Summary of the invention
The present invention provides a kind of method of payment and device, by POS being combined with terminal, it is achieved that the monitor in real time to POS, and achieves the extension of POS function.
First aspect, the present invention provides a kind of method of payment, including:
Log-on message and the first safety information is sent to server, described log-on message carries ID, described first safety information includes at least one in the primary importance information of terminal, first user image information, first user acoustic information, and described first safety information is used for indicating described server to judge whether first user is validated user;
Receive described server and judge the first transaction odd numbers of sending after described first user is validated user, according to described ID;
Transaction message is sent, so that described transaction message is sent extremely described server and carries out dissection process by described POS to point-of-sale terminal POS; Described transaction message includes described ID, the second transaction odd numbers and acquired Transaction Information;
Receive the transaction results that described server sends.
Further, described method also includes:
When receiving the security request that described server sends, send the second safety information to described server; Described second safety information includes at least one in the second position information of terminal, the second user images information, the second user voice information, and described second safety information is used for indicating described server to judge whether the second user is validated user.
Alternatively, described before server transmission log-on message and the first safety information, also include:
Log-on message is sent to described server; Described log-on message includes described ID, the mark of described POS, the 3rd positional information of described terminal, the 3rd user images information and the 3rd user voice information.
Second aspect, the present invention provides a kind of method of payment, including:
Receive log-on message and the first safety information that terminal sends, described log-on message carries ID, described first safety information includes at least one in the primary importance information of described terminal, first user image information, first user acoustic information, and described first safety information is used for indicating described server to judge whether first user is validated user;
When described first user is validated user, send the first transaction odd numbers according to described ID to described terminal;
Transaction message, the mark of described POS and the trading password that reception point-of-sale terminal POS sends, described transaction message includes the Transaction Information that described ID, the second transaction odd numbers and described terminal obtain;
Described transaction message is carried out dissection process, and when judging that current transaction business is legal according to the mark of the transaction message after resolving and described POS, sending payment information to financial sector, described payment information includes described trading password and described Transaction Information.
Further, the described mark according to the transaction message after resolving and described POS judges that current transaction business is legal, specifically includes
Described transaction message is carried out dissection process, it is thus achieved that the described second transaction odd numbers in described transaction message;
Judge that described second transaction odd numbers odd numbers of whether concluding the business with described first is identical, and according to default mapping relations judge described POS identify whether mate with described ID;
When described second transaction odd numbers is identical with described first transaction odd numbers, and when the mark of described POS is mated with described ID, it is determined that described transaction business is legal.
Alternatively, described method also includes:
When the dealing money in described Transaction Information is more than preset cost, send security request to described terminal;
Receiving the second safety information that described terminal sends, described second safety information includes at least one in the second position information of described terminal, the second user images information, the second user voice information.
Further, before receiving the log-on message that terminal sends, described method also includes:
Receive the log-on message that described terminal sends, and set up described mapping relations according to described log-on message; Described log-on message includes described ID, the mark of described POS, the 3rd positional information of described terminal, the 3rd user images information and the 3rd user voice information.
The third aspect, the present invention provides a kind of payment mechanism, including:
Sending module, for sending log-on message and the first safety information to server, described log-on message carries ID, described first safety information includes at least one in the primary importance information of terminal, first user image information, first user acoustic information, and described first safety information is used for indicating described server to judge whether first user is validated user;
Receiver module, for receiving described server judging after described first user is validated user, first conclude the business odd numbers according to what described ID sent;
Described sending module, is additionally operable to send transaction message to point-of-sale terminal POS, so that described transaction message is sent extremely described server and carries out dissection process by described POS; Described transaction message includes described ID, the second transaction odd numbers and acquired Transaction Information;
Described receiver module, is additionally operable to receive the transaction results that described server sends.
Further, described sending module, it is additionally operable to, when described receiver module receives the security request that described server sends, send the second safety information to described server; Described second safety information includes at least one in the second position information of terminal, the second user images information, the second user voice information, and described second safety information is used for indicating described server to judge whether the second user is validated user.
Alternatively, described sending module, it is additionally operable to, before send log-on message and the first safety information to server, send log-on message to described server; Described log-on message includes described ID, the mark of described POS, the 3rd positional information of described terminal, the 3rd user images information and the 3rd user voice information.
Fourth aspect, the present invention provides a kind of payment mechanism, including:
Receiver module, for receiving log-on message and the first safety information that terminal sends, described log-on message carries ID, described first safety information includes at least one in the primary importance information of described terminal, first user image information, first user acoustic information, and described first safety information is used for indicating described server to judge whether first user is validated user;
Sending module, for when described first user is validated user, sending the first transaction odd numbers according to described ID to described terminal;
Described receiver module, is additionally operable to receive transaction message, the mark of described POS and the trading password that point-of-sale terminal POS sends, and described transaction message includes the Transaction Information that described ID, the second transaction odd numbers and described terminal obtain;
Processing module, for described transaction message carries out dissection process, and the mark according to the transaction message after resolving and described POS judges that whether current transaction business is legal;
Described sending module, it is additionally operable to when according to the mark of the transaction message after resolving and described POS, described processing module judges that current transaction business is legal, sending payment information to financial sector, described payment information includes described trading password and described Transaction Information.
Further, described processing module, specifically include:
Resolution unit, for carrying out dissection process to described transaction message, it is thus achieved that the described second transaction odd numbers in described transaction message;
Judging unit, is used for judging that described second transaction odd numbers odd numbers of whether concluding the business with described first is identical, and according to default mapping relations judge described POS identify whether mate with described ID;
Determine unit, for judging that described second transaction odd numbers is identical with described first transaction odd numbers at described judging unit, and when the mark of described POS is mated with described ID, it is determined that described transaction business is legal.
Further, described sending module, it is additionally operable to when the dealing money in described Transaction Information is more than preset cost, sends security request to described terminal; Described receiver module, is additionally operable to receive the second safety information that described terminal sends, and described second safety information includes at least one in the second position information of described terminal, the second user images information, the second user voice information.
Alternatively, described receiver module, it is additionally operable to, before receiving the log-on message that terminal sends, receive the log-on message that described terminal sends, and set up described mapping relations according to described log-on message; Described log-on message includes described ID, the mark of described POS, the 3rd positional information of described terminal, the 3rd user images information and the 3rd user voice information.
Method of payment provided by the invention and device, terminal is combined with POS, log-on message and the first safety information is sent by terminal to server, ID and the first safety information carried in the log-on message that server sends according to terminal judge whether the user of login service device is validated user, ensure that the user of login service device is for POS validated user, solving POS operator in prior art can not the problem of real-time monitoring to POS user, simultaneously by installing on the terminal device or upgrade application, achieve the real-time update to POS function, solve the problem that the function of POS own is difficult to extend.
Detailed description of the invention
For making the object, technical solutions and advantages of the present invention clearly, below in conjunction with the accompanying drawing in the embodiment of the present invention, technical scheme in the embodiment of the present invention is clearly and completely described, obviously, described embodiment is a part of embodiment of the present invention, rather than whole embodiments.
Method of payment provided by the invention and device, be POS be combined with terminal, and trade company passes through terminal login service device to carry out follow-up operation before using POS.The method of payment of the present invention and device go for mobile POS, it is also possible to suitable in wired POS, for solve POS operator in prior art to POS user cannot the problem of real-time monitoring, and the problem that the function of POS own is difficult to extend.
Terminal of the present invention can be intelligent mobile terminal, such as mobile phone, panel computer, it can also be fixed terminal, such as desk computer, as long as it is to say, terminal of the present invention can install the equipment of client software, subsidiary positioning function, camera function, sound-recording function etc.
With specifically embodiment, technical scheme is described in detail below. These specific embodiments can be combined with each other below, is likely to repeat no more in certain embodiments for same or analogous concept or process.
Fig. 1 is the schematic flow sheet of method of payment embodiment one provided by the invention, the method of payment of the present embodiment can apply to terminal, it is mutual that the present embodiment refers to carry out information between terminal and server, and realized the detailed process of POS supervision alternately by corresponding information. As it is shown in figure 1, the method for payment of the present embodiment may include that
S101, send log-on message and the first safety information to server, described log-on message carries ID, described first safety information includes at least one in the primary importance information of terminal, first user image information, first user acoustic information, and described first safety information is used for indicating described server to judge whether first user is validated user.
It should be noted that, user is when initial log server, and user needs to input ID to server, and this ID is suitable with the POS of user mark, namely a POS mark correspond to an ID, and wherein POS mark can be POS terminal number. Meanwhile, the POS user information database for preserving POS user profile can be included in the server.
Alternatively, server is saved in the information in POS user information database, information that can be POS user preserve at place of POS operator when applying for POS or the information preserved in banking system, this information is collected and establishes POS user information database by server. Optionally, this POS user information database can include different POS mark, corresponding relation between different validated users mark and different safety information, one corresponding ID of POS mark, a corresponding safety information of ID. This safety information can be the information that the positional information of POS user, image information, acoustic information, finger print information etc. can recognize POS user identity. It should be noted that the POS mark in above-mentioned POS user information database is the mark of legal POS.
Specifically, when terminal login service device, terminal to server sends log-on message and the first safety information, this log-on message carries ID, server may determine that whether this ID mates with the mark of POS in above-mentioned POS user information database, to judge that whether this ID is legal. when ID is not mated with the POS mark in above-mentioned POS user information database, then illustrating that this user is not POS user, be illicit user, be impermissible for login service device, server returns the information of login failure to terminal, when ID is mated with the POS mark in above-mentioned POS user information database, illustrate that this ID is legal, but not can confirm that whether the user using this ID is the POS user (namely to judge that whether the user of the ID using this legal is legal POS user) mated with this ID, now in order to prevent legal POS user that the ID that server sends is transferred to other users, cause that the user of login service device is not legal POS user, make POS operator the legal use of POS cannot be carried out real-time monitoring, now server may also require that terminal inputs the first safety information, this first safety information can be the primary importance information of terminal, first user image information, the finger print information etc. of first user acoustic information or first user, the kind of the first safety information is not limited by the present invention, as long as the identity information user of now login service device (this first user be) of first user can be verified, according to the first safety information that terminal sends, server judges whether the first user of login service device is validated user.
Further, terminal can send the first safety information according to the requirement of server to server, the such as image of server requirement terminal input user, now the image information of oneself is sent to server by terminal by first user, if terminal is smart mobile phone, the head portrait of oneself can be input in server by the camera function of smart mobile phone by user, server is in conjunction with the corresponding relation in above-mentioned POS user information database, judge whether the image of this first user image information and POS user corresponding to the current ID (through above-mentioned, the current ID logged in is judged as that validated user identifies) logged in mates. if the first user image that terminal sends mates with this POS user images, then the legitimate user that user is this POS of login service device being described, namely this first user is validated user, if it does not match, illustrate that first user is disabled user, server does not allow this disabled user's login service device, i.e. login failed for user, and user can not use POS to conclude the business accordingly. that is, after terminal to server sends the first safety information, the information of the first safety information of terminal transmission with the validated user in the POS user information database in server can be compared by server, confirm that whether the user of current login service device is for the POS user in POS user information database with this, prevent disabled user's login service device, it is to avoid the illegal use of POS.
Alternatively, when server judges the first user logged in as disabled user, this judgement information can be sent to POS operator by server, this POS user is imposed a fine or stops using the punishment such as POS by the information that POS operator sends according to server, achieve the real-time monitoring that POS is used by POS operator, it is prevented that the illegal use of POS.
It should be noted that, related protocol is defined between terminal and the POS of the present invention, this agreement includes transaction message agreement and command protocols, the application that wherein transaction message agreement is paid for realizing terminal to be initiated to backstage by POS, command protocols is for indicating the instruction that POS sends according to terminal to operate accordingly, the intercommunication mutually between POS with terminal by above-mentioned protocol realization, user can install or the upgrade application realization extension to POS function in terminal simultaneously.
S102, receive described server and judging the first transaction odd numbers of sending after described first user is validated user, according to described ID.
Specifically, after server judges that first user is validated user, the first transaction odd numbers is sent to terminal according to this ID, making terminal receive the first transaction odd numbers that server sends, this first transaction odd numbers is that server generates according to ID stochastic generation or according to certain preset rules.
Alternatively, server can also include transaction platform, and above-mentioned first transaction odd numbers can complete on transaction platform.
S103, send transaction message to point-of-sale terminal POS, so that described transaction message is sent to described server by described POS carries out dissection process; Described transaction message includes described ID, the second transaction odd numbers and acquired Transaction Information.
Specifically, after terminal receives the first transaction odd numbers that server sends, transaction message is sent to POS, this transaction message includes the above-mentioned ID that legalizes, terminal obtains Transaction Information and the second transaction odd numbers, this Transaction Information includes type of transaction, dealing money etc., wherein type of transaction can for transferring accounts, inquiry etc., then this transaction message is sent to POS according to the agreement between POS by terminal.POS shows pertinent transaction information after receiving transaction message on POS interface, such as dealing money, now need client that above-mentioned Transaction Information is confirmed, after client is to the confirmation of the information such as the type of transaction in Transaction Information, dealing money, client is input validation instruction in POS, such as swipe the card, then the information such as above-mentioned transaction message, POS mark and trading password are sent jointly to server by POS, the information that POS is sent by server carries out dissection process, parses ID, the second transaction odd numbers and Transaction Information etc.
The second transaction odd numbers after parsing and the first transaction odd numbers being handed down to terminal before are compared by server, and the POS mark ID after parsing and POS sent is compared, ID after server resolves is mated with POS mark, and second transaction odd numbers with first conclude the business odd numbers identical time, illustrate that this transaction is legal, then server sends payment information to financial sector (such as Unionpay's system), this payment information include before POS send trading password and Transaction Information, financial sector judges that whether the information that client inputs is wrong, such as, client's bankcard consumption 100 yuan, then financial sector judges that whether the card number of client and password be correct, whether card state whether normal (such as either with or without stopping card) and the upper amount of money of card is be more than or equal to 100 yuan, if financial sector judges that the card number of client and password are correct, card state correct and block the upper amount of money be more than or equal to 100 yuan then financial sector send successful information of concluding the business to server, server using successful for this transaction information as transaction results.
If server resolve after ID and POS identify and do not mate, then illustrate that this user is disabled user, server using Fail Transaction information as transaction results; If ID is mated with POS mark, but the second transaction odd numbers and the first transaction odd numbers differ, and server will conclude the business the incorrect information of odd numbers as transaction results.
It should be noted that, the payment information that above-mentioned server sends to financial sector is all through encryption, the information (such as card number and password) preventing client is revealed, its encryption method can be adopt existing safest encryption method, the detailed process of the method is prior art, does not repeat them here.
Optionally, the mode of above-mentioned terminal acquisition Transaction Information can be through the mode of scanning barcode and is sent in client by the information of transaction, and terminal obtains Transaction Information client. such as, the terminal that trade company uses is smart mobile phone, this smart mobile phone also has the function of scanning barcode except above-mentioned function, when client wants to buy a computer A at place of trade company, if the smart mobile phone of trade company does not have the relevant information of computer A, the relevant information of computer A can be input on smart mobile phone by the bar code on scanning computer A by trade company, now after terminal receives the first transaction odd numbers that server sends, terminal will obtain information (the such as model of computer A about computer A from the operation interface of smart mobile phone, color, the information such as price), this Transaction Information can also be that user is manually entered.
It should be noted that transaction message, POS mark and trading password etc. that POS sends to server are all through encryption, it is prevented that the leakage of information in the process of transmission.
This step is contrasted by the second transaction odd numbers after being resolved by server and the first transaction odd numbers, ensure that the transaction odd numbers of last payment is the transaction odd numbers placed an order at first, it is prevented that due to transaction issues that human error or mechanical breakdown etc. cause in whole process of exchange.
S104, receive described server send transaction results.
Specifically, terminal receives the transaction results that server sends this transaction results displayed on the terminals, and this transaction results is sent to POS by terminal simultaneously, shows the transaction results of transaction success or Fail Transaction on POS interface. Alternatively, transaction results directly can also be sent to POS by server. Client can pass through terminal with POS user or POS obtains transaction results.
Method of payment provided by the invention, terminal is combined with POS, log-on message and the first safety information is sent by terminal to server, ID and the first safety information carried in the log-on message that server sends according to terminal judge whether the user of login service device is validated user, ensure that the user of login service device is for POS validated user, solving POS operator in prior art can not the problem of real-time monitoring to POS user, simultaneously by installing on the terminal device or upgrade application, achieve the real-time update to POS function, solve the problem that the function of POS own is difficult to extend.
Alternatively, as a kind of possible embodiment of the embodiment of the present invention, of the present embodiment is that terminal is passed through to send log-on message to server so that server sets up the detailed process of above-mentioned POS user information database according to this log-on message. On the basis of embodiment illustrated in fig. 1, before S101, the method can also include:
S100: send log-on message to described server; Described log-on message includes described ID, the mark of described POS, the 3rd positional information of described terminal, the 3rd user images information and the 3rd user voice information.
Specifically, the server of the present invention can include custom system, and user passes through this custom system login service device. when POS user's first login server and custom system, POS user needs to register on the server, this is registered as system of real name registration, namely POS user to provide the perfect instruments such as the identity card of trade company's qualification and the trade company submitting correspondence to when registration, other log-on message must be provided simultaneously, this log-on message can include ID, the mark of the POS that this user uses, 3rd positional information of terminal, 3rd user images information and the 3rd user voice information or the 3rd user fingerprints information etc., and set ID and POS mark binding. here the 3rd positional information be user to bank or POS operator apply for POS time registration positional information, 3rd user images information, the 3rd user voice information and the 3rd user fingerprints information be user to bank or POS operator apply for POS time the image information of user of registration, acoustic information and finger print information, the 3rd user is legal POS user. the ID that user is provided by server, POS identifies, 3rd user images information, the log-on messages such as the 3rd user voice information are stored in POS user information database, when this registration user logs on server, terminal to server sends log-on message and the first safety information, according to the ID carried in log-on message, server judges whether this ID mates with the mark of POS in above-mentioned POS user information database, to judge that whether this ID is legal, when ID is mated with the POS mark in above-mentioned POS user information database, illustrate that this ID is legal, server is in conjunction with the corresponding relation in above-mentioned POS user information database, judge whether this first safety information mates with the POS user profile preserved in POS user information database, if coupling, illustrate that the user of login service device is legal POS user, if do not mated, then illustrate that the user of login service device is disabled user.
Illustrate, trade company Xiao Zhang is the validated user of POS, assume that the POS of Xiao Zhang is designated 123456, existing Xiao Zhang is before login service device, first register on the server, trade company's qualification (such as industrial and commercial licence) is have sent by terminal to server when Xiao Zhang registers, identity card (information submitted to POS operator or bank when POS applied for by this certificate with Xiao Zhang is identical) and ID 123456 (assuming that ID is identical with POS mark), have sent the position of current StoreFront simultaneously, the image of oneself, the information such as the sound of oneself and the fingerprint of oneself, when above-mentioned information is sent to server by terminal by Xiao Zhang, after server above-mentioned information after testing is errorless, server sends the information succeeded in registration to terminal, when Xiao Zhang is registered by server simultaneously, the information of input is saved in POS user information database. when Xiao Zhang's login service next time device, Xiao Zhang sends log-on message by terminal to server, namely ID 123456 is inputted to server, in conjunction with POS user information database, server judges that this ID and POS identify 123456 Corresponding matchings, then server determines that this ID is legal, then server requirement terminal inputs the first safety information, the image information of such as user, then Xiao Zhang is by the image of terminal to server input oneself, in conjunction with POS user information database, server judges that the image that Xiao Zhang inputs identifies 123456 with POS according to the image that Xiao Zhang inputs corresponding, then illustrate that Xiao Zhang is the validated user of this POS, allow login service device.
Method of payment provided by the invention, the information obtaining POS user is registered on the server by user, the information of registering customers as is saved in POS user information database, when user login services device according to terminal send log-on message and safety information mate with the information in POS user information database, judge whether the user of login service device is POS validated user, achieve the real-time monitoring to POS, it is prevented that the illegal use of POS.
Fig. 2 is the schematic flow sheet of method of payment embodiment two provided by the invention, the method of the present embodiment can apply to server, the method that the present embodiment relates to is receiving log-on message, the first safety information and the corresponding transaction message that terminal sends by server, realizes the detailed process to POS supervision. As in figure 2 it is shown, the method for payment of the present invention may include that
S201, the log-on message receiving terminal transmission and the first safety information, described log-on message carries ID, described first safety information includes at least one in the primary importance information of described terminal, first user image information, first user acoustic information, and described first safety information is used for indicating described server to judge whether first user is validated user.
It should be noted that, user is when initial log server, and user needs to input ID to server, and this ID is suitable with the POS of user mark, namely a POS mark correspond to an ID, and wherein POS mark can be POS terminal number. Meanwhile, the POS user information database for preserving POS user profile can be included in the server.
Alternatively, server is saved in the information in POS user information database, information that can be POS user preserve at place of POS operator when applying for POS or the information preserved in banking system, this information is collected and establishes POS user information database by server.Optionally, this POS user information database can include different POS mark, corresponding relation between different validated users mark and different safety information, one corresponding ID of POS mark, a corresponding safety information of ID. This safety information can be the information that the positional information of POS user, image information, acoustic information, finger print information etc. can recognize POS user identity. It should be noted that the POS mark in above-mentioned POS user information database is the mark of legal POS.
Specifically, server receives log-on message and the first safety information that terminal sends, this log-on message carries ID, this ID matches with POS mark, server may determine that whether this ID mates with the mark of POS in above-mentioned POS user information database, to judge that whether this ID is legal. when ID is not mated with the POS mark in above-mentioned POS user information database, then illustrating that this user is not POS user, be illicit user, be impermissible for login service device, server returns the information of login failure to terminal, when ID is mated with the POS mark in above-mentioned POS user information database, illustrate that this ID is legal, but not can confirm that whether the user using this ID is the POS user (namely to judge that whether the user of the ID using this legal is legal POS user) mated with this ID, now in order to prevent legal POS user that the ID that server sends is transferred to other users, cause that the user of login service device is not legal POS user, make POS operator the legal use of POS cannot be carried out real-time monitoring, now server may also require that terminal inputs the first safety information, this first safety information can be the primary importance information of terminal, first user image information, the finger print information etc. of first user acoustic information or first user, the kind of the first safety information is not limited by the present invention, as long as the identity information user of now login service device (this first user be) of first user can be verified, according to the first safety information that terminal sends, server judges whether the first user of login service device is validated user.
Further, server requirement terminal to server sends the first safety information, the such as image of server requirement terminal input user, now the image information of oneself is sent to server by terminal by first user, if terminal is smart mobile phone, the head portrait of oneself can be sent in server by the camera function of smart mobile phone by user, server is in conjunction with the corresponding relation in above-mentioned POS user information database, judge whether the image of this first user image information and POS user corresponding to the current ID (through above-mentioned, the current ID logged in is judged as that validated user identifies) logged in mates. if the first user image that terminal sends mates with this POS user images, then the legitimate user that user is this POS of login service device being described, namely this first user is validated user, if it does not match, illustrate that first user is disabled user, server does not allow this disabled user's login service device, i.e. login failed for user, and user can not use POS to conclude the business accordingly. that is, the information of the first safety information of terminal transmission with the validated user in the POS user information database in server can be compared by server, confirm that whether the user of current login service device is for the POS user of preservation in POS user information database with this, prevent disabled user's login service device, it is to avoid the illegal use of POS.
Alternatively, when server judges the first user logged in as disabled user, this judgement information can be sent to POS operator by server, this POS user is imposed a fine or stops using the punishment such as POS by the information that POS operator sends according to server, achieve the real-time monitoring that POS is used by POS operator, it is prevented that the illegal use of POS.
S202, when described first user is validated user, according to described ID to described terminal send first transaction odd numbers.
Specifically, after server judges that first user is validated user, sending the first transaction odd numbers according to this ID to terminal, this first transaction odd numbers is that server generates according to ID stochastic generation or according to certain preset rules.
Alternatively, server can also include transaction platform, and above-mentioned first transaction odd numbers can complete on transaction platform.
Server sends the first transaction odd numbers to terminal, after terminal receives the first transaction odd numbers that server sends, transaction message is sent to POS, this transaction message includes the above-mentioned ID that legalizes, terminal obtains Transaction Information and the second transaction odd numbers, this Transaction Information includes type of transaction, dealing money etc., wherein type of transaction can for transferring accounts, inquiry etc., then this transaction message is sent to POS according to the agreement between POS by terminal. POS shows pertinent transaction information after receiving transaction message on POS interface, such as dealing money, now need client that above-mentioned Transaction Information is confirmed, after client is to the confirmation of the information such as the type of transaction in Transaction Information, dealing money, client is input validation instruction in POS, such as swiping the card, then the information such as above-mentioned transaction message, POS mark and trading password are sent jointly to server by POS.
It should be noted that transaction message, POS mark and trading password etc. that the POS that server receives sends are all through encryption, it is prevented that the leakage of information in the process of transmission.
S203, receiving transaction message, the mark of described POS and trading password that point-of-sale terminal POS sends, described transaction message includes the Transaction Information that described ID, the second transaction odd numbers and described terminal obtain.
Specifically, server receives transaction message, POS mark and the trading password that POS sends, and wherein transaction message includes the Transaction Information that above-mentioned ID, the second transaction odd numbers and terminal obtain.
S204, described transaction message is carried out dissection process, and when judging that current transaction business is legal according to the mark of the transaction message after resolving and described POS, sending payment information to financial sector, described payment information includes described trading password and described Transaction Information.
Specifically, after server receives transaction message, POS mark and the trading password that POS sends, the information that POS is sent carries out dissection process, parse ID, the second transaction odd numbers and Transaction Information etc., then the second transaction odd numbers after parsing and the first transaction odd numbers being handed down to terminal before are compared by server, and the POS mark ID after parsing and POS sent is compared; When ID and the POS mark coupling after server resolves and the second transaction odd numbers and first conclude the business odd numbers identical time, illustrate that this transaction is legal, then server sends payment information to financial sector (such as Unionpay's system), this payment information include before POS send trading password and Transaction Information, financial sector judges that whether the information that client inputs is wrong, and transaction results is sent to server.Such as, client's bankcard consumption 100 yuan, then financial sector judges the card number of client and whether password is correct, whether card state whether normal (such as either with or without stopping card) and card go up the amount of money be more than or equal to 100 yuan, if financial sector judges the card number of client and password is correct, card state is correct and blocks the upper amount of money be more than or equal to 100 yuan, financial sector sends successful information of concluding the business to server, server using successful for this transaction information as transaction results.
If server resolve after ID and POS identify and do not mate, then illustrate that this user is disabled user, server using Fail Transaction information as transaction results; If ID is mated with POS mark, but the second transaction odd numbers and the first transaction odd numbers differ, and server will conclude the business the incorrect information of odd numbers as transaction results.
Further, this transaction results is sent to terminal by server, this transaction results is sent to POS by terminal again, or transaction results is transmitted directly to POS by server, and client and POS user obtain the result of this transaction by POS interface or terminal.
It should be noted that, the payment information that above-mentioned server sends to financial sector is all through encryption, the information (such as card number and password) preventing client is revealed, its encryption method can be adopt existing safest encryption method, the detailed process of the method is prior art, does not repeat them here.
This step is contrasted by the second transaction odd numbers after being resolved by server and the first transaction odd numbers, ensure that the transaction odd numbers of last payment is the transaction odd numbers placed an order at first, it is prevented that due to transaction issues that human error or mechanical breakdown etc. cause in whole process of exchange.
The method of payment of the present invention, ID and the first safety information carried in the log-on message sent according to terminal by server judge whether the user of login service device is validated user, ensure that the user of login service device is for POS validated user, solving POS operator in prior art can not the problem of real-time monitoring to POS user.
Fig. 3 is the signaling process figure of method of payment embodiment three provided by the invention, on the basis of above-described embodiment, as it is shown on figure 3, the method for payment of this enforcement indicates the interaction between terminal, server and POS, including:
S301, terminal send log-on message.
S302, server receive log-on message, and set up POS user information database according to log-on message.
S303, terminal to server send log-on message and the first safety information.
Described log-on message carries ID, described first safety information includes at least one in the primary importance information of terminal, first user image information, first user acoustic information, and described first safety information is used for indicating described server to judge whether first user is validated user.
S304, server receive log-on message and the first safety information that terminal sends.
S305, server judge whether first user is validated user.
S306, when server judges that first user is validated user, according to described ID to described terminal send first transaction odd numbers.
S307, terminal receive the first transaction odd numbers that described server sends.
S308, terminal send transaction message to POS.
Transaction message, POS mark and trading password are sent to described server by S309, POS.
Wherein, described transaction message includes described ID, the second transaction odd numbers and acquired Transaction Information.
Specifically, the detailed process of above-mentioned S301 to S309, it is possible to reference to the specific descriptions in above-described embodiment one, do not repeat them here.
Transaction message, the mark of described POS and the trading password that S310, server reception POS sends.
Described transaction message is carried out dissection process by S311, server, obtain the described second transaction odd numbers in described transaction message, and judge that described second transaction odd numbers odd numbers of whether concluding the business with described first is identical, and according to default mapping relations judge described POS identify whether mate with described ID; When described second transaction odd numbers is identical with described first transaction odd numbers, and when the mark of described POS is mated with described ID, it is determined that described transaction business is legal.
This step is contrasted by the second transaction odd numbers after being resolved by server and the first transaction odd numbers, ensure that the transaction odd numbers of last payment is the transaction odd numbers placed an order at first, it is prevented that due to transaction issues that human error or mechanical breakdown etc. cause in whole process of exchange. The detailed process of this step may refer to the specific descriptions of the S103 in above-described embodiment one, does not repeat them here.
Alternatively, the method for payment of the present embodiment, when the dealing money in described Transaction Information is less than or equal to preset cost, perform S315; When the dealing money in described Transaction Information is more than preset cost, in order to further ensure that the safety of payment, perform S312 to S314, wherein S312 to S314 particularly as follows:
S312, when the dealing money in described Transaction Information is more than preset cost, server to described terminal send security request.
After S313, terminal receive this security request, send the second safety information to server.
Wherein, the second safety information includes at least one in the second position information of terminal, the second user images information, the second user voice information, and described second safety information is used for indicating described server to judge whether the second user is validated user.
S314, server receive the second safety information that described terminal sends, it is judged that whether the second user is validated user.
Specifically, when the dealing money in Transaction Information is bigger, during more than the maximum dealing money of server settings, such as 10,000 yuan, now in order to after preventing POS validated user login service device, POS is given to disabled user use, cause that the user finally completing transaction is not the legitimate user of POS, cause the illegal use of POS, now server sends security request to terminal, again sends safety information (this safety information is the second following safety information) with requesting terminal; Terminal sends the second safety information to server after receiving this security request, wherein the second safety information includes the second position information of terminal, the second user images information, the second user voice information etc., after server receives the second safety information that terminal sends, the validated user information of this second safety information with this POS in the POS user information database in server is compared, to judge that whether the second user now using POS is as POS validated user, concrete implementation process is referred to above-mentioned S01, does not repeat them here. When server judges the second user as just starting first user (i.e. the validated user of POS) of login service device, illustrating now to use the legitimate user that user is POS of POS, server sends payment information to financial sector.
Alternatively, if server judges that this second user is not first user (not namely being the validated user of POS), this judgement information is sent to POS operator by server, this POS user is performed fine or confiscates the punishment such as POS by POS operator, it is prevented that the illegal use of POS.
After performing above-mentioned S314, after server judges that the second user is as legal use, perform S315; After server judges that the second user is as disabled user, performing S318, server sends the transaction results of Fail Transaction to terminal simultaneously.
S315, server send payment information to financial sector.
Wherein, described payment information includes described trading password and described Transaction Information.
After S316, financial sector receive payment information, it is judged that whether described payment information is correct.
Specifically, financial sector is connected with server, after financial sector receives payment information, judge that whether the payment information of client is correct, for instance, client's bankcard consumption, then according to payment information, financial sector judges that whether the card number of client and password be correct, whether the state of card remaining sum that is whether correct and that block meets pays amount etc., and after financial sector judges that above-mentioned payment information is correct, financial sector is successfully sent to server as transaction results to conclude the business; After financial sector judges above-mentioned payment information incorrect (i.e. code error, Sorry, your ticket has not enough value on card), financial sector is sent to server using Fail Transaction as transaction results. Wherein financial sector can be banking system, it is also possible to be the financial sector of legal third party financial institution.
S317, server receive the transaction results that financial transaction system sends.
S318, server send transaction results to terminal.
Specifically, server receives the transaction of financial sector transmission and this transaction results is sent to terminal, transaction results is sent to POS by terminal again, or transaction results is directly sent to POS by server, and client and POS user can obtain the result of this transaction by POS or terminal.
The method of payment of the embodiment of the present invention, POS user information database is set up by user's registration information, log-on message that server sends according to terminal and the first safety information judge that whether the user of login service device is the validated user of POS, simultaneously when dealing money is more than preset value, server requirement terminal inputs the second safety information, judge that whether the user that now concludes the business is the validated user of POS, achieve the real-time monitoring that POS is used further, it is prevented that the illegal use of POS.
Fig. 4 is the structural representation of payment mechanism embodiment one provided by the invention, the payment mechanism of the offer of the present embodiment can integrated in the terminal, can also being independent terminal, as shown in Figure 4, the payment mechanism of this enforcement includes: sending module 10 and receiver module 11.
Sending module 10, for sending log-on message and the first safety information to server, described log-on message carries ID, described first safety information includes at least one in the primary importance information of terminal, first user image information, first user acoustic information, and described first safety information is used for indicating described server to judge whether first user is validated user.
Receiver module 11, for receiving described server judging after described first user is validated user, first conclude the business odd numbers according to what described ID sent.
Above-mentioned sending module 10, is additionally operable to send transaction message to point-of-sale terminal POS, so that described transaction message is sent extremely described server and carries out dissection process by described POS; Described transaction message includes described ID, the second transaction odd numbers and acquired Transaction Information.
Above-mentioned receiver module 11, is additionally operable to receive the transaction results that described server sends.
The payment mechanism that the present embodiment provides, it is possible to for performing the technical scheme of said method embodiment, it is similar with technique effect that it realizes principle, repeats no more herein.
Further, sending module 10, it is additionally operable to, when described receiver module 11 receives the security request that described server sends, send the second safety information to described server; Described second safety information includes at least one in the second position information of terminal, the second user images information, the second user voice information, and described second safety information is used for indicating described server to judge whether the second user is validated user.
Further, sending module 10, it is additionally operable to, before send log-on message and the first safety information to server, send log-on message to described server; Described log-on message includes described ID, the mark of described POS, the 3rd positional information of described terminal, the 3rd user images information and the 3rd user voice information.
The payment mechanism that the present embodiment provides, it is possible to for performing the technical scheme of said method embodiment, it is similar with technique effect that it realizes principle, repeats no more herein.
Fig. 5 is the structural representation of payment mechanism embodiment two provided by the invention, the present embodiment provide payment mechanism can integrated in the server, can also be server, as it is shown in figure 5, the payment mechanism of this enforcement includes: receiver module 20, sending module 21 and processing module 22.
Receiver module 20, for receiving log-on message and the first safety information that terminal sends, described log-on message carries ID, described first safety information includes at least one in the primary importance information of described terminal, first user image information, first user acoustic information, and described first safety information is used for indicating described server to judge whether first user is validated user.
Sending module 21, for when described first user is validated user, sending the first transaction odd numbers according to described ID to described terminal.
Above-mentioned receiver module 20, is additionally operable to receive transaction message, the mark of described POS and the trading password that point-of-sale terminal POS sends, and described transaction message includes the Transaction Information that described ID, the second transaction odd numbers and described terminal obtain.
Processing module 22, for described transaction message carries out dissection process, and the mark according to the transaction message after resolving and described POS judges that whether current transaction business is legal.
Above-mentioned sending module 21, it is additionally operable to when according to the mark of the transaction message after resolving and described POS, described processing module 22 judges that current transaction business is legal, sending payment information to financial sector, described payment information includes described trading password and described Transaction Information.
The payment mechanism that the present embodiment provides, it is possible to for performing the technical scheme of said method embodiment, it is similar with technique effect that it realizes principle, repeats no more herein.
Fig. 6 is the structural representation of payment mechanism embodiment three provided by the invention, and on the basis of above-mentioned embodiment illustrated in fig. 5, further, above-mentioned processing module 22 includes: resolution unit 221, judging unit 222, determine unit 223.
Wherein, resolution unit 221, for carrying out dissection process to described transaction message, it is thus achieved that the described second transaction odd numbers in described transaction message.
Judging unit 222, is used for judging that described second transaction odd numbers odd numbers of whether concluding the business with described first is identical, and according to default mapping relations judge described POS identify whether mate with described ID.
Determine unit 223, for judging that described second transaction odd numbers is identical with described first transaction odd numbers at described judging unit 222, and when the mark of described POS is mated with described ID, it is determined that described transaction business is legal.
The payment mechanism that the present embodiment provides, it is possible to for performing the technical scheme of said method embodiment, it is similar with technique effect that it realizes principle, repeats no more herein.
Further, sending module 21, it is additionally operable to when the dealing money in described Transaction Information is more than preset cost, sends security request to described terminal; Described receiver module 20, is additionally operable to receive the second safety information that described terminal sends, and described second safety information includes at least one in the second position information of described terminal, the second user images information, the second user voice information.
Alternatively, receiver module 20, it is additionally operable to, before receiving the log-on message that terminal sends, receive the log-on message that described terminal sends, and set up described mapping relations according to described log-on message; Described log-on message includes described ID, the mark of described POS, the 3rd positional information of described terminal, the 3rd user images information and the 3rd user voice information.
The payment mechanism that the present embodiment provides, it is possible to for performing the technical scheme of said method embodiment, it is similar with technique effect that it realizes principle, repeats no more herein.
Last it is noted that various embodiments above is only in order to illustrate technical scheme, it is not intended to limit; Although the present invention being described in detail with reference to foregoing embodiments, it will be understood by those within the art that: the technical scheme described in foregoing embodiments still can be modified by it, or wherein some or all of technical characteristic is carried out equivalent replacement; And these amendments or replacement, do not make the essence of appropriate technical solution depart from the scope of various embodiments of the present invention technical scheme.