CN1322334A

Movatterモバイル変換

Info

Publication number: CN1322334A
Application number: CN98814026A
Authority: CN
Inventors: 谢浩强
Original assignee: Individual
Current assignee: Individual
Priority date: 1997-05-14
Filing date: 1998-05-12
Publication date: 2001-11-14
Also published as: WO1998054943A3; EP1147497A2; WO1998054943A2; WO1998054943A8; HK1041962A1

Abstract

Translated fromChinese

一种寻呼机,用于接收交易信息和与一种一次性、不可预测的代码有预定联系的信息;同时可用于将信息和代码展示给用户。用户在检查证明交易信息正确后,将代码直接或通过寻呼机发送给控制中心。

A pager is used to receive transaction information and information that is pre-associated with a one-time, unpredictable code; it can also be used to display the information and code to the user. After checking that the transaction information is correct, the user sends the code directly or through the pager to the control center.

Description

Translated fromChinese

通用电子交易系统及其方法General Electronic Trading System and Method

发明领域field of invention

本发明涉及电子交易系统，特别是具有高度便携性和灵活性的电子货币交易系统，允许用户实现任何类型或任何用途的交易。The invention relates to an electronic transaction system, especially an electronic currency transaction system with high portability and flexibility, allowing users to realize transactions of any type or purpose.

发明背景Background of the invention

当前，电子货币交易系统用于如饭店、商店等服务/产品供应商来收取付款是普遍存在的。在这种传统的系统中，IC信用卡被认为是实现交易的一种相对安全的方法，而尽管如此，它仍存在这样一个问题，即缺乏提供待授权交易的可靠性信息的能力，所以，被授权的交易是否确实为持卡人本人的意愿并没有保障。Currently, it is ubiquitous for electronic money transaction systems to be used by service/product providers such as restaurants, shops, etc. to collect payments. In this traditional system, IC credit card is considered to be a relatively safe method to realize transactions, but nevertheless, it still has such a problem that it lacks the ability to provide reliable information of transactions to be authorized, so it is regarded as There is no guarantee that the authorized transaction is actually the cardholder's own will.

在这样的一个传统系统中，必须在服务/产品供应商处放置终端，为IC卡提供接口，与远程的中央计算机连接，并通过建立通信连接负责对IC卡进行身份认证。应该注意的是，对这一通信连接的安全性要求不如对IC卡与中央计算机间的通信连接要求高，因为当执行身份认证过程时，中央计算机会生成一随机数并通过通信连接发送到IC卡，IC卡对此随机数加密，并通过通信连接将加密结果返回给中央计算机。如果加密结果正确，中央计算机允许交易。如果在IC卡和中央计算机间采取安全的通信，这只意味着该随机数会被多加密一次，这是不必要的；即使需要，也应该由IC卡或在IC卡内部完成。In such a traditional system, it is necessary to place a terminal at the service/product supplier, provide an interface for the IC card, connect with a remote central computer, and be responsible for identity authentication of the IC card by establishing a communication connection. It should be noted that the security requirements for this communication connection are not as high as those for the communication connection between the IC card and the central computer, because when the identity authentication process is performed, the central computer will generate a random number and send it to the IC card through the communication connection. card, the IC card encrypts this random number, and returns the encrypted result to the central computer through a communication connection. If the encryption turns out to be correct, the central computer allows the transaction. If safe communication is adopted between the IC card and the central computer, this only means that the random number will be encrypted once more, which is unnecessary; even if it is needed, it should be completed by the IC card or inside the IC card.

然而，通信连接必须是安全的以确保送往中央计算机的交易信息不会被截取和修改。进一步的，终端还应该带有安全装置，从而通过例如显示器等途径为持卡人提供可靠的交易信息，特别是，交易的数量。这些都增加了系统的成本，还带来了其它问题…However, the communication link must be secure to ensure that transaction information sent to the central computer cannot be intercepted and modified. Further, the terminal should also be equipped with a security device, so as to provide the cardholder with reliable transaction information, especially the quantity of the transaction, through channels such as a display. These all increase the cost of the system, but also bring other problems...

为了避免例如服务/产品供应商的出纳员或者供应商本人使用伪造的卡，IC卡持卡人必须非常接近终端以监控出纳员处理交易过程，而更令人满意的是，由他本人来将卡插入终端和从终端取出卡。In order to avoid, for example, a cashier of a service/product supplier or the supplier himself from using a counterfeit card, the IC card holder must be very close to the terminal to monitor the cashier's processing of the transaction and, more satisfactorily, himself The card is inserted into the terminal and the card is removed from the terminal.

在不存在这样一个终端的情况下，IC卡就失去作用了，或者如果终端的位置离持卡人接受服务或产品处很远，可能需要持卡人步行相当长的一段距离，这可能发生在有着上千平方英尺面积的商店或饭店中。In the absence of such a terminal, the IC card becomes useless, or if the location of the terminal is far from where the cardholder receives the service or product, it may require the cardholder to walk a considerable distance, which may occur in In a store or restaurant with an area of thousands of square feet.

在为停车或加油支付费用时，可能需要持卡人走出他的汽车。When paying for parking or gas, the cardholder may be required to step out of his car.

最后，IC卡不能用于互联网环境下的购买。Finally, IC cards cannot be used for purchases under the Internet environment.

发明目的：Purpose of the invention:

由此，本发明的一个目的是为用户而不是为服务/产品供应商提供一种装置，用于直接向用户传送待授权交易的可靠信息，而且使用户可以授权该交易；并提供其方法。Accordingly, it is an object of the present invention to provide a means for the user, rather than the service/product provider, for transmitting reliable information of a transaction to be authorized directly to the user and enabling the user to authorize the transaction; and to provide a method thereof.

本发明的另一目的是为用户而不是为服务/产品供应商提供一种装置，使得在一种廉价的、无保护的通信连接，例如任何现有的通用通信网络系统，如电话、互联网电脑等的协助下可以完成交易，无需为上述的安全问题作相应修改；并提供其方法。Another object of the present invention is to provide a means for the user rather than the service/product provider to enable communication over an inexpensive, unprotected communication connection such as any existing general communication network system such as telephone, Internet computer With the assistance of etc., the transaction can be completed without corresponding modification for the above-mentioned security issues; and its method is provided.

本发明进一步的目标是，提供一种通用的电子交易系统，低成本，安全，不限定于任何特定用途；并提供其方法。发明简述The further object of the present invention is to provide a general electronic transaction system, which is low-cost, safe and not limited to any specific purpose; and a method thereof. Brief description of the invention

根据本发明的一种实施方案，配备一个寻呼机用于接收可表示例如用户帐户上待授权的交易，以及表示用于让用户来授权此次交易的一次性的、不可预测的代码的的寻呼信号。寻呼机的使用者，查看包括交易数量、收款人身份等交易信息正确后，将一次性、不可预测的代码发送或交给收款人，收款人将这一代码传送给银行以对此次交易进行授权。According to one embodiment of the invention, a pager is provided for receiving a page which may indicate, for example, a transaction pending authorization on a user's account and a one-time, unpredictable code for the user to authorize the transaction Signal. The user of the pager, after checking that the transaction information including the transaction quantity and the identity of the payee is correct, will send or hand over a one-time, unpredictable code to the payee, and the payee will transmit this code to the bank for verification of this time. The transaction is authorized.

根据本发明的另一实施方案，配备一个带有IC卡接收端口的寻呼机，用于接收外部的传统IC信用卡。寻呼机用于接收表示待授权交易信息和表示一随机数的寻呼信号。IC卡用于按照指定加密算法将随机数转换成一个一次性的、不可预测的代码，以便用户用于授权此次交易。According to another embodiment of the present invention, a pager having an IC card receiving port for receiving an external conventional IC credit card is provided. The pager is used to receive a paging signal representing transaction information to be authorized and a random number. The IC card is used to convert the random number into a one-time, unpredictable code according to the specified encryption algorithm, so that the user can use it to authorize the transaction.

附图简述Brief description of the drawings

图1是根据第一种实施方案的当前寻呼接收机的方框图。Fig. 1 is a block diagram of a current paging receiver according to a first embodiment.

图2是当前授权过程的一个方法的流程图。Figure 2 is a flowchart of one method of the current authorization process.

优选实施方案详述DETAILED DESCRIPTION OF THE PREFERRED EMBODIMENT

参考图1，示出了根据本发明第一种实施方案的寻呼接收机1的方框图，其中包括：Referring to FIG. 1, there is shown a block diagram of a paging receiver 1 according to a first embodiment of the present invention, including:

1)接收机电路23，用于接收寻呼信号，包含表示电子货币交易信息的信号(以下称为E信号)；1) Receivercircuit 23, used to receive paging signals, including signals representing electronic money transaction information (hereinafter referred to as E signals);

2)地址比较器2 5，用于确定接收到的信号是否为指定给寻呼接收机1，有可能包含多个对应不同信号类型的接收地址；2)Address comparator 25, used to determine whether the received signal is assigned to the paging receiver 1, may include a plurality of receiving addresses corresponding to different signal types;

3)CPU21，在地址比较器2 5确定寻呼信号确实是指定给接收机1后，用于接收信息；3) CPU21, after theaddress comparator 25 determines that the paging signal is indeed assigned to the receiver 1, it is used to receive information;

4)信息存储器28，用于存放所接收到的指定给寻呼接收机1的信号所带信息；4)Information memory 28, used to store the information carried by the received signal assigned to the paging receiver 1;

5)显示器34，用于显示接收到的信息；5)Display 34, for displaying the received information;

6)加密算法存储器27，包含用于转换至少部分E信号的加密算法，其中的细节将在稍后描述；6)Encryption algorithm memory 27, which contains an encryption algorithm for converting at least part of the E signal, the details of which will be described later;

7)扬声器33和发光二极管31，分别用来向用户提供声音和发光信号，以指示接受到了指定给寻呼接收机1的寻呼信号。7) Theloudspeaker 33 and thelight emitting diode 31 are respectively used to provide sound and light signals to the user to indicate that the paging signal assigned to the paging receiver 1 has been received.

在实际操作中，寻呼接收机1会收到从基于同一寻呼机的广播系统的一个基站发出的如何寻呼信号。这样一个寻呼信号包含4个域，称为：1)地址域，包含指定接收该信号的寻呼接收机的地址；2)类型域，用于表示该信号是否为E信号；3)信息域，用于容纳将要显示给用户的信息；4)信号数字标识，用于向指定的寻呼接收机表明，为保证能够被指定寻呼接收机接收到而被基站广播不止一次的信号是同样的信号，这样，指定的寻呼接收机会忽略已成功接收到的同样的信号，就不会不必要地报告用户了。接收电路23，在放大输入储户信号后，将信号送入地址比较器25，比较该信号的地址域与其中存储的一个或多个地址，如果有一致的，地址比较器会将信号其余的部分馈送给CPU21，否则，信号的其余部分会被忽略。In actual operation, the paging receiver 1 receives a paging signal from a base station of the same pager-based broadcasting system. Such a paging signal contains 4 fields, called: 1) address field, which contains the address of the paging receiver specifying to receive the signal; 2) type field, which is used to indicate whether the signal is an E signal; 3) information field , used to accommodate the information to be displayed to the user; 4) signal digital identification, used to indicate to the designated paging receiver that the signal broadcast more than once by the base station to ensure that it can be received by the designated paging receiver is the same signal, so that the designated paging receiver ignores the same signal that has been successfully received, and the user is not unnecessarily reported. Thereceiving circuit 23, after amplifying the input depositor signal, sends the signal to theaddress comparator 25, compares the address field of the signal with one or more addresses stored therein, and if there is a match, the address comparator will compare the remaining part of the signal Feed to CPU21, otherwise, the rest of the signal is ignored.

根据第一种实施方案，当前寻呼接收机是用于对交易进行授权的。参见图2，示出了用于授权过程的一个方法的流程图。如图2所示，当授权过程发生，互联网计算机接收到用户的帐户号。更好的是，这台互联网计算机其中带有读卡器，从而通过例如读取用户的磁卡或IC卡等得到用户帐户号，否则用户的帐户号必须通过键盘用手输入。然后，互联网计算机将帐户号连同交易信息通过通信连接，在此是互联网，发送到中央计算机，交易信息可能由收款人/付款人通过键盘输入计算机，其中可能包含例如收款人的身份、交易数量、付款用途，例如是为一特定产品或服务或类似的所支付的定金还是全额付款，涉及的产品和服务的性质等。响应上述步骤，中央计算机生成一个随机数，在其存储器中查找对应该接收的用户帐户号的用户身份，然后将找到的用户身份、收到的交易信息连同随机数一起提供给上面提到的基站。According to a first embodiment, the current paging receiver is used to authorize the transaction. Referring to Figure 2, a flowchart of one method for the authorization process is shown. As shown in Figure 2, when the authorization process takes place, the Internet computer receives the user's account number. Even better, the Internet computer has a card reader, so as to obtain the user account number by reading the user's magnetic card or IC card, otherwise the user's account number must be manually input through the keyboard. The Internet computer then communicates the account number along with transaction information, in this case the Internet, to the central computer, which may be keyed into the computer by the payee/payer, which may include, for example, the identity of the payee, the transaction Quantity, purpose of payment, e.g. whether it is a deposit or full payment for a specific product or service or the like, nature of the products and services involved, etc. In response to the above steps, the central computer generates a random number, looks up the user identity corresponding to the received user account number in its memory, and then provides the found user identity, the received transaction information together with the random number to the above-mentioned base station .

基站根据所收到的用户身份，在其地址存储器中查找寻呼接收机的地址，按上述格式生成寻呼E信号，其中的信息域中放置交易信息和随机数，并广播该信号。The base station looks up the address of the paging receiver in its address memory according to the received user identity, generates a paging E signal according to the above format, places transaction information and random numbers in the information field, and broadcasts the signal.

寻呼接收机1，在收到信号后，将其中的随机数用该用户特定的存于其加密算法存储器27中的算法进行转换，其结果被用作一次性的、不可预测的代码用于授权此次交易。然后，报告用户，并向用户显示交易信息和该代码。用户在看到交易信息正确后，将在显示器34上看到的代码输入互联网计算机的键盘，再将其送到中央计算机。Paging receiver 1, after receiving the signal, converts the random number therein with the user-specific algorithm stored in itsencryption algorithm memory 27, and the result is used as a one-time, unpredictable code for authorize this transaction. Then, report the user and display the transaction information and the code to the user. After seeing that the transaction information is correct, the user will input the code seen on thedisplay 34 into the keyboard of the Internet computer, and then send it to the central computer.

响应上述步骤，中央计算机在其加密算法存储器中查找对应于该用户身份的加密算法，并用找到的加密算法转换它先前生成的随机数，并将结果与接收到的一次性的、不可预测的代码进行比较，如果比较结果一致，认为交易是被授权的。In response to the above steps, the central computer looks up the encryption algorithm corresponding to the user's identity in its encryption algorithm memory, and converts the random number it previously generated with the encryption algorithm found, and compares the result with the received one-time, unpredictable code Make a comparison, and if the comparison results are consistent, the transaction is considered to be authorized.

应该注意到，在寻呼接收机1中和在中央计算机中的加密过程可被省略，以简化授权过程，而同时，它还可以提供能接受的安全程度。这是可能的，因为，尽管理论上寻呼信号可以被任何人接收，实际上，除非知道寻呼接收机1的地址其他人并不真正能够收到，因为当今，在同一时刻可能出现数以千计的可接收的相似信号。It should be noted that the encryption process in the paging receiver 1 and in the central computer can be omitted to simplify the authorization process, while at the same time it can provide an acceptable degree of security. This is possible because, although the paging signal can be received by anyone in theory, in fact, unless the address of the paging receiver 1 is known, other people cannot really receive it, because nowadays, there may be several paging signals at the same time. Thousands of receivable similar signals.

在另一方面，为加强安全性，可在寻呼接收机上包含一个数字按键键盘用于CPU21接收密码，没有该密码，CPU21将不执行加密过程。或者，也会令人满意的是，一旦输入密码，CPU会在其后一段预定的时间内在接收到的E信号的随机数上执行加密过程，或者在任何E信号的随机数上执行加密过程，直到被授权的交易总数超过一预定的值，这样用户不必在每个交易过程发生时都输入密码。On the other hand, for enhanced security, a numeric keypad may be included on the paging receiver for theCPU 21 to receive a code without which theCPU 21 will not perform the encryption process. Alternatively, it may also be desirable that once the password is entered, the CPU executes an encryption process on the random number of the received E-signal, or on any random number of the E-signal, within a predetermined period of time thereafter, Until the total number of authorized transactions exceeds a predetermined value, the user does not have to enter the password every time the transaction process occurs.

进一步地，E信号可被修改为2个单独的信号：1)E1信号，类似于上述的E信号，除了它包含交易信息但其中不包含随机数；2)随机数信号，放置被伪装成普通电话号码的随机数。而且，地址比较器25会包含一个特殊地址，被指定用于接收随机数信号。在随机数信号中，没有类型域来指示CPU21这是E信号一部分的，或者其中的类型域表示它不是E信号，而当地址比较器25探测到接收的信号地址域中包含与特定地址匹配的地址时，即，随机数信号，将用特定的方式中断CPU，从而告知CPU21这一情况。Further, the E signal can be modified into 2 separate signals: 1) the E1 signal, which is similar to the E signal above, except that it contains transaction information but does not contain a random number; 2) the random number signal, which is placed as a normal A random number for the phone number. Furthermore, theaddress comparator 25 will contain a special address designated for receiving the random number signal. In the random number signal, there is no type field to indicate that theCPU 21 is part of the E signal, or the type field therein represents that it is not an E signal, and when theaddress comparator 25 detects that the received signal address field contains The address, that is, the random number signal, will interrupt the CPU in a specific way, thereby notifying theCPU 21 of this situation.

应该注意的是，这里特定的地址对不同的当前寻呼接收机是不同的。It should be noted that the specific address here is different for different current paging receivers.

根据本发明的另一实施方案，配备一个其中带有IC卡接收端口的寻呼机，用于接收外部的传统IC信用卡。类似于第一种实施方案，寻呼机同样用于接收包含在用户银行帐户等上待授权交易信息的寻呼E信号以及一随机数，不过在这种情况下，寻呼机中CPU21不再在该随机数执行加密过程，而是将它提供给在接收端口中的外部IC卡。这一IC卡，在接收到随机数后，按照卡中的加密算法进行转换，转换结果被用作上述的一次性的、不可预测的代码，被传送给CPU21，它会使这一代码连同接收到的交易信息，一起显示在显示器34上。According to another embodiment of the present invention, a pager having an IC card receiving port therein for receiving an external conventional IC credit card is provided. Similar to the first embodiment, the pager is also used to receive the paging E signal and a random number containing the transaction information to be authorized on the user's bank account, etc., but in this case, theCPU 21 is no longer in the pager. The encryption process is performed, but it is provided to the external IC card in the receiving port. This IC card, after receiving the random number, converts according to the encryption algorithm in the card, and the conversion result is used as the above-mentioned one-time, unpredictable code, which is sent to CPU21, and it will make this code together with the received The transaction information obtained is displayed on thedisplay 34 together.

应该注意的是，由于用户基于他的寻呼机上收到的交易信息来实行一次交易，所以对于服务/产品供应商，不再需要安装前面提到的安全终端。当然，现有的一般用途的通信网络系统可以用于传送交易信息以及用于向中央计算机授权交易的一次性的、不可预测的代码，而中央计算机可以是被公共访问的。It should be noted that since the user performs a transaction based on the transaction information received on his pager, it is no longer necessary for the service/product provider to install the aforementioned security terminal. Of course, existing general purpose communication network systems could be used to communicate the transaction information and the one-time, unpredictable code used to authorize the transaction to the central computer, which could be publicly accessible.

如果只传送付款人和收款人的帐户号以及所要求的交易数量，那么使用电话机上的触摸音频按钮就足够了。If only the payer's and payee's account numbers and the requested transaction amount are transmitted, then using a touch tone button on the telephone is sufficient.

如果要求更详细的交易信息，例如交易的目的如，要购买一辆奔驰，#380s型，序列号#1234或者甚至个人贷款等，则交易的信息可能被传送给银行的操作员，负责通过键盘将交易信息的数据输入。在这种情形下，最好不过的是付款人和收款人分别拥有一台自己的寻呼机以接收交易信息和用于他们分别授权此次交易的不同的一次性、不可预测的代码，这样在数据输入万一出现错误时可以避免任何一方的损失。If more detailed transaction information is requested, e.g. the purpose of the transaction is to purchase a Mercedes Benz, model #380s, serial number #1234 or even a personal loan, etc., then the information of the transaction may be transmitted to the operator of the bank, responsible for the keypad Enter data for transaction information. In this case, it is best that the payer and payee each have their own pager to receive the transaction information and a different one-time, unpredictable code for each of them to authorize the transaction, so that In the event of data entry errors, losses to either party can be avoided.

应该注意的是，以上的实施方案只是通过举例的方式给出的，而对本领域的普通技术人员是显而易见的是，可以在不偏离本发明思想的同时作出各种各样的变化和修改。It should be noted that the above embodiments are given by way of example only, and it is obvious to those skilled in the art that various changes and modifications can be made without departing from the idea of the present invention.

例如，交易信息可以在传送给寻呼机前由中央计算机进行加密。这可以消除寻呼机在接收E信号时被极强的干扰信号干扰从而寻呼机被另一含有相同的随机数但交易信息错误的假E信号愚弄的可能。For example, transaction information can be encrypted by the central computer before being transmitted to the pager. This can eliminate the possibility that the pager is interfered by a very strong interference signal when receiving the E signal, and the pager is fooled by another fake E signal containing the same random number but wrong transaction information.