CN1858798A - System and method for realizing digital bank card service by mobile terminal - Google Patents
System and method for realizing digital bank card service by mobile terminal Download PDFInfo
- Publication number
- CN1858798A CN1858798A CNA2006100582031A CN200610058203A CN1858798A CN 1858798 A CN1858798 A CN 1858798A CN A2006100582031 A CNA2006100582031 A CN A2006100582031A CN 200610058203 A CN200610058203 A CN 200610058203A CN 1858798 A CN1858798 A CN 1858798A
- Authority
- CN
- China
- Prior art keywords
- transaction
- information
- user
- account
- bank
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Pending
Links
Images
Landscapes
- Financial Or Insurance-Related Operations Such As Payment And Settlement (AREA)
Abstract
This invention discloses a system for realizing digital bank card service by mobile terminals including mobile terminals, trade terminals, radio service platforms, a bank certification center and a radio certification center, this invention also discloses a method applying for digital bank card service and interacting with trade terminals by the radio terminals to realize basic bank trade functions, it's not necessary for users to carry their bank cards to trade with the bank.
Description
Technical field
The present invention relates to the digital financial business field, particularly a kind of system and method for realizing digital bank card service by portable terminal.
Background technology
Bank and other financial mechanism is that the client provides service with the bank card of magnetic card form usually, thereby the client holds the transaction terminal of bank card and bank carries out finishing alternately financial transaction, for example (Pointof Sale POS) goes up consumption or by Automatic Teller Machine (ATM) access cash or account transfer at the terminal sale machine.The client often needs to hold the bank card of how tame financial institution, and it is all very inconvenient to carry like this and preserve, and need pay the service fee of bank card to bank.Bank also will be to providing the certain cost of bank card burden.
On the other hand, perfect day by day combination along with computer technology and mobile technology, the notion of novel mobile computing has had influence on social every field and stratum, Mobile business has become one of if you stretch out your hand you feel the heat business in field, current broad sense Internet, mobile phone role in people's life is enriched constantly, become an important terminal of Mobile business, replacing bank card to carry out financial transaction with mobile phone becomes the important embodiment that financial circles combine with mobile communication business.
Occurred now variously partly substituting the business that the function of bank card is carried out financial transaction with mobile phone.For example: domestic how tame bank has opened " mobile banking " business in succession.Main service comprises that carrying out in account inquiries, multi-functional account transfer, automatic fee, the pass-book account between the detailed inquiry of home currency and foreign currency remaining sum Recent Activity, many accounts transfer of financial resources, demand deposit by mobile phone changes regularly, inquires about and pay multiple running cost such as mobile phone etc.Mobile banking service is by multiple implementation, for example: based on the mobile banking service of note, client and bank are by the SMS interactive information; Based on the mobile banking service of intelligent subscriber identification card (STK), application front end program and client's essential information of bank is solidificated in the STK card, the client uses this card to finish banking; Based on the mobile banking service of wireless application protocol (wap) mode, financial transaction is carried out in the website of adopting the WAP mode to login bank.
Above-described mobile phone replace the common shortcoming that exists of the various mobile banking services of bank card be mobile phone can not be directly and transaction terminal carry out alternately, and adopt the mutual Transaction Information of other modes and bank, therefore must under the condition that keeps cordless communication network to be communicated with, conclude the business, can't finish in that the condition that does not have signal is next; Related business can not solve the problem of cash-access money.
Summary of the invention
In view of this, the objective of the invention is to, a kind of system that realizes digital bank card service by portable terminal is proposed, this system is the carrier of digital bank card with the portable terminal, direct and transaction terminal carries out mutual and realizes various basic bank transaction functions, comprises access, bank transfer, defrayment, the account inquiries of cash.
System of the present invention specifically comprises:
The transaction business platform is used to check the legitimacy from the Transaction Information of transaction terminal, and the control transaction terminal is carried out the associative operation of transaction;
Authentication center of bank is used to set up and store user's bank transaction account information and sends user's bank transaction accounts information, the transaction of recording user according to the request of transaction business platform to the transaction business platform;
Portable terminal is used to produce with transaction terminal and carries out mutual buying signals;
Transaction terminal is used to receive the buying signals from portable terminal, and the signal that is received is submitted to the transaction business platform, and carries out the associative operation of transaction.
Preferably, this system can further include:
The wireless traffic platform is used to receive the application of opening digital bank card service from mobile terminal user, and the application that is received is sent to the wireless authentication center; Return the information of opening an account to portable terminal; Comprised that to the submission of transaction business platform the user of the user profile of being returned by the wireless authentication center opens the application of digital bank card service;
The wireless authentication center is used to store user's essential information, and according to the application that the user from wireless user's platform opens digital bank card service, collects this user's essential information, and the user profile of collecting is returned to the wireless traffic platform;
The function of described transaction business platform further comprises: return the information of opening an account to mobile service platform; The user profile of opening according to the user from the wireless traffic platform in the application of digital bank card service judges whether to open an account to this user, if do not open an account, returns the information of opening an account that comprises the failure prompting to the wireless traffic platform; If open an account, user profile is issued authentication center of bank; Set up the digital bank card accounts information according to the customer transaction accounts information for the user, and the parameter information that will open digital bank card sends to the wireless traffic platform;
The function of described portable terminal further comprises: submit the application of opening digital bank card service to the wireless traffic platform.
Preferably, described portable terminal is the portable terminal that Transaction Information is converted to voice signal and sends this voice signal by loudspeaker;
Described transaction terminal further comprises: be used to receive the voice signal from portable terminal, and the voice signal of being received be converted to the sound receiver of digital signal.
Preferably, described portable terminal is served as reasons and is loaded in the portable terminal that this mobile terminal user end service software module is finished described every function.
Another object of the present invention is to, propose a kind of application said system, by the method for portable terminal realization digital bank card service, this method comprises the steps:
A, portable terminal start the customer transaction function, and output comprises the Transaction Information of the account number of concluding the business;
B, transaction terminal are received Transaction Information, and Transaction Information is sent to the transaction business platform;
C, transaction business platform obtain user's bank transaction account number according to the Transaction Information of receiving from authentication center of bank, and compare with transaction account number in the Transaction Information, if unanimity then bank account execution in step D effectively also; If invalid, then return the invalid message of account to transaction terminal;
D, transaction business platform control transaction terminal and portable terminal carry out the associative operation of bank transaction.
Preferably, described Transaction Information further comprises the digital bank card sign; Described being retrieved as of step C step C: the transaction business platform obtains user's bank transaction account number according to the sign of the digital bank card in the Transaction Information of receiving from authentication center of bank.
Preferably, the described output Transaction Information of steps A is: portable terminal is converted to voice signal with Transaction Information and exports by loudspeaker; Correspondingly, the described transaction terminal of step B receives that Transaction Information is: transaction terminal receives voice signal by sound pick-up outfit, and the voice signal that is received is converted to digital signal.
Preferably, the described portable terminal output of steps A Transaction Information is: portable terminal sends the Transaction Information that comprises this ciphertext after the information of need to be keep secret in the described Transaction Information is encrypted the formation ciphertext earlier again;
Further comprise after the described transaction business platform of step B is received Transaction Information: the transaction business platform is decrypted the ciphertext in the Transaction Information of being received.
Above-described encryption and decryption method can be selected following any scheme:
Scheme one: the information of described need to be keep secret is user's transaction account information; Described encryption method is for to encrypt with dynamic key;
Described portable terminal sends Transaction Information: portable terminal sends the transaction account information that comprises the user and encrypts the ciphertext that the back forms and the Transaction Information of the digital bank card sign of form expressly.
Preferably, the method for described encryption and decryption is to use the dynamic key relevant with transaction count to carry out encryption and decryption, and described step C is:
The transaction business platform judges whether transaction account information that obtains after the decrypt ciphertext in the Transaction Information of being received and the transaction account information that finds in authentication center of bank mate, if coupling then upgrade dynamic key and preserve the authentication record comprised this transaction ciphertext, and continue execution in step D by authentication;
If do not match, then ciphertext in the Transaction Information that portable terminal is sent and the ciphertext in the historical authentication record compare, if find identical ciphertext, then start warning system; If it is inequality, before reaching maximum update times, upgrade dynamic key and decipher this ciphertext with the dynamic key after upgrading, and obtain transaction account information after will deciphering and compare from the transaction account information of authentication center of bank, if the match is successful, then upgrade dynamic key and preserve the authentication record that has comprised this transaction ciphertext, and continue execution in step D by authentication; Do not have also that the match is successful if surpassed maximum update times, then return the invalid message of account to transaction terminal.
Scheme two: the information of described need to be keep secret is user's transaction account information and digital bank card sign; Described encryption method is transaction account information to be encrypted the back with dynamic key form ciphertext 1, and ciphertext 1 and digital bank card are identified again with forming ciphertext 2 after the publicly-owned secret key encryption of transaction business platform; Described decryption method is for obtaining ciphertext 1 and digital bank card sign with private cipher key decrypting ciphertext 2 earlier, and 1 deciphering obtains transaction account information to ciphertext with dynamic key again.
Described dynamic key is the dynamic key relevant with transaction count, and described step C is:
The transaction business platform judges whether transaction account information that obtains after 2 deciphering of institute's ciphertext of receiving and the transaction account information that finds in authentication center of bank mate, if coupling then upgrade dynamic key and preserve the authentication record comprised this transaction ciphertext, and continue execution in step D by authentication;
If do not match, the ciphertext 1 that obtains after ciphertext 2 deciphering of then portable terminal being sent compares with the ciphertext 1 in the historical authentication record, if comparative result is identical, then starts warning system; If it is inequality, before reaching maximum update times, upgrade dynamic key and decipher this ciphertext 1 with the dynamic key after upgrading, and obtain transaction account information after will deciphering and compare from the transaction account information of authentication center of bank, if the match is successful, then upgrade dynamic key and preserve the authentication record that has comprised this transaction ciphertext, and continue execution in step D by authentication; Do not have also that the match is successful if surpassed maximum update times, then return the invalid message of account to transaction terminal.
The inventive method has comprised that also the user opens the method for digital bank card service by the portable terminal application, then further comprises before steps A:
AA1, user use portable terminal to submit the application of opening digital bank card service to the wireless traffic platform;
AA2, wireless traffic platform are sent to the transaction business platform with this application;
AA3, transaction business platform are finished the operation of opening digital bank card service and are returned digital bank card by the wireless traffic platform to portable terminal and open configuration information.
The mobile terminal user that digital bank card service is opened in described submission does not have the bank transaction account, comprise user basic information in the described application, then the described wireless traffic platform of steps A A2 is received after this application, and this application is sent to before the transaction business platform, further comprises:
The wireless traffic platform obtains this user basic information and customer attribute information to the wireless authentication center, and judge whether the user basic information that user basic information that the user submits to and wireless authentication center are returned is consistent, not opening an account the failure prompting and releasing this flow process if meet then return to portable terminal; If meet then, comprise user basic information and the customer attribute information that is obtained in this request to the request of transaction business platform submit applications digital bank card;
The described transaction business platform of steps A A3 is finished the operation of opening digital bank card service and is further comprised:
The transaction business platform judges whether to open digital bank card service to this user according to user basic information and the customer attribute information received, if, authentication center of bank is submitted in the digital bank card application that then will comprise user basic information, this user's bank transaction account information is created and stored in authentication center of bank according to the user basic information of receiving, and returning user's bank transaction accounts information to the transaction business platform, the transaction business platform is created corresponding digital bank card according to user's bank transaction account information and is opened configuration information; If not, then return the prompting of the failure of opening an account and withdraw from this flow process to portable terminal.
The mobile terminal user that digital bank card service is opened in described submission has bank account, comprises user's transaction account information in the described application,
The described transaction business platform of steps A A3 is finished the operation of opening bank card business and is further comprised:
The transaction business platform is sent to authentication center of bank with the customer transaction account information of receiving, authentication center of bank authenticates the transaction account information of being received, if authentification failure then returns the application failed message and releases this flow process to portable terminal by transaction business platform and wireless traffic platform; If authentication success, then the transaction business platform is created corresponding digital bank card according to user's bank transaction account information and is opened configuration information.
More than application is opened in the method for digital bank card service, and described digital bank card is opened configuration information and further comprised transaction account information, digital bank card sign and dynamic key.
As can be seen from the above technical solutions, by replacing traditional bank magnetic stripe card with portable terminal, the user need not to carry bank card, and banking industry has been saved the hair fastener cost, has made things convenient for user and bank; In when transaction, portable terminal adopts voice signal and transaction terminal to carry out information interaction, so the present invention do not have specific (special) requirements to portable terminal, and existing common mobile phone all can be used, and only need be transformed transaction terminal, so improvement cost is very little; The important information of process of exchange all transmits by cipher mode, and has replaced the single identification method of traditional bank magnetic card with authentication repeatedly, and transaction security also is improved; In process of exchange, need not the communication network signal, so the scope of application is also more extensive than the implementation of other digital bank.
Description of drawings
Fig. 1 forms synoptic diagram for digital bank card service system of the present invention;
Fig. 2 is the workflow diagram that does not have the user applies digital bank card service of account No.;
Fig. 3 is the workflow diagram that the user applies digital bank card service of account No. is arranged;
The workflow diagram of portable terminal when Fig. 4 concludes the business for using digital bank card;
The workflow diagram of transaction terminal when Fig. 5 concludes the business for using digital bank card;
The workflow diagram of authentication center when Fig. 6 concludes the business for using digital bank card.
Embodiment
For making the purpose, technical solutions and advantages of the present invention clearer, the present invention is further elaborated below in conjunction with accompanying drawing.
Digital bank card service system of the present invention is formed synoptic diagram as shown in Figure 1, comprises as the lower part: portable terminal, wireless traffic platform, wireless authentication center, authentication center of bank, transaction terminal and transaction business platform that digital bank card user service module is housed.
Portable terminal comprises that mobile phone, individual palm PC (PDA) etc. have the individual terminal devices of loudspeaker, can store and move digital bank card user service module.
Digital bank card user service module is to download or the digital bank card service software of the special use that operator provides in advance from the wireless traffic platform.The digital bank card service software can be by the wireless device applications of exploitations such as KJAVA/BREW, comprises following function at least:
Digital bank card account application function: be used to apply for bank account, and open the digital bank card service;
Digital bank card service release function:, open the digital bank card service for the bank account that has had;
The digital bank card service is provided with function: be provided with, revise service password, the function of service related parameters is set;
Customer transaction function: produce buying signals, transaction data is converted to voice signal, and the control portable terminal is communicated by letter with transaction terminal with voice mode by loudspeaker by numeral/audio conversion device;
Function is nullified in the digital bank card service: close the digital bank card service.
The wireless traffic platform is used to provide the digital bank card user download of service module, and provide the digital bank card service for the user, the request of handle mobile terminal digital bank card user service module is carried out with the wireless authentication center in the wireless network and the transaction business platform of bank alternately.
The wireless authentication central store has terminal user's essential information and secure authenticated information, and wherein secure authenticated information can comprise the digital certificate of portable terminal/STK card, is used for terminal is carried out authentication and transmission information encryption.
Authentication center of bank is the account management center of bank, the request that is used to set up and store user's bank transaction account information and handles the transaction business platform, request comprises: set up bank transaction account, search and the bank transaction accounts information of invoke user, the transaction situation write down etc.
The devices such as POS machine, ATM of transaction terminal for having voice collection device (as microphone).This device is recorded the sound signal that above-mentioned portable terminal sends by hardware device, by audio frequency/digital switching device voice signal is converted to customer identification information, and identifying information is submitted to the transaction business platform.
The transaction business platform checks to the legitimacy of information after obtaining input information from transaction terminal that promptly inspection user sign, user's bank transaction account etc. after inspection is passed through, are controlled the associative operation that transaction terminal is carried out transaction.
The workflow of this system mainly comprises two Main Stage: user's service request/the stage of recognition and use digital bank card transactional stage.
User's service request/the stage of recognition is divided into two kinds of situations again: the user does not have account No. and user that account No. has been arranged.
If wireless terminal is not also installed digital bank card user service module, then send the request of downloading this module to the wireless traffic platform, the wireless traffic platform sends to wireless terminal with digital bank card user service module after receiving this request.
When the user does not have Bank Account Number, need open a Bank Account Number, the user basic information of the required submission of user is from the user basic information of being stored in the database among the mobile network, to guarantee the authenticity of information that the user is submitted in the process of opening an account.
Figure 2 shows that the workflow of the user applies/affirmation digital bank card that does not have account No., comprise the steps:
Step 201: user's operation service module is submitted the digital bank card service application function of opening an account to, at first the account number for application is provided with local password and the required user basic information of application account that service starts, portable terminal sends the digital bank card application of opening an account to the wireless traffic platform after setting completed, and this has comprised user basic information in opening an account and applying for; Described user basic information comprises the information of name, ID (identity number) card No..
Step 202~203: the user profile that the wireless traffic platform is registered in wireless network to this user of wireless authentication center requests, this user's essential information and customer attribute information collected at the wireless authentication center in the telecommunication user database, customer attribute information comprises user's credit rating etc., and user basic information and the customer attribute information of collecting returned to the wireless traffic platform.
Step 204: the wireless traffic platform judges whether the user basic information of user's submission and the user basic information that the wireless authentication center is returned are consistent, if do not meet, then execution in step 205; If meet, then execution in step 206.
Step 205: the wireless traffic platform returns the information and the failure cause of opening an account and failing to portable terminal, withdraws from this flow process.
Step 206: the wireless traffic platform is submitted user's the application of opening an account to the transaction business platform, comprises user basic information that the user submits to and the customer attribute information of inquiring about from the wireless authentication center in the application of opening an account.
Step 207: the transaction business platform judges whether to open an account to this user according to the user basic information and the customer attribute information that comprise in the application of opening an account, if the user does not meet the condition of opening an account, then execution in step 208~209; If the user meets the condition of opening an account, then execution in step 210~215.
Step 208~209: will open an account failure information and failure cause of transaction business platform returns the wireless traffic platform, and the wireless traffic platform returns the information and the failure cause of the failure of opening an account to portable terminal, withdraws from this flow process.
Step 210: the transaction business platform will apply for that the required user profile of account number sends to authentication center of bank.
Step 211: this user's bank transaction accounts information is created and stored in authentication center of bank according to the user profile of receiving, comprising user ID, bank transaction account number, bank account initial password etc., the information needed of opening digital bank card is sent to the transaction business platform, comprise the transaction number of the account in the information needed at least.
Step 212: the transaction business platform is created corresponding digital bank card sign, the initial dynamic key C of initialization according to the transaction number of the account of receiving
0, and be stored in the database of this locality or authentication center.
Step 213~214: the transaction business platform comprises transaction number of the account, digital bank card sign, initial dynamic key C with the information of opening an account
0Send to the wireless traffic platform with the digital certificate of transaction business platform, the wireless traffic platform sends to portable terminal with the information of being received.
Step 215: open an account success and of portable terminal prompting, corresponding digital bank card sign and initial dynamic key C with the information of being received that opens a bank account (wherein comprising the bank card business dealing account number at least)
0Be stored in the smart card, flow process finishes.Described portable terminal reception and canned data can further include the digital certificate of transaction business platform.
Figure 3 shows that the user applies of bank account opens the workflow diagram of digital bank card service, comprise the steps:
Step 301: the user selects service module to submit to digital bank card to open existing account service function, at first for applying for that the account number of opening the digital bank card service is provided with the local password that service starts, submit the security information (as account number cipher) of user's bank transaction account to, portable terminal sends the application that digital bank card is opened existing account to the wireless traffic platform, has comprised the transaction account information that the user submits in this application.
Step 302: the wireless traffic platform is submitted the application of this user's turn up service to the transaction business platform, has comprised the customer transaction accounts information of being received in this application.
Step 303~304: the transaction business platform sends to authentication center of bank with the customer transaction account information, and authentication center of bank authenticates account information, if authentification failure, then execution in step 305~307; If authentication is passed through, then execution in step 308~312.
Step 305~307: the transaction business platform returns turn up service failure information and failure cause to the wireless traffic platform, and the wireless traffic platform returns information and the failure cause that turn up service is failed to portable terminal, withdraws from this flow process.
Step 308: the relevant information that authentication center of bank will open digital bank card sends to the transaction business platform, comprises the transaction number of the account in the relevant information at least.
Step 309: the transaction business platform is created corresponding digital bank card sign, the initial dynamic key C of initialization according to the transaction account information of receiving
0, and be stored in the database of this locality or authentication center.
Step 310~311: the transaction business platform comprises transaction number of the account, digital bank card sign, initial dynamic key C with the information of opening an account
0Send to the wireless traffic platform with the digital certificate of transaction business platform, the wireless traffic platform sends to portable terminal with the information of being received.
Step 312: open an account success and of portable terminal prompting, corresponding digital bank card sign and initial dynamic key C with the information of being received of opening an account (wherein comprising the bank card business dealing account number at least)
0Be stored in the smart card, flow process finishes.Described portable terminal reception and canned data can further include the digital certificate of transaction business platform.
After digital bank card service was opened, the user can carry out bank transaction with the portable terminal of opening digital bank card service.To from portable terminal, transaction terminal and three aspects of transaction business platform the concrete workflow of concluding the business be described respectively below.
Figure 4 shows that the workflow diagram of portable terminal when using digital bank card to conclude the business, comprise the steps:
Step 401~402: the user imports the local service password of prior setting, after checking is passed through, starts the customer transaction function in the digital bank card user service module.
Step 403: digital bank card user service module is at first according to the dynamic key C that stores
iThe needs information encrypted is encrypted output ciphertext T1 with cryptographic algorithm A1.Here needing information encrypted is user's account information.Wherein cryptographic algorithm A1 can be arbitrarily based on the cryptographic algorithm of symmetric key, and the present invention does not limit cryptographic algorithm; Transaction account information is meant needs to send to the information content that the transaction business platform is finished transaction in the transaction, comprise the transaction account number at least.Ciphertext T1 and digital bank card identification information are expressly sent as Transaction Information.
In order to prevent that signal is duplicated by the third party in transaction, and utilize the signal that duplicates to carry out illegal transaction, introduce an irreversible key function F
S, by initial dynamic key C
0Can produce a series of irreversible dynamic key sequence (C with the private cipher key KS of account
1, C
2, C
3...).C
I+1=F
s(C
i, U
Const), U wherein
ConstFor user-dependent information, as user ID.Use dynamic key C
iData to each transaction are encrypted, and upgrade C in each transaction back
i, guaranteed that the plaintext of each transmission is identical, but generated the ciphertext relevant with transaction count i.T1=A1 (C during encryption
i, U), wherein U is for needing the transaction account information of encryption.
Step 404~405: the Transaction Information that portable terminal will send is converted to digital signal through data/sound transfer algorithm the voice signal of certain frequency, loudspeaker plays by portable terminal is come out, sound pick-up outfit interface by transaction terminal receives, and the workflow of portable terminal finishes.What the data of present embodiment/sound transfer algorithm adopted is frequency shift keying (FSK) algorithm.
Figure 5 shows that the workflow diagram of transaction terminal when using digital bank card to conclude the business, comprise the steps:
Step 501~502: transaction terminal starts process of exchange, by the sound of sound pick-up outfit interface reception from customer mobile terminal.
Step 503: the sound of receiving is converted into Transaction Information with sound/digital conversion algorithm.
Step 504: transaction terminal sends to the transaction business center with Transaction Information and carries out the authentication judgement, and the result after the judgement returns transaction terminal.
Step 505: if the result of determination of returning is invalid for the account, then execution in step 506; If result of determination is that the account is effective, then be equivalent to the user and in terminal, inserted effective bank card, then execution in step 507~510.
Step 506: transaction terminal prompting account is invalid, withdraws from this flow process.
Step 507~510: the user imports the bank card operator password and carries out the authentication second time on transaction terminal, if password input is correct, then concludes the business, and transaction content comprises account query, cash-access, transfer accounts etc., withdraws from this transaction flow after finishing transaction; If the password input is incorrect, then transaction terminal prompting input is wrong, and withdraws from this transaction flow.
In the above-mentioned flow process, step 504 transaction business platform authentication process comprises the steps: specifically as shown in Figure 6
Step 504a: the transaction business platform receives the Transaction Information from transaction terminal, comprises transaction account information T1 and unencrypted digital bank card identification information after the encryption.
Step 504b~504c: the transaction business platform according to the digital bank card identification information in the transaction data to authentication center of bank or in local data base, search the master data information of this transaction account and corresponding dynamic key C
i, wherein the transaction account essential information comprises the transaction account number at least.If, then do not skip to step 504k return authentication failed message, and finish this identifying procedure with the user data of digital bank card identification information coupling; If search, execution in step 504d then.
Step 504d: use dynamic key C
iWith ciphertext T1 deciphering, the transaction account information after obtaining deciphering.
Step 504e: the transaction account information that step 504b and 504d are obtained compares, if the two coupling, execution in step 504f then, if the two does not match, execution in step 504g then.
Step 504f: upgrade dynamic key C
I+1, and the dynamic key C behind the storage update
I+1And preserve this authentication record, comprise this transaction ciphertext T1 in the record.Then skip to step 504j return authentication success message after this step is finished and finish this identifying procedure.
Step 504g: the ciphertext in ciphertext T1 and the historical authentication record is compared, if find the ciphertext coupling of ciphertext T1 and certain transaction in the past, the ciphertext that this input then is described is that certain former process of exchange is recorded by malice and play execution in step 504h; If do not have the record of coupling, then execution in step 504i.
Step 504h: start warning system and withdraw from this identifying procedure.
Step 504i: continue to upgrade dynamic key with the key updating algorithm, every renewal once, with the dynamic key after upgrading ciphertext T1 is decrypted, transaction account information after the deciphering and the transaction account information that obtains of step 504d are compared, if the coupling would jump to step 504f, the match is successful yet if update times reaches the update times maximal value, then jumps to step 504k return authentication failed message and finish this identifying procedure.
Among the above embodiment, can also adopt another kind of mode that user's transaction account information is carried out encrypting and decrypting, guarantee to have only the transaction business platform just can read transaction data with digital certificate, described step 403 is:
Digital bank card user service module is at first according to the dynamic key C that stores
iThe needs information encrypted is encrypted output ciphertext T1 with cryptographic algorithm A1.Here needing information encrypted is user's transaction account information.Wherein cryptographic algorithm A1 can be arbitrarily based on the cryptographic algorithm of symmetric key, and the present invention does not limit cryptographic algorithm; Transaction account information is meant needs to send to the information content that the transaction business platform is finished transaction in the transaction, comprise the transaction account number at least.
In order to prevent that signal is duplicated by the third party in transaction, and utilize the signal that duplicates to carry out illegal transaction, introduce an irreversible key function F
S, by initial dynamic key C
0Private cipher key K with account
SCan produce a series of irreversible dynamic key sequence (C
1, C
2, C
3...).C
I+1=F
s(C
i, U
Const), U wherein
ConstFor user-dependent information, as user ID.Use dynamic key C
iData to each transaction are encrypted, and upgrade C in each transaction back
i, because dynamic key all upgrades once when each transaction, though guaranteed that the plaintext of each transmission is identical, the ciphertext difference that each exchange generates.T1=A1 (C during encryption
i, U), wherein U is for needing the transaction account information of encryption.
And then ciphertext T1 and digital bank card sign are encrypted output ciphertext T2:T2=A2 (K according to the digital certificate and the cryptographic algorithm A2 of the transaction business Platform Server of mobile terminal stores
p, T1 ∪ BID), K wherein
pBe the publicly-owned key of transaction business Platform Server, BID is the digital bank card identification information;
Described step 504a is: the transaction business platform receives the transaction data from transaction terminal, comprises ciphertext T2 in this transaction data;
Described step 504b is: utilize its private cipher key K of transaction business platform service
sTo transaction terminal input information T2 deciphering, transaction account information T1 after obtaining encrypting and digital bank card identification information.And according to the digital bank card identification information to authentication center of bank or in local data base, search the master data information of this transaction account and corresponding dynamic key C
i, wherein the transaction account essential information comprises the transaction account number at least.
The above only is preferred embodiment of the present invention, not in order to restriction the present invention, all any modifications of being done within the spirit and principles in the present invention, is equal to and replaces and improvement etc., all should be included within protection scope of the present invention.
Claims (18)
1, a kind of system by portable terminal realization digital bank card service comprises portable terminal and transaction terminal, it is characterized in that, also comprises transaction business platform and authentication center of bank, wherein,
The transaction business platform is used to check the legitimacy from the Transaction Information of transaction terminal, and the control transaction terminal is carried out the associative operation of transaction;
Authentication center of bank is used to set up and store user's bank transaction account information and sends user's bank transaction accounts information, the transaction of recording user according to the request of transaction business platform to the transaction business platform;
Portable terminal is used to produce with transaction terminal and carries out mutual buying signals;
Transaction terminal is used to receive the buying signals from portable terminal, and the signal that is received is submitted to the transaction business platform, and carries out the associative operation of transaction.
2, system according to claim 1 is characterized in that, this system further comprises:
The wireless traffic platform is used to receive the application of opening digital bank card service from mobile terminal user, and the application that is received is sent to the wireless authentication center; Return the information of opening an account to portable terminal; Comprised that to the submission of transaction business platform the user of the user profile of being returned by the wireless authentication center opens the application of digital bank card service;
The wireless authentication center is used to store user's essential information, and according to the application that the user from wireless user's platform opens digital bank card service, collects this user's essential information, and the user profile of collecting is returned to the wireless traffic platform;
The function of described transaction business platform further comprises: return the information of opening an account to the wireless traffic platform; The user profile of opening according to the user from the wireless traffic platform in the application of digital bank card service judges whether to open an account to this user, if do not open an account, returns the information of opening an account that comprises the failure prompting to the wireless traffic platform; If open an account, user profile is issued authentication center of bank; Set up the digital bank card accounts information according to the customer transaction accounts information for the user, and the parameter information that will open digital bank card sends to the wireless traffic platform;
The function of described portable terminal further comprises: submit the application of opening digital bank card service to the wireless traffic platform.
3, system according to claim 1 is characterized in that, described portable terminal is the portable terminal that Transaction Information is converted to voice signal and sends this voice signal by loudspeaker;
Described transaction terminal further comprises: be used to receive the voice signal from portable terminal, and the voice signal of being received be converted to the sound receiver of digital signal.
According to claim 1,2 or 3 described systems, it is characterized in that 4, described portable terminal is for being mounted with user side service software module, to finish the portable terminal of described function.
5, a kind of method by portable terminal realization digital bank card service is characterized in that this method comprises the steps:
A, portable terminal output comprise the Transaction Information of the account number of concluding the business;
B, transaction terminal are received Transaction Information, and Transaction Information is sent to the transaction business platform;
C, transaction business platform obtain user's bank transaction accounts information according to the Transaction Information of receiving from authentication center of bank, compare with transaction account number in the Transaction Information, if unanimity then bank account execution in step D effectively also; If invalid, then return the invalid message of account to transaction terminal;
Transaction operation between D, transaction business platform control transaction terminal and the portable terminal.
6, method according to claim 5 is characterized in that, described Transaction Information further comprises the digital bank card sign;
Step C is described to be retrieved as: the transaction business platform obtains user's bank transaction account number according to the sign of the digital bank card in the Transaction Information of receiving from authentication center of bank.
7, method according to claim 5 is characterized in that, the described portable terminal output of steps A Transaction Information is: portable terminal is converted to voice signal with Transaction Information and exports by loudspeaker;
The described transaction terminal of step B receives that Transaction Information is: transaction terminal receives voice signal by sound pick-up outfit, and the voice signal that is received is converted to digital signal.
8, method according to claim 5 is characterized in that, before steps A, this method further comprises:
AA1, user use portable terminal to submit the application of opening digital bank card service to the wireless traffic platform;
AA2, wireless traffic platform are sent to the transaction business platform with this application;
AA3, transaction business platform are finished the operation of opening digital bank card service and are returned digital bank card by the wireless traffic platform to portable terminal and open configuration information.
9, method according to claim 8, it is characterized in that, the mobile terminal user that digital bank card service is opened in described submission does not have the bank transaction account, comprise user basic information in the described application, then the described wireless traffic platform of steps A A2 is received after this application, this application is sent to before the transaction business platform, further comprises:
The wireless traffic platform obtains this user basic information and customer attribute information to the wireless authentication center, and judge whether the user basic information of user's submission and the user basic information that the wireless authentication center is returned are consistent, if do not meet then return opening an account failure prompting, and withdraw from this flow process to portable terminal; If meet then to the request of transaction business platform submit applications digital bank card.
10, method according to claim 9 is characterized in that, the described transaction business platform of steps A A3 is finished the operation of opening digital bank card service and further comprised:
The transaction business platform judges whether to open digital banking to this user according to the application of receiving, if, then authentication center of bank is submitted in described application, this user's bank transaction account information is created and stored in authentication center of bank according to the user basic information of receiving, and returning user's bank transaction accounts information to the transaction business platform, the transaction business platform is created corresponding digital bank card according to user's bank transaction account information and is opened configuration information; If not, then return the prompting of the failure of opening an account and withdraw from this flow process to portable terminal.
11, method according to claim 8 is characterized in that, the mobile terminal user that digital bank card service is opened in described submission has bank account, comprises user's transaction account information in the described application,
The described transaction business platform of steps A A3 is finished the operation of opening bank card business and is further comprised:
The transaction business platform is sent to authentication center of bank with the customer transaction account information of receiving, authentication center of bank authenticates the transaction account information of being received, if authentification failure then returns the application failed message and releases this flow process to portable terminal by transaction business platform and wireless traffic platform; If authentication success, then the transaction business platform is created corresponding digital bank card according to user's bank transaction account information and is opened configuration information.
12, according to Claim 8 to 11 each described methods, it is characterized in that, comprise user basic information, transaction account information in the described application or comprise above both.
According to Claim 8 to 11 each described methods, it is characterized in that 13, described digital bank card is opened configuration information and further comprised transaction account information, digital bank card sign and dynamic key.
14, according to each described method of claim 5 to 11, it is characterized in that the described portable terminal output of steps A Transaction Information is: portable terminal sends the Transaction Information that comprises this ciphertext after the information of need to be keep secret in the described Transaction Information is encrypted the formation ciphertext earlier again;
Further comprise after the described transaction business platform of step B is received Transaction Information: the transaction business platform is decrypted the ciphertext in the Transaction Information of being received.
15, method according to claim 14 is characterized in that, the information of described need to be keep secret is user's transaction account information; Described encryption method is for to encrypt with dynamic key;
The Transaction Information that described portable terminal sends is: the transaction account information that comprises the user is encrypted the ciphertext that the back forms and the Transaction Information of the digital bank card sign of form expressly.
16, method according to claim 15 is characterized in that, the method for described encryption and decryption is to use the dynamic key relevant with transaction count to carry out encryption and decryption, and described step C is:
The transaction business platform judges whether transaction account information that obtains after the decrypt ciphertext in the Transaction Information of being received and the transaction account information that finds in authentication center of bank mate, if coupling then upgrade dynamic key and preserve the authentication record comprised this transaction ciphertext, and continue execution in step D by authentication;
If do not match, then ciphertext in the Transaction Information that portable terminal is sent and the ciphertext in the historical authentication record compare, if find identical ciphertext, then start warning system; If it is inequality, before reaching maximum update times, upgrade dynamic key and decipher this ciphertext with the dynamic key after upgrading, and obtain transaction account information after will deciphering and compare from the transaction account information of authentication center of bank, if the match is successful, then upgrade dynamic key and preserve the authentication record that has comprised this transaction ciphertext, and continue execution in step D by authentication; Do not have also that the match is successful if surpassed maximum update times, then return the invalid message of account to transaction terminal.
17, method according to claim 14 is characterized in that, the information of described need to be keep secret is user's transaction account information and digital bank card sign; Described encryption method is transaction account information to be encrypted the back with dynamic key form ciphertext 1, and ciphertext 1 and digital bank card are identified again with forming ciphertext 2 after the publicly-owned secret key encryption of transaction business platform; Described decryption method is for obtaining ciphertext 1 and digital bank card sign with private cipher key decrypting ciphertext 2 earlier, and 1 deciphering obtains transaction account information to ciphertext with dynamic key again.
18, method according to claim 17 is characterized in that, described dynamic key is the dynamic key relevant with transaction count, and described step C is:
The transaction business platform judges whether transaction account information that obtains after 2 deciphering of institute's ciphertext of receiving and the transaction account information that finds in authentication center of bank mate, if coupling then upgrade dynamic key and preserve the authentication record comprised this transaction ciphertext, and continue execution in step D by authentication;
If do not match, the ciphertext 1 that obtains after ciphertext 2 deciphering of then portable terminal being sent compares with the ciphertext 1 in the historical authentication record, if comparative result is identical, then starts warning system; If it is inequality, before reaching maximum update times, upgrade dynamic key and decipher this ciphertext 1 with the dynamic key after upgrading, and obtain transaction account information after will deciphering and compare from the transaction account information of authentication center of bank, if the match is successful, then upgrade dynamic key and preserve the authentication record that has comprised this transaction ciphertext, and continue execution in step D by authentication; Do not have also that the match is successful if surpassed maximum update times, then return the invalid message of account to transaction terminal.
Priority Applications (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CNA2006100582031A CN1858798A (en) | 2006-02-24 | 2006-02-24 | System and method for realizing digital bank card service by mobile terminal |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CNA2006100582031A CN1858798A (en) | 2006-02-24 | 2006-02-24 | System and method for realizing digital bank card service by mobile terminal |
Publications (1)
| Publication Number | Publication Date |
|---|---|
| CN1858798A true CN1858798A (en) | 2006-11-08 |
Family
ID=37297705
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CNA2006100582031A Pending CN1858798A (en) | 2006-02-24 | 2006-02-24 | System and method for realizing digital bank card service by mobile terminal |
Country Status (1)
| Country | Link |
|---|---|
| CN (1) | CN1858798A (en) |
Cited By (5)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN102243749A (en) * | 2010-05-11 | 2011-11-16 | 华为技术有限公司 | Leveling off method and device between CRM (customer relationship management) system and bank system |
| CN101329786B (en) * | 2007-06-20 | 2012-01-11 | ***股份有限公司 | Method and system for acquiring bank card magnetic track information or payment application for mobile terminal |
| CN102567914A (en) * | 2010-12-09 | 2012-07-11 | 同方股份有限公司 | System for realizing bank secure transaction by mobile communication terminal and method thereof |
| CN103679979A (en) * | 2013-12-03 | 2014-03-26 | 交通银行股份有限公司 | Data processing method and data processing equipment |
| CN107358437A (en) * | 2017-06-26 | 2017-11-17 | 中国人民银行数字货币研究所 | The cancellation method and system of digital cash wallet |
-
2006
- 2006-02-24 CN CNA2006100582031A patent/CN1858798A/en active Pending
Cited By (6)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN101329786B (en) * | 2007-06-20 | 2012-01-11 | ***股份有限公司 | Method and system for acquiring bank card magnetic track information or payment application for mobile terminal |
| CN102243749A (en) * | 2010-05-11 | 2011-11-16 | 华为技术有限公司 | Leveling off method and device between CRM (customer relationship management) system and bank system |
| CN102567914A (en) * | 2010-12-09 | 2012-07-11 | 同方股份有限公司 | System for realizing bank secure transaction by mobile communication terminal and method thereof |
| CN103679979A (en) * | 2013-12-03 | 2014-03-26 | 交通银行股份有限公司 | Data processing method and data processing equipment |
| CN107358437A (en) * | 2017-06-26 | 2017-11-17 | 中国人民银行数字货币研究所 | The cancellation method and system of digital cash wallet |
| CN107358437B (en) * | 2017-06-26 | 2020-08-11 | 中国人民银行数字货币研究所 | Method and system for logging off digital money wallet |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| WO2021027686A1 (en) | Bluetooth device mutual identification or mutual trust method | |
| CN1689361A (en) | Robust and flexible digital rights management involving a tamper-resistant identity module | |
| CN1163017C (en) | Multiple account portable wireless financal messaging unit | |
| CN106330442B (en) | Identity authentication method, device and system | |
| CN1283295A (en) | Transaction authentication for 1-way wireless financial messaging units | |
| CN100343844C (en) | Apparatus for data distribution and terminal for data distribution | |
| CN1908981A (en) | Wireless computer wallet for physical point of sale (pos) transactions | |
| CN1514635A (en) | Method of realizing mobile electronic business using finger print intelligence terminal and intelligent hand set | |
| US20060059094A1 (en) | Method and apparatus for digital rights management | |
| CN1922623A (en) | Wireless wallet | |
| CN1897027A (en) | Authentication services using mobile device | |
| TW200828935A (en) | System and method of secure encryption for electronic data transfer | |
| CN1283343A (en) | Secure messaging system overlay for selective call signaling system | |
| CN1547142A (en) | A dynamic identity certification method and system | |
| CN1283333A (en) | Portable 2-way wireless financial messaging unit | |
| CN1934564A (en) | Method and apparatus for digital rights management using certificate revocation list | |
| CN1445707A (en) | Service submitting system for supplying service to user equipment from service submitting equipment | |
| CN1283288A (en) | Portable 1-way wireless finanial messaging unit | |
| CN1711738A (en) | Providing a user device with a set of access codes | |
| CN1631001A (en) | System and method for creating a secure network using identity credentials of batches of devices | |
| CN1928907A (en) | Method, system and device for transaction payment using mobile terminal equipment | |
| CN1940955A (en) | System and method for registering entities for code signing services | |
| CN1610918A (en) | Mobile settlement system and device | |
| CN1486014A (en) | Method for safe data transmission based on public cipher key architecture and apparatus thereof | |
| CN1503180A (en) | System and Method for Electronic Purchase |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| C06 | Publication | ||
| PB01 | Publication | ||
| C10 | Entry into substantive examination | ||
| SE01 | Entry into force of request for substantive examination | ||
| C12 | Rejection of a patent application after its publication | ||
| RJ01 | Rejection of invention patent application after publication |
Application publication date: 20061108 |