An offline payment method, apparatus, device and medium

What is AI technical title?
AI technical title is built by PatSnap AI team. It summarizes the technical point description of the patent document.
By generating and verifying payment credentials that include face value and operator private key signatures, and utilizing a Secure Operating Environment (SRE) for offline payments, the problems of uncontrollable payment credentials and insufficient security in existing technologies are solved, thus achieving secure and efficient offline payments.

CN116228231BActive Publication Date: 2026-06-12ZHONGCHAO CREDIT CARD IND DEV +1

View PDF 2 Cites 0 Cited by

Patent Information

Authority / Receiving Office: CN · China
Patent Type: Patents(China)
Current Assignee / Owner: ZHONGCHAO CREDIT CARD IND DEV
Filing Date: 2023-03-06
Publication Date: 2026-06-12

Application Information

Patent Timeline

06 Mar 2023

Application

12 Jun 2026

Publication

CN116228231B

IPC: G06Q20/38; G06Q20/32

CPC: G06Q20/3825; G06Q20/3829; G06Q20/326

AI Tagging

Application Domain

Payment protocols

Explore More Agents

Novelty Search
Search existing technologies and assess novelty
↗
FTO
Analyze whether a product may infringe others' patents
↗
Design FTO
Check prior-design risk for exterior design
↗
Drafting
Draft patent application text based on a technical solution
↗
Find Solutions with TRIZ
Generate feasible solution to solve your technical challenge
↗

Similar Technology Patents

Two-tier token method and system for an asset-based consensus
US20260170495A1Payment protocols
Real time payment system architecture and payment processing method
US20260162159A1Payment protocolsBilling/invoicing
Privacy-preserving authentication system
US20260162105A1Payment protocolsDigital data authentication
Real-time provisioning of wallet-compatible products during programmatic chat sessions
US20260162097A1Payment protocols
Secure payment method using dynamic display of one-time payment code
WO2026121378A1

Get free access to AI patent search and analysis

Check patentability, review prior art and ask IP Agent with full patent context.

AI Technical Summary

⚠Technical Problem

In existing offline payment solutions, the temporarily generated payment strings or payment vouchers cannot be fully controlled, posing a risk of forgery and resulting in insufficient security.

⚗Method used

By sending a payment credential exchange request to the digital asset operator management service, a first payment credential is generated and stored, including the face value and the operator's private key signature. The credential is verified and transmitted using a secure operating environment (SRE) to ensure that it cannot be copied, forged, or altered, and is identified and verified using the operator's public key.

🎯Benefits of technology

It enhances the security of offline payments, ensuring that payment credentials are stored under the operator's generation and private key signature confirmation, making them impossible to copy or forge. Verification is performed using the operator's publicly available public key, thereby improving the security and reliability of the payment process.

✦ Generated by Eureka AI based on patent content.

Smart Images

Figure CN116228231B_ABST

Patent Text Reader

Abstract

The application discloses an offline payment method, device, equipment and medium, comprising: sending a payment voucher exchange request to a digital asset operator management service, so that the digital asset operator management service generates a first payment voucher according to user demand; the first payment voucher includes a value denomination and an operator private key signature; save the first payment voucher returned by the digital asset operator management service to the first SRE embedded in the first operator APP; based on the payment demand corresponding to the second operator APP and the value denomination of the payment voucher in the first SRE, select the payment voucher from the first SRE to obtain the target payment voucher; offline transfer the target payment voucher to the second operator APP, so that the second operator APP verifies the target payment voucher by using the operator public key. In this way, the security of offline payment is improved.

Need to check novelty before this filing date? Find Prior Art

Description

Technical Field

[0001] This application relates to the field of offline payment technology, and in particular to an offline payment method, apparatus, device and medium. Background Technology

[0002] Current offline payment solutions primarily utilize asymmetric encryption algorithms to facilitate transactions. These algorithms typically involve verifying identity, generating and storing proof of offline payment activation, and then temporarily generating payment strings or vouchers based on this proof. However, operators cannot fully control these temporarily generated payment strings or vouchers, leading to risks of forgery and insufficient security. Summary of the Invention

[0003] In view of this, the purpose of this application is to provide an offline payment method, device, equipment, and medium that can improve the security of offline payments. The specific solution is as follows:

[0004] Firstly, this application discloses an offline payment method, applied to a first-operator APP, including:

[0005] A payment voucher redemption request is sent to the digital asset operator management service, so that the digital asset operator management service can generate a first payment voucher according to the user's needs; the first payment voucher includes a face value and an operator private key signature;

[0006] The first payment voucher returned by the digital asset operator management service is saved to the first SRE (i.e., Safe Running Environment) embedded in the first operator APP;

[0007] Based on the payment requirements corresponding to the second operator's APP and the face value of the payment voucher in the first SRE, a payment voucher is selected from the first SRE to obtain the target payment voucher;

[0008] The target payment credential is transmitted offline to the second operator's APP so that the second operator's APP can verify the target payment credential using the operator's public key.

[0009] Optionally, before sending the payment credential redemption request to the digital asset operator management service, the method further includes:

[0010] Send an offline payment function activation application to the digital asset operator management service so that the digital asset operator management service can generate an offline payment certificate corresponding to the first operator's APP; wherein, the offline payment certificate includes the operator's public key;

[0011] Accordingly, before generating the first payment voucher according to user needs, the digital asset operator management service verifies the offline payment certificate corresponding to the first operator APP. If the verification is successful, the first payment voucher is generated according to user needs.

[0012] Optionally, an offline payment function activation application is sent to the digital asset operator management service so that the digital asset operator management service can generate an offline payment certificate corresponding to the first operator's APP, including:

[0013] Send an offline payment function activation application to the digital asset operator management service so that the digital asset operator management service can verify the user's identity and credit based on the offline payment function activation application, and return the initial offline payment certificate when the verification is successful;

[0014] Download and activate the first SRE based on the initial offline payment proof, so that the first SRE can generate a user public-private key pair;

[0015] The first SRE sends the user's public key from the user's public-private key pair to the digital asset operator management service, so that the digital asset operator management service adds the user's public key to the initial offline payment certificate to obtain the offline payment certificate corresponding to the first operator APP.

[0016] Optional, also includes:

[0017] When the confirmation receipt information for the target payment voucher returned by the second operator's APP is obtained, the user's private key is used to sign the target payment voucher and the offline payment certificate to obtain the target payment voucher signed by the user.

[0018] The target payment credential signed by the user is sent to the second operator's APP so that the second operator's APP can verify the user's private key signature in the target payment credential. If the verification is successful, the payment credential is saved to the second SRE embedded in the second operator's APP.

[0019] Optionally, the target payment voucher includes a first payment voucher and / or a second payment voucher, wherein the second payment voucher is a payment voucher sent by a third operator's APP;

[0020] If the target payment document includes a first payment document and a second payment document, then:

[0021] For the first payment credential, the verification process of the second operator APP before returning the confirmation of receipt includes: verifying the SRE serial number in the first payment credential, verifying the operator's private key signature, and verifying whether the first payment credential has expired based on the validity period in the first payment credential.

[0022] For the second payment credential, the verification process of the second operator APP before returning the confirmation of receipt includes: verifying the operator's private key signature in the second payment credential; if the operator's private key signature verification is successful, then the user's private key signature is verified sequentially from the end to the beginning based on the user's public key in the offline payment certificate, according to the circulation order of the second payment credential.

[0023] Optional, also includes:

[0024] Send a payment voucher redemption request or payment voucher verification request to the digital asset operator management service so that the digital asset operator management service can verify the user's identity and whether the offline payment function is enabled;

[0025] After receiving the verification success information returned by the digital asset operator management service, the system sends the payment voucher to be redeemed or the payment voucher to be verified to the digital asset operator management service, so that the digital asset operator management service will return the corresponding digital asset to the first SRE after the payment voucher to be redeemed or the payment voucher to be verified is verified.

[0026] Optional, also includes:

[0027] Send an application to the digital asset operator management service to disable the offline payment function;

[0028] Upon receiving a successful shutdown response from the digital asset operator management service, the first SRE environment is destroyed.

[0029] The digital asset operator management service returns a successful closure response when the user has no unredeemed and unredeemed payment vouchers. If there are payment vouchers that have not been redeemed by the payee, the payment voucher is filed.

[0030] Secondly, this application discloses an offline payment device for use in a first operator's APP, comprising:

[0031] The payment voucher redemption module is used to send a payment voucher redemption request to the digital asset operator management service, so that the digital asset operator management service can generate a first payment voucher according to the user's needs; the first payment voucher includes a face value and an operator's private key signature.

[0032] The payment voucher storage module is used to save the first payment voucher returned by the digital asset operator management service to the first SRE embedded in the first operator APP;

[0033] The payment voucher selection module is used to select a payment voucher from the first SRE based on the payment requirements corresponding to the second operator's APP and the face value of the payment voucher in the first SRE to obtain the target payment voucher.

[0034] The payment credential transmission module allows the user to transmit the target payment credential offline to the second operator's APP, so that the second operator's APP can verify the target payment credential using the operator's public key.

[0035] Thirdly, this application discloses an electronic device, including a memory and a processor, wherein:

[0036] The memory is used to store computer programs;

[0037] The processor is used to execute the computer program to implement the aforementioned offline payment method.

[0038] Fourthly, this application discloses a computer-readable storage medium for storing a computer program, wherein the computer program, when executed by a processor, implements the aforementioned offline payment method.

[0039] As can be seen, this application sends a payment voucher exchange request to a digital asset operator management service, so that the digital asset operator management service can generate a first payment voucher according to user needs. The first payment voucher includes a face value and an operator's private key signature. Then, the first payment voucher returned by the digital asset operator management service is saved to a first SRE embedded in the first operator's APP. Subsequently, based on the payment needs corresponding to the second operator's APP and the face value of the payment voucher in the first SRE, a payment voucher is selected from the first SRE to obtain a target payment voucher. Then, the target payment voucher is transmitted offline to the second operator's APP, so that the second operator's APP can verify the target payment voucher using the operator's public key. As can be seen, in this application, the offline payment process is completed by transferring payment vouchers. The payment voucher is generated by the operator, signed and confirmed by the private key, and stored in a secure operating environment, making it impossible to copy, forge, or alter. Identification and verification are performed using the operator's publicly available public key, thus improving the security of offline payments. Attached Figure Description

[0040] To more clearly illustrate the technical solutions in the embodiments of this application or the prior art, the drawings used in the description of the embodiments or the prior art will be briefly introduced below. Obviously, the drawings described below are only embodiments of this application. For those skilled in the art, other drawings can be obtained based on the provided drawings without creative effort.

[0041] Figure 1This application discloses a flowchart of an offline payment method.

[0042] Figure 2 This is a specific illustration of enabling offline payment as disclosed in this application;

[0043] Figure 3 This is a specific illustration of payment voucher redemption disclosed in this application;

[0044] Figure 4 This is a specific offline payment diagram disclosed in this application;

[0045] Figure 5 This is a schematic diagram illustrating an offline payment method using a circulating payment voucher disclosed in this application;

[0046] Figure 6 This is a schematic diagram illustrating a specific method of exchanging payment vouchers for digital assets disclosed in this application;

[0047] Figure 7 This is a specific schematic diagram of the reconciliation of payment vouchers to be used, as disclosed in this application;

[0048] Figure 8 This is a schematic diagram illustrating a specific method for disabling offline payment functionality as disclosed in this application;

[0049] Figure 9 This is a schematic diagram of an offline payment method disclosed in this application;

[0050] Figure 10 This is a schematic diagram of the structure of an offline payment device disclosed in this application;

[0051] Figure 11 This is a structural diagram of an electronic device disclosed in this application. Detailed Implementation

[0052] The technical solutions of the embodiments of this application will be clearly and completely described below with reference to the accompanying drawings. Obviously, the described embodiments are only some embodiments of this application, and not all embodiments. Based on the embodiments of this application, all other embodiments obtained by those skilled in the art without creative effort are within the scope of protection of this application.

[0053] Current offline payment solutions primarily utilize asymmetric encryption algorithms to facilitate transactions. These algorithms typically involve verifying identity, generating and storing offline payment activation certificates, and then temporarily generating payment strings or vouchers based on these certificates. However, operators cannot fully control these temporarily generated payment strings or vouchers, leading to the risk of forgery and insufficient security. Therefore, this application provides an offline payment solution that enhances the security of offline payments.

[0054] See Figure 1 As shown in the figure, this application discloses an offline payment method applied to a first operator's APP, including:

[0055] Step S11: Send a payment voucher redemption request to the digital asset operator management service so that the digital asset operator management service can generate a first payment voucher according to the user's needs; the first payment voucher includes a face value and an operator private key signature.

[0056] In this process, users can enter their payment password through the operator's APP to open the SRE embedded in the APP itself. After opening, the SRE sends a payment certificate exchange request to the digital asset operator management service.

[0057] In a specific implementation, before sending a payment voucher redemption request to the digital asset operator management service, an offline payment function activation application is first sent to the digital asset operator management service so that the digital asset operator management service can generate an offline payment certificate corresponding to the first operator's APP. The offline payment certificate includes the operator's public key. Correspondingly, before generating the first payment voucher according to user needs, the digital asset operator management service verifies the offline payment certificate corresponding to the first operator's APP. If the verification is successful, the first payment voucher is generated according to user needs. Furthermore, after receiving the payment voucher redemption request, the digital asset operator management service first verifies the user's identity and the legality of the request, and then verifies the offline payment certificate corresponding to the first operator's APP. Verifying the user's identity and the legality of the request can be done by searching for the user's identity information locally based on the SRE serial number carried in the request. If found, the user's signature carried in the request is verified using the public key used for payment. The offline payment certificate is verified by searching for the offline payment certificate. If found, it is determined whether it is within its validity period to determine whether the user has activated offline payment and whether the offline payment certificate has expired. After successful offline payment verification, the request is responded to.

[0058] In one implementation, an offline payment function activation application is sent to the digital asset operator management service so that the digital asset operator management service can generate an offline payment certificate corresponding to the first operator's APP. This may specifically include the following steps:

[0059] Step 00: Send an offline payment function activation application to the digital asset operator management service so that the digital asset operator management service can verify the user's identity and credit based on the offline payment function activation application, and return the initial offline payment certificate when the verification is successful;

[0060] In one implementation, the initial offline payment certificate may include information such as the operator's public key, the certificate's validity period, the maximum payment amount, and the SRE serial number, and is signed with the private key corresponding to the operator's public key.

[0061] Step 01: Download and activate the first SRE based on the initial offline payment proof, so that the first SRE can generate a user public-private key pair.

[0062] In one implementation, the activation operation includes setting a payment password, storing the payment password in encrypted form using a first SRE, and generating a public-private key pair used by the user for payment.

[0063] Step 02: The first SRE sends the user's public key from the user's public-private key pair to the digital asset operator management service, so that the digital asset operator management service adds the user's public key to the initial offline payment certificate to obtain the offline payment certificate corresponding to the first operator APP.

[0064] Furthermore, the digital asset operator management service will sign the offline payment certificate and then return it to the First Operator APP. The First Operator APP will verify the operator signature, SRE serial number, etc., and after successful verification, the offline payment certificate will be permanently stored.

[0065] For example, see Figure 2 As shown, Figure 2This is a specific illustration of activating offline payment as disclosed in this application. Users apply to activate the offline payment function through a digital asset operator's APP (i.e., a wallet APP). The operator first needs to verify the user's identity information and credit record. If the user's identity is false or their credit record is insufficient, activation is not allowed. After identity and credit verification are passed, the operator generates a certificate for the user, i.e., an initial offline payment certificate. The initial certificate contains information such as the operator's public key, the certificate's validity period, the maximum payment amount, and the SRE serial number, and is signed with the private key corresponding to the operator's public key. After the initial certificate is generated, it is returned to the applicant's APP. The APP automatically downloads the SRE environment based on the initial certificate. After successful download, the user manually activates it. The activation operations mainly include: setting a payment password. The SRE will encrypt and store the user's payment password and generate an SRE serial number for the user. A public-private key pair is used for payment. The SRE then registers the public key information used for payment with the Digital Asset Operator Management Service (i.e., the Digital Asset Operator Offline Payment Management Service, hereinafter referred to as the Operator Service) and obtains a complete offline payment certificate. Upon receiving the request, the Operator registers the user's payment public key and adds it to the offline payment certificate. The operator then signs and confirms the offline payment certificate data using its private key and sends it to the user. After receiving the complete offline payment certificate data, the SRE within the user's app verifies the certificate, checking the validity of the signature verification of the public key within the certificate, and whether the SRE serial number within the certificate corresponds. Once verification is successful, the offline payment certificate is persistently saved, and the SRE notifies the user through the app that offline payment has been successfully activated. However, at this point, the user does not have any available payment amount. This operation requires a wired environment.

[0066] Step S12: Save the first payment voucher returned by the digital asset operator management service to the first SRE embedded in the first operator APP.

[0067] For example, see Figure 3 As shown, Figure 3This is a schematic diagram illustrating a specific payment voucher redemption method disclosed in this application. The user opens the SRE (Service Provider Response) via the operator's app by entering their payment password. After opening the SRE, they submit a redemption request, which is then sent to the operator's service. Upon receiving the user's redemption request, the operator's service verifies the user's identity and the legitimacy of the request using the user's payment public key. If the verification is successful, the operator then verifies the user's offline payment certificate (which is backed up by the operator), including whether the user has activated offline payment and whether the payment certificate has expired. After the offline payment certificate is verified, the operator responds to the user's app request. The user then selects the specified denomination of the payment voucher and the number to be redeemed through the app page. These payment vouchers are similar to real-world cash banknotes and have a face value. After the user selects their payment method, it is sent to the operator's service via the SRE (Service Provider Entity). The operator's service calculates the total redemption amount based on the face value and number of vouchers. Then, it verifies whether the amount exceeds the limit based on the highest payment amount in the offline payment certificate (this needs to be added to the amounts previously applied for). If the limit is exceeded, the application is rejected. If the limit is not exceeded, the operator generates a specified payment voucher according to the user's needs. Each generated payment voucher contains information such as: face value, validity period (not exceeding the validity period of the offline payment activation certificate), SRE serial number, and operator private key signature. After generation, it is sent to the user's SRE, which persistently stores each payment voucher for use during offline payments. This operation requires a wired environment.

[0068] Step S13: Based on the payment requirements corresponding to the second operator's APP and the face value of the payment voucher in the first SRE, select a payment voucher from the first SRE to obtain the target payment voucher.

[0069] In a specific implementation, the target payment credential includes a first payment credential and / or a second payment credential, wherein the second payment credential is a payment credential sent by a third operator's APP, and the payment credential is also generated by the digital asset operator management service.

[0070] Step S14: The target payment credential is transmitted offline to the second operator's APP so that the second operator's APP can verify the target payment credential using the operator's public key.

[0071] In a specific implementation, when the confirmation receipt information for the target payment voucher returned by the second operator's APP is obtained, the target payment voucher and the offline payment certificate are signed using the user's private key to obtain a user-signed target payment voucher. The user-signed target payment voucher is then sent to the second operator's APP so that the second operator's APP can verify the user's private key signature in the signed target payment voucher. If the verification is successful, the payment voucher is saved to the second SRE embedded in the second operator's APP. In one implementation, the target payment voucher, payment time, and offline payment certificate can be signed.

[0072] Furthermore, before returning confirmation of receipt, the second operator's app verifies the target payment credential. In a specific implementation, if the target payment credential includes a first payment credential and a second payment credential, then: For the first payment credential, the verification process by the second operator's app before returning confirmation of receipt includes: verifying the SRE serial number in the first payment credential, verifying the operator's private key signature, and verifying whether the first payment credential has expired based on its validity period; For the second payment credential, the verification process by the second operator's app before returning confirmation of receipt includes: verifying the operator's private key signature in the second payment credential. If the operator's private key signature verification passes, then the user's private key signature is verified sequentially from the last to the first payment credential, based on the user's public key in the offline payment proof, according to the flow order of the second payment credential. This specific implementation can be referenced for target payment credentials that only include the first payment credential or only include the second payment credential, and will not be elaborated further. After successful verification, the second operator's app displays the validity period of the target payment credential. If the user confirms receipt, confirmation of receipt is returned to the first operator's app; if the user refuses receipt, the payment fails.

[0073] For example, see Figure 4 As shown, Figure 4This is a specific offline payment illustration disclosed in an embodiment of this application. When user A needs to pay user B, user A enters a password through the APP to open the SRE (Service Provider Interface) to prepare for payment. User B also needs to enter a password to open the SRE and wait to receive the payment. After both users open the SRE, a peer-to-peer transmission device connection is established, such as through Bluetooth or NFC technology. After the connection is successful, user A selects a specific denomination payment voucher according to the amount to be paid and sends it to the SRE of user B's operator APP through the peer-to-peer transmission device. The SRE of user B's operator APP will verify the received payment voucher, verifying whether the SRE serial number matches, whether the operator signature is valid, and whether the payment voucher has expired. In this process, the SRE serial number in the offline payment certificate can be compared with the SRE serial number in the payment voucher. Both parties can exchange offline payment certificates, first verifying the operator signature in the offline payment certificate with the operator's public key. After verification, the payment voucher is sent / received. If verification fails, the payment is rejected directly. Upon successful verification, the app displays the validity period of each payment voucher. If the validity period is too short, User B can refuse to accept the payment, resulting in payment failure. If User B confirms receipt, User A's app's SRE (Security Registry Equipment) signs each payment voucher, payment time, offline payment proof information, etc., using the payment private key and sends it to User B (so that when User B uses the received payment voucher again, the corresponding payee can verify the voucher's validity). Simultaneously, the SRE marks the payment voucher as used. After receiving the voucher, User B verifies it again. If the verification is successful, it is persistently saved to the SRE, and User B signs the received payment voucher with their own private key before sending it to User A. At this point, the payment is successful. This operation supports offline operation for both User A and User B.

[0074] For example, see Figure 5 As shown, Figure 5This is a schematic diagram of an offline payment method using a circulating payment voucher, as disclosed in an embodiment of this application. When User B needs to pay User C and prepares to use the payment voucher received from User A (the received voucher includes the original payer's offline payment proof), User B and User C first establish a peer-to-peer transmission connection by entering their respective APP's SRE environment through payment passwords. User B selects the payment voucher information to be used and sends it to User C. After receiving the payment voucher information, User C verifies the payment voucher. The main steps of the verification are as follows: First, verify whether the operator's signature on the payment voucher is correct, ensuring that it was generated by the operator; otherwise, reject it. Second, verify the legality of the signatures sequentially from the last to the first, mainly verifying whether the signature of the previous payer is valid. This is because the payment voucher carries the payer's offline payment proof during transfer, which includes the payer's payment public key information and the operator's public key information. SRE can directly verify the signature data based on the public key to determine whether the generation of the payment voucher is legal and whether the previous transfer was legal. This verification proceeds upwards until the first use of the payment voucher. If all verifications pass, the payment voucher is valid; otherwise, it is invalid. The payment process after the payment voucher is verified is the same. Figure 4 The process, namely displaying the expiration time of the voucher, etc., is supported by both user B and user C operating in an offline environment.

[0075] Furthermore, in this embodiment, a payment voucher redemption request or payment voucher verification request can be sent to the digital asset operator management service so that the digital asset operator management service can verify the user's identity and whether the offline payment function is enabled. After receiving the verification success information returned by the digital asset operator management service, the user can send the payment voucher to be redeemed or the payment voucher to be verified to the digital asset operator management service so that the digital asset operator management service can return the corresponding digital assets to the first SRE after the payment voucher to be redeemed or the payment voucher to be verified is verified.

[0076] For example, see Figure 6 As shown, Figure 6This is a schematic diagram illustrating a specific payment voucher redemption for digital assets disclosed in this application. When a user needs to redeem a received payment voucher for digital assets, they first open the SRE (Service Provider Environment) via the app by entering a password. After opening, they initiate a redemption request. Upon receiving the redemption request, the operator service verifies the user's identity and whether offline payment is enabled. Upon successful verification, a response is returned. After receiving a successful response, the SRE sends the payment voucher to be redeemed to the operator service. Upon receiving the request, the operator service verifies each payment voucher, verifying information such as: whether the SRE serial number matches, whether the payment voucher has expired, whether the operator's signature is valid, and whether each transfer record (i.e., verifying the user's private key signature) is valid. After all payment vouchers have been verified, the amount of the verified payment vouchers is tallied, and then digital assets of the same amount are transferred to the user, while simultaneously cancelling the redeemed payment vouchers. After receiving the successful redemption result, the user's corresponding SRE confirms receipt of funds and deletes the redeemed payment voucher. The redemption operation is thus completed. This operation requires a wired environment.

[0077] For example, see Figure 7 As shown, Figure 7 This is a specific schematic diagram of the verification of unused payment vouchers disclosed in this application. When a user needs to verify an unused payment voucher (e.g., when the voucher is about to expire), they first enter their payment password through the APP to open the SRE (Service Provider Environment). After opening the SRE, they initiate a verification request. Upon receiving the verification request, the operator service verifies the user's identity and the validity of the offline payment certificate. If the verification is successful, a response is returned. After receiving the successful response, the user selects the unused payment vouchers to be verified through the APP and sends them to the operator service. Upon receiving the payment vouchers, the operator service verifies each unused payment voucher to be verified, mainly verifying whether the SRE serial number matches and whether the operator signature is valid. After verification, the total amount of all verified unused payment vouchers is calculated, and the same amount is paid to the current user. At the same time, the corresponding unused payment voucher is destroyed. After receiving the verification result, the SRE deletes the verified unused payment vouchers. Unused payment vouchers that have not been verified can be confirmed and processed through other means, such as manual processing.

[0078] In addition, this application embodiment can also send an offline payment function closure application to the digital asset operator management service; obtain a closure success response returned by the digital asset operator management service, and destroy the first SRE environment; wherein, the digital asset operator management service returns a closure success response when the user has no unredeemed and unredeemed payment vouchers, and if there are payment vouchers that have not been redeemed by the payee, the payment vouchers are filed.

[0079] For example, see Figure 8 As shown, Figure 8This is a specific illustration of disabling the offline payment function disclosed in this application. Disabling offline payment requires that all pending payment vouchers have been cancelled and that used but unredeemed payment vouchers have been filed. The user applies to disable the offline payment function through the operator's app. After receiving the request, the operator service first verifies the user's identity and then checks whether the user has any uncancelled or unredeemed payment vouchers. If so, the user is prompted to confirm. The function can only be disabled after the user cancels the uncancelled payment vouchers. If the user has no unused payment vouchers to cancel, but has payment vouchers that have not been redeemed by the payee, the offline payment function can still be disabled; only user confirmation of filing is required. After the payment voucher verification is successful, the operator service marks the user's offline payment activation certificate as invalid and then returns a successful offline payment closure message to the app. Upon receiving the successful closure response, the app destroys the embedded SRE environment, including clearing internal storage data. After the SRE destruction is complete, the user is notified that the offline payment function has been successfully disabled.

[0080] In other words, the entire offline payment system consists of three parts: the operator's app and its embedded SRE (Security Provider Array), a peer-to-peer data transmission device, and the operator's offline payment management service (activation, redemption, and withdrawal). The app and its embedded SRE store offline payment activation and redemption certificates, essentially functioning as an offline wallet. The peer-to-peer data transmission device securely transfers payment certificates for transactions. The SRE's fixed business processing logic ensures data is not copied, tampered with, or forged, preventing double-spending of payment certificates. The offline payment management service provides users with services such as activation, redemption of payment certificates, cash redemption, and payment certificate verification. See also... Figure 9 As shown, Figure 9This is a schematic diagram of an offline payment method disclosed in an embodiment of this application. The offline payment operation mainly includes six steps: applying to activate the offline payment function, exchanging payment vouchers, offline payment (multiple uses of payment vouchers), cashing out payment vouchers, canceling unused payment vouchers, and deactivating the offline payment function. Activating the offline payment function is mainly for registration with a digital asset operator; exchanging payment vouchers is mainly done through credit records or cash collateral. The newly generated payment voucher information includes: face value, validity period, SRE serial number, operator signature, etc. The face value of the generated payment voucher is fixed and cannot be copied or tampered with. After exchange, it is stored in the SRE of the operator's APP; when making an offline payment, the payer uses a certain number of payment vouchers of different denominations to form a certain amount, similar to using cash banknotes. The payer uses its payment private key to sign, and then... Payment credentials are transferred to the payee via peer-to-peer transmission technologies such as Bluetooth and NFC. Upon receiving the credential, the payee verifies both the operator's signature and the payer's signature. Successful verification indicates successful payment. The payee should, ideally, redeem the credential for digital assets within a wired environment during its validity period. When a payment credential is about to expire or the offline payment function needs to be disabled, unused credentials must be cancelled and destroyed. Disabling the offline payment function simply involves cancelling the offline payment certificate; after cancellation, the user will no longer be able to use the offline payment function. In this way, the offline payment certificate and credential are generated by the operator and confirmed with a private key signature. They are bound to the SRE embedded in the operator's app, making them impossible to copy, forge, or alter. Furthermore, they can be verified using the operator's public key, ensuring high security. The payment credential used in offline payments is very similar to using RMB cash; the SRE embedded in the app can be considered the user's wallet, and the payment credential can be considered the cash, persistently stored within the SRE. Payment vouchers have a face value and can be transferred an unlimited number of times. Payment transactions are made by transferring the payment voucher in possession, which is convenient and fast. Each transfer of a payment voucher is accompanied by a time and the user's signature. Operators can easily track every transaction involving a payment voucher, including the identity information of both the payer and the transaction information.

[0081] As can be seen, this application embodiment sends a payment voucher exchange request to a digital asset operator management service, so that the digital asset operator management service generates a first payment voucher according to user needs. The first payment voucher includes a face value and an operator private key signature. Then, the first payment voucher returned by the digital asset operator management service is saved to a first SRE embedded in the first operator APP. Subsequently, based on the payment needs corresponding to the second operator APP and the face value of the payment voucher in the first SRE, a payment voucher is selected from the first SRE to obtain a target payment voucher. Then, the target payment voucher is transmitted offline to the second operator APP, so that the second operator APP can verify the target payment voucher using the operator's public key. It can be seen that in this application, the offline payment process is completed by transferring payment vouchers. The payment voucher is generated by the operator and confirmed by private key signature and stored in a secure operating environment, which cannot be copied, forged, or altered. Identification and verification are performed using the operator's publicly available public key, thus improving the security of offline payments.

[0082] Furthermore, both the payer and payee can use electronic payments even without a network connection, similar to cash payments, which is convenient and fast. The payment vouchers used for payment can be transferred multiple times, meaning there is theoretically no limit to the number of times a payment voucher can be used, improving ease of use and overcoming the problem that payment vouchers or payment strings in existing technologies can only be used once and cannot be used multiple times. Moreover, each transfer of the payment voucher requires the payer's signature, so the transfer path is easy for operators to track and facilitates supervision.

[0083] See Figure 10 As shown in the figure, this application discloses an offline payment device applied to a first operator's APP, including:

[0084] The payment voucher redemption module 11 is used to send a payment voucher redemption request to the digital asset operator management service, so that the digital asset operator management service can generate a first payment voucher according to the user's needs; the first payment voucher includes a face value and an operator's private key signature.

[0085] Payment voucher storage module 12 is used to save the first payment voucher returned by the digital asset operator management service to the first SRE embedded in the first operator APP;

[0086] The payment voucher selection module 13 is used to select a payment voucher from the first SRE based on the payment requirements corresponding to the second operator's APP and the face value of the payment voucher in the first SRE to obtain the target payment voucher.

[0087] The payment credential transmission module 14 allows the user to transmit the target payment credential offline to the second operator's APP, so that the second operator's APP can verify the target payment credential using the operator's public key.

[0088] As can be seen, this application embodiment sends a payment voucher exchange request to a digital asset operator management service, so that the digital asset operator management service generates a first payment voucher according to user needs. The first payment voucher includes a face value and an operator private key signature. Then, the first payment voucher returned by the digital asset operator management service is saved to a first SRE embedded in the first operator APP. Subsequently, based on the payment needs corresponding to the second operator APP and the face value of the payment voucher in the first SRE, a payment voucher is selected from the first SRE to obtain a target payment voucher. Then, the target payment voucher is transmitted offline to the second operator APP, so that the second operator APP can verify the target payment voucher using the operator's public key. It can be seen that in this application, the offline payment process is completed by transferring payment vouchers. The payment voucher is generated by the operator and confirmed by private key signature and stored in a secure operating environment, which cannot be copied, forged, or altered. Identification and verification are performed using the operator's publicly available public key, thus improving the security of offline payments.

[0089] Optionally, the device further includes:

[0090] The offline payment function activation module is used to send an offline payment function activation application to the digital asset operator management service, so that the digital asset operator management service can generate an offline payment certificate corresponding to the first operator APP; wherein, the offline payment certificate includes the operator's public key;

[0091] Accordingly, before generating the first payment voucher according to user needs, the digital asset operator management service verifies the offline payment certificate corresponding to the first operator APP. If the verification is successful, the first payment voucher is generated according to user needs.

[0092] Furthermore, the offline payment function activation module is specifically used for:

[0093] Send an offline payment function activation application to the digital asset operator management service so that the digital asset operator management service can verify the user's identity and credit based on the offline payment function activation application, and return the initial offline payment certificate when the verification is successful;

[0094] Download and activate the first SRE based on the initial offline payment proof, so that the first SRE can generate a user public-private key pair;

[0095] The first SRE sends the user's public key from the user's public-private key pair to the digital asset operator management service, so that the digital asset operator management service adds the user's public key to the initial offline payment certificate to obtain the offline payment certificate corresponding to the first operator APP.

[0096] Furthermore, the device also includes:

[0097] The signature module is used to sign the target payment voucher and the offline payment certificate using the user's private key when the confirmation receipt information for the target payment voucher returned by the second operator's APP is obtained, so as to obtain the target payment voucher signed by the user.

[0098] The corresponding payment credential transmission module 14 is also used to send the target payment credential signed by the user to the second operator APP, so that the second operator APP can verify the user's private key signature in the target payment credential signed by the user. If the verification is successful, the payment credential is saved to the second SRE embedded in the second operator APP.

[0099] The target payment voucher includes a first payment voucher and / or a second payment voucher, wherein the second payment voucher is a payment voucher sent by a third operator's APP;

[0100] If the target payment document includes a first payment document and a second payment document, then:

[0101] For the first payment credential, the verification process of the second operator APP before returning the confirmation of receipt includes: verifying the SRE serial number in the first payment credential, verifying the operator's private key signature, and verifying whether the first payment credential has expired based on the validity period in the first payment credential.

[0102] For the second payment credential, the verification process of the second operator APP before returning the confirmation of receipt includes: verifying the operator's private key signature in the second payment credential; if the operator's private key signature verification is successful, then the user's private key signature is verified sequentially from the end to the beginning based on the user's public key in the offline payment certificate, according to the circulation order of the second payment credential.

[0103] Furthermore, the device is also configured to: send a payment voucher redemption request or a payment voucher verification request to the digital asset operator management service, so that the digital asset operator management service can verify the user's identity and whether the offline payment function is enabled; after obtaining the verification success information returned by the digital asset operator management service, send the payment voucher to be redeemed or the payment voucher to be verified to the digital asset operator management service, so that the digital asset operator management service can return the corresponding digital assets to the first SRE after the payment voucher to be redeemed or the payment voucher to be verified is verified.

[0104] Furthermore, the device is also used to: send an application to disable the offline payment function to the digital asset operator management service; obtain a successful disabling response returned by the digital asset operator management service; and destroy the first SRE environment.

[0105] The digital asset operator management service returns a successful closure response when the user has no unredeemed and unredeemed payment vouchers. If there are payment vouchers that have not been redeemed by the payee, the payment voucher is filed.

[0106] See Figure 11 As shown in the figure, this application discloses an electronic device 20, including a processor 21 and a memory 22; wherein, the memory 22 is used to store a computer program; the processor 21 is used to execute the computer program, the offline payment method disclosed in the foregoing embodiment.

[0107] For details regarding the specific process of the aforementioned offline payment method, please refer to the relevant content disclosed in the foregoing embodiments, which will not be repeated here.

[0108] Furthermore, the memory 22, as a carrier for resource storage, can be a read-only memory, random access memory, disk, or optical disk, and the storage method can be temporary storage or permanent storage.

[0109] In addition, the electronic device 20 also includes a power supply 23, a communication interface 24, an input / output interface 25, and a communication bus 26; wherein, the power supply 23 is used to provide operating voltage for the various hardware devices on the electronic device 20; the communication interface 24 can create a data transmission channel between the electronic device 20 and external devices, and the communication protocol it follows can be any communication protocol applicable to the technical solution of this application, and is not specifically limited here; the input / output interface 25 is used to acquire external input data or output data to the outside world, and its specific interface type can be selected according to specific application needs, and is not specifically limited here.

[0110] Furthermore, embodiments of this application also disclose a computer-readable storage medium for storing a computer program, wherein the computer program, when executed by a processor, implements the offline payment method disclosed in the foregoing embodiments.

[0111] For details regarding the specific process of the aforementioned offline payment method, please refer to the relevant content disclosed in the foregoing embodiments, which will not be repeated here.

[0112] The various embodiments in this specification are described in a progressive manner, with each embodiment focusing on its differences from other embodiments. Similar or identical parts between embodiments can be referred to interchangeably. For the apparatus disclosed in the embodiments, since it corresponds to the method disclosed in the embodiments, the description is relatively simple; relevant parts can be referred to in the method section.

[0113] The steps of the methods or algorithms described in conjunction with the embodiments disclosed herein can be implemented directly by hardware, a software module executed by a processor, or a combination of both. The software module can be located in random access memory (RAM), main memory, read-only memory (ROM), electrically programmable ROM, electrically erasable programmable ROM, registers, hard disk, removable disk, CD-ROM, or any other form of storage medium known in the art.

[0114] The above provides a detailed description of an offline payment method, apparatus, device, and medium provided in this application. Specific examples have been used to illustrate the principles and implementation methods of this application. The descriptions of the above embodiments are only for the purpose of helping to understand the method and core ideas of this application. At the same time, for those skilled in the art, there will be changes in the specific implementation methods and application scope based on the ideas of this application. Therefore, the content of this specification should not be construed as a limitation of this application.

Claims

1. An offline payment method, characterized in that, Applied to the first operator's APP, including: A payment voucher redemption request is sent to the digital asset operator management service, so that the digital asset operator management service can generate a first payment voucher according to the user's needs; the first payment voucher includes a face value and an operator private key signature; The first payment voucher returned by the digital asset operator management service is saved to the first SRE embedded in the first operator APP; Based on the payment requirements corresponding to the second operator's APP and the face value of the payment voucher in the first SRE, a payment voucher is selected from the first SRE to obtain the target payment voucher; The target payment credential is transmitted offline to the second operator's APP so that the second operator's APP can verify the target payment credential using the operator's public key; The target payment voucher includes a first payment voucher and / or a second payment voucher, wherein the second payment voucher is a payment voucher sent by a third operator's APP; If the target payment document includes a first payment document and a second payment document, then: For the first payment credential, the verification process of the second operator APP before returning the confirmation of receipt includes: verifying the SRE serial number in the first payment credential, verifying the operator's private key signature, and verifying whether the first payment credential has expired based on the validity period in the first payment credential. For the second payment credential, the verification process of the second operator APP before returning the confirmation of receipt includes: verifying the operator's private key signature in the second payment credential; if the operator's private key signature verification is successful, then the user's private key signature is verified sequentially from the end to the beginning based on the user's public key in the offline payment certificate, according to the circulation order of the second payment credential.

2. The offline payment method according to claim 1, characterized in that, Before sending the payment credential redemption request to the digital asset operator management service, the process also includes: Send an offline payment function activation application to the digital asset operator management service so that the digital asset operator management service can generate an offline payment certificate corresponding to the first operator's APP; wherein, the offline payment certificate includes the operator's public key; Accordingly, before generating the first payment voucher according to user needs, the digital asset operator management service verifies the offline payment certificate corresponding to the first operator APP. If the verification is successful, the first payment voucher is generated according to user needs.

3. The offline payment method according to claim 2, characterized in that, Send an offline payment function activation application to the digital asset operator management service so that the digital asset operator management service can generate offline payment proof corresponding to the first operator's APP, including: Send an offline payment function activation application to the digital asset operator management service so that the digital asset operator management service can verify the user's identity and credit based on the offline payment function activation application, and return the initial offline payment certificate when the verification is successful; Download and activate the first SRE based on the initial offline payment proof, so that the first SRE can generate a user public-private key pair; The first SRE sends the user's public key from the user's public-private key pair to the digital asset operator management service, so that the digital asset operator management service adds the user's public key to the initial offline payment certificate to obtain the offline payment certificate corresponding to the first operator APP.

4. The offline payment method according to claim 3, characterized in that, Also includes: When the confirmation receipt information for the target payment voucher returned by the second operator's APP is obtained, the user's private key is used to sign the target payment voucher and the offline payment certificate to obtain the target payment voucher signed by the user. The target payment credential signed by the user is sent to the second operator's APP so that the second operator's APP can verify the user's private key signature in the target payment credential. If the verification is successful, the payment credential is saved to the second SRE embedded in the second operator's APP.

5. The offline payment method according to claim 2, characterized in that, Also includes: Send a payment voucher redemption request or payment voucher verification request to the digital asset operator management service so that the digital asset operator management service can verify the user's identity and whether the offline payment function is enabled; After receiving the verification success information returned by the digital asset operator management service, the system sends the payment voucher to be redeemed or the payment voucher to be verified to the digital asset operator management service, so that the digital asset operator management service will return the corresponding digital asset to the first SRE after the payment voucher to be redeemed or the payment voucher to be verified is verified.

6. The offline payment method according to claim 2, characterized in that, Also includes: Send an application to the digital asset operator management service to disable the offline payment function; Upon receiving a successful shutdown response from the digital asset operator management service, the first SRE environment is destroyed. The digital asset operator management service returns a successful closure response when the user has no unredeemed and unredeemed payment vouchers. If there are payment vouchers that have not been redeemed by the payee, the payment voucher is filed.

7. An offline payment device, characterized in that, Applied to the first operator's APP, including: The payment voucher redemption module is used to send a payment voucher redemption request to the digital asset operator management service, so that the digital asset operator management service can generate a first payment voucher according to the user's needs; the first payment voucher includes a face value and an operator's private key signature. The payment voucher storage module is used to save the first payment voucher returned by the digital asset operator management service to the first SRE embedded in the first operator APP; The payment voucher selection module is used to select a payment voucher from the first SRE based on the payment requirements corresponding to the second operator's APP and the face value of the payment voucher in the first SRE to obtain the target payment voucher. The payment credential transmission module allows the user to transmit the target payment credential offline to the second operator's APP, so that the second operator's APP can verify the target payment credential using the operator's public key; The target payment voucher includes a first payment voucher and / or a second payment voucher, wherein the second payment voucher is a payment voucher sent by a third operator's APP; If the target payment document includes a first payment document and a second payment document, then: For the first payment credential, the verification process of the second operator APP before returning the confirmation of receipt includes: verifying the SRE serial number in the first payment credential, verifying the operator's private key signature, and verifying whether the first payment credential has expired based on the validity period in the first payment credential. For the second payment credential, the verification process of the second operator APP before returning the confirmation of receipt includes: verifying the operator's private key signature in the second payment credential; if the operator's private key signature verification is successful, then the user's private key signature is verified sequentially from the end to the beginning based on the user's public key in the offline payment certificate, according to the circulation order of the second payment credential.

8. An electronic device, characterized in that, Includes memory and processor, wherein: The memory is used to store computer programs; The processor is configured to execute the computer program to implement the offline payment method as described in any one of claims 1 to 6.

9. A computer-readable storage medium, characterized in that, Used to store a computer program, wherein the computer program, when executed by a processor, implements the offline payment method as described in any one of claims 1 to 6.