Detailed Description
The credit card security code is a series of numbers printed in the signature area of the credit card, which is generated by the card number, the validity period and the service constraint code through the coding rule and the encryption algorithm of the card issuing institution, and is generally 3 or 4 bits, and is used for checking the identity of the user during off-site transaction. The credit Card security Code is called differently by different Card issuers, for example, the VISA Card security Code is called CVV2(Card Verification Value 2) and the MasterCard security Code is called CVC2(Card Verification Code 2), but the essential roles are the same.
The credit card security code is applied internationally and widely, banks in China also start to support the service at present, a credit card user can complete payment by using a telephone or a network only by virtue of the security code, so that the security code is also regarded as a 'second payment password' of the credit card and belongs to privacy information of the user, and a third-party payment platform does not require the user to provide the credit card security code when binding the credit card and does not store the credit card security code. If a situation is encountered that requires the use of a credit card security code, the stored credit card binding information is invalidated, and existing solutions are to direct the user to complete payment using other funding accounts, such as a bound debit card, or to direct the user to use the credit card in a new (unbound) card fashion.
In order to solve the above problems, the present application provides the following technical solutions:
after receiving a payment request based on a bound credit card, the third-party payment platform firstly judges whether the payment needs to provide a credit card security code, if so, prompts a user to supplement and input the security code, and then reconstructs the payment request to send to a bank side by utilizing the security code which is supplemented and input by the user and the stored credit card binding information. The mode can ensure that the bound credit card is continuously used to finish payment under the condition of not manually inputting other credit card basic information, thereby improving the operation convenience and the input success rate of a user. For the third-party payment platform, the payment failure rate can be effectively reduced, and unnecessary consumption of system resources is reduced.
In order to make those skilled in the art better understand the technical solutions in the present application, the technical solutions in the embodiments of the present application will be described in detail below with reference to the drawings in the embodiments of the present application, and it is obvious that the described embodiments are only a part of the embodiments of the present application, and not all embodiments. All other embodiments that can be derived from the embodiments given herein by a person of ordinary skill in the art are intended to be within the scope of the present disclosure.
In a process involving third party payments, the parties involved include payers, third party payment platforms, banks, and payees. The scheme of the application is realized based on a third-party payment platform, and the third-party payment platform has the following effects in the payment process: and further initiating a payment request to the bank to which the bank card is bound according to the payment request initiated by the payer, and requesting the bank to transfer the payment fee from the payer account to the payee account. Referring to fig. 1, in the present embodiment, the interaction subject actually involved by the third party payment platform 20 includes a payer user side device 10 and a bank side device 30, where the user side device may be a PC, a mobile phone, a tablet computer, etc., and the third party payment platform 20 and the bank side device 30 are generally in the form of a server, and the devices may be communicatively connected through various forms of networks. For convenience of description, the schemes will be explained with "user side" and "bank side" respectively in the following of the present application.
Fig. 2 is a flowchart of a credit card payment request processing method provided in the present application, which may include the following steps:
s101, receiving a payment request of a user side;
when a payer user needs to pay for the payment to a payee, the payer user logs in a third-party payment platform through a browser or a special client application on personal equipment, selects a bank card bound on the platform and confirms the payment, and then the user equipment sends a payment request to the third-party payment platform, wherein the payment request at least carries payment expense information and payee information besides a user identifier and a bound bank card identifier.
S102, judging whether the payment needs to use the credit card security code or not; if yes, executing S103, otherwise, switching to the existing normal payment processing flow.
The scheme is only provided for a scene that a user uses a bound credit card to pay, after a third-party payment platform receives a payment request of the user side, whether the payment request is based on the bound credit card is judged firstly, if yes, whether the payment needs to use a credit card security code is further judged, and if not, the payment is transferred to a processing flow of other payment channels.
Regarding how to judge whether the payment needs to use the credit card security code, the application provides the following two schemes:
scheme 1, according to the feedback message judgment of the bank side:
step a) reconstituting the payment request;
the third party payment platform firstly acquires the binding information of the credit card according to the credit card identification appointed in the payment request, and then reconstructs the payment request sent by the user side according to the acquired binding information.
In the reconstruction process, besides the payment expense information and the payee information carried in the original payment request, the binding information such as a credit card number, a user name, a user identity card number, a user mobile phone number, a credit card validity period and the like is further added in the payment request. It should be noted that the specific information provided by different banks may be different when actually paying. However, except for the credit card security code, the third party payment platform may store general necessary information required for payment, and the specific content of the binding information added when the payment request is reconstructed is not limited in the present application.
Step b) sending the payment request obtained by reconstruction to a bank side;
and c) judging whether the payment needs to use the credit card security code according to the feedback message of the bank side.
Firstly, the reconstructed payment request contains general necessary information required by payment, so that the payment is possible to succeed at one time, and in this case, the payment processing is actually completed, and the third-party payment platform can directly feed back the payment success information to the user.
If the payment fails, the third party payment platform needs to further determine the reason for the failure of the payment. Specifically, after the payment fails, the bank side further provides an error code when feeding back the payment failure message to the third-party payment platform, and the third-party payment platform can judge the failure reason according to the error code and make corresponding processing according to the failure reason:
if the payment is failed due to the lack of the credit card security code, determining that the credit card security code needs to be used for the payment, and continuing to execute the subsequent failure processing flow of the scheme of the application;
if the payment fails due to other reasons (e.g., account balance is insufficient, account is frozen, etc.), a normal failure processing flow is performed according to the prior art scheme.
There is also a special case that may occur here: the failure reason includes "lack of a credit card security code" and other reasons, and at this time, it may be determined whether to continue executing the failure processing flow of the present application scheme according to a specific situation, or to execute the failure processing flows corresponding to different reasons according to a certain priority order, or to execute the failure processing flow of the present application scheme and the failure processing flows corresponding to other reasons at the same time. For example, one useful processing scheme is: the severity levels of various reasons are determined, and then the failure processing flow corresponding to the more severe reason is preferentially executed according to the severity of the failure reason. Of course, the business logic in practical application may be more complex, the scheme provided in this embodiment is only for illustrative purpose, and those skilled in the art can flexibly make a specific processing scheme according to the actual business requirement.
Scheme 2, local autonomous judgment:
in the actual service processing process, whether the payment needs the credit card security code is not a random event, but is determined according to some objectively existing rules, and if the rules can be modeled and stored in a third-party payment platform, the third-party payment platform can directly and locally judge whether the payment needs to use the credit card security code according to the specific situation of the request after receiving the payment request based on the bound credit card.
Currently, whether a credit card security code is required for a payment depends mainly on different policies of each bank, and a third-party payment platform as a bank contractor can completely collect the contents of the policies and further model the contents of the policies to form a series of characteristics of the usage scenario of the credit card security code, such as:
bank a, in any case, needs to provide a credit card security code;
bank B, when the payment amount is greater than or equal to 200 RMB, the security code of the credit card is required to be provided;
bank C, need to provide the security code of credit card while using the foreign currency to settle accounts;
……
of course, the above rules are for illustrative purposes only, the specific bank policy content may be more complex, and there may be other than banking aspects that may affect "whether or not payment requires a credit card security code," but it is understood that: if the rule is determined, a corresponding rule model can be established.
The third-party payment platform establishes a corresponding rule model according to various bank policies, extracts related payment information such as a bank to which the credit card belongs, a payment amount, a payment currency and the like from the payment request after receiving the payment request based on the credit card, then judges whether the information is matched with the use scene characteristics of the pre-stored credit card security code, and if the information is matched, determines that the payment needs to use the credit card security code.
S103, generating prompt information to prompt a user to input the security code of the credit card;
after determining that the payment needs to use the credit card security code, the third party payment platform needs to inform the user in some way: this payment requires the provision of a credit card security code. Specifically, the third party payment platform may construct a credit card security code entry interface, which is presented on the user device in the form of a web page or client page to prompt the user to additionally enter a credit card security code. The user is not required to refill other information already provided at the time of binding, such as name, identification number, etc., in the interface. Of course, in order to improve the security, the user may be further required to input some necessary authentication information, such as a page random verification code, a short message verification code, and the like, in the interface. In addition, the third party payment platform can prompt the user to input the credit card security code through instant messaging messages, short messages and the like, and the application does not need to be limited to the above.
S104, acquiring a security code input by a user according to the prompt message;
and after the user supplementarily inputs the security code according to the prompt of the third-party payment platform, the third-party payment platform obtains the security code and continues to execute subsequent operations.
S105, reconstructing a payment request of a user side by using the obtained security code and the binding information of the credit card to obtain the payment request carrying the security code information;
and the third party payment platform reconstructs the payment request sent by the user side according to the security code additionally input by the user and the binding information of the credit card.
In the reconstruction process, besides the payment expense information and the payee information carried in the original payment request, a security code, a credit card number, binding information such as a user name, a user identity card number, a user mobile phone number, a credit card validity period and the like are further added in the payment request. When in actual payment, specific information required to be provided by different banks can be different, and besides the credit card security code, the application does not need to limit the specific content of the binding information added when the payment request is reconstructed.
It should be noted that the restructuring payment request in S102 scenario 1 is not necessarily related to the restructuring payment request in this step, and the difference between the two is also obvious:
the former only uses 'binding information' to reconstruct, and the reconstruction result does not carry a security code;
the latter utilizes the binding information and the safety code to reconstruct, and the reconstruction result carries the safety code.
And S106, sending the payment request carrying the security code information to a bank side.
After the third-party payment platform sends the payment request carrying the security code information to the bank side, if no other problems exist, the payment is directly successful, and the third-party payment platform can directly feed back the successful payment information to the user. Of course, there is also the possibility of payment failure due to other non-credit card security codes, which are not relevant to the present solution and therefore will not be further described.
In the above embodiment, two schemes, "judge according to the feedback message of the bank side" and "locally and autonomously judge" are provided for "how to judge whether the payment needs to use the credit card security code", where the first scheme does not need the support of local data, so that the implementation threshold is relatively low, and the accuracy of judgment can be ensured due to real-time judgment, but the disadvantage is that at least one time of interaction between the third-party payment platform and the bank side needs to be added. The second scheme has the advantages that the judgment is completely realized locally on the third-party payment platform, but sufficient local data is required to be accumulated, and objective factors such as incomplete data collection or untimely updating can cause that the situation that the security code is actually required to be used is mistakenly judged as that the security code is not required to be used, so that the conventional normal payment processing flow is carried out, and the problems in the background art can not be avoided.
Aiming at the advantages and disadvantages of the two schemes, the application also provides an improved judgment scheme: firstly, the judgment is carried out by using a local mode, and if the judgment shows that the credit card security code is not needed, the judgment is further carried out by using a bank side feedback mode. The flow chart of the method can be seen in fig. 3, and the specific steps are as follows:
s102a, according to the payment information corresponding to the payment request of the user side, judging whether the payment is matched with the use scene characteristics of the pre-stored credit card security code, if so, turning to S102b, and if not, turning to S102 c;
and S102b, determining that the payment needs to use the credit card security code.
S102c, reconstructing the payment request of the user side by using the binding information of the credit card, and sending the reconstructed payment request to the bank side;
s102d, if the payment fails and the reason of the failure of the payment is judged to include the lack of the security code according to the error code fed back by the bank side, the step goes to S102b, otherwise, the step goes to S102 e;
s102e, determining that the payment does not need to use the credit card security code, which may be successful in the specific case, or failure in the payment due to other reasons, and is not related to the scheme of the present application and will not be further described here.
The specific implementation of the above steps S102a-S102e can refer to the description of relevant parts in S102, and the description in this embodiment is not repeated. By applying the judging method, the initial judgment is firstly carried out by using a local mode, and the condition of 'needing to use the safety code' of the payment can be screened out according to the scene characteristic matching of 'needing to use the safety code' stored in the local data. However, the local data may be gathered incompletely or updated in time, so that the payment request which cannot be matched with the characteristics is not directly determined not to use the security code, and the payment request is switched to a bank side feedback mode for further judgment. The benefits of doing so include at least the following:
firstly, the third-party payment platform can further interact with the bank side only under the condition that the fact that the credit card security code is needed for the payment cannot be determined according to local data, and interaction overhead can be effectively saved;
secondly, after the local judgment of the third party payment platform, a part of the payment requests of "needing security codes" are actually screened out, so that the success rate of the payment requests sent in S102c is correspondingly improved.
Finally, the local judgment can only determine the 'required security code' and can not determine the 'not required security code', thereby avoiding the situation that the security code is actually required to be used is mistakenly judged as not required to be used. Although the "no-use security code" may still be mistakenly judged as the "no-use security code" due to reasons such as untimely local data update, the user is additionally required to input the security code once in the following process, which is far lower in cost than various problems caused by the fact that the "no-use security code" is mistakenly judged as the "no-use security code" and then the existing normal payment processing flow is switched to.
After the step S102d determines that the security code needs to be used for the payment according to the error code fed back by the bank side, it may further record related information of the payment, where the record does not refer to a payment processing log record in the conventional sense, but it is desirable to use the information to improve the credit card security code usage scenario characteristic data local to the third party payment platform. This is because how to proceed to branch S102d according to the solution of the embodiment shows that the third party payment platform local data is not enough to identify the current payment requirement, and the result of real-time interaction with the bank side can just supplement or update the above deficiency. For example: the user hopes to pay the RMB 100 yuan by using the credit card of the bank D, and the third-party payment platform does not locally store the use scene characteristics of the credit card security code of the bank D, so that the user cannot determine the use of the security code locally, and further knows that the user needs to use the security code when the bank D uses the credit card to pay any amount of money by means of interaction with the bank side, and then can generate new use scene characteristics of the credit card security code according to the rule and add the new use scene characteristics into locally stored data. Even if the bank side does not feed back specific rules, the recorded content can remind the maintenance personnel to: the third-party payment platform local data are not enough to identify the current payment requirement, so that maintenance personnel can timely adopt other means to update the local data, and the local data can be continuously improved.
Corresponding to the above method embodiment, the present application further provides a credit card payment request processing apparatus applied to a third party payment platform, and as shown in fig. 4, the apparatus may include:
a payment request receiving module 210, configured to receive a payment request from a user side;
the judging module 220 is configured to, in a case that the payment request is a payment request based on a bound credit card, judge whether the current payment requires a credit card security code;
the prompting module 230 is configured to generate a prompting message to prompt a user to input a security code of a credit card when it is determined that the payment requires the use of the security code of the credit card;
a security code obtaining module 240, configured to obtain a security code input by a user according to the prompt information;
a payment request reconstruction module 250, configured to reconstruct the payment request of the user side by using the obtained security code and the binding information of the credit card, so as to obtain a payment request carrying security code information;
and the payment request sending module 260 is configured to send the payment request carrying the security code information to a bank side.
In a first apparatus embodiment of the present application, the determining module 220 may be specifically configured to:
reconstructing a payment request of a user side by using the binding information of the credit card; sending the payment request obtained by reconstruction to a bank side; if the payment fails, whether the reason for the payment failure comprises the lack of the security code is judged according to the error code fed back by the bank side, and if the reason for the payment failure comprises the lack of the security code, the fact that the credit card security code needs to be used for the payment is determined.
In a second apparatus embodiment of the present application, the determining module 220 may be specifically configured to:
and judging whether the payment is matched with the use scene characteristics of the pre-stored credit card security code according to the payment information corresponding to the payment request of the user side, and if so, determining that the payment needs to use the credit card security code.
In a third apparatus embodiment of the present application, the determining module 220 may be specifically configured to:
firstly, according to payment information corresponding to a payment request of a user side, judging whether the payment is matched with the use scene characteristics of a pre-stored credit card security code, and if the payment is matched with the use scene characteristics of the pre-stored credit card security code, determining that the payment needs to use the credit card security code.
Under the condition that the judgment result is unmatched, reconstructing the payment request of the user side by using the binding information of the credit card; sending the payment request obtained by reconstruction to a bank side; if the payment fails, whether the reason for the payment failure comprises the lack of the security code is judged according to the error code fed back by the bank side, and if the reason for the payment failure comprises the lack of the security code, the fact that the credit card security code needs to be used for the payment is determined.
As shown in fig. 4, according to a third embodiment of the present application, the apparatus may further include:
and the recording module 270 is configured to record the payment after the determining module 220 determines that the payment needs to use the credit card security code according to the error code fed back by the bank side, where the recorded content is used to generate a usage scenario characteristic of the credit card security code.
The implementation process of the functions and actions of each module in the above device is specifically described in the implementation process of the corresponding step in the above method, and is not described herein again.
From the above description of the embodiments, it is clear to those skilled in the art that the present application can be implemented by software plus necessary general hardware platform. Based on such understanding, the technical solutions of the present application may be essentially or partially implemented in the form of a software product, which may be stored in a storage medium, such as a ROM/RAM, a magnetic disk, an optical disk, etc., and includes several instructions for enabling a computer device (which may be a personal computer, a server, or a network device, etc.) to execute the method according to the embodiments or some parts of the embodiments of the present application.
The embodiments in the present specification are described in a progressive manner, and the same and similar parts among the embodiments are referred to each other, and each embodiment focuses on the differences from the other embodiments. In particular, for the apparatus embodiment, since it is substantially similar to the method embodiment, it is relatively simple to describe, and reference may be made to some descriptions of the method embodiment for relevant points. The above-described apparatus embodiments are merely illustrative, and the modules described as separate components may or may not be physically separate, and the functions of the modules may be implemented in one or more software and/or hardware when implementing the solution of the present application. And part or all of the modules can be selected according to actual needs to achieve the purpose of the scheme of the embodiment. One of ordinary skill in the art can understand and implement it without inventive effort.
The foregoing is directed to embodiments of the present application and it is noted that numerous modifications and adaptations may be made by those skilled in the art without departing from the principles of the present application and are intended to be within the scope of the present application.