Summary of the invention
The object of the invention is the defect for prior art, a kind of method of commerce based on external security device, system and server are provided, to realize the use of external security device when conventional transaction initiating terminal is concluded the business.
For achieving the above object, first aspect, the invention provides a kind of method of commerce based on external security device, and this method of commerce comprises:
Server receives the secure transaction that mobile device end sends; Described secure transaction is that mobile device end is by scanning encoding information acquisition;
The legitimacy of described server authentication secure transaction;
When authenticating security Transaction Information result is legal, described server extracts the trade confirmation solicited message that external security device participates in confirming;
Described trade confirmation solicited message is sent to described mobile device end by described server; Described server receives the described signing messages that described mobile device end sends; Wherein, described signing messages calculates generation by described external security device according to described trade confirmation solicited message;
The legitimacy of described server to described signing messages is verified;
When certifying signature information result is legal, described server carries out payment processes, and confirmation result is sent to described transaction initiating terminal.
Further, receive the secure transaction of mobile device end transmission at described server before, described method of commerce also comprises:
Described transaction initiating terminal produces secure transaction, and generates coded message described in Software Create by coded message.
Further, the legitimacy of described authenticating security Transaction Information is specially:
Whether the secure transaction that the secure transaction that initiating terminal of concluding the business described in described server authentication sends and described mobile device end send is consistent;
If so, then authenticating security Transaction Information result is legal;
If not, then authenticating security Transaction Information result is illegal.
Preferably, described method of commerce also comprises: when authenticating security Transaction Information result is illegal, and described server stops transaction, and miscue information is sent to described mobile device end.
Preferably, described trade confirmation solicited message comprises payment account information, sequence information and collecting account information.
Preferably, described wireless transmission method comprises: wireless blue tooth communication mode or wireless near field communication mode.
Preferably, described method of commerce also comprises: when certifying signature information result is illegal, and described server stops transaction, and miscue information is sent to described mobile device end.
Second aspect, the invention provides the method for commerce of another kind of external security device, and this method of commerce comprises:
The coded message that mobile device end scanning transaction initiating terminal generates, obtains secure transaction, and described secure transaction is sent to server; Server receives secure transaction, and the legitimacy of authenticating security Transaction Information;
When server authentication secure transaction result is legal, described mobile device termination is received the trade confirmation solicited message from described server and is transmitted to external security device by wireless transmission method; Described trade confirmation solicited message is that described server extracts when authenticating security Transaction Information is legal;
Described mobile device end receives signing messages by described wireless transmission method, and sends to described server; Wherein, described signing messages calculates generation by described external security device according to described trade confirmation solicited message; The legitimacy of described server to described signing messages is verified, when certifying signature information result is legal, described server carries out payment processes, and confirmation result is sent to described transaction initiating terminal.
The third aspect, the invention provides a kind of transaction system of external security device, and this transaction system comprises: transaction initiating terminal, mobile device end, server and external security device;
Described transaction initiating terminal, for receiving Transaction Information, and generates coded message;
Described mobile device end, for scanning described coded message, obtaining secure transaction, and described secure transaction is sent to server;
Described server, for receiving secure transaction, and the legitimacy of authenticating security Transaction Information;
Described server also for, when authenticating security Transaction Information result is legal, extracts the trade confirmation solicited message that external security device participates in confirming, and send to described mobile device end;
Described mobile device end also for, receive described trade confirmation solicited message, and send described trade confirmation solicited message by wireless transmission method to described external security device;
Described external security device, for participating in calculating according to described trade confirmation solicited message, generating signing messages, and sending to described mobile device end;
Described mobile device end also for, receive described signing messages, and send to described server;
Described server also for, verify the legitimacy of described signing messages, when certifying signature information result is legal, described server carries out payment processes, and confirmation result is sent to described transaction initiating terminal.
Preferably, described server also for, when certifying signature information result is illegal, described server stops transaction, and miscue information is sent to described mobile device end.
Preferably, described server also for, when authenticating security Transaction Information result is illegal, described server stops transaction, and miscue information is sent to described mobile device end.
Preferably, described wireless transmission method comprises: wireless blue tooth communication mode or wireless near field communication mode.
Preferably, described trade confirmation solicited message comprises payment account information, sequence information and collecting account information.
Further, the legitimacy of described authenticating security Transaction Information is specially: whether the secure transaction that the secure transaction that initiating terminal of concluding the business described in described server authentication sends and described mobile device end send is consistent;
If so, then authenticating security Transaction Information result is legal;
If not, then authenticating security Transaction Information result is illegal.
Fourth aspect, the invention provides a kind of trading server based on external security device, and this server comprises: receiving element, transmitting element, authentication unit and payment unit;
Described receiving element, for receiving the secure transaction that transaction initiating terminal sends, and the transaction security information that mobile device end sends;
Described authentication unit, for verifying the legitimacy of described transaction security information;
Described transmitting element, for sending trade confirmation solicited message to mobile device end; External unit participates in calculating according to described trade confirmation solicited message, generates signing messages;
Described receiving element also for, receive described signing messages;
Described authentication unit also for, verify the legitimacy of described signing messages;
Described payment unit, for when verifying that described signing messages result is legal, according to payment account information, sequence information and collecting account information, carries out payment processes;
Described transmitting element also for, when verify described signing messages result legal time, confirmation result is sent to described transaction initiating terminal; When verifying that described signing messages result is illegal, miscue information is sent to described mobile device end.
Preferably, described server also comprises: processing unit, for extracting the trade confirmation solicited message that described external security device participates in confirming.
Preferably, described transmitting element also for, when verify described transaction security information illegal time, miscue information is sent to described mobile device end by described server.
Advantage of the present invention is by using external security device to conclude the business on transaction initiating terminal, improve the security of transaction, add the scope of application of external security device, decrease the exploitation of transaction initiating terminal related accessories, saved cost simultaneously; The use of coded message, adds the convenience of transaction while improving transaction security.
Embodiment
Below by drawings and Examples, technical scheme of the present invention is described in further detail.
Method of commerce of the present invention, system and server are the method for commerce of transaction initiating terminal based on external security device, system and server, coded message scanning Transaction Information is carried out by mobile device end, and carry out transfer transmission information by mobile device end, traditional transaction initiating terminal is concluded the business by external security device.
Embodiment one
The process flow diagram of the method for commerce based on external security device that Fig. 1 provides for the embodiment of the present invention one, as shown in the figure, the method comprises the following steps:
Step 101, server receives the secure transaction that mobile device end sends.
Particularly, the coded message that mobile device end scanning transaction initiating terminal generates, obtain secure transaction, and secure transaction is sent to server, server receives secure transaction.
Transaction initiating terminal can comprise desk-top computer, notebook computer and the personal computer etc. being compatible with IBM system; Mobile device end can comprise mobile phone, panel computer etc.; Coded message can comprise Quick Response Code, bar code etc.
Step 102, the legitimacy of server authentication secure transaction.
Particularly, server receives the secure transaction sent by mobile device end, and the legitimacy of authenticating security Transaction Information.
Such as, whether server compares the secure transaction sent by transaction initiating terminal, consistent with the secure transaction that mobile device end sends; If consistent, then server authentication secure transaction result is legal, if inconsistent, then server authentication secure transaction result is illegal.
Step 103, when the result is legal, server extracts trade confirmation solicited message.
Particularly, when server authentication secure transaction result is legal, server extracts the trade confirmation solicited message that external security device participates in confirming.
External security device can comprise intelligent finance card, certificate Key etc.; Trade confirmation solicited message comprises payment account information, sequence information and collecting account information etc.
Step 105, trade confirmation solicited message is sent to mobile device end by server.
Step 106, server receives the signing messages that mobile device end sends.
Particularly, server receives the signing messages that mobile device end sends; Wherein, signing messages calculates generation by external security device according to trade confirmation solicited message.
First, trade confirmation solicited message is sent to external security device by wireless transmission method by mobile device end.Wireless transmission method comprises wireless blue tooth communication mode or wireless near field communication mode.
Such as, mobile device end is connected with external security device by Blue-tooth communication method, when mobile device end is with the mode paging external security device of frequency hopping, external security device can run-down outer loop at set intervals, when scanning mobile device end, just can respond mobile device end, and connect with mobile device end, thus by mobile device end payment account information, sequence information and collecting account information transmission to external security device.
When wireless transmission method is wireless near field communication mode, mobile device end only needs to be connected with external security device by the mode of " touching ", and then by mobile device end payment account information, sequence information and collecting account information transmission to external security device.
Then, external security device calculates according to the trade confirmation solicited message received, and generates signing messages, and sends to mobile device end by wireless transmission method.
Such as, external security device uses Blue-tooth communication method or wireless near field communication mode to be connected with mobile device end, carry out generating signing messages based on the digital signature of Public Key Infrastructure (Public Key Infrastructure PKI) according to the payment account information received, sequence information and collecting account information, and send the signing messages of generation to mobile device end.
Step 107, the legitimacy of server to signing messages is verified.
Particularly, server is verified by corresponding digital certificate on the server according to the Transaction Information received and signing messages.
Such as, external security device carries out dynamic password signature according to payment account information, sequence information and collecting account information and generates signing messages, the signing messages that mobile device receives also sends it to server, and the dynamic signature of storage inside and signing messages are compared by server.
Step 108, when the result is legal, server carries out payment processes, and confirmation result is sent to transaction initiating terminal.
Particularly, when the result is legal, server, according to payment account information, sequence information and collecting account information, carries out payment processes, and the confirmation result of Transaction Success is sent to transaction initiating terminal.
Step 109, when the result is illegal, miscue information is sent to mobile device end by server.
Particularly, when authenticating security Transaction Information result is illegal, server stops transaction, and miscue information is sent to mobile device end.
Further, before step 101, this method of commerce also comprises:
Transaction initiating terminal produces secure transaction, and generates coded message described in Software Create by coded message.
After step 102, this method of commerce also comprises:
Step 104, when the result is illegal, sends to mobile device end by miscue information.
Particularly, when authenticating security Transaction Information result is illegal, server stops transaction, and miscue information is sent to mobile device end.
Embodiment two
The process flow diagram of the method for commerce based on external security device that Fig. 2 provides for the embodiment of the present invention two, as shown in the figure, the method comprises the following steps:
Step 201, the coded message that mobile device end scanning transaction initiating terminal generates, obtains secure transaction, and secure transaction is sent to server; Server receives secure transaction, and the legitimacy of authenticating security Transaction Information.
Particularly, transaction initiating terminal can comprise desk-top computer, notebook computer and the personal computer etc. being compatible with IBM system; Mobile device end can comprise mobile phone, panel computer etc.; Coded message can comprise Quick Response Code, bar code etc.
Whether server compares the secure transaction sent by transaction initiating terminal, consistent with the secure transaction that mobile device end sends; If consistent, then server authentication secure transaction result is legal, if inconsistent, then server authentication secure transaction result is illegal.
Step 202, when authenticating security Transaction Information result is legal, mobile device termination receives trade confirmation solicited message.
Particularly, when authenticating security Transaction Information result is legal, mobile device termination receives trade confirmation solicited message; Trade confirmation solicited message is sent to external security device by wireless transmission method by mobile device end; Trade confirmation solicited message is specially that server extracts, so that external security device participates in the trade confirmation solicited message confirmed.
External security device can comprise intelligent finance card, certificate Key etc.; Trade confirmation solicited message comprises payment account information, sequence information and collecting account information etc.
Wireless transmission method comprises wireless blue tooth communication mode or wireless near field communication mode.
Such as, mobile device end is connected with external security device by Blue-tooth communication method, when mobile device end is with the mode paging external security device of frequency hopping, external security device can run-down outer loop at set intervals, when scanning mobile device end, just can respond mobile device end, and connect with mobile device end, thus by mobile device end payment account information, sequence information and collecting account information transmission to external security device.
When wireless transmission method is wireless near field communication mode, mobile device end only needs to be connected with external security device by the mode of " touching ", and then by mobile device end payment account information, sequence information and collecting account information transmission to external security device.
External security device participates in calculating according to the trade confirmation solicited message received, and generates signing messages, and sends to mobile device end by wireless transmission method.
Such as, external security device uses Blue-tooth communication method or wireless near field communication mode to be connected with mobile device end, carry out generating signing messages based on the digital signature of Public Key Infrastructure (Public Key Infrastructure PKI) according to the payment account information received, sequence information and collecting account information, and send the signing messages of generation to mobile device end.
Step 204, mobile device termination receives signing messages, and sends to server; The legitimacy of server to signing messages is verified, when certifying signature information result is legal, server carries out payment processes, and confirmation result is sent to transaction initiating terminal.
Particularly, server is verified by corresponding digital certificate on the server according to the Transaction Information received and signing messages.
Such as, external security device carries out dynamic password signature according to payment account information, sequence information and collecting account information and generates signing messages, the signing messages that mobile device receives also sends it to server, and the dynamic signature of storage inside and signing messages are compared by server.
When the result is legal, server, according to payment account information, sequence information and collecting account information, carries out payment processes, and the confirmation result of Transaction Success is sent to transaction initiating terminal.
Step 205, when the result is illegal, miscue information is sent to mobile device end by server.
Particularly, when authenticating security Transaction Information result is illegal, server stops transaction, and miscue information is sent to mobile device end.
Further, before step 201, this method of commerce also comprises:
Transaction initiating terminal produces secure transaction, and generates coded message described in Software Create by coded message.
After step 201, this method of commerce also comprises:
Step 203, when the result is illegal, sends to mobile device end by miscue information.
Particularly, when authenticating security Transaction Information result is illegal, server stops transaction, and miscue information is sent to mobile device end.
The method of commerce of the transaction initiating terminal based on external security device of the present invention, by the use of coded message, improves the security of transaction, adds the convenience of transaction; By the transfer transmission of mobile device as information, achieve the use of external security device on transaction initiating terminal, solving external security device cannot the problem of compatible transaction initiating terminal.Improve the security of conventional transaction initiating terminal transaction, add the scope of application of external security device, decrease the exploitation of transaction initiating terminal related accessories simultaneously, saved cost.
Embodiment three
The schematic diagram of the transaction system based on external security device that Fig. 3 provides for the embodiment of the present invention three, as shown in the figure, this transaction system comprises: transaction initiating terminal 301, server 302, mobile device end 303 and external security device 304.
Transaction initiating terminal 301 produces secure transaction, and generates Software Create coded message by coded message.Meanwhile, the secure transaction of generation is sent to server 302.
Server 302, for receiving the secure transaction that mobile device end 303 sends, and the legitimacy of authenticating security Transaction Information.Server 302 also for, when authenticating security Transaction Information result is legal, extracts the trade confirmation solicited message that external security device 304 participates in confirming, and send to mobile device end 303; When authenticating security Transaction Information result is illegal, server 302 stops transaction, and miscue information is sent to mobile device end 303.Server 302 also for, receive and the legitimacy of certifying signature information, when certifying signature information result is legal, server 302 carries out payment processes, and confirmations result is sent to initiating terminal 301 of concluding the business; Server 302 also for, when certifying signature information result is illegal, server 302 stops transaction, and miscue information is sent to mobile device end 303.
Mobile device end 303, for scanning the coded message that transaction initiating terminal 301 produces, obtaining secure transaction, and secure transaction is sent to server 302.Mobile device end 303 also for the trade confirmation solicited message that, reception server 302 sends, and by wireless transmission method externally safety equipment 304 send trade confirmation solicited message.Mobile device end 303 also for, receive signing messages, and send to server 302.
External security device 304, for participating in calculating according to trade confirmation solicited message, generating signing messages, and sending to mobile device end 303.
Preferably, wireless transmission method comprises wireless blue tooth communication mode or wireless near field communication mode.
Preferably, transaction initiating terminal 301 can comprise desk-top computer, notebook computer and the personal computer etc. being compatible with IBM system; Mobile device end 303 can comprise mobile phone, panel computer etc.; Coded message can comprise Quick Response Code, bar code etc.; External security device 304 can comprise intelligent finance card, certificate Key etc.; Trade confirmation solicited message comprises payment account information, sequence information and collecting account information etc.
Further, the legitimacy of server 302 authenticating security Transaction Information, especially by comparing the secure transaction sent by transaction initiating terminal 301, whether the secure transaction sent with mobile device end 303 is consistent; If consistent, then server 302 authenticating security Transaction Information result is legal, if inconsistent, then server 302 authenticating security Transaction Information result is illegal.
The course of work of the transaction system of the embodiment of the present invention three is as follows:
Transaction initiating terminal 301 produces secure transaction, and generates the coded message of secure transaction by coded message maker.Mobile device end 303 scans the coded message that transaction initiating terminal 301 generates, and obtains secure transaction, and secure transaction is sent to server 302.Server 302 is by comparing the secure transaction sent by transaction initiating terminal, whether consistent with the secure transaction that mobile device end sends, whether authenticating security Transaction Information is legal, if unanimously, then server 302 authenticating security Transaction Information result is legal; If inconsistent, then server 302 authenticating security Transaction Information result is illegal.When authenticating security Transaction Information result is legal, server 302 extracts the trade confirmation solicited message that external security device 304 participates in confirming, specifically comprise payment account information, sequence information and collecting account information etc., and trade confirmation solicited message is sent to mobile device end 303.
Mobile device end 303 is by wireless blue tooth communication mode or wireless near field communication mode externally safety equipment 304 Sending Payments accounts information, sequence information and collecting account information.External security device 304 calculates according to the payment account information received, sequence information and collecting account information, generates signing messages, and sends to mobile device end 303 by wireless blue tooth communication mode or wireless near field communication mode.Mobile device end 303 receives signing messages, and sends to server 302.
Server 302 is verified by corresponding digital certificate on a server 302 according to the Transaction Information received and signing messages.When the result is legal, server 302, according to money accounts information, sequence information and collecting account information, carries out payment processes, and the confirmation result of Transaction Success is sent to transaction initiating terminal 301.When the result is illegal, server 302 stops transaction, and miscue information is sent to mobile device end 303.
The transaction system of transaction initiating terminal of the present invention, uses external security device 304 to participate in business the transaction of initiating terminal, improves the security of conventional transaction initiating terminal transaction; By the transfer transmission of mobile device 303 as information, achieve the use of external security device 304 on transaction initiating terminal 301, add the scope of application of external security device 304, solving external security device 304 cannot the problem of compatible transaction initiating terminal 301; Decrease the exploitation of transaction initiating terminal related accessories simultaneously, save cost.By using coded message on transaction initiating terminal 301, improve the security of transaction, adding the convenience of transaction.
Embodiment four
The schematic diagram of the trading server based on external security device that Fig. 4 provides for the embodiment of the present invention four, as shown in the figure, this trading server comprises: receiving element 401, transmitting element 402, authentication unit 403 and payment unit 404.
Receiving element 401, for receiving the secure transaction that transaction initiating terminal sends, and the transaction security information that mobile device end sends; Also for receiving the signing messages that external unit generates.
Transmitting element 402, for sending trade confirmation solicited message to mobile device end, external unit participates in calculating according to trade confirmation solicited message, generates signing messages; Confirmation result also for when the result is legal, is sent to transaction initiating terminal by transmitting element 402; When the result is illegal, miscue information is sent to mobile device end; Transmitting element 402 also for, when verifying that transaction security information is illegal, miscue information is sent to mobile device end.
Authentication unit 403, for verifying the legitimacy of transaction security information; Also for the legitimacy of certifying signature information.
Payment unit 404, for when certifying signature information result is legal, according to payment account information, sequence information and collecting account information, carries out payment processes.
Further, processing unit 405, for extracting the trade confirmation solicited message that external security device participates in confirming.
The course of work of the trading server of the embodiment of the present invention four is as follows:
The receiving element 401 of server receives the secure transaction of transaction initiating terminal transmission and the transaction security information that mobile device end sends; Whether authentication unit 403 is consistent with the transaction security information that mobile device end sends by the secure transaction comparing the transmission of transaction initiating terminal, verifies the legitimacy of transaction security information; If consistent, then authenticating security Transaction Information result is legal; If inconsistent, then authenticating security Transaction Information result is illegal.When authenticating security Transaction Information result is illegal, miscue information is sent to mobile device end by transmitting element 402.
When authenticating security Transaction Information result is legal, processing unit 405, according to secure transaction, extracts the trade confirmation solicited message that external security device participates in confirming, specifically comprises payment account information, sequence information and collecting account information etc.; Transmitting element 402, sends trade confirmation solicited message to mobile device end; External unit participates in calculating according to trade confirmation solicited message, generates signing messages, and sends to mobile device end by wireless blue tooth communication mode or wireless near field communication mode; Mobile device termination receives signing messages, and sends to receiving element 401; Authentication unit 403, the legitimacy of certifying signature information.
When certifying signature information result is legal, the payment unit 404 of server, according to payment account information, sequence information and collecting account information, carries out payment processes, and the confirmation result of Transaction Success is sent to transaction initiating terminal by transmitting element 402; When the result is illegal, miscue information is sent to mobile device end by transmitting element 402.
The trading server of transaction initiating terminal of the present invention, secure transaction is received by receiving element, and pass through the legitimacy of authentication unit authenticating security Transaction Information, when verifying legal, after processing unit processes, extract trade confirmation solicited message, improve the security of transaction, too increase the convenience of transaction.After receiving element receives the signing messages of external unit generation, verified by authentication unit again, carry out payment processes by payment unit according to payment account information, sequence information and collecting account information after being proved to be successful, improve accuracy and the security of Send only Account and collecting account; By the transfer transmission of mobile device as information, achieve the use of external security device on transaction initiating terminal, add the scope of application of external security device, solving external security device cannot the problem of compatible transaction initiating terminal.
Professional should recognize further, in conjunction with unit and the algorithm steps of each example of embodiment disclosed herein description, can realize with electronic hardware, computer software or the combination of the two, in order to the interchangeability of hardware and software is clearly described, generally describe composition and the step of each example in the above description according to function.These functions perform with hardware or software mode actually, depend on application-specific and the design constraint of technical scheme.Professional and technical personnel can use distinct methods to realize described function to each specifically should being used for, but this realization should not thought and exceeds scope of the present invention.
The software module that the method described in conjunction with embodiment disclosed herein or the step of algorithm can use hardware, processor to perform, or the combination of the two is implemented.Software module can be placed in the storage medium of other form any known in random access memory (RAM), internal memory, ROM (read-only memory) (ROM), electrically programmable ROM, electrically erasable ROM, register, hard disk, moveable magnetic disc, CD-ROM or technical field.
Above-described embodiment; object of the present invention, technical scheme and beneficial effect are further described; be understood that; the foregoing is only the specific embodiment of the present invention; the protection domain be not intended to limit the present invention; within the spirit and principles in the present invention all, any amendment made, equivalent replacement, improvement etc., all should be included within protection scope of the present invention.