CN113094688A - Outsourcing marketing terminal business processing system and method - Google Patents
Outsourcing marketing terminal business processing system and method Download PDFInfo
- Publication number
- CN113094688A CN113094688A CN202110388042.7A CN202110388042A CN113094688A CN 113094688 A CN113094688 A CN 113094688A CN 202110388042 A CN202110388042 A CN 202110388042A CN 113094688 A CN113094688 A CN 113094688A
- Authority
- CN
- China
- Prior art keywords
- terminal
- information
- marketing
- background server
- verification
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Pending
Links
- 238000012545 processing Methods 0.000 title claims abstract description 51
- 238000000034 method Methods 0.000 title claims abstract description 37
- 238000012946 outsourcing Methods 0.000 title claims description 46
- 238000012795 verification Methods 0.000 claims description 154
- 230000006870 function Effects 0.000 claims description 18
- 238000004590 computer program Methods 0.000 claims description 16
- 238000004422 calculation algorithm Methods 0.000 claims description 9
- 230000005540 biological transmission Effects 0.000 claims description 7
- 238000004364 calculation method Methods 0.000 claims description 5
- 238000004891 communication Methods 0.000 description 16
- 238000010586 diagram Methods 0.000 description 12
- 239000000872 buffer Substances 0.000 description 4
- 238000003672 processing method Methods 0.000 description 3
- 230000000694 effects Effects 0.000 description 2
- 238000004458 analytical method Methods 0.000 description 1
- 230000001413 cellular effect Effects 0.000 description 1
- 238000005516 engineering process Methods 0.000 description 1
- 239000011521 glass Substances 0.000 description 1
- 238000004519 manufacturing process Methods 0.000 description 1
- 238000010295 mobile communication Methods 0.000 description 1
- 230000003287 optical effect Effects 0.000 description 1
- 238000007639 printing Methods 0.000 description 1
- 239000007787 solid Substances 0.000 description 1
Images
Classifications
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/30—Authentication, i.e. establishing the identity or authorisation of security principals
- G06F21/31—User authentication
- G06F21/36—User authentication by graphic or iconic representation
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/30—Authentication, i.e. establishing the identity or authorisation of security principals
- G06F21/44—Program or device authentication
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/60—Protecting data
- G06F21/602—Providing cryptographic facilities or services
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06Q—INFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES, NOT OTHERWISE PROVIDED FOR
- G06Q40/00—Finance; Insurance; Tax strategies; Processing of corporate or income taxes
- G06Q40/02—Banking, e.g. interest calculation or account maintenance
Landscapes
- Engineering & Computer Science (AREA)
- Theoretical Computer Science (AREA)
- Computer Security & Cryptography (AREA)
- Physics & Mathematics (AREA)
- General Physics & Mathematics (AREA)
- Business, Economics & Management (AREA)
- Computer Hardware Design (AREA)
- Software Systems (AREA)
- General Engineering & Computer Science (AREA)
- Accounting & Taxation (AREA)
- Finance (AREA)
- Bioethics (AREA)
- General Health & Medical Sciences (AREA)
- Health & Medical Sciences (AREA)
- Development Economics (AREA)
- Economics (AREA)
- Marketing (AREA)
- Strategic Management (AREA)
- Technology Law (AREA)
- General Business, Economics & Management (AREA)
- Management, Administration, Business Operations System, And Electronic Commerce (AREA)
Abstract
The embodiment of the application provides a system and a method for processing a foreign marketing terminal service, which can also be used in the financial field, wherein the system comprises: the system comprises a control module, an information acquisition module and a safety element, wherein the control module, the information acquisition module and the safety element are arranged in a marketing terminal, and the control module is respectively and electrically connected with the information acquisition module and the safety element; the method and the system can effectively improve the information security of the outsourced user when the outsourced user uses the marketing terminal.
Description
Technical Field
The application relates to the field of information security and can also be used in the field of finance, in particular to a system and a method for processing a foreign marketing terminal service.
Background
With increasingly fierce competition and continuously improved service awareness of banking industries, banks are all conducting outsourcing and visiting services, such as field marketing and handling services of large enterprises, parks or communities, and bank workers can carry and utilize special outsourcing marketing terminals to market products or handle services to clients when conducting the field services. At present, the anti-counterfeiting measures of the bank in the aspect such as LOG printing on equipment are mostly taken, the imitation cost is low, and the anti-counterfeiting effect is low.
Disclosure of Invention
Aiming at the problems in the prior art, the application provides a system and a method for processing the service of a foreign marketing terminal, which can effectively improve the information security of a foreign user when the foreign user uses the marketing terminal.
In order to solve at least one of the above problems, the present application provides the following technical solutions:
in a first aspect, the present application provides a system for handling a service of a shipping marketing terminal, including: the system comprises a control module, an information acquisition module and a safety element, wherein the control module, the information acquisition module and the safety element are arranged in a marketing terminal, and the control module is respectively and electrically connected with the information acquisition module and the safety element;
the control module is also connected with a service background server, and after receiving a terminal enabling verification request sent by a user through the information acquisition module, the control module generates terminal verification information according to a root key in the secure element and sends the terminal verification information to the service background server, so that the service background server performs first terminal identity verification operation according to the terminal verification information and returns a working key after the first terminal identity verification operation is passed;
the control module is further used for receiving a working key sent by the service background server, generating encrypted verification information according to the working key and displaying the encrypted verification information through a two-dimensional code after receiving a terminal encrypted verification request sent by the user through the information acquisition module, so that a client terminal held by a client sends the encrypted verification information and a client self-defined identification code to the service background server by scanning the two-dimensional code, the service background server performs a second terminal identity verification operation according to the encrypted verification information, and returns the client self-defined identification code after the second terminal identity verification operation is passed;
the control module is also used for receiving the customer-defined identification code sent by the service background server and then displaying the customer-defined identification code.
Further, the control module is further configured to store the working key into the secure element after receiving the working key sent by the service background server.
And the control module and the service background server are in wireless communication through the information transmission module.
The marketing terminal comprises a control module, a business background server and a touch screen, wherein the control module is used for sending a business background identification code to a client, and the business background server is used for sending a business basic information to the client.
The marketing terminal is used for receiving a business transaction instruction sent by a user through the information acquisition module, detecting and acquiring electronic card information of the user, and sending the electronic card information to the control module, so that the control module sends the electronic card information to the business background server to perform corresponding business transaction operation.
Further, the card reading module comprises at least one of a second-generation identification card reading device for reading second-generation identification card information of the customer, a non-contact IC card reading device for reading bank IC card information of the customer, a magnetic strip reading device for reading magnetic strip information of the bank card of the customer and an NFC reading device for reading NFC portable equipment information of the customer.
In a second aspect, the present application provides a method for processing a service of a foreign marketing terminal, including:
receiving a terminal starting verification request sent by a user, generating terminal verification information according to a root key and sending the terminal verification information to a service background server so that the service background server performs first terminal identity verification operation according to the terminal verification information and returns a working key after the first terminal identity verification operation is passed;
receiving a terminal encryption verification request sent by the user, generating encryption verification information according to the working key, and displaying the encryption verification information by a two-dimensional code, so that a client terminal held by a client sends the encryption verification information and a client self-defined identification code to the service background server by scanning the two-dimensional code, and the service background server carries out second terminal identity verification operation according to the encryption verification information and returns the client self-defined identification code after the second terminal identity verification operation is passed;
and displaying the customer-defined identification code after receiving the customer-defined identification code sent by the service background server.
Further, the generating of the encrypted verification information according to the working key and the two-dimensional code display of the encrypted verification information include:
carrying out encryption calculation on the working key and the random character according to a preset encryption algorithm to obtain an encryption key;
and carrying out hash function encryption according to the encryption key, the random character, the equipment information code of the marketing terminal and the current timestamp to obtain encryption verification information and carrying out two-dimensional code display.
In a third aspect, the present application provides an electronic device, which includes a memory, a processor, and a computer program stored in the memory and executable on the processor, wherein the processor implements the steps of the method for processing the outgoing marketing terminal service when executing the program.
In a fourth aspect, the present application provides a computer readable storage medium having stored thereon a computer program which, when executed by a processor, implements the steps of the method for outsourced marketing terminal business processing.
According to the technical scheme, the method and the system for processing the outsourcing marketing terminal service are characterized in that the terminal validity is verified firstly when the marketing terminal is started through a safety element arranged in the marketing terminal, a working key is obtained from a service background server after the verification is passed, then when the marketing terminal actually executes service operation, encrypted verification information is generated through the working key, the encrypted verification information is obtained through a client terminal of a client and is sent to the service background server so that the client can conduct identity verification on the marketing terminal again, if the marketing terminal can automatically display a client self-defined identification code, the validity of the marketing terminal is proved, and therefore information safety when the marketing terminal is used can be guaranteed.
Drawings
In order to more clearly illustrate the embodiments of the present application or the technical solutions in the prior art, the drawings needed to be used in the description of the embodiments or the prior art will be briefly introduced below, and it is obvious that the drawings in the following description are some embodiments of the present application, and it is obvious for those skilled in the art to obtain other drawings based on these drawings without creative efforts.
Fig. 1 is a block diagram of a service processing system of a shipping marketing terminal in an embodiment of the present application;
FIG. 2 is a block diagram of a service processing system of a shipping marketing terminal in an embodiment of the present application;
fig. 3 is a flowchart illustrating a method for processing a service of a serving marketing terminal according to an embodiment of the present application;
fig. 4 is a second flowchart of a business processing method of a serving marketing terminal according to an embodiment of the present application;
fig. 5 is a schematic structural diagram of an electronic device in an embodiment of the present application.
Detailed Description
In order to make the objects, technical solutions and advantages of the embodiments of the present application clearer, the technical solutions in the embodiments of the present application will be clearly and completely described below with reference to the drawings in the embodiments of the present application, and it is obvious that the described embodiments are some embodiments of the present application, but not all embodiments. All other embodiments, which can be derived by a person skilled in the art from the embodiments given herein without making any creative effort, shall fall within the protection scope of the present application.
The method comprises the steps of firstly verifying the terminal validity when the marketing terminal is started through a safety element arranged in the marketing terminal, obtaining a working secret key from a business background server after the verification is passed, then generating encrypted verification information through the working secret key when the marketing terminal actually executes business operation, obtaining the encrypted verification information through a client terminal of a client and sending the encrypted verification information to the business background server so as to enable the client to carry out identity verification on the marketing terminal again, and if the marketing terminal can automatically display a client self-defined identification code, proving the validity of the marketing terminal, so that the information security when the marketing terminal is used can be ensured.
In order to effectively improve the information security when the outsourced user uses the marketing terminal, the application provides an embodiment of an outsourced marketing terminal service processing system for realizing all or part of the contents of the outsourced marketing terminal service processing method, and referring to fig. 1, the outsourced marketing terminal service processing system specifically comprises the following contents: the system comprises a control module, an information acquisition module and a safety element, wherein the control module, the information acquisition module and the safety element are arranged in a marketing terminal, and the control module is respectively electrically connected with the information acquisition module and the safety element.
The control module is further connected with a service background server, and after receiving a terminal enabling verification request sent by a user through the information acquisition module, the control module generates terminal verification information according to a root key in the secure element and sends the terminal verification information to the service background server, so that the service background server performs first terminal identity verification operation according to the terminal verification information and returns a working key after the first terminal identity verification operation is passed.
The control module is also used for receiving a working key sent by the service background server, generating encryption verification information according to the working key and displaying the encryption verification information by two-dimension codes after receiving a terminal encryption verification request sent by the user through the information acquisition module, so that a client terminal held by a client sends the encryption verification information and the client self-defined identification code to the service background server by scanning the two-dimension codes, the service background server performs second terminal authentication operation according to the encryption verification information, and returns the client self-defined identification code after the second terminal authentication operation is passed.
The control module is also used for receiving the customer-defined identification code sent by the service background server and then displaying the customer-defined identification code.
Alternatively, the secure element may be a secure chip (SE, usually provided in the form of a chip, and having an encryption/decryption logic circuit in the chip for protecting data security, so that once the encrypted data is written, it cannot be read, and only can be verified or erased for rewriting). Meanwhile, the safety element can be also provided with a dismantling self-destruction secret key device so as to ensure the absolute safety of the internal information.
Optionally, the root key may be written in when the application is installed for the first time, and is used for verifying the validity of the device each time the terminal is enabled (for example, when a outsider arrives at a designated service handling location and signs up); the working key can be signed in each time and subjected to relevant verification, then the working key is encrypted by the service background server through the root key and then transmitted to the outsourcing marketing terminal and written into the SE, the effective period can be set in a user-defined mode (for example, the effective period does not exceed 1 day), and the working key can be downloaded again after being signed in again after being signed out each time.
In one embodiment, the user (i.e. the outsourced staff) needs to apply for approval in advance before going out every time, and after approval, the user name and the job photo, the user number, the use time, the use range and other information are reserved in the service background server. The staff registers after arriving at the scene, can do two authentication during registering: and after the equipment is authenticated to be legal (whether the equipment passes the examination and approval) successfully, the marketing terminal can obtain the working key, and the working key is encrypted by the root key and then is issued to the outsourcing marketing terminal and written into the SE. After signing, a terminal interface is provided with a client verification button besides a normal transaction button, a client can generate a two-dimensional code on a screen after clicking, the two-dimensional code comprises encrypted verification information and equipment information which are encrypted by using a working key, the client can log in an APP (or a small program) of a corresponding bank (or a UnionPay) by using a special verification tool to scan the two-dimensional code through a mobile phone of the client, the client randomly inputs a four-digit random number such as 8936 on the mobile phone of the client after scanning, a server verifies that relevant information is correct, encrypts the random number 8936 by using the corresponding working key and sends the encrypted random number to a corresponding marketing terminal, the terminal displays the number which is input by the user on the screen after decrypting the random number 8936, and reserved information (or part) registered by the server such as the name and the working number, the number of the user, the use time, the use range and the like are displayed on the mobile phone of the client, the customer verification completes the device authentication.
As can be seen from the above description, the outsourcing marketing terminal service processing system provided in the embodiment of the present application can firstly verify the validity of the terminal when the marketing terminal is enabled through the security element arranged in the marketing terminal, and obtain the working key from the service backend server after the verification is passed, and then generate the encrypted verification information through the working key when the marketing terminal actually executes the service operation, and simultaneously obtain the encrypted verification information through the client terminal of the client and send the encrypted verification information to the service backend server so that the client performs authentication on the marketing terminal again, if the marketing terminal can automatically display the client-defined identification code, the validity of the marketing terminal is proved, thereby ensuring the information security when the marketing terminal is used.
In an embodiment of the outsourcing marketing terminal service processing system of the present application, the following contents are further specifically included: the control module is further configured to store the working key into the secure element after receiving the working key sent by the service background server.
In an embodiment of the outsourcing marketing terminal service processing system of the present application, the following contents are further specifically included: and the control module and the service background server are in wireless communication through the information transmission module.
In an embodiment of the outsourcing marketing terminal service processing system of the present application, the following contents are further specifically included: the touch screen is arranged on the marketing terminal and connected with the control module, and the touch screen is used for displaying the client custom identification code sent by the business background server and business basic information pre-bound with the marketing terminal.
In an embodiment of the outsourcing marketing terminal service processing system of the present application, the following contents are further specifically included: the card reading module is arranged on the marketing terminal and used for detecting and acquiring electronic card information of the customer after receiving a business handling instruction sent by the customer through the information acquisition module and sending the electronic card information to the control module so that the control module sends the electronic card information to the business background server to perform corresponding business handling operation.
In an embodiment of the outsourcing marketing terminal service processing system of the present application, the following contents are further specifically included: the card reading module comprises at least one of a second-generation identification card reading device for reading second-generation identification card information of a customer, a non-contact IC card reading device for reading bank IC card information of the customer, a magnetic strip reading device for reading bank card magnetic strip information of the customer and an NFC reading device for reading NFC portable equipment information of the customer.
To further explain the present solution, the present application further provides a specific application example of the service processing system of the outsourcing marketing terminal, which is shown in fig. 2 and specifically includes the following contents: marketing terminal, server, encryption machine, management terminal, network equipment and relevant management software.
Specifically, the marketing terminal has functions of a common marketing terminal, and is further provided with a built-in secure element (generally, SE, provided in a chip form, for preventing external analysis attack and protecting data security, the chip is provided with an encryption/decryption logic circuit, and once encrypted data is written, the encrypted data cannot be read, and only can be verified or erased for rewriting).
At least two keys are stored in the SE: root key and work key. The root key is written when the application is installed for the first time, and is updated regularly and used for verifying the validity of the equipment when signing in each time; the working key is encrypted by the server through the root key after the working key is signed into the server every time the server verifies the validity of the equipment, and then the encrypted working key is transmitted to the outsourcing marketing terminal to be written into the SE, the effective period does not exceed 1 day, and the working key is downloaded again after the equipment signs back every time. The key is once written, unreadable, and can only be verified or erased for rewriting, and the SE is equipped with a disassembler self-destruct key function, which is once disassembled, self-destruct key.
The outsourcing marketing terminal needs to be matched with a management system, and the management system comprises but is not limited to a server, an encryption machine, a management terminal, network equipment and related management software.
Specifically, the management software is installed on the server (server side) and the management terminal (client side) respectively. Before going out and marketing each time, the bank staff needs to make an application on the management terminal, and the application content includes but is not limited to a user, a use place, a service range to be used, a use equipment serial number, use time and the like. After the approval of the manager, the server stores the information of the outsourcing service, including but not limited to the user (including name, job number and photo), the use place, the use time and the like.
The bank staff sign in after arriving at the site, sign in on the outsourcing marketing terminal, the outsourcing marketing terminal initiates legal equipment verification to the server through the root key when signing in, meanwhile, the server verifies whether the application of the outsourcing service passes the examination and approval, the server verifies that the equipment validity is correct and issues the working key to the outsourcing marketing terminal after the application of the outsourcing service is legal, and the working key is encrypted and issued to the outsourcing marketing terminal through the root key and is written into SE.
At the moment, a client verification button is arranged on the interface of the outsourcing marketing terminal besides a button for normally handling the business, after the client clicks, the outsourcing marketing terminal generates a two-dimensional code on a screen, and the process of generating the two-dimensional code is as follows:
(1) the outsourcing marketing terminal generates a six-digit random number.
(2) The outsourced marketing terminal sends this six-digit random number to the built-in SE.
(3) The built-in SE calls a working key to operate the six-digit random number by using an agreed algorithm to generate an operation result, and the operation result, namely a segment of number, is sent to the outsourcing marketing terminal.
(4) The outsourcing marketing terminal encrypts the operation result, the random number, the equipment information code and the timestamp information group once by using any one tamper-proof encryption algorithm (such as a Hash algorithm), and a section of characters, which are called as verification information for short, are formed after encryption.
(5) And the outsourcing marketing terminal converts the verification information into a two-dimensional code and displays the two-dimensional code on a screen of the outsourcing terminal.
Then, when the customer performs anti-counterfeiting verification, the customer can log in a corresponding bank (or Unionpay) APP (or applet) through the own mobile phone, and use a special verification tool to scan the two-dimensional code, after the two-dimensional code is scanned, the mobile phone sends verification information contained in the two-dimensional code to the server, and at the moment, the customer is prompted to input a four-digit random number on the own mobile phone at will on a mobile phone verification page, such as the customer inputs '8936'; the server starts to verify the verification information, and the verification process is as follows:
1. firstly, the verification information is decrypted by using the same tamper-proof encryption algorithm (such as a Hash algorithm), the verification ensures that the data is not tampered, if the data is tampered, the information of 'verification failure and suspicious terminal' is directly sent to the client mobile phone, and if the data is not tampered, the step 2 is carried out.
2. Verifying whether the timestamp information is within the valid time, if the timestamp information is invalid, sending an information invalidation message to a client mobile phone to prompt the client to verify again; and if the result is valid, entering the step 3.
3. And sending the six-bit random number to an encryption machine, calling a corresponding working key by the encryption machine according to the agreed algorithm and the equipment code information to calculate the random number and outputting the result to a server.
4. The server compares the calculation result of the encryption machine with the calculation result of the sent outsourced marketing terminal, and if the comparison result is inconsistent, the server directly sends information of 'verification failure and suspicious terminal' to the client mobile phone; and if the comparison results are consistent, entering the step 5.
5. And sending the four-digit random number input by the client into an encryption machine, and calling a corresponding working key according to the equipment information code for encryption to form encrypted information.
6. The server sends the encrypted information to the corresponding outsourcing marketing terminal according to the equipment information code, and sends partial information reserved by the outsourcing application, such as the name and the work photo of a user, the number of the user, the service time, the service range (for protecting privacy and shielding partial fields according to the condition) and the like to the mobile phone of the client.
7. The outsourcing marketing terminal receives the encrypted information sent by the server and then sends the encrypted information to the SE for decryption, and the decryption result is displayed on a screen: you enter a random number of "8936" and please check.
8. The customer checks whether the random number on the screen of the outgoing marketing terminal is consistent with that input by the customer.
9. The customer checks whether the partial information, such as the user name and the work photo, the user number, the use time, the use range (shielding partial fields for protecting privacy and according to the condition), and the like, which is displayed on the mobile phone and is reserved by the outsourcing application at this time is consistent with the actual condition.
10. And finishing the verification.
As can be seen from the above, the present application can achieve at least the following technical effects:
(1) the SE is additionally arranged in the outsourcing marketing terminal, and the secret key is downloaded to be used for anti-counterfeiting verification, so that the safety and the reliability are realized.
(2) And a two-dimension code verification mode is adopted, and the secret key verification information in the SE is converted into the two-dimension code, so that the client authentication is facilitated.
(3) In the authentication process, the mobile phone of the client is used for verifying by using equipment of a third party (own mobile phone) and tools of the third party (special verification tools on a bank or a Unionpay APP), instead of acquiring a verification method from a field outsourcing marketing terminal, so that the situation that illegal personnel authenticate false equipment by using false tools is avoided.
(4) The marketing terminal, the server (containing the encryption machine) and the client mobile phone participate in the whole verification process in three ways, and random numbers are applied twice, wherein the random numbers are initiated by the client mobile phone once and displayed on the marketing terminal, so that the completeness and reliability of the whole verification process are ensured.
(5) And comparing the server reservation information with the actual situation, and sending the related information to the client mobile phone to enhance the reliability of verification.
In order to effectively improve the information security when the outsourced user uses the marketing terminal, the application provides an embodiment of a method for processing the service of the outsourced marketing terminal, an executing subject can be the marketing terminal, and referring to fig. 3, the method for processing the service of the outsourced marketing terminal specifically includes the following contents:
step S101: receiving a terminal starting verification request sent by a user, generating terminal verification information according to a root key, sending the terminal verification information to a service background server, enabling the service background server to perform first terminal identity verification operation according to the terminal verification information, and returning a working key after the first terminal identity verification operation is passed.
Step S102: and receiving a terminal encryption verification request sent by the user, generating encryption verification information according to the working key, displaying the two-dimensional code of the encryption verification information, so that a client terminal held by the client sends the encryption verification information and a client self-defined identification code to the service background server by scanning the two-dimensional code, and the service background server carries out second terminal authentication operation according to the encryption verification information and returns the client self-defined identification code after the second terminal authentication operation is passed.
Step S103: and displaying the customer-defined identification code after receiving the customer-defined identification code sent by the service background server.
As can be seen from the above description, the method for processing the service of the outsourcing marketing terminal provided in the embodiment of the present application can verify the validity of the terminal through the security element arranged in the marketing terminal when the marketing terminal is enabled, and obtain the working key from the service backend server after the verification is passed, and then generate the encrypted verification information through the working key when the marketing terminal actually executes the service operation, and simultaneously obtain the encrypted verification information through the client terminal of the client and send the encrypted verification information to the service backend server so that the client performs authentication on the marketing terminal again, and if the marketing terminal can automatically display the client-defined identification code, the validity of the marketing terminal is verified, so that the information security when the marketing terminal is used can be ensured.
In order to ensure the security during information transmission, in an embodiment of the method for processing a service of a foreign marketing terminal according to the present application, referring to fig. 4, the step S102 may further include the following steps:
step S201: and carrying out encryption calculation on the working key and the random character according to a preset encryption algorithm to obtain an encryption key.
Step S202: and carrying out hash function encryption according to the encryption key, the random character, the equipment information code of the marketing terminal and the current timestamp to obtain encryption verification information and carrying out two-dimensional code display.
In terms of hardware, in order to effectively improve information security when a foreign user uses a marketing terminal, the present application provides an embodiment of an electronic device for implementing all or part of contents in the method for processing a service of the foreign marketing terminal, where the electronic device specifically includes the following contents:
a processor (processor), a memory (memory), a communication Interface (Communications Interface), and a bus; the processor, the memory and the communication interface complete mutual communication through the bus; the communication interface is used for realizing information transmission between the outsourcing marketing terminal service processing system and relevant equipment such as a core service system, a user terminal, a relevant database and the like; the logic controller may be a desktop computer, a tablet computer, a mobile terminal, and the like, but the embodiment is not limited thereto. In this embodiment, the logic controller may be implemented with reference to the embodiment of the method for processing the outbound marketing terminal service and the embodiment of the system for processing the outbound marketing terminal service in the embodiments, and the contents thereof are incorporated herein, and repeated descriptions are omitted.
It is understood that the user terminal may include a smart phone, a tablet electronic device, a network set-top box, a portable computer, a desktop computer, a Personal Digital Assistant (PDA), an in-vehicle device, a smart wearable device, and the like. Wherein, intelligence wearing equipment can include intelligent glasses, intelligent wrist-watch, intelligent bracelet etc..
In practical applications, part of the method for processing the outsourcing marketing terminal service may be executed on the electronic device side as described above, or all operations may be completed in the client device. The selection may be specifically performed according to the processing capability of the client device, the limitation of the user usage scenario, and the like. This is not a limitation of the present application. The client device may further include a processor if all operations are performed in the client device.
The client device may have a communication module (i.e., a communication unit), and may be communicatively connected to a remote server to implement data transmission with the server. The server may include a server on the task scheduling center side, and in other implementation scenarios, the server may also include a server on an intermediate platform, for example, a server on a third-party server platform that is communicatively linked to the task scheduling center server. The server may include a single computer device, or may include a server cluster formed by a plurality of servers, or a server structure of a distributed apparatus.
Fig. 5 is a schematic block diagram of a system configuration of an electronic device 9600 according to an embodiment of the present application. As shown in fig. 5, the electronic device 9600 can include a central processor 9100 and a memory 9140; the memory 9140 is coupled to the central processor 9100. Notably, this FIG. 5 is exemplary; other types of structures may also be used in addition to or in place of the structure to implement telecommunications or other functions.
In one embodiment, the function of the method for processing the service of the outsourcing marketing terminal can be integrated into the central processor 9100. The central processor 9100 may be configured to control as follows:
step S101: receiving a terminal starting verification request sent by a user, generating terminal verification information according to a root key, sending the terminal verification information to a service background server, enabling the service background server to perform first terminal identity verification operation according to the terminal verification information, and returning a working key after the first terminal identity verification operation is passed.
Step S102: and receiving a terminal encryption verification request sent by the user, generating encryption verification information according to the working key, displaying the two-dimensional code of the encryption verification information, so that a client terminal held by the client sends the encryption verification information and a client self-defined identification code to the service background server by scanning the two-dimensional code, and the service background server carries out second terminal authentication operation according to the encryption verification information and returns the client self-defined identification code after the second terminal authentication operation is passed.
Step S103: and displaying the customer-defined identification code after receiving the customer-defined identification code sent by the service background server.
As can be seen from the above description, in the electronic device provided in the embodiment of the present application, when the marketing terminal is enabled, the terminal validity is verified first by the security element disposed in the marketing terminal, and after the verification is passed, the work key is acquired from the service backend server, then when the marketing terminal actually executes the service operation, the encrypted verification information is generated by the work key, and meanwhile, the encrypted verification information is acquired by the client terminal of the client and is sent to the service backend server, so that the client performs authentication on the marketing terminal again, if the marketing terminal can automatically display the client-defined identification code, the validity of the marketing terminal is proved, and thus, the information security when the marketing terminal is used can be ensured.
In another embodiment, the outsourcing marketing terminal service processing system may be configured separately from the central processor 9100, for example, the outsourcing marketing terminal service processing system may be configured as a chip connected to the central processor 9100, and the function of the outsourcing marketing terminal service processing method is realized by the control of the central processor.
As shown in fig. 5, the electronic device 9600 may further include: a communication module 9110, an input unit 9120, an audio processor 9130, a display 9160, and a power supply 9170. It is noted that the electronic device 9600 also does not necessarily include all of the components shown in fig. 5; further, the electronic device 9600 may further include components not shown in fig. 5, which may be referred to in the art.
As shown in fig. 5, a central processor 9100, sometimes referred to as a controller or operational control, can include a microprocessor or other processor device and/or logic device, which central processor 9100 receives input and controls the operation of the various components of the electronic device 9600.
The memory 9140 can be, for example, one or more of a buffer, a flash memory, a hard drive, a removable media, a volatile memory, a non-volatile memory, or other suitable device. The information relating to the failure may be stored, and a program for executing the information may be stored. And the central processing unit 9100 can execute the program stored in the memory 9140 to realize information storage or processing, or the like.
The input unit 9120 provides input to the central processor 9100. The input unit 9120 is, for example, a key or a touch input device. Power supply 9170 is used to provide power to electronic device 9600. The display 9160 is used for displaying display objects such as images and characters. The display may be, for example, an LCD display, but is not limited thereto.
The memory 9140 can be a solid state memory, e.g., Read Only Memory (ROM), Random Access Memory (RAM), a SIM card, or the like. There may also be a memory that holds information even when power is off, can be selectively erased, and is provided with more data, an example of which is sometimes called an EPROM or the like. The memory 9140 could also be some other type of device. Memory 9140 includes a buffer memory 9141 (sometimes referred to as a buffer). The memory 9140 may include an application/function storage portion 9142, the application/function storage portion 9142 being used for storing application programs and function programs or for executing a flow of operations of the electronic device 9600 by the central processor 9100.
The memory 9140 can also include a data store 9143, the data store 9143 being used to store data, such as contacts, digital data, pictures, sounds, and/or any other data used by an electronic device. The driver storage portion 9144 of the memory 9140 may include various drivers for the electronic device for communication functions and/or for performing other functions of the electronic device (e.g., messaging applications, contact book applications, etc.).
The communication module 9110 is a transmitter/receiver 9110 that transmits and receives signals via an antenna 9111. The communication module (transmitter/receiver) 9110 is coupled to the central processor 9100 to provide input signals and receive output signals, which may be the same as in the case of a conventional mobile communication terminal.
Based on different communication technologies, a plurality of communication modules 9110, such as a cellular network module, a bluetooth module, and/or a wireless local area network module, may be provided in the same electronic device. The communication module (transmitter/receiver) 9110 is also coupled to a speaker 9131 and a microphone 9132 via an audio processor 9130 to provide audio output via the speaker 9131 and receive audio input from the microphone 9132, thereby implementing ordinary telecommunications functions. The audio processor 9130 may include any suitable buffers, decoders, amplifiers and so forth. In addition, the audio processor 9130 is also coupled to the central processor 9100, thereby enabling recording locally through the microphone 9132 and enabling locally stored sounds to be played through the speaker 9131.
An embodiment of the present application further provides a computer-readable storage medium capable of implementing all steps in the method for processing a service of a outsourced marketing terminal, where the execution subject of the method is a server or a client in the above embodiment, where the computer-readable storage medium stores a computer program, and when the computer program is executed by a processor, the computer program implements all steps of the method for processing a service of a outsourced marketing terminal, where the execution subject of the computer program is the server or the client, for example, the processor implements the following steps when executing the computer program:
step S101: receiving a terminal starting verification request sent by a user, generating terminal verification information according to a root key, sending the terminal verification information to a service background server, enabling the service background server to perform first terminal identity verification operation according to the terminal verification information, and returning a working key after the first terminal identity verification operation is passed.
Step S102: and receiving a terminal encryption verification request sent by the user, generating encryption verification information according to the working key, displaying the two-dimensional code of the encryption verification information, so that a client terminal held by the client sends the encryption verification information and a client self-defined identification code to the service background server by scanning the two-dimensional code, and the service background server carries out second terminal authentication operation according to the encryption verification information and returns the client self-defined identification code after the second terminal authentication operation is passed.
Step S103: and displaying the customer-defined identification code after receiving the customer-defined identification code sent by the service background server.
As can be seen from the above description, in the computer-readable storage medium provided in the embodiment of the present application, when a marketing terminal is enabled, a security element disposed in the marketing terminal is used to verify the validity of the terminal, and after the verification is passed, a working key is obtained from a service backend server, and then when the marketing terminal actually executes a service operation, encrypted verification information is generated by using the working key, and meanwhile, the encrypted verification information is obtained by using a client terminal of a client and is sent to the service backend server, so that the client performs authentication on the marketing terminal again, and if the marketing terminal can automatically display a client-defined identification code, the validity of the marketing terminal is verified, so that information security when the marketing terminal is used can be ensured.
As will be appreciated by one skilled in the art, embodiments of the present invention may be provided as a method, apparatus, or computer program product. Accordingly, the present invention may take the form of an entirely hardware embodiment, an entirely software embodiment or an embodiment combining software and hardware aspects. Furthermore, the present invention may take the form of a computer program product embodied on one or more computer-usable storage media (including, but not limited to, disk storage, CD-ROM, optical storage, and the like) having computer-usable program code embodied therein.
The present invention is described with reference to flowchart illustrations and/or block diagrams of methods, apparatus (devices), and computer program products according to embodiments of the invention. It will be understood that each flow and/or block of the flow diagrams and/or block diagrams, and combinations of flows and/or blocks in the flow diagrams and/or block diagrams, can be implemented by computer program instructions. These computer program instructions may be provided to a processor of a general purpose computer, special purpose computer, embedded processor, or other programmable data processing apparatus to produce a machine, such that the instructions, which execute via the processor of the computer or other programmable data processing apparatus, create means for implementing the functions specified in the flowchart flow or flows and/or block diagram block or blocks.
These computer program instructions may also be stored in a computer-readable memory that can direct a computer or other programmable data processing apparatus to function in a particular manner, such that the instructions stored in the computer-readable memory produce an article of manufacture including instruction means which implement the function specified in the flowchart flow or flows and/or block diagram block or blocks.
These computer program instructions may also be loaded onto a computer or other programmable data processing apparatus to cause a series of operational steps to be performed on the computer or other programmable apparatus to produce a computer implemented process such that the instructions which execute on the computer or other programmable apparatus provide steps for implementing the functions specified in the flowchart flow or flows and/or block diagram block or blocks.
The principle and the implementation mode of the invention are explained by applying specific embodiments in the invention, and the description of the embodiments is only used for helping to understand the method and the core idea of the invention; meanwhile, for a person skilled in the art, according to the idea of the present invention, there may be variations in the specific embodiments and the application scope, and in summary, the content of the present specification should not be construed as a limitation to the present invention.
Claims (10)
1. A system for processing a service of a shipping marketing terminal, comprising: the system comprises a control module, an information acquisition module and a safety element, wherein the control module, the information acquisition module and the safety element are arranged in a marketing terminal, and the control module is respectively and electrically connected with the information acquisition module and the safety element;
the control module is also connected with a service background server, and after receiving a terminal enabling verification request sent by a user through the information acquisition module, the control module generates terminal verification information according to a root key in the secure element and sends the terminal verification information to the service background server, so that the service background server performs first terminal identity verification operation according to the terminal verification information and returns a working key after the first terminal identity verification operation is passed;
the control module is further used for receiving a working key sent by the service background server, generating encrypted verification information according to the working key and displaying the encrypted verification information through a two-dimensional code after receiving a terminal encrypted verification request sent by the user through the information acquisition module, so that a client terminal held by a client sends the encrypted verification information and a client self-defined identification code to the service background server by scanning the two-dimensional code, the service background server performs a second terminal identity verification operation according to the encrypted verification information, and returns the client self-defined identification code after the second terminal identity verification operation is passed;
the control module is also used for receiving the customer-defined identification code sent by the service background server and then displaying the customer-defined identification code.
2. The outsourcing marketing terminal business processing system of claim 1, wherein the control module is further configured to store the working key into the secure element upon receiving the working key sent by the business backend server.
3. The serve marketing terminal business processing system of claim 1, further comprising an information transmission module disposed in the marketing terminal, the control module and the business background server wirelessly communicating through the information transmission module.
4. The serve marketing terminal business processing system of claim 1, further comprising a touch screen disposed on the marketing terminal, the touch screen being connected to the control module, the touch screen being configured to display a customer-defined identification code sent by the business background server and basic business information pre-bound to the marketing terminal.
5. The outsourcing marketing terminal business processing system of claim 1, further comprising a card reading module, wherein the card reading module is arranged on the marketing terminal, and the card reading module is configured to detect and collect electronic card information of a customer after receiving a business transaction instruction sent by the user through the information collection module, and send the electronic card information to the control module, so that the control module sends the electronic card information to the business background server for corresponding business transaction operations.
6. The outsourcing marketing terminal business processing system of claim 5, wherein the card reading module comprises at least one of a second-generation ID card reading device for reading second-generation ID card information of the customer, a non-contact IC card reading device for reading bank IC card information of the customer, a magnetic stripe reading device for reading magnetic stripe information of the bank card of the customer, and an NFC reading device for reading NFC portable device information of the customer.
7. A method for processing a service of a foreign marketing terminal is characterized by comprising the following steps:
receiving a terminal starting verification request sent by a user, generating terminal verification information according to a root key and sending the terminal verification information to a service background server so that the service background server performs first terminal identity verification operation according to the terminal verification information and returns a working key after the first terminal identity verification operation is passed;
receiving a terminal encryption verification request sent by the user, generating encryption verification information according to the working key, and displaying the encryption verification information by a two-dimensional code, so that a client terminal held by a client sends the encryption verification information and a client self-defined identification code to the service background server by scanning the two-dimensional code, and the service background server carries out second terminal identity verification operation according to the encryption verification information and returns the client self-defined identification code after the second terminal identity verification operation is passed;
and displaying the customer-defined identification code after receiving the customer-defined identification code sent by the service background server.
8. The method for processing the outgoing marketing terminal service of claim 7, wherein the generating of the encrypted verification information according to the working key and the displaying of the encrypted verification information by the two-dimensional code comprises:
carrying out encryption calculation on the working key and the random character according to a preset encryption algorithm to obtain an encryption key;
and carrying out hash function encryption according to the encryption key, the random character, the equipment information code of the marketing terminal and the current timestamp to obtain encryption verification information and carrying out two-dimensional code display.
9. An electronic device comprising a memory, a processor and a computer program stored on the memory and executable on the processor, wherein the processor when executing the program implements the steps of the method of outsourced marketing terminal services processing of any of claims 7 to 8.
10. A computer-readable storage medium, on which a computer program is stored, which, when being executed by a processor, carries out the steps of the method for handling outsourced marketing terminal services of any one of claims 7 to 8.
Priority Applications (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN202110388042.7A CN113094688A (en) | 2021-04-12 | 2021-04-12 | Outsourcing marketing terminal business processing system and method |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN202110388042.7A CN113094688A (en) | 2021-04-12 | 2021-04-12 | Outsourcing marketing terminal business processing system and method |
Publications (1)
| Publication Number | Publication Date |
|---|---|
| CN113094688A true CN113094688A (en) | 2021-07-09 |
Family
ID=76676332
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN202110388042.7A Pending CN113094688A (en) | 2021-04-12 | 2021-04-12 | Outsourcing marketing terminal business processing system and method |
Country Status (1)
| Country | Link |
|---|---|
| CN (1) | CN113094688A (en) |
Cited By (1)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN113554827A (en) * | 2021-07-22 | 2021-10-26 | 中国工商银行股份有限公司 | Customer information service method and device based on near field communication |
Citations (2)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN106027501A (en) * | 2016-05-06 | 2016-10-12 | 北京芯盾时代科技有限公司 | System and method for performing transaction security authentication in mobile device |
| CN108537314A (en) * | 2018-03-27 | 2018-09-14 | 中国工商银行股份有限公司 | Product marketing system and method based on Quick Response Code |
-
2021
- 2021-04-12 CN CN202110388042.7A patent/CN113094688A/en active Pending
Patent Citations (2)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN106027501A (en) * | 2016-05-06 | 2016-10-12 | 北京芯盾时代科技有限公司 | System and method for performing transaction security authentication in mobile device |
| CN108537314A (en) * | 2018-03-27 | 2018-09-14 | 中国工商银行股份有限公司 | Product marketing system and method based on Quick Response Code |
Cited By (1)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN113554827A (en) * | 2021-07-22 | 2021-10-26 | 中国工商银行股份有限公司 | Customer information service method and device based on near field communication |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| CN106688004B (en) | Transaction authentication method and device, mobile terminal, POS terminal and server | |
| US9886688B2 (en) | System and method for secure transaction process via mobile device | |
| JP2018532301A (en) | User authentication method and apparatus | |
| US10395232B2 (en) | Methods for enabling mobile payments | |
| CN105515783A (en) | Identity authentication method, server and authentication terminal | |
| KR101025807B1 (en) | Authentication method and authentication server | |
| CN102111271B (en) | Network security certification method and device thereof | |
| CN103400265A (en) | Quick payment method and system based on position information | |
| CN113065622A (en) | Business handling method, terminal and server | |
| CN110659899B (en) | Offline payment method, device and equipment | |
| CN103944735A (en) | Data security interactive method | |
| CN105635164B (en) | The method and apparatus of safety certification | |
| TWM589842U (en) | Mobile trading desk with real-name phone | |
| Abughazalah et al. | Secure mobile payment on NFC-enabled mobile phones formally analysed using CasperFDR | |
| CN111709747B (en) | Intelligent terminal authentication method and system | |
| TW202022663A (en) | Identity authentication system and method thereof | |
| JP2020046925A (en) | Authentication system | |
| CN113094688A (en) | Outsourcing marketing terminal business processing system and method | |
| TW201349127A (en) | Dynamic barcode verification system and its verification method | |
| CN112801660A (en) | Secret-free signing method and device for payment protocol | |
| CN103701603A (en) | Method, terminal, equipment and system of utilizing internet banking to draw lottery | |
| US11961064B2 (en) | Information display method and apparatus, storage medium, and electronic device | |
| CN110401526A (en) | Customer information safety interacting method, terminal and server based on small routine | |
| KR101187414B1 (en) | System and method for authenticating card issued on portable terminal | |
| JP5363134B2 (en) | Portable wireless communication terminal, authentication system, portable wireless communication terminal authentication method, portable wireless communication terminal authentication program |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| PB01 | Publication | ||
| PB01 | Publication | ||
| SE01 | Entry into force of request for substantive examination | ||
| SE01 | Entry into force of request for substantive examination |