WO2017063545A1 - Procédé et système de saisie d'informations d'identité se rapportant à des données de transactions - Google Patents

Procédé et système de saisie d'informations d'identité se rapportant à des données de transactions Download PDF

Info

Publication number
WO2017063545A1
WO2017063545A1 PCT/CN2016/101779 CN2016101779W WO2017063545A1 WO 2017063545 A1 WO2017063545 A1 WO 2017063545A1 CN 2016101779 W CN2016101779 W CN 2016101779W WO 2017063545 A1 WO2017063545 A1 WO 2017063545A1
Authority
WO
WIPO (PCT)
Prior art keywords
identity information
input
information
transaction
terminal
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Ceased
Application number
PCT/CN2016/101779
Other languages
English (en)
Chinese (zh)
Inventor
才华
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
China Unionpay Co Ltd
Original Assignee
China Unionpay Co Ltd
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by China Unionpay Co Ltd filed Critical China Unionpay Co Ltd
Publication of WO2017063545A1 publication Critical patent/WO2017063545A1/fr
Anticipated expiration legal-status Critical
Ceased legal-status Critical Current

Links

Images

Classifications

    • GPHYSICS
    • G06COMPUTING OR CALCULATING; COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/30Authentication, i.e. establishing the identity or authorisation of security principals
    • G06F21/31User authentication
    • GPHYSICS
    • G06COMPUTING OR CALCULATING; COUNTING
    • G06QINFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES, NOT OTHERWISE PROVIDED FOR
    • G06Q20/00Payment architectures, schemes or protocols
    • G06Q20/38Payment protocols; Details thereof
    • G06Q20/382Payment protocols; Details thereof insuring higher security of transaction
    • G06Q20/3823Payment protocols; Details thereof insuring higher security of transaction combining multiple encryption tools for a transaction
    • GPHYSICS
    • G06COMPUTING OR CALCULATING; COUNTING
    • G06QINFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES, NOT OTHERWISE PROVIDED FOR
    • G06Q20/00Payment architectures, schemes or protocols
    • G06Q20/38Payment protocols; Details thereof
    • G06Q20/40Authorisation, e.g. identification of payer or payee, verification of customer or shop credentials; Review and approval of payers, e.g. check credit lines or negative lists
    • G06Q20/401Transaction verification
    • G06Q20/4014Identity check for transactions

Definitions

  • the present invention relates to data encryption techniques and, more particularly, to a method of generating a password associated with transaction data.
  • the present invention provides a method for inputting identity information related to transaction data, which is applied in an application environment including a terminal and a transaction server communicably connected to the terminal, wherein the transaction server performs a transaction request from the terminal.
  • Processing to complete transaction processing by interaction with the terminal the method comprising: presenting an identity information input option at a user interface of the terminal during user identity information input, and transmitting to the user indicating the user
  • the method inputs the input mode information of the identity information, and the input mode information is randomly generated; and when the user inputs the identity information by using the identity input option according to the input mode information, the identity information is transmitted to the transaction server.
  • the input mode information is in the form of a picture.
  • the input mode information is sent to the mobile terminal of the user by using a short message.
  • the input mode information is sent to the mobile terminal of the user by using a short message in the form of a picture.
  • the input mode information includes a random number and an information bit for inputting the identity information.
  • the information bits are surrounded by the random number as a whole or the information bits are separated into segments by the random number.
  • the identity information is transmitted to the transaction server via the network.
  • the input mode information is generated by the transaction server.
  • the identity information is any one of a name, a password, an identity card number, a combination of any two, or a combination of the three.
  • an identity information input system related to transaction data, which is disposed in an application environment including a terminal and a transaction server communicably connected to the terminal, the transaction server Processing a transaction request from a terminal to complete transaction processing by interaction with the terminal, the system comprising: an input mode generation module configured to randomly generate an input for indicating how the user enters identity information in what manner Mode information; a first output module configured to output an identity information input option at a user interface of the terminal during user identity information input; and a second output module configured to output an identity input option when the first output module outputs Transmitting the input mode information to the user; and transmitting a module for transmitting identity information input by the user to the transaction server.
  • an input mode generation module configured to randomly generate an input for indicating how the user enters identity information in what manner Mode information
  • a first output module configured to output an identity information input option at a user interface of the terminal during user identity information input
  • a second output module configured to output an identity input option when the first output module outputs Transmitting the input mode information to the user
  • the second output module is disposed at the transaction server.
  • the input mode generating module is further configured to generate the input mode information including a random number and an information bit for inputting the identity information.
  • the input mode generating module is further configured to generate the input mode information as a picture.
  • the input mode generating module is further configured to generate the input mode information including a random number and an information bit for inputting the identity information.
  • the identity information bits are surrounded by the random number as a whole.
  • an identity information input system associated with transaction data optionally, the identity information bits are separated into segments by the random number.
  • An identity information input system related to transaction data optionally, the transmitting module is configured to transmit the identity information to the transaction service via a network if the user inputs the identity information according to the input mode information end.
  • a transaction system comprising an identity information input system related to transaction data as described above.
  • the security of the transmission of identity information can be improved by performing the methods of the examples of the invention or employing the systems of the examples of the invention.
  • FIG. 1 is a flow chart of a method of inputting identity information related to transaction data in accordance with one example of the present invention.
  • FIG. 3 is still another example of input mode information according to an example of the present invention.
  • FIG. 4 is a block diagram showing an identity information input system related to transaction data in accordance with one example of the present invention.
  • An identity information input method related to transaction data is applied to an application environment including a terminal and a transaction server communicably connected to the terminal, the transaction server processing a transaction request from the terminal Transaction processing is completed through interaction with the terminal.
  • the terminal in the application environment may be any one of a desktop computer, a notebook computer, a tablet such as an iPad, and an electronic device such as a smart phone;
  • the transaction server may be one or more servers, as the case may be. set.
  • the terminal and the server may be connected through a network, such as the Internet.
  • step 100 during the input of the user identity information, the identity information input option is presented on the user interface of the terminal, and the input mode information for indicating how the user inputs the identity information is transmitted to the user.
  • the input mode information is randomly generated.
  • step 102 in the case where the user inputs the identity information through the identity input option according to the input mode information, the identity information is transmitted to the transaction server, whereby the identity information input process operation is completed.
  • the user is required to input identity information, regardless of which terminal the user is using, and the user interface of the terminal displays an option to require the user to input identity information.
  • the input mode information is also transmitted to the user to inform the manner in which the identity information is input.
  • the input mode information may be generated by a transaction server in the application environment and sent to the terminal for use by the user through the network. Alternatively, it can also be sent to the user's mobile phone terminal via SMS for the user to use.
  • the terminal for inputting identity information may be a mobile phone terminal, or may be other terminals as mentioned above.
  • the input mode information may be generated by a terminal in the application environment.
  • the terminal will directly present the input mode information to the user without passing through the network or the short message, and at the same time, the terminal can transmit the input mode information to the transaction server, so that the transaction server receives the user compliance input mode.
  • the input mode information may be generated as a picture, or the input mode information may be generated as a picture carrying an input manner indicating how the user inputs the identity information.
  • the picture can be generated by the transaction server, delivered to the terminal via the network or delivered to the user's mobile terminal via SMS for the user to use.
  • the picture may be generated by the terminal itself and presented to the user for viewing and inputting identity information accordingly.
  • the input mode information includes a random number and an information bit for inputting identity information, wherein the information bit is surrounded by the random number.
  • the information bits are located as a whole in a random number, or a random number divides the information bits into segments.
  • a random number can be a number, a letter, or a combination of numbers and letters.
  • the identity information may be various types of identity or information related to the identity, such as a name, an identity card number, a password, or the like, or may be any combination of one or several of the information.
  • the identity information input method related to transaction data according to the present invention is specifically explained using a password as an example.
  • the input mode information is generated as a picture, and the picture is, for example, the method shown in FIG. 2, that is, the password is input in the password box by first inputting the random number 1, inputting the password, and then inputting the random number 2.
  • the picture is generated by the transaction server and transmitted over the communication network to the terminal communicatively coupled to the transaction server for the user to enter on the terminal.
  • the random number 1 is a part of a random number, which may be a number or a plurality of numbers. For example, the random number 1 is 13, and the random number 2 is 562, then the entire random number is 13562.
  • the user enters the password by entering 13 first, then entering the password, and then entering 562.
  • the random number may also be referred to as a check code, and a randomly generated check code.
  • the difference between the second example and the first example is that the random number divides the password bit into several ends.
  • the input mode information is generated as a picture, and the picture is, for example, the method shown in FIG. 3, that is, the password is input in the password box by first inputting the random number 1, the first three digits of the password, the random number 2, and the last three digits of the password.
  • the random number 1 is a part of a random number, which may be a number or a plurality of numbers. For example, if the random number 1 is 54 and the random number 2 is 34, the user should enter the password by entering 54 first, then entering the first three digits of the password, then entering 34, and finally entering the password three digits.
  • the random number can be split into multiple parts, each part can be one bit or multiple bits; accordingly, the password can be separated by multiple pieces of the random number after the split.
  • the input mode information is generated in the same manner as in the first example and the second example, except that the generated input mode information is transmitted to the user's mobile phone terminal through the short message, that is, the input mode information is transmitted differently than the transaction data (for example, It is transmitted through the network transmission).
  • the password is transmitted to the transaction server via the network.
  • the examples enumerated herein relate to input mode information for generating identity information, so that the user knows the input mode information, and transmits the input identity information to the transaction server according to the user input identity information. It should be noted that after the user inputs the identity information according to the input mode information of the identity information, the identity information input by the user is packaged together with the random number provided in the application (which may include encryption and/or compression). Transfer to the transaction server. However, the information transmission process after packaging and packaging is consistent with the information transmission process after the input and subsequent packaging of the identity information, and thus the present invention will not be described.
  • the identity information data is illegally intercepted, and the interceptor cannot know the real reason due to the random number.
  • an identity information input system related to transaction data is further provided, which is disposed in an application environment including a terminal and a transaction server communicably connected to the terminal, the transaction server terminal from the terminal The transaction request is processed to complete the transaction processing through interaction with the terminal.
  • FIG. 4 is a block diagram showing an identity information input system related to transaction data in accordance with one example of the present invention. As shown, the system includes an input mode generation module 20, a first output module 22, a second output module 24, and a transfer module 26.
  • the input mode generation module 20 is configured to randomly generate input mode information for indicating how the user inputs the identity information in a manner.
  • the first output module 22 is configured to output an identity information input option at a user interface of the terminal during user identity information input.
  • the second output module 24 is configured to transmit the input mode information to the user when the first output module outputs the identity information input option.
  • the transmitting module 26 is configured to transmit the input information to the transaction server after the user inputs the identity information according to the requirement of the input mode information.
  • the input mode generating module 20 may be disposed in a transaction server in the application environment, and the randomly generated input mode information may be sent to the terminal through the network for use by the user. Alternatively, it can also be sent to the user's mobile terminal via SMS for the user to use.
  • the terminal for inputting identity information may be a mobile phone terminal, or may be other terminals as mentioned above.
  • the input mode generating module 20 may be disposed in a terminal in the application environment.
  • the input mode information randomly generated by the input mode generating module 20 can be directly presented to the user through the terminal without being transmitted through a network or a short message.
  • the input mode information generated by the input mode generating module 20 can be transmitted by the terminal to the transaction server.
  • the input mode generating module 20 is configured to generate the input mode information as a picture, or the input mode information is generated as a picture carrying an input manner indicating how the user inputs the identity information.
  • input mode generation module 20 generates input mode information including random numbers and information bits for inputting identity information, and according to an example of the present invention, the information bits are surrounded by random numbers.
  • the information bits are located as a whole in a random number, or a random number divides the information bits into segments.
  • a random number can be a number, a letter, or a combination of numbers and letters.
  • an input mode generation module 20 is disposed on the transaction server, the first output module 22 is disposed in the terminal used by the user, the second output module 24 is disposed on the transaction server, and the transmission module 26 is disposed in the terminal used by the user.
  • the input mode generating module 20 generates input mode information when the identity information of the transaction data is to be input, and the input mode information is transmitted by the second output module 24 to the terminal used by the user through the network, and the input mode information is presented by the terminal.
  • the user in the identity input option of the input interface, enters the identity information according to the indication of the input mode information, and the transmitting module 26 transmits the identity information input by the user to the transaction server, and performs identity authentication and the like. deal with.
  • the terminal is set to be responsible only for displaying it to the client without further processing.
  • the input mode generating module 20 generates the input mode information and generates it as a picture, for example, the mode shown in FIG. 2, that is, the random number 1 is input first in the password box, and then input. Enter the password by entering the random number 2.
  • the random number 1 is a part of a random number, which may be a number or a plurality of numbers. For example, the random number 1 is 13, and the random number 2 is 562, then the entire random number is 13562. The user should enter the password by entering 13 first, then entering the password, and then entering 562.
  • the input mode generating module 20 generates the input mode information and generates it as a picture, for example, the mode shown in FIG. 3, that is, the random number 1 and the password are entered first in the password box. Enter the password in the first three digits, the random number 2, and the last three digits of the last password.
  • the random number 1 is a part of a random number, which may be a number or a plurality of numbers. For example, if the random number 1 is 54 and the random number 2 is 34, the user should enter the password by entering 54 first, then entering the first three digits of the password, then entering 34, and finally entering the password three digits.
  • the present invention also provides a transaction system that performs the identity information input method related to transaction data as described above. And, a transaction system including an identity information input system related to transaction data as described above is provided.
  • the generation of the random number can be generated by generating a verification code.
  • An identity information input method or system related to transaction data which combines identity information (such as a password) with a random number (authentication code), and the user inputs the identity information input phase Combine together. Since the random number is introduced, even if the input identity information is intercepted by the malicious program on the terminal side and the transaction server (or the message side), or the transmission, the interceptor cannot parse the true identity information, thereby ensuring the security of the transaction data. transmission.
  • the transmission of the transaction data and the password is two channels, thereby further improving the ability to resist malicious attacks, and the transmission of the identity information and the password thereof is further improved. Safety.
  • the identity information input method related to transaction data may be implemented as software, and portions implementing different functions may be separately disposed in different components of the application environment.
  • the software portion for generating the input mode information can be implemented on the transaction server side, and during the user identity information input, the user input interface presenting the identity input option can be implemented in the terminal used by the user.
  • input mode information is generated as a picture and transmitted as a picture, which further ensures the security of data transmission.
  • identity information input system related to transaction data may be implemented in the form of a software module, or may be implemented in hardware, or implemented in a combination of software and hardware.

Landscapes

  • Engineering & Computer Science (AREA)
  • Computer Security & Cryptography (AREA)
  • Theoretical Computer Science (AREA)
  • Business, Economics & Management (AREA)
  • Physics & Mathematics (AREA)
  • General Physics & Mathematics (AREA)
  • Accounting & Taxation (AREA)
  • Computer Hardware Design (AREA)
  • Software Systems (AREA)
  • General Engineering & Computer Science (AREA)
  • Strategic Management (AREA)
  • Finance (AREA)
  • General Business, Economics & Management (AREA)
  • Financial Or Insurance-Related Operations Such As Payment And Settlement (AREA)

Abstract

L'invention concerne un procédé de saisie d'informations d'identité se rapportant à des données de transactions, appliqué à un environnement d'application d'une extrémité de service de transactions comportant un terminal et relié au terminal d'une manière permettant une communication, l'extrémité de service de transactions traitant une demande de transaction provenant du terminal de façon à mener à bien un traitement de transaction au moyen d'une interaction avec le terminal. Le procédé comporte les étapes consistant à: présenter une option de saisie d'identité sur une interface d'utilisateur du terminal, et envoyer des informations de procédé de saisie à un utilisateur (100); et dans le cas où l'utilisateur saisit des informations d'identité selon les informations de procédé de saisie, envoyer les informations d'identité à une extrémité de service de transactions (102). L'invention concerne également un système correspondant. Au moyen de la solution, la sécurité de données de transactions peut être améliorée.
PCT/CN2016/101779 2015-10-13 2016-10-11 Procédé et système de saisie d'informations d'identité se rapportant à des données de transactions Ceased WO2017063545A1 (fr)

Applications Claiming Priority (2)

Application Number Priority Date Filing Date Title
CN201510668565.1A CN105373921A (zh) 2015-10-13 2015-10-13 与交易数据有关的身份信息输入方法及系统
CN201510668565.1 2015-10-13

Publications (1)

Publication Number Publication Date
WO2017063545A1 true WO2017063545A1 (fr) 2017-04-20

Family

ID=55376100

Family Applications (1)

Application Number Title Priority Date Filing Date
PCT/CN2016/101779 Ceased WO2017063545A1 (fr) 2015-10-13 2016-10-11 Procédé et système de saisie d'informations d'identité se rapportant à des données de transactions

Country Status (2)

Country Link
CN (1) CN105373921A (fr)
WO (1) WO2017063545A1 (fr)

Families Citing this family (1)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN105373921A (zh) * 2015-10-13 2016-03-02 中国银联股份有限公司 与交易数据有关的身份信息输入方法及系统

Citations (4)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US20050149739A1 (en) * 2003-12-31 2005-07-07 Hewlett-Packard Development Company, L.P. PIN verification using cipher block chaining
CN101604366A (zh) * 2009-07-13 2009-12-16 中山爱科数字科技有限公司 一种密码分割式动态验证方法和系统
CN101639957A (zh) * 2009-05-26 2010-02-03 深圳市安捷信联科技有限公司 一种实现圈存或圈提的方法、终端及银行业务系统
CN105373921A (zh) * 2015-10-13 2016-03-02 中国银联股份有限公司 与交易数据有关的身份信息输入方法及系统

Patent Citations (4)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US20050149739A1 (en) * 2003-12-31 2005-07-07 Hewlett-Packard Development Company, L.P. PIN verification using cipher block chaining
CN101639957A (zh) * 2009-05-26 2010-02-03 深圳市安捷信联科技有限公司 一种实现圈存或圈提的方法、终端及银行业务系统
CN101604366A (zh) * 2009-07-13 2009-12-16 中山爱科数字科技有限公司 一种密码分割式动态验证方法和系统
CN105373921A (zh) * 2015-10-13 2016-03-02 中国银联股份有限公司 与交易数据有关的身份信息输入方法及系统

Also Published As

Publication number Publication date
CN105373921A (zh) 2016-03-02

Similar Documents

Publication Publication Date Title
US9838205B2 (en) Network authentication method for secure electronic transactions
US10389531B2 (en) Authentication system and authentication method
CN113014400B (zh) 用户和移动装置的安全认证
CN112425118B (zh) 公钥-私钥对账户登录和密钥管理器
CN103380592B (zh) 用于个人认证的方法、服务器以及系统
CN117579281A (zh) 用于使用区块链的所有权验证的方法和系统
US20150134531A1 (en) Method, apparatus, and system for information transmission
US20200196143A1 (en) Public key-based service authentication method and system
CN102946384B (zh) 用户验证方法和设备
EP3937040A1 (fr) Systèmes et procédés pour sécuriser un accès de connexion
CN113630412B (zh) 资源下载方法、资源下载装置、电子设备以及存储介质
HK1213076A1 (zh) 捕捉移動安全裝置、方法和系統
CN111161056A (zh) 一种提高数字资产交易安全性的方法、系统及设备
US20180262471A1 (en) Identity verification and authentication method and system
EP3133791B1 (fr) Double système d'authentification de documents signés électroniquement
CN121532764A (zh) 用于增强登录移动应用的安全性的系统和方法
JP2016100007A (ja) カード装置を用いたネットワーク認証方法
US20160300220A1 (en) System and method for enabling a secure transaction between users
KR101856530B1 (ko) 사용자 인지 기반 암호화 프로토콜을 제공하는 암호화 시스템 및 이를 이용하는 온라인 결제 처리 방법, 보안 장치 및 거래 승인 서버
JP5120951B2 (ja) 複数の端末を用いた改ざん命令実行防止技術
CN105678542B (zh) 支付业务交互方法、支付终端和支付云端
KR20190050159A (ko) 통신 구간 보안 상태 제공 방법 및 장치
US10845990B2 (en) Method for executing of security keyboard, apparatus and system for executing the method
WO2017063545A1 (fr) Procédé et système de saisie d'informations d'identité se rapportant à des données de transactions
CN113032761B (zh) 保护远程认证

Legal Events

Date Code Title Description
121 Ep: the epo has been informed by wipo that ep was designated in this application

Ref document number: 16854923

Country of ref document: EP

Kind code of ref document: A1

NENP Non-entry into the national phase

Ref country code: DE

122 Ep: pct application non-entry in european phase

Ref document number: 16854923

Country of ref document: EP

Kind code of ref document: A1