WO2009000130A1 - Method and system for realizing network payment - Google Patents

Method and system for realizing network payment Download PDF

Info

Publication number
WO2009000130A1
WO2009000130A1 PCT/CN2007/070224 CN2007070224W WO2009000130A1 WO 2009000130 A1 WO2009000130 A1 WO 2009000130A1 CN 2007070224 W CN2007070224 W CN 2007070224W WO 2009000130 A1 WO2009000130 A1 WO 2009000130A1
Authority
WO
WIPO (PCT)
Prior art keywords
payment
authentication
user
temporary
information
Prior art date
Application number
PCT/CN2007/070224
Other languages
French (fr)
Chinese (zh)
Inventor
Yafeng Xiang
Original Assignee
Yafeng Xiang
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Yafeng Xiang filed Critical Yafeng Xiang
Publication of WO2009000130A1 publication Critical patent/WO2009000130A1/en

Links

Classifications

    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06QINFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES, NOT OTHERWISE PROVIDED FOR
    • G06Q20/00Payment architectures, schemes or protocols
    • G06Q20/38Payment protocols; Details thereof
    • G06Q20/40Authorisation, e.g. identification of payer or payee, verification of customer or shop credentials; Review and approval of payers, e.g. check credit lines or negative lists
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06QINFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES, NOT OTHERWISE PROVIDED FOR
    • G06Q20/00Payment architectures, schemes or protocols
    • G06Q20/02Payment architectures, schemes or protocols involving a neutral party, e.g. certification authority, notary or trusted third party [TTP]
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06QINFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES, NOT OTHERWISE PROVIDED FOR
    • G06Q20/00Payment architectures, schemes or protocols
    • G06Q20/08Payment architectures
    • G06Q20/12Payment architectures specially adapted for electronic shopping systems
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06QINFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES, NOT OTHERWISE PROVIDED FOR
    • G06Q20/00Payment architectures, schemes or protocols
    • G06Q20/38Payment protocols; Details thereof
    • G06Q20/385Payment protocols; Details thereof using an alias or single-use codes

Definitions

  • the present invention relates to network technologies, and more particularly to a method and system for implementing network payment.
  • BACKGROUND In current network payment systems, when a user performs network payment, the user's identity needs to be authenticated first, and the user identity is usually used in the following manner: user account plus password,
  • the most commonly used user authentication method is the user account plus password method.
  • the account and password entered by the user are very easy to be sneaked or maliciously stolen by others, and the security is very limited.
  • the most common ways to steal someone else's account and password are: one is to trick the user into entering their own account and password through a fake link page; the other is to use the computer virus or malicious program to obtain the user's personal information, intercepting the Account number and password.
  • the user's account and password are usually encrypted or using a dynamic key.
  • the desired effect could not be achieved.
  • the IC card authentication method has high security, it is necessary to use a terminal having the ability to read the IC card in order to use the IC card authentication method. Since the user uses most of the computers in the network payment, the computer has only a common function. The IC card authentication method cannot be widely used in network payment.
  • the main object of the present invention is to provide a method and system for implementing network payment, which provides a secure and effective authentication method in network payment.
  • a method for implementing network payment comprising:
  • the payer user registers the user information in the payment authentication system
  • the payment authentication system generates a temporary authentication identifier according to the request of the payer user, provides the generated temporary authentication identifier to the user, and saves the correspondence between the temporary authentication identifier and the user information in the database of the system;
  • the payment requester When making a network payment, the payment requester provides the payment authentication system with the temporary authentication identifier obtained by the payment user from the payment authentication system, and provides the payee information and the transaction amount;
  • the payment authentication system obtains the user information from the database according to the temporary authentication identifier, and confirms that the payment request is valid, and completes the payment processing.
  • the user information at least includes: payment account information, and further includes: payment authentication additional restriction information, or user identity related information, or temporary authentication identification information, or usage record, or any combination thereof.
  • the method further includes: setting additional restriction information for the temporary authentication identifier; when the additional restriction information includes the authentication password, when performing the network payment, the method further comprises: the payment requester providing the payment authentication system with the authentication password provided by the payer user;
  • the method further includes: the payment authentication system updating the user information associated with the temporary authentication identifier in the database based on the payment authentication processing result.
  • the additional authentication restriction information is set by the user at the time of registration; or is set when the user requests the temporary authentication identification from the payment authentication system; or is set by the payment authentication system.
  • the temporary authentication identifier does not include or implied payment account information for payment. After the completing the payment processing, the method further includes:
  • the payment authentication system sends a payment authentication processing result to the payment requester.
  • the step A further includes the payment authentication system transmitting a payment authentication processing result to the payer user.
  • the present invention also provides a system for implementing network payment, the system comprising: a payer user client, a payment requester client, and a payment authentication system, wherein
  • the payer user client is configured to provide user information to the payment authentication system, request the payment authentication system to provide the temporary authentication identifier, and receive the temporary authentication identifier generated by the payment authentication system;
  • the payment authentication system is configured to register the user information provided by the payer user client, accept the request for providing the temporary authentication identifier by the payer user client, and return the temporary authentication identifier generated by the user to the payer user client. Receiving the temporary authentication identifier, the payee information, and the transaction amount provided by the payment requester client, and determining that the temporary authentication identifier is valid, completing the payment processing; the payment requester client is configured to make a payment request to the payment authentication system, to pay Certification The system provides the temporary authentication identifier of the payer user, and provides the payee information and the transaction amount, and accepts the payment authentication processing result of the payment authentication system.
  • the payment requester client includes:
  • a user terminal of the payment authentication system a network terminal connected to the payment authentication system, and a payee user system that issues a payment request to the payment authentication system.
  • the payment authentication system is further configured to send a payment authentication processing result to the payment requester client, where the payment authentication system further sends a payment authentication processing result to the paying party user.
  • the user registers the user information in the payment authentication system, and the payment authentication system generates the temporary authentication identifier according to the request of the payer user, provides the generated temporary authentication identifier to the user, and associates the temporary authentication identifier with the user information.
  • the payment requester provides the temporary authentication identifier obtained by the payer user from the payment authentication system to the payment authentication system, and provides the payee information and the transaction amount, and the payment authentication system is based on the temporary authentication.
  • the identifier obtains the user information from the database, confirms that the payment request is valid, and completes the payment processing.
  • FIG. 1 is a schematic structural diagram of a network payment system according to the present invention.
  • a user registers user information in a Payment and Authorization System, and the payment authentication system generates a temporary authentication identifier according to a request of the payer user, provides the generated temporary authentication identifier to the user, and provides temporary authentication.
  • the correspondence between the identifier and the user information is saved in the database of the system.
  • the payment requester When the network payment is made, the payment requester provides the temporary authentication identifier obtained by the payer user from the payment authentication system to the payment authentication system, and provides the payee information and The transaction amount, the payment authentication system obtains the user information from the database according to the temporary authentication identifier, and confirms that the payment request is valid, and completes the payment processing.
  • the network payment system includes a payer user client, a payment authentication system, and a payment requester client.
  • the payer user client is configured to provide user information to the payment authentication system, request the payment authentication system to provide the temporary authentication identifier, and receive the temporary authentication identifier generated by the payment authentication system; the payment authentication system is used for the paying party user client.
  • the user information provided by the terminal is registered, accepts the request for providing the temporary authentication identifier by the payer user client, returns the temporary authentication identifier generated for the user to the payer user client, and receives the temporary authentication identifier provided by the payment requester client, And providing the payee information and the transaction amount, determining that the temporary authentication identifier is valid, completing the payment processing;
  • the payment requester client is configured to make a payment request to the payment authentication system, and providing the payment authentication system with the temporary authentication of the paying party user Identify and authenticate the password, and provide the payee information and transaction amount, and accept the payment authentication processing result of the payment authentication system.
  • the payment requester client includes: a user terminal of the payment authentication system, a network terminal connected to the payment authentication system, and a payee user system that issues a payment request to the payment authentication system.
  • the payment authentication system may include a payment subsystem, and the specific process of completing the payment processing may be:
  • the payment authentication system obtains the payment account information of the payment user from the database according to the temporary authentication identifier, and invokes the payment subsystem to perform payment processing, and the payment subsystem is configured to complete the payment account information, the payee information, and the transaction amount provided by the payment authentication system. Payment processing.
  • the payment authentication processing result may be returned to the payment authentication system; after receiving the payment authentication processing result sent by the payment subsystem, the payment authentication system sends the payment authentication processing result to the payment requester client.
  • the payment authentication system can further send payment authentication processing results to the payer user client.
  • FIG. 2 is a flowchart of a specific embodiment of a network payment according to the present invention. As shown in FIG. 2, a payment authentication system is set. The processing process of the network payment in this embodiment includes the following steps:
  • Step 201 The user authorizes the payment authentication system to perform network payment, provides the user authentication information to the payment authentication system, and the payment authentication system registers the user information.
  • the user information includes: payment account information, payment authentication additional restriction information, user identity related information, temporary authentication identification information, usage record, and the like, wherein the payment account information may include the user's account number and password.
  • Step 202 to step 203 The user requests the temporary authentication identifier from the payment authentication system. After receiving the request from the user, the payment authentication system generates a temporary authentication identifier, stores the correspondence between the user information and the temporary authentication identifier in the system database, and then provides the temporary authentication identifier to the user.
  • the temporary authentication ID generated by the payment authentication system is unique in the system.
  • the user can provide other information, such as a temporary password set by the user, in addition to providing the temporary authentication identifier when setting the network payment in the payment authentication system, so that when the network payment is made, the payment authentication system will determine the payment according to the user's setting. Whether the information provided by the requester satisfies the conditions.
  • users can also set some auxiliary conditions, such as the maximum amount of transactions per network payment.
  • the payment authentication system can set additional restriction information for the generated temporary authentication identifier, for example, The effective number of the temporary authentication mark is set to 1 time, the validity period of the temporary authentication mark is set to 1 day, the validity period of the temporary authentication mark is set to 2 days, and the effective number is 1 time, and so on.
  • the additional restriction information may be set by the user, for example, the user sets additional restriction information when registering, and, for example, the user sets additional restriction information when requesting the payment authentication system to provide the authentication temporary authentication identifier, so that the payment authentication system can be set according to the user. Additional restriction information is set for the temporary authentication ID, and additional restriction information can be automatically set for the temporary authentication ID.
  • Step 204 to Step 205 When a network payment is required, the payment requester obtains the temporary authentication identifier from the payment user, and if the authentication password is required, the authentication password is also obtained; the payment requester provides the temporary authentication identifier or temporary authentication to the payment authentication system. Identify and authenticate the password and provide the payee account number and transaction amount.
  • Step 206 The payment authentication system determines whether the temporary authentication identifier is valid. If yes, proceed to step 207; otherwise, proceed to step 210.
  • Whether the temporary authentication identifier is valid may refer to whether the temporary authentication identifier is stored in the database of the payment authentication system. If the temporary authentication identifier is stored in the payment authentication system, the temporary authentication identifier is valid. Otherwise, the temporary authentication identifier is invalid. If the user also sets an authentication password for the temporary authentication identifier, whether the temporary authentication identifier is valid means whether the corresponding temporary authentication identifier is stored in the payment authentication system, and whether the temporary authentication identifier corresponds to the authentication password, if this If both conditions are met, the temporary authentication ID is valid; otherwise, the temporary authentication ID is invalid. If the payment authentication system sets additional restriction information for the temporary authentication identifier, it is further required to determine whether the payment request information satisfies the additional restriction information.
  • the request information includes at least a temporary authentication identifier, and may also include other information.
  • Step 207 The payment authentication system determines the payment account information in the user information corresponding to the temporary authentication identifier according to the correspondence between the stored temporary authentication identifier and the user information, and provides the payment account information and the payee account to the payment subsystem. And the transaction amount.
  • Step 208 The payment subsystem completes the payment processing according to the payment account information, the payee account number, and the transaction amount.
  • the payment subsystem can call the external payment system when making payment processing.
  • Step 209 After the payment subsystem completes the payment processing, the payment authentication processing result is sent to the payment authentication system.
  • the specific processing may be: if the payment processing is successful, the payment subsystem sends a success message to the payment authentication system; if the payment processing fails, the payment is made. The subsystem sends a failure message to the payment authentication system.
  • Step 210 The payment authentication system transmits a payment authentication processing result to the payment requester, and notifies the payment requester to pay the result of the authentication processing.
  • the payment authentication system may also send a payment authentication processing result to the payment user, and notify the payment user of the result of the payment processing.
  • Step 211 The payment authentication system updates relevant data in the database, records the processing result of the current network payment, and updates the user information related to the temporary authentication identifier.
  • the payment requester can also be the payer user.
  • the paying party user obtains the payee account number, and then provides the temporary authentication identifier, the payee account number and the transaction amount to the authentication subsystem, and the subsequent processing is the same as the above description.
  • the payment requester can also be the payee.
  • the payee obtains the temporary authentication identifier through the interaction with the payer, and then provides the temporary authentication identifier, the own account number and the transaction amount to the authentication subsystem, and the subsequent processing is the same as the above description.
  • the payment requester may also be a third party other than the payer and the payee. When the network is performed, the third party obtains the temporary authentication identifier through the interaction with the payer, acquires the payee account, and then provides the temporary authentication identifier to the authentication subsystem. , the payee account number and the transaction amount, the subsequent processing is the same as the above description.
  • the payee account can also be registered in the payment authentication system in advance, and the authentication payment system provides the account identifier for the payee account, and stores the correspondence between the account identifier and the payee account in the system database, and the payment request The user only needs to provide the account identification to the payment authentication system, and the payment authentication system searches the database for the payee account corresponding to the account identifier, and the subsequent processing is the same.
  • the user logs in to the payment authentication system through the Internet browser, requests the temporary authentication identifier from the payment authentication system, and sets the temporary authentication identifier to set the authentication password.
  • the effective number of setting the temporary authentication identifier is 3 times, the validity period is 12 hours, and each setting is also set.
  • the maximum transaction amount of the secondary network payment is 1000 yuan, and the maximum cumulative total is 2000 yuan; the payment authentication system provides the generated user identification to the user.
  • the payment authentication system generates a temporary authentication identifier, and stores the corresponding relationship between the payment account information of the user, the set additional restriction information, and the temporary authentication identifier to the database, and provides the generated temporary authentication identifier to the user, and the Internet browser displays the temporary identifier to the user. Certification mark.
  • the number of digits or characters constituting the temporary authentication mark must be large enough to prevent the temporary authentication mark from being forged by random generation or the like. For example, if the maximum number of temporary authentication IDs generated by the payment authentication system is 100 million per day, and the maximum validity period for setting the temporary identification is 100 days, the default setting of the temporary authentication identifier is 1 day, and if the temporary authentication identifier is 20 digits. The number of digits, the probability that the temporary authentication mark is forged Less than one billionth; if the temporary authentication mark is composed of 20 digits, or English letters, or numbers and English letters, the probability that the temporary authentication mark is forged is less than one part per trillion. In order to ensure the security of the user's personal information, the temporary authentication logo should not be directly related to any personal information of the user. The personal information of the user can only be retrieved from the stored information according to the temporary authentication identifier through the payment authentication system.
  • the user accesses the online sales system through the Internet browser, selects the product, enters the payment page of the online sales system, inputs the temporary authentication identifier and the authentication password provided by the payment authentication system, and after confirming the purchase, the online sales system provides the transaction to the payment authentication system.
  • the amount, the temporary authentication ID provided by the user, and the payee account number request the payment authentication system to perform authentication and complete the payment processing.
  • the payment authentication system After receiving the transaction amount, the temporary authentication identifier, the authentication password, and the payee account number, the payment authentication system retrieves the additional restriction information, the authentication password, and the payment account information set by the user from the database according to the temporary authentication identifier. After the payment authentication system confirms that the temporary authentication identifier is valid, the payment authentication system provides the payment subsystem with the user's payment account and authentication password, and the payee account number, requesting completion of the payment processing. After the payment subsystem confirms that the payment request is valid, that is, the user's payment account information is accurate, and the transfer process from the payment account to the payee account is completed according to the transaction amount. After the payment process is completed, the payment subsystem returns the payment authentication process result to the payment authentication system.
  • the payment authentication system After receiving the processing result of the payment subsystem, the payment authentication system returns the payment authentication processing result to the online sales system, and updates the related data of the temporary authentication identifier in the database. After the online sales system receives the payment processing completion result of the payment authentication system, the payment completion information is displayed on the webpage, and the entire network payment process is completed.
  • the user uses the mobile terminal with the smart chip as the network terminal to access the payment authentication system,
  • the payment authentication system requests the temporary authentication identifier, and no additional restriction information is set.
  • the payment authentication system retrieves the default additional restriction information set by the user from the database as valid once, the validity period is 10 minutes, the maximum transaction amount is 10,000 yuan, the authentication password is not used, and the payment authentication system uses the system date and user.
  • the account generates a random number, and the random number is used as a parameter for determining the temporary authentication identifier, and a temporary authentication identifier of a 20-digit identification number consisting of a number and an English letter is obtained.
  • the algorithm of the temporary authentication identifier ensures that the user account cannot be obtained according to the temporary authentication identifier generated by the payment authentication system.
  • the payment authentication system provides the generated temporary authentication identifier to the user, and stores the correspondence between the payment account information of the user, the set additional restriction information, and the temporary authentication identifier.
  • the temporary authentication identifier provided by the payment authentication system is input to the collection network terminal of the store.
  • the payment network terminal provides the payment authentication system with the transaction amount, the temporary authentication identifier provided by the user, and the payee account number, and requests the payment authentication system to perform authentication and complete the payment processing.
  • the payment authentication system After receiving the transaction amount, the temporary authentication identifier, and the payee account number, the payment authentication system retrieves the additional restriction information set by the user and the payment account information of the user from the stored information according to the temporary authentication identifier. After the payment authentication system confirms that the temporary authentication identifier is valid, the payment authentication system provides the payment subsystem with the user's payment account and authentication password, and the payee account number, requesting completion of the payment processing. After the payment subsystem confirms that the payment request is valid, that is, the user's payment account information is accurate, and the transfer process from the payment account to the payee account is completed according to the transaction amount. After the payment processing is completed, the payment subsystem returns the payment authentication processing result to the payment authentication system.
  • the payment authentication system After receiving the processing result of the payment subsystem, the payment authentication system returns the payment authentication processing result to the collection network terminal of the store, and sets the use valid status of the corresponding temporary authentication identifier in the database to be unusable according to the additional restriction information set by the user.
  • the payment network terminal of the store receives the payment processing completion result of the payment authentication system After that, the payment completion information is displayed on the terminal, and the entire network payment process is completed.
  • the mobile terminal with the smart chip accesses the payment authentication system to obtain the temporary authentication identifier, and although the requirements for the mobile terminal are high, it has higher security.
  • the user accesses the voice service system of the payment authentication system through the terminal, and requests the payment authentication system to generate a temporary authentication identifier.
  • the payment authentication system may provide the temporary authentication identifier to the user by means of direct response, or may send the temporary authentication identifier to the user through the mobile phone short message, and store the payment account information of the user, the set additional restriction information and the temporary authentication identifier. Correspondence relationship.
  • the user accesses the online sales system through the Internet browser, selects the product, enters the payment page of the online sales system, inputs the temporary authentication identifier provided by the payment authentication system, confirms the purchase, and the online sales system provides the transaction amount and the user to the payment authentication system.
  • the provisional certification ID and the payee account number are requested to request the payment authentication system to perform authentication and complete the payment processing.
  • the payment authentication system After receiving the transaction amount, the temporary authentication identifier, and the payee account number, the payment authentication system retrieves the additional restriction information set by the user and the payment account information of the user from the stored information according to the temporary authentication identifier. After the payment authentication system confirms that the temporary authentication identifier is valid, the payment authentication system provides the payment subsystem with the user's payment account and authentication password, and the payee account number, requesting completion of the payment processing. After the payment subsystem confirms that the payment request is valid, that is, the user's payment account information is accurate, and the transfer process from the payment account to the payee account is completed according to the transaction amount. After the payment processing is completed, the payment subsystem returns the payment authentication processing result to the payment authentication system.
  • the payment authentication system After receiving the processing result of the payment subsystem, the payment authentication system returns the payment authentication processing result to the online sales system, and operates the corresponding temporary authentication identifier setting according to the additional restriction information set by the user. After receiving the payment processing completion result of the payment authentication system, the online sales system displays the payment completion information on the webpage, completing the whole A network payment process.

Abstract

A method and system for realizing network payment. In the method, a user registers user information in a payment and authorization system (201), the payment and authorization system generates a temporary authorization identification in response to the request of a payer (202), provides the generated temporary authorization identification to the user (203), and stores the relationship between the user information and the temporary authorization identification in the database of the system, when network payment is being executed, a payee provides the temporary authorization identification obtained by the payer from the payment and authorization system and the information of the payee and the trade amount to the payment and authorization system (205), the payment and authorization system obtains the user information from the database according to the temporary authorization identification, accomplishes the payment when the request of payment is effective. In this way, by providing a reliable third part system, that is the payment and authorization system, the user must not provide the relative information about the payment accountant when the network payment is being executed, thus preventing the information about the payment accountant of a user, such as the account number and code, from being stolen by others, and providing safety security for the network payment.

Description

一种实现网络支付的方法及系统  Method and system for realizing network payment
技术领域 本发明涉及网络技术, 特别是指一种实现网络支付的方法及系统。 背景技术 目前的网络支付系统中, 在用户进行网络支付时, 首先需要对用户的身 份进行认证, 对用户身份进行认证通常所釆用的方式是: 用户账号加口令、TECHNICAL FIELD The present invention relates to network technologies, and more particularly to a method and system for implementing network payment. BACKGROUND In current network payment systems, when a user performs network payment, the user's identity needs to be authenticated first, and the user identity is usually used in the following manner: user account plus password,
IC卡认证以及付款方用户确认。 IC card authentication and payment user confirmation.
用户身份认证中最常用的是用户账号加密码方式, 但是, 进行用户身份 认证过程中, 用户输入的账号和密码非常容易被他人偷窥或恶意窃取, 安全 性十分有限。 最常见的窃取他人账号和密码的方式有两种: 一种是通过伪装 的链接网页诱骗用户输入自身的账号和密码; 另一种是利用计算机病毒或恶 意程序获取用户的个人资料, 截取其中的账号和密码。 为了防止用户的账号 和密码被窃取, 通常会对用户的账号和密码进行加密或使用动态密钥的方 式, 但是, 由于这两种处理方式在使用上不够方便或安全性不够等原因, 目 前还无法达到所期望的效果。  The most commonly used user authentication method is the user account plus password method. However, during the user identity authentication process, the account and password entered by the user are very easy to be sneaked or maliciously stolen by others, and the security is very limited. The most common ways to steal someone else's account and password are: one is to trick the user into entering their own account and password through a fake link page; the other is to use the computer virus or malicious program to obtain the user's personal information, intercepting the Account number and password. In order to prevent the user's account and password from being stolen, the user's account and password are usually encrypted or using a dynamic key. However, due to the inconvenience or insufficient security of the two processing methods, The desired effect could not be achieved.
虽然 IC卡认证方式具有较高的安全性, 但是, 要使用 IC卡认证方式就 必须使用具有读取 IC卡能力的终端, 由于网络支付中, 用户使用的多是只 具有普通功能的计算机, 因此 IC卡认证方式无法在网络支付中广泛应用。  Although the IC card authentication method has high security, it is necessary to use a terminal having the ability to read the IC card in order to use the IC card authentication method. Since the user uses most of the computers in the network payment, the computer has only a common function. The IC card authentication method cannot be widely used in network payment.
付款方用户确认的方式, 通常是在用户确定选购的商品后, 由收款方向 支付系统发送支付请求, 支付系统收到支付请求后, 向付款方用户发送电子 邮件或通过其他确认方式要求付款方用户对支付进行确认; 支付系统收到用 户的支付确认后, 完成支付处理。 由于这种处理方式需要等待用户返回的支 付确认, 无法即时响应支付请求完成支付处理。 另外, 受确认方式安全性的 影响, 使得确认过程本身的安全性也不够充分。 发明内容 有鉴于此, 本发明的主要目的在于提供一种实现网络支付的方法及系 统, 在网络支付中提供安全有效的认证方式。 The way the payer user confirms, usually after the user determines the purchased item, the direction of payment The payment system sends a payment request, and after receiving the payment request, the payment system sends an email to the paying party user or requests the paying party user to confirm the payment through other confirmation methods; after the payment system receives the payment confirmation from the user, the payment processing is completed. Since this processing method needs to wait for the payment confirmation returned by the user, the payment processing cannot be completed in response to the payment request. In addition, due to the safety of the confirmed method, the safety of the confirmation process itself is not sufficient. SUMMARY OF THE INVENTION In view of this, the main object of the present invention is to provide a method and system for implementing network payment, which provides a secure and effective authentication method in network payment.
为达到上述目的, 本发明的技术方案是这样实现的:  In order to achieve the above object, the technical solution of the present invention is achieved as follows:
一种实现网络支付的方法, 包含:  A method for implementing network payment, comprising:
付款方用户在支付认证系统中注册用户信息;  The payer user registers the user information in the payment authentication system;
支付认证系统根据付款方用户的请求生成临时认证标识, 向用户提供生 成的临时认证标识, 并将临时认证标识与用户信息之间的对应关系保存到系 统的数据库中;  The payment authentication system generates a temporary authentication identifier according to the request of the payer user, provides the generated temporary authentication identifier to the user, and saves the correspondence between the temporary authentication identifier and the user information in the database of the system;
进行网络支付时, 支付请求者向支付认证系统提供由付款方用户从支付 认证系统取得的临时认证标识, 并提供收款方信息及交易金额;  When making a network payment, the payment requester provides the payment authentication system with the temporary authentication identifier obtained by the payment user from the payment authentication system, and provides the payee information and the transaction amount;
支付认证系统根据临时认证标识从数据库取得用户信息,确认支付请求 有效后, 完成支付处理。  The payment authentication system obtains the user information from the database according to the temporary authentication identifier, and confirms that the payment request is valid, and completes the payment processing.
上述技术方案中, 所述用户信息至少包括: 付款账号信息, 并进一步包 括: 支付认证附加限制信息、 或用户身份相关信息、 或临时认证标识信息、 或使用记录、 或以上任意的组合。 上述方法进一步包括: 为临时认证标识设置附加限制信息; 附加限制信息包含有认证口令时,进行网络支付时,该方法进一步包括: 支付请求者向支付认证系统提供由付款方用户提供的认证口令; In the above technical solution, the user information at least includes: payment account information, and further includes: payment authentication additional restriction information, or user identity related information, or temporary authentication identification information, or usage record, or any combination thereof. The method further includes: setting additional restriction information for the temporary authentication identifier; when the additional restriction information includes the authentication password, when performing the network payment, the method further comprises: the payment requester providing the payment authentication system with the authentication password provided by the payer user;
该方法进一步包括: 支付认证系统根据支付认证处理结果更新数据库中 与临时认证标识相关的用户信息。  The method further includes: the payment authentication system updating the user information associated with the temporary authentication identifier in the database based on the payment authentication processing result.
所述认附加认证限制信息: 由用户在注册时进行设置; 或者, 由用户向 支付认证系统请求临时认证标识时进行设置; 或者, 由支付认证系统进行设 置。  The additional authentication restriction information is set by the user at the time of registration; or is set when the user requests the temporary authentication identification from the payment authentication system; or is set by the payment authentication system.
其中, 所述临时认证标识: 不包含或隐含用于支付的付款账号信息。 所述完成支付处理之后, 进一步包括:  The temporary authentication identifier: does not include or implied payment account information for payment. After the completing the payment processing, the method further includes:
A、 支付认证系统向支付请求者发送支付认证处理结果。  A. The payment authentication system sends a payment authentication processing result to the payment requester.
所述步骤 A进一步包括:支付认证系统向付款方用户发送支付认证处理 结果。  The step A further includes the payment authentication system transmitting a payment authentication processing result to the payer user.
本发明同时提供了一种实现网络支付的系统, 该系统包括: 付款方用户 客户端、 支付请求者客户端和支付认证系统, 其中,  The present invention also provides a system for implementing network payment, the system comprising: a payer user client, a payment requester client, and a payment authentication system, wherein
所述付款方用户客户端用于向支付认证系统提供用户信息, 请求支付认 证系统提供临时认证标识, 接收支付认证系统生成的临时认证标识;  The payer user client is configured to provide user information to the payment authentication system, request the payment authentication system to provide the temporary authentication identifier, and receive the temporary authentication identifier generated by the payment authentication system;
所述支付认证系统用于对付款方用户客户端提供的用户信息进行注册, 接受付款方用户客户端提出的提供临时认证标识的请求, 向付款方用户客户 端返回为用户生成的临时认证标识,接收支付请求者客户端提供的临时认证 标识、 收款方信息及交易金额, 确定临时认证标识有效后, 完成支付处理; 所述支付请求者客户端用于向支付认证系统提出支付请求, 向支付认证 系统提供付款方用户的临时认证标识, 并提供收款方信息和交易金额, 接受 支付认证系统的支付认证处理结果。 The payment authentication system is configured to register the user information provided by the payer user client, accept the request for providing the temporary authentication identifier by the payer user client, and return the temporary authentication identifier generated by the user to the payer user client. Receiving the temporary authentication identifier, the payee information, and the transaction amount provided by the payment requester client, and determining that the temporary authentication identifier is valid, completing the payment processing; the payment requester client is configured to make a payment request to the payment authentication system, to pay Certification The system provides the temporary authentication identifier of the payer user, and provides the payee information and the transaction amount, and accepts the payment authentication processing result of the payment authentication system.
上述技术方案中, 所述支付请求者客户端包括:  In the above technical solution, the payment requester client includes:
支付认证系统的用户终端、 与支付认证系统相连接的网络终端、 向支付 认证系统发出支付请求的收款方用户系统。  A user terminal of the payment authentication system, a network terminal connected to the payment authentication system, and a payee user system that issues a payment request to the payment authentication system.
其中, 所述支付认证系统进一步用于向支付请求者客户端发送支付认证 处理结果, 所述支付认证系统进一步向付款方用户发送支付认证处理结果。  The payment authentication system is further configured to send a payment authentication processing result to the payment requester client, where the payment authentication system further sends a payment authentication processing result to the paying party user.
本发明中, 用户在支付认证系统中注册用户信息, 支付认证系统根据付 款方用户的请求生成临时认证标识, 向用户提供生成的临时认证标识, 并将 临时认证标识与用户信息之间的对应关系保存到系统的数据库中,进行网络 支付时, 支付请求者向支付认证系统提供由付款方用户从支付认证系统取得 的临时认证标识, 并提供收款方信息及交易金额, 支付认证系统根据临时认 证标识从数据库取得用户信息,确认支付请求有效后,完成支付处理。这样, 通过设置安全的第三方系统、 支付认证系统, 使得用户进行网络支付时, 无 需提供相关付款账号信息, 避免用户的付款账号信息、 如账号和密码被他人 窃取, 为网络支付提供了安全保障。 并且, 利用各种终端都能够实现临时认 证标识的获取, 不受终端实现形式的限制。 附图说明 图 1为本发明中网络支付系统结构示意图;  In the present invention, the user registers the user information in the payment authentication system, and the payment authentication system generates the temporary authentication identifier according to the request of the payer user, provides the generated temporary authentication identifier to the user, and associates the temporary authentication identifier with the user information. When saving to the database of the system for network payment, the payment requester provides the temporary authentication identifier obtained by the payer user from the payment authentication system to the payment authentication system, and provides the payee information and the transaction amount, and the payment authentication system is based on the temporary authentication. The identifier obtains the user information from the database, confirms that the payment request is valid, and completes the payment processing. In this way, by setting up a secure third-party system and a payment authentication system, the user does not need to provide relevant payment account information when the user performs network payment, thereby preventing the user's payment account information, such as the account number and password being stolen by others, and providing security for the network payment. . Moreover, the acquisition of the temporary authentication identifier can be realized by using various terminals, and is not limited by the terminal implementation form. BRIEF DESCRIPTION OF DRAWINGS FIG. 1 is a schematic structural diagram of a network payment system according to the present invention;
图 2为本发明中网络支付具体实施例流程图。 具体实施方式 本发明中, 用户在支付认证系统( Payment and Authorization System )中 注册用户信息, 支付认证系统根据付款方用户的请求生成临时认证标识, 向 用户提供生成的临时认证标识, 并将临时认证标识与用户信息之间的对应关 系保存到系统的数据库中, 进行网络支付时, 支付请求者向支付认证系统提 供由付款方用户从支付认证系统取得的临时认证标识, 并提供收款方信息及 交易金额, 支付认证系统根据临时认证标识从数据库取得用户信息, 确认支 付请求有效后, 完成支付处理。 2 is a flow chart of a specific embodiment of network payment in the present invention. DETAILED DESCRIPTION OF THE INVENTION In the present invention, a user registers user information in a Payment and Authorization System, and the payment authentication system generates a temporary authentication identifier according to a request of the payer user, provides the generated temporary authentication identifier to the user, and provides temporary authentication. The correspondence between the identifier and the user information is saved in the database of the system. When the network payment is made, the payment requester provides the temporary authentication identifier obtained by the payer user from the payment authentication system to the payment authentication system, and provides the payee information and The transaction amount, the payment authentication system obtains the user information from the database according to the temporary authentication identifier, and confirms that the payment request is valid, and completes the payment processing.
图 1为本发明中网络支付系统结构示意图, 如图 1所示, 网络支付系统 包括付款方用户客户端、 支付认证系统、 支付请求者客户端。 其中, 所述付 款方用户客户端用于向支付认证系统提供用户信息, 请求支付认证系统提供 临时认证标识, 接收支付认证系统生成的临时认证标识; 所述支付认证系统 用于对付款方用户客户端提供的用户信息进行注册,接受付款方用户客户端 提出的提供临时认证标识的请求, 向付款方用户客户端返回为用户生成的临 时认证标识, 接收支付请求者客户端提供的临时认证标识、 及提供的收款方 信息及交易金额, 确定临时认证标识有效后, 完成支付处理; 所述支付请求 者客户端用于向支付认证系统提出支付请求, 向支付认证系统提供付款方用 户的临时认证标识和认证口令, 并提供收款方信息和交易金额, 接受支付认 证系统的支付认证处理结果。 支付请求者客户端包括: 支付认证系统的用户 终端、 与支付认证系统相连接的网络终端、 向支付认证系统发出支付请求的 收款方用户系统。  1 is a schematic structural diagram of a network payment system according to the present invention. As shown in FIG. 1, the network payment system includes a payer user client, a payment authentication system, and a payment requester client. The payer user client is configured to provide user information to the payment authentication system, request the payment authentication system to provide the temporary authentication identifier, and receive the temporary authentication identifier generated by the payment authentication system; the payment authentication system is used for the paying party user client. The user information provided by the terminal is registered, accepts the request for providing the temporary authentication identifier by the payer user client, returns the temporary authentication identifier generated for the user to the payer user client, and receives the temporary authentication identifier provided by the payment requester client, And providing the payee information and the transaction amount, determining that the temporary authentication identifier is valid, completing the payment processing; the payment requester client is configured to make a payment request to the payment authentication system, and providing the payment authentication system with the temporary authentication of the paying party user Identify and authenticate the password, and provide the payee information and transaction amount, and accept the payment authentication processing result of the payment authentication system. The payment requester client includes: a user terminal of the payment authentication system, a network terminal connected to the payment authentication system, and a payee user system that issues a payment request to the payment authentication system.
支付认证系统中可包括付款子系统, 完成支付处理的具体过程可为: 支 付认证系统根据临时认证标识从数据库取得付款用户的付款账号信息,调用 付款子系统进行支付处理, 所述付款子系统用于根据支付认证系统提供的付 款账号信息、 收款方信息和交易金额完成支付处理。 The payment authentication system may include a payment subsystem, and the specific process of completing the payment processing may be: The payment authentication system obtains the payment account information of the payment user from the database according to the temporary authentication identifier, and invokes the payment subsystem to perform payment processing, and the payment subsystem is configured to complete the payment account information, the payee information, and the transaction amount provided by the payment authentication system. Payment processing.
进一步地, 付款子系统完成支付处理后, 可向支付认证系统返回支付认 证处理结果; 支付认证系统收到付款子系统发送的支付认证处理结果后, 向 支付请求者客户端发送支付认证处理结果。支付认证系统还可进一步向付款 方用户客户端发送支付认证处理结果。  Further, after the payment subsystem completes the payment processing, the payment authentication processing result may be returned to the payment authentication system; after receiving the payment authentication processing result sent by the payment subsystem, the payment authentication system sends the payment authentication processing result to the payment requester client. The payment authentication system can further send payment authentication processing results to the payer user client.
图 2为本发明中网络支付具体实施例流程图, 如图 2所示, 设置支付认 证系统, 本实施例中网络支付的处理过程包括以下步骤:  2 is a flowchart of a specific embodiment of a network payment according to the present invention. As shown in FIG. 2, a payment authentication system is set. The processing process of the network payment in this embodiment includes the following steps:
步骤 201 : 用户授权支付认证系统进行网络支付, 向支付认证系统提供 自身的用户信息, 支付认证系统对用户信息进行注册。 用户信息包括: 付款 账号信息、支付认证附加限制信息、用户身份相关信息、临时认证标识信息、 使用记录等, 其中, 付款账号信息可包括用户的账号及密码。  Step 201: The user authorizes the payment authentication system to perform network payment, provides the user authentication information to the payment authentication system, and the payment authentication system registers the user information. The user information includes: payment account information, payment authentication additional restriction information, user identity related information, temporary authentication identification information, usage record, and the like, wherein the payment account information may include the user's account number and password.
步骤 202〜步骤 203: 用户向支付认证系统请求临时认证标识。 支付认证 系统收到用户的请求后, 生成临时认证标识, 在系统数据库中存储用户信息 与临时认证标识之间的对应关系, 然后向用户提供该临时认证标识。 支付认 证系统所生成的临时认证标识在系统中具有唯一性。  Step 202 to step 203: The user requests the temporary authentication identifier from the payment authentication system. After receiving the request from the user, the payment authentication system generates a temporary authentication identifier, stores the correspondence between the user information and the temporary authentication identifier in the system database, and then provides the temporary authentication identifier to the user. The temporary authentication ID generated by the payment authentication system is unique in the system.
用户可以在支付认证系统中设置网络支付时除提供临时认证标识外,是 否还需要提供其他信息,如由用户设置的临时密码,这样,进行网络支付时, 支付认证系统将根据用户的设置确定支付请求方提供的信息是否满足条件。 另外, 用户还可以设置一些辅助条件, 如每次网络支付的交易最大额。  The user can provide other information, such as a temporary password set by the user, in addition to providing the temporary authentication identifier when setting the network payment in the payment authentication system, so that when the network payment is made, the payment authentication system will determine the payment according to the user's setting. Whether the information provided by the requester satisfies the conditions. In addition, users can also set some auxiliary conditions, such as the maximum amount of transactions per network payment.
支付认证系统可以为生成的临时认证标识设置附加限制信息, 例如, 设 置临时认证标识的有效次数为 1次, 设置临时认证标识的有效期为 1天, 设 置临时认证标识的有效期为 2天、 且有效次数为 1次, 等等。 附加限制信息 可由用户设定, 例如, 用户在注册时设置附加限制信息, 又如, 用户在请求 支付认证系统提供认证临时认证标识时设置附加限制信息, 这样, 支付认证 系统可以根据用户的设定为临时认证标识设置附加限制信息, 也可以自动为 临时认证标识设置附加限制信息。 The payment authentication system can set additional restriction information for the generated temporary authentication identifier, for example, The effective number of the temporary authentication mark is set to 1 time, the validity period of the temporary authentication mark is set to 1 day, the validity period of the temporary authentication mark is set to 2 days, and the effective number is 1 time, and so on. The additional restriction information may be set by the user, for example, the user sets additional restriction information when registering, and, for example, the user sets additional restriction information when requesting the payment authentication system to provide the authentication temporary authentication identifier, so that the payment authentication system can be set according to the user. Additional restriction information is set for the temporary authentication ID, and additional restriction information can be automatically set for the temporary authentication ID.
步骤 204〜步骤 205: 需要进行网络支付时, 支付请求者从付款用户取得 临时认证标识, 如果需要认证口令, 同时还要取得认证口令; 支付请求者向 支付认证系统提供该临时认证标识或临时认证标识及认证口令、并提供收款 方账号及交易金额。  Step 204 to Step 205: When a network payment is required, the payment requester obtains the temporary authentication identifier from the payment user, and if the authentication password is required, the authentication password is also obtained; the payment requester provides the temporary authentication identifier or temporary authentication to the payment authentication system. Identify and authenticate the password and provide the payee account number and transaction amount.
步骤 206: 支付认证系统判断临时认证标识是否有效, 如果是, 则继续 执行步骤 207; 否则, 继续执行步骤 210。  Step 206: The payment authentication system determines whether the temporary authentication identifier is valid. If yes, proceed to step 207; otherwise, proceed to step 210.
临时认证标识是否有效可以是指支付认证系统的数据库中是否存储有 相应临时认证标识, 如果支付认证系统中存储有相应临时认证标识, 该临时 认证标识就是有效的, 否则, 该临时认证标识就是无效的; 如果用户对临时 认证标识还设定了认证口令, 则临时认证标识是否有效是指支付认证系统中 是否存储有相应临时认证标识, 并且临时认证标识与认证口令之间是否相对 应, 如果这两个条件均满足, 则临时认证标识是有效的; 否则, 临时认证标 识是无效的。 如果支付认证系统为临时认证标识设置了附加限制信息, 则还 需进一步判断支付请求信息是否满足附加限制信息, 如果满足, 则临时认证 标识有效, 否则, 临时认证标识无效, 例如, 临时认证标识的有效期是一天, 如果临时认证标识仍然在 1天的有效期内, 则该临时认证标识有效。 支付请 求信息中至少包括临时认证标识, 还可包括其他一些信息。 Whether the temporary authentication identifier is valid may refer to whether the temporary authentication identifier is stored in the database of the payment authentication system. If the temporary authentication identifier is stored in the payment authentication system, the temporary authentication identifier is valid. Otherwise, the temporary authentication identifier is invalid. If the user also sets an authentication password for the temporary authentication identifier, whether the temporary authentication identifier is valid means whether the corresponding temporary authentication identifier is stored in the payment authentication system, and whether the temporary authentication identifier corresponds to the authentication password, if this If both conditions are met, the temporary authentication ID is valid; otherwise, the temporary authentication ID is invalid. If the payment authentication system sets additional restriction information for the temporary authentication identifier, it is further required to determine whether the payment request information satisfies the additional restriction information. If yes, the temporary authentication identifier is valid, otherwise, the temporary authentication identifier is invalid, for example, the temporary authentication identifier is The validity period is one day. If the temporary certification mark is still within the validity period of one day, the temporary certification mark is valid. Payment please The request information includes at least a temporary authentication identifier, and may also include other information.
步骤 207: 支付认证系统根据存储的临时认证标识与用户信息之间的对 应关系, 确定对应于临时认证标识的用户信息中的付款账号信息, 向付款子 系统提供该付款账号信息、 收款方账号和交易金额。  Step 207: The payment authentication system determines the payment account information in the user information corresponding to the temporary authentication identifier according to the correspondence between the stored temporary authentication identifier and the user information, and provides the payment account information and the payee account to the payment subsystem. And the transaction amount.
步骤 208: 付款子系统根据付款账号信息、 收款方账号和交易金额完成 支付处理。 付款子系统在进行支付处理时, 可以调用外部支付系统。  Step 208: The payment subsystem completes the payment processing according to the payment account information, the payee account number, and the transaction amount. The payment subsystem can call the external payment system when making payment processing.
步骤 209: 付款子系统完成支付处理后, 向支付认证系统发送支付认证 处理结果, 具体处理可以为: 如果支付处理成功, 则付款子系统向支付认证 系统发送成功消息; 如果支付处理失败, 则付款子系统向支付认证系统发送 失败消息。  Step 209: After the payment subsystem completes the payment processing, the payment authentication processing result is sent to the payment authentication system. The specific processing may be: if the payment processing is successful, the payment subsystem sends a success message to the payment authentication system; if the payment processing fails, the payment is made. The subsystem sends a failure message to the payment authentication system.
步骤 210: 支付认证系统向支付请求者发送支付认证处理结果, 通知支 付请求者支付认证处理的结果。  Step 210: The payment authentication system transmits a payment authentication processing result to the payment requester, and notifies the payment requester to pay the result of the authentication processing.
进一步地, 支付认证系统收到付款子系统发送的支付认证处理结果后, 还可向付款的用户发送支付认证处理结果, 通知付款用户支付处理的结果。  Further, after receiving the payment authentication processing result sent by the payment subsystem, the payment authentication system may also send a payment authentication processing result to the payment user, and notify the payment user of the result of the payment processing.
步骤 211 : 支付认证系统更新数据库中的相关数据, 记录当前网络支付 的处理结果、 更新与临时认证标识相关的用户信息等。  Step 211: The payment authentication system updates relevant data in the database, records the processing result of the current network payment, and updates the user information related to the temporary authentication identifier.
支付请求者也可为付款方用户, 进行网络支付时, 付款方用户获取收款 方账号, 然后向认证子系统提供临时认证标识、 收款方账号及交易金额, 后 续处理与以上描述相同。  The payment requester can also be the payer user. When the network payment is made, the paying party user obtains the payee account number, and then provides the temporary authentication identifier, the payee account number and the transaction amount to the authentication subsystem, and the subsequent processing is the same as the above description.
支付请求者也可为收款方, 进行网络时, 收款方通过与付款方的交互获 取临时认证标识, 然后向认证子系统提供临时认证标识、 自身账号及交易金 额, 后续处理与以上描述相同。 支付请求者还可为除付款方和收款方的第三方, 进行网络时, 第三方通 过与付款方的交互获取临时认证标识, 并获取收款方账号, 然后向认证子系 统提供临时认证标识、 收款方账号及交易金额, 后续处理与以上描述相同。 The payment requester can also be the payee. When the network is performed, the payee obtains the temporary authentication identifier through the interaction with the payer, and then provides the temporary authentication identifier, the own account number and the transaction amount to the authentication subsystem, and the subsequent processing is the same as the above description. . The payment requester may also be a third party other than the payer and the payee. When the network is performed, the third party obtains the temporary authentication identifier through the interaction with the payer, acquires the payee account, and then provides the temporary authentication identifier to the authentication subsystem. , the payee account number and the transaction amount, the subsequent processing is the same as the above description.
另外, 收款方账号也可提前注册在支付认证系统中, 由认证支付系统为 收款方账号提供账号标识, 并在系统数据库中存储账号标识与收款方账号之 间的对应关系, 支付请求者只需向支付认证系统提供账号标识即可, 支付认 证系统在数据库中查找对应于账号标识的收款方账号, 后续处理相同。  In addition, the payee account can also be registered in the payment authentication system in advance, and the authentication payment system provides the account identifier for the payee account, and stores the correspondence between the account identifier and the payee account in the system database, and the payment request The user only needs to provide the account identification to the payment authentication system, and the payment authentication system searches the database for the payee account corresponding to the account identifier, and the subsequent processing is the same.
下面通过网络支付的三个具体应用场景, 对本发明的具体实现进行进一 步描述。  The specific implementation of the present invention will be further described below through three specific application scenarios of network payment.
应用场景一  Application scenario 1
用户通过互联网浏览器登录支付认证系统, 向支付认证系统请求临时认 证标识, 并且用户设置临时认证标识设定认证口令, 设置临时认证标识的有 效次数为 3次、 有效期为 12个小时, 还设置每次网络支付的交易最大额为 1000元, 最大累计总额为 2000元; 支付认证系统向用户提供生成的用户标 识。 支付认证系统生成临时认证标识, 并将用户的付款账号信息、 设置的附 加限制信息与临时认证标识之间的对应关系存储到数据库, 向用户提供生成 的临时认证标识, 互联网浏览器向用户显示临时认证标识。  The user logs in to the payment authentication system through the Internet browser, requests the temporary authentication identifier from the payment authentication system, and sets the temporary authentication identifier to set the authentication password. The effective number of setting the temporary authentication identifier is 3 times, the validity period is 12 hours, and each setting is also set. The maximum transaction amount of the secondary network payment is 1000 yuan, and the maximum cumulative total is 2000 yuan; the payment authentication system provides the generated user identification to the user. The payment authentication system generates a temporary authentication identifier, and stores the corresponding relationship between the payment account information of the user, the set additional restriction information, and the temporary authentication identifier to the database, and provides the generated temporary authentication identifier to the user, and the Internet browser displays the temporary identifier to the user. Certification mark.
为了保证临时认证标识的安全性和有效性,构成该临时认证标识的数字 或字符的位数必须足够大, 以防止通过随机产生等方法伪造临时认证标识。 例如, 如果支付认证系统每天生成临时认证标识的最大数量是 1亿个, 且设 置临时标识的最大有效期限为 100天, 默认设置临时认证标识的有效期限为 1天,如果临时认证标识由 20位数字组成,则该临时认证标识被伪造的概率 小于亿分之一; 如果临时认证标识用 20位的数字、 或英文字母、 或数字和 英文字母组成, 则该临时认证标识被伪造的概率小于万亿分之一。 为了保证 用户个人信息的安全性, 临时认证标识不要与用户的任何个人信息直接相 关, 只能通过支付认证系统, 根据临时认证标识从存储的信息中检索出用户 的个人信息。 In order to ensure the security and validity of the temporary authentication mark, the number of digits or characters constituting the temporary authentication mark must be large enough to prevent the temporary authentication mark from being forged by random generation or the like. For example, if the maximum number of temporary authentication IDs generated by the payment authentication system is 100 million per day, and the maximum validity period for setting the temporary identification is 100 days, the default setting of the temporary authentication identifier is 1 day, and if the temporary authentication identifier is 20 digits. The number of digits, the probability that the temporary authentication mark is forged Less than one billionth; if the temporary authentication mark is composed of 20 digits, or English letters, or numbers and English letters, the probability that the temporary authentication mark is forged is less than one part per trillion. In order to ensure the security of the user's personal information, the temporary authentication logo should not be directly related to any personal information of the user. The personal information of the user can only be retrieved from the stored information according to the temporary authentication identifier through the payment authentication system.
用户通过互联网浏览器访问在线销售系统, 选择好商品后, 进入该在线 销售系统的付款页面, 输入支付认证系统提供的临时认证标识和认证口令, 确认购买后, 在线销售系统向支付认证系统提供交易金额、 用户提供的临时 认证标识、 以及收款方账号, 请求支付认证系统进行认证并完成支付处理。  The user accesses the online sales system through the Internet browser, selects the product, enters the payment page of the online sales system, inputs the temporary authentication identifier and the authentication password provided by the payment authentication system, and after confirming the purchase, the online sales system provides the transaction to the payment authentication system. The amount, the temporary authentication ID provided by the user, and the payee account number, request the payment authentication system to perform authentication and complete the payment processing.
支付认证系统收到交易金额、临时认证标识、认证口令和收款方账号后, 根据临时认证标识从数据库中检索出用户设置的附加限制信息、 认证口令、 及用户的付款账号信息。 支付认证系统确认临时认证标识有效后, 支付认证 系统向付款子系统提供用户的付款账号及认证密码、 以及收款方账号, 请求 完成支付处理。 付款子系统确认支付请求有效后, 即用户的付款账号信息准 确无误, 根据交易金额, 完成从付款账号向收款方账号的转账处理。 支付处 理完成后, 付款子系统向支付认证系统返回支付认证处理结果。 支付认证系 统收到付款子系统的处理结果之后, 向在线销售系统返回支付认证处理结 果, 并且更新数据库中的该临时认证标识的相关数据。 在线销售系统收到支 付认证系统的支付处理完成结果后, 在网页上显示支付完成的信息, 完成整 个网络支付过程。  After receiving the transaction amount, the temporary authentication identifier, the authentication password, and the payee account number, the payment authentication system retrieves the additional restriction information, the authentication password, and the payment account information set by the user from the database according to the temporary authentication identifier. After the payment authentication system confirms that the temporary authentication identifier is valid, the payment authentication system provides the payment subsystem with the user's payment account and authentication password, and the payee account number, requesting completion of the payment processing. After the payment subsystem confirms that the payment request is valid, that is, the user's payment account information is accurate, and the transfer process from the payment account to the payee account is completed according to the transaction amount. After the payment process is completed, the payment subsystem returns the payment authentication process result to the payment authentication system. After receiving the processing result of the payment subsystem, the payment authentication system returns the payment authentication processing result to the online sales system, and updates the related data of the temporary authentication identifier in the database. After the online sales system receives the payment processing completion result of the payment authentication system, the payment completion information is displayed on the webpage, and the entire network payment process is completed.
应用场景二  Application scenario 2
用户使用带智能芯片的移动终端作为网络终端, 访问支付认证系统, 向 支付认证系统请求临时认证标识, 不设置附加限制信息。 支付认证系统从数 据库中检索出用户设定的缺省附加限制信息为有效次数为 1次、有效期限为 10分钟, 交易最大额为 10000元, 不使用认证密码, 支付认证系统以系统日 期和用户账号生成随机数, 将该随机数作为确定临时认证标识的参数, 得到 一个由数字和英文字母组成的 20位标识号的临时认证标识。 临时认证标识 的算法保证用户账号无法根据支付认证系统生成的临时认证标识得到。支付 认证系统向用户提供生成的临时认证标识, 并存储用户的付款账号信息、 设 置的附加限制信息与临时认证标识之间的对应关系。 The user uses the mobile terminal with the smart chip as the network terminal to access the payment authentication system, The payment authentication system requests the temporary authentication identifier, and no additional restriction information is set. The payment authentication system retrieves the default additional restriction information set by the user from the database as valid once, the validity period is 10 minutes, the maximum transaction amount is 10,000 yuan, the authentication password is not used, and the payment authentication system uses the system date and user. The account generates a random number, and the random number is used as a parameter for determining the temporary authentication identifier, and a temporary authentication identifier of a 20-digit identification number consisting of a number and an English letter is obtained. The algorithm of the temporary authentication identifier ensures that the user account cannot be obtained according to the temporary authentication identifier generated by the payment authentication system. The payment authentication system provides the generated temporary authentication identifier to the user, and stores the correspondence between the payment account information of the user, the set additional restriction information, and the temporary authentication identifier.
用户在商店中确定需要购买的商品后, 将支付认证系统提供的临时认证 标识输入至商店的收款网络终端。 收款网络终端向支付认证系统提供交易金 额、 用户提供的临时认证标识、 以及收款方账号, 请求支付认证系统进行认 证并完成支付处理。  After the user determines the item to be purchased in the store, the temporary authentication identifier provided by the payment authentication system is input to the collection network terminal of the store. The payment network terminal provides the payment authentication system with the transaction amount, the temporary authentication identifier provided by the user, and the payee account number, and requests the payment authentication system to perform authentication and complete the payment processing.
支付认证系统收到交易金额、 临时认证标识和收款方账号后, 根据临时 认证标识从存储的信息中检索出用户设置的附加限制信息、及用户的付款账 号信息。 支付认证系统确认临时认证标识有效后, 支付认证系统向付款子系 统提供用户的付款账号及认证密码、 以及收款方账号, 请求完成支付处理。 付款子系统确认支付请求有效后, 即用户的付款账号信息准确无误, 根据交 易金额, 完成从付款账号向收款方账号的转账处理。 支付处理完成后, 付款 子系统向支付认证系统返回支付认证处理结果。支付认证系统收到付款子系 统的处理结果之后, 向商店的收款网络终端返回支付认证处理结果, 并根据 用户设置的附加限制信息将数据库中相应临时认证标识的使用有效状态设 置为不可使用。 商店的收款网络终端收到支付认证系统的支付处理完成结果 后, 在终端上显示支付完成的信息, 完成整个网络支付过程。 After receiving the transaction amount, the temporary authentication identifier, and the payee account number, the payment authentication system retrieves the additional restriction information set by the user and the payment account information of the user from the stored information according to the temporary authentication identifier. After the payment authentication system confirms that the temporary authentication identifier is valid, the payment authentication system provides the payment subsystem with the user's payment account and authentication password, and the payee account number, requesting completion of the payment processing. After the payment subsystem confirms that the payment request is valid, that is, the user's payment account information is accurate, and the transfer process from the payment account to the payee account is completed according to the transaction amount. After the payment processing is completed, the payment subsystem returns the payment authentication processing result to the payment authentication system. After receiving the processing result of the payment subsystem, the payment authentication system returns the payment authentication processing result to the collection network terminal of the store, and sets the use valid status of the corresponding temporary authentication identifier in the database to be unusable according to the additional restriction information set by the user. The payment network terminal of the store receives the payment processing completion result of the payment authentication system After that, the payment completion information is displayed on the terminal, and the entire network payment process is completed.
使用带智能芯片的移动终端访问支付认证系统获取临时认证标识, 虽然 对移动终端的要求较高, 但是具有更高的安全性。  The mobile terminal with the smart chip accesses the payment authentication system to obtain the temporary authentication identifier, and although the requirements for the mobile terminal are high, it has higher security.
应用场景三  Application scenario three
用户通过终端访问支付认证系统的声讯服务系统,请求支付认证系统生 成临时认证标识。支付认证系统可以通过直接应答的方式向用户提供临时认 证标识, 也可以通过手机短信将该临时认证标识发送给用户, 并存储用户的 付款账号信息、 设置的附加限制信息与临时认证标识之间的对应关系。  The user accesses the voice service system of the payment authentication system through the terminal, and requests the payment authentication system to generate a temporary authentication identifier. The payment authentication system may provide the temporary authentication identifier to the user by means of direct response, or may send the temporary authentication identifier to the user through the mobile phone short message, and store the payment account information of the user, the set additional restriction information and the temporary authentication identifier. Correspondence relationship.
用户通过互联网浏览器访问在线销售系统, 选择好商品后, 进入该在线 销售系统的付款页面,输入支付认证系统提供的临时认证标识,确认购买后, 在线销售系统向支付认证系统提供交易金额、 用户提供的临时认证标识、 以 及收款方账号, 请求支付认证系统进行认证并完成支付处理。  The user accesses the online sales system through the Internet browser, selects the product, enters the payment page of the online sales system, inputs the temporary authentication identifier provided by the payment authentication system, confirms the purchase, and the online sales system provides the transaction amount and the user to the payment authentication system. The provisional certification ID and the payee account number are requested to request the payment authentication system to perform authentication and complete the payment processing.
支付认证系统收到交易金额、 临时认证标识和收款方账号后, 根据临时 认证标识从存储的信息中检索出用户设置的附加限制信息、及用户的付款账 号信息。 支付认证系统确认临时认证标识有效后, 支付认证系统向付款子系 统提供用户的付款账号及认证密码、 以及收款方账号, 请求完成支付处理。 付款子系统确认支付请求有效后, 即用户的付款账号信息准确无误, 根据交 易金额, 完成从付款账号向收款方账号的转账处理。 支付处理完成后, 付款 子系统向支付认证系统返回支付认证处理结果。支付认证系统收到付款子系 统的处理结果之后, 向在线销售系统返回支付认证处理结果, 并根据用户设 置的附加限制信息对相应临时认证标识设置进行操作。在线销售系统收到支 付认证系统的支付处理完成结果后, 在网页上显示支付完成的信息, 完成整 个网络支付过程。 以上所述, 仅为本发明的较佳实施例而已, 并非用于限定本发明的保护 After receiving the transaction amount, the temporary authentication identifier, and the payee account number, the payment authentication system retrieves the additional restriction information set by the user and the payment account information of the user from the stored information according to the temporary authentication identifier. After the payment authentication system confirms that the temporary authentication identifier is valid, the payment authentication system provides the payment subsystem with the user's payment account and authentication password, and the payee account number, requesting completion of the payment processing. After the payment subsystem confirms that the payment request is valid, that is, the user's payment account information is accurate, and the transfer process from the payment account to the payee account is completed according to the transaction amount. After the payment processing is completed, the payment subsystem returns the payment authentication processing result to the payment authentication system. After receiving the processing result of the payment subsystem, the payment authentication system returns the payment authentication processing result to the online sales system, and operates the corresponding temporary authentication identifier setting according to the additional restriction information set by the user. After receiving the payment processing completion result of the payment authentication system, the online sales system displays the payment completion information on the webpage, completing the whole A network payment process. The above description is only a preferred embodiment of the present invention and is not intended to limit the protection of the present invention.

Claims

权利要求书 Claim
1、 一种实现网络支付的方法, 其特征在于, 该方法包含: A method for implementing network payment, characterized in that the method comprises:
付款方用户在支付认证系统中注册用户信息;  The payer user registers the user information in the payment authentication system;
支付认证系统根据付款方用户的请求生成临时认证标识, 向用户提供生 成的临时认证标识, 并将临时认证标识与用户信息之间的对应关系保存到系 统的数据库中;  The payment authentication system generates a temporary authentication identifier according to the request of the payer user, provides the generated temporary authentication identifier to the user, and saves the correspondence between the temporary authentication identifier and the user information in the database of the system;
进行网络支付时, 支付请求者向支付认证系统提供由付款方用户从支付 认证系统取得的临时认证标识, 并提供收款方信息及交易金额;  When making a network payment, the payment requester provides the payment authentication system with the temporary authentication identifier obtained by the payment user from the payment authentication system, and provides the payee information and the transaction amount;
支付认证系统根据临时认证标识从数据库取得用户信息,确认支付请求 有效后, 完成支付处理。  The payment authentication system obtains the user information from the database according to the temporary authentication identifier, and confirms that the payment request is valid, and completes the payment processing.
2、 根据权利要求 1所述的方法, 其特征在于, 所述用户信息至少包括: 付款账号信息, 并进一步包括: 支付认证附加限制信息、 或用户身份相关信 息、 或临时认证标识信息、 或使用记录、 或以上任意的组合。  2. The method according to claim 1, wherein the user information comprises at least: payment account information, and further comprising: payment authentication additional restriction information, or user identity related information, or temporary authentication identification information, or using Record, or any combination of the above.
3、 根据权利要求 1所述的方法, 其特征在于,  3. The method of claim 1 wherein:
该方法进一步包括: 为临时认证标识设置附加限制信息;  The method further includes: setting additional restriction information for the temporary authentication identifier;
附加限制信息包含有认证口令时,进行网络支付时,该方法进一步包括: 支付请求者向支付认证系统提供由付款方用户提供的认证口令;  When the additional restriction information includes the authentication password, when the network payment is performed, the method further includes: the payment requester providing the payment authentication system with the authentication password provided by the payer user;
该方法进一步包括: 支付认证系统根据支付认证处理结果更新数据库中 与临时认证标识相关的用户信息。  The method further includes: the payment authentication system updating the user information associated with the temporary authentication identifier in the database based on the payment authentication processing result.
4、 根据权利要求 3所述的方法, 其特征在于, 所述认附加认证限制信 息: 由用户在注册时进行设置; 或者, 由用户向支付认证系统请求临时认证 标识时进行设置; 或者, 由支付认证系统进行设置。 The method according to claim 3, wherein the additional authentication restriction information is set by the user at the time of registration; or the user requests temporary authentication from the payment authentication system. Set when marking; or, set by the payment authentication system.
5、 根据权利要求 1 所述的方法, 其特征在于, 所述临时认证标识: 不 包含或隐含用于支付的付款账号信息。  5. The method according to claim 1, wherein the temporary authentication identifier: does not include or implied payment account information for payment.
6、 根据权利要求 1所述的方法, 其特征在于, 所述完成支付处理之后, 进一步包括:  The method according to claim 1, wherein after the completing the payment processing, the method further comprises:
A、 支付认证系统向支付请求者发送支付认证处理结果。  A. The payment authentication system sends a payment authentication processing result to the payment requester.
7、 根据权利要求 6所述的方法, 其特征在于, 所述步骤 A进一步包括: 支付认证系统向付款方用户发送支付认证处理结果。  7. The method according to claim 6, wherein the step A further comprises: the payment authentication system transmitting a payment authentication processing result to the payer user.
8、 一种实现网络支付的系统, 其特征在于, 该系统包括: 付款方用户 客户端、 支付请求者客户端和支付认证系统, 其中,  8. A system for implementing network payment, the system comprising: a payer user client, a payment requester client, and a payment authentication system, wherein
所述付款方用户客户端用于向支付认证系统提供用户信息, 请求支付认 证系统提供临时认证标识, 接收支付认证系统生成的临时认证标识;  The payer user client is configured to provide user information to the payment authentication system, request the payment authentication system to provide the temporary authentication identifier, and receive the temporary authentication identifier generated by the payment authentication system;
所述支付认证系统用于对付款方用户客户端提供的用户信息进行注册, 接受付款方用户客户端提出的提供临时认证标识的请求, 向付款方用户客户 端返回为用户生成的临时认证标识,接收支付请求者客户端提供的临时认证 标识、 收款方信息及交易金额, 确定临时认证标识有效后, 完成支付处理; 所述支付请求者客户端用于向支付认证系统提出支付请求, 向支付认证 系统提供付款方用户的临时认证标识, 并提供收款方信息和交易金额, 接受 支付认证系统的支付认证处理结果。  The payment authentication system is configured to register the user information provided by the payer user client, accept the request for providing the temporary authentication identifier by the payer user client, and return the temporary authentication identifier generated by the user to the payer user client. Receiving the temporary authentication identifier, the payee information, and the transaction amount provided by the payment requester client, and determining that the temporary authentication identifier is valid, completing the payment processing; the payment requester client is configured to make a payment request to the payment authentication system, to pay The authentication system provides the temporary authentication identifier of the payer user, and provides the payee information and the transaction amount, and accepts the payment authentication processing result of the payment authentication system.
9、 根据权利要求 8所述的系统, 其特征在于, 所述支付请求者客户端 包括:  9. The system according to claim 8, wherein the payment requester client comprises:
支付认证系统的用户终端、 与支付认证系统相连接的网络终端、 向支付 认证系统发出支付请求的收款方用户系统。 User terminal of the payment authentication system, network terminal connected to the payment authentication system, payment to The payee user system that issued the payment request by the authentication system.
10、 根据权利要求 8所述的系统, 其特征在于,  10. The system of claim 8 wherein:
所述支付认证系统进一步用于向支付请求者客户端发送支付认证处理 结果。  The payment authentication system is further for transmitting a payment authentication processing result to a payment requester client.
11、 根据权利要求 8所述的系统, 其特征在于, 所述支付认证系统进一 步向付款方用户发送支付认证处理结果。  The system according to claim 8, wherein the payment authentication system further transmits a payment authentication processing result to the payer user.
PCT/CN2007/070224 2007-06-28 2007-07-03 Method and system for realizing network payment WO2009000130A1 (en)

Applications Claiming Priority (2)

Application Number Priority Date Filing Date Title
CNA2007101124730A CN101067856A (en) 2007-06-28 2007-06-28 Method and system for realizing network payment
CN200710112473.0 2007-06-28

Publications (1)

Publication Number Publication Date
WO2009000130A1 true WO2009000130A1 (en) 2008-12-31

Family

ID=38880400

Family Applications (1)

Application Number Title Priority Date Filing Date
PCT/CN2007/070224 WO2009000130A1 (en) 2007-06-28 2007-07-03 Method and system for realizing network payment

Country Status (2)

Country Link
CN (1) CN101067856A (en)
WO (1) WO2009000130A1 (en)

Cited By (2)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
EP2487634A1 (en) 2011-02-14 2012-08-15 Thomas Bodmer System and method for authorizing transactions identified by transaction references
CN112769684A (en) * 2016-03-30 2021-05-07 创新先进技术有限公司 Method and device for adding friends

Families Citing this family (13)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN102142959A (en) * 2010-01-29 2011-08-03 中华电信股份有限公司 Member account management method
CN102291372A (en) * 2010-06-18 2011-12-21 中华电信股份有限公司 Identity authentication method
CN102761580B (en) * 2011-04-29 2015-06-17 阿里巴巴集团控股有限公司 Information safety processing method, processing server and processing client side
CN103020815A (en) * 2012-12-10 2013-04-03 北京掌上汇通科技发展有限公司 Method, device and system for processing payment transaction
CN103578031A (en) * 2013-11-14 2014-02-12 交通银行股份有限公司 Quick transfer method and system
CN104751326A (en) * 2013-12-30 2015-07-01 腾讯科技(深圳)有限公司 Data processing method and related equipment and system
CN103903140B (en) * 2014-03-14 2018-05-11 福建联迪商用设备有限公司 A kind of O2O safe payment methods, system and a kind of secure payment backstage
CN105989491A (en) * 2015-02-17 2016-10-05 孙宏铭 Dynamic authorization code generation method, device, payment transaction method and system
CN105931035A (en) * 2015-08-18 2016-09-07 中国银联股份有限公司 Payment mark generation method and device
CN107040560B (en) * 2016-02-04 2020-09-08 阿里巴巴集团控股有限公司 Service processing method and device based on service platform
CN106557920B (en) * 2016-10-06 2021-01-08 深圳市智策科技有限公司 Payment system, collection and payment method, anonymous payment client and server
CN106878309B (en) * 2017-02-21 2021-12-14 腾讯科技(深圳)有限公司 Safety early warning method and device applied to network payment
CN110889681A (en) * 2019-10-31 2020-03-17 支付宝(杭州)信息技术有限公司 Anonymous transaction method and system based on digital currency

Citations (3)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US5815665A (en) * 1996-04-03 1998-09-29 Microsoft Corporation System and method for providing trusted brokering services over a distributed network
GB2331822A (en) * 1997-12-01 1999-06-02 Global Money Transfer Holdings Money transfers
CN1384945A (en) * 1999-05-25 2002-12-11 塞弗派澳大利亚有限公司 System for handling network transactions

Patent Citations (3)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US5815665A (en) * 1996-04-03 1998-09-29 Microsoft Corporation System and method for providing trusted brokering services over a distributed network
GB2331822A (en) * 1997-12-01 1999-06-02 Global Money Transfer Holdings Money transfers
CN1384945A (en) * 1999-05-25 2002-12-11 塞弗派澳大利亚有限公司 System for handling network transactions

Cited By (2)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
EP2487634A1 (en) 2011-02-14 2012-08-15 Thomas Bodmer System and method for authorizing transactions identified by transaction references
CN112769684A (en) * 2016-03-30 2021-05-07 创新先进技术有限公司 Method and device for adding friends

Also Published As

Publication number Publication date
CN101067856A (en) 2007-11-07

Similar Documents

Publication Publication Date Title
WO2009000130A1 (en) Method and system for realizing network payment
US11706212B2 (en) Method for securing electronic transactions
CA2748481C (en) System and method for initiating transactions on a mobile device
US9225523B2 (en) Authentication system and authentication method
US9596237B2 (en) System and method for initiating transactions on a mobile device
KR101384608B1 (en) Method for providing card payment system using phnone number and system thereof
US20120150748A1 (en) System and method for authenticating transactions through a mobile device
US9426655B2 (en) Legal authentication message confirmation system and method
US10489565B2 (en) Compromise alert and reissuance
US20090138367A1 (en) Network settling card, network settling program, authentication server, and shopping system and settling method
US11900453B2 (en) Digital identity sign-in
JP2016535881A (en) Method and system for authenticating services
JP2007094874A (en) Financial service providing system
KR101139407B1 (en) Security authentication method and system
US20140372303A1 (en) Online Authentication and Payment Service
WO2016138743A1 (en) Secure payment method, mobile terminal, and payment authentication server
JP2010237741A (en) Authentication system and authentication method
KR102440857B1 (en) Cryptocurrency withdrawal processing method and exchange system
KR100566632B1 (en) User authentication apparatus and method using internet domain information
JP2002298042A (en) Method and system for settlement of credit card, settling server, initial authentication method, authentication method, and authentication server
US20070156553A1 (en) Credit Proxy System and Method
KR20170141930A (en) System for providing financial service and method for transfer thereof
TW202117631A (en) Method for verifying financial service access privilege using different computer sequences and system thereof
KR101079740B1 (en) System for inputting information using terminal and method thereof
KR102289732B1 (en) Method for Additional Authentication of Abroad Residents

Legal Events

Date Code Title Description
121 Ep: the epo has been informed by wipo that ep was designated in this application

Ref document number: 07764153

Country of ref document: EP

Kind code of ref document: A1

NENP Non-entry into the national phase

Ref country code: DE

32PN Ep: public notification in the ep bulletin as address of the adressee cannot be established

Free format text: NOTING OF LOSS OF RIGHTS PURSUANT TO RULE 112(1) EPC (EPO FORM 1205A DATED 28/05/2010)

122 Ep: pct application non-entry in european phase

Ref document number: 07764153

Country of ref document: EP

Kind code of ref document: A1