CN103699996A - Payment authentication method based on human biological characteristics - Google Patents

Abstract

Translated fromChinese

本发明涉及基于人体生物特征的IC卡支付认证方法。该方法主要包括：注册步骤，终端获取IC卡持卡人的注册人体生物特征信息并且生成注册人体生物特征码，将注册人体生物特征码分为A部分特征码和B部分特征码并且将A部分特征码存储在IC卡中、将B部分特征码存储在后台系统中；比对步骤，在发起交易请求后终端将存储在后台系统中的B部分特征码和存储在IC卡中的A部分特征码组合生成暂存人体生物特征码，终端获取持卡人录入的现场支付人体生物特征信息并且生成现场支付人体生物特征码，终端读取暂存人体生物特征码并与所述现场人体生物特征进行比对；授权步骤，在比对时，将比对结果发送到后台系统。

The invention relates to an IC card payment authentication method based on human biological characteristics. The method mainly includes: a registration step, the terminal acquires the registered human body biometric information of the IC card holder and generates a registered human body biometric code, divides the registered human body biometric code into a part A feature code and a part B feature code and divides the A part The feature code is stored in the IC card, and the feature code of part B is stored in the background system; in the comparison step, after the transaction request is initiated, the terminal will store the feature code of part B in the background system and the feature code of part A stored in the IC card code combination to generate a temporarily stored human biometric code, the terminal obtains the on-site payment human biometric information entered by the cardholder and generates an on-site payment human biometric code, the terminal reads the temporarily stored human biometric code and performs a check with the on-site human biometric Comparison; authorization step, when comparing, send the comparison result to the background system.

Description

Translated fromChinese

一种基于人体生物特征的支付认证方法A payment authentication method based on human biometrics

技术领域technical field

本发明涉及一种支付认证方法。更具体地是涉及基于人体生物特征进行认证的支付认证方法。The invention relates to a payment authentication method. More specifically, it relates to a payment authentication method for authentication based on human biometrics.

背景技术Background technique

在现有技术中，已经出现利用指纹或者指静脉作为支付认证的依据实现支付的方法。例如，现有方式的利用指静脉进行支付的方式通常分为三种：1）将指静脉模板存储在终端中，这种方式一方面受限于终端存储容量，无法承载大规模信息，另一方面终端层面的安全性较低，故无法应用于金融支付领域；2）将指静脉模板存储于后台系统中，这种方式下，一旦后台系统被攻破,可能造成模板被大规模替换,导致系统级风险；3）将指静脉模板存储与IC卡，交易过程中本地验证，无须后台参与，有点类似于IC卡脱机验证，一般适用于小额交易，应用领域较小。In the prior art, there have been methods of using fingerprints or finger veins as the basis for payment authentication to realize payment. For example, the existing ways of using finger veins for payment are usually divided into three types: 1) Store the finger vein template in the terminal. On the one hand, this method is limited by the storage capacity of the terminal and cannot carry large-scale information; On the one hand, the security at the terminal level is low, so it cannot be applied to the financial payment field; 2) The finger vein template is stored in the background system. In this way, once the background system is compromised, the template may be replaced on a large scale, resulting in system failure. 3) The finger vein template is stored with the IC card, and the local verification is performed during the transaction without background participation. It is somewhat similar to the offline verification of the IC card. It is generally suitable for small transactions and has a small application field.

 the

发明内容Contents of the invention

鉴于上述问题，本发明旨在提供一种能够有效提高交易安全性并且使用方便快捷的基于人体生物特征的支付认证方法。In view of the above problems, the present invention aims to provide a payment authentication method based on human biometrics that can effectively improve transaction security and is convenient and quick to use.

本发明的基于人体生物特征的IC卡支付认证方法，其特征在于，包括：The IC card payment authentication method based on human biological characteristics of the present invention is characterized in that, comprising:

注册步骤，终端获取IC卡持卡人的注册人体生物特征信息并且生成注册人体生物特征码，将所述注册人体生物特征码分为A部分特征码和B部分特征码并且将所述A部分特征码存储在IC卡中、将所述B部分特征码存储在后台系统中；In the registration step, the terminal obtains the registered human body biometric information of the IC card holder and generates a registered human body biometric code, divides the registered human body biometric code into a part A feature code and a part B feature code, and divides the part A feature code The code is stored in the IC card, and the feature code of the B part is stored in the background system;

比对步骤，在发起交易请求后终端将存储在后台系统中的所述B部分特征码和存储在所述IC卡中的A部分特征码组合生成暂存人体生物特征码，终端获取持卡人录入的现场支付人体生物特征信息并且生成现场支付人体生物特征码，终端读取所述暂存人体生物特征码并与所述现场支付人体生物特征码进行比对；In the comparison step, after the transaction request is initiated, the terminal combines the part B feature code stored in the background system with the part A feature code stored in the IC card to generate a temporary human body biometric feature code, and the terminal obtains the cardholder The entered on-site payment human body biometric information and generates an on-site payment human body biometric code, and the terminal reads the temporarily stored human body biometric code and compares it with the on-site payment human body biometric code;

授权步骤，在上述比对步骤的比对的结果为成功的情况下，终端将比对结果发送到后台系统，由后台系统进行授权。In the authorization step, if the comparison result in the above comparison step is successful, the terminal sends the comparison result to the background system, and the background system performs authorization.

优选地，在所述比对步骤中，在读取所述暂存人体生物特征码后即删除所述暂存人体生物特征码。Preferably, in the comparing step, the temporarily stored human biological code is deleted after reading the temporarily stored human biological code.

优选地，所述比对步骤依次包括：Preferably, the comparing step comprises in turn:

步骤（a）：在刷卡或插卡后终端发起交易请求到后台系统；Step (a): After swiping or inserting the card, the terminal initiates a transaction request to the background system;

步骤（b）：根据IC卡的卡号信息由后台系统返回存储在后台系统中的所述B部分特征码；Step (b): According to the card number information of the IC card, the background system returns the feature code of part B stored in the background system;

步骤（c）：终端将从后台系统获得的所述B部分特征码写入IC卡，由IC卡将B部分特征码和A部分特征码组合并且形成所述暂存人体生物特征码，将所述暂存人体生物特征码暂存于IC卡中；Step (c): The terminal writes the B-part feature code obtained from the background system into the IC card, and the IC card combines the B-part feature code and the A-part feature code to form the temporarily stored human biometric code, and writes the B-part feature code The temporarily stored human body biometric code is temporarily stored in the IC card;

步骤（d）：终端获取持卡人的支付人体生物特征信息并生成支付人体生物特征码；Step (d): The terminal obtains the payment biometric information of the cardholder and generates a payment biometric code;

步骤（e）：读取所述暂存人体生物特征码并与所述将所述现场支付人体生物特征码进行比对；Step (e): reading the temporarily stored human body biometric code and comparing it with the on-site payment human body biometric code;

步骤（f）：删除所述IC卡中暂存的暂存人体生物特征码。Step (f): deleting the temporarily stored human biometric code in the IC card.

优选地，在所述授权步骤中，若在所述比对步骤中比对不成功，则终端直接拒绝支付。Preferably, in the authorization step, if the comparison is unsuccessful in the comparison step, the terminal directly refuses the payment.

优选地，在所述注册步骤中，通过对持卡人注册人体生物特征信息进行预处理并且提取特征码来生成注册人体生物特征码，在所述步骤（d）中，终端通过对持卡人的支付人体生物特征信息进行预处理并且提取特征码来生成支付人体生物特征码。Preferably, in the registration step, the registered human body biometric code is generated by preprocessing the cardholder's registered body biometric information and extracting the signature, and in the step (d), the terminal passes the cardholder The payment human body biometric information is preprocessed and the signature is extracted to generate the payment human biometric code.

本发明的基于指静脉的IC卡支付认证方法，其特征在于，包括：The finger vein-based IC card payment authentication method of the present invention is characterized in that it includes:

注册步骤，终端获取IC卡持卡人的注册指静脉信息并且生成注册指静脉特征码，将所述注册指静脉特征码分为A部分特征码和B部分特征码并且将所述A部分特征码存储在IC卡中、将所述B部分特征码存储在后台系统中；In the registration step, the terminal obtains the registered finger vein information of the IC card holder and generates a registered finger vein feature code, divides the registered finger vein feature code into a part A feature code and a part B feature code and divides the part A feature code Store in the IC card, store the feature code of the B part in the background system;

比对步骤，在发起交易请求后终端将存储在后台系统中的所述B部分特征码和存储在所述IC卡中的A部分特征码组合生成暂存指静脉特征码，终端获取持卡人录入的现场支付指静脉信息并且生成现场支付指静脉特征码，终端读取所述暂存指静脉特征码并与所述现场支付指静脉特征码进行比对；In the comparison step, after the transaction request is initiated, the terminal combines the part B feature code stored in the background system with the part A feature code stored in the IC card to generate a temporary finger vein feature code, and the terminal obtains the cardholder The entered on-site payment finger vein information and generates an on-site payment finger vein feature code, and the terminal reads the temporarily stored finger vein feature code and compares it with the on-site payment finger vein feature code;

授权步骤，在上述比对步骤的比对的结果为成功的情况下，终端将比对结果发送到后台系统，由后台系统进行授权。In the authorization step, if the comparison result in the above comparison step is successful, the terminal sends the comparison result to the background system, and the background system performs authorization.

本发明的基于指纹的IC卡支付认证方法，其特征在于，包括：The fingerprint-based IC card payment authentication method of the present invention is characterized in that, comprising:

注册步骤，终端获取IC卡持卡人的注册指纹信息并且生成注册指纹特征码，将所述注册指纹特征码分为A部分特征码和B部分特征码并且将所述A部分特征码存储在IC卡中、将所述B部分特征码存储在后台系统中；In the registration step, the terminal obtains the registered fingerprint information of the IC card holder and generates a registered fingerprint feature code, divides the registered fingerprint feature code into a part A feature code and a part B feature code, and stores the part A feature code in the IC In the card, the feature code of the B part is stored in the background system;

比对步骤，在发起交易请求后终端将存储在后台系统中的所述B部分特征码和存储在所述IC卡中的A部分特征码组合生成暂存指纹特征码，终端获取持卡人录入的现场支付指纹信息并且生成现场支付指纹特征码，终端读取所述暂存指纹特征码并与所述现场支付指纹特征码进行比对；In the comparison step, after the transaction request is initiated, the terminal combines the part B feature code stored in the background system with the part A feature code stored in the IC card to generate a temporary fingerprint feature code, and the terminal obtains the cardholder input on-site payment fingerprint information and generate an on-site payment fingerprint feature code, the terminal reads the temporarily stored fingerprint feature code and compares it with the on-site payment fingerprint feature code;

授权步骤，在上述比对步骤的比对的结果为成功的情况下，终端将比对结果发送到后台系统，由后台系统进行授权。In the authorization step, if the comparison result in the above comparison step is successful, the terminal sends the comparison result to the background system, and the background system performs authorization.

本发明的基于掌形的IC卡支付认证方法，其特征在于，包括：Palm-based IC card payment authentication method of the present invention is characterized in that, comprising:

注册步骤，终端获取IC卡持卡人的注册掌形信息并且生成注册掌形特征码，将所述注册掌形特征码分为A部分特征码和B部分特征码并且将所述A部分特征码存储在IC卡中、将所述B部分特征码存储在后台系统中；In the registration step, the terminal obtains the registered palm information of the IC card holder and generates a registered palm feature code, divides the registered palm feature code into a part A feature code and a part B feature code and divides the part A feature code Store in the IC card, store the feature code of the B part in the background system;

比对步骤，在发起交易请求后终端将存储在后台系统中的所述B部分特征码和存储在所述IC卡中的A部分特征码组合生成暂存掌形特征码，终端获取持卡人录入的现场支付掌形信息并且生成现场支付掌形特征码，终端读取所述暂存掌形特征码并与所述现场支付掌形特征码进行比对；In the comparison step, after the transaction request is initiated, the terminal combines the part B feature code stored in the background system with the part A feature code stored in the IC card to generate a temporary palm feature code, and the terminal obtains the cardholder The entered on-site payment palm information and generates an on-site payment palm feature code, and the terminal reads the temporarily stored palm feature code and compares it with the on-site payment palm feature code;

授权步骤，在上述比对步骤的比对的结果为成功的情况下，终端将比对结果发送到后台系统，由后台系统进行授权。In the authorization step, if the comparison result in the above comparison step is successful, the terminal sends the comparison result to the background system, and the background system performs authorization.

本发明的基于虹膜的IC卡支付认证方法，其特征在于，包括：The iris-based IC card payment authentication method of the present invention is characterized in that, comprising:

注册步骤，终端获取IC卡持卡人的注册虹膜信息并且生成注册虹膜特征码，将所述注册虹膜特征码分为A部分特征码和B部分特征码并且将所述A部分特征码存储在IC卡中、将所述B部分特征码存储在后台系统中；In the registration step, the terminal obtains the registered iris information of the IC card holder and generates a registered iris feature code, divides the registered iris feature code into a part A feature code and a part B feature code and stores the part A feature code in the IC In the card, the feature code of the B part is stored in the background system;

比对步骤，在发起交易请求后终端将存储在后台系统中的所述B部分特征码和存储在所述IC卡中的A部分特征码组合生成暂存虹膜特征码，终端获取持卡人录入的现场支付虹膜信息并且生成现场支付虹膜特征码，终端读取所述暂存虹膜特征码并与所述现场支付虹膜特征码进行比对；In the comparison step, after the transaction request is initiated, the terminal combines the part B feature code stored in the background system with the part A feature code stored in the IC card to generate a temporary iris feature code, and the terminal obtains the cardholder input The on-site payment iris information and generate the on-site payment iris feature code, the terminal reads the temporarily stored iris feature code and compares it with the on-site payment iris feature code;

在上述比对步骤的比对的结果为成功的情况下，终端将比对结果发送到后台系统，由后台系统进行授权。In the case that the comparison result in the above comparison step is successful, the terminal sends the comparison result to the background system, and the background system authorizes it.

本发明的基于面部图像的IC卡支付认证方法，其特征在于，包括：The IC card payment authentication method based on facial images of the present invention is characterized in that, comprising:

注册步骤，终端获取IC卡持卡人的注册面部图像信息并且生成注册面部图像特征码，将所述注册面部图像特征码分为A部分特征码和B部分特征码并且将所述A部分特征码存储在IC卡中、将所述B部分特征码存储在后台系统中；In the registration step, the terminal obtains the registered facial image information of the IC card holder and generates a registered facial image feature code, divides the registered facial image feature code into a part A feature code and a part B feature code and divides the A part feature code Store in the IC card, store the feature code of the B part in the background system;

比对步骤，在发起交易请求后终端将存储在后台系统中的所述B部分特征码和存储在所述IC卡中的A部分特征码组合生成暂存面部图像特征码，终端获取持卡人录入的现场支付面部图像信息并且生成现场支付面部图像特征码，终端读取所述暂存面部图像特征码并与所述现场支付面部图像特征码进行比对；In the comparison step, after the transaction request is initiated, the terminal combines the part B feature code stored in the background system with the part A feature code stored in the IC card to generate a temporary facial image feature code, and the terminal obtains the cardholder The on-the-spot payment facial image information of entry and generate the on-the-spot payment facial image feature code, the terminal reads the temporarily stored facial image feature code and compares it with the on-site payment facial image feature code;

在上述比对步骤的比对的结果为成功的情况下，终端将比对结果发送到后台系统，由后台系统进行授权。In the case that the comparison result in the above comparison step is successful, the terminal sends the comparison result to the background system, and the background system authorizes it.

本发明的基于声音的IC卡支付认证方法，其特征在于，包括：The sound-based IC card payment authentication method of the present invention is characterized in that, comprising:

注册步骤，终端获取IC卡持卡人的注册声音信息并且生成注册声音特征码，将所述注册声音特征码分为A部分特征码和B部分特征码并且将所述A部分特征码存储在IC卡中、将所述B部分特征码存储在后台系统中；In the registration step, the terminal obtains the registration voice information of the IC card holder and generates a registration voice feature code, divides the registration voice feature code into a part A feature code and a part B feature code and stores the part A feature code in the IC In the card, the feature code of the B part is stored in the background system;

比对步骤，在发起交易请求后终端将存储在后台系统中的所述B部分特征码和存储在所述IC卡中的A部分特征码组合生成暂存声音特征码，终端获取持卡人录入的现场支付声音信息并且生成现场支付声音特征码，终端读取所述暂存声音特征码并与所述现场支付声音特征码进行比对；In the comparison step, after the transaction request is initiated, the terminal combines the part B feature code stored in the background system with the part A feature code stored in the IC card to generate a temporary voice feature code, and the terminal obtains the cardholder input The on-site payment sound information and generate the on-site payment sound feature code, the terminal reads the temporarily stored sound feature code and compares it with the on-site payment sound feature code;

在上述比对步骤的比对的结果为成功的情况下，终端将比对结果发送到后台系统，由后台系统进行授权。In the case that the comparison result in the above comparison step is successful, the terminal sends the comparison result to the background system, and the background system authorizes it.

利用本发明的基于人体生物特征的IC卡支付认证方法，通过将人体生物特征信息分成A部分和B部分，并且分别在IC卡中保存A部分、在后台系统中保存B部分，由此能够避免后台系统留存敏感信息导致大规模系统入侵带来的安全隐患。而且，交易过程中，通过网络传输的只有后台存储的B部分信息，即使被截取，由于不是完整的认证信息，也无法被非法利用。再者，利用终端完成人体生物特征录入，对该特征性息进行预处理，提取特征码并且由终端进行特征码比对，通过将这一系列关键步骤集中为一点（终端上），有利于更好地进行风险控制和管理。Using the IC card payment authentication method based on human biological characteristics of the present invention, by dividing the human biological characteristic information into part A and part B, and saving part A in the IC card and part B in the background system respectively, it is possible to avoid The background system retains sensitive information, which leads to security risks caused by large-scale system intrusion. Moreover, during the transaction process, only the part B information stored in the background is transmitted through the network. Even if it is intercepted, it cannot be illegally used because it is not complete authentication information. Furthermore, use the terminal to complete the entry of human biological characteristics, preprocess the characteristic information, extract the characteristic code and compare the characteristic code by the terminal. By concentrating this series of key steps into one point (on the terminal), it is beneficial to more Good risk control and management.

 the

附图说明Description of drawings

图1是表示第一实施方式的基于指静脉的IC卡支付认证方法的主要步骤的流程图。FIG. 1 is a flow chart showing the main steps of the finger vein-based IC card payment authentication method of the first embodiment.

图2是表示第一实施方式中将注册指静脉特征码分为两部分分别存储到IC卡、和后台系统的示意图。Fig. 2 is a schematic diagram showing that the registered finger vein feature code is divided into two parts and stored in the IC card and the background system in the first embodiment.

 the

具体实施方式Detailed ways

下面介绍的是本发明的多个实施例中的一些，旨在提供对本发明的基本了解。并不旨在确认本发明的关键或决定性的要素或限定所要保护的范围。Introduced below are some of the various embodiments of the invention, intended to provide a basic understanding of the invention. It is not intended to identify key or critical elements of the invention or to delineate the scope of protection.

在本发明中，作为人体生物特征，采用了指静脉、指纹、掌形、虹膜、面部图像、声音。在以下的实施方式中将对上述各人体生物特征应用于本发明的具体情况进行说明。In the present invention, finger veins, fingerprints, palm shapes, irises, facial images, and voices are used as human biological characteristics. In the following embodiments, specific situations in which the above-mentioned human biological features are applied to the present invention will be described.

 the

第一实施方式first embodiment

在第一实施方式中，对于利用指静脉这种生物特征进行支付的方法进行说明。In the first embodiment, a payment method using biometrics such as finger veins will be described.

指静脉是一种生物特征识别技术，它利用手指内的静脉分布图像来进行身份识别。医学研究证明，指静脉的形状具有唯一性和稳定性，即不同之间的手指静脉分布完全不同，左手和右手的静脉分布不同，就算是长相非常相似的双胞胎的相同手指，指静脉分布也不同；同一个人不同的手指静脉分布不相同；健康成年人的静脉形状稳定不再发生变化。这些为手指静脉成为一种能够满足人们“高度安全”需求的生物识别技术提供了科学依据。Finger Vein is a biometric identification technology that uses images of vein distribution in fingers for identification. Medical research has proved that the shape of finger veins is unique and stable, that is, the distribution of veins in different fingers is completely different, and the distribution of veins in the left and right hands is different. The distribution of veins in different fingers of the same person is not the same; the shape of veins in healthy adults is stable and no longer changes. These provide a scientific basis for finger veins to become a biometric technology that can meet people's "high security" needs.

指静脉识别技术属于活体检验技术，本身无法被窃取和被伪造用于非法目的，在很大程度上避免了风险隐患，其核心在于根据指静脉信息生成特征码，每次比对特征码和特征码模板的匹配程度完成身份识别过程，安全、可靠。但是，如果特征码模板被非法窃取和替换了，安全防线会被彻底击破，安全问题随之而来。Finger vein recognition technology belongs to the biometric technology, which cannot be stolen or forged for illegal purposes. It avoids hidden risks to a large extent. Its core is to generate signatures based on finger vein information, and compare signatures and signatures each time. The matching degree of the code template completes the identification process, which is safe and reliable. However, if the signature template is illegally stolen and replaced, the security defense line will be completely broken, and security problems will follow.

本发明旨在解决特征码模板被非法窃取和替换的风险隐患，提高指静脉信息用于支付领域的安全性。本发明的原理如下：1）将指静脉信息作为唯一身份认证信息，代替密码等传统验证手段；2）在注册环节，将指静脉特征码模板按照一定算法分割为两部分即A部分和B部分，，并分开存储，A部分存储在后台系统，B部分存储在金融IC卡，避免了大规模后台系统破坏所带来的风险；3）交易过程中，根据卡号，由后台系统在应答过程返回B部分，送入IC卡与IC卡中A部分组成完整的特征码信息进行暂存，终端读取持卡人手指的静脉信息并处理生成特征码，读取IC卡中完整的特征码信息进行比对，比对成功后将比对结果发送后台系统进行最终交易授权。The invention aims to solve the potential risk of the feature code template being illegally stolen and replaced, and improve the security of finger vein information used in the payment field. The principle of the present invention is as follows: 1) The finger vein information is used as the unique identity authentication information to replace traditional verification methods such as passwords; 2) In the registration process, the finger vein signature template is divided into two parts according to a certain algorithm, namely part A and part B ,, and stored separately, part A is stored in the background system, and part B is stored in the financial IC card, which avoids the risk of large-scale background system damage; 3) During the transaction, according to the card number, the background system returns in the response process In part B, the complete feature code information composed of the IC card and the part A in the IC card is sent for temporary storage. The terminal reads the vein information of the cardholder's finger and processes and generates a feature code, and reads the complete feature code information in the IC card for processing. Comparison, after the comparison is successful, the comparison result will be sent to the background system for final transaction authorization.

下面对于本实施方式的基于指静脉的IC卡支付认证方法进行具体说明。图1是表示第一实施方式的基于指静脉的IC卡支付认证方法的主要步骤的流程图。图2是表示第一实施方式中将注册指静脉特征码分为两部分分别存储到IC卡、和后台系统的示意图。The finger vein-based IC card payment authentication method of this embodiment will be described in detail below. FIG. 1 is a flow chart showing the main steps of the finger vein-based IC card payment authentication method of the first embodiment. Fig. 2 is a schematic diagram showing that the registered finger vein feature code is divided into two parts and stored in the IC card and the background system in the first embodiment.

本实施方式的基于指静脉的IC卡支付认证方法，如图1所示大致分为以下步骤：The IC card payment authentication method based on finger veins of the present embodiment is roughly divided into the following steps as shown in Figure 1:

注册步骤S101：注册终端获取IC卡持卡人的注册指静脉信息，进行预处理，提取特征码，生成注册指静脉特征码，接着，按照一定算法将该注册指静脉特征码分为A部分和B部分，将A部分存储在IC卡中、将B部分存储在后台系统中；Registration step S101: the registration terminal obtains the registered finger vein information of the IC card holder, performs preprocessing, extracts the feature code, and generates the registered finger vein feature code, and then divides the registered finger vein feature code into part A and part A according to a certain algorithm. For part B, store part A in the IC card, and store part B in the background system;

比对步骤S102：在发起交易请求后，终端将存储在后台系统中的所述B部分和存储在IC卡中的A部分组合生成暂存指静脉特征码，终端获取持卡人录入的现场支付指静脉信息并进行预处理、特征码提取等操作，生成现场支付指静脉特征码，终端读取所述暂存指静脉特征码并与所述现场支付指静脉特征码进行比对；Comparison step S102: After initiating the transaction request, the terminal combines the part B stored in the background system with the part A stored in the IC card to generate a temporarily stored finger vein feature code, and the terminal obtains the on-site payment entered by the cardholder Perform operations such as preprocessing and feature code extraction on the finger vein information to generate an on-site payment finger vein feature code, and the terminal reads the temporarily stored finger vein feature code and compares it with the on-site payment finger vein feature code;

授权步骤S103：在上述比对步骤的比对的结果为成功的情况下，终端将比对结果发送到后台系统，由后台系统进行授权。Authorization step S103: if the result of the comparison in the above comparison step is successful, the terminal sends the comparison result to the background system, and the background system authorizes it.

在上述注册步骤S101中，按照一定算法将该注册指静脉特征码分为A部分和B部分，在本发明中对“一定算法”不进行具体限定，可以为任意的算法。例如，最简单的可以是将注册指静脉特征码一分为二，一部分作为A部分，另一部分作为B部分，或者是将注册指静脉特征码分为3份，取第1、3份作为A部分、第2份作为B部分，或者取第2份作为A部分、第1、3份作为B部分。当然，还可以采取其他各种算法进行划分，这里不一一例举。In the above registration step S101, the registered finger vein signature code is divided into part A and part B according to a certain algorithm. In the present invention, the "certain algorithm" is not specifically limited, and it can be any algorithm. For example, the easiest way is to divide the registered finger vein code into two parts, one part as part A and the other part as part B, or to divide the registered finger vein code into three parts, and take the first and third parts as A part, the second part as part B, or take the second part as part A, and the first and third parts as part B. Of course, various other algorithms can also be used for division, which are not listed here.

下面对于比对步骤S102进行详细说明。比对步骤S102包括依次包括下述步骤：The comparison step S102 will be described in detail below. The comparison step S102 includes the following steps in sequence:

步骤（a）：在进行支付时，刷卡或插卡后，终端向后台系统发起交易请求；Step (a): When making payment, after swiping or inserting the card, the terminal initiates a transaction request to the background system;

步骤（b）：后台系统根据接收到的交易请求，按照该请求中包含的IC卡的卡号信息，获取存储在该后台系统中的B部分，并向终端返回应答；Step (b): According to the received transaction request, the background system obtains the part B stored in the background system according to the card number information of the IC card included in the request, and returns a response to the terminal;

步骤（c）：终端将从后台系统获得的所述B部分写入IC卡，由IC卡将B部分和存储在IC卡中的A部分组合并且构成一个暂存指静脉特征码，将该暂存指静脉特征码暂存于IC卡中；Step (c): The terminal writes the part B obtained from the background system into the IC card, and the IC card combines the part B and the part A stored in the IC card to form a temporary finger vein feature code, and the temporary Save the finger vein feature code temporarily in the IC card;

步骤（d）：终端获取持卡人的现场的支付指静脉信息，并对其进行预处理，提取特征码，由此并生成现场支付指静脉特征码；Step (d): The terminal obtains the on-site payment finger vein information of the cardholder, preprocesses it, extracts the feature code, and generates an on-site payment finger vein feature code;

步骤（e）：终端读取上述暂存指静脉特征码并与上述现场支付指静脉特征码进行比对；Step (e): The terminal reads the temporarily stored finger vein code and compares it with the above on-site payment finger vein code;

步骤（f）：终端将所述IC卡中暂存的暂存指静脉特征码删除。Step (f): The terminal deletes the temporarily stored finger vein signature in the IC card.

在授权步骤S103中，若在比对步骤中比对成功，则终端将比对结果发送到后台系统，可由后台系统进行授权处理；若在比对步骤中比对不成功，则终端直接拒绝支付。In the authorization step S103, if the comparison is successful in the comparison step, the terminal will send the comparison result to the background system, and the background system can perform authorization processing; if the comparison is unsuccessful in the comparison step, the terminal directly refuses to pay .

利用本实施方式的基于指静脉的IC卡支付认证方法，通过将指静脉信息分成A部分和B部分，并且分别在IC卡中保存A部分、在后台系统中保存B部分，由此能够避免后台系统留存敏感信息导致大规模系统入侵带来的安全隐患。而且，交易过程中，通过网络传输的只有后台存储的B部分信息，即使被截取，由于不是完整的认证信息，也无法被非法利用。再者，利用终端完成指静脉录入、信息预处理、特征码提取和特征码比对，将一系列关键步骤集中为一点，有利于更好地进行风险控制。Using the finger vein-based IC card payment authentication method of this embodiment, by dividing the finger vein information into part A and part B, and saving part A in the IC card and part B in the background system respectively, it is possible to avoid background Retaining sensitive information in the system leads to security risks caused by large-scale system intrusion. Moreover, during the transaction process, only the part B information stored in the background is transmitted through the network. Even if it is intercepted, it cannot be illegally used because it is not complete authentication information. Furthermore, using the terminal to complete finger vein entry, information preprocessing, feature code extraction and feature code comparison, a series of key steps are concentrated in one point, which is conducive to better risk control.

 the

第二实施方式second embodiment

在第二实施方式中，对于利用指纹这种生物特征进行支付的方法进行说明。In the second embodiment, a payment method using biometric features such as fingerprints will be described.

指纹是一种生物特征识别技术，指纹是人体独一无二的特征，并且它们的复杂度足以提供用于鉴别的足够特征。Fingerprints are a type of biometric identification technology, fingerprints are unique features of the human body, and they are complex enough to provide sufficient features for identification.

下面对于本实施方式的基于指纹的IC卡支付认证方法进行具体说明。The fingerprint-based IC card payment authentication method of this embodiment will be described in detail below.

本实施方式的基于指纹的IC卡支付认证方法，大致分为以下步骤：The fingerprint-based IC card payment authentication method of the present embodiment is roughly divided into the following steps:

注册步骤：注册终端获取IC卡持卡人的注册指纹信息，进行预处理，提取特征码，并生成注册指纹特征码，接着，按照一定算法将该注册指纹特征码分为A部分和B部分，将A部分存储在IC卡中、将B部分存储在后台系统中；Registration steps: the registration terminal obtains the registered fingerprint information of the IC card holder, performs preprocessing, extracts the feature code, and generates the registered fingerprint feature code, and then divides the registered fingerprint feature code into A part and B part according to a certain algorithm, Store part A in the IC card and part B in the background system;

比对步骤：在发起交易请求后，终端将存储在后台系统中的所述B部分和存储在IC卡中的A部分组合生成暂存指纹特征码，终端获取持卡人录入的现场支付指纹信息并进行预处理、特征码提取等操作，生成现场支付指纹特征码，终端读取所述暂存指纹特征码并与所述现场支付指纹特征码进行比对；Comparison step: After initiating the transaction request, the terminal combines the part B stored in the background system with the part A stored in the IC card to generate a temporary fingerprint feature code, and the terminal obtains the on-site payment fingerprint information entered by the cardholder And perform operations such as preprocessing and feature code extraction to generate on-site payment fingerprint feature codes, and the terminal reads the temporarily stored fingerprint feature codes and compares them with the on-site payment fingerprint feature codes;

授权步骤：在上述比对步骤的比对的结果为成功的情况下，终端将比对结果发送到后台系统，由后台系统进行授权。Authorization step: if the comparison result in the above comparison step is successful, the terminal sends the comparison result to the background system, which then authorizes.

在上述注册步骤中，按照一定算法将该注册指纹特征码分为A部分和B部分，在本发明中对“一定算法”不进行限定，可以为任意的算法。例如，最简单的可以是将注册指纹特征码一分为二，一部分作为A部分，另一部分作为B部分，也可以是将注册指纹特征码分为3份，取第1、3份作为A部分、第2份作为B部分，或者取第2份作为A部分、第1、3份作为B部分。当然，还可以采取其他各种算法进行划分，这里不一一例举。In the above registration step, the registered fingerprint feature code is divided into part A and part B according to a certain algorithm. In the present invention, the "certain algorithm" is not limited, and it can be any algorithm. For example, the easiest way is to divide the registered fingerprint feature code into two parts, one part as part A and the other part as part B, or divide the registered fingerprint feature code into three parts, and take the first and third parts as part A , the second part as part B, or take the second part as part A, and the first and third parts as part B. Of course, various other algorithms can also be used for division, which are not listed here.

下面对于比对步骤进行详细说明。比对步骤包括依次包括下述步骤：The comparison steps are described in detail below. The comparison step comprises the following steps in turn:

步骤（a）：在进行支付时，刷卡或插卡后，终端向后台系统发起交易请求；Step (a): When making payment, after swiping or inserting the card, the terminal initiates a transaction request to the background system;

步骤（b）：后台系统根据接收到的交易请求，按照该请求中包含的IC卡的卡号信息，获取存储在该后台系统中的B部分，并向终端返回应答；Step (b): According to the received transaction request, the background system obtains the part B stored in the background system according to the card number information of the IC card included in the request, and returns a response to the terminal;

步骤（c）：终端将从后台系统获得的所述B部分写入IC卡，由IC卡将B部分和存储在IC卡中的A部分组合并且构成一个暂存指纹特征码，将该暂存指纹特征码暂存于IC卡中；Step (c): The terminal writes the part B obtained from the background system into the IC card, and the IC card combines the part B and the part A stored in the IC card to form a temporary fingerprint feature code, which is temporarily stored The fingerprint feature code is temporarily stored in the IC card;

步骤（d）：终端获取持卡人的现场的支付指纹信息，并对其进行预处理，提取特征码，由此并生成现场支付指纹特征码；Step (d): The terminal obtains the on-site payment fingerprint information of the cardholder, preprocesses it, extracts the feature code, and generates an on-site payment fingerprint feature code;

步骤（e）：终端读取上述暂存指纹特征码并与上述现场支付指纹特征码进行比对；Step (e): The terminal reads the above temporary fingerprint feature code and compares it with the above on-site payment fingerprint feature code;

步骤（f）：终端将所述IC卡中暂存的暂存指纹特征码删除。Step (f): The terminal deletes the temporary fingerprint feature code temporarily stored in the IC card.

在授权步骤中，若在比对步骤中比对成功，则终端将比对结果发送到后台系统，可由后台系统进行授权处理；若在比对步骤中比对不成功，则终端直接拒绝支付。In the authorization step, if the comparison is successful in the comparison step, the terminal will send the comparison result to the background system, and the background system can perform authorization processing; if the comparison is unsuccessful in the comparison step, the terminal will directly refuse to pay.

利用本实施方式的基于指纹的IC卡支付认证方法，通过将指纹信息分成A部分和B部分，并且分别在IC卡中保存A部分、在后台系统中保存B部分，由此能够避免后台系统留存敏感信息导致大规模系统入侵带来的安全隐患。而且，交易过程中，通过网络传输的只有后台存储的B部分信息，即使被截取，由于不是完整的认证信息，也无法被非法利用。再者，利用终端完成指纹录入、信息预处理、特征码提取和特征码比对，将一系列关键步骤集中为一点，有利于更好地进行风险控制。Using the fingerprint-based IC card payment authentication method of this embodiment, by dividing the fingerprint information into part A and part B, and saving part A in the IC card and part B in the background system respectively, it is possible to avoid retention in the background system Sensitive information leads to security risks caused by large-scale system intrusion. Moreover, during the transaction process, only the part B information stored in the background is transmitted through the network. Even if it is intercepted, it cannot be illegally used because it is not complete authentication information. Furthermore, using the terminal to complete fingerprint entry, information preprocessing, feature code extraction and feature code comparison, a series of key steps are concentrated in one point, which is conducive to better risk control.

 the

第三实施方式third embodiment

在第三实施方式中，对于利用掌形这种生物特征进行支付的方法进行说明。In the third embodiment, a payment method using a biometric feature such as a palm shape will be described.

手掌几何学是基于这样一个事实：几乎每个人的手的形状都是不同的，而且这个手的形状在人达到一定年龄之后就不再发生显著变化。当用户把他的手放在手形读取器上时，一个手的三维图像就被捕捉下来。接下来，对手指和指关节的形状和长度进行测量。Palm geometry is based on the fact that almost everyone's hand is shaped differently, and that hand shape stops changing significantly after a person reaches a certain age. When the user places his hand on the hand reader, a 3D image of the hand is captured. Next, measure the shape and length of your fingers and knuckles.

根据用来识别人的数据的不同，手形读取技术可划分为下列三种范畴：手掌的应用、手中血管的模式、以及手指的几何分析。这三种范畴到属于掌形这种生物特征的范畴。Depending on the data used to identify a person, hand shape reading technology can be divided into the following three categories: palm applications, patterns of blood vessels in the hand, and geometric analysis of fingers. These three categories belong to the category of biological characteristics such as palm shape.

下面对于本实施方式的基于掌形的IC卡支付认证方法进行具体说明。The palm-based IC card payment authentication method of this embodiment will be described in detail below.

本实施方式的基于掌形的IC卡支付认证方法，大致分为以下步骤：The palm-based IC card payment authentication method of the present embodiment is roughly divided into the following steps:

注册步骤：注册终端获取IC卡持卡人的注册掌形信息，进行预处理，提取特征码，并生成注册掌形特征码，接着，按照一定算法将该注册掌形特征码分为A部分和B部分，将A部分存储在IC卡中、将B部分存储在后台系统中；Registration steps: the registration terminal obtains the registered palm information of the IC card holder, performs preprocessing, extracts the feature code, and generates the registered palm feature code, and then divides the registered palm feature code into Part A and Part A according to a certain algorithm. For part B, store part A in the IC card, and store part B in the background system;

比对步骤：在发起交易请求后，终端将存储在后台系统中的所述B部分和存储在IC卡中的A部分组合生成暂存掌形特征码，终端获取持卡人录入的现场支付掌形信息并进行预处理、特征码提取等操作，生成现场支付掌形特征码，终端读取所述暂存掌形特征码并与所述现场支付掌形特征码进行比对；Comparison step: after initiating a transaction request, the terminal combines the part B stored in the background system with the part A stored in the IC card to generate a temporarily stored palm-shaped feature code, and the terminal obtains the on-site payment palm entered by the cardholder. Image information and perform operations such as preprocessing and feature code extraction to generate an on-site payment palm feature code, and the terminal reads the temporarily stored palm feature code and compares it with the on-site payment palm feature code;

授权步骤：在上述比对步骤的比对的结果为成功的情况下，终端将比对结果发送到后台系统，由后台系统进行授权。Authorization step: if the comparison result in the above comparison step is successful, the terminal sends the comparison result to the background system, which then authorizes.

在上述注册步骤中，按照一定算法将该注册掌形特征码分为A部分和B部分，在本发明中对“一定算法”不进行限定，可以为任意的算法。例如，最简单的可以是将注册掌形特征码一分为二，一部分作为A部分，另一部分作为B部分，也可以是将注册掌形特征码分为3份，取第1、3份作为A部分、第2份作为B部分，或者取第2份作为A部分、第1、3份作为B部分。当然，还可以采取其他各种算法进行划分，这里不一一例举。In the above registration step, the registered palm-shaped feature code is divided into part A and part B according to a certain algorithm. In the present invention, the "certain algorithm" is not limited, and it can be any algorithm. For example, the easiest way can be to divide the registered palm-shaped feature code into two parts, one part as part A and the other part as part B, or divide the registered palm-shaped feature code into three parts, and take the first and third parts as Part A, the second part as part B, or take the second part as part A, and the first and third parts as part B. Of course, various other algorithms can also be used for division, which are not listed here.

下面对于比对步骤进行详细说明。比对步骤包括依次包括下述步骤：The comparison steps are described in detail below. The comparison step comprises the following steps in turn:

步骤（a）：在进行支付时，刷卡或插卡后，终端向后台系统发起交易请求；Step (a): When making payment, after swiping or inserting the card, the terminal initiates a transaction request to the background system;

步骤（b）：后台系统根据接收到的交易请求，按照该请求中包含的IC卡的卡号信息，获取存储在该后台系统中的B部分，并向终端返回应答；Step (b): According to the received transaction request, the background system obtains the part B stored in the background system according to the card number information of the IC card included in the request, and returns a response to the terminal;

步骤（c）：终端将从后台系统获得的所述B部分写入IC卡，由IC卡将B部分和存储在IC卡中的A部分组合并且构成一个暂存掌形特征码，将该暂存掌形特征码暂存于IC卡中；Step (c): The terminal writes the part B obtained from the background system into the IC card, and the IC card combines the part B and the part A stored in the IC card to form a temporary palm-shaped feature code, and the temporary Store the palm-shaped feature code temporarily in the IC card;

步骤（d）：终端获取持卡人的现场的支付掌形信息，并对其进行预处理，提取特征码，由此并生成现场支付掌形特征码；Step (d): The terminal obtains the on-site payment palm information of the cardholder, preprocesses it, extracts the feature code, and generates an on-site payment palm feature code;

步骤（e）：终端读取上述暂存掌形特征码并与上述现场支付掌形特征码进行比对；Step (e): The terminal reads the temporarily stored palm-shaped feature code and compares it with the above-mentioned on-site payment palm-shaped feature code;

步骤（f）：终端将所述IC卡中暂存的暂存掌形特征码删除。Step (f): The terminal deletes the temporary palm-shaped feature code temporarily stored in the IC card.

在授权步骤中，若在比对步骤中比对成功，则终端将比对结果发送到后台系统，可由后台系统进行授权处理；若在比对步骤中比对不成功，则终端直接拒绝支付。In the authorization step, if the comparison is successful in the comparison step, the terminal will send the comparison result to the background system, and the background system can perform authorization processing; if the comparison is unsuccessful in the comparison step, the terminal will directly refuse to pay.

利用本实施方式的基于掌形的IC卡支付认证方法，通过将掌形信息分成A部分和B部分，并且分别在IC卡中保存A部分、在后台系统中保存B部分，由此能够避免后台系统留存敏感信息导致大规模系统入侵带来的安全隐患。而且，交易过程中，通过网络传输的只有后台存储的B部分信息，即使被截取，由于不是完整的认证信息，也无法被非法利用。再者，利用终端完成掌形录入、信息预处理、特征码提取和特征码比对，将一系列关键步骤集中为一点，有利于更好地进行风险控制。Using the palm-based IC card payment authentication method of this embodiment, by dividing the palm information into part A and part B, and saving part A in the IC card and part B in the background system respectively, the background system can be avoided. Retaining sensitive information in the system leads to security risks caused by large-scale system intrusion. Moreover, during the transaction process, only the part B information stored in the background is transmitted through the network. Even if it is intercepted, it cannot be illegally used because it is not complete authentication information. Furthermore, using the terminal to complete palm entry, information preprocessing, feature code extraction and feature code comparison, a series of key steps are concentrated in one point, which is conducive to better risk control.

 the

第四实施方式Fourth Embodiment

在第四实施方式中，对于利用虹膜这种生物特征进行支付的方法进行说明。In the fourth embodiment, a payment method using a biometric feature called the iris will be described.

分析眼睛的复杂和独特特征的生物识别技术被划分为两个不同的领域：虹膜识别技术和角膜识别技术。虹膜是环绕着瞳孔的一层有色的细胞组织。虹膜辨识系统使用一台摄像机来捕捉样本，然后由软件来对所得数据与储存的模板进行比较。角膜是眼睛底部的血液细胞层。角膜扫描的进行是用低密度的红外线去捕捉角膜的独特特征。我们所知的位于角膜中心的区域被扫描，血液细胞的唯一模式 就因此被捕捉下来。角膜识别技术最初被认为是最好的生物识别。然而，尽管它有着高度的准确性，但角膜扫描仪要求被扫描者在它读取角膜信息时直立不动。眼睛和角膜扫描仪对于目盲者和眼睛疾患者的人是无效的。因此，它很难获得终端用户的普遍接受。Biometric technology, which analyzes the complex and unique characteristics of the eye, is divided into two distinct areas: iris recognition technology and corneal recognition technology. The iris is the colored layer of tissue that surrounds the pupil. Iris recognition systems use a camera to capture samples, and software compares the resulting data to stored templates. The cornea is the layer of blood cells at the bottom of the eye. A corneal scan is performed using low-intensity infrared light to capture the unique features of the cornea. The area we know to be in the center of the cornea is scanned, and a unique pattern of blood cells is thus captured. Corneal recognition technology was initially considered the best biometric. However, despite its high degree of accuracy, the corneal scanner requires the person being scanned to stand still while it reads the cornea. Eye and corneal scanners are not effective for the blind and people with eye problems. Therefore, it is difficult to gain general acceptance by end users.

与此相对，虹膜识别技术已经被广泛使用。由于每个一个虹膜都包含一个独一无二的基于像冠、水晶体、细丝、斑点、结构、凹点、射线、皱纹和条纹等特征的结构，几乎没有任何两个虹膜是一样的。虹膜识别技术是利用虹膜终身不变性和差异性的特点来识别身份的，虹膜识别技术与相应的算法结合后，可以达到十分优异的精确度。In contrast, iris recognition technology has been widely used. Since each iris contains a unique structure based on features like crowns, crystals, filaments, spots, structures, pits, rays, wrinkles and stripes, hardly any two irises are alike. Iris recognition technology uses the lifelong invariance and variability of iris to identify identities. After iris recognition technology is combined with corresponding algorithms, it can achieve excellent accuracy.

下面对于本实施方式的基于虹膜的IC卡支付认证方法进行具体说明。The iris-based IC card payment authentication method of this embodiment will be specifically described below.

本实施方式的基于虹膜的IC卡支付认证方法，大致分为以下步骤：The iris-based IC card payment authentication method of the present embodiment is roughly divided into the following steps:

注册步骤：注册终端通过例如摄像机等获取IC卡持卡人的注册虹膜信息，进行预处理，提取特征码，并生成注册虹膜特征码，接着，按照一定算法将该注册虹膜特征码分为A部分和B部分，将A部分存储在IC卡中、将B部分存储在后台系统中；Registration steps: the registration terminal obtains the registered iris information of the IC card holder through a camera, etc., performs preprocessing, extracts the feature code, and generates the registered iris feature code, and then divides the registered iris feature code into A part according to a certain algorithm and part B, storing part A in the IC card and storing part B in the background system;

比对步骤：在发起交易请求后，终端将存储在后台系统中的所述B部分和存储在IC卡中的A部分组合生成暂存虹膜特征码，终端获取持卡人录入的现场支付虹膜信息并进行预处理、特征码提取等操作，生成现场支付虹膜特征码，终端读取所述暂存虹膜特征码并与所述现场支付虹膜特征码进行比对；Comparison step: After initiating the transaction request, the terminal combines the part B stored in the background system with the part A stored in the IC card to generate a temporary iris feature code, and the terminal obtains the on-site payment iris information entered by the cardholder And perform operations such as preprocessing and feature code extraction to generate on-site payment iris feature codes, and the terminal reads the temporarily stored iris feature codes and compares them with the on-site payment iris feature codes;

授权步骤：在上述比对步骤的比对的结果为成功的情况下，终端将比对结果发送到后台系统，由后台系统进行授权。Authorization step: if the comparison result in the above comparison step is successful, the terminal sends the comparison result to the background system, which then authorizes.

在上述注册步骤中，按照一定算法将该注册虹膜特征码分为A部分和B部分，在本发明中对“一定算法”不进行限定，可以为任意的算法。例如，最简单的可以是将注册虹膜特征码一分为二，一部分作为A部分，另一部分作为B部分，也可以是将注册虹膜特征码分为3份，取第1、3份作为A部分、第2份作为B部分，或者取第2份作为A部分、第1、3份作为B部分。当然，还可以采取其他各种算法进行划分，这里不一一例举。In the above registration step, the registered iris feature code is divided into part A and part B according to a certain algorithm. In the present invention, the "certain algorithm" is not limited and can be any algorithm. For example, the easiest way is to divide the registered iris feature code into two parts, one part as part A and the other part as part B, or divide the registered iris feature code into three parts, and take the first and third parts as part A , the second part as part B, or take the second part as part A, and the first and third parts as part B. Of course, various other algorithms can also be used for division, which are not listed here.

下面对于比对步骤进行详细说明。比对步骤包括依次包括下述步骤：The comparison steps are described in detail below. The comparison step comprises the following steps in turn:

步骤（a）：在进行支付时，刷卡或插卡后，终端向后台系统发起交易请求；Step (a): When making payment, after swiping or inserting the card, the terminal initiates a transaction request to the background system;

步骤（b）：后台系统根据接收到的交易请求，按照该请求中包含的IC卡的卡号信息，获取存储在该后台系统中的B部分，并向终端返回应答；Step (b): According to the received transaction request, the background system obtains the part B stored in the background system according to the card number information of the IC card included in the request, and returns a response to the terminal;

步骤（c）：终端将从后台系统获得的所述B部分写入IC卡，由IC卡将B部分和存储在IC卡中的A部分组合并且构成一个暂存虹膜特征码，将该暂存虹膜特征码暂存于IC卡中；Step (c): The terminal writes the part B obtained from the background system into the IC card, and the IC card combines the part B and the part A stored in the IC card to form a temporary iris feature code, which is temporarily stored The iris feature code is temporarily stored in the IC card;

步骤（d）：终端利用摄像机等获取持卡人的现场的支付虹膜信息，并对其进行预处理，提取特征码，由此并生成现场支付虹膜特征码；Step (d): The terminal uses a camera to obtain the on-site payment iris information of the cardholder, and preprocesses it to extract the feature code, thereby generating the on-site payment iris feature code;

步骤（e）：终端读取上述暂存虹膜特征码并与上述现场支付虹膜特征码进行比对；Step (e): The terminal reads the temporarily stored iris feature code and compares it with the above on-site payment iris feature code;

步骤（f）：终端将所述IC卡中暂存的暂存虹膜特征码删除。Step (f): The terminal deletes the temporary iris feature code temporarily stored in the IC card.

在授权步骤中，若在比对步骤中比对成功，则终端将比对结果发送到后台系统，可由后台系统进行授权处理；若在比对步骤中比对不成功，则终端直接拒绝支付。In the authorization step, if the comparison is successful in the comparison step, the terminal will send the comparison result to the background system, and the background system can perform authorization processing; if the comparison is unsuccessful in the comparison step, the terminal will directly refuse to pay.

利用本实施方式的基于虹膜的IC卡支付认证方法，通过将虹膜信息分成A部分和B部分，并且分别在IC卡中保存A部分、在后台系统中保存B部分，由此能够避免后台系统留存敏感信息导致大规模系统入侵带来的安全隐患。而且，交易过程中，通过网络传输的只有后台存储的B部分信息，即使被截取，由于不是完整的认证信息，也无法被非法利用。再者，利用终端完成虹膜录入、信息预处理、特征码提取和特征码比对，将一系列关键步骤集中为一点，有利于更好地进行风险控制。Using the iris-based IC card payment authentication method of this embodiment, by dividing the iris information into part A and part B, and saving part A in the IC card and part B in the background system respectively, it is possible to avoid retention in the background system Sensitive information leads to security risks caused by large-scale system intrusion. Moreover, during the transaction process, only the part B information stored in the background is transmitted through the network. Even if it is intercepted, it cannot be illegally used because it is not complete authentication information. Furthermore, using the terminal to complete iris input, information preprocessing, feature code extraction and feature code comparison, a series of key steps are concentrated in one point, which is conducive to better risk control.

 the

第五实施方式Fifth Embodiment

在第五实施方式中，对于利用面部图像这种生物特征进行支付的方法进行说明。In the fifth embodiment, a payment method using biometric features such as facial images will be described.

面部识别系统通过分析脸部特征的唯一形状、模式和位置来辨识人。基本上有两个方法来处理数据：摄像机和热量绘图。标准摄像技术是建立在由摄像机捕捉到的脸部图像上，热量绘图技术分析皮肤下的血管热量发生模式。Facial recognition systems identify people by analyzing the unique shape, pattern and position of facial features. There are basically two ways to process the data: camera and thermal mapping. While standard camera techniques are based on images of the face captured by cameras, thermal mapping techniques analyze the patterns of heat generation in blood vessels under the skin.

下面对于本实施方式的基于面部图像的IC卡支付认证方法进行具体说明。The facial image-based IC card payment authentication method of this embodiment will be described in detail below.

本实施方式的基于面部图像的IC卡支付认证方法，大致分为以下步骤：The IC card payment authentication method based on facial images of the present embodiment is roughly divided into the following steps:

注册步骤：注册终端通过例如摄像机等获取IC卡持卡人的注册面部图像信息，进行预处理，提取特征码，并生成注册面部图像特征码，接着，按照一定算法将该注册面部图像特征码分为A部分和B部分，将A部分存储在IC卡中、将B部分存储在后台系统中；Registration steps: the registration terminal obtains the registered facial image information of the IC card holder through a camera, etc., performs preprocessing, extracts the feature code, and generates the registered facial image feature code, and then divides the registered facial image feature code according to a certain algorithm. For part A and part B, store part A in the IC card and store part B in the background system;

比对步骤：在发起交易请求后，终端将存储在后台系统中的所述B部分和存储在IC卡中的A部分组合生成暂存面部图像特征码，终端获取持卡人录入的现场支付面部图像信息并进行预处理、特征码提取等操作，生成现场支付面部图像特征码，终端读取所述暂存面部图像特征码并与所述现场支付面部图像特征码进行比对；Comparison step: After initiating the transaction request, the terminal combines the part B stored in the background system with the part A stored in the IC card to generate a temporary facial image feature code, and the terminal obtains the on-site payment face entered by the cardholder Image information and perform operations such as preprocessing and feature code extraction to generate on-site payment facial image feature codes, and the terminal reads the temporarily stored facial image feature codes and compares them with the on-site payment facial image feature codes;

授权步骤：在上述比对步骤的比对的结果为成功的情况下，终端将比对结果发送到后台系统，由后台系统进行授权。Authorization step: if the comparison result in the above comparison step is successful, the terminal sends the comparison result to the background system, which then authorizes.

在上述注册步骤中，按照一定算法将该注册面部图像特征码分为A部分和B部分，在本发明中对“一定算法”不进行限定，可以为任意的算法。例如，最简单的可以是将注册面部图像特征码一分为二，一部分作为A部分，另一部分作为B部分，也可以是将注册面部图像特征码分为3份，取第1、3份作为A部分、第2份作为B部分，或者取第2份作为A部分、第1、3份作为B部分。当然，还可以采取其他各种算法进行划分，这里不一一例举。In the above-mentioned registration step, the registered facial image feature code is divided into part A and part B according to a certain algorithm, and the "certain algorithm" is not limited in the present invention, and can be any algorithm. For example, the easiest way can be to divide the registered facial image feature code into two parts, one part as part A, and the other part as part B, or divide the registered facial image feature code into three parts, and take the first and third parts as Part A, the second part as part B, or take the second part as part A, and the first and third parts as part B. Of course, various other algorithms can also be used for division, which are not listed here.

下面对于比对步骤进行详细说明。比对步骤包括依次包括下述步骤：The comparison steps are described in detail below. The comparison step comprises the following steps in turn:

步骤（a）：在进行支付时，刷卡或插卡后，终端向后台系统发起交易请求；Step (a): When making payment, after swiping or inserting the card, the terminal initiates a transaction request to the background system;

步骤（b）：后台系统根据接收到的交易请求，按照该请求中包含的IC卡的卡号信息，获取存储在该后台系统中的B部分，并向终端返回应答；Step (b): According to the received transaction request, the background system obtains the part B stored in the background system according to the card number information of the IC card contained in the request, and returns a response to the terminal;

步骤（c）：终端将从后台系统获得的所述B部分写入IC卡，由IC卡将B部分和存储在IC卡中的A部分组合并且构成一个暂存面部图像特征码，将该暂存面部图像特征码暂存于IC卡中；Step (c): The terminal writes the part B obtained from the background system into the IC card, and the IC card combines the part B and the part A stored in the IC card to form a temporary facial image feature code, and the temporary Save the facial image feature code temporarily in the IC card;

步骤（d）：终端利用摄像机等获取持卡人的现场的支付面部图像信息，并对其进行预处理，提取特征码，由此并生成现场支付面部图像特征码；Step (d): The terminal obtains the on-site payment facial image information of the cardholder by using a camera, etc., and preprocesses it to extract the feature code, thereby generating the on-site payment facial image feature code;

步骤（e）：终端读取上述暂存面部图像特征码并与上述现场支付面部图像特征码进行比对；Step (e): The terminal reads the above temporary facial image feature code and compares it with the above on-site payment facial image feature code;

步骤（f）：终端将所述IC卡中暂存的暂存面部图像特征码删除。Step (f): The terminal deletes the temporary facial image feature code temporarily stored in the IC card.

在授权步骤中，若在比对步骤中比对成功，则终端将比对结果发送到后台系统，可由后台系统进行授权处理；若在比对步骤中比对不成功，则终端直接拒绝支付。In the authorization step, if the comparison is successful in the comparison step, the terminal will send the comparison result to the background system, and the background system can perform authorization processing; if the comparison is unsuccessful in the comparison step, the terminal will directly refuse to pay.

利用本实施方式的基于面部图像的IC卡支付认证方法，通过将面部图像信息分成A部分和B部分，并且分别在IC卡中保存A部分、在后台系统中保存B部分，由此能够避免后台系统留存敏感信息导致大规模系统入侵带来的安全隐患。而且，交易过程中，通过网络传输的只有后台存储的B部分信息，即使被截取，由于不是完整的认证信息，也无法被非法利用。再者，利用终端完成面部图像录入、信息预处理、特征码提取和特征码比对，将一系列关键步骤集中为一点，有利于更好地进行风险控制。Using the facial image-based IC card payment authentication method of this embodiment, by dividing the facial image information into part A and part B, and saving part A in the IC card and part B in the background system respectively, the background system can be avoided. Retaining sensitive information in the system leads to security risks caused by large-scale system intrusion. Moreover, during the transaction process, only the part B information stored in the background is transmitted through the network. Even if it is intercepted, it cannot be illegally used because it is not complete authentication information. Furthermore, using the terminal to complete facial image entry, information preprocessing, feature code extraction and feature code comparison, a series of key steps are concentrated in one point, which is conducive to better risk control.

 the

第六实施方式Sixth Embodiment

在第六实施方式中，对于利用声音这种生物特征进行支付的方法进行说明。In the sixth embodiment, a payment method using biological characteristics such as voice will be described.

声音识别是通过识别设备不断地测量、记录声音的波形和变化。声音识别基于将现场采集到的声音与预先登记过的声音模板进行精确地比对、匹配。Sound recognition is to continuously measure and record the waveform and changes of sound through recognition equipment. Sound recognition is based on the precise comparison and matching of the sounds collected on-site with the pre-registered sound templates.

下面对于本实施方式的基于声音的IC卡支付认证方法进行具体说明。The voice-based IC card payment authentication method of this embodiment will be described in detail below.

本实施方式的基于声音的IC卡支付认证方法，大致分为以下步骤：The sound-based IC card payment authentication method of the present embodiment is roughly divided into the following steps:

注册步骤：注册终端通过例如麦克风等获取IC卡持卡人的注册声音信息，进行预处理，提取特征码，并生成注册声音特征码，接着，按照一定算法将该注册声音特征码分为A部分和B部分，将A部分存储在IC卡中、将B部分存储在后台系统中；Registration steps: the registration terminal obtains the registration voice information of the IC card holder through a microphone, etc., performs preprocessing, extracts the signature code, and generates the registration voice signature code, and then divides the registration voice signature code into A part according to a certain algorithm and part B, storing part A in the IC card and storing part B in the background system;

比对步骤：在发起交易请求后，终端将存储在后台系统中的所述B部分和存储在IC卡中的A部分组合生成暂存声音特征码，终端获取持卡人录入的现场支付声音信息并进行预处理、特征码提取等操作，生成现场支付声音特征码，终端读取所述暂存声音特征码并与所述现场支付声音特征码进行比对；Comparison step: after the transaction request is initiated, the terminal combines the part B stored in the background system with the part A stored in the IC card to generate a temporary voice feature code, and the terminal obtains the on-site payment voice information entered by the cardholder And perform preprocessing, feature code extraction and other operations to generate on-site payment voice feature codes, and the terminal reads the temporarily stored voice feature codes and compares them with the on-site payment voice feature codes;

授权步骤：在上述比对步骤的比对的结果为成功的情况下，终端将比对结果发送到后台系统，由后台系统进行授权。Authorization step: if the comparison result in the above comparison step is successful, the terminal sends the comparison result to the background system, which then authorizes.

在上述注册步骤中，按照一定算法将该注册声音特征码分为A部分和B部分，在本发明中对“一定算法”不进行限定，可以为任意的算法。例如，最简单的可以是将注册声音特征码一分为二，一部分作为A部分，另一部分作为B部分，也可以是将注册声音特征码分为3份，取第1、3份作为A部分、第2份作为B部分，或者取第2份作为A部分、第1、3份作为B部分。当然，还可以采取其他各种算法进行划分，这里不一一例举。In the above registration step, the registered voice feature code is divided into part A and part B according to a certain algorithm. In the present invention, the "certain algorithm" is not limited and can be any algorithm. For example, the easiest way can be to divide the registered voice feature code into two parts, one part as part A and the other part as part B, or divide the registered voice feature code into three parts, and take the first and third part as part A , the second part as part B, or take the second part as part A, and the first and third parts as part B. Of course, various other algorithms can also be used for division, which are not listed here.

下面对于比对步骤进行详细说明。比对步骤包括依次包括下述步骤：The comparison steps are described in detail below. The comparison step comprises the following steps in turn:

步骤（a）：在进行支付时，刷卡或插卡后，终端向后台系统发起交易请求；Step (a): When making payment, after swiping or inserting the card, the terminal initiates a transaction request to the background system;

步骤（b）：后台系统根据接收到的交易请求，按照该请求中包含的IC卡的卡号信息，获取存储在该后台系统中的B部分，并向终端返回应答；Step (b): According to the received transaction request, the background system obtains the part B stored in the background system according to the card number information of the IC card included in the request, and returns a response to the terminal;

步骤（c）：终端将从后台系统获得的所述B部分写入IC卡，由IC卡将B部分和存储在IC卡中的A部分组合并且构成一个暂存声音特征码，将该暂存声音特征码暂存于IC卡中；Step (c): The terminal writes the B part obtained from the background system into the IC card, and the IC card combines the B part and the A part stored in the IC card to form a temporary sound feature code, and the temporary storage The sound feature code is temporarily stored in the IC card;

步骤（d）：终端利用麦克风等获取持卡人的现场的支付声音信息，并对其进行预处理，提取特征码，由此并生成现场支付声音特征码；Step (d): The terminal uses a microphone to obtain the on-site payment voice information of the cardholder, and preprocesses it, extracts the feature code, and generates an on-site payment voice feature code;

步骤（e）：终端读取上述暂存声音特征码并与上述现场支付声音特征码进行比对；Step (e): The terminal reads the above temporarily stored voice feature code and compares it with the above on-site payment voice feature code;

步骤（f）：终端将所述IC卡中暂存的暂存声音特征码删除。Step (f): The terminal deletes the temporary sound feature code temporarily stored in the IC card.

在授权步骤中，若在比对步骤中比对成功，则终端将比对结果发送到后台系统，可由后台系统进行授权处理；若在比对步骤中比对不成功，则终端直接拒绝支付。In the authorization step, if the comparison is successful in the comparison step, the terminal will send the comparison result to the background system, and the background system can perform authorization processing; if the comparison is unsuccessful in the comparison step, the terminal will directly refuse to pay.

利用本实施方式的基于声音的IC卡支付认证方法，通过将声音信息分成A部分和B部分，并且分别在IC卡中保存A部分、在后台系统中保存B部分，由此能够避免后台系统留存敏感信息导致大规模系统入侵带来的安全隐患。而且，交易过程中，通过网络传输的只有后台存储的B部分信息，即使被截取，由于不是完整的认证信息，也无法被非法利用。再者，利用终端完成声音录入、信息预处理、特征码提取和特征码比对，将一系列关键步骤集中为一点，有利于更好地进行风险控制。Using the sound-based IC card payment authentication method of this embodiment, by dividing the sound information into part A and part B, and saving part A in the IC card and part B in the background system respectively, it is possible to avoid retention in the background system Sensitive information leads to security risks caused by large-scale system intrusion. Moreover, during the transaction process, only the part B information stored in the background is transmitted through the network. Even if it is intercepted, it cannot be illegally used because it is not complete authentication information. Furthermore, using the terminal to complete voice input, information preprocessing, feature code extraction and feature code comparison, a series of key steps are concentrated in one point, which is conducive to better risk control.

以上例子主要说明了本发明的基于指静脉、指纹、掌形、虹膜、面部图像、声音的IC卡支付认证方法。尽管只对其中一些本发明的具体实施方式进行了描述，但是本领域普通技术人员应当了解，本发明可以在不偏离其主旨与范围内以许多其他的形式实施。因此，所展示的例子与实施方式被视为示意性的而非限制性的，在不脱离如所附各权利要求所定义的本发明精神及范围的情况下，本发明可能涵盖各种的修改与替换。 The above examples mainly illustrate the IC card payment authentication method based on finger veins, fingerprints, palm shapes, iris, facial images and voices of the present invention. Although only some specific embodiments of the present invention have been described, those skilled in the art should understand that the present invention can be implemented in many other forms without departing from the spirit and scope thereof. The examples and embodiments shown are therefore to be regarded as illustrative and not restrictive, and the invention may cover various modifications without departing from the spirit and scope of the invention as defined in the appended claims with replace. the

Claims (10)

1. the IC-card payment authentication method based on referring to vein, is characterized in that, comprising:

Registration step, the registration that terminal is obtained IC-card holder refers to venous information and generates registration refer to vein pattern code, and described registration is referred to vein pattern code is divided into A Partial Feature code and B Partial Feature code and described A Partial Feature code is stored in IC-card, described B Partial Feature code is stored in background system;

Comparison step, terminal generates the temporary vein pattern code that refers to by the A Partial Feature code combination that is stored in the described B Partial Feature code in background system and be stored in described IC-card after initiating transaction request, the on-site payment that terminal is obtained holder's typing refers to venous information and generates on-site payment refer to vein pattern code, and terminal reads described temporary finger vein pattern code and refers to that with described on-site payment vein pattern code compares;

Authorisation step, is that in successful situation, terminal sends to background system by comparison result in the result of the comparison of above-mentioned comparison step, by background system, is authorized.

2. the payment authentication method based on referring to vein as claimed in claim 1, is characterized in that, comprising:

In described comparison step, after reading described temporary finger vein pattern code, delete described temporary finger vein pattern code.

3. the payment authentication method based on referring to vein as claimed in claim 2, is characterized in that,

Described comparison step comprises successively:

Step (a): swipe the card or plug-in card after terminal initiate transaction request to background system;

Step (b): return to by background system the described B Partial Feature code being stored in background system according to the card number information of IC-card;

Step (c): terminal writes IC-card by the described B Partial Feature code obtaining from background system,, is temporary in described temporary finger vein pattern code in IC-card by B Partial Feature code and A Partial Feature code combination and form described temporary finger vein pattern code by IC-card;

Step (d): the payment that terminal is obtained holder refers to venous information and generate to pay refer to vein pattern code;

Step (e): read described temporary finger vein pattern code and with described, described on-site payment is referred to vein pattern code compares;

Step (f): delete temporary finger vein pattern code temporary in described IC-card.

4. the payment authentication method based on referring to vein as claimed in claim 3, is characterized in that,

In described authorisation step, if compare unsuccessfully in described comparison step, terminal is directly refused to pay.

5.. the payment authentication method based on referring to vein as claimed in claim 4, is characterized in that,

In described registration step, by holder registration being referred to venous information, carry out pre-service and extract condition code generating registration and referring to vein pattern code, in described step (d), terminal generates to pay and refers to vein pattern code by holder's payment being referred to venous information and carry out pre-service and extracting condition code.

6. the IC-card payment authentication method based on fingerprint, is characterized in that, comprising:

Registration step, terminal is obtained IC-card holder's registering fingerprint information and is generated registered fingerprint condition code, and described registered fingerprint condition code is divided into A Partial Feature code and B Partial Feature code and described A Partial Feature code is stored in IC-card, described B Partial Feature code is stored in background system;

Comparison step, after initiating transaction request, terminal generates temporary fingerprint character code by the A Partial Feature code combination that is stored in the described B Partial Feature code in background system and be stored in described IC-card, terminal is obtained the on-site payment finger print information of holder's typing and is generated on-site payment fingerprint character code, and terminal reads described temporary fingerprint character code and compares with described on-site payment fingerprint character code;

Authorisation step, is that in successful situation, terminal sends to background system by comparison result in the result of the comparison of above-mentioned comparison step, by background system, is authorized.

7. the IC-card payment authentication method based on palm shape, is characterized in that, comprising:

Registration step, terminal is obtained IC-card holder's registration palm shape information and is generated registration palm shape condition code, and described registration palm shape condition code is divided into A Partial Feature code and B Partial Feature code and described A Partial Feature code is stored in IC-card, described B Partial Feature code is stored in background system;

Comparison step, after initiating transaction request, terminal generates temporary palm shape condition code by the A Partial Feature code combination that is stored in the described B Partial Feature code in background system and be stored in described IC-card, terminal is obtained the on-site payment palm shape information of holder's typing and is generated on-site payment palm shape condition code, and terminal reads described temporary palm shape condition code and compares with described on-site payment palm shape condition code;

Authorisation step, is that in successful situation, terminal sends to background system by comparison result in the result of the comparison of above-mentioned comparison step, by background system, is authorized.

8. the IC-card payment authentication method based on iris, is characterized in that, comprising:

Registration step, terminal is obtained IC-card holder's registration iris information and is generated registration iris feature code, and described registration iris feature code is divided into A Partial Feature code and B Partial Feature code and described A Partial Feature code is stored in IC-card, described B Partial Feature code is stored in background system;

Comparison step, after initiating transaction request, terminal generates temporary iris feature code by the A Partial Feature code combination that is stored in the described B Partial Feature code in background system and be stored in described IC-card, terminal is obtained the on-site payment iris information of holder's typing and is generated on-site payment iris feature code, and terminal reads described temporary iris feature code and compares with described on-site payment iris feature code;

Result in the comparison of above-mentioned comparison step is that in successful situation, terminal sends to background system by comparison result, by background system, is authorized.

9. the IC-card payment authentication method based on face-image, is characterized in that, comprising:

Registration step, terminal is obtained IC-card holder's registration facial image information and is generated registration face-image condition code, and described registration face-image condition code is divided into A Partial Feature code and B Partial Feature code and described A Partial Feature code is stored in IC-card, described B Partial Feature code is stored in background system;

Comparison step, after initiating transaction request, terminal generates temporary face-image condition code by the A Partial Feature code combination that is stored in the described B Partial Feature code in background system and be stored in described IC-card, terminal is obtained the on-site payment facial image information of holder's typing and is generated on-site payment face-image condition code, and terminal reads described temporary face-image condition code and compares with described on-site payment face-image condition code;

Result in the comparison of above-mentioned comparison step is that in successful situation, terminal sends to background system by comparison result, by background system, is authorized.

10. the IC-card payment authentication method based on sound, is characterized in that, comprising:

Registration step, terminal is obtained IC-card holder's registration acoustic information and is generated registration sound characteristic code, and described registration sound characteristic code is divided into A Partial Feature code and B Partial Feature code and described A Partial Feature code is stored in IC-card, described B Partial Feature code is stored in background system;

Comparison step, after initiating transaction request, terminal generates temporary sound characteristic code by the A Partial Feature code combination that is stored in the described B Partial Feature code in background system and be stored in described IC-card, terminal is obtained the on-site payment acoustic information of holder's typing and is generated on-site payment sound characteristic code, and terminal reads described temporary sound characteristic code and compares with described on-site payment sound characteristic code;

Result in the comparison of above-mentioned comparison step is that in successful situation, terminal sends to background system by comparison result, by background system, is authorized.

Images