by computer program instructions realize flow chart and/or
Flow in each flow and/or square frame and flow chart and/or block diagram and/or square frame in block diagram
With reference to.These computer program instructions to all-purpose computer, special-purpose computer, Embedded Processor can be provided
Or the processor of other programmable data processing units is producing a machine so that by computer or other
The instruction of the computing device of programmable data processing unit produce for realizing in one flow of flow chart or
The device of the function of being specified in one square frame of multiple flows and/or block diagram or multiple square frames.
These computer program instructions may be alternatively stored in can guide computer or other programmable datas treatment dress
In putting the computer-readable memory for working in a specific way so that storage is in the computer-readable memory
Instruction produce include the manufacture of command device, the command device realization in one flow of flow chart or multiple
The function of being specified in one square frame of flow and/or block diagram or multiple square frames.
These computer program instructions can be also loaded into computer or other programmable data processing units, made
Obtain and perform on the computer or other programmable apparatus series of operation steps to produce computer implemented place
Reason, so that the instruction for performing on the computer or other programmable apparatus is provided for realizing in flow chart one
The step of function of being specified in flow or multiple one square frame of flow and/or block diagram or multiple square frames.
, but those skilled in the art once know base although preferred embodiments of the present invention have been described
This creative concept, then can make other change and modification to these embodiments.So, appended right will
Ask and be intended to be construed to include preferred embodiment and fall into having altered and changing for the scope of the invention.
Obviously, those skilled in the art can carry out various changes and modification without deviating from this hair to the present invention
Bright spirit and scope.So, if it is of the invention these modification and modification belong to the claims in the present invention and
Within the scope of its equivalent technologies, then the present invention is also intended to comprising these changes and modification.
Claims (10)
1. a kind of method of payment, it is characterised in that including:
After SOS receives the startup information that open operation system sends, the preset of intelligent terminal is obtained
The exclusive control of peripheral module;Wherein, intelligent terminal includes SOS and open operation system;
Open operation system is used to install various applications;During SOS has and does not allow open operation system
The function of the data in any application access safety operating system;Preset peripheral module at least includes providing user
It is input into the module of informational function;And,
Single system foundation is received with backstage to be connected, and receive single system with backstage consult encryption rule and decryption rule;
The payment information of preset peripheral module input is obtained, and is sent out after payment information is encrypted according to encryption rule
Give backstage and receive single system;The payment information at least including paying party smart card information, dealing money with
And the accounts information of beneficiary;
Receive backstage and receive the result that single system is returned;Wherein, result be backstage receive single system according to
Decrypt the result after rule is decrypted and processed to payment information.
2. method according to claim 1, it is characterised in that described to receive single system with backstage and set up
Connection, specifically includes:
Single system is received with backstage set up virtual private network.
3. method according to claim 1, it is characterised in that the preset peripheral module also includes
Card reading unit;The card reading unit includes the short distance wireless communication technology NFC module or card reader;
The payment information for obtaining preset peripheral module input, specifically includes:
The smart card information of paying party is obtained from smart card by card reading unit;And,
The dealing money of input is received, and obtains the accounts information of beneficiary.
4. method according to claim 1, it is characterised in that the startup information includes encryption
Identification authentication data;
Before the exclusive control of the preset peripheral module for obtaining intelligent terminal, methods described also includes:
Identification authentication data is decrypted, and the identification authentication data compared after decryption is recognized with the identity for prestoring
Whether card data are consistent;
If consistent, the step of perform the exclusive control of the preset peripheral module for obtaining intelligent terminal;
If inconsistent, authentication failure message is sent to open operation system.
5. method according to claim 1, it is characterised in that if preset peripheral module at least includes
There is provided user input informational function module be touch screen, it is described payment information is encrypted according to encryption rule after send out
Before giving backstage receipts single system, methods described also includes:
Random keyboard is generated and shown, and asks to be input into trading password;
The trading password of input is received and sent to smart card authentication, and determines to receive the friendship of smart card transmission
Easy password authentification passes through information;Or, trading password is sent to backstage and being received single system and being determined to receive backstage
The trading password for receiving single system transmission is verified information.
6. a kind of SOS, it is characterised in that including:
Start message processing module, for after the startup information for receiving the transmission of open operation system, obtaining intelligence
The exclusive control of the preset peripheral module of device;Wherein, intelligent apparatus include SOS and open
Put operating system;Open operation system is used to install various applications;SOS has not to be allowed to open
The function of the data in any application access safety operating system in operating system;Preset peripheral module is at least
Module including providing user input informational function;And,
Link block, is connected for receiving single system foundation with backstage, and receives single system negotiation encryption rule with backstage
Then with decryption rule;
Payment information processing module, the payment information for obtaining preset peripheral module input, and according to encryption
Rule is sent to backstage and receives single system after payment information is encrypted;The payment information at least includes paying party
The accounts information of smart card information, dealing money and beneficiary;
Result receiver module, the result that single system is returned is received for receiving backstage;Wherein, process
Result is that the result after single system is decrypted and processed according to decryption rule to payment information is received on backstage.
7. SOS according to claim 6, it is characterised in that the link block,
Virtual private network is set up specifically for receiving single system with backstage.
8. SOS according to claim 6, it is characterised in that the preset peripheral hardware mould
Block also includes card reading unit;The card reading unit includes the short distance wireless communication technology NFC module or Card Reader
Device;
The payment information processing module, specifically includes:
Smart card information acquiring unit, the smart card for obtaining paying party from smart card by card reading unit
Information;And,
Other acquiring units, for receiving the dealing money of input, and obtain the accounts information of beneficiary.
9. SOS according to claim 6, it is characterised in that in the startup information
Including the identification authentication data encrypted;The SOS also includes:
Authentication module, for the preset peripheral module for starting message processing module acquisition intelligent apparatus only
Before one control, identification authentication data is decrypted, and compare decryption after identification authentication data with it is pre-
Whether the identification authentication data deposited is consistent;
First performing module, if identification authentication data and the identification authentication data one for prestoring after for decrypting
Cause, then triggering performs the preset peripheral module for starting message processing module execution acquisition intelligent apparatus only
The step of one control;
Second performing module, if differing with the identification authentication data for prestoring for the identification authentication data after decrypting
Cause, then send authentication failure message to open operation system.
10. SOS according to claim 6, it is characterised in that if preset peripheral module
The module at least including providing user input informational function is touch screen, and the SOS also includes:
Random keyboard generation module, for the payment information processing module according to encryption rule by payment information
Before backstage receipts single system is sent to after encryption, random keyboard is generated and shown, and ask to be input into trading password;
Confirm module, for receiving and send the trading password of input and received to smart card authentication, and determination
The trading password that smart card sends is verified information;Or, trading password is sent to backstage receiving single system simultaneously
It is determined that the trading password for receiving backstage receipts single system transmission is verified information.
Priority Applications (1)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
CN201510997423.XA CN106920091A (en) | 2015-12-25 | 2015-12-25 | A kind of method of payment and SOS |
Applications Claiming Priority (1)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
CN201510997423.XA CN106920091A (en) | 2015-12-25 | 2015-12-25 | A kind of method of payment and SOS |
Publications (1)
Publication Number | Publication Date |
---|---|
CN106920091A true CN106920091A (en) | 2017-07-04 |
Family
ID=59455652
Family Applications (1)
Application Number | Title | Priority Date | Filing Date |
---|---|---|---|
CN201510997423.XA Pending CN106920091A (en) | 2015-12-25 | 2015-12-25 | A kind of method of payment and SOS |
Country Status (1)
Country | Link |
---|---|
CN (1) | CN106920091A (en) |
Cited By (2)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN108401494A (en) * | 2018-02-27 | 2018-08-14 | 福建联迪商用设备有限公司 | A kind of method and system of transmission data |
WO2022073336A1 (en) * | 2020-10-09 | 2022-04-14 | 平安科技(深圳)有限公司 | Secure payment method and apparatus, electronic device, and storage medium |
Citations (5)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN202150070U (en) * | 2010-12-14 | 2012-02-22 | 深圳市中成汇实业有限公司 | Personal on-line transaction terminal |
US20130311382A1 (en) * | 2012-05-21 | 2013-11-21 | Klaus S. Fosmark | Obtaining information for a payment transaction |
CN103699989A (en) * | 2013-12-27 | 2014-04-02 | 福建联迪商用设备有限公司 | Payment platform and payment method on basis of intelligent equipment |
CN104143065A (en) * | 2014-08-28 | 2014-11-12 | 北京握奇智能科技有限公司 | Safety intelligent terminal equipment and information processing method |
CN105184567A (en) * | 2015-08-26 | 2015-12-23 | 宇龙计算机通信科技(深圳)有限公司 | Information processing method, processing device and mobile terminal |
-
2015
- 2015-12-25 CN CN201510997423.XA patent/CN106920091A/en active Pending
Patent Citations (5)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN202150070U (en) * | 2010-12-14 | 2012-02-22 | 深圳市中成汇实业有限公司 | Personal on-line transaction terminal |
US20130311382A1 (en) * | 2012-05-21 | 2013-11-21 | Klaus S. Fosmark | Obtaining information for a payment transaction |
CN103699989A (en) * | 2013-12-27 | 2014-04-02 | 福建联迪商用设备有限公司 | Payment platform and payment method on basis of intelligent equipment |
CN104143065A (en) * | 2014-08-28 | 2014-11-12 | 北京握奇智能科技有限公司 | Safety intelligent terminal equipment and information processing method |
CN105184567A (en) * | 2015-08-26 | 2015-12-23 | 宇龙计算机通信科技(深圳)有限公司 | Information processing method, processing device and mobile terminal |
Cited By (4)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN108401494A (en) * | 2018-02-27 | 2018-08-14 | 福建联迪商用设备有限公司 | A kind of method and system of transmission data |
WO2019165571A1 (en) * | 2018-02-27 | 2019-09-06 | 福建联迪商用设备有限公司 | Method and system for transmitting data |
CN108401494B (en) * | 2018-02-27 | 2020-10-30 | 福建联迪商用设备有限公司 | Method and system for transmitting data |
WO2022073336A1 (en) * | 2020-10-09 | 2022-04-14 | 平安科技(深圳)有限公司 | Secure payment method and apparatus, electronic device, and storage medium |
Similar Documents
Publication | Publication Date | Title |
---|---|---|
KR101759193B1 (en) | Network authentication method for secure electronic transactions | |
CA2972895C (en) | Security for mobile payment applications | |
US20170364911A1 (en) | Systems and method for enabling secure transaction | |
US8996867B2 (en) | Method and device for end-user verification of an electronic transaction | |
US20110103586A1 (en) | System, Method and Device To Authenticate Relationships By Electronic Means | |
EP3401866A1 (en) | System and method for secure transaction process via mobile device | |
US20120078735A1 (en) | Secure account provisioning | |
US20140214688A1 (en) | System and method for secure transaction process via mobile device | |
CN101221641B (en) | On-line trading method and its safety affirmation equipment | |
CN105308898B (en) | For executing system, the method and apparatus of password authentification | |
US20130246268A1 (en) | Method and system for dedicated secure processors for handling secure processing in a handheld communication device | |
US11636276B2 (en) | Augmented reality information display and interaction via NFC based authentication | |
CN105631655A (en) | HCE-based mobile payment method, device and mobile terminal | |
CN105825149A (en) | Switching method for multi-operation system and terminal equipment | |
CN105635164B (en) | The method and apparatus of safety certification | |
CN110100411B (en) | Cryptographic system management | |
CN102665208B (en) | Mobile terminal, terminal banking safety certifying method and system | |
CN106920091A (en) | A kind of method of payment and SOS | |
CN107563209A (en) | Touch-screen PIN input methods and device based on Android | |
CN108924822B (en) | Card-contained secure communication method based on trusted environment and mobile terminal | |
CN102184354A (en) | Method for preventing data from being falsified and hijacked in online payment | |
CN103854172B (en) | A kind of data safe processing terminal and system based on IC-card | |
KR101009913B1 (en) | Method for providing online payment service, payment module and payment approval server | |
US20230028625A1 (en) | Method and system for operating a mobile point-of-sales application | |
Van Damme et al. | A PKI-based mobile banking demonstrator |
Legal Events
Date | Code | Title | Description |
---|---|---|---|
PB01 | Publication | ||
PB01 | Publication | ||
SE01 | Entry into force of request for substantive examination | ||
SE01 | Entry into force of request for substantive examination | ||
RJ01 | Rejection of invention patent application after publication | ||
RJ01 | Rejection of invention patent application after publication |
Application publication date: 20170704 |