TWI410873B - Secure access module (SAM card) authentication method - Google Patents
Secure access module (SAM card) authentication method Download PDFInfo
- Publication number
- TWI410873B TWI410873B TW98141287A TW98141287A TWI410873B TW I410873 B TWI410873 B TW I410873B TW 98141287 A TW98141287 A TW 98141287A TW 98141287 A TW98141287 A TW 98141287A TW I410873 B TWI410873 B TW I410873B
- Authority
- TW
- Taiwan
- Prior art keywords
- card
- user
- sam
- pin
- determine whether
- Prior art date
Links
Abstract
Description
本發明係關於一種安全存取模組(SAM卡)認證方法,特別係指於SAM卡產製過程中將可供SAM卡管理人員控管卡片操作的權限認證資訊,以及可用來計算出此用戶卡的Unblock PIN的SAM APPLET(係指一種小應用程序)寫入SAM卡中之技術。The invention relates to a security access module (SAM card) authentication method, in particular to the authority authentication information that can be used by the SAM card management personnel to control the card operation in the SAM card production process, and can be used to calculate the user. The SAM APPLET (referred to as a small application) of the card's Unblock PIN is written into the SAM card.
目前習用之SAM卡,在關於用戶私人認證碼(User PIN)遺忘或被鎖住時,若想要開啟解鎖,必須電話或網路連線至遠端的卡管中心,才能以人工的方式,對用戶的SAM卡進行確認其來源與使用狀態;這種開啟解鎖的方式,不僅對卡管中心的操作人員與電腦管制不易,對於用戶而言,則必須確保連線狀態才能進行相關解碼作業。Currently used SAM card, when the user's private authentication code (User PIN) is forgotten or locked, if you want to unlock, you must connect to the remote card management center by phone or network, in order to manually The user's SAM card is confirmed by its source and usage status; this way of opening and unlocking is not only difficult for the operator of the card management center and the computer to control, but for the user, the connection state must be ensured to perform related decoding operations.
然而,本方法係利用SAM卡本身寫入之應用程式,來解鎖用戶卡之鎖卡解碼(Unblock PIN),對用戶卡直接作User PIN的變更,以直接更換新的User PIN的方式,而達到鎖卡之解碼。However, the method uses the application written by the SAM card itself to unlock the unlock card of the user card (Unblock PIN), and directly changes the User PIN of the user card to directly replace the new User PIN. The decoding of the lock card.
由此可見,上述習用方式仍有諸多不足,實非一良善之設計,而亟待加以改良。It can be seen that there are still many shortcomings in the above-mentioned methods of use. It is not a good design and needs to be improved.
本案發明人鑑於上述習用方式所衍生的各項缺點,乃亟思加以改良創新,並經多年苦心孤詣潛心研究後,終於成功研發完成本件一種安全存取模組(SAM卡)認證方法。In view of the shortcomings derived from the above-mentioned conventional methods, the inventor of the present invention has improved and innovated, and after years of painstaking research, he finally successfully developed a secure access module (SAM card) authentication method.
本發明的主要目的係在於提供一種卡片解鎖時,不須連線至遠端卡管中心的方法,讓有權限的人員可在離線環境下使用安全存取模組(SAM卡)取得卡片讀寫權限之目的。The main object of the present invention is to provide a method for unlocking a card without connecting to a remote card tube center, so that a authorized person can use the secure access module (SAM card) to obtain card reading and writing in an offline environment. The purpose of the permission.
本發明的次一目的係在於提供一種以SAM卡作為安全控管方法,提升了維運管理之便利性之目的。The second object of the present invention is to provide a SAM card as a security control method, which improves the convenience of maintenance management.
本發明的又一目的係在於提供一種利用SAM卡本身寫入之應用程式,來解鎖用戶卡之Unblock PIN,對用戶卡直接作User PIN的變更,以直接更換新的User PIN的方式,而達到鎖卡之解碼。Another object of the present invention is to provide an application that is written by the SAM card itself to unlock the Unblock PIN of the user card, and directly change the User PIN of the user card to directly replace the new User PIN. The decoding of the lock card.
可達成上述發明目的之一種安全存取模組(SAM卡)認證方法,係於SAM卡產生製造的過程中,將可供SAM卡管理人員,將控管卡片操作的權限認證資訊,以及可用來計算出此用戶卡的Unblock PIN的SAM APPLET(係指一種小應用程序)寫入SAM卡中;本方法亦包含利用SAM卡解鎖用戶卡之解鎖流程,對用戶卡之卡片做User PIN的變更,而達到鎖卡解除或其他卡片管理功能。A security access module (SAM card) authentication method capable of achieving the above object of the invention, in the process of manufacturing the SAM card, the SAM card management personnel, the authority authentication information for controlling the card operation, and the information available for The SAM APPLET (referred to as a small application) for calculating the Unblock PIN of the user card is written into the SAM card; the method also includes the process of unlocking the user card by using the SAM card, and changing the User PIN of the card of the user card. And achieve lock card release or other card management functions.
請參閱圖一所示,為本發明一種安全存取模組(SAM卡)認證方法之產製流程圖,包含:步驟一:產生一組唯一之卡片序號101,其係透過一系統連結至卡片資料庫,取得最新之卡片流水號並編出唯一之卡號;步驟二:判斷是否卡號產生成功102;若成功則將卡號寫入卡片103;若失敗則返回系統錯誤訊息104並結束流程;步驟三:判斷是否卡號寫入卡片成功105;若成功則接續步驟四;若失敗則返回卡片錯誤訊息106並結束流程;步驟四:接著利用此卡片序號根據SAM卡之演算法計算出此用戶卡的User PIN與Unblock PIN 107;步驟五:判斷是否成功取得資訊108;若成功則接續步驟六;若失敗則若失敗則返回系統錯誤訊息104並結束流程;步驟六:將卡片序號、User PIN,以及Unlock PIN等資訊寫入卡片中109;步驟七:判斷是否成功寫入資訊110;若成功寫入,空白用戶憑證卡已經順利產製完成,此時更可以連接至卡片資料庫111;若失敗則返回卡片錯誤訊息106並結束流程;步驟八:判斷是否成功更新狀態112;若成功則更新卡片狀態為製卡成功,並結束流程;若失敗則返回卡片錯誤訊息106並結束流程。Please refer to FIG. 1 , which is a flowchart of a security access module (SAM card) authentication method according to the present invention. The method includes the following steps: Step 1: generate a unique card serial number 101, which is connected to the card through a system. The database, obtain the latest card serial number and compile the unique card number; Step 2: judge whether the card number is successful 102; if successful, write the card number to the card 103; if it fails, return the system error message 104 and end the process; : Determine whether the card number is successfully written to the card 105; if successful, proceed to step 4; if it fails, return the card error message 106 and end the process; Step 4: Then use the card serial number to calculate the user of the user card according to the algorithm of the SAM card PIN and Unblock PIN 107; Step 5: Determine whether the information 108 is successfully obtained; if successful, continue with step 6; if it fails, return system error message 104 and end the process; Step 6: Card number, User PIN, and Unlock The PIN and other information is written into the card 109; Step 7: Determine whether the information 110 is successfully written; if successfully written, the blank user credential card has been successfully After the production is completed, the card database 111 can be connected to the card database 111; if it fails, the card error message 106 is returned and the process ends; step 8: whether the status 112 is successfully updated; if successful, the card status is successful for card production, and ends. Flow; if it fails, it returns a card error message 106 and ends the process.
請參閱圖二所示,為本發明一種安全存取模組(SAM卡)認證方法之卡片產製示意圖:係由一空白SAM卡(白卡10)在初始化,經過授權後,會寫入可供SAM卡管理人員控管卡片操作的權限認證資訊,並寫入SAM Applet至卡片中,即完成SAM卡11的發卡作業。Please refer to FIG. 2, which is a schematic diagram of a card production method for a secure access module (SAM card) authentication method according to the present invention: it is initialized by a blank SAM card (white card 10), and is written after being authorized. The SAM card management personnel controls the authority authentication information of the card operation, and writes the SAM Applet to the card, that is, completes the card issuing operation of the SAM card 11.
其中該SAM卡係採用符合Global Platform v2.1.1、Java CardTM 2.2或其他規格之晶片卡。Wherein the SAM card system used in line with Global Platform v2.1.1, Java Card TM 2.2 specifications or other chip card.
請參閱圖三所示,為本發明一種安全存取模組(SAM卡)認證方法之解鎖流程圖,係當用戶卡的User PIN遺忘、被鎖住或其他資訊要更新或查詢時,可藉SAM卡認證方法取得適當權限,包含:步驟一:可藉由讀卡機讀取用戶卡卡號或是提供一卡號輸入介面,將用戶卡卡號傳送至SAM卡301;步驟二:判斷是否成功取得卡號302;若成功則接續步驟三;若失敗則返回卡片錯誤訊息304並結束流程;步驟三:SAM卡即可利用此用戶卡卡號與內建的SAM Applet計算出此用戶卡的Unblock PIN 303,再通過認證取得權限,對用戶卡卡片作User PIN的變更,而達到解鎖卡功能;其中,該步驟三更包含:通過User PIN認證,更可以對用戶卡卡片做金鑰產製、憑證寫入等作業,以及可顯示卡內金鑰對、憑證內容、數量及其他可辨識資料,以確認卡片來源與狀態;步驟四:判斷是否成功取得資訊305,是則更新卡片狀態306;否則返回系統錯誤訊息307並結束流程;步驟五:判斷是否成功更新狀態308,是則結束流程;否則返回卡片錯誤訊息304並結束流程。Please refer to FIG. 3 , which is an unlocking flowchart of a security access module (SAM card) authentication method according to the present invention. When the user PIN of the user card is forgotten, locked, or other information is to be updated or inquired, The SAM card authentication method obtains appropriate rights, including: Step 1: The user card number can be read by the card reader or a card number input interface is provided, and the user card number is transmitted to the SAM card 301; Step 2: Determine whether the card number is successfully obtained. 302; if successful, continue with step 3; if it fails, return card error message 304 and end the process; step 3: SAM card can use this user card number and built-in SAM Applet to calculate the Unblock PIN 303 of the user card, and then By obtaining the authority of the authentication, the user card is changed by the User PIN, and the unlocking card function is achieved; wherein the third step includes: through the User PIN authentication, the key card production, the certificate writing, etc. can be performed on the user card card. Homework, and can display the key pair, voucher content, quantity and other identifiable data to confirm the card source and status; Step 4: Determine whether the information is successfully obtained 305, yes Updating a card state 306; otherwise the system returns 307 an error message and terminates the process; Step Five: Success is determined whether the update state 308, a flow is ended; otherwise, an error message card 304 and ends the process.
本發明所提供之一種安全存取模組(SAM卡)認證方法,與其他習用技術相互比較時,更具備下列優點:The security access module (SAM card) authentication method provided by the present invention has the following advantages when compared with other conventional technologies:
1.本發明可提供用戶鎖卡時,洽任一經授權的卡務管理中心以SAM卡解鎖用戶卡。1. The present invention can provide a user lock card, and contact any authorized card management center to unlock the user card with the SAM card.
2.本發明為確保用戶之權益,卡務管理中心以SAM卡作為解鎖工具比利用軟體方式解鎖更為安全。2. In order to ensure the user's rights and interests, the card management center uses the SAM card as an unlocking tool to be safer than using the software to unlock.
3.舉凡有關於密碼驗證、身分證驗證、需驗卡或解鎖功能者,皆可使用本發明。3. The invention can be used in any case of password verification, identity verification, card verification or unlocking.
上列詳細說明係針對本發明之一可行實施例之具體說明,惟該實施例並非用以限制本發明之專利範圍,凡未脫離本發明技藝精神所為之等效實施或變更,均應包含於本案之專利範圍中。The detailed description of the preferred embodiments of the present invention is intended to be limited to the scope of the invention, and is not intended to limit the scope of the invention. The patent scope of this case.
綜上所述,本案不但在技術思想上確屬創新,並能較習用物品增進上述多項功效,應已充分符合新穎性及進步性之法定發明專利要件,爰依法提出申請,懇請 貴局核准本件發明專利申請案,以勵發明,至感德便。To sum up, this case is not only innovative in terms of technical thinking, but also able to enhance the above-mentioned multiple functions compared with conventional articles. It should fully comply with the statutory invention patent requirements of novelty and progressiveness, and apply in accordance with the law. I urge you to approve this article. Invention patent application, in order to invent invention, to the sense of virtue.
10...白卡10. . . White card
11...SAM卡11. . . SAM card
圖一為本發明一種安全存取模組(SAM卡)認證方法之產製流程圖;1 is a flow chart of a production method of a secure access module (SAM card) authentication method according to the present invention;
圖二為本發明一種安全存取模組(SAM卡)認證方法之卡片產製示意圖;2 is a schematic diagram of card production of a secure access module (SAM card) authentication method according to the present invention;
圖三為本發明一種安全存取模組(SAM卡)認證方法之解鎖流程圖。FIG. 3 is a flowchart of unlocking a secure access module (SAM card) authentication method according to the present invention.
10...白卡10. . . White card
11...SAM卡11. . . SAM card
Claims (3)
Priority Applications (1)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
TW98141287A TWI410873B (en) | 2009-12-03 | 2009-12-03 | Secure access module (SAM card) authentication method |
Applications Claiming Priority (1)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
TW98141287A TWI410873B (en) | 2009-12-03 | 2009-12-03 | Secure access module (SAM card) authentication method |
Publications (2)
Publication Number | Publication Date |
---|---|
TW201120759A TW201120759A (en) | 2011-06-16 |
TWI410873B true TWI410873B (en) | 2013-10-01 |
Family
ID=45045293
Family Applications (1)
Application Number | Title | Priority Date | Filing Date |
---|---|---|---|
TW98141287A TWI410873B (en) | 2009-12-03 | 2009-12-03 | Secure access module (SAM card) authentication method |
Country Status (1)
Country | Link |
---|---|
TW (1) | TWI410873B (en) |
Families Citing this family (1)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
TWI632508B (en) * | 2017-07-31 | 2018-08-11 | 中華電信股份有限公司 | Multi-card integrated chip card application sharing authentication method |
Citations (3)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
TW200727655A (en) * | 2006-01-10 | 2007-07-16 | Far East College | An verification method of smart card |
TW200813872A (en) * | 2006-03-17 | 2008-03-16 | Mastercard International Inc | Techniques for transaction adjustment |
TW200842753A (en) * | 2007-04-23 | 2008-11-01 | Rfcyber Corp | Method and apparatus for providing e-commerce and m-commerce |
-
2009
- 2009-12-03 TW TW98141287A patent/TWI410873B/en not_active IP Right Cessation
Patent Citations (3)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
TW200727655A (en) * | 2006-01-10 | 2007-07-16 | Far East College | An verification method of smart card |
TW200813872A (en) * | 2006-03-17 | 2008-03-16 | Mastercard International Inc | Techniques for transaction adjustment |
TW200842753A (en) * | 2007-04-23 | 2008-11-01 | Rfcyber Corp | Method and apparatus for providing e-commerce and m-commerce |
Also Published As
Publication number | Publication date |
---|---|
TW201120759A (en) | 2011-06-16 |
Similar Documents
Publication | Publication Date | Title |
---|---|---|
US11664996B2 (en) | Authentication in ubiquitous environment | |
CN101375259B (en) | Data security system | |
CN111711520A (en) | Authentication in ubiquitous environments | |
CN104104672A (en) | Method for establishing dynamic authorization code based on identity authentication | |
JP2004013744A (en) | Issuing system for digital content and issuing method | |
US20080120726A1 (en) | External storage device | |
JPWO2005117336A1 (en) | Parent-child card authentication system | |
US20060049243A1 (en) | Ic card, terminal device, and data communications method | |
CN101950342B (en) | Device and method for managing access control permission of integrated circuit card | |
JP2010518499A (en) | Method for authenticating access to at least one automated component of an industrial facility | |
CN103154965B (en) | Manage the method, apparatus and system that the user to file system accesses safely | |
CN110096459A (en) | Data storage device, data processing system, with system and data processing method | |
CN104104671B (en) | Establish the unified dynamic authorization code system of business entity's account | |
CN101765821B (en) | Fingerprint reader resetting system and method | |
TWI410873B (en) | Secure access module (SAM card) authentication method | |
KR20100011861A (en) | Method for finance transaction using an imagination account and system thereof | |
CN103198241B (en) | A kind of safety management method for software license | |
CN102289613A (en) | Liquid crystal universal serial bus (USB) Key equipment capable of identifying fingerprint | |
CN207458057U (en) | A kind of PKI system ID authentication devices based on fingerprint identification technology | |
CN108595962B (en) | POS machine terminal decoding base authorization code checking method | |
EP3563327A1 (en) | Safety process/method for sending and exchanging a temporary enabled random code among at least three electronic devices for recharges, payments, accesses and/or ids of owners of a mobile device, such as a smartphone | |
CN107947934A (en) | The fingerprint recognition Verification System and method of mobile terminal based on banking system | |
JP4885168B2 (en) | External media control method, system and apparatus | |
CN111815821B (en) | IC card security algorithm applied to intelligent door lock | |
JP2010160765A (en) | System lsi and debugging method thereof |
Legal Events
Date | Code | Title | Description |
---|---|---|---|
MM4A | Annulment or lapse of patent due to non-payment of fees |