This application claims entitled " the Secure Offline Payment System " that submit on March 26th, 2014U.S. Patent Application No. 14/226,785 priority and the entitled " Reserving that on March 26th, 2014 submits toAccount Balance For Concurrent Payments In Secure Offline Payment System " U.S.The priority that state's patent application the 14/226,798th.The full content of above-mentioned priority application is fully incorporated by referenceHerein.
Detailed description of the invention
General introduction
Example embodiment described herein provides the computer implemented technology for processing offline electronic payment safely.?In example embodiment, the request performing offline electronic payment transaction is sent to account pipe by user starts application and authorized user's deviceReason system.In the exemplary embodiment, user's set and account management system set up communication channel and asking fund is stored to byAccount management system safeguard user account in and/or ask up-to-date balance certificate.Account management system accesses user account pipeManage system account and create balance certificate.In the exemplary embodiment, balance certificate is the most restricted (such as, predeterminedJustice amount time pass by after, balance certificate expires), can use wherein on the number of times of payment transaction of balance certificateRestricted (such as, after being used for offline electronic payment transaction, balance certificate expires), by can be used for what single offline electronic payment was concluded the businessThe restriction of principal amount (such as, balance certificate may be used for the offline electronic payment transaction in X dollar) and/or by position limitation(such as, balance certificate only can be concluded the business for offline electronic payment in dining room or at the Z of position).Account management system utilizes remaining sumThis balance certificate to balance certificate signature and is transmitted to user's set by certificate private key.
In the exemplary embodiment, only in user account management system account the fund of selected part can be used for every fromLine payment transaction, and be locked out from remaining fund repeating payment.In the exemplary embodiment, user determines lockingThe amount of money of fund and persistent period.Such as, user submits in the request to balance certificate and specific fund is entered line-locked askingAsk.In another example embodiment, account management system determines the amount of money and the persistent period of locking fund.In another example,Account management system and user determine the amount of money and the persistent period of locking fund.In the exemplary embodiment, user asks specific moneyGold only can be with (such as, user only wants to for public transport, uses money at dining room or in the X of city in specific locationGold).In the exemplary embodiment, when unblock fund used, balance certificate expire and/or user request unlock time, by instituteThe latch-release of request.
User has indicated and businessman or the hope of the off-line trading of other counterparty.In the exemplary embodiment, userIn the predefined distance of businessman's device, " touch " user's set, and device sets up communication channel.Such as, device is via near fieldCommunication (NFC), bluetooth or short-range communication channel communication.Payment request is transmitted to user's set by businessman's device, and usesFamily device generates withdrawl deposit record at the amount of money of instruction in request that pays received from businessman's device.In the exemplary embodiment,User's set utilizes account certificate private key to withdrawl deposit record signature and by the withdrawl deposit record signed and the remaining sum card signedBook transmits to businessman's device.
Businessman's device CertPubKey withdrawl deposit record of having signed of checking that accesses to your account is carried out really with the identity to user's setRecognize.Businessman's device also uses balance certificate PKI to verify, and the balance certificate signed is to confirm balance certificate is not yet dueAnd the availability of the fund being used for offline electronic payment transaction is confirmed.In the exemplary embodiment, businessman's device usesWithdrawl deposit record is signed by businessman's device signing certificate, transmits this withdrawl deposit record to user's set, and preserves this withdrawl deposit recordUntil businessman's device has network insertion.In another example embodiment, state code or message are transmitted extremely by businessman's deviceUser's set, this state code or message instruction are concluded the business successfully.When businessman's device has network insertion, businessman's device is byThe certificate of withdrawing the money of signature transmits to account management system.In the exemplary embodiment, account management system uses businessman's device signatureCertPubKey verifies withdrawl deposit record and by this withdrawl deposit record record in user account management system account.Work as user's setDuring the balance certificate that please look for novelty, the withdrawl deposit record signed is transmitted to account management system by user's set, and account pipeReason system is verified account balance and creates new balance certificate.
Various example embodiment will be explained in greater detail in the following description, and combination is illustrated program flow by this following descriptionThe accompanying drawing of journey is read.
Example system architecture
Referring now to accompanying drawing, in the accompanying drawings, similar reference indicates similar (but it is not absolutely required to completely all the timeIdentical) element, example embodiment is described in detail.
Fig. 1 is the block diagram depicting the offline electronic payment system 100 according to particular example embodiment.As depicted in fig. 1, exampleProperty operating environment 100 includes: be configured to via one or more network 140 and the merchant computing device 120 communicated with one another,User calculates device 110 and account management calculates system 130.In certain embodiments, the user being associated with device must pacifyDress is applied and/or carries out feature selection to obtain the benefit of technique described herein.
In the exemplary embodiment, user's set 110 and businessman's device 120 are configured in the feelings not having network 140 to connectDirectly communicate under condition and exchange information.In the exemplary embodiment, device (including device 120 and 110) is via closely leading toLetter technical communication.Such as, via near-field communication channel, Bluetooth communication, Bluetooth low power (BLE) communication, standardization radio frequency, redOutward, sound (such as, audible sound, melody and ultrasonic) form, other short-range communication channel or promote signal,The system of the communication of data and/or message (being commonly called data).Run through this specification, it should be appreciated that term " data " and" information " is used interchangeably herein, and refers to: text, image, audio frequency, video or can be at computer based ringThe information of other form any present in border.
In another example embodiment, by two in these systems/devices (including systems/devices 110,120 and 130)Or more it is integrated in identical system or device.In certain embodiments, the user being associated with device must pacifyDress is applied and/or carries out feature selection to obtain the benefit of technique described herein.
Each network 140 includes wired or wireless telecommunication device, wired or wireless telecommunication device by this, network systemSystem/device (including systems/devices 110,120 and 130) can communicate and exchange data.For example, it is possible to by each network 140It is embodied as storage area network (SAN), personal area network (PAN), Metropolitan Area Network (MAN) (MAN), LAN (LAN), wide area network(WAN), WLAN (WLAN), VPN (virtual private network) (VPN), Intranet, the Internet, mobile telephone network, card network orTheir any combination of person or other framework being suitable for any, or can be their part.
In the exemplary embodiment, each network computing system 110,120,130 is included having and can be transmitted by network 140And receive the device of the communication module of data.Such as, each network system/device (includes systems/devices 110,120 and130) server, personal computer, mobile device (such as, notebook, tablet PC, notebook meter can be includedCalculation machine, personal digital assistant (PDA), video game apparatus, GPS positioner, cell phone, smart phone or other shiftingDynamic device), embed and/or be coupled with one or more processor TV or include or coupled to web browser orPerson is for other technology being suitable for of other application via network 140 communication.In the example embodiment that Fig. 1 describes, networkSystems/devices (including systems/devices 110,120 and 130) is grasped respectively by businessman, user and account management system operatorMake.
In the exemplary embodiment, also refer to can be via (all with another device at device 120 for businessman's device 120Such as, user's set 110) between electronics, magnetic or the intelligent communications device of radio-frequency field communication.In the exemplary embodiment, businessmanDevice 120 has disposal ability, such as, and storage capacity/memorizer and one or more application that specific function can be performed125.In the exemplary embodiment, businessman's device 120 comprises operating system (not shown) and user interface 121.Example businessman device120 smart phones, mobile phone, personal digital assistant (PDA), mobile computing device (such as, notebook, flat board meterCalculation machine and iPad), laptop computer, wearable computing device (such as, wrist-watch, ring or glasses) and other device,The most all there is process and user interface capabilities.
In the exemplary embodiment, controller 126 is Bluetooth link controller.Bluetooth link controller 126 may be able to be sent outSend and receive data, identify user's set 110, perform certification and encryption function, and instruct how businessman's device 120 is monitoredBusinessman's device 120 is configured to various battery saving mode by the program transmitted or specify according to bluetooth from user's set 110.?In another example embodiment, controller 126 is WiFi controller or the NFC controller being able to carry out similar functions.
Application 125 is program, function, routine, small routine or exists and at businessman's device on businessman's device 120The similar solid of its operation is performed on 120.Such as, application 125 can be following in one or more: offline electronic payment application,Digital wallet application, reward voucher application, accumulating card application, another kind of valued added applications, user-interface application or at businessman's deviceOther operated on 120 is suitably applied.It addition, businessman's device 120 can include safety element (not shown), this safety elementMay reside in removable intelligent chip or secure digital (SD) Ka Nei or the fixed core on device 120 can be embedded inIn sheet.In particular example embodiment, subscriber identity module (SIM) card may can trustship safety element, such as, NFCSIMCard.Safety element allows to reside in while the information that is stored in safety element of protection on device 120 and can be by deviceThe software application 125 that user accesses is the most mutual with the specific function in safety element.Safety element can be included in itOne or more application 125 of the execution functions described herein of upper operation.
Example businessman device 120 includes one or more key and/or certificate.In the exemplary embodiment, businessman's device120 verify the withdrawl deposit record received from user's set 110 in response to paying request.User's set 110 accesses to your account certificate 112Withdrawl deposit record signature and businessman's device are accessed to your account CertPubKey 112s to verify that this record is with the body to user's set 110Part confirms.In another example embodiment, businessman's device 110 is verified connect from user's set 110 in response to being paid requestThe balance certificate 113 received.Businessman's device 120 uses balance certificate PKI 113a to verify that balance certificate 113 is with to balance certificateNot yet due the carrying out of 113a confirms and confirms the availability of the fund for completing offline electronic payment transaction.Implement in exampleIn example, the withdrawl deposit record biography that businessman's device 120 uses businessman's device signing certificate 124 to sign withdrawl deposit record and will signTransport to user's set 110.Two devices (110 and 120) preserve the withdrawl deposit record signed, and device (110 and 120) has network140 access and can transmit this record to account management system 130.
In the exemplary embodiment, data storage cell 129 can be embodied in safety element or on businessman's device 120In other safe storage (not shown), or the single memory cell can being resident on businessman's device 120.ExampleData storage cell 129 can store the withdrawl deposit record signed until businessman's device 120 has network 140 and accesses and permissibleThe withdrawl deposit record signed is sent to account management system 130.In the exemplary embodiment, data storage cell 129 can wrapInclude the addressable any locally or remotely data store organisation of businessman's device 120 of applicable storage information.In example embodimentIn, data storage cell 129 stores the information of encryption, and such as, HTML5 is locally stored.
According to example embodiment, businessman's device 120 can be connected to network 140 via wired connection.Such as, this connectionCan be wired USB (universal serial bus) (USB) or Ethernet connection.In another example embodiment, businessman's device 120 is permissibleNetwork it is connected to via wireless connections.Such as, this connection can be and have wire/wireless the Internet and be connected (such as,The Wi-Fi of focus MiFi) connects or bluetooth connects, or be suitable for network 140 transmit signal any other wired orPerson's wireless connections.In another example embodiment, this connection can be that cellular network connects.
In the exemplary embodiment, businessman's device 120 is used as point of sale (POS) terminal and can locate reason user's setThe Client-initiated purchase-transaction of 110.In the exemplary embodiment, user buys from businessman's device 120 request.Businessman's device 120Receive or read payment account information from user's set 110.In the exemplary embodiment, purchase is by user's set 110 and businessWireless " touching " of family's device 120 is initiated.
Businessman's device 120 communicates with user's set 110 via antenna 127.In the exemplary embodiment, activated alsoAnd priorization businessman device application 125, then notification controller 126 businessman device 120 is already prepared to the state being traded.Controller 126 exports radio signal by antenna 127, or monitors the radio signal from user's set 110.In businessmanSetting up between device 120 and user's set 110 on secure communication channel, businessman's device 120 can be asked can be from user's set 110The list of the application 115 obtained.First Display directory, after Display directory, based on the priority arranged or user's setThe type of 110, selects application 115 and initiates transaction.
Exemplary user device 110 also refers to (such as, to use with another device via at user's set 110Businessman's device 120 of antenna 117) between electronics, magnetic or radio-frequency field communication intelligent communications device.In example embodimentIn, user's set 110 has disposal ability, such as, and storage capacity/memorizer and of specific function or many can be performedIndividual application 115.In the exemplary embodiment, user's set 110 comprises operating system (not shown) and user interface 111.Example is usedFamily device 110 includes that (such as, notebook calculates for smart phone, mobile phone, personal digital assistant (PDA), mobile computing deviceMachine, tablet PC and iPad), laptop computer, wearable computing device (such as, wrist-watch, ring or glasses) andOther device, the most all has process and user interface capabilities.
User can use user's set 110 to conclude the business to perform offline electronic payment via user interface 111 and application 115.ShouldWith 115 be program, function, routine, small routine or on user's set 110 exist and on user's set 110, perform itThe similar solid of operation.Such as, application 115 can be following in one or more: shopping application, businessman's device 120 apply,Pay application, digital wallet application, accumulating card is applied, another kind of valued added applications, user interface 111 are applied or filled userPut other application being suitable for of operation on 110.In certain embodiments, user must install application 115 and/or at user's setFeature selection is carried out to obtain the benefit of technique described herein on 110.It addition, user's set 110 can include safety element(not shown), this safety element may reside in removable intelligent chip or secure digital (SD) card, this safety elementIn the fixing chip can being embedded on device 110, or it is embodied as the secured compartment of security-enhanced operating system.SpyDetermine in example embodiment, subscriber identity module (SIM) card may can trustship safety element, such as, NFC SIM.Safety unitPart allows to reside on device 110 while the information that is stored in safety element of protection and can be accessed by device usersSoftware application 115 is the most mutual with the specific function in safety element.Safety element can include that runs thereon holdsOne or more application 115 of row functions described herein.
In the exemplary embodiment, controller 116 is Bluetooth link controller.Bluetooth link controller 116 may be able to be sent outSend and receive data, identify businessman's device 120, perform certification and encryption function, and instruct how user's set 110 is monitoredUser's set 110 is configured to various battery saving mode by the program transmitted or specify according to bluetooth from businessman's device.SeparatelyIn one example embodiment, controller 116 is WiFi controller or the NFC controller being able to carry out similar functions.
Exemplary user device 110 includes one or more key and/or certificate.In the exemplary embodiment, user's set110 generate withdrawl deposit record at the amount of money of instruction in request that pays received from businessman's device 120.User's set 110 utilizesAccount certificate private key 112 is to withdrawl deposit record signature and the withdrawl deposit record signed and balance certificate 113 is transmitted to businessman's dressPut 120.
In the exemplary embodiment, data storage cell 119 can be embodied in safety element or on user's set 110In other safe storage (not shown), or the single memory cell can being resident on user's set 110.ExampleData storage cell 119 can store the withdrawl deposit record signed until user's set 110 has network 140 and accesses and permissibleThe withdrawl deposit record signed is sent to account management system 130.In the exemplary embodiment, data storage cell 119 can wrapInclude the addressable any locally or remotely data store organisation of user's set 110 of applicable storage information.In example embodimentIn, data storage cell 119 stores the information of encryption, and such as, HTML5 is locally stored.
According to example embodiment, user's set 110 can be connected to network 140 via wired connection.Such as, this connectionCan be wired USB (universal serial bus) (USB) or Ethernet connection.In another example embodiment, user's set 110 is permissibleNetwork it is connected to via wireless connections.Such as, this connection can be and have wire/wireless the Internet and be connected (such as,The Wi-Fi of focus MiFi) connects or bluetooth connects, or be suitable for network 140 transmit signal any other wired orPerson's wireless connections.In another example embodiment, this connection can be that cellular network connects.
Exemplary user device 110 communicates with account management system 130 with businessman device 120.Example account management system 130Including account management module 131 and data storage cell 137.Example account management module 131 safeguards the account of user.In exampleIn embodiment, account includes the information of the one or more finance accounts safeguarded by one or more financial institutions.Real in exampleExecuting in example, financial account information is stored in data storage cell 137.
In the exemplary embodiment, account management system 130 uses the gold of user account management system 130 account storage userMelt transaction.Such as, in data storage cell 137 for each account every fund deposit and every fund withdraw the money.ShowingIn example embodiment, account management system 130 analyzes transactions history to identify the data of disappearance or mistake that may be present.
Example account management system 130 includes one or more key and/or certificate.In the exemplary embodiment, accountManagement system 130 includes that account certificate PKI 112a and the CertPubKey 112a that can access to your account are to verify user's set 110And/or the identity of user account management system 130 account.In the exemplary embodiment, account management system 130 accesses user accountManagement system 130 account and create balance certificate 113.Account management system 130 utilizes balance certificate private key 113 to demonstrate,prove remaining sumBook 113 is signed and transmits this balance certificate 113 to user's set 110.In the exemplary embodiment, businessman's device 120 includesBalance certificate PKI 113a and confirm that balance certificate 113 is signed the part as proof procedure by account management system 130.In the exemplary embodiment, account management system 130 also includes businessman device signing certificate PKI 124a.Account management system 130Businessman device signing certificate PKI 124a is used to verify that the withdrawl deposit record signed by businessman's device signing certificate 124 is with to businessmanThe identity of device 120 confirms.
In the exemplary embodiment, account management system 130 accesses user account management system 130 account and will signWithdrawl deposit record be saved in data storage cell 137.Data storage cell 137 can include the account pipe being suitable for storage informationThe addressable any locally or remotely data store organisation of reason system 130.In the exemplary embodiment, data storage cell 137The information of storage encryption, such as, HTML5 is locally stored.
The parts of Example Operating Environment 100 are described by the exemplary method below with regard to Fig. 2 to Fig. 8 diagram.Fig. 2Exemplary method to Fig. 8 can also utilize other system or perform in other environment.
Example system process
Fig. 2 is the flow chart element depicting the method 200 for processing offline electronic payment transaction according to particular example embodimentFigure.Method 200 is described by the parts with reference to Fig. 1 diagram.
In block 210, user starts application 115 on user's set 110 and/or indicates execution off-line financial transactionHope.In the exemplary embodiment, user starts application 115 allowing user's set 110 to communicate with account management system 130 andUser's set 110 is allowed to perform the offline electronic payment transaction with businessman's device 120.
In frame 220, user's set 110 receives up-to-date balance certificate from account management system 130.Hereinafter with reference to figureThe method 220 being used for receiving up-to-date balance certificate from account management system 130 is explained in more detail by 3 methods described.
Fig. 3 be depict according to particular example embodiment for receiving up-to-date balance certificate from account management system 130The FB(flow block) of method 220, as with reference to frame 220.Method 220 is described by the parts with reference to Fig. 1 diagram.
In a block 310, user's set 110 asks up-to-date balance certificate 113 from account management system 130.Implement in exampleIn example, this request includes the mandate that fund is stored in user account management system 130 account.In the exemplary embodiment, Yong HutongCross mandate and fund is transferred to user account management system 130 account to authorize this deposit from finance account.Real in another exampleExecuting in example, user's set 110 asks to lock available funds.In another example embodiment, user's set 110 request willAvailable funds is unlocked.In the exemplary embodiment, any communication between user's set 110 and account management system 130Period asks up-to-date balance certificate 113.
In a block 320, user's set 120 receives this request and determines whether user's set 120 has network 140 and connectEnter.In the exemplary embodiment, it is desirable to network 140 accesses and communicates with account management system 130.In the exemplary embodiment, user's dressPut 120 by attempting and account management system 130 is set up communication channel and determined whether there is network 140 and access.
Access if user's set 120 does not have network 140, then method 220 enters frame 325.In frame 325, userDevice 120 has when network 140 accesses to reattempt at device 120 sets up communication channel with account management system 130.
Return to the frame 320 in Fig. 3, if user's set 120 has network 140 and accesses, then method 220 enters frame 330.In frame 330, user's set 120 and account management system 130 set up communication channel.In the exemplary embodiment, via network 140Set up communication channel.
In frame 340, account management system 130 determines whether user has to be safeguarded or account by account management system 130The family management addressable account of system 130.In the exemplary embodiment, account management system 130 receive user have been started up withThe notice of the application 115 on family device 110 and determine whether user has account management system 130 account.Implement in exampleIn example, when starting application 115, prompting user logs in or creates account management system 130 account.In another example embodimentIn, log in account management system 130 account and the most automatically logon account before user.In another example embodimentIn, the logging on authentication of user is shared between other account (such as, social networking website and user's set 120 account), andUser uses shared logging on authentication automatically logon account to manage system 130 account.
If user does not have account management system 130 account, then method 220 enters the frame 345 in Fig. 3.At frame 345In, prompting user creates account management system 130 account.In the exemplary embodiment, when user starts application 115, prompting is usedFamily is registered to account management system 130.In another example embodiment, user can be before or after starting application 115Or starting the establishment of any time while application 115 account management system 130 account.In the exemplary embodiment, userAccount management system 130 is accessed via application 115 and network 140.In the exemplary embodiment, log-on message is committed to account by userFamily management system 130, this log-on message includes but not limited to, the title of one or more registered fiscard account,Location, telephone number, e-mail address and information, this fiscard account includes that bank account debit card, the credit card, integration are encouragedEncourage account card or may be used for shopping other type of account (such as, Card Type, card number, expiry date, security code,And Billing Address).In the exemplary embodiment, user account is managed system 130 accounts information and be saved in data storage cell 137In and can be accessed by account management module 131.In the exemplary embodiment, account management system 130 account is by account managementThe digital wallet account that system 130 or Third party system are safeguarded.In another example embodiment, user can use websiteRegister to account management system 130.
In another example embodiment, user need not login or register with account management system 130 account.In this enforcementIn example, for " visitor " user, perform method described herein.
In frame 350, account management system 130 creates account certificate.In the exemplary embodiment, account certificate 112 includesThe user corresponding with user account management system 130 account and/or the identity of user's set 110.Account certificate 112 is filled by accountPut 110 and/or account management system 130 safeguard.In the exemplary embodiment, account certificate 112 is used as in response to from businessman's device120 offline electronic payments received are asked and are signed the withdrawl deposit record created by user's set 110.
In the exemplary embodiment, account certificate 112 includes account certificate PKI 112a.Account certificate PKI 112a is used as to testThe verity of the withdrawl deposit record that card is signed by account certificate 112.In the exemplary embodiment, account certificate PKI 112a is filled by businessmanPut 120 and/or account management system 130 safeguard.In the exemplary embodiment, when businessman's device 120 is registered or behindAny time, account management system 130 account certificate PKI 112a is transmitted to businessman's device 120.
In frame 355, account certificate 112 is transmitted to user's set 110 by account management system 130.In example embodimentIn, any communication between user's set 110 and account management system 130 is signed by account certificate 112.At the present embodimentIn, by reading signature, account management system 130 identifies that user account manages system 130 account.
In frame 360, user's set 110 receives account certificate 112.
In frame 370, account management system 130 determines whether the request to up-to-date balance certificate 113 includes for providingGold is stored in the mandate of user account management system 130 account.In the exemplary embodiment, user is by authorizing fund from finance accountUser account management system 130 account is transferred to authorize this deposit in family.In the exemplary embodiment, user uses user's set110 perform this mandate.Such as, user accesses application 115 to ask to be stored in fund.In another example embodiment, userAnother is used to calculate device or can be with the Third party system that account management system 130 communicates to perform this mandate.At thisIn example embodiment, user's set 120 will ask up-to-date balance certificate when device 120 has network insertion.
If the request to up-to-date balance certificate 113 includes the request to the fund being stored in, then method 220 enters Fig. 3In frame 380.In frame 380, account management system 130 processes fund being deposited in the account of user.In exampleIn embodiment, fund is transferred to user account management system 130 account electronically from finance account.
Method 220 is subsequently into the frame 390 in Fig. 3.
Return to the frame 370 in Fig. 3, if the request to up-to-date balance certificate 113 does not include the request to the fund being stored in,So method 220 enters the frame 390 in Fig. 3.In frame 390, the balance certificate 113 signed is carried by account management system 130It is supplied to user's set 110.The method described hereinafter with reference to Fig. 4 is to for providing the balance certificate 113 signed to useThe method 390 of family device 110 is explained in more detail.
Fig. 4 be depict according to particular example embodiment for the balance certificate signed 113 is provided to user fillPut the FB(flow block) of the method 390 of 110, as with reference to frame 390.Method 390 is described by the parts with reference to Fig. 1 diagram.
In frame 410, account management system 130 determines whether the request to up-to-date balance certificate 113 includes withdrawl deposit record.In the exemplary embodiment, user's set 110 utilizes the request to up-to-date balance certificate 113 to be passed by one or more withdrawl deposit recordTransport to account management system 130.In the exemplary embodiment, all of withdrawl deposit record is transmitted to account management by user's set 110System.In the present embodiment, user's set 110 determine not yet send which withdrawl deposit record and by these record transmission to accountManagement system 130.In the exemplary embodiment, each withdrawl deposit record includes the offline electronic payment transaction carried out with businessman device 120Identification.Each withdrawl deposit record is saved in user account management system 130 account and uses by account management system 130 shouldRecord determines available the balance of funding.
If the request to up-to-date balance certificate 113 includes withdrawl deposit record, then method 390 enters the frame 420 in Fig. 4.In frame 420, account management system 130 verifies this withdrawl deposit record.In the exemplary embodiment, each withdrawl deposit record is at offline electronic paymentSigned by businessman's device 120 during transaction.In the exemplary embodiment, businessman's device 120 uses businessman's device signing certificate 124 rightWithdrawl deposit record is signed.In the exemplary embodiment, withdrawl deposit record is signed by businessman's device signing certificate 124 with this record of certification.?In the present embodiment, account management system 130 can use businessman device signing certificate PKI 124a to verify withdrawl deposit record.ShowingIn example embodiment, the withdrawl deposit record checking signed occurs offline electronic payment to hand between user's set 110 and businessman's device 120Easily.
If withdrawl deposit record is not verified, then method 390 enters the frame 430 in Fig. 4.In a block 430, refusal transactionAnd account management system 130 is to user's set 120 transmission notice.
With reference to the frame 420 in Fig. 4, if withdrawl deposit record has passed through checking, then method 390 enters the frame 440 in Fig. 4.In frame 440, account management system 130 by withdrawl deposit record record user account management system 130 account in.Implement in exampleIn example, account management system 130 updates the account of user to charge to the transaction of this offline electronic payment.
Method 390 is subsequently into the frame 450 in Fig. 4.
Return to the frame 410 in Fig. 4, if the request to up-to-date balance certificate does not include withdrawl deposit record, then method 390 is enteredEnter the frame 450 in Fig. 4.In frame 450, account management system 130 calculates can use in user account management system 130 accountThe remaining sum of fund.Hereinafter with reference to Fig. 5 describe method to for calculate user account management system 130 account in canIt is explained in more detail by the method 450 of the remaining sum of fund.
Fig. 5 be depict according to particular example embodiment for calculate user account management system 130 account inThe FB(flow block) of the method 450 of the remaining sum of available funds, as with reference to frame 450.Method 450 is carried out by the parts with reference to Fig. 1 diagramDescribe.
In frame 510, account management system 130 calculates the remaining sum of the fund in user account management system 130 account.In the exemplary embodiment, account management system 130 calculates the difference of total deposit and withdrawl deposit record total value.In another example embodimentIn, account management system 130 maintains the total accumulative of the remaining sum of the fund in the account of user.
In frame 520, account management system 130 determines whether a part for the remaining sum of fund is locked.Implement in exampleIn example, user utilizes the request to up-to-date balance certificate 113 to transmit a part for the remaining sum of fund is entered line-locked askingAsk.In another example embodiment, account management system 130 maintenance regulation or logic, this rule and logic are the most artificialIt is interpreted as in the case of intervention: determine the amount of money of locking fund.In another example embodiment, user's definition is used for determining lockingThe rule of the amount of money of fund.Such as, during rule may be required in user account management system 130 account, maintenance 25 dollars is minimumRemaining sum.In this example, account management system 130 by locking 25 dollars to prevent this minimum amount to be used for offline electronic payment.?In another example, rule may require that: locks the 5% of fund available in user account management system 130 account.In this example, if the user while the account of user has 100 dollars, then account management system 130 will locking 5 dollars withThis minimum amount is prevented to be used for offline electronic payment.
Lock without by any part of the balance of funding, then method 450 enters the frame 450 in Fig. 4.
Return to frame 520, if the part of the balance of funding is locked, then method 450 enters the frame 530 in Fig. 5.At frameIn 530, account management system 130 determines the rule for carrying out locking or unlocking by the part of the balance of funding.In exampleIn embodiment, this rule is defined by user, account management system, third party or their any combination.In example embodimentIn, the definition when user account management system 130 account is set up of this rule.In another example embodiment, this rule is establishedAnd the most at any time it may happen that change.In another example embodiment, user's asking up-to-date balance certificate 113Seek one or more rules included for carrying out locking or unlocking by fund.
In the exemplary embodiment, all funds in user account management system 130 account are all locked and accountWhether the rule-based part determining the balance of funding of management system 130 can be unlocked.Such as, account management system 130By apply one or more rules determine fund remaining sum 50% may be used for offline electronic payment conclude the business.
In frame 540, account management system 130 determine whether there is lock for the part of the balance of funding is carried out orThe time-based rule that person unlocks.In the exemplary embodiment, the part of the balance of funding can be used for the limited time.Such as,For single transaction, the part of the balance of funding can be unlocked.In this example, single is only concluded the business by balance certificate 113Or only in short amount of time (such as, being only sufficient to the time of an off-line trading) effectively.Conclude the business at single offline electronic paymentAfter one-tenth, or after the time that can be used for balance certificate 113 expires, it is desirable to the up-to-date balance certificate 113 that user please look for novelty.
In another example, the part of available funds can be locked a period of time.Such as, by the part of the balance of fundingLock 5 minutes.In this example, user can utilize the available funds amount of money when those 5 minutes periods were up to dogging beamBetween complete offline electronic payment transaction.After the transaction has been completed, by latch-release.User can be by the balance certificate 113 that please look for noveltyLocking time was extended before those expire for 5 minutes.
If account management system 130 determines that existence is for the base carrying out locking or unlocking by the part of the balance of fundingRule in the time, then method 450 enters the frame 550 in Fig. 5.In frame 550, account management system 130 determines predeterminedAvailable funds in the justice time period.
Method 450 is subsequently into the frame 560 in Fig. 5.
With reference to the frame 540 in Fig. 5, do not exist for by the part of the balance of funding if account management system 130 determinesCarry out the time-based rule locking or unlocking, then method 450 enters the frame 560 in Fig. 5.In frame 560, account pipeReason system 130 determines whether there is the location-based rule for carrying out locking or unlocking by the part of the balance of funding.In the exemplary embodiment, fund is only available for the position specified or concludes the business for the offline electronic payment with specified type businessman.ExampleAs, user only wants to for public transport, uses fund at dining room or in the X of city.In another example embodiment,Fund be only available for the transaction of the first stroke offline electronic payment predefined near or the use of other geographical location.Such as, onceUser initiates to conclude the business the offline electronic payment of businessman X, and it is attached that user may only complete in 10 foot radius of businessman X positionAdd transaction.In the exemplary embodiment, each user can have more than one user's set 110.In the present embodiment, eachUser's set 110 can have different balance certificates.By the part of the balance of funding being locked according to position, userMore than one user's set 110 cannot be used to overspend the balance of funding of user.
If account management system 130 determines that existence is for the base carrying out locking or unlocking by the part of the balance of fundingRule in position, then method 450 enters the frame 570 in Fig. 5.In frame 570, account management system 130 determines in advanceDefinition position or the available funds of business types.
Method 450 is subsequently into the frame 580 in Fig. 5.
Return to the frame 560 in Fig. 5, do not exist for by the part of the balance of funding if account management system 130 determinesCarry out the location-based rule locking or unlocking, then method 450 enters the frame 580 in Fig. 5.In frame 580, account pipeReason system 130 provides based on the locking being not useable for offline electronic payment transaction for locking one or more rules of fund to determineThe gold amount of money and the principal amount that can be used for offline electronic payment transaction.In the exemplary embodiment, the available funds amount of money includes total depositAny locking fund is gone with the subtractive of withdrawl deposit record total value.
Method 450 is subsequently into the frame 460 in Fig. 4.
Returning to Fig. 4, in frame 460, account management system 130 creates up-to-date balance certificate 113 for user's set 110.?In example embodiment, up-to-date balance certificate 113 includes the principal amount that can be used for offline electronic payment transaction.In the exemplary embodiment,Balance certificate 113 is the most restricted.In this exemplary embodiment, after the time of past predefined amount, balance certificate113 expire.In another example embodiment, balance certificate 113 is restricted on the number of times of off-line purchase-transaction.Real in this exampleExecuting in example, after the off-line purchase-transaction of predefined number of times completes, balance certificate 113 expires.In another example embodiment,Balance certificate 113 by time, transaction count, geographical position, business types or is built by account management system 130 or userVertical other restriction rule any limits.In the exemplary embodiment, balance certificate includes limiting the fund that can be used for payment transactionOne or more rules of the amount of money.
In frame 470, balance certificate 113 is signed by account management system 130.In the exemplary embodiment, businessman's device 120Balance certificate PKI 113a can be used to verify, and the verity of the balance certificate 113 signed reads the balance certificate signed113。
In frame 480, the balance certificate 113 signed is transmitted to user's set 110 by account management system 130.ShowingIn example embodiment, the balance certificate 113 signed connects transmission to user's set 110 via network 140.
In frame 490, user's set 110 receives the balance certificate 113 signed.
Method 390 is subsequently into the frame 230 in Fig. 2.
Returning to Fig. 2, in frame 230, user's set 110 and businessman's device 120 set up communication channel.In example embodimentIn, user has indicated the hope that the offline electronic payment with businessman is concluded the business.In the exemplary embodiment, user accesses and fills userPutting the application 115 on 110, this application 115 makes user's set 110 be able to carry out offline electronic payment transaction.In the exemplary embodiment, useFamily accesses the application 115 making user's set 110 wirelessly can communicate with businessman device 120.In the present embodiment, device (bagInclude device 110 and 120) via secure communication channel (such as, the channel radio of near-field communication, bluetooth, Wi-Fi or other formLetter channel) communication.
In frame 240, payment request is transmitted to user's set 110 by businessman's device 120.In the exemplary embodiment, businessmanIt is input to paying the request amount of money in the application 125 on businessman's device 120.In the present embodiment, payment request includes businessmanThe identification of device 120, the payment request amount of money and/or timestamp.In the exemplary embodiment, pay request to believe via secure communicationRoad transmits.
In frame 250, user's set 110 processes the payment request received from businessman's device 120.Hereinafter with reference to Fig. 6The method 250 paying request from businessman's device 120 reception for process is explained in more detail by the method described.
Fig. 6 is to depict the payment request received for process according to particular example embodiment from businessman's device 120The FB(flow block) of method 250, as with reference to frame 250.Method 250 is described by the parts with reference to Fig. 1 diagram.
In block 610, user's set 110 receives, from businessman's device 120, the request of payment.
In frame 620, user's set 110 generates for the amount of money of the upper instruction of the request that pays received from businessman's device 120Withdrawl deposit record.In the exemplary embodiment, this withdrawl deposit record includes: paying request (such as, businessman or businessman's device 120Identify, pay the request amount of money and timestamp) the middle information received.In another example embodiment, withdrawl deposit record includes that user fillsPut the identification of 110, the identification of user and/or the identification of user account management system 130 account.In another example embodiment,User can use application 115 to change the payment request amount of money before withdrawl deposit record creates or while creating.
In frame 630, withdrawl deposit record is signed by user's set 110.In the exemplary embodiment, utilize account certificate 112 privateWithdrawl deposit record is signed by key.In the exemplary embodiment, withdrawl deposit record is signed by user's set 110 or application 115 to allow businessFamily's device 120 verifies that accounts information (such as, account management system 130 account) belongs to user and is authorized to hand at offline electronic paymentUse in easily.
In frame 640, user's set 110 retrieves the up-to-date balance certificate 113 signed by account management system 130.ShowingAny time retrieval balance certificate 113 in example embodiment, after receiving, from businessman's device 120, the request of payment.In exampleIn embodiment, user's set 120 is paid the request amount of money by cross reference and is propped up by can be used for off-line disclosed in balance certificate 113Pay the principal amount of transaction, for offline electronic payment transaction, the availability of fund is confirmed.In another example embodiment, useFamily device 110 is verified any rule in the principal amount being applied to can be used for offline electronic payment transaction or restriction and determinesPay whether transaction meets those rules.
In frame 650, the response paying request will be transmitted to businessman's device 120 by user's set 110.In example embodimentIn, this response includes the withdrawl deposit record signed and the balance certificate 113 signed.In the exemplary embodiment, to paying requestResponse via between user's set 110 and businessman's device 120 secure communication channel transmit.
Method 250 is subsequently into the frame 260 in Fig. 2.
Returning to Fig. 2, in frame 260, businessman's device 120 is verified the response paying request from user's set 110 reception.The method described hereinafter with reference to Fig. 7 to for checking to paying the method for response asked from user's set 110 receptions260 are explained in more detail.
Fig. 7 is to depict asking the payment that receives from user's set 110 for checking according to particular example embodimentThe FB(flow block) of method 260 of response, as with reference to frame 260.The method 260 is described by the parts with reference to Fig. 1 diagram.
In block 710, businessman's device 120 receives the response paying request from user's set 110.In example embodimentIn, this response includes the withdrawl deposit record signed and the balance certificate 113 signed.
In frame 720, businessman's device 120 verifies withdrawl deposit record.In the exemplary embodiment, businessman's device 120 accesses to your accountCertPubKey 112a verifies the withdrawl deposit record signed.In the present embodiment, withdrawl deposit record transmission to businessman's device 120 itBefore signed by account certificate 112 on user's set 110.Businessman's device 120 verifies that the signature on withdrawl deposit record is with to userThe identity of device 110, user and/or user account management system 130 account confirms.
If withdrawl deposit record is not verified, then method 260 enters the frame 730 in Fig. 7.In frame 730, refuse off-linePayment transaction.In the exemplary embodiment, the notification transmission that refusal is concluded the business by businessman's device 120 is to user's set 110.
Return to the frame 720 in Fig. 7, if withdrawl deposit record has passed through checking, then method 260 enters the frame 740 in Fig. 7.In frame 740, businessman's device 120 verifies balance certificate 113.In the exemplary embodiment, businessman's device 120 uses balance certificate publicKey 113a verifies the balance certificate 113 signed.
In the present embodiment, balance certificate 113 was signed by account management system 130 before user's set 110 in transmission.In response to paying request, the balance certificate 113 signed is transmitted to businessman's device 120 with withdrawl deposit record.Businessman's device120 checkings signature on balance certificate 113 confirms with the availability to the fund being used for offline electronic payment transaction.?In example embodiment, businessman's device 120 is verified that balance certificate 113 is not yet due and/or checking is satisfied and is applied on balance certificateAny other limits (such as, geographical restriction, businessman limit or the restriction of other function).
If balance certificate 113 is not verified, then method 260 enters the frame 750 in Fig. 7.In frame 750, refusalOffline electronic payment is concluded the business.In the exemplary embodiment, the notification transmission that refusal is concluded the business by businessman's device 120 is to user's set 110.
Return to the frame 740 in Fig. 7, if balance certificate 113 has passed through checking, then method 260 enters the frame in Fig. 7760.In frame 760, businessman's device 120 checking has been used for the availability of the fund of offline electronic payment transaction.In example embodimentIn, businessman's device 120 reads available funds from balance certificate 113.In the exemplary embodiment, businessman's device 120 according to checking fromLine payment transaction meets any rule being applied in available funds.
If there is no the fund of abundance for offline electronic payment transaction, then method 260 enters the frame 770 in Fig. 7.At frameIn 770, businessman's device 120 and/or user's set 110 determine that a part for the remaining sum of fund is the most locked or props up at off-linePay during concluding the business unusable.In the exemplary embodiment, balance certificate 113 includes the symbol that a part for fund is locked.
If a part for the remaining sum of fund is not locked out, then method 260 enters the frame 775 in Fig. 7.In frame 775,Refusal offline electronic payment transaction.In the exemplary embodiment, the notification transmission that refusal is concluded the business by businessman's device 120 is to user's set 110.
Return to the frame 770 in Fig. 7, if a part for the remaining sum of fund is locked or during offline electronic payment is concluded the business notCan use, then method 260 enters the frame 780 in Fig. 7.In frame 780, user authorizes will to account management system 130 requestA part for fund is unlocked.In the exemplary embodiment, only when user's set 110 has when network 140 connects could be byRequest fund being unlocked is transmitted to account management system 130.In the present embodiment, rejection is concluded the business, until additional moneyGold is unlocked.
Method 260 is subsequently into the frame 310 in Fig. 3, and user's set 110 request has the new balance card of unblock fundBook 113.
Return to the frame 760 in Fig. 7, if there being the fund of abundance to can be used for offline electronic payment transaction, then method 260 enters figureFrame 790 in 7.In frame 790, businessman's device 120 authorizes offline electronic payment to conclude the business.
Method 260 is subsequently into the frame 270 in Fig. 2.
Returning to Fig. 2, in frame 270, account management system 130 verifies withdrawl deposit record.The side described hereinafter with reference to Fig. 8Method is to for verifying that the method 270 of withdrawl deposit record is explained in more detail.
Fig. 8 is the FB(flow block) depicting the method 270 for verifying withdrawl deposit record according to particular example embodiment, asWith reference to frame 270.Method 270 is described by the parts with reference to Fig. 1 diagram.
In frame 810, businessman's device 120 utilizes businessman's device signing certificate 124 to sign withdrawl deposit record.Implement in exampleIn example, businessman's device 120 verifies withdrawl deposit record at it, verifies balance certificate 113 and determines have for offline electronic payment transactionAfter sufficient fund, this offline electronic payment is authorized to conclude the business.In the present embodiment, withdrawl deposit record is signed to award by businessman's device 120Weigh this transaction.In another example embodiment, businessman's device 120 creates and concludes the business successful state generation to user's set 110 instructionCode or message.
In frame 815, the withdrawl deposit record signed is transmitted to user's set 110 by businessman's device 120.In example embodimentIn, the withdrawl deposit record signed transmits via the secure communication channel between user's set 110 and businessman's device 120.ShowingIn example embodiment, by the withdrawl deposit record signed transmission to user's set 110 to complete offline electronic payment transaction.Real in another exampleExecuting in example, the instruction successful state code of transaction or message are transmitted to user's set 110 by businessman's device 120.
In frame 820, businessman's device 120 determines if that having network 140 accesses.In the exemplary embodiment, businessman's dressPut 120 and require that network 140 accesses to communicate with account management system 130.
Access if businessman's device 120 does not have network 140, then method 270 enters the frame 830 in Fig. 8.At frame 830In, businessman's device 120 stores withdrawl deposit record until businessman's device 120 has network 140 and accesses.
Returning to the frame 820 in Fig. 8, if businessman's device 120 has network 140 and accesses, or once network 140 access canWith, then method 270 enters the frame 840 in Fig. 8.In the block 840, withdrawl deposit record is transmitted to account management by businessman's device 120System 130.In the exemplary embodiment, withdrawl deposit record is signed by businessman's device signing certificate 124.In another example embodiment,Withdrawl deposit record is in response to pay the identical withdrawl deposit record that request receives from user's set 110.
In frame 850, account management system 130 receives withdrawl deposit record from businessman's device 120.
In frame 860, account management system 130 verifies withdrawl deposit record.In the exemplary embodiment, account management system 130Businessman device signing certificate PKI 124a is used to verify withdrawl deposit record.In the present embodiment, account management system 130 checking takesMoney record and/or the identity of businessman's device 120 or effectiveness.In another example embodiment, businessman's device 120 transmission hasThe identifier of withdrawl deposit record or message.In the present embodiment, account management system 130 is by the identity to businessman's device 120Carry out confirmation to verify withdrawl deposit record.In another example embodiment, account management system 130 is by checking user or userThe identity of device 110 verifies withdrawl deposit record.
If withdrawl deposit record authentication failed, then method 270 enters the frame 870 in Fig. 8.In frame 870, refusal off-line props upPay transaction.In the exemplary embodiment, the notification transmission that refusal is concluded the business by account management system 130 is to businessman's device 120.
Return to the frame 860 in Fig. 8, if withdrawl deposit record is verified, then method 270 enters the frame 880 in Fig. 8.?In frame 880, account management system 130 by withdrawl deposit record record user account management system 130 account in.In example embodimentIn, withdrawl deposit record includes: user, user's set 110 and/or the identification of user account management system 130 account.In this enforcementIn example, account management system 130 utilizes from the withdrawl deposit record of businessman's device 120 reception to update the account of user.
In the exemplary embodiment, withdrawl deposit record is transmitted to account management system by user's set 110 at businessman's device 120The balance certificate 113 please look for novelty before or after 130.In the present embodiment, the withdrawl deposit record that user's set 110 will have been signedTransmission is to account management system 130.Account management system 130 is by two notes of withdrawing the money for identical offline electronic payment transaction acceptanceRecord record is in user account management system 130 account.In the exemplary embodiment, the two withdrawl deposit record is for verifying user'sThe effectiveness of the remaining sum of the fund in account.
Other example embodiment
Fig. 9 depicts the computing machine 2000 according to particular example embodiment and module 2050.Computing machine 2000 is permissibleRight with any one in various computers, server, mobile device, embedded system or calculating system presented hereinShould.Module 2050 can include one or more hardware element or software element, this one or more hardware element orPerson's software element is configured to promote that computing machine 2000 performs various methods presented herein and processes function.Computing machine2000 can include various internal part or attachment component, such as, processor 2010, system bus 2030, system storage2030, storage medium 2040, input/output interface 2060 and the network interface 2070 for communicating with network 2080.
Computing machine 2000 can be embodied as conventional computer system, embedded controller, laptop computer, serviceAnother processor that device, mobile device, smart phone, Set Top Box, information kiosk, inter-vehicle information system are associated with TV, fromDefinition machine, other hardware platform any or their any combination or multiplicity.Computing machine 2000 can be distributionFormula system, this distributed system is configured with the multiple computing machines interconnected via data network or bus systemAnd play a role.
Processor 2010 can be configured to perform code or instruct to carry out operation described herein and function, managementMapping is flowed and is processed in request, and is configured to perform calculate and generate order.Processor 2010 can be configured to prisonSurvey and control the operation of parts in computing machine 2000.Processor 2010 can be general processor, processor core,At multiprocessor, reconfigurable processor, microcontroller, digital signal processor (DSP), special IC (ASIC), figureReason unit (GPU), field programmable gate array (FPGA), PLD (PLD), controller, state machine, gate logic,Discrete hardware components, other processing unit any or their any combination or multiplicity.Processor 2010 can be singleIndividual processing unit, multiple processing unit, single process core, multiple process core, dedicated processes core, coprocessor orTheir any combination of person.According to specific embodiment, processor 2010, together with other parts of computing machine 2000, Ke YishiThe Virtualization Computer device performed in one or more other computing machine.
System storage 2030 can include nonvolatile memory, such as, read only memory (ROM), able to programme read-onlyMemorizer (PROM), Erasable Programmable Read Only Memory EPROM (EPROM), flash memory or can store has or notThere is the programmed instruction of applying power or other device any of data.System storage 2030 can also include that volatibility is depositedReservoir, such as, random access memory (RAM), static RAM (SRAM), dynamic random access memoryAnd Synchronous Dynamic Random Access Memory (SDRAM) (DRAM).Other type of RAM can be also used for implementing system storage2030.System storage 2030 can use single memory module or multiple memory module to realize.Although system is depositedReservoir 2030 is depicted as a part for computing machine 2000, but those skilled in the art is it will be recognized that without departing from thisIn the case of the scope of subject technology, system storage 2030 can be separated with computing machine 2000.Be also to be understood that systemMemorizer 2030 can include Nonvolatile memory devices (such as, storage medium 2040), or can deposit in conjunction with non-volatileStorage device operates.
Storage medium 2040 may include that hard disk, floppy disk, compact disc read-only memory (CD-ROM), digital versatile disc(DVD), Blu-ray Disc, tape, flash memory, other Nonvolatile memory devices, solid-state drive (SSD), any magneticStorage device, any optical storage, any electronic storage device, any semiconductor storage, any based on physicsStorage device, other data storage device any or their any combination or multiplicity.Storage medium 2040 can be depositedStore up one or more operating system, application program and program module, such as, module 2050, data or other letter anyBreath.Storage medium 2040 can be a part for computing machine 2000, or is connected to computing machine 2000.Storage medium 2040Can also is that one or more other computing machine (such as, server, the database service communicated with computing machine 2000Device, cloud storage, network-attached storage device etc.) a part.
Module 2050 can include one or more hardware element or software element, this one or more hardware unitPart or software element are configured to promote that computing machine 2000 performs various methods presented herein and processes function.Module2050 can include with system storage 2030, storage medium 2040 or both be stored as software or firmware explicitlyOne or more job sequence.Therefore, storage medium 2040 can represent the example of machine or computer-readable medium,This machine or computer-readable medium can store the instruction for being performed by processor 2010 or code.Machine orPerson's computer-readable medium can generally referred to as be used for providing any medium to processor 2010 by instruction.With module 2050This machine being associated or computer-readable medium can include computer software product.It should be appreciated that include moduleThe computer software product of 2050 can also with for via network 2080, any signal bearing medium or any other lead toModule 2050 is sent to one or more process of computing machine 2000 by letter or tranmission techniques or method is associated.MouldBlock 2050 can also include hardware circuit or the information for configuring hardware circuit, such as, for FPGA's or other PLDMicrocode or configuration information.
Input/output (I/O) interface 2060 can be configured to couple to one or more external device (ED), from thisOr multiple external device (ED)s receive data, and send data to this one or more external device (ED).This external device (ED),Together with various interior arrangements, it is also possible to be referred to as peripheral unit.I/O interface 2060 can include can be used for various peripheral unitsIt is operatively coupled to computing machine 2000 or the electrical connection of processor 2010 or physical connection.I/O interface 2060 is permissibleIt is configured between peripheral unit, computing machine 2000 or processor 2010 transmit data, address and control signal.I/O Interface 2060 can be configured to implement any standard interface, such as, small computer system interface (SCSI), serial attachedSCSI (SAS), fiber channel, peripheral parts interconnected (PCI), PCI express (PCIe), universal serial bus, parallel bus, heightLevel Technical Appendix (ATA), serial ATA (SATA), USB (universal serial bus) (USB), Thunderbolt, FireWire, various videoBus etc..I/O interface 2060 can be configured to only implement a kind of interface or bussing technique.Alternatively, I/O interface 2060 canTo be configured to implement multiple interfaces or bussing technique.I/O interface 2060 can be configured to: of system bus 2020Point, system bus 2020 whole, or coupling system bus 2020 operates.I/O interface 2060 can include for oneIndividual or multiple external device (ED), interior arrangement, transmission between computing machine 2000 or processor 2010 carry out cachedIndividual or multiple cachings.
Computing machine 2000 can be coupled to various input equipment by I/O interface 2060, including: mouse, touch screen, scanningInstrument, electronic digitizer, sensor, receptor, Trackpad, trace ball, camera, mike, keyboard, other fixed point dress anyPut or their any combination.Computing machine 2000 can be coupled to various output device by I/O interface 2060, including: regardFrequency display, speaker, printer, projector, haptic feedback devices, automatically control, mechanical part, actuator, motor, windFan, solenoid, valve, pump, transmitter, signal projector, light etc..
Computing machine 2000 can be by one or more other system or the computing machine towards across a network 2080Network interface 2070, use logic connect, operate in a network environment.Network 2080 can include wide area network (WAN), officeTerritory net (LAN), Intranet, the Internet, Radio Access Network, cable network, mobile network, telephone network, optic network orCombinations thereof.Network 2080 can be the packet switch of any topology, circuit switching, and can use any communication protocolsView.Communication link in network 2080 can relate to various numeral or analogue communication medium, such as, optical fiber cable, freedomSpace optics, waveguide, electric conductor, wireless link, antenna, radio communication etc..
Processor 2010 can be connected to other element of computing machine 2000 by system bus 2020 or be retouched hereinThe various ancillary equipment stated.It should be appreciated that system bus 2020 can inside processor 2010, outside processor 2010 orBoth persons.According to some embodiments, can be by processor 2010, other element of computing machine 2000 or described hereinAny one in various ancillary equipment be integrated into single assembly (such as, SOC(system on a chip) (SOC), system in package (SOP) orPerson's ASIC device) in.
In system acquisition discussed herein about the personal information of user or in the case of personal information can being utilized, canProviding the user following chance or selection: whether control program or feature gather user profile (such as, relevant userThe information of the current location of social networks, social action or activity, occupation, the preference of user or user) or control beNo and/or how from content server receive may be more relevant with user content.Additionally, at storage or use particular dataBefore, this particular data can be processed according to one or more modes, so that remove the recognizable information of individual.For example, it is possible to process the identity of user, so that cannot determine that the individual of user can recognize that information, or can be by acquisitionThe geographical position vague generalization (such as, city, postcode or state county grade) of the user of positional information, so that cannotDetermine the ad-hoc location of user.Therefore, user can control: how to gather the information about user and how content server makesUse this information.