CN112837054A - Online payment method and device - Google Patents

Online payment method and device Download PDF

Info

Publication number
CN112837054A
CN112837054A CN202110330643.2A CN202110330643A CN112837054A CN 112837054 A CN112837054 A CN 112837054A CN 202110330643 A CN202110330643 A CN 202110330643A CN 112837054 A CN112837054 A CN 112837054A
Authority
CN
China
Prior art keywords
payment
auxiliary card
card
card number
auxiliary
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Pending
Application number
CN202110330643.2A
Other languages
Chinese (zh)
Inventor
李桂
金纯亮
陈柳廷
钟其昌
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
Industrial and Commercial Bank of China Ltd ICBC
Original Assignee
Industrial and Commercial Bank of China Ltd ICBC
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Industrial and Commercial Bank of China Ltd ICBC filed Critical Industrial and Commercial Bank of China Ltd ICBC
Priority to CN202110330643.2A priority Critical patent/CN112837054A/en
Publication of CN112837054A publication Critical patent/CN112837054A/en
Pending legal-status Critical Current

Links

Images

Classifications

    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06QINFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES, NOT OTHERWISE PROVIDED FOR
    • G06Q20/00Payment architectures, schemes or protocols
    • G06Q20/30Payment architectures, schemes or protocols characterised by the use of specific devices or networks
    • G06Q20/34Payment architectures, schemes or protocols characterised by the use of specific devices or networks using cards, e.g. integrated circuit [IC] cards or magnetic cards
    • G06Q20/341Active cards, i.e. cards including their own processing means, e.g. including an IC or chip
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06QINFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES, NOT OTHERWISE PROVIDED FOR
    • G06Q20/00Payment architectures, schemes or protocols
    • G06Q20/38Payment protocols; Details thereof
    • G06Q20/40Authorisation, e.g. identification of payer or payee, verification of customer or shop credentials; Review and approval of payers, e.g. check credit lines or negative lists
    • G06Q20/401Transaction verification

Landscapes

  • Business, Economics & Management (AREA)
  • Engineering & Computer Science (AREA)
  • Accounting & Taxation (AREA)
  • Physics & Mathematics (AREA)
  • Strategic Management (AREA)
  • General Business, Economics & Management (AREA)
  • General Physics & Mathematics (AREA)
  • Theoretical Computer Science (AREA)
  • Computer Networks & Wireless Communication (AREA)
  • Microelectronics & Electronic Packaging (AREA)
  • Computer Security & Cryptography (AREA)
  • Finance (AREA)
  • Financial Or Insurance-Related Operations Such As Payment And Settlement (AREA)

Abstract

The invention provides an online payment method and device, which can be used in the financial field or other technical fields. The method comprises the following steps: receiving a payment authorization request initiated by a merchant server, wherein the payment authorization request comprises an auxiliary card number, an auxiliary card password and payment information; if the auxiliary card password passes verification, obtaining a payment authorization rule corresponding to the auxiliary card number; wherein the payment authorization rules are preset; and if the payment authorization request meets the payment authorization rule corresponding to the auxiliary card number, performing payment processing based on the payment information and returning a payment result to the merchant server. The device is used for executing the method. The online payment method and the online payment device provided by the embodiment of the invention improve the payment safety.

Description

Online payment method and device
Technical Field
The invention relates to the technical field of electronic payment, in particular to an online payment method and device.
Background
With the widespread use of the internet, electronic commerce has been developed rapidly in recent years, and in electronic commerce, the transaction of commodities can be completed on the internet.
For secure e-commerce payments, Master Card and Visa and some other vendors have made and issued the SET protocol. The SET protocol specifies a method for a cardholder to pay using a bank card in a network environment, provides a rule for implementing security measures for an application of electronic transactions based on the bank card, and is a secure transaction protocol for protecting the cardholder, an issuer, a merchant and an acquirer to pay the bank card through the internet. However, the SET protocol has high requirements on software and hardware environments and high transaction cost. Firstly, an authoritative certification Center (CA) is set, various electronic certificates including a card holder certificate, a special merchant certificate, a payment gateway certificate, an acquirer certificate and an issuer certificate are checked and issued, and special software is respectively installed on terminals of a bank, a merchant and a client, for example, electronic wallet software of a client is used for finishing a series of work of identity authentication, encryption, digital signature and the like. In order to securely store the private key and the certificate, the client needs to have a smart card, a card reader, and the like. Second, the customer is required to provide the merchant with the relevant information of the payment card, including the card number, which the merchant uses to send a payment request including the payment-related information to the issuer or acquirer. Because the payment request carries the payment related information of the cardholder, the possibility of information stealing exists, the risk of information leakage caused by the insecurity of the online shopping mall of the merchant exists during or after the transaction, and if the payment related information of the cardholder is leaked to lawless persons and illegal merchants, great potential safety hazards are brought to property safety of the cardholder. Therefore, how to provide an online payment method, which can reduce the leakage risk of the information related to the customer payment and improve the security of online payment becomes an important issue to be solved in the field.
Disclosure of Invention
Aiming at the problems in the prior art, the embodiments of the present invention provide an online payment method and apparatus, which can at least partially solve the problems in the prior art.
In one aspect, the present invention provides an online payment method, including:
receiving a payment authorization request initiated by a merchant server, wherein the payment authorization request comprises an auxiliary card number, an auxiliary card password and payment information;
if the auxiliary card password passes verification, obtaining a payment authorization rule corresponding to the auxiliary card number; wherein the payment authorization rules are preset;
and if the payment authorization request meets the payment authorization rule corresponding to the auxiliary card number, performing payment processing based on the payment information and returning a payment result to the merchant server.
In another aspect, the present invention provides an online payment device, including:
the receiving module is used for receiving a payment authorization request initiated by the merchant server, wherein the payment authorization request comprises an auxiliary card number, an auxiliary card password and payment information;
the verification module is used for acquiring a payment authorization rule corresponding to the auxiliary card number after the auxiliary card password passes verification; wherein the payment authorization rules are preset;
and the payment processing module is used for performing payment processing based on the payment information and returning a payment result to the merchant server after the payment authorization request meets the payment authorization rule corresponding to the auxiliary card number.
In another aspect, the present invention provides an electronic device, which includes a memory, a processor, and a computer program stored in the memory and executable on the processor, wherein the processor executes the computer program to implement the steps of the online payment method according to any one of the above embodiments.
In yet another aspect, the present invention provides a computer-readable storage medium, on which a computer program is stored, the computer program, when being executed by a processor, implementing the steps of the online payment method according to any one of the above embodiments.
The online payment method and the online payment device provided by the embodiment of the invention can receive a payment authorization request initiated by a merchant server, wherein the payment authorization request comprises an auxiliary card number, an auxiliary card password and payment information, if the auxiliary card password passes verification, a payment authorization rule corresponding to the auxiliary card number is obtained, if the payment authorization request meets the payment authorization rule corresponding to the auxiliary card number, payment processing is carried out based on the payment information and a payment result is returned to the merchant server, and because online payment is carried out through the auxiliary card number, the leakage of real information of a customer in the online transaction process is reduced, and the payment safety is improved.
Drawings
In order to more clearly illustrate the embodiments of the present invention or the technical solutions in the prior art, the drawings used in the description of the embodiments or the prior art will be briefly described below, it is obvious that the drawings in the following description are only some embodiments of the present invention, and for those skilled in the art, other drawings can be obtained according to the drawings without creative efforts. In the drawings:
fig. 1 is a schematic flow chart of an online payment method according to an embodiment of the present invention.
Fig. 2 is a schematic flow chart of an online payment method according to another embodiment of the present invention.
Fig. 3 is a schematic flow chart of an online payment method according to still another embodiment of the present invention.
Fig. 4 is a schematic structural diagram of an issuer server according to an embodiment of the present invention.
Fig. 5 is a schematic flow chart of secondary card registration according to an embodiment of the present invention.
Fig. 6 is a schematic flow chart of an online payment method according to another embodiment of the present invention.
Fig. 7 is a schematic structural diagram of an online payment device according to an embodiment of the present invention.
Fig. 8 is a schematic structural diagram of an online payment device according to another embodiment of the present invention.
Fig. 9 is a schematic structural diagram of an online payment device according to still another embodiment of the present invention.
Fig. 10 is a schematic structural diagram of an online payment device according to another embodiment of the present invention.
Fig. 11 is a schematic physical structure diagram of an electronic device according to an embodiment of the present invention.
Detailed Description
In order to make the objects, technical solutions and advantages of the embodiments of the present invention more apparent, the embodiments of the present invention are further described in detail below with reference to the accompanying drawings. The exemplary embodiments and descriptions of the present invention are provided to explain the present invention, but not to limit the present invention. It should be noted that the embodiments and features of the embodiments in the present application may be arbitrarily combined with each other without conflict.
Fig. 1 is a schematic flow chart of an online payment method according to an embodiment of the present invention, and as shown in fig. 1, the online payment method according to the embodiment of the present invention includes:
s101, receiving a payment authorization request initiated by a merchant server, wherein the payment authorization request comprises an auxiliary card number, an auxiliary card password and payment information;
specifically, when a customer purchases a commodity on the internet, a payment request may be sent to the merchant server through the shopping terminal, where the payment request may include information such as an auxiliary card number, an auxiliary card password, a payment amount, and a commodity name. The merchant server receives the payment request and then initiates a payment authorization request, wherein the payment authorization request comprises an auxiliary card number, an auxiliary card password and payment information. An issuer server may receive the consumption transaction request. If the bank of the merchant receives the payment authorization request, the bank sends the payment authorization request to the issuer server, and the issuer of the merchant and the bank corresponding to the auxiliary card number perform the same account opening action. If the issuer corresponding to the auxiliary card number and the acquirer of the merchant is not the same bank, the payment authorization request is sent to the acquirer server by the merchant server, and then the acquirer server forwards the payment authorization request to the issuer server by a third-party server. The payment information includes, but is not limited to, information such as a collection account number, a transaction amount, a merchant name, a commodity introduction, a merchant classified transaction order number, and the like, and is set according to actual needs, which is not limited in the embodiment of the present invention.
S102, if the password of the auxiliary card passes verification, obtaining a payment authorization rule corresponding to the card number of the auxiliary card; wherein the payment authorization rules are preset;
specifically, after receiving the payment authorization request, the issuer server queries an auxiliary card password corresponding to the auxiliary card number according to the auxiliary card number, then compares the queried auxiliary card password with the auxiliary card password included in the payment authorization request, and if the queried auxiliary card password is the same as the auxiliary card password included in the payment authorization request, the auxiliary card password included in the payment authorization request passes verification. And then, the card issuer server inquires corresponding payment authorization rules according to the auxiliary card number. The payment authorization rule is preset and corresponds to the auxiliary card number.
S103, if the payment authorization request meets the payment authorization rule corresponding to the auxiliary card number, performing payment processing based on the payment information and returning a payment result to the merchant server.
Specifically, after obtaining the payment authorization rule corresponding to the secondary card number, the issuer server may determine whether the payment authorization request meets the payment authorization rule corresponding to the secondary card number based on the validity period of the secondary card number and/or the payment information, and if it is determined that the payment authorization request meets the payment authorization rule corresponding to the secondary card number, the issuer server may perform payment processing based on the payment information and then return a payment result to the merchant server. Wherein, the validity period of the auxiliary card number is preset.
The online payment method provided by the embodiment of the invention can receive a payment authorization request initiated by a merchant server, wherein the payment authorization request comprises an auxiliary card number, an auxiliary card password and payment information, if the auxiliary card password passes verification, a payment authorization rule corresponding to the auxiliary card number is obtained, if the payment authorization request meets the payment authorization rule corresponding to the auxiliary card number, payment processing is carried out based on the payment information and a payment result is returned to the merchant server, and because online payment is carried out through the auxiliary card number, the leakage of real information of a customer in the online transaction process is reduced, and the payment safety is improved. In addition, the SET protocol is not needed, and a software and hardware environment meeting the requirements of the SET protocol is not needed to be configured, so that the transaction cost is reduced under the condition of ensuring the payment safety.
On the basis of the above embodiments, further, the payment authorization rule includes at least one of a validity period condition, a payment limit condition and a payment number condition.
Specifically, the validity period condition comprises that the validity period of the auxiliary card number is within a set period. The card issuer server can inquire the validity period of the auxiliary card number according to the auxiliary card number, and if the validity period of the auxiliary card number is judged to be within the set validity period, the payment authorization request meets the validity period condition; if the validity period of the auxiliary card number exceeds the set term, the payment authorization request does not meet the validity period condition. The set time limit is set according to actual needs, and the embodiment of the invention is not limited.
The payment limit condition comprises that the transaction amount is less than or equal to a preset value. And the card issuer server acquires transaction amount from the payment information, and if the transaction amount is judged to be less than or equal to a preset value, the payment authorization request meets the payment limit condition. And if the transaction amount is judged to be larger than the preset value, the payment authorization request does not meet the payment limit condition. The preset value is set according to actual needs, and the embodiment of the invention is not limited.
The condition of payment number includes that the number of times of payment of the auxiliary card number in the day is less than or equal to a set value. The card issuing bank server can count the transaction times of the auxiliary card number on the same day as the payment times of the auxiliary card number on the same day, and if the payment times of the auxiliary card number on the same day is judged to be less than or equal to the set value, the payment authorization request meets the condition of payment times. And if the current day payment times of the auxiliary card number is larger than the set value, the payment authorization request does not meet the condition of the number of payment strokes. The setting value is set according to actual needs, and the embodiment of the invention is not limited.
The consumption limiting rule may include any one of a validity period condition, a payment limit condition and a payment number condition, may include a combination of the above conditions, and may include all of the above conditions. When the consumption limiting rule comprises the condition, the payment authorization request meets the condition, namely meets the payment authorization rule corresponding to the auxiliary card number. When the consumption limiting rule comprises two or more conditions, the payment authorization request needs to satisfy each condition included in the consumption limiting rule to satisfy the payment authorization rule corresponding to the secondary card number, that is, if the payment authorization request does not satisfy any one of the conditions included in the consumption limiting rule, the payment authorization request does not satisfy the consumption limiting rule.
Fig. 2 is a schematic flow chart of an online payment method according to another embodiment of the present invention, and as shown in fig. 2, on the basis of the foregoing embodiments, the online payment method according to the embodiment of the present invention further includes:
s201, receiving auxiliary card registration application information sent by a client terminal, wherein the auxiliary card registration application information comprises a main card number and a main card password;
specifically, in order to use the secondary card for online payment, the customer needs to apply for the secondary card first. And the user sends auxiliary card registration application information to the card issuer server through the client terminal, wherein the auxiliary card registration application information comprises a main card number and a main card password. And the card issuing server receives the auxiliary card registration application information. The client terminal includes, but is not limited to, a desktop computer, a notebook computer, a smart phone, and the like.
S202, if the main card password passes verification, generating an auxiliary card number and an auxiliary card password, and binding the auxiliary card number with the main card number;
specifically, after receiving the auxiliary card registration application information, the card issuer server queries a corresponding main card password according to the main card number, then compares the queried main card password with the main card password included in the auxiliary card registration application information, and if the queried main card password is the same as the main card password included in the auxiliary card registration application information, the main card password included in the auxiliary card registration application information passes verification. After the main card password included in the auxiliary card registration application information passes verification, the card issuer server may generate an auxiliary card number and an auxiliary card password, and then bind the generated auxiliary card number with the main card number. And after the auxiliary card number is bound with the main card number, charging the auxiliary card number through the main card number, or deducting the balance of the main card number through the auxiliary card number. The auxiliary card number can be generated randomly, or the generation rule of the auxiliary card number can be preset, and the auxiliary card number is generated according to the generation rule. The secondary card password may be randomly generated. When the auxiliary card number is generated, the corresponding validity period can be set, and the subsequent clients can change the validity period.
S203, returning the auxiliary card registration success information to the client terminal, wherein the auxiliary card registration success information comprises the auxiliary card number and the auxiliary card password.
Specifically, the card issuer server sends information of successful registration of the auxiliary card to the client terminal, where the information of successful registration of the auxiliary card includes the card number and the password of the auxiliary card.
Fig. 3 is a schematic flow chart of an online payment method according to still another embodiment of the present invention, and as shown in fig. 3, on the basis of the foregoing embodiments, further, the online payment method according to the embodiment of the present invention further includes:
s301, receiving sub-card logout application information sent by a client terminal, wherein the sub-card logout application information comprises a sub-card number and a sub-card password;
specifically, after the customer uses the secondary card, the secondary card can be cancelled, so that the security risk caused by the leakage of the secondary card information is reduced. And the user sends auxiliary card logout application information to the card issuing bank server through the client terminal, wherein the auxiliary card logout application information comprises an auxiliary card number and an auxiliary card password. And the card issuing server receives the secondary card logout application information.
S302, if the auxiliary card password passes verification, the auxiliary card number is cancelled;
specifically, after receiving the sub-card cancellation application information, the card issuer server queries a corresponding sub-card password according to the sub-card number, then compares the queried sub-card password with the sub-card password included in the sub-card cancellation application information, and if the queried sub-card password is the same as the sub-card password included in the sub-card cancellation application information, the sub-card password included in the sub-card cancellation application information passes verification. After the auxiliary card password included in the auxiliary card cancellation application information passes verification, the card issuing bank server cancels the auxiliary card number, namely, the binding relationship between the auxiliary card number and the main card number is released, so that the auxiliary card number can not be used for payment any more. It can be understood that, if the balance of the auxiliary card number is not zero when the auxiliary card number is cancelled, the balance of the auxiliary card number is transferred to the account of the bound main card number.
S303, returning the successful information of the cancellation of the secondary card to the client terminal.
Specifically, after the card issuer server cancels the secondary card number, the card issuer server may return a secondary card cancellation success message to the client terminal to prompt the client that the secondary card cancellation is successful.
The cardholder applies for the auxiliary card to the card issuer on the basis of the existing bank card main card account number, the online payment is completed at the merchant through the applied auxiliary card, and all the payment and settlement of the auxiliary card are brought into the bank card main card account number. The auxiliary card shields the information of the relevant information of the client for online payment, the card holder can be opened when in use, and the card holder can be immediately cancelled after the payment is finished, so that the leakage of the real bank card information of the client is avoided. In order to better protect the use safety of the secondary card, the customer can set the fund maximum limit of the secondary card by himself, and the limit of the daily single transaction limit, the daily maximum transaction limit, the daily transaction number, the valid period, the use times and the like is further provided, so that the payment safety is further provided.
On the basis of the foregoing embodiments, further, the performing payment processing based on the payment information includes:
and updating the balance of the auxiliary card number according to the transaction amount included in the payment information and recording the balance into a payment detail table.
Specifically, when the card issuer server performs payment processing, the card issuer server obtains the transaction amount from the payment information, then deducts the transaction amount from the balance of the auxiliary card number, and records the transaction amount in the payment detail table. And setting balance for the auxiliary card number, and deducting the transaction amount from the balance of the auxiliary card number in the payment process, so that the leakage of the main card number and the account is avoided, and the payment safety is further improved.
On the basis of the above embodiments, further, the online payment method provided by the embodiment of the present invention further includes:
and if the validity period corresponding to the auxiliary card number expires, sending expiration prompt information to the client terminal.
Specifically, when the customer applies for the secondary card, an expiration date may be set for the secondary card. And if the card issuer server judges that the validity period corresponding to the auxiliary card number is due, the card issuer server can send a due prompt message to the client terminal to prompt the client that the auxiliary card is due.
On the basis of the above embodiments, further, the online payment method provided by the embodiment of the present invention further includes:
and if the payment authorization request does not meet the payment authorization rule corresponding to the auxiliary card number, returning payment failure prompt information to the merchant server.
Specifically, the issuer server may determine whether the payment authorization request satisfies the payment authorization rule corresponding to the secondary card number based on the validity period of the secondary card number and/or the payment information, and may reflect payment failure prompt information to the merchant server if it is determined that the payment authorization request does not satisfy the payment authorization rule corresponding to the secondary card number and payment is not to be performed based on the payment information.
Fig. 4 is a schematic structural diagram of an issuer server provided in an embodiment of the present invention, and as shown in fig. 4, the issuer server provided in the embodiment of the present invention includes a total control unit 401, a registration unit 402, a recharge unit 403, a payment authorization unit 404, a payment clearing unit 405, a logout unit 406, and a storage unit 407, where:
the general control unit 401 is used for calling a registration unit 402, a recharge unit 403, a payment authorization unit 404, a payment clearing unit 405 and a logout unit 406 to complete a payment process.
The master control unit 401 receives the auxiliary card registration application information sent by the client terminal, calls the registration unit 402 to complete the auxiliary card registration, and establishes the mapping relationship between the main card and the auxiliary card. The customer can log in the online bank at the customer terminal to apply for opening the auxiliary card by self, the auxiliary card can be bound on the existing bank card of the customer without corresponding cards, books and other physical objects, the implementation mode can be used as an electronic wallet for registering the bank card, and fund safe transfer is realized by registering the bank card. When the auxiliary card is registered, a customer can set the capital maximum limit of the auxiliary card by himself, and the limit of a single transaction limit every day, a transaction accumulated number limit every day, a valid period, the number of use and the like is further improved. In order to improve the customer experience, the auxiliary card number can also provide a self-selection function, and the system adds a check digit in the card number to avoid the occurrence of card number input errors when the auxiliary card is used to cause serial numbers.
The storage unit 407 stores information related to registration of the sub card, transfer of money, payment, and the like. The main and auxiliary card relation table stores the established main and auxiliary card relation, the attribute for identifying the customer setting, etc. The primary and secondary card relationship table may include secondary card number, primary card number, capital maximum limit, daily individual maximum limit, daily transaction amount cumulative limit, expiration date, bank card status, registration date, logout date, and the like. The auxiliary card balance table is used for recording the fund balance of the auxiliary card, including auxiliary card registration, currency, card balance, frozen balance, last day balance, last transaction date and the like. The auxiliary card transaction detail list is used for recording detailed account transfer and payment details, and comprises information such as transaction date, transaction amount, transaction abstract and the like.
The main control unit 401 receives the auxiliary card recharging application sent by the client terminal, and calls the recharging unit 403 to complete the auxiliary card recharging. The initial balance of the newly applied auxiliary card is zero, the auxiliary card must be recharged through the transfer with the main card, and the maximum fund reserved in the auxiliary card cannot exceed the set maximum fund limit during the transfer. Another implementation of the secondary card is to pay directly with funds in the primary card, as a replacement card number for the primary card, without having to recharge through a transfer. The main card is a bank card registered by a customer in a bank.
The main control unit 401 receives a payment authorization application initiated by the merchant server, and invokes the payment authorization unit 404 to complete payment authorization of the secondary card. The customer selects goods in the online shopping mall, uses the auxiliary card to carry out online payment after the customer terminal confirms the order submission, and inputs the card number and the password of the auxiliary card. And the merchant server sends a payment authorization application to the acquirer server, wherein the payment authorization request comprises the auxiliary card number, the auxiliary card password and the payment information. If the acquirer of the merchant is different from the issuer of the auxiliary card, the acquirer server needs to forward the payment authorization application to the issuer server through a third-party server organized by the card such as the UnionPay and the like, the general control unit 401 verifies the password of the auxiliary card, acquires the payment authorization rule corresponding to the auxiliary card number according to the auxiliary card number, and then judges whether the payment authorization request meets the payment authorization rule corresponding to the auxiliary card number. If the payment authorization rules are satisfied, the central control unit 401 issues a payment authorization approval. The payment authorization approval is returned to the merchant server along the original path, and the merchant server confirms that the payment of the customer is successful after obtaining the payment authorization approval, and if the payment authorization request is refused, the payment authorization request may exceed the available amount of the secondary card or the secondary card is invalid.
The master control unit 401 receives the payment and clearing application from the third-party server, and calls the payment and clearing unit 405 to complete payment and clearing including the secondary card. The clearing process only relates to exchange of transaction information, card organizations such as the Unionpay and the like can complete clearing between an acquirer and an issuer through a cross-bank clearing system every day, and the acquirer can transfer the money which is supposed to be received by the merchant into the account of the merchant on the same day. The secondary card realized by the electronic wallet mode can directly utilize the secondary card account to carry out settlement, and all accounts completed by the secondary card are recorded on the corresponding main card.
The master control unit 401 receives the secondary card cancellation application information sent by the client terminal, and invokes the cancellation unit 406 to complete the secondary card cancellation. After the customer finishes the online shopping, the customer can self-help apply for the cancellation of the auxiliary card through an online bank at a customer terminal, and the balance of the auxiliary card is transferred into the bound main card after the cancellation.
Fig. 5 is a schematic flow chart of the secondary card registration provided in an embodiment of the present invention, and as shown in fig. 5, the flow of the secondary card registration provided in the embodiment of the present invention is as follows:
the method comprises the following steps of firstly, receiving the registration application information of the auxiliary card. The card issuer server receives the auxiliary card registration application information sent by the client through the client terminal, wherein the auxiliary card registration application information comprises a main card number and a main card password.
And secondly, inquiring the information of the main card. The card issuer server inquires corresponding main card information according to the main card number, wherein the main card information comprises a main card password.
And thirdly, judging whether the main card exists. If the card issuer server does not inquire the corresponding main card information according to the main card number, the main card does not exist, and the step four is entered; and if the corresponding main card information is inquired, entering the fifth step.
And fourthly, prompting to register the bank card. The card issuing bank server sends bank card registration prompt information to the client terminal to prompt the client to register the main card, and then applies for the auxiliary card after registering the bank card.
And fifthly, verifying the main card. The card issuer server verifies the main card password, generates the auxiliary card number and the auxiliary card password after the main card password passes the verification, establishes the mapping relation between the main card and the auxiliary card, binds the auxiliary card and records the payment authorization rule of the auxiliary card.
And sixthly, returning a registration result. And the card issuer server returns the auxiliary card registration success information to the client terminal, wherein the auxiliary card registration success information comprises the auxiliary card number and the auxiliary card password.
Fig. 6 is a schematic flow chart of an online payment method according to another embodiment of the present invention, and as shown in fig. 6, a specific payment flow of the online payment method according to the embodiment of the present invention is as follows:
in a first step, a payment authorization request is initiated. The customer submits an order in the online shopping mall, online payment is carried out by using the auxiliary card number and the auxiliary card password, and the merchant server initiates a payment authorization request which comprises the auxiliary card number, the auxiliary card password and payment information.
And secondly, forwarding the payment authorization request. And the acquirer server receives the payment authorization request and forwards the payment authorization request to the card issuer server through the third-party server.
And thirdly, verifying the auxiliary card. And the card issuer server verifies the auxiliary card password, and inquires the payment authorization rule corresponding to the auxiliary card number after the verification is passed.
And fourthly, judging whether the payment authorization rule is met. And the card issuer server judges whether the payment authorization request meets the payment authorization rule corresponding to the auxiliary card number based on the validity period and/or the payment information of the auxiliary card number, and if so, the fifth step is carried out. If the payment authorization rule is not satisfied, then the sixth step is entered.
And fifthly, carrying out payment processing. And the card issuer server updates the balance of the auxiliary card according to the transaction amount included in the payment process and records the payment transaction detail.
And sixthly, returning transaction failure information. The card issuer server returns transaction failure information to the merchant server to prompt the merchant of payment failure.
According to the online payment method provided by the embodiment of the invention, the online payment is completed by replacing the bank card main card with the auxiliary card applied by the client, so that the real information of the client is prevented from being leaked to lawbreakers and lawbreakers in the transaction process. The closed transfer between the main card of the bank card and the electronic purse of the registered auxiliary card ensures the fund security of the main card. The auxiliary card is opened when shopping on the internet, and the card is cancelled immediately after payment is finished, so that the function of the disposable bank card is realized. The payment authorization rules also enhance the security of online payments through the setting of various payment limiting conditions.
Fig. 7 is a schematic structural diagram of an online payment apparatus according to an embodiment of the present invention, and as shown in fig. 7, the online payment apparatus according to the embodiment of the present invention includes a receiving module 701, a verification module 702, and a payment processing module 703, where:
the receiving module 701 is configured to receive a payment authorization request initiated by a merchant server, where the payment authorization request includes an auxiliary card number, an auxiliary card password, and payment information; the verification module 702 is configured to obtain a payment authorization rule corresponding to the secondary card number after the secondary card password passes verification; wherein the payment authorization rules are preset; the payment processing module 703 is configured to, after the payment authorization request meets the payment authorization rule corresponding to the secondary card number, perform payment processing based on the payment information and return a payment result to the merchant server.
Specifically, when a customer purchases a commodity on the internet, a payment request may be sent to the merchant server through the shopping terminal, where the payment request may include information such as an auxiliary card number, an auxiliary card password, a payment amount, and a commodity name. The merchant server receives the payment request and then initiates a payment authorization request, wherein the payment authorization request comprises an auxiliary card number, an auxiliary card password and payment information. The receiving module 701 may receive the consumption transaction request. If the bank of the merchant accepts the payment authorization request, the receiving module 701 may directly receive the payment authorization request if the bank accepts the payment authorization request and the bank opens an account corresponding to the secondary card number. If the acquiring bank of the merchant and the account opening bank corresponding to the auxiliary card number are not the same bank, the payment authorization request is sent to the acquiring bank server by the merchant server, and then the acquiring bank server forwards the payment authorization request to the receiving module 701 through the third-party server. The payment information includes, but is not limited to, information such as a collection account number, a transaction amount, a merchant name, a commodity introduction, a merchant classified transaction order number, and the like, and is set according to actual needs, which is not limited in the embodiment of the present invention.
After receiving the payment authorization request, the verification module 702 queries the secondary card password corresponding to the secondary card number according to the secondary card number, then compares the queried secondary card password with the secondary card password included in the payment authorization request, and if the queried secondary card password is the same as the secondary card password included in the payment authorization request, the secondary card password included in the payment authorization request passes verification. Then, the verification module 702 queries the corresponding payment authorization rule according to the secondary card number. The payment authorization rule is preset and corresponds to the auxiliary card number.
After obtaining the payment authorization rule corresponding to the secondary card number, the payment processing module 703 may determine whether the payment authorization request satisfies the payment authorization rule corresponding to the secondary card number based on the validity period of the secondary card number and/or the payment information, and if it is determined that the payment authorization request satisfies the payment authorization rule corresponding to the secondary card number, the payment processing module 703 may perform payment processing based on the payment information and then return a payment result to the merchant server. Wherein, the validity period of the auxiliary card number is preset.
The online payment device provided by the embodiment of the invention can receive a payment authorization request initiated by a merchant server, wherein the payment authorization request comprises an auxiliary card number, an auxiliary card password and payment information, if the auxiliary card password passes verification, a payment authorization rule corresponding to the auxiliary card number is obtained, if the payment authorization request meets the payment authorization rule corresponding to the auxiliary card number, payment processing is carried out based on the payment information and a payment result is returned to the merchant server, and because online payment is carried out through the auxiliary card number, the leakage of real information of a customer in the online transaction process is reduced, and the payment safety is improved. In addition, the SET protocol is not needed, and a software and hardware environment meeting the requirements of the SET protocol is not needed to be configured, so that the transaction cost is reduced under the condition of ensuring the payment safety.
On the basis of the above embodiments, further, the payment authorization rule includes at least one of a validity period condition, a payment limit condition and a payment number condition.
Fig. 8 is a schematic structural diagram of an online payment apparatus according to another embodiment of the present invention, as shown in fig. 8, on the basis of the foregoing embodiments, further, the online payment apparatus according to the embodiment of the present invention further includes an application receiving module 704, an application verifying module 705, and a registration returning module 706, where:
the application receiving module 704 is used for receiving auxiliary card registration application information sent by a client terminal, wherein the auxiliary card registration application information comprises a main card number and a main card password; the application verification module 705 is configured to generate an auxiliary card number and an auxiliary card password when the main card password passes verification, and bind the auxiliary card number with the main card number; the registration returning module 706 is configured to return information of successful sub-card registration to the client terminal, where the information of successful sub-card registration includes the card number of the sub-card and the password of the sub-card.
Fig. 9 is a schematic structural diagram of an online payment apparatus according to still another embodiment of the present invention, and as shown in fig. 9, on the basis of the foregoing embodiments, the online payment apparatus according to the embodiment of the present invention further includes: logout reception module 707, logout verification module 708, and logout return module 709, wherein:
the cancellation receiving module 707 is configured to receive secondary card cancellation application information sent by a client terminal, where the secondary card cancellation application information includes a secondary card number and a secondary card password; the logout verification module 708 is used for logging out the auxiliary card number after the auxiliary card password passes verification; the logout returning module 709 is configured to return a secondary card logout success message to the client terminal.
On the basis of the foregoing embodiments, further, the payment processing module 703 includes:
and updating the balance of the auxiliary card number according to the transaction amount included in the payment information and recording the balance into a payment detail table.
Fig. 10 is a schematic structural diagram of an online payment apparatus according to another embodiment of the present invention, as shown in fig. 10, on the basis of the foregoing embodiments, further, the online payment apparatus according to the embodiment of the present invention further includes an expiration prompting module 710, where:
the expiration prompting module 710 is configured to send expiration prompting information to the client terminal after the validity period corresponding to the secondary card number expires.
On the basis of the foregoing embodiments, further, the payment processing module 703 is further configured to:
and after the payment authorization request does not meet the payment authorization rule corresponding to the auxiliary card number, returning payment failure prompt information to the merchant server.
The embodiment of the apparatus provided in the embodiment of the present invention may be specifically configured to execute the processing flows of the above method embodiments, and the functions of the apparatus are not described herein again, and refer to the detailed description of the above method embodiments.
It should be noted that the online payment method and apparatus provided in the embodiments of the present invention may be used in the financial field, and may also be used in any technical field other than the financial field.
Fig. 11 is a schematic physical structure diagram of an electronic device according to an embodiment of the present invention, and as shown in fig. 11, the electronic device may include: a processor (processor)1101, a communication Interface (Communications Interface)1102, a memory (memory)1103 and a communication bus 1104, wherein the processor 1101, the communication Interface 1102 and the memory 1103 are communicated with each other via the communication bus 1104. The processor 1101 may call logic instructions in the memory 1103 to perform the following method: receiving a payment authorization request initiated by a merchant server, wherein the payment authorization request comprises an auxiliary card number, an auxiliary card password and payment information; if the auxiliary card password passes verification, obtaining a payment authorization rule corresponding to the auxiliary card number; wherein the payment authorization rules are preset; and if the payment authorization request meets the payment authorization rule corresponding to the auxiliary card number, performing payment processing based on the payment information and returning a payment result to the merchant server.
In addition, the logic instructions in the memory 1103 can be implemented in the form of software functional units and stored in a computer readable storage medium when the logic instructions are sold or used as independent products. Based on such understanding, the technical solution of the present invention may be embodied in the form of a software product, which is stored in a storage medium and includes instructions for causing a computer device (which may be a personal computer, a server, or a network device) to execute all or part of the steps of the method according to the embodiments of the present invention. And the aforementioned storage medium includes: a U-disk, a removable hard disk, a Read-Only Memory (ROM), a Random Access Memory (RAM), a magnetic disk or an optical disk, and other various media capable of storing program codes.
The present embodiment discloses a computer program product comprising a computer program stored on a non-transitory computer readable storage medium, the computer program comprising program instructions which, when executed by a computer, enable the computer to perform the method provided by the above-mentioned method embodiments, for example, comprising: receiving a payment authorization request initiated by a merchant server, wherein the payment authorization request comprises an auxiliary card number, an auxiliary card password and payment information; if the auxiliary card password passes verification, obtaining a payment authorization rule corresponding to the auxiliary card number; wherein the payment authorization rules are preset; and if the payment authorization request meets the payment authorization rule corresponding to the auxiliary card number, performing payment processing based on the payment information and returning a payment result to the merchant server.
The present embodiment provides a computer-readable storage medium, which stores a computer program, where the computer program causes the computer to execute the method provided by the above method embodiments, for example, the method includes: receiving a payment authorization request initiated by a merchant server, wherein the payment authorization request comprises an auxiliary card number, an auxiliary card password and payment information; if the auxiliary card password passes verification, obtaining a payment authorization rule corresponding to the auxiliary card number; wherein the payment authorization rules are preset; and if the payment authorization request meets the payment authorization rule corresponding to the auxiliary card number, performing payment processing based on the payment information and returning a payment result to the merchant server.
As will be appreciated by one skilled in the art, embodiments of the present invention may be provided as a method, system, or computer program product. Accordingly, the present invention may take the form of an entirely hardware embodiment, an entirely software embodiment or an embodiment combining software and hardware aspects. Furthermore, the present invention may take the form of a computer program product embodied on one or more computer-usable storage media (including, but not limited to, disk storage, CD-ROM, optical storage, and the like) having computer-usable program code embodied therein.
The present invention is described with reference to flowchart illustrations and/or block diagrams of methods, apparatus (systems), and computer program products according to embodiments of the invention. It will be understood that each flow and/or block of the flow diagrams and/or block diagrams, and combinations of flows and/or blocks in the flow diagrams and/or block diagrams, can be implemented by computer program instructions. These computer program instructions may be provided to a processor of a general purpose computer, special purpose computer, embedded processor, or other programmable data processing apparatus to produce a machine, such that the instructions, which execute via the processor of the computer or other programmable data processing apparatus, create means for implementing the functions specified in the flowchart flow or flows and/or block diagram block or blocks.
These computer program instructions may also be stored in a computer-readable memory that can direct a computer or other programmable data processing apparatus to function in a particular manner, such that the instructions stored in the computer-readable memory produce an article of manufacture including instruction means which implement the function specified in the flowchart flow or flows and/or block diagram block or blocks.
These computer program instructions may also be loaded onto a computer or other programmable data processing apparatus to cause a series of operational steps to be performed on the computer or other programmable apparatus to produce a computer implemented process such that the instructions which execute on the computer or other programmable apparatus provide steps for implementing the functions specified in the flowchart flow or flows and/or block diagram block or blocks.
In the description herein, reference to the description of the terms "one embodiment," "a particular embodiment," "some embodiments," "for example," "an example," "a particular example," or "some examples," etc., means that a particular feature, structure, material, or characteristic described in connection with the embodiment or example is included in at least one embodiment or example of the invention. In this specification, the schematic representations of the terms used above do not necessarily refer to the same embodiment or example. Furthermore, the particular features, structures, materials, or characteristics described may be combined in any suitable manner in any one or more embodiments or examples.
The above-mentioned embodiments are intended to illustrate the objects, technical solutions and advantages of the present invention in further detail, and it should be understood that the above-mentioned embodiments are only exemplary embodiments of the present invention, and are not intended to limit the scope of the present invention, and any modifications, equivalent substitutions, improvements and the like made within the spirit and principle of the present invention should be included in the scope of the present invention.

Claims (10)

1. An online payment method, comprising:
receiving a payment authorization request initiated by a merchant server, wherein the payment authorization request comprises an auxiliary card number, an auxiliary card password and payment information;
if the auxiliary card password passes verification, obtaining a payment authorization rule corresponding to the auxiliary card number; wherein the payment authorization rules are preset;
and if the payment authorization request meets the payment authorization rule corresponding to the auxiliary card number, performing payment processing based on the payment information and returning a payment result to the merchant server.
2. The method of claim 1, wherein the payment authorization rules include at least one of an expiration date condition, a payment limit condition, and a number of payments condition.
3. The method of claim 1, further comprising:
receiving auxiliary card registration application information sent by a client terminal, wherein the auxiliary card registration application information comprises a main card number and a main card password;
if the main card password passes the verification, generating an auxiliary card number and an auxiliary card password, and binding the auxiliary card number with the main card number;
and returning auxiliary card registration success information to the client terminal, wherein the auxiliary card registration success information comprises the auxiliary card number and the auxiliary card password.
4. The method of claim 1, further comprising:
receiving sub-card logout application information sent by a client terminal, wherein the sub-card logout application information comprises a sub-card number and a sub-card password;
if the auxiliary card password passes the verification, the auxiliary card number is cancelled;
and returning the successful information of the secondary card logout to the client terminal.
5. The method of claim 1, wherein the processing payment based on the payment information comprises:
and updating the balance of the auxiliary card number according to the transaction amount included in the payment information and recording the balance into a payment detail table.
6. The method of claim 1, further comprising:
and if the validity period corresponding to the auxiliary card number expires, sending expiration prompt information to the client terminal.
7. The method of any of claims 1 to 6, further comprising:
and if the payment authorization request does not meet the payment authorization rule corresponding to the auxiliary card number, returning payment failure prompt information to the merchant server.
8. An online payment device, comprising:
the receiving module is used for receiving a payment authorization request initiated by the merchant server, wherein the payment authorization request comprises an auxiliary card number, an auxiliary card password and payment information;
the verification module is used for acquiring a payment authorization rule corresponding to the auxiliary card number after the auxiliary card password passes verification; wherein the payment authorization rules are preset;
and the payment processing module is used for performing payment processing based on the payment information and returning a payment result to the merchant server after the payment authorization request meets the payment authorization rule corresponding to the auxiliary card number.
9. An electronic device comprising a memory, a processor and a computer program stored on the memory and executable on the processor, characterized in that the steps of the method of any of claims 1 to 7 are implemented when the computer program is executed by the processor.
10. A computer-readable storage medium, on which a computer program is stored, which, when being executed by a processor, carries out the steps of the method of any one of claims 1 to 7.
CN202110330643.2A 2021-03-26 2021-03-26 Online payment method and device Pending CN112837054A (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
CN202110330643.2A CN112837054A (en) 2021-03-26 2021-03-26 Online payment method and device

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
CN202110330643.2A CN112837054A (en) 2021-03-26 2021-03-26 Online payment method and device

Publications (1)

Publication Number Publication Date
CN112837054A true CN112837054A (en) 2021-05-25

Family

ID=75930565

Family Applications (1)

Application Number Title Priority Date Filing Date
CN202110330643.2A Pending CN112837054A (en) 2021-03-26 2021-03-26 Online payment method and device

Country Status (1)

Country Link
CN (1) CN112837054A (en)

Citations (5)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN1619560A (en) * 2004-12-09 2005-05-25 中国工商银行 Card data business system used for payment on net and its method
CN101414370A (en) * 2008-12-15 2009-04-22 阿里巴巴集团控股有限公司 Payment method, system and payment platform capable of improving payment safety by virtual card
CN105427106A (en) * 2014-09-17 2016-03-23 苏州海博智能***有限公司 Electronic cash data authorization processing method, electronic cash data payment processing method and virtual card
CN105590214A (en) * 2014-12-31 2016-05-18 ***股份有限公司 Payment method and payment system based on virtual card
CN107748989A (en) * 2017-09-27 2018-03-02 阿里巴巴集团控股有限公司 A kind of virtual card opens chucking method, system and payment system, card sending system

Patent Citations (5)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN1619560A (en) * 2004-12-09 2005-05-25 中国工商银行 Card data business system used for payment on net and its method
CN101414370A (en) * 2008-12-15 2009-04-22 阿里巴巴集团控股有限公司 Payment method, system and payment platform capable of improving payment safety by virtual card
CN105427106A (en) * 2014-09-17 2016-03-23 苏州海博智能***有限公司 Electronic cash data authorization processing method, electronic cash data payment processing method and virtual card
CN105590214A (en) * 2014-12-31 2016-05-18 ***股份有限公司 Payment method and payment system based on virtual card
CN107748989A (en) * 2017-09-27 2018-03-02 阿里巴巴集团控股有限公司 A kind of virtual card opens chucking method, system and payment system, card sending system

Similar Documents

Publication Publication Date Title
US11720883B2 (en) Transaction data tokenization
JP6941929B2 (en) Safely refillable electronic wallet
AU2011223537B2 (en) Portable account number for consumer payment account
US8417637B2 (en) Approving the use of the source of funds
US20190139033A1 (en) Method for real-time conversion of cryptocurrency to cash and other forms of value at the point of use
EP2526514B1 (en) Method, device and system for securing payment data for transmission over open communication networks
JP6711623B2 (en) Method and system for enabling contactless ticketing/payment by mobile phone via a mobile phone application
US20150199679A1 (en) Multiple token provisioning
US20100293093A1 (en) Alterable Security Value
US20130024378A1 (en) Method and system for facilitating payment transactions using access devices
US20200065783A1 (en) Multiple card payment process
CA3049789C (en) Methods and systems for enhanced consumer payment
AU2014331673A1 (en) Network token system
CN101354770A (en) Electronic business system and method for binding membership name with bank card
WO2013012671A1 (en) Methods and systems for payments assurance
US20220138716A1 (en) System and method for processing a transaction using account information on file
WO2001029637A2 (en) System and method for secure electronic transactions
WO2014032206A1 (en) Quick payment system and corresponding method
WO2018097904A1 (en) A method and an apparatus for allocating a plurality of credit limits and use thereof
JP2008243199A (en) Internet business security method
CN112837054A (en) Online payment method and device
JP2002251579A (en) System and method for electronic settlement authentication server device
CN112136302B (en) Mobile network operator authentication protocol
US20240070629A1 (en) Converting limited use token to stored credential
KR20210150677A (en) Prepaid card system for cross-border payment by local card and management method thereof

Legal Events

Date Code Title Description
PB01 Publication
PB01 Publication
SE01 Entry into force of request for substantive examination
SE01 Entry into force of request for substantive examination