CN101145905A - An authentication method, device and system for online payment of phone bank - Google Patents
An authentication method, device and system for online payment of phone bank Download PDFInfo
- Publication number
- CN101145905A CN101145905A CNA2007101763289A CN200710176328A CN101145905A CN 101145905 A CN101145905 A CN 101145905A CN A2007101763289 A CNA2007101763289 A CN A2007101763289A CN 200710176328 A CN200710176328 A CN 200710176328A CN 101145905 A CN101145905 A CN 101145905A
- Authority
- CN
- China
- Prior art keywords
- telephone
- customer
- data
- dynamic password
- coordinate
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Pending
Links
- 238000000034 method Methods 0.000 title claims abstract description 24
- 239000011159 matrix material Substances 0.000 claims abstract description 66
- 238000012545 processing Methods 0.000 claims description 57
- 238000004891 communication Methods 0.000 claims description 17
- 238000007639 printing Methods 0.000 claims description 8
- 238000012790 confirmation Methods 0.000 claims description 6
- 230000003247 decreasing effect Effects 0.000 claims 2
- 230000003068 static effect Effects 0.000 abstract description 3
- 238000003860 storage Methods 0.000 description 15
- 230000004044 response Effects 0.000 description 11
- 238000013500 data storage Methods 0.000 description 10
- 230000002452 interceptive effect Effects 0.000 description 9
- 238000012546 transfer Methods 0.000 description 6
- 238000010586 diagram Methods 0.000 description 5
- 238000005516 engineering process Methods 0.000 description 4
- 238000010295 mobile communication Methods 0.000 description 4
- 230000008901 benefit Effects 0.000 description 2
- 238000011161 development Methods 0.000 description 2
- 230000010365 information processing Effects 0.000 description 2
- 241000209202 Bromus secalinus Species 0.000 description 1
- RWSOTUBLDIXVET-UHFFFAOYSA-N Dihydrogen sulfide Chemical compound S RWSOTUBLDIXVET-UHFFFAOYSA-N 0.000 description 1
- 238000013459 approach Methods 0.000 description 1
- 230000005540 biological transmission Effects 0.000 description 1
- 239000013065 commercial product Substances 0.000 description 1
- 238000004590 computer program Methods 0.000 description 1
- 238000009826 distribution Methods 0.000 description 1
- 230000000694 effects Effects 0.000 description 1
- 238000007726 management method Methods 0.000 description 1
- 238000004519 manufacturing process Methods 0.000 description 1
- 239000000463 material Substances 0.000 description 1
- 230000007246 mechanism Effects 0.000 description 1
- 238000004806 packaging method and process Methods 0.000 description 1
- 230000008569 process Effects 0.000 description 1
- 239000000047 product Substances 0.000 description 1
Images
Landscapes
- Financial Or Insurance-Related Operations Such As Payment And Settlement (AREA)
- Telephonic Communication Services (AREA)
Abstract
The invention provides an authentication method, a device and a system for realizing telephone banking on-line payment. The method includes: generate randomly a group of dynamic codes; generate and store the two-dimensional coordinate matrix table of the dynamic codes; print the two-dimensional coordinate matrix table on a coordinate card for client identity authentication. When the telephone banking on-line payment is performed, a telephone banking system selects randomly a group of coordinate data from the stored two-dimensional coordinate matrix table and prompts the coordinate data by voice; the dynamic code corresponding to the coordinate data is read out from the coordinate card for client identity authentication, and the dynamic code is transmitted to the telephone banking system; the bank system compares the dynamic code corresponding to the selected coordinate data with the dynamic code transmitted from the telephone terminal, and if the two dynamic codes match, identity authentication passes. The invention is used to overcome the hidden danger in the prior art when static codes are used in teleshopping.
Description
Technical Field
The invention relates to an identity authentication technology, in particular to a card-based identity authentication technology in a telephone bank online payment system, and specifically relates to an authentication method, device and system for realizing telephone bank online payment.
Background
With the rapid development of electronic commerce, more and more people shop using the internet and telephone. The technology in internet shopping is mature at present, and particularly, the online payment of a commercial institution to a consumer (B2C) is widely applied as a direct and fast payment mode.
However, the current development in telephone shopping is slow, mainly because the technology of telephone online payment is not broken through. At present, the ordering process of goods is mainly completed by telephone shopping, and the payment after ordering the goods is basically realized by other modes, such as ATM transfer, remittance to a bank and the like, so that a customer needs to go to the bank to transfer the money or remittance after ordering the goods, which is very troublesome.
In the prior art, the reason why payment is not made using telephone banking is: the security of telephone banking is very low, when the telephone banking system authenticates a client, a bank account and a telephone banking password (which means that the telephone banking password is a channel password of the account, namely the password is not used when the client goes to a bank counter to handle business, but is only used when the client logs in the telephone banking system through a telephone) input by the client on a telephone terminal are all transmitted through a telephone line in clear text, and the bank account and the telephone banking password of the client are easy to intercept. Therefore, customers who open a telephone bank generally only open some query functions, such as balance query, bank payment generation, and the like, and rarely open the functions of external payment and external account transfer. For the condition of opening the external payment and external transfer function, in order to ensure the fund safety of a customer, the current bank generally adopts a directional transfer mode, namely, the customer tells the bank to accounts of several relatives and friends when the bank counter opens the telephone banking service, the bank can register the accounts of the relatives and friends into a telephone banking system, and the customer can only transfer the accounts of the relatives and friends to the telephone banking system when transferring the account through the telephone banking. This approach is essentially unavailable for telephone purchases because the merchant's account is generally not likely to be the customer's friend's account.
Chinese patent application 200510073434.5 discloses a dynamic password system and method based on mobile communication terminal, and the disclosure of the patent application is incorporated herein as the prior art of the present invention.
Disclosure of Invention
The invention provides an authentication method, device and system for realizing online payment of a telephone bank, which are used for overcoming potential safety hazards existing when static passwords are used for payment in telephone shopping in the prior art and avoiding fund loss caused by password leakage of a client. The technical scheme of the invention is as follows:
an identity authentication method for realizing online payment of telephone banking, comprising the following steps: randomly generating a group of dynamic passwords, wherein each dynamic password has uniqueness; corresponding each dynamic password to the two-dimensional coordinates, and generating and storing a two-dimensional coordinate matrix table of the dynamic password; binding the two-dimensional coordinate matrix table with the identity of the customer, and printing the two-dimensional coordinate matrix table on a customer identity authentication coordinate card; when the online payment of the telephone bank is carried out: the telephone bank system randomly selects a group of coordinate data from the stored two-dimensional coordinate matrix table, calls a client telephone terminal through a communication network and prompts the coordinate data by voice; reading a dynamic password corresponding to the coordinate data from the client identity authentication coordinate card according to the coordinate data prompted by the voice, and transmitting the dynamic password to the telephone bank system through the client telephone terminal; and the telephone bank system compares the dynamic password corresponding to the selected coordinate data with the dynamic password transmitted from the telephone terminal, and if the two dynamic passwords are matched, the identity authentication is passed.
An identity authentication device for implementing telephone banking online payment, the device comprising: the dynamic password generating unit is used for randomly generating a group of dynamic passwords, and each dynamic password has uniqueness; the two-dimensional coordinate matrix table generating unit is used for corresponding each dynamic password to the two-dimensional coordinate and generating and storing a dynamic password two-dimensional coordinate matrix table; the two-dimensional coordinate matrix table output unit is used for binding the two-dimensional coordinate matrix table with the identity of the customer and printing the two-dimensional coordinate matrix table on a customer identity authentication coordinate card; the coordinate data voice sending unit is used for randomly selecting a group of coordinate data from the stored two-dimensional coordinate matrix table and prompting the coordinate data through communication network voice; a dynamic password receiving unit, configured to receive a dynamic password returned via a communication network and read from the customer authentication coordinate card; and the dynamic password authentication unit is used for comparing the dynamic password corresponding to the selected coordinate data with the returned dynamic password, and if the two dynamic passwords are matched, the identity authentication is passed.
An identity authentication system for enabling telephone banking online payments, the system comprising: the system comprises a telephone bank server, a client identity authentication coordinate card and a client telephone terminal; wherein, the telephone bank server includes: the dynamic password generating unit is used for randomly generating a group of dynamic passwords, and each dynamic password has uniqueness; the two-dimensional coordinate matrix table generating unit is used for corresponding each dynamic password to the two-dimensional coordinate and generating and storing a dynamic password two-dimensional coordinate matrix table; the two-dimensional coordinate matrix table output unit is used for binding the two-dimensional coordinate matrix table with the identity of the customer and printing the two-dimensional coordinate matrix table on a customer identity authentication coordinate card; a coordinate data voice sending unit, which is used for randomly selecting a group of coordinate data from a stored two-dimensional coordinate matrix table and sending the coordinate data to the client telephone terminal through a communication network; a dynamic password receiving unit, configured to receive a dynamic password returned via a communication network and read from the customer authentication coordinate card; the dynamic password authentication unit is used for comparing the dynamic password corresponding to the selected coordinate data with the returned dynamic password, and if the two dynamic passwords are matched, the identity authentication is passed; the customer identity authentication coordinate card comprises: the dynamic password two-dimensional coordinate matrix table is printed on the surface of the customer identity authentication coordinate card; the client telephone terminal includes: the coordinate data voice receiving unit is used for receiving the coordinate data sent by the coordinate data voice sending unit; and the dynamic password input unit is used for inputting the dynamic password corresponding to the coordinate data read from the customer identity authentication coordinate card into the customer telephone terminal and returning the dynamic password to the telephone banking system through a communication network.
The invention has the advantages of overcoming the problem of low security of the payment by using the static password in the current telephone shopping, providing a safe, real-time and convenient telephone online payment system and method, and avoiding the fund loss possibly brought by the password leakage of the client.
Drawings
FIG. 1 is a schematic diagram of a security authentication system for implementing online payment by telephone banking;
FIG. 2 is a block diagram of a telephone banking server architecture of the present invention;
FIG. 3 is a block diagram of a telephone banking system architecture in accordance with an embodiment of the present invention;
FIG. 4 is a block diagram of a data processing apparatus according to an embodiment of the present invention;
FIG. 5 is a flow chart of a method for secure authentication of a telephone banking online payment of an embodiment of the present invention;
fig. 6 is a two-dimensional coordinate matrix representation of a dynamic password of a customer authentication coordinate card according to an embodiment of the present invention.
Detailed Description
The following describes embodiments of the present invention with reference to the drawings. The specific implementation mode is a safety authentication scheme for realizing telephone online payment by using a dynamic password card, wherein: 1) The dynamic password card is a randomly generated coordinate card for customer identity authentication, and the coordinate value of the dynamic password card is randomly generated by adopting a random number generation algorithm to ensure the randomness; 2) by adopting a Challenge/Response (Challenge/Response) based secure identity authentication mechanism, the Challenge password used by the client for online payment every time is ensured to be random, and the security is ensured.
The telephone bank client can claim the dynamic password card on the bank counter, and the card and the claiming client are bound through the system. After the card is received, when the customer needs to use the password each time, the telephone bank system prompts the customer to input the password of the corresponding coordinate position on the dynamic password card, and the system verifies the password input by the customer.
As shown in fig. 1, a structure of a security authentication system for realizing online payment by phone banking according to this embodiment includes a phone banking system 3, a phone shopping system 2, a phone network 4, and a phone terminal 1. Telephone banking system 3 provides the information processing system for the bank to transact business for the customer through telephone. Telephone shopping system 2 is an information processing system that merchants offer customers to order goods. The telephone terminal 1 may be a general telephone set; or a mobile communication device, such as a mobile phone; other devices capable of telephone communication via public telephone network or mobile communication network, such as facsimile machine, virtual telephone set implemented by computer program, virtual handset, etc. are also possible. The telephone network 4 is a public telephone transmission network or a mobile communication network provided by a telecom operator, such as GSM, CDMA, GPRS and 3G networks used in the future.
As shown in fig. 2, the telephone banking system 3 includes an identity authentication device for implementing telephone banking online payment, and the device includes: the dynamic password generating unit is used for randomly generating a group of dynamic passwords, and each dynamic password has uniqueness; the two-dimensional coordinate matrix table generating unit is used for corresponding each dynamic password to the two-dimensional coordinate and generating and storing a dynamic password two-dimensional coordinate matrix table; the two-dimensional coordinate matrix table output unit is used for binding the two-dimensional coordinate matrix table with the identity of the customer and printing the two-dimensional coordinate matrix table on a customer identity authentication coordinate card; the coordinate data voice sending unit is used for randomly selecting a group of coordinate data from the stored two-dimensional coordinate matrix table and prompting the coordinate data through communication network voice; a dynamic password receiving unit, configured to receive a dynamic password returned via a communication network and read from the customer authentication coordinate card; and the dynamic password authentication unit is used for comparing the dynamic password corresponding to the selected coordinate data with the returned dynamic password, and if the two dynamic passwords are matched, the identity authentication is passed. The identity authentication device for realizing the online payment of the telephone bank can be a server, namely: a telephone bank server.
As shown in fig. 3, the structure diagram of the telephone banking system includes a data storage device 11, a data processing device 12 and an interactive voice response device 13. The data storage device 11 stores data information of telephone banks, and may be a database management system or a file system. The data processing device 12 is a processing device that provides telephone banking services. The Interactive Voice Response unit 13 is responsible for processing Voice, receiving telephone input, translating text into Voice, and the like, and is a commercial product, such as an Interactive Voice Response (IVR) product of EDIFY corporation, usa. The switch 14 is a Private Branch Exchange (PBX) and is one of the main devices in a large call center, and mainly functions as: responsible for the connection with the telecommunications company, i.e. the relay access, handling the relevant telecommunications communication protocol (e.g. ISDN PRI); the call switching system is responsible for switching between internal lines, external lines and internal lines, for example, according to CTI instructions, the call of a customer is switched to a designated IVR port or a seat extension set; the ACD (automatic Call Distribution) function automatically and intelligently distributes incoming calls of customers, for example, according to the calling numbers of the customers, searching historical data in a database, and automatically distributing the incoming calls to the seat staff who serves the customers at the last time.
The data storage device structure chart comprises a built-in account unit, a telephone bank registration information storage unit and a shopping order storage unit. The built-in account unit stores account information of a customer, and at least comprises an account number, a user name, a counter password, a currency and a balance. The telephone bank registration information storage unit stores information of a customer registration telephone bank, and at least comprises an account number, a telephone number, a dynamic password card number and a dynamic password card matrix table, wherein the data of the dynamic password card matrix table is shown in figure 6 and comprises a horizontal coordinate, a vertical coordinate and values corresponding to the horizontal coordinate and the vertical coordinate. The counter password is a password used when a customer goes to a bank counter or transacts business through an ATM (automatic teller machine), and the dynamic password card is used when the customer pays through a telephone bank system. The shopping order storage unit stores customer shopping list information at least comprising a merchant number, a merchant name, an order number, a telephone number, an order amount, a payment currency and a payment state, wherein the telephone number is a calling number when a customer orders goods from the merchant or a telephone number reserved for the merchant by the customer, and the telephone number is the same as a telephone number in the telephone bank registration information storage unit and is a telephone number of a reserved bank when the customer registers for a telephone bank. The telephone number is associated with the customer's bank account in the telephone bank registration information storage unit.
As shown in fig. 4, the data processing apparatus includes a main processing unit 30, an order information receiving unit 31, an order data processing unit 32, a dynamic password challenge processing unit 33, a dynamic password authentication processing unit 34, a payment processing unit 35, and a payment result sending unit 36.
The main processing unit 30 is a master unit of the data processing apparatus 12. And calling an order receiving information unit 31 to receive order data sent by the merchant telephone shopping system. And calling the order data processing unit 32, converting the received order data information into voice broadcast data, and sending the converted order voice data to the telephone terminal 1. After receiving the input data of the telephone terminal 1, it is judged whether or not the customer makes payment. For example: customer input 1, which may represent confirmation of payment; the customer enters 0, which may indicate that payment is terminated. And calling the dynamic password challenge processing unit 33 to generate dynamic data picking information, converting the horizontal and vertical coordinates into voice data, and sending the converted order voice data to the telephone terminal 1. After receiving the input data of the telephone terminal 1, calling a dynamic password authentication processing unit to authenticate the input password of the client. If the authentication is passed, the payment processing is started, the payment processing unit 35 is called to carry out the payment processing, the interactive voice response device is called to convert the payment result data into voice data and send the voice data to the telephone terminal used by the customer, and the payment result sending unit 36 is called to send the order payment result to the merchant telephone shopping system through a safe network.
And the order information receiving unit 31 is responsible for receiving order data sent by the merchant telephone shopping system, accessing a shopping order storage unit in the data storage device 11, storing the order data in the shopping order storage unit, and setting the payment state of the order as 'unpaid'.
And the order data processing unit 32 calls the interactive voice response device 13 to convert the received order data information into voice broadcast data and sends the converted order voice data to the telephone terminal 1, so that the customer can determine whether to pay.
The dynamic password challenge processing unit 33 is responsible for generating dynamic data information, and reads the dynamic password card matrix table of the client by accessing the telephone bank registration information storage unit in the data storage device 11, randomly selects a pair of horizontal and vertical coordinates, and reads the corresponding data, namely the dynamic password, from the dynamic password card matrix table. Then, the interactive voice response device 13 is called to convert the horizontal and vertical coordinates into voice data, and the converted order voice data is sent to the telephone terminal 1.
The dynamic password authentication processing unit 34 receives password data input by the telephone terminal 1, compares the password input by the client with the password corresponding to the abscissa and ordinate in the dynamic password card matrix table, passes the authentication if the password is matched with the abscissa, or fails the authentication, and finally feeds back the authentication result to the main processing unit 30.
The payment processing unit 35 is responsible for payment processing of the financial affairs, and according to the amount of the order, accesses the account unit built in the data storage device 11, reduces the account balance of the customer by the amount of the order, increases the account balance of the merchant by the amount of the order, accesses the shopping order storage unit at the same time, changes the payment state of the order into 'paid', and finally feeds back the payment result to the main processing unit 30.
And a payment result sending unit 36, which is responsible for sending the order payment result to the merchant telephone shopping system through a secure network, wherein the sent data at least comprises a merchant number, an order amount and a payment result. The secure network between the bank and the merchant may be a private network, or a VPN (virtual private network) installed on a public network (such as the internet), and the network connection needs high security.
As shown in fig. 5, a flowchart of a security authentication method for implementing online payment by phone banking according to this embodiment includes the following steps:
step 100: the customer purchases goods at the merchant's telephone shopping system and reserves his or her telephone number for the merchant.
Step 101: the telephone shopping system receives the customer data input, accepts the customer ordering goods and acquires the customer telephone number. There are two methods for obtaining a telephone number: one method is that the telephone shopping system directly uses the calling telephone number of the customer as the reserved telephone number, and the other method is that the customer inputs the telephone number through the telephone terminal, and the telephone number is also the telephone number registered when the customer registers the telephone bank, and the telephone number is bound with the bank account of the customer when the telephone bank is registered.
Step 102: the telephone shopping system of the merchant sends order data containing the telephone number of the customer to the bank through a secure network, and the order data at least comprises the merchant number, the merchant name, the order number, the telephone number, the order amount and the payment currency. The secure network between the bank and the merchant may be a private network, or a VPN (virtual private network) installed on a public network (such as the internet), and the network connection needs high security. After the order data is sent to the bank, the telephone of the customer is transferred to the telephone bank system of the bank.
Step 103: the order information receiving unit 31 in the data processing device 12 of the telephone banking system receives order data sent from the merchant telephone shopping system, accesses the shopping order storage unit in the data storage device 11, stores the order data in the shopping order storage unit, and sets "payment status" of the order to "unpaid".
Step 104: the main processing unit 30 calls the order data processing unit 32 to perform order processing, and the order data processing unit 32 calls the interactive voice response device 13 to convert the received order data information into voice broadcast data and send the converted order voice data to the telephone terminal 1.
Step 105: and the telephone terminal 1 receives the order voice data and broadcasts the order voice data.
Step 106: the telephone terminal 1 receives a customer input of whether to confirm payment data. For example: customer input 1, which may represent confirmation of payment; the customer enters 0, which may indicate that payment is terminated. And transmits the customer input data to the telephone banking system 3.
Step 107: the main processing unit 30 in the telephone banking system 3 receives the data transmitted from the telephone terminal 1, checks whether the customer confirms payment, continues the payment processing if the customer confirms payment, and terminates the processing otherwise.
Step 108: the main processing unit 30 calls the dynamic password challenge processing unit 33 to generate dynamic data selection information, the dynamic password challenge processing unit 33 reads the dynamic password card matrix table of the customer by accessing the telephone bank registration information storage unit in the data storage device 11, randomly selects a pair of horizontal and vertical coordinates, and reads corresponding data, namely a dynamic password, from the dynamic password card matrix table. Then, the interactive voice response device 13 is called to convert the horizontal and vertical coordinates into voice data, and the converted order voice data is sent to the telephone terminal 1.
Step 109: the telephone terminal 1 receives the dynamic password challenge voice data and broadcasts the dynamic password challenge voice data.
Step 110: the telephone terminal 1 receives a customer input and the customer inputs a dynamic password. And transmits the customer input data to the telephone banking system 3.
Step 111: the main processing unit 30 receives password data input from the telephone terminal 1, and calls the dynamic password authentication processing unit 34 to perform authentication. The dynamic password authentication processing unit 34 compares the password input by the client with the password corresponding to the abscissa and the ordinate in the dynamic password card matrix table, if the password is matched, the authentication is passed, otherwise, the authentication is not passed, and finally, the authentication result is fed back to the main processing unit 30.
Step 112: the main processing unit 30 calls the payment processing unit 35 to perform payment processing. The payment processing unit 35 reduces the account balance of the customer by the amount of the order amount and increases the account balance of the merchant by the amount of the order amount by accessing the account unit built in the data storage device 11, and at the same time, accesses the shopping order storage unit, changes the payment state of the order into "paid", and finally feeds back the payment result to the main processing unit 30.
Step 113: the main processing unit 30 converts the payment result data into voice data by calling the interactive voice response device, and transmits the payment result voice data to the telephone terminal used by the customer.
Step 114: and the telephone terminal receives the payment result voice data and broadcasts voice to the user.
Step 115: the main processing unit 30 calls the send payment result unit 36 to send the payment result to the merchant telephone shopping system. The payment result sending unit 36 sends the order payment result to the merchant telephone shopping system through a secure network, and the sending data at least includes a merchant number, an order amount, and a payment result. The secure network between the bank and the merchant may be a private network, or a VPN (virtual private network) installed on a public network (such as the internet), and the network connection needs high security.
Step 116: : the merchant telephone shopping system receives payment result data of the bank.
Client telephone terminal registration flow:
step 200: the customer registers in the bank counter by telephone bank, the registering medium is bank card, account book of current account, etc, the card number or account number of current account book is used as the account number for logging in telephone bank and making on-line payment.
Step 201: the password of the bank card or the current account of the customer is verified, the password is the password used when the customer carries out transaction to a bank counter and an ATM, or the main password of the bank card or the current account, and the password is different from the special password used when the customer carries out transaction through electronic channels such as a telephone bank, an internet bank and the like.
Step 202: and checking the identity document. When registering, the customer is required to show the original identification (resident identification card, military officer card, etc.), and the bank teller checks whether the identification is consistent with the identification information reserved by the bank card or the current deposit book when opening the account.
Step 203: the method is a dynamic password card. The bank sends a dynamic password card to the customer, the dynamic password card is a matrix card shown in figure 5 and stores data of the dynamic password card, information of the customer registered telephone bank is stored in a telephone bank registration information storage unit in the data storage device 11 through accessing, the unit at least comprises an account number, a telephone number, a card number of the dynamic password card and a dynamic password card matrix table, and data of the dynamic password card matrix table is shown in figure 5 and comprises values corresponding to horizontal and vertical coordinates and horizontal and vertical coordinates.
As shown in fig. 6, the dynamic password two-dimensional coordinate matrix of the client authentication coordinate card of the dynamic password card represents the intention, the dynamic password two-dimensional coordinate matrix is arranged in a matrix manner, and is covered with an opaque film, so that the user scrapes off the opaque film when using the card. For example, the coordinate data of the voice prompt received by the user from the telephone terminal is: (C, 4), the corresponding dynamic password 523 is entered on the keypad of the telephone terminal. The telephone bank server also stores a dynamic password two-dimensional coordinate matrix table as shown in fig. 5, when the telephone bank server receives the dynamic password 523 returned by the client telephone terminal, the telephone bank server searches the dynamic password corresponding to the coordinate (C, 4) in the stored dynamic password two-dimensional coordinate matrix table, and if the corresponding dynamic password is 523, the client passes the identity authentication.
The invention discloses a security authentication method, a device and a system for realizing online payment of a telephone bank, which have the following effects:
the security level is high. The dynamic password is unordered, the system randomly requires the client to input the password at two coordinate positions each time, the password is dynamic, and the password input each time is different. Therefore, after the fake merchant cheats the customer password, the fake merchant cannot be used in the real telephone bank, so that the problem that the customer password is intercepted is solved, and the customer fund is protected.
Low cost and easy popularization. The manufacturing cost of the password card mainly comprises card material cost, anti-counterfeiting mark processing cost, printing cost, packaging cost and the like, and the password card has price advantage in service promotion.
The present invention overcomes the problem of low security of payment by using telephone bank in the current telephone shopping, and the above embodiments are only used for illustrating the present invention, but not for limiting the present invention.
Claims (16)
1. An identity authentication method for realizing online payment of telephone banks is characterized by comprising the following steps:
randomly generating a group of dynamic passwords, wherein each dynamic password has uniqueness;
corresponding each dynamic password to the two-dimensional coordinates, and generating and storing a two-dimensional coordinate matrix table of the dynamic password;
binding the two-dimensional coordinate matrix table with the identity of the customer, and printing the two-dimensional coordinate matrix table on a customer identity authentication coordinate card;
when the online payment of the telephone bank is carried out:
the telephone bank system randomly selects a group of coordinate data from the stored two-dimensional coordinate matrix table, calls a client telephone terminal through a communication network and prompts the coordinate data by voice;
reading a dynamic password corresponding to the coordinate data from the client identity authentication coordinate card according to the coordinate data prompted by the voice, and transmitting the dynamic password to the telephone bank system through the client telephone terminal;
and the telephone bank system compares the dynamic password corresponding to the selected coordinate data with the dynamic password transmitted from the telephone terminal, and if the two dynamic passwords are matched, the identity authentication is passed.
2. The method of claim 1, wherein the binding the two-dimensional coordinate matrix table with the customer identity comprises: binding and storing the card number and the matrix table of the customer identity authentication coordinate card with the bank account number and the telephone number of the customer;
the customer purchases the goods in the telephone shopping system of the merchant and reserves the telephone number of the customer to the merchant.
3. The method according to claim 1 or 2, characterized in that a communication connection is established between a telephone shopping system of a merchant and the telephone banking system;
and the telephone shopping system sends order data containing the telephone number of the customer to the telephone banking system.
4. The method of claim 3, wherein said order data bank comprises: merchant number, merchant name, order number, customer phone number, order amount, payment currency.
5. The method according to claim 3, wherein the telephone banking system receives order data sent by the telephone shopping system, converts received order data information into voice broadcast data, and sends the converted order voice data to the customer telephone terminal;
the customer telephone terminal receives the order voice data and broadcasts the order voice data;
the customer telephone terminal receives confirmation data which is input by a customer and used for payment;
and the telephone bank system receives the confirmation data sent by the client telephone terminal, checks whether the client confirms to pay or not, continues to perform payment processing if the client confirms to pay, and terminates the processing if the client does not confirm to pay.
6. The method of claim 5, wherein the payment processing comprises:
decreasing the account balance of the customer by the amount of the order sum, and increasing the account balance of the merchant by the amount of the order sum;
converting the payment result data into voice data and sending the payment result voice data to the client telephone terminal;
and the customer telephone terminal receives the payment result voice data and broadcasts voice to the customer.
7. The method of claim 5, wherein the payment processing comprises: sending an order payment result to the telephone shopping system, wherein the order payment result comprises a merchant number, an order amount and a payment result;
and the telephone shopping system receives the payment result.
8. An identity authentication device for realizing online payment of telephone banking, the device comprising:
the dynamic password generating unit is used for randomly generating a group of dynamic passwords, and each dynamic password has uniqueness;
the two-dimensional coordinate matrix table generating unit is used for corresponding each dynamic password to the two-dimensional coordinate and generating and storing a dynamic password two-dimensional coordinate matrix table;
the two-dimensional coordinate matrix table output unit is used for binding the two-dimensional coordinate matrix table with the identity of the customer and printing the two-dimensional coordinate matrix table on a customer identity authentication coordinate card;
the coordinate data voice sending unit is used for randomly selecting a group of coordinate data from the stored two-dimensional coordinate matrix table and prompting the coordinate data through communication network voice;
a dynamic password receiving unit, configured to receive a dynamic password returned via a communication network and read from the customer authentication coordinate card;
and the dynamic password authentication unit is used for comparing the dynamic password corresponding to the selected coordinate data with the returned dynamic password, and if the two dynamic passwords are matched, the identity authentication is passed.
9. The apparatus of claim 8, wherein the binding of the two-dimensional coordinate matrix table with the customer identity comprises: binding and storing the card number and the matrix table of the customer identity authentication coordinate card with the bank account number and the telephone number of the customer;
the customer purchases goods at the merchant's telephone shopping system and reserves his or her telephone number for the merchant.
10. An identity authentication system for implementing telephone banking online payment, the system comprising: the system comprises a telephone bank server, a client identity authentication coordinate card and a client telephone terminal; wherein,
the telephone bank server comprises:
the dynamic password generating unit is used for randomly generating a group of dynamic passwords, and each dynamic password has uniqueness;
the two-dimensional coordinate matrix table generating unit is used for corresponding each dynamic password to the two-dimensional coordinate and generating and storing a dynamic password two-dimensional coordinate matrix table;
the two-dimensional coordinate matrix table output unit is used for binding the two-dimensional coordinate matrix table with the identity of the customer and printing the two-dimensional coordinate matrix table on a customer identity authentication coordinate card;
a coordinate data voice sending unit, which is used for randomly selecting a group of coordinate data from a stored two-dimensional coordinate matrix table and sending the coordinate data to the client telephone terminal through a communication network;
a dynamic password receiving unit, configured to receive a dynamic password returned via a communication network and read from the customer authentication coordinate card;
the dynamic password authentication unit is used for comparing the dynamic password corresponding to the selected coordinate data with the returned dynamic password, and if the two dynamic passwords are matched, the identity authentication is passed;
the customer identity authentication coordinate card comprises: the dynamic password two-dimensional coordinate matrix table is printed on the surface of the customer identity authentication coordinate card;
the client telephone terminal includes:
the coordinate data voice receiving unit is used for receiving the coordinate data sent by the coordinate data voice sending unit;
and the dynamic password input unit is used for inputting the dynamic password corresponding to the coordinate data read from the customer identity authentication coordinate card into the customer telephone terminal and returning the dynamic password to the telephone banking system through a communication network.
11. The system of claim 10, wherein the binding of the two-dimensional coordinate matrix table to the customer identity comprises: binding and storing the card number and the matrix table of the customer identity authentication coordinate card with the bank account number and the telephone number of the customer;
the customer purchases the goods in the telephone shopping system of the merchant and reserves the telephone number of the customer to the merchant.
12. The system of claim 10 or 11, further comprising: the telephone shopping system is connected with the telephone banking system;
and the telephone shopping system sends order data containing the telephone number of the customer to the telephone banking system.
13. The system of claim 12, wherein said order data bank comprises: merchant number, merchant name, order number, customer phone number, order amount, payment currency.
14. The system of claim 12, wherein the telephone banking system receives order data sent by the telephone shopping system, converts the received order data information into voice broadcast data, and sends the converted order voice data to the customer telephone terminal;
the customer telephone terminal receives the order voice data and broadcasts the order voice data;
the customer telephone terminal receives confirmation data which is input by a customer and used for payment;
and the telephone bank system receives the confirmation data sent by the client telephone terminal, checks whether the client confirms to pay or not, continues to perform payment processing if the client confirms to pay, and terminates the processing if the client does not confirm to pay.
15. The system of claim 14, wherein said payment processing comprises:
decreasing the account balance of the customer by the amount of the order sum, and increasing the account balance of the merchant by the amount of the order sum;
converting the payment result data into voice data and sending the payment result voice data to the client telephone terminal;
and the customer telephone terminal receives the payment result voice data and broadcasts voice to the customer.
16. The system of claim 14, wherein said payment processing comprises: sending an order payment result to the telephone shopping system, wherein the order payment result comprises a merchant number, an order amount and a payment result;
and the telephone shopping system receives the payment result.
Priority Applications (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CNA2007101763289A CN101145905A (en) | 2007-10-25 | 2007-10-25 | An authentication method, device and system for online payment of phone bank |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CNA2007101763289A CN101145905A (en) | 2007-10-25 | 2007-10-25 | An authentication method, device and system for online payment of phone bank |
Publications (1)
| Publication Number | Publication Date |
|---|---|
| CN101145905A true CN101145905A (en) | 2008-03-19 |
Family
ID=39208222
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CNA2007101763289A Pending CN101145905A (en) | 2007-10-25 | 2007-10-25 | An authentication method, device and system for online payment of phone bank |
Country Status (1)
| Country | Link |
|---|---|
| CN (1) | CN101145905A (en) |
Cited By (14)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN101425170A (en) * | 2008-11-25 | 2009-05-06 | 李东声 | Dynamic password implementing method, system and device |
| CN102089781A (en) * | 2008-07-17 | 2011-06-08 | 在线交易股份有限公司 | Systems and methods for transferring value |
| CN101296241B (en) * | 2008-06-30 | 2011-12-28 | 飞天诚信科技股份有限公司 | Method for improving identity authentication security based on password card |
| CN102821106A (en) * | 2012-08-22 | 2012-12-12 | 句容市盛世软件有限公司 | Electronic document non-repudiation method |
| WO2014101127A1 (en) * | 2012-12-28 | 2014-07-03 | Rong Weihua | Method for implementing security verification by using dynamic payment password |
| WO2015055038A1 (en) * | 2013-10-15 | 2015-04-23 | 胡海峰 | Secure password authentication method |
| CN104580112A (en) * | 2013-10-25 | 2015-04-29 | 阿里巴巴集团控股有限公司 | Service authentication method and system, and server |
| CN104852902A (en) * | 2015-04-10 | 2015-08-19 | 中国民航大学 | SWIM user identity authentication method based on improved Diameter/EAP-TLS protocol |
| CN106971325A (en) * | 2016-01-14 | 2017-07-21 | 阿里巴巴集团控股有限公司 | Order checks and writes off method and server |
| CN107423975A (en) * | 2011-03-30 | 2017-12-01 | 欧诺银行 | By submitting number to carry out strong authentication |
| CN107508782A (en) * | 2016-06-14 | 2017-12-22 | 阿里巴巴集团控股有限公司 | The method and device of certification user identity in voice customer service |
| CN108352988A (en) * | 2015-10-30 | 2018-07-31 | 巴洛服务株式会社 | Based on twin-channel authentication method and system |
| CN108964882A (en) * | 2017-05-19 | 2018-12-07 | 深圳市共进电子股份有限公司 | The method and apparatus of dynamic generation modem login password, modem |
| CN111163235A (en) * | 2020-02-06 | 2020-05-15 | 深圳震有科技股份有限公司 | Method and device for distinguishing and processing external line telephone incoming call through internal telephone |
-
2007
- 2007-10-25 CN CNA2007101763289A patent/CN101145905A/en active Pending
Cited By (16)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN101296241B (en) * | 2008-06-30 | 2011-12-28 | 飞天诚信科技股份有限公司 | Method for improving identity authentication security based on password card |
| CN102089781A (en) * | 2008-07-17 | 2011-06-08 | 在线交易股份有限公司 | Systems and methods for transferring value |
| CN101425170A (en) * | 2008-11-25 | 2009-05-06 | 李东声 | Dynamic password implementing method, system and device |
| CN107423975A (en) * | 2011-03-30 | 2017-12-01 | 欧诺银行 | By submitting number to carry out strong authentication |
| CN102821106A (en) * | 2012-08-22 | 2012-12-12 | 句容市盛世软件有限公司 | Electronic document non-repudiation method |
| WO2014101127A1 (en) * | 2012-12-28 | 2014-07-03 | Rong Weihua | Method for implementing security verification by using dynamic payment password |
| WO2015055038A1 (en) * | 2013-10-15 | 2015-04-23 | 胡海峰 | Secure password authentication method |
| CN104580112B (en) * | 2013-10-25 | 2018-07-13 | 阿里巴巴集团控股有限公司 | A kind of service authentication method, system and server |
| CN104580112A (en) * | 2013-10-25 | 2015-04-29 | 阿里巴巴集团控股有限公司 | Service authentication method and system, and server |
| CN104852902A (en) * | 2015-04-10 | 2015-08-19 | 中国民航大学 | SWIM user identity authentication method based on improved Diameter/EAP-TLS protocol |
| CN108352988A (en) * | 2015-10-30 | 2018-07-31 | 巴洛服务株式会社 | Based on twin-channel authentication method and system |
| CN106971325A (en) * | 2016-01-14 | 2017-07-21 | 阿里巴巴集团控股有限公司 | Order checks and writes off method and server |
| CN107508782A (en) * | 2016-06-14 | 2017-12-22 | 阿里巴巴集团控股有限公司 | The method and device of certification user identity in voice customer service |
| CN108964882A (en) * | 2017-05-19 | 2018-12-07 | 深圳市共进电子股份有限公司 | The method and apparatus of dynamic generation modem login password, modem |
| CN108964882B (en) * | 2017-05-19 | 2021-10-01 | 深圳市共进电子股份有限公司 | Method and device for dynamically generating modem login password and modem |
| CN111163235A (en) * | 2020-02-06 | 2020-05-15 | 深圳震有科技股份有限公司 | Method and device for distinguishing and processing external line telephone incoming call through internal telephone |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| CN101145905A (en) | An authentication method, device and system for online payment of phone bank | |
| US10032156B2 (en) | System and method for conducting financial transactions using a mobile device | |
| US8566238B2 (en) | Method for a payment transaction associated with two corresponding declarations of intent | |
| US8103548B2 (en) | Intelligent transaction router and process for handling multi-product point of sale transactions | |
| CN101072384A (en) | Mobile phone payment method and system based on mobile phone bank | |
| JP2004523021A (en) | Method and apparatus for transferring electronic money from a deposit memory | |
| JP2004527015A (en) | Method and apparatus for transmitting an electronic amount from a fund storage device | |
| CN102184497A (en) | Electronic transaction system and payment method with telegraph number as account number | |
| CN101071492A (en) | Mobile phone fee payment method and system based on mobile phone bank | |
| KR101024810B1 (en) | Mobile payment method and system using ALS | |
| CN101751627A (en) | Bank card payment system and corresponding payment method used for non-face-to-face payment | |
| RU2267156C2 (en) | Electronic payment method (variants) | |
| CN101206739A (en) | Cash register collection payment system using mobile phone as payment device and corresponding method | |
| CN101964125B (en) | Mobile phone payment system authenticated by double communication paths and corresponding method | |
| CN104574691B (en) | A kind of method for processing business and system based on automatic teller machine | |
| JP2004507000A (en) | Method and apparatus for transmitting an electronic amount from a fund storage device by WAP | |
| CN1946108B (en) | Method and method for realizing online payment of telephone | |
| CN105247549A (en) | Bank card security payment system and method using real-time communication | |
| JP2004523814A (en) | Method and apparatus for transmitting an electronic amount from a fund storage device | |
| CN109284991A (en) | A kind of personal credit payment system and its method of payment | |
| CN101154280A (en) | Payment affirmation system and method for full-automatic buying air ticket and booking hotel by mobile phone | |
| KR20050106209A (en) | Billing system according to ordering by telephone and method thereof | |
| AU2016259435A1 (en) | A system and method for facilitating finacial transactions | |
| EP1566780A1 (en) | Mobile payment solution | |
| JP2001351044A (en) | Store front payment system using portable terminal |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| C06 | Publication | ||
| PB01 | Publication | ||
| C10 | Entry into substantive examination | ||
| SE01 | Entry into force of request for substantive examination | ||
| C12 | Rejection of a patent application after its publication | ||
| RJ01 | Rejection of invention patent application after publication |
Open date: 20080319 |