CN115271716A - Cross-domain financial transaction verification method, device and system - Google Patents
Cross-domain financial transaction verification method, device and systemDownload PDFInfo
- Publication number
- CN115271716A CN115271716ACN202210723257.4ACN202210723257ACN115271716ACN 115271716 ACN115271716 ACN 115271716ACN 202210723257 ACN202210723257 ACN 202210723257ACN 115271716 ACN115271716 ACN 115271716A
- Authority
- CN
- China
- Prior art keywords
- signature
- financial transaction
- verification
- generation request
- original
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Pending
Links
Images
Classifications
- G—PHYSICS
- G06—COMPUTING OR CALCULATING; COUNTING
- G06Q—INFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES, NOT OTHERWISE PROVIDED FOR
- G06Q20/00—Payment architectures, schemes or protocols
- G06Q20/38—Payment protocols; Details thereof
- G06Q20/382—Payment protocols; Details thereof insuring higher security of transaction
- G06Q20/3825—Use of electronic signatures
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L9/00—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
- H04L9/32—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials
- H04L9/3247—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials involving digital signatures
Landscapes
- Engineering & Computer Science (AREA)
- Business, Economics & Management (AREA)
- Computer Security & Cryptography (AREA)
- Accounting & Taxation (AREA)
- Finance (AREA)
- Signal Processing (AREA)
- Computer Networks & Wireless Communication (AREA)
- Strategic Management (AREA)
- Physics & Mathematics (AREA)
- General Business, Economics & Management (AREA)
- General Physics & Mathematics (AREA)
- Theoretical Computer Science (AREA)
- Financial Or Insurance-Related Operations Such As Payment And Settlement (AREA)
Abstract
Translated fromChinese
Description
Translated fromChinese技术领域technical field
本申请涉及信息安全领域,也可用于金融领域,具体涉及一种跨领域的金融交易验证方法、装置及系统。This application relates to the field of information security, and can also be used in the financial field, and specifically relates to a cross-field financial transaction verification method, device and system.
背景技术Background technique
为了保障资金安全,越来越多的客户进行网上金融交易时选择使用USB-Key、蓝牙Key、音频Key等作为安全认证工具对交易进行签名确认,但是不同业务领域的金融交易需要分别进行签名认证,不支持跨业务领域的金融交易签名,也不能反馈客户处理进度,降低了操作便捷性。In order to ensure the safety of funds, more and more customers choose to use USB-Key, Bluetooth Key, audio Key, etc. as security authentication tools to sign and confirm transactions when conducting online financial transactions, but financial transactions in different business fields need to be signed separately , does not support cross-business financial transaction signatures, nor can it provide feedback on customer processing progress, which reduces the convenience of operation.
发明内容Contents of the invention
针对现有技术中的问题,本申请提供一种跨领域的金融交易验证方法、装置及系统,能够准确、便捷得实现跨业务领域的金融交易验证。In view of the problems in the prior art, the present application provides a cross-field financial transaction verification method, device and system, which can accurately and conveniently realize cross-business field financial transaction verification.
为了解决上述问题中的至少一个,本申请提供以下技术方案:In order to solve at least one of the above problems, the application provides the following technical solutions:
第一方面,本申请提供一种跨领域的金融交易验证方法,应用于后端服务器,所述方法包括:In the first aspect, the present application provides a cross-domain financial transaction verification method, which is applied to a backend server, and the method includes:
接收用户前端发送的签名生成请求,其中,所述签名生成请求是所述用户前端接收到用户发送的待签名金融交易要素后生成的;receiving a signature generation request sent by the user front end, wherein the signature generation request is generated after the user front end receives the financial transaction element to be signed sent by the user;
根据所述签名生成请求生成签名原文并本地缓存后返回所述用户前端,以使所述用户前端调用安全工具对所述签名原文进行签名加密,并在完成签名加密后向设定签名验证接口发送签名密文和安全工具信息;Generate the original signature text according to the signature generation request, cache it locally and return it to the user front end, so that the user front end invokes a security tool to perform signature encryption on the original signature text, and sends it to the set signature verification interface after signature encryption is completed Signature ciphertext and security tool information;
接收所述用户前端发送的签名密文和安全工具信息,根据与所述安全工具信息对应的签名验证方法和本地缓存的签名原文对所述签名密文进行签名验证,得到验证结果。Receive the signature ciphertext and security tool information sent by the user front end, perform signature verification on the signature ciphertext according to the signature verification method corresponding to the security tool information and the original signature text cached locally, and obtain a verification result.
进一步地,所述根据所述签名生成请求生成签名原文并本地缓存后返回所述用户前端,包括:Further, said generating the original signature text according to the signature generation request and returning it to the user front end after being locally cached includes:
根据所述签名生成请求中的待签名金融交易要素,得到对应的金融交易信息;Obtain corresponding financial transaction information according to the financial transaction elements to be signed in the signature generation request;
根据所述待签名金融交易要素和所述金融交易信息,生成签名原文并本地缓存后返回所述用户前端。According to the financial transaction element to be signed and the financial transaction information, the original text of the signature is generated and cached locally, and then returned to the user front end.
进一步地,所述根据所述签名生成请求中的待签名金融交易要素,得到对应的金融交易信息,包括:Further, the obtaining corresponding financial transaction information according to the financial transaction elements to be signed in the signature generation request includes:
根据所述待签名金融交易要素的交易类型调用对应的金融交易系统进行交易查询;Invoking the corresponding financial transaction system to perform transaction query according to the transaction type of the financial transaction elements to be signed;
接收所述金融交易系统返回的金融交易信息。The financial transaction information returned by the financial transaction system is received.
进一步地,所述根据所述待签名金融交易要素和所述金融交易信息,生成签名原文并本地缓存后返回所述用户前端,包括:Further, according to the financial transaction elements to be signed and the financial transaction information, the signature text is generated and locally cached and then returned to the user front end, including:
判断所述签名生成请求中的首末调用标识是否为末次调用,若是,则根据所述签名生成请求中的待签名金融交易要素和所述金融交易信息,生成签名原文并本地缓存后返回所述用户前端;Judging whether the first and last call identifier in the signature generation request is the last call, and if so, according to the financial transaction elements to be signed and the financial transaction information in the signature generation request, generate the original text of the signature and cache it locally and return it to the user front end;
否则,向所述用户前端返回处理进度。Otherwise, return processing progress to the user front end.
第二方面,本申请提供一种跨领域的金融交易验证方法,应用于用户前端,所述方法包括:In the second aspect, the present application provides a cross-domain financial transaction verification method, which is applied to the user front end, and the method includes:
接收用户发送的待签名金融交易要素,生成对应的签名生成请求并发送至后端服务器,以使所述后端服务器根据所述签名生成请求生成签名原文并本地缓存后返回所述签名原文;Receive the financial transaction element to be signed sent by the user, generate a corresponding signature generation request and send it to the backend server, so that the backend server generates the original signature text according to the signature generation request, caches it locally, and returns the original signature text;
调用安全工具对所述签名原文进行签名加密,并在完成签名加密后向设定签名验证接口发送签名密文和安全工具信息,以使所述后端服务器根据与所述安全工具信息对应的签名验证方法和本地缓存的签名原文对所述签名密文进行签名验证,得到验证结果。Call the security tool to sign and encrypt the original signature text, and send the signature ciphertext and security tool information to the set signature verification interface after the signature encryption is completed, so that the back-end server can use the signature corresponding to the security tool information The verification method and the locally cached signature original text perform signature verification on the signed ciphertext to obtain a verification result.
进一步地,还包括:Further, it also includes:
接收所述后端服务器发送的处理进度,其中,所述处理进度是所述后端服务器在判定所述签名生成请求中的首末调用标识非末次调用时返回的。The processing progress sent by the backend server is received, wherein the processing progress is returned by the backend server when it is determined that the first and last call identifiers in the signature generation request are not the last call.
第三方面,本申请提供一种跨领域的金融交易验证装置,包括:In a third aspect, the present application provides a cross-domain financial transaction verification device, including:
生成请求接收模块,用于接收用户前端发送的签名生成请求,其中,所述签名生成请求是所述用户前端接收到用户发送的待签名金融交易要素后生成的;A generation request receiving module, configured to receive a signature generation request sent by the user front end, wherein the signature generation request is generated after the user front end receives the financial transaction element to be signed sent by the user;
签名原文生成模块,用于根据所述签名生成请求生成签名原文并本地缓存后返回所述用户前端,以使所述用户前端调用安全工具对所述签名原文进行签名加密,并在完成签名加密后向设定签名验证接口发送签名密文和安全工具信息;The signature original text generation module is used to generate the signature original text according to the signature generation request and return it to the user front end after local cache, so that the user front end invokes a security tool to perform signature encryption on the signature original text, and after the signature encryption is completed Send signature ciphertext and security tool information to the set signature verification interface;
签名密文验证模块,用于接收所述用户前端发送的签名密文和安全工具信息,根据与所述安全工具信息对应的签名验证方法和本地缓存的签名原文对所述签名密文进行签名验证,得到验证结果。The signature ciphertext verification module is configured to receive the signature ciphertext and security tool information sent by the user front end, and perform signature verification on the signature ciphertext according to the signature verification method corresponding to the security tool information and the original signature text cached locally , get the verification result.
进一步地,所述签名原文生成模块包括:Further, the original signature generation module includes:
交易信息获取单元,用于根据所述签名生成请求中的待签名金融交易要素,得到对应的金融交易信息;A transaction information acquisition unit, configured to obtain corresponding financial transaction information according to the financial transaction elements to be signed in the signature generation request;
签名原文拼接单元,用于根据所述待签名金融交易要素和所述金融交易信息,生成签名原文并本地缓存后返回所述用户前端。The signature original text splicing unit is used to generate signature original text according to the financial transaction elements to be signed and the financial transaction information, cache it locally, and return it to the user front end.
进一步地,所述交易信息获取单元包括:Further, the transaction information acquisition unit includes:
交易系统分类请求子单元,用于根据所述待签名金融交易要素的交易类型调用对应的金融交易系统进行交易查询;The transaction system classification request subunit is used to call the corresponding financial transaction system to perform transaction query according to the transaction type of the financial transaction elements to be signed;
查询结果接收子单元,用于接收所述金融交易系统返回的金融交易信息。The query result receiving subunit is configured to receive the financial transaction information returned by the financial transaction system.
进一步地,所述签名原文拼接单元包括:Further, the original signature splicing unit includes:
末次调用判断子单元,用于判断所述签名生成请求中的首末调用标识是否为末次调用,若是,则根据所述签名生成请求中的待签名金融交易要素和所述金融交易信息,生成签名原文并本地缓存后返回所述用户前端;The last call judging subunit is used to judge whether the first and last call identifier in the signature generation request is the last call, and if so, generate a signature according to the financial transaction elements to be signed in the signature generation request and the financial transaction information The original text is cached locally and returned to the user front end;
处理进度反馈子单元,用于若所述签名生成请求中的首末调用标识非末次调用,则向所述用户前端返回处理进度。The processing progress feedback subunit is configured to return the processing progress to the user front end if the first and last calls in the signature generation request identify a non-last call.
第四方面,本申请提供一种跨领域的金融交易验证装置,包括:In the fourth aspect, the present application provides a cross-domain financial transaction verification device, including:
签名生成请求模块,用于接收用户发送的待签名金融交易要素,生成对应的签名生成请求并发送至后端服务器,以使所述后端服务器根据所述签名生成请求生成签名原文并本地缓存后返回所述签名原文;The signature generation request module is used to receive the financial transaction element to be signed sent by the user, generate a corresponding signature generation request and send it to the backend server, so that the backend server generates the original signature according to the signature generation request and caches it locally Return the original text of the signature;
签名加密模块,用于调用安全工具对所述签名原文进行签名加密,并在完成签名加密后向设定签名验证接口发送签名密文和安全工具信息,以使所述后端服务器根据与所述安全工具信息对应的签名验证方法和本地缓存的签名原文对所述签名密文进行签名验证,得到验证结果。The signature encryption module is used to call the security tool to sign and encrypt the original signature text, and send the signature ciphertext and security tool information to the set signature verification interface after the signature encryption is completed, so that the back-end server can The signature verification method corresponding to the security tool information and the original signature text cached locally perform signature verification on the signed ciphertext to obtain a verification result.
进一步地,还包括:Further, it also includes:
处理进度接收单元,用于接收所述后端服务器发送的处理进度,其中,所述处理进度是所述后端服务器在判定所述签名生成请求中的首末调用标识非末次调用时返回的。The processing progress receiving unit is configured to receive the processing progress sent by the backend server, wherein the processing progress is returned by the backend server when it determines that the first and last call identifiers in the signature generation request are not the last call.
第五方面,本申请提供一种跨领域的金融交易验证系统,包括:后端服务器和用户前端;In the fifth aspect, the present application provides a cross-domain financial transaction verification system, including: a back-end server and a user front-end;
所述后端服务器包括:The backend server includes:
生成请求接收模块,用于接收用户前端发送的签名生成请求;The generation request receiving module is used to receive the signature generation request sent by the user front end;
签名原文生成模块,用于根据所述签名生成请求生成签名原文并本地缓存后返回所述用户前端;The original signature generation module is used to generate the original signature according to the signature generation request and cache it locally and return it to the user front end;
签名密文验证模块,用于接收所述用户前端发送的签名密文和安全工具信息,根据与所述安全工具信息对应的签名验证方法和本地缓存的签名原文对所述签名密文进行签名验证,得到验证结果;The signature ciphertext verification module is configured to receive the signature ciphertext and security tool information sent by the user front end, and perform signature verification on the signature ciphertext according to the signature verification method corresponding to the security tool information and the original signature text cached locally , get the verification result;
所述用户前端包括:The user front end includes:
签名生成请求模块,用于接收用户发送的待签名金融交易要素,生成对应的签名生成请求并发送至后端服务器;The signature generation request module is used to receive the financial transaction elements to be signed sent by the user, generate the corresponding signature generation request and send it to the back-end server;
签名加密模块,用于调用安全工具对所述签名原文进行签名加密,并在完成签名加密后向设定签名验证接口发送签名密文和安全工具信息。The signature encryption module is used to call the security tool to sign and encrypt the original signature text, and send the signature ciphertext and security tool information to the set signature verification interface after the signature encryption is completed.
第六方面,本申请提供一种电子设备,包括存储器、处理器及存储在存储器上并可在处理器上运行的计算机程序,所述处理器执行所述程序时实现所述的跨领域的金融交易验证方法的步骤。In a sixth aspect, the present application provides an electronic device, including a memory, a processor, and a computer program stored on the memory and operable on the processor. When the processor executes the program, the cross-field financial The steps of the transaction verification method.
第七方面,本申请提供一种计算机可读存储介质,其上存储有计算机程序,该计算机程序被处理器执行时实现所述的跨领域的金融交易验证方法的步骤。In a seventh aspect, the present application provides a computer-readable storage medium, on which a computer program is stored, and when the computer program is executed by a processor, the steps of the cross-domain financial transaction verification method are implemented.
第八方面,本申请提供一种计算机程序产品,包括计算机程序/指令,该计算机程序/指令被处理器执行时实现所述的跨领域的金融交易验证方法的步骤。In an eighth aspect, the present application provides a computer program product, including a computer program/instruction, and when the computer program/instruction is executed by a processor, the steps of the cross-domain financial transaction verification method are implemented.
由上述技术方案可知,本申请提供一种跨领域的金融交易验证方法、装置及系统,通过后端服务器根据用户前端发送的签名生成请求生成签名原本并本地缓存,由此在用户前端完成签名加密后,后端服务器可以根据本地缓存的签名原文对签名密文进行签名验证,得到验证结果,由此能够准确、便捷得实现跨业务领域的金融交易验证。It can be seen from the above technical solution that this application provides a cross-domain financial transaction verification method, device and system, through which the back-end server generates the original signature according to the signature generation request sent by the user front-end and caches it locally, thereby completing signature encryption at the user front-end Finally, the back-end server can perform signature verification on the signed ciphertext according to the locally cached signature original text, and obtain the verification result, thereby accurately and conveniently realizing cross-business financial transaction verification.
附图说明Description of drawings
为了更清楚地说明本申请实施例或现有技术中的技术方案,下面将对实施例或现有技术描述中所需要使用的附图作简单地介绍,显而易见地,下面描述中的附图是本申请的一些实施例,对于本领域普通技术人员来讲,在不付出创造性劳动的前提下,还可以根据这些附图获得其他的附图。In order to more clearly illustrate the technical solutions in the embodiments of the present application or the prior art, the following will briefly introduce the drawings that need to be used in the description of the embodiments or the prior art. Obviously, the accompanying drawings in the following description are For some embodiments of the present application, those of ordinary skill in the art can also obtain other drawings based on these drawings without creative effort.
图1为本申请实施例中的跨领域的金融交易验证方法的流程示意图之一;Fig. 1 is one of the schematic flow charts of the cross-domain financial transaction verification method in the embodiment of the present application;
图2为本申请实施例中的跨领域的金融交易验证方法的流程示意图之二;FIG. 2 is the second schematic flow diagram of the cross-domain financial transaction verification method in the embodiment of the present application;
图3为本申请实施例中的跨领域的金融交易验证方法的流程示意图之三;Fig. 3 is the third schematic flow diagram of the cross-domain financial transaction verification method in the embodiment of the present application;
图4为本申请实施例中的跨领域的金融交易验证方法的流程示意图之四;FIG. 4 is the fourth schematic flow diagram of the cross-domain financial transaction verification method in the embodiment of the present application;
图5为本申请实施例中的跨领域的金融交易验证方法的流程示意图之五;FIG. 5 is the fifth schematic flow diagram of the cross-domain financial transaction verification method in the embodiment of the present application;
图6为本申请实施例中的跨领域的金融交易验证装置的结构图之一;Fig. 6 is one of the structural diagrams of the cross-domain financial transaction verification device in the embodiment of the present application;
图7为本申请实施例中的跨领域的金融交易验证装置的结构图之二;FIG. 7 is the second structural diagram of the cross-domain financial transaction verification device in the embodiment of the present application;
图8为本申请实施例中的跨领域的金融交易验证装置的结构图之三;Fig. 8 is the third structural diagram of the cross-domain financial transaction verification device in the embodiment of the present application;
图9为本申请实施例中的跨领域的金融交易验证装置的结构图之四;FIG. 9 is the fourth structural diagram of the cross-domain financial transaction verification device in the embodiment of the present application;
图10为本申请实施例中的跨领域的金融交易验证装置的结构图之五;FIG. 10 is the fifth structural diagram of the cross-domain financial transaction verification device in the embodiment of the present application;
图11为本申请实施例中的跨领域的金融交易验证系统的结构图;FIG. 11 is a structural diagram of a cross-domain financial transaction verification system in the embodiment of the present application;
图12为本申请一具体实施例中的跨领域的金融交易验证流程示意图;FIG. 12 is a schematic diagram of a cross-domain financial transaction verification process in a specific embodiment of the present application;
图13为本申请实施例中的电子设备的结构示意图。FIG. 13 is a schematic structural diagram of an electronic device in an embodiment of the present application.
具体实施方式Detailed ways
为使本申请实施例的目的、技术方案和优点更加清楚,下面将结合本申请实施例中的附图,对本申请实施例中的技术方案进行清楚、完整的描述,显然,所描述的实施例是本申请一部分实施例,而不是全部的实施例。基于本申请中的实施例,本领域普通技术人员在没有作出创造性劳动前提下所获得的所有其他实施例,都属于本申请保护的范围。In order to make the purpose, technical solutions and advantages of the embodiments of the present application clearer, the technical solutions in the embodiments of the present application will be clearly and completely described below in conjunction with the drawings in the embodiments of the present application. Obviously, the described embodiments It is a part of the embodiments of this application, not all of them. Based on the embodiments in this application, all other embodiments obtained by persons of ordinary skill in the art without creative efforts fall within the protection scope of this application.
本申请技术方案中对数据的获取、存储、使用、处理等均符合国家法律法规的相关规定。The acquisition, storage, use, and processing of data in the technical solution of this application all comply with the relevant provisions of national laws and regulations.
考虑到现有技术中不同业务领域的金融交易需要分别进行签名认证,不支持跨业务领域的金融交易签名的问题,本申请提供一种跨领域的金融交易验证方法、装置及系统,通过后端服务器根据用户前端发送的签名生成请求生成签名原本并本地缓存,由此在用户前端完成签名加密后,后端服务器可以根据本地缓存的签名原文对签名密文进行签名验证,得到验证结果,由此能够准确、便捷得实现跨业务领域的金融交易验证。Considering that financial transactions in different business fields in the prior art require separate signature authentication and do not support financial transaction signatures across business fields, this application provides a cross-field financial transaction verification method, device and system, through the back-end The server generates the original signature according to the signature generation request sent by the user front end and caches it locally, so that after the user front end completes signature encryption, the backend server can perform signature verification on the signed ciphertext according to the locally cached signature original text, and obtain the verification result. It can accurately and conveniently realize the verification of financial transactions across business fields.
为了能够准确、便捷得实现跨业务领域的金融交易验证,本申请提供一种跨领域的金融交易验证方法的实施例,执行主体可以为后端服务器,参见图1,所述跨领域的金融交易验证方法具体包含有如下内容:In order to accurately and conveniently realize financial transaction verification across business domains, this application provides an embodiment of a cross-domain financial transaction verification method. The verification method specifically includes the following contents:
步骤S101:接收用户前端发送的签名生成请求,其中,所述签名生成请求是所述用户前端接收到用户发送的待签名金融交易要素后生成的。Step S101: Receive a signature generation request sent by the user front end, wherein the signature generation request is generated after the user front end receives the financial transaction element to be signed sent by the user.
可选的,所述用户前端可以为用于提供多个金融交易要素以供用户选择,用户选择想要签名的待签名金融交易要素后所述用户前端可以据此生成一签名生成请求并发送至后端服务器。Optionally, the user front-end can be used to provide multiple financial transaction elements for the user to select, and after the user selects the financial transaction elements to be signed to be signed, the user front-end can generate a signature generation request and send it to backend server.
可以理解的是,所述待签名金融交易要素例如可以为交易类型、交易流水号等。It can be understood that the elements of the financial transaction to be signed may be, for example, transaction type, transaction serial number, and the like.
步骤S102:根据所述签名生成请求生成签名原文并本地缓存后返回所述用户前端,以使所述用户前端调用安全工具对所述签名原文进行签名加密,并在完成签名加密后向设定签名验证接口发送签名密文和安全工具信息。Step S102: Generate the original signature text according to the signature generation request, cache it locally, and return it to the user front end, so that the user front end calls a security tool to perform signature encryption on the original signature text, and sends a signature to the setting after the signature encryption is completed. The verification interface sends signed ciphertext and security tool information.
可选的,所述后端服务器接收到所述签名生成请求后,可以据此生成签名原文,例如,将签名生成请求中的待签名金融交易要素和与之对应的金融交易信息进行拼接,得到签名原文,对该签名原文进行本地缓存后返回至用户前端。Optionally, after receiving the signature generation request, the backend server may generate the original signature text accordingly, for example, splicing the financial transaction elements to be signed in the signature generation request and the corresponding financial transaction information to obtain The original signature text is cached locally and returned to the user front end.
可选的,用于拼接签名原文的金融交易信息可以根据所述待签名金融交易要素的交易类型调用对应的金融交易系统进行交易查询得到。Optionally, the financial transaction information used for splicing the original text of the signature can be obtained by invoking the corresponding financial transaction system according to the transaction type of the financial transaction element to be signed to perform transaction query.
可选的,用户前端收到后端服务器返回的签名原文后,可以利用各种安全工具对其进行签名加密,例如调用USB-Key等安全工具生成签名密文,在完成签名加密后,向后端服务器的设定签名验证接口发送该签名密文和安全工具信息(例如安全工具的ID,即USB-Key的设备ID)。Optionally, after receiving the original signed text returned by the back-end server, the front end of the user can use various security tools to sign and encrypt it, for example, calling a security tool such as USB-Key to generate a signed cipher text, and after completing the signature encryption, forward The signature verification interface of the end server sends the signature ciphertext and security tool information (such as the ID of the security tool, that is, the device ID of the USB-Key).
步骤S103:接收所述用户前端发送的签名密文和安全工具信息,根据与所述安全工具信息对应的签名验证方法和本地缓存的签名原文对所述签名密文进行签名验证,得到验证结果。Step S103: Receive the signed ciphertext and security tool information sent by the user front end, perform signature verification on the signed ciphertext according to the signature verification method corresponding to the security tool information and the original signature text cached locally, and obtain a verification result.
可选的,本申请的后端服务器在接收到所述用户前端发送的签名密文和安全工具信息后,可以根据所述安全工具信息确定对应的签名验证方法,例如根据USB-Key的设备ID确定USB-Key的签名验证方法,然后依据该签名验证方法以及本地缓存的签名原文对所述签名密文进行签名验证,从而得到验证结果。Optionally, after receiving the signature ciphertext and security tool information sent by the user front end, the backend server of the present application may determine the corresponding signature verification method according to the security tool information, for example, according to the device ID of the USB-Key Determine the signature verification method of the USB-Key, and then perform signature verification on the signed ciphertext according to the signature verification method and the locally cached original signature text, so as to obtain a verification result.
从上述描述可知,本申请实施例提供的跨领域的金融交易验证方法,能够通过后端服务器根据用户前端发送的签名生成请求生成签名原本并本地缓存,由此在用户前端完成签名加密后,后端服务器可以根据本地缓存的签名原文对签名密文进行签名验证,得到验证结果,由此能够准确、便捷得实现跨业务领域的金融交易验证。It can be seen from the above description that the cross-domain financial transaction verification method provided by the embodiment of the present application can generate the signature original through the back-end server according to the signature generation request sent by the user front-end and cache it locally, so that after the signature encryption is completed on the user front-end, the The end server can perform signature verification on the signed ciphertext according to the locally cached signature original text, and obtain the verification result, so that the cross-business field financial transaction verification can be realized accurately and conveniently.
为了能够准确生成签名原文,在本申请的跨领域的金融交易验证方法的一实施例中,参见图2,上述步骤S102还可以具体包含如下内容:In order to accurately generate the original text of the signature, in an embodiment of the cross-domain financial transaction verification method of the present application, referring to FIG. 2, the above step S102 may also specifically include the following content:
步骤S201:根据所述签名生成请求中的待签名金融交易要素,得到对应的金融交易信息。Step S201: Obtain corresponding financial transaction information according to the financial transaction element to be signed in the signature generation request.
步骤S202:根据所述待签名金融交易要素和所述金融交易信息,生成签名原文并本地缓存后返回所述用户前端。Step S202: According to the financial transaction element to be signed and the financial transaction information, generate the original text of the signature, cache it locally, and return it to the user front end.
可选的,所述后端服务器接收到所述签名生成请求后,可以据此生成签名原文,例如,将签名生成请求中的待签名金融交易要素和与之对应的金融交易信息进行拼接,得到签名原文,对该签名原文进行本地缓存后返回至用户前端。Optionally, after receiving the signature generation request, the backend server may generate the original signature text accordingly, for example, splicing the financial transaction elements to be signed in the signature generation request and the corresponding financial transaction information to obtain The original signature text is cached locally and returned to the user front end.
为了能够准确获取金融交易信息,在本申请的跨领域的金融交易验证方法的一实施例中,参见图3,上述步骤S201还可以具体包含如下内容:In order to accurately obtain financial transaction information, in an embodiment of the cross-domain financial transaction verification method of the present application, referring to FIG. 3 , the above step S201 may also specifically include the following content:
步骤S301:根据所述待签名金融交易要素的交易类型调用对应的金融交易系统进行交易查询。Step S301: According to the transaction type of the financial transaction element to be signed, call the corresponding financial transaction system to perform transaction query.
步骤S302:接收所述金融交易系统返回的金融交易信息。Step S302: Receive the financial transaction information returned by the financial transaction system.
可选的,用于拼接签名原文的金融交易信息可以根据所述待签名金融交易要素的交易类型调用对应的金融交易系统进行交易查询得到。Optionally, the financial transaction information used for splicing the original text of the signature can be obtained by invoking the corresponding financial transaction system according to the transaction type of the financial transaction element to be signed to perform transaction query.
为了能够及时反馈处理进度,在本申请的跨领域的金融交易验证方法的一实施例中,参见图4,上述步骤S202还可以具体包含如下内容:In order to be able to provide timely feedback on the processing progress, in an embodiment of the cross-domain financial transaction verification method of the present application, referring to FIG. 4, the above step S202 may also specifically include the following content:
步骤S401:判断所述签名生成请求中的首末调用标识是否为末次调用,若是,则根据所述签名生成请求中的待签名金融交易要素和所述金融交易信息,生成签名原文并本地缓存后返回所述用户前端。Step S401: Determine whether the first and last call identifiers in the signature generation request are the last call, and if so, generate the original text of the signature and cache it locally according to the financial transaction elements to be signed and the financial transaction information in the signature generation request Returns the user front end.
步骤S402:否则,向所述用户前端返回处理进度。Step S402: Otherwise, return the processing progress to the user front end.
可选的,本申请的后端服务器还可以依据首末调用标识判断所述签名生成请求是否为每批最后一次调用,非最后一次仅返回成功或失败的状态,以用于向所述用户前端返回处理进度,最后一次调用则返回签名原文。Optionally, the backend server of the present application may also judge whether the signature generation request is the last call of each batch according to the first and last call identifiers, and only return a status of success or failure if it is not the last call, so as to send the request to the user front end Returns the processing progress, and the last call returns the original signature.
为了能够准确、便捷得实现跨业务领域的金融交易验证,本申请提供一种跨领域的金融交易验证方法的实施例,执行主体可以为用户前端,参见图5,所述跨领域的金融交易验证方法具体包含有如下内容:In order to accurately and conveniently realize financial transaction verification across business domains, this application provides an embodiment of a cross-domain financial transaction verification method, the execution subject may be a user front end, see Figure 5, the cross-domain financial transaction verification The method specifically includes the following contents:
步骤S501:接收用户发送的待签名金融交易要素,生成对应的签名生成请求并发送至后端服务器,以使所述后端服务器根据所述签名生成请求生成签名原文并本地缓存后返回所述签名原文。Step S501: Receive the financial transaction element to be signed sent by the user, generate a corresponding signature generation request and send it to the backend server, so that the backend server generates the original signature according to the signature generation request, caches it locally and returns the signature original.
步骤S502:调用安全工具对所述签名原文进行签名加密,并在完成签名加密后向设定签名验证接口发送签名密文和安全工具信息,以使所述后端服务器根据与所述安全工具信息对应的签名验证方法和本地缓存的签名原文对所述签名密文进行签名验证,得到验证结果。Step S502: Call the security tool to sign and encrypt the original signature text, and send the signature ciphertext and security tool information to the signature verification interface after the signature encryption is completed, so that the back-end server can The corresponding signature verification method and the locally cached signature original text perform signature verification on the signed ciphertext to obtain a verification result.
从上述描述可知,本申请实施例提供的跨领域的金融交易验证方法,能够通过后端服务器根据用户前端发送的签名生成请求生成签名原本并本地缓存,由此在用户前端完成签名加密后,后端服务器可以根据本地缓存的签名原文对签名密文进行签名验证,得到验证结果,由此能够准确、便捷得实现跨业务领域的金融交易验证。It can be seen from the above description that the cross-domain financial transaction verification method provided by the embodiment of the present application can generate the signature original through the back-end server according to the signature generation request sent by the user front-end and cache it locally, so that after the signature encryption is completed on the user front-end, the The end server can perform signature verification on the signed ciphertext according to the locally cached signature original text, and obtain the verification result, so that the cross-business field financial transaction verification can be realized accurately and conveniently.
为了能够及时获取处理进度,在本申请的跨领域的金融交易验证方法的一实施例中,还可以具体包含如下内容:In order to obtain the processing progress in a timely manner, in an embodiment of the cross-domain financial transaction verification method of the present application, the following content may also be specifically included:
接收所述后端服务器发送的处理进度,其中,所述处理进度是所述后端服务器在判定所述签名生成请求中的首末调用标识非末次调用时返回的。The processing progress sent by the backend server is received, wherein the processing progress is returned by the backend server when it is determined that the first and last call identifiers in the signature generation request are not the last call.
为了能够准确、便捷得实现跨业务领域的金融交易验证,本申请提供一种用于实现所述跨领域的金融交易验证方法的全部或部分内容的跨领域的金融交易验证装置的实施例,例如设置于后端服务器中,参见图6,所述跨领域的金融交易验证装置具体包含有如下内容:In order to accurately and conveniently realize cross-business financial transaction verification, this application provides an embodiment of a cross-field financial transaction verification device for realizing all or part of the cross-field financial transaction verification method, for example Set in the back-end server, referring to Figure 6, the cross-domain financial transaction verification device specifically includes the following content:
生成请求接收模块10,用于接收用户前端发送的签名生成请求,其中,所述签名生成请求是所述用户前端接收到用户发送的待签名金融交易要素后生成的。The generation
签名原文生成模块20,用于根据所述签名生成请求生成签名原文并本地缓存后返回所述用户前端,以使所述用户前端调用安全工具对所述签名原文进行签名加密,并在完成签名加密后向设定签名验证接口发送签名密文和安全工具信息。The original
签名密文验证模块30,用于接收所述用户前端发送的签名密文和安全工具信息,根据与所述安全工具信息对应的签名验证方法和本地缓存的签名原文对所述签名密文进行签名验证,得到验证结果。The signature
从上述描述可知,本申请实施例提供的跨领域的金融交易验证装置,能够通过后端服务器根据用户前端发送的签名生成请求生成签名原本并本地缓存,由此在用户前端完成签名加密后,后端服务器可以根据本地缓存的签名原文对签名密文进行签名验证,得到验证结果,由此能够准确、便捷得实现跨业务领域的金融交易验证。It can be seen from the above description that the cross-domain financial transaction verification device provided by the embodiment of the present application can generate the original signature through the back-end server according to the signature generation request sent by the user front-end and cache it locally, so that after the signature encryption is completed on the user front-end, the The end server can perform signature verification on the signed ciphertext according to the locally cached signature original text, and obtain the verification result, so that the cross-business field financial transaction verification can be realized accurately and conveniently.
为了能够准确生成签名原文,在本申请的跨领域的金融交易验证装置的一实施例中,参见图7,所述签名原文生成模块20包括:In order to be able to accurately generate the original signature, in an embodiment of the cross-field financial transaction verification device of the present application, referring to FIG. 7, the original
交易信息获取单元21,用于根据所述签名生成请求中的待签名金融交易要素,得到对应的金融交易信息。The transaction
签名原文拼接单元22,用于根据所述待签名金融交易要素和所述金融交易信息,生成签名原文并本地缓存后返回所述用户前端。The signature original
为了能够准确获取金融交易信息,在本申请的跨领域的金融交易验证装置的一实施例中,参见图8,所述交易信息获取单元21包括:In order to accurately obtain financial transaction information, in an embodiment of the cross-field financial transaction verification device of the present application, referring to FIG. 8 , the transaction
交易系统分类请求子单元211,用于根据所述待签名金融交易要素的交易类型调用对应的金融交易系统进行交易查询。The transaction system
查询结果接收子单元212,用于接收所述金融交易系统返回的金融交易信息。The query
为了能够及时反馈处理进度,在本申请的跨领域的金融交易验证装置的一实施例中,参见图9,所述签名原文拼接单元22包括:In order to be able to provide timely feedback on the processing progress, in an embodiment of the cross-field financial transaction verification device of the present application, referring to FIG. 9 , the original
末次调用判断子单元221,用于判断所述签名生成请求中的首末调用标识是否为末次调用,若是,则根据所述签名生成请求中的待签名金融交易要素和所述金融交易信息,生成签名原文并本地缓存后返回所述用户前端。The last
处理进度反馈子单元222,用于若所述签名生成请求中的首末调用标识非末次调用,则向所述用户前端返回处理进度。The processing
为了能够准确、便捷得实现跨业务领域的金融交易验证,本申请提供一种用于实现所述跨领域的金融交易验证方法的全部或部分内容的跨领域的金融交易验证装置的实施例,例如设置于后端服务器中,参见图10,所述跨领域的金融交易验证装置具体包含有如下内容:In order to accurately and conveniently realize cross-business financial transaction verification, this application provides an embodiment of a cross-field financial transaction verification device for realizing all or part of the cross-field financial transaction verification method, for example Set in the back-end server, referring to Figure 10, the cross-domain financial transaction verification device specifically includes the following content:
签名生成请求模块40,用于接收用户发送的待签名金融交易要素,生成对应的签名生成请求并发送至后端服务器,以使所述后端服务器根据所述签名生成请求生成签名原文并本地缓存后返回所述签名原文。The signature
签名加密模块50,用于调用安全工具对所述签名原文进行签名加密,并在完成签名加密后向设定签名验证接口发送签名密文和安全工具信息,以使所述后端服务器根据与所述安全工具信息对应的签名验证方法和本地缓存的签名原文对所述签名密文进行签名验证,得到验证结果。The
从上述描述可知,本申请实施例提供的跨领域的金融交易验证装置,能够通过后端服务器根据用户前端发送的签名生成请求生成签名原本并本地缓存,由此在用户前端完成签名加密后,后端服务器可以根据本地缓存的签名原文对签名密文进行签名验证,得到验证结果,由此能够准确、便捷得实现跨业务领域的金融交易验证。It can be seen from the above description that the cross-domain financial transaction verification device provided by the embodiment of the present application can generate the original signature through the back-end server according to the signature generation request sent by the user front-end and cache it locally, so that after the signature encryption is completed on the user front-end, the The end server can perform signature verification on the signed ciphertext according to the locally cached signature original text, and obtain the verification result, thereby enabling accurate and convenient financial transaction verification across business fields.
为了能够及时获取处理进度,在本申请的跨领域的金融交易验证方法的一实施例中,还可以具体包含如下内容:In order to obtain the processing progress in a timely manner, in an embodiment of the cross-domain financial transaction verification method of the present application, the following content may also be specifically included:
处理进度接收单元,用于接收所述后端服务器发送的处理进度,其中,所述处理进度是所述后端服务器在判定所述签名生成请求中的首末调用标识非末次调用时返回的。The processing progress receiving unit is configured to receive the processing progress sent by the backend server, wherein the processing progress is returned by the backend server when it determines that the first and last call identifiers in the signature generation request are not the last call.
为了更进一步说明本方案,本申请还提供一种应用上述跨领域的金融交易验证装置实现跨领域的金融交易验证方法的验证系统具体应用实例,参见图11,具体包含:后端服务器和用户前端;In order to further illustrate this solution, this application also provides a specific application example of a verification system that implements a cross-domain financial transaction verification method using the above-mentioned cross-domain financial transaction verification device, see Figure 11, specifically including: a back-end server and a user front-end ;
所述后端服务器包括:The backend server includes:
生成请求接收模块10,用于接收用户前端发送的签名生成请求。The generation
签名原文生成模块20,用于根据所述签名生成请求生成签名原文并本地缓存后返回所述用户前端。The original
签名密文验证模块30,用于接收所述用户前端发送的签名密文和安全工具信息,根据与所述安全工具信息对应的签名验证方法和本地缓存的签名原文对所述签名密文进行签名验证,得到验证结果。The signature
所述用户前端包括:The user front end includes:
签名生成请求模块10,用于接收用户发送的待签名金融交易要素,生成对应的签名生成请求并发送至后端服务器。The signature
签名加密模块20,用于调用安全工具对所述签名原文进行签名加密,并在完成签名加密后向设定签名验证接口发送签名密文和安全工具信息。The
从上述描述可知,本申请实施例提供的跨领域的金融交易验证系统,能够通过后端服务器根据用户前端发送的签名生成请求生成签名原本并本地缓存,由此在用户前端完成签名加密后,后端服务器可以根据本地缓存的签名原文对签名密文进行签名验证,得到验证结果,由此能够准确、便捷得实现跨业务领域的金融交易验证。It can be seen from the above description that the cross-domain financial transaction verification system provided by the embodiment of this application can generate the original signature through the back-end server according to the signature generation request sent by the user front-end and cache it locally, so that after the signature encryption is completed on the user front-end, the later The end server can perform signature verification on the signed ciphertext according to the locally cached signature original text, and obtain the verification result, so that the cross-business field financial transaction verification can be realized accurately and conveniently.
参见图12,本申请还提供一种应用上述跨领域的金融交易验证的具体实施例,具体包括:Referring to Figure 12, the present application also provides a specific embodiment of applying the above-mentioned cross-domain financial transaction verification, which specifically includes:
1、用户前端将用户勾选的待签名金融交易要素项(交易类型、交易流水号等)分批次调用后端服务器的生成签名接口;1. The front-end of the user calls the signature generation interface of the back-end server in batches for the financial transaction element items (transaction type, transaction serial number, etc.) to be signed by the user;
2、后端服务器获取前端上送的金融交易要素项以及首\末次调用标识,按交易类型调用不同的金融交易系统进行查询,获取金融交易信息;获取签名数据项配置信息,将金融交易信息、签名数据项配置信息和首\末次调用标识传入签名原文拼接逻辑生成签名原文,并缓存生成的签名原文;判断是否每批最后一次调用,非最后一次仅返回成功或失败的状态,最后一次调用返回安全工具信息和签名原文;2. The back-end server obtains the financial transaction elements sent by the front-end and the first\last call identifier, calls different financial transaction systems according to transaction types to query, and obtains financial transaction information; obtains signature data item configuration information, and stores financial transaction information, The configuration information of the signature data item and the first/last call identifier are passed in to the original signature splicing logic to generate the original signature, and the generated original signature is cached; it is judged whether it is the last call of each batch, and if it is not the last call, it only returns the status of success or failure, and the last call Return security tool information and signature text;
3、用户前端将后端服务器最后一次返回的签名原文信息调用USB-Key等安全认证工具生成签名密文,将签名密文以及安全工具信息提交给后端服务器的验证签名接口,进行签名密文验证。3. The front end of the user calls the USB-Key and other security authentication tools to generate signature ciphertext with the original signature information returned by the backend server last time, and submits the signature ciphertext and security tool information to the verification signature interface of the backend server to sign the ciphertext verify.
4、后端服务器获取前端上送的签名密文以及安全工具信息,读取生成签名接口缓存的签名原文,调用安全工具提供的验证方法进行签名信息验证。4. The back-end server obtains the signature ciphertext and security tool information sent by the front-end, reads the original signature text cached by the signature generation interface, and calls the verification method provided by the security tool to verify the signature information.
由此,本申请可以支持跨业务领域的金融交易签名,并且在金融交易签名时,实时反馈处理进度。Thus, the application can support the signing of financial transactions across business domains, and provide real-time feedback on the processing progress when signing financial transactions.
从硬件层面来说,为了能够准确、便捷得实现跨业务领域的金融交易验证,本申请提供一种用于实现所述跨领域的金融交易验证方法中的全部或部分内容的电子设备的实施例,所述电子设备具体包含有如下内容:From the perspective of hardware, in order to accurately and conveniently realize cross-business financial transaction verification, this application provides an embodiment of an electronic device for realizing all or part of the cross-field financial transaction verification method , the electronic device specifically includes the following content:
处理器(processor)、存储器(memory)、通信接口(Communications Interface)和总线;其中,所述处理器、存储器、通信接口通过所述总线完成相互间的通信;所述通信接口用于实现跨领域的金融交易验证装置与核心业务系统、用户终端以及相关数据库等相关设备之间的信息传输;该逻辑控制器可以是台式计算机、平板电脑及移动终端等,本实施例不限于此。在本实施例中,该逻辑控制器可以参照实施例中的跨领域的金融交易验证方法的实施例,以及跨领域的金融交易验证装置的实施例进行实施,其内容被合并于此,重复之处不再赘述。Processor (processor), memory (memory), communication interface (Communications Interface) and bus; Wherein, described processor, memory, communication interface complete mutual communication through described bus; Said communication interface is used to realize cross-domain The information transmission between the financial transaction verification device and the core business system, user terminal, and related database and other related equipment; the logic controller can be a desktop computer, tablet computer, mobile terminal, etc., and this embodiment is not limited thereto. In this embodiment, the logic controller can be implemented with reference to the embodiment of the cross-domain financial transaction verification method and the embodiment of the cross-domain financial transaction verification device in the embodiments, the contents of which are incorporated herein, and repeated I won't repeat them here.
可以理解的是,所述用户终端可以包括智能手机、平板电子设备、网络机顶盒、便携式计算机、台式电脑、个人数字助理(PDA)、车载设备、智能穿戴设备等。其中,所述智能穿戴设备可以包括智能眼镜、智能手表、智能手环等。It can be understood that the user terminal may include smart phones, tablet electronic devices, network set-top boxes, portable computers, desktop computers, personal digital assistants (PDAs), vehicle-mounted devices, smart wearable devices, and the like. Wherein, the smart wearable device may include smart glasses, smart watches, smart bracelets and the like.
在实际应用中,跨领域的金融交易验证方法的部分可以在如上述内容所述的电子设备侧执行,也可以所有的操作都在所述客户端设备中完成。具体可以根据所述客户端设备的处理能力,以及用户使用场景的限制等进行选择。本申请对此不作限定。若所有的操作都在所述客户端设备中完成,所述客户端设备还可以包括处理器。In practical applications, part of the cross-domain financial transaction verification method can be executed on the side of the electronic device as described above, or all operations can be completed in the client device. Specifically, the selection may be made according to the processing capability of the client device, the limitation of the user usage scenario, and the like. This application is not limited to this. If all operations are completed in the client device, the client device may further include a processor.
上述的客户端设备可以具有通信模块(即通信单元),可以与远程的服务器进行通信连接,实现与所述服务器的数据传输。所述服务器可以包括任务调度中心一侧的服务器,其他的实施场景中也可以包括中间平台的服务器,例如与任务调度中心服务器有通信链接的第三方服务器平台的服务器。所述的服务器可以包括单台计算机设备,也可以包括多个服务器组成的服务器集群,或者分布式装置的服务器结构。The above-mentioned client device may have a communication module (that is, a communication unit), which can communicate with a remote server to realize data transmission with the server. The server may include a server on the side of the task scheduling center, and may also include a server of an intermediate platform in other implementation scenarios, such as a server of a third-party server platform that has a communication link with the server of the task scheduling center. The server may include a single computer device, or a server cluster composed of multiple servers, or a server structure of a distributed device.
图13为本申请实施例的电子设备9600的系统构成的示意框图。如图13所示,该电子设备9600可以包括中央处理器9100和存储器9140;存储器9140耦合到中央处理器9100。值得注意的是,该图13是示例性的;还可以使用其他类型的结构,来补充或代替该结构,以实现电信功能或其他功能。FIG. 13 is a schematic block diagram of a system configuration of an
一实施例中,跨领域的金融交易验证方法功能可以被集成到中央处理器9100中。其中,中央处理器9100可以被配置为进行如下控制:In one embodiment, the function of the cross-domain financial transaction verification method can be integrated into the
步骤S101:接收用户前端发送的签名生成请求,其中,所述签名生成请求是所述用户前端接收到用户发送的待签名金融交易要素后生成的。Step S101: Receive a signature generation request sent by the user front end, wherein the signature generation request is generated after the user front end receives the financial transaction element to be signed sent by the user.
步骤S102:根据所述签名生成请求生成签名原文并本地缓存后返回所述用户前端,以使所述用户前端调用安全工具对所述签名原文进行签名加密,并在完成签名加密后向设定签名验证接口发送签名密文和安全工具信息。Step S102: Generate the original signature text according to the signature generation request, cache it locally, and return it to the user front end, so that the user front end calls a security tool to perform signature encryption on the original signature text, and sends a signature to the setting after the signature encryption is completed. The verification interface sends signed ciphertext and security tool information.
步骤S103:接收所述用户前端发送的签名密文和安全工具信息,根据与所述安全工具信息对应的签名验证方法和本地缓存的签名原文对所述签名密文进行签名验证,得到验证结果。Step S103: Receive the signed ciphertext and security tool information sent by the user front end, perform signature verification on the signed ciphertext according to the signature verification method corresponding to the security tool information and the original signature text cached locally, and obtain a verification result.
从上述描述可知,本申请实施例提供的电子设备,通过后端服务器根据用户前端发送的签名生成请求生成签名原本并本地缓存,由此在用户前端完成签名加密后,后端服务器可以根据本地缓存的签名原文对签名密文进行签名验证,得到验证结果,由此能够准确、便捷得实现跨业务领域的金融交易验证。It can be seen from the above description that the electronic device provided by the embodiment of the present application uses the backend server to generate the original signature and cache it locally according to the signature generation request sent by the user frontend, so that after the user frontend completes signature encryption, the backend server can Signature verification is performed on the original signature text of the signature ciphertext, and the verification result is obtained, so that the verification of financial transactions across business fields can be accurately and conveniently realized.
在另一个实施方式中,跨领域的金融交易验证装置可以与中央处理器9100分开配置,例如可以将跨领域的金融交易验证装置配置为与中央处理器9100连接的芯片,通过中央处理器的控制来实现跨领域的金融交易验证方法功能。In another embodiment, the cross-domain financial transaction verification device can be configured separately from the
如图13所示,该电子设备9600还可以包括:通信模块9110、输入单元9120、音频处理器9130、显示器9160、电源9170。值得注意的是,电子设备9600也并不是必须要包括图13中所示的所有部件;此外,电子设备9600还可以包括图13中没有示出的部件,可以参考现有技术。As shown in FIG. 13 , the
如图13所示,中央处理器9100有时也称为控制器或操作控件,可以包括微处理器或其他处理器装置和/或逻辑装置,该中央处理器9100接收输入并控制电子设备9600的各个部件的操作。As shown in FIG. 13 , the
其中,存储器9140,例如可以是缓存器、闪存、硬驱、可移动介质、易失性存储器、非易失性存储器或其它合适装置中的一种或更多种。可储存上述与失败有关的信息,此外还可存储执行有关信息的程序。并且中央处理器9100可执行该存储器9140存储的该程序,以实现信息存储或处理等。Wherein, the
输入单元9120向中央处理器9100提供输入。该输入单元9120例如为按键或触摸输入装置。电源9170用于向电子设备9600提供电力。显示器9160用于进行图像和文字等显示对象的显示。该显示器例如可为LCD显示器,但并不限于此。The
该存储器9140可以是固态存储器,例如,只读存储器(ROM)、随机存取存储器(RAM)、SIM卡等。还可以是这样的存储器,其即使在断电时也保存信息,可被选择性地擦除且设有更多数据,该存储器的示例有时被称为EPROM等。存储器9140还可以是某种其它类型的装置。存储器9140包括缓冲存储器9141(有时被称为缓冲器)。存储器9140可以包括应用/功能存储部9142,该应用/功能存储部9142用于存储应用程序和功能程序或用于通过中央处理器9100执行电子设备9600的操作的流程。The
存储器9140还可以包括数据存储部9143,该数据存储部9143用于存储数据,例如联系人、数字数据、图片、声音和/或任何其他由电子设备使用的数据。存储器9140的驱动程序存储部9144可以包括电子设备的用于通信功能和/或用于执行电子设备的其他功能(如消息传送应用、通讯录应用等)的各种驱动程序。The
通信模块9110即为经由天线9111发送和接收信号的发送机/接收机9110。通信模块(发送机/接收机)9110耦合到中央处理器9100,以提供输入信号和接收输出信号,这可以和常规移动通信终端的情况相同。The
基于不同的通信技术,在同一电子设备中,可以设置有多个通信模块9110,如蜂窝网络模块、蓝牙模块和/或无线局域网模块等。通信模块(发送机/接收机)9110还经由音频处理器9130耦合到扬声器9131和麦克风9132,以经由扬声器9131提供音频输出,并接收来自麦克风9132的音频输入,从而实现通常的电信功能。音频处理器9130可以包括任何合适的缓冲器、解码器、放大器等。另外,音频处理器9130还耦合到中央处理器9100,从而使得可以通过麦克风9132能够在本机上录音,且使得可以通过扬声器9131来播放本机上存储的声音。Based on different communication technologies,
本申请的实施例还提供能够实现上述实施例中的执行主体为服务器或客户端的跨领域的金融交易验证方法中全部步骤的一种计算机可读存储介质,所述计算机可读存储介质上存储有计算机程序,该计算机程序被处理器执行时实现上述实施例中的执行主体为服务器或客户端的跨领域的金融交易验证方法的全部步骤,例如,所述处理器执行所述计算机程序时实现下述步骤:Embodiments of the present application also provide a computer-readable storage medium capable of implementing all the steps in the cross-domain financial transaction verification method in which the execution subject is the server or the client in the above-mentioned embodiments, and the computer-readable storage medium stores the A computer program, when the computer program is executed by a processor, it realizes all the steps of the cross-domain financial transaction verification method in the above embodiment in which the execution subject is a server or a client, for example, when the processor executes the computer program, it realizes the following step:
步骤S101:接收用户前端发送的签名生成请求,其中,所述签名生成请求是所述用户前端接收到用户发送的待签名金融交易要素后生成的。Step S101: Receive a signature generation request sent by the user front end, wherein the signature generation request is generated after the user front end receives the financial transaction element to be signed sent by the user.
步骤S102:根据所述签名生成请求生成签名原文并本地缓存后返回所述用户前端,以使所述用户前端调用安全工具对所述签名原文进行签名加密,并在完成签名加密后向设定签名验证接口发送签名密文和安全工具信息。Step S102: Generate the original signature text according to the signature generation request, cache it locally, and return it to the user front end, so that the user front end calls a security tool to perform signature encryption on the original signature text, and sends a signature to the setting after the signature encryption is completed. The verification interface sends signed ciphertext and security tool information.
步骤S103:接收所述用户前端发送的签名密文和安全工具信息,根据与所述安全工具信息对应的签名验证方法和本地缓存的签名原文对所述签名密文进行签名验证,得到验证结果。Step S103: Receive the signed ciphertext and security tool information sent by the user front end, perform signature verification on the signed ciphertext according to the signature verification method corresponding to the security tool information and the original signature text cached locally, and obtain a verification result.
从上述描述可知,本申请实施例提供的计算机可读存储介质,通过后端服务器根据用户前端发送的签名生成请求生成签名原本并本地缓存,由此在用户前端完成签名加密后,后端服务器可以根据本地缓存的签名原文对签名密文进行签名验证,得到验证结果,由此能够准确、便捷得实现跨业务领域的金融交易验证。It can be seen from the above description that the computer-readable storage medium provided by the embodiment of the present application uses the back-end server to generate the signature original according to the signature generation request sent by the user front-end and caches it locally, so that after the user front-end completes the signature encryption, the back-end server can Signature verification is performed on the signed ciphertext according to the locally cached original signature text, and the verification result is obtained, so that financial transaction verification across business fields can be accurately and conveniently realized.
本申请的实施例还提供能够实现上述实施例中的执行主体为服务器或客户端的跨领域的金融交易验证方法中全部步骤的一种计算机程序产品,该计算机程序/指令被处理器执行时实现所述的跨领域的金融交易验证方法的步骤,例如,所述计算机程序/指令实现下述步骤:Embodiments of the present application also provide a computer program product capable of implementing all the steps in the cross-domain financial transaction verification method in the above embodiments in which the execution subject is a server or a client. When the computer program/instruction is executed by a processor, the The steps of the cross-field financial transaction verification method described above, for example, the computer program/instruction implements the following steps:
步骤S101:接收用户前端发送的签名生成请求,其中,所述签名生成请求是所述用户前端接收到用户发送的待签名金融交易要素后生成的。Step S101: Receive a signature generation request sent by the user front end, wherein the signature generation request is generated after the user front end receives the financial transaction element to be signed sent by the user.
步骤S102:根据所述签名生成请求生成签名原文并本地缓存后返回所述用户前端,以使所述用户前端调用安全工具对所述签名原文进行签名加密,并在完成签名加密后向设定签名验证接口发送签名密文和安全工具信息。Step S102: Generate the original signature text according to the signature generation request, cache it locally, and return it to the user front end, so that the user front end calls a security tool to perform signature encryption on the original signature text, and sends a signature to the setting after the signature encryption is completed. The verification interface sends signed ciphertext and security tool information.
步骤S103:接收所述用户前端发送的签名密文和安全工具信息,根据与所述安全工具信息对应的签名验证方法和本地缓存的签名原文对所述签名密文进行签名验证,得到验证结果。Step S103: Receive the signed ciphertext and security tool information sent by the user front end, perform signature verification on the signed ciphertext according to the signature verification method corresponding to the security tool information and the original signature text cached locally, and obtain a verification result.
从上述描述可知,本申请实施例提供的计算机程序产品,通过后端服务器根据用户前端发送的签名生成请求生成签名原本并本地缓存,由此在用户前端完成签名加密后,后端服务器可以根据本地缓存的签名原文对签名密文进行签名验证,得到验证结果,由此能够准确、便捷得实现跨业务领域的金融交易验证。It can be seen from the above description that the computer program product provided by the embodiment of the present application uses the backend server to generate the original signature and cache it locally according to the signature generation request sent by the user frontend. The cached signature original text performs signature verification on the signed cipher text, and the verification result is obtained, so that the verification of financial transactions across business fields can be accurately and conveniently realized.
本领域内的技术人员应明白,本发明的实施例可提供为方法、装置、或计算机程序产品。因此,本发明可采用完全硬件实施例、完全软件实施例、或结合软件和硬件方面的实施例的形式。而且,本发明可采用在一个或多个其中包含有计算机可用程序代码的计算机可用存储介质(包括但不限于磁盘存储器、CD-ROM、光学存储器等)上实施的计算机程序产品的形式。Those skilled in the art should understand that the embodiments of the present invention may be provided as methods, apparatuses, or computer program products. Accordingly, the present invention can take the form of an entirely hardware embodiment, an entirely software embodiment, or an embodiment combining software and hardware aspects. Furthermore, the present invention may take the form of a computer program product embodied on one or more computer-usable storage media (including but not limited to disk storage, CD-ROM, optical storage, etc.) having computer-usable program code embodied therein.
本发明是参照根据本发明实施例的方法、设备(装置)、和计算机程序产品的流程图和/或方框图来描述的。应理解可由计算机程序指令实现流程图和/或方框图中的每一流程和/或方框、以及流程图和/或方框图中的流程和/或方框的结合。可提供这些计算机程序指令到通用计算机、专用计算机、嵌入式处理机或其他可编程数据处理设备的处理器以产生一个机器,使得通过计算机或其他可编程数据处理设备的处理器执行的指令产生用于实现在流程图一个流程或多个流程和/或方框图一个方框或多个方框中指定的功能的装置。The present invention is described with reference to flowchart illustrations and/or block diagrams of methods, apparatus (apparatus), and computer program products according to embodiments of the invention. It should be understood that each procedure and/or block in the flowchart and/or block diagram, and a combination of procedures and/or blocks in the flowchart and/or block diagram can be realized by computer program instructions. These computer program instructions may be provided to a general purpose computer, special purpose computer, embedded processor, or processor of other programmable data processing equipment to produce a machine such that the instructions executed by the processor of the computer or other programmable data processing equipment produce a An apparatus for realizing the functions specified in one or more procedures of the flowchart and/or one or more blocks of the block diagram.
这些计算机程序指令也可存储在能引导计算机或其他可编程数据处理设备以特定方式工作的计算机可读存储器中,使得存储在该计算机可读存储器中的指令产生包括指令装置的制造品,该指令装置实现在流程图一个流程或多个流程和/或方框图一个方框或多个方框中指定的功能。These computer program instructions may also be stored in a computer-readable memory capable of directing a computer or other programmable data processing apparatus to operate in a specific manner, such that the instructions stored in the computer-readable memory produce an article of manufacture comprising instruction means, the instructions The device realizes the function specified in one or more procedures of the flowchart and/or one or more blocks of the block diagram.
这些计算机程序指令也可装载到计算机或其他可编程数据处理设备上,使得在计算机或其他可编程设备上执行一系列操作步骤以产生计算机实现的处理,从而在计算机或其他可编程设备上执行的指令提供用于实现在流程图一个流程或多个流程和/或方框图一个方框或多个方框中指定的功能的步骤。These computer program instructions can also be loaded onto a computer or other programmable data processing device, causing a series of operational steps to be performed on the computer or other programmable device to produce a computer-implemented process, thereby The instructions provide steps for implementing the functions specified in the flow chart or blocks of the flowchart and/or the block or blocks of the block diagrams.
本发明中应用了具体实施例对本发明的原理及实施方式进行了阐述,以上实施例的说明只是用于帮助理解本发明的方法及其核心思想;同时,对于本领域的一般技术人员,依据本发明的思想,在具体实施方式及应用范围上均会有改变之处,综上所述,本说明书内容不应理解为对本发明的限制。In the present invention, specific examples have been applied to explain the principles and implementation methods of the present invention, and the descriptions of the above examples are only used to help understand the method of the present invention and its core idea; meanwhile, for those of ordinary skill in the art, according to this The idea of the invention will have changes in the specific implementation and scope of application. To sum up, the contents of this specification should not be construed as limiting the present invention.
Claims (16)
Translated fromChinesePriority Applications (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN202210723257.4ACN115271716A (en) | 2022-06-24 | 2022-06-24 | Cross-domain financial transaction verification method, device and system |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN202210723257.4ACN115271716A (en) | 2022-06-24 | 2022-06-24 | Cross-domain financial transaction verification method, device and system |
Publications (1)
| Publication Number | Publication Date |
|---|---|
| CN115271716Atrue CN115271716A (en) | 2022-11-01 |
Family
ID=83760546
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN202210723257.4APendingCN115271716A (en) | 2022-06-24 | 2022-06-24 | Cross-domain financial transaction verification method, device and system |
Country Status (1)
| Country | Link |
|---|---|
| CN (1) | CN115271716A (en) |
Citations (5)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| KR101462040B1 (en)* | 2014-05-20 | 2014-11-19 | 주식회사 에스비엠 | Method for generating text raw data on financial transaction |
| CN110519062A (en)* | 2019-09-19 | 2019-11-29 | 腾讯科技(深圳)有限公司 | Identity identifying method, Verification System and storage medium based on block chain |
| CN110519309A (en)* | 2019-10-15 | 2019-11-29 | 中国建设银行股份有限公司 | Data transmission method, device, terminal, server and storage medium |
| CN112865981A (en)* | 2021-02-02 | 2021-05-28 | 中国工商银行股份有限公司 | Token obtaining and verifying method and device |
| CN113743939A (en)* | 2021-09-16 | 2021-12-03 | 中国银行股份有限公司 | Identity authentication method, device and system based on block chain |
- 2022
- 2022-06-24CNCN202210723257.4Apatent/CN115271716A/enactivePending
Patent Citations (5)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| KR101462040B1 (en)* | 2014-05-20 | 2014-11-19 | 주식회사 에스비엠 | Method for generating text raw data on financial transaction |
| CN110519062A (en)* | 2019-09-19 | 2019-11-29 | 腾讯科技(深圳)有限公司 | Identity identifying method, Verification System and storage medium based on block chain |
| CN110519309A (en)* | 2019-10-15 | 2019-11-29 | 中国建设银行股份有限公司 | Data transmission method, device, terminal, server and storage medium |
| CN112865981A (en)* | 2021-02-02 | 2021-05-28 | 中国工商银行股份有限公司 | Token obtaining and verifying method and device |
| CN113743939A (en)* | 2021-09-16 | 2021-12-03 | 中国银行股份有限公司 | Identity authentication method, device and system based on block chain |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| CN111031058A (en) | Websocket-based distributed server cluster interaction method and device | |
| CN112163946A (en) | Accounting processing method and device based on distributed transaction system | |
| CN111464295B (en) | Bank card making method and device | |
| CN113242134B (en) | Digital certificate signing method, device, system and storage medium | |
| CN111931835A (en) | Image identification method, device and system | |
| CN110070357B (en) | Data processing method, device and system | |
| CN114519581B (en) | Multi-party payment code intercommunication method and system | |
| CN113434423B (en) | Interface testing method and device | |
| CN112689012A (en) | Cross-network proxy communication method and device | |
| CN111445331A (en) | Transaction matching method and device | |
| CN113704580A (en) | Information security interaction method and device | |
| CN113438083B (en) | Signature adding and checking method and device based on interface automatic test | |
| CN111666590A (en) | Distributed file secure transmission method, device and system | |
| CN115801279B (en) | File secure transmission method and device | |
| CN111147358A (en) | Security authentication method and device based on instant messaging software | |
| CN111932178A (en) | Method, device, server and system for processing product logistics information | |
| CN115099930A (en) | Financial business data processing method and device | |
| CN115271716A (en) | Cross-domain financial transaction verification method, device and system | |
| CN113538129B (en) | Cross-organization privacy query request method and device | |
| CN114880229A (en) | Batch file testing method and device | |
| CN116384991A (en) | Transfer payment method, device, equipment, medium and product | |
| CN115880067A (en) | Transaction abnormal data processing method and device | |
| CN107613496A (en) | Row number method, system and certificate server | |
| CN114637587A (en) | Task batch processing method and device under cluster architecture deployment | |
| CN112837063A (en) | Block chain-based electronic receipt storage method and device |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| PB01 | Publication | ||
| PB01 | Publication | ||
| SE01 | Entry into force of request for substantive examination | ||
| SE01 | Entry into force of request for substantive examination |