技术领域technical field
本发明涉及移动互联网技术领域,尤其涉及一种支付系统及方法。The present invention relates to the technical field of mobile Internet, in particular to a payment system and method.
背景技术Background technique
随着移动互联网技术的发展,越来越多的用户通过手机等移动终端进行网上购物。例如:在手机等移动终端上安装天猫、京东等应用程序(Application,APP)客户端,用户便可以使用已安装的APP客户端通过挑选商品、填写订单、进行移动支付等步骤完成一次交易。With the development of mobile Internet technology, more and more users conduct online shopping through mobile terminals such as mobile phones. For example: install Tmall, JD.com and other application (Application, APP) clients on mobile terminals such as mobile phones, and users can use the installed APP clients to complete a transaction by selecting commodities, filling orders, and making mobile payments.
目前,为了保证支付过程的安全性,常用的支付流程为:(1)APP客户端将用户信息通过加密的方式发送到支付平台服务器,其中该用户信息包括用户的手机号码。(2支付平台服务器通过解密获取包括用户的手机号码在内的用户信息。(3)支付平台服务器随机生成一组针对当前交易的随机数字并保存,且以短信的形式发送至用户手机。(4)用户通过手动输入方式将随机数字填写到APP客户端中,并同样以加密的方式发送到支付平台服务器。(5)支付平台服务器将接收到的随机数字与本地保存的随机数字进行比较,如果一致则认为该交易为真实交易,向APP客户端返回交易成功消息。At present, in order to ensure the security of the payment process, the commonly used payment process is: (1) The APP client sends the user information to the payment platform server in an encrypted manner, wherein the user information includes the user's mobile phone number. (2) The payment platform server obtains user information including the user's mobile phone number through decryption. (3) The payment platform server randomly generates a set of random numbers for the current transaction and saves them, and sends them to the user's mobile phone in the form of a text message. (4 ) The user fills in the random number into the APP client by manual input, and sends it to the payment platform server in an encrypted manner. (5) The payment platform server compares the received random number with the random number stored locally, if If they agree, the transaction is considered to be a real transaction, and a transaction success message is returned to the APP client.
现有的这种通过短信验证码进行交易鉴权的支付方式,虽然能够保证支付过程的安全性,但是增加了接收短信填写验证码的过程,且短信的发送可能存在由于阻塞而延时的问题,用户可能长时间收不到短信,因而这种支付方式耗时较长。Although the existing payment method for transaction authentication through SMS verification codes can ensure the security of the payment process, it increases the process of receiving SMS and filling in the verification code, and the sending of SMS may be delayed due to congestion , the user may not receive text messages for a long time, so this payment method takes a long time.
发明内容Contents of the invention
本发明实施例提供一种支付系统及方法,用于解决现有技术中存在的移动支付的过程耗时较长的问题。Embodiments of the present invention provide a payment system and method, which are used to solve the problem in the prior art that the process of mobile payment takes a long time.
为达到上述目的,本发明的实施例采用如下技术方案:In order to achieve the above object, embodiments of the present invention adopt the following technical solutions:
一种支付系统,包括支付平台服务器和鉴权服务器,其中:A payment system, including a payment platform server and an authentication server, wherein:
所述支付平台服务器,用于接收应用程序APP客户端发送的支付请求;The payment platform server is used to receive the payment request sent by the APP client;
当所述支付请求中携带支付标识时,解析所述支付请求以获取用户信息,并向所述鉴权服务器发送所述支付标识;When the payment request carries a payment identifier, parse the payment request to obtain user information, and send the payment identifier to the authentication server;
所述鉴权服务器,用于根据所述支付标识,获取与所述支付标识对应的目标用户信息并向所述支付平台服务器发送所述目标用户信息,所述目标用户信息为根据位于服务GPRS支持节点SGSN和网关GPRS支持节点GGSN之间的接口的用户上网原始记录得到;The authentication server is configured to obtain the target user information corresponding to the payment ID according to the payment ID and send the target user information to the payment platform server, the target user information is based on the service GPRS support The original record of the user accessing the interface between the node SGSN and the gateway GPRS support node GGSN is obtained;
所述支付平台服务器,还用于将所述目标用户信息与解析得到的所述用户信息进行比较,如果一致,则向所述APP客户端返回交易成功消息。The payment platform server is further configured to compare the target user information with the analyzed user information, and return a transaction success message to the APP client if they are consistent.
一种支付方法,包括:A method of payment, including:
支付平台服务器接收应用程序APP客户端发送的支付请求;The payment platform server receives the payment request sent by the APP client;
如果所述支付请求中携带支付标识,则所述支付平台服务器解析所述支付请求以获取用户信息,并向鉴权服务器发送所述支付标识;If the payment request carries a payment identifier, the payment platform server parses the payment request to obtain user information, and sends the payment identifier to the authentication server;
所述鉴权服务器根据所述支付标识,获取与所述支付标识对应的目标用户信息并向所述支付平台服务器发送所述目标用户信息,所述目标用户信息为根据位于服务GPRS支持节点SGSN和网关GPRS支持节点GGSN之间的接口的用户上网原始记录得到;The authentication server obtains target user information corresponding to the payment ID according to the payment ID and sends the target user information to the payment platform server, and the target user information is based on the information located at the serving GPRS support node SGSN and The gateway GPRS supports the interface between the nodes GGSN to obtain the original record of the user accessing the Internet;
所述支付平台服务器将所述目标用户信息与解析得到的所述用户信息进行比较,如果一致,则向所述APP客户端返回交易成功消息。The payment platform server compares the target user information with the analyzed user information, and returns a transaction success message to the APP client if they are consistent.
本发明提供的支付系统及方法,支付平台服务器接收到APP客户端发送的支付请求时,一方面,通过解析该支付请求获取该支付请求对应的用户信息,另一方面,支付平台服务器将支付请求中携带的支付标识发送至鉴权平台,鉴权平台根据该支付标识获得该支付请求对应的用户信息,且由于该用户信息为根据位于GGSN和SGSN之间的接口获取得到的,因而为真实的用户信息,并将该真实的用户信息返回至支付平台服务器;支付平台服务器能够将自身解析得到的用户信息与接收到的真实的用户信息进行比对,只有比对结果符合条件时,才向APP客户端发送交易成功消息,与现有技术中,需要增加短信的发送这一步骤,且可能存在由于发送阻塞而延时相比,本发明提供的支付方法能够减少接收短信的流程,无需用户进行短信验证码的输入,由后台实现移动支付的鉴权过程,能够减少移动支付的耗时。In the payment system and method provided by the present invention, when the payment platform server receives the payment request sent by the APP client, on the one hand, it obtains the user information corresponding to the payment request by analyzing the payment request; on the other hand, the payment platform server sends the payment request The payment identification carried in the payment request is sent to the authentication platform, and the authentication platform obtains the user information corresponding to the payment request according to the payment identification, and since the user information is obtained according to the interface between the GGSN and the SGSN, it is true User information, and return the real user information to the payment platform server; the payment platform server can compare the user information obtained by itself with the received real user information, and only when the comparison result meets the conditions, it will send the APP The client sends a successful transaction message. Compared with the existing technology, which needs to increase the sending of short messages, and there may be delays due to transmission congestion, the payment method provided by the present invention can reduce the process of receiving short messages without the need for users to carry out The input of SMS verification code realizes the authentication process of mobile payment by the background, which can reduce the time-consuming of mobile payment.
附图说明Description of drawings
为了更清楚地说明本发明实施例或现有技术中的技术方案,下面将对实施例或现有技术描述中所需要使用的附图作简单地介绍,显而易见地,下面描述中的附图仅仅是本发明的一些实施例,对于本领域普通技术人员来讲,在不付出创造性劳动的前提下,还可以根据这些附图获得其他的附图。In order to more clearly illustrate the technical solutions in the embodiments of the present invention or the prior art, the following will briefly introduce the drawings that need to be used in the description of the embodiments or the prior art. Obviously, the accompanying drawings in the following description are only These are some embodiments of the present invention. Those skilled in the art can also obtain other drawings based on these drawings without creative work.
图1为本发明实施例提供的一种支付系统的结构示意图;FIG. 1 is a schematic structural diagram of a payment system provided by an embodiment of the present invention;
图2为本发明实施例提供的另一种支付系统的结构示意图;Fig. 2 is a schematic structural diagram of another payment system provided by an embodiment of the present invention;
图3为本发明实施例提供的一种支付方法的流程示意图;FIG. 3 is a schematic flow diagram of a payment method provided by an embodiment of the present invention;
图4为本发明实施例提供的另一种支付方法的流程示意图;FIG. 4 is a schematic flow diagram of another payment method provided by an embodiment of the present invention;
图5为本发明实施例提供的采集用户上网原始记录并通过筛选存储形成最终的用户信息的流程示意图;FIG. 5 is a schematic flow diagram of collecting original records of users surfing the Internet and forming final user information through screening and storage provided by an embodiment of the present invention;
图6为本发明实施例提供的UUID与哈希码之间的转化关系示意图;Fig. 6 is a schematic diagram of the conversion relationship between UUID and hash code provided by the embodiment of the present invention;
图7为本发明实施例提供的再一种支付方法的流程示意图。Fig. 7 is a schematic flowchart of another payment method provided by an embodiment of the present invention.
具体实施方式Detailed ways
下面将结合本实施例中的附图,对本实施例中的技术方案进行清楚、完整地描述,显然,所描述的实施例仅仅是本发明一部分实施例,而不是全部的实施例。基于本发明中的实施例,本领域普通技术人员在没有作出创造性劳动前提下所获得的所有其他实施例,都属于本发明保护的范围。The following will clearly and completely describe the technical solution in this embodiment with reference to the drawings in this embodiment. Obviously, the described embodiment is only a part of the embodiments of the present invention, but not all of them. Based on the embodiments of the present invention, all other embodiments obtained by persons of ordinary skill in the art without creative efforts fall within the protection scope of the present invention.
本发明实施例提供了一种支付系统,如图1所示,包括支付平台服务器101和鉴权服务器102,其中:An embodiment of the present invention provides a payment system, as shown in Figure 1, including a payment platform server 101 and an authentication server 102, wherein:
所述支付平台服务器101,用于接收应用程序APP客户端发送的支付请求。The payment platform server 101 is configured to receive a payment request sent by an APP client.
当所述支付请求中携带支付标识时,解析所述支付请求以获取用户信息,并向所述鉴权服务器102发送所述支付标识。When the payment request carries a payment identifier, the payment request is parsed to obtain user information, and the payment identifier is sent to the authentication server 102 .
所述鉴权服务器102,用于根据所述支付标识,获取与所述支付标识对应的目标用户信息并向所述支付平台服务器101发送所述目标用户信息,所述目标用户信息为根据位于服务GPRS支持节点SGSN和网关GPRS支持节点GGSN之间的接口的用户上网原始记录得到。The authentication server 102 is configured to acquire target user information corresponding to the payment ID and send the target user information to the payment platform server 101 according to the payment ID, and the target user information is based on the location service The original record of the user accessing the interface between the GPRS support node SGSN and the gateway GPRS support node GGSN is obtained.
所述支付平台服务器101,还用于将所述目标用户信息与解析得到的所述用户信息进行比较,如果一致,则向所述APP客户端返回交易成功消息。The payment platform server 101 is further configured to compare the target user information with the analyzed user information, and return a transaction success message to the APP client if they are consistent.
进一步的,所述支付平台服务器101还用于,接收APP客户端发送的支付标识获取请求;Further, the payment platform server 101 is also configured to receive a payment identification acquisition request sent by the APP client;
根据预设规则生成支付标识,每个所述支付标识用于标记一次支付请求;Generate payment identifiers according to preset rules, and each payment identifier is used to mark a payment request;
向所述APP客户端返回所述支付标识。Returning the payment identifier to the APP client.
进一步的,如图2所示,所述系统还包括采集设备201和流式实时处理设备202,其中:Further, as shown in FIG. 2, the system also includes a collection device 201 and a streaming real-time processing device 202, wherein:
所述采集设备201,用于通过位于所述SGSN和所述GGSN之间的接口获取每条用户上网原始记录并向流式实时处理设备202发送所述用户上网原始记录。The collection device 201 is configured to obtain each user's original online record through an interface between the SGSN and the GGSN and send the user's original online record to the streaming real-time processing device 202 .
所述流式实时处理设备202,用于获取每条所述用户上网原始记录的统一资源定位符URL字段;The streaming real-time processing device 202 is configured to obtain the Uniform Resource Locator URL field of each original record of the user surfing the Internet;
当所述URL字段中包括支付标识时,获取所述支付标识的值以及与所述支付标识所在的URL字段对应的用户上网原始记录中的用户信息;When the URL field includes a payment identifier, obtain the value of the payment identifier and the user information in the original record of the user surfing the Internet corresponding to the URL field where the payment identifier is located;
向所述鉴权服务器102发送所述支付标识的值以及所述用户信息。Send the value of the payment identifier and the user information to the authentication server 102 .
所述鉴权服务器102,还用于将所述支付标识的值进行哈希编码形成哈希码并以哈希码表的形式存储至内存中;The authentication server 102 is further configured to hash code the value of the payment identifier to form a hash code and store it in the memory in the form of a hash code table;
将所述支付标识以及与所述支付标识对应的用户信息以哈希数据表的形式存储至内存中。The payment identifier and user information corresponding to the payment identifier are stored in the memory in the form of a hash data table.
进一步的,所述鉴权服务器102,还用于根据所述支付标识,查找所述哈希码表中是否存储所述支付标识对应的哈希码;Further, the authentication server 102 is further configured to check whether the hash code corresponding to the payment identifier is stored in the hash code table according to the payment identifier;
如果存在,则从所述哈希数据表中获取与所述支付标识对应的目标用户信息。If it exists, the target user information corresponding to the payment identifier is obtained from the hash data table.
本发明提供的支付系统,支付平台服务器接收到APP客户端发送的支付请求时,一方面,通过解析该支付请求获取该支付请求对应的用户信息,另一方面,支付平台服务器将支付请求中携带的支付标识发送至鉴权平台,鉴权平台根据该支付标识获得该支付请求对应的用户信息,且由于该用户信息为根据位于GGSN和SGSN之间的接口获取得到的,因而为真实的用户信息,并将该真实的用户信息返回至支付平台服务器;支付平台服务器能够将自身解析得到的用户信息与接收到的真实的用户信息进行比对,只有比对结果符合条件时,才向APP客户端发送交易成功消息,与现有技术中,需要增加短信的发送这一步骤,且可能存在由于发送阻塞而延时相比,本发明提供的支付方法能够减少接收短信的流程,无需用户进行短信验证码的输入,由后台实现移动支付的鉴权过程,能够减少移动支付的耗时。In the payment system provided by the present invention, when the payment platform server receives the payment request sent by the APP client, on the one hand, it obtains the user information corresponding to the payment request by analyzing the payment request; The payment ID sent to the authentication platform, the authentication platform obtains the user information corresponding to the payment request according to the payment ID, and since the user information is obtained through the interface between the GGSN and the SGSN, it is real user information , and return the real user information to the payment platform server; the payment platform server can compare the user information it has parsed with the received real user information, and only when the comparison result meets the conditions will it send the APP client Sending the transaction success message, compared with the prior art, which needs to increase the sending step of the short message, and there may be a delay due to transmission blocking, the payment method provided by the present invention can reduce the process of receiving short messages, and does not require the user to verify the short message The input of the code, the authentication process of mobile payment is realized by the background, which can reduce the time-consuming of mobile payment.
本发明实施例还提供了一种支付方法,应用于上述图1和图2所示的支付系统,如图3所示,所述方法包括:The embodiment of the present invention also provides a payment method, which is applied to the payment system shown in Figure 1 and Figure 2 above, and as shown in Figure 3, the method includes:
301:支付平台服务器接收应用程序APP客户端发送的支付请求。301: The payment platform server receives the payment request sent by the APP client.
其中,本实施例中所指的支付平台为进行网上购物的买卖双方交易过程中的“中间件”,也可以说是“技术插件”,是在银行监管下保障交易双方利益的独立机构。例如:支付宝、财富通等。Among them, the payment platform referred to in this embodiment is the "middleware" in the transaction process between buyers and sellers who conduct online shopping, and it can also be called "technical plug-in". It is an independent organization that protects the interests of both parties under the supervision of the bank. For example: Alipay, Fortune Link, etc.
本实施例中所指的应用程序(Application,APP)客户端是指安装在用户手机中的用于移动支付的APP应用,如京东商城、天猫等。The application program (Application, APP) client referred to in this embodiment refers to the APP application used for mobile payment installed in the user's mobile phone, such as Jingdong Mall, Tmall, etc.
APP客户端是支付请求的发起方,支付平台服务器是支付请求的接收方,两者之间通过私有的加密协议将待传输的信息加密后进行交互。The APP client is the initiator of the payment request, and the payment platform server is the receiver of the payment request. The information to be transmitted is encrypted and interacted between the two through a private encryption protocol.
302:如果所述支付请求中携带支付标识,则所述支付平台服务器解析所述支付请求以获取用户信息,并向鉴权服务器发送所述支付标识。302: If the payment request carries a payment identifier, the payment platform server parses the payment request to obtain user information, and sends the payment identifier to an authentication server.
本发明实施例中,为了区分不同支付请求、支付请求与其他类型的请求,需要在支付请求的统一资源定位符(UniformResourceLocator,URL)地址中携带支付标识。支付标识具有唯一性,每个支付标识仅仅用于表示一次支付请求。In the embodiment of the present invention, in order to distinguish different payment requests, payment requests and other types of requests, it is necessary to carry a payment identifier in a uniform resource locator (UniformResourceLocator, URL) address of the payment request. The payment ID is unique, and each payment ID is only used to represent a payment request.
本步骤中所指的手机支付用户的相关信息(用户信息)至少包括手机号、用于标识手机且具有唯一性的移动设备国际身份码(InternationalMobileEquipmentIdentity,IMEI)和支付请求发起时间。The relevant information (user information) of the mobile payment user referred to in this step includes at least the mobile phone number, the unique International Mobile Equipment Identity (IMEI) used to identify the mobile phone and the payment request initiation time.
此外,该用户信息中还可能包括用于标识手机卡且具有唯一性的国际移动用户识别码(InternationalMobileSubscriberIdentificationNumber,IMSI)和APP客户端的属性信息,例如:APP客户端的应用标识等。In addition, the user information may also include a unique International Mobile Subscriber Identification Number (InternationalMobileSubscriberIdentificationNumber, IMSI) used to identify the mobile phone card and attribute information of the APP client, such as the application identifier of the APP client.
本步骤中仅仅对携带有支付标识的支付请求进行处理,如果支付请求中未携带支付标识,则不处理该支付请求。In this step, only the payment request carrying the payment identifier is processed, and if the payment request does not carry the payment identifier, the payment request is not processed.
303:所述鉴权服务器根据所述支付标识,获取与所述支付标识对应的目标用户信息并向所述支付平台服务器发送所述目标用户信息。303: The authentication server acquires target user information corresponding to the payment ID according to the payment ID, and sends the target user information to the payment platform server.
其中,所述目标用户信息为根据位于服务GPRS支持节点SGSN和网关GPRS支持节点GGSN之间的接口的用户上网原始记录得到。Wherein, the target user information is obtained according to the user's original online record at the interface between the serving GPRS support node SGSN and the gateway GPRS support node GGSN.
其中,所指的目标用户信息,如下表表1所示,包括5个字段。Wherein, the target user information referred to, as shown in Table 1 below, includes 5 fields.
表1Table 1
上述5个字段的内容为通过位于服务GPRS支持节点(ServingGPRSSupportNode,SGSN)和网关GPRS支持节点(GatewayGPRSSupportNode,GGSN)之间的Gn接口采集用户上网原始记录数据并经过筛选后得到。The contents of the above 5 fields are collected and screened through the Gn interface between the serving GPRS support node (ServingGPRSSupportNode, SGSN) and the gateway GPRS support node (GatewayGPRSSupportNode, GGSN) to obtain the user's original online record data.
Gn口采集到的用户上网原始记录包含了每条支付请求的全部相关信息,共22个字段,上述5个字段为其中的一部分。由于该用户上网原始记录为从底层链路采集,因而为真实的用户信息,不存在伪造的可能。The original online records of users collected by the Gn port contain all the relevant information of each payment request, a total of 22 fields, the above 5 fields are part of it. Since the original record of the user's Internet access is collected from the underlying link, it is real user information, and there is no possibility of forgery.
304:所述支付平台服务器将所述目标用户信息与解析得到的所述用户信息进行比较,如果一致,则向所述APP客户端返回交易成功消息。304: The payment platform server compares the target user information with the analyzed user information, and returns a transaction success message to the APP client if they are consistent.
APP客户端在向支付平台服务器发送支付请求时,支付请求中携带了上述5个字段的信息或上述5个字段中部分字段的信息,由于支付请求基于超文本传输协议(HyperTextTransferProtocol,HTTP)协议,以上5个字段都属于http包内可编辑字段,因此当APP客户端所在终端中毒或者通过其他终端进行模拟组包,都可以产生与正常支付请求内容相同的“假请求”,所以上述支付请求中包含的内容存在伪造的可能性。When the APP client sends a payment request to the payment platform server, the payment request carries the information of the above five fields or some of the above five fields. Since the payment request is based on the HyperText Transfer Protocol (HTTP) protocol, The above 5 fields are all editable fields in the http package, so when the terminal where the APP client is located is poisoned or the package is simulated through other terminals, a "false request" with the same content as the normal payment request can be generated, so the above payment request Contains content that may be falsified.
因此,本步骤中支付平台服务器需要将真实的用户信息与解析得到的存在伪造可能的用户信息进行比较;只有当解析得到的用户信息与真实的用户信息一致时,才向APP客户端返回交易成功消息。Therefore, in this step, the payment platform server needs to compare the real user information with the parsed user information that may be forged; only when the parsed user information is consistent with the real user information will it return the transaction success to the APP client information.
在比较时,“手机号”和“IMEI”两字段必须完全一致,任意一个不相符则判定为伪造请求;另外,由于存在网络时延等问题,解析得到的用户信息中所包括的支付请求发起时间可能与目标用户信息中获取到的“开始时间”字段的内容不完全一致。由于开始时间指的是从Gn口采集到支付请求对应的用户上网原始记录的信息,因而其比解析得到的支付请求发起时间要晚,如果二者之间存在这样的关系,则表明一致;否则,表明不一致。此外,如果解析得到的内容还包括IMSI和APP客户端的属性信息,则判断是否完全一致。When comparing, the two fields of "mobile phone number" and "IMEI" must be completely consistent. The time may not be exactly the same as the content of the "start time" field obtained in the target user information. Since the start time refers to the information collected from the Gn port to the original online record of the user corresponding to the payment request, it is later than the initiation time of the payment request obtained through analysis. If there is such a relationship between the two, it means they are consistent; otherwise , indicating an inconsistency. In addition, if the parsed content also includes attribute information of the IMSI and the APP client, it is determined whether they are completely consistent.
本发明提供的支付方法,支付平台服务器接收到APP客户端发送的支付请求时,一方面,通过解析该支付请求获取该支付请求对应的用户信息,另一方面,支付平台服务器将支付请求中携带的支付标识发送至鉴权平台,鉴权平台根据该支付标识获得该支付请求对应的用户信息,且由于该用户信息为根据位于GGSN和SGSN之间的接口获取得到的,因而为真实的用户信息,并将该真实的用户信息返回至支付平台服务器;支付平台服务器能够将自身解析得到的用户信息与接收到的真实的用户信息进行比对,只有比对结果符合条件时,才向APP客户端发送交易成功消息,与现有技术中,需要增加短信的发送这一步骤,且可能存在由于发送阻塞而延时相比,本发明提供的支付方法能够减少接收短信的流程,无需用户进行短信验证码的输入,由后台实现移动支付的鉴权过程,能够减少移动支付的耗时。In the payment method provided by the present invention, when the payment platform server receives the payment request sent by the APP client, on the one hand, it obtains the user information corresponding to the payment request by parsing the payment request; The payment ID sent to the authentication platform, the authentication platform obtains the user information corresponding to the payment request according to the payment ID, and since the user information is obtained through the interface between the GGSN and the SGSN, it is real user information , and return the real user information to the payment platform server; the payment platform server can compare the user information it has parsed with the received real user information, and only when the comparison result meets the conditions will it send the APP client Sending the transaction success message, compared with the prior art, which needs to increase the sending step of the short message, and there may be a delay due to transmission blocking, the payment method provided by the present invention can reduce the process of receiving short messages, and does not require the user to verify the short message The input of the code, the authentication process of mobile payment is realized by the background, which can reduce the time-consuming of mobile payment.
此外,现有技术中,为了提高用户体验,某些应用程序在采用短信验证时,会获取一定的权限,进而自动读取用户手机接收到的短信内容,省去用户输入短信验证码的步骤,但是在这个自动读取的过程中,如果某些恶意应用程序获取了用户手机的最高权限,例如:root权限,则可能会获取其他的用户信息,因而无法保证支付过程中的安全性。而本发明实施例提供的支付方式,进行鉴权时所使用的目标用户信息为真实的用户信息,基于真实的用户信息进行鉴权能够保证鉴权结果的可靠性,不存在获取一定的权限进而读取手机上的用户信息的过程,因而能够保证支付过程的安全性。In addition, in the prior art, in order to improve the user experience, some applications will obtain certain permissions when using SMS verification, and then automatically read the content of the SMS received by the user's mobile phone, eliminating the need for the user to enter the SMS verification code. However, during this automatic reading process, if some malicious applications obtain the highest authority of the user's mobile phone, for example: root authority, other user information may be obtained, so the security of the payment process cannot be guaranteed. However, in the payment method provided by the embodiment of the present invention, the target user information used for authentication is real user information, and authentication based on real user information can ensure the reliability of the authentication result, and there is no need to obtain a certain authority to read The process of obtaining user information on the mobile phone, thus ensuring the security of the payment process.
作为图3所示方法的补充,在步骤301“所述支付平台服务器接收应用程序APP客户端发送的支付请求”之前,如图4所示,所述方法还包括:As a supplement to the method shown in Figure 3, before step 301 "the payment platform server receives the payment request sent by the APP client", as shown in Figure 4, the method further includes:
401:所述支付平台服务器接收APP客户端发送的支付标识获取请求。401: The payment platform server receives a payment identification acquisition request sent by an APP client.
现有技术中,当用户使用APP客户端填写完支付信息并点击提交操作后便会触发APP向支付平台服务器发送支付请求。与现有技术不同的是,本发明实施例中当用户使用APP客户端点击提交操作后并不会立即触发APP发送支付请求,而是触发APP通过已定义好的私有协议发送获取支付标识的请求以使得支付平台服务器返回用于表示此次交易记录的支付标识。In the prior art, when the user uses the APP client to fill in the payment information and clicks the submit operation, the APP will be triggered to send a payment request to the payment platform server. Different from the existing technology, in the embodiment of the present invention, when the user uses the APP client to click the submit operation, the APP will not be triggered immediately to send the payment request, but the APP will be triggered to send the request to obtain the payment identification through the defined private protocol So that the payment platform server returns the payment identifier used to represent the transaction record.
402:所述支付平台服务器根据预设规则生成支付标识,每个所述支付标识用于标记一次支付请求。402: The payment platform server generates payment identifiers according to preset rules, and each payment identifier is used to mark a payment request.
在支付标识的一种实现方式中,所指的支付标识为通用唯一识别码(UniversallyUniqueIdentifier,UUID)。标准的UUID码通常由以下几部分组合:当前日期和时间、时钟序列、全局唯一的IEEE机器识别号。为了防止同一终端不同APP支付请求同时发生产生碰撞,本发明实施例在标准UUID码的基础上进行了下述改进:采用IMEI表示所述全局唯一的IEEE机器识别号;增加IMSI和APP标识两个新的字段。UUID生成算法可参考标准UUID的生成算法,本发明实施例不再赘述。In an implementation manner of the payment identifier, the referred payment identifier is a universally unique identifier (Universally Unique Identifier, UUID). A standard UUID code is usually composed of the following parts: current date and time, clock sequence, and globally unique IEEE machine identification number. In order to prevent different APP payment requests from the same terminal from colliding at the same time, the embodiment of the present invention makes the following improvements on the basis of the standard UUID code: use IMEI to represent the globally unique IEEE machine identification number; add two IMSI and APP identifiers new field. For the UUID generation algorithm, reference may be made to the standard UUID generation algorithm, which will not be repeated in this embodiment of the present invention.
403:所述支付平台服务器向所述APP客户端返回所述支付标识。403: The payment platform server returns the payment identifier to the APP client.
当APP客户端接收到该支付标识后在支付请求后添加支付标识字段,并重新发送到支付平台。After the APP client receives the payment ID, add the payment ID field after the payment request, and resend it to the payment platform.
以支付平台为支付宝为例,某次支付请求的支付链接地址如下所示,为:Taking the payment platform as Alipay as an example, the payment link address of a certain payment request is as follows:
https://alipay.com?UUID=80378E44-DC7D-5947-032B-370A632B6D9D。https://alipay.com? UUID=80378E44-DC7D-5947-032B-370A632B6D9D.
其中,“UUID=80378E44-DC7D-5947-032B-370A632B6D9D”便为某次支付请求中携带的支付标识。Among them, "UUID=80378E44-DC7D-5947-032B-370A632B6D9D" is the payment identifier carried in a certain payment request.
进一步的,作为图3所示方法的补充,步骤303“所述鉴权服务器根据所述支付标识,获取与所述支付标识对应的目标用户信息并向所述支付平台服务器发送所述目标用户信息”之前,所述方法还包括采集用户上网原始记录并通过筛选存储形成最终的用户信息的过程,该过程如图5所示,具体包括:Further, as a supplement to the method shown in FIG. 3 , step 303 "according to the payment identifier, the authentication server obtains the target user information corresponding to the payment identifier and sends the target user information to the payment platform server "Before, the method also included the process of collecting the original records of users surfing the Internet and forming the final user information through screening and storage. This process is shown in Figure 5 and specifically includes:
501:采集设备通过位于所述SGSN和所述GGSN之间的接口获取每条用户上网原始记录并向流式实时处理设备发送所述用户上网原始记录。501: The collection device obtains each user's original online record through the interface between the SGSN and the GGSN, and sends the user's original online record to the streaming real-time processing device.
所指的流式实时处理设备是指能够进行流式计算的设备,所指的流式计算是用于处理实时性计算最常用的方式,能够根据处理方式将任务分解为不同的小块,并封装成任务类型的方式运行于系统各个节点的不同端口上。对实时性要求比较高的任务处理有比较明显的优势,并且支持多任务的并行处理。The stream real-time processing device referred to refers to the device capable of stream computing. The stream computing referred to is the most commonly used method for processing real-time computing. It can decompose tasks into different small blocks according to the processing method, and The way of encapsulating into task type runs on different ports of each node of the system. It has obvious advantages in task processing with high real-time requirements, and supports parallel processing of multiple tasks.
从APP客户端发起支付请求到支付平台服务器响应其支付请求的过程都要求有较高的实时性,因而这个过程中的所有操作都要尽量快速。因此,当采集设备采集了各种用户上网原始记录时,需要采用流式计算的方法快速筛选出支付请求的相关记录。具体过程为下述步骤502和503。The process from the APP client initiating a payment request to the payment platform server responding to its payment request requires high real-time performance, so all operations in this process must be as fast as possible. Therefore, when the collection device collects the original records of various users surfing the Internet, it is necessary to quickly filter out the relevant records of the payment request by using the stream computing method. The specific process is the following steps 502 and 503.
502:所述流式实时处理设备获取每条所述用户上网原始记录的统一资源定位符URL字段。502: The streaming real-time processing device acquires the URL field of each original record of the user surfing the Internet.
将用户上网原始记录以分隔符直接切分最后一个字段,获取URL字段值,也就是URL字符串。Divide the original record of the user's Internet access into the last field directly with a delimiter to obtain the value of the URL field, that is, the URL string.
503:如果所述URL字段中包括支付标识,则获取所述支付标识的值以及与所述支付标识所在的URL字段对应的用户上网原始记录中的用户信息。503: If the URL field includes a payment identifier, acquire the value of the payment identifier and the user information in the original record of the user surfing the Internet corresponding to the URL field where the payment identifier is located.
判断URL字符串中是否包含支付标识,若包含则提取出支付标识的值,以及从用户上网原始记录中提取手机号、IMSI、IMEI等用户信息;若不包含,则直接舍弃该条记录。Determine whether the URL string contains the payment identifier, if yes, extract the value of the payment identifier, and extract user information such as mobile phone number, IMSI, IMEI, etc. from the original record of the user surfing the Internet; if not, discard the record directly.
504:所述流式实时处理设备向所述鉴权服务器发送所述支付标识的值以及所述用户信息。504: The streaming real-time processing device sends the value of the payment identifier and the user information to the authentication server.
505:所述鉴权服务器将所述支付标识的值进行哈希编码形成哈希码并以哈希码表的形式存储至内存中。505: The authentication server performs hash coding on the value of the payment identifier to form a hash code, and stores it in the memory in the form of a hash code table.
将支付标识的值进行哈希编码形成哈希码,然后将哈希码按位存储形成哈希码表并存储至内存中。The value of the payment identifier is hash coded to form a hash code, and then the hash code is stored bit by bit to form a hash code table and stored in the memory.
506:所述鉴权服务器将所述支付标识以及与所述支付标识对应的用户信息以哈希数据表的形式存储至内存中。506: The authentication server stores the payment identifier and user information corresponding to the payment identifier in a memory in the form of a hash data table.
除了哈希码表外,内存中还存储有另外一张表-哈希数据表,哈希数据表中保存的内容为支付标识的值以及从该支付标识所在的用户上网原始记录中提取的用户信息。In addition to the hash code table, there is another table-hash data table stored in the memory. The content stored in the hash data table is the value of the payment ID and the user ID extracted from the original online record of the user where the payment ID is located. information.
需要说明的是,上述采集设备、流式计算处理设备和鉴权服务器可以集成设置,也可以分开独立设置。It should be noted that the above collection device, streaming computing processing device and authentication server can be integrated or set independently.
为了对上述步骤501至步骤503的处理过程进行更加清楚具体的解释,以名称为“Storm集群”的流式实时处理设备为例进行说明。Storm集群由一个主节点和多个工作节点组成,其中主节点运行了Nimbus守护进程,用于分配给各工作节点工作代码、布置任务、工作检测等功能,下文简称主节点为Nimbus;工作节点运行Supervisor守护进程,用于监听工作,开始和终止工作进程,下文简称为Supervisor;Zookeeper并不是实际的节点,而是协调Nimbus和Supervisor两个工作的软件,主要用于管理集群中的不同组件。在工作节点Supervisor上运行流式计算数据源(逻辑)节点Sprout和数据处理(逻辑)节点Bolt。In order to explain more clearly and concretely the processing process of the above step 501 to step 503, a streaming real-time processing device named "Storm cluster" is used as an example for illustration. The Storm cluster is composed of a master node and multiple work nodes. The master node runs the Nimbus daemon process, which is used to assign work codes, task assignments, work detection and other functions to each work node. The master node is referred to as Nimbus below; the work nodes run The Supervisor daemon is used to monitor work, start and terminate the work process, hereinafter referred to as Supervisor; Zookeeper is not an actual node, but a software that coordinates the work of Nimbus and Supervisor, and is mainly used to manage different components in the cluster. Run stream computing data source (logic) node Sprout and data processing (logic) node Bolt on the working node Supervisor.
采用Storm集群将用户支付请求提取任务进行分解并与流式计算相结合,实现对用户支付请求信息的实时提取。具体包括以下4个过程:The Storm cluster is used to decompose the user payment request extraction task and combine it with stream computing to realize real-time extraction of user payment request information. Specifically, it includes the following 4 processes:
(1)用户上网原始记录流入任务(1) User online original record inflow task
现有技术中采集设备产生的用户上网原始记录数据是以文本(TXT)的方式存储。为了提高实时处理的效率,本实施例中将采集设备产生的用户上网原始记录数据封装为Sprout任务类型(也称为数据源节点)。也就是说采集设备实时获得的用户上网原始记录数据能以“流”的方式直接进入Storm中进行处理,省去了先存成TXT格式,再读取的繁琐步骤。In the prior art, the original record data of users surfing the Internet generated by the acquisition device is stored in the form of text (TXT). In order to improve the efficiency of real-time processing, in this embodiment, the original record data of users surfing the Internet generated by the collection device is encapsulated into a Sprout task type (also referred to as a data source node). That is to say, the original record data of users’ Internet access obtained by the acquisition device in real time can be directly entered into Storm for processing in a “stream” manner, which saves the tedious steps of first saving in TXT format and then reading.
(2)支付请求提取任务(2) Payment request extraction task
该任务为Bolt类型任务,其具体实现过程为:从Sprout(数据源节点)流入的原始记录以分隔符直接切分最后一个字段,获取URL字段值,也就是URL字符串。This task is a Bolt type task, and its specific implementation process is: the original record flowing in from Sprout (data source node) is directly divided into the last field by a delimiter, and the value of the URL field is obtained, that is, the URL string.
判断URL字符串中是否包含支付标识字段(下文均以UUID为例),若包含则执行用户信息提取任务;否则舍弃该条记录。Determine whether the URL string contains the payment identification field (UUID is used as an example below), and if so, perform the user information extraction task; otherwise discard the record.
(3)用户信息提取任务(3) User information extraction task
该任务为Bolt类型任务,其具体实现过程为:提取出URL字段中的UUID值,提取上网原始记录中的手机号、IMSI、终端类型、开始时间以及UserAgent这5个字段,将UUID的值以及提取的5个字段的值组合成<K,V>键值对,其中K为UUID值,V为上述5个字段值,且5个字段值之间以分割符分割。This task is a Bolt type task, and its specific implementation process is: extract the UUID value in the URL field, extract the five fields of mobile phone number, IMSI, terminal type, start time, and UserAgent in the original record of Internet access, and convert the UUID value and The values of the five extracted fields are combined into <K,V> key-value pairs, where K is the UUID value, V is the above five field values, and the five field values are separated by separators.
这样,将支付请求提取任务和用户信息提取任务分开,从而尽可能将计算量分解,利用流式计算优势,提高处理效率。In this way, the payment request extraction task is separated from the user information extraction task, so as to decompose the calculation amount as much as possible, and use the advantages of stream computing to improve processing efficiency.
(4)流式计算实现任务处理(4) Stream computing implements task processing
用户上网原始记录流入任务以流式计算Sprout任务来实现,作为输入数据源;支付请求提取任务、发起端信息提取任务以Bolt任务来实现。同时,根据不同任务的复杂度对任务的数量进行合理的配比。例如:用户上网原始记录流入任务计算复杂度最低,支付请求提取任务计算复杂度最高,用户信息提取任务计算复杂度在两者之间。因此,本发明中根据计算量动态调整三个任务之间的配比,如2:4:3。The inflow task of the user's online original record is implemented by the stream computing Sprout task as the input data source; the payment request extraction task and the initiator information extraction task are implemented by the Bolt task. At the same time, the number of tasks should be reasonably matched according to the complexity of different tasks. For example, the calculation complexity of the user's original record inflow task is the lowest, the calculation complexity of the payment request extraction task is the highest, and the calculation complexity of the user information extraction task is between the two. Therefore, in the present invention, the ratio among the three tasks is dynamically adjusted according to the calculation amount, such as 2:4:3.
为了对上述步骤505和506进行更加清楚的解释,其存储过程具体如下:内存存储其本身就是按位建立索引,已知一个字符byte有8个字节bit,存储整形0-7数字,也就是按照bit所在位设置为1表示。如果要表示数字5、6,则在内存中的存储形式为[00000110],就是在第6、7位上,改为1。也就是用第x位来表示数字x。如果存储0-7共8个数,采用内存存储总共占用1byte空间,8个数字如果为int类型则总共为32byte。因而采用内存存储,存储连续型数字具有明显优势,能够节省大量空间,适合放置于内存当中,从而提高效率。因此本发明中采用按位存储的方式,将UUID进行哈希编码并存储,使其形成固定位数的数字,如图6所示为UUID与哈希码的对应关系示意图。本实施例中采用8位数字来表示哈希码,因而仅需要辟109bit大小的空间便可用于存储哈希码。In order to explain the above steps 505 and 506 more clearly, the storage process is as follows: the memory storage itself is indexed by bit, and it is known that a character byte has 8 byte bits, and the integer 0-7 is stored, that is According to the bit where the bit is set to 1. If you want to represent the numbers 5 and 6, the storage form in the memory is [00000110], that is, change the 6th and 7th digits to 1. That is, the number x is represented by the xth bit. If a total of 8 numbers from 0 to 7 are stored, the memory storage will occupy a total of 1 byte space, and if the 8 numbers are int type, the total will be 32 bytes. Therefore, using memory storage and storing continuous numbers has obvious advantages, which can save a lot of space and are suitable for placement in memory, thereby improving efficiency. Therefore, in the present invention, the UUID is hash-coded and stored in a bit-by-bit manner, so that it forms a number with a fixed number of digits, as shown in FIG. 6 , which is a schematic diagram of the corresponding relationship between the UUID and the hash code. In this embodiment, 8-bit numbers are used to represent the hash code, so only 109 bits of space are required to store the hash code.
鉴权平台服务器除了具有存储哈希码表和哈希数据表的功能外,还需要对已存储的内容进行更新和删除等维护操作。例如:对已经被支付平台服务器鉴权过的记录,进行删除操作以减少空间占用;当获取到携带有相同的支付标识的多个支付记录时,以最后一次支付记录为准,更新哈希码表和哈希数据表。In addition to the function of storing the hash code table and hash data table, the authentication platform server also needs to perform maintenance operations such as updating and deleting the stored content. For example: delete the records that have been authenticated by the payment platform server to reduce space occupation; when multiple payment records with the same payment ID are obtained, the hash code is updated based on the last payment record tables and hashed data tables.
进一步的,结合图1和图5,步骤303“所述鉴权服务器根据所述支付标识,获取与所述支付标识对应的目标用户信息并向所述支付平台服务器发送所述目标用户信息”,如图7所示,具体包括:Further, in combination with Figure 1 and Figure 5, step 303 "the authentication server obtains the target user information corresponding to the payment ID according to the payment ID and sends the target user information to the payment platform server", As shown in Figure 7, specifically include:
601:所述鉴权服务器根据所述支付标识,查找所述哈希码表中是否存储所述支付标识对应的哈希码。601: The authentication server searches, according to the payment identifier, whether the hash code corresponding to the payment identifier is stored in the hash code table.
本步骤中,首先查询内存中是否存储有支付标识对应的哈希码,如果存储,则执行下述步骤602。如果未存储,则直接向支付平台服务器返回鉴权失败的信息,无需执行下述步骤602。In this step, it is first checked whether the hash code corresponding to the payment identifier is stored in the memory, and if it is stored, the following step 602 is performed. If it is not stored, the authentication failure information is returned directly to the payment platform server without performing step 602 below.
602:如果存在,则从所述哈希数据表中获取与所述支付标识对应的目标用户信息并向所述支付平台服务器发送所述目标用户信息。602: If yes, acquire target user information corresponding to the payment identifier from the hash data table, and send the target user information to the payment platform server.
通过以上的实施方式的描述,所属领域的技术人员可以清楚地了解到本发明可借助软件加必需的通用硬件的方式来实现,当然也可以通过硬件,但很多情况下前者是更佳的实施方式。基于这样的理解,本发明的技术方案本质上或者说对现有技术做出贡献的部分可以以软件产品的形式体现出来,该计算机软件产品存储在可读取的存储介质中,如计算机的软盘,硬盘或光盘等,包括若干指令用以使得一台计算机设备(可以是个人计算机,服务器,或者网络设备等)执行本发明各个实施例所述的方法。Through the description of the above embodiments, those skilled in the art can clearly understand that the present invention can be realized by means of software plus necessary general-purpose hardware, and of course also by hardware, but in many cases the former is a better embodiment . Based on this understanding, the essence of the technical solution of the present invention or the part that contributes to the prior art can be embodied in the form of a software product, and the computer software product is stored in a readable storage medium, such as a floppy disk of a computer , a hard disk or an optical disk, etc., including several instructions for enabling a computer device (which may be a personal computer, server, or network device, etc.) to execute the methods described in various embodiments of the present invention.
以上所述,仅为本发明的具体实施方式,但本发明的保护范围并不局限于此,任何熟悉本技术领域的技术人员在本发明揭露的技术范围内,可轻易想到变化或替换,都应涵盖在本发明的保护范围之内。The above is only a specific embodiment of the present invention, but the scope of protection of the present invention is not limited thereto. Anyone skilled in the art can easily think of changes or substitutions within the technical scope disclosed in the present invention. Should be covered within the protection scope of the present invention.
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN201510508271.2ACN105184559B (en) | 2015-08-18 | 2015-08-18 | A kind of payment system and method |
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN201510508271.2ACN105184559B (en) | 2015-08-18 | 2015-08-18 | A kind of payment system and method |
| Publication Number | Publication Date |
|---|---|
| CN105184559Atrue CN105184559A (en) | 2015-12-23 |
| CN105184559B CN105184559B (en) | 2018-12-28 |
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN201510508271.2AActiveCN105184559B (en) | 2015-08-18 | 2015-08-18 | A kind of payment system and method |
| Country | Link |
|---|---|
| CN (1) | CN105184559B (en) |
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN106993281A (en)* | 2017-03-31 | 2017-07-28 | 苏州乐麟无线信息科技有限公司 | The charging method and system of short message transaction events based on json |
| CN107180346A (en)* | 2016-05-16 | 2017-09-19 | 上海阿意梯医疗器械有限公司 | A kind of cosmetics payment system |
| CN108153858A (en)* | 2017-12-22 | 2018-06-12 | 平安养老保险股份有限公司 | Information-pushing method, device, storage medium and computer equipment |
| CN111210210A (en)* | 2020-01-07 | 2020-05-29 | 贵阳货车帮科技有限公司 | Payment data processing method and device and electronic equipment |
| CN114331730A (en)* | 2021-12-29 | 2022-04-12 | 浙江吉利控股集团有限公司 | Information processing method, device and storage medium |
| CN116228245A (en)* | 2023-03-02 | 2023-06-06 | 中国工商银行股份有限公司 | Electronic direct payment authorization method, device, electronic equipment and medium |
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| WO2006004277A1 (en)* | 2004-03-30 | 2006-01-12 | Widerthan.Com Co., Ltd. | Service system and method for mobile payment of small amount using virtual caller id |
| CN101576982A (en)* | 2009-03-19 | 2009-11-11 | 宇龙计算机通信科技(深圳)有限公司 | Method, terminal and system for network payment |
| CN102223354A (en)* | 2010-04-14 | 2011-10-19 | 阿里巴巴集团控股有限公司 | Network payment authentication method, server and system |
| CN102457842A (en)* | 2010-10-22 | 2012-05-16 | 中国移动通信集团宁夏有限公司 | Mobile phone transaction method, device and system |
| CN102930435A (en)* | 2012-09-19 | 2013-02-13 | 中国联合网络通信集团有限公司 | Authentication method and system for mobile payment |
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| WO2006004277A1 (en)* | 2004-03-30 | 2006-01-12 | Widerthan.Com Co., Ltd. | Service system and method for mobile payment of small amount using virtual caller id |
| CN101576982A (en)* | 2009-03-19 | 2009-11-11 | 宇龙计算机通信科技(深圳)有限公司 | Method, terminal and system for network payment |
| CN102223354A (en)* | 2010-04-14 | 2011-10-19 | 阿里巴巴集团控股有限公司 | Network payment authentication method, server and system |
| CN102457842A (en)* | 2010-10-22 | 2012-05-16 | 中国移动通信集团宁夏有限公司 | Mobile phone transaction method, device and system |
| CN102930435A (en)* | 2012-09-19 | 2013-02-13 | 中国联合网络通信集团有限公司 | Authentication method and system for mobile payment |
| Title |
|---|
| 20120203集中化上网记录查询及分析技术规范V1.0.5: "中国联通集中化上网记录查询及分析系统技术规范", 《HTTPS://WENKU.BAIDU.COM/VIEW/631F8C3F580216FC700AFDA1.HTML》* |
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN107180346A (en)* | 2016-05-16 | 2017-09-19 | 上海阿意梯医疗器械有限公司 | A kind of cosmetics payment system |
| CN106993281A (en)* | 2017-03-31 | 2017-07-28 | 苏州乐麟无线信息科技有限公司 | The charging method and system of short message transaction events based on json |
| CN106993281B (en)* | 2017-03-31 | 2020-05-22 | 苏州乐麟无线信息科技有限公司 | Json-based charging method and system for short message transaction event |
| CN108153858A (en)* | 2017-12-22 | 2018-06-12 | 平安养老保险股份有限公司 | Information-pushing method, device, storage medium and computer equipment |
| CN108153858B (en)* | 2017-12-22 | 2020-07-07 | 平安养老保险股份有限公司 | Information push method, device, storage medium and computer equipment |
| CN111210210A (en)* | 2020-01-07 | 2020-05-29 | 贵阳货车帮科技有限公司 | Payment data processing method and device and electronic equipment |
| CN114331730A (en)* | 2021-12-29 | 2022-04-12 | 浙江吉利控股集团有限公司 | Information processing method, device and storage medium |
| CN116228245A (en)* | 2023-03-02 | 2023-06-06 | 中国工商银行股份有限公司 | Electronic direct payment authorization method, device, electronic equipment and medium |
| Publication number | Publication date |
|---|---|
| CN105184559B (en) | 2018-12-28 |
| Publication | Publication Date | Title |
|---|---|---|
| CN112468520B (en) | Data detection method, device and equipment and readable storage medium | |
| CN103685307B (en) | The method and system of feature based storehouse detection fishing fraud webpage, client, server | |
| CN106101258B (en) | Interface calling method, device and system of hybrid cloud | |
| CN108885666B (en) | System and method for detecting and preventing counterfeiting | |
| CN103607385B (en) | Method and apparatus for security detection based on browser | |
| CN103685308B (en) | Detection method and system of phishing web pages, client and server | |
| EP3697042A1 (en) | Traffic analysis method, public service traffic attribution method and corresponding computer system | |
| CN105472052B (en) | Cross-domain server login method and system | |
| CN105184559A (en) | System and method for payment | |
| CN107196950B (en) | Verification method, verification device and server | |
| CN103229479B (en) | A website identification method, device and network system | |
| US20180324153A1 (en) | Client fingerprinting for information system security | |
| CN112818014B (en) | Block chain data analysis method and device and electronic equipment | |
| CN105827582B (en) | A communication encryption method, device and system | |
| CN110888838A (en) | Object storage based request processing method, device, equipment and storage medium | |
| WO2019019344A1 (en) | Webpage data crawling method and device, user terminal, and readable storage medium | |
| US11297105B2 (en) | Dynamically determining a trust level of an end-to-end link | |
| CN111064725A (en) | Code zero intrusion interface verification method and device | |
| CN111147625B (en) | Method, device and storage medium for acquiring local external network IP address | |
| CN111949363B (en) | Business access management method, computer equipment, storage medium and system | |
| CN111817859A (en) | Data sharing method, device, device and storage medium based on zero-knowledge proof | |
| CN108833500B (en) | Service calling method, service providing method, data transmission method and server | |
| CN110750290A (en) | Software version upgrading method and device based on DNS query | |
| CN111211902A (en) | Digital signature method and device based on enterprise browser | |
| CN113824644A (en) | HTTPS service content identification method, device and device |
| Date | Code | Title | Description |
|---|---|---|---|
| C06 | Publication | ||
| PB01 | Publication | ||
| C10 | Entry into substantive examination | ||
| SE01 | Entry into force of request for substantive examination | ||
| GR01 | Patent grant | ||
| GR01 | Patent grant |