Analysis of the reasons for the People's Bank to stop the two-dimension code payment

　　People's Bank in March 13, 2014 issued a moratorium on payment of Alipay, Tenpay, such as the line of two-dimensional code payment business, the news came out after the controversy, some people think that the central bank worried about risk is false, interest is true, then, two-dimensional code is safe? The author from the pure technical point of view, in this article to talk about their own views.

Two-dimensional code is actually not a novelty, in the the 1980s two-dimensional code has been born and widely used in life. The central bank is not restricting the use of two-dimensional code, but is to the offline (merchant and cardholder face-to-face) two-dimensional code payment scenario, asking Alipay, tenpay the two Internet companies to accept the assessment. In the author's opinion, if the central bank is not in time, there is a possibility of potential information security incident, which leads to the systemic financial payment risk.

The information security of payment needs to be able to control the whole link in the predictable range, aiming at the risk point of information security. Offline two-dimensional code payment now seems to present at least the following four aspects of risk:

1. Who is the two-dimensional code generation? Are there tamper-proofing measures in the transmission process?

The People's bank suspended the two-dimensional code payment, is the first two-dimensional code as a trading order (to solve the problem of how much money to pay), through a hardware terminal. Because two-dimensional code represents the direction of capital flow, the authenticity and completeness of two-dimensional code payment is the focus of attention, so who is responsible for this?

At present the payment terminal is responsible for the payment terminals, the payment terminal is the certified testing equipment purchased by the receiving agency, and the parameters related to the transaction are maintained by the receiving body. This means that the physical hacker attacks the payment terminal is more difficult, logically hackers tamper with merchant information and transaction amount of the possibility is also very low.

But what about the two-dimensional code terminal? There is a series of questions: Two-dimensional code is the end of their own generation? Or is it generated by a two-dimensional code server in the background? Is there any encryption protection in the process, and is there any tamper-proofing measures in the transmission process? This not only related to the customer is not to pay for this transaction, more related to whether the merchant can normally receive the money.

2, two-dimensional code transmission, the authenticity and integrity of information is continued?

The suspended two-dimensional code payment business is the transfer of two-dimensional code from merchant to individual through customer mobile "sweep two-dimensional code function". This link, the authenticity and integrity of information is the focus of attention, who is responsible for this?

Assuming that the two-dimensional code generation process is reliable, now to solve two problems: first, the user should be able to identify this is a reliable two-dimensional code, that is, identity authentication; The second is that the two-dimensional code in the filming process has not been stealthily, that is, consistency. Currently offline payment using the payment method does not have this problem, because all transactions handled by the POS terminal completed and sent to the background, there is no process of conversion, and this conversion is precisely the key link O2O.

In the information security, there is a term "man-in-the-middle attack", which refers to the communication between the two sides of communications, the harm caused by a third party control. If you can not solve the problem of trust, mobile phone Trojan can also send a two-dimensional code to the customer's mobile phone, light can allow the phone to recruit system restart, heavy can let the payment process interrupted even the wrong pay situation.

3, two-dimensional code analysis, how to ensure that the results of the analysis is not tampered with?

Two-dimensional code parsing is an important part of two-dimensional code application, but there is also the risk of information security in online payment. Previously mentioned offline payment two-dimensional code transfer is the flow of funds information, parsed two-dimensional code will be confirmed by users, and then start the deduction process, and trigger the relevant information flow and even logistics.

The result of two-dimensional code analysis directly determines the correctness of the payment result. Two-dimensional code is the mobile phone client resolution, or background server analysis, how to ensure that the results of the analysis is not tampered with? As the result of two-dimensional code parsing is the customer's consumption record, and reflects the customer's daily behavior, belonging to personal information, how to ensure this part of the information security?

4, two-dimensional code results notification, there is a unilateral account, causing market confusion risk

As the last link of two-dimensional code application, two-dimensional code result notification needs to guarantee the authenticity and completeness of the result.

If the cardholder's bank card is successfully deducted, but the merchant received the failure to deal with the results, if the merchant received a successful response, but the cardholder's bank card does not change the amount of money, will create a one-sided account, causing market chaos.

Seemingly current offline payment POS terminals also have a lot of error handling transactions every day, but many can be solved by the system's error handling. However, once the hacker attacks the handset client and merchant two-dimensional code device on the Internet, can tamper with the payment result, the payment process will not be controllable. If the processing result of Cardholder's handset is inconsistent with backstage, how to deal with?

In the offline payment scene, in addition to POS, self-service terminals, telephone POS terminals, audio port POS terminals and other innovative equipment and payment methods continue to emerge, and ultimately to follow the industry supervision, and comply with the relevant business rules and technical standards. and two-dimensional code payment completely broke through the bottom line, in the "naked" state.

Finally, I have to say, Alipay and tenpay two companies to the central bank's red to the Internet, itself is information security leaks, if the Internet innovation must be free from the industry's supervision, industry questioning, excessive emphasis on convenience, to erase the public's right to know, such innovation will only let information security incidents into a social focus Will disrupt the development of the market.