CN105741115B - Method, device and system for payment authentication - Google Patents
Method, device and system for payment authentication Download PDFInfo
- Publication number
- CN105741115B CN105741115B CN201410759407.2A CN201410759407A CN105741115B CN 105741115 B CN105741115 B CN 105741115B CN 201410759407 A CN201410759407 A CN 201410759407A CN 105741115 B CN105741115 B CN 105741115B
- Authority
- CN
- China
- Prior art keywords
- authentication data
- payment authentication
- payment
- user
- mobile terminal
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Active
Links
- 238000000034 method Methods 0.000 title claims abstract description 31
- 238000012011 method of payment Methods 0.000 claims description 10
- 230000005540 biological transmission Effects 0.000 claims description 4
- 238000012795 verification Methods 0.000 description 13
- 238000010586 diagram Methods 0.000 description 9
- 230000008569 process Effects 0.000 description 4
- 238000003672 processing method Methods 0.000 description 2
- 230000004044 response Effects 0.000 description 2
- 238000013459 approach Methods 0.000 description 1
- 230000014509 gene expression Effects 0.000 description 1
- 230000002452 interceptive effect Effects 0.000 description 1
- 238000012986 modification Methods 0.000 description 1
- 230000004048 modification Effects 0.000 description 1
- 230000003287 optical effect Effects 0.000 description 1
Images
Landscapes
- Financial Or Insurance-Related Operations Such As Payment And Settlement (AREA)
Abstract
The invention discloses a method, equipment and a system for payment authentication, and relates to the field of mobile internet. Wherein the method comprises the following steps: receiving payment authentication data to be authenticated sent by a mobile terminal; matching the payment authentication data to be authenticated with the user-defined payment authentication data registered by the mobile terminal; and determining whether the payment authentication passes according to the matching result. The embodiment of the invention carries out authentication through the user-defined payment authentication data, and as the payment authentication data is determined by the user, even if the mobile terminal is stolen, an illegal user cannot acquire correct payment authentication data easily, so that the payment authentication cannot be passed, thereby improving the safety of the payment authentication.
Description
Technical Field
The invention relates to the field of mobile internet, in particular to a method, equipment and a system for payment authentication.
Background
With the popularization of 3G mobile content and applications and the introduction of 4G technology, electronic payment is an emerging transaction means, the business mode of which is accepted by people, and the number of users and applications of electronic payment is gradually increasing in recent years.
In the prior art, a payment verification method mainly used in online transaction verification is that a payment platform generates a verification code and sends the verification code to a mobile terminal device of a specified user, and the mobile terminal of the user receives the verification code and verifies the verification code to realize interactive verification of authentication data and complete payment authentication.
In the prior art, a scheme that the verification code is received by the mobile terminal and the verification of the payment platform is completed by the verification code is easy to generate serious potential safety hazard, and if the verification code received by the mobile terminal or the mobile terminal is stolen, the safety of payment authentication is seriously influenced.
Disclosure of Invention
The embodiment of the invention aims to solve the technical problem that: security issues in payment authentication.
According to an aspect of the embodiments of the present invention, there is provided a method of payment authentication, including: receiving payment authentication data to be authenticated sent by a mobile terminal; matching the payment authentication data to be authenticated with the user-defined payment authentication data registered by the mobile terminal; and determining whether the payment authentication passes according to the matching result.
In one embodiment, the custom payment authentication data includes: the mobile terminal comprises pictures, maps, electronic business cards, two-dimensional codes or application information on the mobile terminal.
In one embodiment, matching the payment authentication data to be authenticated with the custom payment authentication data registered by the mobile terminal specifically includes: acquiring attribute information of payment authentication data to be authenticated; judging whether the attribute information of the payment authentication data to be authenticated meets the requirement of the attribute information of the user-defined payment authentication data registered by the mobile terminal;
if the payment authentication data meets the requirements, matching the payment authentication data to be authenticated with the user-defined payment authentication data registered by the mobile terminal; if not, the authentication is not passed.
In one embodiment, the attribute information of the custom payment authentication data includes: the user-defined payment authentication data comprises time information for completing payment authentication and/or size limit information for completing payment authentication by the user-defined payment authentication data.
In one embodiment, the determining whether the attribute information of the payment authentication data to be authenticated meets the requirement of the attribute information of the custom payment authentication data registered by the mobile terminal comprises: when the attribute information of the self-defined payment authentication data is the time information of completing the payment authentication of the self-defined payment authentication data, judging whether the time used for payment of the payment authentication data to be authenticated is within the time range of completing the payment authentication of the self-defined payment authentication data, if so, conforming to the requirement, and if not, not conforming to the requirement; or when the attribute information of the customized payment authentication data is size limit information of the customized payment authentication data for completing the payment authentication, judging that the size of the payment authentication data to be authenticated is within the size limit range of the customized payment authentication data for completing the payment authentication, if so, meeting the requirement, and if not, not meeting the requirement.
In one embodiment, the method of payment authentication further comprises: and receiving a registration request sent by a user through the mobile terminal, wherein the registration request carries user-defined payment authentication data of the user, and establishing a corresponding relation between user identification information and the user-defined payment authentication data.
In one embodiment, the registration request further carries attribute information of the custom payment authentication data, and a corresponding relationship between the user identification information and the custom payment authentication data and the attribute information thereof is established.
According to another aspect of the embodiment of the invention, the method for payment authentication comprises the steps of selecting registered self-defined payment authentication data; and sending the user-defined payment authentication data to a payment server for authentication.
In one embodiment, a method of payment authentication includes: and selecting and sending the self-defined payment authentication data within the time range of completing the payment authentication of the registered self-defined payment authentication data.
In one embodiment, the method of payment authentication further comprises: and sending a registration request to the payment server, wherein the registration request carries user-defined payment authentication data of the user.
In one embodiment, the registration request also carries attribute information of the custom payment authentication data.
In one embodiment, the custom payment authentication data includes: the mobile terminal comprises pictures, maps, electronic business cards, two-dimensional codes or application information on the mobile terminal.
According to still another aspect of an embodiment of the present invention, there is provided a payment server including: the system comprises an authentication data receiving module and an authentication data matching module, wherein the authentication data receiving module is used for receiving payment authentication data to be authenticated, which is sent by the mobile terminal; the authentication data matching module is used for matching the payment authentication data to be authenticated with the user-defined payment authentication data registered by the mobile terminal; and determining whether the payment authentication is passed according to the matching result.
In one embodiment, the custom payment authentication data includes: the mobile terminal comprises pictures, maps, electronic business cards, two-dimensional codes or application information on the mobile terminal.
In one embodiment, the authentication data receiving module is further configured to obtain attribute information of payment authentication data to be authenticated; the authentication data matching module is also used for judging whether the attribute information of the payment authentication data to be authenticated meets the requirement of the attribute information of the user-defined payment authentication data registered by the mobile terminal; if the payment authentication data meets the requirements, matching the payment authentication data to be authenticated with the user-defined payment authentication data registered by the mobile terminal; if not, the authentication is not passed.
In one embodiment, the attribute information of the custom payment authentication data includes: the user-defined payment authentication data comprises time information for completing payment authentication and/or size limit information for completing payment authentication by the user-defined payment authentication data.
In one embodiment, when the authentication data matching module is configured to determine whether attribute information of the payment authentication data to be authenticated meets a requirement of attribute information of custom payment authentication data registered by the mobile terminal, the authentication data matching module specifically includes: when the attribute information of the self-defined payment authentication data is the time information of completing the payment authentication of the self-defined payment authentication data, judging whether the time used for payment of the payment authentication data to be authenticated is within the time range of completing the payment authentication of the self-defined payment authentication data, if so, conforming to the requirement, and if not, not conforming to the requirement; or when the attribute information of the customized payment authentication data is size limit information of the customized payment authentication data for completing the payment authentication, judging that the size of the payment authentication data to be authenticated is within the size limit range of the customized payment authentication data for completing the payment authentication, if so, meeting the requirement, and if not, not meeting the requirement.
In one embodiment, the payment server further comprises: and the registration module is used for receiving a registration request sent by the user through the mobile terminal, wherein the registration request carries user-defined payment authentication data of the user, and the corresponding relation between the user identification information and the user-defined payment authentication data is established.
In one embodiment, the registration request received by the registration module also carries attribute information of the custom payment authentication data, and establishes a corresponding relationship between the user identification information and the custom payment authentication data and the attribute information thereof.
According to another aspect of the embodiments of the present invention, there is provided a mobile terminal including: the authentication data selection and transmission module is used for selecting registered self-defined payment authentication data; and the authentication data sending module is also used for sending the custom payment authentication data to the payment server for authentication.
In one embodiment, the authentication data selection module is specifically configured to: and selecting the self-defined payment authentication data within the time range of completing the payment authentication of the registered self-defined payment authentication data.
In one embodiment, a mobile terminal includes: and the registration module is used for sending a registration request to the payment server, wherein the registration request carries user-defined payment authentication data of the user.
In one embodiment, the registration request also carries attribute information of the custom payment authentication data.
According to another aspect of the embodiments of the present invention, a system for payment authentication is provided, which includes a payment server in any of the foregoing embodiments and a mobile terminal in any of the foregoing embodiments.
The embodiment of the invention carries out authentication through the user-defined payment authentication data, and as the payment authentication data is determined by the user, even if the mobile terminal is stolen, an illegal user cannot acquire correct payment authentication data easily, so that the payment authentication cannot be passed, thereby improving the safety of the payment authentication.
Other features of the present invention and advantages thereof will become apparent from the following detailed description of exemplary embodiments thereof, which proceeds with reference to the accompanying drawings.
Drawings
In order to more clearly illustrate the embodiments of the present invention or the technical solutions in the prior art, the drawings used in the description of the embodiments or the prior art will be briefly described below, and it is obvious that the drawings in the following description are only some embodiments of the present invention, and for those skilled in the art, other drawings can be obtained according to these drawings without creative efforts.
FIG. 1 shows a flow diagram of one embodiment of a method of payment authentication of the present invention.
Fig. 2 shows a schematic flow chart of a further embodiment of the method of payment authentication of the present invention.
Fig. 3 shows a schematic structural diagram of one embodiment of the payment server of the present invention.
Fig. 4 shows a schematic structural diagram of an embodiment of the payment server of the present invention.
Fig. 5 shows a schematic structural diagram of an embodiment of the mobile terminal of the present invention.
Fig. 6 shows a schematic structural diagram of an embodiment of the mobile terminal of the present invention.
Fig. 7 is a schematic structural diagram illustrating an embodiment of the payment authentication system of the present invention.
Detailed Description
The technical solutions in the embodiments of the present invention will be clearly and completely described below with reference to the drawings in the embodiments of the present invention, and it is obvious that the described embodiments are only a part of the embodiments of the present invention, and not all of the embodiments. The following description of at least one exemplary embodiment is merely illustrative in nature and is in no way intended to limit the invention, its application, or uses. All other embodiments, which can be derived by a person skilled in the art from the embodiments given herein without making any creative effort, shall fall within the protection scope of the present invention.
The relative arrangement of the components and steps, the numerical expressions and numerical values set forth in these embodiments do not limit the scope of the present invention unless specifically stated otherwise.
Meanwhile, it should be understood that the sizes of the respective portions shown in the drawings are not drawn in an actual proportional relationship for the convenience of description.
Techniques, methods, and apparatus known to those of ordinary skill in the relevant art may not be discussed in detail but are intended to be part of the specification where appropriate.
In all examples shown and discussed herein, any particular value should be construed as merely illustrative, and not limiting. Thus, other examples of the exemplary embodiments may have different values.
It should be noted that: like reference numbers and letters refer to like items in the following figures, and thus, once an item is defined in one figure, further discussion thereof is not required in subsequent figures.
Aiming at the problem of low security of the traditional electronic payment authentication, the inventor provides a new payment authentication scheme, the user defines payment authentication data by user, the payment server takes the user-defined payment authentication data as the basis of the payment authentication, even if the mobile terminal is stolen, an illegal user is difficult to obtain correct payment authentication data, and the authentication cannot be passed, so that the security of the payment authentication is improved.
The following first explains the customization and registration process of the payment authentication data. The user can select one kind of data from the used mobile terminal as payment authentication data, namely, self-defined payment authentication data; then, the user sends a registration request to the payment server through the mobile terminal of the user, and the registration request can carry user-defined payment authentication data of the user; and after receiving the registration request, the payment server establishes the corresponding relation between the user identification information and the user-defined payment authentication data, thereby completing the user-defined and registration process of the payment authentication data.
In one embodiment, among others, the user-customized payment authentication data may include: pictures, maps, electronic business cards, two-dimensional codes, or information of applications on the mobile terminal, etc., but not limited to the examples given. Due to the variety of the user-defined payment authentication data, even if the mobile terminal is stolen, an illegal user cannot acquire correct payment authentication data, so that the payment authentication cannot be passed, and the safety of the payment authentication is improved.
In addition, the user can customize and register various attribute information of the payment authentication data according to needs. The attribute information of the customized payment authentication data may include, for example, at least one of time information when the customized payment authentication data completes payment authentication and size limit information when the customized payment authentication data completes payment authentication. The mobile terminal can send the user-defined payment authentication data and the attribute information thereof to the payment server for registration through the registration request, and the payment server needs to establish the corresponding relation between the user identification information and the user-defined payment authentication data and the attribute information thereof.
The registered attribute information of the custom payment authentication data increases the authentication difficulty, and the authentication data not only meets the requirements, but also needs to meet the requirements of certain time limit or size and the like, so that the security of payment authentication is further improved.
FIG. 1 is a flow chart of one embodiment of a method of payment authentication of the present invention. As shown in fig. 1, the method of this embodiment includes:
and step S102, the mobile terminal selects the registered user-defined payment authentication data. Wherein the definition of the payment authentication data is done by the user, as specifically referred to above.
And step S104, the mobile terminal sends the custom payment authentication data to the payment server for authentication. For the payment server, the data sent by the mobile terminal is payment authentication data to be authenticated.
And step S106, the payment server receives the payment authentication data to be authenticated sent by the mobile terminal.
And step S108, the payment server matches the payment authentication data to be authenticated with the user-defined payment authentication data registered by the mobile terminal.
And step S110, the payment server determines whether the payment authentication passes according to the matching result, and can complete payment according to the authentication result. If the payment authentication data to be authenticated is matched with the user-defined payment authentication data registered by the mobile terminal, the authentication is passed, and the payment is carried out, and if the authentication data to be authenticated is not matched with the user-defined payment authentication data registered by the mobile terminal, the authentication is not passed, and the payment cannot be carried out.
The embodiment performs authentication through the user-defined payment authentication data, and the payment authentication data is determined by the user, so that the mobile terminal does not know the payment authentication data, and even if the mobile terminal is stolen, an illegal user cannot know the correct payment authentication data, and cannot pass the authentication, thereby improving the security of the payment authentication.
In step S108, if only the custom payment authentication data is registered, the payment server may match the payment authentication data to be authenticated with the custom payment authentication data registered by the mobile terminal to determine whether the payment authentication passes. If the custom payment authentication data and the attribute information thereof are registered, the matching process specifically includes: the payment server acquires attribute information of payment authentication data to be authenticated; judging whether the attribute information of the payment authentication data to be authenticated meets the requirement of the attribute information of the user-defined payment authentication data registered by the mobile terminal; if the payment authentication data meets the requirements, matching the payment authentication data to be authenticated with the user-defined payment authentication data registered by the mobile terminal; if not, the authentication is not passed.
When the attribute information of the customized payment authentication data is the time information of completing the payment authentication of the customized payment authentication data, the payment server needs to judge whether the time used by the payment authentication data to be authenticated when the payment is completed is within the time range of completing the payment authentication of the customized payment authentication data, if the payment authentication data to be authenticated completes the payment authentication within the specified time, the payment authentication meets the requirement, so that the matching of the payment authentication data in the step S108 can be continued, and if the payment authentication data to be authenticated does not complete the payment authentication within the specified time, the payment authentication does not meet the requirement. A processing method when the requirements are not met allows the user to re-input the authentication data, i.e. re-execute the step of S104, re-transmit the payment authentication data to be authenticated, but at the same time can specify the number of re-transmissions to avoid the illegal user from continuously trying to crack the authentication data. Another approach when the requirements are not met may not allow the user to re-enter the authentication data and directly determine that the authentication fails.
When the attribute information of the user-defined payment authentication data is the size limit information of the payment authentication completed by the user-defined payment authentication data, the payment server can judge whether the size of the payment authentication data to be authenticated is within the size limit range of the payment authentication completed by the user-defined payment authentication data, if the size of the payment authentication data to be authenticated is within the specified size limit range, the payment authentication meets the requirement, so that the matching of the payment authentication data in the step S108 can be continued, and if the size of the payment authentication data to be authenticated is outside the specified size limit range, the payment authentication data does not meet the requirement. The processing method when the requirement is not met refers to the foregoing description, and details are not described here.
In addition, in the payment authentication process, the mobile terminal can directly send the self-defined payment authentication data to the payment server for authentication; in another method, the mobile terminal can send the characteristic information of the user-defined payment authentication data to the payment server for authentication. For example, if the custom payment authentication data is a picture, one method may send the picture to the payment server for authentication, and another method may send the content represented by the picture to the payment server for authentication.
In addition, if the type of the user-defined payment authentication data registered by the user is an application, in the registration and authentication, after the user selects a certain application, the mobile terminal can send the information of the application (such as an application name, an application version, user name/password login information and the like) to the payment server without transmitting the application itself, thereby saving transmission resources. The application may be, for example, a hydro-electric payment client, an instant messaging client, etc., but is not limited to the illustrated examples.
Fig. 2 is a schematic flowchart of a payment authentication method according to another embodiment of the present invention, in which a channel front-end is further disposed between the mobile terminal and the payment server. Referring to fig. 2, the method of payment authentication of the present embodiment includes:
step S202, the mobile terminal sends a registration request to the payment server through the channel front-end, and the registration request carries user-defined payment authentication data of the user.
And step S204, the payment server establishes the corresponding relation between the user identification information and the user-defined payment authentication data, and can return a registration response to the mobile terminal through the channel front-end.
Step S206, when the user carries out online transaction, the mobile terminal sends a payment transaction request to the payment server through the channel front-end.
And step S208, the payment server receives the payment transaction request sent by the mobile terminal and sends a verification request to the mobile terminal through the channel front-end.
Step S210, the mobile terminal receives the verification request sent by the payment server, and sends payment authentication data to be authenticated to the payment server through the channel front-end.
Step S212, the payment server receives the payment authentication data to be authenticated sent by the mobile terminal, matches the payment authentication data to be authenticated sent by the mobile terminal with the user-defined payment authentication data registered by the mobile terminal, determines whether the payment authentication passes according to the matching result, and can complete payment according to the authentication result.
If the payment authentication data to be authenticated is matched with the user-defined payment authentication data registered by the mobile terminal, the authentication is passed, and the payment is carried out, and if the authentication data to be authenticated is not matched with the user-defined payment authentication data registered by the mobile terminal, the authentication is not passed, and the payment cannot be carried out.
And step S214, the payment server returns a payment transaction response to the mobile terminal through the channel front-end.
Fig. 3 is a schematic structural diagram of an embodiment of the payment server of the present invention. Referring to fig. 3, the payment server may include: the payment authentication system comprises an authentication data receiving module 302 and an authentication data matching module 304, wherein the authentication data receiving module 302 is used for receiving payment authentication data to be authenticated, which is sent by the mobile terminal. The authentication data matching module 304 is used for matching the payment authentication data to be authenticated with the user-defined payment authentication data registered by the mobile terminal; and determining whether the payment authentication is passed according to the matching result.
In one embodiment, the user-customized payment authentication data includes: the mobile terminal comprises pictures, maps, electronic business cards, two-dimensional codes or application information on the mobile terminal.
In one embodiment, the authentication data receiving module 302 is further configured to obtain attribute information of payment authentication data to be authenticated; the authentication data matching module 304 is further configured to determine whether attribute information of the payment authentication data to be authenticated meets a requirement of attribute information of user-defined payment authentication data registered by the mobile terminal; if the payment authentication data meets the requirements, matching the payment authentication data to be authenticated with the user-defined payment authentication data registered by the mobile terminal; if not, the authentication is not passed.
In one embodiment, the attribute information of the custom payment authentication data includes: the user-defined payment authentication data comprises time information for completing payment authentication and/or size limit information for completing payment authentication by the user-defined payment authentication data.
In an embodiment, the authentication data matching module 304, when configured to determine whether attribute information of the payment authentication data to be authenticated meets a requirement of attribute information of custom payment authentication data registered in the mobile terminal, specifically includes:
when the attribute information of the self-defined payment authentication data is the time information of completing the payment authentication of the self-defined payment authentication data, judging whether the time used for payment of the payment authentication data to be authenticated is within the time range of completing the payment authentication of the self-defined payment authentication data, if so, conforming to the requirement, and if not, not conforming to the requirement;
or when the attribute information of the customized payment authentication data is size limit information of the customized payment authentication data for completing the payment authentication, judging that the size of the payment authentication data to be authenticated is within the size limit range of the customized payment authentication data for completing the payment authentication, if so, meeting the requirement, and if not, not meeting the requirement.
In one embodiment, referring to fig. 4, the payment server may further include: the registration module 406 is configured to receive a registration request sent by a user through the mobile terminal, where the registration request carries user-defined payment authentication data of the user, and establish a corresponding relationship between user identification information and the user-defined payment authentication data.
In an embodiment, the registration request received by the registration module 406 further carries attribute information of the custom payment authentication data, and establishes a corresponding relationship between the user identification information and the custom payment authentication data and the attribute information thereof.
Fig. 5 is a schematic structural diagram of an embodiment of the payment server of the present invention. Referring to fig. 5, the mobile terminal may include: an authentication data selection module 502 and an authentication data transmission module 504. The authentication data selection module 502 is configured to select registered custom payment authentication data; and an authentication data sending module 504, configured to send the custom payment authentication data to the payment server for authentication.
In one embodiment, the authentication data selection module 502 is specifically configured to: and selecting the self-defined payment authentication data within the time range of completing the payment authentication of the registered self-defined payment authentication data.
In one embodiment, referring to fig. 6, the mobile terminal of the present invention may further include: the registration module 606 is configured to send a registration request to the payment server, where the registration request carries user-defined payment authentication data of the user and further may also carry attribute information of the user-defined payment authentication data.
In one embodiment, the custom payment authentication data includes: the mobile terminal comprises pictures, maps, electronic business cards, two-dimensional codes or application information on the mobile terminal.
Fig. 7 is a schematic structural diagram illustrating an embodiment of the payment authentication system of the present invention. Referring to fig. 7, a system for payment authentication includes: the payment server in any embodiment and the mobile terminal in any embodiment.
The payment authentication system can be applied to the field of third party payment, such as payment authentication of internet banking and the like.
It will be understood by those skilled in the art that all or part of the steps for implementing the above embodiments may be implemented by hardware, or may be implemented by a program instructing relevant hardware, where the program may be stored in a computer-readable storage medium, and the above-mentioned storage medium may be a read-only memory, a magnetic disk or an optical disk, etc.
The above description is only for the purpose of illustrating the preferred embodiments of the present invention and is not to be construed as limiting the invention, and any modifications, equivalents, improvements and the like that fall within the spirit and principle of the present invention are intended to be included therein.
Claims (17)
1. A method of payment authentication, the method comprising:
receiving payment authentication data to be authenticated sent by a mobile terminal;
matching the payment authentication data to be authenticated with the user-defined payment authentication data registered by the mobile terminal; wherein the custom payment authentication data comprises: the method comprises the following steps of (1) information of pictures, maps, electronic business cards, two-dimensional codes or applications on the mobile terminal;
determining whether the payment authentication passes according to the matching result;
the method for matching the payment authentication data to be authenticated with the user-defined payment authentication data registered by the mobile terminal specifically comprises the following steps: acquiring attribute information of payment authentication data to be authenticated; judging whether the attribute information of the payment authentication data to be authenticated meets the requirement of the attribute information of the user-defined payment authentication data registered by the mobile terminal; if the payment authentication data meets the requirements, matching the payment authentication data to be authenticated with the user-defined payment authentication data registered by the mobile terminal; if the requirements are not met, the authentication is not passed; the attribute information of the custom payment authentication data includes: the user-defined payment authentication data comprises time information for completing payment authentication and/or size limit information for completing payment authentication by the user-defined payment authentication data.
2. The method of claim 1, wherein the determining whether the attribute information of the payment authentication data to be authenticated meets the requirement of the attribute information of the custom payment authentication data registered by the mobile terminal comprises:
when the attribute information of the self-defined payment authentication data is the time information of completing the payment authentication of the self-defined payment authentication data, judging whether the time used for payment of the payment authentication data to be authenticated is within the time range of completing the payment authentication of the self-defined payment authentication data, if so, conforming to the requirement, and if not, not conforming to the requirement;
or when the attribute information of the customized payment authentication data is size limit information of the customized payment authentication data for completing payment authentication, judging whether the size of the payment authentication data to be authenticated is within the size limit range of the customized payment authentication data for completing payment authentication, if so, meeting the requirement, and if not, not meeting the requirement.
3. The method of claim 1, further comprising:
and receiving a registration request sent by a user through the mobile terminal, wherein the registration request carries user-defined payment authentication data of the user, and establishing a corresponding relation between user identification information and the user-defined payment authentication data.
4. The method of claim 3, wherein the registration request further carries attribute information of the custom payment authentication data, and a corresponding relationship between the user identification information and the custom payment authentication data and the attribute information thereof is established.
5. A method of payment authentication, the method comprising:
selecting registered self-defined payment authentication data as payment authentication data to be authenticated; wherein the custom payment authentication data comprises: the method comprises the following steps of (1) information of pictures, maps, electronic business cards, two-dimensional codes or applications on the mobile terminal;
sending the payment authentication data to be authenticated to a payment server for authentication;
the payment server acquires attribute information of payment authentication data to be authenticated; judging whether the attribute information of the payment authentication data to be authenticated meets the requirement of the attribute information of the user-defined payment authentication data registered by the mobile terminal; if the payment authentication data meets the requirements, matching the payment authentication data to be authenticated with the user-defined payment authentication data registered by the mobile terminal; if the requirements are not met, the authentication is not passed; the attribute information of the custom payment authentication data includes: the user-defined payment authentication data comprises time information for completing payment authentication and/or size limit information for completing payment authentication by the user-defined payment authentication data.
6. The method of claim 5,
and selecting and sending the self-defined payment authentication data within the time range of completing the payment authentication of the registered self-defined payment authentication data.
7. The method of claim 5, further comprising:
and sending a registration request to a payment server, wherein the registration request carries user-defined payment authentication data of a user.
8. The method of claim 7, wherein the registration request further carries attribute information of custom payment authentication data.
9. A payment server, characterized in that the payment server comprises:
an authentication data receiving module and an authentication data matching module,
the authentication data receiving module is used for receiving payment authentication data to be authenticated sent by the mobile terminal and acquiring attribute information of the payment authentication data to be authenticated;
the authentication data matching module is used for judging whether the attribute information of the payment authentication data to be authenticated meets the requirement of the attribute information of the user-defined payment authentication data registered by the mobile terminal; if the payment authentication data meets the requirements, matching the payment authentication data to be authenticated with the user-defined payment authentication data registered by the mobile terminal; if the requirements are not met, the authentication is not passed; determining whether the payment authentication passes according to the matching result; wherein the custom payment authentication data comprises: the method comprises the following steps of (1) information of pictures, maps, electronic business cards, two-dimensional codes or applications on the mobile terminal;
wherein the attribute information of the custom payment authentication data comprises: the user-defined payment authentication data comprises time information for completing payment authentication and/or size limit information for completing payment authentication by the user-defined payment authentication data.
10. The payment server according to claim 9, wherein the authentication data matching module, when being configured to determine whether attribute information of the payment authentication data to be authenticated meets a requirement of attribute information of custom payment authentication data registered by the mobile terminal, specifically includes:
when the attribute information of the self-defined payment authentication data is the time information of completing the payment authentication of the self-defined payment authentication data, judging whether the time used for payment of the payment authentication data to be authenticated is within the time range of completing the payment authentication of the self-defined payment authentication data, if so, conforming to the requirement, and if not, not conforming to the requirement;
or,
and when the attribute information of the custom payment authentication data is size limit information of the payment authentication completed by the custom payment authentication data, judging whether the size of the payment authentication data to be authenticated is within the size limit range of the payment authentication completed by the custom payment authentication data, if so, meeting the requirement, and if not, meeting the requirement.
11. The payment server of claim 9, further comprising:
and the registration module is used for receiving a registration request sent by a user through the mobile terminal, wherein the registration request carries user-defined payment authentication data of the user, and the corresponding relation between the user identification information and the user-defined payment authentication data is established.
12. The payment server of claim 11, wherein the registration request received by the registration module further carries attribute information of the custom payment authentication data, and establishes a corresponding relationship between the user identification information and the custom payment authentication data and the attribute information thereof.
13. A mobile terminal, characterized in that said mobile terminal comprises: an authentication data processing selection and authentication data transmission module,
the authentication data selection module is used for selecting registered self-defined payment authentication data as payment authentication data to be authenticated; wherein the custom payment authentication data comprises: the method comprises the following steps of (1) information of pictures, maps, electronic business cards, two-dimensional codes or applications on the mobile terminal;
the authentication data sending module is used for sending the payment authentication data to be authenticated to a payment server for authentication;
the payment server acquires attribute information of payment authentication data to be authenticated; judging whether the attribute information of the payment authentication data to be authenticated meets the requirement of the attribute information of the user-defined payment authentication data registered by the mobile terminal; if the payment authentication data meets the requirements, matching the payment authentication data to be authenticated with the user-defined payment authentication data registered by the mobile terminal; if the requirements are not met, the authentication is not passed; the attribute information of the custom payment authentication data includes: the user-defined payment authentication data comprises time information for completing payment authentication and/or size limit information for completing payment authentication by the user-defined payment authentication data.
14. The mobile terminal of claim 13,
the authentication data selection module is specifically configured to:
and selecting the self-defined payment authentication data within the time range of completing the payment authentication of the registered self-defined payment authentication data.
15. The mobile terminal according to claim 13, wherein the mobile terminal comprises: a registration module for registering the position of the mobile terminal,
the registration module is used for sending a registration request to a payment server, wherein the registration request carries user-defined payment authentication data of a user.
16. The mobile terminal of claim 15, wherein the registration request further carries attribute information of custom payment authentication data.
17. A system for payment authentication, the system comprising:
a payment server as claimed in any one of claims 9 to 12 and a mobile terminal as claimed in any one of claims 13 to 16.
Priority Applications (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN201410759407.2A CN105741115B (en) | 2014-12-11 | 2014-12-11 | Method, device and system for payment authentication |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN201410759407.2A CN105741115B (en) | 2014-12-11 | 2014-12-11 | Method, device and system for payment authentication |
Publications (2)
| Publication Number | Publication Date |
|---|---|
| CN105741115A CN105741115A (en) | 2016-07-06 |
| CN105741115B true CN105741115B (en) | 2020-05-08 |
Family
ID=56240420
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN201410759407.2A Active CN105741115B (en) | 2014-12-11 | 2014-12-11 | Method, device and system for payment authentication |
Country Status (1)
| Country | Link |
|---|---|
| CN (1) | CN105741115B (en) |
Families Citing this family (1)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN108809927B (en) * | 2018-03-26 | 2021-02-26 | 平安科技(深圳)有限公司 | Identity authentication method and device |
Family Cites Families (9)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| US7945511B2 (en) * | 2004-02-26 | 2011-05-17 | Payment Pathways, Inc. | Methods and systems for identity authentication |
| CN101017586A (en) * | 2006-02-10 | 2007-08-15 | 刘明晶 | Method for customer self-defined combined authorization payment |
| CN101447051A (en) * | 2007-11-27 | 2009-06-03 | 联想(北京)有限公司 | Payment method and payment device |
| CN101599151A (en) * | 2009-07-03 | 2009-12-09 | 阿里巴巴集团控股有限公司 | A kind of system and method for self-adaptively selecting bank card for payment |
| CN103106576A (en) * | 2011-11-15 | 2013-05-15 | 腾讯科技(深圳)有限公司 | Client-based payment method, system and payment client |
| CN103473674A (en) * | 2012-11-20 | 2013-12-25 | 苏州沃通信息科技有限公司 | Mobile payment system based on two-dimensional code |
| CN103997406B (en) * | 2013-02-20 | 2019-02-12 | 北京京东尚科信息技术有限公司 | Identity identifying method and device based on two dimensional code |
| CN103269328A (en) * | 2013-03-08 | 2013-08-28 | 陈景辉 | Authentication system based on graphic information exchange and method thereof |
| CN103778531A (en) * | 2014-02-23 | 2014-05-07 | 王恩惠 | Method and system for implementing electronic bank card payment on basis of two-dimensional code |
-
2014
- 2014-12-11 CN CN201410759407.2A patent/CN105741115B/en active Active
Also Published As
| Publication number | Publication date |
|---|---|
| CN105741115A (en) | 2016-07-06 |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| US11068575B2 (en) | Authentication system | |
| US8990909B2 (en) | Out-of-band challenge question authentication | |
| CN104599121B (en) | Information transmission method, device and system | |
| US20150294313A1 (en) | Systems, apparatus and methods for improved authentication | |
| KR101214839B1 (en) | Authentication method and authentication system | |
| WO2016197934A1 (en) | Barcode security authentication method | |
| US11063935B2 (en) | Systems and methods for providing remote desktop access | |
| US10284565B2 (en) | Security verification method, apparatus, server and terminal device | |
| CN105141619A (en) | Account login method and device | |
| CN105656850B (en) | Data processing method, related device and system | |
| CN106101451A (en) | SMS processing method, mobile terminal | |
| CN107347054A (en) | A kind of auth method and device | |
| US9697346B2 (en) | Method and apparatus for identifying and associating devices using visual recognition | |
| CN103973711A (en) | A verification method and device | |
| WO2017206524A1 (en) | Electronic device control method, terminal and control system | |
| CN105354733B (en) | Sign-in verification method and device | |
| KR20230138502A (en) | Code-based two-factor authentication | |
| CN105227557A (en) | A kind of account number processing method and device | |
| CN107241362B (en) | Method and device for identifying verification code and inputting user identity | |
| CN104853030A (en) | Information processing method and mobile terminal | |
| KR101748615B1 (en) | Mobile simple payment support device based on the connection information and operating method thereof | |
| CN105741115B (en) | Method, device and system for payment authentication | |
| CN116057892A (en) | Systems and methods for authenticated messaging via short-range transceivers | |
| CN104301893A (en) | An authentication method, mobile communication authentication platform and equipment | |
| KR20150146061A (en) | Voice recognition authentication system and method for providing authentication service using voice recognition |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| C06 | Publication | ||
| PB01 | Publication | ||
| C10 | Entry into substantive examination | ||
| SE01 | Entry into force of request for substantive examination | ||
| GR01 | Patent grant | ||
| GR01 | Patent grant |