WO2018166163A1 - Pos terminal control method, pos terminal, server and storage medium - Google Patents

Pos terminal control method, pos terminal, server and storage medium Download PDF

Info

Publication number
WO2018166163A1
WO2018166163A1 PCT/CN2017/102383 CN2017102383W WO2018166163A1 WO 2018166163 A1 WO2018166163 A1 WO 2018166163A1 CN 2017102383 W CN2017102383 W CN 2017102383W WO 2018166163 A1 WO2018166163 A1 WO 2018166163A1
Authority
WO
WIPO (PCT)
Prior art keywords
authorization
feature information
information
feature
tool
Prior art date
Application number
PCT/CN2017/102383
Other languages
French (fr)
Chinese (zh)
Inventor
李坚强
刘绍海
蓝万强
Original Assignee
万达百汇科技(深圳)有限公司
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by 万达百汇科技(深圳)有限公司 filed Critical 万达百汇科技(深圳)有限公司
Publication of WO2018166163A1 publication Critical patent/WO2018166163A1/en

Links

Images

Classifications

    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/30Authentication, i.e. establishing the identity or authorisation of security principals
    • G06F21/44Program or device authentication
    • GPHYSICS
    • G07CHECKING-DEVICES
    • G07FCOIN-FREED OR LIKE APPARATUS
    • G07F19/00Complete banking systems; Coded card-freed arrangements adapted for dispensing or receiving monies or the like and posting such transactions to existing accounts, e.g. automatic teller machines
    • G07F19/20Automatic teller machines [ATMs]
    • G07F19/209Monitoring, auditing or diagnose of functioning of ATMs

Definitions

  • the present invention relates to the field of network communications, and in particular, to a POS terminal control method, a POS terminal, a server, and a storage medium.
  • POS terminal point of sale
  • usage groups such as production line personnel, maintenance personnel, application developers, product developers, banks and third-party payment institutions, merchants, etc.
  • the group has different usage scenarios and different requirements for the behavior characteristics of the terminal.
  • the POS terminal control method, POS terminal, server and storage medium disclosed in the present application solve one or more problems involved in the background art.
  • a POS terminal control method includes:
  • a POS terminal control method includes:
  • the first feature information and the authorization data are sent to an authorization machine for encryption
  • a POS terminal includes a memory and a processor, wherein the memory stores instructions that, when executed by the processor, cause the processor to perform the following steps:
  • the authorization success result is sent to the authorization tool
  • a server includes a memory and a processor, the memory storing instructions that, when executed by the processor, cause the processor to perform the following steps:
  • the first feature information and the authorization data are sent to an authorization machine for encryption
  • a computer readable storage medium having stored thereon a computer program that, when executed by a processor, implements the following steps:
  • the authorization success result is sent to the authorization tool
  • the POS terminal control method, the POS terminal, the server, and the storage medium the POS terminal may generate the first feature information according to the instruction of the requesting feature information of the authorization tool, so that each time the state of the POS terminal is to be switched, the POS terminal generates a new one.
  • the first feature information so that even if the first feature information is illegally acquired at a certain authorization, the state of the POS terminal cannot be switched according to the first feature information, thereby ensuring the security of the POS terminal, and further,
  • the POS terminal is authorized by a unified authorization machine instead of being authorized locally at the POS terminal, which improves the security of the POS terminal.
  • the authorization information is encrypted by the authorization machine.
  • the second feature information and the first feature information are used to determine that the authorization information is for the POS terminal, thereby further ensuring the POS terminal.
  • Security security for state switching of POS terminals Sex provides effective protection.
  • FIG. 1 is an application scenario diagram of a POS terminal control method in an embodiment
  • FIG. 2 is an internal structural diagram of a POS terminal in an embodiment
  • FIG. 3 is an internal structural diagram of an authorization server in an embodiment
  • FIG. 4 is a flowchart of a method for controlling a POS terminal in an embodiment
  • FIG. 5 is a timing diagram of a method for controlling a POS terminal in an embodiment
  • FIG. 6 is a state transition diagram of a POS terminal in the embodiment shown in FIG. 1;
  • Figure 7 is a flow chart of the verification step in an embodiment
  • FIG. 8 is a flowchart of a method for controlling a POS terminal in another embodiment
  • FIG. 9 is a structural block diagram of a POS terminal in an embodiment
  • Figure 10 is a structural block diagram of an authorization server in an embodiment.
  • FIG. 1 is an application scenario diagram of a method for controlling a POS terminal in an embodiment.
  • a plurality of POS terminals, a plurality of authorization tools, an authorization server, and an authorization machine are included.
  • the POS terminal can communicate with the authorization tool through a serial port or a USB (Universal Serial Bus), and the authorization tool can communicate with the authorization server through the wireless network, and the authorization server communicates with the authorization machine.
  • USB Universal Serial Bus
  • the POS terminal can also control the characteristics in each state to ensure the security of the data related to the authorization.
  • the POS terminal pre-stores the private key corresponding to the authorized machine.
  • a public key that forms a pair of RSA (Asymmetric Encryption Algorithm) keys with the private key.
  • the authorization tool is a human-computer interaction tool for the user to perform the authorization operation.
  • the authorization tool can be a terminal such as a computer or a mobile phone.
  • the authorization tool can use http (HyperText Transfer Protocol) or https protocol (Hypertext Transfer Protocol over Secure).
  • http HyperText Transfer Protocol
  • https Hypertext Transfer Protocol over Secure
  • the Socket Layer a hypertext transfer protocol for security purposes, communicates with the authorization server and, on the other hand, interacts with the POS terminal via a serial or USB cable.
  • the authorization server is configured to manage the permissions of various types of POS terminals and users who use the authorization tool, receive the authorization request submitted by the authorization tool, and interact with the authorization machine to obtain the authorization information, and then return to the authorization tool and the POS terminal, which may have the following Functions: user management, login management, rights management (the authorization type available to the user in the background, the foreground only shows the available authorization type), external interface management, processing POST request (authorization request), and interaction with the authorized machine.
  • Functions user management, login management, rights management (the authorization type available to the user in the background, the foreground only shows the available authorization type), external interface management, processing POST request (authorization request), and interaction with the authorized machine.
  • Authorization machine used to store the authorized private key, connected to the authorization server, responsible for data encryption, The authorization machine is not connected to the network, so that the physical key in the authorization machine can be ensured that the private key in the authorization machine is not tampered by not being connected to the physical security, thereby ensuring the security of the entire system.
  • the POS terminal may receive an instruction for requesting the feature information sent by the authorization tool, and then generate the first feature information according to the instruction, and return the generated first feature information to the authorization tool.
  • the authorization tool sends the first feature information to the authorization server through the network connection, and the authorization server first checks the first feature information, and when the verification succeeds, sends the first feature information and the authorization data to the authorization machine.
  • the authorization machine may generate the authorization information according to the first feature information and the authorization data, and the authorization machine returns the generated authorization information to the authorization server for storage, and then the authorization server sends the authorization information to the authorization tool through the network, and the authorization tool will The authorization information is returned to the POS terminal, and the POS terminal checks the authorization information.
  • the second feature information in the authorization information is extracted, only when the first feature information and the second feature information are the same.
  • the POS terminal saves the authorization information and returns the authorization to the authorization tool. Fruit, so that the tool may send the authorization state switching instruction to the POS terminal, the POS terminal which can switch the current switching state based on the state.
  • a POS terminal is also provided, the POS terminal including a processor, a storage medium, a memory, and an interface connected through a system bus.
  • An operating system is stored in the storage medium, and computer executable instructions are also stored.
  • a POS terminal control method can be implemented.
  • the interface can be a USB interface or a string, and is used to communicate with an authorization tool through a serial port or a USB, thereby implementing communication with the outside world, and controlling state switching of the POS terminal.
  • the processor is used to improve the calculation and control capabilities, and supports the operation of the entire POS terminal, including the normal operation of the normal use function of the POS terminal and the normal operation of the debugging function of the POS terminal.
  • Memory is used to provide an environment for the operation of the POS terminal control program in the storage medium.
  • a computer readable storage medium having stored thereon a computer program, such as the non-volatile storage medium shown in FIG. 2, wherein the program is implemented by a processor to implement a POS Terminal control method.
  • an authorization server is also provided, the authorization server.
  • An operating system is stored in the storage medium, and computer executable instructions can also be stored.
  • a POS terminal control method can be implemented.
  • the processor is used to increase computing and control capabilities to support the operation of the entire portable electronic device.
  • the memory is used to provide an environment for the operation of the POS terminal control device in the storage medium for network communication with the authorization tool.
  • the USB interface or serial port is used to communicate with the authorized machine.
  • a computer readable storage medium having stored thereon a computer program, such as the non-volatile storage medium shown in FIG. 3, wherein the program is implemented by a processor to implement a POS Terminal control method.
  • FIG. 4 is a flowchart of a method for controlling a POS terminal according to an embodiment. This embodiment is applied to the POS terminal in FIG. 1 to illustrate.
  • the POS terminal runs a POS terminal control program, and the POS terminal control method is used to implement the real-time POS terminal control method.
  • the POS terminal control method may include:
  • S202 Receive an instruction for requesting feature information sent by an authorization tool.
  • the feature information refers to information that can uniquely determine the POS terminal, for example, it may include a serial number when the POS terminal is shipped, and the like.
  • the POS terminal when the current state of the POS terminal needs to be switched, the POS terminal must be authorized.
  • an authorization tool is introduced, and the user can operate the authorization tool to implement authorization for the POS terminal, so as to change the current state of the POS terminal.
  • the authorization tool can communicate with the POS terminal through the serial port or USB. When the communication path is established, the authorization tool can also be used.
  • the handshake message is sent to the POS terminal. After the POS terminal returns a response handshake message to the authorization tool, the communication channel between the authorization tool and the POS terminal is established.
  • S204 Generate first feature information according to the instruction.
  • the POS terminal when the POS terminal needs to switch the current state, the POS terminal needs to obtain the authorization of the authorized machine. Therefore, in order to distinguish the POS terminals, the first feature information that can uniquely represent the operation of the switching state of the POS terminal needs to be sent to the authorization machine. . For this reason, whenever the POS terminal needs to switch When the authorization tool requests the first feature information from the POS terminal, the POS terminal generates first feature information that can uniquely represent the operation of the switching state of the POS terminal.
  • the illegal component Since the unique first feature information is generated before each POS terminal switching state in this step, even if the first feature information is acquired by the illegal component, the illegal component wants to switch the current POS terminal again through the first feature information. In the state, when the state switching is performed again, the POS terminal generates new first feature information, which is different from the first feature information that is illegally acquired. Therefore, the illegal component cannot complete the state switching of the POS terminal, thereby Ensure the security of the POS terminal.
  • the POS terminal may respond to the instruction of the authorization tool for requesting the feature information, and return the newly generated first feature information to the authorization tool.
  • S208 Receive authorization information returned by the authorization device according to the first feature information returned by the authorization tool.
  • the authorization tool after receiving the first feature information, sends the first feature information to the authorization server, and the authorization server sends the authorization data and the first feature information to the authorization data according to the first feature information.
  • the authorization machine encrypts the authorization data and the first feature information to form authorization information, and returns the authorization information to the POS terminal through the authorization server and the authorization tool.
  • the POS terminal After receiving the authorization information, the POS terminal first needs to check the authorization information to ensure that the authorization information has not been tampered with during the transmission process, and secondly, it is determined that the authorization information is for the POS terminal, so in order to determine the The authorization information is for the POS terminal, and since the feature information can uniquely represent the operation of the handover state of the POS terminal, the second characteristic information in the authorization information formed by the authorization machine is extracted here.
  • the POS terminal determines whether the authorization information is available by comparing whether the second feature information is the same as the first feature information. When the second feature information is the same as the first feature information, the authorization information is saved, and the authorization is successful. The results are sent to the authorization tool so that the user can operate Authorization tool to switch the current state of the POS terminal.
  • S214 Receive a state switching instruction of the authorization tool, and switch the current state according to the state switching instruction.
  • the POS terminal may generate the first feature information according to the instruction of the requesting feature information of the authorization tool, so that each time the state of the POS terminal is to be switched, the POS terminal generates new first feature information, so that even When the authorization is performed, the first feature information is illegally acquired, and the POS terminal cannot be switched according to the first feature information, thereby ensuring the security of the POS terminal, and further, the unified authorization machine is used for the POS terminal.
  • Authorization rather than local authorization at the POS terminal, improves the security of the POS terminal.
  • the authorization information is encrypted by the authorization machine.
  • the second feature information and the first feature information are used to determine that the authorization information is for the POS terminal, thereby further ensuring the POS terminal.
  • the security provides an effective guarantee for the security of the state switching of the POS terminal.
  • the step S204 shown in FIG. 4, that is, the step of generating the first feature information according to the instruction may include: generating a random number according to the instruction, and generating the feature information according to the random number and the stored permission feature code.
  • the method may include: determining whether the random number in the second feature information is the same as the random number in the first feature information; When the random number in the second feature information is the same as the random number in the first feature information, it is further determined whether the rights feature code in the second feature is the same as the rights feature code in the first feature information; When the feature code is the same as the authority feature code in the first feature information, returning the same result of the second feature information and the first feature information; when the random number in the second feature information is different from the random number in the first feature information Meanwhile, when the authority feature code in the second feature is different from the rights feature code in the first feature information, the result that the second feature information is different from the first feature information is returned.
  • FIG. 5 is a timing diagram of a method for controlling a POS terminal in an embodiment.
  • the user enters the login account and password through the authorization interface provided by the authorization tool.
  • the authorization tool obtains the login account and password entered and sends it to the authorization server.
  • the authorization server determines that the login account and password are correct, it returns the login to the authorization tool. Successful information.
  • the authorization tool will send the information requesting the verification code ticket to the authorization server again.
  • the authorization server will generate a verification code based on the information and return it to the authorization tool. For example, it can return to the authorization tool corresponding to the authorization tool through the mailbox.
  • the mailbox so that the user can obtain the verification code, or the authorization tool obtains the verification code directly by logging in to the encrypted mailbox for subsequent use.
  • the authorization tool can display the permissions of the login account, etc., to prompt the user for the operation.
  • the POS terminal is powered on, and the authorization tool is connected to the POS terminal through a USB or a serial port to establish a communication channel.
  • a communication channel can be established through a handshake mechanism.
  • the authorization tool can send a handshake message to the POS terminal.
  • the format is as follows:
  • the POS terminal may return corresponding response information, and the format of the packet is as follows:
  • the authorization tool After the communication channel between the authorization tool and the POS terminal is successfully established, the authorization tool requests the POS terminal for the feature information.
  • the following packet format can be used:
  • the POS terminal generates a feature information according to the request, for example, to ensure the feature letter.
  • the POS terminal stores a privilege signature that can uniquely characterize the POS terminal, preferably a serial number, etc., and secondly, in order to uniquely characterize the operation of the POS terminal in the handover state,
  • the random number generating device is set to generate a random number whenever the POS terminal needs to switch states, so that the random number and the rights feature code can uniquely represent the operation of the POS terminal in the switching state.
  • the feature information can be seen in Table 1:
  • the feature information is generated by the POS terminal, the feature information is returned to the authorization tool.
  • the following message may be used:
  • the authorization tool sends the feature information and the verification code mentioned above to the authorization server, and the authorization server may Identifying, by the feature information, an operation of the switching state of the POS terminal, and determining, by the feature code, whether the feature information is tampered with during transmission, or determining whether the authorization tool is an authenticated security authorization tool, wherein
  • the authorization machine After receiving the feature information and the authorization data, the authorization machine encrypts the feature information and the authorization data by using the stored private key to form authorization information, and returns the authorization information to the authorization server, and the authorization server stores the authorization. After the information is returned to the authorization tool, the authorization tool returns the authorization information to the POS terminal.
  • the following message format can be adopted:
  • the authorization data may include information such as an authorization type and a security level. Specifically, the authorization information may be as shown in Table 2:
  • the authorization machine refers to a POS terminal loaded with an authorized private key (RSA private key), and provides an encryption signature service to the authorization server.
  • the authorization machine itself can be considered as a terminal that has passed the latest security standard certification of PCI (Peripheral Component Interconnect), which can ensure that the key is not obtained; the authorized machine and the authorization server are placed together in the security-certified security room.
  • PCI Peripheral Component Interconnect
  • the physical security is ensured; at the same time, the authorization machine and the authorization server do not provide network services to the outside, and only connect to the authorization server through the SUB cable, and the entity outside the security room cannot access the authorized machine.
  • the POS terminal After receiving the authorization information, the POS terminal first verifies the legality of the authorization information, that is, the authorization information is not tampered with during the transmission process, and secondly, it is determined that the authorization information is for the POS terminal,
  • the process may be implemented by using the characteristic information, for example, the feature information in the authorization information may be extracted, and the authorization is determined by determining whether the random number and the rights feature code in the feature information are the same as the stored random number and the rights feature code in the POS terminal. Whether the information is available, when the random number If at least one of the privilege signatures is not the same as the cryptographic number and the privilege signature stored in the POS terminal, the authorization is considered to be unsuccessful. Otherwise, the authorization is considered successful.
  • the POS terminal saves the authorization information and returns an authorization result to the authorization tool, so that the authorization tool can present the authorization result to the user, and switch the POS by sending an instruction to switch the state to the POS terminal.
  • the current state of the terminal The current state of the terminal.
  • FIG. 6 is a state transition diagram of the POS terminal in the embodiment shown in FIG. 1.
  • the POS terminal includes seven states:
  • the application including the factory test program
  • the application can only be run with the vendor firmware level signature, ensuring that any non-vendor-authorized application will not run in this production state.
  • the signature of the OS can be verified.
  • the program for the vendor root key signature can be run.
  • L1 This state is the default factory state, and the terminal has the same characteristics as the traditional terminal feature.
  • Terminal characteristics The terminal in the L0 state enters the L1 state through an authorization operation. The L1 state cannot be rolled back to the L0 state. The safety switch is turned on and the attacked POS terminal will be triggered. The trigger status is released by entering a fixed password. Changing the serial number requires authorization.
  • the terminal can be set to debug state by authorization. The terminal triggers and the trigger information can be displayed on the screen. After the terminal triggers the repair, the status value is not affected.
  • the program for the vendor root key signature can be run.
  • L2 This state is the highest level device state currently defined.
  • Terminal characteristics The terminal in the L2 state can be rolled back to the L1 state by restoring the factory state, and the number of SN (serial number) writes is cleared. The terminal is triggered. After the repair, authorization is required to release the trigger status. Changing the serial number requires authorization. The terminal can be set to debug state by authorization. The terminal triggers and the trigger information can be displayed on the screen. After the terminal triggers the repair, the status value is not affected. The program for the vendor root key signature can be run.
  • Terminal characteristics It is related only to whether the client public key is included, and whether the terminal is in the L0 state, the L1 state, and the L2 state.
  • the security switch is in the open state.
  • the attacked POS terminal will be triggered. After the trigger, the authorized machine needs to clear the trigger. After the clearing, it will remain in the locked state. Machines in any state can enter the locked state.
  • the application signature is verified using the customer's public key.
  • the program for the vendor root key signature can be run.
  • Application Debugging Status This state is mainly provided to application developers to meet the needs of scenarios that require frequent application and terminal debugging.
  • Terminal characteristics Only machines that are in the factory state are allowed to enter this state. The safety switch is in the open state, and the attacked machine will be triggered. After the clearing, the application debugging state is lost, and the re-authorization is required to enter the application debugging state. Does not verify the application signature, can be used for application development debugging. It is allowed to download the customer's public key to the machine. Once the customer's public key is downloaded, the application debug state is automatically revoked and the locked state is entered.
  • Firmware Debug Status This status is mainly provided to the firmware developer to meet the needs of the scenario where the firmware is sent to the terminal for debugging.
  • Terminal characteristics Only machines that are in the factory state are allowed to enter this state. The safety switch is turned on, and the attacked machine will be triggered. After the firmware is cleared, the firmware debug status is lost. Re-authorization is required to enter the firmware debug state. Firmware signatures other than boot are not verified and can be used for firmware development and debugging. It is allowed to download the customer's public key to the machine, and once the downloaded customer's public key is automatically entered into the locked state (the debugging state is no longer available).
  • Trigger state refers to the need for the device to receive an attack or maintenance, the security circuit of the terminal acts, and the sensitive data such as the key of the terminal is automatically deleted.
  • Terminal characteristics The sensitive information inside the terminal is automatically deleted. The screen prompts trigger information. All applications will not run. The firmware or program signed by the vendor root key can be run to facilitate running the diagnostics to diagnose problems. A password (L1 before trigger) or an authorization (L2 before trigger) is required to release the trigger. The terminal cannot be used normally until the trigger status is released.
  • OTP One Time Programmable, which is a type of memory of the MCU, meaning one-time programmable: after the program is burned into the IC, it cannot be changed again
  • the initial value of the area data is 0x00, which can only be written from 0 to 1, not from 1 When it is 0, the power-down data will not disappear.
  • BBRAM Battery Backup Random Access Memory, specifically to the POS terminal, is an area protected by the trigger circuit. Once the terminal is attacked, the content of the area will be automatically erased, so it is often used to store sensitive data such as transaction keys. Similar to SDRAM, the data can be arbitrarily rewritten, powered by battery, and the data will be cleared after the POS terminal triggers.
  • the OTP area is accessible only by the terminal firmware, and no one can read, write or rewrite by any means. Therefore, sufficient safety can be ensured.
  • the POS terminal After the POS terminal sends the first feature information to the authorization tool, it waits cyclically to receive the authorization information. If the authorization information is received, and the authorization information is valid, the authorization is executed, and the operating system is started. If the waiting timeout occurs, Start the operating system directly, and if the authorization information is invalid, continue to cycle to receive the authorization information.
  • the POS terminal is first characterized by a privilege signature that can be uniquely characterized by the POS terminal stored in the POS terminal, and the POS terminal is uniquely characterized by the generation of a random number.
  • the random number and the privilege signature can uniquely represent the operation of the POS terminal in the switching state, so that the feature information is timed to be obtained by the illegal component. Since the feature information of the POS terminal switching state operation is different, the illegal component cannot be POS.
  • the terminal performs state switching to ensure the security of the POS terminal.
  • FIG. 7 is a flowchart of a verification step in an embodiment. After the step S208 in the embodiment shown in FIG. 4, the verification device returns an authorization machine to generate according to the first feature information. After the steps of the authorization information, it may also include:
  • S502 Separate the authorization information to obtain the original text and the digital signature.
  • the authorization device encrypts the first feature information and the authorization data, and the first feature information is used for convenience of description.
  • the authorization data is called the original text
  • the RSA key of the encryption process uses a 2048 bit key
  • the authorization machine first performs a one-way hash (HSAH) operation on the original text to obtain the message digest A, and then the message is stored through the stored private key.
  • the abstract A is signed to obtain the digital signature A, and the digital signature A and the original text are sequentially sent as authorization information to the authorization server, the authorization tool, and the POS terminal. Therefore, after obtaining the authorization information, the POS terminal first needs to separate the authorization information to obtain a digital signature and an original text.
  • S504 Decrypt the digital signature by authorizing the public key to obtain the first digest.
  • the digital signature Since the public key corresponding to the private key is stored in the POS terminal, after the digital signature is obtained, the digital signature is decrypted by the authorized public key to obtain a corresponding first digest.
  • S506 Perform a one-way hash operation on the original text to obtain a second abstract.
  • FIG. 8 is a flowchart of a method for controlling a POS terminal in another embodiment.
  • the method is applied to the authorization server shown in FIG. 1.
  • the method may include:
  • S602 Receive first feature information that is sent by the authorization tool and is obtained from the POS terminal.
  • the authorization tool when the authorization tool needs to switch the state of the POS terminal, the first feature information is first applied to the POS terminal, and the first feature information is sent to the authorization server.
  • the authorization server After receiving the first feature information, the authorization server first checks the first feature information to ensure the validity of the first feature information. For example, it may be verified whether the sequence number in the first feature information is The serial number of the POS terminal managed by the authorization server, if yes, the continuation check whether the random number is the same as the random number in the first feature information sent by the POS terminal last time Etc. to ensure the legitimacy of the first feature information.
  • the authorization server may authorize the corresponding POS terminal, for example, may form an authorization type, a security level, etc., and send the authorization data together with the first feature information to the authorization machine for encryption. Processing, so as to ensure that the authorization information is not tampered with during transmission.
  • S608 Receive authorization information formed by encrypting the first feature information and the authorization data returned by the authorization machine.
  • the authorized machine In order to protect the legality of the authorized private key in the authorized machine, the authorized machine is generally set to be unable to be networked, so that the authorized private key in the authorized machine will not be tampered with, but in this way, the authorized machine cannot directly send the authorization information to the POS.
  • the terminal therefore, the authorization opportunity first sends the authorization information to the authorization server to which it is physically connected, and the authorization server transmits the authorization information to the POS terminal.
  • S610 Send the authorization information to the POS terminal by using an authorization tool, so that the POS terminal performs state switching.
  • the authorization machine is set to an unnetworked state, so that the validity of the authorized private key can be ensured.
  • the authorization data and the first feature information are encrypted by the authorization machine, thereby ensuring that the authorization information is not available during the transmission process. ⁇ modified.
  • the method may further include: sending a verification code to the authorization tool after the account of the authorization tool is successfully logged in. This process is to provide a two-tiered warranty to ensure the legitimacy of the authorization tool.
  • the authorization tool when the authorization tool sends the first feature information acquired from the POS terminal to the authorization server, the authorization tool simultaneously sends the verification method to the authorization server, so that the method further includes receiving the verification code sent by the authorization tool.
  • the step S604, before the step of verifying the feature information may further include: comparing the verification code with the saved verification code; and when the verification code is equal to the saved verification code, verifying the feature information; When the verification code is not equal to the saved verification code, the authorization is sent to the authorization tool. Failure information.
  • the authorization server first compares the verification code with the stored verification code after receiving the first feature information and the verification code. When it is equal, the authorization tool is considered to be legal. Otherwise, the authorization tool is considered to be illegal, so that the authorization operation is not performed.
  • the legality of the authorization tool is verified by the login account and the password, but also the legality of the authorization tool is verified again by a verification code, so that even if the login account and the password are tampered with, the illegal elements are in another non- When the login is performed on the authorized tool, the corresponding verification code cannot be obtained, thereby preventing the POS terminal from being illegally falsified, and the security of the POS terminal is further improved by the double-layer guarantee mechanism of the login account and the verification code.
  • steps in the flowcharts of FIGS. 4, 7, and 8 above are displayed once in accordance with the indication of the arrows, these steps are not necessarily performed once in the order indicated by the arrows. Except as explicitly stated herein, the execution of these steps is not strictly limited, and may be performed in other sequences. Moreover, at least some of the steps in FIG. 4, FIG. 7, and FIG. 8 may include a plurality of sub-steps or stages, which are not necessarily performed at the same time, but may be executed at different times. The order of execution is not necessarily performed sequentially, but may be performed alternately or alternately with at least a portion of the sub-steps or stages of other steps or other steps.
  • a POS terminal is further provided.
  • the internal structure of the POS terminal may correspond to the structure shown in FIG. 2.
  • Each of the following modules may be partially or partially implemented by software, hardware or The combination is implemented.
  • the POS terminal includes:
  • the first receiving module 101 is configured to receive an instruction for requesting feature information sent by the authorization tool, receive the authorization information returned by the authorization device according to the first feature information, and receive a state switching instruction of the authorization tool.
  • the feature information generating module 102 is configured to generate first feature information according to the instruction.
  • the extracting module 103 is configured to extract second feature information in the authorization information when the authorization information verification is successful.
  • the first sending module 104 is configured to return the first feature information to the authorization tool, and in the second special When the sign information is the same as the first feature information, the authorization information is saved, and the authorization success result is sent to the authorization tool.
  • the state switching module 105 is configured to switch the current state according to the state switching instruction.
  • the feature information generating module 102 includes: a random number generating unit configured to generate a random number according to the instruction.
  • the feature information generating unit is configured to generate feature information according to the random number and the stored rights feature code.
  • the device may further include: a determining module, configured to determine whether the random number in the second feature information is the same as the random number in the first feature information; and when the random number in the second feature information is random with the first feature information When the numbers are the same, proceed to determine whether the rights feature code in the second feature is the same as the rights feature code in the first feature information; when the rights feature code in the second feature is the same as the rights feature code in the first feature information, Returning the same result of the second feature information and the first feature information; when the random number in the second feature information is different from the random number in the first feature information, or when the rights feature code in the second feature is the first When the authority feature codes in the feature information are different, the result that the second feature information is different from the first feature information is returned.
  • a determining module configured to determine whether the random number in the second feature information is the same as the random number in the first feature information; and when the random number in the second feature information is random with the first feature information When the numbers are the same, proceed to determine whether the rights feature code in
  • the apparatus may further comprise: a separation module for separating the authorization information to obtain the original text and the digital signature. And a decryption module, configured to decrypt the digital signature by authorizing the public key to obtain the first digest.
  • a hash operation module is configured to perform a one-way hash operation on the original text to obtain a second abstract.
  • the first sending module 104 is further configured to: when the first digest and the second digest are equal, continue to succeed when the authorization information is verified, and then save the authorization information, and send the authorization success result to the authorization tool; when the first digest and the first When the two digests are not equal, the information indicating that the authorization failed is output.
  • an authorization server is further provided, and the internal structure of the authorization server may correspond to the structure shown in FIG. 3.
  • Each of the following modules may be partially or partially implemented by software, hardware or The combination is implemented.
  • the authorization server includes:
  • the second receiving module 201 is configured to receive the first feature information that is sent by the authorization tool and is obtained from the POS terminal.
  • the verification module 202 is configured to verify the first feature information.
  • the second sending module 203 is configured to send the first feature information and the authorization data to the authorization machine for encryption when the first feature information is successfully verified.
  • the second receiving module 201 is further configured to receive the authorization information formed by encrypting the first feature information and the authorization data returned by the authorization machine.
  • the second sending module 203 is further configured to send the authorization information to the POS terminal by using an authorization tool, so that the POS terminal performs state switching.
  • the second sending module 203 is further configured to send a verification code to the authorization tool after the account of the authorization tool is successfully logged in.
  • the second receiving module 201 is further configured to receive a verification code sent by the authorization tool.
  • the apparatus can also include a comparison module for comparing the verification code to the saved verification code.
  • the verification module 202 is further configured to verify the feature information when the verification code is equal to the saved verification code.
  • the second sending module 203 is further configured to: when the verification code is not equal to the saved verification code, send information that the authorization fails to the authorization tool.
  • the storage medium may be a magnetic disk, an optical disk, a read-only memory (ROM), or a random access memory (RAM).

Abstract

Provided is a POS terminal control method, a POS terminal, a server, and a storage medium. The method comprises: receiving an instruction of request for feature information sent by an authorization tool (S202); generating first feature information according to the instruction (S204); returning the first feature information to the authorization tool (S206); receiving authorization information returned by the authorization tool and generated by the authorization machine according to the first feature information (S208); when the authorization information is verified successfully, then extracting second feature information in the authorization information (S210); when the second feature information is the same as the first feature information, then after the authorization information is saved, sending an authorization success result to the authorization tool (S212); and receiving a state switching instruction of the authorization tool, and switching the current state according to the state switching instruction (S214).

Description

POS终端控制方法、POS终端、服务器及存储介质POS terminal control method, POS terminal, server and storage medium 技术领域Technical field
本发明涉及网络通信领域,特别是涉及一种POS终端控制方法、POS终端、服务器及存储介质。The present invention relates to the field of network communications, and in particular, to a POS terminal control method, a POS terminal, a server, and a storage medium.
背景技术Background technique
POS终端(point of sale,销售终端)作为一种支付设备,有不同的使用人群,如产线人员、维修人员、应用开发人员、产品研发人员、银行及第三方支付机构、商户等,不同的群体对应不同的使用场景、对终端的行为特性有不同的要求。POS terminal (point of sale) as a payment device, with different usage groups, such as production line personnel, maintenance personnel, application developers, product developers, banks and third-party payment institutions, merchants, etc., different The group has different usage scenarios and different requirements for the behavior characteristics of the terminal.
传统技术中POS终端在不同使用人员或不通场景之间切换时,通常是使用固定密码等进行。但是该种方式下,当固定密码被盗取后,任何人都可以对POS终端进行操作,从而降低了POS终端的安全性。In the conventional technology, when a POS terminal switches between different users or a non-passage scenario, it is usually performed using a fixed password or the like. However, in this mode, when the fixed password is stolen, anyone can operate the POS terminal, thereby reducing the security of the POS terminal.
发明内容Summary of the invention
本申请公开的POS终端控制方法、POS终端、服务器及存储介质,解决了背景技术中所涉及的一个或多个问题。The POS terminal control method, POS terminal, server and storage medium disclosed in the present application solve one or more problems involved in the background art.
一种POS终端控制方法,包括:A POS terminal control method includes:
接收授权工具发送的请求特征信息的指令;Receiving an instruction for requesting feature information sent by the authorization tool;
根据所述指令生成第一特征信息;Generating first feature information according to the instruction;
向所述授权工具返回第一特征信息;Returning first feature information to the authorization tool;
接收所述授权工具返回的由授权机根据所述第一特征信息生成的授权信息;Receiving, by the authorization tool, the authorization information generated by the authorization machine according to the first feature information;
当所述授权信息校验成功时,则提取所述授权信息中的第二特征信息;When the verification of the authorization information is successful, extracting the second feature information in the authorization information;
当所述第二特征信息与所述第一特征信息相同时,则保存所述授权信息 后,向所述授权工具发送授权成功的结果;及When the second feature information is the same as the first feature information, saving the authorization information Sending a successful authorization result to the authorization tool; and
接收所述授权工具的状态切换指令,并根据所述状态切换指令切换当前状态。Receiving a state switching instruction of the authorization tool, and switching the current state according to the state switching instruction.
一种POS终端控制方法,包括:A POS terminal control method includes:
接收授权工具发送的从POS终端获取的第一特征信息;Receiving, by the authorization tool, the first feature information acquired by the POS terminal;
对所述第一特征信息进行校验;Performing verification on the first feature information;
当所述第一特征信息校验成功时,则将所述第一特征信息和授权数据发送至授权机以进行加密;When the first feature information is successfully verified, the first feature information and the authorization data are sent to an authorization machine for encryption;
接收所述授权机返回的对所述第一特征信息和所述授权数据加密形成的授权信息;及Receiving, by the authorization machine, authorization information formed by encrypting the first feature information and the authorization data; and
将所述授权信息通过所述授权工具发送到所述POS终端,以使得所述POS终端进行状态切换。Sending the authorization information to the POS terminal by using the authorization tool, so that the POS terminal performs state switching.
一种POS终端,包括存储器和处理器,所述存储器中存储有指令,所述指令被所处理器执行时,使得所述处理器执行以下步骤:A POS terminal includes a memory and a processor, wherein the memory stores instructions that, when executed by the processor, cause the processor to perform the following steps:
接收授权工具发送的请求特征信息的指令;Receiving an instruction for requesting feature information sent by the authorization tool;
根据所述指令生成第一特征信息;Generating first feature information according to the instruction;
向所述授权工具返回第一特征信息;Returning first feature information to the authorization tool;
接收所述授权工具返回的由授权机根据所述第一特征信息生成的授权信息;Receiving, by the authorization tool, the authorization information generated by the authorization machine according to the first feature information;
当所述授权信息校验成功时,则提取所述授权信息中的第二特征信息;When the verification of the authorization information is successful, extracting the second feature information in the authorization information;
当所述第二特征信息与所述第一特征信息相同时,则保存所述授权信息后,向所述授权工具发送授权成功的结果;及When the second feature information is the same as the first feature information, after the authorization information is saved, the authorization success result is sent to the authorization tool;
接收所述授权工具的状态切换指令,并根据所述状态切换指令切换当前状态。Receiving a state switching instruction of the authorization tool, and switching the current state according to the state switching instruction.
一种服务器,包括存储器和处理器,所述存储器中存储有指令,所述指令被所处理器执行时,使得所述处理器执行以下步骤:A server includes a memory and a processor, the memory storing instructions that, when executed by the processor, cause the processor to perform the following steps:
接收授权工具发送的从POS终端获取的第一特征信息; Receiving, by the authorization tool, the first feature information acquired by the POS terminal;
对所述第一特征信息进行校验;Performing verification on the first feature information;
当所述第一特征信息校验成功时,则将所述第一特征信息和授权数据发送至授权机以进行加密;When the first feature information is successfully verified, the first feature information and the authorization data are sent to an authorization machine for encryption;
接收所述授权机返回的对所述第一特征信息和所述授权数据加密形成的授权信息;及Receiving, by the authorization machine, authorization information formed by encrypting the first feature information and the authorization data; and
将所述授权信息通过所述授权工具发送到所述POS终端,以使得所述POS终端进行状态切换。Sending the authorization information to the POS terminal by using the authorization tool, so that the POS terminal performs state switching.
一种计算机可读存储介质,其上存储有计算机程序,该计算机程序被处理器执行时实现以下步骤:A computer readable storage medium having stored thereon a computer program that, when executed by a processor, implements the following steps:
接收授权工具发送的请求特征信息的指令;Receiving an instruction for requesting feature information sent by the authorization tool;
根据所述指令生成第一特征信息;Generating first feature information according to the instruction;
向所述授权工具返回第一特征信息;Returning first feature information to the authorization tool;
接收所述授权工具返回的由授权机根据所述第一特征信息生成的授权信息;Receiving, by the authorization tool, the authorization information generated by the authorization machine according to the first feature information;
当所述授权信息校验成功时,则提取所述授权信息中的第二特征信息;When the verification of the authorization information is successful, extracting the second feature information in the authorization information;
当所述第二特征信息与所述第一特征信息相同时,则保存所述授权信息后,向所述授权工具发送授权成功的结果;及When the second feature information is the same as the first feature information, after the authorization information is saved, the authorization success result is sent to the authorization tool;
接收所述授权工具的状态切换指令,并根据所述状态切换指令切换当前状态。Receiving a state switching instruction of the authorization tool, and switching the current state according to the state switching instruction.
上述POS终端控制方法、POS终端、服务器及存储介质,POS终端可以根据授权工具的请求特征信息的指令,生成第一特征信息,从而每次要切换POS终端的状态时,POS终端均生成新的第一特征信息,从而即使在某次授权时,该第一特征信息被非法获取,也无法根据该第一特征信息对该POS终端进行状态切换,保证了POS终端的安全性,且进一步地,由统一的授权机对POS终端进行授权,而非在POS终端本地授权,提高了POS终端的安全性。另外通过授权机对授权信息进行加密,在POS终端对授权信息的校验成功后,又通过第二特征信息与第一特征信息确定改授权信息是针对该POS终端的,从而进一步保证了POS终端的安全性,为POS终端的状态切换的安全 性提供了有效的保障。The POS terminal control method, the POS terminal, the server, and the storage medium, the POS terminal may generate the first feature information according to the instruction of the requesting feature information of the authorization tool, so that each time the state of the POS terminal is to be switched, the POS terminal generates a new one. The first feature information, so that even if the first feature information is illegally acquired at a certain authorization, the state of the POS terminal cannot be switched according to the first feature information, thereby ensuring the security of the POS terminal, and further, The POS terminal is authorized by a unified authorization machine instead of being authorized locally at the POS terminal, which improves the security of the POS terminal. In addition, the authorization information is encrypted by the authorization machine. After the verification of the authorization information by the POS terminal is successful, the second feature information and the first feature information are used to determine that the authorization information is for the POS terminal, thereby further ensuring the POS terminal. Security, security for state switching of POS terminals Sex provides effective protection.
附图说明DRAWINGS
为了更清楚地说明本发明实施例或现有技术中的技术方案,下面将对实施例或现有技术描述中所需要使用的附图作简单地介绍,显而易见地,下面描述中的附图仅仅是本发明的一些实施例,对于本领域普通技术人员来讲,在不付出创造性劳动的前提下,还可以根据这些附图获得其他的附图。In order to more clearly illustrate the embodiments of the present invention or the technical solutions in the prior art, the drawings used in the embodiments or the description of the prior art will be briefly described below. Obviously, the drawings in the following description are only It is a certain embodiment of the present invention, and other drawings can be obtained from those skilled in the art without any creative work.
图1为一实施例中POS终端控制方法的应用场景图;1 is an application scenario diagram of a POS terminal control method in an embodiment;
图2为一实施例中的POS终端的内部结构图;2 is an internal structural diagram of a POS terminal in an embodiment;
图3为一实施例中的授权服务器的内部结构图;3 is an internal structural diagram of an authorization server in an embodiment;
图4为一实施例中POS终端控制方法的流程图;4 is a flowchart of a method for controlling a POS terminal in an embodiment;
图5为一实施例中POS终端控制方法的时序图;5 is a timing diagram of a method for controlling a POS terminal in an embodiment;
图6为图1所示实施例中的POS终端的状态迁移图;6 is a state transition diagram of a POS terminal in the embodiment shown in FIG. 1;
图7为一实施例中校验步骤的流程图;Figure 7 is a flow chart of the verification step in an embodiment;
图8为另一实施例中POS终端控制方法的流程图;8 is a flowchart of a method for controlling a POS terminal in another embodiment;
图9为一实施例中POS终端的结构框架图;9 is a structural block diagram of a POS terminal in an embodiment;
图10为一实施例中授权服务器的结构框架图。Figure 10 is a structural block diagram of an authorization server in an embodiment.
具体实施方式detailed description
为了使本发明的目的、技术方案及优点更加清楚明白,以下结合附图及实施例,对本发明进行进一步详细说明。应当理解,此处所描述的具体实施例仅仅用于解释本发明,并不用于限定本发明。The present invention will be further described in detail below with reference to the accompanying drawings and embodiments. It is understood that the specific embodiments described herein are merely illustrative of the invention and are not intended to limit the invention.
在详细说明根据本发明的实施例前,应该注意到的是,所述的实施例主要在于与POS终端控制方法、POS终端、服务器及存储介质的步骤和系统组件的组合。因此,所属系统组件和方法步骤已经在附图中通过常规符号在适当的位置表示出来了,并且只示出了与理解本发明的实施例有关的细节,以免因对于得益于本发明的本领域普通技术人员而言显而易见的那些细节模糊 了本发明的公开内容。Before describing in detail embodiments according to the present invention, it should be noted that the described embodiments are primarily in combination with the steps and system components of the POS terminal control method, POS terminal, server, and storage medium. Accordingly, the system components and method steps have been shown in the drawings by the conventional symbols in the appropriate positions, and only the details relating to the understanding of the embodiments of the present invention are shown in order to avoid the benefit of the present invention. Those details that are apparent to those of ordinary skill in the art are blurred The disclosure of the present invention.
在本文中,诸如左和右,上和下,前和后,第一和第二之类的关系术语仅仅用来区分一个实体或动作与另一个实体或动作,而不一定要求或暗示这种实体或动作之间的任何实际的这种关系或顺序。术语“包括”、“包含”或任何其他变体旨在涵盖非排他性的包含,由此使得包括一系列要素的过程、方法、物品或者设备不仅包含这些要素,而且还包含没有明确列出的其他要素,或者为这种过程、方法、物品或者设备所固有的要素。In this context, relational terms such as left and right, up and down, before and after, first and second are only used to distinguish one entity or action from another entity or action, without necessarily requiring or implying such Any actual relationship or order between entities or actions. The terms "comprising," "comprising," or "include" or "includes" or "includes" or "includes" or "includes" or "includes" An element, or an element inherent to such a process, method, item, or device.
请参阅图1,图1为一实施例中POS终端控制方法的应用场景图,在该实施例中,包括数个POS终端、数个授权工具、授权服务器以及授权机。其中,POS终端可以通过串口或USB(Universal Serial Bus,通用串行总线)的方式与授权工具相通信,授权工具可以通过无线网络的方式与授权服务器相通信,授权服务器与授权机相通信。Referring to FIG. 1 , FIG. 1 is an application scenario diagram of a method for controlling a POS terminal in an embodiment. In this embodiment, a plurality of POS terminals, a plurality of authorization tools, an authorization server, and an authorization machine are included. The POS terminal can communicate with the authorization tool through a serial port or a USB (Universal Serial Bus), and the authorization tool can communicate with the authorization server through the wireless network, and the authorization server communicates with the authorization machine.
其中,POS终端除了常规的POS机的功能外,其还可以控制各个状态下的特性,保证与授权相关的数据的安全性,该POS终端中预先存储了与授权机中的私钥相对应的公钥,该公钥与私钥形成一对RSA(非对称加密算法)密钥。In addition to the functions of the conventional POS machine, the POS terminal can also control the characteristics in each state to ensure the security of the data related to the authorization. The POS terminal pre-stores the private key corresponding to the authorized machine. A public key that forms a pair of RSA (Asymmetric Encryption Algorithm) keys with the private key.
授权工具,是用户进行授权操作的人机交互工具,其可以是电脑、手机等终端,该授权工具一方面可以通过http(HyperText Transfer Protocol,超文本传输协议)或https协议(Hypertext Transfer Protocol over Secure Socket Layer,以安全为目的的超文本传输协议)与授权服务器相通信,另一方面可以通过串口或USB线缆与POS终端交互。The authorization tool is a human-computer interaction tool for the user to perform the authorization operation. The authorization tool can be a terminal such as a computer or a mobile phone. The authorization tool can use http (HyperText Transfer Protocol) or https protocol (Hypertext Transfer Protocol over Secure). The Socket Layer, a hypertext transfer protocol for security purposes, communicates with the authorization server and, on the other hand, interacts with the POS terminal via a serial or USB cable.
授权服务器,用来管理各类POS终端和使用授权工具的用户的权限,接收授权工具提上来的授权请求,并与授权机交互得到授权信息后依次返给授权工具和POS终端,其可以具有以下功能:用户管理、登录管理、权限管理(后台配置用户可用的授权类型,前台只显示该可用的授权类型)、外部接口管理、处理POST请求(授权请求)以及与授权机的交互等。The authorization server is configured to manage the permissions of various types of POS terminals and users who use the authorization tool, receive the authorization request submitted by the authorization tool, and interact with the authorization machine to obtain the authorization information, and then return to the authorization tool and the POS terminal, which may have the following Functions: user management, login management, rights management (the authorization type available to the user in the background, the foreground only shows the available authorization type), external interface management, processing POST request (authorization request), and interaction with the authorized machine.
授权机,用于存放授权私钥,与授权服务器相对接,负责数据的加密, 授权机未连接网络,从而可以通过不联网该物理安全的途径来保证授权机中的私钥不被篡改,从而可以保证整个系统的安全。Authorization machine, used to store the authorized private key, connected to the authorization server, responsible for data encryption, The authorization machine is not connected to the network, so that the physical key in the authorization machine can be ensured that the private key in the authorization machine is not tampered by not being connected to the physical security, thereby ensuring the security of the entire system.
具体地,当POS终端和授权工具相连接后,POS终端可以接收授权工具发送的请求特征信息的指令,然后根据该指令生成第一特征信息,并将所生成的第一特征信息返回给授权工具,授权工具通过网络连接将该第一特征信息发送至授权服务器,授权服务器首先对该第一特征信息进行校验,当校验成功后,则将该第一特征信息和授权数据发送至授权机,授权机可以根据该第一特征信息和授权数据加密生成授权信息,授权机将生成的授权信息再返回给授权服务器进行存储后,授权服务器通过网络将授权信息发送给授权工具,授权工具再将该授权信息返回给POS终端,POS终端对该授权信息进行校验,校验成功后,则提取授权信息中的第二特征信息,只有在第一特征信息和第二特征信息相同的情况下,该POS终端才会保存该授权信息,并向授权工具返回授权成功的结果,从而授权工具可以向POS终端发送状态切换指令,POS终端即可以根据该状态切换指令切换当前的状态。Specifically, after the POS terminal and the authorization tool are connected, the POS terminal may receive an instruction for requesting the feature information sent by the authorization tool, and then generate the first feature information according to the instruction, and return the generated first feature information to the authorization tool. The authorization tool sends the first feature information to the authorization server through the network connection, and the authorization server first checks the first feature information, and when the verification succeeds, sends the first feature information and the authorization data to the authorization machine. The authorization machine may generate the authorization information according to the first feature information and the authorization data, and the authorization machine returns the generated authorization information to the authorization server for storage, and then the authorization server sends the authorization information to the authorization tool through the network, and the authorization tool will The authorization information is returned to the POS terminal, and the POS terminal checks the authorization information. After the verification succeeds, the second feature information in the authorization information is extracted, only when the first feature information and the second feature information are the same. The POS terminal saves the authorization information and returns the authorization to the authorization tool. Fruit, so that the tool may send the authorization state switching instruction to the POS terminal, the POS terminal which can switch the current switching state based on the state.
在其中一个实施例中,如图2,还提供了一种POS终端,该POS终端包括通过系统总线连接的处理器、存储介质、内存以及接口。其中存储介质中存储有操作系统,还存储有计算机可执行指令,该计算机可执行指令被处理器执行时,可实现一种POS终端控制方法。接口可以为USB接口或串,用于通过串口或USB的方式与授权工具相通信,从而实现与外界的通信,控制POS终端的状态切换等。该处理器用于提高计算和控制能力,支撑整个POS终端的运行,包括POS终端的正常使用功能的正常运行以及POS终端的调试功能的正常运行。内存用于为存储介质中的POS终端控制程序的运行提供环境。In one embodiment, as in FIG. 2, a POS terminal is also provided, the POS terminal including a processor, a storage medium, a memory, and an interface connected through a system bus. An operating system is stored in the storage medium, and computer executable instructions are also stored. When the computer executable instructions are executed by the processor, a POS terminal control method can be implemented. The interface can be a USB interface or a string, and is used to communicate with an authorization tool through a serial port or a USB, thereby implementing communication with the outside world, and controlling state switching of the POS terminal. The processor is used to improve the calculation and control capabilities, and supports the operation of the entire POS terminal, including the normal operation of the normal use function of the POS terminal and the normal operation of the debugging function of the POS terminal. Memory is used to provide an environment for the operation of the POS terminal control program in the storage medium.
请继续参阅图2,还提供一种计算机可读存储介质,其上存储有计算机程序,如图2中所示的非易失性存储介质,其中,该程序被处理器执行时实现一种POS终端控制方法。With continued reference to FIG. 2, there is also provided a computer readable storage medium having stored thereon a computer program, such as the non-volatile storage medium shown in FIG. 2, wherein the program is implemented by a processor to implement a POS Terminal control method.
在其中一个实施例中,如图3,还提供一种授权服务器,该授权服务器 通过系统总线连接的处理器、存储介质、内存、网络接口、USB接口以及串口。存储介质中存储有操作系统,还可以存储有计算机可执行指令,该计算机可执行指令被处理器执行时,可实现一种POS终端控制方法。该处理器用于提高计算和控制能力,支撑整个便携式电子设备的运行。内存用于为存储介质中的POS终端控制装置的运行提供环境,网络接口用于与授权工具进行网络通信。USB接口或串口用于与授权机进行通信。In one embodiment, as shown in FIG. 3, an authorization server is also provided, the authorization server. A processor, storage medium, memory, network interface, USB interface, and serial port connected through a system bus. An operating system is stored in the storage medium, and computer executable instructions can also be stored. When the computer executable instructions are executed by the processor, a POS terminal control method can be implemented. The processor is used to increase computing and control capabilities to support the operation of the entire portable electronic device. The memory is used to provide an environment for the operation of the POS terminal control device in the storage medium for network communication with the authorization tool. The USB interface or serial port is used to communicate with the authorized machine.
请继续参阅图3,还提供一种计算机可读存储介质,其上存储有计算机程序,如图3中所示的非易失性存储介质,其中,该程序被处理器执行时实现一种POS终端控制方法。With continued reference to FIG. 3, there is also provided a computer readable storage medium having stored thereon a computer program, such as the non-volatile storage medium shown in FIG. 3, wherein the program is implemented by a processor to implement a POS Terminal control method.
请参阅图4,图4为一实施例中POS终端控制方法的流程图,本实施例以该方法应用到上述图1中的POS终端来举例说明。该POS终端上运行有POS终端控制程序,通过该POS终端控制程序来实时POS终端控制方法。该POS终端控制方法可以包括:Referring to FIG. 4, FIG. 4 is a flowchart of a method for controlling a POS terminal according to an embodiment. This embodiment is applied to the POS terminal in FIG. 1 to illustrate. The POS terminal runs a POS terminal control program, and the POS terminal control method is used to implement the real-time POS terminal control method. The POS terminal control method may include:
S202:接收授权工具发送的请求特征信息的指令。S202: Receive an instruction for requesting feature information sent by an authorization tool.
具体地,特征信息是指可以唯一确定POS终端的信息,例如其可以包括POS终端出厂时的序列号等。Specifically, the feature information refers to information that can uniquely determine the POS terminal, for example, it may include a serial number when the POS terminal is shipped, and the like.
通常当需要切换POS终端的当前状态时,POS终端必须得到授权,为此引入了授权工具,用户可以通过对授权工具进行操作,从而实现对POS终端的授权,以便于更改POS终端的当前状态。在用户通过授权工具对POS终端的状态进行更改前,首先需要建立授权工具和POS终端的连接关系,授权工具可以通过串口或USB与POS终端相通信,在建立通信道路时,还可以由授权工具先向POS终端发送握手消息,当POS终端向授权工具返回响应握手的消息后,授权工具和POS终端两者之间的通信通道才建立。Generally, when the current state of the POS terminal needs to be switched, the POS terminal must be authorized. For this purpose, an authorization tool is introduced, and the user can operate the authorization tool to implement authorization for the POS terminal, so as to change the current state of the POS terminal. Before the user changes the status of the POS terminal through the authorization tool, the connection relationship between the authorization tool and the POS terminal needs to be established first. The authorization tool can communicate with the POS terminal through the serial port or USB. When the communication path is established, the authorization tool can also be used. The handshake message is sent to the POS terminal. After the POS terminal returns a response handshake message to the authorization tool, the communication channel between the authorization tool and the POS terminal is established.
S204:根据指令生成第一特征信息。S204: Generate first feature information according to the instruction.
具体地,当POS终端需要切换当前状态时,POS终端需要得到授权机的授权,因此为了区分各个POS终端,需要向授权机发送能够唯一表征该POS终端该次切换状态的操作的第一特征信息。为此,每当POS终端需要切换状 态时,即授权工具向POS终端请求第一特征信息时,该POS终端即生成可以唯一表征该POS终端该次切换状态的操作的第一特征信息。Specifically, when the POS terminal needs to switch the current state, the POS terminal needs to obtain the authorization of the authorized machine. Therefore, in order to distinguish the POS terminals, the first feature information that can uniquely represent the operation of the switching state of the POS terminal needs to be sent to the authorization machine. . For this reason, whenever the POS terminal needs to switch When the authorization tool requests the first feature information from the POS terminal, the POS terminal generates first feature information that can uniquely represent the operation of the switching state of the POS terminal.
由于在该步骤中每次POS终端切换状态前,均生成唯一的第一特征信息,因此即使该第一特征信息被非法份子获取,当非法份子要通过该第一特征信息再次切换POS终端的当前状态时,由于再次进行状态切换时,POS终端会生成新的第一特征信息,与被非法获取的第一特征信息是不相同的,因此非法份子也无法完成该POS终端的状态切换,从而可以保证该POS终端的安全。Since the unique first feature information is generated before each POS terminal switching state in this step, even if the first feature information is acquired by the illegal component, the illegal component wants to switch the current POS terminal again through the first feature information. In the state, when the state switching is performed again, the POS terminal generates new first feature information, which is different from the first feature information that is illegally acquired. Therefore, the illegal component cannot complete the state switching of the POS terminal, thereby Ensure the security of the POS terminal.
S206:向授权工具返回第一特征信息。S206: Return the first feature information to the authorization tool.
具体地,授权工具为合法授权工具的前提下,POS终端可以响应该授权工具的请求特征信息的指令,并向授权工具返回新生成的第一特征信息。Specifically, if the authorization tool is a legal authorization tool, the POS terminal may respond to the instruction of the authorization tool for requesting the feature information, and return the newly generated first feature information to the authorization tool.
S208:接收授权工具返回的由授权机根据第一特征信息生成的授权信息。S208: Receive authorization information returned by the authorization device according to the first feature information returned by the authorization tool.
具体地,授权工具在接收到第一特征信息后,会将该第一特征信息发送给授权服务器,授权服务器根据第一特征信息给出的授权数据,并将授权数据和第一特征信息发送到授权机,授权机对该授权数据和第一特征信息进行加密,以形成授权信息,并将该授权信息通过授权服务器、授权工具返回至POS终端。Specifically, after receiving the first feature information, the authorization tool sends the first feature information to the authorization server, and the authorization server sends the authorization data and the first feature information to the authorization data according to the first feature information. The authorization machine encrypts the authorization data and the first feature information to form authorization information, and returns the authorization information to the POS terminal through the authorization server and the authorization tool.
S210:当授权信息校验成功时,则提取授权信息中的第二特征信息。S210: When the authorization information verification is successful, extracting the second feature information in the authorization information.
当POS终端接收到授权信息后,首先需要对该授权信息进行校验,以保证该授权信息在传输过程中未被篡改,其次还需要确定该授权信息是针对该POS终端的,因此为了确定该授权信息是针对该POS终端的,且由于特征信息可以唯一的表征POS终端的该次切换状态的操作,因此此处提取授权机所加密形成的授权信息中的第二特征性信息。After receiving the authorization information, the POS terminal first needs to check the authorization information to ensure that the authorization information has not been tampered with during the transmission process, and secondly, it is determined that the authorization information is for the POS terminal, so in order to determine the The authorization information is for the POS terminal, and since the feature information can uniquely represent the operation of the handover state of the POS terminal, the second characteristic information in the authorization information formed by the authorization machine is extracted here.
S212:当第二特征信息与第一特征信息相同时,则保存授权信息后,向授权工具发送授权成功的结果。S212: When the second feature information is the same as the first feature information, after the authorization information is saved, the authorization success result is sent to the authorization tool.
具体地,POS终端通过比较第二特征信息与第一特征信息是否相同,来确定该授权信息是否可用,当第二特征信息与第一特征信息相同时,则保存该授权信息,并将授权成功的结果发送到授权工具,从而用户可以通过操作 授权工具来切换POS终端的当前状态。Specifically, the POS terminal determines whether the authorization information is available by comparing whether the second feature information is the same as the first feature information. When the second feature information is the same as the first feature information, the authorization information is saved, and the authorization is successful. The results are sent to the authorization tool so that the user can operate Authorization tool to switch the current state of the POS terminal.
S214:接收授权工具的状态切换指令,并根据状态切换指令切换当前状态。S214: Receive a state switching instruction of the authorization tool, and switch the current state according to the state switching instruction.
上述POS终端控制方法,POS终端可以根据授权工具的请求特征信息的指令,生成第一特征信息,从而每次要切换POS终端的状态时,POS终端均生成新的第一特征信息,从而即使在某次授权时,该第一特征信息被非法获取,也无法根据该第一特征信息对该POS终端进行状态切换,保证了POS终端的安全性,且进一步地,由统一的授权机对POS终端进行授权,而非在POS终端本地授权,提高了POS终端的安全性。另外通过授权机对授权信息进行加密,在POS终端对授权信息的校验成功后,又通过第二特征信息与第一特征信息确定改授权信息是针对该POS终端的,从而进一步保证了POS终端的安全性,为POS终端的状态切换的安全性提供了有效的保障。In the POS terminal control method, the POS terminal may generate the first feature information according to the instruction of the requesting feature information of the authorization tool, so that each time the state of the POS terminal is to be switched, the POS terminal generates new first feature information, so that even When the authorization is performed, the first feature information is illegally acquired, and the POS terminal cannot be switched according to the first feature information, thereby ensuring the security of the POS terminal, and further, the unified authorization machine is used for the POS terminal. Authorization, rather than local authorization at the POS terminal, improves the security of the POS terminal. In addition, the authorization information is encrypted by the authorization machine. After the verification of the authorization information by the POS terminal is successful, the second feature information and the first feature information are used to determine that the authorization information is for the POS terminal, thereby further ensuring the POS terminal. The security provides an effective guarantee for the security of the state switching of the POS terminal.
在其中一个实施例中,图4中所示的步骤S204,即根据指令生成第一特征信息的步骤可以包括:根据指令生成随机数,根据随机数和已存储的权限特征码生成特征信息。In one embodiment, the step S204 shown in FIG. 4, that is, the step of generating the first feature information according to the instruction may include: generating a random number according to the instruction, and generating the feature information according to the random number and the stored permission feature code.
从而图4中所示的步骤S210,即提取授权信息中的第二特征信息的步骤之后,可以包括:判断第二特征信息中的随机数与第一特征信息中的随机数是否相同;当第二特征信息中的随机数与第一特征信息中的随机数相同时,则继续判断第二特征中的权限特征码与第一特征信息中的权限特征码是否相同;当第二特征中的权限特征码与第一特征信息中的权限特征码相同时,则返回第二特征信息与第一特征信息相同的结果;当第二特征信息中的随机数与第一特征信息中的随机数不相同时,或者当第二特征中的权限特征码与第一特征信息中的权限特征码不相同时,则返回第二特征信息与第一特征信息不相同的结果。Therefore, after the step S210 shown in FIG. 4, that is, the step of extracting the second feature information in the authorization information, the method may include: determining whether the random number in the second feature information is the same as the random number in the first feature information; When the random number in the second feature information is the same as the random number in the first feature information, it is further determined whether the rights feature code in the second feature is the same as the rights feature code in the first feature information; When the feature code is the same as the authority feature code in the first feature information, returning the same result of the second feature information and the first feature information; when the random number in the second feature information is different from the random number in the first feature information Meanwhile, when the authority feature code in the second feature is different from the rights feature code in the first feature information, the result that the second feature information is different from the first feature information is returned.
具体地,请参阅图5,图5为一实施例中POS终端控制方法的时序图。Specifically, please refer to FIG. 5. FIG. 5 is a timing diagram of a method for controlling a POS terminal in an embodiment.
在详细介绍前,给出本实施例中所采用的通讯包的格式:Before the detailed introduction, the format of the communication packet used in this embodiment is given:
报文头Message header 命令码Command code 数据域长度Data field length 数据域Data field LRC(纵向LRC (portrait
        冗余校验)Redundancy check)
0x020x02 1bytes1bytes 2bytes2bytes   1bytes1bytes
首先,用户通过授权工具提供的授权界面输入登录账户和密码,授权工具获取用输入的登录账户和密码并发送至授权服务器,当授权服务器判断该登录账户和密码正确后,则向授权工具返回登录成功的信息,此时授权工具会再次向授权服务器发送请求验证码ticket的信息,授权服务器会根据该信息生成一验证码并返回给授权工具,例如可以通过邮箱的方式返回至授权工具对应的保密邮箱,从而用户可以获取到该验证码,或者授权工具直接通过登录该加密邮箱来获取到该验证码,以便后续使用。此外,该授权工具上可以显示该登录账户的权限等,以提示用户可以进行的操作。First, the user enters the login account and password through the authorization interface provided by the authorization tool. The authorization tool obtains the login account and password entered and sends it to the authorization server. When the authorization server determines that the login account and password are correct, it returns the login to the authorization tool. Successful information. At this time, the authorization tool will send the information requesting the verification code ticket to the authorization server again. The authorization server will generate a verification code based on the information and return it to the authorization tool. For example, it can return to the authorization tool corresponding to the authorization tool through the mailbox. The mailbox, so that the user can obtain the verification code, or the authorization tool obtains the verification code directly by logging in to the encrypted mailbox for subsequent use. In addition, the authorization tool can display the permissions of the login account, etc., to prompt the user for the operation.
其次,POS终端上电,授权工具与POS终端通过USB或串口相连接,以建立通信通道,例如可以通过握手机制建立通信通道等,具体地,例如授权工具可以向POS终端发送握手信息,其报文格式如下:Secondly, the POS terminal is powered on, and the authorization tool is connected to the POS terminal through a USB or a serial port to establish a communication channel. For example, a communication channel can be established through a handshake mechanism. Specifically, for example, the authorization tool can send a handshake message to the POS terminal. The format is as follows:
报文头Message header 命令码Command code 数据域长度Data field length 数据域Data field LRCLRC
0x020x02 1bytes1bytes 2bytes2bytes   1bytes1bytes
在POS终端接收到该握手信息后,可以返回相应的响应信息,其报文格式如下:After receiving the handshake information, the POS terminal may return corresponding response information, and the format of the packet is as follows:
报文头Message header 命令码Command code 数据域长度Data field length 数据域Data field LRCLRC
0x020x02 1bytes1bytes 2bytes2bytes   1bytes1bytes
在授权工具和POS终端之间的通信通道建立成功后,授权工具会向POS终端请求特征信息,具体可以采用以下报文格式:After the communication channel between the authorization tool and the POS terminal is successfully established, the authorization tool requests the POS terminal for the feature information. The following packet format can be used:
报文头Message header 命令码Command code 数据域长度Data field length 数据域Data field LRCLRC
0x020x02 1bytes1bytes 2bytes2bytes   1bytes1bytes
其中数据域格式如下:The data field format is as follows:
授权类型编码Authorization type coding
1bytes1bytes
此时POS终端会根据该请求生成一特征信息,例如,为了保证该特征信 息的唯一性,首先,POS终端中存储有可以唯一表征该POS终端的权限特征码,优选地可以为序列号等,其次为了可以唯一表征POS终端该次切换状态的操作,在POS终端内可以设置随机数生成装置,每当POS终端需要切换状态时,则生成一随机数,这样通过该随机数和权限特征码可以唯一地表征POS终端该次切换状态的操作。具体地该特征信息可以参见表1:At this time, the POS terminal generates a feature information according to the request, for example, to ensure the feature letter. Uniquely, the POS terminal stores a privilege signature that can uniquely characterize the POS terminal, preferably a serial number, etc., and secondly, in order to uniquely characterize the operation of the POS terminal in the handover state, The random number generating device is set to generate a random number whenever the POS terminal needs to switch states, so that the random number and the rights feature code can uniquely represent the operation of the POS terminal in the switching state. Specifically, the feature information can be seen in Table 1:
表1.特征信息Table 1. Characteristic information
序列号serial number 随机数random number
16字节16 bytes 8字节8 bytes
在POS终端生成该特征信息后,将该特征信息返回至授权工具,具体地,可以采用如下报文:After the feature information is generated by the POS terminal, the feature information is returned to the authorization tool. Specifically, the following message may be used:
报文头Message header 命令码Command code 数据域长度Data field length 数据域Data field LRCLRC
0x020x02 1bytes1bytes 2bytes2bytes   1bytes1bytes
其中数据域格式如下:The data field format is as follows:
序列号serial number 随机数random number
16bytes16bytes 8bytes8bytes
第三,授权工具接收到该特征信息后,为了进一步地保证授权工具和授权服务器之间的安全性,授权工具将该特征信息和上文中所提到的验证码发送到授权服务器,授权服务器可以通过该特征信息识别该POS终端的该次切换状态的操作,且通过该特征码来确定来特征信息在传输过程中是否遭到篡改,或者确定该授权工具是否是已认证的安全授权工具,其中授权工具还可以向授权服务器发送POST数据,其格式为ticket=%s&features=%s&fileType=%d&sequence=%d&sn=%s其中:features参数使用BCD码格式传送,长度:n字节(授权类型+安全级别+SN+RND)*2,sequence:便于授权服务器快速确定是何种授权,sn:便于服务器基于sn作log记录,授权服务器收到POST请求后,转换features为二进制数据并保存文件,将数据发送到授权及获取加密结果并返回给申请者授权工具。成功的数据:SUCCESS:结果(BCD码),失败的数据:FAIL:错误信息。在该特征 信息和验证码均通过验证后,授权服务器将该特征信息和授权数据发送到授权机,具体地,可以采用如下报文格式:Third, after the authorization tool receives the feature information, in order to further ensure the security between the authorization tool and the authorization server, the authorization tool sends the feature information and the verification code mentioned above to the authorization server, and the authorization server may Identifying, by the feature information, an operation of the switching state of the POS terminal, and determining, by the feature code, whether the feature information is tampered with during transmission, or determining whether the authorization tool is an authenticated security authorization tool, wherein The authorization tool can also send POST data to the authorization server in the format ticket=%s&features=%s&fileType=%d&sequence=%d&sn=%s where: the features parameter is transmitted using the BCD code format, length: n bytes (authorization type + security) Level+SN+RND)*2,sequence: It is convenient for the authorization server to quickly determine what kind of authorization is required. Sn: It is convenient for the server to record the log based on sn. After the authorization server receives the POST request, it converts the features into binary data and saves the file. Send to the authorization and get the encrypted result and return it to the applicant authorization tool. Successful data: SUCCESS: Result (BCD code), Failed data: FAIL: Error message. In this feature After the information and the verification code are verified, the authorization server sends the feature information and the authorization data to the authorization machine. Specifically, the following message format can be adopted:
报文头Message header 命令码Command code 数据域长度Data field length 数据域Data field LRCLRC
0x020x02 1bytes1bytes 2bytes2bytes   1bytes1bytes
第四,授权机接收到该特征信息和授权数据后,通过已存储的私钥随该特征信息和授权数据进行加密以形成授权信息,并将该授权信息返回至授权服务器,授权服务器存储该授权信息后将该授权信息返回至授权工具,授权工具接收到该授权信息后,将该授权信息返回至POS终端,具体地,可以采用如下报文格式:Fourth, after receiving the feature information and the authorization data, the authorization machine encrypts the feature information and the authorization data by using the stored private key to form authorization information, and returns the authorization information to the authorization server, and the authorization server stores the authorization. After the information is returned to the authorization tool, the authorization tool returns the authorization information to the POS terminal. Specifically, the following message format can be adopted:
报文头Message header 命令码Command code 数据域长度Data field length 数据域Data field LRCLRC
0x020x02 1bytes1bytes 2bytes2bytes   1bytes1bytes
其中授权数据可以包括授权类型、安全等级等信息,具体地,授权信息可以参见表2:The authorization data may include information such as an authorization type and a security level. Specifically, the authorization information may be as shown in Table 2:
表2.授权信息Table 2. Authorization information
0x000x00 授权类型Authorization type 等级grade 序列号serial number 随机数random number
N字节N bytes 1字节1 byte 2字节2 bytes 16字节16 bytes 8字节8 bytes
其中授权机是指装载了授权私钥(RSA私钥)的POS终端,并对授权服务器提供加密签名服务。授权机本身可以认为是一款通过了PCI(Peripheral Component Interconnect,外设互联标准)最新安全标准认证的终端,能够保证密钥不被获取;授权机和授权服务器一起置于经过安全认证的安全房中,保证了物理安全;同时,授权机与授权服务器对外不提供网络服务,只通过SUB线缆与授权服务器连接,安全房外的实体无法访问到授权机。The authorization machine refers to a POS terminal loaded with an authorized private key (RSA private key), and provides an encryption signature service to the authorization server. The authorization machine itself can be considered as a terminal that has passed the latest security standard certification of PCI (Peripheral Component Interconnect), which can ensure that the key is not obtained; the authorized machine and the authorization server are placed together in the security-certified security room. In addition, the physical security is ensured; at the same time, the authorization machine and the authorization server do not provide network services to the outside, and only connect to the authorization server through the SUB cable, and the entity outside the security room cannot access the authorized machine.
第五,POS终端在接收到该授权信息后,首先验证该授权信息的合法性,即该授权信息在传输过程中并未被篡改,其次,需要确定该授权信息是针对该POS终端的,该过程可以通过特性信息来实现,例如可以提取授权信息中的特征信息,通过判断特征信息中的随机数和权限特征码与POS终端中已存储的随机数和权限特征码是否相同,来确定该授权信息是否可用,当随机数 或权限特征码中至少一个与POS终端中已存储的随机数和权限特征码不相同时,则认为本次授权失败,否则认为本次授权成功。Fifth, after receiving the authorization information, the POS terminal first verifies the legality of the authorization information, that is, the authorization information is not tampered with during the transmission process, and secondly, it is determined that the authorization information is for the POS terminal, The process may be implemented by using the characteristic information, for example, the feature information in the authorization information may be extracted, and the authorization is determined by determining whether the random number and the rights feature code in the feature information are the same as the stored random number and the rights feature code in the POS terminal. Whether the information is available, when the random number If at least one of the privilege signatures is not the same as the cryptographic number and the privilege signature stored in the POS terminal, the authorization is considered to be unsuccessful. Otherwise, the authorization is considered successful.
第六,在授权成功的前提下,POS终端保存该授权信息,并向授权工具返回授权结果,从而授权工具可以将授权结果展现给用户,且通过向POS终端发送切换状态的指令,来切换POS终端的当前状态。Sixth, on the premise of successful authorization, the POS terminal saves the authorization information and returns an authorization result to the authorization tool, so that the authorization tool can present the authorization result to the user, and switch the POS by sending an instruction to switch the state to the POS terminal. The current state of the terminal.
具体地,请参阅图6,图6为图1所示实施例中的POS终端的状态迁移图,在该实施例中POS终端包括7种状态:Specifically, please refer to FIG. 6. FIG. 6 is a state transition diagram of the POS terminal in the embodiment shown in FIG. 1. In this embodiment, the POS terminal includes seven states:
生产态(L0):该状态用于工厂生产,并结合生产线的特点进行了终端特性的定义。终端特性:安全开关均处于打开状态,显示触发信息但不作逻辑处理。可以写入一次序列号。应用程序(包含工厂测试程序)只有通过厂商固件级的签名才可以运行,保证在该生产态下,任何非厂商授权的应用程序均不能运行。可以验证OS(操作系统)的签名。厂商根密钥签名的程序可以运行。Production state (L0): This state is used for factory production, and the terminal characteristics are defined in combination with the characteristics of the production line. Terminal characteristics: The safety switches are all on, displaying trigger information but not logical processing. The serial number can be written once. The application (including the factory test program) can only be run with the vendor firmware level signature, ensuring that any non-vendor-authorized application will not run in this production state. The signature of the OS (operating system) can be verified. The program for the vendor root key signature can be run.
出厂态(L1):该状态是默认的出厂状态,终端具备的特性基本等同于使用传统的终端特性。终端特性:由L0状态的终端通过授权操作进入L1状态。L1状态不能回退至L0状态。安全开关均处于打开状态,受到攻击POS终端会被触发。通过输入固定密码解除触发状态。更改序列号需要授权。可以通过授权设置终端为调试态。终端触发,可以在屏幕上显示触发信息。终端触发修复后,不影响该状态值。厂商根密钥签名的程序可以运行。Factory state (L1): This state is the default factory state, and the terminal has the same characteristics as the traditional terminal feature. Terminal characteristics: The terminal in the L0 state enters the L1 state through an authorization operation. The L1 state cannot be rolled back to the L0 state. The safety switch is turned on and the attacked POS terminal will be triggered. The trigger status is released by entering a fixed password. Changing the serial number requires authorization. The terminal can be set to debug state by authorization. The terminal triggers and the trigger information can be displayed on the screen. After the terminal triggers the repair, the status value is not affected. The program for the vendor root key signature can be run.
安全态(L2):该状态为目前定义的最高级别设备状态。终端特性:L2状态的终端可以通过恢复出厂态回退到L1状态,SN(序列号)写入次数清零。终端触发,经过维修后,需要授权才能解除触发状态。更改序列号需要授权。可以通过授权设置终端为调试态。终端触发,可以在屏幕上显示触发信息。终端触发修复后,不影响该状态值。厂商根密钥签名的程序可以运行。Security State (L2): This state is the highest level device state currently defined. Terminal characteristics: The terminal in the L2 state can be rolled back to the L1 state by restoring the factory state, and the number of SN (serial number) writes is cleared. The terminal is triggered. After the repair, authorization is required to release the trigger status. Changing the serial number requires authorization. The terminal can be set to debug state by authorization. The terminal triggers and the trigger information can be displayed on the screen. After the terminal triggers the repair, the status value is not affected. The program for the vendor root key signature can be run.
锁定态:指的是终端下载客户PUK(个人标识解锁码)后,该类终端只能下载该客户PUK签名的应用,如果要更换PUK,也只能由客户签发PUK。简单来说,就是终端的控制权实际上掌握在用户手中,其它用户无法改变应 用程序的归属设置。终端特性:只跟是否含有客户公钥有关,跟终端是否处于L0状态、L1状态、L2状态无关。安全开关均处于打开状态,受到攻击POS终端会被触发,触发后需要具授权机清除触发,清除后继续处于锁定态。处于任何状态下的机器均可以进入锁定态。采用客户公钥验证应用签名。厂商根密钥签名的程序可以运行。Locked state: After the terminal downloads the client PUK (Personal Identity Unlocking Code), the terminal can only download the PUK signed application of the client. If the PUK is to be replaced, the PUK can only be issued by the client. Simply put, the control of the terminal is actually in the hands of the user, and other users cannot change it. Use the program's attribution settings. Terminal characteristics: It is related only to whether the client public key is included, and whether the terminal is in the L0 state, the L1 state, and the L2 state. The security switch is in the open state. The attacked POS terminal will be triggered. After the trigger, the authorized machine needs to clear the trigger. After the clearing, it will remain in the locked state. Machines in any state can enter the locked state. The application signature is verified using the customer's public key. The program for the vendor root key signature can be run.
应用调试态:该状态主要是提供给应用开发人员使用,满足需要频发下发应用到终端调试的场景需求。终端特性:只有处于出厂态的机器才允许进入该状态。安全开关均处于打开状态,受到攻击机器会被触发,清除后应用调试态丢失,需要重新授权才能进入应用调试态。不验证应用签名,可用于应用开发调试。允许下载客户公钥到机器中,一旦下载客户公钥自动撤销应用调试态并进入锁定态。Application Debugging Status: This state is mainly provided to application developers to meet the needs of scenarios that require frequent application and terminal debugging. Terminal characteristics: Only machines that are in the factory state are allowed to enter this state. The safety switch is in the open state, and the attacked machine will be triggered. After the clearing, the application debugging state is lost, and the re-authorization is required to enter the application debugging state. Does not verify the application signature, can be used for application development debugging. It is allowed to download the customer's public key to the machine. Once the customer's public key is downloaded, the application debug state is automatically revoked and the locked state is entered.
固件调试态:该状态主要是提供给固件开发人员使用,满足需要频发下发固件到终端调试的场景需求。终端特性:只有处于出厂态的机器才允许进入该状态。安全开关均处于打开状态,受到攻击机器会被触发,清除后固件调试态丢失,需要重新授权才能进入固件调试态。不验证除boot外的固件签名,可用于固件开发调试。允许下载客户公钥到机器中,一旦下载客户公钥自动进入锁定态(不再具备调试态的功能)。Firmware Debug Status: This status is mainly provided to the firmware developer to meet the needs of the scenario where the firmware is sent to the terminal for debugging. Terminal characteristics: Only machines that are in the factory state are allowed to enter this state. The safety switch is turned on, and the attacked machine will be triggered. After the firmware is cleared, the firmware debug status is lost. Re-authorization is required to enter the firmware debug state. Firmware signatures other than boot are not verified and can be used for firmware development and debugging. It is allowed to download the customer's public key to the machine, and once the downloaded customer's public key is automatically entered into the locked state (the debugging state is no longer available).
触发态:指设备收到攻击或维修需要,终端的安全电路发生作用,终端的密钥等敏感数据自动删除。终端特性:终端内部的敏感信息自动删除。屏幕提示触发信息。所有的应用程序均不能运行。厂商根密钥签名的固件或程序可以运行,方便运行检测程序诊断问题。需要密码(触发前是L1)或授权(触发前是L2)才能解除触发。在解除触发状态之前,终端不能正常使用。Trigger state: refers to the need for the device to receive an attack or maintenance, the security circuit of the terminal acts, and the sensitive data such as the key of the terminal is automatically deleted. Terminal characteristics: The sensitive information inside the terminal is automatically deleted. The screen prompts trigger information. All applications will not run. The firmware or program signed by the vendor root key can be run to facilitate running the diagnostics to diagnose problems. A password (L1 before trigger) or an authorization (L2 before trigger) is required to release the trigger. The terminal cannot be used normally until the trigger status is released.
在POS终端中可以定义一些变量来记录终端的状态,请参阅下表所示:Some variables can be defined in the POS terminal to record the status of the terminal, as shown in the following table:
变量variable Bit位数Bit digit 存储区域Storage area 说明Description
SecModeSecMode 1616 OTPOTP 记录终端状态L0/L1/L2Record terminal status L0/L1/L2
SecLevelSecLevel 1616 OTPOTP 记录固件安全等级Record firmware security level
AppDebugAppDebug 11 BBRAMBBRAM 记录终端应用调试的状态值Record the status value of the terminal application debugging
FirmDebugFirmDebug 11 BBRAMBBRAM 记录终端固件调试的状态值Record the status value of terminal firmware debugging
TmaperClearTmaperClear 22 BBRAMBBRAM 记录是否解除触发Record whether to cancel the trigger
AuthDownSNAuthDownSN 11 BBRAMBBRAM 记录是否允许下载SNRecord whether to allow downloading of SN
OTP(One Time Programmable,是MCU的一种存储器类型,意思是一次性可编程:程序烧入IC后,将不可再次更改)区域数据初始值为0x00,只能从0写成1,不能从1写为0,掉电数据不会消失。BBRAM(Battery Backup Random Access Memory,电池备份区,具体到POS终端,是由触发电路保护的一个区域,终端一旦受到攻击,该区域的内容将自动擦除,因此常用于保存交易密钥等敏感数据)类似于SDRAM,数据可以被任意改写,采用电池供电,POS终端触发后数据会被清除。OTP区只有终端固件可以访问,任何人无法通过任何手段进行读写或改写。因此能够保证足够的安全性。OTP (One Time Programmable, which is a type of memory of the MCU, meaning one-time programmable: after the program is burned into the IC, it cannot be changed again) The initial value of the area data is 0x00, which can only be written from 0 to 1, not from 1 When it is 0, the power-down data will not disappear. BBRAM (Battery Backup Random Access Memory, specifically to the POS terminal, is an area protected by the trigger circuit. Once the terminal is attacked, the content of the area will be automatically erased, so it is often used to store sensitive data such as transaction keys. Similar to SDRAM, the data can be arbitrarily rewritten, powered by battery, and the data will be cleared after the POS terminal triggers. The OTP area is accessible only by the terminal firmware, and no one can read, write or rewrite by any means. Therefore, sufficient safety can be ensured.
具体地,当POS终端发送第一特征信息给授权工具后,即循环等待接收授权信息,如果接收到该授权信息,且该授权信息有效,则执行授权,并启动操作系统,如果等待超时,则直接启动操作系统,另外如果授权信息无效,则继续循环等待接收授权信息。Specifically, after the POS terminal sends the first feature information to the authorization tool, it waits cyclically to receive the authorization information. If the authorization information is received, and the authorization information is valid, the authorization is executed, and the operating system is started. If the waiting timeout occurs, Start the operating system directly, and if the authorization information is invalid, continue to cycle to receive the authorization information.
在本实施例中,首先通过POS终端中存储的可以唯一表征该POS终端的权限特征码来表征该POS终端,通过生成一随机数来唯一地表征POS终端该次切换状态的操作,这样通过该随机数和权限特征码可以唯一地表征POS终端该次切换状态的操作,从而计时该特征信息被非法份子获取,由于POS终端每次切换状态操作的特征信息均不相同,非法份子也无法对POS终端进行状态切换,从而保证了POS终端的安全性。In this embodiment, the POS terminal is first characterized by a privilege signature that can be uniquely characterized by the POS terminal stored in the POS terminal, and the POS terminal is uniquely characterized by the generation of a random number. The random number and the privilege signature can uniquely represent the operation of the POS terminal in the switching state, so that the feature information is timed to be obtained by the illegal component. Since the feature information of the POS terminal switching state operation is different, the illegal component cannot be POS. The terminal performs state switching to ensure the security of the POS terminal.
请参阅图7,图7为一实施例中校验步骤的流程图,该校验步骤在图4所示实施例中步骤S208之后,即接收授权工具返回的由授权机根据第一特征信息生成的授权信息的步骤之后,还可以包括:Please refer to FIG. 7. FIG. 7 is a flowchart of a verification step in an embodiment. After the step S208 in the embodiment shown in FIG. 4, the verification device returns an authorization machine to generate according to the first feature information. After the steps of the authorization information, it may also include:
S502:对授权信息进行分离以获取原文和数字签名。S502: Separate the authorization information to obtain the original text and the digital signature.
具体地,授权机在接收到授权服务器发送的第一特征信息和授权数据时,会对该第一特征信息和授权数据进行加密,为了方便描述,将第一特征信息 和授权数据称为原文,该加密过程的RSA密钥采用2048bits密钥,授权机首先对原文进行单向散列(HSAH)运算,以得到消息摘要A,再通过已存储的私钥对该消息摘要A进行签名得到数字签名A,将数字签名A和原文作为授权信息依次发送给授权服务器、授权工具以及POS终端。因此POS终端在获得该授权信息后,首先需要对该授权信息进行分离,以获得数字签名和原文。Specifically, when the first feature information and the authorization data sent by the authorization server are received, the authorization device encrypts the first feature information and the authorization data, and the first feature information is used for convenience of description. And the authorization data is called the original text, and the RSA key of the encryption process uses a 2048 bit key, and the authorization machine first performs a one-way hash (HSAH) operation on the original text to obtain the message digest A, and then the message is stored through the stored private key. The abstract A is signed to obtain the digital signature A, and the digital signature A and the original text are sequentially sent as authorization information to the authorization server, the authorization tool, and the POS terminal. Therefore, after obtaining the authorization information, the POS terminal first needs to separate the authorization information to obtain a digital signature and an original text.
S504:通过授权公钥对数字签名进行解密以获得第一摘要。S504: Decrypt the digital signature by authorizing the public key to obtain the first digest.
由于POS终端中存储有与上述私钥对应的公钥,所以在获得数字签名之后再通过该授权公钥对该数字签名进行解密运算即可得到相应的第一摘要。Since the public key corresponding to the private key is stored in the POS terminal, after the digital signature is obtained, the digital signature is decrypted by the authorized public key to obtain a corresponding first digest.
S506:对原文进行单向散列运算以获得第二摘要。S506: Perform a one-way hash operation on the original text to obtain a second abstract.
S508:当第一摘要和第二摘要相等时,则继续当授权信息校验成功时,则保存授权信息后,向授权工具发送授权成功的结果的步骤。S508: When the first digest and the second digest are equal, proceeding to the step of transmitting the authorization information to the authorization tool after the authorization information is successfully verified.
当上文中所计算的第一摘要和第二摘要相等时,则可以认为授权信息在传输过程中未被篡改,因此授权成功。When the first digest and the second digest calculated in the above are equal, it can be considered that the authorization information has not been tampered with during the transmission, and thus the authorization is successful.
S510:当第一摘要和第二摘要不相等时,则输出授权失败的信息。S510: When the first summary and the second summary are not equal, the information that the authorization fails is output.
上述实施例中,通过比较第一摘要和第二摘要即可以判断出授权信息是否合法,从而保证了POS终端所接收到的授权信息的合法性,为后续POS终端的合法的授权工作奠定基础。In the foregoing embodiment, by comparing the first digest and the second digest, it can be determined whether the authorization information is legal, thereby ensuring the legality of the authorization information received by the POS terminal, and laying a foundation for the legal authorization work of the subsequent POS terminal.
请参阅图8,图8为另一实施例中POS终端控制方法的流程图,该方法应用于图1所示的授权服务器中,该方法可以包括:Referring to FIG. 8, FIG. 8 is a flowchart of a method for controlling a POS terminal in another embodiment. The method is applied to the authorization server shown in FIG. 1. The method may include:
S602:接收授权工具发送的从POS终端获取的第一特征信息。S602: Receive first feature information that is sent by the authorization tool and is obtained from the POS terminal.
具体地,如上文所述,当授权工具要对POS终端的状态进行切换时,首先会向POS终端申请第一特征信息,并将该第一特征信息发送给授权服务器。Specifically, as described above, when the authorization tool needs to switch the state of the POS terminal, the first feature information is first applied to the POS terminal, and the first feature information is sent to the authorization server.
S604:对第一特征信息进行校验。S604: Check the first feature information.
授权服务器在接收到该第一特征信息后,首先要对该第一特征信息进行校验,以确保该第一特征信息的有效性,例如可以校验该第一特征信息中的序列号是否是授权服务器所管理的POS终端的序列号,如果是,则可以继续校验随机数与上一次该POS终端所发送的第一特征信息中的随机数是否相同 等,以确保该第一特征信息的合法性。After receiving the first feature information, the authorization server first checks the first feature information to ensure the validity of the first feature information. For example, it may be verified whether the sequence number in the first feature information is The serial number of the POS terminal managed by the authorization server, if yes, the continuation check whether the random number is the same as the random number in the first feature information sent by the POS terminal last time Etc. to ensure the legitimacy of the first feature information.
S606:当第一特征信息校验成功时,则将第一特征信息和授权数据发送至授权机以进行加密。S606: When the first feature information verification is successful, the first feature information and the authorization data are sent to the authorization machine for encryption.
当第一特征信息校验成功时,该授权服务器可以对相应的POS终端进行授权,例如可以形成授权类型、安全等级等,并将该些授权数据和第一特征信息一起发送至授权机进行加密处理,从而可以保证传输过程中授权信息不被篡改。When the first feature information is successfully verified, the authorization server may authorize the corresponding POS terminal, for example, may form an authorization type, a security level, etc., and send the authorization data together with the first feature information to the authorization machine for encryption. Processing, so as to ensure that the authorization information is not tampered with during transmission.
S608:接收授权机返回的对第一特征信息和授权数据加密形成的授权信息。S608: Receive authorization information formed by encrypting the first feature information and the authorization data returned by the authorization machine.
为了保护授权机中的授权私钥的合法性,授权机一般会被设置为不能联网,从而授权机中的授权私钥不会被篡改,但这样设置,授权机无法直接将授权信息发送给POS终端,因此授权机会首先将授权信息发送到与其物理连接的授权服务器中,由授权服务器将该授权信息发送到POS终端。In order to protect the legality of the authorized private key in the authorized machine, the authorized machine is generally set to be unable to be networked, so that the authorized private key in the authorized machine will not be tampered with, but in this way, the authorized machine cannot directly send the authorization information to the POS. The terminal, therefore, the authorization opportunity first sends the authorization information to the authorization server to which it is physically connected, and the authorization server transmits the authorization information to the POS terminal.
S610:将授权信息通过授权工具发送到POS终端,以使得POS终端进行状态切换。S610: Send the authorization information to the POS terminal by using an authorization tool, so that the POS terminal performs state switching.
上述实施例中,将授权机设置为未联网状态,从而可以保证授权私钥的有效性,另外,通过授权机对该授权数据和第一特征信息进行加密,保证了传输过程中授权信息的不可篡改性。In the above embodiment, the authorization machine is set to an unnetworked state, so that the validity of the authorized private key can be ensured. In addition, the authorization data and the first feature information are encrypted by the authorization machine, thereby ensuring that the authorization information is not available during the transmission process.篡 modified.
在其中一个实施例中,上述方法还可以包括:在授权工具的账户登录成功后,向授权工具发送验证码。该过程是为了提供双层保证,以确保授权工具的合法性。In one embodiment, the method may further include: sending a verification code to the authorization tool after the account of the authorization tool is successfully logged in. This process is to provide a two-tiered warranty to ensure the legitimacy of the authorization tool.
从而当授权工具向授权服务器发送从POS终端所获取的第一特征信息时,授权工具同时要将该验证法发送给授权服务器,从而该方法还包括接收授权工具发送的验证码。Therefore, when the authorization tool sends the first feature information acquired from the POS terminal to the authorization server, the authorization tool simultaneously sends the verification method to the authorization server, so that the method further includes receiving the verification code sent by the authorization tool.
进而步骤S604即对特征信息进行校验的步骤之前还可以包括:将验证码与所保存的验证码相比较;当验证码与所保存的验证码相等时,则对特征信息进行校验;当验证码与所保存的验证码不相等时,则向授权工具发送授权 失败的信息。The step S604, before the step of verifying the feature information, may further include: comparing the verification code with the saved verification code; and when the verification code is equal to the saved verification code, verifying the feature information; When the verification code is not equal to the saved verification code, the authorization is sent to the authorization tool. Failure information.
即为了保证只有在授权服务器登录过的授权工具才可以对POS终端进行授权的操作,因此授权服务器在接收到第一特征信息和验证码之后,首先将该验证码与已存储的验证码进行比较,当相等时,则认为该授权工具使合法的,否则,认为该授权工具不合法,从而不会进行授权操作。That is, in order to ensure that only the authorization tool that has been logged in by the authorization server can perform the authorization operation on the POS terminal, the authorization server first compares the verification code with the stored verification code after receiving the first feature information and the verification code. When it is equal, the authorization tool is considered to be legal. Otherwise, the authorization tool is considered to be illegal, so that the authorization operation is not performed.
上述实施例中,不仅通过登录账号和密码对授权工具的合法性进行验证,还通过一验证码再次验证该授权工具的合法性,从而即使登录账号和密码被篡改,由于非法份子在另外的非授权的工具上进行登录,其也不能获得相应的验证码,从而防止POS终端被非法篡改,通过登录账号和验证码的双层保证机制,进一步提高了该POS终端的安全性。In the above embodiment, not only the legality of the authorization tool is verified by the login account and the password, but also the legality of the authorization tool is verified again by a verification code, so that even if the login account and the password are tampered with, the illegal elements are in another non- When the login is performed on the authorized tool, the corresponding verification code cannot be obtained, thereby preventing the POS terminal from being illegally falsified, and the security of the POS terminal is further improved by the double-layer guarantee mechanism of the login account and the verification code.
虽然上文中图4、图7、图8的流程图中的各个步骤按照箭头的指示一次显示,但是这些步骤并不是必然按照箭头指示的顺序一次执行。除非本文中有明确的说明,这些步骤的执行并没有严格的顺序限制,其可以以其他的顺序执行。而且,图4、图7、图8中的至少一部分步骤可以包括多个子步骤或者多个阶段,这些子步骤或者阶段并不必然是在同一时刻执行完成,而是可以在不同的时刻执行,其执行顺序也不必然是依次进行,而是可以与其他步骤或者其他步骤的子步骤或者阶段的至少一部分轮流或者交替执行。Although the steps in the flowcharts of FIGS. 4, 7, and 8 above are displayed once in accordance with the indication of the arrows, these steps are not necessarily performed once in the order indicated by the arrows. Except as explicitly stated herein, the execution of these steps is not strictly limited, and may be performed in other sequences. Moreover, at least some of the steps in FIG. 4, FIG. 7, and FIG. 8 may include a plurality of sub-steps or stages, which are not necessarily performed at the same time, but may be executed at different times. The order of execution is not necessarily performed sequentially, but may be performed alternately or alternately with at least a portion of the sub-steps or stages of other steps or other steps.
请参阅图9,在一个实施例中,还提供了一种POS终端,该POS终端的内部结构可对应于如图2所示的结构,下述每个模块可全部或部分通过软件、硬件或其组合来实现。如图9所示,在一个实施例中,该POS终端包括:Referring to FIG. 9, in an embodiment, a POS terminal is further provided. The internal structure of the POS terminal may correspond to the structure shown in FIG. 2. Each of the following modules may be partially or partially implemented by software, hardware or The combination is implemented. As shown in FIG. 9, in one embodiment, the POS terminal includes:
第一接收模块101,用于接收授权工具发送的请求特征信息的指令,接收授权工具返回的由授权机根据第一特征信息生成的授权信息,以及接收授权工具的状态切换指令。The first receiving module 101 is configured to receive an instruction for requesting feature information sent by the authorization tool, receive the authorization information returned by the authorization device according to the first feature information, and receive a state switching instruction of the authorization tool.
特征信息生成模块102,用于根据指令生成第一特征信息。The feature information generating module 102 is configured to generate first feature information according to the instruction.
提取模块103,用于在授权信息校验成功时,则提取授权信息中的第二特征信息。The extracting module 103 is configured to extract second feature information in the authorization information when the authorization information verification is successful.
第一发送模块104,用于向授权工具返回第一特征信息,以及在第二特 征信息与第一特征信息相同时,则保存授权信息后,向授权工具发送授权成功的结果。The first sending module 104 is configured to return the first feature information to the authorization tool, and in the second special When the sign information is the same as the first feature information, the authorization information is saved, and the authorization success result is sent to the authorization tool.
状态切换模块105,用于根据状态切换指令切换当前状态。The state switching module 105 is configured to switch the current state according to the state switching instruction.
在其中一个实施例中,特征信息生成模块102包括:随机数生成单元,用于根据指令生成随机数。特征信息生成单元,用于根据随机数和已存储的权限特征码生成特征信息。In one of the embodiments, the feature information generating module 102 includes: a random number generating unit configured to generate a random number according to the instruction. The feature information generating unit is configured to generate feature information according to the random number and the stored rights feature code.
该装置还可以包括:判断模块,用于判断第二特征信息中的随机数与第一特征信息中的随机数是否相同;且当第二特征信息中的随机数与第一特征信息中的随机数相同时,则继续判断第二特征中的权限特征码与第一特征信息中的权限特征码是否相同;当第二特征中的权限特征码与第一特征信息中的权限特征码相同时,则返回第二特征信息与第一特征信息相同的结果;当第二特征信息中的随机数与第一特征信息中的随机数不相同时,或者当第二特征中的权限特征码与第一特征信息中的权限特征码不相同时,则返回第二特征信息与第一特征信息不相同的结果。The device may further include: a determining module, configured to determine whether the random number in the second feature information is the same as the random number in the first feature information; and when the random number in the second feature information is random with the first feature information When the numbers are the same, proceed to determine whether the rights feature code in the second feature is the same as the rights feature code in the first feature information; when the rights feature code in the second feature is the same as the rights feature code in the first feature information, Returning the same result of the second feature information and the first feature information; when the random number in the second feature information is different from the random number in the first feature information, or when the rights feature code in the second feature is the first When the authority feature codes in the feature information are different, the result that the second feature information is different from the first feature information is returned.
在其中一个实施例中,该装置还可以包括:分离模块,用于对授权信息进行分离以获取原文和数字签名。解密模块,用于通过授权公钥对数字签名进行解密以获得第一摘要。散列运算模块,用于对原文进行单向散列运算以获得第二摘要。第一发送模块104还用于当第一摘要和第二摘要相等时,则继续当授权信息校验成功时,则保存授权信息后,向授权工具发送授权成功的结果;当第一摘要和第二摘要不相等时,则输出授权失败的信息。In one embodiment, the apparatus may further comprise: a separation module for separating the authorization information to obtain the original text and the digital signature. And a decryption module, configured to decrypt the digital signature by authorizing the public key to obtain the first digest. A hash operation module is configured to perform a one-way hash operation on the original text to obtain a second abstract. The first sending module 104 is further configured to: when the first digest and the second digest are equal, continue to succeed when the authorization information is verified, and then save the authorization information, and send the authorization success result to the authorization tool; when the first digest and the first When the two digests are not equal, the information indicating that the authorization failed is output.
请参阅图10,在一个实施例中,还提供了一种授权服务器,该授权服务器的内部结构可对应于如图3所示的结构,下述每个模块可全部或部分通过软件、硬件或其组合来实现。如图10所示,在一个实施例中,该授权服务器包括:Referring to FIG. 10, in an embodiment, an authorization server is further provided, and the internal structure of the authorization server may correspond to the structure shown in FIG. 3. Each of the following modules may be partially or partially implemented by software, hardware or The combination is implemented. As shown in FIG. 10, in one embodiment, the authorization server includes:
第二接收模块201,用于接收授权工具发送的从POS终端获取的第一特征信息。The second receiving module 201 is configured to receive the first feature information that is sent by the authorization tool and is obtained from the POS terminal.
校验模块202,用于对第一特征信息进行校验。 The verification module 202 is configured to verify the first feature information.
第二发送模块203,用于当第一特征信息校验成功时,则将第一特征信息和授权数据发送至授权机以进行加密。The second sending module 203 is configured to send the first feature information and the authorization data to the authorization machine for encryption when the first feature information is successfully verified.
第二接收模块201还用于接收授权机返回的对第一特征信息和授权数据加密形成的授权信息。The second receiving module 201 is further configured to receive the authorization information formed by encrypting the first feature information and the authorization data returned by the authorization machine.
第二发送模块203还用于将授权信息通过授权工具发送到POS终端,以使得POS终端进行状态切换。The second sending module 203 is further configured to send the authorization information to the POS terminal by using an authorization tool, so that the POS terminal performs state switching.
在其中一个实施例中,第二发送模块203还用于在授权工具的账户登录成功后,向授权工具发送验证码。第二接收模块201还用于接收授权工具发送的验证码。In one embodiment, the second sending module 203 is further configured to send a verification code to the authorization tool after the account of the authorization tool is successfully logged in. The second receiving module 201 is further configured to receive a verification code sent by the authorization tool.
该装置还可以包括:比较模块,用于将验证码与所保存的验证码相比较。校验模块202还用于当验证码与所保存的验证码相等时,则对特征信息进行校验。第二发送模块203还用于当验证码与所保存的验证码不相等时,则向授权工具发送授权失败的信息。The apparatus can also include a comparison module for comparing the verification code to the saved verification code. The verification module 202 is further configured to verify the feature information when the verification code is equal to the saved verification code. The second sending module 203 is further configured to: when the verification code is not equal to the saved verification code, send information that the authorization fails to the authorization tool.
本领域普通技术人员可以理解实现上述实施例方法中的全部或部分流程,是可以通过计算机程序来指令相关的硬件来完成,所述的程序可存储于一计算机可读取存储介质中,该程序在执行时,可包括如上述各方法的实施例的流程。其中,所述的存储介质可为磁碟、光盘、只读存储记忆体(Read-Only Memory,ROM)或随机存储记忆体(Random Access Memory,RAM)等。One of ordinary skill in the art can understand that all or part of the process of implementing the foregoing embodiments can be completed by a computer program to instruct related hardware, and the program can be stored in a computer readable storage medium. When executed, the flow of an embodiment of the methods as described above may be included. The storage medium may be a magnetic disk, an optical disk, a read-only memory (ROM), or a random access memory (RAM).
以上所述实施例的各技术特征可以进行任意的组合,为使描述简洁,未对上述实施例中的各个技术特征所有可能的组合都进行描述,然而,只要这些技术特征的组合不存在矛盾,都应当认为是本说明书记载的范围。The technical features of the above-described embodiments may be arbitrarily combined. For the sake of brevity of description, all possible combinations of the technical features in the above embodiments are not described. However, as long as there is no contradiction between the combinations of these technical features, All should be considered as the scope of this manual.
以上所述实施例仅表达了本发明的几种实施方式,其描述较为具体和详细,但并不能因此而理解为对发明专利范围的限制。应当指出的是,对于本领域的普通技术人员来说,在不脱离本发明构思的前提下,还可以做出若干变形和改进,这些都属于本发明的保护范围。因此,本发明专利的保护范围应以所附权利要求为准。 The above-described embodiments are merely illustrative of several embodiments of the present invention, and the description thereof is more specific and detailed, but is not to be construed as limiting the scope of the invention. It should be noted that a number of variations and modifications may be made by those skilled in the art without departing from the spirit and scope of the invention. Therefore, the scope of the invention should be determined by the appended claims.

Claims (11)

  1. 一种POS终端控制方法,包括:A POS terminal control method includes:
    接收授权工具发送的请求特征信息的指令;Receiving an instruction for requesting feature information sent by the authorization tool;
    根据所述指令生成第一特征信息;Generating first feature information according to the instruction;
    向所述授权工具返回第一特征信息;Returning first feature information to the authorization tool;
    接收所述授权工具返回的由授权机根据所述第一特征信息生成的授权信息;Receiving, by the authorization tool, the authorization information generated by the authorization machine according to the first feature information;
    当所述授权信息校验成功时,则提取所述授权信息中的第二特征信息;When the verification of the authorization information is successful, extracting the second feature information in the authorization information;
    当所述第二特征信息与所述第一特征信息相同时,则保存所述授权信息后,向所述授权工具发送授权成功的结果;及When the second feature information is the same as the first feature information, after the authorization information is saved, the authorization success result is sent to the authorization tool;
    接收所述授权工具的状态切换指令,并根据所述状态切换指令切换当前状态。Receiving a state switching instruction of the authorization tool, and switching the current state according to the state switching instruction.
  2. 根据权利要求1所述的方法,其特征在于,所述根据所述指令生成第一特征信息的步骤,包括:The method according to claim 1, wherein the step of generating the first feature information according to the instruction comprises:
    根据所述指令生成随机数;Generating a random number according to the instruction;
    根据所述随机数和已存储的权限特征码生成特征信息;Generating feature information according to the random number and the stored permission feature code;
    所述提取所述授权信息中的第二特征信息的步骤之后,包括:After the step of extracting the second feature information in the authorization information, the method includes:
    判断所述第二特征信息中的随机数与所述第一特征信息中的随机数是否相同;Determining whether the random number in the second feature information is the same as the random number in the first feature information;
    当所述第二特征信息中的随机数与所述第一特征信息中的随机数相同时,则继续判断所述第二特征中的权限特征码与所述第一特征信息中的权限特征码是否相同;When the random number in the second feature information is the same as the random number in the first feature information, proceed to determine the rights feature code in the second feature and the rights feature code in the first feature information Whether they are the same;
    当所述第二特征中的权限特征码与所述第一特征信息中的权限特征码相同时,则返回所述第二特征信息与所述第一特征信息相同的结果;When the rights feature code in the second feature is the same as the rights feature code in the first feature information, returning the same result of the second feature information and the first feature information;
    当所述第二特征信息中的随机数与所述第一特征信息中的随机数不相同时,或者当所述第二特征中的权限特征码与所述第一特征信息中的权限特征码不相同时,则返回所述第二特征信息与所述第一特征信息不相同的结果。 When the random number in the second feature information is different from the random number in the first feature information, or when the rights feature code in the second feature and the rights feature code in the first feature information If not the same, the result that the second feature information is different from the first feature information is returned.
  3. 根据权利要求1或2所述的方法,其特征在于,所述接收所述授权工具返回的由授权机根据所述第一特征信息生成的授权信息的步骤之后,还包括:The method according to claim 1 or 2, wherein the step of receiving the authorization information generated by the authorization device according to the first feature information returned by the authorization tool further comprises:
    对所述授权信息进行分离以获取原文和数字签名;Separating the authorization information to obtain original text and digital signatures;
    通过授权公钥对所述数字签名进行解密以获得第一摘要;Decrypting the digital signature by authorizing a public key to obtain a first digest;
    对所述原文进行单向散列运算以获得第二摘要;Performing a one-way hash operation on the original text to obtain a second abstract;
    当所述第一摘要和所述第二摘要相等时,则继续当所述授权信息校验成功时,则保存所述授权信息后,向所述授权工具发送授权成功的结果的步骤;And when the first digest and the second digest are equal, continuing to send the authorization information to the authorization tool after the authorization information is successfully verified;
    当所述第一摘要和所述第二摘要不相等时,则输出授权失败的信息。When the first digest and the second digest are not equal, the information that the authorization fails is output.
  4. 一种POS终端控制方法,包括:A POS terminal control method includes:
    接收授权工具发送的从POS终端获取的第一特征信息;Receiving, by the authorization tool, the first feature information acquired by the POS terminal;
    对所述第一特征信息进行校验;Performing verification on the first feature information;
    当所述第一特征信息校验成功时,则将所述第一特征信息和授权数据发送至授权机以进行加密;When the first feature information is successfully verified, the first feature information and the authorization data are sent to an authorization machine for encryption;
    接收所述授权机返回的对所述第一特征信息和所述授权数据加密形成的授权信息;及Receiving, by the authorization machine, authorization information formed by encrypting the first feature information and the authorization data; and
    将所述授权信息通过所述授权工具发送到所述POS终端,以使得所述POS终端进行状态切换。Sending the authorization information to the POS terminal by using the authorization tool, so that the POS terminal performs state switching.
  5. 根据权利要求4所述的方法,其特征在于,所述方法还包括:The method of claim 4, wherein the method further comprises:
    在所述授权工具的账户登录成功后,向所述授权工具发送验证码;After the account of the authorization tool is successfully logged in, sending a verification code to the authorization tool;
    所述方法还包括:The method further includes:
    接收所述授权工具发送的验证码;Receiving a verification code sent by the authorization tool;
    所述对所述特征信息进行校验的步骤之前还包括:The step of verifying the feature information further includes:
    将所述验证码与所保存的验证码相比较;Comparing the verification code with the saved verification code;
    当所述验证码与所保存的验证码相等时,则对所述特征信息进行校验;And when the verification code is equal to the saved verification code, verifying the feature information;
    当所述验证码与所保存的验证码不相等时,则向所述授权工具发送授权 失败的信息。Sending an authorization to the authorization tool when the verification code is not equal to the saved verification code Failure information.
  6. 一种POS终端,包括存储器和处理器,所述存储器中存储有指令,所述指令被所处理器执行时,使得所述处理器执行以下步骤:A POS terminal includes a memory and a processor, wherein the memory stores instructions that, when executed by the processor, cause the processor to perform the following steps:
    接收授权工具发送的请求特征信息的指令;Receiving an instruction for requesting feature information sent by the authorization tool;
    根据所述指令生成第一特征信息;Generating first feature information according to the instruction;
    向所述授权工具返回第一特征信息;Returning first feature information to the authorization tool;
    接收所述授权工具返回的由授权机根据所述第一特征信息生成的授权信息;Receiving, by the authorization tool, the authorization information generated by the authorization machine according to the first feature information;
    当所述授权信息校验成功时,则提取所述授权信息中的第二特征信息;When the verification of the authorization information is successful, extracting the second feature information in the authorization information;
    当所述第二特征信息与所述第一特征信息相同时,则保存所述授权信息后,向所述授权工具发送授权成功的结果;及When the second feature information is the same as the first feature information, after the authorization information is saved, the authorization success result is sent to the authorization tool;
    接收所述授权工具的状态切换指令,并根据所述状态切换指令切换当前状态。Receiving a state switching instruction of the authorization tool, and switching the current state according to the state switching instruction.
  7. 根据权利要求6所述的POS终端,其特征在于,所述根据所述指令生成第一特征信息的步骤,包括:The POS terminal according to claim 6, wherein the step of generating the first feature information according to the instruction comprises:
    根据所述指令生成随机数;Generating a random number according to the instruction;
    根据所述随机数和已存储的权限特征码生成特征信息;Generating feature information according to the random number and the stored permission feature code;
    所述提取所述授权信息中的第二特征信息的步骤之后,包括:After the step of extracting the second feature information in the authorization information, the method includes:
    判断所述第二特征信息中的随机数与所述第一特征信息中的随机数是否相同;Determining whether the random number in the second feature information is the same as the random number in the first feature information;
    当所述第二特征信息中的随机数与所述第一特征信息中的随机数相同时,则继续判断所述第二特征中的权限特征码与所述第一特征信息中的权限特征码是否相同;When the random number in the second feature information is the same as the random number in the first feature information, proceed to determine the rights feature code in the second feature and the rights feature code in the first feature information Whether they are the same;
    当所述第二特征中的权限特征码与所述第一特征信息中的权限特征码相同时,则返回所述第二特征信息与所述第一特征信息相同的结果;When the rights feature code in the second feature is the same as the rights feature code in the first feature information, returning the same result of the second feature information and the first feature information;
    当所述第二特征信息中的随机数与所述第一特征信息中的随机数不相同 时,或者当所述第二特征中的权限特征码与所述第一特征信息中的权限特征码不相同时,则返回所述第二特征信息与所述第一特征信息不相同的结果。When the random number in the second feature information is different from the random number in the first feature information Or, when the rights feature code in the second feature is different from the rights feature code in the first feature information, returning a result that the second feature information is different from the first feature information.
  8. 根据权利要求6或7所述的POS终端,其特征在于,所述接收所述授权工具返回的由授权机根据所述第一特征信息生成的授权信息的步骤之后,还包括:The POS terminal according to claim 6 or 7, wherein the step of receiving the authorization information generated by the authorization device according to the first feature information returned by the authorization tool further comprises:
    对所述授权信息进行分离以获取原文和数字签名;Separating the authorization information to obtain original text and digital signatures;
    通过授权公钥对所述数字签名进行解密以获得第一摘要;Decrypting the digital signature by authorizing a public key to obtain a first digest;
    对所述原文进行单向散列运算以获得第二摘要;Performing a one-way hash operation on the original text to obtain a second abstract;
    当所述第一摘要和所述第二摘要相等时,则继续当所述授权信息校验成功时,则保存所述授权信息后,向所述授权工具发送授权成功的结果的步骤;And when the first digest and the second digest are equal, continuing to send the authorization information to the authorization tool after the authorization information is successfully verified;
    当所述第一摘要和所述第二摘要不相等时,则输出授权失败的信息。When the first digest and the second digest are not equal, the information that the authorization fails is output.
  9. 一种授权服务器,包括存储器和处理器,所述存储器中存储有指令,所述指令被所处理器执行时,使得所述处理器执行以下步骤:An authorization server includes a memory and a processor, wherein the memory stores instructions that, when executed by the processor, cause the processor to perform the following steps:
    接收授权工具发送的从POS终端获取的第一特征信息;Receiving, by the authorization tool, the first feature information acquired by the POS terminal;
    对所述第一特征信息进行校验;Performing verification on the first feature information;
    当所述第一特征信息校验成功时,则将所述第一特征信息和授权数据发送至授权机以进行加密;When the first feature information is successfully verified, the first feature information and the authorization data are sent to an authorization machine for encryption;
    接收所述授权机返回的对所述第一特征信息和所述授权数据加密形成的授权信息;及Receiving, by the authorization machine, authorization information formed by encrypting the first feature information and the authorization data; and
    将所述授权信息通过所述授权工具发送到所述POS终端,以使得所述POS终端进行状态切换。Sending the authorization information to the POS terminal by using the authorization tool, so that the POS terminal performs state switching.
  10. 根据权利要求9所述的授权服务器,其特征在于,所述方法还包括:The authorization server according to claim 9, wherein the method further comprises:
    在所述授权工具的账户登录成功后,向所述授权工具发送验证码;After the account of the authorization tool is successfully logged in, sending a verification code to the authorization tool;
    所述方法还包括:The method further includes:
    接收所述授权工具发送的验证码;Receiving a verification code sent by the authorization tool;
    所述对所述特征信息进行校验的步骤之前还包括: The step of verifying the feature information further includes:
    将所述验证码与所保存的验证码相比较;Comparing the verification code with the saved verification code;
    当所述验证码与所保存的验证码相等时,则对所述特征信息进行校验;And when the verification code is equal to the saved verification code, verifying the feature information;
    当所述验证码与所保存的验证码不相等时,则向所述授权工具发送授权失败的信息。When the verification code is not equal to the saved verification code, the authorization failure information is sent to the authorization tool.
  11. 一种计算机可读存储介质,其上存储有计算机程序,其特征在于,该计算机程序被处理器执行时实现以下步骤:A computer readable storage medium having stored thereon a computer program, wherein the computer program is executed by a processor to implement the following steps:
    接收授权工具发送的请求特征信息的指令;Receiving an instruction for requesting feature information sent by the authorization tool;
    根据所述指令生成第一特征信息;Generating first feature information according to the instruction;
    向所述授权工具返回第一特征信息;Returning first feature information to the authorization tool;
    接收所述授权工具返回的由授权机根据所述第一特征信息生成的授权信息;Receiving, by the authorization tool, the authorization information generated by the authorization machine according to the first feature information;
    当所述授权信息校验成功时,则提取所述授权信息中的第二特征信息;When the verification of the authorization information is successful, extracting the second feature information in the authorization information;
    当所述第二特征信息与所述第一特征信息相同时,则保存所述授权信息后,向所述授权工具发送授权成功的结果;及When the second feature information is the same as the first feature information, after the authorization information is saved, the authorization success result is sent to the authorization tool;
    接收所述授权工具的状态切换指令,并根据所述状态切换指令切换当前状态。 Receiving a state switching instruction of the authorization tool, and switching the current state according to the state switching instruction.
PCT/CN2017/102383 2017-03-14 2017-09-20 Pos terminal control method, pos terminal, server and storage medium WO2018166163A1 (en)

Applications Claiming Priority (2)

Application Number Priority Date Filing Date Title
CN201710150926.2A CN107133512B (en) 2017-03-14 2017-03-14 POS terminal control method and device
CN201710150926.2 2017-03-14

Publications (1)

Publication Number Publication Date
WO2018166163A1 true WO2018166163A1 (en) 2018-09-20

Family

ID=59721896

Family Applications (1)

Application Number Title Priority Date Filing Date
PCT/CN2017/102383 WO2018166163A1 (en) 2017-03-14 2017-09-20 Pos terminal control method, pos terminal, server and storage medium

Country Status (2)

Country Link
CN (1) CN107133512B (en)
WO (1) WO2018166163A1 (en)

Cited By (1)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
TWI725623B (en) * 2019-11-15 2021-04-21 倍加科技股份有限公司 Point-to-point authority management method based on manager's self-issued tickets

Families Citing this family (4)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN107133512B (en) * 2017-03-14 2020-07-28 万达百汇科技(深圳)有限公司 POS terminal control method and device
CN107835170B (en) * 2017-11-04 2021-04-20 上海动联信息技术股份有限公司 Intelligent Pos equipment safety authorization dismantling system and method
CN109509314A (en) * 2018-12-15 2019-03-22 深圳市捷诚技术服务有限公司 Mode switching method, device, storage medium and the POS terminal of POS terminal
CN111899443B (en) * 2020-08-13 2022-08-05 深圳大势智能科技有限公司 Method and device for debugging traditional POS machine on intelligent POS machine

Citations (6)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN102855560A (en) * 2011-06-29 2013-01-02 国民技术股份有限公司 Method and system for mobile payment
CN103295341A (en) * 2013-05-16 2013-09-11 中国工商银行股份有限公司 POS (point-of-sales) safety certification device, POS safety certification system and POS device safety certification method
CN105117665A (en) * 2015-07-16 2015-12-02 福建联迪商用设备有限公司 Method and system for safely switching between terminal product mode and development mode
CN105930718A (en) * 2015-12-29 2016-09-07 中国银联股份有限公司 Method and apparatus for switching point-of-sale (POS) terminal modes
EP3109817A1 (en) * 2015-06-25 2016-12-28 Mastercard International Incorporated Systems, methods, devices, and computer readable media for monitoring proximity mobile payment transactions
CN107133512A (en) * 2017-03-14 2017-09-05 万达百汇科技(深圳)有限公司 POS terminal control method and device

Family Cites Families (5)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US6047264A (en) * 1996-08-08 2000-04-04 Onsale, Inc. Method for supplying automatic status updates using electronic mail
CN101166085B (en) * 2007-09-24 2012-03-07 飞天诚信科技股份有限公司 Remote unlocking method and system
CN105306210B (en) * 2014-08-01 2020-06-23 腾讯科技(深圳)有限公司 Method, device and system for realizing authorization by using application program
CN105721413B (en) * 2015-09-08 2018-05-29 腾讯科技(深圳)有限公司 Method for processing business and device
CN106372531B (en) * 2016-08-30 2018-11-02 福建联迪商用设备有限公司 A kind of mandate obtains terminal attack warning message log approach and system

Patent Citations (6)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN102855560A (en) * 2011-06-29 2013-01-02 国民技术股份有限公司 Method and system for mobile payment
CN103295341A (en) * 2013-05-16 2013-09-11 中国工商银行股份有限公司 POS (point-of-sales) safety certification device, POS safety certification system and POS device safety certification method
EP3109817A1 (en) * 2015-06-25 2016-12-28 Mastercard International Incorporated Systems, methods, devices, and computer readable media for monitoring proximity mobile payment transactions
CN105117665A (en) * 2015-07-16 2015-12-02 福建联迪商用设备有限公司 Method and system for safely switching between terminal product mode and development mode
CN105930718A (en) * 2015-12-29 2016-09-07 中国银联股份有限公司 Method and apparatus for switching point-of-sale (POS) terminal modes
CN107133512A (en) * 2017-03-14 2017-09-05 万达百汇科技(深圳)有限公司 POS terminal control method and device

Cited By (1)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
TWI725623B (en) * 2019-11-15 2021-04-21 倍加科技股份有限公司 Point-to-point authority management method based on manager's self-issued tickets

Also Published As

Publication number Publication date
CN107133512A (en) 2017-09-05
CN107133512B (en) 2020-07-28

Similar Documents

Publication Publication Date Title
US10491379B2 (en) System, device, and method of secure entry and handling of passwords
CN109951489B (en) Digital identity authentication method, equipment, device, system and storage medium
CN110677418B (en) Trusted voiceprint authentication method and device, electronic equipment and storage medium
CN108667608B (en) Method, device and system for protecting data key
CN109313690B (en) Self-contained encrypted boot policy verification
WO2018166163A1 (en) Pos terminal control method, pos terminal, server and storage medium
US10474823B2 (en) Controlled secure code authentication
TWI667586B (en) System and method for verifying changes to uefi authenticated variables
WO2020192406A1 (en) Method and apparatus for data storage and verification
WO2021219086A1 (en) Data transmission method and system based on blockchain
US20200106775A1 (en) Method, device, system for authenticating an accessing terminal by server, server and computer readable storage medium
CN105718807B (en) Android system and its authentic authentication system based on soft TCM and credible software stack and method
CN110688660B (en) Method and device for safely starting terminal and storage medium
CN103051451A (en) Encryption authentication of security service execution environment
TW201109969A (en) Method and system for securely updating field upgradeable units
CN110795126A (en) Firmware safety upgrading system
JP2004295271A (en) Card and pass code generator
WO2013107362A1 (en) Method and system for protecting data
US20100250949A1 (en) Generation, requesting, and/or reception, at least in part, of token
KR100751428B1 (en) System for certify one-time password and method for generating one-time password
AU2009334099A1 (en) Remote update method for firmware
WO2019051839A1 (en) Data processing method and device
CN111901304B (en) Registration method and device of mobile security equipment, storage medium and electronic device
CN115129332A (en) Firmware burning method, computer equipment and readable storage medium
CN116561734A (en) Verification method, verification device, computer and computer configuration system

Legal Events

Date Code Title Description
121 Ep: the epo has been informed by wipo that ep was designated in this application

Ref document number: 17900710

Country of ref document: EP

Kind code of ref document: A1

NENP Non-entry into the national phase

Ref country code: DE

32PN Ep: public notification in the ep bulletin as address of the adressee cannot be established

Free format text: NOTING OF LOSS OF RIGHTS PURSUANT TO RULE 112(1) EPC (EPO FORM 1205A DATED 20/01/2020)

122 Ep: pct application non-entry in european phase

Ref document number: 17900710

Country of ref document: EP

Kind code of ref document: A1