CN111062725B - Face payment method, device and system and computer readable storage medium - Google Patents
Face payment method, device and system and computer readable storage medium Download PDFInfo
- Publication number
- CN111062725B CN111062725B CN201911294321.6A CN201911294321A CN111062725B CN 111062725 B CN111062725 B CN 111062725B CN 201911294321 A CN201911294321 A CN 201911294321A CN 111062725 B CN111062725 B CN 111062725B
- Authority
- CN
- China
- Prior art keywords
- payment
- image data
- face image
- face
- intelligent camera
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Active
Links
Images
Classifications
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06Q—INFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES, NOT OTHERWISE PROVIDED FOR
- G06Q20/00—Payment architectures, schemes or protocols
- G06Q20/38—Payment protocols; Details thereof
- G06Q20/40—Authorisation, e.g. identification of payer or payee, verification of customer or shop credentials; Review and approval of payers, e.g. check credit lines or negative lists
- G06Q20/401—Transaction verification
- G06Q20/4014—Identity check for transactions
- G06Q20/40145—Biometric identity checks
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06Q—INFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES, NOT OTHERWISE PROVIDED FOR
- G06Q20/00—Payment architectures, schemes or protocols
- G06Q20/38—Payment protocols; Details thereof
- G06Q20/382—Payment protocols; Details thereof insuring higher security of transaction
- G06Q20/3825—Use of electronic signatures
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06Q—INFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES, NOT OTHERWISE PROVIDED FOR
- G06Q20/00—Payment architectures, schemes or protocols
- G06Q20/38—Payment protocols; Details thereof
- G06Q20/382—Payment protocols; Details thereof insuring higher security of transaction
- G06Q20/3829—Payment protocols; Details thereof insuring higher security of transaction involving key management
Landscapes
- Business, Economics & Management (AREA)
- Engineering & Computer Science (AREA)
- Accounting & Taxation (AREA)
- Computer Security & Cryptography (AREA)
- Finance (AREA)
- Strategic Management (AREA)
- Physics & Mathematics (AREA)
- General Business, Economics & Management (AREA)
- General Physics & Mathematics (AREA)
- Theoretical Computer Science (AREA)
- Financial Or Insurance-Related Operations Such As Payment And Settlement (AREA)
Abstract
The application provides a face payment method, a face payment device, a face payment system and a computer readable storage medium, and belongs to the technical field of computers. The system comprises: the payment terminal is provided with an intelligent camera, and the intelligent camera is used for acquiring face image data and signing according to the face image data to obtain signature information; the payment terminal is used for sending a payment request to the payment server, wherein the payment request carries the face image data and the signature information; the payment server is used for checking the signature information, and carrying out face payment according to the face image data after the signature checking is successful. The face payment security improvement method and device are beneficial to improvement of face payment security.
Description
Technical Field
The present disclosure relates to the field of computer technologies, and in particular, to a face payment method, device and system, and a computer readable storage medium.
Background
With the popularization of face payment, more and more merchants have access to face payment functions. With the steep increase of the user quantity using the face payment function, the security of face payment is increasingly important. Security of face payments may be maintained, typically from the perspective of face image data.
At present, the payment terminal can collect face image data through a camera, the collected face image data is transmitted to a payment server, and the payment server performs face payment according to the face image data.
However, in the above scheme, the payment terminal transmits plain text face image data to the payment server, so that the security of face payment is poor.
Disclosure of Invention
The application provides a face payment method, a face payment device, a face payment system and a computer readable storage medium, which are beneficial to improving the security of face payment. The technical scheme is as follows:
in one aspect, a face payment system is provided, the system comprising: a payment terminal and a payment server, the payment terminal having a smart camera,
the intelligent camera is used for acquiring face image data, and signing according to the face image data to obtain signature information;
the payment terminal is used for sending a payment request to the payment server, wherein the payment request carries the face image data and the signature information;
the payment server is used for checking the signature information carried by the payment request, and carrying out face payment according to the face image data carried by the payment request after the signature checking is successful.
Optionally, the intelligent camera is configured to sign the face image data by using a target private key to obtain the signature information;
the payment server is used for signing the signature information by adopting a target public key to obtain signing verification data, and when the signing verification data are identical to the face image data, successful signing verification is determined, and the target private key and the target public key are a group of asymmetric public private keys.
Optionally, the intelligent camera is configured to obtain feature data of the face image data, and sign the feature data by using a target private key to obtain the signature information;
the payment request also carries the characteristic data, the payment server is used for checking the signature information by using a target public key to obtain signature checking data, the signature checking data is identical to the characteristic data, the signature checking success is determined, and the target private key and the target public key are a group of asymmetric public private keys.
Optionally, the smart camera is further configured to generate the target private key and the target public key, and store the target private key in a security module of the smart camera;
the payment terminal is further used for sending the identification of the intelligent camera and the target public key to the payment server;
The payment server is further used for binding and storing the identification of the intelligent camera and the target public key.
Optionally, the payment request further carries an identifier of the intelligent camera, and the payment server is further configured to obtain the target public key according to the identifier of the intelligent camera.
Optionally, the feature data includes a hash value.
In another aspect, a face payment method is provided and applied to a payment terminal, the payment terminal has an intelligent camera, and the method includes:
acquiring face image data through the intelligent camera;
signing is carried out through the intelligent camera according to the face image data to obtain signature information;
and sending a payment request to a payment server, wherein the payment request carries the face image data and the signature information, so that the payment server can check the signature information, and face payment is carried out according to the face image data after the signature check is successful.
Optionally, the signing by the intelligent camera according to the face image data to obtain signature information includes: and signing the face image data by the intelligent camera through a target private key to obtain signature information.
Optionally, the signing by the intelligent camera according to the face image data to obtain signature information includes: acquiring characteristic data of the face image data through the intelligent camera; and signing the characteristic data by using a target private key through the intelligent camera to obtain signature information.
Optionally, before signature information is obtained by the intelligent camera through signing according to the face image data, the method further comprises:
generating a target public key and the target private key through the intelligent camera, wherein the target private key and the target public key are a group of asymmetric public private keys;
storing the target private key in a security module of the intelligent camera;
and sending the identification of the intelligent camera and the target public key to the payment server so that the payment server can store the identification of the intelligent camera and the target public key in a binding way.
Optionally, the feature data includes a hash value.
In still another aspect, a face payment method is provided, applied to a payment server, and the method includes:
receiving a payment request sent by a payment terminal, wherein the payment request carries face image data and signature information, and the signature information is obtained by signing according to the face image data after an intelligent camera of the payment terminal acquires the face image data;
Checking the signature information;
and after the signature verification is successful, carrying out face payment according to the face image data.
Optionally, the signature information is obtained by signing the face image data by an intelligent camera of the payment terminal by adopting a target private key,
the signing verification of the signature information comprises the following steps:
signing the signature information by adopting a target public key to obtain signing verification data, wherein the target private key and the target public key are a group of asymmetric public private keys;
and when the signature verification data is the same as the face image data, determining that the signature verification is successful.
Optionally, the signature information is obtained by signing the feature data of the face image data by using a target private key by an intelligent camera of the payment terminal, the payment request also carries the feature data,
the signing verification of the signature information comprises the following steps:
signing the signature information by adopting a target public key to obtain signing verification data, wherein the target private key and the target public key are a group of asymmetric public private keys;
and when the signature verification data is the same as the characteristic data, determining that the signature verification is successful.
Optionally, before signing the signature information, the method further includes:
Receiving the identification of the intelligent camera and the target public key sent by the payment terminal;
and binding and storing the identification of the intelligent camera and the target public key.
Optionally, the feature data includes a hash value.
In yet another aspect, a face payment device is provided, including modules for executing the face payment method described in the above aspects.
In yet another aspect, a face payment device is provided, the device including a processor and a memory, where the memory stores at least one instruction, at least one program, a code set, or an instruction set, where the at least one instruction, the at least one program, the code set, or the instruction set is loaded and executed by the processor to implement the face payment method described in the foregoing aspects.
In yet another aspect, a computer readable storage medium is provided, where at least one instruction, at least one program, a code set, or an instruction set is stored, where the at least one instruction, the at least one program, the code set, or the instruction set is loaded and executed by a processor to implement the face payment method described in the foregoing aspects.
The beneficial effects that this application provided technical scheme brought are:
the face payment method, the device and the system, and the computer readable storage medium provided by the application, after the intelligent camera of the payment terminal obtains face image data, signature information is obtained by signing according to the face image data, the payment terminal sends a payment request carrying the face image data and the signature information to the payment server, the payment server tests the signature information, and face payment is carried out according to the face image data after the signature test is successful. Because the intelligent camera of the payment terminal signs according to the face image data, the payment server performs face payment according to the face image data after the signature verification is successful, and therefore the security of face payment is improved.
It is to be understood that both the foregoing general description and the following detailed description are exemplary and explanatory only and are not restrictive of the application.
Drawings
In order to more clearly illustrate the technical solutions of the embodiments of the present application, the drawings that are needed in the description of the embodiments will be briefly introduced below, and it is obvious that the drawings in the following description are only some embodiments of the present application, and that other drawings may be obtained according to these drawings without inventive effort for a person skilled in the art.
FIG. 1 is a schematic illustration of an implementation environment in which various embodiments of the present application are directed;
fig. 2 is a method flowchart of a face payment method provided in an embodiment of the present application;
fig. 3 is a method flowchart of another face payment method provided in an embodiment of the present application;
fig. 4 is a method flowchart of still another face payment method provided in an embodiment of the present application;
fig. 5 is a schematic diagram of a face payment method according to an embodiment of the present application;
fig. 6 is a block diagram of a face payment device provided in an embodiment of the present application;
fig. 7 is a block diagram of another face payment device provided in an embodiment of the present application;
fig. 8 is a block diagram of still another face payment device provided in an embodiment of the present application;
fig. 9 is a block diagram of yet another face payment device provided in an embodiment of the present application;
fig. 10 is a schematic structural diagram of a face payment device according to an embodiment of the present application;
fig. 11 is a schematic structural diagram of another face payment device according to an embodiment of the present disclosure;
fig. 12 is a schematic diagram of a face payment system according to an embodiment of the present application.
The accompanying drawings, which are incorporated in and constitute a part of this specification, illustrate embodiments consistent with the application and together with the description, serve to explain the principles of the application.
Detailed Description
In order to make the principles, technical solutions and advantages of the present application more apparent, the present application will be described in further detail below with reference to the accompanying drawings, it being apparent that the described embodiments are only some, but not all embodiments of the present application. All other embodiments, which can be made by one of ordinary skill in the art without undue burden from the present disclosure, are within the scope of the present disclosure.
Referring to fig. 1, a schematic diagram of an implementation environment according to various embodiments of the present application is shown, referring to fig. 1, where the implementation environment includes: a payment terminal 110 and a payment server 120. Payment terminal 110 and payment server 120 may be communicatively coupled via a wired network or a wireless network, which may include, but is not limited to: wireless fidelity (Wireless Fidelity; abbreviated as WIFI) network, bluetooth network, infrared network, zigbee (english: zigbee) network, or data network, etc., the wired network may be a universal serial bus (Universal Serial Bus; abbreviated as USB) network.
The payment terminal 110 may be a face terminal, which refers to a terminal with a face payment function, for example, the payment terminal 110 may be a smart phone, a tablet computer, a notebook computer, a desktop computer, or the like. The payment server 120 may be a server, a server cluster comprising a plurality of servers, or a cloud computing service center.
In the embodiment of the present application, the payment terminal 110 may have an intelligent camera, which is removably disposed in the payment terminal 110, and the intelligent camera may be a three-dimensional (3D) camera, which has a living body detection function. The smart camera may include a security module that may be used to store a private key of the smart camera. The security module may be a software module and/or a hardware module, for example, the security module may be a security Element (SE for short), or the security module may be a trusted execution environment (TEE for short, trusted Execution Environment), the TEE being capable of providing a Secure area for the smart camera to store sensitive data, ensuring that the sensitive data is stored, processed and protected in an isolated, trusted environment. Optionally, the smart camera may further include a processor, which may be used for data processing, and the processor may be, for example, a digital signal processor (english: digital Signal Processor; abbreviated as DSP), which is a unique microprocessor, and is a device for processing data with digital signals. Optionally, the smart camera may further include an image sensor (sensor) for acquiring image data, which may include a combination of any one or more of a color image sensor, a depth image sensor, or an infrared image sensor. In this embodiment of the present application, the payment terminal 110 further includes a payment host, where the payment host may include an execution module, and the execution module may be a general execution environment (english: rich Execution Environment; abbreviated as REE) module, and the REE module includes a general operating system and a client application running on a general processor.
In this embodiment of the present application, the smart camera of the payment terminal 110 may acquire face image data, sign according to the face image data to obtain signature information, the payment terminal 110 sends a payment request to the payment server 120, where the payment request carries the face image data and the signature information, the payment server 120 performs signature verification on the signature information carried by the payment request, and performs face payment according to the face image data carried by the payment request after the signature verification is successful. In this way, the smart camera of the payment terminal 110 signs according to the face image data, and the payment server 120 performs face payment according to the face image data after the signature verification is successful, so that the security of face payment is improved.
Referring to fig. 2, a flowchart of a method for face payment according to an embodiment of the present application is shown, where the face payment method may be used for the payment terminal 110 in the implementation environment shown in fig. 1, and referring to fig. 2, the method may include the following steps:
Alternatively, the smart camera may have an image sensor, and the smart camera may acquire face image data through the image sensor to acquire the face image data.
And 202, signing according to the face image data by the intelligent camera to obtain signature information.
Optionally, a target private key may be stored in the intelligent camera, and the intelligent camera may use the target private key to sign the face image data to obtain signature information; or the intelligent camera can acquire the characteristic data of the face image data, and the signature information is obtained by signing the characteristic data of the face image data by adopting the target private key. The characteristic data may be hash (english: hash) data, such as a hash value.
Optionally, if the intelligent camera uses the target private key to sign the feature data of the face image data to obtain signature information, the payment request may also carry the feature data of the face image data.
Optionally, the payment request may further carry an identifier of the smart camera, so that the payment server obtains a target public key according to the identifier of the smart camera, and uses the target public key to sign the signature information. The target public key and the target private key in step 202 may be a set of asymmetric public private keys, for example, the target public key and the target public key may be RSA keys. The identifier of the smart camera uniquely identifies the smart camera, and the identifier of the smart camera may be, for example, a Serial Number (english: serial Number; SN for short) of the smart camera.
In summary, in the face payment method provided by the embodiment of the present application, after the intelligent camera of the payment terminal obtains the face image data, signature is performed according to the face image data to obtain signature information, the payment terminal sends a payment request carrying the face image data and the signature information to the payment server, the payment server performs signature verification on the signature information, and after the signature verification is successful, face payment is performed according to the face image data. Because the intelligent camera of the payment terminal signs according to the face image data, the payment server performs face payment according to the face image data after the signature verification is successful, and therefore the security of face payment is improved.
Referring to fig. 3, a flowchart of another face payment method provided in an embodiment of the present application is shown, where the face payment method may be used for the payment server 120 in the implementation environment shown in fig. 1, and referring to fig. 3, the method may include the following steps:
In this embodiment of the present application, the signature information may be obtained by signing the face image data by using a target private key by using an intelligent camera of the payment terminal, or may be obtained by signing the feature data of the face image data by using a target private key by using an intelligent camera of the payment terminal, and if the signature information is obtained by signing the feature data of the face image data by using a target private key by using an intelligent camera of the payment terminal, the payment request may also carry the feature data of the face image data. The characteristic data may be a hash value.
The payment server can acquire the target public key, and the signature information is checked by adopting the target public key to acquire the check data. Optionally, the payment server stores a binding relationship between the public key and the camera identifier, the payment request may also carry the identifier of the smart camera of the payment terminal, and the payment server may obtain the target public key according to the identifier of the smart camera. The target public key and the target private key in step 301 may be a set of asymmetric public private keys, for example, the target public key and the target public key may be RSA keys.
Optionally, the signature information is obtained by signing the face image data by using a target private key by an intelligent camera of the payment terminal, after the payment server obtains signature verification data, whether the signature verification data is the same as the face image data carried by the payment request or not can be detected, if the signature verification data is the same as the face image data carried by the payment request, the payment server determines that the signature verification is successful, and if the signature verification data is different from the face image data carried by the payment request, the payment server determines that the signature verification is failed.
Optionally, the signature information is obtained by signing feature data of face image data by using a target private key by an intelligent camera of the payment terminal, after the payment server obtains signature verification data, whether the signature verification data is the same as the feature data carried by the payment request or not can be detected, if the signature verification data is the same as the feature data carried by the payment request, the payment server determines that the signature verification is successful, and if the signature verification data is different from the feature data carried by the payment request, the payment server determines that the signature verification fails.
And 303, after the signature verification is successful, carrying out face payment according to the face image data.
After the signature verification is successful, the payment server can carry out face payment according to face image data carried by the payment request. Optionally, the payment server obtains payment information according to the face image data, returns the payment information to the payment terminal, and the payment terminal completes payment according to the payment information.
In summary, in the face payment method provided by the embodiment of the present application, after the intelligent camera of the payment terminal obtains the face image data, signature is performed according to the face image data to obtain signature information, the payment terminal sends a payment request carrying the face image data and the signature information to the payment server, the payment server performs signature verification on the signature information, and after the signature verification is successful, face payment is performed according to the face image data. Because the intelligent camera of the payment terminal signs according to the face image data, the payment server performs face payment according to the face image data after the signature verification is successful, and therefore the security of face payment is improved.
Referring to fig. 4, a flowchart of a method of another face payment method according to an embodiment of the present application is shown, where the face payment method may be applied to the implementation environment shown in fig. 1, and the implementation environment includes a payment terminal 110 and a payment server 120, and fig. 4 is described by taking an example that the payment terminal 110 includes a payment host and a smart camera. Referring to fig. 4, the method may include the steps of:
Step 401, generating a target public key and a target private key by an intelligent camera of the payment terminal.
Wherein the target private key and the target public key are a set of asymmetric public private keys, such as RSA keys.
Optionally, the smart camera may generate the target public key and the target private key according to the identifier of the smart camera, or the smart camera may include a processor therein, and the smart camera may generate the target public key and the target private key according to the identifier of the processor.
Illustratively, the smart camera generates the target public key and the target private key according to the SN of the smart camera, or the smart camera generates the target public key and the target private key according to the identification of the DSP in the smart camera.
It should be understood by those skilled in the art that the manner in which the smart camera generates the target public key and the target private key described in the embodiments of the present application is merely exemplary, and in practical applications, the smart camera may also generate the target public key and the target private key in other manners, and the manner in which the smart camera generates the target public key and the target private key is not limited in the embodiments of the present application.
Step 402, the intelligent camera of the payment terminal stores the target private key in a security module of the intelligent camera.
In this embodiment of the present application, the security module may be included in the smart camera, and after the smart camera generates the target public key and the target private key, the target private key may be stored in the security module of the smart camera, so that the target private key may be prevented from being maliciously acquired by other terminals.
Alternatively, the security module may be a software module and/or a hardware module, for example, the security module may be a SE or TEE module, the TEE being capable of providing a secure area for the smart camera to store sensitive data, ensuring that the sensitive data is stored, processed and protected in an isolated, trusted environment.
Optionally, in this embodiment of the present application, the smart camera may be configured in the payment terminal in a pluggable manner, and the smart camera may generate the target public key and the target private key after leaving the factory, and the target private key may be burned in a security module of the smart camera.
Step 403, the intelligent camera of the payment terminal sends the identification of the intelligent camera and the target public key to the payment server.
Optionally, the smart camera may acquire the identifier of the smart camera first, and then send, through a communication connection between the payment terminal and the payment server, the identifier of the smart camera and the target public key to the payment server, where the identifier of the smart camera may uniquely identify the smart camera, and the identifier of the smart camera may be, for example, SN of the smart camera.
Alternatively, the identification of the smart camera may be stored in the smart camera, and the smart camera may read the identification of the smart camera from its own storage space.
Step 404, the payment server receives the identification of the intelligent camera and the target public key sent by the intelligent camera of the payment terminal.
The intelligent camera corresponding to the payment terminal sends the identification of the intelligent camera and the target public key to the payment server, and the payment server can receive the identification of the intelligent camera and the target public key sent by the intelligent camera. Optionally, the payment server may receive the identification of the smart camera and the target public key sent by the smart camera through a communication connection with the payment terminal.
It should be noted that, in the embodiment of the present application, the identification and the target public key of the smart camera are sent to the payment server by the smart camera, in practical application, the smart camera may transmit the identification and the target public key of the smart camera to the payment host, and the payment host sends the identification and the target public key of the smart camera to the payment server, so that the payment server may correspondingly receive the identification and the target public key of the smart camera sent by the payment host of the payment terminal, which is not limited in the embodiment of the present application.
And step 405, the payment server stores the identification of the intelligent camera and the target public key in a binding way.
After receiving the identification of the intelligent camera and the target public key, the payment server can bind and store the identification of the intelligent camera and the target public key. Optionally, the payment server may bind the identifier of the smart camera with the target public key to obtain a binding relationship, and then store the binding relationship.
It is easy to understand that the payment server may store the identifier of the smart camera and the target public key in a local manner, or store the identifier of the smart camera and the target public key in a binding manner to other terminals or servers, which is not limited in the embodiments of the present application.
Step 406, the intelligent camera of the payment terminal acquires face image data.
Alternatively, the smart camera may have an image sensor, and the smart camera may acquire face image data through the image sensor to acquire the face image data. The image sensor may include any one or more of a color image sensor, a depth image sensor or an infrared image sensor, and accordingly, the face image data may be any one or more of color image data, depth image data or infrared image data.
Optionally, the user can operate the payment terminal to trigger the payment terminal to start the intelligent camera and display the face acquisition area, and the user can adjust the face position according to the face acquisition area to enable the face to be located in the face acquisition area, so that the intelligent camera can acquire face images.
And step 407, the intelligent camera of the payment terminal signs according to the face image data to obtain signature information.
After the intelligent camera of the payment terminal collects the face image data, signature information can be obtained by signing according to the face image data. Optionally, the smart camera may include a processor (e.g. DSP), and after the image sensor collects the face image data, the face image data may be transmitted to the processor, and the processor signs according to the face image data to obtain signature information.
Optionally, the intelligent camera performing signature according to the face image data to obtain signature information may include:
the intelligent camera adopts the target private key to sign the face image data to obtain signature information, for example, the intelligent camera adopts the target private key to encrypt the face image data to obtain the signature information. Or the intelligent camera acquires the characteristic data of the face image data, and signs the characteristic data of the face image data by adopting a target private key to obtain signature information, for example, the intelligent camera encrypts the characteristic data of the face image data by adopting the target private key to obtain the signature information. Wherein the characteristic data may comprise a hash value.
Optionally, the intelligent camera may perform feature extraction on the face image data to obtain feature data of the face image data, for example, the intelligent camera performs feature extraction on the face image data through a hash algorithm to obtain a hash value of the face image data.
In the embodiment of the application, the intelligent camera may acquire the target private key before signing by adopting the target private key. Alternatively, the smart camera may read the target private key from its own security module, e.g. the smart camera may read the target private key from the SE or TEE module.
Those skilled in the art will readily understand that signature information obtained by signing according to a private key can only be signed by adopting a corresponding public key, and in the embodiment of the application, the signature information is obtained by signing by adopting a target private key by an intelligent camera, so that the signature information can only be signed by adopting a target public key paired with the target private key, and the information security can be ensured.
Step 408, the intelligent camera of the payment terminal transmits the face image data and the signature information to the payment host of the payment terminal.
Optionally, the smart camera is detachably connected to the payment host in a communication manner, and the smart camera can transmit the face image data and the signature information to the payment host through the communication connection.
Optionally, if the signature information is obtained by signing feature data of the face image data by the intelligent camera using the target private key, the intelligent camera may also transmit the feature data of the face image data to the payment host, which is not limited in the embodiment of the present application.
Step 409, a payment host of the payment terminal sends a payment request to a payment server, where the payment request carries the face image data and the signature information.
Alternatively, the payment host may generate a payment request and then send the payment request to the payment server via a communication connection between the payment terminal and the payment server, the payment request carrying the face image data and the signature information.
Optionally, if the signature information is obtained by signing the feature data of the face image data by using the target private key by the intelligent camera of the payment terminal, the payment request may also carry the feature data of the face image data, which is not limited in the embodiment of the present application.
Step 410, the payment server receives the payment request sent by the payment host of the payment terminal.
The payment server may receive the payment request sent by the payment host of the payment terminal, where the payment request carries face image data and signature information. Optionally, the payment request may further carry feature data of the face image data, which is not limited in the embodiment of the present application.
Step 411, the payment server performs signature verification on the signature information carried by the payment request.
After receiving a payment request sent by a payment host of a payment terminal, a payment server can analyze the payment request to obtain face image data and signature information, and then check the signature information. Optionally, if the payment request further carries feature data of the face image data, the payment server may further obtain the feature data of the face image data by parsing the payment request.
Optionally, signing the signature information by the payment server may include: the payment server adopts a target public key to check the signature information to obtain check data, detects whether the check data is identical to the face image data carried by the payment request, if so, the payment server determines that the check is successful, and if not, the payment server determines that the check is failed.
Optionally, if the payment request further carries feature data of the face image data, the signing of the signature information by the payment server may include: the payment server adopts a target public key to check the signature information to obtain signature checking data, detects whether the signature checking data is identical to the characteristic data carried by the payment request, if the signature checking data is identical to the characteristic data, the payment server determines that the signature checking is successful, and if the signature checking data is different from the characteristic data, the payment server determines that the signature checking fails.
It should be noted that, signing signature information by the payment server using the target public key may include: the payment server adopts the target public key to decrypt the signature information, and if the decryption fails or the signature verification data obtained by decryption is different from the face characteristic data (or the characteristic data of the face characteristic data), the signature verification fails.
It should be further noted that, before the payment server uses the target public key to verify the signature information, the payment server may first obtain the target public key. Optionally, the payment request may further carry an identifier of the smart camera, the payment server may store a binding relationship between the public key and the identifier of the smart camera, and the payment server may obtain the target public key from the binding relationship according to the identifier of the smart camera carried by the payment request. Of course, the payment server may obtain the target public key in other manners, which is not limited in the embodiment of the present application.
And 412, after the signature verification is successful, the payment server performs face payment according to the face image data carried by the payment request.
If the payment server determines that the verification is successful in step 412, the payment server determines that the face image data carried by the payment request is trusted face image data, but not malicious data, and the payment server performs face payment according to the face image data.
Optionally, the payment server performing face payment according to the face image data may include: and the payment server acquires payment information according to the face image data, returns the payment information to the payment terminal, and completes payment according to the payment information after the payment terminal receives the payment information. The payment information may be a payment code or a payment link, where the payment code may be any one of a two-dimensional code or a barcode, and the payment link may be a payment website, which is not limited in this embodiment of the present application.
It is easy to understand by those skilled in the art that the sequence of the steps of the face payment method provided in the embodiment of the present application may be appropriately adjusted, and the steps may also be increased or decreased according to the situation, for example, steps 401 to 405 may be performed when the face payment terminal is used for the first time, or performed when the smart camera leaves the factory, and not necessarily performed when the face payment is performed each time, and any method familiar with those skilled in the art will easily think of changes within the technical scope of the disclosure of the present application, and therefore, the scope of protection of the present application is covered.
In summary, in the face payment method provided by the embodiment of the present application, after the intelligent camera of the payment terminal obtains the face image data, signature is performed according to the face image data to obtain signature information, the payment terminal sends a payment request carrying the face image data and the signature information to the payment server, the payment server performs signature verification on the signature information, and after the signature verification is successful, face payment is performed according to the face image data. Because the intelligent camera of the payment terminal signs according to the face image data, the payment server performs face payment according to the face image data after the signature verification is successful, and therefore the security of face payment is improved.
In this embodiment of the application, the target private key is stored in the security module of the intelligent camera, cannot be derived, and can ensure the security of the target private key, and the process of signing by adopting the target private key according to the face image data is performed inside the intelligent camera, so that the security of the face image data (data source) can be ensured, and the security of face payment is ensured.
At present, some schemes for improving payment safety by modifying and upgrading a host of a payment terminal exist, but the difficulty and cost for modifying and upgrading the host of the payment terminal are higher; in this application embodiment, this intelligent camera pluggable setting is in payment terminal, consequently need not to reform transform the upgrading to payment terminal's host computer (i.e. payment host computer) just can make this intelligent camera integrate in this payment terminal, and the degree of difficulty is less, and the cost is lower.
Fig. 5 is a schematic diagram of a face payment method provided in the embodiment of the present application, and in the following, with reference to fig. 5, an intelligent camera is used to sign feature data of face image data by using a target private key, where the feature data is a hash value as an example, and the face payment method provided in the embodiment of the present application is schematically illustrated.
As shown in fig. 5, the payment terminal includes a smart camera and a payment host, the smart camera is removably connected to the payment host in a communication manner, the smart camera includes a security module (SE and/or TEE module), a DSP, and an image sensor, and the payment host includes a re module.
When the payment method provided by the embodiment of the application is executed, the DSP generates a target public key and a target private key, the target private key is stored in the SE or the TEE module, the target public key is sent to the payment server, and the payment server stores the target public key. Then, the image sensor collects face image data and transmits the face image data to the DSP. The DSP calculates the hash value of the face image data, reads a target private key from the SE or the TEE module, signs the hash value of the face image data by adopting the target private key to obtain signature information, and transmits the face image data, the hash value of the face image data and the signature information to the payment host. The payment host generates a payment request carrying the face image data, the hash value of the face image data and the signature information, and sends the payment request to the payment server. After receiving the payment request, the payment server acquires a target public key, performs signature verification on signature information carried by the payment request by adopting the target public key to obtain signature verification data, detects whether the signature verification data is identical with a hash value carried by the payment request, verifies face image data carried by the payment request, and performs face payment according to the face image data after the verification is successful.
The following are device embodiments of the present application, which may be used to perform method embodiments of the present application. For details not disclosed in the device embodiments of the present application, please refer to the method embodiments of the present application.
Referring to fig. 6, a block diagram of a face payment device 600 provided in an embodiment of the present application is shown, where the face payment device 600 may be a program component in a payment terminal, and the payment terminal has a smart camera. Referring to fig. 6, the face payment apparatus 600 may include, but is not limited to:
an acquiring module 610, configured to acquire face image data through an intelligent camera;
the signature module 620 is configured to obtain signature information by signing the face image data by using the intelligent camera;
the first sending module 630 is configured to send a payment request to a payment server, where the payment request carries the face image data and the signature information, so that the payment server performs signature verification on the signature information, and performs face payment according to the face image data after the signature verification is successful.
Optionally, the signature module 620 is configured to sign the face image data with the target private key through the smart camera to obtain signature information.
Optionally, the signature module 620 is configured to:
Acquiring characteristic data of face image data through an intelligent camera;
and signing the characteristic data by adopting a target private key through the intelligent camera to obtain signature information.
Optionally, please refer to fig. 7, which shows a block diagram of another face payment device 600 provided in an embodiment of the present application, referring to fig. 7, on the basis of fig. 6, the face payment device 600 further includes:
the generating module 640 is configured to generate, by using the smart camera, a target public key and a target private key, where the target private key and the target public key are a set of asymmetric public private keys;
a storage module 650 for storing the target private key in a security module of the smart camera;
and the second sending module 660 is configured to send the identifier of the smart camera and the target public key to the payment server, so that the payment server stores the identifier of the smart camera and the target public key in a binding manner.
Optionally, the characteristic data comprises a hash value.
In summary, in the face payment device provided by the embodiment of the present application, after the intelligent camera of the payment terminal obtains the face image data, the signature information is obtained by signing according to the face image data, the payment terminal sends a payment request carrying the face image data and the signature information to the payment server, the payment server performs signature verification on the signature information, and after the signature verification is successful, face payment is performed according to the face image data. Because the intelligent camera of the payment terminal signs according to the face image data, the payment server performs face payment according to the face image data after the signature verification is successful, and therefore the security of face payment is improved.
Referring to fig. 8, a block diagram of a face payment device 800 according to an embodiment of the present application is shown, where the face payment device 800 may be a program component in a payment server. Referring to fig. 8, the face payment apparatus 800 may include, but is not limited to:
the first receiving module 810 is configured to receive a payment request sent by a payment terminal, where the payment request carries face image data and signature information, and the signature information is obtained by signing according to the face image data after an intelligent camera of the payment terminal acquires the face image data;
a signature verification module 820 for verifying the signature information;
and the payment module 830 is configured to perform face payment according to the face image data after the signature verification is successful.
Optionally, the signature information is obtained by signing the face image data by an intelligent camera of the payment terminal by adopting a target private key,
the signature verification module 820 is configured to:
signing the signature information by adopting a target public key to obtain signing verification data, wherein the target private key and the target public key are a group of asymmetric public and private keys;
and when the signature verification data is the same as the face image data, determining that the signature verification is successful.
Optionally, the signature information is obtained by signing the feature data of the face image data by using a target private key by an intelligent camera of the payment terminal, the payment request also carries the feature data,
The signature verification module 820 is configured to:
signing the signature information by adopting a target public key to obtain signing verification data, wherein the target private key and the target public key are a group of asymmetric public and private keys;
and when the signature verification data is the same as the characteristic data, determining that the signature verification is successful.
Optionally, please refer to fig. 9, which shows a block diagram of another face payment device 800 provided in an embodiment of the present application, referring to fig. 9, on the basis of fig. 8, the face payment device 800 further includes:
a second receiving module 840, configured to receive an identifier of the intelligent camera and a target public key sent by the payment terminal;
and the storage module 850 is used for binding and storing the identification of the intelligent camera and the target public key.
Optionally, the characteristic data comprises a hash value.
In summary, in the face payment device provided by the embodiment of the present application, after the intelligent camera of the payment terminal obtains the face image data, the signature information is obtained by signing according to the face image data, the payment terminal sends a payment request carrying the face image data and the signature information to the payment server, the payment server performs signature verification on the signature information, and after the signature verification is successful, face payment is performed according to the face image data. Because the intelligent camera of the payment terminal signs according to the face image data, the payment server performs face payment according to the face image data after the signature verification is successful, and therefore the security of face payment is improved.
The specific manner in which the various modules perform the operations in the apparatus of the above embodiments have been described in detail in connection with the embodiments of the method, and will not be described in detail herein.
Referring to fig. 10, a schematic structural diagram of a face payment device 1000 according to an embodiment of the present application is shown. The apparatus 1000 may be a payment terminal, which may be a face terminal, for example, the payment terminal may be: a terminal such as a smart phone, a tablet computer, a notebook computer or a desktop computer. The apparatus 1000 may also be referred to by other names of user equipment, portable terminals, laptop terminals, desktop terminals, etc.
Generally, the apparatus 1000 comprises: a processor 1001 and a memory 1002.
The processor 1001 may include one or more processing cores, such as a 4-core processor, an 8-core processor, and so on. The processor 1001 may be implemented in at least one hardware form of digital signal processing (english: digital Signal Processing; abbreviated: DSP), field programmable gate array FPGA (english: field-Programmable Gate Array; abbreviated: FPGA), and programmable logic array (english: programmable Logic Array; abbreviated: PLA). The processor 1001 may also include a main processor, which is a processor for processing data in the awake state, also called a CPU, and a coprocessor; a coprocessor is a low-power processor for processing data in a standby state. In some embodiments, the processor 1001 may integrate an image processor (english: graphics Processing Unit; abbreviated as GPU) for rendering and drawing the content required to be displayed by the display screen. In some embodiments, the processor 1001 may further include an artificial intelligence (English: artificial Intelligence; AI) processor for processing computing operations related to machine learning.
In some embodiments, the apparatus 1000 may further optionally include: a peripheral interface 1003, and at least one peripheral. The processor 1001, the memory 1002, and the peripheral interface 1003 may be connected by a bus or signal line. The various peripheral devices may be connected to the peripheral device interface 1003 via a bus, signal wire, or circuit board. The peripheral device may include: at least one of radio frequency circuitry 1004, touch display 1005, camera assembly 1006, audio circuitry 1007, positioning assembly 1008, or power supply 1009.
The Radio Frequency circuit 1004 is configured to receive and transmit Radio Frequency (RF) signals, also referred to as electromagnetic signals. Radio frequency circuitry 1004 communicates with a communication network and other communication devices via electromagnetic signals. The radio frequency circuit 1004 converts an electrical signal into an electromagnetic signal for transmission, or converts a received electromagnetic signal into an electrical signal. Optionally, the radio frequency circuit 1004 includes: antenna systems, RF transceivers, one or more amplifiers, tuners, oscillators, digital signal processors, codec chipsets, subscriber identity module cards, and so forth. Radio frequency circuitry 1004 may communicate with other terminals via at least one wireless communication protocol. The wireless communication protocol includes, but is not limited to: metropolitan area networks, various generations of mobile communication networks (2G, 3G, 4G, and 5G), wireless local area networks, and/or WiFi networks. In some embodiments, the radio frequency circuit 1004 may further include a circuit related to short-range wireless communication (English: near Field Communication; NFC for short), which is not limited in this application.
The display screen 1005 is used for displaying a User Interface (UI). The UI may include graphics, text, icons, video, and any combination thereof. When the display 1005 is a touch screen, the display 1005 also has the ability to capture touch signals at or above the surface of the display 1005. The touch signal may be input to the processor 1001 as a control signal for processing. At this time, the display 1005 may also be used to provide virtual buttons and/or virtual keyboards, also referred to as soft buttons and/or soft keyboards. In some embodiments, the display 1005 may be one, disposed on the front panel of the device 1000; in other embodiments, the display 1005 may be at least two, respectively disposed on different surfaces of the device 1000 or in a folded design; in still other embodiments, the display 1005 may be a flexible display disposed on a curved surface or a folded surface of the device 1000. Even more, the display 1005 may be arranged in a non-rectangular irregular pattern, i.e., a shaped screen. The display 1005 may be made of a liquid crystal display (Liquid Crystal Display, LCD) or an Organic Light-Emitting Diode (OLED).
The camera assembly 1006 is used to capture images or video. Optionally, camera assembly 1006 includes a front camera and a rear camera. Typically, the front camera is disposed on the front panel of the terminal and the rear camera is disposed on the rear surface of the terminal. In some embodiments, the at least two rear cameras are any one of a main camera, a depth camera, a wide-angle camera and a tele camera, so as to realize the fusion of the main camera and the depth camera to realize the background blurring function, the fusion of the main camera and the wide-angle camera to realize the panoramic shooting and Virtual Reality (VR) shooting functions or other fusion shooting functions. In some embodiments, camera assembly 1006 may also include a flash. The flash lamp can be a single-color temperature flash lamp or a double-color temperature flash lamp. The dual-color temperature flash lamp refers to a combination of a warm light flash lamp and a cold light flash lamp, and can be used for light compensation under different color temperatures. In an embodiment of the present application, the camera module 1006 may include a smart camera, where the smart camera is configured in the device 1000 in a pluggable manner, and the smart camera may be a 3D camera, which has a living body detection function. The smart camera may include a security module that may be used to store a private key of the smart camera. The security module may be a software module and/or a hardware module, for example, the security module may be an SE or TEE module. Optionally, the smart camera may further comprise a processor, which may be used for data processing, which may be a DSP, for example. And, the smart camera may further include an image sensor for collecting image data, which may include a combination of any one or more of a color image sensor, a depth image sensor, or an infrared image sensor.
The audio circuit 1007 may include a microphone and a speaker. The microphone is used for collecting sound waves of users and environments, converting the sound waves into electric signals, and inputting the electric signals to the processor 1001 for processing, or inputting the electric signals to the radio frequency circuit 1004 for voice communication. For purposes of stereo acquisition or noise reduction, a plurality of microphones may be provided at different locations of the apparatus 1000, respectively. The microphone may also be an array microphone or an omni-directional pickup microphone. The speaker is used to convert electrical signals from the processor 1001 or the radio frequency circuit 1004 into sound waves. The speaker may be a conventional thin film speaker or a piezoelectric ceramic speaker. When the speaker is a piezoelectric ceramic speaker, not only the electric signal can be converted into a sound wave audible to humans, but also the electric signal can be converted into a sound wave inaudible to humans for ranging and other purposes. In some embodiments, audio circuit 1007 may also include a headphone jack.
The location component 1008 is used to locate the current geographic location of the device 1000 to enable navigation or location-based services (English: location Based Service; abbreviated: LBS). The positioning component 1008 may be a positioning component based on the United states Global positioning System (English: global Positioning System; GPS for short), the Beidou system of China, the Granati System, or the Galileo System of the European Union.
A power supply 1009 is used to power the various components in the device 1000. The power source 1009 may be alternating current, direct current, disposable battery or rechargeable battery. When the power source 1009 includes a rechargeable battery, the rechargeable battery may support wired or wireless charging. Rechargeable batteries may also be used to support fast charge technology.
In some embodiments, the device 1000 further includes one or more sensors 1010. The one or more sensors 1010 include, but are not limited to: acceleration sensor 1011, gyroscope sensor 1012, pressure sensor 1013, fingerprint sensor 1014, optical sensor 1015, and proximity sensor 1016.
The acceleration sensor 1011 can detect the magnitudes of accelerations on three coordinate axes of the coordinate system established with the apparatus 1000. For example, the acceleration sensor 1011 may be used to detect components of gravitational acceleration in three coordinate axes. The processor 1001 may control the touch display 1005 to display a user interface in a landscape view or a portrait view according to the gravitational acceleration signal acquired by the acceleration sensor 1011. The acceleration sensor 1011 may also be used for the acquisition of motion data of a game or a user.
The gyro sensor 1012 may detect a body direction and a rotation angle of the apparatus 1000, and the gyro sensor 1012 may collect a 3D motion of the user on the apparatus 1000 in cooperation with the acceleration sensor 1011. The processor 1001 may implement the following functions according to the data collected by the gyro sensor 1012: motion sensing (e.g., changing UI according to a tilting operation by a user), image stabilization at shooting, game control, and inertial navigation.
Pressure sensor 1013 may be disposed on a side frame of device 1000 and/or on an underlying layer of touch display 1005. When the pressure sensor 1013 is provided at a side frame of the device 1000, a grip signal of the device 1000 by a user can be detected, and the processor 1001 performs a right-left hand recognition or a quick operation according to the grip signal collected by the pressure sensor 1013. When the pressure sensor 1013 is provided at the lower layer of the touch display 1005, the processor 1001 controls the operability control on the UI interface according to the pressure operation of the user on the touch display 1005. The operability controls include at least one of a button control, a scroll bar control, an icon control, and a menu control.
The fingerprint sensor 1014 is used to collect a fingerprint of the user, and the processor 1001 identifies the identity of the user based on the fingerprint collected by the fingerprint sensor 1014, or the fingerprint sensor 1014 identifies the identity of the user based on the collected fingerprint. Upon recognizing that the user's identity is a trusted identity, the processor 1001 authorizes the user to perform relevant sensitive operations including unlocking the screen, viewing encrypted information, downloading software, paying for and changing settings, etc. The fingerprint sensor 1014 may be provided on the front, back, or side of the face payment device 1000. When a physical key or vendor Logo is provided on the device 1000, the fingerprint sensor 1014 may be integrated with the physical key or vendor Logo.
The optical sensor 1015 is used to collect ambient light intensity. In one embodiment, the processor 1001 may control the display brightness of the touch display 1005 based on the ambient light intensity collected by the optical sensor 1015. Specifically, when the intensity of the ambient light is high, the display brightness of the touch display screen 1005 is turned up; when the ambient light intensity is low, the display brightness of the touch display screen 1005 is turned down. In another embodiment, the processor 1001 may dynamically adjust the shooting parameters of the camera module 1006 according to the ambient light intensity collected by the optical sensor 1015.
A proximity sensor 1016, also known as a distance sensor, is typically provided on the front panel of the device 1000. The proximity sensor 1016 is used to capture the distance between the user and the front of the device 1000. In one embodiment, when the proximity sensor 1016 detects a gradual decrease in the distance between the user and the front face of the device 1000, the processor 1001 controls the touch display 1005 to switch from the bright screen state to the off screen state; when the proximity sensor 1016 detects a gradual increase in the distance between the user and the front of the device 1000, the processor 1001 controls the touch display 1005 to switch from the off-screen state to the on-screen state.
Those skilled in the art will appreciate that the configuration shown in fig. 10 is not limiting of the apparatus 1000 and may include more or fewer components than shown, or may combine certain components, or may employ a different arrangement of components.
Referring to fig. 11, a schematic structural diagram of a face payment device 1100 provided in an embodiment of the present application is shown, where the face payment device 1100 may be a payment server. By way of example, as shown in FIG. 11, the apparatus 1100 includes a central processing unit (English: central Processing Unit; CPU for short), a system Memory 1104 including a Random-Access Memory (RAM for short) 1102 and a Read-Only Memory (ROM for short) 1103, and a system bus 1105 connecting the system Memory 1104 and the central processing unit 1101. Apparatus 1100 also includes a basic Input/Output (I/O) system 1106, which helps to transfer information between various devices within the computer, and a mass storage device 1107 for storing an operating system 1113, application programs 1114, and other program modules 1115.
The basic input/output system 1106 includes a display 1108 for displaying information and an input device 1109, such as a mouse, keyboard, or the like, for user input of information. Wherein both the display 1108 and the input device 1109 are coupled to the central processing unit 1101 through an input-output controller 1110 coupled to the system bus 1105. The basic input/output system 1106 may also include an input/output controller 1110 for receiving and processing input from a number of other devices, such as a keyboard, mouse, or electronic stylus. Similarly, the input/output controller 1110 also provides output to a display screen, a printer, or other type of output device.
The mass storage device 1107 is connected to the central processing unit 1101 through a mass storage controller (not shown) connected to the system bus 1105. Mass storage device 1107 and its associated computer-readable media provide non-volatile storage for apparatus 1100. That is, mass storage device 1107 may include a computer-readable medium (not shown) such as a hard disk or CD-ROM drive.
Computer readable storage media may include computer storage media and communication media without loss of generality. Computer storage media includes volatile and nonvolatile, removable and non-removable media implemented in any method or technology for storage of information such as computer readable instructions, data structures, program modules or other data. Computer storage media includes RAM, ROM, erasable programmable read-Only Memory (english: erasable Programmable Read Only Memory; EPROM for short), charged erasable programmable read-Only Memory (english: electrically Erasable Programmable Read Only Memor; EEPROM for short), flash Memory or other solid state Memory technology, compact disk read-Only Memory (english: compact Disc Read-Only Memory; CD-ROM for short), digital versatile disk (english: digital Versatile Disc; DVD for short), or other optical storage, magnetic cassettes, magnetic tape, magnetic disk storage or other magnetic storage devices. Of course, those skilled in the art will recognize that computer storage media are not limited to the ones described above. The system memory 1104 and mass storage device 1107 described above may be collectively referred to as memory.
According to various embodiments of the present application, the apparatus 1100 may also operate by a remote computer connected to the network through a network, such as the Internet. I.e., device 1100 may connect to network 1112 through a network interface unit 1111 connected to system bus 1105, or other types of networks or remote computer systems (not shown) may be connected using network interface unit 1111.
The above memory further includes one or more programs, one or more programs being stored in the memory and configured to be executed by the CPU to implement the methods provided by the embodiments of the present application.
Referring to fig. 12, a schematic diagram of a face payment system provided in an embodiment of the present application is shown, and referring to fig. 12, the face payment system may include: a payment terminal 1210 and a payment server 1220, the payment terminal 1210 having a smart camera 1211.
The intelligent camera 1211 is configured to obtain face image data, and sign according to the face image data to obtain signature information;
the payment terminal 1210 is configured to send a payment request to the payment server 1220, where the payment request carries the face image data and the signature information;
The payment server 1220 is configured to check signature information carried by the payment request, and perform face payment according to face image data carried by the payment request after the signature check is successful.
Optionally, the smart camera 1211 is configured to sign the face image data with a target private key to obtain signature information;
the payment server 1220 is configured to perform signature verification on the signature information by using a target public key to obtain signature verification data, and determine that the signature verification is successful when the signature verification data is identical to the face image data, where the target private key and the target public key are a set of asymmetric public private keys.
Optionally, the smart camera 1211 is configured to obtain feature data of the face image data, and sign the feature data with a target private key to obtain signature information;
the payment request also carries the feature data, and the payment server 1220 is configured to use a target public key to sign the signature information to obtain sign verification data, and determine that the sign verification is successful when the sign verification data is the same as the feature data, where the target private key and the target public key are a set of asymmetric public and private keys.
Optionally, the smart camera 1211 is further configured to generate a target private key and a target public key, and store the target private key in a security module of the smart camera 1211;
The payment terminal 1210 is further configured to send the identification of the smart camera 1211 and the target public key to the payment server 1220;
the payment server 1220 is also configured to store the identity of the smart camera 1211 and the target public key binding.
Optionally, the payment request further carries an identifier of the smart camera 1211, and the payment server 1220 is further configured to obtain the target public key according to the identifier of the smart camera 1211.
Optionally, the characteristic data comprises a hash value.
In summary, in the face payment system provided by the embodiment of the present application, after the intelligent camera of the payment terminal obtains the face image data, the signature is performed according to the face image data to obtain signature information, the payment terminal sends a payment request carrying the face image data and the signature information to the payment server, the payment server performs signature verification on the signature information, and after the signature verification is successful, face payment is performed according to the face image data. Because the intelligent camera of the payment terminal signs according to the face image data, the payment server performs face payment according to the face image data after the signature verification is successful, and therefore the security of face payment is improved.
The embodiment of the application further provides a computer readable storage medium, where at least one instruction, at least one section of program, code set or instruction set may be stored, where at least one instruction, at least one section of program, code set or instruction set is loaded by a processor and executed to implement the face payment method shown in fig. 2 to 4.
In this application, the terms "first" and "second" are used for descriptive purposes only and are not to be construed as indicating or implying relative importance. The term "plurality" refers to two or more, unless explicitly defined otherwise.
The term "and/or" in this application is merely an association relation describing an associated object, and indicates that three relations may exist, for example, a and/or B may indicate: a exists alone, A and B exist together, and B exists alone. In addition, the character "/" herein generally indicates that the front and rear associated objects are an "or" relationship.
The term "at least one of a or B" in the present application is merely an association relationship describing an association object, and means that three relationships may exist, for example, at least one of a or B may mean: a exists alone, A and B exist together, and B exists alone. Similarly, "at least one of A, B or C" means that there may be seven relationships, which may be represented: there are seven cases where a alone, B alone, C alone, a and B together, a and C together, C and B together, A, B and C together.
It will be understood by those skilled in the art that all or part of the steps for implementing the above embodiments may be implemented by hardware, or may be implemented by a program for instructing relevant hardware, where the program may be stored in a computer readable storage medium, and the storage medium may be a read-only memory, a magnetic disk or an optical disk, etc.
The foregoing description of the exemplary embodiments of the present application is not intended to limit the invention to the particular embodiments disclosed, but on the contrary, the intention is to cover all modifications, equivalents, alternatives, and alternatives falling within the spirit and scope of the invention.
Claims (7)
1. A face payment system, the system comprising: the payment terminal is provided with an intelligent camera, the intelligent camera is arranged in the payment terminal in a pluggable manner, and the payment terminal further comprises a payment host;
the intelligent camera is used for sending the identification of the intelligent camera and the target public key to the payment host;
the payment host is used for sending the identification of the intelligent camera and the target public key to the payment server;
the intelligent camera is also used for acquiring face image data, and signing the face image data by adopting a target private key to obtain signature information;
The intelligent camera is further used for sending the face image data and the signature information to the payment host;
the payment host is further configured to send a payment request to the payment server, where the payment request carries the face image data, the signature information and the identifier of the intelligent camera;
the payment server is further configured to obtain the target public key according to the identifier of the intelligent camera, perform signature verification on the signature information by using the target public key to obtain signature verification data, determine that the signature verification is successful when the signature verification data is identical to the face image data, obtain payment information according to the face image data, and send the payment information to the payment host, where the payment information includes a payment code or a payment link;
the payment host is also used for completing face payment according to the payment information.
2. The system of claim 1, wherein the system further comprises a controller configured to control the controller,
the intelligent camera is further used for generating the target private key and the target public key, and storing the target private key in a security module of the intelligent camera;
the payment server is further used for binding and storing the identification of the intelligent camera and the target public key.
3. The face payment method is characterized by being applied to a payment terminal, wherein the payment terminal is provided with an intelligent camera, the intelligent camera is arranged in the payment terminal in a pluggable mode, the payment terminal further comprises a payment host, and the method comprises the following steps:
sending the identification of the intelligent camera and a target public key to the payment host through the intelligent camera;
sending the identification of the intelligent camera and the target public key to a payment server through the payment host;
acquiring face image data through the intelligent camera;
signing the face image data by the intelligent camera through a target private key to obtain signature information;
transmitting the face image data and the signature information to the payment host through the intelligent camera;
sending a payment request to the payment server through the payment host, wherein the payment request carries the face image data, the signature information and the identification of the intelligent camera, so that the payment server obtains the target public key according to the identification of the intelligent camera, and adopts the target public key to check the signature information to obtain check data, and when the check data is identical with the face image data, check success is determined, payment information is obtained according to the face image data, and the payment information is sent to the payment host, wherein the payment information comprises a payment code or a payment link;
And finishing face payment according to the payment information through the payment host.
4. A face payment method, applied to a payment server, the method comprising:
receiving an identification and a target public key of an intelligent camera sent by a payment host machine included in a payment terminal, wherein the identification and the target public key of the intelligent camera are sent to the payment host machine by the intelligent camera, and the intelligent camera is arranged in the payment terminal in a pluggable manner;
receiving a payment request sent by the payment host, wherein the payment request carries face image data, signature information and an identifier of the intelligent camera, the face image data and the signature information are sent to the payment host by the intelligent camera, and the signature information is obtained by signing the obtained face image data by the intelligent camera by adopting a target private key;
acquiring the target public key according to the identification of the intelligent camera, and adopting the target public key to carry out signature verification on the signature information to obtain signature verification data;
and when the label checking data are the same as the face image data, determining that the label checking is successful, acquiring payment information according to the face image data, and sending the payment information to the payment host, so that the payment host can complete face payment according to the payment information, wherein the payment information comprises a payment code or a payment link.
5. A face payment device comprising means for performing the face payment method of claim 3 or 4.
6. A face payment device comprising a processor and a memory, wherein the memory stores at least one instruction, at least one program, code set, or instruction set, the at least one instruction, the at least one program, code set, or instruction set being loaded and executed by the processor to implement the face payment method of claim 3 or 4.
7. A computer readable storage medium having stored therein at least one instruction, at least one program, code set, or instruction set, the at least one instruction, the at least one program, the code set, or instruction set being loaded and executed by a processor to implement the face payment method of claim 3 or 4.
Priority Applications (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN201911294321.6A CN111062725B (en) | 2019-12-16 | 2019-12-16 | Face payment method, device and system and computer readable storage medium |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN201911294321.6A CN111062725B (en) | 2019-12-16 | 2019-12-16 | Face payment method, device and system and computer readable storage medium |
Publications (2)
| Publication Number | Publication Date |
|---|---|
| CN111062725A CN111062725A (en) | 2020-04-24 |
| CN111062725B true CN111062725B (en) | 2023-07-07 |
Family
ID=70300773
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN201911294321.6A Active CN111062725B (en) | 2019-12-16 | 2019-12-16 | Face payment method, device and system and computer readable storage medium |
Country Status (1)
| Country | Link |
|---|---|
| CN (1) | CN111062725B (en) |
Families Citing this family (3)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN111882324A (en) * | 2020-07-24 | 2020-11-03 | 南京华捷艾米软件科技有限公司 | Face authentication method and system |
| CN112749971B (en) * | 2020-08-21 | 2024-07-19 | 腾讯科技(深圳)有限公司 | Payment verification method and device, detachable camera component and storage medium |
| CN112101133A (en) * | 2020-08-24 | 2020-12-18 | 江西台德智慧科技有限公司 | Multi-view-angle-based multi-face scene face-brushing payment risk prevention and control system |
Citations (3)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN108599946A (en) * | 2018-06-22 | 2018-09-28 | 深圳合纵富科技有限公司 | A kind of safe encryption method and camera system based on camera system |
| CN108809653A (en) * | 2018-06-19 | 2018-11-13 | 北京多采多宜网络科技有限公司 | A kind of cryptographic check processing method |
| CN108881960A (en) * | 2018-08-08 | 2018-11-23 | 江苏信源久安信息科技有限公司 | The method of intelligent video camera head security control and data confidentiality based on id password |
Family Cites Families (5)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| US8281136B2 (en) * | 2005-10-21 | 2012-10-02 | Novell, Inc. | Techniques for key distribution for use in encrypted communications |
| US9727715B2 (en) * | 2014-09-07 | 2017-08-08 | Michael Boodaei | Authentication method and system using password as the authentication key |
| CN105306490B (en) * | 2015-11-23 | 2018-04-24 | 小米科技有限责任公司 | Payment verifying system, method and device |
| CN105704123B (en) * | 2016-01-08 | 2017-09-15 | 腾讯科技(深圳)有限公司 | A kind of methods, devices and systems for carrying out business processing |
| CN108564353B (en) * | 2018-04-27 | 2022-01-25 | 数字钱包(北京)科技有限公司 | Payment system and method based on block chain |
-
2019
- 2019-12-16 CN CN201911294321.6A patent/CN111062725B/en active Active
Patent Citations (3)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN108809653A (en) * | 2018-06-19 | 2018-11-13 | 北京多采多宜网络科技有限公司 | A kind of cryptographic check processing method |
| CN108599946A (en) * | 2018-06-22 | 2018-09-28 | 深圳合纵富科技有限公司 | A kind of safe encryption method and camera system based on camera system |
| CN108881960A (en) * | 2018-08-08 | 2018-11-23 | 江苏信源久安信息科技有限公司 | The method of intelligent video camera head security control and data confidentiality based on id password |
Non-Patent Citations (2)
| Title |
|---|
| An invisible dual watermarking scheme for authentication and copyrights protection;Fida Ullah Khattak 等;《2009 International Conference on Emerging Technologies》;247-251 * |
| 基于生物特征识别的多因子身份认证即服务研究与应用;徐静;《中国优秀硕士学位论文全文数据库》(第5期);I138-140 * |
Also Published As
| Publication number | Publication date |
|---|---|
| CN111062725A (en) | 2020-04-24 |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| CN109948586B (en) | Face verification method, device, equipment and storage medium | |
| CN108769992B (en) | User authentication method, device, terminal and storage medium | |
| CN111062725B (en) | Face payment method, device and system and computer readable storage medium | |
| CN111241499B (en) | Application program login method, device, terminal and storage medium | |
| CN110784370B (en) | Method and device for testing equipment, electronic equipment and medium | |
| CN113435621A (en) | Reservation and data updating method, device, equipment and storage medium for epidemic prevention project | |
| CN111128115B (en) | Information verification method and device, electronic equipment and storage medium | |
| CN110290191B (en) | Resource transfer result processing method, device, server, terminal and storage medium | |
| CN110677262B (en) | Information notarization method, device and system based on blockchain | |
| CN111523878A (en) | Service processing method, device, system and storage medium | |
| CN111145034A (en) | Block chain-based social security management method, device and system and storage medium | |
| CN115329309A (en) | Verification method, verification device, electronic equipment and storage medium | |
| CN111881423B (en) | Method, device and system for authorizing restricted function use | |
| CN111198922A (en) | Game resource management method and device based on block chain | |
| CN112528311B (en) | Data management method, device and terminal | |
| CN111131619B (en) | Account switching processing method, device and system | |
| CN110764808B (en) | Client upgrade detection method, device and computer readable storage medium | |
| CN112764824B (en) | Method, device, equipment and storage medium for triggering identity verification in application program | |
| CN114595019A (en) | Theme setting method, device and equipment of application program and storage medium | |
| CN108683684B (en) | Method, device and system for logging in target instant messaging application | |
| CN112132472A (en) | Resource management method and device, electronic equipment and computer readable storage medium | |
| CN111158791A (en) | Configuration file updating method, device and system and storage medium | |
| CN112700249B (en) | Order information management method, device and system and storage medium | |
| CN114861162B (en) | Operation verification method, device, computer equipment and medium | |
| CN112995159B (en) | Information processing method, device, terminal and computer readable storage medium |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| PB01 | Publication | ||
| PB01 | Publication | ||
| SE01 | Entry into force of request for substantive examination | ||
| SE01 | Entry into force of request for substantive examination | ||
| REG | Reference to a national code |
Ref country code: HK Ref legal event code: DE Ref document number: 40022560 Country of ref document: HK |
|
| GR01 | Patent grant | ||
| GR01 | Patent grant |