CN107798520A - It is a kind of to cut machine method and apparatus for the anti-of POS terminal - Google Patents
It is a kind of to cut machine method and apparatus for the anti-of POS terminal Download PDFInfo
- Publication number
- CN107798520A CN107798520A CN201710819104.9A CN201710819104A CN107798520A CN 107798520 A CN107798520 A CN 107798520A CN 201710819104 A CN201710819104 A CN 201710819104A CN 107798520 A CN107798520 A CN 107798520A
- Authority
- CN
- China
- Prior art keywords
- pos terminal
- sim card
- identification code
- file
- currently installed
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Pending
Links
- 238000000034 method Methods 0.000 title claims abstract description 43
- 238000004891 communication Methods 0.000 claims abstract description 63
- 238000012795 verification Methods 0.000 claims abstract description 32
- 230000006870 function Effects 0.000 claims description 42
- 238000004590 computer program Methods 0.000 claims description 21
- 238000003860 storage Methods 0.000 claims description 8
- 238000001514 detection method Methods 0.000 claims description 3
- 206010033799 Paralysis Diseases 0.000 abstract description 7
- 238000005520 cutting process Methods 0.000 description 27
- 238000004422 calculation algorithm Methods 0.000 description 21
- 238000012545 processing Methods 0.000 description 10
- 230000008569 process Effects 0.000 description 6
- 238000012546 transfer Methods 0.000 description 5
- 239000003795 chemical substances by application Substances 0.000 description 3
- 238000010168 coupling process Methods 0.000 description 3
- 238000005859 coupling reaction Methods 0.000 description 3
- 238000005516 engineering process Methods 0.000 description 3
- 230000008878 coupling Effects 0.000 description 2
- 238000000151 deposition Methods 0.000 description 2
- 239000007884 disintegrant Substances 0.000 description 2
- 230000005611 electricity Effects 0.000 description 2
- GOLXNESZZPUPJE-UHFFFAOYSA-N spiromesifen Chemical compound CC1=CC(C)=CC(C)=C1C(C(O1)=O)=C(OC(=O)CC(C)(C)C)C11CCCC1 GOLXNESZZPUPJE-UHFFFAOYSA-N 0.000 description 2
- TVZRAEYQIKYCPH-UHFFFAOYSA-N 3-(trimethylsilyl)propane-1-sulfonic acid Chemical compound C[Si](C)(C)CCCS(O)(=O)=O TVZRAEYQIKYCPH-UHFFFAOYSA-N 0.000 description 1
- 230000001065 anti-restriction Effects 0.000 description 1
- 230000009286 beneficial effect Effects 0.000 description 1
- 230000005540 biological transmission Effects 0.000 description 1
- 238000004364 calculation method Methods 0.000 description 1
- 238000006243 chemical reaction Methods 0.000 description 1
- 230000006835 compression Effects 0.000 description 1
- 238000007906 compression Methods 0.000 description 1
- 238000013500 data storage Methods 0.000 description 1
- 238000013461 design Methods 0.000 description 1
- 238000011161 development Methods 0.000 description 1
- 238000010586 diagram Methods 0.000 description 1
- 238000009826 distribution Methods 0.000 description 1
- 238000003780 insertion Methods 0.000 description 1
- 230000037431 insertion Effects 0.000 description 1
- 230000002427 irreversible effect Effects 0.000 description 1
- 238000004519 manufacturing process Methods 0.000 description 1
- 238000013507 mapping Methods 0.000 description 1
- 210000003205 muscle Anatomy 0.000 description 1
- 238000004549 pulsed laser deposition Methods 0.000 description 1
- 238000006467 substitution reaction Methods 0.000 description 1
- 230000009466 transformation Effects 0.000 description 1
Classifications
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L9/00—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
- H04L9/32—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials
- H04L9/3247—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials involving digital signatures
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06Q—INFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES, NOT OTHERWISE PROVIDED FOR
- G06Q20/00—Payment architectures, schemes or protocols
- G06Q20/08—Payment architectures
- G06Q20/20—Point-of-sale [POS] network systems
- G06Q20/206—Point-of-sale [POS] network systems comprising security or operator identification provisions, e.g. password entry
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06Q—INFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES, NOT OTHERWISE PROVIDED FOR
- G06Q20/00—Payment architectures, schemes or protocols
- G06Q20/38—Payment protocols; Details thereof
- G06Q20/40—Authorisation, e.g. identification of payer or payee, verification of customer or shop credentials; Review and approval of payers, e.g. check credit lines or negative lists
- G06Q20/409—Device specific authentication in transaction processing
- G06Q20/4097—Device specific authentication in transaction processing using mutual authentication between devices and transaction partners
-
- G—PHYSICS
- G07—CHECKING-DEVICES
- G07G—REGISTERING THE RECEIPT OF CASH, VALUABLES, OR TOKENS
- G07G1/00—Cash registers
- G07G1/0009—Details of the software in the checkout register, electronic cash register [ECR] or point of sale terminal [POS]
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L9/00—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
- H04L9/32—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials
- H04L9/3234—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials involving additional secure or trusted devices, e.g. TPM, smartcard, USB or software token
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04W—WIRELESS COMMUNICATION NETWORKS
- H04W12/00—Security arrangements; Authentication; Protecting privacy or anonymity
- H04W12/06—Authentication
Landscapes
- Engineering & Computer Science (AREA)
- Computer Security & Cryptography (AREA)
- Business, Economics & Management (AREA)
- Accounting & Taxation (AREA)
- Computer Networks & Wireless Communication (AREA)
- General Physics & Mathematics (AREA)
- Physics & Mathematics (AREA)
- Signal Processing (AREA)
- Finance (AREA)
- Theoretical Computer Science (AREA)
- General Business, Economics & Management (AREA)
- Strategic Management (AREA)
- Mobile Radio Communication Systems (AREA)
Abstract
The present invention is applied to technical field of electronic communication, there is provided and it is a kind of to cut machine method and device for the anti-of POS terminal, including obtain the identification code for the SIM card being currently installed in POS terminal;According to the public key for the acquirer being pre-stored within POS terminal, whether signature verification file is correct;If signature file is correct, the identification code of the identification code for the SIM card being currently installed in POS terminal and binding SIM card is contrasted;If the identification code for the SIM card being currently installed in POS terminal is identical with the identification code of binding SIM card, the SIM card for judging to be currently installed in POS terminal is binding SIM card, and POS terminal carries out radio communication based on the SIM card being currently installed in POS terminal;If differing, the communication function of POS terminal is disabled.Ensure that POS terminal can only could carry out radio communication by the SIM card with the binding, and the radio communication function for switching to the POS terminal after other SIM cards will paralyse, so that it is guaranteed that the SIM card of binding is not tampered with, to reach the purpose of locking SIM card.
Description
Technical field
The invention belongs to technical field of electronic communication, more particularly to a kind of cut machine method and apparatus for the anti-of POS terminal.
Background technology
With developing rapidly for mobile payment, the application of wireless mobile point-of-sale terminal (point of sale, POS) is more next
It is more extensive.Relatively conventional wired POS terminal, wireless mobile POS have mobility, network insertion convenience and carrier network more
The features such as high security.Under normal circumstances, acquirer can be equipped with the use for being used to merchandise simultaneously when laying POS terminal
Family identification card (Subscriber Identification Module, SIM), and POS terminal is determined by the SIM card
Position and Transaction Information, and carry out radio communication.
But many trade companies have the SIM for not using acquirer to be equipped with, and use the phenomenon of other SIM cards instead, therefore receive
Unit structure can not determine the regional location and Transaction Information of POS terminal according to SIM card information, and machine is cut so as to increase mobile POS
So as to the risk of Misuse, for example current popular arbitrage etc..In order to reduce the POS terminal caused by cutting machine by violation of rules and regulations
The risk used, prior art cut machine system to prevent the generation of problems, but simply pin using anti-based on digital signature
For POS system or the digital signature of software program, can not solve in violation of rules and regulations to make by POS terminal caused by switching SIM card
The problem of using.
The content of the invention
In view of this, machine method and apparatus is cut for the anti-of POS terminal the embodiments of the invention provide a kind of, it is existing to solve
There is in technology the problem of by caused by switching SIM card the problem of POS terminal Misuse.
The first aspect of the embodiment of the present invention provide it is a kind of cut machine method for the anti-of POS terminal, including:
Obtain the identification code for the SIM card being currently installed in POS terminal;
According to the public key for the acquirer being pre-stored within the POS terminal, whether signature verification file is correct;It is described
Signature file includes original document, and the original document includes the identification code of the binding SIM card of the POS terminal;
According to check results, if the signature file is correct, by the SIM card being currently installed in POS terminal
Identification code and the identification code of the binding SIM card are contrasted;
If the identification code for being currently installed on the SIM card in POS terminal is identical with the identification code of the binding SIM card,
The SIM card being currently installed on described in then judging in POS terminal is the binding SIM card, and the POS terminal is based on the current peace
Radio communication is carried out loaded on the SIM card in POS terminal;
If the identification code of the identification code for being currently installed on the SIM card in POS terminal and the binding SIM card not phase
Together, then the SIM card being currently installed on described in judging in POS terminal is not the binding SIM card, then disables the POS terminal
Radio communication function.
The second aspect of the embodiment of the present invention provide it is a kind of cut machine device for the anti-of POS terminal, including:
Information acquisition unit, for obtaining the identification code for the SIM card being currently installed in POS terminal;
File verification unit, for the public key according to the acquirer being pre-stored within the POS terminal, signature verification
Whether file is correct;The signature file includes original document, and the original document includes the binding of the POS terminal
The identification code of SIM card;
Information comparison unit, for according to check results, if the signature file is correct, by it is described be currently installed in
The identification code of SIM card in POS terminal and the identification code of the binding SIM card are contrasted;
Wireless communication unit, if for the identification code for being currently installed on the SIM card in POS terminal and the binding
The identification code of SIM card is identical, then judge described in the SIM card that is currently installed in POS terminal be the binding SIM card, the POS
Terminal carries out radio communication based on the SIM card being currently installed in POS terminal;
Communicate forbidden cell, if for the identification code for being currently installed on the SIM card in POS terminal and the binding
The identification code of SIM card differs, then the SIM card being currently installed on described in judgement in POS terminal is not the binding SIM card, then
Disable the radio communication function of the POS terminal.
The third aspect of the embodiment of the present invention provide it is a kind of cut machine device for the anti-of POS terminal, including:Including storage
Device, processor and it is stored in the computer program that can be run in the memory and on the processor, the processor
Realized when performing the computer program such as the step of above-mentioned first aspect methods described.
The fourth aspect of the embodiment of the present invention provides a kind of computer-readable recording medium, the computer-readable storage
Media storage has computer program, is realized when the computer program is executed by processor such as above-mentioned first aspect methods described
Step.
Existing beneficial effect is the embodiment of the present invention compared with prior art:Pass through the private key pair according to acquirer
SIM card information of identification code is signed, and the signature is verified further according to the public key of acquirer, and by current SIM card
Identification code is contrasted with the SIM card identification code bound, to verify the information of current SIM card.Ensure POS terminal can only by with
The SIM card of POS terminal binding could carry out radio communication, and switch to the channel radio of the POS terminal after other SIM cards
Telecommunication function will paralyse, so that it is guaranteed that the SIM card of binding is not tampered with, to reach the purpose of locking SIM card.
Brief description of the drawings
Technical scheme in order to illustrate the embodiments of the present invention more clearly, below will be to embodiment or description of the prior art
In the required accompanying drawing used be briefly described, it should be apparent that, drawings in the following description be only the present invention some
Embodiment, for those of ordinary skill in the art, without having to pay creative labor, can also be according to these
Accompanying drawing obtains other accompanying drawings.
Fig. 1 is a kind of anti-flow chart for cutting machine method for POS terminal provided in an embodiment of the present invention;
Fig. 2 is a kind of anti-flow chart for cutting machine method for POS terminal that another embodiment of the present invention provides;
Fig. 3 is a kind of anti-structure chart for cutting machine device for POS terminal provided in an embodiment of the present invention;
Fig. 4 is a kind of anti-structure chart for cutting machine device for POS terminal that another embodiment of the present invention provides;
Fig. 5 is a kind of anti-schematic diagram for cutting machine device for POS terminal provided in an embodiment of the present invention.
Embodiment
In describing below, in order to illustrate rather than in order to limit, it is proposed that such as tool of particular system structure, technology etc
Body details, thoroughly to understand the embodiment of the present invention.However, it will be clear to one skilled in the art that there is no these specific
The present invention can also be realized in the other embodiments of details.In other situations, omit to well-known system, device, electricity
Road and the detailed description of method, in case unnecessary details hinders description of the invention.
In order to illustrate technical solutions according to the invention, illustrated below by specific embodiment.
Referring to Fig. 1, Fig. 1 is a kind of anti-flow chart for cutting machine method for POS terminal provided in an embodiment of the present invention.This
The anti-executive agent for cutting machine method in embodiment for POS terminal is terminal.As shown in Figure 1 cuts for the anti-of POS terminal
Machine method may comprise steps of:
S101:Obtain the identification code for the SIM card being currently installed in POS terminal.
With developing rapidly for mobile payment, the application of wireless mobile POS terminal is more and more extensive.POS terminal can connect
By bank card information, there is communication function, and receive the instruction of teller and complete financial transaction information and exchange for information about
Equipment.Relatively conventional wired POS terminal, wireless mobile POS have higher mobility, can also be easy to access network, operation
The features such as business's network greater security.
Acquirer when laying POS terminal, can simultaneously be equipped with one be used for merchandise SIM card, and by the SIM card come
Position the position of POS terminal.But in wireless mobile POS terminal in actual use, trade company, which can exist, does not use acquirer
The SIM of outfit, and use other SIM cards instead, such acquirer can not just position the region position of POS terminal according to SIM card information
Put.So as to increase Mobile POS Terminal by machine of cutting so as to the risk of Misuse.For example current popular arbitrage etc., if
Applied for that the address of POS terminal is consistent with using the address of POS terminal, then can reduce supervision difficulty originally.So for safety,
Mobile POS Terminal needs binding machine and card with the SIM that acquirer is equipped with, so as to reduce the POS terminal caused by cutting machine by violation of rules and regulations
The risk used.
In the present embodiment, after start-up, whether detection first is currently equipped with SIM card to POS terminal, if being equipped with SIM card,
Then obtain the identification code for the SIM card being presently installed in the POS terminal.
By the way that SIM card is arranged in Mobile POS Terminal, the bank for being used for and acting on behalf of the performed transaction of the POS terminal enters
Row communication.For example, the GPRS functions inside the SIM card for passing through China Mobile send or received transaction data.Each SIM card
There is the identification code for oneself being different from other SIM cards.
Exemplary, the identification code of the SIM card in POS terminal can be the SIM card card number, wherein, SIM card card number refers to
It is the implication of 20 Digital sums (i.e. No. ICCID) on this card.Wherein:Above 6 are network code name, are respectively:
(898600) be China Mobile code name;(898601) be CHINAUNICOM code name;(898603) be China Telecom code name;The
7 are service access number, are respectively 1,5,6,7,8,9 in 133,135,136,137,138,139;8th be SIM card work(
Energy position, generally 0, prepaid SEVI card 3;9th, 10 be each province coding;01:Beijing 02:Tianjin 03:Hebei 04:Shanxi
05:The Inner Mongol 06:Liaoning 07:Jilin 08:Heilungkiang 09:Shanghai 10:Jiangsu 11:Zhejiang 12:Anhui 13:Fujian 14:Jiangxi 15:
Shandong 16:Henan 17:Hubei 18:Hunan 19:Guangdong 20:Guangxi 21:Hainan 22:Sichuan 23:Guizhou 24:Yunnan 25:Tibet 26:
Shaanxi 27:Gansu 28:Qinghai 29:Ningxia 30:Xinjiang 31:Chongqing, the 11st, 12 is the title of an emperor's reign;13rd is vendor code;The
14~19 are then CUSTOMER IDs;20th is check bit.
Therefore different SIM cards has unique identification code, and corresponding SIM card can be determined by the identification code.
By whether being POS terminal with the SIM card that determination is presently installed in POS terminal to being contrasted between the SIM card identification code
The SIM card of middle binding.
S102:According to the public key for the acquirer being pre-stored within the POS terminal, just whether signature verification file
Really;The signature file includes original document, and the original document includes the identification of the binding SIM card of the POS terminal
Code.
It is to use different keys (public-key cryptography) to encrypt and decrypt in modern password system, that is, unsymmetrical key
Cryptographic system, each communication party are required to two keys, i.e. public key and private key, and this two keys can encryption and decryption each other.Public key
It is disclosed, it is not necessary to maintain secrecy, and private key oneself is held by individual, and must keep properly and pay attention to maintaining secrecy.Public key with
Private key is the key pair obtained by a kind of algorithm, and public key is part disclosed in cipher key pair, and private key is then private
Part.Public key is generally used for encrypted session key, checking digital signature.
The public key of acquirer is previously stored in POS terminal, and POS terminal is pre-stored within POS terminal according to basis
In acquirer public key, decrypted signature files, signing messages and original document are write in signature file, is wrapped in original document
Identification code containing the SIM card bound with POS terminal, so as to verify the correctness of the signature file.
Signing messages is decrypted according to acquirer public key, obtains the summary text by acquirer public key decryptions
Part, the original document received is handled secondly by identical digest algorithm, obtains the Summary file obtained by original document,
By the Summary file obtained by original document with being contrasted by the Summary file of acquirer public key decryptions.If identical,
The signature file for illustrating to receive is complete, is not changed in transmitting procedure, and otherwise explanation is modified.Pass through this public affairs
Key verification mode, to ensure the integrality of information transfer and authenticity.
S103:According to check results, if the signature file is correct, by the SIM being currently installed in POS terminal
The identification code of card and the identification code of the binding SIM card are contrasted.
After judging that signature file is correct, illustrate that the data in signature file are completely errorless, be not tampered, then can
Determine that the information in the signature file is completely correct.Original document is included in signature file, is tied up in original document comprising POS terminal
The identification code of fixed SIM card.After checking signature file is correct, the SIM correctly bound is obtained by signature file
The identification code of card, the identification code with being currently installed in the SIM card of the POS terminal are contrasted.
Different SIM cards has unique SIM card identification code, by the identification code can determine corresponding to SIM card.Pass through
It is determined that the correctly identification code of binding SIM card, and by the identification code and binding SIM card of the SIM card being currently installed in POS terminal
Identification code contrasted, to determine whether the SIM card that is presently installed in POS terminal is the SIM card bound in POS terminal.
S104:If the identification code for being currently installed on the SIM card in POS terminal and the identification code of the binding SIM card
Identical, then the SIM card being currently installed on described in judgement in POS terminal is the binding SIM card, and the POS terminal is based on described
The SIM card being currently installed in POS terminal carries out radio communication.
The identification code of the SIM card of binding is obtained by signature file, with being currently installed in the knowledge of the SIM card of the POS terminal
Other code is contrasted, if the identification code for the SIM card being currently installed in POS terminal is identical with the identification code of binding SIM card, is sentenced
The SIM card being installed on before settled in POS terminal is binding SIM card, and so as to safe to use, POS terminal is based on being currently installed on
SIM card in POS terminal carries out radio communication.
S105:If the identification code for being currently installed on the SIM card in POS terminal and the identification code of the binding SIM card
Differ, then the SIM card being currently installed on described in judgement in POS terminal is not the binding SIM card, then it is whole to disable the POS
The radio communication function at end.
If the identification code for the SIM card being currently installed in POS terminal and the identification code of binding SIM card differ, judge
It is not binding SIM card to be currently installed on the SIM card in POS terminal.By disabling the radio communication function of POS terminal, with resistance
Only the POS terminal to agent bank by sending transaction request information or transfer information, to forbid the POS terminal to work.
Above as can be seen that a kind of of the present embodiment offer cuts machine method for the anti-of POS terminal, by POS terminal
Acquirer public key signature verification file it is whether correct, to determine the authenticity of signature file and reliability.If signature text
Part is correct, then is contrasted the identification code of the identification code for the SIM card being currently installed in POS terminal and binding SIM card, to sentence
Whether the SIM card being installed on before settled in POS terminal is binding SIM card, if then POS terminal is based on being currently installed in POS ends
SIM card in end carries out radio communication.Ensure that POS terminal can only be by the SIM that is bound with the POS terminal in this way
Card could carry out radio communication, and the radio communication function for switching to the POS terminal after other SIM cards will paralyse, from
And ensure that the SIM card of binding is not tampered with, to reach the purpose of locking SIM card.
Referring to Fig. 2, Fig. 2 is another anti-flow chart for cutting machine method for being used for POS terminal provided in an embodiment of the present invention.
Fig. 2 and Fig. 1 difference is that Fig. 2 also add step S201 before Fig. 1 step S101, and step S203 is refined as
Step S2031-S2032.Anti- machine method of cutting for POS terminal as shown in Figure 2 may comprise steps of:
S201:The download signed file from signature machine, and the signature file is stored in the flash memory of the POS terminal
In;Signing messages, private key of the signing messages by the signature machine according to acquirer, to institute are included in the signature file
The summary for stating original document is encrypted to obtain.
Signature machine is that the main frame label of domestic independent development used are identified and ratified by national commercial cipher authorities
Name equipment, in the present embodiment, is communicated between signature machine and POS terminal by ICP/IP protocol, so signature machine is to POS terminal
Type and operating system without any special requirement.POS terminal by original document by being sent to signature machine, in original document
The information such as the acquirer data where the model of identification code, POS terminal comprising SIM card, coding and the POS terminal, label
Name machine is signed according to the private key of acquirer to original document, obtains signature file.Signature is included in this signature file
Information and original document, original document include the identification code of the binding SIM card of POS terminal.
POS terminal downloads the signature file from signature machine, and the signature file is stored in the sudden strain of a muscle of the POS terminal
In depositing.With ensure signature and data storage and reading process it is safe and efficient.
Flash memory is non-volatile memory of long-life a kind of, can remain to keep stored data under powering-off state
Information, it is not that block size is generally 256KB in units of single byte but in units of fixed block that data, which are deleted,
To 20MB.It is relatively low using the read or write speed height of flash memory, power consumption by the way that signature file is pre-stored within the flash memory of POS terminal
The advantages of, signature file can be efficiently accessed, to ensure signature verification genuineness of document and accuracy.
S202:Obtain the identification code for the SIM card being currently installed in POS terminal.
Each POS terminal could carry out normal radio communication only when being provided with SIM card, be installed into by SIM card
After POS terminal, the identification code of the SIM card is obtained by the data acquisition device in POS terminal.
Further, before acquisition is currently installed on the identification code of the SIM card in POS terminal, POS terminal detects first
Whether signature file is stored in the flash memory of POS terminal;If detecting, signature file has been stored in the flash memory of the POS terminal
In, then acquisition is currently installed on the identification code of the SIM card in POS terminal;If being not detected by signature file is stored in POS terminal
In flash memory, then the radio communication function of POS terminal is directly disabled.
By determining whether signature file is stored in POS terminal, to obtain POS terminal binding from the signature file
The information of SIM card, the identification code for the SIM card being currently installed in POS terminal is secondly obtained, and then judge to be currently installed in POS
SIM card in terminal whether be POS terminal binding SIM card, if being not detected by the flash memory that signature file is stored in POS terminal
In, then the radio communication function of POS terminal is directly disabled, can be prevented faster because caused by being not present of signature file
POS terminal is cut the risk of machine.
S203:According to the public key for the acquirer being pre-stored within the POS terminal, just whether signature verification file
Really;The signature file includes original document, and the original document includes the identification of the binding SIM card of the POS terminal
Code.
POS terminal is decrypted the signature file, signed according to according to the acquirer public key being pre-stored within POS terminal
Signing messages, and the identification code with the SIM card of POS terminal binding are included in file, so as to verify the correct of the signature file
Property.
Exemplary, we have parity check sum CRC check by familiar checking algorithm, and this 2 kinds verifications are not anti-
The ability of data tampering, they can detect and correct the channel error code in data transfer to a certain extent, but can not prevent pair
The malicious sabotage of data.If the information in signature file has been tampered with, and signature text can only be determined by this verification mode
Part, the correctness and authenticity of signature file are not can determine that.
Further, in the present embodiment, step S203 includes step S2031-S2032.
S2031:According to the public key of the acquirer, the signing messages in the signature file is decrypted, to obtain
Take the Summary file of signing messages.
Signature file is decrypted according to acquirer public key, obtains the summary info of signature file.Main public key
Signature system has RSA signature scheme, DSS signature schemes etc..The hash function processing of message is not that digital signature is necessary, but
In realization, often first hash function processing message, with compressed message length and provides certain encryption function.
Exemplary, RSA cryptographic algorithms count disintegrant according to Fermat's theorem and the theoretical foundation of Euler's theorem, and to big
The degree of difficulty of factor, can be directly in conventional channel available for digital signature, and because the memory data output of public-key cryptographic keys is smaller
Transmission, will not occupy excessive bandwidth.If A wants to send plaintext 9726 to B, then he calculates 9726*3533 (mod 11413)
=5761, here it is ciphertext, and after B receives 5761, it is decrypted with the private key d=6597 of oneself:5761*6597(mod
11413)=9726, just having obtained plaintext, public key is exactly 3533 and 11413 here, private key be 6597 and 11413 resolve into two
Individual prime factor 101 and 113.Although other people know x*3353 (mod 11413)=5761, it can not retrodict back and seek x, only
6597 could be drawn after being aware of private key 101 and 113 with algorithm.It is envisioned that if 11413 is sufficiently large, then by its disintegrant
Factor will be highly difficult.
For the signature process of POS original documents, public-key cryptosystem make it that signer and the key of verifier are different
's.Compared with DSE arithmetic, the cipher key delivery of public key can be transmitted on overt channel, or be stored in POS terminal
In, do not fear to be seen by attacker or interpolater.According to the public key of the acquirer, to the label in the signature file
Name information is decrypted, and to obtain the Summary file of signing messages, can largely avoid the possibility being forged of signing.
S2032:The Summary file of original document is obtained according to the original document.
After being decrypted by using the public key of acquirer to signature file, the summary info of signature file is obtained.Lead to again
Digest algorithm processing original document is crossed, produces the Summary file of original document, with compressed message length and provides certain encryption
Function.
Digital digest is the short message that the message of random length is become to regular length, exemplary, and it is similar to one
Independent variable is the function of message, that is, hashing algorithm.Digital digest be exactly using one-way Hash algorithm will need encrypt it is bright
Literary " summary " this string of ciphertexts are also known as digital finger-print into the ciphertext of a string of regular lengths (128), and it has fixed length, and
And different plaintext summaries, into ciphertext, its result is always different, and same plaintext its summary must be consistent.
By hashing algorithm the Input transformation of random length into the output of regular length, the output is exactly hashed value.This
Kind conversion is a kind of compression mapping.The space of hashed value is generally much less than the space inputted, and different inputs may hash to
Identical exports, and uniquely can not possibly determine input value from hashed value.It is exactly briefly a kind of disappearing random length
Breath is compressed to the function of the eap-message digest of a certain regular length.
Exemplary, the typical case of Message Digest Algorithm 5 (Message Digest Algorithm, MD5) is
Summary file is produced to the original document, to prevent from being tampered." digital finger-print " characteristic of MD5 algorithms, at present should it make it
With a kind of widest file integrality checking algorithm.MD5 is grouped with 512 to handle the information of input, and each packet is again
16 32 seats packets are divided into, after have passed through a series of processing, the output of algorithm is formed by four 32, by this
128 hashed values will be generated after four 32 packet concatenations.
Exemplary, having many softwares to have when downloading under UNIX, a filename is identical, and file extent is entitled
.md5 file, generally there was only a line text in this document, general configuration is such as:MD5 (tanajiya.tar.gz)=
0ca175b9c0f726a831d895e269332461, here it is the digital signature of tanajiya.tar.gz files.MD5 will be whole
Individual file becomes scaling method by its irreversible character string, generates this unique MD5 digest as a big text message
Information.
In the present embodiment, the identification code of the SIM card of some POS terminal binding is stored in original document, initial text
The content of part is write in signature file together with signing messages.After POS terminal obtains the signature file, signing messages
Summary file is to be stored in MD5 after Hash computings in signature file.When the POS terminal gets signature file, to this
Original document carries out MD5Hash computings, obtains the Summary file of original document.Remove and be stored in again the A.L.S. in file system
The Summary file of breath is compared, if the content of the Summary file of signing messages and the content of the Summary file of the original document
It is identical, then judge that the signature file is correct.
The Summary file of original document is obtained through MD5Hash computings, " byte serial " of random length is mapped as one by MD5
128bit big integer, and it by the anti-original character strings that push away of the 128bit is difficult to be.Even if POS terminal is receiving source journey
Sequence and arthmetic statement, MD5 value can not also be switched back to original original document.
Optionally, the algorithm of user's generation informative abstract can also be SHA-1 algorithms, and SHA-1 algorithms are by NIST NSA
It is designed as what same DSA was used together, it is less than the input of 2^64 positions to length, produces the hashed value that length is 160bit, therefore
Anti- exhaustive is more preferable.It is based on when SHA-1 is designed and MD5 same principles, and has imitated the algorithm.
Original document is handled by digest algorithm, produces the Summary file of original document, for by the summary of signing messages
The Summary file content of file and original document is contrasted, to judge whether signature file Jing Guo not distorted.
S2033:The Summary file content of the Summary file of the signing messages and the original document is contrasted, if
The content of the Summary file of the signing messages is identical with the content of the Summary file of the original document, then
Signing messages is decrypted according to acquirer public key, the summary info of signature file is obtained, then passes through phase
The original document that same digest algorithm processing receives, produces a summary info, by obtained result and signature file
Summary file is contrasted.If identical, the information for illustrating to receive is complete, is not changed in transmitting procedure, no
Then explanation be modified, with ensure the integrality of information transfer, sender authentication, prevent transaction in denial occur.
S204:According to check results, if the signature file is correct, by the SIM being currently installed in POS terminal
The identification code of card and the identification code of the binding SIM card are contrasted.
Step S204 in the present embodiment is identical with the step S103 in a upper embodiment, referring specifically to a upper embodiment
In step S103 associated description, do not repeat herein.
S205:If the identification code for being currently installed on the SIM card in POS terminal and the identification code of the binding SIM card
Identical, then the SIM card being currently installed on described in judgement in POS terminal is the binding SIM card, and the POS terminal is based on described
The SIM card being currently installed in POS terminal carries out radio communication.
Step S205 in the present embodiment is identical with the step S104 in a upper embodiment, referring specifically to a upper embodiment
In step S104 associated description, do not repeat herein.
S206:If the identification code for being currently installed on the SIM card in POS terminal and the identification code of the binding SIM card
Differ, then the SIM card being currently installed on described in judgement in POS terminal is not the binding SIM card, then it is whole to disable the POS
The radio communication function at end.
If the identification code for the SIM card being currently installed in POS terminal and the identification code of binding SIM card differ, judge
It is not binding SIM card to be currently installed on the SIM card in POS terminal.By disabling the radio communication function of POS terminal, with resistance
Only the POS terminal to agent bank by sending transaction request information or transfer information, to forbid the POS terminal to work.
Further, if the identification code of the identification code for the SIM card being currently installed in POS terminal and binding SIM card not phase
Together, then the identification code for the SIM card being currently installed in POS terminal is added to the blacklist of POS terminal, and blacklist is write just
In beginning file, original document is stored in POS terminal.When POS terminal after switching, acquisition be currently installed in POS terminal
SIM card identification code, detection first is currently installed on the identification code of SIM card in POS terminal whether in blacklist.If work as
Before be installed on SIM card in POS terminal identification code in blacklist, then disable the radio communication function of POS terminal.With timely
It was found that the SIM card in blacklist is installed in POS terminal, and forbids the wrong SIM card to work as early as possible, after eliminating
Signature file is verified, and the step of contrasted to the identification code of the SIM card and the identification code of binding SIM card,
Improve the efficiency that verification calculates.
By disabling the radio communication function of POS terminal, can prevent from being tampered in signature file, or be currently installed in
In the case that the identification code of SIM card in POS terminal and the identification code of binding SIM card differ, feelings that POS terminal works on
Condition occurs.Ensure that POS terminal can only could carry out radio communication by the SIM card bound with the POS terminal, and switch to other
SIM card after the radio communication function of the POS terminal will paralyse, so that it is guaranteed that the SIM card of binding is not tampered with, to reach
The purpose of locking SIM card.
Above as can be seen that the present embodiment provides a kind of anti-method for cutting machine for POS terminal, by from signature machine
Download signed file, and signature file is stored in the flash memory of POS terminal, to improve reading of the signature file in POS terminal
Take speed and processing speed.It is whether correct by the public key signature verification file of the acquirer in POS terminal, to determine to sign
The authenticity and reliability of file.If signature file is correct, by the identification code for the SIM card being currently installed in POS terminal with
The identification code of binding SIM card is contrasted, to judge to be currently installed on whether the SIM card in POS terminal is binding SIM card, if
It is that POS terminal carries out radio communication based on the SIM card being currently installed in POS terminal.By this method come ensure POS end
End can only could carry out radio communication by the SIM card bound with the POS terminal, and switch to the POS after other SIM cards
The radio communication function of terminal will paralyse, so that it is guaranteed that the SIM card of binding is not tampered with, to reach the purpose of locking SIM card.
Referring to Fig. 3, Fig. 3 is a kind of anti-structure chart for cutting machine device for POS terminal provided in an embodiment of the present invention.Eventually
The each unit that end equipment 300 includes is used to perform each step in embodiment corresponding to Fig. 1, corresponding referring specifically to Fig. 1 and Fig. 1
Embodiment in associated description, do not repeat herein.The anti-machine device 300 of cutting for POS terminal of the present embodiment includes information
Acquiring unit 301, file verification unit 302, information comparison unit 303, wireless communication unit 304 and communication forbidden cell 305.
Information acquisition unit 301 is used for the identification code for obtaining the SIM card being currently installed in POS terminal;
File verification unit 302 is used for the public key according to the acquirer being pre-stored within the POS terminal, verification label
Whether name file is correct;The signature file includes original document, and the original document includes the binding of the POS terminal
The identification code of SIM card.
Information comparison unit 303 be used for according to check results, if the signature file is correct, by it is described be currently installed in
The identification code of SIM card in POS terminal and the identification code of the binding SIM card are contrasted;
If wireless communication unit 304 is used for the identification code for being currently installed on the SIM card in POS terminal and the binding
The identification code of SIM card is identical, then judge described in the SIM card that is currently installed in POS terminal be the binding SIM card, the POS
Terminal carries out radio communication based on the SIM card being currently installed in POS terminal;
If the forbidden cell 305 that communicates is used for the identification code for being currently installed on the SIM card in POS terminal and the binding
The identification code of SIM card differs, then the SIM card being currently installed on described in judgement in POS terminal is not the binding SIM card, then
Disable the radio communication function of the POS terminal.
Above as can be seen that a kind of of the present embodiment offer cuts machine device for the anti-of POS terminal, by POS terminal
Acquirer public key signature verification file it is whether correct, to determine the authenticity of signature file and reliability.If signature text
Part is correct, then is contrasted the identification code of the identification code for the SIM card being currently installed in POS terminal and binding SIM card, to sentence
Whether the SIM card being installed on before settled in POS terminal is binding SIM card, if then POS terminal is based on being currently installed in POS ends
SIM card in end carries out radio communication.Ensure that POS terminal can only be by the SIM that is bound with the POS terminal in this way
Card could carry out radio communication, and the radio communication function for switching to the POS terminal after other SIM cards will paralyse, from
And ensure that the SIM card of binding is not tampered with, to reach the purpose of locking SIM card.
Referring to Fig. 4, Fig. 4 is a kind of anti-structure chart for cutting machine device for POS terminal provided in an embodiment of the present invention.Eventually
The each unit that end equipment 400 includes is used to perform each step in embodiment corresponding to Fig. 2, corresponding referring specifically to Fig. 2 and Fig. 2
Embodiment in associated description, do not repeat herein.The anti-machine device 400 of cutting for POS terminal of the present embodiment includes file
Acquiring unit 401, information acquisition unit 402, file verification unit 403, information comparison unit 404, wireless communication unit 405 and
Communicate forbidden cell 406.
File obtaining unit 401 is used to download the signature file from signature machine, and the signature file is deposited
It is stored in the flash memory of the POS terminal;Signing messages is included in the signature file, the signing messages is by the signature machine root
According to the private key of acquirer, the summary of the original document is encrypted to obtain.
Information acquisition unit 402 is used for the identification code for obtaining the SIM card being currently installed in POS terminal;
File verification unit 403 is used for the public key according to the acquirer being pre-stored within the POS terminal, verification label
Whether name file is correct;The signature file includes original document, and the original document includes the binding of the POS terminal
The identification code of SIM card;
Wherein, file verification unit 403 includes public key decryptions unit 4031, summary acquiring unit 4032 and summary contrast
Unit 4033.
Public key decryptions unit 4031 is used for the public key according to the acquirer, to the signing messages in the signature file
It is decrypted, to obtain the Summary file of signing messages;
Acquiring unit 4032 of making a summary is used for the Summary file that original document is obtained according to the original document;
Comparison unit 4033 of making a summary is used for the Summary file by the Summary file of the signing messages and the original document
Content is contrasted, if the content of the Summary file of the signing messages and the content phase of the Summary file of the original document
Together, then judge that the signature file is correct.
Information comparison unit 404 be used for according to check results, if the signature file is correct, by it is described be currently installed in
The identification code of SIM card in POS terminal and the identification code of the binding SIM card are contrasted;
If wireless communication unit 405 is used for the identification code for being currently installed on the SIM card in POS terminal and the binding
The identification code of SIM card is identical, then judge described in the SIM card that is currently installed in POS terminal be the binding SIM card, the POS
Terminal carries out radio communication based on the SIM card being currently installed in POS terminal;
If the forbidden cell 406 that communicates is used for the identification code for being currently installed on the SIM card in POS terminal and the binding
The identification code of SIM card differs, then the SIM card being currently installed on described in judgement in POS terminal is not the binding SIM card, then
Disable the radio communication function of the POS terminal.
Above as can be seen that the present embodiment offer is a kind of to cut machine device for the anti-of POS terminal, under from signature machine
Signature file is carried, and signature file is stored in the flash memory of POS terminal, to improve reading of the signature file in POS terminal
Speed and processing speed.It is whether correct by the public key signature verification file of the acquirer in POS terminal, to determine signature text
The authenticity and reliability of part.If signature file is correct, by the identification code for the SIM card being currently installed in POS terminal with tying up
The identification code for determining SIM card is contrasted, to judge to be currently installed on whether the SIM card in POS terminal is binding SIM card, if
Then POS terminal carries out radio communication based on the SIM card being currently installed in POS terminal.Ensure POS terminal by this method
Radio communication can only could be carried out by the SIM card bound with the POS terminal, and the POS is whole after switching to other SIM cards
The radio communication function at end will paralyse, so that it is guaranteed that the SIM card of binding is not tampered with, to reach the purpose of locking SIM card.
Referring to Fig. 5, Fig. 5 is a kind of anti-signal for cutting machine device for POS terminal that yet another embodiment of the invention provides
Figure.The anti-machine device 500 of cutting for POS terminal in the present embodiment as shown in Figure 5 can include:Processor 501, memory
502 and the computer program 503 that can be run in memory 502 and on processor 501 is stored in, such as signature verification file
Program.Processor 501 is realized when performing computer program 503 above-mentioned each cuts machine embodiment of the method for the anti-of POS terminal
In step.Such as the S101 shown in Fig. 1 to S105.Or realized during the execution computer program 503 of processor 501 above-mentioned each
The function of each unit in device embodiment, such as the unit 301 to 304 described in Fig. 3.
Exemplary, computer program 503 can be divided into one or more units, one or more of units
It is stored in the memory 502, and is performed by the processor 501, completes the present invention.One or more of units
Can be the series of computation machine programmed instruction section that can complete specific function, the instruction segment is used to describe the computer program
503 for POS terminal it is anti-cut machine device 500 in implementation procedure.For example, the computer program 503 can be divided
Into file obtaining unit, information acquisition unit, file verification unit, information comparison unit, wireless communication unit and communication disabling
Unit, each unit concrete function are as follows:
File obtaining unit is used to download the signature file from signature machine, and the signature file is stored in
In the flash memory of the POS terminal;Signing messages is included in the signature file, the signing messages is by the signature machine according to receipts
The private key of unit structure, the summary of the original document is encrypted to obtain.
Information acquisition unit is used for the identification code for obtaining the SIM card being currently installed in POS terminal;
File verification unit is used for the public key according to the acquirer being pre-stored within the POS terminal, signature verification
Whether file is correct;The signature file includes original document, and the original document includes the binding of the POS terminal
The identification code of SIM card;
Wherein, file verification unit includes public key decryptions unit, summary acquiring unit and summary comparison unit.
Public key decryptions unit is used for the public key according to the acquirer, and the signing messages in the signature file is carried out
Decryption, to obtain the Summary file of signing messages;
Acquiring unit of making a summary is used for the Summary file that original document is obtained according to the original document;
Comparison unit of making a summary is used for the Summary file content by the Summary file of the signing messages and the original document
Contrasted, if the content of the Summary file of the signing messages is identical with the content of the Summary file of the original document,
Judge that the signature file is correct.
Information comparison unit is used for according to check results, if the signature file is correct, is currently installed on described in POS
The identification code of SIM card in terminal and the identification code of the binding SIM card are contrasted;
If wireless communication unit is used for the identification code for being currently installed on the SIM card in POS terminal and the binding SIM
The identification code of card is identical, then the SIM card being currently installed on described in judgement in POS terminal is the binding SIM card, and the POS is whole
End group carries out radio communication in the SIM card being currently installed in POS terminal;
If the forbidden cell that communicates is used for the identification code for being currently installed on the SIM card in POS terminal and the binding SIM
The identification code of card differs, then the SIM card being currently installed on described in judgement in POS terminal is not the binding SIM card, then disables
The radio communication function of the POS terminal.
The anti-machine device of cutting for POS terminal can have the anti-terminal for cutting machine function, such as POS, herein
It is not limited.The anti-machine device of cutting for POS terminal may include, but be not limited only to, processor 501, memory 502.This
Art personnel are appreciated that Fig. 5 is only used for the anti-example for cutting machine device 500 of POS terminal, do not form to for
The anti-restriction for cutting machine device 500 of POS terminal, it can include than illustrating more or less parts, or some parts of combination,
Or different parts, such as it is described obtain original document device can also include input-output equipment, network access equipment,
Bus etc..
Alleged processor 501 can be CPU (Central Processing Unit, CPU), can also be
Other general processors, digital signal processor (Digital Signal Processor, DSP), application specific integrated circuit
(Application Specific Integrated Circuit, ASIC), ready-made programmable gate array (Field-
Programmable Gate Array, FPGA) either other PLDs, discrete gate or transistor logic,
Discrete hardware components etc..General processor can be microprocessor or the processor can also be any conventional processor
Deng.
The memory 502 can be the anti-internal storage unit for cutting machine device 500 for POS terminal, such as
The anti-hard disk or internal memory for cutting machine device 500 for POS terminal.The memory 502 can also described be used for POS terminal
The anti-External memory equipment for cutting machine device 500, such as described cut the plug-in type being equipped with machine device 500 for the anti-of POS terminal
Hard disk, intelligent memory card (Smart Media Card, SMC), secure digital (Secure Digital, SD) card, flash card
(Flash Card) etc..Further, the memory 502 both can also cut machine device including described for the anti-of POS terminal
500 internal storage unit also includes External memory equipment.The memory 502 is used to store the computer program and institute
State other programs and data needed for the device of regulation closing working environment.The memory 502 can be also used for temporarily depositing
Store up the data that has exported or will export.
It is apparent to those skilled in the art that for convenience of description and succinctly, only with above-mentioned each work(
Can unit, module division progress for example, in practical application, can be as needed and by above-mentioned function distribution by different
Functional unit, module are completed, i.e., the internal structure of described device are divided into different functional units or module, more than completion
The all or part of function of description.Each functional unit, module in embodiment can be integrated in a processing unit, also may be used
To be that unit is individually physically present, can also two or more units it is integrated in a unit, it is above-mentioned integrated
Unit can both be realized in the form of hardware, can also be realized in the form of SFU software functional unit.In addition, each function list
Member, the specific name of module are not limited to the protection domain of the application also only to facilitate mutually distinguish.Said apparatus
The specific work process of middle unit, module, the corresponding process in preceding method embodiment is may be referred to, will not be repeated here.
In the above-described embodiments, the description to each embodiment all emphasizes particularly on different fields, and is not described in detail or remembers in some embodiment
The part of load, it may refer to the associated description of other embodiments.
Those of ordinary skill in the art are it is to be appreciated that the list of each example described with reference to the embodiments described herein
Member and algorithm steps, it can be realized with the combination of electronic hardware or computer software and electronic hardware.These functions are actually
Performed with hardware or software mode, application-specific and design constraint depending on technical scheme.Professional and technical personnel
Described function can be realized using distinct methods to each specific application, but this realization is it is not considered that exceed
The scope of the present invention.
In embodiment provided by the present invention, it should be understood that disclosed device/terminal device and method, can be with
Realize by another way.For example, device described above/terminal device embodiment is only schematical, for example, institute
The division of module or unit is stated, only a kind of division of logic function, there can be other dividing mode when actually realizing, such as
Multiple units or component can combine or be desirably integrated into another device, or some features can be ignored, or not perform.Separately
A bit, shown or discussed mutual coupling or direct-coupling or communication connection can be by some interfaces, device
Or INDIRECT COUPLING or the communication connection of unit, can be electrical, mechanical or other forms.
The unit illustrated as separating component can be or may not be physically separate, show as unit
The part shown can be or may not be physical location, you can with positioned at a place, or can also be distributed to multiple
On NE.Some or all of unit therein can be selected to realize the mesh of this embodiment scheme according to the actual needs
's.
In addition, each functional unit in each embodiment of the present invention can be integrated in a processing unit, can also
That unit is individually physically present, can also two or more units it is integrated in a unit.Above-mentioned integrated list
Member can both be realized in the form of hardware, can also be realized in the form of SFU software functional unit.
If the integrated module/unit realized in the form of SFU software functional unit and as independent production marketing or
In use, it can be stored in a computer read/write memory medium.Based on such understanding, the present invention realizes above-mentioned implementation
All or part of flow in example method, by computer program the hardware of correlation can also be instructed to complete, described meter
Calculation machine program can be stored in a computer-readable recording medium, and the computer program can be achieved when being executed by processor
The step of stating each embodiment of the method..Wherein, the computer program includes computer program code, the computer program
Code can be source code form, object identification code form, executable file or some intermediate forms etc..Computer-readable Jie
Matter can include:Can carry any entity or device of the computer program code, recording medium, USB flash disk, mobile hard disk,
Magnetic disc, CD, computer storage, read-only storage (ROM, Read-Only Memory), random access memory (RAM,
Random Access Memory), electric carrier signal, telecommunication signal and software distribution medium etc..It is it should be noted that described
The content that computer-readable medium includes can carry out appropriate increasing according to legislation in jurisdiction and the requirement of patent practice
Subtract, such as in some jurisdictions, electric carrier signal and electricity are not included according to legislation and patent practice, computer-readable medium
Believe signal.
Embodiment described above is merely illustrative of the technical solution of the present invention, rather than its limitations;Although with reference to foregoing reality
Example is applied the present invention is described in detail, it will be understood by those within the art that:It still can be to foregoing each
Technical scheme described in embodiment is modified, or carries out equivalent substitution to which part technical characteristic;And these are changed
Or replace, the essence of appropriate technical solution is departed from the spirit and scope of various embodiments of the present invention technical scheme, all should
Within protection scope of the present invention.
It should be understood that the size of the sequence number of each step is not meant to the priority of execution sequence, each process in above-described embodiment
Execution sequence should determine that the implementation process without tackling the embodiment of the present invention forms any limit with its function and internal logic
It is fixed.
Claims (10)
1. a kind of cut machine method for the anti-of POS terminal, it is characterised in that including:
Obtain the identification code for the SIM card being currently installed in POS terminal;
According to the public key for the acquirer being pre-stored within the POS terminal, whether signature verification file is correct;The signature
File includes original document, and the original document includes the identification code of the binding SIM card of the POS terminal;
According to check results, if the signature file is correct, by the identification for being currently installed on the SIM card in POS terminal
The identification code of code and the binding SIM card is contrasted;
If the identification code for being currently installed on the SIM card in POS terminal is identical with the identification code of the binding SIM card, sentence
The SIM card that is currently installed in POS terminal be the binding SIM card, the POS terminal be based on described in be currently installed in
SIM card in POS terminal carries out radio communication;
If the identification code for being currently installed on the SIM card in POS terminal and the identification code of the binding SIM card differ,
It is not the binding SIM card that the SIM card in POS terminal is currently installed on described in judgement, then disables the channel radio of the POS terminal
Telecommunication function.
2. cut machine method for the anti-of POS terminal as claimed in claim 1, it is characterised in that be currently installed in the acquisition
Before the identification code of SIM card in POS terminal, in addition to:
The signature file is downloaded from signature machine, and the signature file is stored in the flash memory of the POS terminal;It is described
Signing messages, private key of the signing messages by the signature machine according to acquirer, to described initial are included in signature file
The summary of file is encrypted to obtain.
3. cut machine method for the anti-of POS terminal as claimed in claim 1, it is characterised in that be currently installed in the acquisition
Before the identification code of SIM card in POS terminal, in addition to:
Detect whether the signature file is stored in the flash memory of the POS terminal;
If detecting, the signature file is stored in the flash memory of the POS terminal, and acquisition is currently installed in POS terminal
The identification code of SIM card;
If being not detected by the signature file to be stored in the flash memory of the POS terminal, the channel radio of the POS terminal is disabled
Telecommunication function.
4. cut machine method for the anti-of POS terminal as claimed in claim 2, it is characterised in that the basis is pre-stored within
The public key of acquirer in the POS terminal, whether signature verification file is correct, including:
According to the public key of the acquirer, the signing messages in the signature file is decrypted, to obtain signing messages
Summary file;
The Summary file of original document is obtained according to the original document;
The Summary file content of the Summary file of the signing messages and the original document is contrasted, if the A.L.S.
The content of the Summary file of breath is identical with the content of the Summary file of the original document, then judges that the signature file is correct.
5. cut machine method for the anti-of POS terminal as claimed in claim 1, it is characterised in that also include:
If the identification code for being currently installed on the SIM card in POS terminal and the identification code of the binding SIM card differ,
The identification code that the SIM card in POS terminal is currently installed on by described adds the blacklist of the POS terminal, and by the black name
It is single to write in the original document;
After the identification code for the SIM card being currently installed in POS terminal is obtained, it is currently installed on described in detection in POS terminal
SIM card identification code whether in the blacklist;
If the identification code for being currently installed on the SIM card in POS terminal disables the POS terminal in the blacklist
Radio communication function.
6. a kind of cut machine device for the anti-of POS terminal, it is characterised in that including:
Information acquisition unit, for obtaining the identification code for the SIM card being currently installed in POS terminal;
File verification unit, for the public key according to the acquirer being pre-stored within the POS terminal, signature verification file
It is whether correct;The signature file includes original document, and the original document includes the binding SIM card of the POS terminal
Identification code;
Information comparison unit, for according to check results, if the signature file is correct, being currently installed on described in POS ends
The identification code of SIM card in end and the identification code of the binding SIM card are contrasted;
Wireless communication unit, if for the identification code for being currently installed on the SIM card in POS terminal and the binding SIM card
Identification code it is identical, then judge described in the SIM card that is currently installed in POS terminal be the binding SIM card, the POS terminal
Radio communication is carried out based on the SIM card being currently installed in POS terminal;
Communicate forbidden cell, if for the identification code for being currently installed on the SIM card in POS terminal and the binding SIM card
Identification code differ, then judge described in the SIM card that is currently installed in POS terminal be not the binding SIM card, then disable institute
State the radio communication function of POS terminal.
7. cut machine device for the anti-of POS terminal as claimed in claim 6, it is characterised in that also include:
File obtaining unit, the POS is stored in for downloading the signature file from signature machine, and by the signature file
In the flash memory of terminal;Signing messages is included in the signature file, the signing messages is by the signature machine according to acquirer
Private key, the summary of the original document is encrypted to obtain.
8. cut machine device for the anti-of POS terminal as claimed in claim 6, it is characterised in that the file verification unit bag
Include:
Public key decryptions unit, for the public key according to the acquirer, the signing messages in the signature file is solved
It is close, to obtain the Summary file of signing messages;
Summary acquiring unit, for obtaining the Summary file of original document according to the original document;
Summary comparison unit, for the Summary file content of the Summary file of the signing messages and the original document to be carried out
Contrast, if the content of the Summary file of the signing messages is identical with the content of the Summary file of the original document, judges
The signature file is correct.
9. a kind of cut machine device for the anti-of POS terminal, including memory, processor and it is stored in the memory and can
The computer program run on the processor, it is characterised in that realized described in the computing device during computer program
Such as the step of any one of claim 1 to 5 methods described.
10. a kind of computer-readable recording medium, the computer-readable recording medium storage has computer program, and its feature exists
In when the computer program is executed by processor the step of realization such as any one of claim 1 to 5 methods described.
Priority Applications (1)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
CN201710819104.9A CN107798520A (en) | 2017-09-12 | 2017-09-12 | It is a kind of to cut machine method and apparatus for the anti-of POS terminal |
Applications Claiming Priority (1)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
CN201710819104.9A CN107798520A (en) | 2017-09-12 | 2017-09-12 | It is a kind of to cut machine method and apparatus for the anti-of POS terminal |
Publications (1)
Publication Number | Publication Date |
---|---|
CN107798520A true CN107798520A (en) | 2018-03-13 |
Family
ID=61531764
Family Applications (1)
Application Number | Title | Priority Date | Filing Date |
---|---|---|---|
CN201710819104.9A Pending CN107798520A (en) | 2017-09-12 | 2017-09-12 | It is a kind of to cut machine method and apparatus for the anti-of POS terminal |
Country Status (1)
Country | Link |
---|---|
CN (1) | CN107798520A (en) |
Cited By (2)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN108665651A (en) * | 2018-04-09 | 2018-10-16 | 厦门夏新移动通讯有限公司 | A kind of safe and intelligent tamper unloading system and payment devices applied to payment devices |
CN109326061A (en) * | 2018-09-10 | 2019-02-12 | 惠尔丰电子(北京)有限公司 | The anti-of intelligent POS cuts machine method |
Citations (2)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN101583124A (en) * | 2009-06-10 | 2009-11-18 | 大唐微电子技术有限公司 | Authentication method and system of subscriber identity module and terminal |
US20110202465A1 (en) * | 2002-11-24 | 2011-08-18 | Ashraf Mashhour | System and method for facilitating point of sale transactions with minimal transfer of sensitive data |
-
2017
- 2017-09-12 CN CN201710819104.9A patent/CN107798520A/en active Pending
Patent Citations (2)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
US20110202465A1 (en) * | 2002-11-24 | 2011-08-18 | Ashraf Mashhour | System and method for facilitating point of sale transactions with minimal transfer of sensitive data |
CN101583124A (en) * | 2009-06-10 | 2009-11-18 | 大唐微电子技术有限公司 | Authentication method and system of subscriber identity module and terminal |
Cited By (3)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN108665651A (en) * | 2018-04-09 | 2018-10-16 | 厦门夏新移动通讯有限公司 | A kind of safe and intelligent tamper unloading system and payment devices applied to payment devices |
CN108665651B (en) * | 2018-04-09 | 2021-02-02 | 厦门夏新移动通讯有限公司 | Safe and intelligent anti-disassembly system applied to payment equipment and payment equipment |
CN109326061A (en) * | 2018-09-10 | 2019-02-12 | 惠尔丰电子(北京)有限公司 | The anti-of intelligent POS cuts machine method |
Similar Documents
Publication | Publication Date | Title |
---|---|---|
CN101018125B (en) | Radio terminal security network and card locking method based on the ellipse curve public key cipher | |
CN109559122A (en) | Block chain data transmission method and block chain data transmission system | |
CN107678763A (en) | Electric energy meter upgrade method and system based on digital signature technology | |
CN107395368A (en) | Without the digital signature method in media environment and solution encapsulating method and decryption method | |
CN108551392A (en) | A kind of Proxy Signature generation method and system based on SM9 digital signature | |
CN102694780A (en) | Digital signature authentication method, payment method containing the same and payment system | |
CN100401309C (en) | Tax controlling equipment software edition intelligent upgrade encryption identification method | |
CN106789075B (en) | POS digital signature anti-cutting system | |
CN112907375B (en) | Data processing method, device, computer equipment and storage medium | |
CN107994995A (en) | A kind of method of commerce, system and the terminal device of lower security medium | |
CN107612680A (en) | A kind of national secret algorithm in mobile network's payment | |
CN115001775B (en) | Data processing method, device, electronic equipment and computer readable storage medium | |
CN1316405C (en) | Method for obtaining digital siguature and realizing data safety | |
CN112217795A (en) | Method and device for managing communication safety of intelligent electric meter | |
CN107566360A (en) | A kind of generation method of data authentication code | |
CN107249002B (en) | Method, system and device for improving safety of intelligent electric energy meter | |
Zhou et al. | Implementation of cryptographic algorithm in dynamic QR code payment system and its performance | |
CN113312608A (en) | Electric power metering terminal identity authentication method and system based on timestamp | |
CN101673250B (en) | Method and device for protecting codes or data in mobile phone memory | |
CN107798520A (en) | It is a kind of to cut machine method and apparatus for the anti-of POS terminal | |
EP3304801B1 (en) | System and method for protecting a cryptographic device against fault attacks while performing cryptographic non-linear operations using linear error correcting codes | |
CN107104788A (en) | The ciphering signature method and apparatus of terminal and its non-repudiation | |
KR101110777B1 (en) | Method and terminal of preventing parameter from forging/alternating | |
CN113329014A (en) | Information transmission device based on electric power thing networking encryption communication authentication | |
CN107527084A (en) | Electronic card processing method and processing device |
Legal Events
Date | Code | Title | Description |
---|---|---|---|
PB01 | Publication | ||
PB01 | Publication | ||
SE01 | Entry into force of request for substantive examination | ||
SE01 | Entry into force of request for substantive examination | ||
RJ01 | Rejection of invention patent application after publication | ||
RJ01 | Rejection of invention patent application after publication |
Application publication date: 20180313 |