CN114445071A

Movatterモバイル変換

Info

Publication number: CN114445071A
Application number: CN202011192966.1A
Authority: CN
Inventors: 潘宁喦
Original assignee: Pateo Connect and Technology Shanghai Corp
Current assignee: Pateo Connect and Technology Shanghai Corp
Priority date: 2020-10-30
Filing date: 2020-10-30
Publication date: 2022-05-06

Abstract

The application relates to a vehicle-mounted terminal payment method, a vehicle-mounted terminal payment device, a computer-readable storage medium and electronic equipment. The payment method comprises the following steps: receiving a first order, wherein the first order comprises first information of the vehicle-mounted terminal; performing first encryption and signature on the first order to obtain a second order; sending a second order to the vehicle-mounted terminal, wherein the second order is used for the vehicle-mounted terminal to execute the following operations: performing first signature verification and decryption on the second order, completing payment authentication according to the second order, performing second encryption and signature on the second order and a payment certificate issued by the server to obtain a third order, and sending the third order to the server, wherein the third order comprises the payment certificate; receiving a third order form from the vehicle-mounted terminal; and performing second signature verification and decryption on the third order to complete payment. The vehicle-mounted terminal payment method is high in safety and simple and convenient to operate.

Description

Translated fromChinese

支付方法、装置、计算机可读存储介质及电子设备Payment method, apparatus, computer-readable storage medium, and electronic device

技术领域technical field

本申请涉及支付领域，具体涉及一种车载终端支付方法、装置、计算机可读存储介质及电子设备。The present application relates to the field of payment, and in particular, to a vehicle terminal payment method, device, computer-readable storage medium, and electronic equipment.

背景技术Background technique

现有的车载系统的支付方法需要用户进行复杂的流程操作，且支付过程并没有真正进行付款者的个人身份认证，支付过程安全性不够，且不够便捷。The payment method of the existing in-vehicle system requires the user to perform complex process operations, and the payment process does not really carry out the personal identity authentication of the payer, and the payment process is not secure enough and not convenient enough.

发明内容SUMMARY OF THE INVENTION

鉴于此，本申请实施例提供一种车载终端支付方法，其安全性高，操作简便。In view of this, the embodiments of the present application provide a vehicle-mounted terminal payment method, which has high security and is easy to operate.

此外，本申请还提供一种车载终端支付装置。In addition, the present application also provides an in-vehicle terminal payment device.

此外，本申请还提供一种计算机可读存储介质。In addition, the present application also provides a computer-readable storage medium.

此外，本申请还提供一种电子设备。In addition, the present application also provides an electronic device.

本申请实施例提供一种车载终端支付方法，应用于服务器，所述支付方法包括：An embodiment of the present application provides a vehicle terminal payment method, which is applied to a server, and the payment method includes:

接收第一订单，所述第一订单包括所述车载终端的第一信息；receiving a first order, the first order including the first information of the vehicle-mounted terminal;

对所述第一订单进行第一加密及签名，得到第二订单；Perform the first encryption and signature on the first order to obtain the second order;

向所述车载终端发送所述第二订单，所述第二订单用于所述车载终端执行以下操作：对所述第二订单进行第一验签及解密，根据所述第二订单完成支付认证，并将所述第二订单和所述服务器下发的支付凭证进行第二加密及签名，得到第三订单，以及向所述服务器发送所述第三订单，所述第三订单包括所述支付凭证；Send the second order to the vehicle-mounted terminal, where the second order is used for the vehicle-mounted terminal to perform the following operations: perform a first signature verification and decryption on the second order, and complete payment authentication according to the second order , and perform second encryption and signature on the second order and the payment voucher issued by the server to obtain a third order, and send the third order to the server, where the third order includes the payment certificate;

接收来自所述车载终端的所述第三订单；以及receiving the third order from the in-vehicle terminal; and

对所述第三订单进行第二验签及解密，以完成付款。Perform a second signature verification and decryption on the third order to complete payment.

可选地，所述服务器存储有车载终端公钥；所述对所述第一订单进行第一加密及签名，得到第二订单，具体包括：采用所述车载终端公钥及所述服务器私钥分别对所述订单进行第一加密及签名，得到第二订单。Optionally, the server stores the on-board terminal public key; and performing the first encryption and signature on the first order to obtain the second order specifically includes: using the on-board terminal public key and the server private key. The first order is encrypted and signed respectively to obtain the second order.

可选地，所述向所述车载终端发送所述第二订单，所述第二订单用于所述车载终端执行以下操作：对所述第二订单进行第一验签及解密，根据所述第二订单完成支付认证，并将所述第二订单和所述服务器下发的支付凭证进行第二加密及签名，得到第三订单，以及向所述服务器发送所述第三订单，所述第三订单包括所述支付凭证；具体包括：Optionally, the sending of the second order to the vehicle-mounted terminal, the second order is used for the vehicle-mounted terminal to perform the following operations: performing a first signature verification and decryption on the second order, according to the The payment authentication of the second order is completed, and the second order and the payment certificate issued by the server are encrypted and signed for a second time to obtain a third order, and the third order is sent to the server, and the third order is sent to the server. The third order includes the payment voucher; specifically, it includes:

向所述车载终端发送所述第二订单，所述第二订单用于所述车载终端执行以下操作：采用所述服务器公钥及所述车载终端私钥分别对所述第二订单进行第一验签及解密，根据所述第二订单完成所述车载终端所关联用户的生命体征认证，并采用所述支付凭证公钥及所述车载终端私钥分别对所述第二订单及服务器下发的支付凭证进行第二加密及签名，得到第三订单，以及向所述服务器发送所述第三订单。Send the second order to the vehicle-mounted terminal, where the second order is used for the vehicle-mounted terminal to perform the following operations: use the public key of the server and the private key of the vehicle-mounted terminal to perform the first order on the second order respectively; Verifying and decrypting the signature, completing the verification of the vital signs of the user associated with the vehicle terminal according to the second order, and using the public key of the payment certificate and the private key of the vehicle terminal to issue the second order and the server respectively The payment certificate is encrypted and signed for the second time to obtain a third order, and the third order is sent to the server.

可选地，所述对所述第三订单进行第二验签及解密，以完成付款，具体包括：Optionally, performing a second signature verification and decryption on the third order to complete payment, specifically including:

采用所述车载终端公钥及所述支付凭证私钥对所述第三订单进行第二验签及解密，以完成付款。The third order is subjected to a second signature verification and decryption using the on-board terminal public key and the payment voucher private key to complete payment.

可选地，在所述接收第一订单之前，所述支付方法还包括：Optionally, before the receiving the first order, the payment method further includes:

接收来自所述车载终端的第二信息，其中，所述第二信息被所述车载终端进行了第三加密及签名，所述第二信息包括所述车载终端所关联的用户的支付账户；receiving second information from the vehicle-mounted terminal, wherein the second information is thirdly encrypted and signed by the vehicle-mounted terminal, and the second information includes the payment account of the user associated with the vehicle-mounted terminal;

对所述第二信息进行第三验签及解密，以获得所述车载终端所关联的用户的支付账户；Performing a third signature verification and decryption on the second information to obtain the payment account of the user associated with the vehicle-mounted terminal;

向所述车载终端所关联的用户的移动终端发送第一验证信息，所述验证信息用于所述车载终端执行以下步骤：将所述第一验证信息进行第四加密及签名，得到第二验证信息，向所述服务器发送所述第二验证信息；Sending first verification information to the mobile terminal of the user associated with the vehicle-mounted terminal, the verification information is used for the vehicle-mounted terminal to perform the following steps: performing fourth encryption and signature on the first verification information to obtain a second verification information, sending the second verification information to the server;

对所述第二验证信息进行第四验签及解密，并根据所述第二验证信息及所述第二信息生成第三信息，所述第三信息包括支付凭证、支付凭证公钥及支付凭证私钥；Perform a fourth signature verification and decryption on the second verification information, and generate third information according to the second verification information and the second information, where the third information includes a payment certificate, a payment certificate public key, and a payment certificate private key;

将所述第二信息及所述第三信息绑定并保存；binding and saving the second information and the third information;

向所述车载终端发送所述支付凭证及支付凭证公钥，所述支付凭证及支付凭证公钥用于所述车载终端执行以下步骤：将所述支付凭证、所述支付凭证公钥、支付账户及所述车载终端所关联的用户生命体征绑定并保存。Send the payment certificate and the payment certificate public key to the vehicle terminal, and the payment certificate and the payment certificate public key are used by the vehicle terminal to perform the following steps: send the payment certificate, the payment certificate public key, the payment account and the user vital signs associated with the in-vehicle terminal are bound and saved.

基于同样的发明构思，本申请还提供一种车载终端支付方法，应用于车载终端，所述支付方法包括：Based on the same inventive concept, the present application also provides a vehicle-mounted terminal payment method, which is applied to the vehicle-mounted terminal, and the payment method includes:

接收来自所述服务器的所述第二订单，其中，所述第二订单由所述服务器对第一订单进行第一加密及签名得到，所述第一订单包括所述车载终端的第一信息；receiving the second order from the server, wherein the second order is obtained by the server performing the first encryption and signature on the first order, and the first order includes the first information of the vehicle-mounted terminal;

对所述第二订单进行第一验签及解密，根据所述第二订单完成支付认证；Perform first signature verification and decryption on the second order, and complete payment authentication according to the second order;

将所述第二订单及服务器下发的支付凭证进行第二加密及签名，得到第三订单，所述第三订单包括所述支付凭证；Perform second encryption and signature on the second order and the payment voucher issued by the server to obtain a third order, and the third order includes the payment voucher;

向所述服务器发送所述第三订单，所述第三订单用于所述服务器执行以下操作：对经所述第三订单进行第二验签及解密，以完成付款。The third order is sent to the server, and the third order is used for the server to perform the following operations: performing a second signature verification and decryption on the third order to complete payment.

可选地，所述服务器对第一订单进行第一加密及签名，具体包括：所述服务器采用所述车载终端公钥及所述服务器私钥分别对所述第一订单进行第一加密及签名。Optionally, the server performs the first encryption and signature on the first order, which specifically includes: the server uses the vehicle terminal public key and the server private key to perform the first encryption and signature on the first order respectively. .

可选地，所述车载终端存储有服务器公钥；所述对所述第二订单进行第一验签及解密，根据所述第二订单完成支付认证，具体包括：采用所述服务器公钥及所述车载终端私钥分别对所述第二订单进行第一验签及解密，根据所述第二订单完成所述车载终端所关联用户的生命体征认证。Optionally, the vehicle-mounted terminal stores a server public key; the performing first signature verification and decryption on the second order, and completing payment authentication according to the second order, specifically includes: using the server public key and The on-board terminal private key respectively performs first signature verification and decryption on the second order, and completes the verification of vital signs of the user associated with the on-board terminal according to the second order.

可选地，将所述第二订单及服务器下发的支付凭证进行第二加密及签名，得到第三订单，具体包括：将所述第二订单及服务器下发的支付凭证采用所述第一支付凭证公钥及所述车载终端私钥分别进行第二加密及签名后，得到第三订单；Optionally, performing the second encryption and signature on the second order and the payment voucher issued by the server to obtain a third order, which specifically includes: using the first order and the payment voucher issued by the server with the first order. The third order is obtained after the public key of the payment certificate and the private key of the vehicle terminal are respectively encrypted and signed for the second time;

所述第三订单具体用于所述服务器执行以下操作：对采用所述车载终端公钥及所述支付凭证私钥，对经所述第三订单进行第二验签及解密，以完成付款。The third order is specifically used for the server to perform the following operations: using the public key of the vehicle-mounted terminal and the private key of the payment certificate, perform a second signature verification and decryption on the third order to complete the payment.

可选地，在所述接收来自所述服务器的所述第二订单之前，所述支付方法还包括：Optionally, before the receiving the second order from the server, the payment method further includes:

对车载终端所关联的用户的支付账户进行第三加密及签名，得到第二信息；Perform third encryption and signature on the payment account of the user associated with the vehicle terminal to obtain the second information;

向所述服务器发送所述第二信息，所述第二信息用于所述服务器执行以下步骤：对所述第二信息进行第三验签及解密，以获得所述车载终端所关联用户的支付账户，并向所述车载终端发送第一验证信息，以进行身份验证；Send the second information to the server, where the second information is used by the server to perform the following steps: perform a third signature verification and decryption on the second information to obtain payment from the user associated with the vehicle-mounted terminal account, and send the first verification information to the vehicle terminal for identity verification;

输入来自所述服务器的第一验证信息，对所述第一验证信息进行第四加密及签名，得到第二验证信息，向所述服务器发送所述第二验证信息；所述第二验证信息用于所述服务器执行以下步骤：对所述第二验证信息进行第四验签及解密，根据所述第二验证信息及所述第二信息生成第三信息，所述第三信息包括支付凭证、支付凭证公钥及支付凭证私钥，并将所述第二信息及所述第三信息绑定并保存；Input the first verification information from the server, perform fourth encryption and signature on the first verification information, obtain the second verification information, and send the second verification information to the server; The following steps are performed on the server: performing a fourth signature verification and decryption on the second verification information, and generating third information according to the second verification information and the second information, where the third information includes a payment voucher, Payment certificate public key and payment certificate private key, and bind and save the second information and the third information;

接收来自所述服务器的所述支付凭证及支付凭证公钥；receiving the payment certificate and payment certificate public key from the server;

将所述支付凭证、所述支付凭证公钥、所述支付账户及所述车载终端所关联的用户的生命体征绑定并保存。Binding and saving the payment voucher, the payment voucher public key, the payment account and the vital signs of the user associated with the vehicle-mounted terminal.

基于同样的发明构思，本申请实施例还提供一种车载终端支付装置，应用于服务器，所述支付装置包括：Based on the same inventive concept, an embodiment of the present application also provides a vehicle terminal payment device, which is applied to a server, and the payment device includes:

第一接收模块，用于接收第一订单，所述第一订单包括所述车载终端的第一信息；a first receiving module, configured to receive a first order, where the first order includes the first information of the vehicle-mounted terminal;

第一加密及签名模块，用于对所述第一订单进行第一加密及签名，得到第二订单；a first encryption and signature module, configured to perform first encryption and signature on the first order to obtain a second order;

第一发送模块，用于向所述车载终端发送所述第二订单，所述第二订单用于所述车载终端执行以下操作：对所述第二订单进行第一验签及解密，根据所述第二订单完成支付认证，并将所述第二订单和所述服务器下发的第一支付凭证进行第二加密及签名，得到第三订单，以及向所述服务器发送所述第三订单，所述第三订单包括所述支付凭证；The first sending module is configured to send the second order to the vehicle-mounted terminal, and the second order is used for the vehicle-mounted terminal to perform the following operations: perform a first signature verification and decryption on the second order, according to the The second order completes payment authentication, and the second order and the first payment voucher issued by the server are encrypted and signed for a second time to obtain a third order, and the third order is sent to the server, the third order includes the payment voucher;

所述第一接收模块还用于接收来自所述车载终端的所述第三订单；以及The first receiving module is further configured to receive the third order from the vehicle-mounted terminal; and

第一验签及解密模块，对所述第三订单进行第二验签及解密，以完成付款。The first signature verification and decryption module performs second signature verification and decryption on the third order to complete payment.

可选地，所述服务器存储有车载终端公钥；所述第一加密及签名模块具体用于：采用所述车载终端公钥及所述服务器私钥分别对所述第一订单进行第一加密及签名，得到第二订单。Optionally, the server stores the on-board terminal public key; the first encryption and signature module is specifically configured to: firstly encrypt the first order by using the on-board terminal public key and the server private key respectively. and signature to get the second order.

可选地，所述第一发送模块具体用于：向所述车载终端发送所述第二订单，所述第二订单用于所述车载终端执行以下操作：采用所述服务器公钥及所述车载终端私钥分别对所述第二订单进行第一验签及解密，根据所述第二订单完成所述车载终端所关联用户生命体征认证，并采用所述支付凭证公钥及所述车载终端私钥分别对所述第二订单及服务器下发的支付凭证进行第二加密及签名，得到第三订单，以及向所述服务器发送所述第三订单。Optionally, the first sending module is specifically configured to: send the second order to the vehicle-mounted terminal, where the second order is used for the vehicle-mounted terminal to perform the following operations: using the server public key and the The private key of the on-board terminal performs the first verification and decryption of the second order respectively, completes the authentication of the vital signs of the user associated with the on-board terminal according to the second order, and uses the public key of the payment certificate and the on-board terminal. The private key performs second encryption and signature on the second order and the payment certificate issued by the server, respectively, to obtain a third order, and sends the third order to the server.

可选地，所述第一验签及解密模块具体用于：Optionally, the first signature verification and decryption module is specifically used for:

可选地，Optionally,

所述第一接收模块还用于接收来自所述车载终端的第二信息，其中，所述第二信息被所述车载终端进行了第三加密及签名，所述第二信息包括所述车载终端所关联的用户的支付账户；The first receiving module is further configured to receive second information from the vehicle-mounted terminal, wherein the second information is thirdly encrypted and signed by the vehicle-mounted terminal, and the second information includes the vehicle-mounted terminal the payment account of the associated user;

所述第一验签及解密模块还用于对所述第二信息进行第三验签及解密，以获得所述车载终端所关联的用户的支付账户；The first signature verification and decryption module is also used to perform a third signature verification and decryption on the second information to obtain the payment account of the user associated with the vehicle-mounted terminal;

所述第一发送模块还用于向所述车载终端所关联的用户的移动终端发送第一验证信息，所述验证信息用于所述车载终端执行以下步骤：将所述第一验证信息进行第四加密及签名，得到第二验证信息，向所述服务器发送所述第二验证信息；The first sending module is further configured to send first verification information to the mobile terminal of the user associated with the vehicle-mounted terminal, where the verification information is used for the vehicle-mounted terminal to perform the following steps: performing the first verification information on the first verification information. 4. Encrypt and sign to obtain second verification information, and send the second verification information to the server;

所述第一验签及解密模块还用于对所述第二验证信息进行第四验签及解密；The first signature verification and decryption module is further configured to perform a fourth signature verification and decryption on the second verification information;

所述支付装置还包括支付凭证生成模块，用于根据所述第二验证信息及所述第二信息生成第三信息，所述第三信息包括支付凭证、支付凭证公钥及支付凭证私钥；The payment device further includes a payment voucher generation module configured to generate third information according to the second verification information and the second information, where the third information includes a payment voucher, a payment voucher public key, and a payment voucher private key;

所述支付装置还包括第一存储模块，用于将所述第二信息及所述第三信息绑定并保存；The payment device further includes a first storage module for binding and saving the second information and the third information;

所述第一发送模块还用于向所述车载终端发送所述第二信息的所述支付凭证及支付凭证公钥，所述第二信息的所述支付凭证及支付凭证公钥用于所述车载终端执行以下步骤：将所述支付凭证、所述支付凭证公钥、支付账户及所述车载终端所关联的用户生命体征绑定并保存。The first sending module is further configured to send the payment certificate and payment certificate public key of the second information to the vehicle-mounted terminal, and the payment certificate and payment certificate public key of the second information are used for the The vehicle-mounted terminal performs the following steps: binding and saving the payment certificate, the public key of the payment certificate, the payment account and the user's vital signs associated with the vehicle-mounted terminal.

基于同样的发明构思，本申请实施例还提供一种车载终端支付装置，应用于车载终端，所述支付装置包括：Based on the same inventive concept, an embodiment of the present application also provides a vehicle-mounted terminal payment device, which is applied to the vehicle-mounted terminal, and the payment device includes:

第二接收模块，用于接收来自所述服务器的所述第二订单，其中，所述第二订单由所述服务器对第一订单进行第一加密及签名得到，所述第一订单包括所述车载终端的第一信息；The second receiving module is configured to receive the second order from the server, wherein the second order is obtained by the server performing the first encryption and signature on the first order, and the first order includes the The first information of the vehicle terminal;

第二验签及解密模块，用于对所述第二订单进行第一验签及解密；The second signature verification and decryption module is used to perform the first signature verification and decryption on the second order;

认证模块，用于根据所述第二订单完成支付认证；an authentication module, configured to complete payment authentication according to the second order;

第二加密及签名模块，用于将所述第二订单及服务器下发的支付凭证进行第二加密及签名，得到第三订单，所述第三订单包括所述支付凭证；以及A second encryption and signature module, configured to perform second encryption and signature on the second order and the payment certificate issued by the server to obtain a third order, and the third order includes the payment certificate; and

所述第二发送模块，用于向所述服务器发送所述第三订单，所述第三订单用于所述服务器执行以下操作：对经所述第三订单进行第二验签及解密，以完成付款。The second sending module is configured to send the third order to the server, and the third order is used for the server to perform the following operations: performing a second signature verification and decryption on the third order, to payment completed.

可选地，所述车载终端存储有服务器公钥；所述第二验签及解密模块，具体用于采用所述服务器公钥及所述车载终端私钥分别对所述第二订单进行第一验签及解密，根据所述第二订单完成所述车载终端所关联用户的生命体征认证。Optionally, the vehicle-mounted terminal stores a server public key; the second signature verification and decryption module is specifically configured to use the server public key and the vehicle-mounted terminal private key to perform a first order on the second order respectively. The signature verification and decryption are performed, and the vital sign authentication of the user associated with the vehicle terminal is completed according to the second order.

可选地，所述第二加密及签名模块，具体用于将所述第二订单及服务器下发的支付凭证采用所述支付凭证公钥及所述车载终端私钥分别进行第二加密及签名后，得到第三订单；Optionally, the second encryption and signature module is specifically configured to use the payment certificate public key and the vehicle terminal private key for the second order and the payment certificate issued by the server to perform second encryption and signature respectively. After that, get the third order;

所述第二发送模块具体还用于向所述服务器发送所述第三订单，所述第三订单用于所述服务器执行以下步骤：采用所述车载终端公钥及所述支付凭证私钥，对经所述第三订单进行第二验签及解密，以完成付款。The second sending module is further configured to send the third order to the server, and the third order is used for the server to perform the following steps: using the on-board terminal public key and the payment voucher private key, The second signature verification and decryption are performed on the third order to complete the payment.

可选地，Optionally,

所述第二加密及签名模块还用于对所述车载终端所关联的用户的支付账户进行第三加密及签名，得到第二信息；The second encryption and signature module is further configured to perform third encryption and signature on the payment account of the user associated with the vehicle-mounted terminal to obtain second information;

所述第二发送模块还用于向所述服务器发送所述第二信息，所述第二信息用于所述服务器执行以下步骤：对所述第二信息进行第三验签及解密，以获得所述车载终端所关联的用户的支付账户，并向所述车载终端发送第一验证信息，以进行身份验证；The second sending module is further configured to send the second information to the server, and the second information is used for the server to perform the following steps: performing a third signature verification and decryption on the second information to obtain the payment account of the user associated with the vehicle-mounted terminal, and send the first verification information to the vehicle-mounted terminal for identity verification;

所述第二加密及签名模块还用于输入来自所述服务器的第一验证信息，对所述第一验证信息进行第四加密及签名，得到第二验证信息，向所述服务器发送所述第二验证信息；所述第二验证信息用于所述服务器执行以下步骤：对所述第二验证信息进行第四验签及解密，根据所述第二验证信息及所述第二信息生成第三信息，所述第三信息包括支付凭证、支付凭证公钥及支付凭证私钥，并将所述第二信息及所述第三信息绑定并保存；The second encryption and signature module is further configured to input the first verification information from the server, perform fourth encryption and signature on the first verification information, obtain second verification information, and send the first verification information to the server. Second verification information; the second verification information is used by the server to perform the following steps: performing a fourth signature verification and decryption on the second verification information, and generating a third verification information according to the second verification information and the second information. information, the third information includes the payment certificate, the payment certificate public key and the payment certificate private key, and the second information and the third information are bound and saved;

所述第二接收模块还用于接收来自所述服务器的所述支付凭证及支付凭证公钥；The second receiving module is further configured to receive the payment certificate and the payment certificate public key from the server;

所述支付装置还包括第二存储模块，用于将所述支付凭证、所述支付凭证公钥、所述支付账户及所述车载终端所关联的用户的生命体征绑定并保存。The payment device further includes a second storage module for binding and saving the payment certificate, the payment certificate public key, the payment account and the vital signs of the user associated with the vehicle-mounted terminal.

基于同样的发明构思，本申请实施例还提供一种计算机可读存储介质，所述计算机可读存储介质存储有可执行程序代码，所述计算机可执行程序代码用于使计算机执行上述的车载终端支付方法。Based on the same inventive concept, an embodiment of the present application further provides a computer-readable storage medium, where the computer-readable storage medium stores executable program codes, and the computer-executable program codes are used to enable a computer to execute the above-mentioned vehicle-mounted terminal payment method.

基于同样的发明构思，本申请实施例还提供一种电子设备，包括处理器和存储器，所述存储器存储有可被所述处理器执行的程序代码，当所述程序代码被所述处理器调用并执行时，执行上述的车载终端支付方法。Based on the same inventive concept, an embodiment of the present application further provides an electronic device, including a processor and a memory, where the memory stores program codes that can be executed by the processor, and when the program codes are called by the processor And when executed, the above-mentioned vehicle terminal payment method is executed.

由此，本申请的车载终端支付方法，在支付过程中对车载终端和服务器之间的来往信息进行加密及签名，并在支付时进行支付认证，使得本申请的车载终端支付方法安全性高，同时，整个过程主要由车载终端及服务器来完成，人为操作少，使用简便。Therefore, the vehicle-mounted terminal payment method of the present application encrypts and signs the exchange information between the vehicle-mounted terminal and the server during the payment process, and performs payment authentication during payment, so that the vehicle-mounted terminal payment method of the present application has high security. At the same time, the whole process is mainly completed by the vehicle terminal and the server, which requires less manual operation and is easy to use.

附图说明Description of drawings

为更清楚地阐述本申请的构造特征和功效，下面结合附图与具体实施例来对其进行详细说明。In order to illustrate the structural features and effects of the present application more clearly, the following detailed description will be given in conjunction with the accompanying drawings and specific embodiments.

图1是本申请一实施例的车载终端支付系统结构示意图；1 is a schematic structural diagram of a vehicle-mounted terminal payment system according to an embodiment of the present application;

图2是本申请另一实施例的车载终端支付系统结构示意图；2 is a schematic structural diagram of a vehicle-mounted terminal payment system according to another embodiment of the present application;

图3是本申请一实施例的车载终端支付方法的流程示意图；3 is a schematic flowchart of a vehicle-mounted terminal payment method according to an embodiment of the present application;

图4是本申请又一实施例的车载终端支付方法的流程示意图；4 is a schematic flowchart of a vehicle-mounted terminal payment method according to another embodiment of the present application;

图5是本申请再一实施例的车载终端支付方法的流程示意图；5 is a schematic flowchart of a vehicle-mounted terminal payment method according to still another embodiment of the present application;

图6是本申请再一实施例的车载终端支付方法的流程示意图；6 is a schematic flowchart of a vehicle-mounted terminal payment method according to still another embodiment of the present application;

图7是本申请一实施例的车载终端支付装置的结构框图；7 is a structural block diagram of a vehicle-mounted terminal payment device according to an embodiment of the present application;

图8是本申请又一实施例的车载终端支付装置的结构框图；8 is a structural block diagram of a vehicle-mounted terminal payment device according to another embodiment of the present application;

图9是本申请一实施例的电子设备的结构示意图。FIG. 9 is a schematic structural diagram of an electronic device according to an embodiment of the present application.

具体实施方式Detailed ways

下面将结合本申请实施例中的附图，对本申请实施例中的技术方案进行清楚、完整地描述。显然，所描述的实施例是本申请的一部分实施例，而不是全部实施例。基于本申请中的实施例，本领域普通技术人员在没有做出创造性劳动的前提下所获得的所有其他实施例，都应属于本申请保护的范围。The technical solutions in the embodiments of the present application will be clearly and completely described below with reference to the accompanying drawings in the embodiments of the present application. Obviously, the described embodiments are some, but not all, embodiments of the present application. Based on the embodiments in the present application, all other embodiments obtained by those of ordinary skill in the art without creative work shall fall within the protection scope of the present application.

请参见图1，图1为本申请一实施例的一种车载终端支付系统100，其可以用于运行本申请一些实施例的车载终端支付方法，该车载终端支付系统100包括车载终端110、服务器130及移动终端150。服务器130分别与车载终端110及移动终端150通信连接。移动终端150为车载终端110所关联的用户的移动终端150。车载终端110具有车载终端公钥及车载终端私钥。服务器130具有服务器公钥及服务器私钥。Please refer to FIG. 1. FIG. 1 is a vehicle-mountedterminal payment system 100 according to an embodiment of the application, which can be used to run the vehicle-mounted terminal payment methods of some embodiments of the present application. The vehicle-mountedterminal payment system 100 includes a vehicle-mountedterminal 110, aserver 130 andmobile terminal 150. Theserver 130 is connected in communication with the vehicle-mountedterminal 110 and themobile terminal 150 , respectively. Themobile terminal 150 is themobile terminal 150 of the user associated with the vehicle-mountedterminal 110 . The in-vehicle terminal 110 has the in-vehicle terminal public key and the in-vehicle terminal private key. Theserver 130 has a server public key and a server private key.

请参见图2，图2为本申请另一实施例的一种车载终端支付系统100，其可以用于运行本申请另一些实施例的车载终端支付方法，该车载终端支付系统100包括车载终端110及服务器130。服务器130与车载终端110通信连接。车载终端110具有车载终端公钥及车载终端私钥。服务器130具有服务器公钥及服务器私钥。Please refer to FIG. 2 . FIG. 2 is a vehicle-mountedterminal payment system 100 according to another embodiment of the present application, which can be used to execute the vehicle-mounted terminal payment methods of other embodiments of the present application. The vehicle-mountedterminal payment system 100 includes a vehicle-mountedterminal 110 andserver 130. Theserver 130 is connected to the in-vehicle terminal 110 for communication. The in-vehicle terminal 110 has the in-vehicle terminal public key and the in-vehicle terminal private key. Theserver 130 has a server public key and a server private key.

请参见图3，本申请实施例的车载终端支付方法，应用于服务器，所述支付方法包括：Referring to FIG. 3 , the vehicle-mounted terminal payment method according to the embodiment of the present application is applied to the server, and the payment method includes:

S201，接收第一订单，所述第一订单包括所述车载终端的第一信息；S201, receiving a first order, where the first order includes first information of the vehicle-mounted terminal;

具体地，车载终端或商户生成第一订单后，向服务器发送用户消费的第一订单(例如停车、加油、保养、维修等账单)，服务器接收第一订单，其中，第一订单包括车载终端的第一信息、该车载终端的消费事项、消费金额、交易时间等，第一信息包括但不限于包括车牌、车型及车载终端的关联用户(如拥有者)等信息。Specifically, after the vehicle-mounted terminal or the merchant generates the first order, it sends the first order consumed by the user (such as bills for parking, fueling, maintenance, repair, etc.) to the server, and the server receives the first order, where the first order includes the The first information, the consumption items of the vehicle terminal, the consumption amount, the transaction time, etc. The first information includes but is not limited to information including the license plate, the vehicle model, and the associated user (eg owner) of the vehicle terminal.

S202，对所述第一订单进行第一加密及签名，得到第二订单；S202, performing first encryption and signature on the first order to obtain a second order;

可选地，服务器预先生成服务器公钥和服务器私钥。车载终端在投入使用前，例如在车辆出厂前，在安全环境内(例如工厂)预先生成车载终端公钥和车载终端私钥。并在安全环境内将服务器公钥存储至车载终端中，同时，将车载终端的车载终端公钥交付给服务器存储。Optionally, the server pre-generates the server public key and the server private key. Before the in-vehicle terminal is put into use, for example, before the vehicle leaves the factory, the in-vehicle terminal public key and the in-vehicle terminal private key are pre-generated in a secure environment (such as a factory). The server public key is stored in the vehicle terminal in a secure environment, and at the same time, the vehicle terminal public key of the vehicle terminal is delivered to the server for storage.

具体地，采用所述车载终端公钥及所述服务器私钥分别对所述第一订单进行第一加密及签名，得到第二订单。Specifically, firstly encrypting and signing the first order by using the on-board terminal public key and the server private key, respectively, to obtain a second order.

S203，向所述车载终端发送所述第二订单，所述第二订单用于所述车载终端执行以下操作：对所述第二订单进行第一验签及解密，根据所述第二订单完成支付认证，并将所述第二订单和所述服务器下发的支付凭证进行第二加密及签名，得到第三订单，以及向所述服务器发送所述第三订单，所述第三订单包括所述支付凭证；S203: Send the second order to the vehicle-mounted terminal, where the second order is used by the vehicle-mounted terminal to perform the following operations: perform a first signature verification and decryption on the second order, and complete the second order according to the second order. payment authentication, and perform second encryption and signature on the second order and the payment voucher issued by the server to obtain a third order, and send the third order to the server, where the third order includes all the payment certificate;

具体地，向所述车载终端发送所述第二订单，所述第二订单用于所述车载终端执行以下操作：采用所述服务器公钥及所述车载终端私钥分别对所述第二订单进行第一验签及解密，根据所述第二订单完成所述车载终端所关联用户的生命体征认证，并采用所述支付凭证公钥及所述车载终端私钥分别对所述第二订单及服务器下发的支付凭证进行第二加密及签名，得到第三订单，以及向所述服务器发送所述第三订单。Specifically, the second order is sent to the vehicle-mounted terminal, and the second order is used for the vehicle-mounted terminal to perform the following operations: using the server public key and the vehicle-mounted terminal private key to respectively perform the following operations on the second order Perform the first signature verification and decryption, complete the vital signs authentication of the user associated with the vehicle terminal according to the second order, and use the public key of the payment certificate and the private key of the vehicle terminal to verify the second order and the vehicle terminal respectively. The payment voucher issued by the server is secondly encrypted and signed to obtain a third order, and the third order is sent to the server.

具体地，车载终端根据所述第二订单完成所述车载终端所关联用户的生命体征认证，具体包括：Specifically, the vehicle-mounted terminal completes the vital sign authentication of the user associated with the vehicle-mounted terminal according to the second order, which specifically includes:

所述车载终端采集当前操作者的生命体征信息，例如人脸信息、指纹信息等；The vehicle terminal collects vital sign information of the current operator, such as face information, fingerprint information, etc.;

所述车载终端采集到的当前操作者的生命体征信息与所述车载终端存储的所述车载终端所关联用户的生命体征信息进行比较；comparing the vital sign information of the current operator collected by the vehicle-mounted terminal with the vital-sign information of the user associated with the vehicle-mounted terminal stored in the vehicle-mounted terminal;

若所述当前操作者的生命体征信息与所述车载终端所关联用户的生命体征信息相符，则完成生命体征认证。If the vital sign information of the current operator matches the vital sign information of the user associated with the in-vehicle terminal, the vital sign authentication is completed.

S204，接收来自所述车载终端的所述第三订单；以及S204, receiving the third order from the in-vehicle terminal; and

具体地，接收车载终端发送的所述第三订单；Specifically, receiving the third order sent by the vehicle-mounted terminal;

S205，对所述第三订单进行第二验签及解密，以完成付款。S205, performing a second signature verification and decryption on the third order to complete payment.

具体地，采用所述车载终端公钥及所述支付凭证私钥对所述第三订单进行第二验签及解密，以完成付款。Specifically, the second signature verification and decryption are performed on the third order by using the public key of the vehicle terminal and the private key of the payment certificate, so as to complete the payment.

本实施例的方法可以由图2的车载终端支付系统来执行。The method of this embodiment may be executed by the vehicle terminal payment system of FIG. 2 .

请参见图4，可选地，在一些实施例中，在步骤S201之前，所述支付方法还包括：Referring to FIG. 4, optionally, in some embodiments, before step S201, the payment method further includes:

S301，接收来自所述车载终端的第二信息，其中，所述第二信息被所述车载终端进行了第三加密及签名，所述第二信息包括所述车载终端所关联的用户的支付账户；S301: Receive second information from the vehicle-mounted terminal, wherein the second information is thirdly encrypted and signed by the vehicle-mounted terminal, and the second information includes a payment account of a user associated with the vehicle-mounted terminal ;

具体地，车载终端将用于付款的车载终端所关联用户的支付账户、车牌、车型、车载终端所关联用户(拥有者)等信息，采用服务器公钥及车载终端私钥分别进行第三加密及签名，得到第二信息，并向服务器发送所述第二信息，服务器接收来自车载终端第二信息。Specifically, the in-vehicle terminal uses the server public key and the in-vehicle terminal private key to respectively perform third encryption and encryption on the payment account, license plate, model, and user (owner) associated with the in-vehicle terminal used for payment. Sign, obtain the second information, and send the second information to the server, and the server receives the second information from the vehicle terminal.

S302，对所述第二信息进行第三验签及解密，以获得所述车载终端所关联的用户的支付账户；S302, performing a third signature verification and decryption on the second information to obtain the payment account of the user associated with the vehicle-mounted terminal;

具体地，所述服务器采用所述车载终端公钥及所述服务器私钥分别对所述第二信息进行第三验签及解密，以获得所述车载终端所关联的用户的支付账户。Specifically, the server uses the on-board terminal public key and the server private key to respectively perform a third signature verification and decryption on the second information, so as to obtain the payment account of the user associated with the on-board terminal.

S303，向所述车载终端所关联的用户的移动终端发送第一验证信息，所述验证信息用于所述车载终端执行以下步骤：将所述第一验证信息进行第四加密及签名，得到第二验证信息，向所述服务器发送所述第二验证信息；S303: Send first verification information to the mobile terminal of the user associated with the vehicle-mounted terminal, where the verification information is used by the vehicle-mounted terminal to perform the following steps: performing fourth encryption and signature on the first verification information to obtain the first verification information. Second verification information, sending the second verification information to the server;

具体地，所述服务器向所述车载终端所关联的用户的移动终端发送第一验证信息，所述验证信息用于所述车载终端执行以下步骤：采用服务器公钥及车载终端私钥分别对所述第一验证信息进行第四加密及签名，得到第二验证信息，向所述服务器发送所述第二验证信息。Specifically, the server sends the first verification information to the mobile terminal of the user associated with the vehicle-mounted terminal, and the verification information is used for the vehicle-mounted terminal to perform the following steps: using the server public key and the vehicle-mounted terminal private key to respectively The first verification information is subjected to fourth encryption and signature to obtain second verification information, and the second verification information is sent to the server.

S304，对所述第二验证信息进行第四验签及解密，并根据所述第二验证信息及所述第二信息生成第三信息，所述第三信息包括支付凭证、支付凭证公钥及支付凭证私钥；S304: Perform fourth signature verification and decryption on the second verification information, and generate third information according to the second verification information and the second information, where the third information includes a payment certificate, a payment certificate public key and Payment certificate private key;

具体地，所述服务器接收来自车载终端的第二验证信息，采用所述车载终端公钥及所述服务器私钥分别对第二验证信息进行第四验签及解密，验证成功后，根据所述第二验证信息及所述第二信息生成第三信息，所述第三信息包括支付凭证、支付凭证公钥及支付凭证私钥。Specifically, the server receives the second verification information from the vehicle terminal, and uses the vehicle terminal public key and the server private key to respectively perform a fourth signature verification and decryption on the second verification information. The second verification information and the second information generate third information, where the third information includes a payment certificate, a public key of the payment certificate, and a private key of the payment certificate.

S305，将所述第二信息及所述第三信息绑定并保存；S305, binding and saving the second information and the third information;

具体地，所述服务器将第二信息(第二信息包括车载终端所关联用户的支付账户、车载终端公钥、车牌、车型、车载终端所关联用户等)及所述第三信息(第三信息包括支付凭证、支付凭证公钥及支付凭证私钥等)绑定并进行保存。Specifically, the server combines the second information (the second information includes the payment account of the user associated with the vehicle terminal, the public key of the vehicle terminal, the license plate, the model, the user associated with the vehicle terminal, etc.) and the third information (the third information Including payment certificate, payment certificate public key and payment certificate private key, etc.) are bound and saved.

S306，向所述车载终端发送所述支付凭证及支付凭证公钥，所述支付凭证及支付凭证公钥用于所述车载终端执行以下步骤：将所述支付凭证、所述支付凭证公钥、支付账户及所述车载终端所关联的用户生命体征绑定并保存。S306: Send the payment certificate and the public key of the payment certificate to the vehicle-mounted terminal, where the payment certificate and the public key of the payment certificate are used by the vehicle-mounted terminal to perform the following steps: send the payment certificate, the public key of the payment certificate, The payment account and the user vital signs associated with the vehicle terminal are bound and saved.

本实施例的方法可以由图1的车载终端支付系统来执行。The method of this embodiment may be executed by the vehicle terminal payment system in FIG. 1 .

本申请的车载终端支付方法，在支付过程中对车载终端和服务器之间的来往信息进行加密及签名，并在支付时进行支付认证，使得本申请的车载终端支付方法安全性高，同时，整个过程主要由车载终端及服务器来完成，人为操作少，使用简便。The vehicle-mounted terminal payment method of the present application encrypts and signs the exchange information between the vehicle-mounted terminal and the server during the payment process, and performs payment authentication during payment, so that the vehicle-mounted terminal payment method of the present application has high security. The process is mainly completed by the vehicle terminal and the server, with less manual operation and easy to use.

请参见图5，本申请实施例还提供了一种车载终端支付方法，应用于车载终端，所述支付方法包括：Referring to FIG. 5 , an embodiment of the present application further provides a vehicle-mounted terminal payment method, which is applied to the vehicle-mounted terminal, and the payment method includes:

S401，接收来自所述服务器的所述第二订单，其中，所述第二订单由所述服务器对第一订单进行第一加密及签名得到，所述第一订单包括所述车载终端的第一信息；S401. Receive the second order from the server, wherein the second order is obtained by the server performing first encryption and signature on the first order, and the first order includes the first order of the vehicle terminal. information;

具体地，车载终端或商户生成第一订单后，向服务器发送用户消费的第一订单(例如停车、加油、保养、维修等账单)，所述第一订单包括车载终端的第一信息、该车载终端的消费事项、消费金额及交易时间等。第一信息包括但不限于包括车牌、车型及车载终端的关联用户(如拥有者)等信息。Specifically, after the vehicle-mounted terminal or the merchant generates the first order, it sends to the server the first order consumed by the user (for example, bills for parking, refueling, maintenance, repair, etc.), where the first order includes the first information of the vehicle-mounted terminal, the vehicle-mounted terminal, and the Terminal consumption items, consumption amount and transaction time, etc. The first information includes, but is not limited to, information including license plates, vehicle models, and associated users (eg, owners) of the in-vehicle terminal.

具体地，所述第一订单用于所述服务器执行以下操作：所述服务器采用所述车载终端公钥及所述服务器私钥分别对所述第一订单进行第一加密及签名，得到第二订单，并向车载终端发送第二订单。相应地，所述车载终端接收来自所述服务器的所述第二订单。Specifically, the first order is used by the server to perform the following operations: the server uses the vehicle terminal public key and the server private key to first encrypt and sign the first order, respectively, to obtain the second order. order, and send the second order to the vehicle terminal. Accordingly, the vehicle-mounted terminal receives the second order from the server.

S402，对所述第二订单进行第一验签及解密，根据所述第二订单完成支付认证；S402, performing a first signature verification and decryption on the second order, and completing payment authentication according to the second order;

具体地，采用所述服务器公钥及所述车载终端私钥分别对所述第二订单进行第一验签及解密，根据所述第二订单完成所述车载终端所关联用户的生命体征认证。Specifically, the first signature verification and decryption of the second order are performed using the server public key and the vehicle-mounted terminal private key, respectively, and the vital signs authentication of the user associated with the vehicle-mounted terminal is completed according to the second order.

所述车载终端采集当前操作者的生命体征信息，例如人脸信息、指纹信息等；The vehicle-mounted terminal collects the vital sign information of the current operator, such as face information, fingerprint information, etc.;

S403，将所述第二订单及服务器下发的支付凭证进行第二加密及签名，得到第三订单，所述第三订单包括所述支付凭证；以及S403, performing second encryption and signature on the second order and the payment voucher issued by the server to obtain a third order, where the third order includes the payment voucher; and

具体地，将所述第二订单及服务器下发的支付凭证采用所述第一支付凭证公钥及所述车载终端私钥分别进行第二加密及签名后，得到第三订，第三订单包括支付凭证。Specifically, after the second order and the payment certificate issued by the server are separately encrypted and signed by the public key of the first payment certificate and the private key of the vehicle terminal, a third order is obtained, and the third order includes proof of payment.

S404，向所述服务器发送所述第三订单，所述第三订单用于所述服务器执行以下操作：对经所述第三订单进行第二验签及解密，以完成付款。S404: Send the third order to the server, where the third order is used for the server to perform the following operations: perform a second signature verification and decryption on the third order to complete payment.

具体地，向所述服务器发送所述第三订单，所述第三订单用于所述服务器执行以下操作：对采用所述车载终端公钥及所述支付凭证私钥，对经所述第三订单进行第二验签及解密，以完成付款。Specifically, the third order is sent to the server, and the third order is used for the server to perform the following operations: using the on-board terminal public key and the payment voucher private key, The order undergoes a second signature verification and decryption to complete the payment.

请参见图6，可选地，在步骤S401之前，所述支付方法还包括：Please refer to FIG. 6, optionally, before step S401, the payment method further includes:

S501，对车载终端所关联的用户的支付账户进行第三加密及签名，得到第二信息；S501, performing third encryption and signature on the payment account of the user associated with the vehicle-mounted terminal to obtain second information;

具体地，车载终端将用于付款的车载终端所关联用户的支付账户、车牌、车型、车载终端所关联用户(拥有者)等信息，采用服务器公钥及车载终端私钥分别进行第三加密及签名，得到第二信息。所述第二信息包括所述车载终端所关联的用户的支付账户。Specifically, the in-vehicle terminal uses the server public key and the in-vehicle terminal private key to respectively perform third encryption and encryption on the payment account, license plate, model, and user (owner) associated with the in-vehicle terminal used for payment. Sign to get the second information. The second information includes the payment account of the user associated with the in-vehicle terminal.

S502，向所述服务器发送所述第二信息，所述第二信息用于所述服务器执行以下步骤：对所述第二信息进行第三验签及解密，以获得所述车载终端所关联的用户的支付账户，并向所述车载终端发送第一验证信息，以进行身份验证；S502: Send the second information to the server, where the second information is used by the server to perform the following steps: perform a third signature verification and decryption on the second information, to obtain the information associated with the in-vehicle terminal the user's payment account, and send the first verification information to the vehicle terminal for identity verification;

具体地，车载终端向服务器发送第二消息，所述第二信息用于所述服务器执行以下步骤：所述服务器采用所述车载终端公钥及所述服务器私钥分别对所述第二信息进行第三验签及解密，以获得所述车载终端所关联的用户的支付账户。Specifically, the on-board terminal sends a second message to the server, and the second information is used by the server to perform the following steps: the server uses the on-board terminal public key and the server private key to respectively perform the second message on the second message. The third signature verification and decryption to obtain the payment account of the user associated with the vehicle terminal.

S503，输入来自所述服务器的第一验证信息，对所述第一验证信息进行第四加密及签名，得到第二验证信息，向所述服务器发送所述第二验证信息；所述第二验证信息用于所述服务器执行以下步骤：对所述第二验证信息进行第四验签及解密，根据所述第二验证信息及所述第二信息生成第三信息，所述第三信息包括支付凭证、支付凭证公钥及支付凭证私钥，并将所述第二信息及所述第三信息绑定并保存；S503: Input first verification information from the server, perform fourth encryption and signature on the first verification information, obtain second verification information, and send the second verification information to the server; the second verification information The information is used by the server to perform the following steps: performing a fourth signature verification and decryption on the second verification information, and generating third information according to the second verification information and the second information, and the third information includes payment certificate, payment certificate public key and payment certificate private key, and bind and save the second information and the third information;

具体地，车载终端所关联的用户的移动终端接收到来自服务器的第一验证信息后，将第一验证信息输入车载终端，车载终端采用服务器公钥及车载终端私钥分别对第一验证信息进行第四加密及签名，得到第二验证信息，并向述服务器发送所述第二验证信息。Specifically, after receiving the first verification information from the server, the mobile terminal of the user associated with the vehicle-mounted terminal inputs the first verification information into the vehicle-mounted terminal, and the vehicle-mounted terminal uses the server public key and the vehicle-mounted terminal private key to perform the first verification information respectively. Fourthly, encrypt and sign to obtain second verification information, and send the second verification information to the server.

具体地，所述第二验证信息用于所述服务器执行以下步骤：采用所述车载终端公钥及所述服务器私钥分别对所述第二验证信息进行第四验签及解密，验证成功后，根据所述第二验证信息及所述第二信息生成第三信息，所述第三信息包括支付凭证、支付凭证公钥及支付凭证私钥，并将所述第二信息及所述第三信息绑定并保存。Specifically, the second verification information is used by the server to perform the following steps: using the vehicle terminal public key and the server private key to perform a fourth signature verification and decryption on the second verification information, respectively, after the verification is successful , generate third information according to the second verification information and the second information, the third information includes the payment certificate, the payment certificate public key and the payment certificate private key, and combine the second information and the third information Information is bound and saved.

S504，接收来自所述服务器的所述支付凭证及支付凭证公钥；S504, receiving the payment certificate and the payment certificate public key from the server;

S505，将所述支付凭证、所述支付凭证公钥、所述支付账户及所述车载终端所关联的用户的生命体征绑定并保存。S505: Bind and save the payment voucher, the payment voucher public key, the payment account, and the vital signs of the user associated with the vehicle-mounted terminal.

具体地，车载终端接收到来自服务器的所述支付凭证及支付凭证公钥后，将所述支付凭证、所述支付凭证公钥、所述支付账户及所述车载终端所关联的用户的生命体征绑定并保存，以便后续该车载终端支付时，进行验证及人生命体征认证。Specifically, after receiving the payment certificate and the public key of the payment certificate from the server, the vehicle-mounted terminal stores the payment certificate, the public key of the payment certificate, the payment account and the vital signs of the user associated with the vehicle-mounted terminal. Bind and save it for verification and vital signs authentication when the vehicle terminal pays later.

请参见图7，本申请实施例还提供一种车载终端支付装置600，应用于服务器，所述支付装置600包括：Referring to FIG. 7 , an embodiment of the present application further provides a vehicle-mountedterminal payment device 600, which is applied to a server, and thepayment device 600 includes:

第一接收模块610，用于接收第一订单，所述第一订单包括所述车载终端的第一信息；afirst receiving module 610, configured to receive a first order, where the first order includes the first information of the vehicle-mounted terminal;

第一加密及签名模块620，用于对所述第一订单进行第一加密及签名，得到第二订单；a first encryption andsignature module 620, configured to perform first encryption and signature on the first order to obtain a second order;

第一发送模块630，用于向所述车载终端发送所述第二订单，所述第二订单用于所述车载终端执行以下操作：对所述第二订单进行第一验签及解密，根据所述第二订单完成支付认证，并将所述第二订单和所述服务器下发的第一支付凭证进行第二加密及签名，得到第三订单，以及向所述服务器发送所述第三订单，所述第三订单包括所述支付凭证；Thefirst sending module 630 is configured to send the second order to the vehicle-mounted terminal, and the second order is used for the vehicle-mounted terminal to perform the following operations: perform a first signature verification and decryption on the second order, according to the The second order completes the payment authentication, and the second order and the first payment voucher issued by the server are encrypted and signed for a second time to obtain a third order, and the third order is sent to the server. , the third order includes the payment voucher;

所述第一接收模块610还用于接收来自所述车载终端的所述第三订单；以及Thefirst receiving module 610 is further configured to receive the third order from the vehicle terminal; and

第一验签及解密模块640，用于对所述第三订单进行第二验签及解密，以完成付款。The first signature verification anddecryption module 640 is configured to perform a second signature verification and decryption on the third order to complete payment.

详细描述请参见本申请上述实施例，在此不再赘述。For detailed description, please refer to the above-mentioned embodiments of the present application, which will not be repeated here.

可选地，所述服务器存储有车载终端公钥；所述第一加密及签名模块620具体用于：采用所述车载终端公钥及所述服务器私钥分别对所述第一订单进行第一加密及签名，得到第二订单；Optionally, the server stores the on-board terminal public key; the first encryption andsignature module 620 is specifically configured to: use the on-board terminal public key and the server private key to perform the first order on the first order respectively. Encrypt and sign to get the second order;

所述第一发送模块630具体用于：向所述车载终端发送所述第二订单，所述第二订单用于所述车载终端执行以下操作：采用所述服务器公钥及所述车载终端私钥分别对所述第二订单进行第一验签及解密，根据所述第二订单完成所述车载终端所关联用户生命体征认证，并采用所述支付凭证公钥及所述车载终端私钥分别对所述第二订单及服务器下发的支付凭证进行第二加密及签名，得到第三订单，以及向所述服务器发送所述第三订单。Thefirst sending module 630 is specifically configured to: send the second order to the vehicle-mounted terminal, where the second order is used for the vehicle-mounted terminal to perform the following operations: using the server public key and the vehicle-mounted terminal private key; The first verification and decryption of the second order are performed with the key of the second order, the verification of the vital signs of the user associated with the vehicle terminal is completed according to the second order, and the public key of the payment certificate and the private key of the vehicle terminal are used to respectively Perform second encryption and signature on the second order and the payment voucher issued by the server to obtain a third order, and send the third order to the server.

可选地，所述第一验签及解密模块640具体用于：采用所述车载终端公钥及所述支付凭证私钥对所述第三订单进行第二验签及解密，以完成付款。Optionally, the first signature verification anddecryption module 640 is specifically configured to: use the vehicle terminal public key and the payment voucher private key to perform a second signature verification and decryption on the third order to complete payment.

可选地，在一些实施例中，所述第一接收模块610还用于接收来自所述车载终端的第二信息，其中，所述第二信息被所述车载终端进行了第三加密及签名，所述第二信息包括所述车载终端所关联的用户的支付账户；Optionally, in some embodiments, thefirst receiving module 610 is further configured to receive second information from the in-vehicle terminal, wherein the second information is thirdly encrypted and signed by the in-vehicle terminal , the second information includes the payment account of the user associated with the vehicle-mounted terminal;

所述第一验签及解密模块640还用于对所述第二信息进行第三验签及解密，以获得所述车载终端所关联的用户的支付账户；The first signature verification anddecryption module 640 is further configured to perform a third signature verification and decryption on the second information to obtain the payment account of the user associated with the vehicle-mounted terminal;

所述第一发送模块630还用于向所述车载终端所关联的用户的移动终端发送第一验证信息，所述验证信息用于所述车载终端执行以下步骤：将所述第一验证信息进行第四加密及签名，得到第二验证信息，向所述服务器发送所述第二验证信息；Thefirst sending module 630 is further configured to send the first verification information to the mobile terminal of the user associated with the vehicle-mounted terminal, where the verification information is used for the vehicle-mounted terminal to perform the following steps: Fourth, encrypt and sign, obtain second verification information, and send the second verification information to the server;

所述第一验签及解密模块640还用于对所述第二验证信息进行第四验签及解密；The first signature verification anddecryption module 640 is further configured to perform a fourth signature verification and decryption on the second verification information;

可选地，所述支付装置600还包括支付凭证生成模块650，用于根据所述第二验证信息及所述第二信息生成第三信息，所述第三信息包括支付凭证、支付凭证公钥及支付凭证私钥；Optionally, thepayment apparatus 600 further includes a paymentvoucher generation module 650, configured to generate third information according to the second verification information and the second information, where the third information includes a payment voucher and a payment voucher public key. and payment certificate private key;

所述支付装置600还包括第一存储模块660，用于将所述第二信息及所述第三信息绑定并保存；Thepayment device 600 further includes afirst storage module 660 for binding and saving the second information and the third information;

所述第一发送模块630还用于向所述车载终端发送所述第二信息的所述支付凭证及支付凭证公钥，所述第二信息的所述支付凭证及支付凭证公钥用于所述车载终端执行以下步骤：将所述支付凭证、所述支付凭证公钥、支付账户及所述车载终端所关联的用户生命体征绑定并保存。Thefirst sending module 630 is further configured to send the payment certificate and payment certificate public key of the second information to the vehicle terminal, and the payment certificate and payment certificate public key of the second information are used for all The vehicle-mounted terminal performs the following steps: binding and saving the payment certificate, the payment certificate public key, the payment account and the user's vital signs associated with the vehicle-mounted terminal.

本申请的车载终端支付装置600，在支付过程中对车载终端和服务器之间的来往信息进行加密及签名，并在支付时进行支付认证，使得本申请的车载终端支付装置600安全性高，同时，整个过程主要由车载终端及服务器来完成，人为操作少，使用简便。The in-vehicleterminal payment device 600 of the present application encrypts and signs the exchange information between the in-vehicle terminal and the server during the payment process, and performs payment authentication during payment, so that the in-vehicleterminal payment device 600 of the present application has high security, and at the same time , The whole process is mainly completed by the vehicle terminal and server, with less manual operation and easy to use.

请参见图8，本申请实施例还提供了一种车载终端支付装置700，应用于车载终端，所述支付装置700包括：Referring to FIG. 8 , an embodiment of the present application further provides a vehicle-mountedterminal payment device 700, which is applied to a vehicle-mounted terminal, and thepayment device 700 includes:

第二接收模块720，用于接收来自所述服务器的所述第二订单，其中，所述第二订单由所述服务器对第一订单进行第一加密及签名得到，所述第一订单包括所述车载终端的第一信息；Thesecond receiving module 720 is configured to receive the second order from the server, wherein the second order is obtained by the server performing the first encryption and signature on the first order, and the first order includes all the first information of the vehicle terminal;

第二验签及解密模块730，用于对所述第二订单进行第一验签及解密；The second signature verification anddecryption module 730 is configured to perform the first signature verification and decryption on the second order;

认证模块740，用于根据所述第二订单完成支付认证；anauthentication module 740, configured to complete payment authentication according to the second order;

第二加密及签名模块750，用于将所述第二订单及服务器下发的支付凭证进行第二加密及签名，得到第三订单，所述第三订单包括所述支付凭证；以及The second encryption andsignature module 750 is configured to perform second encryption and signature on the second order and the payment certificate issued by the server to obtain a third order, and the third order includes the payment certificate; and

第二发送模块710，用于向所述服务器发送所述第三订单，所述第三订单用于所述服务器执行以下操作：对经所述第三订单进行第二验签及解密，以完成付款。Thesecond sending module 710 is configured to send the third order to the server, where the third order is used for the server to perform the following operations: perform a second signature verification and decryption on the third order to complete the Payment.

可选地，所述车载终端存储有服务器公钥；所述第二验签及解密模块730，具体用于采用所述服务器公钥及所述车载终端私钥分别对所述第二订单进行第一验签及解密，根据所述第二订单完成所述车载终端所关联用户的生命体征认证。Optionally, the on-board terminal stores a server public key; the second signature verification anddecryption module 730 is specifically configured to use the server public key and the on-board terminal private key to perform the first order on the second order respectively. Once the signature is verified and decrypted, the verification of the vital signs of the user associated with the vehicle terminal is completed according to the second order.

可选地，所述第二加密及签名模块750，具体用于将所述第二订单及服务器下发的支付凭证采用所述支付凭证公钥及所述车载终端私钥分别进行第二加密及签名后，得到第三订单；Optionally, the second encryption andsignature module 750 is specifically configured to use the payment certificate public key and the vehicle-mounted terminal private key for the second order and the payment certificate issued by the server to perform second encryption and After signing, get the third order;

所述第二发送模块710具体还用于向所述服务器发送所述第三订单，所述第三订单用于所述服务器执行以下步骤：采用所述车载终端公钥及所述支付凭证私钥，对经所述第三订单进行第二验签及解密，以完成付款。Thesecond sending module 710 is further configured to send the third order to the server, and the third order is used for the server to perform the following steps: using the public key of the vehicle terminal and the private key of the payment certificate. , and perform the second signature verification and decryption on the third order to complete the payment.

可选地，在一些实施例中，所述第二加密及签名模块750还用于对所述车载终端所关联的用户的支付账户进行第三加密及签名，得到第二信息；Optionally, in some embodiments, the second encryption andsignature module 750 is further configured to perform third encryption and signature on the payment account of the user associated with the in-vehicle terminal to obtain the second information;

第二发送模块710还用于向所述服务器发送所述第二信息，所述第二信息用于所述服务器执行以下步骤：对所述第二信息进行第三验签及解密，以获得所述车载终端所关联的用户的支付账户，并向所述车载终端发送第一验证信息，以进行身份验证；Thesecond sending module 710 is further configured to send the second information to the server, where the second information is used for the server to perform the following steps: performing a third signature verification and decryption on the second information to obtain all the payment account of the user associated with the vehicle-mounted terminal, and send the first verification information to the vehicle-mounted terminal for identity verification;

所述第二加密及签名模块750还用于输入来自所述服务器的第一验证信息，对所述第一验证信息进行第四加密及签名，得到第二验证信息，向所述服务器发送所述第二验证信息；所述第二验证信息用于所述服务器执行以下步骤：对所述第二验证信息进行第四验签及解密，根据所述第二验证信息及所述第二信息生成第三信息，所述第三信息包括支付凭证、支付凭证公钥及支付凭证私钥，并将所述第二信息及所述第三信息绑定并保存；The second encryption andsignature module 750 is further configured to input the first verification information from the server, perform fourth encryption and signature on the first verification information, obtain the second verification information, and send the second verification information to the server. second verification information; the second verification information is used by the server to perform the following steps: performing a fourth signature verification and decryption on the second verification information, and generating a first verification information according to the second verification information and the second information. Three information, the third information includes the payment certificate, the public key of the payment certificate and the private key of the payment certificate, and the second information and the third information are bound and saved;

所述第二接收模块720还用于接收来自所述服务器的所述支付凭证及支付凭证公钥；Thesecond receiving module 720 is further configured to receive the payment certificate and the payment certificate public key from the server;

所述支付装置700还包括第二存储模块760，用于将所述支付凭证、所述支付凭证公钥、所述支付账户及所述车载终端所关联的用户的生命体征绑定并保存。Thepayment device 700 further includes asecond storage module 760 for binding and saving the payment certificate, the payment certificate public key, the payment account and the vital signs of the user associated with the vehicle-mounted terminal.

本申请的车载终端支付装置700，在支付过程中对车载终端和服务器之间的来往信息进行加密及签名，并在支付时进行支付认证，使得本申请的车载终端支付装置700安全性高，同时，整个过程主要由车载终端及服务器来完成，人为操作少，使用简便。The in-vehicleterminal payment device 700 of the present application encrypts and signs the exchange information between the in-vehicle terminal and the server during the payment process, and performs payment authentication during payment, so that the in-vehicleterminal payment device 700 of the present application has high security and at the same time , The whole process is mainly completed by the vehicle terminal and server, with less manual operation and easy to use.

本申请实施例还提供一种计算机可读存储介质，该计算机可读存储介质存储有可执行程序代码，该计算机可执行程序代码用于使计算机执行本申请实施例的车载终端支付方法。Embodiments of the present application further provide a computer-readable storage medium, where executable program codes are stored in the computer-readable storage medium, and the computer-executable program codes are used to enable a computer to execute the vehicle-mounted terminal payment method of the embodiments of the present application.

请参见图9，本申请实施例还提供一种电子设备800，其包括处理器810和存储器830，存储器830存储有可被处理器810执行的程序代码，当程序代码被处理器810调用并执行时，执行本申请实施例的车载终端支付方法。Referring to FIG. 9 , an embodiment of the present application further provides anelectronic device 800, which includes aprocessor 810 and amemory 830. Thememory 830 stores program codes that can be executed by theprocessor 810. When the program codes are called and executed by theprocessor 810 , the vehicle-mounted terminal payment method of the embodiment of the present application is executed.

存储器830作为一种非易失性计算机可读存储介质，可用于存储非易失性软件程序、非易失性计算机可执行程序以及模块，如本发明实施例中的车载终端支付方法对应的程序指令/模块。处理器810通过运行存储在存储器830中的非易失性软件程序、指令以及模块，从而执行服务器的各种功能应用以及数据处理，即实现上述方法实施例的车载终端支付方法。Thememory 830, as a non-volatile computer-readable storage medium, can be used to store non-volatile software programs, non-volatile computer-executable programs and modules, such as programs corresponding to the vehicle-mounted terminal payment method in the embodiment of the present invention Directive/Module. Theprocessor 810 executes various functional applications and data processing of the server by running the non-volatile software programs, instructions and modules stored in thememory 830, that is, to implement the vehicle terminal payment method of the above method embodiments.

可以包括随机存取存储器(Random Access Memory，RAM)、只读存储器(Read-OnlyMemory，ROM)、电可擦可编程只读存储器(Electrically Erasable Programmable Read-Only Memory，EEPROM)、只读光盘(Compact Disc Read-Only Memory，CD-ROM)或其他光盘存储、磁盘存储介质或者其他磁存储设备、或者能够用于携带或存储具有指令或数据结构形式的期望的程序代码并能够由计算机存取的任何其他介质。此外。任何连接可以适当的成为计算机可读介质。例如，如果软件是使用同轴电缆、光纤光缆、双绞线、数字用户线(Digital Subscriber Line，DSL)或者诸如红外线、无线电和微波之类的无线技术从网站、服务器或者其他远程源传输的，那么同轴电缆、光纤光缆、双绞线、DSL或者诸如红外线、无线和微波之类的无线技术包括在所属介质的定影中。如本发明所使用的，盘(Disk)和碟(disc)包括压缩光碟(CD)、激光碟、光碟、数字通用光碟(DVD)、软盘和蓝光光碟，其中盘通常磁性的复制数据，而碟则用激光来光学的复制数据。上面的组合也应当包括在计算机可读介质的保护范围之内。Can include random access memory (Random Access Memory, RAM), read-only memory (Read-Only Memory, ROM), Electrically Erasable Programmable Read-Only Memory (Electrically Erasable Programmable Read-Only Memory, EEPROM), CD-ROM (Compact Disc Read-Only Memory, CD-ROM) or other optical disk storage, magnetic disk storage medium, or other magnetic storage device, or any other device capable of carrying or storing desired program code in the form of instructions or data structures and capable of being accessed by a computer other media. also. Any connection can be appropriately made into a computer-readable medium. For example, if the software is transmitted from a website, server, or other remote source using coaxial cable, fiber optic cable, twisted pair, Digital Subscriber Line (DSL), or wireless technologies such as infrared, radio, and microwave, Then coaxial cable, fiber optic cable, twisted pair, DSL, or wireless technologies such as infrared, wireless, and microwave are included in the fusing of the pertinent medium. Disk and disc, as used herein, includes compact disc (CD), laser disc, optical disc, digital versatile disc (DVD), floppy disk, and blu-ray disc, where disks usually reproduce data magnetically, and discs Lasers are used to optically copy data. Combinations of the above should also be included within the scope of computer-readable media.

本发明的电子设备800包括但不限于车载终端、服务器、电脑、笔记本电脑、平板电脑、手机等可以存储程序代码，并执行本申请车载终端支付方法的设备。Theelectronic device 800 of the present invention includes, but is not limited to, vehicle-mounted terminals, servers, computers, notebook computers, tablet computers, mobile phones, and other equipment that can store program codes and execute the vehicle-mounted terminal payment method of the present application.

以上所述，仅为本申请的具体实施方式，但本申请的保护范围并不局限于此，任何熟悉本技术领域的技术人员在本申请揭露的技术范围内，可轻易的想到各种等效的修改或替换，这些修改或替换都应涵盖在本申请的保护范围之内。因此，本申请的保护范围应以权利要求的保护范围为准。The above descriptions are only specific embodiments of the present application, but the protection scope of the present application is not limited to this. Any person skilled in the art can easily think of various equivalents within the technical scope disclosed in the present application. Modifications or substitutions of the present application shall be included within the scope of protection of the present application. Therefore, the protection scope of the present application shall be subject to the protection scope of the claims.