CN108229202A - A kind of automatic full inspection method and device of smart card, computer installation, storage medium - Google Patents

A kind of automatic full inspection method and device of smart card, computer installation, storage medium Download PDF

Info

Publication number
CN108229202A
CN108229202A CN201711480014.8A CN201711480014A CN108229202A CN 108229202 A CN108229202 A CN 108229202A CN 201711480014 A CN201711480014 A CN 201711480014A CN 108229202 A CN108229202 A CN 108229202A
Authority
CN
China
Prior art keywords
smart card
data
full inspection
internal data
automatic full
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Pending
Application number
CN201711480014.8A
Other languages
Chinese (zh)
Inventor
王莹
段晓燕
玉大宏
李明华
张海航
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
Jinbangda Co Ltd
Original Assignee
Jinbangda Co Ltd
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Jinbangda Co Ltd filed Critical Jinbangda Co Ltd
Priority to CN201711480014.8A priority Critical patent/CN108229202A/en
Publication of CN108229202A publication Critical patent/CN108229202A/en
Pending legal-status Critical Current

Links

Classifications

    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/60Protecting data
    • G06F21/62Protecting access to data via a platform, e.g. using keys or access control rules
    • G06F21/6218Protecting access to data via a platform, e.g. using keys or access control rules to a system of files or objects, e.g. local or distributed file system or database
    • G06F21/6245Protecting personal data, e.g. for financial or medical purposes
    • GPHYSICS
    • G01MEASURING; TESTING
    • G01RMEASURING ELECTRIC VARIABLES; MEASURING MAGNETIC VARIABLES
    • G01R31/00Arrangements for testing electric properties; Arrangements for locating electric faults; Arrangements for electrical testing characterised by what is being tested not provided for elsewhere
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F11/00Error detection; Error correction; Monitoring
    • G06F11/07Responding to the occurrence of a fault, e.g. fault tolerance
    • G06F11/0703Error or fault processing not based on redundancy, i.e. by taking additional measures to deal with the error or fault not making use of redundancy in operation, in hardware, or in data representation

Abstract

The present invention provides a kind of automatic full inspection method and device of smart card, computer installation, storage medium, and this method includes:The individualized initial data of write-in smart card is obtained, individualized initial data is verified;The whether normal power-on and power-off of smart card are judged, if so, reading the internal data of smart card, internal data is verified according to individualized initial data and carrying out static data certification and Dynamic Data Authentication to internal data;Obtain testing result.The device provides execution module for this method.The computer installation of the present invention has processor, and processor can realize the automatic full inspection method of above-mentioned smart card when performing program.Storage medium is stored with computer program, to realize the automatic full inspection method of above-mentioned smart card.Smart card detection efficiency can be improved using the present invention, improves smart card detection quality.

Description

A kind of automatic full inspection method and device of smart card, computer installation, storage medium
Technical field
The present invention relates to smart card detection technical field, specifically, being related to a kind of method of the automatic full inspection of smart card, also relate to And the automatic full inspection device of smart card of application this method.A kind of computer installation for being used to implement the above method is further related to, is also related to And it can realize the storage medium of the above method.
Background technology
With the continuous development of smart card industry, the various smart chip cards such as social security card, bank card, identity card are both needed to will be a Peopleization.When personal information is written in smart card, write-in need to be encrypted by being related to the data of key.General hair fastener technological process is such as Under:1st, the data of the clients such as bank or social security office are subjected to data processing and import hair fastener board, completed automation and distribute one by one; 2nd, personal data is written in intelligent card corresponding using individualized program for hair fastener board;3rd, it is (such as dent to complete card face technique Type beats information such as UG, photoetching, photograph print etc.);4th, artificial first inspection is carried out, head inspections carry out batch hair fastener work after passing through;5、 Sampling observation verification is carried out to mass card;6th, shipment after verification is qualified.
It is for the common scheme of inspection at present:It is manually inspected by random samples according to GB2828 international standard AQL sampling standards.It takes out The also only general general verification of the program of the certificate of inspection, the versatility for detecting program is stronger, for example, carrying out school to some TAG values Dynamic Data Authentication (DDA, Dynamic Data Authentication) etc. is tested and carries out, condition does not allow careful to every The comparison of a TAG value.
Moreover, during if it turn out there is abnormal card, all intelligent hair fasteners operations can all suspend, and be looked for so as to be detected It goes wrong.It can shipment after all cards to be tested qualification.The problem is that, under the mode of manual intervention, send out in this way Card efficiency can reduce, meeting delay in delivery, the shipment requirement of client be not achieved, and cost of labor is higher, error rate is also higher.
Invention content
The first object of the present invention is to provide a kind of raising smart card detection efficiency, improves the intelligence of smart card detection quality Block automatic full inspection method.
The second object of the present invention is to provide a kind of raising smart card detection efficiency, improves the intelligence of smart card detection quality Block automatic full inspection device.
The third object of the present invention is to provide a kind of raising smart card detection efficiency, improves the calculating of smart card detection quality Machine device.
The fourth object of the present invention is to provide a kind of raising smart card detection efficiency, improves the storage of smart card detection quality Medium.
In order to realize above-mentioned first purpose, the automatic full inspection method of smart card provided by the invention includes:Acquisition is written to intelligence The individualized initial data that can block verifies individualized initial data;Judge the whether normal power-on and power-off of smart card, if so, The internal data of smart card is read, internal data is verified according to individualized initial data and internal data is carried out static Data authentication and Dynamic Data Authentication;Obtain testing result.
By said program as it can be seen that the automatic full inspection method of smart card of the present invention by detecting automatically, to completing hair fastener operation Smart card carry out full inspection operation, avoid human intervention, improve detection efficiency.Individualized initial data is verified, it can be with Avoid so as not to customer data change after check card successfully caused by function sexual abnormality.It is right when being detected to internal data Internal data carries out static data certification and Dynamic Data Authentication, improves detection quality.
In further embodiment, the whether normal power-on and power-off of smart card are judged, including:Reset signal is sent to smart card, is obtained Take the answer ATR signal of smart card and response ATS signals;Judge whether answer ATR signal and response ATS signals are normal, if so, Then confirm the normal power-on and power-off of smart card.
It can be seen that it is beaten since smart card will appear the non-antenna that connects after the surface treatments such as the dent type of high temperature are completed Disconnected situation, in addition, will appear smart card operating system after smart card personalization(COS)The problem of abnormal, leads to smart card not The normal power-on and power-off of energy, therefore, when being detected operation, when the answer ATR signal and response ATS signals that get are normal Afterwards, smart card can just carry out normal reading and writing data.
In further embodiment, static data certification and Dynamic Data Authentication are carried out to internal data, including:It is close using state Algorithm and International Algorithmic carry out static data certification and Dynamic Data Authentication to internal data respectively.
It can be seen that when being individualized to smart card, while using national secret algorithm and International Algorithmic to individualized number According to being encrypted, the safety of personal data is ensured, therefore, when detecting using national secret algorithm and International Algorithmic respectively to inside Data carry out static data certification and Dynamic Data Authentication, identify whether smart card is the puppet generated by replicate data Card.
In further embodiment, after carrying out static data certification and Dynamic Data Authentication to internal data, smart card is automatic Full inspection method further includes:The carry out KMU verifications of smart card and safe condition are detected.
It can be seen that being detected to the carry out KMU verifications of smart card and safe condition, it is further ensured that the safety of smart card.
In order to realize above-mentioned second purpose, the automatic full inspection device of smart card provided by the invention includes:Raw data calibration Module for obtaining the individualized initial data of write-in smart card, verifies individualized initial data;Internal data certification Module, for judging the whether normal power-on and power-off of smart card, if so, the internal data of smart card is read, according to individualized original number According to being verified to internal data and carry out static data certification and Dynamic Data Authentication to internal data;Testing result generates mould Block, for obtaining testing result.
By said program as it can be seen that the automatic full inspection device of smart card of the present invention by detecting automatically, to completing hair fastener operation Smart card carry out full inspection operation, avoid human intervention, improve detection efficiency.Individualized initial data is verified, it can be with Avoid so as not to customer data change after check card successfully caused by function sexual abnormality.It is right when being detected to internal data Internal data carries out static data certification and Dynamic Data Authentication, improves detection quality.
In order to realize above-mentioned third purpose, computer installation provided by the invention includes processor, which is used for Each step of the automatic full inspection method of above-mentioned smart card is realized when performing the computer program stored in memory.
In order to realize above-mentioned 4th purpose, storage medium provided by the invention is stored thereon with computer program, and calculates Machine program realizes each step of the automatic full inspection method of above-mentioned smart card when being executed by processor.
Description of the drawings
Fig. 1 is the flow chart of the automatic full inspection embodiment of the method for smart card of the present invention.
Fig. 2 is the structure diagram of the automatic full inspection device embodiment of smart card of the present invention.
The invention will be further described with reference to the accompanying drawings and embodiments.
Specific embodiment
The automatic full inspection method of smart card of the present invention is applied to carry out on the hair fastener intelligent terminal of hair fastener operation, Preferably, hair fastener intelligent terminal can carry out personal data write-in, and card face technique can be carried out to smart card to smart card Operation, for example, the technological operations such as dent type, photoetching or photograph print to smart card.The automatic full inspection dress of smart card of the present invention It puts and is applied to carry out on the hair fastener intelligent terminal of hair fastener operation, and be used to implement the automatic full inspection of above-mentioned smart card Method.Also, the present invention also provides a kind of computer installation, which includes processor, and processor can perform The instruction of application program, so as to fulfill each step of the automatic full inspection method of above-mentioned smart card.The storage of the offer of the present invention is situated between Computer program is stored in matter, and when computer program is executed by processor realizes the automatic full inspection method of above-mentioned smart card Each step.
For hair fastener intelligent terminal when carrying out hair fastener operation, key step is as follows:By corresponding individualized initial data Card base is written one by one, mainly individualized initial data is written in smart card in this process.Since the COS of card base is different, It is different from that the individualized dependent instruction of smart card, which individualizes sequence and write-in content, so needed before individualized to smart card Relevant information judged, in order to avoid card base replace or it is artificial take card base by mistake caused by hair fastener it is abnormal.It is individualized common double The individualized general flow of interface smart card includes example and deletes, is the installing of example, individualized PSE, individualized PPSE, individualized PBOC, individualized sector application, modification KMU, modification state card cycle etc..Every instruction returns to conditional code in whole process Must be correct return code, if the extremely necessary ejecting card base of return code, redistributes neocaine base and complete this data Individualized, mistake caused by needing to be confirmed whether it is data exception if individualizing and still reporting an error needs if for data problem Confirm exception information with client.After the completion of individualized, raising word is completed in the card base corresponding position of smart card, photoetching, plays color picture Wait faces technological operation.
The automatic full inspection embodiment of the method for smart card:
The automatic full inspection method of smart card of the present invention is used to complete to carry out personal data write-in to smart card and complete to intelligence It can block and carry out the detection carried out after the technological operation of card face operation.
As shown in Figure 1, the automatic full inspection method of smart card of the present invention when carrying out full inspection operation, first, performs step S1, The individualized initial data for being written to smart card is obtained, individualized initial data is verified.In order to ensure smart card is written In personal data accuracy, individualized initial data is analyzed and is judged first, check data it is whether abnormal or Person changes, in order to avoid caused intelligent card function sexual abnormality after the personal data change of client.To individualized initial data into When row is analyzed and judged, it can determine whether data wrong data or missing data etc. occur, if whether can be caused after writing card success Smart card exception etc..
After being verified to individualized initial data, step S2 is performed, judges the whether normal power-on and power-off of smart card.Due to intelligence It can be stuck in and complete to will appear the non-situation for connecing antenna and being interrupted after the surface treatments such as the dent type of high temperature, in addition, smart card It will appear smart card operating system after peopleization(COS)The problem of abnormal, cause smart card cannot normal power-on and power-off, therefore, it is necessary to Confirm smart card can normal power-on and power-off, can just carry out normal reading and writing data.
In the present embodiment, examined smart card is double-interface smart card, i.e., has both contact and non-contact Liang Zhong circle simultaneously The multifunction card of face communication.Therefore, judge smart card whether normal power-on and power-off the step of include:It is sent to smart card and resets letter Number, obtain the answer ATR of smart card( Answer To Reset)Signal and response ATS (Answer To Select) signal; Judge whether answer ATR signal and response ATS signals are normal, if so, confirming the normal power-on and power-off of smart card.When judgement is got Answer ATR signal and response ATS signals it is normal after, smart card can just carry out normal reading and writing data.In addition, reading To after the ATS signals of smart card, it is also necessary to when the ATS signals that this reads are carried out personal data write-in with the smart card Read ATS signals are compared, and when the ATS signals that twi-read arrives are consistent, it is normal card base just to think the smart card.
If judging the normal power-on and power-off of smart card, step S3 is performed, reads the internal data of smart card, according to individualized original Beginning data verify internal data and carry out static data certification and Dynamic Data Authentication to internal data.Personal data It is written in smart card with DGI (mark data packets accord with, Data Grouping Identifier) pattern, is reading smart card During internal data, GPO is sent to smart card by contact or non-contacting mode(Get Processing Options are obtained Treatment Options)The DGI data in write-in smart card are read out in instruction.Utilize the DGI data read out and individualized original number According to being compared one by one, confirm whether corresponding data are consistent in the two.For example, in Confirm Bank's card number information, DGI is judged In the TAG data obtained after data deciphering bank's card number of the two magnetic equivalent datas of TAG57 and TAG5A whether with it is individualized original Bank's card number in data is consistent.When comparing, corresponding TLV (Type Length Value Data, Type- in TAG data are read Length-Value Value data) are compared.Client provides individualized initial data and is generally both of which:DGI patterns With TLV patterns.If individualized initial data is TLV forms, need to split into after the DGI digital independents in smart card are come out Then, the TLV formatted datas data corresponding with individualized initial data that fractionation obtains are compared for TLV forms.If When individualized initial data is DGI patterns, then only need to read out to the DGI data in individualized initial data and from smart card The DGI data come compare.
After verifying internal data according to individualized initial data, also need to carry out static data certification to internal data And Dynamic Data Authentication.In the present embodiment, when being individualized to smart card, while national secret algorithm and International Algorithmic pair are utilized Personal data is encrypted, and ensures the safety of personal data, therefore, static data certification and dynamic is carried out to internal data The step of data authentication, includes:Static data certification and dynamic are carried out to internal data respectively using national secret algorithm and International Algorithmic Data authentication.In the present embodiment, static data certification and Dynamic Data Authentication are carried out to internal data first with International Algorithmic, then Static data certification and Dynamic Data Authentication are carried out to internal data using national secret algorithm.Wherein, national secret algorithm may be used point Group cryptographic algorithm(SM1 algorithms)Deng DES may be used in International Algorithmic(Data Encryption Standard, data encryption Standard)Algorithm, AES(Advanced Encryption Standard, Advanced Encryption Standard)Algorithm etc..Using national secret algorithm and Whether International Algorithmic after the completion of internal data verification to also needing to send out GAC1 instruction testings smart card respectively can be with arm's length dealing, into one Step confirms that smart card can work normally.
Wherein, whether static data certification, the important static data for verifying in smart card are tampered after hair fastener.Hair Card intelligent terminal uses the static data in the credit card issuer public key verifications smart card in smart card, and credit card issuer public key is stored in In credit card issuer public key certificate in smart card.Static data, such as card number is written in smart card issuing row when hair fastener, in order to It is that credit card issuer write-in rather than other illegal mechanisms are written to prove these static datas, the credit card issuer hair of oneself Card row private key is signed, and is first carried out calculating an abstract mainly to these data certainly, is then signed, obtain to abstract Card is also written together to a digital signature, and this digital signature.Digital signature includes a significant data Hash knot Fruit is encrypted using credit card issuer private key signature.Hair fastener intelligent terminal is read individualized original when carrying out static data certification Static data and digital signature in data, digital signature is decrypted using credit card issuer public key, the cryptographic Hash that will be decrypted With static data in internal data caused by Hash values match, it was demonstrated that whether the static data of smart card is changed.
Dynamic Data Authentication, for verifying whether smart card is pseudo- card.Hair fastener intelligent terminal request card provide by The dynamic signature ciphertext of smart card private key encryption dynamic transaction data generation.Wherein, smart card private key is stored in the one of smart card In a safety zone, it can not be replicated.Hair fastener intelligent terminal uses the smart card public key recovered from smart card Dynamic signature ciphertext is decrypted.The data of recovery and individualized initial data are matched, verify this smart card whether from conjunction Replicate data in method smart card and the pseudo- card generated.
Using national secret algorithm and International Algorithmic to internal data verification after the completion of, perform step S4, the progress to smart card KMU is verified and safe condition detection.KMU is the DES master keys that only credit card issuer is just known, is generated for distributed key KENC, KDEK and KMAC for individualizing after hair fastener again.KENC, KDEK and KMAC are exclusive to every sheet smart card. For safety and meet requirements, the manufacture KMU of smart card must reach an agreement on client to be changed, and general value is one that client specifies The ciphertext value of the ciphertext value of the sub-key of 16 byte of item or the sub-key of three 16 bytes.It is right that hair fastener intelligent terminal passes through Ciphertext value is verified so as to which whether the KMU for judging card modification is correct.KMU is carried out to smart card and is verified as known technology, This is repeated no more.
The safe condition of smart card is detected after carrying out KMU verifications to smart card, ensures safe shape before card shipment State meets safe condition requirement.Safe condition refers to smart card in a kind of security level being presently in.Security attribute refers to pair Some file carries out the condition that must satisfy during certain operation, i.e., when carrying out respective operations, safe condition register has to Meet scheduled numerical value.Security attribute is the attribute that smart card is had been written into when building file system, and access limit numerical value is set Default value is set to, needs safe condition register being set to more than the default value if completing this operation, safe shape The numerical value of state register is changed by PIN password authentications or external certificate.Root applies mesh with each in smart card All there are one security attribute numerical value in record, the condition that should have when carrying out respective operations under this catalogue for expression operation, only Having could normally be operated when meeting safety condition.Therefore, when the safe condition to smart card is detected, in reading In portion's data each using directory security attribute value carry out safe condition judgement.
Judge that smart card cannot normally power-on and power-off or to the carry out KMU of smart card verification and safe shape when performing step S2 After state detection, then step S5 is performed, obtain testing result.Judge smart card cannot normal power-on and power-off when, can will detect As a result text information is generated, for example, generation " upper and lower electrical anomaly " relevant information, so that user checks, and in time for detection knot Fruit carries out pause hair fastener operation.After to the carry out KMU verifications of smart card and safe condition detection, by step S1 to step S4's Testing result is arranged, and is generated text information, is further operated so that user checks and is directed to testing result.Certainly, it obtains The step for obtaining testing result can also carry out in execution of step S1 to step S3.
The automatic full inspection device embodiment of smart card:
The automatic full inspection method of smart card of the present invention is used to complete to carry out personal data write-in to smart card and complete to intelligence It can block and carry out the detection carried out after the technological operation of card face operation, be used to implement the automatic full inspection method of above-mentioned smart card.
As shown in Fig. 2, the automatic full inspection device of smart card of the present invention includes raw data calibration module 1, internal data is recognized Demonstrate,prove module 2, modification confirms module 3 and testing result generation module 4.
Raw data calibration module 1 is written to the individualized initial data of smart card for obtaining, to individualizing original number According to being verified.In order to ensure the accuracy of the personal data in write-in smart card, raw data calibration module 1 first will be a Peopleization initial data is analyzed and is judged, checks whether data are abnormal or change, in order to avoid the personal data change of client Caused intelligent card function sexual abnormality afterwards.Raw data calibration module 1 when individualized initial data is analyzed and is judged, It can determine whether data wrong data or missing data etc. occur, if smart card whether can be caused abnormal after writing card success etc..
Internal data authentication module 2 is for judging the whether normal power-on and power-off of smart card, if so, reading the inside number of smart card According to being verified according to individualized initial data to internal data and carry out static data certification and dynamic data to internal data Certification.
Since smart card will appear the non-situation for connecing antenna and being interrupted after the surface treatments such as the dent type of high temperature are completed, In addition, it will appear smart card operating system after smart card personalization(COS)The problem of abnormal, causes smart card cannot normally up and down Electricity, therefore, internal data authentication module 2 need confirm smart card can normal power-on and power-off, can just carry out normal data reading It writes.
In the present embodiment, examined smart card is double-interface smart card, i.e., has both contact and non-contact Liang Zhong circle simultaneously The multifunction card of face communication.Therefore, internal data authentication module 2 judge smart card whether normal power-on and power-off the step of include:To Smart card sends reset signal, obtains the answer ATR of smart card( Answer To Reset)Signal and response ATS (Answer To Select) signal;Judge whether answer ATR signal and response ATS signals are normal, if so, confirming smart card normally up and down Electricity.After the answer ATR signal and response ATS signals that judge to get are normal, smart card can just carry out normal data Read-write.In addition, internal data authentication module 2 is after the ATS signals of smart card are read, it is also necessary to the ATS for reading this Read ATS signals are compared when signal carries out personal data write-in with the smart card, the ATS signals that twi-read arrives When consistent, it is normal card base just to think the smart card.
If internal data authentication module 2 judges the normal power-on and power-off of smart card, the internal data of smart card is read, according to a Peopleization initial data verifies internal data and carries out static data certification and Dynamic Data Authentication to internal data.It is personal Change data and be written in smart card with DGI (mark data packets accord with, Data Grouping Identifier) pattern, internal number According to authentication module 2 when reading smartcard internal data, GPO is sent to smart card by contact or non-contacting mode(Get Processing Options obtain Treatment Options)The DGI data in write-in smart card are read out in instruction.Internal data certification Compared with module 2 is carried out one by one using the DGI data read out with individualized initial data, confirm that corresponding data are in the two It is no consistent.For example, in Confirm Bank's card number information, internal data authentication module 2 judges the TAG obtained after DGI data decipherings In data bank's card number of the two magnetic equivalent datas of TAG57 and TAG5A whether with bank's card number one in individualized initial data It causes.When comparing, internal data authentication module 2 reads corresponding TLV (Type Length Value Data, Type- in TAG data Length-Value Value data) are compared.Client provides individualized initial data and is generally both of which:DGI patterns With TLV patterns.If individualized initial data is TLV forms, internal data authentication module 2 need to be by the DGI numbers in smart card According to TLV forms are split into after reading out, then, the TLV formatted datas that fractionation is obtained are corresponding with individualized initial data Data be compared.If individualized initial data is DGI patterns, internal data authentication module 2 is only needed to individual The DGI data changed the DGI data in initial data and read out from smart card compare.
After internal data authentication module 2 verifies internal data according to individualized initial data, also need to internal number According to progress static data certification and Dynamic Data Authentication.In the present embodiment, internal data authentication module 2 is to smart card progress During peopleization, while personal data is encrypted using national secret algorithm and International Algorithmic, ensures the safety of personal data, because This, internal data authentication module 2 includes the step of internal data progress static data certification and Dynamic Data Authentication:Utilize state Close algorithm and International Algorithmic carry out static data certification and Dynamic Data Authentication to internal data respectively.It is internal in the present embodiment Data authentication module 2 carries out static data certification and Dynamic Data Authentication first with International Algorithmic to internal data, recycles state Close algorithm carries out static data certification and Dynamic Data Authentication to internal data.Wherein, block cipher may be used in national secret algorithm Algorithm(SM1 algorithms)Deng DES may be used in International Algorithmic(Data Encryption Standard, data encryption standards)It calculates Method, AES(Advanced Encryption Standard, Advanced Encryption Standard)Algorithm etc..Internal data authentication module 2 utilizes Whether national secret algorithm and International Algorithmic after the completion of internal data verification to also needing to send out GAC1 instruction testings smart card respectively can be just Often transaction, further confirms that smart card can work normally.
Wherein, whether static data certification, the important static data for verifying in smart card are tampered after hair fastener.It is interior Portion's data authentication module 2 is preserved using the static data in the credit card issuer public key verifications smart card in smart card, credit card issuer public key In credit card issuer public key certificate within a smart card.Static data, such as card number is written in smart card issuing row when hair fastener, is Prove that these static datas are credit card issuer write-in rather than other illegal mechanisms write-ins, credit card issuer with oneself Credit card issuer private key is signed, and is first carried out calculating an abstract mainly to these data certainly, then be signed to abstract, A digital signature is obtained, and card is also written in this digital signature together.Digital signature includes a significant data Hash As a result, it is encrypted using credit card issuer private key signature.Internal data authentication module 2 is read individualized when carrying out static data certification Static data and digital signature in initial data, digital signature is decrypted using credit card issuer public key, the Kazakhstan that will be decrypted Uncommon value and Hash values match caused by static data in internal data, it was demonstrated that whether the static data of smart card is changed.
Dynamic Data Authentication, for verifying whether smart card is pseudo- card.Internal data authentication module 2 ask card provide by The dynamic signature ciphertext of smart card private key encryption dynamic transaction data generation.Wherein, smart card private key is stored in the one of smart card In a safety zone, it can not be replicated.Hair fastener intelligent terminal uses the smart card public key recovered from smart card Dynamic signature ciphertext is decrypted.Internal data authentication module 2 matches the data of recovery and individualized initial data, verification This smart card whether from legal smart card replicate data and the pseudo- card that generates.
Modification confirms that module 3 is used to detect the carry out KMU verifications of smart card and safe condition.KMU is only credit card issuer The DES master keys just known generate KENC, KDEK and KMAC for individualizing again after hair fastener for distributed key. KENC, KDEK and KMAC are exclusive to every sheet smart card.For safety and meet requirements, the manufacture KMU of smart card It must reach an agreement on and change with client, general value is the ciphertext value or three 16 bytes of the sub-key of 16 bytes that client specifies Sub-key ciphertext value.Hair fastener intelligent terminal is by verifying ciphertext value so as to which the KMU for judging card modification is It is no correct.KMU is carried out to smart card and is verified as known technology, details are not described herein.
Modification confirms that module 3 is detected the safe condition of smart card after carrying out KMU verifications to smart card, ensures card Safe condition meets safe condition requirement before shipment.Safe condition refers to smart card in a kind of security level being presently in.Peace Attribute refers to carry out the condition that must satisfy during certain operation to some file entirely, i.e., the safe condition when carrying out respective operations Register has to meet scheduled numerical value.Security attribute is the attribute that smart card is had been written into when building file system, is read Write permission numerical value is set as default value, needs safe condition register being set to if completing this operation and be preset more than this Numerical value, the numerical value of safe condition register are changed by PIN password authentications or external certificate.Root and every in smart card All there are one security attribute numerical value in one application catalogue, should have when carrying out respective operations for representing operation under this catalogue Condition, could normally be operated when only meeting safety condition.Therefore, modification confirms module 3 in the peace to smart card When total state is detected, each read in internal data carries out sentencing for safe condition using directory security attribute value It is disconnected.
Testing result generation module 4 is used to obtain testing result.Judge smart card cannot normal power-on and power-off when, inspection Survey result-generation module 4 testing result can be arranged, generate text information, so as to user check and be directed to testing result into The operation of one step.
Computer installation embodiment:
The computer installation of the present invention can include the devices such as processor and memory, such as include central processing unit Microcontroller etc..Also, the processor of computer installation can perform the computer program stored in memory, when processor is held During row computer program, each step in the automatic full inspection method of above-mentioned smart card can be realized.
Storage medium embodiment:
The present invention storage medium can be by the read any type of storage medium of the processor of computer installation, including But nonvolatile memory, volatile memory, ferroelectric memory etc. are not limited to, meter is stored on computer readable storage medium Calculation machine program when the processor of computer installation is read and performs the computer program stored in memory, can be realized Each step in the automatic full inspection method of above-mentioned smart card.
It can be seen from the above, the present invention carries out full inspection operation by detecting automatically, to the smart card for completing hair fastener operation, avoid Human intervention improves detection efficiency.Individualized initial data is verified, it can be to avoid in order to avoid check card after customer data change Function sexual abnormality caused by success.When being detected to internal data, to internal data carry out static data certification and Dynamic Data Authentication improves detection quality.
It should be noted that these are only the preferred embodiment of the present invention, but the design concept invented is not limited thereto, All insubstantial modifications made using this design to the present invention, are also each fallen within protection scope of the present invention.

Claims (10)

  1. A kind of 1. automatic full inspection method of smart card, which is characterized in that including:
    The individualized initial data for being written to smart card is obtained, the individualized initial data is verified;
    The whether normal power-on and power-off of the smart card are judged, if so, the internal data of the smart card is read, according to described individualized Initial data verifies the internal data and carries out static data certification and Dynamic Data Authentication to the internal data;
    Obtain testing result.
  2. 2. the automatic full inspection method of smart card according to claim 1, which is characterized in that
    It is described to judge the whether normal power-on and power-off of the smart card, including:
    Reset signal is sent to the smart card, obtains the answer ATR signal of the smart card and response ATS signals;
    Judge whether the answer ATR signal and the response ATS signals are normal, if so, on confirming that the smart card is normal Lower electricity.
  3. 3. the automatic full inspection method of smart card according to claim 1 or 2, which is characterized in that
    It is described that static data certification and Dynamic Data Authentication are carried out to the internal data, including:
    The static data certification and the dynamic number are carried out to the internal data respectively using national secret algorithm and International Algorithmic According to certification.
  4. 4. the automatic full inspection method of smart card according to claim 1 or 2, which is characterized in that
    It is described static data certification and Dynamic Data Authentication are carried out to the internal data after, the method further includes:
    The carry out KMU verifications of the smart card and safe condition are detected.
  5. 5. a kind of automatic full inspection device of smart card, which is characterized in that including:
    Raw data calibration module, for obtaining the individualized initial data for being written to smart card, to the individualized original number According to being verified;
    Internal data authentication module, for judging the whether normal power-on and power-off of the smart card, if so, reading the interior of the smart card Portion's data verify the internal data according to the individualized initial data and carry out static number to the internal data According to certification and Dynamic Data Authentication;
    Testing result generation module, for obtaining testing result.
  6. 6. the automatic full inspection device of smart card according to claim 5, which is characterized in that
    The internal data authentication module judges the whether normal power-on and power-off of the smart card, including:
    Reset signal is sent to the smart card, obtains the answer ATR signal of the smart card and response ATS signals;
    Judge whether the answer ATR signal and the response ATS signals are normal, if so, on confirming that the smart card is normal Lower electricity.
  7. 7. the automatic full inspection device of smart card according to claim 5 or 6, which is characterized in that
    The internal data authentication module carries out static data certification and Dynamic Data Authentication to the internal data, including:
    The static data certification and the dynamic number are carried out to the internal data respectively using national secret algorithm and International Algorithmic According to certification.
  8. 8. the automatic full inspection device of smart card according to claim 5 or 6, which is characterized in that described device further includes:
    Modification confirms module, for the carry out KMU verifications of the smart card and safe condition detection.
  9. 9. a kind of computer installation, which is characterized in that the computer installation includes processor, and the processor is deposited for performing The automatic full inspection method of the smart card as described in any one in Claims 1-4 being realized during the computer program stored in reservoir Step.
  10. 10. a kind of storage medium, is stored thereon with computer program, which is characterized in that the computer program is held by processor The step of automatic full inspection method of the smart card as described in any one in Claims 1-4 is realized during row.
CN201711480014.8A 2017-12-29 2017-12-29 A kind of automatic full inspection method and device of smart card, computer installation, storage medium Pending CN108229202A (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
CN201711480014.8A CN108229202A (en) 2017-12-29 2017-12-29 A kind of automatic full inspection method and device of smart card, computer installation, storage medium

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
CN201711480014.8A CN108229202A (en) 2017-12-29 2017-12-29 A kind of automatic full inspection method and device of smart card, computer installation, storage medium

Publications (1)

Publication Number Publication Date
CN108229202A true CN108229202A (en) 2018-06-29

Family

ID=62647053

Family Applications (1)

Application Number Title Priority Date Filing Date
CN201711480014.8A Pending CN108229202A (en) 2017-12-29 2017-12-29 A kind of automatic full inspection method and device of smart card, computer installation, storage medium

Country Status (1)

Country Link
CN (1) CN108229202A (en)

Cited By (3)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN111027097A (en) * 2019-12-04 2020-04-17 楚天龙股份有限公司 Personalized data checking method, device and medium applied to IC card
CN111027082A (en) * 2019-12-04 2020-04-17 楚天龙股份有限公司 Extraction method, device and medium of personalized data applied to IC card
CN111046236A (en) * 2019-12-04 2020-04-21 楚天龙股份有限公司 Personalized data checking method, device and medium applied to IC card

Citations (5)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US6779112B1 (en) * 1999-11-05 2004-08-17 Microsoft Corporation Integrated circuit devices with steganographic authentication, and steganographic authentication methods
CN103294569A (en) * 2013-04-27 2013-09-11 深圳市雄帝科技股份有限公司 COS version check method and check device of intelligent card
CN103714295A (en) * 2013-12-27 2014-04-09 北京大唐智能卡技术有限公司 Financial integrated circuit card personalized data detecting method and system
CN103763103A (en) * 2013-12-31 2014-04-30 飞天诚信科技股份有限公司 Method for generating off-line authentication certifications through intelligent card
CN106326951A (en) * 2016-08-23 2017-01-11 广东岭南通股份有限公司 Contact smart card individualizing method and contact smart card individualizing device

Patent Citations (5)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US6779112B1 (en) * 1999-11-05 2004-08-17 Microsoft Corporation Integrated circuit devices with steganographic authentication, and steganographic authentication methods
CN103294569A (en) * 2013-04-27 2013-09-11 深圳市雄帝科技股份有限公司 COS version check method and check device of intelligent card
CN103714295A (en) * 2013-12-27 2014-04-09 北京大唐智能卡技术有限公司 Financial integrated circuit card personalized data detecting method and system
CN103763103A (en) * 2013-12-31 2014-04-30 飞天诚信科技股份有限公司 Method for generating off-line authentication certifications through intelligent card
CN106326951A (en) * 2016-08-23 2017-01-11 广东岭南通股份有限公司 Contact smart card individualizing method and contact smart card individualizing device

Cited By (4)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN111027097A (en) * 2019-12-04 2020-04-17 楚天龙股份有限公司 Personalized data checking method, device and medium applied to IC card
CN111027082A (en) * 2019-12-04 2020-04-17 楚天龙股份有限公司 Extraction method, device and medium of personalized data applied to IC card
CN111046236A (en) * 2019-12-04 2020-04-21 楚天龙股份有限公司 Personalized data checking method, device and medium applied to IC card
CN111027097B (en) * 2019-12-04 2023-11-28 楚天龙股份有限公司 Personalized data checking method, device and medium applied to IC card

Similar Documents

Publication Publication Date Title
JP5499358B2 (en) Authentication processing method and apparatus
CN103778374B (en) The method of trusted terminal, double-channel card, anti-clone's chip, chip finger print and anti-channel attack
CN110249586B (en) Method for securely storing sensitive data on a smart card and smart card
US20140241597A1 (en) Biometric authentication systems and methods
CN101136749B (en) Encryption key generation and restoration method and individual authentication system
TW589583B (en) Portable information memory medium and the authorization method
TW201528027A (en) Data encryption and smartcard storing encrypted data
JP6184751B2 (en) Data protection system and method
JP2001512873A (en) Data carrier authentication inspection method
CN108229202A (en) A kind of automatic full inspection method and device of smart card, computer installation, storage medium
CN103326864A (en) Electronic tag anti-fake authentication method
CN103473592A (en) Tag off-line distinguishing method and device based on CPK system
CN105917612A (en) Cryptographic watermarking of content in fuel dispensing environments
US10354055B2 (en) Portable electronic device and system
CN108241880A (en) A kind of real-time card sending system
CN109977688A (en) A kind of top secret data encryption system and method based on block chain
CN108418677B (en) Key backup and recovery method and device
CN105608775A (en) Authentication method, terminal, access control card and SAM card
Naji et al. Security improvement of credit card online purchasing system
US10503936B2 (en) Systems and methods for utilizing magnetic fingerprints obtained using magnetic stripe card readers to derive transaction tokens
CN105224851A (en) Tax inspection method based on USBKEY
JP2001195551A (en) Ic card reader and ic card system
JP2006293875A (en) Settlement system cooperating with biological authentication, and settlement terminal for ic card and ic card for use in the same
Argles et al. An improved approach to secure authentication and signing
EP4012593A1 (en) Neural network cryptography coprocessor providing countermeasture against side-channel analysis

Legal Events

Date Code Title Description
PB01 Publication
PB01 Publication
SE01 Entry into force of request for substantive examination
SE01 Entry into force of request for substantive examination
RJ01 Rejection of invention patent application after publication

Application publication date: 20180629

RJ01 Rejection of invention patent application after publication