CN110852756A - Data processing method and equipment - Google Patents
Data processing method and equipment Download PDFInfo
- Publication number
- CN110852756A CN110852756A CN201911139538.XA CN201911139538A CN110852756A CN 110852756 A CN110852756 A CN 110852756A CN 201911139538 A CN201911139538 A CN 201911139538A CN 110852756 A CN110852756 A CN 110852756A
- Authority
- CN
- China
- Prior art keywords
- card
- data
- information
- time
- processing
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Pending
Links
Images
Classifications
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06Q—INFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES, NOT OTHERWISE PROVIDED FOR
- G06Q20/00—Payment architectures, schemes or protocols
- G06Q20/38—Payment protocols; Details thereof
- G06Q20/40—Authorisation, e.g. identification of payer or payee, verification of customer or shop credentials; Review and approval of payers, e.g. check credit lines or negative lists
- G06Q20/401—Transaction verification
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06Q—INFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES, NOT OTHERWISE PROVIDED FOR
- G06Q20/00—Payment architectures, schemes or protocols
- G06Q20/30—Payment architectures, schemes or protocols characterised by the use of specific devices or networks
- G06Q20/34—Payment architectures, schemes or protocols characterised by the use of specific devices or networks using cards, e.g. integrated circuit [IC] cards or magnetic cards
- G06Q20/351—Virtual cards
Abstract
The embodiment of the invention provides a data processing method and equipment; the method comprises the following steps: sending a first card data request to the service equipment, and receiving target card data sent by the service equipment aiming at the first card data request; the target card data includes time validity period information and card base data; when a second card data request sent by the gate equipment is received, responding to the second card data request, sending card basic data to the gate equipment, and receiving a card processing request sent by the gate equipment for the card basic data; the card processing request comprises gate time information and card processing data; verifying the validity of the data processed by the card by using the gate time information and the time validity period information to obtain a first validity verification result; and when the first validity check result represents that the card processing data is valid, updating the card basic data according to the card processing data to obtain card data updating information. By the embodiment of the invention, the safety of data processing of the analog card can be improved.
Description
Technical Field
The present invention relates to a card simulation technique in the field of communications, and in particular, to a data processing method and apparatus.
Background
Near Field Communication (NFC) is a technology developed on the basis of contactless radio frequency identification; through NFC technology, can utilize terminal equipment to realize card simulation, and then realize applications such as mobile payment, electronic ticketing, entrance guard, mobile identification and anti-fake through simulating the card.
Generally, in an application of implementing data communication by using an analog card, a terminal device for starting a card analog function performs transaction processing on card data according to a consumption request by receiving the consumption request sent by a gate device, so as to implement data processing of the analog card. However, in the process of implementing the data processing of the analog card by the terminal device, there is a case where the historical consumption request is taken as the current consumption request by an illegal technique, and thus, there is a risk that the card data is reset by the historical consumption data; therefore, the security of data processing of the analog card is low.
Disclosure of Invention
The embodiment of the invention provides a data processing method and data processing equipment, which can improve the data processing safety of an analog card.
The technical scheme of the embodiment of the invention is realized as follows:
the embodiment of the invention provides a data processing method applied to analog card equipment, which comprises the following steps:
when a card simulation instruction is received, responding to the card simulation instruction, sending a first card data request to service equipment, and receiving target card data sent by the service equipment aiming at the first card data request; the target card data includes time validity period information and card base data;
when a second card data request sent by gate equipment is received, responding to the second card data request, sending the card basic data to the gate equipment, and receiving a card processing request sent by the gate equipment for the card basic data; the card processing request comprises gate time information and card processing data;
verifying the validity of the card processing data by using the gate time information and the time validity information to obtain a first validity verification result;
and when the first validity check result represents that the card processing data is valid, updating the card basic data according to the card processing data to obtain card data updating information.
The embodiment of the invention also provides a data processing method, which is applied to the service equipment and comprises the following steps:
receiving a first card data request sent by card simulation equipment; the first card data request is used for requesting target card data;
responding to the first card data request, and acquiring card basic data and time validity information;
combining the card basic data and the time validity information to obtain the target card data;
and sending the target card data to card simulation equipment so that the card simulation equipment performs validity check on the card processing request sent by the gate equipment according to the time validity period information to complete data processing of the card basic data.
An embodiment of the present invention provides an analog card device, including:
the card data acquisition module is used for responding to a card simulation instruction when receiving the card simulation instruction, sending a first card data request to a service device and receiving target card data sent by the service device aiming at the first card data request; the target card data includes time validity period information and card base data;
the processing data acquisition module is used for responding to a second card data request sent by a gate device when receiving the second card data request, sending the card basic data to the gate device and receiving a card processing request sent by the gate device for the card basic data; the card processing request comprises gate time information and card processing data;
the time checking module is used for checking the validity of the card processing data by utilizing the gate time information and the time validity information to obtain a first validity checking result;
and the data processing module is used for updating the card basic data according to the card processing data to obtain card data updating information when the first validity check result represents that the card processing data is valid.
An embodiment of the present invention provides a service apparatus, including:
the request receiving module is used for receiving a first card data request sent by the card simulation device; the first card data request is used for requesting target card data;
the request response module is used for responding to the first card data request and acquiring card basic data and time validity information;
the card data acquisition module is used for combining the card basic data and the time validity information to obtain the target card data;
and the card data sending module is used for sending the target card data to a card simulation device so that the card simulation device can carry out validity check on the card processing request sent by the gate device according to the time validity information to complete the data processing of the card basic data.
An embodiment of the present invention provides an analog card device, including:
a first memory for storing executable instructions;
the first processor is configured to implement the data processing method applied to the analog card device according to the embodiment of the present invention when the first processor executes the executable instructions stored in the first memory.
An embodiment of the present invention provides a service device, including:
a second memory for storing executable instructions;
and the second processor is used for implementing the data processing method applied to the service equipment provided by the embodiment of the invention when the executable instruction stored in the second memory is executed.
The embodiment of the invention provides a storage medium, which stores executable instructions and is used for causing a first processor to execute, so that the data processing method applied to analog card equipment provided by the embodiment of the invention is realized.
The embodiment of the present invention further provides a storage medium, which stores executable instructions for causing a second processor to execute, so as to implement the data processing method applied to the service device provided by the embodiment of the present invention.
The embodiment of the invention has the following beneficial effects: the card simulation equipment verifies the validity of the card processing data by using the gate time information and the time validity information before responding to the card processing request sent by the gate equipment and updating the card basic data according to the card processing data, and updates the card basic data according to the card processing data only when the verification result is confirmed to be that the card processing data is valid; therefore, safety guarantee is provided for data processing of the card basic data, and therefore the safety of data processing of the analog card is improved.
Drawings
FIG. 1 is a block diagram illustrating an alternative architecture of a data processing system 100, according to an embodiment of the present invention;
fig. 2 is a schematic structural diagram of a first terminal 400 according to an embodiment of the present invention;
fig. 3 is a schematic structural diagram of a server 200 according to an embodiment of the present invention;
FIG. 4 is a schematic flow chart of an alternative data processing method according to an embodiment of the present invention;
FIG. 5 is a schematic flow chart of another alternative data processing method provided by the embodiment of the invention;
FIG. 6 is a schematic flow chart of another alternative data processing method provided by the embodiment of the invention;
FIG. 7 is a block diagram illustrating an alternative architecture of data processing system 100, according to an embodiment of the present invention;
fig. 8 is a schematic structural diagram of a blockchain in the blockchain network 600 according to an embodiment of the present invention;
fig. 9 is a functional architecture diagram of a blockchain network 600 according to an embodiment of the present invention;
FIG. 10 is a diagram illustrating an exemplary application of data processing of an emulation card according to an embodiment of the present invention;
fig. 11 is a schematic diagram of an exemplary application of data processing of the emulation card according to the embodiment of the present invention.
Detailed Description
In order to make the objects, technical solutions and advantages of the present invention clearer, the present invention will be further described in detail with reference to the accompanying drawings, the described embodiments should not be construed as limiting the present invention, and all other embodiments obtained by a person of ordinary skill in the art without creative efforts shall fall within the protection scope of the present invention.
In the following description, reference is made to "some embodiments" which describe a subset of all possible embodiments, but it is understood that "some embodiments" may be the same subset or different subsets of all possible embodiments, and may be combined with each other without conflict.
In the following description, references to the terms "first \ second \ third" are only to distinguish similar objects and do not denote a particular order, but rather the terms "first \ second \ third" are used to interchange specific orders or sequences, where appropriate, to enable embodiments of the invention described herein to be practiced in other than the order shown or described herein.
Unless defined otherwise, all technical and scientific terms used herein have the same meaning as commonly understood by one of ordinary skill in the art to which this invention belongs. The terminology used in the embodiments of the present invention is for the purpose of describing the embodiments of the present invention only and is not intended to be limiting of the present invention.
Before further detailed description of the embodiments of the present invention, terms and expressions mentioned in the embodiments of the present invention are explained, and the terms and expressions mentioned in the embodiments of the present invention are applied to the following explanations.
1) The RFID (Radio Frequency Identification), also called Radio Frequency Identification, is one of automatic Identification technologies, and a finger gate device performs contactless bidirectional data communication in a Radio Frequency manner, and reads and writes a recording medium (an electronic tag or a Radio Frequency card) in a Radio Frequency manner, thereby achieving a process of identifying the recording medium and exchanging data.
2) The RFID system comprises a gate device, a recording medium and a service device (a background host system). When the RFID system works, the gate device sends a radio frequency signal with a specific frequency through the transmitting antenna, and when a recording medium enters an effective working area, induced current is generated, so that the obtained energy is activated, and the recording medium transmits self coding information out through the built-in antenna; at this time, the receiving antenna of the gate device receives the modulation signal sent from the recording medium, the modulation signal is transmitted to the signal processing module of the gate device through the modulator of the antenna, and the effective information is transmitted to the service device for relevant processing after demodulation and decoding; the service equipment identifies the identity of the recording medium according to the logical operation, performs corresponding processing and control aiming at different settings, and finally sends out a signal to control the gate equipment to finish different read-write operations.
3) A gate device is a device that reads information from a recording medium or writes information to be stored in the recording medium. When the gate device works, radio frequency energy is transmitted in a region by the gate device to form an electromagnetic field, and the size of the region depends on the transmitting power; the recording medium in the area covered by the gate device is triggered to transmit data stored therein or to modify data stored therein in accordance with instructions from the gate device and is capable of communicating with a computer network via an interface.
4) And NFC is adopted, so that the simulation of the recording medium can be realized, for example, the simulation of a bus card by a mobile phone can be realized by adopting the NFC technology.
5) HCE (Host-based Card Emulation) implements Card Emulation on a device equipped with an NFC function, and there are two ways to implement Card Emulation at present: one is hardware-based, called Virtual card mode (Virtual card mode); the other is software-based, called Host Card Mode. The mode is to simulate the equipment with the NFC function into a non-contact card, such as an access card, a bank card, a bus card and the like. The card simulation mode is mainly used in non-contact mobile payment applications such as markets, transportation and the like, and a user only needs to approach a mobile phone to a card reader (gate device) and input a password to confirm a transaction or directly receive the transaction.
6) A key is a parameter input in an algorithm for converting a plaintext into a ciphertext or converting a ciphertext into a plaintext, and refers to secret information used to complete cryptographic applications such as encryption, decryption, integrity verification, and the like. The key is divided into a symmetric key and an asymmetric key, the symmetric key is applied to symmetric cryptography, and the symmetric key is called as a symmetric key because the same key is used for encryption and decryption; while asymmetric keys are used in asymmetric cryptography, they are called asymmetric keys because the keys used for encryption and decryption are different, and generally one of the asymmetric keys is public, called a public key or a public key, and the other is secret, called a private key or a private key.
7) The digest, also known as a Hash value, is obtained by mapping an arbitrary length binary value (plaintext) to a shorter fixed length binary value.
8) The digital signature is a cipher text formed by encrypting the summary of the data content by using a private key of an asymmetric encryption algorithm, and is used for verifying the integrity and the source (or non-repudiation) of certain data content.
9) Block chain (Blockchain), an encrypted, chained transactional memory structure formed from blocks (blocks).
10) A Blockchain Network (Blockchain Network) incorporates new blocks into a set of nodes of a Blockchain in a consensus manner.
In the application of realizing data communication by using the analog card, the terminal equipment for starting the card analog function receives the consumption request sent by the gate equipment and carries out transaction processing on the card data according to the consumption request so as to realize the data processing of the analog card. In general, in the two modes of the emulation card, the security of data processing of the emulation card in the virtual card mode is high because the secure element is present in the emulation card device in the virtual card mode. However, in the host card mode, in the process of implementing transaction processing of the analog card by the terminal device, a historical consumption request is used as the current consumption request through an illegal technique, so that the risk that card data is reset by historical consumption data exists; for example, the original data of the analog card is version a (balance is 50 yuan), the data after transaction processing (after consumption) is updated to version B (balance is 48 yuan), and lawbreakers can reset the updated data version B to version a by an illegal technique; therefore, the risk of the analog card business is large, and the safety of the data processing of the analog card is low.
Based on this, the embodiment of the present invention provides a data processing method and device, which can improve the security of data processing of an analog card, and an exemplary application of the device provided in the embodiment of the present invention is described below; the device provided by the embodiment of the invention can be implemented as various types of user terminals such as a smart phone, a tablet computer, a notebook computer and the like, and can also be implemented as a server. Next, an exemplary application in which the card simulation apparatus provided by the embodiment of the present invention is implemented as a terminal and the service apparatus provided by the embodiment of the present invention is implemented as a server will be described.
Referring to fig. 1, fig. 1 is an alternative architecture diagram of a data processing system 100 according to an embodiment of the present invention, in order to support a data processing application, a first terminal 400 (analog card device) is connected to a server 200 (service device) through a network 300, where the network 300 may be a wide area network or a local area network, or a combination of the two; in addition, a second terminal 500 (gate device) is also included in the data processing system 100. Here, the first terminal 400 is provided with an NFC function.
A first terminal 400 for receiving a card emulation instruction, transmitting a first card data request to the server 200 through the network 300 in response to the card emulation instruction, and receiving target card data transmitted by the server 200 for the first card data request through the network 300; the target card data comprises time validity period information and card basic data; further configured to receive a second card data request sent by the second terminal 500 through the network 300, send card basic data to the second terminal 500 through the network 300 in response to the second card data request, and receive a card processing request sent by the second terminal 500 for the card basic data through the network 300; the card processing request comprises gate time information and card processing data; the card is also used for verifying the validity of the data processed by the card by utilizing the gate time information and the time validity information to obtain a first validity verification result; and the verification module is also used for updating the basic data of the card according to the card processing data to obtain card data updating information when the first validity verification result represents that the card processing data is valid.
A server 200 for receiving a first card data request transmitted by a first terminal 400 through a network 300; wherein the first card data request is for requesting target card data; the first card is also used for responding to the first card data request and acquiring card basic data and time validity information; the system is also used for combining the card basic data and the time validity information to obtain target card data; and is further configured to transmit the target card data to the first terminal 400 through the network 300, so that the card emulation device performs validity check on the card processing request transmitted by the second terminal 500 through the network 300 according to the time validity information to complete data processing of the card base data.
A second terminal 500 for transmitting a second card data request to the first terminal 400 through the network 300; the second card data request is used for requesting card basic data; the first terminal 400 is further configured to receive, via the network 300, card basic data sent for the second card data request by the first terminal 400, obtain card processing data and gate time information according to the card basic data, and combine the card processing data and the gate time information to obtain a generated card processing request; and is further configured to transmit a card processing request to the first terminal 400 through the network 300 so that the first terminal 400 performs validity check on the card processing data according to the gate time information to complete data processing of the card base data.
It should be noted that the embodiments of the present invention may also be implemented by combining a blockchain technology, where a blockchain is a novel application mode of computer technologies such as distributed data storage, point-to-point transmission, a consensus mechanism, and an encryption algorithm. The blockchain is essentially a decentralized database, which is a string of data blocks associated by using cryptography, each data block contains information of a batch of network transactions, and the information is used for verifying the validity (anti-counterfeiting) of the information and generating the next block. The blockchain may include a blockchain underlying platform, a platform product services layer, and an application services layer. For the data processing method combined with the block chain technique provided in the embodiment of the present invention, specific reference is made to the following description.
Referring to fig. 2, fig. 2 is a schematic structural diagram of a first terminal 400 according to an embodiment of the present invention, where the first terminal 400 shown in fig. 2 includes: at least one first processor 410, a first memory 450, at least one first network interface 420, and a first user interface 430. The various components in the first terminal 400 are coupled together by a first bus system 440. It is understood that the first bus system 440 is used to enable connection communications between these components. The first bus system 440 includes a power bus, a control bus, and a status signal bus in addition to a data bus. For clarity of illustration, however, the various buses are labeled as a first bus system 440 in fig. 2.
The first Processor 410 may be an integrated circuit chip having Signal processing capabilities, such as a general purpose Processor, a Digital Signal Processor (DSP), or other programmable logic device, discrete gate or transistor logic device, discrete hardware components, or the like, wherein the general purpose Processor may be a microprocessor or any conventional Processor, or the like.
The first user interface 430 includes one or more first output devices 431, including one or more speakers and/or one or more visual display screens, that enable the presentation of media content. The first user interface 430 also includes one or more first input devices 432, including user interface components that facilitate user input, such as a keyboard, mouse, microphone, touch screen display, camera, other input buttons and controls.
The first memory 450 includes either volatile memory or nonvolatile memory, and may also include both volatile and nonvolatile memory. The non-volatile Memory may be a Read Only Memory (ROM), and the volatile Memory may be a Random Access Memory (RAM). The first memory 450 described in embodiments of the invention is intended to comprise any suitable type of memory. The first memory 450 optionally includes one or more storage devices physically located remote from the first processor 410.
In some embodiments, the first memory 450 is capable of storing data to support various operations, examples of which include programs, modules, and data structures, or subsets or supersets thereof, as exemplified below.
A first operating system 451 including system programs for processing various basic system services and performing hardware-related tasks, such as a framework layer, a core library layer, a driver layer, etc., for implementing various basic services and processing hardware-based tasks;
a first network communication module 452 for communicating to other computing devices via one or more (wired or wireless) first network interfaces 420, an exemplary first network interface 420 comprising: bluetooth, wireless-compatibility authentication (Wi-Fi), and Universal Serial Bus (USB), etc.;
a first display module 453 for enabling presentation of information (e.g., user interfaces for operating peripherals and displaying content and information) via one or more first output devices 431 (e.g., display screens, speakers, etc.) associated with the first user interface 430;
a first input processing module 454 for detecting one or more user inputs or interactions from one of the one or more first input devices 432 and translating the detected inputs or interactions.
In some embodiments, the card emulation device provided by the embodiments of the present invention can be implemented in software, and fig. 2 shows the card emulation device 455 stored in the first memory 450, which can be software in the form of programs and plug-ins, and includes the following software modules: a card data acquisition module 4551, a processed data acquisition module 4552, a time check module 4553, a data processing module 4554, and a prohibition module 4555, functions of each of which will be described later.
Referring to fig. 3, fig. 3 is a schematic structural diagram of a server 200 according to an embodiment of the present invention, where the server 200 shown in fig. 3 includes: at least one second processor 210, a second memory 250, at least one second network interface 220, and a second user interface 230. The various components in server 200 are coupled together by a second bus system 240. It is understood that the second bus system 240 is used to enable connection communication between these components. The second bus system 240 includes a power bus, a control bus, and a status signal bus in addition to the data bus. But for clarity of illustration the various buses are labeled as the second bus system 240 in figure 3.
The second processor 210 may be an integrated circuit chip having signal processing capabilities, such as a general purpose processor, a digital signal processor, or other programmable logic devices, discrete gate or transistor logic devices, discrete hardware components, etc., wherein the general purpose processor may be a microprocessor or any conventional processor, etc.
The second user interface 230 includes one or more second output devices 231, including one or more speakers and/or one or more visual displays, that enable the presentation of media content. The second user interface 230 also includes one or more second input devices 232, including user interface components that facilitate user input, such as a keyboard, mouse, microphone, touch screen display, camera, other input buttons and controls.
The second memory 250 includes either volatile memory or nonvolatile memory, and may also include both volatile and nonvolatile memory. The nonvolatile memory may be a read-only memory, and the volatile memory may be a random access memory. The second memory 250 described in embodiments of the invention is intended to comprise any suitable type of memory. The second memory 250 optionally includes one or more storage devices physically located remote from the second processor 210.
In some embodiments, the second memory 250 is capable of storing data to support various operations, examples of which include programs, modules, and data structures, or subsets or supersets thereof, as exemplified below.
A second operating system 251 including system programs for processing various basic system services and performing hardware-related tasks, such as a framework layer, a core library layer, a driver layer, etc., for implementing various basic services and processing hardware-based tasks;
a second network communication module 252 for communicating to other computing devices via one or more (wired or wireless) second network interfaces 420, an exemplary second network interface 220 comprising: bluetooth, wireless compatibility authentication, universal serial bus, and the like;
a second display module 253 to enable presentation of information (e.g., a user interface for operating peripherals and displaying content and information) via one or more second output devices 231 (e.g., a display screen, speakers, etc.) associated with the second user interface 430;
a second input processing module 254 for detecting one or more user inputs or interactions from one of the one or more second input devices 232 and translating the detected inputs or interactions.
In some embodiments, the card emulation device provided by the embodiment of the present invention can be implemented by software, and fig. 3 shows the card emulation device 255 stored in the second memory 250, which can be software in the form of programs and plug-ins, and the like, and includes the following software modules: a request receiving module 2551, a request response module 2552, a card data obtaining module 2553, a card data transmitting module 2554, and a data synchronizing module 2555, functions of which will be described below.
In other embodiments, the card emulation apparatus and the service apparatus provided in the embodiments of the present invention may be implemented in hardware, and for example, the card emulation apparatus and the service apparatus provided in the embodiments of the present invention may be a processor in the form of a hardware decoding processor, which is programmed to execute the data processing method provided in the embodiments of the present invention, for example, the processor in the form of the hardware decoding processor may be implemented by one or more Application Specific Integrated Circuits (ASICs), DSPs, Programmable Logic Devices (PLDs), Complex Programmable Logic Devices (CPLDs), Field Programmable Gate Arrays (FPGAs), or other electronic components.
In the following, the data processing method provided by the embodiment of the present invention will be described with reference to exemplary applications in which the card simulation device and the gate device provided by the embodiment of the present invention are both implemented as a terminal, and the service device is implemented as a server.
Referring to fig. 4, fig. 4 is an alternative flow chart of the data processing method according to the embodiment of the present invention, which will be described with reference to the steps shown in fig. 4.
S101, when the card simulation device receives the card simulation instruction, responding to the card simulation instruction, and sending a first card data request to the service device.
In the embodiment of the invention, the card simulation equipment has an NFC function and can realize card simulation based on a host, namely, the card simulation equipment has an equipment card simulation function; when the card simulation function of the card simulation device is started, the card simulation device receives a card simulation instruction; here, the card emulation instruction is used to instruct acquisition of target card data from the service apparatus to implement card emulation. When the card simulation device receives the card simulation instruction, the card simulation device responds to the card simulation instruction, executes the function indicated by the card simulation instruction and requests the target card data from the service device; the card simulation equipment requests the target card data from the service equipment by sending a first card data request to the service equipment; therefore, the first card data request is for requesting target card data from the service apparatus.
It should be noted that, when the card simulation device detects a signal transmitted by the gate device, the card simulation device may trigger the start of the card simulation function; when a triggering operation for starting the card simulation function is received on a graphical interface of the card simulation equipment, the starting of the card simulation function can be triggered; and the like, which are not particularly limited by the embodiments of the present invention.
In addition, the target card data provides card data support for the card simulation equipment to start the card simulation function; for example, when the analog card of the card analog device is a bus card, the target card data is bus card data. The service device is a background device for simulating cards, and the simulated cards refer to simulated cards (bus cards, bank cards, access control cards and the like).
Accordingly, after S101 is executed, that is, after the card emulation device receives the card emulation command, the service device receives the first card data request sent by the card emulation device after sending the first card data request to the service device in response to the card emulation command.
S102, the service equipment responds to the first card data request and obtains card basic data and time validity information.
In the embodiment of the present invention, after obtaining the first card data request, the service device responds to the first card data request, and executes the processing requested by the first card data request, that is, obtains the card basic data and the time validity information.
It should be noted that the card basic data refers to basic information of the analog card, for example, when the analog card is a bus card, the card basic data includes a card number, a card balance, a card through number, and a user number; the time validity information refers to a validity period, such as an expiration time, or a validity period and a start time, for performing data processing (data update) on the card base data.
It can be understood that, when the service device responds to the first card data request for acquiring the target card data, the service device acquires the card basic data and also acquires the time validity information, so that the card simulation device can provide security guarantee for updating the card basic data based on the time validity information, thereby improving the security of data processing of the simulation card.
S103, the service equipment combines the card basic data and the time validity information to obtain target card data.
In the embodiment of the present invention, after obtaining the card basic data and the time validity information, the service device combines the card basic data and the time validity information to obtain the card data to be issued to the analog card, that is, the target card data.
And S104, the service equipment sends the target card data to the card simulation equipment so that the card simulation equipment performs validity check on the card processing request sent by the gate equipment according to the time validity information to complete data processing of the card basic data.
In the embodiment of the invention, the target card data is the information obtained by the service equipment in response to the first card data request, and the first card data request is sent to the service equipment by the card simulation equipment; therefore, when the service apparatus obtains the target card data, the target card data is transmitted to the card simulation apparatus, and the response to the first card data request is completed.
It can be understood that the service device sends the target card data to the card simulation device, so that the card simulation device can perform validity check on the card processing request sent by the gate device according to the time validity period information to complete data processing of the card basic data, thereby effectively preventing the card basic data from being reset by using the historical version data of the card, improving the data processing safety of the simulation card, and further improving the realization effect of the simulation card.
Accordingly, after S104 is executed, that is, after the service device sends the target card data to the card emulation device, at this time, the card emulation device also receives the target card data sent by the service device for the first card data request, and the target card data includes the time validity period information and the card basic data
S105, when the card simulation device receives a second card data request sent by the gate device, responding to the second card data request, sending card basic data to the gate device, and receiving a card processing request sent by the gate device for the card basic data; the card processing request includes gate time information and card processing data.
In the embodiment of the invention, when the gate device detects that the card simulation device approaches, for example, the gate device acquires distance information with the card simulation device, and when the distance information is smaller than the preset distance information, it indicates that the card simulation device performs transaction processing by using the simulation card; thus, the gate device generates a second card data request for acquiring the card basic data from the gate device, and transmits the second card data request to the card simulation device.
Correspondingly, after the gate equipment sends the second card data request to the card simulation equipment, the card simulation equipment receives the second card data request sent by the gate equipment at the moment; because the second card data request is a request for acquiring card basic data requested by the gate device, when the card simulation device receives the second card data request, the card simulation device responds to the second card data request, executes processing requested by the second card data request, and sends the card basic data to the gate device, thereby completing the response to the second card data request.
In the embodiment of the present invention, after the card simulation device sends the card basic data to the gate device, the gate device obtains the card basic data at this time, and can generate a transaction request, i.e., a card processing request, according to the card basic data. Here, when determining that the card basic data is valid, for example, when the balance of the card basic data is greater than the preset secondary consumption amount, the gate device obtains the card processing data and the gate time information based on the card basic data, and combines the card processing data and the gate time information, thereby obtaining the card processing request. At this time, the gate device sends the card processing request to the card simulation device, so that the card simulation device performs validity check on the card processing data according to the gate time information to complete data processing on the card basic data.
It should be noted that the gate time information refers to local time information of the gate device when the card processing request is generated; the card processing data refers to data for performing data processing on card base data, such as: card number, amount consumed/amount after consumption, card number and user number. In addition, the gate time information can also be other credible time information in the interactive process of data processing of the analog card.
It can be understood that the card processing request issued by the gate device to the card simulation device includes the gate time information, and the gate time information is a trusted time, and has a non-changeable property, unlike the mobile phone time or the internet time, and can be changed; therefore, the card simulation device performs validity check on the card processing data based on the gate time information, and updates the card basic data by using the card processing data when the validity check passes, thereby effectively preventing the card basic data from being reset by using the historical version data of the card, improving the data processing safety of the simulation card, and further improving the realization effect of the simulation card.
Accordingly, after the gate device sends the card processing request to the card simulation device, the card simulation device receives the card processing request sent by the gate device, and the card processing request includes gate time information and card processing data.
S106, the card simulation device verifies the validity of the card processing data by using the gate time information and the time validity period information to obtain a first validity verification result.
In the embodiment of the invention, after the card simulation device obtains the gate time information, the time validity information and the card processing data, the validity of the card processing data can be verified by using the gate time information and the time validity information, namely, the validity of the card processing data in time is judged by using the gate time information and the time validity information, so that the card processing data is not the historical version data of the simulation card, and the resetting of the card basic data by using the historical version data can be effectively avoided.
Here, the card simulation apparatus verifies the validity of the time for which the card processes data using the gate time information and the time validity period information to obtain a result, i.e., a first validity verification result; and, the first validity check result includes two cases: card processing data is valid and card processing data is invalid; the card processing data valid means that the card processing data has validity for updating the card base data, and the card processing data invalid means that the card processing data does not have validity for updating the card base data.
And S107, when the first validity check result represents that the card processing data is valid, the card simulation device updates the card basic data according to the card processing data to obtain card data updating information.
In the embodiment of the invention, when the first validity check result represents that the card processing data is valid, the card processing data is valid in time and is not the historical version data of the simulated card; at this time, the card simulation device updates the card basic data according to the card processing data, and also generates card data update information, completing the data processing of the card basic data.
It should be noted that the card data update information may be card basic data updated by using the card processing data, or may be an update record for updating the card basic data by using the card processing data, which is not specifically limited in this embodiment of the present invention.
It can be understood that the service device issues the target card data carrying the time validity information to the card simulation device, and the gate device issues the card processing request carrying the gate time information to the card simulation device, so that the card simulation device can check the time validity of the card processing data to be updated before updating the card basic data; updating the basic data of the card by using the card processing data only when the card processing data is valid in time, namely the card processing data is not the historical version data of the simulation card, so as to complete the data processing of the simulation card; therefore, safety guarantee is provided for data processing of the analog card, and the risk that basic data of the card is reset is avoided.
Further, in the embodiment of the present invention, when the time validity information is valid deadline information, S106 may be implemented by S1061-S1063; that is, the card simulation apparatus checks the validity of the card processing data by using the gate time information and the time validity period information to obtain a first validity check result, which includes S1061 to S1063, and will be described below with reference to the steps.
And S1061, comparing the size of the gate time information with the size of the effective deadline time information to obtain a time comparison result.
It should be noted that, since the gate time information is the time information of the gate device corresponding to the card processing request, the effective deadline information refers to the effective deadline information of the card processing data in the card processing request; therefore, the card simulation device can determine the validity of the card processing data in time by comparing the sizes of the gate time information and the valid deadline time information. Here, the comparison result obtained by comparing the gate time information and the effective deadline information is a time comparison result; the time comparison result may be that the gate time information is greater than the valid deadline information or that the gate time information is not greater than the valid deadline information.
And S1062, when the time comparison result represents that the gate time information is greater than the valid deadline time information, determining that the card processing data is invalid, thereby obtaining a first valid transaction result representing that the card processing data is invalid.
In the embodiment of the invention, when the time comparison result represents that the gate time information is greater than the valid deadline time information, the card processing data is invalid, and the result that the card processing data is invalid is taken as a first validity check result.
And S1063, when the time comparison result represents that the time information of the gate is not more than the effective deadline time information, determining that the card processing data is effective, thereby obtaining a first effective transaction result representing that the card processing data is effective.
In the embodiment of the invention, when the time comparison result represents that the gate time information is not more than the effective deadline time information, the card processing data is effective, and the result that the card processing data is effective is taken as a first validity check result.
Further, in the embodiment of the present invention, when the time validity period is the valid time period information and the valid start time information, S106 may be implemented by S1064-S1066; that is, the card simulation apparatus checks the validity of the card processing data by using the gate time information and the time validity period information to obtain a first validity check result, which includes S1064 to S1066, and the following description is made in conjunction with each step.
And S1064, acquiring the time interval information of the gate time information and the effective starting time information.
In the embodiment of the invention, the effective start time information refers to effective start time information of the card processing data; here, the card simulation apparatus can determine the validity of the outgoing card processing data based on the time interval information by acquiring the time interval information of the gate time information and the valid start time information, since the time interval information indicates the time period between the gate time information and the valid start time information.
And S1065, when the time interval information is larger than the valid time period information, determining that the time for processing the data by the card is invalid, thereby obtaining a first valid transaction result representing that the data processed by the card is invalid.
In the embodiment of the present invention, after the card simulation device obtains the time interval information, the time interval information is compared with the valid time period, if the time interval information is greater than the valid time period information, it is indicated that the card processing data is invalid, and a result of the card processing data being invalid is taken as a first validity check result.
And S1066, when the time interval information is not greater than the effective time period information, determining that the time for processing the data by the card is effective, thereby obtaining a first effective transaction result representing that the data processed by the card is effective.
In the embodiment of the invention, if the comparison result of the time interval information and the valid time period is that the time interval information is not greater than the valid time period information, the card processing data is valid, and the result that the card processing data is valid is used as a first validity check result. It is easy to know that the valid start time information is added with valid time period information, i.e., valid deadline information.
Further, referring to fig. 5, fig. 5 is another optional flowchart of the data processing method according to the embodiment of the present invention, as shown in fig. 5, in the embodiment of the present invention, after S106, S108-S109 are further included, that is, after the card simulation device verifies the validity of the card processing data by using the gate time information and the time validity period information, and obtains the first validity verification result, the data processing method further includes S108-S109, which is described below with reference to the steps shown in fig. 5.
And S108, when the first validity check result represents that the card processing data is invalid, the card simulation device generates card processing inhibition information.
In the embodiment of the invention, when the first validity check result represents that the card processing data is invalid, the card processing data is invalid in time, and may be the historical version data of the simulated card; at this time, the card simulation apparatus does not update the card base data according to the card processing data any more, but generates card processing inhibition information representing that the update of the card base data is inhibited.
And S109, the card simulation device displays the card processing prohibition information and sends the card processing prohibition information to the gate device.
In the embodiment of the invention, after the card simulation equipment generates the card processing prohibition information, the card processing prohibition information is displayed through a graphical interface to inform a card simulation equipment user that the data processing is failed at this time, or the card simulation equipment sends out processing prompt information through a playing device according to the card processing prohibition information; meanwhile, the card simulation device transmits the card processing prohibition information to the gate device, so that the gate device performs processing, such as prohibition of passage, according to the card processing prohibition information.
It can be understood that, before updating the card basic data according to the card processing data, the card simulation device adds a check of time validity information to the card processing data, for example, one minute validity, and if the card basic data is not generated within one minute, the card simulation device determines that the card processing data is illegal data and refuses to update the card basic data according to the card processing data, thereby improving the data processing security of the simulation card.
Further, in the embodiment of the present invention, referring to fig. 6, fig. 6 is a further alternative flowchart of the data processing method provided in the embodiment of the present invention, and as shown in fig. 6, S110-S112 are further included after S107; i.e., the card emulation device updates the card basic data according to the card processing data to obtain the card data update information, the data processing method further includes S110 to S112, which will be described below with reference to the steps shown in fig. 6.
And S110, the card simulation equipment sends the card data updating information to the gate equipment.
In the embodiment of the present invention, after the card simulation device completes processing of the card base data according to the card processing data sent by the gate device, in order for the gate device to obtain information that the card simulation device has completed processing according to the card processing request, card data update information obtained by updating the card base data is sent to the gate device.
Accordingly, in the embodiment of the present invention, after S110 is executed, that is, after the card simulation device sends the card data update information to the gate device, the gate device receives the card data update information; the gate device thus updates information based on the card data, confirms that the card processing request has been completed, and executes a functional application, such as opening a gate to allow passage, or emitting an alert tone indicating that the card swipe is successful. Meanwhile, the gate equipment generates card data updating confirmation information according to the card data updating information, and sends the card data updating confirmation information to the card simulation equipment, so that the card simulation equipment confirms that the gate equipment verifies that the updating of the card basic data is passed.
And S111, the card simulation equipment receives card data updating confirmation information sent by the gate equipment aiming at the card data updating information.
It should be noted that, when the gate device completes the verification of the card data update information and sends verification confirmation information corresponding to the card data update information to the card simulation device, the card simulation device also receives the card data update confirmation information.
And S112, the card simulation equipment updates the confirmation information according to the card data and sends the card data updating information to the service equipment so as to synchronize the card basic data in the service equipment.
In the embodiment of the present invention, the card data update confirmation information indicates that the gate device has completed executing the function application for the update processing of the card basic data, and the card basic data in the service device side is not updated yet at this time; therefore, after receiving the card data update confirmation information, the card simulation device sends the card data update information to the service device, so that the service device synchronizes the local card basic data, even if the synchronized local card basic data is consistent with the card basic data updated by the card simulation device side.
Correspondingly, after S112 is executed, that is, after the card emulation device transmits the card data update information to the service device, at this time, the service device also receives the card data update information that the card emulation device transmits for the target card data; the card data updating information is obtained by the card simulation device updating the card basic data according to the card processing request; thus, the information is updated according to the card data, and the local card basic data is synchronized.
In the embodiment of the invention, when the gate device confirms that the card processing request is completed according to the card data updating information, the function application is executed, and meanwhile, the card data updating information is transferred to the service device so as to synchronize the card basic data in the service device; at this time, the service device receives the card data update information sent by the gate device, and synchronizes the local card basic data according to the card data update information.
In summary, the embodiments of the present invention provide two schemes for synchronizing card basic data with card basic data of a service device, where one scheme is that a card simulation device synchronizes with the service device, and the other scheme is that a gate device synchronizes with the service device.
Further, in this embodiment of the present invention, the S102 service device, in response to the first card data request, acquires the card basic data and the time validity information, and may further include: the service equipment responds to the first card data request, and verifies the validity of the first card data request, such as whether the first card data request is in a login state or not, and whether the first card data request is sent by equipment authorized by a password or not; and when the result of checking the legality of the first card data request is that the first card data request is legal, acquiring card basic data and time validity information.
In this embodiment of the present invention, the S103 service device combines the card basic data and the time validity information to obtain the target card data, and further includes: and performing digest calculation on the card basic data and the time validity information, signing the calculated digest by using a preset private key (such as a consumption sub-key), and taking the signed digest, the card basic data and the time validity information as target card data.
Correspondingly, after the card emulation device receives the target card data sent by the service device for the first card data request, and when the card emulation device receives the second card data request sent by the gate device in S105, before the card emulation device sends the card basic data to the gate device in response to the second card data request, the data processing method further includes: the card simulation equipment acquires a preset public key; the preset public key is a secret key used for verifying the validity of the target card data; verifying the validity of the target card data by using a preset public key to obtain a second validity verification result; when the second validity check result represents that the target card data is valid, card data issuing time is obtained from the target card data, and first local time information is obtained; verifying the validity of the target card data according to the first local time information and the card data issuing time to obtain a third validity verification result; and when the third validity check result represents that the target card data is valid, receiving a second card data request sent by the gate equipment. Here, the first local time information is current local time information of the card simulation device, and the card data issuing time refers to current local time information of the service device when the service device issues target card data; and the target card data valid indicates that the target card data has data processing capabilities.
It can be understood that the card simulation device performs signature verification and time validity verification on the target card data signed by the service device, and can ensure the reliability of the source of the target card data and the validity of data processing.
Further, in this embodiment of the present invention, the card processing request sent by the gate device to the card simulation device in S105 is signed information, that is, the gate device performs digest processing on the card processing data and the gate time information, and signs the processed digest by using a preset request public key to obtain the card processing request. Therefore, before executing S106, the card simulation device acquires the public key of the preset request, performs signature verification on the card processing request, and executes S106 when the signature verification is passed; s106 may be performed after the signature verification is passed.
In the embodiment of the present invention, in S107, the card simulation device updates the card basic data according to the card processing data, and obtains a preset card data update key; signing the updated card basic data according to a preset card data updating key to obtain card data updating information; thus, after receiving the card data update information, the gate device performs signature verification on the card data update information, executes the function application when the signature verification passes, and sends card data update confirmation information to the card simulation device; or when the signature verification passes, executing the function application and forwarding the card data updating information to the service equipment.
Further, in this embodiment of the present invention, the service device is a node in a block chain network, and the service device responds to the first card data request to obtain card basic data, including: the service equipment responds to the first card data request and obtains card basic data from the block chain network.
Referring to fig. 7, fig. 7 is a schematic diagram of another alternative architecture of the data processing system 100 according to the embodiment of the present invention, which includes a blockchain network 600 (exemplarily illustrating a consensus node 610-1 to a consensus node 610-3), an authentication center 700, and a service agent 800 (service device), which are separately described below.
The type of blockchain network 600 is flexible and may be, for example, any of a public chain, a private chain, or a federation chain. Taking a public link as an example, electronic devices such as a user terminal and a server of any service entity can access the blockchain network 600 without authorization; taking a federation chain as an example, an electronic device (e.g., a terminal/server) under the jurisdiction of a service entity after obtaining authorization may access the blockchain network 600, and at this time, become a client node in the blockchain network 600.
In some embodiments, the client node may act as a mere watcher of the blockchain network 600, i.e., provide functionality to support the business entity to initiate transactions (e.g., for uplink storage of data or querying of data on the chain), and may be implemented by default or selectively (e.g., depending on the specific business requirements of the business entity) with respect to the functions of the nodes of the blockchain network 600, such as the ranking function, consensus service, and ledger function, etc. Therefore, the data and the service processing logic of the service subject can be migrated to the blockchain network 600 to the maximum extent, and the credibility and traceability of the data and service processing process are realized through the blockchain network 600.
Nodes in blockchain network 600 receive transactions submitted by client nodes (e.g., client node 810 shown in fig. 7 as belonging to business entity 800) from different business entities (e.g., business entity 800 shown in fig. 7), perform the transactions to update the ledger or query the ledger, and various intermediate or final results of performing the transactions may be returned for display in the client nodes of the business entity.
An exemplary application of the blockchain network is described below, taking as an example that one service entity accesses the blockchain network to implement management of card-based data.
With continued reference to fig. 7, the business entity involved in the management process, such as business entity 800, which may be an analog card-based data processing system, registers with the certificate authority 700 to obtain a digital certificate, where the digital certificate includes the public key of the business entity and a digital signature signed by the certificate authority 700 for the public key and identity information of the business entity, is used to be attached to the transaction together with the digital signature of the business entity for the transaction, and is sent to the blockchain network, so that the blockchain network takes the digital certificate and signature from the transaction, verifies the authenticity of the message (i.e., whether the message is not tampered with) and the identity information of the business entity sending the message, and verifies the blockchain network according to the identity, for example, whether the business entity has the right to initiate the transaction. Clients running electronic devices (e.g., terminals or servers) hosted by the business entity may request access from the blockchain network 600 to become client nodes.
The client node 810 of the business body 800 is used to obtain card base data from the blockchain network 600; then, acquiring time validity information and card data updating information, combining the card basic data and the time validity information to obtain target card data, and sending the target card data to the card simulation equipment; the card simulation equipment generates card data updating information according to the target card data and sends the card data updating information to the service equipment; at this time, the service device synchronizes the local card basic data according to the card data update information, and sends the synchronized card basic data to the blockchain network 600 for uplink.
The operation of sending the card basic data and the synchronized card basic data to the blockchain network 600 may set service logic in the client node 810 in advance, and when the card basic data and/or the synchronized card basic data are generated, the client node 810 automatically sends the card basic data and/or the synchronized card basic data to the blockchain network 600, or a service person of the service agent 800 logs in the client node 810, manually packages the card basic data and/or the synchronized card basic data, and sends the card basic data and/or the synchronized card basic data to the blockchain network 600. During sending, the client node 810 generates a transaction corresponding to the update operation according to the card basic data and/or the synchronized card basic data, specifies an intelligent contract to be invoked to implement the update operation and parameters to be transferred to the intelligent contract in the transaction, and also carries a digital certificate of the client node 810 and a signed digital signature (for example, a digest of the transaction is encrypted by using a private key in the digital certificate of the client node 810), and broadcasts the transaction to the consensus nodes in the blockchain network 600.
When a transaction is received in a consensus node in the blockchain network 600, a digital certificate and a digital signature carried by the transaction are verified, after the verification is successful, whether the service body 800 has a transaction right or not is determined according to the identity of the service body 800 carried in the transaction, and the transaction fails due to any verification judgment of the digital signature and the right verification. After successful verification, the consensus node's own digital signature (e.g., encrypted using the private key of the consensus node 610-1 to obtain a digest of the transaction) is signed and broadcast on the blockchain network 600.
After the consensus node in the blockchain network 600 receives the transaction successfully verified, the transaction is filled into a new block and broadcast. When a new block is broadcasted by a consensus node in the block chain network 600, performing a consensus process on the new block, if the consensus is successful, adding the new block to the tail of the block chain stored in the new block, updating the state database according to a transaction result, and executing a transaction in the new block: for transactions submitting updated card base data and/or synchronized card base data, key-value pairs comprising the card base data and/or synchronized card base data are added to the status database.
A service person of the service agent 800 logs in the client node 810, inputs a request for obtaining card basic data, that is, a card basic data obtaining request, the client node 810 generates a transaction corresponding to an updating operation/a query operation according to the card basic data obtaining request, specifies an intelligent contract that needs to be called for realizing the updating operation/the query operation and parameters transferred to the intelligent contract in the transaction, and the transaction also carries a digital certificate of the client node 810 and a signed digital signature (for example, a summary of the transaction is encrypted by using a private key in the digital certificate of the client node 810), and broadcasts the transaction to a consensus node in the blockchain network 600. The card basic data obtaining request is generated according to the received first card data request sent by the first terminal 400, and is used for obtaining the card basic data. In addition, the client node 810 is further configured to receive card data update information sent by the first terminal 400, synchronize the local card basic data according to the card data update information, obtain synchronized card basic data, and store the synchronized card basic data as a new block in the blockchain network 600.
After the consensus node in the blockchain network 600 receives the transaction, verifies the transaction, fills the block, and agrees with the consensus node, adds the new filled block to the tail of the blockchain stored in the consensus node, updates the state database according to the transaction result, and executes the transaction in the new block.
It is worth noting that fig. 7 exemplarily shows a process of directly chaining the card basic data and/or the synchronized card basic data, but in other embodiments, for a case that the card basic data and/or the synchronized card basic data have a large data volume, the client node 810 may pair the hash of the card basic data and/or the synchronized card basic data and the hash of the card basic data and/or the synchronized card basic data for uplink, and store the original card basic data and/or the synchronized card basic data in a distributed file system or a database. After obtaining the card base data and/or the synchronized card base data from the distributed file system or the database, the client node 810 may perform a verification in combination with the corresponding hash in the blockchain network 600, thereby reducing the workload of the uplink operation. Here, the synchronized card basic data refers to data obtained by synchronizing the local card basic data by the service device.
As an example of a block chain, referring to fig. 8, fig. 8 is a schematic structural diagram of a block chain in a block chain network 600 provided in an embodiment of the present invention, where a header of each block may include hash values of all transactions in the block and also include hash values of all transactions in a previous block, a record of a newly generated transaction is filled in the block and is added to a tail of the block chain after being identified by nodes in the block chain network, so as to form a chain growth, and a chain structure based on hash values between blocks ensures tamper resistance and forgery prevention of transactions in the block.
An exemplary functional architecture of a block chain network provided in the embodiment of the present invention is described below, referring to fig. 9, fig. 9 is a functional architecture schematic diagram of a block chain network 600 provided in the embodiment of the present invention, which includes an application layer 601, a consensus layer 602, a network layer 603, a data layer 604, and a resource layer 605, and the following description is separately given below.
The resource layer 605 encapsulates the computing, storage, and communication resources that implement the various nodes in the blockchain network 600.
The data layer 604 encapsulates various data structures that implement the ledger, including blockchains implemented in files in a file system, state databases of the key-value type, and presence certificates (e.g., hash trees of transactions in blocks).
The network layer 603 encapsulates the functions of a Point-to-Point (P2P) network protocol, a data propagation mechanism and a data verification mechanism, an access authentication mechanism, and service agent identity management.
The P2P network protocol implements communication between nodes in the blockchain network 600, the data propagation mechanism ensures propagation of transactions in the blockchain network 600, and the data verification mechanism implements reliability of data transmission between nodes based on cryptography methods (e.g., digital certificates, digital signatures, public/private key pairs); the access authentication mechanism is used for authenticating the identity of the service subject added to the block chain network 600 according to an actual service scene, and endowing the service subject with the authority of accessing the block chain network 600 when the authentication is passed; the business entity identity management is used to store the identity of the business entity that is allowed to access blockchain network 600, as well as the permissions (e.g., the types of transactions that can be initiated).
The consensus layer 602 encapsulates the functions of consensus nodes in the blockchain network 600 to agree on a block (i.e., a consensus mechanism), transaction management, and ledger management. The consensus mechanism comprises consensus algorithms such as POS, POW and D POS, and the pluggable consensus algorithm is supported.
The transaction management is used for verifying the digital signature carried in the transaction received by the node, verifying the identity information of the business body and judging and confirming whether the business body has the authority to carry out the transaction (reading the related information from the identity management of the business body) according to the identity information; for the service entities authorized to access the blockchain network 600, the service entities have digital certificates issued by the certificate authority, and the service entities sign the submitted transactions by using the private keys in their digital certificates, thereby declaring their own legal identities.
The ledger administration is used to maintain blockchains and state databases. For the block with the consensus, adding the block to the tail of the block chain; executing the transaction in the acquired consensus block, updating the key-value pairs in the state database when the transaction comprises an update operation, querying the key-value pairs in the state database when the transaction comprises a query operation and returning a query result to the client node of the business entity. Supporting query operations for multiple dimensions of a state database, comprising: querying the chunk based on the chunk sequence number (e.g., hash value of the transaction); inquiring the block according to the block hash value; inquiring a block according to the transaction serial number; inquiring the transaction according to the transaction serial number; inquiring account data of a business main body according to an account (serial number) of the business main body; and inquiring the block chain in the channel according to the channel name.
The application layer 601 encapsulates various services that the blockchain network can implement, including tracing, crediting, and verifying transactions.
In the following, an exemplary application of the embodiments of the present invention in a practical application scenario will be described.
Referring to fig. 10, fig. 10 is a schematic view of an exemplary application of data processing of a simulation card provided in the embodiment of the present invention, and as shown in fig. 10, a process of issuing bus card data to a mobile phone terminal (card simulation device) by a background server (service device) is described, where the process includes the following steps:
s201, when the NFC function is started, the mobile phone terminal sends a bus card data request (a first card data request) to a background server.
S202, the background server checks the legality of the bus card data request (for example, whether the bus card data request is in a login state or not, or whether the mobile phone terminal is a device authorized by a user through a password or not).
S203, when the bus card data request is legal, the background server acquires the expiration time: 2019-11-1412:00:00 (time validity period information/validity deadline time information), and utilizes a data issuing private key (preset private key) to determine the issuing time: 2019-11-1410: 00:00 (referring to the current time of the background server, namely the timestamp, which refers to the card data issuing time in the embodiment of the present invention), and the expiration time: 2019-11-1412:00:00 and bus card data (including card number information, card balance: 50 yuan, card through number information and user number information, which refer to card basic data in the embodiment of the invention) are combined for signature.
S204, the background server sends the sending time to the mobile phone terminal: 2019-11-1410: 00:00, expiration time: 2019-11-1412:00:00, bus card data, and issuing time: 2019-11-1410: 00:00, expiration time: 2019-11-1412:00:00 and bus card data; here, the delivery time: 2019-11-1410: 00:00, expiration time: 2019-11-1412:00:00, bus card data, and issuing time: 2019-11-1410: 00:00, expiration time: 2019-11-1412:00:00 and bus card data are combined to form the target card data in the embodiment of the invention.
S205, the mobile phone terminal acquires a data issuing public key (preset public key), and by using the issuing time: 2019-11-1410: 00:00, expiration time: 2019-11-1412:00:00 and bus card data, for the issue time: 2019-11-1410: 00:00, expiration time: signature of the combination of 2019-11-1412:00:00 and bus card data is verified; and when the signature verification passes, acquiring the time of the mobile phone terminal: 2019-11-1410: 00:01 (first local time information), and comparing the mobile phone terminal time with the issuing time, if the difference value between the mobile phone terminal time and the issuing time is less than the preset value for 1 second, it is indicated that the bus card data issued by the background server is valid.
The following continues to illustrate exemplary applications of embodiments of the present invention in practical application scenarios.
Based on fig. 10, when the mobile phone terminal completes acquiring the bus card data, referring to fig. 11, fig. 11 is a schematic diagram of an exemplary application of data processing of the analog card provided in the embodiment of the present invention, and as shown in fig. 11, a process of interactively completing card transaction (data processing of the analog card) by the gate (gate device), the mobile phone terminal (card analog device), and the background server (service device) is described, where the process includes the following steps:
s301, when the distance information between the gate and the mobile phone terminal is smaller than the preset distance information, the gate sends a request (a second card data request) for reading bus card data (card basic data) to the mobile phone terminal.
S302, the mobile phone terminal returns the bus card data (including card number information, card balance: 50 yuan, card passing number information and user number information) to the gate.
S303, the gate acquires gate time according to the received bus card data: 2019-11-1411: 00:00, and generating card transaction data (including card number information, transaction amount: 2 yuan, card balance after transaction: 48 yuan, card through number information, and user number information, which refer to card processing data in the embodiment of the present invention), and using a preset request public key to update the gate time: 2019-11-1411: 00:00 and the card transaction data are signed to obtain a card transaction request (card processing request), and the card transaction request is sent to the mobile phone terminal.
S304, the mobile phone terminal performs signature verification on the received card transaction request by using the preset request public key.
S305, when the signature of the card transaction request is verified by the mobile phone terminal, the gate time of the card transaction request is: 2019-11-1411: 00:00 and expiration time: 2019-11-1412:00:00, confirming that the card transaction data in the card processing request is valid because 2019-11-1411: 00:00 precedes 2019-11-1412:00: 00.
S306, when the mobile phone terminal confirms that the card transaction data is valid, updating the bus card data according to the card transaction data (at the moment, the card balance in the bus card data is 48 yuan), and prompting the user of successful transaction through the mobile phone terminal; meanwhile, according to the updating process, mobile phone transaction is generated, and signature is carried out on the mobile phone transaction to obtain mobile phone transaction data (card data updating information).
And S307, the mobile phone terminal sends the mobile phone transaction data to the gate.
And S308, the gate machine performs signature verification on the mobile phone transaction data.
S309, when the gate machine determines that the signature of the mobile phone transaction data passes verification, a prompt tone for successful card swiping is sent out; meanwhile, confirmation information (card data updating confirmation information) of the mobile phone transaction data is generated, and the confirmation information of the mobile phone transaction data is sent to the mobile phone terminal.
And S310, when receiving the confirmation information of the mobile phone transaction data, the mobile phone terminal sends the mobile phone transaction data to the background server.
S311, the background server synchronizes the local bus card data according to the received mobile phone transaction data, and the transaction process of the bus card is completed.
It can be understood that, in the embodiment of the present invention, when the card emulation device performs data processing on the emulation card, the gate time information is used to verify the card processing data, and only when the validity period of the gate time information of the card processing data is reached, the card basic data is processed according to the card processing data, so that the card basic data is effectively prevented from being reset by the history version data or tampered by other illegal data, and the security of the data processing performed by the emulation card is improved. In addition, because the reliability of the gate time information is high and the changeability is low, the validity period of the data processing flow of the analog card is verified by using the gate time information, and the safety of the data processing of the analog card is further improved.
Continuing with the exemplary structure of the card emulation device 455 provided by the embodiments of the present invention as implemented as a software module, in some embodiments, as shown in fig. 2, the software module stored in the card emulation device 455 of the first memory 450 may include:
the card data obtaining module 4551 is configured to, when a card simulation instruction is received, send a first card data request to a service apparatus in response to the card simulation instruction, and receive target card data sent by the service apparatus for the first card data request; the target card data includes time validity period information and card base data;
a processed data obtaining module 4552, configured to, when receiving a second card data request sent by a gate device, respond to the second card data request, send the card basic data to the gate device, and receive a card processing request sent by the gate device for the card basic data; the card processing request comprises gate time information and card processing data;
the time checking module 4553 is configured to check validity of the card processing data by using the gate time information and the time validity period information, and obtain a first validity checking result;
and a data processing module 4554, configured to update the card basic data according to the card processing data to obtain card data update information when the first validity check result indicates that the card processing data is valid.
Further, when the time validity period information is valid deadline time information, the time check module 4553 is further configured to compare the gate time information with the valid deadline time information to obtain a time comparison result; when the time comparison result represents that the gate time information is larger than the valid deadline time information, determining that the card processing data is invalid, thereby obtaining a first valid transaction result representing that the card processing data is invalid; and when the time comparison result represents that the gate time information is not greater than the effective deadline time information, determining that the card processing data is effective, thereby obtaining the first effective transaction result representing that the card processing data is effective.
Further, when the time validity period information is valid time period information and valid start time information, the time check module 4553 is further configured to obtain time interval information of the gate time information and the valid start time information; when the time interval information is larger than the valid time period information, determining that the card processing data is invalid, thereby obtaining a first validity check result representing that the card processing data is invalid; and when the time interval information is not greater than the valid time period information, determining that the card processing data is valid, thereby obtaining the first validity check result representing that the card processing data is valid.
Further, the data processing module 4554 is further configured to send the card data update information to the gate device; receiving card data update confirmation information sent by the gate device aiming at the card data update information; and sending the card data updating information to the service equipment according to the card data updating confirmation information so as to synchronize the card basic data in the service equipment.
Further, the card simulation apparatus 455 further includes a prohibition module 4555, configured to generate card processing prohibition information when the first validity check result indicates that the card processing data is invalid; and displaying the card processing prohibition information, and sending the card processing prohibition information to the gate equipment.
Embodiments of the present invention provide a storage medium storing executable instructions, where the executable instructions are stored, and when executed by a first processor, will cause the first processor to execute the data processing method applied to a card emulation device provided in embodiments of the present invention.
Continuing with the exemplary structure of the service device 255 implemented as software modules provided by the embodiments of the present invention, in some embodiments, as shown in fig. 3, the software modules stored in the service device 255 of the second memory 250 may include:
a request receiving module 2551, configured to receive a first card data request sent by the card emulation apparatus; the first card data request is used for requesting target card data;
a request response module 2552, configured to respond to the first card data request, and obtain card basic data and time validity information;
a card data obtaining module 2553, configured to combine the card basic data and the time validity information to obtain the target card data;
and a card data sending module 2554, configured to send the target card data to a card simulation apparatus, so that the card simulation apparatus performs validity check on a card processing request sent by a gate apparatus according to the time validity information to complete data processing of the card basic data.
Further, the service device 255 further includes a data synchronization module 2555, configured to receive card data update information sent by the card simulation device for the target card data; the card data updating information is obtained by the card simulation equipment updating the card basic data according to the card processing request; and synchronizing the card basic data according to the card data updating information.
Further, the service device is a node in a blockchain network, and the request response module 2552 is further configured to respond to the first card data request and obtain the card basic data from the blockchain network.
The embodiment of the invention also provides a storage medium which stores executable instructions, and the executable instructions are stored in the storage medium and can cause a second processor to execute the data processing method applied to the service equipment, which is provided by the embodiment of the invention, when the executable instructions are executed by the second processor.
In some embodiments, the storage medium may be memory such as FRAM, ROM, PROM, EPROM, EEPROM, flash memory, magnetic surface memory, optical disk, or CD-ROM; or may be various devices including one or any combination of the above memories.
In some embodiments, executable instructions may be written in any form of programming language (including compiled or interpreted languages), in the form of programs, software modules, scripts or code, and may be deployed in any form, including as a stand-alone program or as a module, component, subroutine, or other unit suitable for use in a computing environment.
By way of example, executable instructions may correspond, but do not necessarily have to correspond, to files in a file system, and may be stored in a portion of a file that holds other programs or data, such as in one or more scripts in a hypertext markup Language (HTML) document, in a single file dedicated to the program in question, or in multiple coordinated files (e.g., files that store one or more modules, sub-programs, or portions of code).
By way of example, executable instructions may be deployed to be executed on one computing device or on multiple computing devices at one site or distributed across multiple sites and interconnected by a communication network.
In summary, according to the embodiments of the present invention, since the card simulation device verifies the validity of the card processing data by using the gate time information and the time validity information before updating the card basic data according to the card processing data in response to the card processing request sent by the gate device, the card basic data is updated according to the card processing data only when it is determined that the verification result is that the card processing data is valid; therefore, safety guarantee is provided for data processing of the card basic data, and therefore the safety of data processing of the analog card is improved.
The above description is only an example of the present invention, and is not intended to limit the scope of the present invention. Any modification, equivalent replacement, and improvement made within the spirit and scope of the present invention are included in the protection scope of the present invention.
Claims (10)
1. A data processing method is applied to card simulation equipment and is characterized by comprising the following steps:
when a card simulation instruction is received, responding to the card simulation instruction, sending a first card data request to service equipment, and receiving target card data sent by the service equipment aiming at the first card data request; the target card data includes time validity period information and card base data;
when a second card data request sent by gate equipment is received, responding to the second card data request, sending the card basic data to the gate equipment, and receiving a card processing request sent by the gate equipment for the card basic data; the card processing request comprises gate time information and card processing data;
verifying the validity of the card processing data by using the gate time information and the time validity information to obtain a first validity verification result;
and when the first validity check result represents that the card processing data is valid, updating the card basic data according to the card processing data to obtain card data updating information.
2. The method according to claim 1, wherein when the time validity information is valid expiration time information, the verifying the validity of the card processing data using the gate time information and the time validity information to obtain a first validity verification result includes:
comparing the gate time information with the effective deadline time information to obtain a time comparison result;
when the time comparison result represents that the gate time information is larger than the valid deadline time information, determining that the card processing data is invalid, thereby obtaining a first valid transaction result representing that the card processing data is invalid;
and when the time comparison result represents that the gate time information is not greater than the effective deadline time information, determining that the card processing data is effective, thereby obtaining the first effective transaction result representing that the card processing data is effective.
3. The method according to claim 1, wherein when the time validity period information is valid time period information and valid start time information, the verifying validity of the card processing data using the gate time information and the time validity period information to obtain a first validity verification result includes:
acquiring the gate time information and the time interval information of the effective starting time information;
when the time interval information is larger than the valid time period information, determining that the card processing data is invalid, thereby obtaining a first validity check result representing that the card processing data is invalid;
and when the time interval information is not greater than the valid time period information, determining that the card processing data is valid, thereby obtaining the first validity check result representing that the card processing data is valid.
4. The method according to any one of claims 1 to 3, wherein after updating the card basic data according to the card processing data to obtain card data update information, the method further comprises:
sending the card data updating information to the gate equipment;
receiving card data update confirmation information sent by the gate device aiming at the card data update information;
and sending the card data updating information to the service equipment according to the card data updating confirmation information so as to synchronize the card basic data in the service equipment.
5. The method according to any one of claims 1 to 3, wherein the validity of the card processing data is verified by using the gate time information and the time validity period information, and after obtaining a first validity verification result, the method further comprises:
generating card processing inhibition information when the first validity check result represents that the card processing data is invalid;
and displaying the card processing prohibition information, and sending the card processing prohibition information to the gate equipment.
6. A data processing method is applied to service equipment and is characterized by comprising the following steps:
receiving a first card data request sent by card simulation equipment; the first card data request is used for requesting target card data;
responding to the first card data request, and acquiring card basic data and time validity information;
combining the card basic data and the time validity information to obtain the target card data;
and sending the target card data to card simulation equipment so that the card simulation equipment performs validity check on the card processing request sent by the gate equipment according to the time validity period information to complete data processing of the card basic data.
7. The method of claim 6, wherein after sending the target card data to a card emulation device, the method further comprises:
receiving card data updating information sent by the card simulation equipment aiming at the target card data; the card data updating information is obtained by the card simulation equipment updating the card basic data according to the card processing request;
and synchronizing the card basic data according to the card data updating information.
8. The method according to claim 6 or 7, wherein the service device is a node in a blockchain network, and the obtaining card basic data in response to the first card data request comprises:
and responding to the first card data request, and acquiring the card basic data from the block chain network.
9. A card emulation device, comprising:
a first memory for storing executable instructions;
a first processor for implementing the method of any one of claims 1 to 5 when executing executable instructions stored in the first memory.
10. A service device, comprising:
a second memory for storing executable instructions;
a second processor, adapted to perform the method of any of claims 6 to 8 when executing the executable instructions stored in the second memory.
Priority Applications (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN201911139538.XA CN110852756A (en) | 2019-11-20 | 2019-11-20 | Data processing method and equipment |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN201911139538.XA CN110852756A (en) | 2019-11-20 | 2019-11-20 | Data processing method and equipment |
Publications (1)
| Publication Number | Publication Date |
|---|---|
| CN110852756A true CN110852756A (en) | 2020-02-28 |
Family
ID=69602983
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN201911139538.XA Pending CN110852756A (en) | 2019-11-20 | 2019-11-20 | Data processing method and equipment |
Country Status (1)
| Country | Link |
|---|---|
| CN (1) | CN110852756A (en) |
Cited By (1)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN113469677A (en) * | 2021-06-11 | 2021-10-01 | 深圳市雪球科技有限公司 | Secure read-write method and device for DESFire card data |
-
2019
- 2019-11-20 CN CN201911139538.XA patent/CN110852756A/en active Pending
Cited By (2)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN113469677A (en) * | 2021-06-11 | 2021-10-01 | 深圳市雪球科技有限公司 | Secure read-write method and device for DESFire card data |
| CN113469677B (en) * | 2021-06-11 | 2024-04-19 | 深圳市雪球科技有限公司 | DESFire card data safety read-write method and device |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| TWI697842B (en) | Two-dimensional barcode processing method, device and system | |
| CN109951489B (en) | Digital identity authentication method, equipment, device, system and storage medium | |
| KR101883156B1 (en) | System and method for authentication, user terminal, authentication server and service server for executing the same | |
| CN109150548B (en) | Digital certificate signing and signature checking method and system and digital certificate system | |
| CN108809659B (en) | Dynamic password generation method, dynamic password verification method, dynamic password system and dynamic password verification system | |
| JP4067985B2 (en) | Application authentication system and device | |
| CN204948095U (en) | Authenticate device and the mutual system guaranteeing between application program and user | |
| US8266436B2 (en) | Service providing system, service providing server and information terminal device | |
| US11258591B2 (en) | Cryptographic key management based on identity information | |
| JP5365512B2 (en) | Software IC card system, management server, terminal, service providing server, service providing method and program | |
| CN111429254A (en) | Business data processing method and device and readable storage medium | |
| CN110826043B (en) | Digital identity application system and method, identity authentication system and method | |
| JP2014529964A (en) | System and method for secure transaction processing via a mobile device | |
| CN103051451A (en) | Encryption authentication of security service execution environment | |
| KR20140035775A (en) | Payment method, server performing the same, storage media storing the same and system performing the same | |
| CN101589361A (en) | The distribution of control figure identification presentation and use | |
| CN103929306A (en) | Intelligent secret key device and information management method of intelligent secret key device | |
| KR102248249B1 (en) | Decentralized identifiers system using a plurality of browsers and method thereof | |
| KR20080087917A (en) | System for certify one-time password, system for issue a seed, and method for generating one-time password | |
| CN104835038A (en) | Networking payment device and networking payment method | |
| CN102238135A (en) | Security authentication server | |
| CN111311259A (en) | Bill processing method, device, terminal and computer readable storage medium | |
| US9674272B2 (en) | Information processing apparatus and method, and program | |
| CN110852756A (en) | Data processing method and equipment | |
| EP2068264A2 (en) | Service providing system, service providing server and information terminal device |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| PB01 | Publication | ||
| PB01 | Publication | ||
| REG | Reference to a national code |
Ref country code: HK Ref legal event code: DE Ref document number: 40022516 Country of ref document: HK |
|
| SE01 | Entry into force of request for substantive examination | ||
| SE01 | Entry into force of request for substantive examination |