CN1677409A - A method and system for transmitting transaction information through a mobile network - Google Patents
A method and system for transmitting transaction information through a mobile networkDownload PDFInfo
- Publication number
- CN1677409A CN1677409ACN 200410031672CN200410031672ACN1677409ACN 1677409 ACN1677409 ACN 1677409ACN 200410031672CN200410031672CN 200410031672CN 200410031672 ACN200410031672 ACN 200410031672ACN 1677409 ACN1677409 ACN 1677409A
- Authority
- CN
- China
- Prior art keywords
- transaction information
- financial
- key
- information
- transaction
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Pending
Links
Images
Landscapes
- Financial Or Insurance-Related Operations Such As Payment And Settlement (AREA)
Abstract
Description
Technical field
The present invention relates to the transaction payment business field, relate to a kind of method and system of transmitting Transaction Information by the mobile network or rather.
Background technology
In the past, the user paid down every transaction, and this requires the user to carry enough cashes when transaction.If carry short of cashly, just can't conclude the business.If the turnover of a certain transaction is bigger, then the user must carry a large amount of cashes, and obviously, buckets of cash is not easy to the user and carries, and if cash lose, then can cause very big loss to the user.In addition, because coin circulates in various occasions, be very easy to carry various bacteriums, the user tends to touch a lot of bacteriums because of contacting cash continually, is unfavorable for that the user's is healthy.
Along with the continuous development of financial industry, bank provides some non-cash transaction methods for the user.Use to such an extent that be exactly the business of swiping the card the most widely at present.The service needed terminal of swiping the card cooperates owing to swipe the card, and the terminal of swiping the card must be connected to bank, and therefore, the professional application scenario of swiping the card is limited.In addition, the service needed of swiping the card user carries bank card, that is to say, the user who only carries this bank card just can carry out bankcard consumption, this is for the more family of member, can both bankcard consumption for guaranteeing each member, then need to apply for a bank card for each member.If user's bank card is lost, then must go to the issuing bank of this bank card to handle the business of reporting the loss, and make up or apply for again a bank card, very trouble.And bank card has certain manufacturing cost, and bank makes bank card to drop into more fund, and the waste that this has caused bank capital has to a certain extent increased the operating cost of bank.
In view of the professional many restrictions of swiping the card, and the popularity rate of portable terminal is more and more higher, and industry has proposed to be undertaken by portable terminal the method for transaction payment at present.Specifically, when concluding the business, at first need the information relevant with transaction is sent to financial sector by portable terminal; Financial sector requires it to confirm the information of current transaction to user's transmission to relevant treatment such as the information of receiving write down again; The user then returns the affirmation information of confirming current transaction by portable terminal.
Obviously, it is very convenient to conclude the business by portable terminal, but because mobile payment relates to the financial field in account with, the security of network trading is had higher requirement.And present mobile network's security also is not very high, and therefore based on prior mobile network, mobile payment can only be confined to the transaction of some small amounts, and this has limited to the trading range of concluding the business by portable terminal greatly.
Summary of the invention
In view of this, fundamental purpose of the present invention is to provide a kind of and transmits the method for Transaction Information by the mobile network, with the security of guaranteeing that the user concludes the business by the mobile network.
Another object of the present invention is to provide a kind of system that transmits Transaction Information by the mobile network.
A kind of method of transmitting Transaction Information by the mobile network of the present invention, the portable terminal and the financial sector that transmit both sides as Transaction Information send and receive move transaction information by the mobile network, be provided for encryption and comprise the financial module of financial key at the transmit leg of move transaction information, be provided for decryption processing and comprise the financial module of financial key the take over party of move transaction information, this method may further comprise the steps:
A. the transmit leg of move transaction information carries out encryption by financial module to the Transaction Information in the current transaction related information that needs to send, and the transaction related information after will handling sends to the take over party of move transaction information;
B. the take over party of move transaction information is decrypted processing by financial module to the Transaction Information in the transaction related information that receives, and obtains the Transaction Information after the deciphering.
This method may further include: move transaction information sender and take over party's financial module generates communication key according to financial key respectively;
Among the step a, the transmit leg of described move transaction information carries out encryption by financial module to the Transaction Information that sends and is: the move transaction information sender is encrypted Transaction Information according to communication key;
Among the step b, the take over party of described move transaction information is decrypted the Transaction Information that receives by financial module and is treated to: the move transaction information sender is decrypted Transaction Information according to communication key.
Described financial module generates communication key according to financial key: generate communication key according to financial key and random number.
This method may further include: the transmit leg of move transaction information and take over party's financial module generate signature key according to financial key respectively;
Among the step a, the transmit leg of described move transaction information carries out encryption by financial module to the Transaction Information that sends and is: the transmit leg of move transaction information generates signature according to signature key for this Transaction Information; The take over party that transaction related information after described will the processing sends to move transaction information is: will sign and send to the take over party of Transaction Information with Transaction Information together by transaction related information;
Among the step b, the take over party of described move transaction information is decrypted to handle to the Transaction Information that receives by financial module and comprises: the take over party of move transaction information generates signature according to signature key for this Transaction Information, whether the signature that relatively carries in this signature and the transaction related information of receiving is consistent afterwards, if, determine that then current information is correct, the step of the Transaction Information after the deciphering is obtained in execution afterwards; Otherwise, determine that current information is incorrect, and finish to work as pre-treatment.
Described financial module generates signature key by financial key: generate signature key according to financial key and random number.
Described Transaction Information is: all information in the transaction related information except that signing messages.
Described random number is produced by a side who transmits move transaction information, and this random number is sent to the opposing party; Described this random number is sent to the opposing party is independent transmission, also can be to transmit together with other Transaction Information.
Described random number produces when each transaction, or is produced by the transmit leg of Transaction Information when sending Transaction Information at every turn, or by a side who transmits move transaction information generation regularly.
This method can further include: the user totem information corresponding with financial key is set; The corresponding relation that further comprises financial key and user totem information in the described financial sector;
Described financial sector according to financial key Transaction Information is encrypted or decryption processing before, further comprise: financial sector is obtained the mobile terminal user identification information, and obtains corresponding financial key according to this user totem information.
The transmit leg of described move transaction information is a portable terminal; Further comprise in the financial module of described portable terminal: user key;
Then this method may further include: portable terminal is encrypted the key data of self by this user key, preserves afterwards and encrypts the key data that obtains;
Before described portable terminal is encrypted Transaction Information by financial module, further comprise: by user key the key data of self preserving is decrypted processing, the financial module of portable terminal is encrypted Transaction Information by the key data that deciphering obtains afterwards.
Further comprise transaction journal number in the described transaction related information, and transmit the serial number of preserving the last and completed transaction among the both sides of move transaction information;
Among the step b, after the Transaction Information of the take over party of described move transaction information after obtaining deciphering, further comprise: judge that whether the pairing serial number of this Transaction Information is greater than the serial number of self preserving, if, then further handle this Transaction Information, otherwise, this Transaction Information is made invalidation.
Further comprise message SN in the described transaction related information, and preserve the message SN of the last transaction related information among the both sides of transmission move transaction information;
Among the step b, the take over party of described move transaction information is before being decrypted processing by financial module to the Transaction Information in the current transaction related information that needs to send, further comprise: judge that whether the pairing message SN of this transaction related information is greater than the message SN of self preserving, if, then carry out the step that this Transaction Information is decrypted processing, otherwise, this transaction related information is made invalidation, and finishes to work as pre-treatment.
A kind of system that transmits Transaction Information by the mobile network of the present invention, at least comprise portable terminal and the financial sector of transmitting move transaction information in the system, comprise the financial module that is used for encryption and comprises financial key in the transmit leg of move transaction information, the transmit leg of move transaction information carries out encryption by financial module to the Transaction Information in the current transaction related information that needs to send, and the transaction related information after will handling sends to the take over party of move transaction information;
Comprise the financial module that is used for decryption processing and comprises financial key among the take over party of move transaction information, the take over party of move transaction information is decrypted processing by financial module to the Transaction Information in the transaction related information that receives, and obtains the Transaction Information after the deciphering.
The transmit leg of described move transaction information and the financial module among the take over party generate communication key by financial key;
The transmit leg of described move transaction information by financial module to the encryption that Transaction Information carries out is: financial module is carried out encryption by the communication key that generates to Transaction Information;
The take over party of described move transaction information by financial module to the decryption processing that Transaction Information carries out is: financial module is decrypted processing by the communication key that generates to Transaction Information.
The transmit leg of described move transaction information and the financial module among the take over party generate signature key according to financial key;
The transmit leg of described move transaction information by financial module to the encryption that Transaction Information carries out is: the financial module of move transaction information sender generates signature according to signature key for this Transaction Information;
The take over party of described move transaction information by financial module to the decryption processing that Transaction Information carries out is: move transaction receiving party's financial module generates signature according to signature key for this Transaction Information, and relatively whether this signature is consistent with the signature of receiving, the Transaction Information obtain deciphering when signature is consistent after.
The transmit leg of described move transaction information is a portable terminal; Further comprise in the financial module of described portable terminal: user key, described portable terminal is encrypted the key data of self by this user key:
The encryption that described portable terminal is done Transaction Information by financial module comprises: by user key self key data is decrypted processing, financial module is encrypted Transaction Information by the key data that deciphering obtains afterwards.
The present invention program is provided with financial module by the both sides that send and receive in move transaction information such as portable terminal and financial sectors, Transaction Information to the needs transmission carries out the encryption and decryption processing, can solve the safety issue of mobile payment, guaranteed that financial transaction is independent of outside mobile network's the safety, even make under the situation that mobile communication safety is broken, financial transaction safety can not be on the hazard yet, thereby, for the transmission of Transaction Information between financial sector and the customer mobile terminal provides special safety guarantee.By implementing the progress that this method can promote mobile payment service greatly, and can promote to carry out carrying out of block trade business by portable terminal.
The security system that the present invention program provides is independent of mobile network's security system, also be that the E-Security scheme can independently be implemented, the change that has guaranteed the financial transaction security strategy can not have influence on carrying out of existing mobile service, implements thereby help the independent of mobile payment service more.
The present invention program also by increasing financial key identification, makes the user can pass through a plurality of bank accounts of mobile terminal administration.
Description of drawings
Fig. 1 is for transmitting the system architecture synoptic diagram of Transaction Information by the mobile network among the present invention program;
Fig. 2 is the present invention program's realization flow figure.
Embodiment
The present invention program mainly does some settings to the system that transmits Transaction Information by the mobile network, at least comprise portable terminal and financial sector in such system, specifically, be financial module to be set the both sides that move transaction information sends and receives, the transmit leg of move transaction information carries out encryption by financial module to the Transaction Information that will send, and the take over party of move transaction information then is decrypted processing by financial module to the Transaction Information that receives.The system that is provided with financial module as shown in Figure 1.
Reaching specific embodiment below more in conjunction with the accompanying drawings is described in further detail implementation of the present invention.
Referring to Fig. 2, the present invention program can realize by following steps:
The transmit leg of move transaction information and take over party can be financial sectors, also can be portable terminals.Also financial key should be set in the financial module of portable terminal and financial sector.For portable terminal, should determine the user totem information corresponding with financial key, this user totem information can directly not be kept at portable terminal, such as, the mobile terminal number that can this user ID be set to the user, portable terminal is when financial sector transmits transaction related information, and this mobile terminal number is sent to financial sector as call information, and this sign also can be other identification information or the mailing address information of portable terminal.Certainly, this user ID also can be that financial sector is the special finance sign of special of being provided with of this mobile phone users, such as, it is a finance sign that is similar to bank's card number etc., at this moment, can will should the finance sign be kept at portable terminal, portable terminal is when financial sector transmits transaction related information, and this finance sign is sent to financial sector as transaction related information.This finance sign can also directly be an account No..Then preserve the corresponding relation of financial key and user totem information in the financial sector, so that financial sector selects correct financial key that move transaction information is encrypted or decryption processing according to user ID.
In addition, the financial module of financial sector can be arranged on AUC.
The transmit leg ofstep 202, move transaction information is when take over party's transmission comprises the transaction related information of Transaction Information at least, by this financial module wherein Transaction Information is carried out encryption, and the Transaction Information after will encrypting sends to the take over party of move transaction information by transaction related information.
Portable terminal carries out encryption to Transaction Information, is meant that portable terminal encrypts Transaction Information according to financial key by the cryptographic algorithm in the financial module.
It is Transaction Information to be encrypted according to financial key by the cryptographic algorithm in the financial module equally that financial sector is carried out encryption to Transaction Information, different is, financial sector need at first be obtained user totem information, obtains corresponding financial key according to this user totem information again.This user totem information can be informed financial sector by the mobile network as mobile calls information, also can directly inform financial sector by portable terminal or other terminal, and this other-end can be point of sells service terminals such as (POS).If user totem information directly is a customer mobile terminal number etc., then mobile communications network can directly send this customer mobile terminal number to financial sector by call information; Accordingly, if user totem information is bank's card number etc., then generally be to inform financial sector by transaction related information, promptly should comprise the information of bank's card number and so in this transaction related information as user totem information.
In addition, the Transaction Information of portable terminal transmission can be the transaction content information that comprises trading volume relevant informations such as dealing money; Also can be the affirmation information of confirming whether current transaction is carried out.
When the take over party ofstep 203, move transaction information receives the Transaction Information that transmit leg sends, by financial module the Transaction Information of receiving is decrypted processing, to obtain real Transaction Information.
Specifically, the take over party is by financial module as portable terminal, according to the Transaction Information ciphertext in this transaction related information of financial secret key decryption, obtains Transaction Information expressly.The take over party is as financial sector, it is the financial key of determining this user totem information correspondence according to the entrained user totem information of transaction related information that receives, then, obtain Transaction Information expressly according to the Transaction Information ciphertext in this this transaction related information of finance secret key decryption.
By above-mentioned steps, can realize purpose of the present invention.
Certainly, for the both sides that move transaction information is transmitted more perfect to the encryption of Transaction Information, can also be by the transmit leg of Transaction Information, such as financial sector, generate a random number, and this random number sent to the take over party of move transaction information as transaction related information, such as portable terminal.The both sides that Transaction Information transmits are no matter be portable terminal or financial sector, all obtain communication key according to financial key and this random number, like this, the transmit leg of above-mentioned move transaction information is when sending transaction related information, Transaction Information in the transaction related information is encrypted according to financial key by the cryptographic algorithm in the financial module, be actually and at first obtain communication key, and by cryptographic algorithm Transaction Information is encrypted according to this communication key.Correspondingly, the take over party of above-mentioned move transaction information is when receiving Transaction Information, Transaction Information is decrypted according to financial key by the decipherment algorithm in the financial module, is actually and at first obtains this communication key, and by decipherment algorithm Transaction Information is decrypted according to this communication key.
Certainly, in order further to improve the security of network service, can also further produce the signature key that is used to verify Transaction Information integrality and correctness.Specifically, be to generate communication key and signature key according to financial key by the transmit leg of move transaction information, this transmit leg at first carries out encryption according to this communication key to Transaction Information, afterwards again by signature algorithm according to signature key to the processing of signing of the message ciphertext after encrypting.Accordingly, the take over party of move transaction information also generates communication key and signature key according to financial key, like this, the take over party of move transaction information is when receiving transaction related information, at first by signature algorithm according to signature key to the processing of signing of the Transaction Information in the message that receives, obtaining the signature of Transaction Information, and whether more resulting signature is consistent with the signature in receiving transaction related information, thereby judges the correctness and the integrality of Transaction Information.Inconsistent if sign, illustrate that then Transaction Information makes mistakes; If signature is consistent, promptly Transaction Information is correct, and then the take over party is decrypted Transaction Information by decipherment algorithm according to communication key again, thereby obtains Transaction Information expressly.
More than to handle be only at Transaction Information to signature, such as only to dealing money, whether conclude the business, the processing of signing such as trading password.In the middle of the reality, can be at the computing of signing except that the All Activity relevant information of signature the result, such as, not only to dealing money, whether conclude the business, Transaction Information such as trading password is signed computing, if user totem information is a finance sign, then can also be at the computing of also signing of this finance sign, that is, simultaneously to dealing money, whether conclude the business, trading password, user ID are signed processing.
Certainly, also communication key can be set, but a signature key only is set, simplifying processing procedure, but in this case, be the security that guarantees user password information, should transmit the user with signature way and confirm the password of concluding the business.
For generating communication key and signature key, can two random numbers be set by financial sector, and generate communication key and signature key by these two random numbers and financial key respectively.Also can only utilize a random number and financial key, such as, communication key generated with the part in this random number and financial key, with the another part and the financial key generation signature key of this random number.Certainly, also can use different algorithms to use a random number and financial key to generate communication key and signature key simultaneously.
For the random number among the present invention program, no matter be only to be used to produce communication key, still both be used to produce communication key, be used to produce signature key again, can be when sending message at every turn, transmit leg by move transaction information produces, and send to corresponding take over party, also can be once to conclude the business only to produce random number one time, can be side generation random number, and in this transaction related information, carry this random number by the transaction related information that sends for the first time this time transaction, corresponding take over party then preserves this random number, correspondingly, move transaction information sender afterwards just need not be carried this random number again when sending transaction related information.Certainly, this random number also can be produced by any one party that Transaction Information transmits and send to the other side and preserve, and only needs to produce and transmit one time random number to guarantee once transaction.
The random number that relates among the present invention program can also be regular generation, promptly, be not each transaction or all will again produce random number when sending transaction related information at every turn, can be after having produced random number, the both sides that move transaction information transmits preserve this random number respectively, and is set the effective time of this random number, such as a week, or one month, or other random time section.The Transaction Information transmit leg is when sending transaction related information, check at first whether before the deadline this random number, if, then directly use this random number to make relevant treatment, otherwise, oneself produce a random number again, and this random number sent to the take over party, or the request take over party produces a random number again, and send to oneself, then, both sides produce communication key and signature key according to new random number, and use the computing of signing of new signature key, and use new communication key to carry out the encryption and decryption computing.
The plan of establishment based on above-mentioned random number, if random number produces when being each transaction or transmission Transaction Information, then communication key among the present invention program and signature key can be in each transaction or when sending transaction related information at every turn, produce according to financial key and random number.Situation for regular generation random number, communication key and signature key can be in each transaction or when sending transaction related information at every turn, immediately produce according to financial key and random number, also can be after according to this random number and financial key generation communication key and signature key, communication key, signature key and financial key are preserved together, so that in follow-up transaction, use.
But directly preserving these key informations is very unsafe for portable terminal, and the key of preserving in the portable terminal is easy to be stolen.For addressing this problem, can also further produce user key, with this user key key datas such as financial key, communication key and signature key are carried out encryption, and the key data after will encrypting is kept in the portable terminal.Like this, when portable terminal is carried out transaction at needs, at first according to user key decruption key data, to obtain key data such as financial key.Like this, even the pairing loss of data of these keys can not impact user's account safety yet.For portable terminal, this user key can be an encrypted message, also can be the terminal key by this encrypted message control access.
For further guaranteeing the security of key data, can also realize the control visit of key data by hardware encryption circuit, be set to write key such as financial module, and can not read key.The technology that realizes data access control by hardware encryption circuit is very ripe, such as, key etc. is set in SIM card, no longer be described in detail at this.
By above-mentioned setting, though the relevant information of current transaction can not be cracked,, current transaction may be intercepted and captured and repeat mala fide and be sent by other users, to disturb the take over party of Transaction Information.Because signature key is to obtain by computing that the data in the transaction related information are signed, therefore can in transaction related information, be provided for identifying the identification information of current transaction, such as, transaction journal information can be set in Transaction Information, each transaction is at a transaction journal number, and transaction journal number increases progressively according to the order of transaction.Like this, the take over party of current transaction receives Transaction Information, and determine after the signature unanimity, also need number to judge whether current Transaction Information is invalid Transaction Information by transaction journal, the serial number of once concluding the business before if the serial number in the current Transaction Information is less than or equal to, determine that then current Transaction Information is an invalid information, therefore can make invalidation to this transaction.Certainly, portable terminal should be preserved the transaction journal number of last transaction after transaction is finished, and financial sector also should be preserved corresponding to the transaction journal of the last transaction of this portable terminal number.
In order to prevent the repetition message attack, in the middle of the reality, can also solve by the mode that message SN increases progressively.That is, message SN is set in Transaction Information, message of the every transmission of transmit leg just increases a numeral with the sequence number in the message, and the numeral that is increased can be fixed, such as, increase by 1 at every turn; Also can be at random, such as, the random digit from 1 to 100 increased at every turn.Like this, when the take over party of move transaction information before the Transaction Information in the transaction related information that receives is decrypted processing, when determining that at first the entrained sequence number of the current message that receives is less than or equal to the entrained sequence number of message that the last time receives, just think that this message is repetition message, and filter out this message.Certainly, portable terminal and financial sector all should be preserved the sequence number of last message accordingly.
From combination, financial module can be the combination of a data file and program, and wherein, data file is used to preserve financial key etc., and program then realizes the function of encryption and decryption.On structure, financial module can be a chip, has preserved financial key in this chip, and this chip can also have the function of encryption and decryption simultaneously.At this moment, the encryption and decryption processing for Transaction Information is realized by this chip.
Certainly, can use special chip to realize the control visit of key data, and use general application program to realize enciphering and deciphering algorithm.When needs carried out the encryption and decryption processing to Transaction Information, application program was obtained corresponding key data by the cipher key access password, and used this key data that corresponding Transaction Information is carried out encryption and decryption and handle.
Owing to be provided with the corresponding relation of financial key and user totem information in terminal, therefore, the present invention can also be further be provided with a plurality of financial keys and corresponding a plurality of user totem informations in terminal, thereby, can realize the function of a plurality of bank cards of terminal management.
The above only is the present invention program's preferred embodiment, not in order to limit protection scope of the present invention.
Claims (16)
1, a kind of method of transmitting Transaction Information by the mobile network, the portable terminal and the financial sector that transmit both sides as Transaction Information send and receive move transaction information by the mobile network, it is characterized in that, be provided for encryption and comprise the financial module of financial key at the transmit leg of move transaction information, be provided for decryption processing and comprise the financial module of financial key the take over party of move transaction information, this method may further comprise the steps:
A. the transmit leg of move transaction information carries out encryption by financial module to the Transaction Information in the current transaction related information that needs to send, and the transaction related information after will handling sends to the take over party of move transaction information;
B. the take over party of move transaction information is decrypted processing by financial module to the Transaction Information in the transaction related information that receives, and obtains the Transaction Information after the deciphering.
2, method according to claim 1 is characterized in that, this method further comprises: move transaction information sender and take over party's financial module generates communication key according to financial key respectively;
Among the step a, the transmit leg of described move transaction information carries out encryption by financial module to the Transaction Information that sends and is: the move transaction information sender is encrypted Transaction Information according to communication key;
Among the step b, the take over party of described move transaction information is decrypted the Transaction Information that receives by financial module and is treated to: the move transaction information sender is decrypted Transaction Information according to communication key.
3, method according to claim 2 is characterized in that, described financial module generates communication key according to financial key and is: generate communication key according to financial key and random number.
4, method according to claim 1 is characterized in that, this method further comprises: the transmit leg of move transaction information and take over party's financial module generate signature key according to financial key respectively;
Among the step a, the transmit leg of described move transaction information carries out encryption by financial module to the Transaction Information that sends and is: the transmit leg of move transaction information generates signature according to signature key for this Transaction Information; The take over party that transaction related information after described will the processing sends to move transaction information is: will sign and send to the take over party of Transaction Information with Transaction Information together by transaction related information;
Among the step b, the take over party of described move transaction information is decrypted to handle to the Transaction Information that receives by financial module and comprises: the take over party of move transaction information generates signature according to signature key for this Transaction Information, whether the signature that relatively carries in this signature and the transaction related information of receiving is consistent afterwards, if, determine that then current information is correct, the step of the Transaction Information after the deciphering is obtained in execution afterwards; Otherwise, determine that current information is incorrect, and finish to work as pre-treatment.
5, method according to claim 4 is characterized in that, described financial module generates signature key by financial key and is: generate signature key according to financial key and random number.
6, method according to claim 4 is characterized in that, described Transaction Information is: all information in the transaction related information except that signing messages.
According to claim 3 or 5 described methods, it is characterized in that 7, described random number is produced by a side who transmits move transaction information, and this random number is sent to the opposing party; Described this random number is sent to the opposing party is independent transmission, also can be to transmit together with other Transaction Information.
8, method according to claim 7 is characterized in that, described random number produces when each transaction, or is produced by the transmit leg of Transaction Information when sending Transaction Information at every turn, or by a side who transmits move transaction information generation regularly.
9, according to claim 1,2 or 4 described methods, it is characterized in that this method further comprises: the user totem information corresponding with financial key is set; The corresponding relation that further comprises financial key and user totem information in the described financial sector;
Described financial sector according to financial key Transaction Information is encrypted or decryption processing before, further comprise: financial sector is obtained the mobile terminal user identification information, and obtains corresponding financial key according to this user totem information.
According to claim 1,2 or 4 described methods, it is characterized in that 10, the transmit leg of described move transaction information is a portable terminal; Further comprise in the financial module of described portable terminal: user key;
This method further comprises: portable terminal is encrypted the key data of self by this user key, preserves afterwards and encrypts the key data that obtains;
Before described portable terminal is encrypted Transaction Information by financial module, further comprise: by user key the key data of self preserving is decrypted processing, the financial module of portable terminal is encrypted Transaction Information by the key data that deciphering obtains afterwards.
11, method according to claim 1 is characterized in that, further comprises transaction journal number in the described transaction related information, and transmits the serial number of preserving the last and completed transaction among the both sides of move transaction information;
Among the step b, after the Transaction Information of the take over party of described move transaction information after obtaining deciphering, further comprise: judge that whether the pairing serial number of this Transaction Information is greater than the serial number of self preserving, if, then further handle this Transaction Information, otherwise, this Transaction Information is made invalidation.
12, method according to claim 1 is characterized in that, further comprises message SN in the described transaction related information, and preserves the message SN of the last transaction related information among the both sides of transmission move transaction information;
Among the step b, the take over party of described move transaction information is before being decrypted processing by financial module to the Transaction Information in the current transaction related information that needs to send, further comprise: judge that whether the pairing message SN of this transaction related information is greater than the message SN of self preserving, if, then carry out the step that this Transaction Information is decrypted processing, otherwise, this transaction related information is made invalidation, and finishes to work as pre-treatment.
13, a kind ofly transmit the system of Transaction Information, comprise portable terminal and the financial sector of transmitting move transaction information in the system at least, it is characterized in that by the mobile network,
Comprise the financial module that is used for encryption and comprises financial key in the transmit leg of move transaction information, the transmit leg of move transaction information carries out encryption by financial module to the Transaction Information in the current transaction related information that needs to send, and the transaction related information after will handling sends to the take over party of move transaction information;
Comprise the financial module that is used for decryption processing and comprises financial key among the take over party of move transaction information, the take over party of move transaction information is decrypted processing by financial module to the Transaction Information in the transaction related information that receives, and obtains the Transaction Information after the deciphering.
14, system according to claim 13 is characterized in that, the transmit leg of described move transaction information and the financial module among the take over party generate communication key by financial key;
The transmit leg of described move transaction information by financial module to the encryption that Transaction Information carries out is: financial module is carried out encryption by the communication key that generates to Transaction Information;
The take over party of described move transaction information by financial module to the decryption processing that Transaction Information carries out is: financial module is decrypted processing by the communication key that generates to Transaction Information.
15, system according to claim 13 is characterized in that, the transmit leg of described move transaction information and the financial module among the take over party generate signature key according to financial key;
The transmit leg of described move transaction information by financial module to the encryption that Transaction Information carries out is: the financial module of move transaction information sender generates signature according to signature key for this Transaction Information;
The take over party of described move transaction information by financial module to the decryption processing that Transaction Information carries out is: move transaction receiving party's financial module generates signature according to signature key for this Transaction Information, and relatively whether this signature is consistent with the signature of receiving, the Transaction Information obtain deciphering when signature is consistent after.
According to claim 13,14 or 15 described systems, it is characterized in that 16, the transmit leg of described move transaction information is a portable terminal; Further comprise in the financial module of described portable terminal: user key, described portable terminal is encrypted the key data of self by this user key:
The encryption that described portable terminal is done Transaction Information by financial module comprises: by user key self key data is decrypted processing, financial module is encrypted Transaction Information by the key data that deciphering obtains afterwards.
Priority Applications (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN 200410031672CN1677409A (en) | 2004-04-02 | 2004-04-02 | A method and system for transmitting transaction information through a mobile network |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN 200410031672CN1677409A (en) | 2004-04-02 | 2004-04-02 | A method and system for transmitting transaction information through a mobile network |
Publications (1)
| Publication Number | Publication Date |
|---|---|
| CN1677409Atrue CN1677409A (en) | 2005-10-05 |
Family
ID=35049916
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN 200410031672PendingCN1677409A (en) | 2004-04-02 | 2004-04-02 | A method and system for transmitting transaction information through a mobile network |
Country Status (1)
| Country | Link |
|---|---|
| CN (1) | CN1677409A (en) |
Cited By (10)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| WO2010066127A1 (en)* | 2008-12-12 | 2010-06-17 | 阿尔卡特朗讯 | Safe communication method and device for mobile financial service based on application layer |
| CN101127954B (en)* | 2007-09-21 | 2010-08-18 | 冯卫东 | A method for transmitting data via mobile phone dialing communication or GRPS packet communication technology |
| CN103312507A (en)* | 2013-05-09 | 2013-09-18 | 重庆邮电大学 | Encryption and authentication method in mobile payment |
| CN105631670A (en)* | 2015-12-31 | 2016-06-01 | 深圳前海微众银行股份有限公司 | Method and device of cloud end payment |
| CN105684346A (en)* | 2013-09-27 | 2016-06-15 | 金雅拓股份有限公司 | Method for securing over-the-air communication between a mobile application and a gateway |
| CN106031207A (en)* | 2013-12-02 | 2016-10-12 | 万事达卡国际股份有限公司 | Method and system for secure delivery of remote notification service messages to mobile devices without secure elements |
| CN107070653A (en)* | 2017-05-05 | 2017-08-18 | 长沙卡友信息服务股份有限公司 | A kind of POS transaction encryptions system, method, POSP front servers and POS terminal |
| CN107093065A (en)* | 2010-08-25 | 2017-08-25 | 艾希艺西尔瑞爱控股有限公司 | The mandate of cash payment |
| CN113205337A (en)* | 2021-06-03 | 2021-08-03 | 中国银行股份有限公司 | Transaction processing system and method |
| CN115033923A (en)* | 2022-06-28 | 2022-09-09 | 深圳怡化电脑科技有限公司 | Method, device, equipment and storage medium for protecting transaction privacy data |
- 2004
- 2004-04-02CNCN 200410031672patent/CN1677409A/enactivePending
Cited By (16)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN101127954B (en)* | 2007-09-21 | 2010-08-18 | 冯卫东 | A method for transmitting data via mobile phone dialing communication or GRPS packet communication technology |
| WO2010066127A1 (en)* | 2008-12-12 | 2010-06-17 | 阿尔卡特朗讯 | Safe communication method and device for mobile financial service based on application layer |
| CN107093065A (en)* | 2010-08-25 | 2017-08-25 | 艾希艺西尔瑞爱控股有限公司 | The mandate of cash payment |
| CN103312507A (en)* | 2013-05-09 | 2013-09-18 | 重庆邮电大学 | Encryption and authentication method in mobile payment |
| CN105684346B (en)* | 2013-09-27 | 2019-11-19 | 金雅拓股份有限公司 | Ensure the method for air communication safety between mobile application and gateway |
| CN105684346A (en)* | 2013-09-27 | 2016-06-15 | 金雅拓股份有限公司 | Method for securing over-the-air communication between a mobile application and a gateway |
| CN106031207A (en)* | 2013-12-02 | 2016-10-12 | 万事达卡国际股份有限公司 | Method and system for secure delivery of remote notification service messages to mobile devices without secure elements |
| CN106031207B (en)* | 2013-12-02 | 2019-12-13 | 万事达卡国际股份有限公司 | Method and system for securely delivering remote notification service messages to mobile devices without secure elements |
| US11334890B2 (en) | 2013-12-02 | 2022-05-17 | Mastercard International Incorporated | Method and system for secure authentication of user and mobile device without secure elements |
| US12093954B2 (en) | 2013-12-02 | 2024-09-17 | Mastercard International Incorporated | Method and system for secure authentication of user and mobile device without secure elements |
| CN105631670A (en)* | 2015-12-31 | 2016-06-01 | 深圳前海微众银行股份有限公司 | Method and device of cloud end payment |
| CN107070653A (en)* | 2017-05-05 | 2017-08-18 | 长沙卡友信息服务股份有限公司 | A kind of POS transaction encryptions system, method, POSP front servers and POS terminal |
| CN107070653B (en)* | 2017-05-05 | 2020-07-10 | 长沙卡友信息服务股份有限公司 | POS transaction encryption system and method, POSP front-end server and POS terminal |
| CN113205337A (en)* | 2021-06-03 | 2021-08-03 | 中国银行股份有限公司 | Transaction processing system and method |
| CN113205337B (en)* | 2021-06-03 | 2025-02-21 | 中国银行股份有限公司 | Transaction processing system and method |
| CN115033923A (en)* | 2022-06-28 | 2022-09-09 | 深圳怡化电脑科技有限公司 | Method, device, equipment and storage medium for protecting transaction privacy data |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| EP3269119B1 (en) | Mutual authentication of software layers | |
| CN1218261C (en) | Electronic transaction | |
| EP0995177B1 (en) | Symmetrically-secured electronic communication system | |
| CN112232814B (en) | Encryption and decryption methods of payment key, payment authentication method and terminal equipment | |
| CN108090761A (en) | Block chain token method of payment based on credible two-dimension code | |
| CN1711738A (en) | Providing a user device with a set of access codes | |
| CN106027501B (en) | A kind of system and method for being traded safety certification in a mobile device | |
| CN1653746A (en) | Method for authenticating and verifying sms communications | |
| CN101576983A (en) | Electronic payment method and system based on mobile terminal | |
| WO2007019368A2 (en) | Secure online financial transactions | |
| CN101051907A (en) | Safety certifying method and its system for facing signature data | |
| CN101842795A (en) | System, method and device for enabling interaction with dynamic security | |
| US20120221862A1 (en) | Multifactor Authentication System and Methodology | |
| CN1323114A (en) | Discriminating system, discriminating method, discriminating equipment and its discriminating method | |
| CN101335754B (en) | Method for information verification using remote server | |
| CN108242999A (en) | Key escrow method, equipment and computer readable storage medium | |
| CN103559614A (en) | Method of bearer payment | |
| CN104200359A (en) | Application method of payment encryption hardware applied to mobile equipment | |
| CN102073803A (en) | Device, method and system for enhancing safety of USBKEY | |
| CN102611702A (en) | System and method for ensuring safety of network payment | |
| CN1677409A (en) | A method and system for transmitting transaction information through a mobile network | |
| CN101059853A (en) | Safe mobile macro-payment data processing system | |
| CN1372679A (en) | Method for authenticating a portable object, corresponding portable object, and apparatus therefor | |
| CN113094688B (en) | System and method for processing business of outsourcing marketing terminal | |
| CN1776732A (en) | Mobile-terminal-based general transaction method and its system |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| C06 | Publication | ||
| PB01 | Publication | ||
| C10 | Entry into substantive examination | ||
| SE01 | Entry into force of request for substantive examination | ||
| C12 | Rejection of a patent application after its publication | ||
| RJ01 | Rejection of invention patent application after publication | Open date:20051005 |