Summary of the invention
For the technical matters existing in prior art, the object of the present invention is to provide a kind of safe payment method of visual fiscard, can well solve forgery Transaction Information, the safety problem of input PIN code or payment cipher.
Because visual fiscard includes display screen and keyboard, can complete transaction data and show, the function of input password, and its NFC ability to communicate of also comprising, by these abilities and the combination of existing fiscard standard, can realize safer method of payment.
The present invention by increasing POS software in a card in visual fiscard, use keyboard and display on card, carry out menu setecting and input information, by financial calliper model, call financial card application, while needing, user identity is authenticated to (input of PIN or associated cryptographic); By NFC and exterior terminal communication, exterior terminal, as Correspondent, is set up communication link between POS and its institutional affiliation in card, completes the communication of Transaction Information.
Or: in financial card application, increase the buffer memory to transaction data, allow visual finance in transaction to leave POS, show transaction main information (as dealing money), and allow holder to input after PIN or payment cipher on card, reconnect POS and complete transaction.
Technical scheme of the present invention is:
A safe payment method for visual fiscard, POS program in visual fiscard internal card, the steps include:
1) visual fiscard is set to the interior POS duty of card, when visual fiscard contains a plurality of card application or a plurality of account, first selects to participate in card application or the account of this transaction, then sets up data with exterior terminal and is connected;
2) in card, POS program provides the card application of participating in business or the information of account to this exterior terminal, and this exterior terminal provides ability information own to POS in card; When this exterior terminal is initiated transaction, to POS in card, provide the Transaction Information of this terminal;
3) in this card, POS verifies this exterior terminal ability, while confirming to meet transactions demand, the interior POS of this card calls this card application and pays, then returning results of this card application is encapsulated as to payment request information, by this exterior terminal, be transmitted to POS institutional affiliation in this card, the interior POS institutional affiliation of card is submitted to card application institutional affiliation and is carried out transaction processing;
4) in this card, the card sending mechanism of POS institutional affiliation and the application of this card is transmitted to POS in this card by processing result information by this exterior terminal.
Further, comprise a plurality of card application in described visual fiscard, in card, POS provides menu, allows holder first select to participate in the card application of this transaction.
Further, described step 3) in, to confirm to meet after transactions demand, in this card, POS generates transaction verification request by this Transaction Information, then by this exterior terminal, is transmitted to POS institutional affiliation in this card; After POS institutional affiliation is verified this Transaction Information according to this transaction verification request in this card, this Transaction Information and authorization information are returned to POS in this card by this exterior terminal; POS is used Transaction Information and authorization information described in the certification authentication of the interior POS institutional affiliation of this preset card in this card, and Transaction Information and authorization information are shown to holder; After holder confirms, the interior POS of this card calls this card application and pays.
Further, holder confirms by PIN password or the payment cipher of the keyboard input of this visual fiscard.
Further, described step 3) in, if when this exterior terminal is transaction one side, exterior terminal connects POS institutional affiliation in described card by its institutional affiliation, sets up logic communication channel; While transmitting this transaction verification request, this exterior terminal institutional affiliation carries out authentication to this exterior terminal; Authentication by after by this exterior terminal institutional affiliation, this transaction verification request and exterior terminal authentication information are transmitted to POS institutional affiliation in this card; Wherein, there is trusting relationship in this exterior terminal institutional affiliation and Ka Nei POS institutional affiliation.
Further, described step 2), in, the menu setecting by POS in this card is also inputted data and is generated Transaction Information, or obtains described Transaction Information by inputting described Transaction Information and send it to POS in this card on this exterior terminal.
Further, described data are connected to NFC P2P connection.
A safe payment method for visual fiscard is comprised of financial card application and man-card interactive program on fiscard, the steps include:
1) visual fiscard and terminal connect, and this terminal sends to this visual fiscard to carry out buffer memory transaction data;
2) man-card interactive program is shown to holder by buffer memory transaction data, receives after the confirmation by this visual fiscard input while needing, and financial card application is used built-in private key to complete this transaction data of buffer memory is encrypted or is signed;
3) this visual fiscard sends to this terminal by this encryption or signed data;
4) this terminal sends to this encryption or signed data the card sending mechanism of this visual fiscard;
5) this card sending mechanism utilizes the PKI of this visual fiscard to verify this encryption or signed data, if the verification passes, complete transaction return message to this terminal, otherwise refusal transaction return message is given this terminal;
6) this terminal sends to this visual fiscard by the return message of receiving;
Wherein, the PKI of the preset card sending mechanism of visual fiscard and visible card private key, card sending mechanism is preserved the private key of oneself and the PKI of visual fiscard.
Further, the first described confirmation to be entered such as after it shows the set information in this transaction data of screen display of this visual fiscard.
Further, described confirmation is PIN password or the payment cipher of the keyboard input by this visual fiscard.
Further, step 2) in, this visual fiscard receives described confirmation after being connected with this terminal turn-off data.
Prior art is compared, the application's technological merit:
1, improved security, user can thoroughly believe the visual fiscard of card sending mechanism (as bank), without relying on safe beneficiary equipment.
2, can be in non-security payment environment, secure payment.
Embodiment
Think that user holder uses visual fiscard to pay as example, illustrates flow process of the present invention below on POS:
In the Back ground Information of visual fiscard, can increase authentication mode, use card upper keyboard input PIN.
Terminal, according to the authentication mode of visual fiscard, while having selected holder to authenticate, produces challenge data (random number) or Transaction Information by terminal.
Embodiment 1:
Implementation method is: on visual fiscard, increase a proving program, financial card application needs to revise.In the Back ground Information of visual fiscard, can increase authentication mode, use card upper keyboard input PIN.
Terminal, according to the authentication mode of visual fiscard, while having selected holder to authenticate, produces challenge data (random number) or Transaction Information by terminal.
1. beneficiary is inputted the amount of money to be paid on POS;
2. after holder confirms, visual fiscard is placed in to card state (closing card power supply), card inserts the card reader slot of terminal or approaches noncontact card-reading zone (cordless); Visual fiscard works in card state;
3. terminal reads after card essential information, selects transaction data (amount of money, Currency Type, beneficiary mechanism information, terminal identifier etc.) to send to visual fiscard, and visual fiscard saves the data in storer;
4. holder takes card from terminal, and opens the power switch of visual fiscard, and accesses trade confirmation state by keyboard.The transaction main information (as payment) that holder preserves check step 3 on visual fiscard in, and on card, input PIN code or payment cipher; The program of visual fiscard is used the built-in private key of card to complete the confirmation to payment information, by agreement form, completes signature or encrypts, and is kept in internal memory;
5. holder is placed in card state (closing the power supply of visual fiscard) by visual fiscard, again inserts the card into card reader slot or approaches noncontact card-reading zone;
6. terminal reads Transaction Information rreturn value and obtains the payment information that comprises card private key signature, sends to card sending mechanism;
7. card sending mechanism is used signature or decrypted transaction data in holder's public key certificate checking transaction data, confirms that holder confirms, after transaction, to complete transaction, sends announcement information to payment terminal Huo Qi mechanism, and is transmitted to visual fiscard by payment terminal.
This embodiment need to be modified to financial card application standard, and corresponding POS treatment scheme also needs to revise, and realizes larger.
Embodiment 2:
Exterior terminal is the software client of POS machine or the wireless terminal (as mobile phone, flat board) of supporting NFC and gathering mechanism.Different according to the mode paying, when terminal is beneficiary, needs and dock with card sending mechanism by its mechanism, terminal institutional affiliation verification terminal identity, and to card sending mechanism proof beneficiary identity.
In card, POS is applied in the PKI key pair that has generated the interior POS of card while generating card, and can apply for digital certificate for it.In card, POS retains private key, and card sending mechanism retains PKI or certificate.
When exterior terminal is beneficiary, particularly beneficiary is not while using finance level POS, during as NFC mobile phone+gathering mechanism client software, need to beneficiary, carry out authentication by gathering mechanism.When exterior terminal is not a side who pays, exterior terminal can directly connect card sending mechanism server, as just the Correspondent of the interior POS of card.
In card, POS relies on ability to communicate and the trading capacity of terminal, and ability to communicate refers to that terminal accepts the data that NFC transmits, and by communications protocol, data is submitted to (POS in card) given server, and the data that server is returned, and by NFC, is transmitted to the interior POS of card; Ability to communicate also comprises the ability to communicate between terminal institutional affiliation support financial institution, can and pay the transaction request of POS in card and ask send to POS institutional affiliation in card, and return to result;
Trading capacity refers to terminal institutional affiliation and Ka Nei POS institutional affiliation, the ability of concluding the business between supporting mechanism.In this programme, also comprise the information transmission of terminal institutional affiliation to terminal identity authentication; Method flow of the present invention as shown in drawings.
Exterior terminal is beneficiary, and payment process is:
1.S103 terminal pre-enters payment;
2. step S101 holder opens card power supply, and is set to the interior POS mode of operation of card by keyboard; If there is a plurality of card application or account in card, step S102 holder can select this to hand over wield card application or account;
3. card approaches terminal, the connection that in card, POS and terminal are set up NFC P2P;
4. POS and terminal interaction both sides ability in step S105 card, be confirmed whether to complete payment behavior;
5. POS notification terminal payment card information in blocking; Terminal is issued POS terminal in card by Transaction Information can dynamically change beneficiary according to Payment Card or account information, selects to pay commissions minimum mode; POS in card can be inputted and pass to Transaction Information can, by blocking the menu setecting of interior POS and inputting data, also in terminal;
6. when step S106 selects to carry out card sending mechanism risk assessment, in step S107 card, POS generates transaction information, make the interior POS private key signature of card, be packaged into the checking request that sends to POS institutional affiliation in card, send to exterior terminal request to be transmitted to POS institutional affiliation in card;
Terminal is issued terminal institutional affiliation-gathering mechanism by Transaction Information, and gathering mechanism completes after the authentication of terminal; Terminal is transmitted to POS institutional affiliation in card by checking request;
The card sending mechanism of POS is carried out safety verification to gathering mechanism in step S108 card, judges whether safety of beneficiary; After checking, card sending mechanism is signed to Transaction Information and the result, and step S109 issues gathering mechanism and is transmitted to terminal, and is connected and sent to POS in card by NFC.
7. in step S110 card, POS receives card sending mechanism Transaction Information and authorization information, and after checking card sending mechanism signature, will conclude the business main information and authorization information, be shown to user by blocking upper display;
8. after step S111 user confirms to pay, in card, POS, according to financial card application standard, calls financial card application, and when needs are inputted PIN code, user uses the input of card key dish;
9. during above-mentioned 7-8 step, card may leave terminal; While again approaching terminal, the interior POS of card re-establishes NFC P2P with terminal and is connected, and the work session before continuing.
10. in step S112 card, POS is according to financial card application return data, if card has returned to payment success identity information or online authentication information, in card, POS, by POS private key signature in above-mentioned information use card or after encrypting, sends to card sending mechanism by exterior terminal;
The online authentication information of 11. step S113 fiscard card sending mechanism checking financial card application, the Transaction Information according to POS in the payment affirmation information of fiscard and card, completes the payment of card sending mechanism and gathering mechanism.If online authentication, fiscard card sending mechanism also will generate and return to script.The acquirer of POS in card (technical, allow, on a card, a plurality of different financial card application are installed, having the interior POS of card and financial card application is not the possibility of same mechanism; General identical with the card sending mechanism of financial card application) forward, generate the payment result information to gathering mechanism.
In 12. step S114 cards, POS institutional affiliation returns to payment result information terminal institutional affiliation and is forwarded to terminal, is forwarded to POS in card.
In 13. step S115 cards, POS receives after payment result and return message, if comprise card base originally, fiscard standard is installed script is issued to financial card application.
Embodiment 3:
By POS in card, generated the method for transaction, as used debit card to complete the transaction to credit card repayment, flow process is as follows:
1. step S101 holder opens card power supply, and is set to the interior POS mode of operation of card by keyboard; If there is a plurality of card application or account in card, step S102 holder can select this to hand over wield card application or account;
2. step S103, POS menu in holder's selection card; Step 201, holder's choice menus function is also inputted desired data.
3. card approaches terminal, the connection that in card, POS and terminal are set up NFC P2P;
4. step S202, the ability information of POS receiving terminal in card, judge whether terminal supports the ability to communicate of exchange's need;
5. step S203, blocks interior POS and generates transaction, and when calling card application, in the time of need to inputting PIN or password, holder can input by blocking upper keyboard.
6. step S204, blocks interior POS and sends the data to terminal, and terminal is submitted to POS institutional affiliation in card.
7. step S205, blocks interior POS institutional affiliation and completes transaction, return data (give terminal and turn back to POS in card by NFC P2P interface).
8. step S206, blocks interior POS and processes return message, as: show transaction results to holder or call card application etc.