Application of fingerprint recognition technology in online payments
Release date:2016-01-13
With the progress of economic development and network technology, the network has increasingly penetrated into people's lives. Online virtual communities, online shops appear triggered a boom in online shopping, and then also make online payments increasingly flourished.
However, at the same time enjoy the convenience, online payment security has become increasingly prominent, theft, loss of numbers and other frequent event. According to the survey from iResearch show: by the endless stream of "online banking theft" case and other factors, 68.1 percent of Internet users there is concern for the safety of the use of online banking, which seriously affected the development of electronic payments industry, has become the online payment faced major technical problems.
Identification online payment
Analysis can be seen from the above process, a key issue is the third-party online payment mechanism (such as Alipay, worry wallet, PayEase, electronic payment CUP) identification of the payer and the payee.
Implement authentication There are several ways you can be when you use one of three ways or a combination of them:
Knowledge (Knowledge): password, password;
All (Possesses): ID card, passport, credit cards, keys;
Personal characteristics: fingerprints, handwriting, voiceprints, hand type, blood type, retina, iris, DNA, and personal action
Some aspects of the design basis features: such as security level, the system through rate, user acceptability and cost.
In the online payment link which may occur more problems or authentication of the user. On-line authentication means analysis showed that identification is information security weaknesses. Currently online authentication widely used is the way a user name and password, and this approach is not safe, especially in the Internet Trojans, viruses and other special case of flooding, only a user name and password very prone to security failures.
In addition, the dynamic password technology is also used for network identity management, one is active dynamic password, itself dynamically generated code to get user authentication or call transaction authorization in the hands of random customers. Another is a passive dynamic password. Dynamic password authentication is only a secondary means, without the slightest identity. Active dynamic passwords are expensive, usually with very little personal; passive dynamic password now increasingly began to use them, are chosen in the e-commerce sites or gaming sites. Passive dynamic password first used in Europe, the European Bank used more, but this mechanism is no defense against phishing capabilities.
From the current situation, the fingerprint recognition technology used in online payment is superior to other biometric technologies. Fingerprint feature can be used to service the payer involved in the privacy of the information is encrypted. Fingerprint feature can replace user logins required to pay personally identifiable site login password, transaction confirmation.
Fingerprint online payment
How to eliminate worry most users, so that people do not want to use the online payment using online payment, various third party is rapidly expanding market share in the best means. Internet users worry about password-based authentication methods, the introduction of fingerprint authentication method can greatly improve the confidence of users of online payment, make online payment platform to become "trusted secure payment platform."
Fingerprint card fingerprint recognition algorithm online authentication interface provides a browser interface and the server interface, the secondary development of the site for certification, which the browser interface provides a browser plug-ins (hereinafter referred to as plug-ins) for call server interface provides connection library (Windows and Unix versions version, hereinafter referred to as Link Library).
Browser plug-in has the following features: Get fingerprint images, generation fingerprint features, generate fingerprint template, fingerprint matching. In order to meet the need of parallel processing server multi-process / thread, the internal dynamic link library achieved without global variables, data passed as an argument to support the unlimited multi-process / thread run mode.
Run mode Example: When user registration, browser plug-ins by calling the browser to obtain a fingerprint image, and generates a fingerprint features, will merge the two generated feature fingerprint template is sent to the server storage. When authentication, browser plug-ins get a fingerprint image by calling the browser and generates a fingerprint characteristics, then the user's email address and sent to the server fingerprint verification feature, the server calls the link library and the user registration fingerprint characteristic fingerprint template to match confirm whether the user himself.
Third party use patterns, improve credit card transaction security by way of a third party payment agent is to enable third-party proxy between the buyer and the seller, the seller can not see the purpose is to make the buyer credit card information and avoid credit card information on the Internet many public transport caused by the credit card information was stolen.
For recharge process user currently does not have fingerprint technology-based applications. For user logon and payment process, due to the randomness of fingerprint characteristics (with 一枚 finger repeatedly obtained fingerprint characteristics are different) and matching (although the same finger repeatedly 一枚 fingerprint characteristics obtained are not the same, but can be verified by the algorithm is not the same fingerprint), fingerprint characteristics can be considered a random password, you can replace the original logon password and payment password.
The original registration flowchart comparison, without changing the registration mode, based on the increase in browser plug-ins to call fingerprint registered user's fingerprint template for fingerprint authentication to prepare. Not registered fingerprint to authenticate users using a password, to ensure compatibility with the original system.
Payment authentication based on fingerprint recognition, on the basis of retaining the original password authentication adds fingerprint authentication, fully compatible with existing systems, while providing a high level of bio-security authentication.
With online payment security risk gradually revealed, many businesses are aware of the online payment secure online payment will restrict development of the industry, which online merchants is extremely unfavorable. With respect to the traditional means of payment, application fingerprinting technology can better prevent online financial crime, the maximum guarantee the interests of consumers and businesses, for the development of development of the Internet and online payment industry has a positive meaning.