Technical Interview | What is the dual offline payment for digital currency?
We have previously explained some of the positioning and functions of the central bank's digital currency through a series of in-depth reports. Recently, Mu Changchun, director of the Central Bank's Digital Money Research Institute, also mentioned that DCEP needs to support “double offline” payments in the future. Many investors are interested in the interesting details of dual offline payments. The future of digital currency is a big direction. A very important technical practice of this program is to replace cash. In the absence of a network, users can't use WeChat to pay or Alipay online payment, but in the absence of the network, they can still pay cash to customers. This is an important aspect to ensure the function of Cash. So how do digital currencies achieve dual offline payments?
The topic of dual offline payment has also been mentioned recently. We have discussed with the new Cape technology management team that is doing double offline payment in the industry. Their business is doing more in the campus scene, and the school campus canteen is used for double card. Offline technology, so we will discuss the development process of dual offline, the latest solutions, how to deal with high concurrency, how to achieve in the case of poor network and related security issues.
1. Dual offline payment application scenarios and principles
The dual offline payment core refers to a process of completing the service when the medium and the receiving terminal are offline, and the most typical is the payment service and the verification identity. For the payment business, it completes the closed-loop transaction process by postponing the payment after the transaction is completed. The core is to realize a technical solution for fast nuclear body and payment.
Its business mechanism has two core points. One is that the business mechanism has two features, including the core and payment; the other is a trust mechanism between the terminal and the medium. There are three dimensions in the transaction security mechanism: (1) one is the amount of risk control, that is, the amount of transactions after double offline; (2) the second is the mechanism for advance and recovery; (3) the third is Credit system. In fact, the code and face in the dual offline scene is essentially a process of first-aid payment, which solves the problem of user experience. The applicable scenario is: a scene in which a large number of people complete the nuclear or micropayment in a short period of time. When the network is not smooth or the information environment is abnormal, the success rate of the transaction is also required. Otherwise, a group event may be triggered. For example, bus and campus canteen consumption; taking the campus canteen as an example: After 12 o'clock, tens of thousands of people concentrate on completing the meal within 1 hour. If they do not support double offline transactions, they may trigger group events, or the school will let students eat for free. The school pays the bill; the campus scene double offline features the campus core, must be the campus identity, which is the difference between the closed environment and the open environment (such as public transport); the nuclear body requires the student or teacher to consume, it is specific scene specific Strategy.
At present, there are two implementation paths that are going online, and there are two future technical directions. At present, the dual-offline core and payment of cards, codes and faces have been realized, mainly the contract accounting plus one of the operators’ funds. route.
There are two more routes on the bottom of the fund. One is the credit line that the school permits students to credit, and the other is the funding path based on the marketing strategy.
One of the current technical directions in research is the Internet of Things edge calculation. Through the edge calculation, the wind control capability is enhanced; in addition to the transaction behavior (limit, limited scene, overdraft risk control quota, etc.), based on the Internet of Things, through the same place trading location, the edge calculation gateway is completed, and the verification is completed. Machine wind control balance, increase the risk of double offline wind control);
2. Double offline future development direction:
(1) The application of blockchain technology in edge calculation. Because the future development direction of campus payment is bound to improve the user experience, this model can solve the problem of campus accounting management. In the research of blockchain technology, we are currently studying the technical path of coin-operated and non-coin. The scene of the currency in the closed environment of the campus is mainly the wallet integral of the card. The scene of no-currency is mainly the super-book, the student’s Credit resume, employment aspect.
(2) Digital currency . This is also our next research direction. This is mainly to follow the national standard norms for application innovation. In the IC card era, the PBOC specification is followed. In the future, the state will also issue some specifications of digital currency to solve the closed-loop scenario of the acquiring transaction. problem. With the support of the policy and the school licensing scenario, we will continue to study the user experience of dual offline payment, and use the constant iteration of technology to study the industry norms. At present, we are in the digital currency, there is no real production application, and innovation needs to be based on the management regulations of the central bank.
The application of the dual offline campus payment scenario, the earliest is the card and NFC, the electronic wallet trading mechanism has become the standard of the bank. With the development of mobile payment and face payment, students no longer bring cards and cash. Face payment has gradually become the mainstream. At present, the school network environment will still be faulty, so within the closed scene of the campus, the network and The face must be able to adapt to the dual offline requirements like a card, to avoid group events caused by network or system congestion during peak hours, or to avoid orders. The trading mechanism of both parties relies on the two-way authentication of the terminal, the uploading calculation process of the delay record, and the mechanism of credit risk control, and a series of security measures.
Q : When we use dual offline, for example, I only charge one hundred dollars, but maybe because there is no real-time settlement under offline conditions, I consumed 110 at that time, then maybe I am going to make a recovery after settlement? ?
A: Yes. NFC cards have an electronic wallet, it does not exist, but if you want code and face, this may happen. There are some risk control mechanisms and qualifications for risk control. According to your personal consumption situation, there will be some control of the risk control technology for the balance of your balance, and there will be trading quota control offline. In addition, there will be some trading controls on the terminal side, which will reduce the risk of trading after offline.
When code and face support dual offline transactions, there must be a process of signing an electronic agreement in advance to open the withholding process, and then the second step is to delay the network cleaning. If the balance is not enough, there are two modes before the settlement point: (1) one is that the school will have a credit line that is allowed; and (2) one is if the operator is involved, such as Alipay and perfect number. They will first give the school and the merchant, and then he will use the guidance channel or the three-way channel to recover.
If you can't recover it, there are two ways: (1) One way is that the school will cooperate with the control of leaving school, when he leaves school, he has to clear the money; (2) if this can't be done, That will enter the three-party credit system.
Because our group is a college student, we generally believe that college students will not do this because of malicious behavior. This is rarely the case.
Q : If the mobile wallet is NFC, because it belongs to this open state, will there be malicious behavior such as crowds, which will lead to money being stolen, and there are measures to avoid it?
A: The campus scene has its particularity, because the transaction distance between the card and the POS should be 0 to 10 cm according to the specification, and the school scene is usually set to 5 cm. If the card is not lost after the card is lost, take the POS machine directly to the person. It is almost impossible to brush around 5 cm. If it happens, it can be traced back, because the PSAM card issued by the platform in the POS machine can be used, and all must be traceable. Within a certain range, we also have mechanisms such as the limit of consumption on the day. If there is a card loss, there is no way to do this;
Q : In the scenario of dual offline payment, can the transfer of these funds be real-time, or will the data and fund transfer information be sent to the chain only when the settlement is completed?
A: The blockchain is now explored in two phases: (1) In the first phase, we explored the use of blockchains for our bookkeeping, and the core solution is that business accounts are not forfeitable; (2) The two phases may extend to a scenario similar to the closed environment in the school to issue points.
The biggest difference lies in who is the dominant party, the scope and main purpose of the blockchain recognition, and the second one emphasizes that we must wait for some norms of the national policy level and some consensus implementation at the industry level. The production environment has landed.
Q : Let's talk about one thing about the central bank's digital currency. For example, two mobile phones can complete the transfer and DCEP payment. This dual offline technology, according to your understanding, what technical methods and some problems need Where is the attention?
A: You are talking about it because of the NFC technology path that Huawei has been pushing at the beginning of this year. Mobile phone touch should basically be based on technology similar to near-field payment.
Q : Before we saw a picture on the Internet, we developed a DCEP wallet in ICBC's APP. If his DCEP account is inside the mobile banking app, is it still necessary to use the network? If the mobile phone is offline, can DCEP in the mobile banking app still use dual offline?
A: He may have a mechanism. It may be that the unique value of the token exists in the phone and exchanges this unique value. There may be a mechanism to do double offline.
Q : Is there a constant existence in the double offline, for example, the problem of clearing the diagonal and double flowers afterwards?
A: It exists in theory, but it is actually very rare, and the probability is extremely small. There is a limit to the time when the terminal is offline. The duration of the offline offline will not be allowed. The same code or the same face will have a limit on the number of transactions and the number of transactions on your terminal. Similarly, if your mobile app has to open the code, this code is also time-sensitive and there are multiple security mechanisms. NFC is more secure than a two-dimensional code. It is placed inside the security chip.
Q : NFC is easily called by a device that can be recognized by the surrounding, and he can be stolen without unlocking the phone. Can this pose a security risk?
A: It can be recognized but there is no key to deduct the money. If someone wants to steal the amount in your NFC, it must have a corresponding authentication terminal. Even if you brush it, you can trace it and audit it.
Q : The problem of the student file you mentioned just now, the human resources side must call the data of Xuexin.com. It should be a centralized platform of the Ministry of Education. Now there is no problem in using it. Why do you want to Want to register with a blockchain? What is the difference between reading information from the original centralized learning network?
A: It mainly solves the problem that the data is credible, traceable, untamed, and unforgeable. It solves the problem of trust crisis, because there is now a fraud.
Blockchain is one of the technical paths, and the application of blockchain will lead to innovation in the business model of the talent service industry. For example, the establishment of the infrastructure of the blockchain public chain based on talent data will give more self-winding models to individuals, school employment offices, enterprises, education bureaus, and Xuexin.com, which will significantly reduce the cross-checking of information within the industry. , certification costs.
Q : Regarding the traceable question, can it be traceable if it is a QR code? In addition, how to realize double offline payment when the QR code is offline?
A: He has some differences. There are no e-wallets for code and face. The QR code (campus code) issued by the on-campus payment system can be traced. In the offline case, the terminal can directly decode the unique identification ID of the school for the debit transaction processing. Later, the account was sold through networking. The amount of double offline payment is controlled by the amount of risk control, the limit of the offline trading mechanism of the terminal, and the time and number of times the quota is generated.
Q: My mobile phone, for example, can't go online today. Can I still open the QR code for dual offline?
A: It can be for a while. This is mainly because the code has a security mechanism and is a mechanism for dual digital certificates. For mobile phone users, he is a personal password-based certificate login mode, which caches the public key of the personal token platform certificate, and he also needs to update regularly to form a valid QR code, but if your token exceeds a certain Time, then there is no way to generate a QR code, there is no way to use it.
Q : Actually, the generation of QR code has something to do with this terminal?
A: It is related to user terminals and POS machines. The user terminal first maintains a valid terminal state before the offline code can be opened. For the POS machine, the POS machine will also download the platform certificate, unlock the first layer of the code, and then verify the code. First of all, the first layer of the unlocking code is issued by the platform, and then the public key is used to unlock the personal information, and then the amount of the risk control in the code and the validity period are used to confirm that the code is valid. At the same time, POS itself will have some control over the trading mechanism, such as the duration of offline transactions, the restrictions on the use of the same user, whitelists, and so on.
Q : For example, if you buy something in the supermarket, the mobile phone WeChat QR code is refreshed every other time. Is this related to dual offline?
A: The payment institution's online code refresh is mainly to prevent theft and use. The difference in technical mechanism is mainly due to the dual certificate mechanism. Online code It is just a token, but dual offline is a mechanism for double digital certificates. Online code can't be verified offline, so if the code like WeChat is paid in the supermarket, the payment terminal is generally online, and the offline code has no network in the bus. In the case of offline, it is also a dual certificate mechanism. But there are also differences in supermarkets, buses, and campuses because they are open environments.