CN111539732A - Biological identification payment method, device, gateway equipment and storage medium - Google Patents

Biological identification payment method, device, gateway equipment and storage medium Download PDF

Info

Publication number
CN111539732A
CN111539732A CN202010259375.5A CN202010259375A CN111539732A CN 111539732 A CN111539732 A CN 111539732A CN 202010259375 A CN202010259375 A CN 202010259375A CN 111539732 A CN111539732 A CN 111539732A
Authority
CN
China
Prior art keywords
biometric
payment
group
token
identification
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Granted
Application number
CN202010259375.5A
Other languages
Chinese (zh)
Other versions
CN111539732B (en
Inventor
周明
陈旭
沈鑫
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
China Unionpay Co Ltd
Original Assignee
China Unionpay Co Ltd
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by China Unionpay Co Ltd filed Critical China Unionpay Co Ltd
Priority to CN202010259375.5A priority Critical patent/CN111539732B/en
Publication of CN111539732A publication Critical patent/CN111539732A/en
Priority to PCT/CN2021/075657 priority patent/WO2021196892A1/en
Application granted granted Critical
Publication of CN111539732B publication Critical patent/CN111539732B/en
Active legal-status Critical Current
Anticipated expiration legal-status Critical

Links

Images

Classifications

    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06QINFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES, NOT OTHERWISE PROVIDED FOR
    • G06Q20/00Payment architectures, schemes or protocols
    • G06Q20/38Payment protocols; Details thereof
    • G06Q20/40Authorisation, e.g. identification of payer or payee, verification of customer or shop credentials; Review and approval of payers, e.g. check credit lines or negative lists
    • G06Q20/401Transaction verification
    • G06Q20/4014Identity check for transactions
    • G06Q20/40145Biometric identity checks
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L49/00Packet switching elements
    • H04L49/35Switches specially adapted for specific applications

Landscapes

  • Business, Economics & Management (AREA)
  • Engineering & Computer Science (AREA)
  • Accounting & Taxation (AREA)
  • Finance (AREA)
  • Computer Security & Cryptography (AREA)
  • Signal Processing (AREA)
  • Computer Networks & Wireless Communication (AREA)
  • Strategic Management (AREA)
  • Physics & Mathematics (AREA)
  • General Business, Economics & Management (AREA)
  • General Physics & Mathematics (AREA)
  • Theoretical Computer Science (AREA)
  • Financial Or Insurance-Related Operations Such As Payment And Settlement (AREA)

Abstract

The application provides a biometric identification payment method, a biometric identification payment device, gateway equipment and a storage medium, and relates to the field of data processing. The biometric payment method comprises the following steps: receiving a biometric routing payment request message, wherein the biometric routing payment request message comprises a first biometric payment group token and first biometric characteristic data, and the first biometric payment group token is used for representing that an initiating user of the biometric routing payment request message has the authority of biometric payment in a first group; determining a first group according to the first biometric payment group token, and performing biometric identification by using the first biometric data and a biometric database corresponding to the first group to obtain a biometric identification result; and sending the biological identification result to the payment device so that the payment device initiates a payment process according to the biological identification result. By the technical scheme, the safety of the biometric identification payment of the user can be improved.

Description

Biological identification payment method, device, gateway equipment and storage medium
Technical Field
The application belongs to the field of data processing, and particularly relates to a biometric identification payment method, a biometric identification payment device, a gateway device and a storage medium.
Background
With the gradual development of payment technology, the high efficiency and convenience of payment become the key points of user attention. The biometric payment is widely popularized due to the characteristics of high efficiency and convenience, and is a key technology in the payment technology at present.
Biometric identification is a biometric identification technique that performs identity authentication based on biometric information. Biometric payment is a technique for making a payment or transaction using biometric recognition. The biometric data of the user collected during the biometric payment process is the personal privacy data of the user. But due to the large-area popularization of face payment, the risk that personal privacy data of a user is abused in a large range exists. In case that there is a risk of wide-scale abuse of the personal privacy data, the risk of leakage of the personal privacy data of the user is also increased. Once the personal privacy data of the user is revealed, the security of the biometric payment of the user will be greatly affected.
Disclosure of Invention
The embodiment of the application provides a biometric payment method, a biometric payment device, gateway equipment and a storage medium, which can improve the security of biometric payment of a user.
In a first aspect, an embodiment of the present application provides a biometric payment method, which is applied to a gateway device, and the method includes: receiving a biometric routing payment request message, wherein the biometric routing payment request message comprises a first biometric payment group token and first biometric characteristic data, and the first biometric payment group token is used for representing that an initiating user of the biometric routing payment request message has the authority of biometric payment in a first group; determining a first group according to the first biometric payment group token, and performing biometric identification by using the first biometric data and a biometric database corresponding to the first group to obtain a biometric identification result; and sending the biological identification result to the payment device so that the payment device initiates a payment process according to the biological identification result.
In a second aspect, an embodiment of the present application provides a biometric payment device, including: the receiving module is used for receiving a biometric routing payment request message, the biometric routing payment request message comprises a first biometric payment group token and first biometric characteristic data, and the first biometric payment group token is used for representing that an initiating user of the biometric routing payment request message has the authority of biometric payment in a first group; the processing module is used for determining a first group according to the first biometric payment group token so as to perform biometric identification by utilizing the first biometric data and a biometric database corresponding to the first group to obtain a biometric identification result; and the sending module is used for sending the biological identification result to the payment equipment so that the payment equipment initiates a payment process according to the biological identification result.
In a third aspect, an embodiment of the present application provides a gateway device, which includes a processor, a memory, and a computer program stored on the memory and executable on the processor, where the computer program, when executed by the processor, implements the biometric payment method in the technical solution of the first aspect.
In a fourth aspect, the present application provides a computer-readable storage medium, on which a computer program is stored, where the computer program is executed by a processor to implement the biometric payment method in the technical solution of the first aspect.
The embodiment of the application provides a biometric payment method, a biometric payment device, gateway equipment and a storage medium. And determining a first group according to the first biometric payment group token, and performing biometric identification by using the first biometric data and a biometric database corresponding to the first group to obtain a biometric identification result. The biometric results may be used to initiate a payment process by the payment device. Wherein the first biometric payment group token may characterize the user's rights to have biometric payments in the first group. By utilizing the biological identification payment group token, the application range of the biological characteristic data of the user in payment is narrowed to a group, the risk that the personal privacy data of the user is abused in a large range is reduced, the risk that the personal privacy data of the user is leaked is reduced, and therefore the safety of the biological identification payment of the user is improved.
Drawings
The present application will be better understood from the following description of specific embodiments of the invention taken in conjunction with the accompanying drawings. Wherein like or similar reference numerals refer to like or similar features.
Fig. 1 is a schematic diagram illustrating an architecture of a biometric payment system according to an embodiment of the present application;
FIG. 2 is a flow chart of a biometric payment method provided in an embodiment of the present application;
FIG. 3 is a flow chart of a biometric payment method provided in another embodiment of the present application;
FIG. 4 is a flow chart of a biometric payment method provided in accordance with yet another embodiment of the present application;
fig. 5 is a flowchart of a biometric payment method in a biometric payment system according to an embodiment of the present application;
FIG. 6 is a flow chart of a biometric payment method provided in accordance with yet another embodiment of the present application;
FIG. 7 is a schematic structural diagram of a biometric payment device according to an embodiment of the present application;
FIG. 8 is a schematic structural diagram of a biometric payment device according to another embodiment of the present application;
fig. 9 is a schematic hardware structure diagram of a gateway device according to an embodiment of the present application.
Detailed Description
Features and exemplary embodiments of various aspects of the present application will be described in detail below. In the following detailed description, numerous specific details are set forth in order to provide a thorough understanding of the present application. It will be apparent, however, to one skilled in the art that the present application may be practiced without some of these specific details. The following description of the embodiments is merely intended to provide a better understanding of the present application by illustrating examples thereof. The present application is in no way limited to any specific configuration and algorithm set forth below, but rather covers any modification, replacement or improvement of elements, components or algorithms without departing from the spirit of the present application. In the drawings and the following description, well-known structures and techniques are not shown in order to avoid unnecessarily obscuring the present application.
Biometric payment is a technique for making a payment or transaction using biometric recognition. Since biometric payment involves personal privacy data such as biometric data of a user, security of biometric payment is a major concern. Fig. 1 is a schematic diagram illustrating an architecture of a biometric payment system according to an embodiment of the present application. As shown in fig. 1, the biometric payment system may include a payment device, an order receipt server, a gateway device, and a transaction server. The payment device and the network device can be authorized to carry out biological identification authority and biological identification. The interaction between the gateway device and the payment device may be performed by an order receipt server. The payment device and the service server can perform a payment process. The interaction between the payment device and the service server may be performed by the order taking server.
The application provides a biometric payment method, a biometric payment device, gateway equipment and a storage medium, which can be applied to a scene of biometric payment of a user. The biometric payment method in the present application is particularly applicable to, i.e. performed by, a gateway device. The biometric payment method in the application can limit the range of the user capable of using the biometric payment by using the biometric payment group token, thereby avoiding the risk of abusing personal privacy data of the user in a large range and improving the security of the biometric payment. It is worth mentioning that the Token is Token in this application.
Fig. 2 is a flowchart of a biometric payment method according to an embodiment of the present application. As shown in fig. 2, the biometric payment method may include steps S101 to S103.
In step S101, a biometric routing payment request message is received.
The biometric routing payment request message can be sent to the order receiving device by the user through the payment device, and then sent to the gateway device by the order receiving device. The biometric routed payment request message received by the network device may include a first biometric payment group token and first biometric data. Wherein the first biometric payment group token is used to characterize that an initiating user of the biometric routed payment request message has the authority for biometric payment in the first group. The first biometric payment group token is a biometric payment group token. The biometric payment group token is used to characterize the rights of the user to have biometric payment in the group. The biometric payment group token may indicate both the user having the authority to biometrically pay and the group of users having the authority to biometrically pay. The biometric payment group token is unique. For ease of description herein, the biometric payment group token included in the biometric routing payment request message is referred to as the first biometric payment group token. The first group is a group. For convenience of description herein, the group indicated by the first biometric payment group token is referred to as a first group.
The first biometric payment group token in different biometric routing payment request messages may be different and is not limited herein. The users having the biometric payment authority indicated by the different first biometric payment group tokens may be different and are not limited herein. The first group indicated by the different first biometric payment group token that the user has the right to biometrically pay may be different and is not limited herein.
The group may be a group divided by a user, a group divided by a service provider performing payment interaction with the user, or a group divided by the payment itself, and is not limited herein. For example, the group may be a group divided by service members, such as a group divided by members in a supermarket a, and another group divided by members in a supermarket B. For another example, the groups may be groups divided by business circles, with payments occurring in business circle a divided into one group and payments occurring in business circle B divided into another group.
The first biometric data is the biometric data of the user collected when the payment device initiates the biometric routing payment request message. The biometric data may specifically include, but is not limited to, facial feature data, fingerprint feature data, palm print feature data, iris feature data, and the like. The first biometric data contained in different biometric routing payment request messages may be different and is not limited herein.
In step S102, a first group is determined according to the first biometric payment group token, so as to perform biometric identification by using the first biometric data and a biometric database corresponding to the first group, and obtain a biometric identification result.
From the first group of biometric payments, a group of users having rights to biometric payments, i.e., the first group, may be determined. And in the process of biological identification, performing biological identification by using the first biological characteristic data and the biological characteristic database corresponding to the determined first group. The biometric identification is only executed in the first group, so that the application range of the biometric data is narrowed, and the risk of abusing the biometric data is reduced.
The biometric result is used to characterize the success or failure of biometric identification. In some examples, the biometric identification may be done by the gateway device, i.e. the gateway generates a biometric identification result. In other examples, the biometric identification may be performed by the transaction server, i.e., the transaction server generates the biometric identification. The gateway device may obtain the biometric identification result from the service server.
In step S103, the biometric result is sent to the payment device, so that the payment device initiates a payment process according to the biometric result.
Specifically, the gateway device may first send the biometric identification result to the order receiving device. The order receiving device sends the biological identification result to the payment device. The payment device receives the biological recognition result and can initiate a payment process according to the biological recognition result. For example, the payment device may send a payment transaction request to the transaction server in case the biometric result characterizes a success of the biometric identification. The biometric identification payment is realized through interaction between the payment equipment and the service server. The payment transaction request may include, but is not limited to, a user account, a payment password, a payment token, and the like.
In an embodiment of the application, a gateway device receives a biometric routed payment request message including a first biometric payment group token and first biometric data. And determining a first group according to the first biometric payment group token, and performing biometric identification by using the first biometric data and a biometric database corresponding to the first group to obtain a biometric identification result. The biometric results may be used to initiate a payment process by the payment device. Wherein the first biometric payment group token may characterize the user's rights to have biometric payments in the first group. By utilizing the biological identification payment group token, the application range of the biological characteristic data of the user in payment is narrowed to a group, the risk that the personal privacy data of the user is abused in a large range is reduced, the risk that the personal privacy data of the user is leaked is reduced, and therefore the safety of the biological identification payment of the user is improved.
Fig. 3 is a flowchart of a biometric payment method according to another embodiment of the present application. Fig. 3 is different from fig. 2 in that step S102 in fig. 2 can be specifically subdivided into step S1021 and step S1022 in fig. 3.
In step S1021, it is determined whether the first user identity and the first biometric payment group token have a binding relationship based on a pre-stored binding relationship of the user identity and the biometric payment group token.
Wherein the biometric routed payment request message may further include the first subscriber identification. The first user identifier is a user identifier, and is used for identifying a user, and may specifically be a user account, a user card number, and the like, which is not limited herein. For convenience of description herein, the user identifier included in the biometric routing payment request message is referred to as a first user identifier.
The binding relationship of the user identification and the biometric payment group token may be pre-stored in the gateway device. The user can be authenticated through the binding relationship between the user identification and the biometric payment group token. Specifically, if the corresponding relationship between the first user identifier and the first biometric payment group token exists in the binding relationship between the prestored user identifier and the biometric payment group token, it indicates that the first user identifier and the first biometric payment group token have the binding relationship, and the biometric routing payment request message is valid. And if the corresponding relation between the first user identifier and the first biological identification payment group token does not exist in the binding relation between the prestored user identifier and the biological identification payment group token, the first user identifier and the first biological identification payment group token are not in the binding relation, and the biological identification routing payment request message is invalid.
In step S1022, in a case that it is determined that the first user identifier and the first biometric payment group token have a binding relationship, a first group is determined according to the first biometric payment group token, so as to perform biometric identification by using the first biometric data and a biometric database corresponding to the first group, and obtain a biometric identification result.
In the case that the first subscriber identity is determined to have a binding relationship with the first biometric payment group token, indicating that the biometric routed payment request message is valid, the step of determining the first group to perform biometric using the first biometric data and the biometric database corresponding to the first group may be performed.
And under the condition that the first user identification is determined not to have the binding relationship with the first biological identification payment group token, the biological identification routing payment request message is invalid, and the step of determining the first group to perform biological identification by utilizing the first biological characteristic data and the biological characteristic database corresponding to the first group is not required to be executed.
Further, the biometric routing payment request message may also include the first payment token. The first payment token is a payment token. The payment token is used for payment verification when the payment equipment and the service server perform a payment process. For convenience of description herein, the payment token included in the biometric routing payment request message is referred to as a first payment token.
Correspondingly, in order to further ensure the security of the personal private data of the user, the validity of the biological identification routing payment request message can be determined. In the above embodiment, on the basis of whether the first user identifier has a binding relationship with the first biometric payment group token, validity determination of the biometric routing payment request message may be performed in combination with whether the first user identifier has a binding relationship with the first payment token. The step S1022 described above may specifically include the step S1022a and the step S1022 b.
In step S1022a, in the case where it is determined that the first user identifier has a binding relationship with the first biometric payment group token, it is determined whether the first user identifier has a binding relationship with the first payment token based on a pre-stored binding relationship of the user identifier with the payment token.
The binding relationship between the user identification and the payment token is also stored in the gateway device in advance. Specifically, if the corresponding relationship between the first user identifier and the first payment token exists in the binding relationship between the prestored user identifier and the payment token, it indicates that the first user identifier and the first payment token have the binding relationship, and the biometric routing payment request message is valid. And if the corresponding relation between the first user identifier and the first payment token does not exist in the binding relation between the prestored user identifier and the payment token, the first user identifier and the first payment token are represented to have no binding relation, and the biological identification routing payment request message is invalid.
In step S1022b, in the case that it is determined that the first user identifier and the first payment token have the binding relationship, the first group is determined according to the first biometric payment group token, so as to perform biometric identification by using the first biometric data and the biometric database corresponding to the first group, and obtain a biometric identification result.
In the case that it is determined that the first subscriber identity has a binding relationship with the first payment token, indicating that the biometric routed payment request message is valid, the step of determining the first group to perform biometric using the first biometric data and the biometric database corresponding to the first group may be performed.
And under the condition that the first user identification and the first payment token do not have the binding relationship, the biometric routing payment request message is invalid, and the step of determining the first group to perform biometric identification by utilizing the first biometric data and the biometric database corresponding to the first group is not required to be executed.
In the above embodiments, there may be a binding relationship between the biometric payment group token, the biometric data, the user identifier and the payment token of the same user, and the biometric routing payment request message may be subjected to comprehensive validity determination by using the binding relationship between the biometric payment group token, the biometric data, the user identifier and the payment token, which is not illustrated herein.
Fig. 4 is a flowchart of a biometric payment method according to another embodiment of the present application. Fig. 4 is different from fig. 2 in that, in the case where the biometric database is stored in the gateway device, step S102 in fig. 2 can be specifically subdivided into step S1023 and step S1024 in fig. 3; in the case where the biometric database is stored in the service server, step S102 in fig. 2 can be specifically subdivided into step S1025 and step S1026 in fig. 3.
In step S1023, a first group is determined from the first biometric payment group token.
The first biometric payment group token may be indicative of a first group. In some examples, at least a portion of the first biometric payment group token can indicate the first group. For example, the first biometric payment group token may be implemented as a string, a portion of which may be a group identification, which may indicate the first group.
In step S1024, the first biometric data is matched with the biometric data in the biometric database corresponding to the first group, so as to obtain a biometric identification result.
The gateway device may have at least one biometric database stored thereon. Each biometric database corresponds to a group. When the biological identification is carried out, the first biological characteristic data does not need to be matched with the biological characteristic data in each biological characteristic database, and only the biological characteristic data in the biological characteristic database corresponding to the first group needs to be matched with the first biological characteristic data.
For example, 6 biometric databases are stored in the gateway device, and the 6 biometric databases respectively correspond to group a1, group a2, group A3, group a4, group a5, and group a 6. Where the first group determined from the first biometric payment group token is group A3, the first biometric data is used to match biometric data in a biometric database corresponding to group A3.
In step S1025, a first group is determined according to the first biometric payment group token, and the first biometric data and the group identifier of the first group are sent to the service server.
The business server stores at least one biological characteristic database, and each biological characteristic database corresponds to one group. The business server receives the group identification of the first group, and can determine the biological characteristic database corresponding to the first group by using the group identification of the first group. When the business server carries out biological identification, the first biological characteristic data does not need to be matched with the biological characteristic data in each biological characteristic database, and only the biological characteristic data in the biological characteristic database corresponding to the first group needs to be matched with the first biological characteristic data.
In step S1026, a biometric result is received.
And the biological identification result is obtained by matching the first biological characteristic data with the biological characteristic data in the biological characteristic database corresponding to the first group by the service server. The business server sends the biological recognition result to the gateway device, and the gateway device can determine the success or failure of biological recognition according to the received biological recognition result.
The service server may belong to an acquirer. The business server can provide functional services such as payment terminal management, payment initiation, fund settlement and the like for service providers such as merchants and the like, and the business server can divide groups more accurately, so that the biological characteristic database corresponding to the accurately divided groups is stored, and the accuracy of division and management of the biological characteristic database is improved. Moreover, the business server is closely associated with service providers such as merchants and the like, so that the biological characteristic database is easier to manage and update, and the operation efficiency of the biological characteristic database is higher.
In the above embodiment, the biometric databases are in one-to-one correspondence with the groups, and the biometric databases of a large number of users are stored in separate databases. In the process of carrying out biological identification, the method can quickly position a specific biological characteristic database according to the group of the user, relieves the data bearing capacity of gateway equipment or a service server, and also improves the response speed of biological identification payment.
The application of the biometric payment method in the biometric payment system will be described as an example. Fig. 5 is a flowchart of a biometric payment method in a biometric payment system according to an embodiment of the present disclosure. As shown in fig. 5, the biometric payment method in the biometric payment system may specifically include steps S201 to S210.
In step S201, the payment device sends a biometric routed payment request message to the acquiring device.
In step S202, the order receiving device transmits a biometric routing payment request message to the gateway device.
In step S203, the gateway device verifies the validity of the biometric routing payment request message.
In step S204, when the biometric routing payment request message is valid, the gateway device performs biometric identification using the first biometric characteristic and the biometric characteristic corresponding to the first group, so as to obtain a biometric identification result.
In step S205, the gateway apparatus transmits the biometric result to the order reception apparatus.
In step S206, the order reception apparatus transmits the biometric result to the payment apparatus.
In step S207, in case the biometric identification result indicates that the biometric identification is successful, the payment device sends a payment transaction request message to the order taking device.
The payment transaction request message may include, but is not limited to, a payment token, a payment password, a user identification, and the like.
In step S208, the order reception apparatus transmits a payment transaction request message to the service server.
In step S209, the service server generates a payment transaction response message and transmits the message to the order receiving device.
The payment transaction response message is used for representing whether the biometric payment is successful or not.
In step S210, the order receiving device transmits a payment transaction response message to the payment terminal.
In some examples, the service server may specifically include a server in a clearing system and a server in a card issuing service system, which is not limited herein.
Fig. 6 is a flowchart of a biometric payment method according to yet another embodiment of the present application. Fig. 6 is different from fig. 2 in that the biometric payment method shown in fig. 6 may further include steps S104 to S107.
In step S104, a biometric group payment fulfillment request message is received.
Wherein the biometric group payment fulfillment request message includes the second user identification and the group information. The group information is used to characterize the second group. The second user identification is a user identification. For convenience of description herein, the user identifier included in the biometric group payment fulfillment request message is referred to as a second user identifier. The second group is a group. For convenience of description herein, the group characterized by the group information in the biometric group payment fulfillment request message is referred to as a second group.
The second user id in the different biometric group payment fulfillment request message may be different, and is not limited herein. The group information in the different biometric group payment fulfillment request messages may be different, and the second group represented by the group information in the different biometric group payment fulfillment request messages may be different, which is not limited herein.
In step S105, a second biometric payment group token is generated based on the second user identity and the group information.
The second biometric payment group token is used to characterize that the initiating user of the biometric group payment fulfillment request message has the authority to biometric payment in the second group. I.e. the second biometric payment group token may indicate both the user having the right to biometrically pay and the second group of users having the right to biometrically pay. The second biometric payment group token is a biometric payment group token. For convenience of description herein, the biometric payment group token generated after receiving the biometric group payment fulfillment request message will be referred to as a second biometric payment group token. The different second biometric payment group token indicates a user, and the indicated second group may be different.
In some examples, the second user identification and the group information may be processed to generate a second biometric payment group token. The processing of the second user identifier and the group information may be specifically processing means such as merging, tokenization, encryption, and the like, and is not limited herein.
In step S106, the binding relationship of the second user identification to the second biometric payment group token is stored.
And under the condition that the initiating user of the biological identification group payment opening request message is determined to open the authority of the biological identification payment in the second group, storing the binding relation between the second user identification and the second biological identification payment group token in the gateway equipment. And in the process of carrying out the biological identification payment by the user with the second user identification, the binding relationship between the second user identification and the second biological identification payment group token stored in the gateway equipment can be utilized to verify whether the biological identification routing payment request message initiated by the user is valid.
In step S107, a face payment group fulfillment response message is sent to the payment device.
Specifically, the gateway device may first send a face payment group fulfillment response message to the order receiving device. And the acquiring system sends a face payment group opening response message to the payment equipment.
And the face payment group opening response message comprises a second biological identification payment group token. The gateway device transmits a biometric payment group token, i.e., a second biometric payment group token, generated for the user who initiated the biometric group payment fulfillment request message to the payment device through the face payment group fulfillment response message. The payment device may provide the second biometric payment group token to the gateway device in a subsequent process to effect the biometric payment.
In some examples, the gateway device may also send an authentication request message to the service server after receiving the biometric group payment fulfillment request message. The authentication request message includes the second subscriber identity. And the service server receives the second user identification, performs identity authentication on the user corresponding to the second user identification, generates an identity authentication response message and sends the identity authentication response message to the gateway equipment. The gateway device receives an authentication response message from the service server. The authentication response message is used to characterize whether the authentication of the second subscriber identity is successful.
In case that the authentication response message represents that the authentication of the second user identifier is successful, the above steps S105 to S107 are executed to further ensure the security of the personal privacy of the user.
In some examples, the biometric group payment fulfillment request message may also include second biometric data. The second biometric data is biometric data. For convenience of description herein, the biometric data included in the biometric group payment fulfillment request message is referred to as second biometric data. The second biometric data is collected prior to initiating the biometric group payment fulfillment request message. The gateway device may store the second biometric data in a biometric database corresponding to the second group for use in a subsequent biometric payment process.
In some examples, the group information in the above embodiments may include a group identification of the second group and/or acquisition channel information of the second biometric data. Different acquisition channels for acquiring the second biological characteristic data can correspond to different groups, so that the corresponding second group can be determined according to the acquisition channel information of the second biological characteristic data. For example, city C has business circles a1, a2, and A3. The collection channel information represents that second biological characteristic data are collected in the business district A1, and a second group corresponding to the collection channel information is a group corresponding to the business district A1. The collection channel information represents that second biological characteristic data are collected in the business district A2, and a second group corresponding to the collection channel information is a group corresponding to the business district A2. The collection channel information represents that second biological characteristic data are collected in the business district A3, and a second group corresponding to the collection channel information is a group corresponding to the business district A3.
In some examples, the gateway device may also generate a second payment token based on the second user identification after receiving the biometric group payment fulfillment request message. The face payment group fulfillment response message may also include a second payment token. The second payment token is a payment token. For convenience of description, the payment token generated according to the second user identifier after receiving the biometric group payment fulfillment request message is referred to as a second payment token. The gateway device may store the binding relationship between the second user identifier and the second payment token, so that the validity of the biometric routing payment request message of the user may be determined using the binding relationship between the second user identifier and the second payment token in a subsequent biometric payment process.
In the above embodiment, the service server and the gateway device may further synchronize at least part of the biometric payment information with each other. For example, the biometric payment information may include, but is not limited to, at least a portion of a user's mobile phone number, a biometric data cryptogram, a biometric routing index, a server organization code, a payment card number, and the like.
In some examples, the data in the gateway device, the payment device, the order receiving device, and the service server may be independently encrypted and stored, and modification of the data, that is, a data modification operation is prohibited as an invalid operation, so that controllability, security, stability, and reliability of the user privacy data are further improved.
The application also provides a biometric payment device. Fig. 7 is a schematic structural diagram of a biometric payment device according to an embodiment of the present application. As shown in fig. 7, the biometric payment device 300 may include a receiving module 301, a processing module 302, and a transmitting module 303.
A receiving module 301, configured to receive a biometric routed payment request message, where the biometric routed payment request message includes a first biometric payment group token and first biometric characteristic data.
Wherein the first biometric payment group token is used to characterize that an initiating user of the biometric routed payment request message has biometric payment rights in a first group.
The processing module 302 is configured to determine the first group according to the first biometric payment group token, so as to perform biometric identification by using the first biometric data and a biometric database corresponding to the first group, and obtain a biometric identification result.
A sending module 303, configured to send the biometric result to a payment device, so that the payment device initiates a payment process according to the biometric result.
In an embodiment of the present application, a biometric payment device receives a biometric routed payment request message including a first biometric payment group token and first biometric data. And determining a first group according to the first biometric payment group token, and performing biometric identification by using the first biometric data and a biometric database corresponding to the first group to obtain a biometric identification result. The biometric results may be used to initiate a payment process by the payment device. Wherein the first biometric payment group token may characterize the user's rights to have biometric payments in the first group. By utilizing the biological identification payment group token, the application range of the biological characteristic data of the user in payment is narrowed to a group, the risk that the personal privacy data of the user is abused in a large range is reduced, the risk that the personal privacy data of the user is leaked is reduced, and therefore the safety of the biological identification payment of the user is improved.
In some examples, the biometric routed payment request message may also include the first subscriber identification. Correspondingly, the processing module 302 may be specifically configured to: determining whether the first user identifier and the first biometric payment group token have a binding relationship or not based on a pre-stored binding relationship between the user identifier and the biometric payment group token, wherein the biometric payment group token is used for representing that the user has the biometric payment authority in the group; and under the condition that the first user identifier and the first biological identification payment group token are determined to have a binding relationship, determining a first group according to the first biological identification payment group token, and performing biological identification by using the first biological characteristic data and a biological characteristic database corresponding to the first group to obtain a biological identification result.
In some examples, the biometric routed payment request message may also include the first payment token. Correspondingly, the processing module 302 may be specifically configured to: under the condition that the first user identification and the first biological recognition payment group token are determined to have the binding relationship, determining whether the first user identification and the first payment token have the binding relationship or not based on the pre-stored binding relationship between the user identification and the payment token; and under the condition that the first user identifier and the first payment token are determined to have a binding relationship, determining a first group according to the first biometric payment group token, and performing biometric identification by using the first biometric data and a biometric database corresponding to the first group to obtain a biometric identification result.
In some examples, the biometric payment device stores at least one biometric database. Each biometric database corresponds to a group.
The processing module 302 may be specifically configured to: determining a first group from the first biometric payment group token; and matching the first biological characteristic data with the biological characteristic data in the biological characteristic database corresponding to the first group to obtain a biological identification result.
In another example, the business server stores at least one biometric database. Each biometric database corresponds to a group.
The processing module 302 may be specifically configured to determine the first group from the first biometric payment group token.
The sending module 303 may be further configured to send the first biometric data and the group identity of the first group to the service server.
The receiving module 301 may also be configured to receive a biometric result.
And the biological identification result is obtained by matching the first biological characteristic data with the biological characteristic data in the biological characteristic database corresponding to the first group by the service server.
Fig. 8 is a schematic structural diagram of a biometric payment device according to another embodiment of the present application. Fig. 8 differs from fig. 7 in that the biometric payment device 300 shown in fig. 8 may further include a group token generation module 304, a storage module 305, and a payment token generation module 306.
The receiving module 301 may be further configured to receive a biometric group payment fulfillment request message.
Wherein the biometric group payment fulfillment request message includes the second user identification and the group information. The group information is used to characterize the second group.
The group token generation module 304 may be operable to generate a second biometric payment group token based on the second user identification and the group information.
Wherein the second biometric payment group token is used to characterize that the initiating user of the biometric group payment fulfillment request message has the right to biometric payment in the second group.
The storage module 305 may be used to store a binding relationship of the second user identification to the second biometric payment group token.
The sending module 303 may be further configured to send a face payment group fulfillment response message to the payment device. The face payment group fulfillment response message includes a second biometric payment group token.
In some examples, the sending module 303 is further configured to send an authentication request message to the service server.
Wherein the authentication request message includes the second subscriber identity.
The receiving module 301 may be further configured to receive an authentication response message from the service server.
Wherein, the identity verification response message is used for representing whether the identity verification of the second user identification is successful.
The group token generation module 304 may be specifically configured to generate a second biometric payment group token according to the second user identifier and the group information, when the authentication response message indicates that the authentication of the second user identifier is successful.
In some examples, the biometric group payment fulfillment request message further includes second biometric data. The storage module 305 may be further configured to store the second biometric data in a biometric database corresponding to the second group.
The group information in the above embodiments may comprise a group identification of the second group and/or acquisition channel information of the second biometric data.
The payment token generation module 306 may be configured to generate a second payment token based on the second user identification.
The storage module 305 may be further configured to store a binding relationship between the second user identifier and the second payment token.
Wherein the face payment group provisioning response message further comprises the second payment token.
The application also provides a gateway device. Fig. 9 is a schematic hardware structure diagram of a gateway device according to an embodiment of the present application. As shown in fig. 9, the gateway device 400 comprises a memory 401, a processor 402 and a computer program stored on the memory 401 and executable on the processor 402.
In one example, the processor 402 may include a Central Processing Unit (CPU), or an Application Specific Integrated Circuit (ASIC), or may be configured to implement one or more integrated circuits of embodiments of the present application.
Memory 401 may include mass storage for data or instructions. By way of example, and not limitation, memory 401 may include an HDD, floppy disk drive, flash memory, optical disk, magneto-optical disk, magnetic tape, or Universal Serial Bus (USB) drive, or a combination of two or more of these. Memory 401 may include removable or non-removable (or fixed) media, where appropriate. The memory 401 may be internal or external to the terminal hotspot switching gateway device 400, where appropriate. In a particular embodiment, the memory 401 is a non-volatile solid-state memory. In a particular embodiment, the memory 401 includes Read Only Memory (ROM). Where appropriate, the ROM may be mask-programmed ROM, Programmable ROM (PROM), Erasable PROM (EPROM), Electrically Erasable PROM (EEPROM), electrically rewritable ROM (EAROM), or flash memory or a combination of two or more of these.
The processor 402 runs a computer program corresponding to the executable program code by reading the executable program code stored in the memory 401 for implementing the biometric payment method in the above-described embodiment.
In one example, the gateway device 400 may also include a communication interface 403 and a bus 404. As shown in fig. 9, the memory 401, the processor 402, and the communication interface 403 are connected by a bus 404 to complete communication therebetween.
The communication interface 403 is mainly used for implementing communication between modules, apparatuses, units and/or devices in the embodiments of the present application. Input devices and/or output devices may also be accessed through communication interface 403.
The bus 404 may comprise hardware, software, or both that couple the components of the gateway device 400 to one another. By way of example, and not limitation, the bus 404 may include an Accelerated Graphics Port (AGP) or other graphics bus, an Enhanced Industry Standard Architecture (EISA) bus, a Front Side Bus (FSB), a Hyper Transport (HT) interconnect, an Industry Standard Architecture (ISA) bus, an infiniband interconnect, a Low Pin Count (LPC) bus, a memory bus, a Micro Channel Architecture (MCA) bus, a Peripheral Component Interconnect (PCI) bus, a PCI-Express (PCI-X) bus, a Serial Advanced Technology Attachment (SATA) bus, a video electronics standards association local (VLB) bus, or other suitable bus, or a combination of two or more of these. Bus 404 may include one or more buses, where appropriate. Although specific buses are described and shown in the embodiments of the application, any suitable buses or interconnects are contemplated by the application.
An embodiment of the present application further provides a computer-readable storage medium, on which a computer program is stored, and the computer program, when executed by a processor, can implement the biometric payment method applied to the gateway device in the above embodiments.
It should be clear that the embodiments in this specification are described in a progressive manner, and the same or similar parts in the embodiments are referred to each other, and each embodiment focuses on the differences from the other embodiments. For apparatus embodiments, gateway device embodiments, and computer-readable storage medium embodiments, reference may be made in the descriptive section to method embodiments for relevant. The present application is not limited to the particular steps and structures described above and shown in the drawings. Those skilled in the art may make various changes, modifications and additions or change the order between the steps after appreciating the spirit of the present application. Also, a detailed description of known process techniques is omitted herein for the sake of brevity.
It will be appreciated by persons skilled in the art that the above embodiments are illustrative and not restrictive. Different features which are present in different embodiments may be combined to advantage. Other variations to the disclosed embodiments can be understood and effected by those skilled in the art upon studying the drawings, the specification, and the claims. In the claims, the term "comprising" does not exclude other means or steps; the nouns are not necessarily the same quantity, and the number of the nouns can be one or more; the terms "first" and "second" are used to denote a name and not to denote any particular order. Any reference signs in the claims shall not be construed as limiting the scope. The functions of the various parts appearing in the claims may be implemented by a single hardware or software module. The mere fact that certain measures are recited in mutually different dependent claims does not indicate that a combination of these measures cannot be used to advantage.

Claims (13)

1. A biometric payment method, applied to a gateway device, the method comprising:
receiving a biometric routed payment request message, the biometric routed payment request message including a first biometric payment group token and first biometric characteristic data, the first biometric payment group token being used to characterize that an initiating user of the biometric routed payment request message has biometric payment rights in a first group;
determining the first group according to the first biometric payment group token, and performing biometric identification by using the first biometric data and a biometric database corresponding to the first group to obtain a biometric identification result;
and sending the biological identification result to a payment device so that the payment device initiates a payment process according to the biological identification result.
2. The method of claim 1, wherein the biometric routing payment request message further comprises a first subscriber identity;
the determining the first group according to the first biometric payment group token, and performing biometric identification by using the first biometric data and a biometric database corresponding to the first group to obtain a biometric identification result includes:
determining whether the first user identifier and the first biometric payment group token have a binding relationship based on a pre-stored binding relationship between the user identifier and the biometric payment group token, wherein the biometric payment group token is used for representing that a user has the authority of biometric payment in a group;
and under the condition that the first user identification and the first biological identification payment group token are determined to have a binding relationship, determining the first group according to the first biological identification payment group token, and performing biological identification by using the first biological characteristic data and a biological characteristic database corresponding to the first group to obtain a biological identification result.
3. The method of claim 2, wherein the biometric routed payment request message further comprises a first payment token;
the determining the first group according to the first biometric payment group token, and performing biometric identification by using the first biometric data and a biometric database corresponding to the first group to obtain a biometric identification result includes:
determining whether the first user identifier and the first payment token have a binding relation based on a pre-stored binding relation between the user identifier and the payment token;
and under the condition that the first user identification and the first payment token are determined to have a binding relationship, determining the first group according to the first biometric payment group token, and performing biometric identification by using the first biometric data and a biometric database corresponding to the first group to obtain a biometric identification result.
4. The method according to claim 1, wherein the gateway device stores at least one biometric database, each of the biometric databases corresponding to a group;
the determining the first group according to the first biometric payment group token to perform biometric identification by using the first biometric data and a biometric database corresponding to the first group to obtain a biometric identification result includes:
determining the first group from the first biometric payment group token;
and matching the first biological characteristic data with the biological characteristic data in the biological characteristic database corresponding to the first group to obtain a biological identification result.
5. The method of claim 1, wherein determining the first group according to the first biometric payment group token for biometric identification using the first biometric data and a biometric database corresponding to the first group to obtain a biometric result comprises:
determining the first group according to the first biometric payment group token, and sending the first biometric data and the group identifier of the first group to a service server, wherein the service server stores at least one biometric database, and each biometric database corresponds to one group;
and receiving the biological identification result, wherein the biological identification result is obtained by matching the first biological characteristic data with the biological characteristic data in the biological characteristic database corresponding to the first group by the service server.
6. The method of claim 1, further comprising:
receiving a biological identification group payment opening request message, wherein the biological identification group payment opening request message comprises a second user identification and group information, and the group information is used for representing a second group;
generating a second biological identification payment group token according to the second user identification and the group information, wherein the second biological identification payment group token is used for representing that an initiating user of the biological identification group payment opening request message has the authority of biological identification payment in the second group;
storing a binding relationship of the second user identification and the second biometric payment group token;
sending a face payment group fulfillment response message to the payment device, the face payment group fulfillment response message including the second biometric payment group token.
7. The method of claim 6, further comprising, after the receiving the biometric group payment fulfillment request message:
sending an identity authentication request message to a service server, wherein the identity authentication request message comprises a second user identifier;
receiving an authentication response message from the service server, wherein the authentication response message is used for representing whether the authentication of the second user identifier is successful or not;
wherein generating a second biometric payment group token based on the second user identification and the group information comprises:
and under the condition that the identity verification response message represents that the identity verification of the second user identification is successful, generating a second biological identification payment group token according to the second user identification and the group information.
8. The method of claim 6, wherein the biometric group payment fulfillment request message further includes second biometric data;
the method further comprises the following steps:
and storing the second biological characteristic data into a biological characteristic database corresponding to the second group.
9. The method of claim 8,
the group information comprises a group identification of the second group and/or acquisition channel information of the second biometric data.
10. The method of claim 6, further comprising, after the receiving the biometric group payment fulfillment request message:
generating a second payment token according to the second user identification;
storing a binding relationship of the second user identification and the second payment token;
wherein the face payment group provisioning response message further comprises the second payment token.
11. A biometric payment device, comprising:
a receiving module, configured to receive a biometric routed payment request message, where the biometric routed payment request message includes a first biometric payment group token and first biometric characteristic data, and the first biometric payment group token is used to characterize that an initiating user of the biometric routed payment request message has a right to perform biometric payment in a first group;
the processing module is used for determining the first group according to the first biometric payment group token so as to perform biometric identification by utilizing the first biometric data and a biometric database corresponding to the first group to obtain a biometric identification result;
and the sending module is used for sending the biological identification result to a payment device so that the payment device initiates a payment process according to the biological identification result.
12. A gateway device comprising a processor, a memory and a computer program stored on the memory and executable on the processor, the computer program, when executed by the processor, implementing a biometric payment method as claimed in any one of claims 1 to 10.
13. A computer-readable storage medium, on which a computer program is stored which, when executed by a processor, implements a biometric payment method as claimed in any one of claims 1 to 10.
CN202010259375.5A 2020-04-03 2020-04-03 Biometric payment method, device, gateway equipment and storage medium Active CN111539732B (en)

Priority Applications (2)

Application Number Priority Date Filing Date Title
CN202010259375.5A CN111539732B (en) 2020-04-03 2020-04-03 Biometric payment method, device, gateway equipment and storage medium
PCT/CN2021/075657 WO2021196892A1 (en) 2020-04-03 2021-02-05 Biometric identification payment method and apparatus, gateway device and storage medium

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
CN202010259375.5A CN111539732B (en) 2020-04-03 2020-04-03 Biometric payment method, device, gateway equipment and storage medium

Publications (2)

Publication Number Publication Date
CN111539732A true CN111539732A (en) 2020-08-14
CN111539732B CN111539732B (en) 2024-02-27

Family

ID=71978563

Family Applications (1)

Application Number Title Priority Date Filing Date
CN202010259375.5A Active CN111539732B (en) 2020-04-03 2020-04-03 Biometric payment method, device, gateway equipment and storage medium

Country Status (2)

Country Link
CN (1) CN111539732B (en)
WO (1) WO2021196892A1 (en)

Cited By (2)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN112036894A (en) * 2020-09-01 2020-12-04 中国银行股份有限公司 Method and system for identity confirmation by using iris characteristics and motion characteristics
WO2021196892A1 (en) * 2020-04-03 2021-10-07 ***股份有限公司 Biometric identification payment method and apparatus, gateway device and storage medium

Citations (4)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN105930765A (en) * 2016-02-29 2016-09-07 ***股份有限公司 Payment method and device
CN110457882A (en) * 2019-07-18 2019-11-15 阿里巴巴集团控股有限公司 A kind of identification pretreatment, personal identification method and system
CN110688974A (en) * 2019-09-30 2020-01-14 支付宝(杭州)信息技术有限公司 Identity recognition method and device
US20200058032A1 (en) * 2018-08-20 2020-02-20 Denikumar Dalpatbhai Lad Biometric Payment Transaction Without Mobile or Card

Family Cites Families (2)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
WO2019162957A1 (en) * 2018-08-20 2019-08-29 Lad Denikumar Biometric payment transaction without mobile or card
CN111539732B (en) * 2020-04-03 2024-02-27 ***股份有限公司 Biometric payment method, device, gateway equipment and storage medium

Patent Citations (4)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN105930765A (en) * 2016-02-29 2016-09-07 ***股份有限公司 Payment method and device
US20200058032A1 (en) * 2018-08-20 2020-02-20 Denikumar Dalpatbhai Lad Biometric Payment Transaction Without Mobile or Card
CN110457882A (en) * 2019-07-18 2019-11-15 阿里巴巴集团控股有限公司 A kind of identification pretreatment, personal identification method and system
CN110688974A (en) * 2019-09-30 2020-01-14 支付宝(杭州)信息技术有限公司 Identity recognition method and device

Cited By (3)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
WO2021196892A1 (en) * 2020-04-03 2021-10-07 ***股份有限公司 Biometric identification payment method and apparatus, gateway device and storage medium
CN112036894A (en) * 2020-09-01 2020-12-04 中国银行股份有限公司 Method and system for identity confirmation by using iris characteristics and motion characteristics
CN112036894B (en) * 2020-09-01 2023-08-18 中国银行股份有限公司 Method and system for identity confirmation by utilizing iris characteristics and action characteristics

Also Published As

Publication number Publication date
WO2021196892A1 (en) 2021-10-07
CN111539732B (en) 2024-02-27

Similar Documents

Publication Publication Date Title
RU2711464C2 (en) Multiple-device transaction verification
EP2819050B1 (en) Electronic signature system for an electronic document using a third-party authentication circuit
US10366391B2 (en) Variable authentication process and system
US9699183B2 (en) Mutual authentication of a user and service provider
CN106464673B (en) Enhanced security for authenticating device registration
US8510797B2 (en) Online user authentication
KR100911983B1 (en) Method and System for Implementing Authentication on Information Security
EP2065798A1 (en) Method for performing secure online transactions with a mobile station and a mobile station
CN110999212A (en) Online authentication of account holders using biometric identification and privacy protection methods
US20140081784A1 (en) Payment method, payment server performing the same and payment system performing the same
WO2007023756A1 (en) Identify authenticating system, user terminal, service provider apparatus, reliability assuring server, operating method of them and operating program of them
CN113015992B (en) Cloud token provisioning of multiple tokens
KR20130084727A (en) Method for providing services of user identification processing
CN111539732A (en) Biological identification payment method, device, gateway equipment and storage medium
WO2018043951A1 (en) Pos device and system for performing payment authentication using biometric information, and control method therefor
CN114463012A (en) Authentication method, payment method, device and equipment
CN109741070B (en) Account management method and device based on network certificate
US11386427B2 (en) System for secure authentication of a user's identity in an electronic system for banking transactions
US20150127546A1 (en) Methods for providing internet services through a toll free connection to a user and devices thereof
CN112084527A (en) Data storage and acquisition method, device, equipment and medium
JP2002245006A (en) Authentication system, authentication method, program, and recording medium therefor
WO2023124107A1 (en) Information query method and apparatus, device, and computer readable storage medium
CN105590197B (en) Router-based payment method and router
KR20210017308A (en) Method for providing secondary authentication service using device registration and distributed storage of data
CN111937023A (en) Security authentication system and method

Legal Events

Date Code Title Description
PB01 Publication
PB01 Publication
SE01 Entry into force of request for substantive examination
SE01 Entry into force of request for substantive examination
GR01 Patent grant
GR01 Patent grant