CN104299133B - Online mobile-payment system and authentic authentication method based on body-sensing net - Google Patents

Abstract

The online mobile payment system based on the somatosensory network of the present invention includes a medical center, an e-commerce authentication center, an intelligent terminal, a convergence node, a wearable node and an implant node, and the e-commerce authentication center authenticates the user's online mobile payment. In the credible authentication method of the present invention, the registration stage includes: a). Medical center registration; b). E-commerce certification center registration; c). Key information generation; d). Encoding and equal division; e). The authentication phase generally includes: 1). Initiate a transaction; 2). Confirm a transaction; 3). Measure physiological signals; 4). Generate a set; 5). Generate and send a message; 6). User authentication; 7). Polynomial; 8). Construction And judge; 9). Legitimacy verification. The online mobile payment system and method of the present invention can negotiate a unique key through the same physiological signal of the user, effectively realize the authentication of online mobile payment, and ensure the security of payment.

Description

Online mobile payment system and trusted authentication method based on somatosensory network

technical field

The present invention relates to an online mobile payment system based on a somatosensory network and a trusted authentication method, and more specifically, to an online mobile payment system based on a somatosensory network and a trusted authentication method that negotiates keys using physiological parameters of users. method.

Background technique

With the popularity of smart mobile devices such as smartphones and tablet computers, mobile online payment has been widely used in the field of e-commerce due to its fast and convenient features, and has gradually occupied the mainstream position of e-commerce transactions. However, due to the inherent characteristics of smart mobile devices, there are huge security risks in this online payment method: (1) Most of the current commercial smart mobile devices do not have built-in trusted units (such as storage Digital certificate security device), which has caused many apps installed in smart mobile devices to be untrustworthy, and maliciously steal user information. Malicious APPs can even monitor the user's input behavior, thereby obtaining the user's account number and password, which poses a great threat to the user's financial security. (2) Smart mobile devices have the characteristics of portability, which makes it difficult for users to accept the method of strengthening the security of smart mobile devices through external security devices (such as external password input devices). (3) Some legitimate online payment apps have insufficient security precautions, resulting in huge security risks for users' online payment. For example, many online payment apps do not use password protocols, but SMS verification codes to ensure payment security. However, Trojan horse APPs can monitor the bank’s payment verification codes and send them to the mobile phone number designated by the opponent, thereby allowing the opponent to bypass The authentication system of the payment center completes the fraudulent swiping of the user's credit card. .

Contents of the invention

In order to overcome the shortcomings of the above-mentioned technical problems, the present invention provides an online mobile payment system and a trusted authentication method based on a somatosensory network.

The online mobile payment system based on the somatosensory network of the present invention includes a medical center, an e-commerce authentication center, an intelligent terminal, and a converging node, a wearable node, and an implanted node arranged on the user's body. The wearable node and the implanted node are respectively arranged on the user's body. The body surface and body of the body are used to collect physiological signals of the user; the converging node, the wearable node and the implanted node form a body area network; it is characterized in that: at least two of the wearable node and the implanted node collect the same physiological signal; the converging node The node communicates with the medical center through the wireless network and realizes registration, collects the user's physiological signal through the wearable node and the implanted node, and communicates with the smart terminal through the Bluetooth module; the smart terminal communicates with the e-commerce authentication center through the wireless network to realize online Mobile payment; the e-commerce authentication center authenticates the user's online mobile payment according to "the two sets of data collected by the same physiological signal of the user at the same time by two sensor nodes have great similarity".

In the online mobile payment system based on the somatosensory network of the present invention, the convergence node is provided with an IEEE802.15.6 module for communicating with the wearable node and the implanted node, a SIM card communication module for communicating with the medical center, and a Bluetooth for communicating with the smart terminal Module; the wireless network through which the aggregation node communicates with the medical center and the wireless network through which the intelligent terminal communicates with the e-commerce certification center are 4G, 3G or GPRS wireless communication networks.

In the online mobile payment system based on the somatosensory network of the present invention, the convergence node is provided with a display screen, a confirmation key and a cancel key.

The trusted authentication method of the online mobile payment system based on the somatosensory network of the present invention is special in that it includes a registration stage and an authentication stage;

The registration phase is achieved through the following steps:

a). Medical center registration, when the user applies for the body area network, the medical center First, a key is built into the two sensor nodes that collect the same signal for authentication in the body area network and the user's ID number , let the two sensing nodes be nodes ,node , medical center records include ID number ,username ,node logo ,node logo and key user information; b). E-commerce certification center registration, the user to the e-commerce certification center When registering, complete the registration through the following steps: b-1). Send a request to the e-commerce certification center According to the ID number provided by the user , to the medical center Send a request to extract the corresponding key information; b-2). Generate the key and send it to the medical center Received by the e-commerce certification center After the request, first generate a random number , and then calculated by the Hash function: ,in Indicates the link of the message and generates the key information and send it to the eCommerce Certification Authority ; E-Commerce Certification Center Get the ID number ,username ,node logo ,node logo and key User information; c). Verify and generate key information, medical center Will Send to the aggregation node in the body area network, the aggregation node broadcasts within the body area network; when the sensor node and sensor nodes receive After that, use the preset key verify the legality of , which if legal yields ; d). coded and equally divided, sensor nodes with first calculate the encoded in binary form, and The binary form of is equally divided into +1 paragraph, set the first binary coded Paragraph for , , The binary form of ,but ; e). Build polynomials, sensor nodes with respectively construct a order polynomial , = + +…+ ,in express in decimal form; the registration phase of the user is complete;

The authentication phase is accomplished through the following steps:

1). To establish a connection and initiate a transaction, the user uses the When purchasing a product, select the product and click the "Pay" button, Turn on the Bluetooth module to find the convergence node of the body area network. After the two parties establish a connection, Will the transaction amount Send to the sink node; 2). Transaction confirmation, the sink node first displays the amount received in the transaction on its display screen, when the user thinks that the amount is wrong, press the cancel button, and the sink node sends Return the information of canceling the transaction; when the user believes that the transaction amount is correct, press the confirmation button, and the sink node sends a request to the sensor node in the body area network with Instructions for submitting authentication data; 3). Measuring physiological signals, sensor nodes with After receiving the instruction, measure the same physiological signal of the user respectively, and set the node with Average collection group of physiological signals, which are: , ,…, with , ,…, ; 4). According to physiological signals and polynomials to generate sets, sensor nodes According to the polynomial Calculate collection = ,in , 1≤ ≤ ;node Simultaneously generated randomly point set = ,in , , 1≤ ≤ , is the coefficient; then the node Will with After random mixing, the resulting set = ; sensor node Create a collection in the same way ; 5). Generate and send messages, sensor nodes generate message = ,in means to use right for symmetric encryption, Indicates the sensor node The fresh number of; similarly, the sensor node generate message = ,in means to use right for symmetric encryption, Indicates the sensor node The number of freshness; sensor node with Through the sink node respectively , sent to the smart terminal , Then through the smart terminal, the with Send to e-commerce certification center ; 6). User authentication, e-commerce authentication center received with After that, first use the Retrieve from the info table to see if there is record, and whether the record contains with Two values, if not, then return an error to the smart terminal, if so, then perform step 7); 7). Extract the set and reconstruct the polynomial, e-commerce certification center first use corresponding key ,from , China decrypted with , then from with Extract collection from , when set The number of point sets contained in reaches e-Commerce Certification Center Using Sets According to Lagrangian Interpolation Refactor polynomial ;Assume = + +…+ ,in means binary The decimal form; 8). Construction And to judge, the polynomial The binary coefficient of , ,..., Arranged in order to form in binary form, and then convert it to decimal ;judgment reconstructed stored with Whether it is the same, if it is the same, then execute step 9); if not, it indicates the received message , Incorrect or not from registered users; 9). Legitimacy verification, e-commerce certification center use verify with check code in with Is it legal? If both are legal, the authentication is successful. The e-commerce certification center can be downloaded from the user's account Quantity amount is transferred to the merchant; if unsuccessful, the transaction fails.

The credible authentication method of the online mobile payment system based on the somatosensory network of the present invention, in step d) Divided into In the process of +1 paragraph, if it cannot be divided into equal parts, then in The tail of the binary code is padded with 1 until can be divided into +1 paragraph; the sensor nodes collected in step 9) with Physiological signal , The number of digits is 13 bits, 1≤ ≤ ; constructed in step 7) The collection belongs to the physiological signals of human body characteristics and can be used as evidence of transactions.

The trusted authentication method of the online mobile payment system based on the somatosensory network of the present invention, the sensor node with The collected physiological signals of the user are body temperature, blood pressure, blood sugar, vascular volume change signal PPG or electrocardiogram signal ECG.

The beneficial effect of the present invention is: the online mobile payment system and method of the present invention, by setting the convergence node on the human body to communicate with the intelligent terminal, and setting the wearable node and the implanted node on the human body for physiological signal collection, the convergence node and The wearable node and the implanted node form a somatosensory network. By collecting the same physiological signal of the human body through the wearable node and the implanted node, a unique key can be negotiated, which effectively realizes the authentication of online mobile payment and ensures the authenticity of payment. safety.

The advantages of the online mobile payment system and method of the present invention are embodied in:

(1) Users do not need to memorize any passwords, which saves users the trouble of maintaining passwords;

(2) No need for any external password input device, which is convenient for users to use;

(3) The authentication information space is large, and it is difficult for the adversary to implement exhaustive guessing attacks;

(4) The randomness of the authentication information is good, and the authentication information is different each time. Even if a malicious APP that eavesdrops on the mobile phone information is installed on the smart mobile terminal device, the security of the authentication will not be affected.

Description of drawings

Fig. 1 is the schematic diagram of the online mobile payment system based on somatosensory network of the present invention;

Fig. 2 is the structural representation of the display screen and button of converging node among the present invention;

Fig. 3 is a flow chart of the registration stage in the trusted authentication method of the online mobile payment system of the present invention;

Fig. 4 is a flow chart of the authentication stage in the trusted authentication method of the online mobile payment system of the present invention.

In the figure: 1 intelligent terminal, 2 aggregation node, 3 wearable node, 4 implant node, 5 medical center, 6 e-commerce authentication center.

detailed description

The present invention will be further described below in conjunction with the accompanying drawings and embodiments.

As shown in Fig. 1, the principle diagram of the online mobile payment system based on somatosensory network of the present invention is provided, which includes a medical center 5, an e-commerce certification center 6, an intelligent terminal 1, a convergence node 2, a wearable node 3 and an implanted Node 4, the aggregation node 2 shown has computing, storage and communication functions, which includes IEEE802.15.6 module, SIM card communication module and Bluetooth module. The wearable node and the implanted node 4 shown are respectively arranged on the user's body surface and in the body to realize the collection of the user's physiological signals. The aggregation node 2, the wearable node 3 and the implanted node 4 form a body area network through an ad hoc network. The aggregation node 2 is provided with a display screen, a confirmation key and a cancel key, the display screen is used to display the transaction amount, and the confirmation key and the cancel key are used for confirmation and cancellation of the transaction.

The aggregation node 2 communicates with the wearable node 3 and the implanted node 4 through the IEEE802.15.6 module to realize physiological signal collection and command broadcasting. The convergence node 2 communicates with the medical center 5 through the SIM card communication module via 4G, 3G or GPRS wireless network, and registers on the medical center 5 . The aggregation node 2 communicates with the smart terminal 1 through the Bluetooth module to realize data transmission between the aggregation node 2 and the APP on the smart terminal 1 . The smart terminal 1 communicates with the e-commerce authentication center 6 through 4G, 3G or GPRS wireless network to realize transaction data transmission and authentication. In the process of mobile payment authentication, the wearable node 3 and the implanted node 4 collect the same physiological signal of the user at the same time, and use the great similarity of the same physiological signal of the user to negotiate a transaction confirmation key, which not only ensures the confidentiality of the transaction , it is difficult for the adversary to attack the transaction, and the user's physiological parameters can also be saved as transaction credentials.

The trusted authentication method of the online mobile payment system based on the somatosensory network of the present invention includes a registration stage and an authentication stage;

The registration phase is achieved through the following steps:

a). Medical center registration, when the user applies for the body area network, the medical center First, a key is built into the two sensor nodes that collect the same signal for authentication in the body area network and the user's ID number , let the two sensing nodes be nodes ,node , medical center records include ID number ,username ,node logo ,node logo and key User information including;

sensor node with The collected physiological signals of the user may be body temperature, blood pressure, blood sugar, PPG or ECG.

The user information recorded by the medical center is:

b). Register with the e-commerce authentication center, and the user goes to the e-commerce authentication center When registering, complete the registration with the following steps:

b-1). Send request, e-commerce authentication center According to the ID number provided by the user , to the medical center Send a request to extract the corresponding key information;

b-2). Generate the key and send it to the medical center Received by the e-commerce certification center After the request, first generate a random number , and then calculated by the Hash function: ,in Indicates the link of the message and generates the key information and send it to the eCommerce Certification Authority ; E-Commerce Certification Center Get the ID number ,username ,node logo ,node logo and key User information including;

The user information recorded by the e-commerce authentication center is:

c). Verify and generate key information, medical center Will Send to the aggregation node in the body area network, the aggregation node broadcasts within the body area network; when the sensor node and sensor nodes receive After that, use the preset key verify the legality of , which if legal yields ;

d). coded and equally divided, sensor nodes with first calculate the encoded in binary form, and The binary form of is equally divided into +1 paragraph, set the first binary coded Paragraph for , , The binary form of ,but ;

In this step, Divided into In the process of +1 paragraph, if it cannot be divided into equal parts, then in The tail of the binary code is padded with 1 until can be divided into +1 segment;

e).Building polynomials, sensor nodes with respectively construct a order polynomial , = + +…+ ,in express in decimal form; the registration phase of the user is complete;

The authentication phase is accomplished through the following steps:

1). To establish a connection and initiate a transaction, the user uses the When purchasing a product, select the product and click the "Pay" button, Turn on the Bluetooth module to find the convergence node of the body area network. After the two parties establish a connection, Will the transaction amount sent to the sink node;

2). To confirm the transaction, the sink node first displays the amount received in the transaction on its display screen. When the user thinks that the amount is wrong, he presses the cancel button, and the sink node sends Return the information of canceling the transaction; when the user believes that the transaction amount is correct, press the confirmation button, and the sink node sends a request to the sensor node in the body area network with Instructions for submitting authentication data;

3). Measuring physiological signals, sensor nodes with After receiving the instruction, measure the same physiological signal of the user respectively, and set the node with Average collection group of physiological signals, which are: , ,…, with , ,…, ;

In this step, the collected sensor nodes with Physiological signal , The number of digits is 13 bits, 1≤ ≤ ;

4). According to physiological signals and polynomials to generate sets, sensor nodes According to the polynomial Calculate collection = ,in , 1≤ ≤ ;node Simultaneously generated randomly point set = ,in , , 1≤ ≤ , is the coefficient; then the node Will with After random mixing, the resulting set = ; sensor node Create a collection in the same way ;

for collections For the elements in , it is order polynomial on a series of points whose abscissas are sensing nodes The collected physiological signal value ; point set None of the points in order polynomial up for nearby points, the , Mix to produce collection It is transmitted as a message, mixing valid data with invalid data, expanding the number of point sets, which can effectively prevent opponent interference;

5). Generate and send messages, sensor nodes generate message = ,in means to use right for symmetric encryption, Indicates the sensor node The fresh number of; similarly, the sensor node generate message = ,in means to use right for symmetric encryption, Indicates the sensor node The number of freshness; sensor node with Through the sink node respectively , sent to the smart terminal , Then through the smart terminal, the with Send to e-commerce certification center ;

6). User authentication, e-commerce authentication center received with After that, first use the Retrieve from the info table to see if there is record, and whether the record contains with Two values, if not, then return an error to the smart terminal, if so, go to step 7);

7). Extract the set and reconstruct the polynomial, E-Certification Center first use corresponding key ,from , China decrypted with , then from with Extract collection from , when set The number of point sets contained in reaches e-Commerce Certification Center Using Sets According to Lagrangian Interpolation Refactor polynomial ;Assume = + +…+ ,in means binary in decimal form;

in collection During the build process of The points in satisfy to belong to the point set , and the abscissa is equal to the sensor node The collected physiological signal value, due to with sensor node , The same physiological signal collected for use has great similarity, and it is easy to obtain a set that meets the requirements .

In this step, the constructed The collection belongs to the physiological signals of human body characteristics and can be used as evidence of transactions.

8). Structure And to judge, the polynomial The binary coefficient of , ,..., Arranged in order to form in binary form, and then convert it to decimal ;judgment reconstructed stored with Whether it is the same, if it is the same, then execute step 9); if not, it indicates the received message , is incorrect or not from a registered user;

9). Legitimacy verification, e-commerce certification center use verify with check code in with Is it legal? If both are legal, the authentication is successful. The e-commerce certification center can be downloaded from the user's account The amount of the amount transferred to the merchant; if unsuccessful, the transaction fails.

The security analysis of the online mobile payment system based on the somatosensory network and the trusted authentication method of the present invention is as follows:

1. due to Placed on physiological sensor nodes (worn nodes and implanted nodes) implanted in the body, so it is difficult for an adversary to obtain . Additionally, due to = ,therefore As an e-commerce authentication center, it is also impossible to obtain the master key of the physiological sensor node ,therefore It can also be used by physiological sensor nodes for secure communication inside the body area network.

2. with middle with Both were Encrypted, so an adversary cannot construct a set to reconstruct the polynomial . At the same time, due to with The information in is generated by highly random physiological signals and random point sets. When N = 10, with Both reach 130 bits, making it difficult for the adversary to implement an exhaustive attack and guess the correct PPG signal. In addition, in order to further strengthen the security, allowing with negotiated to periodically replace the .

3. Since the authentication information transmitted through the mobile APP each time contains fresh data with , therefore, even if the adversary obtains the with , and replay attacks cannot be implemented.

4. Although the communication between the mobile phone APP and the sink node cannot be protected, the present invention adopts the mechanism of user confirmation, and only when the user confirms that the payment amount displayed on the mobile phone APP is consistent with the payment amount displayed on the sink node, press button to authenticate the transaction.

Claims (3)

1. A credible authentication method of an online mobile payment system based on a somatosensory network. The online mobile payment system based on a somatosensory network includes a medical center (5), an e-commerce authentication center (6), an intelligent terminal (1) and a user's The convergence node (2), the wearable node (3) and the implant node (4) on the body, the wearable node and the implant node are respectively arranged on the user's body surface and in the body, and are used to collect the user's physiological signals; the convergence node, the wearable node The node and the implanted node form a somatosensory network; at least two of the wearable node and the implanted node collect the same physiological signal; The physiological signal communicates with the smart terminal through the Bluetooth module; the smart terminal communicates with the e-commerce certification center through the wireless network to realize online mobile payment; The two sets of data have great similarity" to authenticate the user's online mobile payment; The convergence node (2) is provided with an IEEE802.15.6 module for communicating with the wearable node (3) and the implanted node (4), a SIM card communication module for communicating with the medical center (5), and an intelligent terminal (1) A bluetooth module for communication; the wireless network for communication between the convergence node and the medical center and the wireless network for communication between the smart terminal and the e-commerce authentication center are 4G, 3G or GPRS wireless communication networks; The convergence node (2) is provided with a display screen, a confirmation key and a cancel key; It is characterized in that: the credible authentication method includes a registration stage and an authentication stage; The registration phase is achieved through the following steps: a). Medical center registration, when the user applies for the somatosensory network, the medical center M _C first builds a key K _m and the user's ID number IDN into the two sensor nodes used for authentication in the somatosensory network to collect the same signal, and set The two sensing nodes are node A and node B respectively, and the medical center records user information including ID number IDN, user name Name, node A identification ID _A , node B identification ID _B and key K _m ; b). Registering with the e-commerce certification center, when the user registers with the e-commerce certification center F _C , the registration is completed through the following steps: b-1). To send a request, the e-commerce authentication center F _C sends a request to extract the corresponding key information to the medical center M _C according to the ID number IDN provided by the user; b-2). Generate and send the key. After the medical center M _C receives the request from the e-commerce authentication center F _C , it first generates a random number R _m , and then calculates it through the Hash function: K _f =Hash(K _m || IDN||R _m ), where || represents the link of the message, generates the key information K _f and sends it to the e-commerce authentication center F _C ; the e-commerce authentication center F _C obtains information including ID number IDN, user name Name, User information including ID _A of node A, ID _{B of node B} and key _Kf ; c). Verify and generate key information, the medical center M _C sends R _m ||Hash(K _m ||R _m ) to the sink node in the somatosensory network, and the sink node broadcasts within the somatosensory network; when the sensor node A After receiving R _m ||Hash(K _m ||R _m ), the sensor node B uses the preset key K _m to verify the validity of Hash(K _m ||R _m ), and if it is legal, it generates K _f = Hash(K _m ||IDN||R _m ); d). K _f is encoded and equally divided. Sensor nodes A and B first encode the K _f calculated by themselves into binary form, and divide the binary form of K _f into v+1 segments equally. Let the i-th segment of the binary code be c _i , 0≤i≤v, the binary form of K _f is (K _f ) ₂ , then (K _f ) ₂ ＝c _v ||c _v-1 ||...||c ₀ ; e). Construct a polynomial, sensor nodes A and B respectively construct a v-order polynomial p(x), p(x)=(c _v ) ₁₀ x ^v +(c _v-1 ) ₁₀ x ^v-1 +... +(c ₀ ) ₁₀ , where (c _i ) ₁₀ represents the decimal form of c _i ; the registration phase of the user is completed; The authentication phase is accomplished through the following steps: 1). Establish a connection and initiate a transaction. When the user uses the APP on the smart terminal to purchase goods, select the goods and click the "Payment" button, the APP opens the Bluetooth module to find the convergence node of the somatosensory network. After the two parties establish a connection, the APP will trade The amount M is sent to the sink node; 2). To confirm the transaction, the aggregation node first displays the amount received in the transaction on its display screen. When the user thinks that the amount is incorrect, he presses the cancel button. At this time, the aggregation node sends back the information of canceling the transaction to the APP; After the transaction amount is correct, press the confirmation button, and the sink node will issue an instruction to request sensor nodes A and B in the somatosensory network to submit authentication data; 3). Measuring physiological signals. After receiving the instruction, sensor nodes A and B measure the same physiological signal of the user respectively. It is assumed that both nodes A and B collect N sets of physiological signals, which are respectively: with 4). The set is generated according to the physiological signal and the polynomial, and the sensor node A calculates the set according to the polynomial p(x) in 1≤i≤N; node A randomly generates U point sets at the same time in 1≤j≤U, c' is the coefficient; then node A randomly mixes P _A and C _A to generate set R _A =mix(P _A ,C _A ); sensor node B generates set R _B in the same way ; 5). Generate and send a message, sensor node A generates a message V _A =ID _A ,IDN,NA , _M ,E(K _f , _RA ),MAC( _{K f} ,ID _A ||IDN||NA ||M||R _A ), where E(K _f , R _A ) means using K _f to symmetric encrypt R _A , and N _A means the fresh number of sensor node A; similarly, sensor node B generates message V _B ＝ID _B ,IDN,N _B ,M,E(K _f ,R _B ),MAC(K _f ,ID _B ||IDN||N _B ||M||R _B ), where E(K _f ,R _B ) indicates that _RB is symmetrically encrypted using K _f , and NB indicates the fresh number of sensor node _B ; sensor nodes A and _{B send VA and V B to} the APP of the smart terminal through the sink node, and the APP then passes The smart terminal sends V _A and V _B to the e-commerce authentication center F _C ; 6). User identity verification. After receiving V _A and V _B , the e-commerce authentication center F _C first uses IDN to retrieve from the information table to check whether there is an IDN record, and whether there are ID _A and ID _B in the record. value, if not, then return an error to the smart terminal, if so, go to step 7); 7). Extract the set and reconstruct the _polynomial . The e-commerce certification center _{F C} first uses the key _{K f} corresponding to the IDN to decrypt _{R A} and R _B , and then extract the set Q={(b,c)|(b,c) _∈RA ,b∈F _B } from R _A and R _B , when the number of point sets contained in the set Q reaches v+ At 1 o'clock, the e-commerce certification center F _C uses the set Q to reconstruct the polynomial p'(x) according to the Lagrangian interpolation method; let p'(x)=(c' _v ) ₁₀ x ^v +(c' _v-1 ) ₁₀ x ^v-1 +...+(c′ ₀ ) ₁₀ , where (c′ _i ) ₁₀ represents the decimal form of binary c′ _i ; 8). Construct K′ _f and judge, arrange the binary coefficients c′ _v , c′ _v-1 , ..., c′ ₀ of the polynomial p′(x) in order to form the binary form of K′ _f , and then Convert it to decimal _K'f ; judge whether the reconstructed _K'f is the same as the stored _Kf , if so, then perform step 9); if not, it indicates that the received messages V _A and V _B are different correct or not from a registered user; 9). Legitimacy verification, the e-commerce authentication center F _C uses K _f to verify the check code MAC in V _A and V _B (K _f , ID _A ||IDN||N _A ||M||R _A ) and MAC(K _f , ID _B ||IDN||N _B ||M||R _B ) are legal, if both are legal, then the authentication is successful, and the e-commerce authentication center F _C can transfer M amount of The amount is transferred to the merchant; if unsuccessful, the transaction fails. 2. the credible authentication method of the online mobile payment system based on somatosensory network according to claim 1, is characterized in that: in the process of step _d ) Kf is equally divided into v+1 section, if cannot be equally divided, then Fill 1 at the end of the K _f binary code until K _f can be divided into v+1 segments equally; the physiological signals of sensing nodes A and B collected in step 3) The number of digits is 13 bits, 1≤i≤N; the Q set constructed in step 7) belongs to the characteristic physiological signal of the human body and can be used as evidence of the transaction. 3. The credible authentication method of the online mobile payment system based on somatosensory network according to claim 1 or 2, characterized in that: the user physiological signals collected by sensor nodes A and B are body temperature, blood pressure, blood sugar, blood vessel volume Change signal PPG or electrocardiogram signal ECG.