CN103778448B - Multi-application smart card management system and method - Google Patents

Multi-application smart card management system and method Download PDF

Info

Publication number
CN103778448B
CN103778448B CN201210412189.6A CN201210412189A CN103778448B CN 103778448 B CN103778448 B CN 103778448B CN 201210412189 A CN201210412189 A CN 201210412189A CN 103778448 B CN103778448 B CN 103778448B
Authority
CN
China
Prior art keywords
application
smart card
card
card management
provider
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Active
Application number
CN201210412189.6A
Other languages
Chinese (zh)
Other versions
CN103778448A (en
Inventor
彭敏
周钰
郑建宾
严翔翔
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
China Unionpay Co Ltd
Original Assignee
China Unionpay Co Ltd
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by China Unionpay Co Ltd filed Critical China Unionpay Co Ltd
Priority to CN201210412189.6A priority Critical patent/CN103778448B/en
Priority to PCT/CN2013/085800 priority patent/WO2014063632A1/en
Publication of CN103778448A publication Critical patent/CN103778448A/en
Application granted granted Critical
Publication of CN103778448B publication Critical patent/CN103778448B/en
Active legal-status Critical Current
Anticipated expiration legal-status Critical

Links

Classifications

    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06QINFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES, NOT OTHERWISE PROVIDED FOR
    • G06Q20/00Payment architectures, schemes or protocols
    • G06Q20/30Payment architectures, schemes or protocols characterised by the use of specific devices or networks
    • G06Q20/34Payment architectures, schemes or protocols characterised by the use of specific devices or networks using cards, e.g. integrated circuit [IC] cards or magnetic cards
    • G06Q20/354Card activation or deactivation
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06QINFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES, NOT OTHERWISE PROVIDED FOR
    • G06Q20/00Payment architectures, schemes or protocols
    • G06Q20/30Payment architectures, schemes or protocols characterised by the use of specific devices or networks
    • G06Q20/34Payment architectures, schemes or protocols characterised by the use of specific devices or networks using cards, e.g. integrated circuit [IC] cards or magnetic cards
    • G06Q20/356Aspects of software for card payments
    • G06Q20/3563Software being resident on card
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06QINFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES, NOT OTHERWISE PROVIDED FOR
    • G06Q20/00Payment architectures, schemes or protocols
    • G06Q20/30Payment architectures, schemes or protocols characterised by the use of specific devices or networks
    • G06Q20/34Payment architectures, schemes or protocols characterised by the use of specific devices or networks using cards, e.g. integrated circuit [IC] cards or magnetic cards
    • G06Q20/357Cards having a plurality of specified features
    • G06Q20/3574Multiple applications on card
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06QINFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES, NOT OTHERWISE PROVIDED FOR
    • G06Q20/00Payment architectures, schemes or protocols
    • G06Q20/30Payment architectures, schemes or protocols characterised by the use of specific devices or networks
    • G06Q20/34Payment architectures, schemes or protocols characterised by the use of specific devices or networks using cards, e.g. integrated circuit [IC] cards or magnetic cards
    • G06Q20/357Cards having a plurality of specified features
    • G06Q20/3576Multiple memory zones on card

Abstract

The present invention proposes multi-application smart card management system and method.Wherein, the system includes at least one and applies provider's smart card management terminal and multi-application smart card management server, the multi-application smart card management server is received to activate using the card of provider's smart card management terminal from least one and asked, and the card activation data are generated based on the card image, and card activation data are sent back into corresponding application provider smart card management terminal, wherein, the card activation data include application installation certification authentication key.Multi-application smart card management system and method disclosed in this invention can make the main body of each application on smart card have relations on an equal basis.

Description

Multi-application smart card management system and method
Technical field
The present invention relates to smart card administrative system and method, more particularly, to multi-application smart card management system and side Method.
Background technology
At present, increasingly extensive and different field the class of business applied with cyber-net becomes increasingly abundant, Management to multi-application smart card becomes more and more important.
The management platform of the existing multi-application smart card based on GP (Global Platform) standard is to be based on security domain , i.e., each application in smart card has corresponding security domain (it is representative of the owner of the application on card)
However, such smart card based on GP standards depends on master comprising main security domain and from security domain from security domain Security domain, i.e., assign, this causes following result from all permissions of security domain by main security domain:Each is not flat using main body Deng relation.
Accordingly, there exist following demand:There is provided the main body for each application that can make on smart card has relations on an equal basis(That is intelligence The main body of each application that can be on card manages alone the application of oneself, after the card that is not loaded before of the application that is loaded into card The control of piece application main body)Multi-application smart card management system and method.
The content of the invention
In order to solve the problems of above-mentioned prior art, the present invention propose can make it is each on smart card The main body of application has the multi-application smart card management system and method for relations on an equal basis.
The purpose of the present invention is achieved through the following technical solutions:
A kind of multi-application smart card management system, the multi-application smart card management system includes:
At least one apply provider's smart card management terminal, it is described at least one apply provider's smart card management terminal In it is each based on user instruction construction card activation request and by the card activation request be sent to multi-application smart card Management server, wherein card activation request includes the card image of smart card to be activated, at least one described application Each in provider's smart card management terminal is sent back from the multi-application smart card management server being subsequently received Card activation data after perform activation manipulation to smart card;
Multi-application smart card management server, the multi-application smart card management server receive from it is described at least one Request is activated using the card of provider's smart card management terminal, and the card activation number is generated based on the card image According to, and by the card activation data send back corresponding application provider smart card management terminal, wherein, the card swash Live data includes application and installs certification authentication key.
In scheme disclosed above, it is preferable that the card key is implanted the intelligence during smart card is manufactured In the chip that can block, and the smart card is corresponded with the card key.
In scheme disclosed above, it is preferable that the activation manipulation includes:By card activation data write-in intelligence In blocking;The smart card verifies the card activation data using the card key;If the verification passes, then store described Using installation certification authentication key.
In scheme disclosed above, it is preferable that when need to install within a smart card apply when, with the smart card phase Application provider's smart card management terminal of association is based on user instruction Structural application registration request, and please by application registration Ask and be sent to the multi-application smart card management server.
In scheme disclosed above, it is preferable that receive from it is described at least one apply provider's smart card After the application registration request of management terminal, the multi-application smart card management server is based on application registration request generation should With install certificate, and by the application installation certificate send back corresponding application provider smart card management terminal.
In scheme disclosed above, it is preferable that sent back receiving the multi-application smart card management server Application install after certificate, the application is installed certificate and application to be installed by the application provider smart card management terminal Write in corresponding smart card with perform apply installation operation.
In scheme disclosed above, it is preferable that the application installation operation includes:Certificate is installed using the application Authentication secret verifies that certificate is installed in the application;If the verification passes, then the application to be installed is installed.
The purpose of the present invention can also be achieved through the following technical solutions:
A kind of multi-application smart card management method, the multi-application smart card management method comprises the following steps:
(A1)At least one applies each instruction construction card based on user in provider's smart card management terminal to swash Card activation request is simultaneously sent to multi-application smart card management server by request living, wherein the card activates request bag Include the card image of smart card to be activated;
(A2) the multi-application smart card management server receive from it is described at least one apply provider's smart card pipe The card activation request of terminal is managed, and the card activation data are generated based on the card image, and the card is swashed Live data sends back corresponding application provider smart card management terminal, wherein, the card activation data include application and installed Certification authentication key;
(A3) it is described at least one apply in provider's smart card management terminal it is each receive from it is described it is many should The activation manipulation to smart card is performed after the card activation data sent back with intelligent card management server.
Multi-application smart card management system and method disclosed in this invention have advantages below:On multi-application smart card Each application is not controlled by other application completely, i.e., the main body of different application on card(For example credit card issuer or apply provider) Complete equality.
Brief description of the drawings
With reference to accompanying drawing, technical characteristic of the invention and advantage will be more fully understood by those skilled in the art, wherein:
Fig. 1 is the schematic diagram of multi-application smart card management system according to an embodiment of the invention;
Fig. 2 is the flow chart of multi-application smart card management method according to an embodiment of the invention.
Embodiment
Fig. 1 is the schematic diagram of multi-application smart card management system according to an embodiment of the invention.Such as Fig. 1 institutes Show, multi-application smart card management system disclosed in this invention includes at least one and applies provider's smart card management terminal 1(Example Such as the smart card management terminal of card issuer)With multi-application smart card management server 2.Wherein, at least one described application is provided User is each based in square smart card management terminal 1(For example its corresponding card issuer or apply provider)Instruction construction card Card activation request is simultaneously sent to the multi-application smart card management server 2 by piece activation request, wherein the card Activation request includes smart card to be activated(The smart card to be activated in a dormant state, i.e., can not load application)Card Information(Such as card identifiers), it is described at least one apply each then receiving in provider's smart card management terminal 1 The activation behaviour to smart card is performed after to the card activation data sent back from the multi-application smart card management server 2 Make.The multi-application smart card management server 2 receive from it is described at least one using provider's smart card management terminal 1 Card activation request, and the card activation data are generated based on the card image, and card activation data are passed Send corresponding application provider smart card management terminal 1 back to, wherein, the card activation data include application and install certification authentication Key.
Preferably, in multi-application smart card management system disclosed in this invention, the card key is in intelligent blocking It is implanted during making in the chip of the smart card, and the smart card is corresponded with the card key(I.e. each intelligence The card key that can block is unique).
Exemplarily, in multi-application smart card management system disclosed in this invention, the multi-application smart card management The card sending system that server is subordinate to(The card sending system is neutral)It is in advance based on the scattered generation of chip serial number of smart card The corresponding card key of the smart card, and entrust smart card manufacturer that the card key is implanted into intelligent card chip.
Preferably, in multi-application smart card management system disclosed in this invention, the activation manipulation includes:Will be described In card activation data write-in smart card;The smart card verifies the card activation data using the card key;If It is verified, then stores the application and certification authentication key is installed(Card activation data are only for its corresponding smart card One, and can only be decrypted by unique card key of corresponding smart card).
Preferably, in multi-application smart card management system disclosed in this invention, answered when needing to install within a smart card Used time, the application provider smart card management terminal 1 associated with the smart card is based on the registration of user instruction Structural application please Ask, and the application registration request is sent to the multi-application smart card management server 2.
Preferably, in multi-application smart card management system disclosed in this invention, receiving from described at least one After the application registration request of individual application provider smart card management terminal 1, the multi-application smart card management server 2 is based on institute State and certificate is installed using registration request generation application, and application installation certificate is sent back into corresponding application provider intelligence Card management terminal 1.
Preferably, in multi-application smart card management system disclosed in this invention, many application intelligence are being received The application that card management server 2 is sent back is installed after certificate, and the application provider smart card management terminal 1 pacifies the application In dress certificate and the corresponding smart card of application write-in to be installed installation operation is applied to perform.
Preferably, in multi-application smart card management system disclosed in this invention, the application installation operation includes:Make Installed with the application described in certification authentication key authentication using installation certificate;If the verification passes, then install described to be installed Application.
Therefore, multi-application smart card management system disclosed in this invention has the following advantages that:Multi-application smart card On each application do not controlled completely by other application, i.e., the main body of different application on card(Such as credit card issuer or application are carried Supplier)Complete equality.
Fig. 2 is the flow chart of multi-application smart card management method according to an embodiment of the invention.As shown in Fig. 2 this hair Bright disclosed multi-application smart card management method comprises the following steps:(A1)At least one is managed eventually using provider's smart card User is each based in end(For example its corresponding card issuer or apply provider)Instruction construction card activation ask and will Card activation request is sent to multi-application smart card management server, wherein card activation request include it is to be activated Smart card(The smart card to be activated in a dormant state, i.e., can not load application)Card image(For example card is identified Symbol);(A2) the multi-application smart card management server receive from it is described at least one managed eventually using provider's smart card The card activation request at end, and the card activation data are generated based on the card image, and the card is activated into number According to sending back corresponding application provider smart card management terminal, wherein, the card activation data include application and install certificate Authentication secret;(A3) at least one described each receiving from described many of applying in provider's smart card management terminal The activation manipulation to smart card is performed after the card activation data sent back using intelligent card management server.
Preferably, in multi-application smart card management method disclosed in this invention, the card key is in intelligent blocking It is implanted during making in the chip of the smart card, and the smart card is corresponded with the card key(I.e. each intelligence The card key that can block is unique).
Exemplarily, in multi-application smart card management method disclosed in this invention, the multi-application smart card management The card sending system that server is subordinate to(The card sending system is neutral)It is in advance based on the scattered generation of chip serial number of smart card The corresponding card key of the smart card, and entrust smart card manufacturer that the card key is implanted into intelligent card chip.
Preferably, in multi-application smart card management method disclosed in this invention, the activation manipulation includes:Will be described In card activation data write-in smart card;The smart card verifies the card activation data using the card key;If It is verified, then stores the application and certification authentication key is installed(Card activation data are only for its corresponding smart card One, and can only be decrypted by unique card key of corresponding smart card).
Preferably, multi-application smart card management method disclosed in this invention further comprises:(A4)When needs are in intelligence When installation is applied in card, the application provider smart card management terminal associated with the smart card is based on user instruction construction should With registration request, and the application registration request is sent to the multi-application smart card management server.
Preferably, multi-application smart card management method disclosed in this invention further comprises:(A5)Come from receiving It is described at least one using provider's smart card management terminal application registration request after, the multi-application smart card management service Device is based on application registration request generation application and installs certificate, and application installation certificate is sent back corresponding application and carried Supplier's smart card management terminal.
Preferably, multi-application smart card management method disclosed in this invention further comprises:(A6)It is described receiving The application that multi-application smart card management server is sent back is installed after certificate, and the application provider smart card management terminal is by institute State using installing certificate and application to be installed writes in corresponding smart card and to apply installation operation to perform.
Preferably, in multi-application smart card management method disclosed in this invention, the application installation operation includes:Make Installed with the application described in certification authentication key authentication using installation certificate;If the verification passes, then install described to be installed Application.
Therefore, multi-application smart card management method disclosed in this invention has the following advantages that:Multi-application smart card On each application do not controlled completely by other application, i.e., the main body of different application on card(Such as credit card issuer or application are carried Supplier)Complete equality.
Although the present invention is described by above-mentioned preferred embodiment, its way of realization is not limited to Above-mentioned embodiment.It should be realized that:In the case where not departing from spirit and scope of the present invention, those skilled in the art can be with Different change and modifications is made to the present invention.

Claims (8)

1. a kind of multi-application smart card management system, the multi-application smart card management system includes:
At least one apply provider's smart card management terminal, it is described at least one apply provider's smart card management terminal in Each the instruction construction card activation based on user is asked and card activation request is sent into multi-application smart card management Server, wherein card activation request includes the card image of smart card to be activated, at least one described application is provided Each in square smart card management terminal is being subsequently received the card that is sent back from the multi-application smart card management server The activation manipulation to smart card is performed after piece activation data;
Multi-application smart card management server, the multi-application smart card management server is received from least one described application The card activation request of provider's smart card management terminal, and the card activation data are generated based on the card image, with And card activation data are sent back into corresponding application provider smart card management terminal, wherein, the card activates number Certification authentication key is installed according to including application.
2. multi-application smart card management system according to claim 1, it is characterised in that the card key is in smart card In the chip that the smart card is implanted during manufacture, and the smart card is corresponded with the card key.
3. multi-application smart card management system according to claim 2, it is characterised in that the activation manipulation includes:Will In the card activation data write-in smart card;The smart card verifies the card activation data using the card key; If the verification passes, then store the application and certification authentication key is installed.
4. multi-application smart card management system according to claim 3, it is characterised in that when needing to install within a smart card Using when, the application provider smart card management terminal associated with the smart card is based on the registration of user instruction Structural application please Ask, and the application registration request is sent to the multi-application smart card management server.
5. multi-application smart card management system according to claim 4, it is characterised in that receiving described at least After the application registration request of one application provider's smart card management terminal, the multi-application smart card management server is based on institute State and certificate is installed using registration request generation application, and application installation certificate is sent back into corresponding application provider intelligence Card management terminal.
6. multi-application smart card management system according to claim 5, it is characterised in that described apply intelligence receiving more The application that energy card management server is sent back is installed after certificate, and the application provider smart card management terminal pacifies the application In dress certificate and the corresponding smart card of application write-in to be installed installation operation is applied to perform.
7. multi-application smart card management system according to claim 6, it is characterised in that the application installation operation bag Include:Installed using the application described in certification authentication key authentication using installation certificate;If the verification passes, then treated described in installing The application of installation.
8. a kind of multi-application smart card management method, the multi-application smart card management method comprises the following steps:
(A1)At least one applies each instruction construction card activation based on user in provider's smart card management terminal please Ask and card activation request is sent to multi-application smart card management server, wherein card activation request includes treating The card image of the smart card of activation;
(A2) the multi-application smart card management server receive from it is described at least one managed eventually using provider's smart card The card activation request at end, and the card activation data are generated based on the card image, and the card is activated into number According to sending back corresponding application provider smart card management terminal, wherein, the card activation data include application and install certificate Authentication secret;
(A3) it is described at least one apply in provider's smart card management terminal each apply intelligence from described receiving more The activation manipulation to smart card is performed after the card activation data that energy card management server is sent back.
CN201210412189.6A 2012-10-25 2012-10-25 Multi-application smart card management system and method Active CN103778448B (en)

Priority Applications (2)

Application Number Priority Date Filing Date Title
CN201210412189.6A CN103778448B (en) 2012-10-25 2012-10-25 Multi-application smart card management system and method
PCT/CN2013/085800 WO2014063632A1 (en) 2012-10-25 2013-10-23 Multi-application smart card management system and method

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
CN201210412189.6A CN103778448B (en) 2012-10-25 2012-10-25 Multi-application smart card management system and method

Publications (2)

Publication Number Publication Date
CN103778448A CN103778448A (en) 2014-05-07
CN103778448B true CN103778448B (en) 2017-10-27

Family

ID=50544026

Family Applications (1)

Application Number Title Priority Date Filing Date
CN201210412189.6A Active CN103778448B (en) 2012-10-25 2012-10-25 Multi-application smart card management system and method

Country Status (2)

Country Link
CN (1) CN103778448B (en)
WO (1) WO2014063632A1 (en)

Families Citing this family (3)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN105516181A (en) * 2015-12-29 2016-04-20 邵军利 Security apparatus management system and method
CN107341393A (en) * 2016-04-29 2017-11-10 腾讯科技(深圳)有限公司 The detection method and device of application program installation kit
CN106874808B (en) * 2017-01-17 2019-12-13 新智数字科技有限公司 Method for activating IC card and IC card

Citations (3)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN101500224A (en) * 2008-01-31 2009-08-05 中国移动通信集团公司 Multi-application management server for telecommunication smart card, multi-application management method and system
CN101511051A (en) * 2008-12-31 2009-08-19 北京握奇数据系统有限公司 Method, system and equipment for downloading application business of telecom smart card
CN101753590A (en) * 2008-11-28 2010-06-23 爱思开电讯投资(中国)有限公司 Device for remote management application and method

Family Cites Families (4)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN101231768B (en) * 2008-01-25 2010-09-08 北京深思洛克软件技术股份有限公司 Multi-application intelligent card and method for realizing intelligent card multi application
CN102025710B (en) * 2009-09-11 2015-11-25 中国银联股份有限公司 Multi-application smart card and the many AMSs of smart card and method
EP2372592B1 (en) * 2009-12-14 2016-08-24 Nxp B.V. integrated circuit and system for installing computer code thereon
CN102087716B (en) * 2011-03-02 2013-02-13 武汉天喻信息产业股份有限公司 Multi-application Java smart card

Patent Citations (3)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN101500224A (en) * 2008-01-31 2009-08-05 中国移动通信集团公司 Multi-application management server for telecommunication smart card, multi-application management method and system
CN101753590A (en) * 2008-11-28 2010-06-23 爱思开电讯投资(中国)有限公司 Device for remote management application and method
CN101511051A (en) * 2008-12-31 2009-08-19 北京握奇数据系统有限公司 Method, system and equipment for downloading application business of telecom smart card

Also Published As

Publication number Publication date
WO2014063632A1 (en) 2014-05-01
CN103778448A (en) 2014-05-07

Similar Documents

Publication Publication Date Title
US10114976B2 (en) Systems, methods, and computer program products for interfacing multiple service provider trusted service managers and secure elements
CN105391840B (en) Automatically create destination application
US10057773B2 (en) Systems, methods, and computer program products for interfacing multiple service provider trusted service managers and secure elements
CN103888252A (en) UID, PID, and APPID-based control application access permission method
CN103778448B (en) Multi-application smart card management system and method
CN103843012A (en) Information processing device and method, and program
KR20240044407A (en) Systems and methods for hosting and remotely provisioning payment HSMs with out-of-band management
AU2015234304B2 (en) Systems, methods, and computer program products for managing secure elements
CN103903306A (en) Smart card electronic ticket application realization method and smart card electronic ticket application realization system

Legal Events

Date Code Title Description
C06 Publication
PB01 Publication
C10 Entry into substantive examination
SE01 Entry into force of request for substantive examination
GR01 Patent grant
GR01 Patent grant