[go: up one dir, main page]
More Web Proxy on the site http://driver.im/

CN102073958A - System and method for implementing mobile payment - Google Patents

System and method for implementing mobile payment Download PDF

Info

Publication number
CN102073958A
CN102073958A CN2009102287306A CN200910228730A CN102073958A CN 102073958 A CN102073958 A CN 102073958A CN 2009102287306 A CN2009102287306 A CN 2009102287306A CN 200910228730 A CN200910228730 A CN 200910228730A CN 102073958 A CN102073958 A CN 102073958A
Authority
CN
China
Prior art keywords
transaction
mobile payment
pos
pin
personal identification
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Pending
Application number
CN2009102287306A
Other languages
Chinese (zh)
Inventor
魏凯
于晨捷
傅天侠
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
TIANJIN ZHONGXING SOFTWARE Co Ltd
Original Assignee
TIANJIN ZHONGXING SOFTWARE Co Ltd
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by TIANJIN ZHONGXING SOFTWARE Co Ltd filed Critical TIANJIN ZHONGXING SOFTWARE Co Ltd
Priority to CN2009102287306A priority Critical patent/CN102073958A/en
Publication of CN102073958A publication Critical patent/CN102073958A/en
Pending legal-status Critical Current

Links

Images

Landscapes

  • Cash Registers Or Receiving Machines (AREA)
  • Financial Or Insurance-Related Operations Such As Payment And Settlement (AREA)

Abstract

The invention provides a system and a method for implementing mobile payment. The method comprises that: when the transaction type is online account, a management information system (MIS) merchant device acquires transaction data of a mobile payment terminal and personal identification codes of a user, encrypts the personal identification codes, and packs the encrypted personal identification codes, the transaction data and point of sale (POS) terminal information into 8583 online transaction message together; after receiving the 8583 online transaction message, a mobile payment platform judges whether the transaction request is valid, if so, verifies the validities of the user and the account and verifies the personal identification codes; if the user and the account are valid and the personal identification codes are correct, accounting treatment of the transaction is completed; and the mobile payment terminal is a mobile terminal with a radio frequency-subscriber identity module (RF-SIM) card. By adopting the technical scheme of the invention, noncontact mobile payment can be quickly, effectively and securely implemented.

Description

A kind of system and method for realizing mobile payment
Technical field
The present invention relates to pay by mails and the financial field, be specifically related to a kind of system and method for realizing mobile payment.
Background technology
Mobile payment forum (Mobile Payment Forum) is thought: " mobile payment is meant the both sides that conclude the business; with the deposit of certain credit line or certain amount of money; for certain goods or business; exchange the data of representing same amount from the mobile payment merchant by mobile device; be that media is transferred to the payment object with these data with the portable terminal, thus the modes of payments that the liquidation consumption charge carries out business transaction.”
By implementation and distance, mobile payment can be divided into two kinds: a kind of is remote payment.As payment account, mention service request with bank account, mobile phone charge or virtual pre-stored account in modes such as note, voice, WAP.Second kind is on-site payment.By closely noncontact wireless communication technology, as infrared technique, RFID REID, NFC (Near Field Communication, close range wireless communication) technology, Bluetooth technology etc., at mobile phone terminal and POS (Point Of Sale, point of sales terminal) pay between the equipment such as machine, automatic vending machine, the ticket machine exchange of information, the real realization finished aspectant payment transaction with mobile phone.
Summary of the invention
The technical problem to be solved in the present invention provides a kind of system and method for realizing mobile payment, can realize non-contact mobile payment fast, effectively, safely.
In order to address the above problem, the invention provides a kind of method that realizes mobile payment, comprise: when type of transaction is online account, MIS trade company device obtains the transaction data of mobile payment terminal and user's PIN (Personal Identification Number), and will be packaged into 8583 on-line transaction messages together with described transaction data, POS end message behind the described individual identification code encryption;
Described mobile payment platform judges whether transaction request is legal after receiving described 8583 on-line transaction messages, if the legal legitimacy of then verifying user and account of transaction request, and described PIN (Personal Identification Number) verified, if user and account are legal, and PIN (Personal Identification Number) is correctly then finished the accounting processing of this transaction;
Described mobile payment terminal is the portable terminal with RF-SIM card.
Further, described MIS trade company device also carries out being sent to corresponding mobile payment platform after MAC generates to 8583 on-line transaction messages;
Described mobile payment platform carries out mac authentication earlier after receiving described 8583 on-line transaction messages, if mac authentication is by carrying out the legitimate verification of described user and account again.
Further, after the POS preposition equipment that is positioned at mobile payment platform is received described 8583 on-line transaction messages, by the back described PIN (Personal Identification Number) is changeed encryption in mac authentication, then message is converted to class 8583 messages and is sent to Business Management Platform by application platform;
Described PIN (Personal Identification Number) is verified is meant, encrypted PIN (Personal Identification Number) is decrypted, and pass through with consistent then checking of PIN (Personal Identification Number) of local storage as if the PIN (Personal Identification Number) after the deciphering, otherwise checking do not passed through.
Further, described MIS trade company device is also stored the corresponding relation of POS terminal and POS preposition equipment, and MIS trade company device is searched the POS preposition equipment of determining to handle this transaction behind this corresponding relation according to described POS end message.
Further, the PIK1 that described MIS trade company device is encrypted PIN (Personal Identification Number) is produced by the POS preposition equipment, and the PIK2 that described POS preposition equipment changes encryption to PIN (Personal Identification Number) is produced by Business Management Platform;
The MAK that carries out mac authentication is produced the MAK unanimity of each network element by the POS preposition equipment;
The MAK at PIK1, PIK2 and each network element place is all encrypted the back storage by KEK, but the KEK difference at each network element place.
The present invention also provides a kind of method that realizes mobile payment, comprise: when type of transaction is cash account, after MIS trade company device obtains the balance amount information of the transaction data of mobile payment terminal and mobile payment terminal, verify whether whether enough this transaction of cash account remaining sum of legal and described mobile payment terminal of this transaction, if transaction is legal and enough this transaction of cash account remaining sum, then finishes this off-line trading and handle; Described mobile payment terminal is the portable terminal with RF-SIM card.
The present invention also provides a kind of system that realizes mobile payment, comprising: mobile payment terminal, MIS trade company device and mobile payment platform;
Described mobile payment terminal is the portable terminal with RF-SIM card;
Described MIS trade company device is used for obtaining transaction data and user's PIN (Personal Identification Number) when type of transaction is online account, and the PIN (Personal Identification Number) after will encrypting is sent to mobile payment platform after being packaged into 8583 on-line transaction messages together with described transaction data, POS end message;
Described mobile payment platform judges whether transaction request is legal after being used to receive described 8583 on-line transaction messages, if the legal legitimacy of then verifying user and account of transaction request, and described PIN (Personal Identification Number) verified, also be used for the user and account is legal, and PIN (Personal Identification Number) is finished the accounting processing of this transaction when correct.
Further, described mobile payment platform comprises POS preposition equipment, application platform and Business Management Platform;
Described MIS trade company device also is used for described 8583 on-line transaction messages are added and carries out MAC after the encapsulation enterprise code and generate, and described 8583 on-line transaction messages are sent to the POS preposition equipment;
Described POS preposition equipment is used for described 8583 on-line transaction messages are carried out mac authentication, and pass through the back in mac authentication and judge whether transaction request is legal, if legal then described 8583 on-line transaction messages being converted to carried out MAC behind class 8583 messages and generated, be sent to the application platform of correspondence afterwards;
Described application platform is carried out mac authentication after being used to receive described class 8583 messages, and mac authentication is by the legitimacy of back checking user and account, also is used for described class 8583 messages being carried out being sent to Business Management Platform after the MAC generation after user and account are legal;
Described Business Management Platform carries out mac authentication to described class 8583 messages after being used to receive described message, and mac authentication is by then verifying described PIN (Personal Identification Number), if PIN (Personal Identification Number) is correctly then finished the accounting processing of this transaction.
Further, described POS preposition equipment changes encryption to described PIN (Personal Identification Number) after also being used to receive described 8583 on-line transaction messages, and the PIN (Personal Identification Number) that will change after encrypting is packaged into class 8583 messages together with described transaction data, this POS end message;
Described Business Management Platform verifies to PIN (Personal Identification Number) and is meant that Business Management Platform is decrypted the PIN (Personal Identification Number) after encrypting, and pass through with consistent then checking of PIN (Personal Identification Number) of local storage as if the PIN (Personal Identification Number) after the deciphering, otherwise checking is not passed through.
Further, described trade company end front end processor also is used to store the routing iinformation of each POS terminal and POS preposition equipment corresponding relation, and according to the local routing iinformation of storing of POS end message inquiry, determine to handle the POS preposition equipment of this transaction message, and transaction message is sent to corresponding POS preposition equipment.
Further, described POS preposition equipment also is used to produce the PIK1 that PIN (Personal Identification Number) is encrypted, and sends it to MIS trade company device;
Described Business Management Platform also is used for PIN (Personal Identification Number) is changeed the PIK2 of encryption, and sends it to the POS preposition equipment;
The MAK at described PIK1, PIK2 and each network element place is all encrypted the back storage by KEK, but the KEK difference at each network element place.
The present invention also provides a kind of system that realizes mobile payment, comprising: mobile payment terminal and MIS trade company device;
Described mobile payment terminal is the portable terminal with RF-SIM card;
Described MIS trade company device is used for obtaining during for cash account when type of transaction the balance amount information of transaction data and mobile payment terminal, also be used to verify whether whether enough this transaction of cash account remaining sum of legal and described mobile payment terminal of this transaction, if transaction is legal and enough this transaction of cash account remaining sum, then finishes this off-line trading and handle.
The present invention based on the RF-SIM technology, promptly be a kind of of on-site payment technology, it is by being integrated into radio-frequency technique in the SIM cards of mobile phones, make the cellie only need to change a sheet smart card, just can make existing mobile phone become class NFC mobile phone, the all functions that not only have common SIM card also have an all-around service platform that can replace wallet, key and I.D..Wherein SIM card partly is used for normal mobile phone mobile communication, authentication, only is used as the physical connection with mobile phone.Embedded software is used to manage the RF-ID of high degree of safety, built-in e-credit e-credit, EMV stored value card and other VIP member cards based on the mifare logic.Use the Micro RF module also by built-in antenna and external unit communication simultaneously.
Description of drawings
Fig. 1 is the centralized networking structure figure of mobile-payment system of the present invention;
Fig. 2 is an on-line transaction process flow diagram of the present invention;
Fig. 3 is the online recharge procedure figure of payment account of the present invention;
Fig. 4 is encryption key distribution system figure of the present invention.
Embodiment
Fundamental purpose of the present invention is to provide a kind of electric paying method safely and efficiently based on RF-SIM terminal card technology and ISO8583 agreement, is mainly used in and realizes closely non-contact mobile payment.For the existing bank card class transaction of compatibility, transaction message of the present invention is based on the ISO8583 standard.Outside mobile payment platform, comprise MIS trade company device and with the account interface section of commercial bank, employing standard 8583 messages; And within mobile payment platform, then carry out the processing and the forwarding of transaction data according to class 8583 messages of system design.
The present invention has provided the solution of a whole set of mobile payment, comprises the system architecture design, and security system is set up, and transmission of transaction data etc.
The several explanations of nouns that relate among the present invention are as follows:
RF-SIM:RF-SIM is a kind of near/middle distance wireless communication technology based on SIM card, and technical support side is the straight-through telecommunication in Hong Kong.This technology is a kind of of NFC wireless near field communication, and the module that it will have the RF radio-frequency enabled is embedded in the SIM card, uses the microwave frequency of 2.4G to carry out data communication.Maximum characteristics are that the user need not change mobile phone, are typical single SIM card mobile payment solutions.
The ISO8583:ISO8583 agreement is the standard message agreement that financial sector is general in the world at present.It is widely used in being exchanged for main financial transaction system with bank card, each interbank communication, and the ISO8583 message is all adopted in ATM or POS communication.At present popular Net silver is online, the communication packet between Call Center and the bank also is the ISO8583 agreement.
OTA: be the abbreviation of Over The Air, Chinese is called air download.The air download technology is the technology of SIM card data and application being carried out telemanagement by the air interface of mobile communication (GSM or CDMA).Air interface can adopt WAP, GPRS, CDMA1X and short message technology.
Realize the system architecture of this method among the present invention, mainly by the mobile payment terminal, MIS trade company device and mobile payment platform three parts are formed.Here indication MIS trade company is meant and can accepts mobile payment service, retailer, company or other mechanisms that affiliated POS terminal links to each other with mobile payment platform by trade company's end front end processor.
As shown in Figure 1, mobile-payment system according to the present invention comprises RF-SIM mobile payment terminal, three major parts of MIS trade company device and mobile payment platform.Be respectively described below:
Mobile payment terminal: mainly be meant the RF-SIM technology that adopts, can carry out the closely portable terminal of non-contact data exchange with the POS terminal.Can also finish management by the mode of OTA air download to terminal card, comprise to the division of terminal card security domain and by the air download mode to Business Management Platform down load application program; Has the RF-SIM card in the mobile payment terminal.
MIS trade company device: comprise card reader, POS terminal and trade company's preposition equipment.
Card reader is used for reading transaction data when type of transaction during for cash account, and sends it to the POS terminal, also is used for obtaining user's PIN (PIN (Personal Identification Number)) when the mobile payment terminal is selected online account, and PIN and transaction data are sent to the POS terminal;
The POS terminal is used to discern the RF-SIM card parameter of mobile payment terminal, comprise and judge whether to support transaction, and this type of transaction (comprising online account, cash account etc.), when transaction when the cash account, whether enough this transaction of the cash account remaining sum of mobile payment terminal;
The POS terminal also is used for when type of transaction is cash account, verifies whether this transaction is legal, if legal and enough this transaction of cash account remaining sum are then finished this off-line trading and handled, comprises the cash account remaining sum of deduction mobile payment terminal.
The POS terminal also is used for when type of transaction is online account, PIN, the transaction data received are packaged into standard 8583 on-line transaction messages (this message comprises application type sign AID) together with this POS end message, and carry out after MAC (Message Authentication Code, message authentication code) generates 8583 on-line transaction messages being sent to trade company's preposition equipment.
The POS terminal is used to also check whether background system has authority to receive the data of POS terminal; And data upload, on-line transaction is handled and information uploading; Provide bill printing, the control of paper delivery mistake.
Trade company's preposition equipment comprises trade company's front end processor and encryption equipment;
Encryption equipment is used to carry out key conversion, is about to the WK (working key comprises PIK and MAK) through KEK encrypts that the POS preposition equipment in the mobile payment platform sends and carries out sending to the POS terminal after the key conversion;
Encryption equipment carries out mac authentication after also being used to receive the 8583 on-line transaction messages that the POS terminal sends, checking by after carry out MAC again and generate;
Message after trade company's front end processor is used for MAC generated is packaged into standard 8583 on-line transaction messages after adding information such as enterprise code, and transaction message is sent to corresponding POS preposition equipment.
Trade company's front end processor also is used to store the routing iinformation of each POS terminal and POS preposition equipment corresponding relation, and according to the local routing iinformation of storing of POS end message inquiry, thereby determine to handle the POS preposition equipment of this transaction message, and transaction message is sent to corresponding POS preposition equipment.
Mobile payment platform comprises POS preposition equipment, POS terminal management platform, application platform, Business Management Platform and unified payment platform, is the core of this mobile-payment system; Wherein:
The POS preposition equipment is used to generate WK, and by sending to trade company's front end processor after the KEK encryption; Also be used to produce PIK1, and send it to the POS terminal;
The POS preposition equipment carries out mac authentication after also being used to receive transaction message, checking is carried out validity checking by the back to transaction message, comprise terminal device numbering and running status, the operator, whether the terms of validity of check bit and POS terminal etc. are legal, and whether transaction is overtime, super scope, if it is legal and not overtime, not super scope then uses PIK2 that PIN is changeed encryption (promptly with PIK2 PIN being encrypted again), afterwards message is packaged into inner general class 8583 messages of mobile payment platform, and transaction message is forwarded to corresponding application platform according to the AID in the message; If transaction is illegal or the overtime or super scope of concluding the business is then refused this transaction.Like this, can reduce the load of application platform and account clearance platform etc., reduce background system and handle the required expense of account.
Application platform, the download that is used to write down mobile payment terminal application programs, as legal which application program of downloading, if the mobile payment terminal once illegal download cross application program and then this mobile payment terminal added blacklist; Also be used to receive after the transaction message legitimacy according to blacklist checking user and account, comprise whether arrearage and whether be user etc. in the blacklist of this user, can also be used for finishing relevant treatment (as collect certain service charge for operator), and message is forwarded to Business Management Platform according to using charging principle (as the access times used etc.).
Application platform also is used to assist Business Management Platform to finish the product test of application program, and application is divided into groups, and the renewal that application program is provided, the time-out of application, recovery, and operation such as cancellation; The security control function is provided, comprises built-in function person's management, the restriction of mobile payment terminal transaction, subscriber blacklist management, extract transaction feature and set up risk control model etc.
Business Management Platform is used to produce PIK2, and sends it to the POS preposition equipment; Carry out mac authentication after also being used to receive transaction message, mac authentication is carried out verification by the back to PIN, and also be used for verification and accounting processing carried out in this transaction by the back, as the processing of withholing, return the transaction response afterwards; If verification is not passed through, then return the message of Fail Transaction.
PIN is carried out verification be meant, decrypt encrypted PIK2 with the KEK of local storage, decrypt PIN in the message with PIK2 afterwards, whether the PIN that relatively decrypts then consistent with the PIN of this locality storage, if unanimity then verification pass through, otherwise verification is not passed through;
Business Management Platform is responsible for the registration and the information management of user, trade company, SP/CP, payment terminal card and POS machine; The management function of payment account is provided, comprises cash account (as the deduction closing balance), online account (as revising online accounts information) and integration account (as revising user integral etc.); Query statistic, the analytic function of business information are provided; Provide secret key safety management, application program to download.
The POS terminal management platform mainly is responsible for POS terminal information and parameter management; Increase, download, the renewal of POS end application are provided; Be responsible for terminal running state monitoring (whether the POS terminal operating is normal), comprise that terminal initiatively reports abnormal conditions and terminal management platform to issue the monitor command dual mode.
POS terminal management platform storage POS terminal and merchant information, whether these information are offered POS preposition equipment checking POS terminal legal, and whether trade company is legal.
When unified payment platform is used for online transaction, after the user profile and relationship trading information that the reception Business Management Platform is sent, carries out real-time, interactive with banking system and finish withholing of bank account; When also being used for off-line trading, after the user profile and relationship trading information that the reception Business Management Platform is sent, adopt a day whole mode to finish.Promptly unified payment platform is to support to settle accounts the link that links to each other with funds systems with concrete trade company.The interface of unified payment platform and bank's billing and accounting system is unique inlet that bank's billing and accounting system inserts mobile-payment system, and all clearances related with bank, reconciliation information all are forwarded to Business Management Platform via unified payment platform and handle.
Present embodiment provides a kind of method that realizes mobile payment, as shown in Figure 2, realizes that according to the present invention the method for mobile payment comprises the steps:
After the payment that step S2002, user confirm to show on the POS terminal, on the mobile payment terminal of RF-SIM, select " online account " to pay, with the close card reader of mobile payment terminal, on the subsidiary code keypad of POS, import PIN simultaneously then.
Step S2004, MIS trade company device obtains the transaction data of mobile payment terminal and user's PIN, and be packaged into standard 8583 on-line transaction messages (this message comprises application type sign AID) together with transaction data and POS end message after using PIK1 that PIN is encrypted, and carry out the MAC generation, afterwards message is sent to mobile payment platform.
In this step, can be to generate above-mentioned 8583 on-line transaction messages by the POS terminal that is positioned at MIS trade company device, and carry out being sent to the trade company's preposition equipment that is positioned at MIS trade company device after MAC generates, trade company's preposition equipment carries out mac authentication earlier after receiving above-mentioned message, checking adds encapsulation by the back to this 8583 on-line transaction message to be carried out MAC after the enterprise code and generates, and by Leased line above-mentioned message is sent to corresponding mobile payment platform behind the corresponding relation of the POS terminal of inquiry storage and mobile payment platform then.
Step S2006, after mobile payment platform is received 8583 on-line transaction messages, carry out mac authentication earlier, checking is carried out validity checking by the back to message, content comprises the term of validity of terminal device numbering and running status, operator, check bit and POS terminal etc., in order to the legitimacy of judging transaction request and whether make refusal.Also need checking PIN whether correct,, return the transaction response if after correctly then finishing this accounting processing.When comprising online account, accounting processing revises online accounts information etc.
This step specifically comprises:
A) after the POS preposition equipment that is positioned at mobile payment platform is received 8583 on-line transaction messages, carry out mac authentication earlier, checking is changeed encryption (promptly again with PIK2 PIN encrypted) to using PIK2 with PIN by the back, again carry out the MAC generation after encapsulating inner general class 8583 messages of a mobile payment platform, and, transaction message is forwarded to corresponding application platform handles according to the AID in the message (application type sign);
B) after application platform is received class 8583 messages, carry out mac authentication earlier, checking is carried out validity checking by the back to such 8583 message, then class 8583 messages is carried out being sent to Business Management Platform after MAC generates again as if legal;
C) Business Management Platform receives that class 8583 messages carry out mac authentication earlier, and whether checking is correct by the back checking PIN, finishes the accounting processing of this transaction afterwards.
During online transaction, after the user profile and relationship trading information that unified payment platform reception Business Management Platform is sent, carry out real-time, interactive with banking system and finish withholing of bank account.
PIN is carried out verification can be, PIK2 under PIN ciphertext, KEK (key-encrypting key) encryption and the local information of depositing such as PIN ciphertext are sent into the local cipher machine in the lump, by encryption equipment within it portion the PIN that deposits in the PIN that send on the Business Management Platform and the local data base is compared, finish the verification of PIN.
Step S2008, mobile payment platform returns the transaction response by MIS trade company device to the mobile payment terminal.
Under the small amount payment scene, the mobile payment terminal can select " cash account " to carry out off-line trading, need not to use PIN this moment.Concrete steps are as follows:
After the payment that step S3002, user confirm to show on the POS terminal, on the mobile payment terminal of RF-SIM, select " cash account " to pay, then with the close card reader of mobile payment terminal;
Step S3004, MIS trade company device obtains the transaction data of mobile payment terminal and the balance amount information of mobile payment terminal, verify whether this transaction is legal, and whether enough this transaction of the cash account remaining sum of verifying this mobile payment terminal, if transaction is legal and enough this transaction of cash account remaining sum, then finish this off-line trading and handle, comprise the cash account remaining sum of deduction mobile payment terminal.And adopt a day whole clearance mode to hand over this transaction record to be sent to mobile payment platform.
As shown in Figure 3, the online recharge procedure of payment account according to the present invention comprises the steps:
Step S4002, user hold cash and RF-SIM mobile payment terminal to the business hall/supplement the site with money, POS supplements with money and is sent to cabinet face client after terminal reads the user profile of mobile payment terminal (card) side.
Step S4004, cabinet face client is issued Business Management Platform with user profile, and Business Management Platform carries out legitimate verification, comprises the checking to subscriber card, account identity;
Step S4006, checking is by afterwards being returned the details of user and attached payment account thereof by Business Management Platform, and attached payment account refers to online account and cash account, and what return here is the information of two accounts in the Business Management Platform stored.
Step S4008, cabinet face client is selected to supplement account (cash account or online account) with money according to customer requirements, Business Management Platform is issued in request after filling in recharge amount.
Step S4010, Business Management Platform carries out the account legitimate verification according to request, revises cash account/online accounts information, generates and supplements record with money.
Step S4012, Business Management Platform returns recharging result information by cabinet face client to the mobile payment terminal.
Step S4014 supplements with money for cash account, also will be supplemented with money the cash account information of terminal modifications mobile payment end side by POS.
Fig. 4 is according to encryption key distribution mode synoptic diagram of the present invention.
The key code system of mobile-payment system is divided into three layers: master key (MK), be used for key-encrypting key KEK is carried out encipherment protection, and the KEK of each encryption equipment storage encrypts through MK, and MK is produced by the local cipher machine;
Key-encrypting key (KEK), cryptographic work key when being used for the working key online updating;
Working key (WK) comprises the PIK (PIN cryptographic work key) that PIN is encrypted, and carries out the MAK (MAC cryptographic work key) that message is differentiated (MAC).
MAK is produced by the POS preposition equipment, the MAK unanimity of each zone (being network element), but encrypt by different KEK.
The purpose of encryption key distribution at first is to make to share identical transmission security key (KEK) between the main frame respectively, so that the safe transmission of working key.Just can regularly generate working key then and encrypt down biography, thereby the both sides that guarantee communication have identical working key.To carry out brief description (Fig. 4 is an example with PIK) to the encryption key distribution mode in the mobile-payment system below
1) the working key PIK1 of POS terminal is produced by the POS preposition equipment, and the PIK2 that is used for PIN commentaries on classics encryption in the POS preposition equipment is produced by Business Management Platform.By different KEK protection, these KEK are produced by the local cipher machine PIK in zones of different (being network element), inject the encryption equipment of next communication network element by modes such as IC-cards, are about to the local KEK that produces and store the next level communications network element that is attached thereto into.
2) the effective principle of key segmentation: each KEK only exists in a certain zone (being network element) and effectively, between the KEK between zones of different (being network element) without any relation.In order to guaranteeing not and can influence the safety of the data of other interregional transmission, thereby realize the division of labor management of key because of the leakage of the KEK of certain zone (being network element).
The present invention proposes a kind of secured mobile payment method, be used for fast, non-contact mobile payment concluded the business handle effectively, safely based on RF-SIM and ISO8583 agreement.

Claims (12)

1. method that realizes mobile payment, comprise: when type of transaction is online account, MIS trade company device obtains the transaction data of mobile payment terminal and user's PIN (Personal Identification Number), and will be packaged into 8583 on-line transaction messages together with described transaction data, POS end message behind the described individual identification code encryption;
Described mobile payment platform judges whether transaction request is legal after receiving described 8583 on-line transaction messages, if the legal legitimacy of then verifying user and account of transaction request, and described PIN (Personal Identification Number) verified, if user and account are legal, and PIN (Personal Identification Number) is correctly then finished the accounting processing of this transaction;
Described mobile payment terminal is the portable terminal with RF-SIM card.
2. the method for claim 1 is characterized in that:
Described MIS trade company device also carries out being sent to corresponding mobile payment platform after MAC generates to 8583 on-line transaction messages;
Described mobile payment platform carries out mac authentication earlier after receiving described 8583 on-line transaction messages, if mac authentication is by carrying out the legitimate verification of described user and account again.
3. method as claimed in claim 1 or 2 is characterized in that:
After the POS preposition equipment that is positioned at mobile payment platform is received described 8583 on-line transaction messages, by the back described PIN (Personal Identification Number) is changeed encryption, then message is converted to class 8583 messages and is sent to Business Management Platform by application platform in mac authentication;
Described PIN (Personal Identification Number) is verified is meant, encrypted PIN (Personal Identification Number) is decrypted, and pass through with consistent then checking of PIN (Personal Identification Number) of local storage as if the PIN (Personal Identification Number) after the deciphering, otherwise checking do not passed through.
4. method as claimed in claim 2 is characterized in that:
Described MIS trade company device is also stored the corresponding relation of POS terminal and POS preposition equipment, and MIS trade company device is searched the POS preposition equipment of determining to handle this transaction behind this corresponding relation according to described POS end message.
5. method as claimed in claim 3 is characterized in that:
The PIK1 that described MIS trade company device is encrypted PIN (Personal Identification Number) is produced by the POS preposition equipment, and the PIK2 that described POS preposition equipment changes encryption to PIN (Personal Identification Number) is produced by Business Management Platform;
The MAK that carries out mac authentication is produced the MAK unanimity of each network element by the POS preposition equipment;
The MAK at PIK1, PIK2 and each network element place is all encrypted the back storage by KEK, but the KEK difference at each network element place.
6. method that realizes mobile payment, comprise: when type of transaction is cash account, after MIS trade company device obtains the balance amount information of the transaction data of mobile payment terminal and mobile payment terminal, verify whether whether enough this transaction of cash account remaining sum of legal and described mobile payment terminal of this transaction, if transaction is legal and enough this transaction of cash account remaining sum, then finishes this off-line trading and handle; Described mobile payment terminal is the portable terminal with RF-SIM card.
7. a system that realizes mobile payment comprises: mobile payment terminal, MIS trade company device and mobile payment platform; It is characterized in that:
Described mobile payment terminal is the portable terminal with RF-SIM card;
Described MIS trade company device is used for obtaining transaction data and user's PIN (Personal Identification Number) when type of transaction is online account, and the PIN (Personal Identification Number) after will encrypting is sent to mobile payment platform after being packaged into 8583 on-line transaction messages together with described transaction data, POS end message;
Described mobile payment platform judges whether transaction request is legal after being used to receive described 8583 on-line transaction messages, if the legal legitimacy of then verifying user and account of transaction request, and described PIN (Personal Identification Number) verified, also be used for the user and account is legal, and PIN (Personal Identification Number) is finished the accounting processing of this transaction when correct.
8. system as claimed in claim 7 is characterized in that:
Described mobile payment platform comprises POS preposition equipment, application platform and Business Management Platform;
Described MIS trade company device also is used for described 8583 on-line transaction messages are added and carries out MAC after the encapsulation enterprise code and generate, and described 8583 on-line transaction messages are sent to the POS preposition equipment;
Described POS preposition equipment is used for described 8583 on-line transaction messages are carried out mac authentication, and pass through the back in mac authentication and judge whether transaction request is legal, if legal then described 8583 on-line transaction messages being converted to carried out MAC behind class 8583 messages and generated, be sent to the application platform of correspondence afterwards;
Described application platform is carried out mac authentication after being used to receive described class 8583 messages, and mac authentication is by the legitimacy of back checking user and account, also is used for described class 8583 messages being carried out being sent to Business Management Platform after the MAC generation after user and account are legal;
Described Business Management Platform carries out mac authentication to described class 8583 messages after being used to receive described message, and mac authentication is by then verifying described PIN (Personal Identification Number), if PIN (Personal Identification Number) is correctly then finished the accounting processing of this transaction.
9. as claim 7 or 8 described systems, it is characterized in that:
Described POS preposition equipment changes encryption to described PIN (Personal Identification Number) after also being used to receive described 8583 on-line transaction messages, and the PIN (Personal Identification Number) that will change after encrypting is packaged into class 8583 messages together with described transaction data, this POS end message;
Described Business Management Platform verifies to PIN (Personal Identification Number) and is meant that Business Management Platform is decrypted the PIN (Personal Identification Number) after encrypting, and pass through with consistent then checking of PIN (Personal Identification Number) of local storage as if the PIN (Personal Identification Number) after the deciphering, otherwise checking is not passed through.
10. system as claimed in claim 7 is characterized in that:
Described trade company end front end processor also is used to store the routing iinformation of each POS terminal and POS preposition equipment corresponding relation, and according to the local routing iinformation of storing of POS end message inquiry, determine to handle the POS preposition equipment of this transaction message, and transaction message is sent to corresponding POS preposition equipment.
11. system as claimed in claim 9 is characterized in that:
Described POS preposition equipment also is used to produce the PIK1 that PIN (Personal Identification Number) is encrypted, and sends it to MIS trade company device;
Described Business Management Platform also is used for PIN (Personal Identification Number) is changeed the PIK2 of encryption, and sends it to the POS preposition equipment;
The MAK at described PIK1, PIK2 and each network element place is all encrypted the back storage by KEK, but the KEK difference at each network element place.
12. a system that realizes mobile payment comprises: mobile payment terminal and MIS trade company device; It is characterized in that:
Described mobile payment terminal is the portable terminal with RF-SIM card;
Described MIS trade company device is used for obtaining during for cash account when type of transaction the balance amount information of transaction data and mobile payment terminal, also be used to verify whether whether enough this transaction of cash account remaining sum of legal and described mobile payment terminal of this transaction, if transaction is legal and enough this transaction of cash account remaining sum, then finishes this off-line trading and handle.
CN2009102287306A 2009-11-25 2009-11-25 System and method for implementing mobile payment Pending CN102073958A (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
CN2009102287306A CN102073958A (en) 2009-11-25 2009-11-25 System and method for implementing mobile payment

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
CN2009102287306A CN102073958A (en) 2009-11-25 2009-11-25 System and method for implementing mobile payment

Publications (1)

Publication Number Publication Date
CN102073958A true CN102073958A (en) 2011-05-25

Family

ID=44032491

Family Applications (1)

Application Number Title Priority Date Filing Date
CN2009102287306A Pending CN102073958A (en) 2009-11-25 2009-11-25 System and method for implementing mobile payment

Country Status (1)

Country Link
CN (1) CN102073958A (en)

Cited By (22)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN102855560A (en) * 2011-06-29 2013-01-02 国民技术股份有限公司 Method and system for mobile payment
CN103077457A (en) * 2012-12-27 2013-05-01 德赛电子(惠州)有限公司 Intelligent RFID (radio frequency identification) payment terminal and method
US8538845B2 (en) 2011-06-03 2013-09-17 Mozido, Llc Monetary transaction system
CN103606080A (en) * 2013-12-05 2014-02-26 神州数码国信信息技术(苏州)有限公司 Electronic wallet machine
CN103679976A (en) * 2012-09-25 2014-03-26 中国银联股份有限公司 System and method for reading and writing IC card
CN104363105A (en) * 2014-09-29 2015-02-18 杭州华三通信技术有限公司 Message transparent transfer method and equipment
CN104361491A (en) * 2014-11-03 2015-02-18 中国联合网络通信集团有限公司 Mobile paying method and system
CN104754568A (en) * 2015-03-05 2015-07-01 深圳市创凯电子有限公司 Identity recognition method and device based on NFC (Near Field Communication)
CN104901806A (en) * 2014-12-29 2015-09-09 腾讯科技(深圳)有限公司 Method, device and system for processing virtual resources
US9208488B2 (en) 2011-11-21 2015-12-08 Mozido, Inc. Using a mobile wallet infrastructure to support multiple mobile wallet providers
CN105243541A (en) * 2015-11-13 2016-01-13 广西米付网络技术有限公司 BLE Bluetooth and sound wave combined mobile payment method and system
CN105654299A (en) * 2015-12-31 2016-06-08 深圳前海微众银行股份有限公司 Mobile payment method, and cloud payment platform and system
CN107203875A (en) * 2017-04-01 2017-09-26 北京波若科技有限公司 Fund clearing method, device and server
CN107292606A (en) * 2017-07-27 2017-10-24 中国银联股份有限公司 A kind of method of payment and device
CN107730253A (en) * 2017-09-15 2018-02-23 飞天诚信科技股份有限公司 A kind of offline transaction aging management method and device
CN107808287A (en) * 2017-11-21 2018-03-16 艾体威尔电子技术(北京)有限公司 A kind of aggregate payment system
CN108183958A (en) * 2017-12-29 2018-06-19 银联商务股份有限公司 Message transmitting method, device and payment system
CN108475371A (en) * 2015-11-06 2018-08-31 Visa欧洲有限公司 Trading authorization
US10438196B2 (en) 2011-11-21 2019-10-08 Mozido, Inc. Using a mobile wallet infrastructure to support multiple mobile wallet providers
CN111935684A (en) * 2020-07-17 2020-11-13 深圳一卡通新技术有限公司 Bluetooth payment system and method
CN112508548A (en) * 2016-01-05 2021-03-16 创新先进技术有限公司 Data interaction method and device and offline credit payment method and device
CN116092244A (en) * 2023-01-12 2023-05-09 厦门大学 POS machine supervisory systems based on 5G signal

Cited By (36)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US8538845B2 (en) 2011-06-03 2013-09-17 Mozido, Llc Monetary transaction system
US9892386B2 (en) 2011-06-03 2018-02-13 Mozido, Inc. Monetary transaction system
US11120413B2 (en) 2011-06-03 2021-09-14 Fintiv, Inc. Monetary transaction system
US11295281B2 (en) 2011-06-03 2022-04-05 Fintiv, Inc. Monetary transaction system
CN102855560A (en) * 2011-06-29 2013-01-02 国民技术股份有限公司 Method and system for mobile payment
CN102855560B (en) * 2011-06-29 2018-07-17 国民技术股份有限公司 A kind of method of mobile payment and system
US9208488B2 (en) 2011-11-21 2015-12-08 Mozido, Inc. Using a mobile wallet infrastructure to support multiple mobile wallet providers
US11468434B2 (en) 2011-11-21 2022-10-11 Fintiv, Inc. Using a mobile wallet infrastructure to support multiple mobile wallet providers
US10438196B2 (en) 2011-11-21 2019-10-08 Mozido, Inc. Using a mobile wallet infrastructure to support multiple mobile wallet providers
CN103679976A (en) * 2012-09-25 2014-03-26 中国银联股份有限公司 System and method for reading and writing IC card
CN103679976B (en) * 2012-09-25 2016-02-17 中国银联股份有限公司 A kind of system and method that IC-card is read and write
CN103077457B (en) * 2012-12-27 2016-02-24 惠州市德赛工业研究院有限公司 A kind of intelligent RFID payment terminal and method
CN103077457A (en) * 2012-12-27 2013-05-01 德赛电子(惠州)有限公司 Intelligent RFID (radio frequency identification) payment terminal and method
CN103606080A (en) * 2013-12-05 2014-02-26 神州数码国信信息技术(苏州)有限公司 Electronic wallet machine
CN104363105A (en) * 2014-09-29 2015-02-18 杭州华三通信技术有限公司 Message transparent transfer method and equipment
CN104363105B (en) * 2014-09-29 2018-05-15 新华三技术有限公司 A kind of message transmission method and apparatus
CN104361491A (en) * 2014-11-03 2015-02-18 中国联合网络通信集团有限公司 Mobile paying method and system
CN104901806B (en) * 2014-12-29 2016-06-22 腾讯科技(深圳)有限公司 A kind of virtual resource processing method, device and system
CN104901806A (en) * 2014-12-29 2015-09-09 腾讯科技(深圳)有限公司 Method, device and system for processing virtual resources
CN104754568A (en) * 2015-03-05 2015-07-01 深圳市创凯电子有限公司 Identity recognition method and device based on NFC (Near Field Communication)
CN108475371B (en) * 2015-11-06 2022-10-11 Visa欧洲有限公司 Transaction authorization
CN108475371A (en) * 2015-11-06 2018-08-31 Visa欧洲有限公司 Trading authorization
CN105243541A (en) * 2015-11-13 2016-01-13 广西米付网络技术有限公司 BLE Bluetooth and sound wave combined mobile payment method and system
CN105654299A (en) * 2015-12-31 2016-06-08 深圳前海微众银行股份有限公司 Mobile payment method, and cloud payment platform and system
CN112508548A (en) * 2016-01-05 2021-03-16 创新先进技术有限公司 Data interaction method and device and offline credit payment method and device
CN107203875A (en) * 2017-04-01 2017-09-26 北京波若科技有限公司 Fund clearing method, device and server
CN107203875B (en) * 2017-04-01 2021-07-20 网联清算有限公司 Capital clearing method, device and server
CN107292606A (en) * 2017-07-27 2017-10-24 中国银联股份有限公司 A kind of method of payment and device
WO2019019826A1 (en) * 2017-07-27 2019-01-31 中国银联股份有限公司 Payment method and device
TWI684152B (en) * 2017-07-27 2020-02-01 大陸商中國銀聯股份有限公司 Payment method and device
CN107730253A (en) * 2017-09-15 2018-02-23 飞天诚信科技股份有限公司 A kind of offline transaction aging management method and device
CN107730253B (en) * 2017-09-15 2020-08-07 飞天诚信科技股份有限公司 Offline transaction aging management method and device
CN107808287A (en) * 2017-11-21 2018-03-16 艾体威尔电子技术(北京)有限公司 A kind of aggregate payment system
CN108183958A (en) * 2017-12-29 2018-06-19 银联商务股份有限公司 Message transmitting method, device and payment system
CN111935684A (en) * 2020-07-17 2020-11-13 深圳一卡通新技术有限公司 Bluetooth payment system and method
CN116092244A (en) * 2023-01-12 2023-05-09 厦门大学 POS machine supervisory systems based on 5G signal

Similar Documents

Publication Publication Date Title
CN101853453A (en) System and method for realizing mobile payment
CN102073958A (en) System and method for implementing mobile payment
EP2526514B1 (en) Method, device and system for securing payment data for transmission over open communication networks
CN101098225B (en) Safety data transmission method and paying method, paying terminal and paying server
CN102201143B (en) A kind of bank card transaction system based on SMS platform real-time interaction and method
US20180053167A1 (en) Processing of financial transactions using debit networks
US10270587B1 (en) Methods and systems for electronic transactions using multifactor authentication
EP2365469A1 (en) Method for performing payment transaction using personal mobile device and arrangement for personal mobile device
US20080257952A1 (en) System and Method for Conducting Commercial Transactions
CN102630083B (en) System for using mobile terminal to carry out card operation and method thereof
CN104240074B (en) The online payment system of prepaid card and its method of payment of identity-based certification
KR20140058564A (en) Mobile device with secure element
JP2024102214A (en) System and method for cryptographic authentication of contactless card
CN104951937A (en) Authentication method and authentication system among mobile devices
CN101329786B (en) Method and system for acquiring bank card magnetic track information or payment application for mobile terminal
CN103123708A (en) Secure payment method, mobile device and secure payment system
WO2003044710A1 (en) Apparatus, method and system for payment using a mobile device
CN104240073A (en) Offline payment method and offline payment system on basis of prepaid cards
CN102096972A (en) Method and system for finishing on-line payment based on user terminal, and user terminal
CN102131164A (en) System for performing loan transaction service based on mobile phone short message
El Madhoun et al. An overview of the emv protocol and its security vulnerabilities
CA3115142A1 (en) Systems and methods for cryptographic authentication of contactless cards
CN101330675A (en) Mobile payment terminal equipment
CN102892096B (en) System, method, business operation support system (BOSS) and equipment for realizing account recharge
Me et al. Mobile local macropayments: Security and prototyping

Legal Events

Date Code Title Description
C06 Publication
PB01 Publication
C02 Deemed withdrawal of patent application after publication (patent law 2001)
WD01 Invention patent application deemed withdrawn after publication

Application publication date: 20110525