[go: up one dir, main page]

WO2019237718A1 - Method for generating payment receiving code and code-scanning security verification method - Google Patents

Method for generating payment receiving code and code-scanning security verification method Download PDF

Info

Publication number
WO2019237718A1
WO2019237718A1 PCT/CN2018/124947 CN2018124947W WO2019237718A1 WO 2019237718 A1 WO2019237718 A1 WO 2019237718A1 CN 2018124947 W CN2018124947 W CN 2018124947W WO 2019237718 A1 WO2019237718 A1 WO 2019237718A1
Authority
WO
WIPO (PCT)
Prior art keywords
payment
code
user
client
tamper
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Ceased
Application number
PCT/CN2018/124947
Other languages
French (fr)
Chinese (zh)
Inventor
董温彬
陈逢源
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
Shanghai Zhangmen Science and Technology Co Ltd
Original Assignee
Shanghai Zhangmen Science and Technology Co Ltd
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Shanghai Zhangmen Science and Technology Co Ltd filed Critical Shanghai Zhangmen Science and Technology Co Ltd
Publication of WO2019237718A1 publication Critical patent/WO2019237718A1/en
Anticipated expiration legal-status Critical
Ceased legal-status Critical Current

Links

Images

Classifications

    • GPHYSICS
    • G06COMPUTING OR CALCULATING; COUNTING
    • G06KGRAPHICAL DATA READING; PRESENTATION OF DATA; RECORD CARRIERS; HANDLING RECORD CARRIERS
    • G06K19/00Record carriers for use with machines and with at least a part designed to carry digital markings
    • G06K19/06Record carriers for use with machines and with at least a part designed to carry digital markings characterised by the kind of the digital marking, e.g. shape, nature, code
    • G06K19/06009Record carriers for use with machines and with at least a part designed to carry digital markings characterised by the kind of the digital marking, e.g. shape, nature, code with optically detectable marking
    • G06K19/06046Constructional details
    • G06K19/06103Constructional details the marking being embedded in a human recognizable image, e.g. a company logo with an embedded two-dimensional code
    • GPHYSICS
    • G06COMPUTING OR CALCULATING; COUNTING
    • G06KGRAPHICAL DATA READING; PRESENTATION OF DATA; RECORD CARRIERS; HANDLING RECORD CARRIERS
    • G06K19/00Record carriers for use with machines and with at least a part designed to carry digital markings
    • G06K19/06Record carriers for use with machines and with at least a part designed to carry digital markings characterised by the kind of the digital marking, e.g. shape, nature, code
    • G06K19/06009Record carriers for use with machines and with at least a part designed to carry digital markings characterised by the kind of the digital marking, e.g. shape, nature, code with optically detectable marking
    • G06K19/06037Record carriers for use with machines and with at least a part designed to carry digital markings characterised by the kind of the digital marking, e.g. shape, nature, code with optically detectable marking multi-dimensional coding
    • GPHYSICS
    • G06COMPUTING OR CALCULATING; COUNTING
    • G06QINFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES, NOT OTHERWISE PROVIDED FOR
    • G06Q20/00Payment architectures, schemes or protocols
    • G06Q20/30Payment architectures, schemes or protocols characterised by the use of specific devices or networks
    • G06Q20/32Payment architectures, schemes or protocols characterised by the use of specific devices or networks using wireless devices
    • G06Q20/327Short range or proximity payments by means of M-devices
    • G06Q20/3276Short range or proximity payments by means of M-devices using a pictured code, e.g. barcode or QR-code, being read by the M-device
    • GPHYSICS
    • G06COMPUTING OR CALCULATING; COUNTING
    • G06QINFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES, NOT OTHERWISE PROVIDED FOR
    • G06Q20/00Payment architectures, schemes or protocols
    • G06Q20/38Payment protocols; Details thereof
    • G06Q20/382Payment protocols; Details thereof insuring higher security of transaction
    • G06Q20/3821Electronic credentials
    • GPHYSICS
    • G06COMPUTING OR CALCULATING; COUNTING
    • G06QINFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES, NOT OTHERWISE PROVIDED FOR
    • G06Q20/00Payment architectures, schemes or protocols
    • G06Q20/38Payment protocols; Details thereof
    • G06Q20/42Confirmation, e.g. check or permission by the legal debtor of payment

Definitions

  • This application relates to the field of Internet applications, and in particular, to a method for generating a payment code and a method for scanning code security verification.
  • the static payment code is mainly a two-dimensional code applied by the merchant to the payment institution and posted in front of the store to receive money.
  • the two-dimensional payment code provided by Alipay or WeChat official, or an integrated type of payment code provided by institutions such as Money Bar is usually a square with a black block on a white background.
  • Various aspects of the present application provide a method for generating a payment code and a method for scanning code security verification, which are used to improve scanning code security.
  • An aspect of the present application provides a method for generating a payment code on a tamper-resistant QR code server side, including: receiving a payment code generation request sent by a client; the payment code generation request includes Generating a two-dimensional code according to the user identification; combining the generated two-dimensional code with a user identification picture of a corresponding user submitted by the client to obtain a payment code for scanning based on the payment code Code security check.
  • An aspect of the present application provides a code scanning security verification method, including: a tamper-resistant two-dimensional code server receives a service request of a payment code sent by a client; wherein the payment code is a tamper-resistant two-dimensional code
  • the server generates a two-dimensional code according to the user identity of the payee; it is obtained by combining the generated two-dimensional code with the picture of the user ID of the payee; the tamper-resistant two-dimensional code server is based on the payment received in the service request
  • the user identity corresponding to the code to find the corresponding user identity picture for security verification; the tamper-resistant two-dimensional code server sends the corresponding user identity picture for security verification to the client, so as to be based on the
  • the user identification picture used for security verification determines the security verification result on the client.
  • a code scanning security verification method which includes: a tamper-resistant two-dimensional code server receives a service request of a payment code sent by a client; wherein the payment code is two-dimensionally tamper-resistant
  • the code server generates a two-dimensional code according to the user identification of the payee; it is obtained by combining the generated two-dimensional code with the picture of the user identification of the payee; the tamper-resistant two-dimensional code server corresponds to the payment code included in the service request User ID to find the corresponding user ID picture for security verification; anti-tampering QR code server to the user ID picture in the payment code included in the business request and the user ID picture found for security verification Perform a similarity comparison to determine the result of the security check.
  • a device includes: one or more processors; a storage device configured to store one or more programs, and when the one or more programs are used by the one or more programs Each processor executes such that the one or more processors implement any of the above methods.
  • a computer-readable storage medium on which a computer program is stored, which is characterized in that when the program is executed by a processor, any one of the foregoing methods is implemented.
  • the user identification picture is added to the two-dimensional code, so that the user can verify whether the two-dimensional code is safe through the identification picture, thereby improving the security of the scan code payment service.
  • FIG. 1 is a schematic flowchart of a method for generating a payment code on a tamper-proof two-dimensional code server according to Embodiment 1 of the present application;
  • FIG. 1 is a schematic flowchart of a method for generating a payment code on a tamper-proof two-dimensional code server according to Embodiment 1 of the present application;
  • FIG. 2 is a schematic flowchart of a code scanning and verifying method provided in Embodiment 2 of the present application;
  • FIG. 3 is a schematic flowchart of a code scanning and verifying method provided in Embodiment 2 of the present application;
  • FIG. 5 is a block diagram of an exemplary computer system / server suitable for use in implementing embodiments of the present invention.
  • FIG. 1 is a schematic flowchart of a method for generating a payment code on a tamper-proof two-dimensional code server according to an embodiment of the present application. As shown in FIG. 1, the method includes:
  • the payee needs to register with the tamper-resistant QR code server in advance, and after the registration is successful, the tamper-resistant QR code server allocates a user identity for identifying the user. Only registered payee users can request the tamper-resistant QR code server to generate a payment code for them.
  • the payee sends a registration request to the tamper-resistant two-dimensional code server through the client, and the tamper-resistant two-dimensional code server allocates a user identity to the payee based on the registration request.
  • the payee opens the client on the mobile terminal or opens the web page corresponding to the tamper-proof QR code server, and performs registration on the user registration interface, such as entering a user name and password for registration, or receiving a tamper-resistant 2D by filling in a mobile phone number After the verification message sent by the code issuing organization is verified, it is verified to register.
  • the tamper-resistant QR code server assigns a user identification to the payee, and sends a successful registration notification message to the payee, prompting the user to register successfully.
  • the user identity can identify the identity of the payee, and is used to determine the qualification certificate file, user ID picture, etc. uploaded by the payee.
  • the payee needs to upload a qualification certificate file to the tamper-resistant QR code server in advance, so that the tamper-resistant QR code server reviews the qualification certificate file.
  • the user qualification certificate is submitted to the tamper-proof two-dimensional code server; the tamper-proof two-dimensional code server reviews the user qualification certificate information, and passes the verified certification information to the The user identity is matched, where a unique valid user identity exists to match the qualification certification information.
  • the payee can click the upload qualification certificate file option in the client or the corresponding webpage, and upload the qualification certificate file selected by the user to the tamper-proof QR code server, such as an ID card, business license, etc .; The certificate verification success message returned by the code server.
  • the tamper-proof QR code server such as an ID card, business license, etc .
  • the qualification certificate can prove the identity of the payee and improve the security of payment.
  • the identity of the payee can be ensured, preventing others from embezzling the payee's identity, and improving the security of the payment.
  • the client in this embodiment may be a client provided by a tamper-resistant QR code issuing mechanism, and may also include other recognized or authorized by the corresponding tamper-resistant QR code issuing mechanism, which may implement other technical solutions of this application.
  • the server may be a tamper-resistant QR code server.
  • the tamper-resistant two-dimensional code server is used to provide a payee with a payee code including a user identification picture of the payee, and provide the payee and the payee with the user ID picture stored in the server database when scanning for payment.
  • the user identification picture in the code is compared and checked to prevent the receipt code from being tampered with, so as to improve the security of code scanning payment.
  • the tamper-resistant QR code issuing mechanism and the payment institution may be the same institution, that is, the client provided by the tamper-resistant QR code issuing mechanism is a client, and the tamper-resistant QR server is provided.
  • the tamper-resistant QR code issuing mechanism and the payment institution may be different agencies, and the payment institution invokes the service of the tamper-resistant QR code issuing mechanism.
  • step S11 the client sends a payment code generation request to the tamper-resistant two-dimensional code server; the payment code generation request includes a user identity of the user corresponding to the client;
  • the payee may click the generate a pay code option in the client to trigger the client to send a pay code generation request to the server to request the server to generate a corresponding pay code for the payee.
  • step S12 the tamper-resistant two-dimensional code server receives a payment code generation request sent by the client; and generates a two-dimensional code according to the user identity.
  • the two-dimensional code includes the user identification of the payee.
  • the two-dimensional code may further include a link address to a tamper-resistant two-dimensional code server.
  • step S13 the tamper-resistant two-dimensional code server combines the generated two-dimensional code with the user identification picture of the corresponding user submitted by the client to obtain a payment code, so as to perform code scanning security verification based on the payment code.
  • the user identification picture may be a user's portrait, logo, or any other identification picture that can identify the user.
  • the collection code generation request includes a user identification picture.
  • the client uploads the user identification picture to a tamper-resistant two-dimensional code server in advance, so that the tamper-resistant two-dimensional code server audits the user identification picture.
  • the tamper-resistant two-dimensional code server searches for a corresponding user identification picture according to the identity of the user included in the collection code generation request.
  • the payee can click the upload user logo picture option in the client to upload the selected user logo picture to the server; and receive the user logo picture review success message returned by the server.
  • the tamper-resistant two-dimensional code server audits the user identification picture uploaded by the payee through image recognition technology, so as to determine whether the uploaded user identification picture is identical to the submitter himself or his business license. For example, if the user identification picture is a user portrait, determine whether the user portrait matches a user ID; if the user identification picture is a logo, determine whether the logo matches a business license.
  • the tamper-resistant two-dimensional code server may also perform a form review on the user identification picture uploaded by the payee.
  • a form review For example, the format, size, and resolution of user logo pictures are automatically audited; whether the user logo pictures violate laws or social ethics is automatically or manually audited.
  • the tamper-resistant QR code server stores the approved user identification picture in the server's database, and sends a prompt message to the payee that the user identification picture is successfully audited.
  • the user identification picture stored in the database is determined by the corresponding user identification.
  • the tamper-proof QR code server sends a prompt message to the payee that the user logo picture fails to be reviewed, prompting the payee to re-upload the user logo picture.
  • the user identification picture is used as the background picture of the two-dimensional code and combined with the two-dimensional code as the payment code.
  • the tamper-proof two-dimensional code server firstly The user ID corresponding to the code looks up the corresponding user ID picture in the database of the server and sends it to the client for display to the payer for the payer to compare with the background picture in the payment code scanned by the payer; if not, Send a risk reminder message to the payer, prompting the payer to terminate the payment, for example, "the current payment code is not registered in the tamper-resistant QR code payment system".
  • the user identification picture is faded out; the diluted user identification picture is used as the background picture of the two-dimensional code and combined with the two-dimensional code.
  • the fading standard is that the two-dimensional code in the generated payment code can be scanned and identified normally, as long as the two-dimensional code's error tolerance and correction performance is not affected. Based on the two-dimensional code's error correction function, even if some parts are covered or lost, the two-dimensional code can still be scanned and identified.
  • the user identification picture is displayed in a peripheral area of the two-dimensional code.
  • a code scanning security check is performed based on the payment code.
  • the user identification corresponding to the payment code is used for the tamper-resistant two-dimensional code server to find the corresponding user identification picture for security verification; in order to determine the security calibration on the client based on the user identification picture corresponding to the payment code Or, the tamper-proof two-dimensional code server performs a similarity comparison between the image of the payment code included in the service request and the user identification picture obtained for security verification to determine the security verification result.
  • step S14 the tamper-resistant two-dimensional code server sends the generated payment code to the client.
  • the payment code is in a picture format and can be displayed and printed by the client; or, the payment code can be printed by the server and provided to the payee.
  • the client may display the payment code, and the payer scans the payment code to pay the payee.
  • the payee can also print and post the payment code for the payer to scan the payment code for payment.
  • the user identity picture is stored in the server by reviewing the user identity picture and binding the user identity picture to the payer When scanning the code, the user ID picture stored in the server database and the user ID picture in the payment code are compared and verified, which improves the security of code scanning payment.
  • FIG. 2 is a schematic flowchart of a code scanning and verifying method provided in Embodiment 2 of the present application. As shown in FIG. 2, when the payer scans the payment code to pay the payee, the process shown in FIG. 2 may be performed:
  • step S21 the client scans the payment code, and sends a service request for the payment code to the tamper-resistant two-dimensional code server;
  • the client may be a payment software client such as WeChat, Alipay, or Shengfutong Wallet, and may also include other clients recognized or authorized by the corresponding tamper-resistant QR code issuing agency and capable of implementing the technical solution of the present application. .
  • the payment code is generated by the tamper-resistant two-dimensional code server according to the user identification of the payee; the generated two-dimensional code is combined with the user identification picture of the payee.
  • the payer wants to make a payment to the payee after the purchase, he can open the client on his mobile phone, scan the payment code provided by the payee, and send a business request to the tamper-proof QR code server.
  • the service request is to request a tamper-resistant two-dimensional code server to perform validity check on the payment code. It may also be a payment request for the payment code.
  • a tamper-proof two-dimensional code server performs a validity check on the payment code, and payment is performed on the two-dimensional code after the verification is passed.
  • the client can parse the two-dimensional code in the payment code to obtain the user identification of the payee included therein as the user identification corresponding to the payment code, and according to the two-dimensional code,
  • the included link address to the tamper-resistant QR code server sends a business request to the tamper-resistant QR code server.
  • the service request includes scanning to obtain the user identity corresponding to the payment code for security of the tamper-resistant QR code server. check.
  • the tamper-resistant two-dimensional code server receives a service request for a payment code sent by a client, and finds a corresponding user identifier for security verification based on a user identity corresponding to the payment code included in the service request. image.
  • the step further comprises: the tamper-resistant two-dimensional code server first determines whether the corresponding user is a registered user of the tamper-resistant two-dimensional code payment system according to the user identity corresponding to the payment code included in the service request. Find the corresponding user identification picture for security verification in the database of the server according to the user identity corresponding to the payment code included in the service request and send it to the client for display to the payer for the payer and his The scanned image of the user's logo in the scanned payment code is used for comparison verification; if not, a risk alert message is sent to the payer to prompt the payer to terminate the payment, for example, "The current payment code is not registered in the tamper-proof QR code payment system ".
  • the corresponding user identification picture for security verification is stored by the server in the database of the server after the server checks the user identification picture sent by the payee.
  • step S23 the tamper-resistant QR code server sends the user identification picture to the client for display to the payer in the client's payment interface, prompting the payer to send the user identification picture displayed in the payment interface and its scanned receipt. Compare the user logo pictures in the code.
  • step S24 if the user identification picture displayed in the payment interface of the client is the same as the background picture in the scanned payment code, the payer can confirm to continue the payment; if they are different, the payer can terminate the payment and inform the payee .
  • the payer can click the "Confirm” button on the payment interface to continue the payment; or click the "Cancel” button on the payment interface to cancel the payment.
  • step S25 after the tamper-resistant QR code server receives a confirmation order from the payer to continue the payment, it constructs a corresponding payment request, and forwards the payment request to the payment server, and the payment server processes the payment request.
  • the service request of the payment code sent by the client includes identification information of the corresponding payment software, and the tamper-resistant two-dimensional code server constructs a corresponding payment request according to the identification information, and forwards the payment request to the payment Software corresponding payment server.
  • the tamper-resistant two-dimensional code server terminates the payment operation after receiving the confirmation order from the payer to cancel the payment.
  • the tamper-proof two-dimensional code server does not receive the user's confirmation instruction within a predetermined time, for example, the user has not confirmed or cancelled, the payment is terminated.
  • step S26 after receiving the payment request, the payment server guides the payer to complete the payment, performs settlement, and notifies the payee that the payment has been completed.
  • the tamper-resistant two-dimensional code server first determines whether the corresponding user is a registered user of the tamper-resistant two-dimensional code payment system according to the user identity corresponding to the payment code included in the service request. If so, according to the service request The user identification corresponding to the payment code finds the corresponding user identification picture for security verification in the server database and sends it to the client, and the client scans the corresponding user identification picture for security verification and scans it The user's logo picture in the payment code is compared and verified; if not, send a risk reminder message to the payer to prompt the payer to terminate the payment, for example, "the current payment code is not registered in the tamper-proof QR code payment system" . Wherein, the corresponding user identification picture for security verification is stored by the server in the database of the server after the server checks the user identification picture sent by the payee.
  • the client compares the corresponding user identification picture for security verification with the user identification picture in the payment code scanned by the client, and sends a confirmation command that the comparison result is consistent to the tamper-proof two-dimensional code server according to the verification result. To continue the payment; or, to send a confirmation command with inconsistent results to terminate the payment; or, to not send a confirmation command to terminate the payment.
  • the tamper-resistant two-dimensional code server After the tamper-resistant two-dimensional code server receives the confirmation command for continued payment sent by the client, it constructs a corresponding payment request, and forwards the payment request to the payment server, and the payment server processes the payment request.
  • the service request of the payment code sent by the client includes identification information of the corresponding payment software, and the tamper-resistant two-dimensional code server constructs a corresponding payment request according to the identification information, and forwards the payment request to the payment Software corresponding payment server.
  • the tamper-resistant two-dimensional code server terminates the payment operation after receiving the client's confirmation command to cancel the payment.
  • the tamper-proof two-dimensional code server does not receive a confirmation instruction from the client within a predetermined time, for example, the client does not confirm or cancel, the payment is terminated.
  • the payer can scan the code to obtain the user ID stored in the server database.
  • the picture is compared with the user's logo picture in the payment code to improve the security of code scanning payment.
  • FIG. 3 is a schematic flowchart of a code scanning and verifying method provided in Embodiment 2 of the present application. As shown in FIG. 3, when the payer scans the payment code to pay the payee, the process shown in FIG. 3 can be performed:
  • step S31 the client scans the payment code, and sends a service request for the payment code to the tamper-resistant two-dimensional code server;
  • the client may be a payment software client such as WeChat, Alipay, or Shengfutong Wallet, and may also include other clients recognized or authorized by the corresponding tamper-resistant QR code issuing agency and capable of implementing the technical solution of the present application. .
  • the payment code is generated by the tamper-resistant two-dimensional code server according to the user identification of the payee; the generated two-dimensional code is combined with the user identification picture of the payee.
  • a tamper-proof QR code server When the payer wants to pay after shopping, he can open the client on his mobile phone, scan the payment code provided by the payee, and send a business request to the tamper-proof QR code server.
  • the service request is to request a tamper-resistant two-dimensional code server to perform validity check on the payment code. It may also be a payment request for the payment code.
  • a tamper-proof two-dimensional code server performs a validity check on the payment code, and payment is performed on the two-dimensional code after the verification is passed.
  • the client can parse the two-dimensional code in the payment code to obtain the user identification of the payee included therein as the user identification corresponding to the payment code, and according to the two-dimensional code containing
  • the link address to the tamper-resistant QR code server sends a business request to the tamper-resistant QR code server.
  • the service request includes the user identification corresponding to the scanned payment code for security verification by the tamper-resistant QR code server. Check.
  • the service request also includes a user identification picture in the payment code.
  • the tamper-resistant two-dimensional code server receives a service request for a payment code sent by a client, and finds a corresponding user identifier for security verification based on a user identity corresponding to the payment code included in the service request. Pictures; perform similarity judgment on the user identification picture in the payment code included in the service request and the user identification picture obtained for security verification.
  • the searched user identification picture for security verification is stored by the server in the database of the server after the server checks the user identification picture sent by the payee.
  • the step further comprises: the tamper-resistant two-dimensional code server first determines whether the corresponding user is a registered user of the tamper-resistant two-dimensional code payment system according to the user identity corresponding to the payment code included in the service request. Comparing the user identification picture in the payment code included in the service request with the user identification picture obtained for security verification; if not, sending a risk prompt message to the payer to prompt the payer to terminate the payment , Such as "The current payment code is not registered in the tamper-resistant QR code payment system.”
  • step S33 if the similarity between the user identification picture of the payee and the found user identification picture in the payment code included in the service request is higher than a preset threshold, the payment is continued; the tamper-resistant QR code server constructs the corresponding A payment request, and the payment request is forwarded to a payment server, and the payment server processes the payment request.
  • the service request sent by the client includes identification information of the corresponding payment software, and the tamper-resistant two-dimensional code server constructs a corresponding payment request according to the identification information, and forwards the payment request to the payment corresponding to the payment software.
  • the server executes step S35.
  • step S34 if the value is lower than the preset threshold, the tamper-resistant QR code server terminates the payment and sends a prompt message to the payer.
  • step S35 after receiving the payment request, the payment server guides the payer to complete the payment, performs settlement, and notifies the payee that the payment has been completed.
  • the user identification picture stored in the server database and the payment code can be stored in the server database by reviewing the user identification picture and binding the user identification picture.
  • the user's logo image is automatically compared and verified, which improves the security of code scanning payment.
  • FIG. 4 is a schematic flowchart of a code scanning verification method provided in Embodiment 2 of the present application. As shown in FIG. 4, when a payment is made to a payee, the process shown in FIG. 4 may be performed:
  • step S41 the client sends a service request for a payment code to the tamper-resistant two-dimensional code server;
  • the client may be a payment software client such as WeChat, Alipay, or Shengfutong Wallet, and may also include other clients recognized or authorized by the corresponding tamper-resistant QR code issuing agency and capable of implementing the technical solution of the present application. .
  • the payment code is generated by the tamper-resistant two-dimensional code server according to the user identification of the payee; the generated two-dimensional code is combined with the user identification picture of the payee.
  • the service request is to request a tamper-resistant two-dimensional code server to perform validity check on the payment code. It may also be a payment request for the payment code.
  • a tamper-proof two-dimensional code server performs a validity check on the payment code, and payment is performed on the two-dimensional code after the verification is passed.
  • an entrance of the tamper-resistant QR code server is preset in the client.
  • the camera of the mobile phone is called to capture the payment code provided by the payee and send a service request to the tamper-resistant QR code server.
  • the service request includes a user identification picture in the payment code, which is used by the tamper-resistant two-dimensional code server to identify the payment code and perform security verification.
  • the tamper-resistant two-dimensional code server receives the service request of the payment code sent by the client, decodes the user identification picture in the payment code included in the service request, and obtains the user corresponding to the payment code.
  • Identity identification finding a corresponding user identification picture for security verification based on a user identification corresponding to a payment code included in the service request; and searching for a user identification picture in the payment code included in the service request
  • the obtained user identification picture used for security verification is subjected to similarity judgment.
  • the searched user identification picture for security verification is stored by the server in the database of the server after the server checks the user identification picture sent by the payee.
  • the step further comprises: the tamper-resistant two-dimensional code server first determines whether the corresponding user is a registered user of the tamper-resistant two-dimensional code payment system according to the user identity corresponding to the payment code included in the service request. Comparing the user identification picture in the payment code included in the service request with the user identification picture obtained for security verification; if not, sending a risk prompt message to the payer to prompt the payer to terminate the payment , Such as "The current payment code is not registered in the tamper-resistant QR code payment system.”
  • step S43 if the similarity between the user identification picture of the payee and the found user identification picture in the payment code included in the service request is higher than a preset threshold, continue to pay; the tamper-resistant QR code server constructs the corresponding A payment request, and the payment request is forwarded to a payment server, and the payment server processes the payment request.
  • the service request sent by the client includes identification information of the corresponding payment software, and the tamper-resistant two-dimensional code server constructs a corresponding payment request according to the identification information, and forwards the payment request to the payment corresponding to the payment software.
  • the server executes step S45.
  • step S44 if the value is lower than the preset threshold, the tamper-resistant QR code server terminates the payment and sends a prompt message to the payer.
  • step S45 after receiving the payment request, the payment server guides the payer to complete the payment, performs settlement, and notifies the payee that the payment has been completed.
  • the user identification picture stored in the server database and the payment code can be stored in the server database by reviewing the user identification picture and binding the user identification picture.
  • the user's logo image is automatically compared and verified, which improves the security of code scanning payment.
  • FIG. 5 shows a block diagram of an exemplary computer system / server 012 suitable for use in implementing embodiments of the present invention.
  • the computer system / server 012 shown in FIG. 5 is only an example, and should not impose any limitation on the functions and scope of use of the embodiments of the present invention.
  • the computer system / server 012 is represented in the form of a general-purpose computing device.
  • the components of the computer system / server 012 may include, but are not limited to, one or more processors or processing units 016, a system memory 028, and a bus 018 connecting different system components (including the system memory 028 and the processing unit 016).
  • the bus 018 represents one or more of several types of bus structures, including a memory bus or a memory controller, a peripheral bus, a graphics acceleration port, a processor, or a local area bus using any of a variety of bus structures.
  • these architectures include, but are not limited to, the Industry Standard Architecture (ISA) bus, the Micro Channel Architecture (MAC) bus, the enhanced ISA bus, the Video Electronics Standards Association (VESA) local area bus, and peripheral component interconnects ( PCI) bus.
  • Computer system / server 012 typically includes a variety of computer system readable media. These media can be any available media that can be accessed by the computer system / server 012, including volatile and non-volatile media, removable and non-removable media.
  • System memory 028 may include computer system-readable media in the form of volatile memory, such as random access memory (RAM) 030 and / or cache memory 032.
  • the computer system / server 012 may further include other removable / non-removable, volatile / non-volatile computer system storage media.
  • the storage system 034 may be used to read and write non-removable, non-volatile magnetic media (not shown in FIG. 5 and is commonly referred to as a “hard drive”).
  • a disk drive for reading and writing to a removable non-volatile disk such as a "floppy disk”
  • a removable non-volatile optical disk such as a CD-ROM, DVD-ROM, etc.
  • each drive may be connected to the bus 018 through one or more data medium interfaces.
  • the memory 028 may include at least one program product having a set (eg, at least one) of program modules configured to perform functions of embodiments of the present invention.
  • a program / utility tool 040 having a set of (at least one) program module 042 may be stored in, for example, the memory 028.
  • Such a program module 042 includes-but is not limited to-an operating system, one or more applications, other programs Modules and program data, each or some combination of these examples may include implementations of the network environment.
  • the program module 042 generally performs functions and / or methods in the embodiments described in the present invention.
  • the computer system / server 012 may also communicate with one or more external devices 014 (such as a keyboard, pointing device, display 024, etc.).
  • the computer system / server 012 communicates with an external radar device, and may also communicate with one or more Multiple devices that enable a user to interact with the computer system / server 012, and / or with any device (such as a network card, modem, etc.) that enables the computer system / server 012 to communicate with one or more other computing devices Communication. This communication can be performed through an input / output (I / O) interface 022.
  • the computer system / server 012 can also communicate with one or more networks (such as a local area network (LAN), a wide area network (WAN), and / or a public network, such as the Internet) through the network adapter 020.
  • networks such as a local area network (LAN), a wide area network (WAN), and / or a public network, such as the Internet
  • the network adapter 020 communicates with other modules of the computer system / server 012 through the bus 018.
  • other hardware and / or software modules may be used in conjunction with the computer system / server 012, including but not limited to: microcode, device drivers, redundant processing units, external disk drive arrays, RAID systems , Tape drives, and data backup storage systems.
  • the processing unit 016 executes the functions and / or methods in the embodiment described by running a program stored in the system memory 028.
  • the above computer program may be set in a computer storage medium, that is, the computer storage medium is encoded with a computer program, and when the program is executed by one or more computers, the one or more computers are caused to execute the programs shown in the foregoing embodiments of the present invention.
  • Method flow and / or device operation may be set in a computer storage medium, that is, the computer storage medium is encoded with a computer program, and when the program is executed by one or more computers, the one or more computers are caused to execute the programs shown in the foregoing embodiments of the present invention.
  • the computer-readable medium may be a computer-readable signal medium or a computer-readable storage medium.
  • the computer-readable storage medium may be, for example, but not limited to, an electronic, magnetic, optical, electromagnetic, infrared, or semiconductor system, apparatus, or device, or any combination thereof.
  • a computer-readable storage medium may be any tangible medium that contains or stores a program that can be used by or in combination with an instruction execution system, apparatus, or device.
  • the computer-readable signal medium may include a data signal propagated in baseband or transmitted as part of a carrier wave, which carries a computer-readable program code. Such a propagated data signal may take a variety of forms, including, but not limited to, electromagnetic signals, optical signals, or any suitable combination of the foregoing.
  • the computer-readable signal medium may also be any computer-readable medium other than a computer-readable storage medium, and the computer-readable medium may send, propagate, or transmit a program for use by or in connection with an instruction execution system, apparatus, or device. .
  • Program code embodied on a computer-readable medium may be transmitted using any appropriate medium, including but not limited to wireless, wireline, optical fiber cable, RF, etc., or any suitable combination of the foregoing.
  • Computer program code for performing the operations of the present invention may be written in one or more programming languages, or combinations thereof, including programming languages such as Java, Smalltalk, C ++, and also conventional Procedural programming language—such as "C" or similar programming language.
  • the program code can be executed entirely on the user's computer, partly on the user's computer, as an independent software package, partly on the user's computer, partly on a remote computer, or entirely on a remote computer or server.
  • the remote computer can be connected to the user's computer through any kind of network, including a local area network (LAN) or wide area network (WAN), or it can be connected to an external computer (such as through the Internet using an Internet service provider) connection).
  • LAN local area network
  • WAN wide area network
  • Internet service provider an Internet service provider

Landscapes

  • Business, Economics & Management (AREA)
  • Engineering & Computer Science (AREA)
  • Accounting & Taxation (AREA)
  • Physics & Mathematics (AREA)
  • General Physics & Mathematics (AREA)
  • Theoretical Computer Science (AREA)
  • Strategic Management (AREA)
  • General Business, Economics & Management (AREA)
  • Finance (AREA)
  • Computer Security & Cryptography (AREA)
  • Computer Networks & Wireless Communication (AREA)
  • Financial Or Insurance-Related Operations Such As Payment And Settlement (AREA)

Abstract

A method for generating a payment receiving code at a tamper-proof barcode server end and a code-scanning security verification method. The method for generating a payment receiving code at a tamper-proof barcode server end comprises: receiving a payment receiving code generation request transmitted by a client, the payment receiving code generation request comprising a user identification of a corresponding user of the client; generating a barcode on the basis of the user identification (S12); and combining the generated barcode with a user identifying image of the corresponding user submitted by the client to produce a payment receiving code, thus facilitating the performing of a code-scanning security verification on the basis of the payment receiving code (S13). By reviewing the user identifying image and linking with the user identification, a user identifying image in a payment paying code can be verified against a user identifying image stored in a server database, thus increasing the security of a code-scanning payment.

Description

一种生成收款码的方法及扫码安全校验方法Method for generating receipt code and scanning code security verification method 【技术领域】[Technical Field]

本申请涉及互联网应用领域,尤其涉及一种收款码生成方法及扫码安全校验方法。This application relates to the field of Internet applications, and in particular, to a method for generating a payment code and a method for scanning code security verification.

【背景技术】【Background technique】

随着计算机技术的快速发展,人们的生活也依靠着技术发展越来越便利。例如,很多业务都开始使用扫码功能,通过扫一扫就可以得到相关的业务信息,执行对应的业务。以支付应用为例,扫码支付已经越来越广泛的应用在人们的日常生活中,用户在付款时,不需要使用现金,可以扫一扫收款方的静态收款码,就可以完成付款。With the rapid development of computer technology, people's lives also rely on technological development to become more and more convenient. For example, many businesses have begun to use the code scanning function. By scanning, you can get related business information and execute corresponding services. Taking payment applications as an example, scan code payment has become more and more widely used in people's daily life. When users pay, they do not need to use cash. They can scan the static payment code of the payee to complete the payment. .

静态收款码主要为商户向支付机构申请的粘贴于店铺前进行收款的二维码。目前比较常见的为支付宝或者微信官方提供的二维收款码,或者收钱吧等机构提供的一种集成类型的收款码,常见类型为白底黑色块的正方形。The static payment code is mainly a two-dimensional code applied by the merchant to the payment institution and posted in front of the store to receive money. At present, the two-dimensional payment code provided by Alipay or WeChat official, or an integrated type of payment code provided by institutions such as Money Bar, is usually a square with a black block on a white background.

目前发行的二维码虽然方便快捷,但是也存在安全隐患,由于人不识码,即使自己的二维码被替换掉也无法得知:Although the two-dimensional code currently issued is convenient and fast, it also has security risks. Because people do not recognize the code, even if their own two-dimensional code is replaced, it is impossible to know:

1、对于商户,二维码存在可以被篡改的风险,目前网络上经常爆出类似的事件,对商户造成严重的经济损失,并且往往追查困难。1. For merchants, there is a risk that the QR code can be tampered with. At present, similar incidents often occur on the Internet, causing serious economic losses to merchants, and often difficult to track down.

2、对于付款方,在某些密集区域,比较难以区别二维码的归属,并且由于部分不法分子的存在,可能会造成潜在的资金损失,扫码的安全性无法得到保证。2. For the payer, in some dense areas, it is difficult to distinguish the ownership of the QR code. Due to the existence of some criminals, potential loss of funds may be caused, and the security of code scanning cannot be guaranteed.

在扫码方式给用户带来便利的同时,如何保障扫码方式的安全性,也是一个亟需解决的问题。While the code scanning method brings convenience to users, how to ensure the security of the code scanning method is also an urgent problem to be solved.

【发明内容】[Summary of the Invention]

本申请的多个方面提供一种收款码生成方法及扫码安全校验方法,用于提高扫码安全性。Various aspects of the present application provide a method for generating a payment code and a method for scanning code security verification, which are used to improve scanning code security.

本申请的一方面,提供一种在防篡改二维码服务器端生成收款码的方法,包括:接收客户端发送的收款码生成请求;所述收款码生成请求包括客户端对应用户的用户身份标识;根据所述用户身份标识生成二维码;将所生成的二维码与客户端提交的对应用户的用户标识图片进行组合,得到收款码,以便基于所述收款码进行扫码安全校验。An aspect of the present application provides a method for generating a payment code on a tamper-resistant QR code server side, including: receiving a payment code generation request sent by a client; the payment code generation request includes Generating a two-dimensional code according to the user identification; combining the generated two-dimensional code with a user identification picture of a corresponding user submitted by the client to obtain a payment code for scanning based on the payment code Code security check.

本申请的一方面,提供一种扫码安全校验方法,包括:防篡改二维码服务器接收客户端发送的收款码的业务请求;其中,所述收款码是由防篡改二维码服务器根据收款方的用户身份标识生成二维码;将生成的所述二维码与收款方用户标识图片进行组合得到的;防篡改二维码服务器基于所述业务请求中包括的收款码对应的用户身份标识查找对应的用于安全校验的用户标识图片;防篡改二维码服务器将所述对应的用于安全校验的用户标识图片发送至所述客户端,以便基于所述用于安全校验的用户标识图片在客户端确定安全校验结果。An aspect of the present application provides a code scanning security verification method, including: a tamper-resistant two-dimensional code server receives a service request of a payment code sent by a client; wherein the payment code is a tamper-resistant two-dimensional code The server generates a two-dimensional code according to the user identity of the payee; it is obtained by combining the generated two-dimensional code with the picture of the user ID of the payee; the tamper-resistant two-dimensional code server is based on the payment received in the service request The user identity corresponding to the code to find the corresponding user identity picture for security verification; the tamper-resistant two-dimensional code server sends the corresponding user identity picture for security verification to the client, so as to be based on the The user identification picture used for security verification determines the security verification result on the client.

本申请的另一方面,提供一种扫码安全校验方法,包括:防篡改二维码服务器接收客户端发送的收款码的业务请求;其中,所述收款码是由防篡改二维码服务器根据收款方的用户身份标识生成二维码;将所生成的二维码与收款方用户标识图片进行组合得到的;防篡改二维码服务器基于业务请求中包括的收款码对应的用户身份标识查找对应的用于安全校验的用户标识图片;防篡改二维码服务器对业务请求中包括的收款码中的用户标识图片与查找得到的用于安全校验的用户标识图片进行相似性比对以确定安全校验结果。Another aspect of the present application provides a code scanning security verification method, which includes: a tamper-resistant two-dimensional code server receives a service request of a payment code sent by a client; wherein the payment code is two-dimensionally tamper-resistant The code server generates a two-dimensional code according to the user identification of the payee; it is obtained by combining the generated two-dimensional code with the picture of the user identification of the payee; the tamper-resistant two-dimensional code server corresponds to the payment code included in the service request User ID to find the corresponding user ID picture for security verification; anti-tampering QR code server to the user ID picture in the payment code included in the business request and the user ID picture found for security verification Perform a similarity comparison to determine the result of the security check.

本申请的另一方面,提供一种设备,所述设备包括:一个或多个处理器;存储装置,用于存储一个或多个程序,当所述一个或多个程序被所述一个或 多个处理器执行,使得所述一个或多个处理器实现任一上述的方法。According to another aspect of the present application, a device is provided. The device includes: one or more processors; a storage device configured to store one or more programs, and when the one or more programs are used by the one or more programs Each processor executes such that the one or more processors implement any of the above methods.

本申请的另一方面,提供一种计算机可读存储介质,其上存储有计算机程序,其特征在于,该程序被处理器执行时实现任一上述的方法。In another aspect of the present application, a computer-readable storage medium is provided, on which a computer program is stored, which is characterized in that when the program is executed by a processor, any one of the foregoing methods is implemented.

由所述技术方案可知,本申请实施例,通过在二维码中增加用户标识图片,使得用户可以通过所述标识图片来验证二维码是否安全,从而提高了扫码支付业务的安全性。It can be known from the technical solution that in the embodiment of the present application, the user identification picture is added to the two-dimensional code, so that the user can verify whether the two-dimensional code is safe through the identification picture, thereby improving the security of the scan code payment service.

【附图说明】[Brief Description of the Drawings]

为了更清楚地说明本申请实施例中的技术方案,下面将对实施例或现有技术描述中所需要使用的附图作一简单地介绍,显而易见地,下面描述中的附图是本申请的一些实施例,对于本领域普通技术人员来讲,在不付出创造性劳动性的前提下,还可以根据这些附图获得其他的附图。In order to explain the technical solutions in the embodiments of the present application more clearly, the drawings used in the embodiments or the description of the prior art will be briefly introduced below. Obviously, the drawings in the following description are the ones of the present application. For some embodiments, for those of ordinary skill in the art, other drawings may be obtained based on these drawings without paying creative labor.

图1为本申请实施例一提供的一种在防篡改二维码服务器端生成收款码的方法的流程示意图;FIG. 1 is a schematic flowchart of a method for generating a payment code on a tamper-proof two-dimensional code server according to Embodiment 1 of the present application; FIG.

图2为本申请实施例二提供的一种扫码校验方法的流程示意图;2 is a schematic flowchart of a code scanning and verifying method provided in Embodiment 2 of the present application;

图3为本申请实施例二提供的一种扫码校验方法的流程示意图;3 is a schematic flowchart of a code scanning and verifying method provided in Embodiment 2 of the present application;

图4为本申请实施例二提供的一种扫码校验方法的流程示意图;4 is a schematic flowchart of a code scanning and verifying method provided in Embodiment 2 of the present application;

图5为适于用来实现本发明实施例的示例性计算机系统/服务器的框图。FIG. 5 is a block diagram of an exemplary computer system / server suitable for use in implementing embodiments of the present invention.

【具体实施方式】【detailed description】

为使本申请实施例的目的、技术方案和优点更加清楚,下面将结合本申请实施例中的附图,对本申请的一些实施例中的技术方案进行清楚、完整地描述,显然,所描述的实施例是本申请一部分实施例,而不是全部的实施例。基于本申请中的实施例,本领域普通技术人员在没有作出创造性劳动前提下所获得的全部其他实施例,都属于本申请保护的范围。In order to make the objectives, technical solutions, and advantages of the embodiments of the application clearer, the technical solutions in some embodiments of the application will be clearly and completely described below with reference to the accompanying drawings in the embodiments of the application. Obviously, the described The examples are a part of the examples of this application, but not all the examples. Based on the embodiments in the present application, all other embodiments obtained by a person of ordinary skill in the art without creative efforts shall fall within the protection scope of the present application.

另外,本文中术语“和/或”,仅仅是一种描述关联对象的关联关系,表 示可以存在三种关系,例如,A和/或B,可以表示:单独存在A,同时存在A和B,单独存在B这三种情况。另外,本文中字符“/”,一般表示前后关联对象是一种“或”的关系。In addition, the term "and / or" in this article is only an association relationship describing the associated object, which means that there can be three kinds of relationships, for example, A and / or B can mean: A exists alone, and A and B exist simultaneously, There are three cases of B alone. In addition, the character "/" in this text generally indicates that the related objects are an "or" relationship.

图1为本申请实施例提供的一种在防篡改二维码服务器端生成收款码的方法的流程示意图,如图1所示,包括:FIG. 1 is a schematic flowchart of a method for generating a payment code on a tamper-proof two-dimensional code server according to an embodiment of the present application. As shown in FIG. 1, the method includes:

在本实施例的一种优选实现方式中,收款方需要事先向防篡改二维码服务器注册,注册成功后防篡改二维码服务器为其分配用于识别该用户的用户身份标识。只有注册成功后的收款方用户才能请求防篡改二维码服务器为其生成收款码。In a preferred implementation of this embodiment, the payee needs to register with the tamper-resistant QR code server in advance, and after the registration is successful, the tamper-resistant QR code server allocates a user identity for identifying the user. Only registered payee users can request the tamper-resistant QR code server to generate a payment code for them.

优选地,收款方通过客户端向防篡改二维码服务器发送注册请求,由防篡改二维码服务器基于所述注册请求,为收款方分配用户身份标识。Preferably, the payee sends a registration request to the tamper-resistant two-dimensional code server through the client, and the tamper-resistant two-dimensional code server allocates a user identity to the payee based on the registration request.

收款方在移动终端上打开客户端或打开防篡改二维码服务器对应的网页,在用户注册界面上进行注册,例如输入用户名和密码进行注册,也可以通过填写手机号码,接收防篡改二维码发码机构发送的验证短信后进行验证来注册。The payee opens the client on the mobile terminal or opens the web page corresponding to the tamper-proof QR code server, and performs registration on the user registration interface, such as entering a user name and password for registration, or receiving a tamper-resistant 2D by filling in a mobile phone number After the verification message sent by the code issuing organization is verified, it is verified to register.

防篡改二维码服务器为收款方分配用户身份标识,并向收款方发送注册成功提示消息,提示用户注册成功。The tamper-resistant QR code server assigns a user identification to the payee, and sends a successful registration notification message to the payee, prompting the user to register successfully.

所述用户身份标识可以标识收款方身份,并用来确定收款方上传的资质证明文件、用户标识图片等。The user identity can identify the identity of the payee, and is used to determine the qualification certificate file, user ID picture, etc. uploaded by the payee.

在本实施例的一种优选实现方式中,收款方需要事先上传资质证明文件到防篡改二维码服务器,以便防篡改二维码服务器对所述资质证明文件进行审核。In a preferred implementation manner of this embodiment, the payee needs to upload a qualification certificate file to the tamper-resistant QR code server in advance, so that the tamper-resistant QR code server reviews the qualification certificate file.

优选地,收款方注册成功后,向防篡改二维码服务器提交用户资质证明;防篡改二维码服务器对所述用户资质证明信息进行审核,将审核通过的所述资质证明信息与所述用户身份标识进行匹配,其中,存在唯一有效用户身份标识与所述资质证明信息相匹配。Preferably, after the payee is successfully registered, the user qualification certificate is submitted to the tamper-proof two-dimensional code server; the tamper-proof two-dimensional code server reviews the user qualification certificate information, and passes the verified certification information to the The user identity is matched, where a unique valid user identity exists to match the qualification certification information.

优选地,收款方可以点击客户端或对应的网页中的上传资质证明文件选 项,向防篡改二维码服务器上传用户选择的资质证明文件,例如身份证、营业执照等;接收防篡改二维码服务器返回的资质证明文件审核成功消息。Preferably, the payee can click the upload qualification certificate file option in the client or the corresponding webpage, and upload the qualification certificate file selected by the user to the tamper-proof QR code server, such as an ID card, business license, etc .; The certificate verification success message returned by the code server.

所述资质证明文件可以证明收款方的身份,提高支付的安全性。通过对收款方的资质证明文件进行审核,可以确保收款方的身份,防止他人盗用收款方身份,提高了支付的安全性。The qualification certificate can prove the identity of the payee and improve the security of payment. By reviewing the qualification certification documents of the payee, the identity of the payee can be ensured, preventing others from embezzling the payee's identity, and improving the security of the payment.

本实施例中的客户端可以是防篡改二维码发码机构提供的客户端,还可以包括其他被对应的防篡改二维码发码机构承认或授权的、可以实现本申请技术方案的其他客户端。服务器可以是防篡改二维码服务器。The client in this embodiment may be a client provided by a tamper-resistant QR code issuing mechanism, and may also include other recognized or authorized by the corresponding tamper-resistant QR code issuing mechanism, which may implement other technical solutions of this application. Client. The server may be a tamper-resistant QR code server.

所述防篡改二维码服务器用于为收款方提供包含收款方的用户标识图片的收款码,并在扫描支付时将存储在服务器数据库中的用户标识图片提供给付款方与收款码中的用户标识图片进行对比校验,防止收款码被篡改,以提高扫码支付的安全性。The tamper-resistant two-dimensional code server is used to provide a payee with a payee code including a user identification picture of the payee, and provide the payee and the payee with the user ID picture stored in the server database when scanning for payment. The user identification picture in the code is compared and checked to prevent the receipt code from being tampered with, so as to improve the security of code scanning payment.

在本实施例的一个优选实施例中,防篡改二维码发码机构与支付机构可以为同一机构,即防篡改二维码发码机构提供的客户端为客户端,防篡改二维码服务器与支付服务器为同一服务器。In a preferred embodiment of this embodiment, the tamper-resistant QR code issuing mechanism and the payment institution may be the same institution, that is, the client provided by the tamper-resistant QR code issuing mechanism is a client, and the tamper-resistant QR server is provided. The same server as the payment server.

在本实施例的另一个优选实施例中,防篡改二维码发码机构与支付机构可以为不同机构,由支付机构调用防篡改二维码发码机构的服务。In another preferred embodiment of this embodiment, the tamper-resistant QR code issuing mechanism and the payment institution may be different agencies, and the payment institution invokes the service of the tamper-resistant QR code issuing mechanism.

在步骤S11中,客户端向防篡改二维码服务器发送收款码生成请求;所述收款码生成请求包括客户端对应用户的用户身份标识;In step S11, the client sends a payment code generation request to the tamper-resistant two-dimensional code server; the payment code generation request includes a user identity of the user corresponding to the client;

优选地,收款方可以点击客户端中的生成收款码选项,触发客户端向服务器发送收款码生成请求,以请求服务器为该收款方生成一个对应的收款码。Preferably, the payee may click the generate a pay code option in the client to trigger the client to send a pay code generation request to the server to request the server to generate a corresponding pay code for the payee.

在步骤S12中,防篡改二维码服务器接收客户端发送的收款码生成请求;根据所述用户身份标识生成二维码。In step S12, the tamper-resistant two-dimensional code server receives a payment code generation request sent by the client; and generates a two-dimensional code according to the user identity.

本步骤可以采用常规的二维码生成逻辑,不再赘述。所述二维码包含收款方的用户身份标识。所述二维码还可以包含指向防篡改二维码服务器的链接地址。This step can use conventional two-dimensional code generation logic, which will not be repeated here. The two-dimensional code includes the user identification of the payee. The two-dimensional code may further include a link address to a tamper-resistant two-dimensional code server.

在步骤S13中,防篡改二维码服务器将所生成的二维码与客户端提交的对应用户的用户标识图片进行组合,得到收款码,以便基于所述收款码进行扫码安全校验。In step S13, the tamper-resistant two-dimensional code server combines the generated two-dimensional code with the user identification picture of the corresponding user submitted by the client to obtain a payment code, so as to perform code scanning security verification based on the payment code. .

优选地,所述用户标识图片可以是用户的肖像、logo或者其他任何可以标识用户身份的标识图片。Preferably, the user identification picture may be a user's portrait, logo, or any other identification picture that can identify the user.

在本实施例的一种优选实现方式中,所述收款码生成请求中包括用户标识图片。In a preferred implementation manner of this embodiment, the collection code generation request includes a user identification picture.

在本实施例的另一种优选实现方式中,客户端将所述用户标识图片事先上传到防篡改二维码服务器,以便防篡改二维码服务器对所述用户标识图片进行审核。防篡改二维码服务器根据所述收款码生成请求中包括的用户的身份标识,查找对应的用户标识图片。通过事先上传用户标识图片,可以提高收款码生成的成功速度。In another preferred implementation manner of this embodiment, the client uploads the user identification picture to a tamper-resistant two-dimensional code server in advance, so that the tamper-resistant two-dimensional code server audits the user identification picture. The tamper-resistant two-dimensional code server searches for a corresponding user identification picture according to the identity of the user included in the collection code generation request. By uploading the user logo picture in advance, the success rate of generating the payment code can be improved.

优选地,收款方可以点击客户端中的上传用户标识图片选项,向服务器上传所选择的用户标识图片;接收服务器返回的用户标识图片审核成功消息。Preferably, the payee can click the upload user logo picture option in the client to upload the selected user logo picture to the server; and receive the user logo picture review success message returned by the server.

优选地,防篡改二维码服务器对收款方上传的用户标识图片通过图像识别技术进行审核,以便确定所上传的用户标识图片是否与提交者本人或其营业执照相符。例如,若所述用户标识图片为用户肖像,则判断所述用户肖像与用户身份证是否相符;若所述用户标识图片为logo,则判断所述logo与营业执照是否相符。Preferably, the tamper-resistant two-dimensional code server audits the user identification picture uploaded by the payee through image recognition technology, so as to determine whether the uploaded user identification picture is identical to the submitter himself or his business license. For example, if the user identification picture is a user portrait, determine whether the user portrait matches a user ID; if the user identification picture is a logo, determine whether the logo matches a business license.

优选地,防篡改二维码服务器还可以对收款方上传的用户标识图片进行形式审核。例如,对用户标识图片的格式、尺寸、分辨率等进行自动审核;对用户标识图片是否违反法律或社会道德进行自动或人工审核等。Preferably, the tamper-resistant two-dimensional code server may also perform a form review on the user identification picture uploaded by the payee. For example, the format, size, and resolution of user logo pictures are automatically audited; whether the user logo pictures violate laws or social ethics is automatically or manually audited.

审核通过后,防篡改二维码服务器将所述审核通过的用户标识图片存储在服务器的数据库中,并向收款方发出用户标识图片审核成功的提示信息。在数据库中存储的所述用户标识图片以对应的用户身份标识确定。After the verification is passed, the tamper-resistant QR code server stores the approved user identification picture in the server's database, and sends a prompt message to the payee that the user identification picture is successfully audited. The user identification picture stored in the database is determined by the corresponding user identification.

如果审核不通过,防篡改二维码服务器向收款方发出用户标识图片审核失败的提示信息,提示收款方重新上传用户标识图片。If the verification fails, the tamper-proof QR code server sends a prompt message to the payee that the user logo picture fails to be reviewed, prompting the payee to re-upload the user logo picture.

所述用户标识图片用于作为二维码的背景图片并与二维码进行组合作为收款码,当付款方扫描收款码向收款方付款时,防篡改二维码服务器首先根据收款码对应的用户身份标识在服务器的数据库中查找对应的用户标识图片并发送给客户端,以显示给付款方,供付款方与其扫描的收款码中的背景图片进行对比校验;如果否,向付款方发送风险提示信息,提示付款方终止支付,例如“当前收款码未在防篡改二维码支付系统中进行注册”。The user identification picture is used as the background picture of the two-dimensional code and combined with the two-dimensional code as the payment code. When the payer scans the payment code to pay the receiver, the tamper-proof two-dimensional code server firstly The user ID corresponding to the code looks up the corresponding user ID picture in the database of the server and sends it to the client for display to the payer for the payer to compare with the background picture in the payment code scanned by the payer; if not, Send a risk reminder message to the payer, prompting the payer to terminate the payment, for example, "the current payment code is not registered in the tamper-resistant QR code payment system".

优选地,将所述用户标识图片进行淡化处理;将所述淡化后的用户标识图片作为二维码的背景图片并与二维码进行组合。所述淡化标准为能够正常扫描并识别生成的收款码中的二维码,只要不影响该二维码容错纠错性能即可。基于二维码的纠错功能,即使部分被覆盖或丢失,仍能够扫描并识别出其中的二维码。Preferably, the user identification picture is faded out; the diluted user identification picture is used as the background picture of the two-dimensional code and combined with the two-dimensional code. The fading standard is that the two-dimensional code in the generated payment code can be scanned and identified normally, as long as the two-dimensional code's error tolerance and correction performance is not affected. Based on the two-dimensional code's error correction function, even if some parts are covered or lost, the two-dimensional code can still be scanned and identified.

优选地,将所述用户标识图片显示在二维码的周边区域。Preferably, the user identification picture is displayed in a peripheral area of the two-dimensional code.

优选地,在扫码支付场景中,基于所述收款码进行扫码安全校验。Preferably, in a code scanning payment scenario, a code scanning security check is performed based on the payment code.

所述收款码对应的用户身份标识用于供防篡改二维码服务器查找对应的用于安全校验的用户标识图片;以便基于所述收款码对应的用户标识图片在客户端确定安全校验结果;或,由防篡改二维码服务器对业务请求中包括的收款码的图像与查找得到的用于安全校验的用户标识图片进行相似性比对以确定安全校验结果。The user identification corresponding to the payment code is used for the tamper-resistant two-dimensional code server to find the corresponding user identification picture for security verification; in order to determine the security calibration on the client based on the user identification picture corresponding to the payment code Or, the tamper-proof two-dimensional code server performs a similarity comparison between the image of the payment code included in the service request and the user identification picture obtained for security verification to determine the security verification result.

在步骤S14中,防篡改二维码服务器将生成的收款码发送给客户端。In step S14, the tamper-resistant two-dimensional code server sends the generated payment code to the client.

优选地,所述收款码为图片格式,可以由客户端进行显示并打印;或,所述收款码可以由服务器打印并提供给收款方。Preferably, the payment code is in a picture format and can be displayed and printed by the client; or, the payment code can be printed by the server and provided to the payee.

客户端可以显示所述收款码,由付款方扫描该收款码向收款方付款。收款方也可以将该收款码打印并张贴,供付款方扫描该收款码进行付款。The client may display the payment code, and the payer scans the payment code to pay the payee. The payee can also print and post the payment code for the payer to scan the payment code for payment.

与其他现有收款码中的用户头像信息不同,本实施例中通过对所述用户标识图片的审核以及与用户身份标识的绑定,将所述用户标识图片存储在服务器中,以便付款方扫码时根据服务器数据库中存储的用户标识图片与付款码中的用户标识图片进行对比校验,提高了扫码支付的安全性。Different from the user avatar information in other existing payment codes, in this embodiment, the user identity picture is stored in the server by reviewing the user identity picture and binding the user identity picture to the payer When scanning the code, the user ID picture stored in the server database and the user ID picture in the payment code are compared and verified, which improves the security of code scanning payment.

图2为本申请实施例二提供的一种扫码校验方法的流程示意图,如图2所示,当付款方扫描收款码向收款方付款时,可以执行图2所示流程:FIG. 2 is a schematic flowchart of a code scanning and verifying method provided in Embodiment 2 of the present application. As shown in FIG. 2, when the payer scans the payment code to pay the payee, the process shown in FIG. 2 may be performed:

在步骤S21中,客户端对收款码进行扫码,向防篡改二维码服务器发送收款码的业务请求;In step S21, the client scans the payment code, and sends a service request for the payment code to the tamper-resistant two-dimensional code server;

所述客户端可以是微信、支付宝、盛付通钱包等支付软件客户端,还可以包括其他被对应的防篡改二维码发码机构承认或授权的、可以实现本申请技术方案的其他客户端。The client may be a payment software client such as WeChat, Alipay, or Shengfutong Wallet, and may also include other clients recognized or authorized by the corresponding tamper-resistant QR code issuing agency and capable of implementing the technical solution of the present application. .

所述收款码是由防篡改二维码服务器根据收款方的用户身份标识生成二维码;将生成的所述二维码与收款方用户标识图片进行组合得到的。The payment code is generated by the tamper-resistant two-dimensional code server according to the user identification of the payee; the generated two-dimensional code is combined with the user identification picture of the payee.

付款方在购物结束要向收款方进行付款时,可以打开自己手机上的客户端,扫描收款方提供的收款码,向防篡改二维码服务器发送业务请求。所述业务请求为请求防篡改二维码服务器对所述收款码进行有效性校验。也可以是针对所述收款码的支付请求,首先由防篡改二维码服务器对所述收款码进行有效性校验,校验通过后针对所述二维码进行支付。When the payer wants to make a payment to the payee after the purchase, he can open the client on his mobile phone, scan the payment code provided by the payee, and send a business request to the tamper-proof QR code server. The service request is to request a tamper-resistant two-dimensional code server to perform validity check on the payment code. It may also be a payment request for the payment code. First, a tamper-proof two-dimensional code server performs a validity check on the payment code, and payment is performed on the two-dimensional code after the verification is passed.

优选地,客户端可以在扫描收款码后,解析收款码中的二维码,得到其中包含的收款方的用户身份标识作为收款码对应的用户身份标识,并根据二维码中包含的指向防篡改二维码服务器的链接地址将业务请求发送至防篡改二维码服务器,所述业务请求包括扫描得到收款码对应的的用户身份标识,供防篡改二维码服务器进行安全校验。Preferably, after scanning the payment code, the client can parse the two-dimensional code in the payment code to obtain the user identification of the payee included therein as the user identification corresponding to the payment code, and according to the two-dimensional code, The included link address to the tamper-resistant QR code server sends a business request to the tamper-resistant QR code server. The service request includes scanning to obtain the user identity corresponding to the payment code for security of the tamper-resistant QR code server. check.

在步骤S22中,防篡改二维码服务器接收客户端发送的收款码的业务请求,基于所述业务请求中包括的收款码对应的用户身份标识查找对应的用于安全校验的用户标识图片。In step S22, the tamper-resistant two-dimensional code server receives a service request for a payment code sent by a client, and finds a corresponding user identifier for security verification based on a user identity corresponding to the payment code included in the service request. image.

优选地,所述步骤还包括:防篡改二维码服务器首先根据所述业务请求中包括的收款码对应的用户身份标识确定对应用户是否为防篡改二维码支付系统的注册用户,如果是,根据所述业务请求中包括的收款码对应的用户身份标识在服务器的数据库中查找对应的用于安全校验的用户标识图片并发送给客户 端,以显示给付款方,供付款方与其扫描的收款码中的用户标识图片进行对比校验;如果否,向付款方发送风险提示信息,提示付款方终止支付,例如“当前收款码未在防篡改二维码支付系统中进行注册”。其中,所述对应的用于安全校验的用户标识图片是服务器对收款方发送的用户标识图片进行审核后,将审核通过的用户标识图片存储在服务器的数据库中的。Preferably, the step further comprises: the tamper-resistant two-dimensional code server first determines whether the corresponding user is a registered user of the tamper-resistant two-dimensional code payment system according to the user identity corresponding to the payment code included in the service request. Find the corresponding user identification picture for security verification in the database of the server according to the user identity corresponding to the payment code included in the service request and send it to the client for display to the payer for the payer and his The scanned image of the user's logo in the scanned payment code is used for comparison verification; if not, a risk alert message is sent to the payer to prompt the payer to terminate the payment, for example, "The current payment code is not registered in the tamper-proof QR code payment system ". Wherein, the corresponding user identification picture for security verification is stored by the server in the database of the server after the server checks the user identification picture sent by the payee.

在步骤S23中,防篡改二维码服务器将所述用户标识图片发送给客户端,以在客户端的支付界面中显示给付款方,提示付款方将支付界面中显示的用户标识图片与其扫描的收款码中的用户标识图片进行对比。In step S23, the tamper-resistant QR code server sends the user identification picture to the client for display to the payer in the client's payment interface, prompting the payer to send the user identification picture displayed in the payment interface and its scanned receipt. Compare the user logo pictures in the code.

在步骤S24中,若客户端的支付界面中显示的用户标识图片与扫描的收款码中的背景图片相同,则付款方可以确认继续支付;若不同,则付款方可以终止支付并告知收款方。In step S24, if the user identification picture displayed in the payment interface of the client is the same as the background picture in the scanned payment code, the payer can confirm to continue the payment; if they are different, the payer can terminate the payment and inform the payee .

优选地,付款方可以点击支付界面上的“确认”按钮,继续支付;也可以点击支付界面上的“取消”按钮,取消支付。Preferably, the payer can click the "Confirm" button on the payment interface to continue the payment; or click the "Cancel" button on the payment interface to cancel the payment.

在步骤S25中,防篡改二维码服务器接收到付款方继续支付的确认命令后,构建相应的支付请求,并将所述支付请求转发至支付服务器,由支付服务器处理所述支付请求。In step S25, after the tamper-resistant QR code server receives a confirmation order from the payer to continue the payment, it constructs a corresponding payment request, and forwards the payment request to the payment server, and the payment server processes the payment request.

优选地,客户端发送的收款码的业务请求中包括了相应支付软件的标识信息,防篡改二维码服务器根据所述标识信息,构建相应的支付请求,并将所述支付请求转发至支付软件对应的支付服务器。Preferably, the service request of the payment code sent by the client includes identification information of the corresponding payment software, and the tamper-resistant two-dimensional code server constructs a corresponding payment request according to the identification information, and forwards the payment request to the payment Software corresponding payment server.

优选地,防篡改二维码服务器接收到付款方取消支付的确认命令后,终止支付操作。Preferably, the tamper-resistant two-dimensional code server terminates the payment operation after receiving the confirmation order from the payer to cancel the payment.

优选地,若防篡改二维码服务器在预定时间内未接收到用户的确认指令,例如,用户未进行确认,也未进行取消,则终止支付。Preferably, if the tamper-proof two-dimensional code server does not receive the user's confirmation instruction within a predetermined time, for example, the user has not confirmed or cancelled, the payment is terminated.

在步骤S26中,支付服务器接收到所述支付请求后,引导付款方完成付款,进行结算并通知收款方支付已完成。In step S26, after receiving the payment request, the payment server guides the payer to complete the payment, performs settlement, and notifies the payee that the payment has been completed.

优选地,在本发明的另一种优选实施例中,Preferably, in another preferred embodiment of the present invention,

防篡改二维码服务器首先根据所述业务请求中包括的收款码对应的用户身 份标识确定对应用户是否为防篡改二维码支付系统的注册用户,如果是,根据所述业务请求中包括的收款码对应的用户身份标识在服务器的数据库中查找对应的用于安全校验的用户标识图片并发送给客户端,由客户端将所述对应的用于安全校验的用户标识图片与其扫描的收款码中的用户标识图片进行对比校验;如果否,向付款方发送风险提示信息,提示付款方终止支付,例如“当前收款码未在防篡改二维码支付系统中进行注册”。其中,所述对应的用于安全校验的用户标识图片是服务器对收款方发送的用户标识图片进行审核后,将审核通过的用户标识图片存储在服务器的数据库中的。The tamper-resistant two-dimensional code server first determines whether the corresponding user is a registered user of the tamper-resistant two-dimensional code payment system according to the user identity corresponding to the payment code included in the service request. If so, according to the service request The user identification corresponding to the payment code finds the corresponding user identification picture for security verification in the server database and sends it to the client, and the client scans the corresponding user identification picture for security verification and scans it The user's logo picture in the payment code is compared and verified; if not, send a risk reminder message to the payer to prompt the payer to terminate the payment, for example, "the current payment code is not registered in the tamper-proof QR code payment system" . Wherein, the corresponding user identification picture for security verification is stored by the server in the database of the server after the server checks the user identification picture sent by the payee.

客户端将所述对应的用于安全校验的用户标识图片与其扫描的收款码中的用户标识图片进行对比校验,根据校验结果向防篡改二维码服务器发送对比结果一致的确认命令,以继续支付;或,发送对比结果不一致的确认命令,以终止支付;或,不发送确认命令,以终止支付。The client compares the corresponding user identification picture for security verification with the user identification picture in the payment code scanned by the client, and sends a confirmation command that the comparison result is consistent to the tamper-proof two-dimensional code server according to the verification result. To continue the payment; or, to send a confirmation command with inconsistent results to terminate the payment; or, to not send a confirmation command to terminate the payment.

防篡改二维码服务器接收到客户端发送的继续支付的确认命令后,构建相应的支付请求,并将所述支付请求转发至支付服务器,由支付服务器处理所述支付请求。After the tamper-resistant two-dimensional code server receives the confirmation command for continued payment sent by the client, it constructs a corresponding payment request, and forwards the payment request to the payment server, and the payment server processes the payment request.

优选地,客户端发送的收款码的业务请求中包括了相应支付软件的标识信息,防篡改二维码服务器根据所述标识信息,构建相应的支付请求,并将所述支付请求转发至支付软件对应的支付服务器。Preferably, the service request of the payment code sent by the client includes identification information of the corresponding payment software, and the tamper-resistant two-dimensional code server constructs a corresponding payment request according to the identification information, and forwards the payment request to the payment Software corresponding payment server.

优选地,防篡改二维码服务器接收到客户端取消支付的确认命令后,终止支付操作。优选地,若防篡改二维码服务器在预定时间内未接收到客户端的确认指令,例如,客户端未进行确认,也未进行取消,则终止支付。Preferably, the tamper-resistant two-dimensional code server terminates the payment operation after receiving the client's confirmation command to cancel the payment. Preferably, if the tamper-proof two-dimensional code server does not receive a confirmation instruction from the client within a predetermined time, for example, the client does not confirm or cancel, the payment is terminated.

与其他现有收款码中的用户头像信息不同,本实施例中通过对所述用户标识图片的审核以及与用户身份标识的绑定,可以使付款方扫码得到服务器数据库中存储的用户标识图片,与付款码中的用户标识图片进行对比校验,提高了扫码支付的安全性。Different from the user avatar information in other existing payment codes, in this embodiment, by reviewing the user ID picture and binding the user ID, the payer can scan the code to obtain the user ID stored in the server database. The picture is compared with the user's logo picture in the payment code to improve the security of code scanning payment.

图3为本申请实施例二提供的一种扫码校验方法的流程示意图,如图3 所示,当付款方扫描收款码向收款方付款时,可以执行图3所示流程:FIG. 3 is a schematic flowchart of a code scanning and verifying method provided in Embodiment 2 of the present application. As shown in FIG. 3, when the payer scans the payment code to pay the payee, the process shown in FIG. 3 can be performed:

在步骤S31中,客户端对收款码进行扫码,向防篡改二维码服务器发送收款码的业务请求;In step S31, the client scans the payment code, and sends a service request for the payment code to the tamper-resistant two-dimensional code server;

所述客户端可以是微信、支付宝、盛付通钱包等支付软件客户端,还可以包括其他被对应的防篡改二维码发码机构承认或授权的、可以实现本申请技术方案的其他客户端。The client may be a payment software client such as WeChat, Alipay, or Shengfutong Wallet, and may also include other clients recognized or authorized by the corresponding tamper-resistant QR code issuing agency and capable of implementing the technical solution of the present application. .

所述收款码是由防篡改二维码服务器根据收款方的用户身份标识生成二维码;将生成的所述二维码与收款方用户标识图片进行组合得到的。The payment code is generated by the tamper-resistant two-dimensional code server according to the user identification of the payee; the generated two-dimensional code is combined with the user identification picture of the payee.

付款方在购物结束要付款时,可以打开自己手机上的客户端,扫描收款方提供的收款码,向防篡改二维码服务器发送业务请求。所述业务请求为请求防篡改二维码服务器对所述收款码进行有效性校验。也可以是针对所述收款码的支付请求,首先由防篡改二维码服务器对所述收款码进行有效性校验,校验通过后针对所述二维码进行支付。When the payer wants to pay after shopping, he can open the client on his mobile phone, scan the payment code provided by the payee, and send a business request to the tamper-proof QR code server. The service request is to request a tamper-resistant two-dimensional code server to perform validity check on the payment code. It may also be a payment request for the payment code. First, a tamper-proof two-dimensional code server performs a validity check on the payment code, and payment is performed on the two-dimensional code after the verification is passed.

优选地,客户端可以在扫描收款码后,解析收款码中的二维码得到其中包含的收款方的用户身份标识作为收款码对应的用户身份标识,并根据二维码中包含的指向防篡改二维码服务器的链接地址将业务请求发送至防篡改二维码服务器,所述业务请求包括扫描得到的收款码对应的用户身份标识,供防篡改二维码服务器进行安全校验。所述业务请求还包括收款码中的用户标识图片。Preferably, after scanning the payment code, the client can parse the two-dimensional code in the payment code to obtain the user identification of the payee included therein as the user identification corresponding to the payment code, and according to the two-dimensional code containing The link address to the tamper-resistant QR code server sends a business request to the tamper-resistant QR code server. The service request includes the user identification corresponding to the scanned payment code for security verification by the tamper-resistant QR code server. Check. The service request also includes a user identification picture in the payment code.

在步骤S32中,防篡改二维码服务器接收客户端发送的收款码的业务请求,基于所述业务请求中包括的收款码对应的用户身份标识查找对应的用于安全校验的用户标识图片;对所述业务请求中包括的收款码中的用户标识图片与查找得到的用于安全校验的用户标识图片进行相似性判断。其中,所述查找得到的用于安全校验的用户标识图片是服务器对收款方发送的用户标识图片进行审核后,将审核通过的用户标识图片存储在服务器的数据库中的。In step S32, the tamper-resistant two-dimensional code server receives a service request for a payment code sent by a client, and finds a corresponding user identifier for security verification based on a user identity corresponding to the payment code included in the service request. Pictures; perform similarity judgment on the user identification picture in the payment code included in the service request and the user identification picture obtained for security verification. Wherein, the searched user identification picture for security verification is stored by the server in the database of the server after the server checks the user identification picture sent by the payee.

优选地,所述步骤还包括:防篡改二维码服务器首先根据所述业务请求中包括的收款码对应的用户身份标识确定对应用户是否为防篡改二维码支付系统的注册用户,如果是,所述业务请求中包括的收款码中的用户标识图片与查找 得到的用于安全校验用户标识图片进行相似性比对;如果否,向付款方发送风险提示信息,提示付款方终止支付,例如“当前收款码未在防篡改二维码支付系统中进行注册”。Preferably, the step further comprises: the tamper-resistant two-dimensional code server first determines whether the corresponding user is a registered user of the tamper-resistant two-dimensional code payment system according to the user identity corresponding to the payment code included in the service request. Comparing the user identification picture in the payment code included in the service request with the user identification picture obtained for security verification; if not, sending a risk prompt message to the payer to prompt the payer to terminate the payment , Such as "The current payment code is not registered in the tamper-resistant QR code payment system."

在步骤S33中,若业务请求中包括的收款码中的收款方用户标识图片与查找得到的用户标识图片的相似度高于预设阈值,继续支付;防篡改二维码服务器构建相应的支付请求,并将所述支付请求转发至支付服务器,由支付服务器处理所述支付请求。In step S33, if the similarity between the user identification picture of the payee and the found user identification picture in the payment code included in the service request is higher than a preset threshold, the payment is continued; the tamper-resistant QR code server constructs the corresponding A payment request, and the payment request is forwarded to a payment server, and the payment server processes the payment request.

优选地,客户端发送的业务请求中包括了相应支付软件的标识信息,防篡改二维码服务器根据所述标识信息,构建相应的支付请求,并将所述支付请求转发至支付软件对应的支付服务器,执行步骤S35。Preferably, the service request sent by the client includes identification information of the corresponding payment software, and the tamper-resistant two-dimensional code server constructs a corresponding payment request according to the identification information, and forwards the payment request to the payment corresponding to the payment software. The server executes step S35.

在步骤S34中,若低于预设阈值,则防篡改二维码服务器终止支付,向付款方发送提示消息。In step S34, if the value is lower than the preset threshold, the tamper-resistant QR code server terminates the payment and sends a prompt message to the payer.

在步骤S35中,支付服务器接收到所述支付请求后,引导付款方完成付款,进行结算并通知收款方支付已完成。In step S35, after receiving the payment request, the payment server guides the payer to complete the payment, performs settlement, and notifies the payee that the payment has been completed.

与其他现有收款码中的用户头像信息不同,本实施例中通过对所述用户标识图片的审核以及与用户身份标识的绑定,可以将服务器数据库中存储的用户标识图片与付款码中的用户标识图片进行自动对比校验,提高了扫码支付的安全性。Different from the user avatar information in other existing payment codes, in this embodiment, the user identification picture stored in the server database and the payment code can be stored in the server database by reviewing the user identification picture and binding the user identification picture. The user's logo image is automatically compared and verified, which improves the security of code scanning payment.

图4为本申请实施例二提供的一种扫码校验方法的流程示意图,如图4所示,当付款方向收款方付款时,可以执行图4所示流程:FIG. 4 is a schematic flowchart of a code scanning verification method provided in Embodiment 2 of the present application. As shown in FIG. 4, when a payment is made to a payee, the process shown in FIG. 4 may be performed:

在步骤S41中,客户端向防篡改二维码服务器发送收款码的业务请求;In step S41, the client sends a service request for a payment code to the tamper-resistant two-dimensional code server;

所述客户端可以是微信、支付宝、盛付通钱包等支付软件客户端,还可以包括其他被对应的防篡改二维码发码机构承认或授权的、可以实现本申请技术方案的其他客户端。The client may be a payment software client such as WeChat, Alipay, or Shengfutong Wallet, and may also include other clients recognized or authorized by the corresponding tamper-resistant QR code issuing agency and capable of implementing the technical solution of the present application. .

所述收款码是由防篡改二维码服务器根据收款方的用户身份标识生成二维码;将生成的所述二维码与收款方用户标识图片进行组合得到的。The payment code is generated by the tamper-resistant two-dimensional code server according to the user identification of the payee; the generated two-dimensional code is combined with the user identification picture of the payee.

付款方在购物结束要付款时,可以打开自己手机上的客户端,拍摄收款方提供的收款码,向防篡改二维码服务器发送业务请求。所述业务请求为请求防篡改二维码服务器对所述收款码进行有效性校验。也可以是针对所述收款码的支付请求,首先由防篡改二维码服务器对所述收款码进行有效性校验,校验通过后针对所述二维码进行支付。When the payer wants to pay after shopping, he can open the client on his mobile phone, take a picture of the payment code provided by the payee, and send a business request to the tamper-proof QR code server. The service request is to request a tamper-resistant two-dimensional code server to perform validity check on the payment code. It may also be a payment request for the payment code. First, a tamper-proof two-dimensional code server performs a validity check on the payment code, and payment is performed on the two-dimensional code after the verification is passed.

优选地,客户端中预设了防篡改二维码服务器的入口,打开所述入口后,调用手机的摄像头,拍摄收款方提供的收款码,向防篡改二维码服务器发送业务请求,所述业务请求包括收款码中的用户标识图片,供防篡改二维码服务器识别其中的收款码,进行安全校验。Preferably, an entrance of the tamper-resistant QR code server is preset in the client. After opening the entrance, the camera of the mobile phone is called to capture the payment code provided by the payee and send a service request to the tamper-resistant QR code server. The service request includes a user identification picture in the payment code, which is used by the tamper-resistant two-dimensional code server to identify the payment code and perform security verification.

在步骤S42中,防篡改二维码服务器接收客户端发送收款码的业务请求,对所述业务请求中包括的收款码中的用户标识图片进行解码,获得所述收款码对应的用户身份标识;基于所述业务请求中包括的收款码对应的用户身份标识查找对应的用于安全校验的用户标识图片;对所述业务请求中包括的收款码中的用户标识图片与查找得到的用于安全校验的用户标识图片进行相似性判断。其中,所述查找得到的用于安全校验的用户标识图片是服务器对收款方发送的用户标识图片进行审核后,将审核通过的用户标识图片存储在服务器的数据库中的。In step S42, the tamper-resistant two-dimensional code server receives the service request of the payment code sent by the client, decodes the user identification picture in the payment code included in the service request, and obtains the user corresponding to the payment code. Identity identification; finding a corresponding user identification picture for security verification based on a user identification corresponding to a payment code included in the service request; and searching for a user identification picture in the payment code included in the service request The obtained user identification picture used for security verification is subjected to similarity judgment. Wherein, the searched user identification picture for security verification is stored by the server in the database of the server after the server checks the user identification picture sent by the payee.

优选地,所述步骤还包括:防篡改二维码服务器首先根据所述业务请求中包括的收款码对应的用户身份标识确定对应用户是否为防篡改二维码支付系统的注册用户,如果是,所述业务请求中包括的收款码中的用户标识图片与查找得到的用于安全校验用户标识图片进行相似性比对;如果否,向付款方发送风险提示信息,提示付款方终止支付,例如“当前收款码未在防篡改二维码支付系统中进行注册”。Preferably, the step further comprises: the tamper-resistant two-dimensional code server first determines whether the corresponding user is a registered user of the tamper-resistant two-dimensional code payment system according to the user identity corresponding to the payment code included in the service request. Comparing the user identification picture in the payment code included in the service request with the user identification picture obtained for security verification; if not, sending a risk prompt message to the payer to prompt the payer to terminate the payment , Such as "The current payment code is not registered in the tamper-resistant QR code payment system."

在步骤S43中,若业务请求中包括的收款码中的收款方用户标识图片与查找得到的用户标识图片的相似度高于预设阈值,继续支付;防篡改二维码服务器构建相应的支付请求,并将所述支付请求转发至支付服务器,由支付服务器处理所述支付请求。In step S43, if the similarity between the user identification picture of the payee and the found user identification picture in the payment code included in the service request is higher than a preset threshold, continue to pay; the tamper-resistant QR code server constructs the corresponding A payment request, and the payment request is forwarded to a payment server, and the payment server processes the payment request.

优选地,客户端发送的业务请求中包括了相应支付软件的标识信息,防篡改二维码服务器根据所述标识信息,构建相应的支付请求,并将所述支付请求转发至支付软件对应的支付服务器,执行步骤S45。Preferably, the service request sent by the client includes identification information of the corresponding payment software, and the tamper-resistant two-dimensional code server constructs a corresponding payment request according to the identification information, and forwards the payment request to the payment corresponding to the payment software. The server executes step S45.

在步骤S44中,若低于预设阈值,则防篡改二维码服务器终止支付,向付款方发送提示消息。In step S44, if the value is lower than the preset threshold, the tamper-resistant QR code server terminates the payment and sends a prompt message to the payer.

在步骤S45中,支付服务器接收到所述支付请求后,引导付款方完成付款,进行结算并通知收款方支付已完成。In step S45, after receiving the payment request, the payment server guides the payer to complete the payment, performs settlement, and notifies the payee that the payment has been completed.

与其他现有收款码中的用户头像信息不同,本实施例中通过对所述用户标识图片的审核以及与用户身份标识的绑定,可以将服务器数据库中存储的用户标识图片与付款码中的用户标识图片进行自动对比校验,提高了扫码支付的安全性。Different from the user avatar information in other existing payment codes, in this embodiment, the user identification picture stored in the server database and the payment code can be stored in the server database by reviewing the user identification picture and binding the user identification picture. The user's logo image is automatically compared and verified, which improves the security of code scanning payment.

图5示出了适于用来实现本发明实施方式的示例性计算机系统/服务器012的框图。图5显示的计算机系统/服务器012仅仅是一个示例,不应对本发明实施例的功能和使用范围带来任何限制。FIG. 5 shows a block diagram of an exemplary computer system / server 012 suitable for use in implementing embodiments of the present invention. The computer system / server 012 shown in FIG. 5 is only an example, and should not impose any limitation on the functions and scope of use of the embodiments of the present invention.

如图5所示,计算机系统/服务器012以通用计算设备的形式表现。计算机系统/服务器012的组件可以包括但不限于:一个或者多个处理器或者处理单元016,系统存储器028,连接不同系统组件(包括系统存储器028和处理单元016)的总线018。As shown in FIG. 5, the computer system / server 012 is represented in the form of a general-purpose computing device. The components of the computer system / server 012 may include, but are not limited to, one or more processors or processing units 016, a system memory 028, and a bus 018 connecting different system components (including the system memory 028 and the processing unit 016).

总线018表示几类总线结构中的一种或多种,包括存储器总线或者存储器控制器,外围总线,图形加速端口,处理器或者使用多种总线结构中的任意总线结构的局域总线。举例来说,这些体系结构包括但不限于工业标准体系结构(ISA)总线,微通道体系结构(MAC)总线,增强型ISA总线、视频电子标准协会(VESA)局域总线以及外围组件互连(PCI)总线。The bus 018 represents one or more of several types of bus structures, including a memory bus or a memory controller, a peripheral bus, a graphics acceleration port, a processor, or a local area bus using any of a variety of bus structures. By way of example, these architectures include, but are not limited to, the Industry Standard Architecture (ISA) bus, the Micro Channel Architecture (MAC) bus, the enhanced ISA bus, the Video Electronics Standards Association (VESA) local area bus, and peripheral component interconnects ( PCI) bus.

计算机系统/服务器012典型地包括多种计算机系统可读介质。这些介质可以是任何能够被计算机系统/服务器012访问的可用介质,包括易失性和非易失性介质,可移动的和不可移动的介质。Computer system / server 012 typically includes a variety of computer system readable media. These media can be any available media that can be accessed by the computer system / server 012, including volatile and non-volatile media, removable and non-removable media.

系统存储器028可以包括易失性存储器形式的计算机系统可读介质,例如随机存取存储器(RAM)030和/或高速缓存存储器032。计算机系统/服务器012可以进一步包括其它可移动/不可移动的、易失性/非易失性计算机系统存储介质。仅作为举例,存储系统034可以用于读写不可移动的、非易失性磁介质(图5未显示,通常称为“硬盘驱动器”)。尽管图5中未示出,可以提供用于对可移动非易失性磁盘(例如“软盘”)读写的磁盘驱动器,以及对可移动非易失性光盘(例如CD-ROM,DVD-ROM或者其它光介质)读写的光盘驱动器。在这些情况下,每个驱动器可以通过一个或者多个数据介质接口与总线018相连。存储器028可以包括至少一个程序产品,该程序产品具有一组(例如至少一个)程序模块,这些程序模块被配置以执行本发明各实施例的功能。System memory 028 may include computer system-readable media in the form of volatile memory, such as random access memory (RAM) 030 and / or cache memory 032. The computer system / server 012 may further include other removable / non-removable, volatile / non-volatile computer system storage media. For example only, the storage system 034 may be used to read and write non-removable, non-volatile magnetic media (not shown in FIG. 5 and is commonly referred to as a “hard drive”). Although not shown in FIG. 5, a disk drive for reading and writing to a removable non-volatile disk (such as a "floppy disk"), and a removable non-volatile optical disk (such as a CD-ROM, DVD-ROM, etc.) may be provided. Or other optical media). In these cases, each drive may be connected to the bus 018 through one or more data medium interfaces. The memory 028 may include at least one program product having a set (eg, at least one) of program modules configured to perform functions of embodiments of the present invention.

具有一组(至少一个)程序模块042的程序/实用工具040,可以存储在例如存储器028中,这样的程序模块042包括——但不限于——操作系统、一个或者多个应用程序、其它程序模块以及程序数据,这些示例中的每一个或某种组合中可能包括网络环境的实现。程序模块042通常执行本发明所描述的实施例中的功能和/或方法。A program / utility tool 040 having a set of (at least one) program module 042 may be stored in, for example, the memory 028. Such a program module 042 includes-but is not limited to-an operating system, one or more applications, other programs Modules and program data, each or some combination of these examples may include implementations of the network environment. The program module 042 generally performs functions and / or methods in the embodiments described in the present invention.

计算机系统/服务器012也可以与一个或多个外部设备014(例如键盘、指向设备、显示器024等)通信,在本发明中,计算机系统/服务器012与外部雷达设备进行通信,还可与一个或者多个使得用户能与该计算机系统/服务器012交互的设备通信,和/或与使得该计算机系统/服务器012能与一个或多个其它计算设备进行通信的任何设备(例如网卡,调制解调器等等)通信。这种通信可以通过输入/输出(I/O)接口022进行。并且,计算机系统/服务器012还可以通过网络适配器020与一个或者多个网络(例如局域网(LAN),广域网(WAN)和/或公共网络,例如因特网)通信。如图5所示,网络适配器020通过总线018与计算机系统/服务器012的其它模块通信。应当明白,尽管图5中未示出,可以结合计算机系统/服务器012使用其它硬件和/或软件模块,包括但不限于:微代码、设备驱动器、冗余处理单元、外部磁盘驱 动阵列、RAID系统、磁带驱动器以及数据备份存储系统等。The computer system / server 012 may also communicate with one or more external devices 014 (such as a keyboard, pointing device, display 024, etc.). In the present invention, the computer system / server 012 communicates with an external radar device, and may also communicate with one or more Multiple devices that enable a user to interact with the computer system / server 012, and / or with any device (such as a network card, modem, etc.) that enables the computer system / server 012 to communicate with one or more other computing devices Communication. This communication can be performed through an input / output (I / O) interface 022. Moreover, the computer system / server 012 can also communicate with one or more networks (such as a local area network (LAN), a wide area network (WAN), and / or a public network, such as the Internet) through the network adapter 020. As shown in FIG. 5, the network adapter 020 communicates with other modules of the computer system / server 012 through the bus 018. It should be understood that although not shown in FIG. 5, other hardware and / or software modules may be used in conjunction with the computer system / server 012, including but not limited to: microcode, device drivers, redundant processing units, external disk drive arrays, RAID systems , Tape drives, and data backup storage systems.

处理单元016通过运行存储在系统存储器028中的程序,从而执行本发明所描述的实施例中的功能和/或方法。The processing unit 016 executes the functions and / or methods in the embodiment described by running a program stored in the system memory 028.

上述的计算机程序可以设置于计算机存储介质中,即该计算机存储介质被编码有计算机程序,该程序在被一个或多个计算机执行时,使得一个或多个计算机执行本发明上述实施例中所示的方法流程和/或装置操作。The above computer program may be set in a computer storage medium, that is, the computer storage medium is encoded with a computer program, and when the program is executed by one or more computers, the one or more computers are caused to execute the programs shown in the foregoing embodiments of the present invention. Method flow and / or device operation.

随着时间、技术的发展,介质含义越来越广泛,计算机程序的传播途径不再受限于有形介质,还可以直接从网络下载等。可以采用一个或多个计算机可读的介质的任意组合。计算机可读介质可以是计算机可读信号介质或者计算机可读存储介质。计算机可读存储介质例如可以是——但不限于——电、磁、光、电磁、红外线、或半导体的系统、装置或器件,或者任意以上的组合。计算机可读存储介质的更具体的例子(非穷举的列表)包括:具有一个或多个导线的电连接、便携式计算机磁盘、硬盘、随机存取存储器(RAM)、只读存储器(ROM)、可擦式可编程只读存储器(EPROM或闪存)、光纤、便携式紧凑磁盘只读存储器(CD-ROM)、光存储器件、磁存储器件、或者上述的任意合适的组合。在本文件中,计算机可读存储介质可以是任何包含或存储程序的有形介质,该程序可以被指令执行系统、装置或者器件使用或者与其结合使用。With the development of time and technology, the meaning of media has become wider and wider, and the spread of computer programs is no longer limited to tangible media, and can also be downloaded directly from the Internet. Any combination of one or more computer-readable media may be used. The computer-readable medium may be a computer-readable signal medium or a computer-readable storage medium. The computer-readable storage medium may be, for example, but not limited to, an electronic, magnetic, optical, electromagnetic, infrared, or semiconductor system, apparatus, or device, or any combination thereof. More specific examples (non-exhaustive list) of computer-readable storage media include: electrical connections with one or more wires, portable computer disks, hard disks, random access memory (RAM), read-only memory (ROM), Erasable programmable read-only memory (EPROM or flash memory), optical fiber, portable compact disk read-only memory (CD-ROM), optical storage device, magnetic storage device, or any suitable combination of the foregoing. In this document, a computer-readable storage medium may be any tangible medium that contains or stores a program that can be used by or in combination with an instruction execution system, apparatus, or device.

计算机可读的信号介质可以包括在基带中或者作为载波一部分传播的数据信号,其中承载了计算机可读的程序代码。这种传播的数据信号可以采用多种形式,包括——但不限于——电磁信号、光信号或上述的任意合适的组合。计算机可读的信号介质还可以是计算机可读存储介质以外的任何计算机可读介质,该计算机可读介质可以发送、传播或者传输用于由指令执行系统、装置或者器件使用或者与其结合使用的程序。The computer-readable signal medium may include a data signal propagated in baseband or transmitted as part of a carrier wave, which carries a computer-readable program code. Such a propagated data signal may take a variety of forms, including, but not limited to, electromagnetic signals, optical signals, or any suitable combination of the foregoing. The computer-readable signal medium may also be any computer-readable medium other than a computer-readable storage medium, and the computer-readable medium may send, propagate, or transmit a program for use by or in connection with an instruction execution system, apparatus, or device. .

计算机可读介质上包含的程序代码可以用任何适当的介质传输,包括——但不限于——无线、电线、光缆、RF等等,或者上述的任意合适的组合。Program code embodied on a computer-readable medium may be transmitted using any appropriate medium, including but not limited to wireless, wireline, optical fiber cable, RF, etc., or any suitable combination of the foregoing.

可以以一种或多种程序设计语言或其组合来编写用于执行本发明操作的 计算机程序代码,所述程序设计语言包括面向对象的程序设计语言—诸如Java、Smalltalk、C++,还包括常规的过程式程序设计语言—诸如“C”语言或类似的程序设计语言。程序代码可以完全地在用户计算机上执行、部分地在用户计算机上执行、作为一个独立的软件包执行、部分在用户计算机上部分在远程计算机上执行、或者完全在远程计算机或服务器上执行。在涉及远程计算机的情形中,远程计算机可以通过任意种类的网络——包括局域网(LAN)或广域网(WAN)连接到用户计算机,或者,可以连接到外部计算机(例如利用因特网服务提供商来通过因特网连接)。Computer program code for performing the operations of the present invention may be written in one or more programming languages, or combinations thereof, including programming languages such as Java, Smalltalk, C ++, and also conventional Procedural programming language—such as "C" or similar programming language. The program code can be executed entirely on the user's computer, partly on the user's computer, as an independent software package, partly on the user's computer, partly on a remote computer, or entirely on a remote computer or server. In the case of a remote computer, the remote computer can be connected to the user's computer through any kind of network, including a local area network (LAN) or wide area network (WAN), or it can be connected to an external computer (such as through the Internet using an Internet service provider) connection).

最后应说明的是:以上实施例仅用以说明本申请的技术方案,而非对其限制;尽管参照前述实施例对本申请进行了详细的说明,本领域的普通技术人员应当理解:其依然可以对前述各实施例所记载的技术方案进行修改,或者对其中部分技术特征进行等同替换;而这些修改或者替换,并不使相应技术方案的本质脱离本申请各实施例技术方案的精神和范围。Finally, it should be noted that the above embodiments are only used to describe the technical solution of the present application, and are not limited thereto. Although the present application has been described in detail with reference to the foregoing embodiments, those skilled in the art should understand that they can still Modifications to the technical solutions described in the foregoing embodiments, or equivalent replacements of some of the technical features thereof; and these modifications or replacements do not depart the essence of the corresponding technical solutions from the spirit and scope of the technical solutions of the embodiments of the present application.

Claims (23)

一种在防篡改二维码服务器端生成收款码的方法,其特征在于,包括:A method for generating a payment code on a tamper-resistant two-dimensional code server side, which includes: 接收客户端发送的收款码生成请求,所述收款码生成请求包括客户端对应用户的用户身份标识;Receiving a payment code generation request sent by a client, where the payment code generation request includes a user identity of a user corresponding to the client; 根据所述用户身份标识生成二维码;Generating a two-dimensional code according to the user identity; 将所生成的二维码与客户端提交的对应用户的用户标识图片进行组合,得到收款码,以便基于所述收款码进行扫码安全校验。The generated two-dimensional code is combined with the user identification picture of the corresponding user submitted by the client to obtain a payment code, so as to perform code scanning security verification based on the payment code. 根据权利要求1所述的方法,其特征在于,所述方法还包括:The method according to claim 1, further comprising: 获取客户端发送的对应用户的注册请求;Obtaining the registration request of the corresponding user sent by the client; 基于所述注册请求,为客户端对应用户分配用户身份标识。Based on the registration request, a user identity is assigned to the corresponding user of the client. 根据权利要求2所述的方法,其特征在于,所述为客户端对应用户分配用户身份标识之后还包括:The method according to claim 2, wherein after the assigning a user identity to a user corresponding to the client, the method further comprises: 获取客户端提交的对应用户的用户标识图片;Obtaining a user identification picture of the corresponding user submitted by the client; 将所述用户标识图片与所述用户身份标识进行关联。Associating the user identification picture with the user identification. 根据权利要求3所述的方法,其特征在于,所述将所述用户标识图片与所述用户身份标识进行关联包括:The method according to claim 3, wherein the associating the user identity picture with the user identity picture comprises: 对所述用户标识图片进行审核,将审核通过的所述用户标识图片与所述用户身份标识进行关联。Auditing the user identification picture, and associating the user identification picture that has passed the verification with the user identity. 根据权利要求2所述的方法,其特征在于,The method according to claim 2, wherein: 所述为所述客户端对应用户分配用户身份标识之后还包括:After the assigning a user identity to a user corresponding to the client, the method further includes: 获取客户端提交的对应用户的用户资质证明信息;Obtain the user qualification information of the corresponding user submitted by the client; 对所述用户资质证明信息进行审核,将审核通过的所述资质证明信息与所述用户身份标识进行匹配,其中,存在唯一有效用户身份标识与所述资质证明信息相匹配。The user qualification information is audited, and the verified qualification information is matched with the user identity, and there is a unique valid user identity that matches the qualification information. 根据权利要求1所述的方法,其特征在于,The method according to claim 1, wherein: 所述二维码包含所述客户端对应用户的用户身份标识;还包含指向防篡改二维码服务器的链接地址。The two-dimensional code includes a user identity identifier of the user corresponding to the client; and further includes a link address to a tamper-resistant two-dimensional code server. 根据权利要求1所述的方法,其特征在于,将所生成的二维码与用户标识图片进行组合包括:The method according to claim 1, wherein combining the generated two-dimensional code with a user identification picture comprises: 将所述用户标识图片作为二维码的背景图片与二维码进行组合;或者,Combining the user identification picture as a background picture of the two-dimensional code with the two-dimensional code; or 将所述用户标识图片显示在二维码的周边区域。Displaying the user identification picture in a peripheral area of the two-dimensional code. 根据权利要求1所述的方法,其特征在于,所述方法还包括:The method according to claim 1, further comprising: 将生成的收款码发送到客户端,以便付款方进行扫码支付。Send the generated payment code to the client so that the payer can scan the code. 一种扫码安全校验方法,其特征在于,包括:A code scanning security verification method is characterized in that it includes: 防篡改二维码服务器接收客户端发送的收款码的业务请求;其中,所述收款码是由防篡改二维码服务器根据收款方的用户身份标识生成二维码;将生成的所述二维码与收款方用户标识图片进行组合得到的;The tamper-resistant two-dimensional code server receives the service request of the payment code sent by the client; wherein the payment code is generated by the tamper-resistant two-dimensional code server according to the user identity of the payee; The combination of the two-dimensional code and the payee user identification picture; 防篡改二维码服务器基于所述业务请求中包括的收款码对应的用户身份标识查找对应的用于安全校验的用户标识图片;The tamper-resistant two-dimensional code server searches for a corresponding user identification picture for security verification based on the user identification corresponding to the payment code included in the service request; 防篡改二维码服务器将所述对应的用于安全校验的用户标识图片发送至所述客户端,以便基于所述用于安全校验的用户标识图片在客户端确定安全校验结果。The tamper-resistant two-dimensional code server sends the corresponding user identification picture for security verification to the client, so as to determine a security verification result on the client based on the user identification picture for security verification. 根据权利要求9所述的方法,其特征在于,所述基于所述业务请求中包括的收款码对应的用户身份标识查找对应的用于安全校验的用户标识图片之前还包括:The method according to claim 9, wherein before the searching for a corresponding user identification picture for security verification based on a user identification corresponding to a payment code included in the service request, further comprising: 根据所述业务请求中包括的收款码对应的用户身份标识确定对应用户是否为防篡改二维码支付系统的注册用户,如果是,基于所述业务请求中包括的收款码对应的用户身份标识查找对应的用于安全校验的用户标识图片;如果否,向客户端发送提示信息。Determining whether the corresponding user is a registered user of the tamper-resistant QR code payment system according to the user identity corresponding to the payment code included in the service request, and if so, based on the user identity corresponding to the payment code included in the service request The logo lookup corresponds to the user logo picture used for security verification; if not, a prompt message is sent to the client. 根据权利要求9所述的方法,其特征在于,所述方法还包括:The method according to claim 9, further comprising: 防篡改二维码服务器根据所述安全校验结果,执行对应操作。The tamper-resistant two-dimensional code server performs a corresponding operation according to the security verification result. 根据权利要求11所述的方法,其特征在于,所述防篡改二维码服务器 根据所述安全校验结果,执行对应操作包括:The method according to claim 11, wherein the tamper-resistant QR code server performs a corresponding operation according to the security verification result, including: 接收客户端发送的对比结果一致的确认命令,继续支付;或,Receive a confirmation command from the client with a consistent comparison result, and continue to pay; or, 未接收客户端发送的对比结果一致的确认命令,终止支付;或Did not receive a confirmation command from the client with a consistent comparison result, and terminated the payment; or 接收客户端发送的对比结果不一致的确认命令,终止支付。Receive a confirmation command from the client with inconsistent comparison results, and terminate the payment. 根据权利要求12所述的方法,其特征在于,所述继续支付包括:The method according to claim 12, wherein the continuing payment comprises: 构建相应的支付请求并处理;或,Structure and process the corresponding payment request; or, 构建相应的支付请求,并将所述支付请求转发至支付服务器,由支付服务器处理所述支付请求。Construct a corresponding payment request, and forward the payment request to a payment server, and the payment server processes the payment request. 根据权利要求12所述的方法,其特征在于,所述未接收客户端发送的对比结果一致的确认命令包括:The method according to claim 12, wherein the unconfirmed confirmation command sent by the client that the comparison result is consistent comprises: 在预设时间内未接收到客户端发送的对比结果一致的确认命令。No consistent confirmation command sent by the client is received within the preset time. 一种扫码安全校验方法,其特征在于:A code scanning security verification method is characterized in that: 防篡改二维码服务器接收客户端发送的收款码的业务请求;其中,所述收款码是由防篡改二维码服务器根据收款方的用户身份标识生成二维码;将所生成的二维码与收款方用户标识图片进行组合得到的;The tamper-resistant two-dimensional code server receives a service request for a payment code sent by a client; wherein the payment code is generated by the tamper-resistant two-dimensional code server according to the user identity of the payee; the generated A combination of a QR code and a payee user logo image; 防篡改二维码服务器基于业务请求中包括的收款码对应的用户身份标识查找对应的用于安全校验的用户标识图片;The tamper-resistant two-dimensional code server searches for a corresponding user ID picture for security verification based on the user ID corresponding to the payment code included in the service request; 防篡改二维码服务器对业务请求中包括的收款码中的收款方用户标识图片与查找得到的用于安全校验的用户标识图片进行相似性比对以确定安全校验结果。The tamper-resistant two-dimensional code server performs a similarity comparison between the payee user identification picture in the payment code included in the service request and the user identification picture obtained for security verification to determine the security verification result. 根据权利要求15所述的方法,其特征在于,所述基于业务请求中包括的用户身份标识查找对应的用于安全校验的用户标识图片之前还包括:The method according to claim 15, wherein before the searching for a corresponding user identification picture for security verification based on the user identity included in the service request, further comprising: 防篡改二维码服务器根据所述业务请求中包括的收款码对应的用户身份标识确定对应用户是否为防篡改二维码支付系统的注册用户,如果是,基于所述业务请求中包括的收款码对应的用户身份标识查找对应的用于安全校验的用户标识图片;如果否,向客户端发送提示信息。The tamper-resistant two-dimensional code server determines whether the corresponding user is a registered user of the tamper-resistant two-dimensional code payment system according to the user identity corresponding to the payment code included in the service request. The user identification corresponding to the paragraph code searches for the corresponding user identification picture for security verification; if not, sends a prompt message to the client. 根据权利要求15所述的方法,其特征在于,所述方法还包括:The method according to claim 15, further comprising: 防篡改二维码服务器根据所述安全校验结果,执行对应操作。The tamper-resistant two-dimensional code server performs a corresponding operation according to the security verification result. 根据权利要求17所述的方法,其特征在于,根据所述安全校验结果,执行对应操作包括:The method according to claim 17, wherein performing a corresponding operation according to the security check result comprises: 若业务请求中包括的收款码中的收款方用户标识图片与查找得到的用户标识图片的相似度高于预设阈值,继续支付;若低于预设阈值,则终止支付。If the similarity between the user identification picture of the payee and the found user identification picture in the payment code included in the service request is higher than a preset threshold, the payment is continued; if it is lower than the preset threshold, the payment is terminated. 根据权利要求15所述的方法,其中,所述业务请求包括所述收款码及客户端对收款码进行扫码后得到的用户身份标识。The method according to claim 15, wherein the service request comprises the payment code and a user identity obtained after the client scans the payment code. 根据权利要求15所述的方法,其中,所述业务请求包括所述收款码;The method according to claim 15, wherein the service request includes the payment code; 所述基于所述业务请求中包括的收款码对应的用户身份标识进行安全校验之前还包括:通过解析所述收款码确定所述收款码对应的用户身份标识。Before performing the security check based on the user identity corresponding to the payment code included in the service request, the method further includes: determining the user identity corresponding to the payment code by analyzing the payment code. 根据权利要求18所述的方法,其特征在于,所述继续支付包括:The method according to claim 18, wherein the continuing payment comprises: 构建相应的支付请求并处理;或,Structure and process the corresponding payment request; or, 构建相应的支付请求,并将所述支付请求转发至支付服务器,由支付服务器处理所述支付请求。Construct a corresponding payment request, and forward the payment request to a payment server, and the payment server processes the payment request. 一种设备,其特征在于,所述设备包括:A device, characterized in that the device includes: 一个或多个处理器;One or more processors; 存储装置,用于存储一个或多个程序,A storage device for storing one or more programs, 当所述一个或多个程序被所述一个或多个处理器执行,使得所述一个或多个处理器实现如权利要求1-21中任一所述的方法。When the one or more programs are executed by the one or more processors, the one or more processors implement the method according to any one of claims 1-21. 一种计算机可读存储介质,其上存储有计算机程序,其特征在于,该程序被处理器执行时实现如权利要求1-21中任一所述的方法。A computer-readable storage medium having stored thereon a computer program, characterized in that when the program is executed by a processor, the method according to any one of claims 1-21 is implemented.
PCT/CN2018/124947 2018-06-11 2018-12-28 Method for generating payment receiving code and code-scanning security verification method Ceased WO2019237718A1 (en)

Applications Claiming Priority (2)

Application Number Priority Date Filing Date Title
CN201810596992.7A CN108898206A (en) 2018-06-11 2018-06-11 A kind of method and barcode scanning safe checking method generating gathering code
CN201810596992.7 2018-06-11

Publications (1)

Publication Number Publication Date
WO2019237718A1 true WO2019237718A1 (en) 2019-12-19

Family

ID=64344409

Family Applications (1)

Application Number Title Priority Date Filing Date
PCT/CN2018/124947 Ceased WO2019237718A1 (en) 2018-06-11 2018-12-28 Method for generating payment receiving code and code-scanning security verification method

Country Status (2)

Country Link
CN (1) CN108898206A (en)
WO (1) WO2019237718A1 (en)

Families Citing this family (16)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN108898206A (en) * 2018-06-11 2018-11-27 上海掌门科技有限公司 A kind of method and barcode scanning safe checking method generating gathering code
CN109583894A (en) * 2018-11-28 2019-04-05 阿里巴巴集团控股有限公司 Offer, verification method and the device of two dimensional code
CN114819012B (en) * 2018-12-11 2025-03-28 创新先进技术有限公司 A graphic code verification method and device
CN109753784B (en) * 2018-12-24 2021-07-30 维沃移动通信有限公司 A kind of authorization method based on multi-dimensional code, mobile terminal and server
CN110197370B (en) * 2019-04-23 2024-04-05 努比亚技术有限公司 Two-dimensional code generation and payment method, terminal equipment and storage medium
CN110633979A (en) * 2019-08-30 2019-12-31 维沃移动通信有限公司 Payment method and terminal equipment
CN110851270A (en) * 2019-10-21 2020-02-28 中国银联股份有限公司 Resource transfer method, device, equipment and medium
CN110969428A (en) * 2019-10-30 2020-04-07 深圳市钱海网络技术有限公司 Static two-dimensional code payment method and device based on mobile terminal
CN110969434B (en) * 2019-11-29 2024-06-25 维沃移动通信有限公司 Payment method, server, terminal and system
CN111080284B (en) * 2019-12-17 2024-04-16 北京东方国信科技股份有限公司 Mobile payment code scanning payment method and customer payment terminal based on two-way verification
CN112819460B (en) * 2020-10-29 2024-11-26 中国银联股份有限公司 Two-dimensional code verification method, device and computer-readable medium
CN113128983A (en) * 2021-03-18 2021-07-16 西安艾润物联网技术服务有限责任公司 Method for paying digital currency, electronic device and computer storage medium
CN113920661B (en) * 2021-07-06 2024-12-24 福建创识科技股份有限公司 A digital currency label code card activation device and activation method
CN113570362A (en) * 2021-07-30 2021-10-29 北京达佳互联信息技术有限公司 Two-dimensional code checking method and device
CN113869847A (en) * 2021-09-03 2021-12-31 中国银行股份有限公司 Stall management method and device
CN116151831A (en) * 2023-02-25 2023-05-23 李慧 Payment method and payment device based on route information

Citations (5)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN103646264A (en) * 2013-11-06 2014-03-19 杭州电子科技大学 Multiple information encrypted two-dimensional code anti-counterfeiting method
US20140346231A1 (en) * 2013-05-24 2014-11-27 King Abdul Aziz City for Science and Technology (KACST) Multidimensional color barcode
CN105069497A (en) * 2015-07-27 2015-11-18 南京风力舰信息技术有限公司 Method for generating beautified two-dimensional code
CN106919848A (en) * 2017-03-07 2017-07-04 江苏科大汇峰科技有限公司 A kind of contract method for anti-counterfeit based on mobile terminal fingerprint recognition
CN108898206A (en) * 2018-06-11 2018-11-27 上海掌门科技有限公司 A kind of method and barcode scanning safe checking method generating gathering code

Family Cites Families (3)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN105243539A (en) * 2015-09-15 2016-01-13 重庆智韬信息技术中心 Identity authentication method for realizing two-dimensional code safety payment
CN107507007A (en) * 2017-08-30 2017-12-22 努比亚技术有限公司 One kind pays 2 D code verification method, terminal and computer-readable recording medium
CN107609873B (en) * 2017-09-08 2020-07-14 阿里巴巴集团控股有限公司 Code scanning safety verification method and device

Patent Citations (5)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US20140346231A1 (en) * 2013-05-24 2014-11-27 King Abdul Aziz City for Science and Technology (KACST) Multidimensional color barcode
CN103646264A (en) * 2013-11-06 2014-03-19 杭州电子科技大学 Multiple information encrypted two-dimensional code anti-counterfeiting method
CN105069497A (en) * 2015-07-27 2015-11-18 南京风力舰信息技术有限公司 Method for generating beautified two-dimensional code
CN106919848A (en) * 2017-03-07 2017-07-04 江苏科大汇峰科技有限公司 A kind of contract method for anti-counterfeit based on mobile terminal fingerprint recognition
CN108898206A (en) * 2018-06-11 2018-11-27 上海掌门科技有限公司 A kind of method and barcode scanning safe checking method generating gathering code

Also Published As

Publication number Publication date
CN108898206A (en) 2018-11-27

Similar Documents

Publication Publication Date Title
WO2019237718A1 (en) Method for generating payment receiving code and code-scanning security verification method
US9965760B2 (en) Systems and methods for facilitating electronic transactions utilizing a mobile computing device
US11157905B2 (en) Secure on device cardholder authentication using biometric data
US10579996B2 (en) Presenting a document to a remote user to obtain authorization from the user
US20140164241A1 (en) Securely receiving from a remote user sensitive information and authorization to perform a transaction using the sensitive information
US10489565B2 (en) Compromise alert and reissuance
US9703982B2 (en) Document distribution and interaction
CN103718192A (en) Image-based financial processing
US20210044558A1 (en) Methods and systems for email verification
US10580000B2 (en) Obtaining user input from a remote user to authorize a transaction
CN110599290A (en) Data processing method and system for cross-border transaction
US12229290B1 (en) System and process for the verification of data
US10671718B2 (en) System and method for authentication
CN112687042A (en) Authentication method, authentication device and electronic equipment
KR101359512B1 (en) System and method of authentication for electronic signature on internet
KR102140708B1 (en) Method and server for providing financial service
CN115176262A (en) System for encoding resource access credentials in a barcode
CA2891432C (en) Securely receiving from a remote user sensitive information and authorization to perform a transaction using the sensitive information
EP3039626B1 (en) Presenting a document to a remote user to obtain authorization from the user
US20240346512A1 (en) Age verification using pseudonymous persona code-based single-use token
KR20190110486A (en) Apparatus and method of providing non-card present payment
KR101079740B1 (en) System for inputting information using terminal and method thereof
KR100908405B1 (en) Form image quality inspection method and system and recording medium therefor
CN110728549A (en) Warehouse leasing system
KR102093549B1 (en) Method of paying by user access and apparatus providing the method

Legal Events

Date Code Title Description
121 Ep: the epo has been informed by wipo that ep was designated in this application

Ref document number: 18922886

Country of ref document: EP

Kind code of ref document: A1

NENP Non-entry into the national phase

Ref country code: DE

122 Ep: pct application non-entry in european phase

Ref document number: 18922886

Country of ref document: EP

Kind code of ref document: A1