 method for processing two-dimensional barcodes and system for processing two-dimensional barcodes
专利摘要:
the present invention discloses a method, an apparatus and a system for processing two-dimensional bar codes, relates to the field of information processing technologies and is primarily intended to alleviate an existing technology problem that an electronic credential is generated with based on a static random code, and once the electronic credential is copied or stolen through photography, the security of the electronic credential cannot be ensured. the technical solutions of the present invention include the following: receiving, through a server, a request for the acquisition of electronic credentials sent by the client software, in which the request for the acquisition of electronic credentials includes a user identifier; obtaining an electronic credential that corresponds to the user identifier and signing the electronic credential and a public key of the user of the client software, using a private server key to obtain server signature information; and send the server's signature and electronic credential information to the client's software, so that the client software checks the server's signature information and generates a two-dimensional barcode based on the electronic credential, so that an end device credential verification check the electronic credential comprised in the two-dimensional bar code, in which the final credential verification device is configured to generate the electronic credential based on the user identifier. 公开号:BR112019012149A2 申请号:R112019012149 申请日:2017-12-04 公开日:2019-12-17 发明作者:Chen Ge;Jin Huifeng;Shen Lingman;Liu Yanghui 申请人:Alibaba Group Holding Ltd; IPC主号:
专利说明:
“METHOD FOR PROCESSING BIDIMENSIONAL BAR CODES AND SYSTEM FOR PROCESSING BIDIMENSIONAL BAR CODES” Field of the invention [001] The present invention relates to the field of information processing technologies, and in particular, to a method, apparatus and system for processing two-dimensional bar codes. Background of the Invention [002] Currently, there are some scenarios for applying credential verification at work and in daily life, such as, for example, an identity card, a bank card, a bus ticket, a concert ticket and an access control card. In some application scenarios, credential verification only needs to be completed using specific entities, for example, a bus ticket, a concert ticket and an access control card. For some credential verification scenarios with relatively high security requirements, a specific entity and private information needs to be used together to complete the verification, for example, a bank card and a home / company fingerprint access. [003] In practice, in an application scenario with credential verification that only needs to be completed using a specific entity, the credential verification can be completed by obtaining a corresponding specific entity. For example, a user can purchase a paper bus ticket or a paper show ticket from a ticket window, and can get on the bus or go to a show after the ticket barrier check is complete. This verification mode depends on a specific entity (a bus ticket or a show ticket) and requires the user to load the specific entity. However, if the specific entity is lost or damaged, a process of Petition 870190054726, of 6/13/2019, p. 103/216 2/58 cancellation of registration or post-registration of the specific entity is complex. [004] For an application scenario with a relatively high security requirement, security can be guaranteed by an additional auxiliary security authentication device, for example, a secure keyboard or a fingerprint recognition device. As such, usage costs are increased. Although this method can prevent the leakage of private information, there is still a threat of leakage of private information. [005] In both of the two previous application scenarios, there is an issue where verification of credentials is less convenient with relatively low security and the costs of part of publishing credentials are relatively high. To alleviate the previous problem, a user of the existing technology can purchase an electronic credential online. A chain of random codes is recorded in the electronic credential and, during the verification of credentials, the verification can be completed by verifying a random code in the electronic credential, thus improving the convenience and security of credential verification and reducing the publication costs of the party publishing credentials. However, a random static code is used in the electronic credential and, if the electronic credential is copied or stolen through photography, the security of the electronic credential cannot be guaranteed. Brief Description of the Invention [006] In view of this, the present invention provides a method, apparatus and system for processing two-dimensional bar codes, and is primarily intended to alleviate an existing technology problem that an electronic credential is generated based on in a static random code, and once the electronic credential is copied or stolen through photography, the security of the electronic credential cannot be guaranteed. Petition 870190054726, of 6/13/2019, p. 104/216 3/58 [007] In accordance with a first aspect of the present invention, the present invention provides a method for processing two-dimensional bar codes, including the following: receiving, via a server, a request for the acquisition of electronic credentials sent by the software client, where the request for the acquisition of electronic credentials includes a user identifier; obtain an electronic credential that corresponds to the user identifier and sign the electronic credential and a public key of the user of the client software, using a private server key to obtain signature information from the server; and send the server's signature and electronic credential information to the client's software, so that the client's software checks the server's signature information and generates a two-dimensional barcode based on the electronic credential, so that an end device credential verification check the electronic credential comprised in the two-dimensional bar code, in which the final credential verification device is configured to generate the electronic credential based on the user identifier. [008] In accordance with a second aspect of the present invention, the present invention provides a method for processing two-dimensional bar codes, including the following: receiving, via the client software, server signature information and an electronic credential that are sent by a server, where the server's signature information is obtained by the server by signing the electronic credential and a public key from the client of the client software, using a private key from the server; check the server's signature information for an electronic credential; obtain a user key that corresponds to the user's public key and sign the electronic credential using the user key to obtain signature information from the client software; Petition 870190054726, of 6/13/2019, p. 105/216 4/58 and generate a two-dimensional bar code based on pre-determined security information, client software signature information, server signature information, electronic credential and the user's public key, so that a device final credential verification check the electronic credential comprised in the two-dimensional bar code based on the pre-determined security information and the user's public key, where the pre-determined security information has a validity duration and the final credential verification device is configured to generate an electronic credential based on a user identifier. [009] In accordance with a third aspect of the present invention, the present invention provides a method for processing two-dimensional bar codes, including the following: obtaining, through a final credential verification device, a two-dimensional bar code in software of the client, where the two-dimensional bar code is generated by the client software based on pre-determined security information, client software signature information, server signature information, an electronic credential and a user public key, client software signature information is obtained by the client software by signing the electronic credential and the server signing information is obtained by a server, by signing the user's electronic credential and public key; verify the validity duration of the pre-determined security information and verify the signature information of the client software and the signature information of the server; if the verification on each of the predetermined security information, the signature information of the client software and the signature information of the server is successful, obtain a service validity time included in the electronic credential for verification; Petition 870190054726, of 6/13/2019, p. 106/216 5/58 and if the verification of the validity of the service included in the electronic credential is successful, determine that the verification in the electronic credential is successful. [010] In accordance with a fourth aspect of the present invention, the present invention provides a server, including the following: a receiving unit, configured to receive a request for the acquisition of electronic credentials sent by the client's software, in which the request for acquiring electronic credentials includes a user identifier; a first acquisition unit, configured to obtain an electronic credential that corresponds to the user identifier received by the receiving unit; a signature unit, configured to sign the electronic credential and a public key for the user of the client software, using a private server key to obtain signature information from the server; and a sending unit, configured to send the server's subscription information obtained through the subscription unit and the electronic credential obtained by the first acquisition unit to the client software, so that the client software verifies the server's subscription information within a validity period of a user key and generates a two-dimensional bar code based on the electronic credential, so that a final credential verification device verifies the electronic credential comprised in the two-dimensional bar code, in which the final device credential verification is configured to generate the electronic credential based on the user identifier. [011] In accordance with a fifth aspect of the present invention, the present invention provides client software, including the following: a first receiving unit, configured to receive signature information from the server and an electronic credential that is sent by a server , where the server's signature information is obtained by the Petition 870190054726, of 6/13/2019, p. 107/216 6/58 server, through the signature of the electronic credential and a public key of the user of the client software, through the use of a private key of the server; a signature verification unit, configured to verify the server's signature information to obtain an electronic credential; an acquisition unit, configured to obtain a user key that corresponds to the user's public key; a subscription unit, configured to sign the electronic credential using the user key obtained from the acquisition unit to obtain subscription information from the client software; and a generation unit, configured to generate a two-dimensional bar code based on pre-determined security information, client software signature information, server signature information, the user's electronic credential and public key, for a final credential verification device to verify the credential comprised in the two-dimensional bar code based on the pre-determined security information and the user's public key, where the pre-determined security information has a validity duration and the final security device. Credential verification is configured to generate an electronic credential based on a user identifier. [012] In accordance with a sixth aspect of the present invention, the present invention provides a final credential verification device, including the following: a first acquisition unit, configured to obtain a two-dimensional bar code in client software, in which the two-dimensional bar code is generated by the client software based on pre-determined security information, client software signature information, server signature information, an electronic credential and a user's public key, the user's signature information customer software are obtained by customer software by subscription Petition 870190054726, of 6/13/2019, p. 108/216 7/58 of the electronic credential and the server's signature information is obtained by a server, by signing the electronic credential and the user's public key; a first verification unit, configured to verify the validity duration of the predetermined security information obtained through the first acquisition unit; a second verification unit, configured to verify the signature information of the client software and the signature information of the server; a third verification unit, configured to obtain a service validity time included in the electronic credential for verification when the verification of the first verification unit in the predetermined security information is successful, verification of the second verification unit in each one the subscription information for the client software and the subscription information for the server are successful; and a determination unit, configured to determine that the verification on the electronic credential is successful when the verification of the third verification unit on the validity of the service comprised in the electronic credential is successful. [013] In accordance with a seventh aspect of the present invention, the present invention provides a system for processing two-dimensional bar codes, and the system includes the following: client software, configured to send a request for the acquisition of electronic credentials to a server , in which the request for the acquisition of electronic credentials includes a user identifier; the server, configured to receive the request for the acquisition of electronic credentials sent by the client software and obtain an electronic credential from a final credential verification device based on the user identifier; and the final credential verification device, configured to receive and respond to the information requested to obtain an electronic credential sent by the server and send the Petition 870190054726, of 6/13/2019, p. 109/216 8/58 electronic credential for the server, where the server is also configured to receive the electronic credential sent by the final credential verification device, sign the electronic credential and a public key of the client software user to obtain the signature information server and send the server's signature and electronic credential information to the client software; the client software is configured to receive the server's signature information and electronic credentials that are sent by the server, verify the server's signature information to obtain the electronic credential, obtain a user key that matches the user's public key, sign the electronic credential using the user key to obtain signature information from the client software and generate a two-dimensional bar code based on predetermined security information, the signature information of the client software, the server signature information, the electronic credential and the user's public key; and the final credential verification device is configured to obtain the two-dimensional barcode in the client's software, verify the validity duration of the pre-determined security information and verify the signature information of the client software and the signature information of the server; and if the verification on each of the pre-determined security information, the signature information of the client software and the signature information of the server are successful, obtain a service validity time included in the electronic credential for verification and if the verification of the service validity time included in the electronic credential is successful, determine that the verification in the electronic credential is successful. [014] According to the previous technical solutions, and according to the method, apparatus and system for processing two-dimensional bar codes provided in the present invention, after receiving the request for Petition 870190054726, of 6/13/2019, p. 110/216 9/58 acquisition of electronic credentials sent by the client software, the server signs the electronic credential and the public key of the client software user by using the server's private key to obtain the server's signature information and sends the server signature and electronic credential for client software. The client software receives the signature information from the server and the electronic credentials that are sent by the server, verifies the signature information from the server, after verifying the signature information, signs the electronic credential and generates the two-dimensional barcode based in the pre-determined security information, the client software signature information, the server signature information, the user's electronic credential and public key. After obtaining the two-dimensional bar code, the final credential verification device can check the server's signature information, the client software's signature information, and the pre-determined security information on the two-dimensional bar code to determine whether the electronic credential it is tampered with in a transmission process, to ensure the security of the electronic credential in a use process. [015] The description is merely an overview of the technical solutions of the present invention. In order to understand more clearly the technical means of the present invention to implement the content of the specification and to make the previous and other objectives, characteristics and advantages of the present invention more understandable, the following list specifies embodiments of the present invention. Brief Description of the Figures [016] By reading detailed descriptions of the following preferred embodiments, a person of ordinary skill in the art understands several other advantages and benefits. The accompanying drawings are Petition 870190054726, of 6/13/2019, p. 111/216 10/58 used only to show the objectives of the preferred embodiments, but are not considered to be a limitation of the present invention. In addition, the same reference numeral is used to indicate the same part in all attached drawings. In the attached drawings. [017] Figure 1 is a structure diagram that illustrates the interaction between the client software, a server and a final credential verification device, in accordance with an embodiment of the present invention. [018] Figure 2 is a flow chart illustrating a first method for processing two-dimensional bar codes, according to an embodiment of the present invention. [019] Figure 3 is a flow chart illustrating a second method for processing two-dimensional bar codes, in accordance with an embodiment of the present invention. [020] Figure 4 is a flow chart illustrating a third method for processing two-dimensional bar codes, according to an embodiment of the present invention. [021] Figure 5 is a schematic diagram illustrating signature and verification on signature, in accordance with an embodiment of the present invention. [022] Figure 6 is a flow chart illustrating a fourth method for processing two-dimensional bar codes, according to an embodiment of the present invention. [023] Figure 7 is a flow chart illustrating a fifth method for processing two-dimensional bar codes, according to an embodiment of the present invention. [024] Figure 8 is a block diagram illustrating a server, according to an embodiment of the present invention. Petition 870190054726, of 6/13/2019, p. 112/216 11/58 [025] Figure 9 is a block diagram illustrating another server, according to an embodiment of the present invention. [026] Figure 10 is a block diagram illustrating the client's software, according to an embodiment of the present invention. [027] Figure 11 is a block diagram illustrating other client software, in accordance with an embodiment of the present invention. [028] Figure 12 is a block diagram illustrating a final credential verification device, according to an embodiment of the present invention. [029] Figure 13 is a block diagram illustrating another final credential verification device, in accordance with an embodiment of the present invention. [030] Figure 14 is a block diagram illustrating a system for processing two-dimensional bar codes, according to an embodiment of the present invention. Detailed Description of the Invention [031] The text below describes the exemplary embodiments of the present invention in more detail with reference to the accompanying drawings. Although the accompanying drawings show examples of embodiments of the present invention, it is to be understood that the present invention can be implemented in various forms, and should not be limited by the embodiments described herein. Instead, these embodiments are provided to enable a person skilled in the art to more fully understand the present invention and the scope of the present invention. [032] To alleviate an existing technology problem, which information from electronic credentials in a two-dimensional bar code Petition 870190054726, of 6/13/2019, p. 113/216 12/58 can be easily poured, the embodiments of the present invention provide a method for processing two-dimensional bar codes. The method is implemented through the cooperation of a server, client software and a final credential verification device. The final credential verification device can at least generate and transmit data, transmit a generated electronic credential to the server and obtain data and verify data, obtain an electronic credential from a two-dimensional barcode in the client software and verify that electronic credential is correct. The server can at least transmit and receive data, receive an electronic credential sent by the final credential verification device and send the electronic credential to the client's software to implement data transmission. The client software can at least exchange data with the server, receive an electronic credential sent by the server and generate an image, generate a two-dimensional bar code, etc., based on the information from electronic credentials. [033] Before the method in the embodiments is described, for ease of understanding, a structure diagram that illustrates the interaction between the client software, a server and a final credential verification device, according to a form of embodiment of the present invention is provided first, as shown in Figure 1. In the embodiment of the present invention, after generating an electronic credential based on a user identifier (such as an identity number, a cell phone number or an e-mail address) -mail), the final credential verification device sends the electronic credential to the server, and the server is allowed access to the electronic credential generated by the final credential verification device. After receiving a request to acquire electronic credentials from the client software, the server sends the electronic credential to the client software, so that the client software generates a Petition 870190054726, of 6/13/2019, p. 114/216 13/58 two-dimensional bar code based on electronic credential for verification of the final credential verification device. [034] It is worth noting that, in this embodiment of the present invention, a description is made using an example that an electronic credential is carried in a two-dimensional bar code. However, theoretically, the electronic credential may also depend on another means, for example, client software that has an NFC feature, such as an SE feature or an HCE feature. In the embodiment of the present invention, a description is made using an example that an electronic credential is carried in a two-dimensional bar code, because for an electronic credential user and the final credential verification device, the two-dimensional bar code has relatively low requirements on hardware devices used and hardware devices are relatively universal. However, it should be clear that such a method of description is not intended to impose a limitation that an electronic credential can only be carried using a two-dimensional bar code. [035] The text below first provides a method for processing two-dimensional bar codes implemented on one side of the server based on the schematic diagram shown in Figure 1. As shown in Figure 2, the method includes the following steps. [036] (101). A server receives a request for the acquisition of electronic credentials sent by the client software. [037] After successful login to the server, the client software sends a request for the acquisition of electronic credentials to the server, where the request for the acquisition of electronic credentials includes a user identifier, so that the server searches for credential information corresponding electronic codes based on the user identifier. In a specific realization process, the electronic credential Petition 870190054726, of 6/13/2019, p. 115/216 14/58 may include, but is not limited to, the following content: an electronic credential that corresponds to an air ticket, a bus ticket, a train ticket, a show ticket, a bank card and a credit card. access, park tickets, an identity card, a merchant coupon, a membership card, a driver's license, a driver's access control card or a bus card. [038] In a specific embodiment process, the client's software is an application (APP) installed on an electronic device or on a website. Before the client software interacts with the server, the client software can register with the server based on a user identifier, and the user identifier can include, but is not limited to, a user identity card, a name real consistent with identity card number, email address, account name, etc. In the registration process, a login password to log in to the server can be set and, after successful registration and login, the client software can be connected and communicate with the server. [039] (102). The server obtains an electronic credential that corresponds to a user identifier and signs the electronic credential and a public key for the user of the client software, using a server private key to obtain signature information from the server. [040] The server described in this implementation, of the present invention, does not generate an electronic credential. After receiving the request for the acquisition of electronic credentials sent by the client software, the server obtains the electronic credential that corresponds to the user identifier of a final credential verification device that generates the electronic credential. The server acts as a bridge between an electronic credential part (client software) and a final verification device Petition 870190054726, of 6/13/2019, p. 116/216 15/58 electronic credentials (final credential verification device) and is responsible for forwarding the electronic credential generated by the final credential verification device to the electronic credential, party. It is worth noting that, on the premises that the server described in this embodiment of the present invention meets national regulatory requirements, the server must be authorized by the final credential verification device to access the final credential verification device. [041] To prevent the electronic credential from being tampered with in a transmission process from the server and the client software, before the server responds to the request for the acquisition of electronic credentials sent by the client software, the server must sign the public key of the client. user of the client software by using the server's private key to obtain the server's signature information. In this embodiment of the present invention, the public key of the user of the client software is signed so that the client software and the server can verify each other's identities, perform security authentication on the identity information and ensure that the information in data transmission process are not tampered with. The server signs the electronic credential, using the server's private key so that the integrity of the original electronic credential can be determined. [042] In addition, when signing the user's public key and electronic credential, the server can still use the server's signature information obtained when the server signs the user's electronic credential and public key as attribute information from the security code. two-dimensional bars generated when the client software subsequently generates the two-dimensional bar code, to ensure that the electronic credential transmitted by the client software is sent by the server, verified by the client software and is authorized and trusted. As such, the credential Petition 870190054726, of 6/13/2019, p. 117/216 16/58 electronics cannot be forged or repudiated. [043] (103). The server sends the server's signature and electronic credential information to the client software. [044] As such, the client software verifies the signed electronic credential and generates a two-dimensional bar code based on the electronic credential, so that the final credential verification device verifies the electronic credential included in the two-dimensional bar code. The final credential verification device is configured to generate the electronic credential based on the user identifier. [045] According to the method for processing two-dimensional bar codes provided in this embodiment of the present invention, after receiving the request for the acquisition of electronic credentials sent by the client software, the server signs the user's electronic credential and public key of the client software by using the server's private key to obtain the server's signature information and send the server's signature information and electronic credential to the client software. The client software receives the signature information from the server and the electronic credentials that are sent by the server, verifies the signature information from the server, after verifying the signature information, signs the electronic credential and generates the two-dimensional barcode based in the pre-determined security information, the client software signature information, the server signature information, the user's electronic credential and public key. After obtaining the two-dimensional bar code, the final credential verification device can check the server's signature information, the client software's signature information, and the pre-determined security information on the two-dimensional bar code to determine whether the electronic credential is tampered with in a transmission process, to Petition 870190054726, of 6/13/2019, p. 118/216 17/58 guarantee the security of the electronic credential in a process of use. [046] As an additional description of the method shown in Figure 1, to ensure the validity of the client software user identifier and to ensure that the client software user identifier is not tampered with in a content transmission process, in step ( 102), the client software user's electronic credential and public key can be signed using the server's private key in the following methods, etc. For example. [047] Method 1: The server assigns a user's signature key to the electronic credential and signs the electronic credential and a user's first public key, using the server's private key, where the allocated user's signature key includes the user's first public key. [048] When the server receives the request for the acquisition of electronic credentials sent by the client software, if no public key for the user of the client software is obtained from the request for the acquisition of electronic credentials, the server temporarily allocates a pair of signature keys from the user to the electronic credential to authenticate the user identifier of the client software and therefore ensure that the electronic credential is not tampered with, in which the allocated user's signature keys include a user's first public key and a first user's private key user; and signs the first user's private key, using the server's private key to perform security authentication on the server's signature information after the server's signature information is received. [049] Since the user's signature keys are temporarily allocated by the server to the electronic credential, if the user's signature keys are not obtained by the client software, the Petition 870190054726, of 6/13/2019, p. 119/216 18/58 server signature information on the server cannot be verified. To alleviate the previous problem, if the server signs the electronic credential and the user's first public key of the client software using method 1, when the server sends the server's signature and electronic credential information to the client software , the server needs to be synchronized to send the user's signature keys allocated to the electronic credential for the client software, so that the client software can verify the server's signature information based on the user's signature keys. [050] In a specific embodiment process, after receiving the user's signature keys temporarily allocated by the server to the electronic credential and verifying the server's signature information based on the user's signature keys, the client software can discard user signature keys directly, or use user signature keys as common user keys and public keys of the client software. Embodiments are not limited to this embodiment of the present invention. [051] Method 2: The server obtains a second public key from the user sent by the client software and signs the user's second public key and electronic credential, using the server's private key. [052] In this embodiment, to identify the identity of the client software, when sending the request to acquire electronic credentials to the server, the client software sends the second public key of the client of the client software to the server, so that the server performs identity authentication on the client software and the server signs the user's second public key and the electronic credential of the client software, using the server's private key. After receiving the user's second signed public key and signed electronic credential, the Petition 870190054726, of 6/13/2019, p. 120/216 19/58 customer software will only be able to obtain electronic credential information after successful signature verification to ensure that the electronic credential is not tampered with. [053] It is worth noting that the user's first public key and the user's second public key described in this embodiment of the present invention are used to distinguish different user public keys from the client's software. The “first” and the “second” have no other meaning and are not intended to limit the number, priority, etc. the user's public keys. A method for naming the user's public key in the client software is not limited in this embodiment of the present invention. [054] To facilitate the description, in the subsequent description in the embodiment of the present invention, a description is made using an example that a user's public key and a user's private key are asymmetric keys. However, it should be clear that the user's public key and the user's private key are not limited to asymmetric keys, but can be symmetric keys. Embodiments are not limited to this embodiment of the present invention. [055] To facilitate understanding of a server signing process, the following uses an example that the server signs a user's public key and an electronic credential for description. A specific process includes the following: After obtaining the user's public key and electronic credential, the server can perform a hash operation on the user's public key and electronic credential using a hashing algorithm to obtain a hash value and sign the hash value, by using the server's private key to obtain the server's signature information. An algorithm (such as a hash operation) used in a signature process is not limited in this embodiment of the present invention. Petition 870190054726, of 6/13/2019, p. 121/216 20/58 [056] After signing the user's electronic credential and public key, the server sends the electronic credential, the user's public key signed and the electronic credential signed to the client software, so that the client software verifies the server signature information and ensure that the electronic credential is not tampered with by a malicious user in a data transmission process. In addition, the server must also transmit the public key that corresponds to the server's private key that is used when the server obtains the signature information, so that the client software and the final credential verification device receive the public key transmission. by the server and use the server's public key to verify the signature information. [057] In addition, the server described in this embodiment of the present invention serves as a bridge that carries the client software and a part of verifying credential information. The server is responsible for authenticating the validity of a user and, in addition, the server can verify the validity of using an electronic credential. In specific usage processes, electronic credentials correspond to different types of services and different types of services are limited through different service specifications. For example, when the electronic credential is an airline ticket, the airline ticket service includes an airplane departure time (this application scenario can only be a scenario with an airplane taking off without delay). Alternatively, when the electronic credential is a ticket to the show, the ticket service also includes a start time, an entry time, etc. of the show. Therefore, in this embodiment of the present invention, before obtaining the corresponding electronic credential based on the user identifier, the server needs to analyze the request for the acquisition of electronic credentials, to obtain a service validity time included in the request to acquire Petition 870190054726, of 6/13/2019, p. 122/216 21/58 electronic credentials and verify that the service validity time complies with the service specification. When the service's validity time complies with the service specification, the server obtains the electronic credential that corresponds to the user identifier. When the service's validity period does not comply with the service specification, the server returns ready information to the client software indicating that no corresponding electronic credential is available. [058] For better understanding, the text below describes the service validity time and the service specifications with examples. For example, suppose an electronic credential is a bus ticket service, an hour for a final credential verification device for pre-purchasing bus tickets is 7 days and the current date is November 1, 2016. A user sends a request for the acquisition of electronic credentials to the server using the client's software on November 1, 2016, the service validity period included in the request is November 20, 2016 and the maximum validity period of an electronic credential generated by the device credential verification final is November 8, 2016. Therefore, the server can determine that the service's validity time does not comply with a service specification. The previous description is merely an example. This embodiment of the present invention does not impose any limitation on a type of service of an electronic credential, a service validity period, a service specification, etc. [059] In addition, in step (102), the electronic credential that corresponds to the user identifier can be obtained in the following methods, but not limited to the methods. For example: [060] Method 1: After the final device verification device Petition 870190054726, of 6/13/2019, p. 123/216 22/58 credentials generates the electronic credential based on the user identifier, the electronic credential synchronized by the final credential verification device is received. [061] In this embodiment, after generating the electronic credential, the final credential verification device actively sends the generated electronic credential to the server. In a specific embodiment process, to facilitate the management of a plurality of electronic credentials, the server can locally generate a predetermined list, where the predetermined list is used to record a mapping relationship between a user identifier and an electronic credential. After receiving the electronic credential synchronized by the final credential verification device, the server registers a newly received mapping relationship between an electronic credential and a user identifier in the predetermined list. After sending an electronic credential to the client software, the server can delete the electronic credential that was successfully sent from the predetermined list, to reduce the resources occupied by the server. [062] Method 2: Requesting information to obtain an electronic credential is sent to the final credential verification device based on the user identifier, to obtain the electronic credential. [063] In this embodiment, the server is used for routing. The server requests an electronic credential from the final credential verification device based on the user identifier in the electronic credential acquisition request only upon receiving the electronic credential acquisition request sent by the client software and forwards the obtained electronic credential to the client software client. A method for obtaining an electronic credential by the server is not limited in this embodiment of the present invention. Petition 870190054726, of 6/13/2019, p. 124/216 In addition, as an additional description and an extension of the previous method, an embodiment of the present invention further provides a method for processing two-dimensional bar codes. In the method, to facilitate the description, a description is made mainly using an example that the client's software is ALIPAY and the electronic credential is an electronic show ticket. It should be clear that such a method of description is not intended to impose a limitation that the client software described in this embodiment of the present invention may be only ALIPAY. As shown in Figure 3, the method includes the following steps. [065] (201). A server receives a request for the purchase of electronic concert tickets sent by ALIPAY, in which the request for the purchase of electronic concert tickets includes a cell phone number and a service validity period. [066] In practice, the service's validity time can be an electronic show ticket reservation time, or it can be an electronic show ticket start time, or it can be at any time unrelated to the electronic show ticket. The service life span is not limited in this embodiment of the present invention. [067] (202a). The server analyzes the request for the purchase of an electronic show ticket and obtains the validity time of the service included in the request for the purchase of electronic show ticket. [068] For example, the service's validity time in the request is the show's start time: 4:00 pm on September 20, 2016 and the current date is September 1, 2016. [069] (203a). Verify that the service's validity period complies with a service specification. [070] If the service validity time is in accordance with the service specification, step (204) is performed. If the Petition 870190054726, of 6/13/2019, p. 125/216 24/58 service validity does not conform to a service specification, step (205) is performed. [071] In this embodiment of the present invention, the ticket for the electronic show is obtained for the following scenario: When a paper ticket for the show is lost or damaged, the show can be registered by checking the ticket for the electronic show, without post-registration for a paper show ticket. This reduces a tedious post-registration process. In this example, it can be specified that the service specification is that an electronic show ticket can be obtained within 30 days prior to the opening of the show, or an electronic show ticket can be obtained within half an hour after the opening of the show. show. Step (202b) can be performed as long as the service's validity time complies with the service specification. The validity time described in step (201) is the start time of the show on September 20, 2016 which is in accordance with the service specification, so step (202b) is performed. [072] (202b). The server analyzes the request for the purchase of electronic concert tickets and obtains the cell phone number in the request for the purchase of electronic concert tickets. [073] (203b). Check the validity of the cell phone number. [074] If the cell phone number is valid, step (204) is performed. If the phone number is invalid, step (205) is performed. [075] In the current stage, it is checked whether the mobile number in the request is consistent with the mobile number on the server. [076] It is worth noting that when steps (202a) and (202b) are performed, there is no sequence between the two steps. In addition, subsequent steps continue to be performed only after the service expiration check and the user identifier check (a Petition 870190054726, of 6/13/2019, p. 126/216 25/58 mobile number) are successful. [077] (204). The server obtains an electronic show ticket that corresponds to the cell phone number and signs a public key for the ALIPAY user and the electronic credential using a private key from the server to obtain subscription information from the server. [078] Based on different types of services, electronic credentials have corresponding details. An electronic concert ticket is used as an example. The electronic show ticket includes a show location, a stand, a specific seat number, a show name, a price, etc. Embodiments are not limited to this embodiment of the present invention. [079] (205). Intercept the request to purchase electronic concert tickets and send a request failure request to ALIPAY. [080] (206). Send the server's subscription information and the electronic concert ticket to ALIPAY. [081] (207). Transmit a public key that corresponds to the server's private key, so that ALIPAY will verify signature information based on the server's public key. [082] As an extension of the method shown in Figure 3, after the electronic device (for example, the cell phone) installed with ALIPAY is lost, the user can change the cell phone and, after successfully logging in to ALIPAY, continue to use the electronic credential, avoiding deregistration, post-registration etc. after the paper credential is lost. This application scenario can only be applied after ALIPAY performs a successful signature verification using the user's private key, the server's public key and electronic credential. If ALIPAY does not verify the server's subscription information, ALIPAY Petition 870190054726, of 6/13/2019, p. 127/216 26/58 will need to verify the server's signature information based on the server's public key and obtain the electronic credential after verification is complete. In an optional embodiment of the present invention, to further determine that the electronic credential is not leaked, after the server sends the server's signature and electronic credential information to the client software, the duration of the verification validity for the server's public key can be set. As such, the client software must complete verification of the server's signature information within a specified time limit. If the validity period of the server's public key verification expires, the server's signature information cannot be verified. [083] In addition, an embodiment of the present invention further provides a method for processing two-dimensional bar codes. The method is applied alongside the client software shown in Figure 1. As shown in Figure 4, the method includes the following steps. [084] (301). The client software receives subscription information from the server and an electronic credential that is sent by a server. [085] After the client software successfully logs in to the server using a user account name and login password, the client software sends a request to acquire electronic credentials to the server. The server responds to the request to acquire electronic credentials. To prevent the electronic credential from being tampered with in a transmission process, the server sends the server's signature and electronic credential information to the client software to verify the validity of the client software's identity. The server signature information is obtained by the server by signing the electronic credential and public key of the user of the client software, using Petition 870190054726, of 6/13/2019, p. 128/216 27/58 of a server private key. For related descriptions on how to obtain the subscription information from the server, you can reference the descriptions detailed in the previous embodiment. Details are omitted for simplicity in this embodiment of the present invention. [086] (302). The client software verifies the server's signature information to obtain an electronic credential. [087] For example, the server signature information obtained by signing a user's public key and electronic credential by a server, and the verification in the server signature information performed by the client software is used as an example for a detailed description . Figure 5 is a schematic diagram showing the signature and verification of the signature, according to an embodiment of the present invention. After obtaining the user's public key and electronic credential, the server performs a hash operation on the user's public key and electronic credential using the hashing algorithm to obtain a first hash value and encrypts the first hash value, through using the server's private key to obtain signature information from the server. The server sends the server's signature and electronic credential information to the client software. After receiving the signature information from the server and the electronic credential, the client software extracts the electronic credential and performs a hash operation on the electronic credential to obtain a second hash value. In addition, the client software uses a public key from the server to decrypt the server's signature information to obtain a first hash value and compares the first hash value obtained through decryption with the second hash value obtained through calculation. If the first hash value is equal to the second hash value, it indicates that the electronic credential is not tampered with in a transmission process, and the electronic credential can Petition 870190054726, of 6/13/2019, p. 129/216 28/58 be used directly after obtaining the electronic credential. If the first hash value is different from the second hash value, this indicates that the electronic credential is tampered with in a data transmission process and there may be a risk of information leakage. It is worth noting that Figure 5 is just an example and the specific content of the server's subscription information is not limited. [088] (303). The client software obtains a user key that corresponds to a user's public key and signs the electronic credential using the user key to obtain signature information from the client software. [089] The client software generates an electronic credential that is carried in a two-dimensional bar code. To prevent the electronic credential from being tampered with illegally and to prevent electronic credential information from being leaked, the customer's software needs to sign the electronic credential using a user's private key to obtain the signature information from the customer's software. When the client software uses the signature information from the client software as attribute information from the generated two-dimensional bar code, the final credential verification device can verify the signature information of the client software and further authenticates the validity of the software of the customer. [090] For a specific method of carrying out the signature, references can be made to the detailed description in Figure 5. Details are omitted for simplicity in this embodiment of the present invention. [091] (304). The client software generates a two-dimensional bar code based on pre-determined security information, the client software signature information, the server signature information, the user's electronic credential and public key. Petition 870190054726, of 6/13/2019, p. 130/216 29/58 [092] When the client software and the credential verification part perform short distance data transmission (electronic credential), to ensure the security of the electronic credential transmission, authentication information can be added to the barcode Two-dimensional generated and authentication information may include, but is not limited to, client software signature information, server signature information, and predetermined security information. The final credential verification device can verify the signature information for the client software to determine whether the electronic credential that needs to be verified is sent by the client software. In addition, the final credential verification device can verify the server's signature information to determine whether the electronic credential in the two-dimensional bar code is sent by the server, to ensure that the electronic credential is not tampered with. [093] In this embodiment of the present invention, predetermined security information is used as a dynamic two-dimensional barcode implementation and is used as a credential to establish credible data transmission between the client software and the end device credential verification. Before receiving the two-dimensional bar code sent by the client's software, the final credential verification device checks the validity and security of the pre-determined security information to ensure the security of the electronic credential sent by the client's software. Pre-determined security information can include, but is not limited to, the following content: dynamic password information, time information, random code information, etc. Embodiments are not limited to this embodiment of the present invention. [094] For example, as described here, the current time of Petition 870190054726, of 6/13/2019, p. 131/216 30/58 system is used for pre-determined security information. If the client software generates a two-dimensional bar code at 8:00 am, it can be determined that the pre-determined security information is 8/00. If the customer's software generates the two-dimensional barcode at 10:21, the predetermined security information can be determined to be 10/21. The previous example is described using the pre-determined security information as the current system time. However, it should be clear that such a method of description is not intended to impose a limitation that the pre-determined security information described in this embodiment of the present invention may be only the current system time of the client software. [095] It is worth noting that when the two-dimensional barcode is generated, the user's public key of the client software is not transmitted and instead the user's public key is used directly as code attribute information two-dimensional bar graph generated. It can effectively reduce additional expenses and costs for customer software. [096] According to the method for processing two-dimensional bar codes provided in this embodiment of the present invention, after receiving the request for the acquisition of electronic credentials sent by the client software, the server signs the electronic credential and the public key of the user of the client software by using the server's private key to obtain the server's signature information and send the server's signature information and electronic credential to the client software. The client software receives the signature information from the server and the electronic credentials that are sent by the server, verifies the signature information from the server, after verifying the signature information, signs the electronic credential and generates the two-dimensional barcode based pre-determined security information, security information Petition 870190054726, of 6/13/2019, p. 132/216 31/58 client software signature, server signature information, electronic credential and user's public key. After obtaining the two-dimensional bar code, the final credential verification device can check the server's signature information, the client software's signature information, and the pre-determined security information on the two-dimensional bar code to determine whether the electronic credential it is tampered with in a transmission process, to ensure the security of the electronic credential in a use process. [097] In an embodiment of the present invention, upon obtaining the user key that corresponds to the user's public key, the client software receives a user signature key that is sent by the server and is allocated to the electronic credential, where the user's signing key includes a user's first public key and a user's first key, the user's key and the user's public key are asymmetric keys and the client software obtains the first user key in the signing key allocated by the server for the electronic credential. In another embodiment of the present invention, by obtaining the user key that corresponds to the user's public key, the client software can obtain a second user key that is generated by the client software and that corresponds to the user's public key . A method for the client software to obtain the user key is not limited in this embodiment of the present invention. [098] In addition, when verifying the server's signature information, the method includes the following: receiving and storing a server's public key transmitted by the server and verifying the server's signature information based on the server's public key and credential electronics. [099] When determining that the server signs the user's second public key generated by the client software, the client software Petition 870190054726, of 6/13/2019, p. 133/216 32/58 verifies the server's signature information based on the server's public key, electronic credential, and the user's first public key. [0100] When determining that the server signs the user's first public key allocated by the server for the electronic credential, the client software verifies the server's signature information based on the public key of the server, the electronic credential and the second public key of user. For a process where the client software verifies the server's signature information, references can be made to the detailed description in Figure 5. The embodiments are not limited in this embodiment of the present invention. [0101] It is worth noting that, when sending the electronic credential to the client's software, the server needs to sign the user's electronic credential and public key to obtain the server's signature information, so that the client software manages the two-dimensional bar code later, the server signature information can be used as attribute information for the generated two-dimensional bar code. The user uses a user's private key to sign information sent by the server, to ensure the correctness of the original information from the electronic credential and to ensure that the user's public key is valid and reliable as verified and cannot be forged or repudiated. [0102] In addition, there may be a plurality of user signature keys (including the first user key generated by the client software and the second user key allocated by the server to the electronic credential) in the client software. Therefore, the client's software can sign the electronic credential using any user's private key that matches the client's software. For example, customer software can sign the electronic credential using the first user key or sign the electronic credential using the second user key. The shapes Petition 870190054726, of 6/13/2019, p. 134/216 33/58 embodiments are not limited to this embodiment of the present invention. [0103] To further ensure the security of the electronic credential, when the client software generates the two-dimensional bar code, the client software also uses the signature information from the client software in the process. As such, the final credential verification device verifies the signature information of the client software, to ensure that the electronic credential is generated by the client software and the client software is authorized and trusted to use the electronic credential and electronic credential. it cannot be forged or repudiated. The two-dimensional barcode can be generated based on predetermined security information, client software signature information, server signature information, electronic credential and the user's public key in the following method: setting the validity duration the pre-determined security information and generate the two-dimensional bar code based on the pre-determined security information, the client software signature information, the server signature information, the electronic credential, the user's public key, the duration of validity of pre-determined security information and the user identifier. [0104] It is worth noting that, in this embodiment of the present invention, when generating the two-dimensional bar code, the client software needs to use the user identifier as attribute information of the generated two-dimensional bar code. This can be applied to an application scenario with a final credential verification device that requires a real user name system. For example, when an electronic credential is a credential that corresponds to an airline ticket, a bus ticket, a train ticket, a bank card, etc., when Petition 870190054726, of 6/13/2019, p. 135/216 34/58 the final credential verification device verifies this electronic credential, an identity entity can be used to verify a real name system condition, to assist in completing verification, to satisfy a requirement in some application scenarios that require a real name system. [0105] In an optional solution in this embodiment of the present invention, in some high security scenarios, when a two-dimensional bar code is generated, to prevent the two-dimensional bar code from being used by a malicious user when a cell phone or a tablet computer is lost or within a short period of time, when the two-dimensional bar code is broken, a biometric feature of a person using the electronic credential can be added to the two-dimensional bar code. For example, a biometric feature, such as a fingerprint of the person using the electronic credential, is included in the two-dimensional bar code. When the final credential verification device checks the two-dimensional barcode, it is necessary to verify the person's biometric feature to further ensure the security of the electronic credential. [0106] In addition, in the previous embodiment, specific functions and specific embodiments of the server and the client software for two-dimensional barcode processing are described in detail. The final credential verification device shown in Figure 1 needs to perform the verification on the generated electronic credential that depends on the two-dimensional bar code. Next, a method for processing two-dimensional bar codes is provided. The method is applied to a final credential verification device. As shown in Figure 6, the method includes the following steps. [0107] (401). The ultimate credential verification device Petition 870190054726, of 6/13/2019, p. 136/216 35/58 obtains a two-dimensional bar code from the client software. [0108] The two-dimensional barcode is generated by the client software based on pre-determined security information, client software signature information, server signature information, an electronic credential and a user's public key, the information Client software signature forms are obtained by the client's electronic credential software, and server signature information is obtained by the server, by signing the user's electronic credential and public key. [0109] The final credential verification device can obtain the two-dimensional barcode in the client software in the following method, etc. For example, the two-dimensional barcode is obtained using a predetermined data acquisition instruction. Methods related to the predetermined data acquisition instruction include an exploration method, a final shaking method of data transmission, a key trigger method, a voice trigger method and a method of sliding along a track . [0110] In the predetermined data acquisition instruction method in this embodiment of the present invention, it is necessary to define predetermined data acquisition instruction methods other than the scanning method before data transmission. For example, a final shaking method of data transmission is defined as follows: shaking twice in the same direction, shaking left and right twice, and swinging up and down three times. The key trigger method includes the following: The final credential verification device monitors a trigger state for a predetermined key, and the predetermined key can be a physical key or it can be a virtual key. When the client software fires the key Petition 870190054726, of 6/13/2019, p. 137/216 36/58 predetermined, the final credential verification device can obtain a two-dimensional bar code displayed in the client software. If the client software is touch-sensitive client software, after the final credential verification device pre-determines the method of sliding along a trail, the final credential verification device monitors the sliding state of a touch screen in the client software and when the user operates on the screen, obtains the two-dimensional bar code. The predetermined data acquisition instruction is described above, and a type of predetermined data acquisition instruction in practice is not limited in this embodiment of the present invention. [0111] (402). The final credential verification device verifies the validity duration of pre-determined security information and verifies client software signature information and server signature information. [0112] The final credential verification device analyzes the obtained two-dimensional bar code, obtains the predetermined security information and the electronic credential that are included in the two-dimensional bar code and verifies the duration of validity of the pre-determined security information. determined and the validity time of the service in the electronic credential. For example, suppose that the predetermined security information is the current system time of the client software, that the predetermined security information is 10/21 and that the duration of validity of the predetermined security information is 60 s. The final credential verification device obtains a time difference between the current system time and the pre-determined security information and determines whether the validity duration is longer than 60 s. If it is determined that the validity duration is greater than 60 s, the final credential verification device determines that the two-dimensional barcode is invalid. THE Petition 870190054726, of 6/13/2019, p. 138/216 37/58 previous description is an example. Alternatively, the duration of the pre-determined security information can be set to two minutes, etc. The duration of validity of predetermined security information is not limited in this embodiment of the present invention. [0113] For embodiments for the final credential verification device to verify the signature information of the client software and the signature information of the server, references can be made to the method shown in Figure 5. Details are omitted for simplicity in this embodiment of the present invention. [0114] (403). If the verification on each of the predetermined security information, the signature information of the client software and the signature information of the server is successful, obtain a service validity time comprised in an electronic credential for verification. [0115] To check the validity of the service, references can be made to related descriptions in the previous embodiments. Details are omitted for simplicity in this embodiment of the present invention. [0116] (404). If the verification of the validity of the service included in the electronic credential is successful, determine that the verification in the electronic credential is successful. [0117] According to the method for processing two-dimensional bar codes provided in this embodiment of the present invention, after receiving a request for the acquisition of electronic credentials sent by the client software, the server signs the electronic credential and the public key of the user client software by using the server's private key to obtain the server's signature information and send the server's signature and electronic credential information to the Petition 870190054726, of 6/13/2019, p. 139/216 38/58 client software. The client software receives the signature information from the server and the electronic credentials that are sent by the server, verifies the signature information from the server, after verifying the signature information, signs the electronic credential and generates the two-dimensional barcode based in the pre-determined security information, the client software signature information, the server signature information, the user's electronic credential and public key. After obtaining the two-dimensional bar code, the final credential verification device can check the server's signature information, client software signature information, and pre-determined security information in the two-dimensional bar code to determine whether the electronic credential is tampered with in a transmission process, to ensure the security of the electronic credential in a use process. [0118] In addition, as an extension of the method shown in Figure 6, in this embodiment of the present invention, all steps of the methods are performed based on the electronic credential generated by the final credential verification device. Therefore, in this embodiment of the present invention, before the two-dimensional barcode in the client software is obtained, the final credential verification device generates the electronic credential based on the user identifier, and an occasion to generate the electronic credential may include, but is not limited to, the following content. For example, after a user purchases a ticket from the ticket window, a ticket system generates electronic credential information in addition to generating a paper credential and sending electronic credential information back to the server. As such, the server can send the electronic credential to the client's software. Alternatively, after the user purchases an electronic ticket on the ticket website, a Petition 870190054726, of 6/13/2019, p. 140/216 39/58 electronic credential that corresponds to the electronic ticket is generated and then sent to the server. In this embodiment of the present invention, there is no limitation as to whether the final credential verification device provides a paper ticket after generating an electronic credential. In this embodiment of the present invention, the electronic credential is intended to avoid complex post-registration operations for a paper credential after the paper credential is lost or damaged. In addition, the security of the electronic credential can be guaranteed when the final credential verification device obtains an electronic credential that is transported in a dynamic two-dimensional bar code. [0119] After the final credential verification device generates the electronic credential, the corresponding electronic credential can be synchronized with the server based on user identification information so that the client software can obtain the electronic credential from the server. In another embodiment of the present invention, after receiving request information to obtain an electronic credential sent by the server, the final credential verification device sends the electronic credential to the server, where the information requested to obtain an electronic credential includes the user identifier. [0120] In addition, the final credential verification device can verify the signature information of the client software and the signature information of the server in the following method, etc. For example, the final credential verification device obtains a user's public key comprised in the two-dimensional bar code and verifies signature information from the client software based on the user's public key and electronic credential. The final credential verification device receives and stores a public key from the server that corresponds to a Petition 870190054726, of 6/13/2019, p. 141/216 40/58 private key of the server and transmitted by the server; and verifies the server's signature information based on the server's public key and electronic credential. [0121] In addition, in some application scenarios with relatively high security requirements, the client software uses the user identifier information as attribute information from the generated two-dimensional bar code, so that the final credential verification device authenticates the user's identity information. For example, the client software uses the user's identity card as the attribute information of the generated two-dimensional barcode. The final credential verification device scans the two-dimensional barcode, obtains a user identifier from the final credential verification device, and verifies the user identifier. If the final credential verification device determines that the verification on the user identifier is successful, the final credential verification device determines that the verification on the electronic credential is successful. For example, when the electronic credential in the two-dimensional bar code is a train ticket, when the user uses the electronic train ticket to pass through the station turnstile, the user's identity card can be checked at the same time, to complete the verification in the electronic credential. [0122] Furthermore, when the final credential verification device verifies the content in the two-dimensional bar code, regardless of the amount of content included in the two-dimensional bar code, as long as the content included in the two-dimensional bar code is successfully verified by the final device credential verification, indicates that the electronic credential verification is successful. If an item or items included in the bar code Petition 870190054726, of 6/13/2019, p. 142/216 41/58 two-dimensional verification fails, this indicates that the electronic credential verification fails. For example, suppose that when the two-dimensional barcode includes pre-determined security information, client software signature information, server signature information and user identifier, it can be determined that the electronic credential is verified successful only after verification of the pre-determined security information, the signature information of the client software, the signature information of the server and the user identifier are successful. [0123] As described above, the final credential verification device checks the electronic credential that is carried in the two-dimensional bar code, and the convenience and security of the electronic credential at work and in daily life can be seen in the process. The previous description is described using an example that the client software includes an electronic credential type. In practice, the client software can include a plurality of types of electronic credentials. Electronic credentials can be recorded separately in different dynamic two-dimensional bar codes, or they can be recorded in the same two-dimensional bar code. Embodiments are not limited to this embodiment of the present invention. The electronic credential can replace the entity's credential information in existing technology, preventing information from leaking into the entity's credential and alleviating heavy cancellation or post-registration steps when the entity's credential is lost. According to the method of this embodiment of the present invention, a user only needs to carry a terminal device (telephone) installed with the client's software when leaving and does not need to carry any entity credential. [0124] For example, user A carries only one phone Petition 870190054726, of 6/13/2019, p. 143/216 42/58 cell phone installed with client software and takes a bus from home to the company at 8:00 am. The user can travel smoothly with a two-dimensional bar code from an electronic bus credential in the client software. After arriving, the user can enter the company with an electronic access control credential and can enter using an electronic credential. At 11 am, User A needs to go to a bank to process a bank service, and the electronic ID card and electronic bank card can be used to process the service. At 17:00, User A needs to travel to the train station for a business trip. When user A is going through the turnstile, the verification of the real name can be carried out using the electronic identity card and the electronic train ticket. After the check is successful, the user can take the train. The previous secure method for processing two-dimensional bar codes is used when the electronic credential is verified. The previous example is intended to illustrate the convenience and security brought by the electronic credential for life and work, and is not intended to limit a specific scenario for the application of the electronic credential. [0125] In the previous embodiments, the processes that the server, the client software and the final credential verification device process the two-dimensional bar codes are described separately in detail. However, in practice, the server, the client software and the final credential verification device are indispensable in the verification of the two-dimensional barcode. In the following embodiments, the server, client software and the final credential verification device are summarized and described. As shown in Figure 7, the method includes the following steps. [0126] (501). The final credential verification device generates an electronic credential based on a user identifier and Petition 870190054726, of 6/13/2019, p. 144/216 43/58 synchronizes the corresponding electronic credential to the server based on the user identifier, so that the server sends the electronic credential to the client software. [0127] (502). The client software sends an electronic credential acquisition request to the server, where the electronic credential acquisition request includes a user identifier and a service validity time. [0128] (503). The server receives the request for the acquisition of electronic credentials sent by the client software, analyzes the request for the acquisition of electronic credentials and obtains the service validity time included in the request for the acquisition of electronic credentials. [0129] (504). The server checks whether the service's validity time complies with a service specification. [0130] If the service validity time is in accordance with the service specification, step (505) is performed. If the service's validity period does not comply with a service specification, the request to acquire electronic credentials will be ignored. [0131] (505). Obtaining the electronic credential that corresponds to the user identifier and encrypt the electronic credential. [0132] The information requested to obtain an electronic credential can later be sent to the final credential verification device based on the user identifier to obtain the electronic credential. [0133] (506). The server signs a public key for the client software user and electronic credential using a private key from the server to obtain signature information from the server and sends the signature information from the server and electronic credential to the client software. Petition 870190054726, of 6/13/2019, p. 145/216 44/58 [0134] (507). The server transmits a public key that corresponds to the server's private key, so that the client software and the final credential verification device verify signature information based on the server's public key. [0135] (508). The client software receives and stores the public key transmitted by the server. [0136] (509). The client software receives the server's signature information and electronic credentials that are sent by the server. [0137] (510). The client software verifies the server's signature information based on the server's public key transmission to obtain an electronic credential. [0138] If the verification on the server's signature information is successful, step (511) is performed. If verification of the server's signature information fails, an electronic credential provided by the server cannot be obtained. [0139] (511). The client software signs the electronic credential using a user key to obtain signature information from the client software and generates a two-dimensional bar code based on pre-determined security information, the client software signature information, the information signature, the user's electronic credential and public key. [0140] (512). The final credential verification device obtains a two-dimensional bar code from the client software, verifies the duration of the pre-determined security information and verifies the signature information of the client software and the signature information of the server. [0141] (513). If the verification in each of the information of Petition 870190054726, of 6/13/2019, p. 146/216 45/58 pre-determined security, the signature information of the client software and the signature information of the server are successful, obtain a service validity time included in the electronic credential for verification; and if the verification of the validity of the service included in the electronic credential is successful, determine that the verification in the electronic credential is successful. [0142] It is worth noting that, for detailed descriptions of step (501) to step (513), references can be made to the previous related descriptions. Details are omitted for simplicity in this embodiment of the present invention. [0143] In addition, as an embodiment of the method shown in Figure 1, another embodiment of the present invention further provides a server. The embodiment of this apparatus corresponds to the embodiment of the previous method. In order to facilitate reading, the details in the embodiment of the previous method are omitted in the embodiment of this apparatus. However, it must be clear that the apparatus in this embodiment can, correspondingly, implement all the content in the embodiment of the previous method. [0144] In addition, an embodiment of the present invention provides a server. As shown in Figure 8, the device includes the following: a receiving unit (61), configured to receive a request for the acquisition of electronic credentials sent by the client software, in which the request for the acquisition of electronic credentials includes a user identifier ; a first acquisition unit (62), configured to obtain an electronic credential that corresponds to the user identifier received by the receiving unit; a signature unit (63), configured to sign the electronic credential and a public key of the client software user, using a private server key to obtain Petition 870190054726, of 6/13/2019, p. 147/216 46/58 server signature information; and a sending unit (64), configured to send the server's signature information obtained through the subscription unit (63) and the electronic credential obtained by the first acquisition unit to the client's software, so that the client's software verifies the server's signature information within a user key's validity time and generates a two-dimensional barcode based on the electronic credential. The final credential verification device checks the electronic credential comprised in the two-dimensional bar code, in which the final credential verification device is configured to generate the electronic credential based on the user identifier. [0145] In addition, as shown in Figure 9, the signature unit (63) includes the following: an allocation module (631), configured to assign a user signature key to the electronic credential; a first signature module (632), configured to sign, using the server's private key, the electronic credential and a user's first public key allocated by the allocation module, in which the allocated user's signature key includes the first user's public key; an acquisition module (633), configured to obtain a second public key from the user sent by the client software; and a second signature module (634), configured to sign, using the server's private key, the electronic credential and the user's second public key obtained by the acquisition module. [0146] Furthermore, if the user's first public key is signed, using the server's private key, the sending unit (64) is further configured to send the allocated user's signature key, the user's signature information server and electronic credential for client software. Petition 870190054726, of 6/13/2019, p. 148/216 47/58 [0147] In addition, as shown in Figure 9, the server also includes the following: an analysis unit (65), configured to: before the first acquisition unit (62) obtain the electronic credential that corresponds to the identifier user, analyze the request for the acquisition of electronic credentials; a second acquisition unit (66), configured to: after the analysis unit (65) analyze the request for the acquisition of electronic credentials, obtain a service validity period included in the request for the acquisition of electronic credentials; and a verification unit (67), configured to verify that the service validity time obtained by the second acquisition unit (66) conforms to a service specification, in which the first acquisition unit (62) is still configured to: when the verification unit (67) verifies that the service validity time is in accordance with the service specification, obtain the electronic credential that corresponds to the user identifier. [0148] In addition, as shown in Figure 9, the first acquisition unit (62) includes the following: a receiving module (621), configured to: after the final credential verification device generates the electronic credential based on the user identifier, receive the electronic credential synchronized by the final credential verification device; and a processing module (622), configured to send request information to obtain an electronic credential to the final credential verification device based on the user identifier, to obtain the electronic credential. [0149] In addition, the user's signature key is an asymmetric key. [0150] In addition, as shown in Figure 9, the server also includes the following: a transmission unit (68), configured to transmit Petition 870190054726, of 6/13/2019, p. 149/216 48/58 a public key that corresponds to the server's private key, so that the client software and the final credential verification device verify signature information based on the server's public key. [0151] An embodiment of the present invention further provides customer software. As shown in Figure 10, the client software includes the following: a first receiving unit (71), configured to receive signature information from the server and an electronic credential that is sent by a server, where the signature information from the server they are obtained by the server through the signature of the electronic credential and a public key of the user of the client software, through the use of a private key of the server; a signature verification unit (72), configured to verify the server's signature information to obtain an electronic credential; an acquisition unit (73), configured to obtain a user key that corresponds to the user's public key; a subscription unit (74), configured to sign the electronic credential using the user key obtained from the acquisition unit (73) to obtain subscription information from the client software; and a generation unit (75), configured to generate a two-dimensional bar code based on pre-determined security information, the client software signature information, the server signature information, the electronic credential and the pica key user, so that a final credential verification device verifies the electronic credentials included in the two-dimensional bar code based on the predetermined security information and the the final credential verification device is configured to generate an electronic credential based on a user identifier. [0152] In addition, as shown in Figure 11, the Petition 870190054726, of 6/13/2019, p. 150/216 49/58 client also includes the following: a second receiving unit (76), configured to: before obtaining the user key that corresponds to the user's public key, receive a user signature key allocated to the electronic credential and sent by the server. [0153] The acquisition unit (73) is further configured to obtain a first user key included in the user's signature key that is allocated by the server for the electronic credential and which is received by the second receiving unit. [0154] The acquisition unit (73) is further configured to obtain a second user key generated by the client software and corresponding to the user's public key. [0155] In addition, as shown in Figure 11, the signature unit (74) includes the following: a first signaling module (741), configured to sign the electronic credential using the first user key; and a second signature module (742), configured to sign the electronic credential using the second user key. [0156] In addition, as shown in Figure 11, the signature verification unit (72) includes the following: a receiving module (721), configured to receive a public key from the server transmitted by the server; a storage module (722), configured to store the public key of the server received by the receiving module; and a first signature verification module (723), configured to verify the server's signature information based on the server's public key stored by the storage module, the client's software public key and electronic credential. [0157] In addition, the user's public key and the user key are asymmetric keys. [0158] In addition, as shown in Figure 11, the Petition 870190054726, of 6/13/2019, p. 151/216 50/58 generation (75) includes the following: a configuration module (751), configured to define the duration of the predetermined security information; and a generation module (752), configured to generate the two-dimensional barcode based on the predetermined security information, the client software signature information, the server signature information, the electronic credential, the user's pica key , the duration of validity of the predetermined security information, and the user identifier. [0159] An embodiment of the present invention further provides a final credential verification device. As shown in Figure 12, the final credential verification device includes the following: a first acquisition unit (81), configured to obtain a two-dimensional bar code in the client software, where the two-dimensional bar code is generated by the software based on pre-determined security information, client software signature information, server signature information, an electronic credential and a public user key, client software signature information is obtained by the client software by signing the electronic credential and the server's signature information is obtained by a server, by signing the electronic credential and the user's public key; a first verification unit (82), configured to verify the validity duration of the pre-determined security information obtained through the first acquisition unit; a second verification unit (83), configured to verify the signature information of the client software and the signature information of the server; a third verification unit (84), configured to obtain a service validity time included in the electronic credential for verification when the verification of the first verification unit on the pre-determined security information has Petition 870190054726, of 6/13/2019, p. 152/216 51/58 has been successful, the verification of the second verification unit in each of the client's software signature information and the server's signature information are successful; and a determination unit (85), configured to determine that the verification on the electronic credential is successful when the verification of the third verification unit on the validity of the service included in the electronic credential is successful. [0160] In addition, as shown in Figure 13, the final credential verification device also includes the following: a generation unit (86), configured to generate an electronic credential based on a user identifier before the first unit of credentials acquisition (81) obtain the two-dimensional bar code in the client software; a synchronization unit (87), configured to synchronize the corresponding electronic credential to the server based on the user identifier, so that the server sends the electronic credential to the client software; a receiving unit (88), configured to receive request information to obtain an electronic credential sent by the server; and a sending unit (89), configured to send the electronic credential to the server, where the request information for obtaining an electronic credential includes the user identifier. [0161] In addition, as shown in Figure 13, the second verification unit (83) includes the following: an acquisition module (831), configured to obtain the user's public key included in the two-dimensional bar code; a first signature verification module (832), configured to verify the signature information of the client software based on the user's public key obtained by the acquisition module and the electronic credential; a receiving module (833), configured to receive a public key from the server that corresponds to a private key from the server and transmitted by the server; a storage module (834), Petition 870190054726, of 6/13/2019, p. 153/216 52/58 configured to store the public key of the server received by the reception module; and a second verification module (835), configured to verify the server's signature information based on the server's public key stored by the storage module, the client software's public key and electronic credential. [0162] In addition, as shown in Figure 13, the final credential verification device also includes the following: a second acquisition unit (810), configured for: before the determining unit (85) determines that the verification in the credential electronics is successful, obtain the user identifier included in the two-dimensional bar code; and a fourth verification unit (811), configured to verify the user identifier obtained by the second acquisition unit (810). [0163] The determination unit (85) is further configured for: when the fourth verification unit (811) determines that the verification on the user identifier is successful, determine that the verification on the electronic credential is successful. [0164] In addition, as shown in Figure 14, an embodiment of the present invention further provides a system for processing two-dimensional bar codes, and the system includes the following: client software (91), configured to send a request for acquisition of electronic credentials from a server (92), in which the request to acquire electronic credentials includes a user identifier; the server (92), configured to receive the request for the acquisition of electronic credentials sent by the client software (91), and obtain an electronic credential from a final credential verification device (93) based on the user identifier; and the final credential verification device (93), configured to receive and answer the information requested to obtain an electronic credential sent by the server (92), and send the electronic credential to the Petition 870190054726, of 6/13/2019, p. 154/216 53/58 server (92). [0165] The server (92) is further configured to receive the electronic credential sent by the final credential verification device (93), sign the electronic credential and a public key of the client software user (91) to obtain signature information from the server (92) and send to the server (92) signature information and electronic credential for the client software (91). [0166] The client software (91) is configured to receive the server's signature information and electronic credentials that are sent by the server (92), verify the server's signature information to obtain the electronic credential, obtain a password that matches the user's public key, sign the electronic credential using the user key to obtain signature information from the client software, and generate a two-dimensional barcode based on predetermined security information, client software signature, server signature information, electronic credential and key public user. [0167] The final credential verification device (93) is configured to obtain the two-dimensional barcode in the client software (91), check the validity duration of the predetermined security information and check the signature information of the client software and the server (92); and if the verification on each of the predetermined security information, the signature information of the client and server software is successful, obtain a service validity time included in the electronic credential for verification and, if the verification of the verification time validity of the service included in the electronic credential is successful, determining that the verification in the electronic credential is successful. Petition 870190054726, of 6/13/2019, p. 155/216 54/58 [0168] According to the server, the client software, ο the final credential verification device, the system for processing two-dimensional bar codes provided in the present invention, after receiving the request for the acquisition of electronic credentials sent by the software from the client, the server signs the electronic credential and public key of the user of the client software by using the server's private key to obtain the server's signature information and sends the server's signature and electronic credential information to the software of the customer. The client software receives the signature information from the server and the electronic credentials that are sent by the server, verifies the signature information from the server, after verifying the signature information, signs the electronic credential and generates the two-dimensional barcode based in the pre-determined security information, the client software signature information, the server signature information, the user's electronic credential and public key. After obtaining the two-dimensional bar code, the final credential verification device can check the server's signature information, the client software's signature information, and the pre-determined security information on the two-dimensional bar code to determine whether the electronic credential it is tampered with in a transmission process, to ensure the security of the electronic credential in a use process. [0169] In the previous embodiments, the description of each embodiment has its respective focuses. For a part not described in detail in one embodiment, references can be made to related descriptions in other embodiments. [0170] It can be understood that the characteristics listed in the previous method and apparatus can be referenced mutually. In addition, “first”, “second”, etc. in the previous embodiment are used to Petition 870190054726, of 6/13/2019, p. 156/216 55/58 distinguish between embodiments and do not represent advantages and disadvantages of each embodiment. [0171] A person skilled in the art can clearly understand that, for convenience and brevity of description, for a specific work process of the system, apparatus and unit described above, references can be made to a corresponding process in the embodiments of the previous method and details are omitted to simplify the embodiment of the present invention. [0172] The algorithm and display provided here are not inherently related to any particular computer, virtual system or other device. Various general purpose systems can also be used in conjunction with the instruction based here. Based on the description above, the structure needed to build such a system is obvious. Furthermore, the present invention does not apply to any particular programming language. It is to be understood that the content of the present invention described here can be implemented using various programming languages, and the previous description of a detailed language is used to disclose the best embodiment of the present invention. [0173] A large number of details are provided in the specification. However, it can be understood that the embodiments of the present invention can be practiced without these details. In some cases, well-known methods, structures and technologies are not shown in detail, so as not to obscure the understanding of the present application. [0174] Likewise, it should be understood that, in order to simplify the present description and help to understand one or more of the various inventive aspects, the characteristics of the present invention are sometimes grouped into a single embodiment, design or description of the present invention. However, the disclosed method should not be interpreted as Petition 870190054726, of 6/13/2019, p. 157/216 56/58 reflecting the intention to follow: that is, the claimed invention requires more resources than the resources specified in each claim. More precisely, as reflected in the claims below, the inventive aspects are less than all the resources of a single previously disclosed embodiment. Therefore, claims that follow a detailed embodiment definitely incorporate the detailed embodiment. Each claim serves as a separate embodiment of the present invention. [0175] A person skilled in the art can understand that the modules in the devices in the embodiments can be changed adaptively and arranged in one or more devices different from the embodiments. Modules or units or components in the embodiments can be combined into a module or unit or component, and can further be divided into a plurality of submodules or subunits or subcomponents. Except the fact that at least some of these resources and / or processes or units are mutually exclusive, all resources disclosed and all processes or units of any method or device that are disclosed in such a method in the specification (including the attached claims, summary and the accompanying drawings) can be combined in any combination mode. Unless otherwise specified, each feature disclosed in the specification (including the attached claims, the summary and the attached drawings) may be replaced by an alternative feature that serves the same, equivalent or similar purposes. [0176] Furthermore, a person skilled in the art can understand that, although some embodiments described here include some features included in another embodiment instead of including another feature, a combination of features from different embodiments means falling within the scope of the present invention and form Petition 870190054726, of 6/13/2019, p. 158/216 57/58 different embodiments. For example, in the following claims, any of the contemplated embodiments can be used in any combination mode. [0177] The embodiments of several parts in the present invention can be implemented by hardware, or software modules that run on one or more processors, or in a combination of them. A person skilled in the art should understand that a microprocessor or digital signal processor (DSP) can be used in practice to implement some or all of the functions of some or all of the components of the invention name (for example, an apparatus for processing codes two-dimensional bars) based on an embodiment of the present invention. The present invention can also be implemented as a device or apparatus program (for example, computer program and computer program product) to perform part or all of the methods described herein. Such a program to implement the present invention can be stored in a computer-readable medium, or it can be in the form of one or more signals. Such a signal can be downloaded from an Internet site, or provided on an operator signal, or provided in any other way. [0178] It is worth noting that the previous embodiments are intended to describe the present invention, rather than to limit the present invention, and a person skilled in the art can devise an alternative embodiment without departing from the scope of the appended claims. In claims, any reference symbol located in parentheses should not be construed as a limitation in the claims. The word “include” does not exclude the existence of elements or steps not listed in the claims. The word "one" or "one / one" before the element does not exclude the presence of a plurality of such elements. The present invention can be implemented by Petition 870190054726, of 6/13/2019, p. 159/216 58/58 hardware including several different elements and a computer that is properly programmed. In the unit claims to list several devices, several of these devices can be incorporated using the same hardware item. The use of the words "first", "second" and "third" does not indicate any sequence. These words can be interpreted as names.
权利要求:
Claims (14) [1] Claims 1. METHOD FOR PROCESSING BIDIMENSIONAL BAR CODES, characterized by the fact that the method comprises: receive, through a server, a request for the acquisition of electronic credentials sent by the client's software, in which the request for the acquisition of electronic credentials comprises a user identifier; obtain an electronic credential that corresponds to the user identifier; signing the electronic credential and a public key for the user of the client software, using a private server key to obtain signature information from the server; send the server's signature and electronic credential information to the client software, so that the client software checks the server's signature information and generates a two-dimensional bar code based on the electronic credential, so that a final verification device credentials check the electronic credential comprised in the two-dimensional bar code, where the final credential verification device is configured to generate the electronic credential based on the user identifier. [2] 2. METHOD, according to claim 1, characterized by the fact that signing the electronic credential, using a private key of the server comprises: assign a user's signature key to the electronic credential and sign the electronic credential and a user's first public key, using the server's private key, where the allocated user's signature key comprises the user's first public key; or Petition 870190054726, of 6/13/2019, p. 161/216 2/4 obtain a second user's public key sent by the client software and sign the user's electronic credential and second public key, using the server's private key. [3] 3. METHOD, according to claim 2, characterized by the fact that the user's signature key is an asymmetric key. [4] 4. METHOD, according to claim 2, characterized by the fact that the user's first public key is signed, using the server's private key, the sending of signature information from the server and the electronic credential to the software of the server. customer understands: send the allocated user signature key, server signature information and electronic credential to the client software. [5] 5. METHOD, according to any of claims 1 to 4, characterized by the fact that before obtaining the electronic credential that corresponds to the user identifier, the method further comprises: analyze the request for the acquisition of electronic credentials and obtain a validity period for the service, included in the request for the acquisition of electronic credentials; and verify that the service's validity period complies with a service specification; and [6] 6. METHOD, according to claim 5, characterized by the fact that obtaining the electronic credential that corresponds to the user identifier comprises: if the service validity time is in accordance with a service specification, obtain the electronic credential that corresponds to the user identifier. [7] 7. METHOD, according to claim 6, characterized by the fact that obtaining the electronic credential that corresponds to the user identifier comprises: Petition 870190054726, of 6/13/2019, p. 162/216 3/4 after the final credential verification device generates the electronic credential based on the user identifier, receiving the synchronized electronic credential by the final credential verification device; or send request information to obtain an electronic credential to the final credential verification device based on the user identifier to obtain the electronic credential. [8] 8. METHOD, according to claim 6, characterized by the fact that the method further comprises: transmit a public key that corresponds to the server's private key, so that the client software and the final credential verification device verify the signature information based on the server's public key. [9] 9. METHOD, according to claim 1, characterized by the fact that the two-dimensional bar code is generated by performing operations that comprise: define a duration for the validity of predetermined security information; and generate the two-dimensional barcode based on the pre-determined security information, the client software signature information, the server signature information, the electronic credential, the user's public key, the duration of the information validity predetermined security and user identifiers. [10] 10. METHOD, according to claim 1, characterized by the fact that it also comprises: synchronize the electronic credential to the server based on the user identifier, so that the server sends the electronic credential to the client software. [11] 11. METHOD, according to claim 1, characterized Petition 870190054726, of 6/13/2019, p. 163/216 4/4 by the fact that the duration of the predetermined security information is based on a type of electronic credential. [12] 12. METHOD, according to claim 1, characterized by the fact that the electronic credential comprises an air ticket, a bus ticket, a train ticket, a concert ticket, a bank card, an access control card , park tickets, an identity card, a merchant coupon, a membership card, a driver's license, a driver's access control card or a bus card. [13] 13. METHOD, according to claim 1, characterized by the fact that the signature of the user's electronic credential and public key comprises: perform a hash operation on the user's public key and electronic credential using a hash algorithm to obtain a hash value; and signing the hash value using the server's private key to obtain the signature information from the server. [14] 14. SYSTEM FOR PROCESSING BIDIMENSIONAL BAR CODES, characterized by the fact that the system comprises a plurality of modules configured to execute the method, as defined in any of claims 1 to 13.
类似技术:
公开号 | 公开日 | 专利标题 BR112019012149A2|2019-12-17|method for processing two-dimensional barcodes and system for processing two-dimensional barcodes US10735182B2|2020-08-04|Apparatus, system, and methods for a blockchain identity translator CA3052415C|2021-07-06|Verifying an identity based on multiple distributed data sources using a blockchain to safeguard the identity KR101829729B1|2018-03-29|Method for certifying a user by using mobile id through blockchain and merkle tree structure related thereto, and terminal and server using the same BR112019019704A2|2020-04-14|systems and methods that provide digital identity records for verifying user identities KR101829721B1|2018-03-29|Method for certifying a user by using mobile id through blockchain, and terminal and server using the same CN109327457A|2019-02-12|A kind of internet of things equipment identity identifying method and system based on block chain US20180336554A1|2018-11-22|Secure electronic transaction authentication CN108684041A|2018-10-19|The system and method for login authentication JP2021508427A|2021-03-04|Electronic signature authentication system based on biometric information and its electronic signature authentication method US10574648B2|2020-02-25|Methods and systems for user authentication KR101818601B1|2018-01-16|Method for providing identity verification using card base on near field communication, card, verification terminal, verification support server and identity verification server using the same JP6504639B1|2019-04-24|Service providing system and service providing method KR101858653B1|2018-06-28|Method for certifying a user by using mobile id through blockchain database and merkle tree structure related thereto, and terminal and server using the same US10541813B2|2020-01-21|Incorporating multiple authentication systems and protocols in conjunction TWI749577B|2021-12-11|Two-dimensional bar code processing method, device and system CN110677376B|2022-03-22|Authentication method, related device and system and computer readable storage medium CN110677376A|2020-01-10|Authentication method, related device and system and computer readable storage medium
同族专利:
公开号 | 公开日 EP3557831A1|2019-10-23| KR102220087B1|2021-03-02| CN106899570B|2019-11-05| US20190245684A1|2019-08-08| ES2841724T3|2021-07-09| US20210297247A1|2021-09-23| TWI697842B|2020-07-01| EP3557831B1|2020-09-30| EP3557831A4|2019-10-30| JP2020502674A|2020-01-23| RU2726831C1|2020-07-15| PH12019501375A1|2020-02-24| CA3046858C|2021-08-31| ZA201904592B|2020-07-29| US11032070B2|2021-06-08| US10790970B2|2020-09-29| TW202117603A|2021-05-01| AU2017376036A1|2019-06-27| US10581597B2|2020-03-03| KR20190093640A|2019-08-09| JP6768960B2|2020-10-14| AU2017376036B2|2020-05-21| WO2018107988A1|2018-06-21| US20200204359A1|2020-06-25| SG10202100196WA|2021-02-25| US20210028930A1|2021-01-28| CN106899570A|2017-06-27| PL3557831T3|2021-06-14| MX2019006968A|2019-09-06| TW201822072A|2018-06-16| CA3046858A1|2018-06-21|
引用文献:
公开号 | 申请日 | 公开日 | 申请人 | 专利标题 US6381696B1|1998-09-22|2002-04-30|Proofspace, Inc.|Method and system for transient key digital time stamps| RU2195021C1|2001-03-27|2002-12-20|Дочернее Государственное Унитарное Предприятие Научно-Технический Центр "Атлас-Северо-Запад"|System of protective marking and document verification| JP2003223493A|2002-01-30|2003-08-08|Nec Corp|Logistics pki service system, portable terminal, and logistic pki service method used therefor| JP4343567B2|2003-03-27|2009-10-14|みずほ情報総研株式会社|Ticket management method and electronic ticket system| JP2006039728A|2004-07-23|2006-02-09|Nec Corp|Authentication system and method| CN1744135A|2005-09-06|2006-03-08|北京魅力之旅商业管理有限公司|Electronic evidence realizing method and device| CN101030278A|2007-04-04|2007-09-05|王忠杰|Paper-bill payment system based on Internet service| BRPI0802251A2|2008-07-07|2011-08-23|Tacito Pereira Nobre|system, method and device for authentication in electronic relationships| US8707404B2|2009-08-28|2014-04-22|Adobe Systems Incorporated|System and method for transparently authenticating a user to a digital rights management entity| MX2012004397A|2009-10-13|2012-08-15|Square Inc|Systems and methods for financial transaction through miniaturized card reader.| US20120308003A1|2011-05-31|2012-12-06|Verisign, Inc.|Authentic barcodes using digital signatures| CN102842081A|2011-06-23|2012-12-26|上海易悠通信息科技有限公司|Method for generating two-dimensional code and implementing mobile payment by mobile phone| US8984276B2|2012-01-10|2015-03-17|Jpmorgan Chase Bank, N.A.|System and method for device registration and authentication| CN104704511A|2012-09-28|2015-06-10|惠普发展公司,有限责任合伙企业|Qr code utilization in self-registration in a network| CN103812837B|2012-11-12|2017-12-12|腾讯科技(深圳)有限公司|A kind of sending method for electronic certificate| US20140254796A1|2013-03-08|2014-09-11|The Chinese University Of Hong Kong|Method and apparatus for generating and/or processing 2d barcode| US9646150B2|2013-10-01|2017-05-09|Kalman Csaba Toth|Electronic identity and credentialing system| US9923879B1|2014-01-16|2018-03-20|Microstrategy Incorporated|Sharing keys| CN104836776A|2014-02-10|2015-08-12|阿里巴巴集团控股有限公司|Data interaction method and device| CN103854061A|2014-03-27|2014-06-11|腾讯科技(深圳)有限公司|Method and system for applying, generating and checking electronic tickets| JP6296938B2|2014-08-07|2018-03-20|インターナショナル・ビジネス・マシーンズ・コーポレーションInternational Business Machines Corporation|Authentication using a two-dimensional code on a mobile device| US10008057B2|2014-08-08|2018-06-26|Live Nation Entertainment, Inc.|Short-range device communications for secured resource access| KR101666374B1|2015-02-13|2016-10-14|크루셜텍 |Method, apparatus and computer program for issuing user certificate and verifying user| CN105530099A|2015-12-11|2016-04-27|捷德(中国)信息科技有限公司|Anti-fake verification method, device and system and anti-fake certificate based on IBC | US10645068B2|2015-12-28|2020-05-05|United States Postal Service|Methods and systems for secure digital credentials| CN105515783B|2016-02-05|2019-02-15|中金金融认证中心有限公司|Identity identifying method, server and certification terminal| GB2547472A|2016-02-19|2017-08-23|Intercede Ltd|Method and system for authentication| CN105763323A|2016-03-04|2016-07-13|韦业明|System and method for generation and storage of electronic certificates| CN105978688B|2016-05-30|2019-04-16|葛峰|A kind of cross-domain safety certifying method based on information separation management| CN106899570B|2016-12-14|2019-11-05|阿里巴巴集团控股有限公司|The processing method of two dimensional code, apparatus and system| GB2546459B|2017-05-10|2018-02-28|Tomlinson Martin|Data verification| US20180337951A1|2017-05-19|2018-11-22|Vmware, Inc.|Applying device policies using a management token| US10601828B2|2018-08-21|2020-03-24|HYPR Corp.|Out-of-band authentication based on secure channel to trusted execution environment on client device|CN106899570B|2016-12-14|2019-11-05|阿里巴巴集团控股有限公司|The processing method of two dimensional code, apparatus and system| CN107247553A|2017-06-30|2017-10-13|联想有限公司|The method and electronic equipment of selecting object| CN107451643B|2017-08-15|2019-08-20|北京航空航天大学|Generation, recognition methods and the device of dynamic two-dimension code| CN107451902A|2017-08-17|2017-12-08|郑州云海信息技术有限公司|The management method and device of ticket| CN109495268B|2017-09-12|2020-12-29|中国移动通信集团公司|Two-dimensional code authentication method and device and computer readable storage medium| CN109922029A|2017-12-13|2019-06-21|航天信息股份有限公司|Electronics authority verification method and device| CN110247882A|2018-03-09|2019-09-17|阿里巴巴集团控股有限公司|Communication means and system, data processing method| CN108734615A|2018-04-17|2018-11-02|新大陆(福建)公共服务有限公司|Replace the method for processing business and computer equipment of certificate based on dynamic two-dimension code| CN108696510B|2018-04-17|2021-08-03|新大陆(福建)公共服务有限公司|Cloud-based multi-channel collaborative two-dimensional code production method and system| CN108900302A|2018-06-19|2018-11-27|广州佳都数据服务有限公司|Two dimensional code generation, generates terminal and authenticating device at authentication method| CN108876375B|2018-06-29|2020-09-08|全链通有限公司|Block chain real name participation method and system| US10778444B2|2018-07-11|2020-09-15|Verizon Patent And Licensing Inc.|Devices and methods for application attestation| CN109379181A|2018-08-10|2019-02-22|航天信息股份有限公司|It generates, the method and apparatus of verifying two dimensional code, storage medium and electronic equipment| CN109102291B|2018-08-15|2020-04-07|阿里巴巴集团控股有限公司|Security control method and device for two-dimensional code payment| CN109145240B|2018-08-31|2020-06-02|阿里巴巴集团控股有限公司|Page access method, device and system based on code scanning operation| CN109492434A|2018-11-12|2019-03-19|北京立思辰新技术有限公司|A kind of method for safely carrying out and system of electronics authority| WO2020142993A1|2019-01-10|2020-07-16|环球雅途集团有限公司|Control method, ticket selling and checking systems and storage medium| CN112041897A|2019-01-10|2020-12-04|环球雅途集团有限公司|Control method, ticket selling rule server, ticket checking rule server and device| CN110046687A|2019-03-01|2019-07-23|阿里巴巴集团控股有限公司|Bar code methods of exhibiting, equipment and device| CN110138835A|2019-04-15|2019-08-16|阿里巴巴集团控股有限公司|Special credentials distribution method and device| CN111181909B|2019-08-07|2022-02-15|腾讯科技(深圳)有限公司|Identity information acquisition method and related device| CN110430054A|2019-08-09|2019-11-08|北京智汇信元科技有限公司|A kind of identity management method and system| CN110519294B|2019-09-12|2021-08-31|创新先进技术有限公司|Identity authentication method, device, equipment and system| TWI736280B|2020-05-22|2021-08-11|國立虎尾科技大學|Identity verification method based on biometrics| US20210409413A1|2020-06-30|2021-12-30|Western Digital Technologies, Inc.|Accessing shared partitions on a storage drive of a remote device| CN111932692A|2020-08-19|2020-11-13|中国银行股份有限公司|Ticket checking system and method| CN111932262B|2020-09-27|2021-01-15|南京吉拉福网络科技有限公司|Methods, computing devices, and media for identifying transaction risk with respect to consumption credentials| CN112258257A|2020-12-23|2021-01-22|深圳市思乐数据技术有限公司|Data processing method, terminal equipment, server and storage medium|
法律状态:
2021-04-06| B25A| Requested transfer of rights approved|Owner name: ADVANTAGEOUS NEW TECHNOLOGIES CO., LTD. (KY) | 2021-04-27| B25A| Requested transfer of rights approved|Owner name: ADVANCED NEW TECHNOLOGIES CO., LTD. (KY) | 2021-10-13| B350| Update of information on the portal [chapter 15.35 patent gazette]|
优先权:
[返回顶部]
申请号 | 申请日 | 专利标题 CN201611154671.9A|CN106899570B|2016-12-14|2016-12-14|The processing method of two dimensional code, apparatus and system| PCT/CN2017/114382|WO2018107988A1|2016-12-14|2017-12-04|Two-dimensional barcode processing method, device, and system| 相关专利
Sulfonates, polymers, resist compositions and patterning process
Washing machine
Washing machine
Device for fixture finishing and tension adjusting of membrane
Structure for Equipping Band in a Plane Cathode Ray Tube
Process for preparation of 7 alpha-carboxyl 9, 11-epoxy steroids and intermediates useful therein an
国家/地区
|