Now life has been inseparable from wechat/Alipay electronic payment, usually go out to eat, shopping as long as a mobile phone, can solve everything, so that now has not touched the true 💰 for a long time.
Once I went out to eat, waiting in line to pay, the process was very boring, ready to pull out the phone to fight the wilderness, only to find that the place was not connected to the Internet.
Looking at the phone clearly full signal, but it is not connected to the network, Apple phone users pain, who use who know.
Voice-over: really want to Diss the use of Intel baseband Iphone, 📶 good poor, no matter the network will flash out ~
Back to the point, since I don’t have the Internet and I don’t have any money with me, I’m afraid I can’t use Alipay when I pay because I don’t have the Internet on my phone. When thinking, already row arrived me, no matter 3721, first use next pay treasure to try, really not line ye do not eat.
However, I did not expect that when the merchant scanned the payment code on Alipay to pay, although my mobile phone eventually did not pop up the page of payment success, but the merchant side showed the payment success, and successfully printed out the receipt, after a while, my mobile phone received alipay deduction SMS.
Because my recent work is related to wechat/Alipay, the overall payment process is still quite clear, but why the payment code can be offline payment is not very clear, so I have done some research, so there is today’s article.
This article is available at studyidea.cn/
Payment method of Science Popularization
Before talking about the offline principle of payment code, let’s first introduce two common payment methods for those who are not familiar with alipay/wechat payment.
There are two common payment methods of wechat and Alipay offline payment. One is that we open our mobile phones and actively scan the code plate provided by the merchant. This payment method is generally called master scan payment (the user scans the code actively).
Taking Alipay as an example, the payment process is shown in the figure:
The second is when we turn on our phone, display our payment code, and the merchant uses tools such as a scan gun to get the code and complete the payment. This payment method is commonly known as swiped payment (the user is scanned).
Taking Alipay as an example, the payment process is shown in the figure:
For the first method, the mobile APP needs to scan the code, and then the popup window confirms the payment. In this way, there is no way to complete the payment without the network of the mobile phone, so the situation mentioned above refers to the payment code payment scenario.
Payment code payment process
Before talking about payment code offline payment, let’s first look at the overall process of payment code. Take supermarket shopping as an example, the payment information flow of a payment code is shown in the figure:
This process business background system is the need to call the alipay bar code payment interface to complete the payment.
Because the merchant background needs online networking to communicate with the alipay background, the offline payment of the payment code refers to the situation that the client does not have a network, and the merchant side must actually be online in real time.
The call process of the one-time payment code interface is shown in the figure:
Through the above two figures, we have an overall understanding of the payment code interaction process.
In fact, the technical scheme of payment code can be divided into two cases: the client is online and offline. Let’s look at the specific implementation of the two schemes.
On-line coding scheme
It should be easy to think of the scheme of the client online code. As long as alipay/wechat is logged in, click the payment button, and the client calls the application payment code interface of the background system.
After receiving the request, the background system generates a payment code, and then saves the relationship between the payment code and the user in the database, and returns it to the client.
The payment can be completed as long as the client displays the payment code within the validity period, otherwise the QR code will expire.
With this scheme, it is relatively safe because the server generates the code every time, and the server can control idempotentality without the risk of client forgery.
In addition, even if the payment code rules need to be adjusted, such as increasing the payment code bit by one bit, we only need to adjust the server code, and the client does not need to be upgraded.
However, the disadvantages of this scheme are obvious, the client must be real-time online networking, no network is unable to obtain the payment code.
In addition, some smart devices have begun to support Alipay. Most of these devices are not connected to the Internet (such as mi Band 4), so there is no way to use the online code scheme in this case.
Based on this situation, offline code schemes began.
Offline code scheme
Speaking of offline code we may be unfamiliar, but in fact, if you look carefully, in fact, many scenarios are used offline code.
For example, go before black net bar to play dream west swim when, account number is always stolen.
No way, spent a lot of money to buy a Netease General order, every time to log in, in addition to the user name and password, but also need to enter a dynamic password. Since then, the accounts have rarely been stolen.
For example, every time when netease pays, we need to input not only the bank card password, but also the dynamic code on the online banking shield, so as to complete the payment.
Voice-over:Here again to ridicule, the network silver shield before really super difficult to use, drive incompatible at every turn. Still remember at the outset use net silver recharge value yellow diamond, made one afternoon all did not succeed -!
Of course, all of this may be old hat, and many of you may not have used it, but the most popular apps are mobile Authenticator apps like Google Authenticator.
This token dynamically generates a one-time Password (OTP), which can prevent security risks caused by Password theft.
This is actually what the Payment Code Offline solution technology prototype is based on, so let’s take a look at how this works based on Google Authenticator.
Principle of dynamic password technology
If you want to use Google Authenticator first, you need to enable secondary authentication on your website. For example, for your Google account, you can find the following Settings where you want to set two-step authentication:
When you click on Settings, a QR code will pop up and you can scan the binding using the Google Authenticator APP.
When we bind, the Google Authenticator APP will display the dynamic code.
Let’s parse the qr code, which corresponds to the following string:
otpauth://totp/Google%[email protected]?secret=xxxx&issuer=Google
Copy the code
In the string above, the most important is the string secret, which is a BASE32 encoded string. When it is used, it needs to be decoded using BASE32. The pseudo-code processing is as follows:
original_secret = xxxx xxxx xxxx xxxx xxxx xxxx xxxx xxxx
secret = BASE32_DECODE(TO_UPPERCASE(REMOVE_SPACES(original_secret)))
Copy the code
Both the client and server will keep a copy of the key, and both will use the same algorithm to compare the correctness of the dynamic code.
To generate a dynamic code on the client side, we first need to go through a signature function. Here **Google Authenticator ** uses hMAC-SHA1, which is a hashing based message verification code that can be used to generate a signature using a secure one-way hash function such as SHA1.
The pseudo-codes of the signature function are as follows:
hmac = SHA1(secret + SHA1(secret + input))
Copy the code
In the above function, input uses the current time divisible by 30.
input = CURRENT_UNIX_TIME() / 30
Copy the code
Here time acts as a dynamic variable, so that dynamic code can be generated continuously.
In addition, this is divisible by 30 to give the captcha a 30-second validity period.
In this way, there is enough time for the user to prepare for the input of the dynamic code. On the other hand, there may be a time difference between the client and the server. The interval of 30 seconds can mask this difference with a large probability.
Voiceover: The effective time is very important. If it is longer, the security is poor.
If it’s short, the user experience is poor and it’s not easy to prepare for input.
After the hMAC-SHA1 signature function, we get a string of 40 characters, which we need to convert into 6 digits for user input. The pseudo-codes processed are as follows:
four_bytes = hmac[LAST_BYTE(hmac):LAST_BYTE(hmac) + 4]
large_integer = INT(four_bytes)
small_integer = large_integer % 1.000.000
Copy the code
The complete pseudo-code of the algorithm is as follows:
original_secret = xxxx xxxx xxxx xxxx xxxx xxxx xxxx xxxx
secret = BASE32_DECODE(TO_UPPERCASE(REMOVE_SPACES(original_secret)))
input = CURRENT_UNIX_TIME() / 30
hmac = SHA1(secret + SHA1(secret + input))
four_bytes = hmac[LAST_BYTE(hmac):LAST_BYTE(hmac) + 4]
large_integer = INT(four_bytes)
small_integer = large_integer % 1.000.000
Copy the code
When the client uploads the dynamic code to the server, the server queries the database to obtain the key corresponding to the user, and then uses the same algorithm to process and generate a dynamic code. Finally, the dynamic code uploaded by the client is compared with the dynamic code generated by the server.
Payment code offline scheme
Above we understand the implementation of dynamic password scheme, payment code generation principle is roughly the same.
However, the payment code offline scheme adopts the dynamic key (globally unique), and regularly requests the server to change the key, so as to ensure higher security.
In addition, in a one-time dynamic password scheme, both parties need to be based on the same secret key, so the server needs to know clearly the correct user behind this. In the preceding login scenario, enter the user name and the server can query the corresponding key in the database based on the user name.
However, in the payment code payment scenario, the payment process simply passes a payment code and can deduct money from the corresponding user. Needless to say, this payment code this string of numbers must contain the corresponding user information.
Therefore, the corresponding algorithm of payment code is more complex than dynamic code, so as to effectively ensure security.
Now, I don’t know if you want to know about this algorithm?
Haha, just kidding, this algorithm is beyond our grasp.
We don’t know the core algorithm of Alipay, but we can get a glimpse of it from other people’s public designs.
Here the little black brother gives you a Zhihu net friend @ the opposite direction of the clock answer offline TWO-DIMENSIONAL code implementation, give you look look.
Disadvantages of payment code offline code
Finally, let’s look at the disadvantages of the payment code offline scheme:
First, the adjustment of the algorithm is not flexible. If the relevant algorithm is significantly adjusted, the client may need to be upgraded, and during this period, the server also needs to be compatible with the payment code generated by the new and old algorithms.
Second, the security problem, the normal situation of the relevant key can not be obtained by ordinary users, but can not stand the people who have a heart. They may obtain the key by obtaining the Root permission of the phone user or jailbreaking the phone, and then use malicious programs to generate the payment code at will.
At this point, you might be worried about the safety of your wallet. However this point, I feel to worry too much nevertheless, ant group so many great gods, not eat dry rice, they certainly have a lot of measures to ensure payment security.
The third problem is data collision. The payment code generated by user A is the same as that of user B, which is the same as the Hash algorithm. No matter how good the algorithm is, it has the probability to produce the same Hash value.
As A result, user A’s money was deducted, but user B’s money was deducted. In this way, it is very wrong indeed, for user B, inexplicably deducted money.
But rest assured, this kind of thing put in nowadays, I think is still lower than buying lottery prize, so this kind of thing still need not worry too much.
Even if it was deducted by mistake, rest assured, such a large amount of alipay will certainly lose money with customers.
The last
In conclusion, we usually use payment code to pay. In fact, the principle is that the merchant side obtains our mobile APP payment code (which is actually a string of numbers), and then invokes the alipay payment interface to complete the payment deduction.
This process merchant side background program must be online, but for our client side can be online, can be offline.
If our client is online, we can send the payment code to the client through the server, which is more secure and flexible, but for the weak network environment, the experience is very poor.
If our client does not have the Internet, then the client generates the payment code through a certain algorithm, and the server receives the payment through relevant verification to confirm the user, confirm the validity of the code, and complete the payment deduction. This method is suitable for the situation where the client does not have a network, but is relatively inflexible and less secure.
Hey hey, understand the principle, have no feel or very interesting ~
Next time you wait in line to pay, if your phone doesn’t have the Internet, don’t worry about embarrassment, just take out your phone and pay
reference
- www.zhihu.com/question/49…
- Garbagecollected.org/2014/09/14/…
Welcome to pay attention to my public number: procedure, get daily dry goods push. If you are interested in my topics, you can also follow my blog: studyidea.cn