CN102737309A - Method and system of card transaction - Google Patents
Method and system of card transaction Download PDFInfo
- Publication number
- CN102737309A CN102737309A CN2011100836166A CN201110083616A CN102737309A CN 102737309 A CN102737309 A CN 102737309A CN 2011100836166 A CN2011100836166 A CN 2011100836166A CN 201110083616 A CN201110083616 A CN 201110083616A CN 102737309 A CN102737309 A CN 102737309A
- Authority
- CN
- China
- Prior art keywords
- card
- module
- terminal
- transaction
- swiping
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Granted
Links
Images
Landscapes
- Cash Registers Or Receiving Machines (AREA)
Abstract
The invention relates to a method and a system of a card transaction. The method comprises the steps of: carrying out the card transaction between a card module and a card reader module; sending card transaction information to a terminal module by the card module or the card reader module; and confirming the card transaction information to complete the card transaction. The system of the invention comprises the card reader module, the card module, and the terminal module. Compared with the existing manner of card transactions, the method and the system of the invention enable a card transaction process to be more transparent, thereby guaranteeing the safety of the card transaction process.
Description
Technical field
The present invention relates to the safeguard protection of the process of swiping the card, specifically is a kind of about protecting card punching safety and improving card method of commerce and the system of transaction to the user transparent degree.
Background technology
Along with the development of card business, the mode that card uses has not been the exclusive of the bank field, and as mass transit card, purchase card, water power card, grease card, social security card etc., industry-by-industry also comes many more to the support of all kinds of cards.On the other hand; Existing card process of exchange is to black box of user Lai Shuoshi, and how many residues of each consumption how much, and the user can only judge through card reader (like the POS machine); This just possibly exist the card reader of personation to forge the amount of money, extracts the user cipher equivalent risk.On the other hand, the fake producer also can show this amount of money that charges into and in fact card not had any operation and come the user is swindled with the top-up machines of a vacation.
The method of existing raising transaction security mainly concentrates on network bank business based field (being patent of invention of CN101393628A, CN101408957A, CN101594611A etc. like publication number); The solution major part of payment system of raising security of transaction of swiping the card towards the scene all need be done bigger change (be like publication number CN101739763A patent of invention etc.) to existing system, is difficult to carry out.
Summary of the invention
Technical matters to be solved by this invention provides a kind of card method of commerce and system, to improve the swipe the card security of transaction and to user's the transparency of scene, avoids the forgery and illegal imitation of brand-name products amount of money, extracts the user cipher equivalent risk.
The present invention solves the problems of the technologies described above the card method of commerce that is provided, and step comprises:
Make the transaction of swiping the card between card module and the card reader module;
Said card module or the card reader module Transaction Information of will swiping the card is sent to terminal module; And
Confirm the said Transaction Information of swiping the card, with the completion transaction of swiping the card.
The beneficial effect of card method of commerce of the present invention is: the Transaction Information of will swiping the card is sent to terminal module; The user that swipes the card is known the Transaction Information of swiping the card through terminal module; Can improve the security and the transparency swiped the card and conclude the business in the scene, avoid the forgery and illegal imitation of brand-name products amount of money, extract the user cipher equivalent risk.
Further, before the said transaction of swiping the card, also comprise:
Said card module and terminal module are carried out pairing and binding.
Adopt the beneficial effect of above-mentioned further scheme to be, make terminal module can only receive the Transaction Information of swiping the card of the card module of institute's pairing and binding, the Transaction Information that prevents to swipe the card is received and reveals by the terminal module of any other unbundling.
Further, pairing and binding comprises: between card module and the terminal module for one to one or many-one bind, promptly a card module can only be bound a terminal module, a terminal module is bound with at least one card module mutually.
Adopt the beneficial effect of above-mentioned further scheme to be, adopt one to one or the many-one binding mode, make the Transaction Information of swiping the card of a card module only can issue a terminal module, strengthened confidentiality the Transaction Information of swiping the card; Many cards can be bound in a terminal simultaneously, are convenient to use.
Further, the process of the said Transaction Information of swiping the card of affirmation comprises:
The user is through said card reader module input password, and said card reader module is accomplished the transaction of swiping the card according to said password;
Perhaps the user is through said terminal module input password, and said terminal module is sent to card reader module with password, and said card reader module is accomplished the transaction of swiping the card according to said password;
Perhaps the user is through said terminal module input password, and said terminal module is sent to card module with password, and said card module is sent to card reader module with password, and said card reader module is accomplished the transaction of swiping the card according to said password;
Perhaps card module embedded digital certificate; The user is through said terminal module input password; Said terminal module is sent to card module with password, and after card module judged that this password is correct, card module carried out digital signature to said Transaction Information; And the digital signature of this card module is sent to card reader module, said card reader module is accomplished the transaction of swiping the card according to this card module to the digital signature that said Transaction Information carries out;
Perhaps terminal module embedded digital certificate; The user is through this terminal module input password, and after this terminal module judged that this password is correct, this terminal module carried out digital signature to said Transaction Information; And signature value is sent to card module or card reader module; If this signature value is sent to card reader module, then card reader module is accomplished the transaction of swiping the card according to this signature value, if signature value is sent to card module; Then card module sends it to card reader module after receiving this signature value again; Perhaps generate a new signature with its own private key after the correctness of card module certifying signature, new signature is sent to card reader module, card reader module is according to this signature value or the new signature completion transaction of swiping the card.
Adopt the beneficial effect of above-mentioned further scheme to be; Different mining that can be as the case may be realizes the affirmation of the Transaction Information of swiping the card and the completion transaction of swiping the card with multiple mode: if only need inform when swiping the card the user card punching Transaction Information through terminal module, the user then can only need be through card reader module input password; If transaction needs the feedback information of terminal module to accomplish, then the user need be through terminal module input password; If transaction needs the feedback information of terminal module and card module to accomplish simultaneously, then the user need input password and transmits through card module through terminal module; If process of exchange needs safer rank protection; Prevent that card module or terminal module are replicated; Then in card module, terminal module, distinguish the embedded digital certificate, the password of importing according to the user carries out digital signature to Transaction Information, with the safety that guarantees to greatest extent to swipe the card and conclude the business.
Card transaction system provided by the present invention comprises card reader module, card module and terminal module; Said card module be used for and card reader module between the transaction of swiping the card, and be used to receive swipe the card the user affirmation information and be transmitted to said card reader module; Said card module or card reader module also are used for the Transaction Information of swiping the card is wirelessly sent to said terminal module; Said terminal module is used for the said Transaction Information of swiping the card is informed the user that swipes the card, and the user's that will swipe the card affirmation information returns to said card module or card reader module; The direct affirmation that said card reader module is used for carrying out through card reader module according to the user that swipes the card or accomplish the transaction of swiping the card from the affirmation information that said terminal module or card module receive.
The beneficial effect of card transaction system of the present invention is: card transaction system of the present invention is informed the user card punching information of swiping the card through terminal module; The user can only obtain card using information through card reader in the existing transaction of swiping the card, and process of exchange is " transparent " more; Card module or card reader module send to terminal module to the Transaction Information of swiping the card through wireless mode, and terminal module is held by the user and carried, and have improved the security of transaction.
Further, communicate through RF-wise between said terminal module and the card module, communicate through RF-wise between said terminal module and the card reader module.
Adopt the beneficial effect of above-mentioned further scheme to be, adopt RF-wise communication, the user can hold the terminal easily.
Further, said card reader module comprises the card reader radio frequency unit and the card reader service unit of mutual electrical connection; Said card reader service unit be used for and said card module between the transaction of swiping the card; Send the said Transaction Information of swiping the card to said card reader radio frequency unit, and perhaps perhaps accomplish the transaction of swiping the card according to the affirmation information of said card module from the affirmation information that said card reader radio frequency unit receives according to the affirmation information that the user directly imports through card reader service unit self; Said card reader radio frequency unit is used for receiving the said Transaction Information and send to said terminal module through RF-wise of swiping the card from said card reader service unit, and receives said confirmation and be transmitted to said card reader service unit from said terminal module.
Adopt the beneficial effect of above-mentioned further scheme to be, realized that card reader module has the function of transaction of swiping the card and radio communication simultaneously.
Further, card reader that is connected with computing machine that said card reader service unit is the POS machine, the personal user had or the pairing card reader of mass transit card purchase card.
Adopt the beneficial effect of above-mentioned further scheme to be; Make equipment such as card reader that is connected with computing machine that POS machine, personal user had or the pairing card reader of mass transit card purchase card on original basis, to transform a little; Increase a card reader radio frequency unit and can realize their radio communication function; Make them when user card punching, can utilize radio-frequency technique that user's card using information is sent; Needn't design again and make reader device such as above-mentioned POS machines separately, save the scrap build cost.
Further, the said card module card radio frequency unit and the cartoon letters unit that comprise the card service unit and be electrically connected with it; Said cartoon letters unit is used for communicating with the transaction of swiping the card with said card reader module, and the said Transaction Information of swiping the card is sent to said terminal module through said card radio frequency unit with the mode of radio frequency; Said card radio frequency unit is used for receiving said confirmation from said terminal module, and sends confirmation through said card radio frequency unit or cartoon letters unit to said card reader module; Said card service unit is used to preserve user's digital certificate, and the said Transaction Information of swiping the card is carried out digital signature, confirmation is carried out encryption and decryption and said rf terminal is carried out authentication and matches with said rf terminal.
Adopt the beneficial effect of above-mentioned further scheme to be, make card module possess common function of swiping card and radio communication function simultaneously, and make the information of said card module and Transaction Information be difficult for being stolen.
Further, said cartoon letters unit is 7816 communication units of magnetic stripe unit, contact chip card or the radio frequency communications unit of contactless chip card.
Adopt the beneficial effect of above-mentioned further scheme to be; Realized on existing all kinds of cards its function expansion, made card transaction system of the present invention only need to transform a little (only increasing the card radio frequency unit) and can realize its function in the present invention the existing all kinds of cards that use.
Further, said card module is the card that is mated with POS machine, the card reader that is connected with computing machine that the personal user had or the pairing card reader of mass transit card purchase card that has a radio-frequency enabled.
Adopt the beneficial effect of above-mentioned further scheme to be, make existing all kinds of card need not carry out any transformation and promptly can be applicable to the present invention, saved improvement cost.
Further, said terminal module comprises terminal radio frequency unit, terminal service unit and the terminal human-computer interaction unit that is electrically connected in order; Said terminal radio frequency unit is used for carrying out radio communication with said card reader module and/or card module, receives the said Transaction Information and be transmitted to said terminal service unit of swiping the card; Said terminal service unit is used for the said Transaction Information of swiping the card is sent to said terminal human-computer interaction unit, and the affirmation information that will receive from said terminal service unit sends it back said card module or card reader module; Said terminal human-computer interaction unit is used for the said Transaction Information of swiping the card is confirmed and confirmation is returned to said terminal service unit.
Adopt the beneficial effect of above-mentioned further scheme to be, realized that terminal module receives to swipe the card Transaction Information and inform and return the function of confirmation to the user that swipes the card.
Further, said terminal service unit also is used for matching with said card module, and confirmation is encrypted, and preserves user's digital certificate and Transaction Information is carried out digital signature.
Adopt the beneficial effect of above-mentioned further scheme to be, make Transaction Information, confirmation etc. be difficult for being stolen.
Further, said terminal module is mobile phone or the PDA (Personal Digital Assistant, personal digital assistant, palm PC) that has the radio communication function.
Adopt the beneficial effect of above-mentioned further scheme to be, utilize the radio-frequency module that perhaps increases on the mobile devices such as existing mobile phone or PDA can realize the function of the terminal module among the present invention.
Further, said confirmation comprises the password that the user inputs on said card reader module or terminal module, the digital signature that card module and/or terminal module carry out Transaction Information.
Card transaction system of the present invention; Only need on the basis of existing card transaction system, to change a little; As on existing P OS machine, adding radio-frequency module, go up at existing card (like bank magnetic stripe card, chip card etc.) and to add radio-frequency module, utilize the mobile devices such as the mobile phone that has radio-frequency enabled or PDA in user's hand; Perhaps on mobile devices such as mobile phone that does not have radio-frequency enabled or PDA, increase radio-frequency module, mobile devices such as mobile phone or PDA itself just become the terminal and realize corresponding function.In addition, can the POS machine not changed yet, only will have bank card now and add radio-frequency module and carry out radio communication with mobile phone.The card transaction system of building like this is very little to existing scrap build, and is easy to implement.
Description of drawings
Fig. 1 is a card transaction system structured flowchart of the present invention;
Fig. 2 is a kind of system and method that adopts of the present invention about bank card business dealing;
Fig. 3 is for seeking the whole flow process that the radio frequency mobile phone sends digital signature to the radio frequency mobile phone from bank card in the bank card system shown in Figure 2.
In the accompanying drawing, the list of parts of each label representative is following:
1, card reader module, 2, card module, 3, terminal module; 101, card reader service unit, 102, the card reader radio frequency unit, 201, the cartoon letters unit; 202, card service unit, 203, the card radio frequency unit, 301, the terminal radio frequency unit; 302, terminal service unit, 303, the terminal human-computer interaction unit.
Embodiment
Below in conjunction with accompanying drawing principle of the present invention and characteristic are described, institute gives an actual example and only is used to explain the present invention, is not to be used to limit scope of the present invention.
Referring to Fig. 1, card method of commerce provided by the present invention comprises:
The transaction of swiping the card between card module 2 and the card reader module 1;
Confirm the said Transaction Information of swiping the card, with the completion transaction of swiping the card.
Before the above-mentioned transaction of swiping the card, also comprise:
Carry out pairing and binding between card module 1 and the terminal module 2.This is bound one to one or many-one is bound; To guarantee to mail to the terminal module 3 of the unique appointment of user for the card Transaction Information of swiping the card of a certain card module 2; And other terminal module 3 can not receive the Transaction Information of swiping the card of this card module 2, thereby avoids the leakage of the Transaction Information of swiping the card of card module 2.A terminal module 2 can be bound at least one card module 1 simultaneously.
Confirm that the said Transaction Information of swiping the card can realize through following multiple mode:
The user is through card reader module 1 input password, and card reader module 1 is accomplished the transaction of swiping the card according to this password;
Perhaps the user is through terminal module 3 input passwords, and terminal module 3 is sent to card reader module 1 with this password, and card reader module 1 is accomplished the transaction of swiping the card according to this password;
Perhaps the user is through terminal module 3 input passwords, and terminal module 3 is sent to card module 2 with this password, and card module 2 is sent to card reader module 1 with this password, and card reader module 1 is accomplished the transaction of swiping the card according to this password;
Perhaps card module 2 embedded digital certificates; The user is through terminal module 3 input passwords; Terminal module 3 is sent to card module 2 with this password, and after card module 2 judged that this password is correct, 2 pairs of these Transaction Informations of card module carried out digital signature; And the digital signature of this card module 2 is sent to card reader module 1, card reader module 1 is accomplished the transaction of swiping the card according to the digital signature that 2 pairs of these Transaction Informations of this card module carry out;
Perhaps terminal module 3 embedded digital certificates; The user is through these terminal module 3 input passwords, and after this terminal module 3 judged that this password is correct, 3 pairs of these Transaction Informations of this terminal module carried out digital signature; And signature value is sent to card module 2 or card reader module 1; If this signature value is sent to card reader module 1, then card reader module 1 is accomplished the transaction of swiping the card according to this signature value, if this signature value is sent to card module 2; Then card module sends it to card reader module 1 after receiving this signature value again; Perhaps generate a new signature with its own private key after the correctness of these card module 2 certifying signatures, new signature is sent to card reader module 1, card reader module 1 is according to this signature value or the new signature completion transaction of swiping the card.
Card transaction system provided by the invention, as shown in Figure 1, comprise card reader module 1, card module 2 and terminal module 3; Wherein, communicate through RF-wise between terminal module 3 and the card module 2, communicate through RF-wise between terminal module 3 and the card reader module 1; The transaction of swiping the card between card module 2 and the card reader module 1, card module 2 or card reader module 1 Transaction Information of concluding the business of will saidly swiping the card sends to terminal module 3, and terminal module 3 is informed the user that swipes the card with the said Transaction Information of swiping the card; The user that swipes the card confirms through this terminal module 3 or card reader module 1; When the user that swipes the card confirmed through this terminal module 3, terminal module 3 returned to card module 2 or card reader module 1 with user's affirmation information; When confirmation returned to card module 2 through terminal module 3, this card module 2 sent to card reader module 1 with this confirmation; The affirmation that card reader module 1 carries out through card reader module 1 according to the user that swipes the card or accomplish the transaction of swiping the card from the affirmation information that terminal module 3 or card module 2 receive.
More specifically, card reader module 1 comprises the card reader radio frequency unit 102 and card reader service unit 101 of mutual electrical connection; Card reader service unit 101 be used for and card module 2 between the transaction of swiping the card; And the Transaction Information of will swiping the card sends card reader radio frequency unit 102 to; Simultaneously, card reader service unit 101 also be used for according to user or cartoon cross card reader service unit 101 self directly input affirmation information or the affirmation information that receives from card reader radio frequency unit 102 or accomplish the transaction of swiping the card according to the affirmation information of card module 2; Card reader radio frequency unit 102 is used for receiving from card reader service unit 101 swipes the card Transaction Information and sends to terminal module 3 through RF-wise, and from terminal module 3 confirmation of receipt information and be transmitted to card reader service unit 101.Specifically, card reader service unit 101 can be POS machine, card reader that is connected with computing machine or the pairing card reader of mass transit card purchase card that the personal user had.
Card radio frequency unit 203 and cartoon letters unit 201 that card module 2 comprises card service unit 202 and is electrically connected with it; Card service unit 202 communicates with the transaction of swiping the card through cartoon letters unit 201 and card reader service unit 101 in the card reader module 1, and the Transaction Information of will swiping the card sends to terminal module 3 through blocking radio frequency unit 203 with the mode of radio frequency; Card service unit 202 passes through card radio frequency unit 203 from terminal module 3 confirmation of receipt information, and sends confirmation through card radio frequency unit 203 or cartoon letters unit 201 to card reader module 1.Card service unit 202 also is used to preserve user's digital certificate, and the Transaction Information of swiping the card is carried out digital signature, confirmation is carried out encryption and decryption and said rf terminal is carried out authentication and matches etc. with said rf terminal.Cartoon letters unit 201 can be the magnetic stripe unit of magnetic stripe card, 7816 communication units of contact chip card or the radio frequency communications unit of contactless chip card etc.Card module 2 can be the card that has radio-frequency enabled, and this kind card also matees with POS machine, card reader that is connected with computing machine or the pairing card reader of mass transit card purchase card that the personal user had.
Comprise the terminal radio frequency unit 301, terminal service unit 302 and the terminal human-computer interaction unit 303 that are electrically connected in order in the terminal module 3; Card reader radio frequency unit 102 and/or the card radio frequency unit in the card module 2 203 in terminal radio frequency unit 301 and the card reader module 1 carry out radio communication; Swipe the card Transaction Information and be transmitted to terminal service unit 302 of reception; Terminal service unit 302 Transaction Information of will swiping the card sends to terminal human-computer interaction unit 303; The 303 pairs of Transaction Informations of swiping the card in terminal human-computer interaction unit confirm and confirmation are returned to terminal service unit 302, and terminal service unit 302 sends it back card radio frequency unit 203 or the card reader radio frequency unit 102 in the card reader module 1 in the card module 2 through terminal radio frequency unit 301 with confirmation.Terminal service unit 302 also is used for matching with card module 2, and confirmation is encrypted, and preserves user's digital certificate and Transaction Information is carried out digital signature etc.Mobile devices such as mobile phone that has radio-frequency enabled in user's hand or PDA promptly can be used as terminal module 3 to realize corresponding function, and in addition, these mobile devices all are user's personal objects, therefore also can bring better security.If mobile devices such as mobile phone in user's hand or PDA do not have radio-frequency enabled, then can on these equipment, simply increase a radio-frequency module, can realize function corresponding equally.
The content of above-mentioned confirmation mainly comprises password and the card module 2 of user's input on card reader module 1 or terminal module 3 and/or the digital signature that 3 pairs of Transaction Informations of terminal module carry out.
Below, concrete with one with being used for further setting forth the present invention.
Fig. 2 has described a kind of system and method that adopts of the present invention about bank card business dealing.This system is made up of POS machine, bank card and radio frequency mobile phone (hand-held rf terminal).
Wherein, the POS machine comprises POS machine radio frequency unit and POS machine service unit.POS machine radio frequency unit is responsible for the radio communication of POS machine and radio frequency mobile phone; POS machine service unit is accomplished the on-line transaction function of common POS machine.
Bank card comprises bank card radio frequency unit, bank card service unit and bank card communication unit.The bank card radio frequency unit is responsible for the radio communication of bank card and radio frequency mobile phone; The bank card service unit is responsible for the business function that bank card itself need possess, as digital signature, checking, encryption and decryption, authentication and with the pairing of radio frequency mobile phone etc.; The bank card communication unit is responsible for communicating by letter between bank card and POS machine, mainly comprises the magnetic stripe unit of magnetic stripe card, 7816 communication units of contact chip card and 14443 communication units of noncontact chip card etc.
The radio frequency mobile phone comprises mobile phone radio frequency unit, cellular service unit and terminal human-computer interaction unit.The radio communication between mobile phone and bank card and POS machine is responsible in the mobile phone radio frequency unit; The business function at terminal is responsible in the cellular service unit, comprises with the pairing of bank card, the processing and the communication protocol of reception/transmission data are replied, the management and the use of the customer digital certificate of being responsible for simultaneously having in the mobile phone; Man-machine interaction unit mainly is responsible for the information that receives is presented to the user and user's input is sent to the cellular service unit.
When the user applies for bank card to bank, bind with oneself radio frequency mobile phone and this bank card.The process of this binding is that bank card and mobile phone are set up the process of understanding mutually.After binding end; The radio frequency identification information that has mobile phone in the bank card; The private key of the digital certificate of mobile phone and card self; The radio frequency identification information and the digital certificate of bank card and the private key of mobile phone self that have bank card in the mobile phone are when being used for bank card and using and the radio communication and the trade confirmation of mobile phone.
During bankcard consumption, at first set up with the POS machine and communicate by letter by bank card on the POS of trade company machine for the user, and POS machine service unit is accomplished the legitimacy affirmation of bank card through background server.After the legitimacy of Confirm Bank's card, the POS machine transfers to bank card with Transaction Information.
The bank card communication unit is behind the Transaction Information of receiving the POS machine, and the bank card service unit is encrypted Transaction Information with the digital certificate of mobile phone, and the Transaction Information after will encrypting and unpaired message are sent to the bank card radio frequency unit.
The bank card radio frequency unit begins to seek mobile phone after receiving the information that the bank card service unit transmits, according to the unpaired message transmission challenge message of mobile phone; Comprise the pairing of mobile phone and the information of card itself in the challenge message, have only the mobile phone of binding with card to respond.
The radio frequency unit of mobile phone is after receiving the challenge message that bank card sends; Whether the check bank card information is consistent with the bank card information of self binding, if inconsistent, then waits for challenge next time; If consistent, then reply according to the information of self and the pairing bank card information of storage.The message content of replying is bound with the information of card mutually
After bank card is received replying of mobile phone, judge the legitimacy of replying according to the digital certificate of unpaired message and mobile phone, legal as if replying, the Transaction Information after then will encrypting is sent to bank card, and is illegal as if replying, and then bank card continues to send challenge information.
The pattern of this challenge response makes reception/transmission information that rf terminal that the correct pairing have only the user to use crosses and card can be correct, and other can not receive/send proper data with rf terminal or card.Guaranteed to be stuck in the radio communication safety in the use, can or not distort by other equipment monitorings.
After the mobile phone radio frequency form unit was received the Transaction Information of bank card transmission, service unit was deciphered the content of receiving according to the private key and the bank card unpaired message of self storage, and the content after will deciphering is sent to man-machine interaction unit.Man-machine interaction unit is presented to the user with message, is confirmed by the user.
The user is after confirming transaction on the mobile phone, and man-machine interaction unit passes to service unit with user's selection.If Transaction Information is incorrect, the user negates transaction this time, and mobile phone feeds back NACK messages, this closing the transaction; If Transaction Information is correct, then service unit carries out digital signature SignMob with the private key of storing in the mobile phone to this Transaction Information, and sends digital signature SignMob to the mobile phone radio frequency unit, by receiving radio frequency unit digital signature SignMob is sent.It is as shown in Figure 3 with the whole flow process that digital signature SignMob sends to mobile phone to seek mobile phone from bank card.
Bank card and POS machine have dual mode for the reception of signature value SignMob: receive mobile phone by bank card and receive the signature SignMob of mobile phone to transaction to the signature SignMob of transaction or by the POS machine.
After bank card receives radio-frequency information SignMob, at first verify the correctness of SignMob,, then shut the book if the SignMob signature is incorrect with the digital certificate of mobile phone; If SignMob signature is correct, then the bank card service unit to trading signature SignCard, and is sent to the POS machine through the bank card communication unit with SignCard with the private key of self.Submit SignCard to background server after the legitimacy of POS machine with the certification authentication SignCard of bank card, confirm the completion transaction of signature back by server.Perhaps bank card is directly submitted to the POS machine with SignMob after receiving SignMob and verifying its legitimacy, and the POS machine is committed to background server with SignMob and accomplishes transaction.
If with POS machine received RF information SignMob, at first need transmit the mobile phone unpaired message and give the POS machine with bank card, the POS machine carries out the reception of SignMob according to unpaired message.After the POS machine is received SignMob, at first send SignMob to bank card,,, then stop this transaction if bank card confirms that SignMob is incorrect by the legitimacy of bank card affirmation SignMob; If bank card confirms that SignMob is correct, then the POS machine is submitted to background server with SignMob, is confirmed to accomplish transaction behind the signature by server.Perhaps the POS machine sends SignMob to bank card, generates the signature SignCard to this transaction by the private key with oneself after the legitimacy of bank card affirmation SignMob, by the POS machine SignCard is submitted to background server and accomplishes transaction.
Above-mentioned flow process is concrete a kind of situation of using.The security requirement of in the various card transaction system client being inputed password also is not quite similar, and the concrete steps of the above-mentioned several flow processs of change that can be suitable realize.The POS machine system that picture is present makes its Content of Communication with radio-frequency module and change and bank card that bigger change will be arranged, and can adopt following method to avoid the POS machine is changed; Reach the purpose that the user confirms Transaction Information simultaneously: POS machine end is not done change; Bank's cassette tape radio-frequency module when bank card is consumed, is sent to consumption information user's mobile phone through radio-frequency module; The user inputs password on the POS machine after confirming Transaction Information on the mobile phone.Like this, as long as make the security and the transparency that simple modification can significantly improve transaction in bank card and user's mobile phone end.
The above is merely preferred embodiment of the present invention, and is in order to restriction the present invention, not all within spirit of the present invention and principle, any modification of being done, is equal to replacement, improvement etc., all should be included within protection scope of the present invention.
Claims (14)
1. a card method of commerce comprises the steps:
Make the transaction of swiping the card between card module and the card reader module;
Said card module or the card reader module Transaction Information of will swiping the card is sent to terminal module; And
Confirm the said Transaction Information of swiping the card, with the completion transaction of swiping the card.
2. card method of commerce according to claim 1 is characterized in that, before the said transaction of swiping the card, also comprises:
Said card module and terminal module are carried out pairing and binding.
3. card method of commerce according to claim 2; It is characterized in that: said pairing and binding comprises: between card module and the terminal module for one to one or many-one bind; Promptly a card module can only be bound a terminal module, and a terminal module is bound with at least one card module mutually.
4. card method of commerce according to claim 1 is characterized in that, confirms that the process of the said Transaction Information of swiping the card comprises:
The user is through said card reader module input password, and said card reader module is accomplished the transaction of swiping the card according to said password;
Perhaps the user is through said terminal module input password, and said terminal module is sent to card reader module with password, and said card reader module is accomplished the transaction of swiping the card according to said password;
Perhaps the user is through said terminal module input password, and said terminal module is sent to card module with password, and said card module is sent to card reader module with password, and said card reader module is accomplished the transaction of swiping the card according to said password;
Perhaps card module embedded digital certificate; The user is through said terminal module input password; Said terminal module is sent to card module with password, and after card module judged that this password is correct, card module carried out digital signature to said Transaction Information; And the digital signature of this card module is sent to card reader module, said card reader module is accomplished the transaction of swiping the card according to this card module to the digital signature that said Transaction Information carries out;
Perhaps terminal module embedded digital certificate; The user is through this terminal module input password, and after this terminal module judged that this password is correct, this terminal module carried out digital signature to said Transaction Information; And signature value is sent to card module or card reader module; If this signature value is sent to card reader module, then card reader module is accomplished the transaction of swiping the card according to this signature value, if signature value is sent to card module; Then card module sends it to card reader module after receiving this signature value again; Perhaps generate a new signature with its own private key after the correctness of card module certifying signature, new signature is sent to card reader module, card reader module is according to this signature value or the new signature completion transaction of swiping the card.
5. a card transaction system is characterized in that: comprise card reader module, card module and terminal module;
Said card module be used for and card reader module between the transaction of swiping the card, and be used to receive swipe the card the user affirmation information and be transmitted to said card reader module;
Said card module or card reader module also are used for the Transaction Information of swiping the card is wirelessly sent to said terminal module;
Said terminal module is used for the said Transaction Information of swiping the card is informed the user that swipes the card, and the user's that will swipe the card affirmation information returns to said card module or card reader module;
The direct affirmation that said card reader module is used for carrying out through card reader module according to the user that swipes the card or accomplish the transaction of swiping the card from the affirmation information that said terminal module or card module receive.
6. card transaction system according to claim 5 is characterized in that: communicate through RF-wise between said terminal module and the card module, communicate through RF-wise between said terminal module and the card reader module.
7. card transaction system according to claim 5 is characterized in that: said card reader module comprises the card reader radio frequency unit and the card reader service unit of mutual electrical connection; Said card reader service unit be used for and said card module between the transaction of swiping the card; Send the said Transaction Information of swiping the card to said card reader radio frequency unit, and perhaps perhaps accomplish the transaction of swiping the card according to the affirmation information of said card module from the affirmation information that said card reader radio frequency unit receives according to the affirmation information that the user directly imports through card reader service unit self; Said card reader radio frequency unit is used for receiving the said Transaction Information and send to said terminal module through RF-wise of swiping the card from said card reader service unit, and receives said confirmation and be transmitted to said card reader service unit from said terminal module.
8. card transaction system according to claim 7 is characterized in that: card reader that is connected with computing machine that said card reader service unit is the POS machine, the personal user had or the pairing card reader of mass transit card purchase card.
9. card transaction system according to claim 5 is characterized in that: card radio frequency unit and cartoon letters unit that said card module comprises the card service unit and is electrically connected with it; Said cartoon letters unit is used for communicating with the transaction of swiping the card with said card reader module, and the said Transaction Information of swiping the card is sent to said terminal module through said card radio frequency unit with the mode of radio frequency; Said card radio frequency unit is used for receiving said confirmation from said terminal module, and sends confirmation through said card radio frequency unit or cartoon letters unit to said card reader module; Said card service unit is used to preserve user's digital certificate, and the said Transaction Information of swiping the card is carried out digital signature, confirmation is carried out encryption and decryption and said rf terminal is carried out authentication and matches with said rf terminal.
10. card transaction system according to claim 9 is characterized in that: said cartoon letters unit is 7816 communication units of magnetic stripe unit, contact chip card or the radio frequency communications unit of contactless chip card.
11. card transaction system according to claim 5 is characterized in that: said card module is the card that is mated with POS machine, the card reader that is connected with computing machine that the personal user had or the pairing card reader of mass transit card purchase card that has a radio-frequency enabled.
12. card transaction system according to claim 5 is characterized in that: said terminal module comprises terminal radio frequency unit, terminal service unit and the terminal human-computer interaction unit that is electrically connected in order; Said terminal radio frequency unit is used for carrying out radio communication with said card reader module and/or card module, receives the said Transaction Information and be transmitted to said terminal service unit of swiping the card; Said terminal service unit is used for the said Transaction Information of swiping the card is sent to said terminal human-computer interaction unit, and the affirmation information that will receive from said terminal service unit sends it back said card module or card reader module; Said terminal human-computer interaction unit is used for the said Transaction Information of swiping the card is confirmed and confirmation is returned to said terminal service unit.
13. card transaction system according to claim 12 is characterized in that: said terminal service unit also is used for matching with said card module, and confirmation is encrypted, and preserves user's digital certificate and Transaction Information is carried out digital signature.
14. according to each described card transaction system of claim 5 to 13; It is characterized in that: said confirmation comprises the password that the user inputs on said card reader module or terminal module, the digital signature that card module and/or terminal module carry out Transaction Information.
Priority Applications (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN201110083616.6A CN102737309B (en) | 2011-04-02 | 2011-04-02 | A kind of card method of commerce and system |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN201110083616.6A CN102737309B (en) | 2011-04-02 | 2011-04-02 | A kind of card method of commerce and system |
Publications (2)
| Publication Number | Publication Date |
|---|---|
| CN102737309A true CN102737309A (en) | 2012-10-17 |
| CN102737309B CN102737309B (en) | 2017-08-01 |
Family
ID=46992760
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN201110083616.6A Active CN102737309B (en) | 2011-04-02 | 2011-04-02 | A kind of card method of commerce and system |
Country Status (1)
| Country | Link |
|---|---|
| CN (1) | CN102737309B (en) |
Cited By (3)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN104102995A (en) * | 2013-04-12 | 2014-10-15 | 联芯科技有限公司 | Bank card, mobile terminal, binding method and payment method based on mobile terminal |
| CN104484943A (en) * | 2014-11-20 | 2015-04-01 | 北京启能万维科技有限公司 | Intelligent bus card swiping method, card swiping device and user terminal |
| CN105580039A (en) * | 2013-09-30 | 2016-05-11 | 郑惠珍 | System for providing card payment service by using smart device and method therefor |
Citations (5)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN101105776A (en) * | 2007-01-10 | 2008-01-16 | 上海瀚银信息技术有限公司 | Standard extension card with embedded CPU IC and method for realizing electronic payment |
| CN101201947A (en) * | 2006-12-13 | 2008-06-18 | J&D易多喜有限公司 | Multifunctional EC card as well as method for machine card separation payment and energy consumption control thereof |
| CN101478749A (en) * | 2009-01-21 | 2009-07-08 | 陕西海基业高科技实业有限公司 | Safety service system and method for short range radio frequency communication |
| CN101887617A (en) * | 2010-07-13 | 2010-11-17 | 武汉天喻信息产业股份有限公司 | Method and system for establishing data channel of mobile payment |
| US20110068171A1 (en) * | 2008-07-10 | 2011-03-24 | Jason Hsieh | Card reading device for transaction system |
-
2011
- 2011-04-02 CN CN201110083616.6A patent/CN102737309B/en active Active
Patent Citations (5)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN101201947A (en) * | 2006-12-13 | 2008-06-18 | J&D易多喜有限公司 | Multifunctional EC card as well as method for machine card separation payment and energy consumption control thereof |
| CN101105776A (en) * | 2007-01-10 | 2008-01-16 | 上海瀚银信息技术有限公司 | Standard extension card with embedded CPU IC and method for realizing electronic payment |
| US20110068171A1 (en) * | 2008-07-10 | 2011-03-24 | Jason Hsieh | Card reading device for transaction system |
| CN101478749A (en) * | 2009-01-21 | 2009-07-08 | 陕西海基业高科技实业有限公司 | Safety service system and method for short range radio frequency communication |
| CN101887617A (en) * | 2010-07-13 | 2010-11-17 | 武汉天喻信息产业股份有限公司 | Method and system for establishing data channel of mobile payment |
Cited By (5)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN104102995A (en) * | 2013-04-12 | 2014-10-15 | 联芯科技有限公司 | Bank card, mobile terminal, binding method and payment method based on mobile terminal |
| CN104102995B (en) * | 2013-04-12 | 2017-12-22 | 联芯科技有限公司 | Bank card, mobile terminal, binding method and the method for payment based on mobile terminal |
| CN105580039A (en) * | 2013-09-30 | 2016-05-11 | 郑惠珍 | System for providing card payment service by using smart device and method therefor |
| CN105580039B (en) * | 2013-09-30 | 2020-01-07 | 郑惠珍 | System and method for providing card payment service using smart device |
| CN104484943A (en) * | 2014-11-20 | 2015-04-01 | 北京启能万维科技有限公司 | Intelligent bus card swiping method, card swiping device and user terminal |
Also Published As
| Publication number | Publication date |
|---|---|
| CN102737309B (en) | 2017-08-01 |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| CN102737308B (en) | The method and system of a kind of mobile terminal and inquiry smart card information thereof | |
| CN101465019B (en) | Method and system for implementing network authentication | |
| CN103501191B (en) | A kind of mobile payment device based on NFC technology and method thereof | |
| CN101098371B (en) | Finance data processing method and mobile terminal equipment | |
| US20110103586A1 (en) | System, Method and Device To Authenticate Relationships By Electronic Means | |
| CN107077670A (en) | Transaction message is sent | |
| CN103123708A (en) | Secure payment method, mobile device and secure payment system | |
| CN101276448A (en) | Payment system and method performing trading with identification card including IC card | |
| CN104504565A (en) | Mobile payment system and method based on bank virtual card number | |
| CN104424565A (en) | Digital card-based payment system and method | |
| CN101324942A (en) | Payment system and method performing trade by identification card including IC card | |
| Chen et al. | NFC mobile payment with Citizen Digital Certificate | |
| CN101770619A (en) | Multiple-factor authentication method for online payment and authentication system | |
| CN101162535B (en) | Method and system for realizing magnetic stripe card trading by IC card | |
| US20140289129A1 (en) | Method for secure contactless communication of a smart card and a point of sale terminal | |
| CN102118251A (en) | Security authentication method for internet banking remote payment based on multi-interface intelligent safety card | |
| CN105556550A (en) | Method for securing a validation step of an online transaction | |
| CN101790166A (en) | Digital signing method based on mobile phone intelligent card | |
| CN104240074A (en) | Prepaid card online payment system based on identity authentication and payment method of prepaid card online payment system | |
| CN102810189A (en) | Near field payment and payment completion confirming method for NFC (Near Field Communication) functional mobile phone | |
| CN104182875A (en) | Payment method and payment system | |
| CN104282091A (en) | Bill data generating/transmitting/storing/authenticating method | |
| CN104200359A (en) | Application method of payment encryption hardware applied to mobile equipment | |
| CN102131164A (en) | System for performing loan transaction service based on mobile phone short message | |
| CN101330675B (en) | Mobile payment terminal equipment |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| C06 | Publication | ||
| PB01 | Publication | ||
| C10 | Entry into substantive examination | ||
| SE01 | Entry into force of request for substantive examination | ||
| GR01 | Patent grant | ||
| GR01 | Patent grant |