CN114244628B - Authorization method and system - Google Patents

Authorization method and system Download PDF

Info

Publication number
CN114244628B
CN114244628B CN202210001890.2A CN202210001890A CN114244628B CN 114244628 B CN114244628 B CN 114244628B CN 202210001890 A CN202210001890 A CN 202210001890A CN 114244628 B CN114244628 B CN 114244628B
Authority
CN
China
Prior art keywords
terminal
information
authorized
digital token
registration
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Active
Application number
CN202210001890.2A
Other languages
Chinese (zh)
Other versions
CN114244628A (en
Inventor
周景盛
周晟
王云松
杨武
季晟琦
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
Shanghai Hsic Application System Co ltd
Original Assignee
Shanghai Hsic Application System Co ltd
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Shanghai Hsic Application System Co ltd filed Critical Shanghai Hsic Application System Co ltd
Priority to CN202210001890.2A priority Critical patent/CN114244628B/en
Publication of CN114244628A publication Critical patent/CN114244628A/en
Application granted granted Critical
Publication of CN114244628B publication Critical patent/CN114244628B/en
Active legal-status Critical Current
Anticipated expiration legal-status Critical

Links

Classifications

    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/10Network architectures or network communication protocols for network security for controlling access to devices or network resources
    • GPHYSICS
    • G07CHECKING-DEVICES
    • G07GREGISTERING THE RECEIPT OF CASH, VALUABLES, OR TOKENS
    • G07G1/00Cash registers
    • G07G1/12Cash registers electronically operated
    • GPHYSICS
    • G07CHECKING-DEVICES
    • G07GREGISTERING THE RECEIPT OF CASH, VALUABLES, OR TOKENS
    • G07G1/00Cash registers
    • G07G1/12Cash registers electronically operated
    • G07G1/14Systems including one or more distant stations co-operating with a central processing unit
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/04Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks
    • H04L63/0428Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks wherein the data content is protected, e.g. by encrypting or encapsulating the payload
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/08Network architectures or network communication protocols for network security for authentication of entities
    • H04L63/0807Network architectures or network communication protocols for network security for authentication of entities using tickets, e.g. Kerberos

Landscapes

  • Engineering & Computer Science (AREA)
  • Computer Security & Cryptography (AREA)
  • Computer Networks & Wireless Communication (AREA)
  • Computer Hardware Design (AREA)
  • Computing Systems (AREA)
  • General Engineering & Computer Science (AREA)
  • Signal Processing (AREA)
  • Physics & Mathematics (AREA)
  • General Physics & Mathematics (AREA)
  • Mobile Radio Communication Systems (AREA)

Abstract

The invention provides an authorization method and a system, wherein the authorization method comprises the following steps: the mobile terminal submits registration information to the registration terminal to complete the registration process; submitting registration information to a registration terminal by a terminal to be authorized to finish a registration process; the mobile terminal sends login information to the authentication terminal to apply for a digital token; the authentication end returns the digital token A to the mobile terminal; the terminal to be authorized sends login information and order information to the authentication terminal, and applies for a digital token; the authentication end binds the digital token B with the order information and returns the digital token B to the terminal to be authorized; the terminal to be authorized scans the two-dimensional code displayed on the mobile terminal and applies for authentication; the authentication end returns the authorization result information. The scheme reduces the hardware cost of the terminal to be authorized. The terminal to be authorized and the mobile terminal can complete the authorization operation only by sweeping the two-dimension codes face to face, and the convenience of the authorization operation is improved. Meanwhile, the field control requirement of authorized personnel is reserved. The security of authorization is improved through triple verification.

Description

Authorization method and system
Technical Field
The present invention relates to the field of computer networks, and in particular, to an authorization method and system.
Background
In a store of a large business or chain of business, the authority management of the POS machine is a complicated work. When a new POS machine is deployed, network access setting is needed, and when a return goods condition is met, temporary authorization is needed for the POS machine. The existing operation mode is generally that a specific person arrives beside the POS machine, and the authorization operation is carried out on the POS machine through an authorization fingerprint module or a smart card module. However, the hardware cost of the current authorization system is high, and the operation is complex.
Disclosure of Invention
The invention provides an authorization method and an authorization system, which are used for solving the technical problems of higher hardware cost and complicated operation of the existing authorization system.
In order to solve the technical problems, the invention provides an authorization method, which comprises the following steps:
s1, a mobile terminal submits registration information to a registration terminal, and the registration terminal completes a registration process of the mobile terminal;
s2, submitting registration information to the registration terminal by the terminal to be authorized, and finishing the registration process of the terminal to be authorized by the registration terminal;
s3, the mobile terminal sends login information to an authentication end and applies for a digital token to the authentication end;
s4, the authentication end sends login information of the mobile terminal to the registration end, and the registration end is applied to audit the login information of the mobile terminal;
s5, the registration end carries out auditing on login information of the mobile terminal and returns an auditing result of the mobile terminal to the authentication end;
s6, if the auditing result of the mobile terminal is that the mobile terminal passes, the authentication end generates a digital token A and returns the digital token A to the mobile terminal; if the auditing result of the mobile terminal is not passed, terminating the authorization flow;
s7, the mobile terminal displays the digital token A in a two-dimensional code mode;
s8, the terminal to be authorized sends login information and order information to the authentication end, and applies for a digital token to the authentication end;
s9, the authentication end sends login information of the terminal to be authorized to the registration end, and the registration end is applied to audit the login information of the terminal to be authorized;
s10, the registration end checks login information of the terminal to be authorized, and returns an checking result of the terminal to be authorized to the authentication end;
s11, if the auditing result of the terminal to be authorized is that the terminal to be authorized passes, the authentication end generates a digital token B, binds the digital token B with the order information, and returns the digital token B to the terminal to be authorized; if the auditing result of the terminal to be authorized is not passed, terminating the current authorization flow;
s12, the terminal to be authorized scans the two-dimensional code displayed on the mobile terminal and extracts the digital token A;
s13, the terminal to be authorized sends the digital token A and the digital token B to the authentication terminal so as to apply authentication to the authentication terminal;
s14, the authentication end verifies the validity and timeliness of the digital token A and the digital token B, and verifies whether the authority range of the digital token A covers the digital token B and the order information; if the verification is passed, the authentication end returns authorization success information to the terminal to be authorized; and if the verification is not passed, the authentication end returns refusal authorization information to the terminal to be authorized.
Optionally, step S14 further includes the following steps: and repeating the steps S3-S14 to finish the authorization process corresponding to the other order information.
Optionally, the digital token a includes three pieces of information, and the first piece of information carries an encryption algorithm; the second piece of information carries the name of the registration end, the name of the authentication end, the name of the mobile terminal, the validity period starting time of the digital token A, the validity period ending time of the digital token A and the unique identity of the digital token A; and the third piece of information carries signature information, wherein the signature information uses the first piece of information coded by the BASE64 and the second piece of information coded by the BASE64 to form a character string, and then encryption is carried out by combining a salt adding key through an encryption algorithm in the first piece of information.
Optionally, the digital token B includes three pieces of information, and the first piece of information carries an encryption algorithm; the second piece of information carries the name of the registration end, the name of the authentication end, the name of the terminal to be authorized, the validity period starting time of the digital token B, the validity period ending time of the digital token B and the unique identity of the digital token B; and the third piece of information carries signature information, wherein the signature information uses the first piece of information coded by the BASE64 and the second piece of information coded by the BASE64 to form a character string, and then encryption is carried out by combining a salt adding key through an encryption algorithm in the first piece of information.
Optionally, the digital token a is refreshed according to a preset time.
Optionally, the registration end is disposed in the first server, and the authentication end is disposed in the second server.
Optionally, in step S1, the mobile terminal is connected to the registration end through an intranet; in step S2, the terminal to be authorized is connected with the registration end through an intranet; in steps S3 to S14, the mobile terminal is connected to the authentication end through a public network, the terminal to be authorized is connected to the authentication end through a public network or an intranet, and the authentication end is connected to the registration end through the intranet.
Optionally, one of the second servers is connected to the plurality of first servers, the plurality of mobile terminals and the plurality of terminals to be authorized respectively.
Optionally, the terminal to be authorized is a desktop POS machine, a tablet POS machine, a handheld POS machine, or an automatic cash register.
The invention also provides an authorization system which comprises a registration end, an authentication end, a mobile terminal and a terminal to be authorized, wherein the authorization system is used for executing the authorization method of any one of the above.
The authorization method and the authorization system provided by the invention have the following beneficial effects:
1. the hardware cost of the terminal to be authorized is reduced, for example, the hardware cost of the cashing terminal is reduced. The authorization method provided by the invention can replace a fingerprint module or a smart card module in the prior art to verify the identity information of the authorizer, and the cost of the two-dimensional code in the invention is far lower than that of the fingerprint module or the smart card module.
2. The terminal to be authorized and the mobile terminal can complete the authorization operation only by sweeping the two-dimension codes face to face, and the convenience of the authorization operation is improved. Meanwhile, the field control requirement of authorized personnel is reserved.
3. The security of authorization is improved through triple verification. The registration terminal verifies the registration information of the mobile terminal and the terminal to be authorized; the authentication end verifies the legitimacy, timeliness and correctness of the digital token; the authentication end verifies the consistency of the order information bound by the digital token.
Drawings
Fig. 1 is a flowchart of an authorization method according to an embodiment of the invention.
Fig. 2 is a network topology diagram of an authorization system at registration according to an embodiment of the present invention.
Fig. 3 is a network topology diagram of an authorization system during authentication according to an embodiment of the present invention.
Detailed Description
To make the objects, advantages and features of the present invention more apparent, a more particular description of the authorization method and system of the present invention is provided below in conjunction with the accompanying drawings. It should be noted that the drawings are in a very simplified form and are all to a non-precise scale, merely for convenience and clarity in aiding in the description of embodiments of the invention.
In the description of the present invention, the terms "first," "second," and the like, are added for convenience of description and reference, and are not to be construed as indicating or implying a relative importance or implicitly indicating the number of technical features indicated. Thus, a feature defining a qualifier such as "first," "second," etc. may explicitly or implicitly include one or more such feature.
As shown in fig. 1, 2 and 3, the present embodiment provides an authorization method, which includes the following steps:
s1, a mobile terminal submits registration information to a registration terminal, and the registration terminal completes a registration process of the mobile terminal; the registration information can comprise information such as a user name, a password, a number of the mobile terminal and the like;
s2, submitting registration information to the registration terminal by the terminal to be authorized, and finishing the registration process of the terminal to be authorized by the registration terminal; the terminal to be authorized can be a POS machine or other equipment needing authorization; the registration information can comprise information such as a user name, a password, a number of a terminal to be authorized and the like;
s3, the mobile terminal sends login information to an authentication end and applies for a digital token to the authentication end; the login information can comprise information such as a user name, a password and the like;
s4, the authentication end sends login information of the mobile terminal to the registration end, and the registration end is applied to audit the login information of the mobile terminal;
s5, the registration end carries out auditing on login information of the mobile terminal and returns an auditing result of the mobile terminal to the authentication end; the registration terminal can compare whether the login information of the mobile terminal is the same as the related information submitted during registration, if so, the verification is passed, and if not, the verification is not passed;
s6, if the auditing result of the mobile terminal is that the mobile terminal passes, the authentication end generates a digital token A and returns the digital token A to the mobile terminal; if the auditing result of the mobile terminal is not passed, terminating the authorization flow;
s7, the mobile terminal displays the digital token A in a two-dimensional code mode;
s8, the terminal to be authorized sends login information and order information to the authentication end, and applies for a digital token to the authentication end; the login information can comprise information such as a user name, a password and the like; the order information may include a list of contents to be authorized, for example, information including names, amounts, and prices of goods to be returned;
s9, the authentication end sends login information of the terminal to be authorized to the registration end, and the registration end is applied to audit the login information of the terminal to be authorized;
s10, the registration end checks login information of the terminal to be authorized, and returns an checking result of the terminal to be authorized to the authentication end;
s11, if the auditing result of the terminal to be authorized is that the terminal to be authorized passes, the authentication end generates a digital token B, binds the digital token B with the order information, and returns the digital token B to the terminal to be authorized; if the auditing result of the terminal to be authorized is not passed, terminating the current authorization flow;
s12, the terminal to be authorized scans the two-dimensional code displayed on the mobile terminal and extracts the digital token A;
s13, the terminal to be authorized sends the digital token A and the digital token B to the authentication terminal so as to apply authentication to the authentication terminal;
s14, the authentication end verifies the validity and timeliness of the digital token A and the digital token B, and verifies whether the authority range of the digital token A covers the digital token B and the order information; if the verification is passed, the authentication end returns authorization success information to the terminal to be authorized; and if the verification is not passed, the authentication end returns refusal authorization information to the terminal to be authorized.
Steps S1 to S14 may be sequentially performed in the order from step S1 to step S14, or may be sequentially performed not in the order of steps, for example, step S1 and step S2 of registration may be performed simultaneously, or step S2 may be performed before step S1.
The authorization method provided by the embodiment has the following beneficial effects:
1. the hardware cost of the terminal to be authorized is reduced, for example, the hardware cost of the cashing terminal is reduced. The authorization method provided by the embodiment can replace a fingerprint module or a smart card module in the prior art to verify the identity information of the authorizer, and the cost of the two-dimensional code in the embodiment is far lower than that of the fingerprint module or the smart card module.
2. The terminal to be authorized and the mobile terminal can complete the authorization operation only by sweeping the two-dimension codes face to face, and the convenience of the authorization operation is improved. Meanwhile, the field control requirement of authorized personnel is reserved.
3. The security of authorization is improved through triple verification. The registration terminal verifies the registration information of the mobile terminal and the terminal to be authorized; the authentication end verifies the legitimacy, timeliness and correctness of the digital token; the authentication end verifies the consistency of the order information bound by the digital token.
Optionally, as shown in fig. 1 and 3, step S14 further includes the following steps: and repeating the steps S3-S14 to finish the authorization process corresponding to the other order information. The registration steps S1 to S2 are usually performed only once; and repeating the steps S3-S14, and completing the authorization process for different order information.
Optionally, the digital token a includes three pieces of information, and the first piece of information carries an encryption algorithm; the second piece of information carries the name of the registration end, the name of the authentication end, the name of the mobile terminal, the validity period starting time of the digital token A, the validity period ending time of the digital token A and the unique identity of the digital token A; and the third piece of information carries signature information, wherein the signature information uses the first piece of information coded by the BASE64 and the second piece of information coded by the BASE64 to form a character string, and then encryption is carried out by combining a salt adding key through an encryption algorithm in the first piece of information. The unique identity is a one-time identity, thereby avoiding replay attacks. The key is stored in the authentication end. The digital token provided by the embodiment can prevent an attacker from forging or falsifying.
Optionally, the digital token B includes three pieces of information, and the first piece of information carries an encryption algorithm; the second piece of information carries the name of the registration end, the name of the authentication end, the name of the terminal to be authorized, the validity period starting time of the digital token B, the validity period ending time of the digital token B and the unique identity of the digital token B; and the third piece of information carries signature information, wherein the signature information uses the first piece of information coded by the BASE64 and the second piece of information coded by the BASE64 to form a character string, and then encryption is carried out by combining a salt adding key through an encryption algorithm in the first piece of information. The unique identity is a one-time identity, thereby avoiding replay attacks. The key is stored in the authentication end. The digital token provided by the embodiment can prevent an attacker from forging or falsifying.
Optionally, the digital token a is refreshed according to a preset time. The preset time can be one minute, and the digital token A is refreshed in real time, so that the same digital token A can be prevented from being reused for a plurality of times.
Optionally, the registration end is disposed in the first server, and the authentication end is disposed in the second server. The registration end and the authentication end are respectively arranged in one server, so that the operation efficiency of the first server and the second server can be improved. In other embodiments, the registry and the dispute may be located on the same server.
Optionally, as shown in fig. 2 and fig. 3, in step S1, the mobile terminal is connected to the registration end through an intranet; in step S2, the terminal to be authorized is connected with the registration end through an intranet; in steps S3 to S14, the mobile terminal is connected to the authentication end through a public network, the terminal to be authorized is connected to the authentication end through a public network or an intranet, and the authentication end is connected to the registration end through the intranet. The registration end is not exposed in the public network, so that the information in the registration end can be prevented from being attacked.
Optionally, one of the second servers is connected to the plurality of first servers, the plurality of mobile terminals and the plurality of terminals to be authorized respectively. The authentication terminal can authenticate a plurality of terminals to be authorized at the same time, and the authentication efficiency is improved.
Optionally, the terminal to be authorized is a desktop POS machine, a tablet POS machine, a handheld POS machine, or an automatic cash register. The authorization method provided by the implementation can be applied to various cashier devices such as a desktop POS machine, a tablet POS machine, a handheld POS machine or an automatic cash register, for example, the authorization of the return authority of the POS machine is realized.
When the authorization method is specifically used, the registration end can be a central control computer 1 of a merchant; the authentication end is a central control computer 2 of a merchant; the terminal to be authorized is a POS machine in a retail store, and a cashing APP is installed in the POS machine; the mobile terminal is a smart phone, a return authorization APP is installed in the smart phone, and the mobile terminal is controlled by an authorized person. After a cashier of the POS machine gives out a temporary authorized oral request, an authorized person starts a return authorization APP, clicks an authorization code presenting button in the return authorization APP, and displays a return authorization two-dimensional code, wherein the two-dimensional code is automatically and dynamically refreshed every minute. The cashier scans the code face to face, and meanwhile, the cashier APP verifies the validity of the authorization code and the authority range of the authorization code to the central control computer 2, and if the authorization code passes, the verification represents that the authorization is successful, so that the next return flow can be entered; if the verification fails, the authorization is refused. The identity authentication during authorization is completed by the central control computer 1 of the merchant, and the information encryption, decryption and authentication work are completed by the central control computer 2 of the merchant.
The passive authorization method based on the two-dimension code can utilize the face-to-face information exchange mode of the two-dimension code, is convenient to use, can improve the working efficiency, and can save more hardware cost. The invention provides a good solution for the vast merchants to manage the authority of the POS machine.
As shown in fig. 1, 2 and 3, based on the same technical concept as the above-mentioned one authorization method, the present embodiment further provides an authorization system, where the authorization system includes a registration end, an authentication end, a mobile terminal and a terminal to be authorized, and the authorization system is configured to perform the authorization method described in any one of the foregoing.
In summary, the authorization method and the authorization system provided by the invention have the following beneficial effects:
1. the hardware cost of the terminal to be authorized is reduced, for example, the hardware cost of the cashing terminal is reduced. The authorization method provided by the invention can replace a fingerprint module or a smart card module in the prior art to verify the identity information of the authorizer, and the cost of the two-dimensional code in the invention is far lower than that of the fingerprint module or the smart card module.
2. The terminal to be authorized and the mobile terminal can complete the authorization operation only by sweeping the two-dimension codes face to face, and the convenience of the authorization operation is improved. Meanwhile, the field control requirement of authorized personnel is reserved.
3. The security of authorization is improved through triple verification. The registration terminal verifies the registration information of the mobile terminal and the terminal to be authorized; the authentication end verifies the legitimacy, timeliness and correctness of the digital token; the authentication end verifies the consistency of the order information bound by the digital token.
The above description is only illustrative of the preferred embodiments of the present invention and is not intended to limit the scope of the present invention, and any alterations and modifications made by those skilled in the art based on the above disclosure shall fall within the scope of the present invention.

Claims (7)

1. An authorization method, characterized in that it comprises the steps of:
s1, a mobile terminal submits registration information to a registration terminal, and the registration terminal completes a registration process of the mobile terminal;
s2, submitting registration information to the registration terminal by the terminal to be authorized, and finishing the registration process of the terminal to be authorized by the registration terminal;
s3, the mobile terminal sends login information to an authentication end and applies for a digital token to the authentication end;
s4, the authentication end sends login information of the mobile terminal to the registration end, and the registration end is applied to audit the login information of the mobile terminal;
s5, the registration end carries out auditing on login information of the mobile terminal and returns an auditing result of the mobile terminal to the authentication end;
s6, if the auditing result of the mobile terminal is that the mobile terminal passes, the authentication end generates a digital token A and returns the digital token A to the mobile terminal; if the auditing result of the mobile terminal is not passed, terminating the authorization flow;
s7, the mobile terminal displays the digital token A in a two-dimensional code mode;
s8, the terminal to be authorized sends login information and order information to the authentication end, and applies for a digital token to the authentication end;
s9, the authentication end sends login information of the terminal to be authorized to the registration end, and the registration end is applied to audit the login information of the terminal to be authorized;
s10, the registration end checks login information of the terminal to be authorized, and returns an checking result of the terminal to be authorized to the authentication end;
s11, if the auditing result of the terminal to be authorized is that the terminal to be authorized passes, the authentication end generates a digital token B, binds the digital token B with the order information, and returns the digital token B to the terminal to be authorized; if the auditing result of the terminal to be authorized is not passed, terminating the current authorization flow;
s12, the terminal to be authorized scans the two-dimensional code displayed on the mobile terminal and extracts the digital token A;
s13, the terminal to be authorized sends the digital token A and the digital token B to the authentication terminal so as to apply authentication to the authentication terminal;
s14, the authentication end verifies the validity and timeliness of the digital token A and the digital token B, and verifies whether the authority range of the digital token A covers the digital token B and the order information; if the verification is passed, the authentication end returns authorization success information to the terminal to be authorized; if the verification is not passed, the authentication end returns refusal authorization information to the terminal to be authorized;
the digital token A comprises three pieces of information, and the first piece of information carries an encryption algorithm; the second piece of information carries the name of the registration end, the name of the authentication end, the name of the mobile terminal, the validity period starting time of the digital token A, the validity period ending time of the digital token A and the unique identity of the digital token A; the third piece of information carries signature information, the signature information uses the first piece of information coded by BASE64 and the second piece of information coded by BASE64 to form a character string by connection, and then encryption is carried out by combination encryption of a salt adding key through an encryption algorithm in the first piece of information;
the digital token B comprises three pieces of information, and the first piece of information carries an encryption algorithm; the second piece of information carries the name of the registration end, the name of the authentication end, the name of the terminal to be authorized, the validity period starting time of the digital token B, the validity period ending time of the digital token B and the unique identity of the digital token B; the third piece of information carries signature information, the signature information uses the first piece of information coded by BASE64 and the second piece of information coded by BASE64 to form a character string by connection, and then encryption is carried out by combination encryption of a salt adding key through an encryption algorithm in the first piece of information;
in step S1, the mobile terminal is connected with the registration terminal through an intranet; in step S2, the terminal to be authorized is connected with the registration end through an intranet; in the steps S3-S14, the mobile terminal is connected with the authentication end through a public network, the terminal to be authorized is connected with the authentication end through the public network or an intranet, and the authentication end is connected with the registration end through the intranet.
2. An authorization method according to claim 1, characterized in that after step S14 the following steps are also included: and repeating the steps S3-S14 to finish the authorization process corresponding to the other order information.
3. An authorization method according to claim 1, characterized in that the digital token a is refreshed at a preset time.
4. An authorization method according to claim 1, wherein the registration side is provided in a first server and the authentication side is provided in a second server.
5. An authorization method according to claim 4, wherein one of said second servers is connected to a plurality of said first servers, a plurality of said mobile terminals and a plurality of said terminals to be authorized, respectively.
6. An authorization method according to claim 1, characterized in that the terminal to be authorized is a desktop POS, a tablet POS, a handheld POS or an automatic cash register.
7. An authorization system, characterized in that the authorization system comprises a registration end, an authentication end, a mobile terminal and a terminal to be authorized, and the authorization system is used for executing the authorization method according to any one of claims 1-6.
CN202210001890.2A 2022-01-04 2022-01-04 Authorization method and system Active CN114244628B (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
CN202210001890.2A CN114244628B (en) 2022-01-04 2022-01-04 Authorization method and system

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
CN202210001890.2A CN114244628B (en) 2022-01-04 2022-01-04 Authorization method and system

Publications (2)

Publication Number Publication Date
CN114244628A CN114244628A (en) 2022-03-25
CN114244628B true CN114244628B (en) 2023-12-26

Family

ID=80745690

Family Applications (1)

Application Number Title Priority Date Filing Date
CN202210001890.2A Active CN114244628B (en) 2022-01-04 2022-01-04 Authorization method and system

Country Status (1)

Country Link
CN (1) CN114244628B (en)

Citations (3)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN104573547A (en) * 2014-10-21 2015-04-29 江苏通付盾信息科技有限公司 Information interaction safety protection system and operation realization method thereof
CN106910063A (en) * 2015-12-22 2017-06-30 卓望数码技术(深圳)有限公司 A kind of offline payment method and system
CN111371805A (en) * 2020-03-17 2020-07-03 北京工业大学 Token-based unified identity authentication interface and method

Patent Citations (3)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN104573547A (en) * 2014-10-21 2015-04-29 江苏通付盾信息科技有限公司 Information interaction safety protection system and operation realization method thereof
CN106910063A (en) * 2015-12-22 2017-06-30 卓望数码技术(深圳)有限公司 A kind of offline payment method and system
CN111371805A (en) * 2020-03-17 2020-07-03 北京工业大学 Token-based unified identity authentication interface and method

Also Published As

Publication number Publication date
CN114244628A (en) 2022-03-25

Similar Documents

Publication Publication Date Title
KR102044751B1 (en) Method for providing reward according to user authentication based on blockchain
EP1769419B1 (en) Transaction & payment system securing remote authentication/validation of transactions from a transaction provider
CN105243313B (en) For the method whenever confirmed to verifying token
US6908030B2 (en) One-time credit card number generator and single round-trip authentication
US8079082B2 (en) Verification of software application authenticity
US20110142234A1 (en) Multi-Factor Authentication Using a Mobile Phone
US20140108265A1 (en) System and method of authenticating a network gateway
CN109544302A (en) House renting management method, electronic device based on block chain
CA2382922A1 (en) Methods and apparatus for conducting electronic transactions
WO2001090987A1 (en) Transaction system and method
WO2009087544A2 (en) Multi-factor authentication and certification system for electronic transactions
WO2012014231A4 (en) System and method for generating a strong multi factor personalized server key from a simple user password
US20150339670A1 (en) System and method for authenticating a transaction over a data network
CN101794479A (en) Bank card making system and card exchanging system
CN101114367A (en) Data processing method and system relates to multi-system
US20210166217A1 (en) Method and device for implementing password-free emv contact transaction
KR20120070079A (en) User authenication system by using personal identification number, user terminal device, inquiry apparatus, authenication server, and user authenication method therefor
WO2005072492A2 (en) Nonredirected authentication
US20030038707A1 (en) Method for secured identification of user's id
CN114244627B (en) Authorization method and system
KR20200016157A (en) System and method for processing card payment based on block-chain
CN114244628B (en) Authorization method and system
CN110956461B (en) Method and system for hosting electronic signature and verification
JP2001331646A (en) System and method for financial transaction using fingerprint matching
KR20140028241A (en) Method and apparatus of payment certification

Legal Events

Date Code Title Description
PB01 Publication
PB01 Publication
SE01 Entry into force of request for substantive examination
SE01 Entry into force of request for substantive examination
GR01 Patent grant
GR01 Patent grant