A kind of handset identities authentication terminal
Technical field
The present invention relates to a kind of handset identities authentication terminal, belong to Web bank, Mobile banking, online third party's payment, network ID authentication, electronic signature field.
Background technology
As a kind of identity authentication terminal equipment, there is various ways in mobile phone.Such as, note dynamic password: dynamic password, by the form of note, sends to user's mobile phone, for user as authentication; Cell phone software token: by the APP on mobile phone, apply, produce dynamic password, for user as authentication; Mobile phone SD card token: dynamic password generator is stored on mobile phone SD card, for user as authentication, etc.The said equipment, as a kind of authentication instrument, although convenient, portable, user need not additionally carry other instruments again, has good customer experience,, but reduced the fail safe as ID authentication device.For example: note dynamic password, may be intercepted by changing Mobile phone card by offender; Cell phone software token and SD card token are all easy to be replicated etc.Therefore, the application of the said equipment aspect authentication is subject to restriction to a certain extent always.Certainly, if can there be a solution making the best of both worlds, bank and other financial services popularization and application of face on the internet will greatly be promoted.
Summary of the invention
The object of the present invention is to provide a kind of handset identities authentication terminal, in the convenience that keeps mobile phone as identity authentication terminal equipment, portability, the safety defect that the ID authentication device that solution prior art realizes on mobile phone exists.
To achieve these goals, the technical scheme that the present invention proposes is: a kind of identity authentication terminal based on mobile phone, comprise mobile phone terminal and have the intelligent chip of wireless communication function, it is characterized in that, described mobile phone terminal comprises and shows output module, data input module and administration module; Described intelligent chip comprises enciphering algorithm module, cipher key storage block and management information memory module; Between mobile phone terminal and intelligent chip, by close range wireless communication, realize transfer of data.
Dynamic password, digital signature or other authentication information that described demonstration output module can produce intelligent chip are presented on mobile phone screen, also above-mentioned authentication information can be sent to other equipment by cell phone network.
Described data input module can, by the information of the information of cell phone keyboard input or cell phone network reception, be sent to intelligent chip by close range wireless communication.
Described administration module coordinates with the management information memory module on intelligent chip, carries out interpolation, deletion, modification, the inquiry of relevant management information.
Described enciphering algorithm module comprises symmetry and asymmetric arithmetic.
Described cipher key storage block storage symmetry or unsymmetrical key, and can only one-time write.
Described management information memory module, for storing relevant management information, and can repeat to write, revise.
Described mobile phone terminal and the close range wireless communication between intelligent chip can be near-field communication (NFC) modes; Other system or program can be stored simultaneously and move to described intelligent chip.
At described intelligent chip, be connected with independently display module.
Described independently display module consists of soft display material, is integrally formed physically, and can be embedded in plastic material, for showing the information of intelligent chip output with intelligent chip.
Advantage of the present invention is: all storage and operations on the intelligent chip beyond mobile phone of all classified informations of handset identities authentication terminal and calculating process, and intelligent chip cannot copy, classified information has also been accomplished being hedged off from the outer world physically.Therefore the fail safe of this terminal equipment has obtained reliable guarantee.In addition, mobile phone terminal is separated with intelligent chip, can not only support man-to-man use, can also support one-to-many and many-to-one use, has enriched use pattern.Also have, intelligent chip can with other application integration, as financial intelligent chip (financial IC card) Integrating Authentication terminal module, thereby provide better use impression to user.Finally, intelligent chip also can connect independently display module, for directly showing any information from intelligent chip, while having avoided showing by mobile phone display screen, by hacker, is therefrom distorted information.
Accompanying drawing explanation
Fig. 1 is the structured flowchart of a kind of handset identities authentication of the present invention terminal embodiment.
Embodiment
In order to make the object, technical solutions and advantages of the present invention clearer, below in conjunction with embodiment and accompanying drawing, the present invention is described in further details.
As shown in Figure 1, be a kind of handset identities authentication terminal structure block diagram that the embodiment of the present invention provides, this terminal comprises mobile phone 10 and intelligent chip 20.
Described mobile phone 10 comprises and shows output module 101, data input module 102 and administration module 103.Wherein show that output module 101 receives dynamic password, digital signature or other information relevant with authentication that mobile phone sends by NFC communication from intelligent chip 20, and output it to mobile phone display screen, or by note, mobile network or other communication modes, the above-mentioned information relevant with authentication is sent to other-end equipment (as terminal) on demand; Data input module 102 is responsible for receiving the information of cell phone keyboard input or by note, mobile network or other communication modes, is received information on demand, and sends to intelligent chip by NFC communication; Administration module 103, for the modification information of relevant management information and management information is provided to the management information memory module 203 of intelligent chip by NFC communication, adds, deletes, revises and inquiry for management information memory module 203.
Described intelligent chip 20 comprises enciphering algorithm module 201, cipher key storage block 202 and management information memory module 203.Wherein enciphering algorithm module provides symmetry or asymmetric arithmetic, as: DES, the close algorithm of 3DES ,RSAHuo state; Cipher key storage block 202 is for storage encryption key, and can only one-time write; Management information memory module 203 is responsible for relevant management information compare, store and revise, as PIN (PIN), mobile phone and intelligent chip binding information.
Another execution mode of the present invention is on intelligent chip 20, to be provided with display module 30, and this display module 30 is independently display units, by soft display material, formed, as: Electronic Paper (e-paper) or soft liquid crystal display screen.Display module 30 is integrally formed physically and can be embedded in plastic material with intelligent chip 20, can be made into bank card size, for showing the information of intelligent chip 20 outputs.
Above-described embodiment; object of the present invention, technical scheme and beneficial effect are further described; institute is understood that; the foregoing is only the specific embodiment of the present invention; the protection range being not intended to limit the present invention; within the spirit and principles in the present invention all, any modification of making, be equal to replacement, improvement etc., within all should being included in protection scope of the present invention.