CN103116847B - Smart card, intelligent card transaction system and method with electronic signature functionality - Google Patents

Smart card, intelligent card transaction system and method with electronic signature functionality Download PDF

Info

Publication number
CN103116847B
CN103116847B CN201310070753.5A CN201310070753A CN103116847B CN 103116847 B CN103116847 B CN 103116847B CN 201310070753 A CN201310070753 A CN 201310070753A CN 103116847 B CN103116847 B CN 103116847B
Authority
CN
China
Prior art keywords
smart card
combined password
message
pos machine
signature
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Active
Application number
CN201310070753.5A
Other languages
Chinese (zh)
Other versions
CN103116847A (en
Inventor
李东声
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
Tendyron Technology Co Ltd
Original Assignee
Tendyron Technology Co Ltd
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Tendyron Technology Co Ltd filed Critical Tendyron Technology Co Ltd
Priority to CN201310070753.5A priority Critical patent/CN103116847B/en
Priority to CN201810462779.7A priority patent/CN108596605A/en
Publication of CN103116847A publication Critical patent/CN103116847A/en
Priority to PCT/CN2014/071657 priority patent/WO2014121721A1/en
Application granted granted Critical
Publication of CN103116847B publication Critical patent/CN103116847B/en
Active legal-status Critical Current
Anticipated expiration legal-status Critical

Links

Landscapes

  • Cash Registers Or Receiving Machines (AREA)

Abstract

The invention discloses a kind of smart card with electronic signature functionality, intelligent card transaction system and smart card method of commerce, and wherein method includes: A, smart card access POS machine, receive transaction message;B, smart card generates combined password;C, smart card generates signature message according to transaction message and combined password;D, signature message is at least sent to POS machine by smart card;E, POS machine receives the combined password generated by the smart card of key-press input, and transaction message, signature message and combined password are at least sent to bank server;F, bank server verifying signature message and combined password, and after being verified, transactional operation is executed according to transaction message.The interaction that data needed for trading are completed by the primary access of smart card and POS machine reduces the risk that important information caused by repeatedly access is trapped, improves safety.

Description

Smart card, intelligent card transaction system and method with electronic signature functionality
Technical field
The present invention relates to a kind of electronic technology field more particularly to a kind of smart cards with electronic signature functionality, intelligence Card transaction system and method.
Background technique
Now, bankcard consumption has become mainstream.Electronic signature transaction is realized using following process:
Step S101, user holds accesses POS machine in a non contact fashion;Wherein, cordless can be radio frequency, indigo plant Any cordless such as tooth, NFC.
Transaction Information is sent to the smart card of user's access by step S102, POS machine;Wherein, Transaction Information can be at least It certainly can also include transaction details information including account number and the amount of money.
Step S103, smart card receive Transaction Information, show Transaction Information, after user confirms that Transaction Information is errorless, connect The confirmation password for receiving user's input, signs to Transaction Information;
Step S104, smart card access POS machine in a non contact fashion again, and signing messages is sent to POS machine;
Transaction Information and signing messages are uploaded to bank server by step S105, POS machine, so as to bank server according to Transaction Information executes transaction.
It can be seen that existing smart card needs in a non contact fashion during completing and signing to Transaction Information It is accessed at least twice with POS machine, so that can have that Transaction Information and/or signing messages in access procedure be held as a hostage asks Topic, causes user to lose, safety is not high.
Summary of the invention
Present invention seek to address that existing smart card Transaction Information and/or signing messages in multiple access procedure be held as a hostage and Caused by the not high problem of safety.
It is an object of the present invention to provide a kind of smart card method of commerce with electronic signature functionality.
It is an object of the present invention to provide a kind of smart cards with electronic signature functionality.
Another object of the present invention is to provide a kind of intelligent card transaction system with electronic signature functionality.
In order to achieve the above objectives, technical solution of the present invention is specifically achieved in that
One aspect of the present invention provides a kind of smart card method of commerce with electronic signature functionality, which comprises A, the smart card with electronic signature functionality accesses POS machine, receives transaction message;B, the smart card generates combined password;C, The smart card generates signature message according to the transaction message and the combined password;D, the smart card is at least by the label Name message is sent to the POS machine;E, the POS machine receives the combined password generated by the smart card of key-press input, The transaction message, the signature message and the combined password are at least sent to bank server;F, the bank service Device verifies the signature message and the combined password, and after being verified, and executes transactional operation according to the transaction message.
In addition, the step C includes: the summary info that the smart card calculates the transaction message;The smart card pair The combined password carries out encryption and obtains encryption combined password;The smart card is to the summary info of the transaction message and described Encryption combined password is signed, and signature message is generated.
In addition, the step C includes: the summary info that the smart card calculates the transaction message;The smart card pair The combination of the combined password and random number carries out encryption and obtains encryption combined password;The smart card is to the transaction message Summary info and the encryption combined password sign, generate signature message.
In addition, the encryption combined password and the signature message are also sent to institute by the smart card in the step D State POS machine;In the step E, the POS machine also by the encryption combined password, the transaction message, the signature message and The combined password is sent to bank server.
In addition, the step C includes: the summary info that the smart card calculates the transaction message;The smart card pair The combined password carries out encryption and obtains encryption combined password, and calculates the summary info of the encryption combined password;The intelligence It can block and sign to the summary info of the transaction message and the summary info of the encryption combined password, generate signature report Text.
In addition, the smart card also reports the summary info of the encryption combined password and the signature in the step D Text is sent to the POS machine;In the step E, the POS machine also reports the summary info of the combined password, the transaction Literary, the described signature message and the combined password are sent to bank server.
In addition, between the step D and the step E, the method also includes: the smart card disconnect with it is described The connection of POS machine;The smart card shows the transaction message;The smart card receives the confirmation password for passing through key-press input And/or confirmation instruction;The smart card shows the combined password.
In addition, the smart card accesses the POS machine by cordless.
Another aspect of the present invention also provides a kind of smart card with electronic signature functionality, and the smart card includes: transmitting-receiving Module, secret generation module, signature blocks and display module;The transceiver module receives transaction message simultaneously for accessing POS machine It is sent to the signature blocks;The secret generation module is sent to the signature blocks and institute for generating combined password State display module;The signature blocks generate signature message according to the transaction message and the combined password, and by described The signature message is at least sent to the POS machine by transceiver module.
In addition, the transceiver module after sending the signature message to the POS machine, also disconnects and the POS machine Connection;The display module also shows the transaction message after the transceiver module disconnects the connection with the POS machine.
In addition, the smart card further include: key module;The key module according to the confirmation password received and/or Confirmation instruction, triggers the display module and shows the combined password.
Another aspect of the invention provides a kind of intelligent card transaction system with electronic signature functionality, the system packet It includes: POS machine, bank server and smart card above-mentioned;The POS machine receives the smart card generation for passing through key-press input The transaction message, the signature message and the combined password are at least sent to the bank server by combined password;Institute It states bank server and verifies the signature message and the combined password, and after being verified, held according to the transaction message Row transactional operation.
As seen from the above technical solution provided by the invention, the present invention provides a kind of with electronic signature functionality Smart card, the intelligent card transaction system with electronic signature functionality and the smart card method of commerce with electronic signature functionality lead to The interaction of data needed for crossing the primary access completion transaction of smart card and POS machine, reduces important information caused by repeatedly access The risk being trapped, improves safety.Combined password of the invention can be the number generated at random in each transaction, word Female and character one or more combinations must be transmitted, this hair different from existing trading password and OTP using ciphertext Bright combined password can be by being transmitted in plain text, and will not reduce the safety of account in process of exchange;Connection of the invention Close password be generates and be uploaded to bank server in smart card side, also different from existing OTP need bank server with Terminal generates simultaneously, and the unilateral combined password that generates of the invention is simultaneously signed, with guarantee combined password transmission safety and The accuracy of combined password verifying;POS machine of the invention is to send related data after having input combined password (to can be friendship Easy message, signature message and combined password) to bank server, so that being sent to the needs of bank server by silver by POS machine The data that row server is handled are that ensure that safety by authorization and effective data, improve work efficiency.
Detailed description of the invention
In order to illustrate the technical solution of the embodiments of the present invention more clearly, required use in being described below to embodiment Attached drawing be briefly described, it should be apparent that, drawings in the following description are only some embodiments of the invention, for this For the those of ordinary skill in field, without creative efforts, it can also be obtained according to these attached drawings other Attached drawing.
Fig. 1 is the method flow diagram of existing electronic signature transaction;
Fig. 2 is the flow chart for the smart card method of commerce embodiment 1 that the present invention has electronic signature functionality;
Fig. 3 is the flow chart for the smart card method of commerce embodiment 2 that the present invention has electronic signature functionality;
Fig. 4 is the structural schematic diagram for the intelligent card transaction system that the present invention has electronic signature functionality.
Specific embodiment
With reference to the attached drawing in the embodiment of the present invention, technical solution in the embodiment of the present invention carries out clear, complete Ground description, it is clear that described embodiments are only a part of the embodiments of the present invention, instead of all the embodiments.Based on this The embodiment of invention, every other implementation obtained by those of ordinary skill in the art without making creative efforts Example, belongs to protection scope of the present invention.
In the description of the present invention, it is to be understood that, term " center ", " longitudinal direction ", " transverse direction ", "upper", "lower", The orientation or positional relationship of the instructions such as "front", "rear", "left", "right", "vertical", "horizontal", "top", "bottom", "inner", "outside" is It is based on the orientation or positional relationship shown in the drawings, is merely for convenience of description of the present invention and simplification of the description, rather than instruction or dark Show that signified device or element must have a particular orientation, be constructed and operated in a specific orientation, therefore should not be understood as pair Limitation of the invention.In addition, term " first ", " second " are used for description purposes only, it is not understood to indicate or imply opposite Importance or quantity or position.
In the description of the present invention, it should be noted that unless otherwise clearly defined and limited, term " installation ", " phase Even ", " connection " shall be understood in a broad sense, for example, it may be being fixedly connected, may be a detachable connection, or be integrally connected;It can To be mechanical connection, it is also possible to be electrically connected;It can be directly connected, can also can be indirectly connected through an intermediary Connection inside two elements.For the ordinary skill in the art, above-mentioned term can be understood at this with concrete condition Concrete meaning in invention.
The embodiment of the present invention is described in further detail below in conjunction with attached drawing.
Embodiment 1
Fig. 2 is the flow chart for the smart card method of commerce embodiment 1 that the present invention has electronic signature functionality.Now in conjunction with Fig. 2, There is the smart card method of commerce of electronic signature functionality to be illustrated the present invention, specific as follows:
The present invention have electronic signature functionality smart card method of commerce include:
Step S201: the smart card with electronic signature functionality accesses POS machine, receives transaction message;
Specifically, POS machine can pass through manually input, net before the smart card with electronic signature functionality accesses POS machine The modes such as network, items scanning information obtain transaction message.
Smart card can access POS machine by cordless, receive the transaction message that POS machine is sent.Wherein, transaction message Including at least account and the amount of money, it may also include transaction details information.
Certainly, smart card can also access POS machine by the way of contact.
Smart card of the invention accesses POS machine peace with higher compared with the way of contact using cordless access POS machine Quan Xing prevents information to be acquired.
Step S202: smart card generates combined password;
Specifically, smart card is randomly generated number, letter and/or symbol, one kind is selected from number, letter and symbol Or multiple combinations generate combined password, it is ensured that the nonuniqueness of combined password, randomness improve the safety of combined password Property.
Step S203: smart card generates signature message according to transaction message and combined password;
Specifically, smart card can directly sign to transaction message and combined password, signature message is generated;Or
Smart card calculates the summary info of transaction message, the summary info of combined password is calculated, to the abstract of transaction message The summary info of information and combined password is signed, and signature message is generated;Or
Smart card calculates the summary info of transaction message, carries out encryption to combined password and obtains encryption combined password, to friendship The summary info and encryption combined password of easy message are signed, and signature message is generated;Or
Smart card calculates the summary info of transaction message, carries out encryption to combined password and obtains encryption combined password, and counts The summary info of the summary info for calculating encryption combined password, summary info and encryption combined password to transaction message is signed Name generates signature message.
Wherein, summary info may include following one kind or combinations thereof: by the cryptographic Hash of hash algorithm calculating, pass through The MAC value that MAC algorithm calculates, the ciphertext itself obtained by symmetric cryptography.
In addition, cryptographic calculation can for symmetric cryptography or asymmetric encryption (such as by the public key of bank server into Row encryption).In order to further increase the safety of combined password transmission, smart card can also generate a random number, will combine Password and the random number are combined according to preset format, and it is close to carry out encryption acquisition encryption joint to the data after combination Code.Combined password and random number are combined at this time, to prevent Replay Attack.
The present invention can be using by carrying out digest calculations to combined password, encrypting to combined password or to encryption connection It closes password and carries out digest calculations, ensure that the safety of combined password transmission;It can summary info to combined password, encryption connection The summary info for closing password or encryption combined password is signed, and the safety of transaction is improved.
Step S204: signature message is at least sent to POS machine by smart card;
Specifically, in step S203, if calculate the scheme of encryption combined password using smart card, in this step, Encryption combined password and signature message are also sent to POS machine by smart card.
In step S203, if calculate the scheme of the summary info of encryption combined password using smart card, this step In, the summary info for encrypting combined password and signature message are also sent to POS machine by smart card.
Certainly, no matter in step S203, which kind of information what smart card calculated is, smart card can send out the information of calculating It send to POS machine.
Step S205:POS machine receives the combined password generated by the smart card of key-press input, at least by transaction message, Signature message and combined password are sent to bank server;
Specifically, in step S203, if calculate the scheme of encryption combined password using smart card, in this step, Encryption combined password, transaction message, signature message and combined password are also sent to bank server by POS machine.
In step S203, if calculate the scheme of the summary info of encryption combined password using smart card, this step In, the summary info of combined password, transaction message, signature message and combined password are also sent to bank server by POS machine.
Certainly, no matter in step S203, which kind of information what smart card calculated is, what POS machine can calculate smart card Information is sent to bank server.
POS machine of the invention, just can be by transaction message, signature message only after the combined password for receiving user's input It is sent to bank server with combined password, completes transaction to trigger bank server, so that bank server is close according to combining Code and signature message authenticate user identity, improve the safety of transaction.In addition, combined password of the invention can be The one or more combinations of number, letter and character generated at random when transaction every time, be different from existing trading password and OTP must be transmitted using ciphertext, and combined password of the invention can be by being transmitted in plain text, and will not be reduced and be traded The safety of account in journey;Combined password of the invention is to generate and be uploaded to bank server in smart card side, also different Bank server and terminal are needed in existing OTP while being generated, unilateral generation combined password of the invention is simultaneously signed, with Guarantee the safety of combined password transmission and the accuracy of combined password verifying;POS machine of the invention be have input joint it is close Related data (can be transaction message, signature message and combined password) is sent after code to bank server, so that by POS machine It is to guarantee by authorization and effective data that the needs of bank server, which are sent to, by the data that bank server is handled Safety, improves work efficiency.
Step S206: bank server verifying signature message and combined password, and after being verified, according to transaction message Execute transactional operation.
It can be seen that smart card method of commerce of the invention, completes exchange by the primary access of smart card and POS machine The interaction for needing data reduces the risk that important information caused by repeatedly access is trapped, improves safety.
Embodiment 2
Fig. 3 is the flow chart for the smart card method of commerce embodiment 2 that the present invention has electronic signature functionality.Now in conjunction with Fig. 3, There is the smart card method of commerce of electronic signature functionality to be illustrated the present invention, specific as follows:
The present invention have electronic signature functionality smart card method of commerce include:
Step S301: the smart card with electronic signature functionality accesses POS machine, receives transaction message;
Specifically, POS machine can pass through manually input, net before the smart card with electronic signature functionality accesses POS machine The modes such as network, items scanning information obtain transaction message.
Smart card can access POS machine by cordless, receive the transaction message that POS machine is sent.Wherein, transaction message Including at least account and the amount of money, it may also include transaction details information.
Certainly, smart card can also access POS machine by the way of contact.
Smart card of the invention accesses POS machine peace with higher compared with the way of contact using cordless access POS machine Quan Xing prevents information to be acquired.
Step S302: smart card generates combined password;
Specifically, smart card is randomly generated number, letter and/or symbol, one kind is selected from number, letter and symbol Or multiple combinations generate combined password, it is ensured that the nonuniqueness of combined password, randomness improve the safety of combined password Property.
Step S303: smart card generates signature message according to transaction message and combined password;
Specifically, smart card can directly sign to transaction message and combined password, signature message is generated;Or
Smart card calculates the summary info of transaction message, the summary info of combined password is calculated, to the abstract of transaction message The summary info of information and combined password is signed, and signature message is generated;Or
Smart card calculates the summary info of transaction message, carries out encryption to combined password and obtains encryption combined password, to friendship The summary info and encryption combined password of easy message are signed, and signature message is generated;Or
Smart card calculates the summary info of transaction message, carries out encryption to combined password and obtains encryption combined password, and counts The summary info of the summary info for calculating encryption combined password, summary info and encryption combined password to transaction message is signed Name generates signature message.
Wherein, summary info may include following one kind or combinations thereof: by the cryptographic Hash of hash algorithm calculating, pass through The MAC value that MAC algorithm calculates, the ciphertext itself obtained by symmetric cryptography.
In addition, cryptographic calculation can for symmetric cryptography or asymmetric encryption (such as by the public key of bank server into Row encryption).In order to further increase the safety of combined password transmission, smart card can also generate a random number, will combine Password and the random number are combined according to preset format, and it is close to carry out encryption acquisition encryption joint to the data after combination Code.Combined password and random number are combined at this time, to prevent Replay Attack.
The present invention can be using by carrying out digest calculations to combined password, encrypting to combined password or to encryption connection It closes password and carries out digest calculations, ensure that the safety of combined password transmission;It can summary info to combined password, encryption connection The summary info for closing password or encryption combined password is signed, and the safety of transaction is improved.
Step S304: signature message is at least sent to POS machine by smart card;
Specifically, in step S303, if calculate the scheme of encryption combined password using smart card, in this step, Encryption combined password and signature message are also sent to POS machine by smart card.
In step S303, if calculate the scheme of the summary info of encryption combined password using smart card, this step In, the summary info for encrypting combined password and signature message are also sent to POS machine by smart card.
Certainly, no matter in step S303, which kind of information what smart card calculated is, smart card can send out the information of calculating It send to POS machine.
Step S305: smart card disconnects the connection with POS machine;
Specifically, user holds smart card and leaves the induction range of POS machine i.e. in the case where contactless mode accesses It can;In the case where contact mode accesses, user extracts smart card from POS machine.The connection with POS machine is disconnected to guarantee Smart card is once contacted with POS machine, is reduced the risk that multiple-contact information is trapped, is improved the safety of data transmission Property.
Step S306: smart card shows transaction message;
Specifically, smart card shows the transaction message received on a display screen, so that user confirms the true of the transaction Property, guarantee the safety of transaction.
Step S307: smart card receives confirmation password and/or confirmation instruction by key-press input;
Specifically, user after it confirmed the authenticity of Transaction Information, can pass through input validation password and/or confirmation The operation of instruction, the combined password that triggering smart card display generates.It is close that smart card display joint is triggered by input validation password Code can prevent combined password from being known by other people, improve the confidentiality of combined password.
Step S308: smart card shows combined password.
Specifically, smart card shows that combined password inputs the combined password so that user can know the combined password To POS machine, to complete to trade.
In order to further increase the safety of combined password, prevent other people from obtaining the cleartext information of combined password, in step When S302, combined password encrypt and deposit encrypted combined password with preset symmetric encipherment algorithm in plain text Storage receives user by the confirmation password of key-press input and/or after confirming instruction within a smart card, in smart card, then default with this Symmetric encipherment algorithm decrypt combined password in plain text shown.
Step S309:POS machine receives the combined password generated by the smart card of key-press input, at least by transaction message, Signature message and combined password are sent to bank server;
Specifically, in step S303, if calculate the scheme of encryption combined password using smart card, in this step, Encryption combined password, transaction message, signature message and combined password are also sent to bank server by POS machine.
In step S303, if calculate the scheme of the summary info of encryption combined password using smart card, this step In, the summary info of combined password, transaction message, signature message and combined password are also sent to bank server by POS machine.
Certainly, no matter in step S303, which kind of information what smart card calculated is, what POS machine can calculate smart card Information is sent to bank server.
POS machine of the invention, just can be by transaction message, signature message only after the combined password for receiving user's input It is sent to bank server with combined password, completes transaction to trigger bank server, so that bank server is close according to combining Code and signature message authenticate user identity, improve the safety of transaction.In addition, combined password of the invention can be The one or more combinations of number, letter and character generated at random when transaction every time, be different from existing trading password and OTP must be transmitted using ciphertext, and combined password of the invention can be by being transmitted in plain text, and will not be reduced and be traded The safety of account in journey;Combined password of the invention is to generate and be uploaded to bank server in smart card side, also different Bank server and terminal are needed in existing OTP while being generated, unilateral generation combined password of the invention is simultaneously signed, with Guarantee the safety of combined password transmission and the accuracy of combined password verifying;POS machine of the invention be have input joint it is close Related data (can be transaction message, signature message and combined password) is sent after code to bank server, so that by POS machine It is to guarantee by authorization and effective data that the needs of bank server, which are sent to, by the data that bank server is handled Safety, improves work efficiency.
Step S310: bank server verifying signature message and combined password, and after being verified, according to transaction message Execute transactional operation.
It can be seen that smart card method of commerce of the invention, completes exchange by the primary access of smart card and POS machine The interaction for needing data reduces the risk that important information caused by repeatedly access is trapped, improves safety.
Fig. 4 is the structural schematic diagram for the intelligent card transaction system that the present invention has electronic signature functionality.Fig. 4 is first combined, it is right There is the present invention structure of the intelligent card transaction system of electronic signature functionality to be illustrated, specific as follows:
Intelligent card transaction system with electronic signature functionality of the invention include: POS machine 10, bank server 20 and Smart card 30 with electronic signature functionality.Smart card 30 is the equipment with electronic signature functionality, may include containing user The card chip of account information and the safety chip being digitally signed using key, or including having above-mentioned two chip functions Integrated chip.
Wherein, the smart card 30 with electronic signature functionality includes: transceiver module 301, secret generation module 302, signature Module 303 and display module 304;In other words, the above-mentioned module that the smart card 30 with electronic signature functionality includes can integrate On a single die, can also the chip according to used by smart card 30 quantity and function, be integrated on multiple chips, herein It is not illustrating one by one.
Transceiver module 301 is for accessing POS machine 10, receiving transaction message and being sent to signature blocks 303.
Secret generation module 302 is sent to signature blocks 303 and display module 304 for generating combined password.Specifically , secret generation module 302 can generate combined password after transceiver module 301 receives transaction message.
Signature blocks 303 generate signature message according to transaction message and combined password, and at least will by transceiver module 301 Signature message is sent to POS machine 10.
POS machine 10 receives the combined password generated by the smart card 30 of key-press input, at least reports transaction message, signature Text and combined password are sent to bank server 20.
The verifying of bank server 20 signature message and combined password, and after being verified, friendship is executed according to transaction message It is easy to operate.
Certainly, on the basis of above structure, the transceiver module 301 of smart card 30 of the invention is sending signature message extremely After POS machine 10, the connection with POS machine 10 is also disconnected, so that display module 304 shows transaction message.To guarantee the present invention Smart card 30 only contacted with POS machine 10 once just complete transaction needed for data interaction, reduce due to secondary contact generation number According to the risk being trapped, the safety of transaction is improved.
Certainly, bank server 20 can lock the intelligence after verifying combined password failure preset times (such as 3 times) Block corresponding account to protect the safety of user account.
In addition, smart card 30 can also include: key module 305.Key module 305 is according to the confirmation password received And/or confirmation instruction, triggering display module 304 show combined password.
Specifically, such as user can trigger display module 304 in the following way shows combined password:
(1) input validation password, after smart card 30 is verified and confirms that password is correct, display module 304 shows combined password; Or
(2) confirmation key is pressed, triggering display module 304 shows combined password;Or
(3) input validation password, and confirmation key is pressed, after smart card 30 is verified and confirms that password is correct, display module 304 display combined passwords.
Of course, it is possible to combined password condition is shown for different spending amount setting triggering display modules 304, for example, Small amount consumption only needs user to press confirmation key, wholesale consumer need user's input validation password etc..
It can be seen that the smart card with electronic signature functionality and the smart card with electronic signature functionality of the invention is handed over Easy system completes the interaction of data needed for trading by the primary access of smart card and POS machine, caused by reducing repeatedly access The risk that important information is trapped, improves safety.
Any process described otherwise above or method description are construed as in flow chart or herein, and expression includes It is one or more for realizing specific logical function or process the step of executable instruction code module, segment or portion Point, and the range of the preferred embodiment of the present invention includes other realization, wherein can not press shown or discussed suitable Sequence, including according to related function by it is basic simultaneously in the way of or in the opposite order, Lai Zhihang function, this should be of the invention Embodiment person of ordinary skill in the field understood.
It should be appreciated that each section of the invention can be realized with hardware, software, firmware or their combination.Above-mentioned In embodiment, software that multiple steps or method can be executed in memory and by suitable instruction execution system with storage Or firmware is realized.It, and in another embodiment, can be under well known in the art for example, if realized with hardware Any one of column technology or their combination are realized: having a logic gates for realizing logic function to data-signal Discrete logic, with suitable combinational logic gate circuit specific integrated circuit, programmable gate array (PGA), scene Programmable gate array (FPGA) etc..
Those skilled in the art are understood that realize all or part of step that above-described embodiment method carries It suddenly is that relevant hardware can be instructed to complete by program, the program can store in a kind of computer-readable storage medium In matter, which when being executed, includes the steps that one or a combination set of embodiment of the method.
It, can also be in addition, each functional unit in each embodiment of the present invention can integrate in a processing module It is that each unit physically exists alone, can also be integrated in two or more units in a module.Above-mentioned integrated mould Block both can take the form of hardware realization, can also be realized in the form of software function module.The integrated module is such as Fruit is realized and when sold or used as an independent product in the form of software function module, also can store in a computer In read/write memory medium.
Storage medium mentioned above can be read-only memory, disk or CD etc..
In the description of this specification, reference term " one embodiment ", " some embodiments ", " example ", " specifically show The description of example " or " some examples " etc. means specific features, structure, material or spy described in conjunction with this embodiment or example Point is included at least one embodiment or example of the invention.In the present specification, schematic expression of the above terms are not Centainly refer to identical embodiment or example.Moreover, particular features, structures, materials, or characteristics described can be any One or more embodiment or examples in can be combined in any suitable manner.
Although the embodiments of the present invention has been shown and described above, it is to be understood that above-described embodiment is example Property, it is not considered as limiting the invention, those skilled in the art are not departing from the principle of the present invention and objective In the case where can make changes, modifications, alterations, and variations to the above described embodiments within the scope of the invention.The scope of the present invention By appended claims and its equivalent limit.

Claims (11)

1. a kind of smart card method of commerce with electronic signature functionality, which is characterized in that the described method includes:
A, the smart card with electronic signature functionality accesses POS machine, receives transaction message;
B, the smart card generates combined password;
C, the smart card generates signature message according to the transaction message and the combined password;
D, the signature message is at least sent to the POS machine and shows the combined password by the smart card;
E, the POS machine receives the combined password generated by the smart card of key-press input, at least by the transaction message, The signature message and the combined password are sent to bank server;
F, the bank server verifies the signature message and the combined password, and after being verified, according to the friendship Easy message executes transactional operation.
2. the method according to claim 1, wherein the step C includes:
The smart card calculates the summary info of the transaction message;
The smart card carries out encryption to the combined password and obtains encryption combined password;
The smart card signs to the summary info of the transaction message and the encryption combined password, generates signature report Text.
3. the method according to claim 1, wherein the step C includes:
The smart card calculates the summary info of the transaction message;
The smart card carries out encryption to the combination of the combined password and random number and obtains encryption combined password;
The smart card signs to the summary info of the transaction message and the encryption combined password, generates signature report Text.
4. according to the method in claim 2 or 3, which is characterized in that
In the step D, the encryption combined password and the signature message are also sent to the POS machine by the smart card;
In the step E, the POS machine is also by the encryption combined password, the transaction message, the signature message and described Combined password is sent to bank server.
5. the method according to claim 1, wherein the step C includes:
The smart card calculates the summary info of the transaction message;
The smart card carries out encryption to the combined password and obtains encryption combined password, and calculates the encryption combined password Summary info;
The smart card signs to the summary info of the transaction message and the summary info of the encryption combined password, raw At signature message.
6. according to the method described in claim 5, it is characterized in that,
In the step D, the summary info of the encryption combined password and the signature message are also sent to by the smart card The POS machine;
In the step E, the POS machine is also by the summary info of the combined password, the transaction message, the signature message Bank server is sent to the combined password.
7. the method according to claim 1, wherein between the step D and the step E, the method Further include:
The smart card disconnects the connection with the POS machine;
The smart card shows the transaction message;
The smart card receives confirmation password and/or confirmation instruction by key-press input;
The smart card shows the combined password.
8. method according to any one of claims 1 to 7, which is characterized in that the smart card is connect by cordless Enter the POS machine.
9. a kind of intelligent card transaction system with electronic signature functionality, which is characterized in that the system comprises: POS machine, bank Server and smart card, wherein
The smart card includes: transceiver module, secret generation module, signature blocks and display module;
The transceiver module is for accessing POS machine, receiving transaction message and being sent to the signature blocks;
The secret generation module is sent to the signature blocks and the display module for generating combined password;
The signature blocks generate signature message according to the transaction message and the combined password, and pass through the transceiver module The signature message is at least sent to the POS machine;
The display module is for showing the combined password;
The POS machine, the combined password that the smart card for receiving through key-press input generates, at least reports the transaction Literary, the described signature message and the combined password are sent to the bank server;
The bank server, for verifying the signature message and the combined password, and after being verified, according to described Transaction message executes transactional operation.
10. system according to claim 9, which is characterized in that the transceiver module is sending the signature message to institute After stating POS machine, the connection with the POS machine is also disconnected;
The display module also shows the transaction message after the transceiver module disconnects the connection with the POS machine.
11. system according to claim 10, which is characterized in that the smart card further include: key module;
The key module is instructed according to the confirmation password that receives and/or confirmation, trigger the display module show it is described Close password.
CN201310070753.5A 2013-02-06 2013-03-06 Smart card, intelligent card transaction system and method with electronic signature functionality Active CN103116847B (en)

Priority Applications (3)

Application Number Priority Date Filing Date Title
CN201310070753.5A CN103116847B (en) 2013-02-06 2013-03-06 Smart card, intelligent card transaction system and method with electronic signature functionality
CN201810462779.7A CN108596605A (en) 2013-02-06 2013-03-06 Smart card with electronic signature functionality
PCT/CN2014/071657 WO2014121721A1 (en) 2013-02-06 2014-01-28 Smart card with electronic signature function, and smart card transaction system and method

Applications Claiming Priority (7)

Application Number Priority Date Filing Date Title
CN2013200698758 2013-02-06
CN201310047316.1 2013-02-06
CN201320069875 2013-02-06
CN201310047316 2013-02-06
CN201320069875.8 2013-02-06
CN2013100473161 2013-02-06
CN201310070753.5A CN103116847B (en) 2013-02-06 2013-03-06 Smart card, intelligent card transaction system and method with electronic signature functionality

Related Child Applications (1)

Application Number Title Priority Date Filing Date
CN201810462779.7A Division CN108596605A (en) 2013-02-06 2013-03-06 Smart card with electronic signature functionality

Publications (2)

Publication Number Publication Date
CN103116847A CN103116847A (en) 2013-05-22
CN103116847B true CN103116847B (en) 2019-06-25

Family

ID=48415212

Family Applications (3)

Application Number Title Priority Date Filing Date
CN201810462779.7A Pending CN108596605A (en) 2013-02-06 2013-03-06 Smart card with electronic signature functionality
CN201310070753.5A Active CN103116847B (en) 2013-02-06 2013-03-06 Smart card, intelligent card transaction system and method with electronic signature functionality
CN 201320102167 Expired - Lifetime CN203242029U (en) 2013-02-06 2013-03-06 An intelligent card containing an electronic signature function and an intelligent card transaction system

Family Applications Before (1)

Application Number Title Priority Date Filing Date
CN201810462779.7A Pending CN108596605A (en) 2013-02-06 2013-03-06 Smart card with electronic signature functionality

Family Applications After (1)

Application Number Title Priority Date Filing Date
CN 201320102167 Expired - Lifetime CN203242029U (en) 2013-02-06 2013-03-06 An intelligent card containing an electronic signature function and an intelligent card transaction system

Country Status (2)

Country Link
CN (3) CN108596605A (en)
HK (1) HK1194247A2 (en)

Families Citing this family (10)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
WO2014121721A1 (en) * 2013-02-06 2014-08-14 天地融科技股份有限公司 Smart card with electronic signature function, and smart card transaction system and method
CN103366278B (en) * 2013-06-04 2016-11-23 天地融科技股份有限公司 Process the method and system of operation requests
CN104282092B (en) * 2013-07-04 2017-02-08 中国银联股份有限公司 Method for achieving digital signature and POS terminal used for achieving digital signature
CN103984906B (en) * 2014-05-28 2018-01-16 天地融科技股份有限公司 A kind of electronic key equipment of no button
CN103973455B (en) * 2014-05-28 2018-09-18 天地融科技股份有限公司 A kind of information interacting method
CN104166914A (en) * 2014-08-20 2014-11-26 武汉天喻信息产业股份有限公司 Secure system and method based on secure element and applied to host card emulation technology
CN104935441B (en) * 2015-06-30 2018-09-21 京东方科技集团股份有限公司 A kind of authentication method and relevant apparatus, system
CN105023374A (en) * 2015-07-22 2015-11-04 天地融科技股份有限公司 Transaction system of POS machine
CN105023150A (en) * 2015-07-22 2015-11-04 天地融科技股份有限公司 Data processing method and device for POS machine
CN112950200A (en) * 2021-02-05 2021-06-11 中国建设银行股份有限公司 Transaction management method and system suitable for bankbook

Citations (3)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN1831865A (en) * 2006-04-24 2006-09-13 北京易恒信认证科技有限公司 Electronic bank safety authorization system and method based on CPK
CN101178802A (en) * 2006-11-08 2008-05-14 李东声 Dynamic password realization method in network bank trading and electronic signing device
CN102609750A (en) * 2012-02-15 2012-07-25 东信和平智能卡股份有限公司 Intelligent card provided with input device and output device

Family Cites Families (7)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
JPH0670818B2 (en) * 1984-09-07 1994-09-07 カシオ計算機株式会社 Verification card and its authentication method
US5317636A (en) * 1992-12-09 1994-05-31 Arris, Inc. Method and apparatus for securing credit card transactions
FR2771533B1 (en) * 1997-11-21 2003-01-31 Taib Thierry Baillie SECURITY CARD FOR SECURE PAYMENT BY CREDIT CARD
US6816058B2 (en) * 2001-04-26 2004-11-09 Mcgregor Christopher M Bio-metric smart card, bio-metric smart card reader and method of use
US7581678B2 (en) * 2005-02-22 2009-09-01 Tyfone, Inc. Electronic transaction card
US20070241183A1 (en) * 2006-04-14 2007-10-18 Brown Kerry D Pin-secured dynamic magnetic stripe payment card
CN102542452A (en) * 2011-11-09 2012-07-04 王筱雨 Method and system for verifying transaction passwords of point-of-sale (POS) machine terminal

Patent Citations (3)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN1831865A (en) * 2006-04-24 2006-09-13 北京易恒信认证科技有限公司 Electronic bank safety authorization system and method based on CPK
CN101178802A (en) * 2006-11-08 2008-05-14 李东声 Dynamic password realization method in network bank trading and electronic signing device
CN102609750A (en) * 2012-02-15 2012-07-25 东信和平智能卡股份有限公司 Intelligent card provided with input device and output device

Also Published As

Publication number Publication date
CN108596605A (en) 2018-09-28
CN203242029U (en) 2013-10-16
CN103116847A (en) 2013-05-22
HK1194247A2 (en) 2014-10-10

Similar Documents

Publication Publication Date Title
CN103116847B (en) Smart card, intelligent card transaction system and method with electronic signature functionality
CN104243451B (en) A kind of information interacting method, system and intelligent cipher key equipment
CN103136664B (en) There is smart card transaction system and the method for electronic signature functionality
CN103208151B (en) Process the method and system of operation requests
CN106656510B (en) A kind of encryption key acquisition methods and system
CN103532719B (en) Dynamic password generation method, dynamic password generation system, as well as processing method and processing system of transaction request
CN104217327B (en) A kind of financial IC card internet terminal and its method of commerce
CN103516525B (en) Dynamic password generation method and system
CN103793815A (en) Mobile intelligent terminal acquirer system and method suitable for bank cards and business cards
CN103326862B (en) Electronically signing method and system
CN105827656B (en) Identity identifying method and device based on NFC payment
CN103136665B (en) A kind of network trading method and system
CN104967612A (en) Data encryption storage method, server and system
CN103366278B (en) Process the method and system of operation requests
Basin et al. Card brand mixup attack: bypassing the {PIN} in {non-Visa} cards by using them for visa transactions
CN104243162B (en) A kind of information interacting method, system and intelligent cipher key equipment
CN103198401B (en) There is smart card method of commerce and the system of electronic signature functionality
CN104182875A (en) Payment method and payment system
CN103813333B (en) A kind of data processing method based on arranging key
CN103136667B (en) There is the smart card of electronic signature functionality, smart card transaction system and method
CN103746802B (en) A kind of data processing method and mobile phone based on arranging key
CN103945375B (en) A kind of data processing method based on arranging key
CN103813321A (en) Agreement key based data processing method and mobile phone
CN103716328B (en) Operation request processing method and system
CN203338403U (en) Intelligent card transaction system with an electronic signature function

Legal Events

Date Code Title Description
C06 Publication
PB01 Publication
C10 Entry into substantive examination
SE01 Entry into force of request for substantive examination
REG Reference to a national code

Ref country code: HK

Ref legal event code: DE

Ref document number: 1184894

Country of ref document: HK

GR01 Patent grant
GR01 Patent grant