CN101295394A

CN101295394A - Method and device for providing e-commerce and m-commerce

Info

Publication number: CN101295394A
Application number: CNA200810087747XA
Authority: CN
Inventors: 许良盛; 潘昕; 仇福栋; 仇福梁
Original assignee: TOBO TECHNOLOGY Co Ltd
Current assignee: SHENZHEN KEBING ASSET MANAGEMENT PARTNERSHIP (LIMITED PARTNERSHIP)
Priority date: 2007-04-23
Filing date: 2008-03-26
Publication date: 2008-10-29
Anticipated expiration: 2028-03-26
Also published as: CN104966196B; TW200842753A; TWI366796B; CN104966196A

Abstract

The invention discloses a technology that a portable apparatus is used as an electronic purchaser (such as an electronic wallet) and/or an electronic mobile seller (such as a mobile point-of-sales). In accordance with one aspect of the invention, on condition that the security is not compromised, what is provided is a device which enables the portable apparatus to be able to carry out transactions of electronic commerce and mobile commerce on an opening network via a payment server and/or a point-of-sales transaction processing server. In an embodiment, the portable apparatus is loaded into the electronic wallet to use as the electronic mobile purchaser. And in another embodiment, the portable apparatus is loaded into the mobile point-of-sales to use as the electronic mobile seller.

Description

The method and the device thereof of ecommerce and Mobile business are provided

The cross-reference of related application

The application is that the application number on September 24th, 2006 application is the part continuation application of the common pending application of 11/543,653 U.S. Patent application.

Technical field

The present invention relates generally to transaction by network, especially, the present invention relates to be effectively applied to be ecommerce (E-Commerce, Electronic Commerce) and Mobile business (M-Commerce, Mobile Commerce) and the customization portable equipment in stored value card and mobile sale point (POS, Point-of-Sales).

Background technology

Single function card successfully has been applied to such as in the such closed environment of transportation system.An example of this single function card is untouchable smart card (MIFARE), and MIFARE is the widest untouchable smart card techniques of fitting limit in the world.Sold owing to have to surpass 500,000,000 intellective IC cards and surpass 500 ten thousand card reader assemblies, MIFARE has been chosen as the most successful non-contact intelligent card technique.MIFARE provides perfect solution for the application such as credit (loyalty) and sell goods (vending) card, road toll, city card, access control and recreation etc.

Yet; the application of single function card is deployed in the closed system; be difficult to be extended in the other field such as ecommerce and Mobile business etc.; this is because the information of the amount of money (stored value) that stores and transaction is stored in the data space of each label (each tag) and by group key protection, the attribute of label be key must be sent to card verify after data could be accessed in transaction.This restriction makes the system of this class technology of use be difficult to be extended to open environment, for example be used for the Internet of ecommerce and/or be used for the cellular communications networks of Mobile business, can cause problem aspect the security because transmit key at the PD network.

Therefore, in the various device especially in the portable equipment, need a kind of device that electronics is bought device and/or electronic marketing device that is used as,, under the prerequisite of uncompromising security, conclude the business on open network, to pass through paying server and/or point of sale (pos) transactions processing server.

Summary of the invention

The purpose of this part is some aspects of the general introduction embodiment of the invention, and briefly introduces some preferred embodiments.The same in summary in this part or omission and exercise question and the summary can avoid the purpose of this part, exercise question and summary unclear, and these summaries or omission are not to want to limit protection scope of the present invention.

In general, the present invention relates to equipment, particularly portable equipment provides a kind of device that can be used as electronics purchase device (for example stored value card (e-purse)) and/or electronics mobile sale device (for example mobile sale point), concluding the business under the prerequisite in uncompromising security by paying server and point of sale (pos) transactions processing server on open network.According to one aspect of the present invention, portable equipment (cell phone for example, PDA(Personal Digital Assistant), etc.) can be written into the wallet administration device.Described wallet administration device can be set to manage various transaction, and is used as and visits the wherein device of simulator.Described transaction can be carried out on PD network and/or cellular communications networks.

According to another aspect of the present invention, three layers of security model have been proposed, the present invention will be based on described security model operation.Described three layers of security model comprise the physical security layer, and stored value card safe floor, and card management device safe floor, described three safe floors be encapsulation (concentricallyencapsulating) with one heart separately from each other.In described three layers of security model, come the individual electronic wallet, and carry out Secure Transaction by paying server by personalized safe key (can be symmetry or asymmetric).In a specific embodiment, the required critical data of individual electronic wallet comprises one or more operation keys (for example be written into or supplement with money (top-up) key and buy key), default Personal Identification Number (PINs, Personal IdentificationNumbers), managing keys (for example remove interception PIN key and be written into the PIN key again), and password (for example password that provides by this class of Mifare service provider).In process of exchange, safe key is used to set up with embedded electronic wallet and security identity module (SAM, Security AuthenticationModule) or the escape way that links to each other of the back-end server in financial institution's (for example bank, credit unions, credit clarification place etc.).

According to a further aspect in the invention, the portable equipment of installing or preset service managerZ-HU is configured to from one or more servers (as the service provider), downloads and install miscellaneous service/application component (for example MIDlets application program and applets application program) safely by cellular communications networks (for example general packet radio service (GPRS) network).According to the difference of specific implementation, partly or entirely MIDlets application program (for example point of sale manager, wallet administration device etc.) is installed on the base band (for example related with microcontroller circuit memory headroom) of portable equipment.The Applet application program is installed on the safety element (for example smart card) in the portable equipment, and further disposes personalized safe key (for example the key after the conversion, Personal Identification Number) and other customized informations.

In addition, aforementioned service managerZ-HU also can be installed on computers (for example notebook computer, desktop personal computer) in advance, or is embodied as and uses (for example based on network application software) on the line.(for example observe the very-short-reach coupling device (Proximity CouplingDevice) of ISO 14443 standards together with contactless reader, or the very-short-reach reader of ISO 15693 standards), aforementioned installation and individuation process can carry out on wired and/or wireless network (for example Internet).

According to a further aspect in the invention, portable equipment is configured to electronics mobile sale device (for example mobile sale point), to carry out ecommerce and/or Mobile business.Ecommerce and Mobile business operation (comprise payment under the line, pay charging in real time, virtual supplementing with money on the line, transaction is uploaded in batches, and various payments balances and Transaction Inquiries) can use the portable equipment that point of sale manager and point of sale security identity module (SAM) have been installed to carry out.

Offline electronic payment allows portable equipment under the situation that does not insert rear end point of sale service device, collects electronic token from the device (portable equipment of for example single function card, Mifare, support stored value card etc.) of another support electronic token.Charging in real time allows portable equipment to support on the equipment of electronic token to another from financial institution, replenishes electronic token in real time.Virtual supplementing with money allows portable equipment to another support electronic token, and only is set to receive in the equipment of electronic token additional electronic token from the fund account that sponsor or donor set up.In batches transaction is uploaded permission and a plurality of transaction of point of sale accumulation are sent on the point of sale (pos) transactions processing server of rear end are settled accounts.Transaction and revenue and expenditure historical query can be supported by a MIDlet application program (for example graphic user interface of built-in query function).The security of all aforementioned applications all meets the industrial standard of ecommerce and/or Mobile business.

The present invention can realize in interior number of ways by comprising method, system and equipment.In a specific embodiment, the present invention makes portable equipment can carry out the Mobile business transaction method, and described method may further comprise the steps at least: with safety element that the mobile device base band engages on the Mobile business transaction modules is installed; Personalized described mounted Mobile business transaction modules; Customized information according in the Mobile business transaction modules of described personalization downloads to Mobile business transaction manager module on the base band of described portable equipment; And build-in services manager module in advance and be configured as and assist described installation, personalization and download step.Described personalization step further comprises: the personalization server at link service provider place, to set up escape way; Send personalized request to described personalization server; Reception one or more comprises the internet message of individuation data group from described personalization server; And described individuation data group is sent to described ecommerce and Mobile business transaction modules.

According to another specific embodiment, the present invention is the system that is used to carry out the Mobile business transaction, described system is at least by forming with the lower part: be configured to the portable equipment of mobile sale point (POS), comprise in the described mobile sale point through installing and personalized point of sale manager and point of sale security identity module (SAM); And the equipment of supporting electronic token, wherein, electronic token is set to and can be read by the noncontact interface of described portable equipment, and wherein the noncontact interface is standard compliant very-short-reach coupling device.Described system also comprises the point of sale (pos) transactions processing server that inserts described point of sale manager by the escape way on the cellular communications networks.

According to another specific embodiment, the present invention is to use portable equipment to carry out the Mobile business transaction method, described method may further comprise the steps at least: by reading the equipment of supporting electronic token, the described equipment possessor who carries out purchase-transaction from hope fetches electronic token there; The point of sale security identity module (POS SAM) that use is installed on the described portable equipment determines whether the described electronic token of fetching is effective; If described electronic token is confirmed as effectively and have enough remaining sums to buy the amount of money with payment, then deducts described electronic token with the described purchase-transaction of record in the security identity module of described point of sale, otherwise refuse described purchase-transaction.Described method also comprises by cellular communications networks or PD network the transaction of accumulating in the security identity module of described point of sale is uploaded to the point of sale (pos) transactions processing server, and, inject fund to the equipment of described support electronic token from financial institution or continuous account by the point of sale manager in the described portable equipment.

Therefore, an object of the present invention is to provide can be embedded in the equipment, the device in the portable equipment particularly, described device can be used as electronics and buy device and/or electronics mobile sale device, with under the prerequisite of uncompromising security, carry out transaction by paying server on the open network and/or point of sale (pos) transactions processing server.

By checking the embodiment that is described in detail below in conjunction with accompanying drawing, other purposes of the present invention, feature and beneficial effect will become obvious.

Description of drawings

By below in conjunction with the elaborating of accompanying drawing, the present invention will be understood easily, wherein, and the identical identical construction package of reference numbers representative, among the figure:

Figure 1A has showed three layers of security model, and according to a relevant specific embodiment, the present invention will be based on described three layers of security model operation;

Figure 1B has showed between three entity component and aforementioned three layers of corresponding to data flow of security model;

Fig. 2 has showed the configuration diagram when portable equipment is carried out ecommerce and Mobile business as stored value card according to a specific embodiment of the present invention;

Fig. 3 A has showed that relevant module interacts, to finish the aforementioned electronic wallet is carried out personalisation process by the donor structural drawing;

Fig. 3 B has showed that relevant module interacts, to finish the aforementioned electronic wallet is carried out personalized processing by its user structural drawing;

Fig. 3 C has showed the flow process or the procedure chart of individual electronic wallet according to a specific embodiment of the present invention;

Fig. 4 A and Fig. 4 B have together showed to stored value card and have raised funds according to a specific embodiment of the present invention, registered capital to flow process when being written into or supplementing with money or procedure chart;

Fig. 4 C has showed that relevant module interacts, to finish the structural representation of process shown in Fig. 4 A and Fig. 4 B;

Fig. 5 A is according to a specific embodiment of the present invention, and the configuration diagram of having showed first kind of portable equipment enables to go up the various functions of carrying out ecommerce and Mobile business at cellular communications networks (for example GPRS network);

Fig. 5 B has showed the configuration diagram of second kind of portable equipment according to another specific embodiment of the present invention, enables to go up the various functions of carrying out ecommerce and Mobile business at wired and/or radio data network (for example Internet);

Fig. 5 C is a width of cloth process flow diagram, according to a specific embodiment of the present invention, has illustrated that the portable equipment that makes among Fig. 5 A can move the process synoptic diagram of the service/application that one or more service providers provide;

Fig. 6 A has showed a configuration diagram according to a specific embodiment of the present invention, and portable equipment wherein can be carried out ecommerce and Mobile business as mobile sale point;

Fig. 6 B has showed a configuration diagram according to a specific embodiment of the present invention, and portable equipment wherein can be carried out the transaction upload operation as mobile sale point on network;

Fig. 6 C is a width of cloth process flow diagram, according to a specific embodiment of the present invention, has illustrated and has used as the portable equipment of mobile sale point and single function card device of support electronic token, carries out the process synoptic diagram of Mobile business;

Fig. 6 D is a width of cloth process flow diagram, has illustrated to use as the portable equipment of mobile sale point and the multifunctional card device of supporting electronic token, carries out the process synoptic diagram of Mobile business; And

Fig. 7 has described the structural representation when portable equipment is used for the electronic bill application.

Embodiment

Listed a large amount of specific details in the following introduction, to help complete understanding the present invention.The present invention can omit these specific details in reality realizes.Description in this part and diagram are the means that the others skilled in the art of experienced technician in this area pass on its work essence effectively in this area.In other cases, well-known method, process makes up and circuit is not described in detail, because these key elements are understood fully by the public, and can avoid so unnecessarily causing content of the present invention too hard to understand.

When mentioning " specific embodiment ", specified features, structure or characteristic that expression is described in conjunction with this specific embodiment all can be included at least one embodiment of the present invention in this part.The phrase " in a specific embodiment " that many places occur in the instructions may relate to a plurality of different specific embodiments, does not repel mutually between independent specific embodiment or alternative embodiment and other the embodiment.In addition, for procedure chart, process flow diagram or the functional diagram of the single or multiple specific embodiment of expression, the order of square frame might not be represented any certain order among the present invention among the figure, and described order not should be the present invention yet and makes any qualification.

When specific embodiments of the invention are discussed, will quote Figure 1A to Fig. 7.But known to those of skill in the art, the detailed description of doing in conjunction with described diagram in this part is just in order to further specify the present invention, and the present invention is not limited only to described these specific embodiments.

Figure 1A has showed three layers of security model 100, and according to a relevant specific embodiment, the present invention will be based on described three layers of security model operation.Described three layers of security model 100 comprise physical security layer 102, stored value card safe floor 104 and card management device safe floor 106.

The security mechanism that is provided by single function card is provided described physical security layer 102, to protect the data of storing on the described card.Described card can be realized by hardware, or be realized by the software simulation that runs in certain medium.Data on single function card are by a group access cryptographic key protection.Described key just is embedded into described card when described card is provided.For prevent with the present invention in content obscure mutually, the process that embeds described key in described card will be omitted.When visiting described data, relevant key is read to carry out identification by contactless reader.

Described stored value card safe floor 104 definition are supported in the agreement of carrying out the small amount payment transaction in the cable and wireless environment for one group.For the stored value card (e-purse) that is stored in the smart card, a group key (can be symmetry or unsymmetrical key) when described stored value card is issued by personalized and deposit described stored value card in.In process of exchange, described stored value card uses a group key to carry out data encryption and information Recognition code (MAC) computing respectively, to set up and to protect the escape way that connects described stored value card and described security identity module or back-end server.For single function card, what described stored value card safe floor 104 can play entrance guard (gatekeeper) is used for protecting the practical operation of carrying out on described single function card.In individuation process, the access key of described single function card (or the form after its conversion) will be by personalization, and and the electronic-purse transaction key together deposit described stored value card in.

Card management device safe floor 106 refers in smart card the universal safety framework of the operating system of carrying in advance, and the platform of Personal Identification Number management and the personalized escape way of card (security domain) is provided.In a specific embodiment, described platform can be used to carry out the personalization of stored value card via the card management device.An example of described card management device safe floor 106 be called as global platform (GP, GlobalPlatform), stride the industrial member tissue for what advance that the smart card development standard sets up.GP has gathered the interests of smart card publisher, manufacturer, industrial group, public entities and technology company, to formulate the designing requirement and the technical standard of multi-purpose intelligent card.In a specific embodiment, global platform safe floor (GPsecurity) is used to the individualized intelligent card.Therefore, stored value card key and card access key are all deposited in the target labels through after the personalization.

Figure 1B showed between three entities with described three layers of security model consistent flow of data to, described three entities comprise land (land-based) security identity module or a network electronic wallet server 112, play the wallet administration device 114 of entrance guard's effect, and a single functional label 116.According to a specific embodiment of the present invention, communicating by letter between described land security identity module or network electronic wallet server 112 and the described wallet administration device 114, to be undertaken by a kind of order (for example internet message), communication between described wallet administration device 114 and the described single functional label 116 is then undertaken by the order (for example application protocol data module (APDU)) of another type, wherein said wallet administration device 114 plays entrance guard's effect, to guarantee having only safe and reliable and just can be allowed to carry out through the exchanges data of authorizing.

Shown in Figure 1A, described physical security layer is realized in simulator.Simulator herein means another the special hardware unit or the program of a hardware unit or program virtual (pretends) one-tenth, and other assembly wishes to carry out alternately with this device that invents or program.Described stored value card safe floor is realized between one or more applet programs that electronic purse function is provided and paying server.Described card management device safe floor (for example global platform safe floor) is realized by the card management device and the renewal safe key, be used for suitable passage mutual between described server and the applet program with foundation, wherein stored value card applet program plays entrance guard's work in order to management or control data exchange.

According to a specific embodiment, be mounted with a smart card operating system that security framework is provided on the smart card in advance, with the visit (for example in described smart card, external application being installed) of control to described smart card.In order to manage the life cycle of described external application, be provided with card management device module by described smart card security framework.For example, the SmartMX smart card based on Java is mounted with JCOP 4.1 operating systems in advance.The global platform 2.1 of installing in the SmartMX smart card (Global Platform 2.1) then can be carried out the function of described card management device.

With reference to Fig. 2, Fig. 2 has showed the configuration diagram 200 when portable equipment is carried out ecommerce and Mobile business as stored value card according to a specific embodiment of the present invention.Described Figure 200 has comprised the portable phone 202 of smart card module embedded.An example of this type of portable phone is to support short-range communication (NFC, Near Field Communication), and comprises the portable phone of SmartMX (SMX) module.Described SMX module is mounted with Mifare simulator 208 (being single function card) in advance, to be used for storing numerical value (values).Described portable phone is equipped with noncontact interface (for example ISO 14443RFID), plays the effect of label to allow described portable phone.In addition, described SMX module is to move the Java card sheet (JavaCard) of Javaapplet program.According to a specific embodiment, stored value card is based upon on the described global platform (GP), and is embodied as the applet program in the described SMX module.Described stored value card is set to can be by the data structure of the described Mifare simulator of cryptographic acess, and described password is obtained through after the suitable conversion by described access key.

Wallet administration device MIDlet program 204 is provided in the described portable phone 202.In Mobile business, described MIDlet program 204 has been served as the communication agent between stored value card applet program 206 and one or more payment network and the server 210, so that the transaction between the each side is carried out smoothly.The MIDlet program of indication is the component software that is adapted at moving on the portable equipment herein.Described wallet administration device MIDlet program 204 may be implemented as " the MIDlet program " on the Java portable phone, or " executable application programs " on the PDA(Personal Digital Assistant) equipment.One of function of described wallet administration device MIDlet program 204 is an access of radio network, and with operate in identical equipment or the stored value card applet program on the outside intelligent card communicates.In addition, MIDlet program 204 also is set to management function can be provided, and for example changes Personal Identification Number (PIN), checks electronic purse balance amount and transactions history daily record.The card issuing merchant provides the security identity module (SAM) 212 that is used for supporting and authenticating any transaction of carrying out between card and corresponding with service device (that is paying server) in an example is used.As shown in Figure 2, application protocol data module (APDU) order is created by server 210 that can access security identification module (SAM) 212, and wherein said APDU module is the communication module between reader and the card.The structure of described APDU module is according to ISO 7816 standard formulations.Usually, APDU order be embedded in the internet message and be transferred into described server 210 or described stored value card applet program 206 to accept processing.

In ecommerce, the web proxy 214 that moves on the computing machine (not shown) is responsible for a contactless reader (for example ISO 14443RFID reader) and the described webserver 210 mutual.In practical operation, described agency 214 sends the APDU order by described contactless reader 216 to the described stored value card applet program 206 of operation on portable phone 202, or receives corresponding answer by identical approach from described stored value card applet program 206.On the other hand, described agency 214 can generate network requests (for example HTTP) and receive corresponding answer from described paying server 210.

When personalized portable phone 202, the structural drawing 300 among Fig. 3 A has been showed the correlation module interaction, carries out personalized process to finish stored value card by the donor.Structural drawing 320 among Fig. 3 B has been showed the correlation module interaction, carries out personalized process with the stored value card of finishing as shown in Figure 2 by its user.

Flow process among Fig. 3 C or procedure chart 350 have been showed according to a specific embodiment of the present invention, the process of individual electronic wallet applet program.Fig. 3 C suggestion combines together with Fig. 3 A and Fig. 3 B to be understood.Procedure chart 350 can pass through software, hardware or way of hardware and software combination to be realized.

As previously mentioned, the wallet administration device builds on the global platform, required security mechanism so that individual electronic wallet applet program to be provided.In practical operation, security domain be used to the to connect escape way of personalized application server and described stored value card applet program.According to a specific embodiment, comprise one or more operation keys (for example be written into or supplement with money key and buy key) through the personalized critical data that is also deposited in described stored value card applet program, default Personal Identification Number, managing keys (for example block to remove the PIN key and be written into the PIN key again), and password (for example from Mifare password).

Suppose that the user wants personalization to be embedded in stored value card applet program in the portable equipment (for example portable phone).In the step 352 of Fig. 3 C, individuation process is activated.According to the difference of specific implementation, individuation process may be realized in the module in portable equipment, and by manual or automated manner activation, also may be embodied as a physical process that is started by donor (normally with the associated personnel of card issuing merchant).As shown in Figure 3A, the donor starts individuation process 304, stored value card applet program with personalized user, described individuation process 304 is undertaken by the contactless reader 310 as the interface on existing (existing) new stored value card security identity module 306 and existing security identity module 308.Card management device 311 is carried out at least two functions: (1) sets up escape way by security domain, with in the card individuation process, installs and personalized external application (for example stored value card applet program); And (2) establishment safety practice (for example Personal Identification Number), with the described application program of protection in follow-up operation.As the result of described individuation process use personalized application server 304, described stored value card applet program 312 and simulator 314 are by personalized.

Similarly, shown in Fig. 3 B, electronic purse customer wishes to start individuation process, to pass through wireless mode (for example by the Mobile business path among Fig. 2) individual electronic wallet applet program.Different with Fig. 3 A, Fig. 3 B allows described individuation process to be activated by manual or automated manner.For example, a device is housed on the portable phone,, then activates described individuation process if this device is pressed.In another kind of scheme, the condition prompting of " not personalized " can be submitted to the user to start described individuation process.As previously mentioned, MIDlet program 322 in the portable equipment (i.e. service managerZ-HU) is served as the agency to assist communicating by letter between paying server 324 and stored value card applet program 312 and the simulator 314, and wherein paying server 324 has the authority of visiting existing new stored value card security identity module 306 and existing security identity module 308.Through described individuation process, stored value card applet program 312 and simulator 314 are by personalized.

Go back to the C referring to Fig. 3 now, after the individuation process shown in Fig. 3 A was activated, contactless reader 310 was activated and reading tag identifier (ID) (being RFID label ID) and critical data in the smart card in the slave unit in step 354.By application safety territory (for example card issuing merchant's default security settings), the escape way of stored value card applet program (for example stored value card applet program 312 among Fig. 3 A) in new stored value card security identity module that in step 356, connects (for example security identity module 306 among Fig. 3 A) and the portable equipment.

Each application safety territory of global platform all comprises three (3) individual DES keys.For example:

Key 1:255/1/DES-ECB/404142434445464748494a4b4c4d4e4f

Key 2:255/2/DES-ECB/404142434445464748494a4b4c4d4e4f

Key 3:255/3/DES-ECB/404142434445464748494a4b4c4d4e4f

Security domain is utilized for two secured sessions between the entity and generates session key, described two entities can be card management device applet program and primary application program (host application), wherein said primary application program may be the personalized application program in the tabletop machine, also may be the personalized service of the networking that provided by back-end server.

The application domain of acquiescence can be installed by the card issuing merchant, and distributes to different application/service providers.Each application program owner can be before individuation process the initial period of described process (or) changes the numerical value of set of cipher key separately.Application program can use described new key group to create the escape way that is used to carry out individuation process afterwards.

By the described escape way of being set up by the application safety territory of application provider, first group of data can and deposit stored value card applet program in by personalization.Second group of data can be carried out personalization by same passage equally.But if described data are kept in the different security identity module, then one is used the new escape way of same key group (or different set of cipher key) can be used to personalized described second group of data.

In step 358, generate one group of e-wallet implementation key and Personal Identification Number by new stored value card security identity module 306, being used for the exchanges data between new stored value card security identity module and the stored value card applet program, and substantially personalized described stored value card applet program.

In step 360, be established between the stored value card applet program (for example stored value card applet program 312 among Fig. 3 A) of second escape way in existing security identity module (for example security identity module 308 among Fig. 3 A) and portable equipment.Use described existing security identity module and label ID to generate one group of key after the conversion in the step 362.Key after the described conversion is kept in the described simulator with the authentication of the data access after being used for.Use described existing security identity module and label ID to generate one group of MF password in the step 358, and deposit described password in stored value card applet program with the authentication of the data access after being used for.After aforesaid operations was all finished, described stored value card comprised described stored value card applet program and corresponding simulating device, will be set to " personalized " state.

Based on a specific embodiment of the present invention, Fig. 4 A and Fig. 4 B have showed the flow process or the procedure chart 400 of raising funds or registering capital to for stored value card together.Process 400 is implemented by the Mobile business path among Fig. 2.For understanding process 400 better, Fig. 4 C has showed a representative calcspar 450, and relevant square interacts to finish described process 400 among the figure.The different situations of practical application according to the present invention, described process 400 may be passed through software, hardware or way of hardware and software combination and realize.

Suppose that the user has obtained a portable equipment that stored value card is installed (for example portable phone).Described user wishes to inject fund to described stored value card from the account of bank.In step 402, described user imports one group of Personal Identification Number (PIN).Suppose that described Personal Identification Number is effective, the wallet administration device in the portable equipment is activated, and initiates to ask (to be also referred to as aerial (OTA, Over-the-Air) charging request) in step 404.MIDlet program in step 406 in the portable equipment sends request to stored value card applet program, has described the process of communicating by letter between the wallet administration device MIDlet program 434 and stored value card applet program 436 in the described step 406 among Fig. 4 C.

In step 408, stored value card applet program generates the answer that is used to respond described MIDlet PROGRAMMED REQUESTS.After receiving described answer, described MIDlet program is sent to payment network and server with described answer by cellular communications networks.Shown in Fig. 4 C, wallet administration device MIDlet program 434 is communicated by letter to obtain answer with stored value card applet program 436, and described answer is sent to payment network and server 440 immediately.In step 410, process 400 need be examined the validity of described answer.If described answer can't be verified, process 400 will stop.If described answer is verified to effectively, then process 400 enters step 412 and checks corresponding account in the bank.If described account exists really, the value transfer request will be activated.In step 414, described bank can return answer to respond described request after receiving described request.Usually, the message exchange between described payment network and server and the described bank need be observed procotol (for example http protocol of Internet use).

In step 416, the answer that described bank returns is transferred into payment network and server.In step 418, the MIDlet program extracts the APDU order and described order is transmitted to stored value card applet program from described answer.Examine described order in the applet of stored value card described in the step 420 program,, then this order is sent to the simulator in the step 420, upgrade transaction log simultaneously if described order is verified to being authorized to.Generate label (ticket) in the step 422 to be used for formulating the answer (for example answer of APDU form) that sends to described paying server.In step 424, described paying server is received and is replied the back renewal and send success status information to described MIDlet program, preserves described APDU simultaneously and reply so that check later on.

Shown in Fig. 4 C, payment network and server 440 are received the answer that wallet administration device MIDlet program 434 is sent, and examine described answer with security identity module 444 and sent by the stored value card applet program 436 that process is authorized.After described answer was verified, payment network and server 440 sent request to financing bank 442, supposed that user 432 has the account in described bank.Described bank can examine and authorize described request, then according to predetermined message format return authorization number.After bank 442 received described answer, paying server 440 can send a network to MIDlet program 434 and reply with refusal or approval described request.

Wallet administration device 434 is examined the validity (whether being the APDU form for example) that described network is replied, and sends order and upgrades transaction log to simulator 438 then.So far, stored value card applet program 436 has been finished required step and has been returned an answer to MIDlet program 434, and described MIDlet program 434 is transmitted the network requests that embedded (APDU) replys to paying server 440 again.

Although process 400 is described to injection fund in stored value card, it is the same conclusion with process 400 in essence that others skilled in the art in this area can easily draw the process of using stored value card to buy by network, and therefore the described process of buying is no longer in this independent discussion.

According to a specific embodiment of the present invention, showed first exemplary architecture 500 that makes portable equipment 530 on cellular communications networks 520 (for example GPRS network), carry out ecommerce and Mobile business among Fig. 5 A.Described portable equipment 530 is made up of base band 524 and safety element 529 (for example smart card).An example of described portable equipment is a portable equipment (for example portable phone or PDA(Personal Digital Assistant)) of supporting short-range communication (NFC, Near FieldCommunication).Described base band 524 provides an e-platform or environment (miniature edition Java (JME for example, Java MicroEdition), or mobile information apparatus framework (MIDP, Mobile Information Device Profile)), can carry out or move application MIDlet program 523 and server manager 522 thereon.Described safety element 529 includes global platform (GP) card management device 526, and simulator 528 and other assemblies are such as Personal Identification Number manager (not shown).

For supporting described portable equipment 530 to carry out ecommerce and Mobile business, need to install in advance and be provided with one or more service/application thereon.An example of service managerZ-HU 522 (for example MIDlet program that graphic user interface is arranged) need be activated.In a specific embodiment, service managerZ-HU 522 can be downloaded and install.In another specific embodiment, service managerZ-HU 522 can be written in advance.No matter adopt which kind of mode, in case service managerZ-HU 522 is activated, the directory listing that comprises various services will be shown.Described directory listing may comprise the service item relevant with user's CAMEL-Subscription-Information, also may comprise the recommended project that is independent of user signing contract information.Described directory listing can obtain from the catalogue storehouse 502 on the LIST SERVER 512.LIST SERVER 512 may provide ISP's (for example build-in services device, personalization server) of product and/or service to play the effect (as the Yellow Page function) of exchange centre (central hub) to the registrant for various.The Yellow Page function of described LIST SERVER 512 can comprise service planning information (for example service charge, Start Date, Close Date etc.), installation, personalization and/or MIDlet program download place (as the Internet address).Described installation is provided by two different commercial entities with individuation process, may be provided by the publisher of safety element 529 such as described installation process, and described individuation process may be provided by the service provider of the application process key of holding application-specific.

According to a specific embodiment, service managerZ-HU 522 is configured to the one or more servers 514 by cellular communications networks 520 Connection Service providers.Suppose that the user has selected an application from the service catalogue of presenting to him.Between described one or more server 514 and global platform manager 526, will set up an escape way 518, application applet program 527 with the described user's selection of installation/download, and then personalized this application applet program 527 and optional simulator 528, and final down load application MIDlet program 523.Applet routine library 504 and MIDlet routine library 506 provide general application applet program respectively and use the MIDlet program.Global platform security identity module 516 and application security identification module 517 are used to set up escape way 518 to carry out individual operation.

According to another specific embodiment of the present invention, Fig. 5 B has showed makes portable equipment 530 can carry out second exemplary architecture 540 of ecommerce and Mobile business on public network 521.Most of assemblies in described second framework 540 in essence with first framework 500 of Fig. 5 A in assembly similar.Difference is that first framework 500 is based on the operation on the cellular communications networks 520, and second framework 540 then used public network 521 (for example Internet).Described public network 521 may comprise LAN (Local Area Network) (LAN, Local Area Network), a wide area network (WAN, Wide Area Network), WiFi (IEEE802.11) wireless connections, a Wi-Max (IEEE 802.16) wireless connections etc.In order to carry out service operations on described public network 521, an example of service managerZ-HU 532 (promptly with the same or analogous example of service managerZ-HU MIDlet program 522 functions) will be installed on the computing machine 538 that inserts public network 521.Described computing machine 538 can be the described example of desktop personal computer (PC), notebook computer or other energy operation service managers 532, and inserts the computing equipment of public network 521.Connection between described computing machine 538 and the portable equipment 530 is undertaken by a contactless reader 534.Service managerZ-HU 532 has served as agency's role, between the one or more servers 514 and global platform card management device 526 with assistance services provider, and the installation and the individuation process that are undertaken by escape way 519.

Fig. 5 C is a process flow diagram, according to a specific embodiment of the present invention, has described to make portable equipment can carry out the process 550 of ecommerce and Mobile business function.Described process 550 can be passed through software, hardware or way of hardware and software combination and realize according to the difference of specific implementation.In order to understand described process 550 better, will quote some diagram, especially Fig. 5 A and Fig. 5 B early in the following description.

Before process 550 beginning, service managerZ-HU 522 or an example of 532 have been downloaded or have been contained in advance on portable equipment 530 or the computing machine 538.In step 552, service managerZ-HU is activated and the server 514 to the service provider place sends services request.Be identified and portable equipment is verified to after effectively the user, in step 554, described process 550 provides the directory listing of service/application according to signatory (subscription) information of the user of portable equipment 530.For example, described tabulation may comprise mobile sale point application program, electronic wallet application, electronic bill application program and other business-like services.A service/application is chosen from described directory listing then.For example, stored value card or mobile sale point can selectedly be used for disposing portable equipment 530.As the response that the user is selected, described selected service/application is downloaded and installed to process 550 in step 556.For example, stored value card applet application program (promptly using applet program 527) is downloaded from applet routine library 504 and is installed in the safety element 529.The path of described download or installation can be escape way 518 or 519.In step 558, if desired, process 550 is with described application applet program that has been downloaded of personalization and described simulator 528.The application applet program that some are downloaded does not need by personalization, and other then needs personalization.In a specific embodiment, mobile sale point is used applet program (" point of sale security identity module (POS SAM) ") to be needed by personalized, and then following information or data set must provide:

(a) unique security identity module ID based on bottom safety element unique identifier;

(b) one group of debit master key (debit master key);

(c) the message encryption key after conversion;

(d) identification of the message after conversion key;

(e) remarks section of every off-line transaction maximum length that can be allowed to;

(f) the batch transaction key after conversion; And

(g) a global platform Personal Identification Number (GP PIN).

In another specific embodiment, during for single function card individual electronic wallet applet program, not only need particular data (be Personal Identification Number, conversion after key, Start Date, Close Date etc.) is configured in the stored value card, but also will be set to and in open system, to work by simulator.At last, in step 560, process 550 is downloaded and is started the MIDlet program 523 of using according to selection.Some individuation data in the described application applet program can be accessed and be shown, or is provided by the user.Described process 550 all is downloaded, installs and the end of personalized back at all service/application assemblies.

According to a specific embodiment, make the portable equipment 530 can be as follows as the exemplary process that a mobile sale point uses:

(a) insert build-in services devices (being service provider's a station server 514), and ask described server to set up article one escape way (for example escape way 518), to connect a distribution quotient field (being applet routine library 504) and the global platform card management device 526 that runs on the safety element 529;

(b) receive one or more internet message, comprise the several A PDU request of an encapsulation point of sale security identity module applet program Java Cap file of applet routine library 504 (for example from) in the described message;

(c) from the described internet message that receives, extract described APDU request;

(d) send the APDU request that extracts to global platform card management device 526 according to correct order, so that point of sale security identity module (promptly using applet program 527) to be installed on safety element 529;

(e) insert property server (i.e. a service provider's server 514) one by one, connect escape way between personalization server and the newly downloaded applet program (being the point of sale security identity module) (according to server and/or path different, described escape way may be also may not be escape way 518) to open second.

(f) receive one or more internet message to obtain one or more independent " data storage APDU (STORE DATA APDU) ";

(g) extract and send described " data storage APDU (STORE DATA APDU) ", with personalized point of sale security identity module; And

(h) download and startup point of sale manager (promptly using MIDlet program 523).

Fig. 6 A has showed a representational framework 600, and according to a specific embodiment of the present invention, wherein portable equipment 630 is as mobile sale point, to carry out ecommerce and Mobile business.Described portable equipment 630 is made up of base band 624 and safety element 629.Point of sale manager 623 is downloaded and is installed in the described base band 624, and security identity module 628 quilt personalizations in point of sale also are installed in the safety element 629, so that portable equipment 630 can serve as the role of mobile sale point.Real-time like this transaction 639 can be carried out between the device 636 (mobile device of for example single function card or support stored value card) of the portable equipment 630 of supporting mobile sale point and support electronic token.The payment token of electronic money (e-money), electronic business transaction certificate (e-coupon), electronic ticket (e-ticket), electronic vouchers (e-voucher) or any other form of described electronic token in may representative equipment.

Real-time deal 639 carries out (promptly portable equipment not being inserted rear end point of sale (pos) transactions processing server 613) under can be online.But, in specific actual conditions, when for example trading volume has surpassed predetermined thresholding, or the equipment 636 of supporting electronic token need be supplemented with money or during virtual supplementing with money, or (single or in batches) transaction is when uploading, and described portable equipment 630 can insert described rear end point of sale (pos) transactions processing server 613 by cellular network 520.

The off-line transaction record of accumulation need be uploaded to rear end point of sale (pos) transactions processing server 613 and handle.Described upload operation is carried out by the portable equipment 630 that inserts point of sale (pos) transactions processing server 613 by escape way 618.Similar with individuation process to described installation, upload operation can be carried out via two different routes: cellular communications networks 520; Or public network 521.Fig. 6 A has described described article one route.

Described second route is shown in Fig. 6 B, and according to a specific embodiment of the present invention, Fig. 6 B has showed a representational framework 640, and wherein portable equipment 630 is carried out the operation that transaction is uploaded in batches as mobile sale point and on public network 521.Off-line transaction in described mobile sale point record generally is kept in the transaction log in the point of sale security identity module 628 by accumulation.Described transaction log is read and is deposited in the point of sale agency 633 who is installed in the computing machine 638 by contactless reader 634.Described point of sale agency 633 inserts point of sale (pos) transactions processing server 613 by escape way 619 again on public network 521.Each upload operation that comprises one or more transaction record all is labeled as an independent batch upload operation.The data communication that point of sale security identity module 628, contactless reader 634 and point of sale are acted on behalf of between 632 threes is adopted the APDU form and is comprised described transaction record.The internet message of encapsulation APDU (for example HTTP) then is used to the communication between point of sale agency 632 and the point of sale (pos) transactions processing server 613.

In a specific embodiment, the representative batch upload procedure from point of sale manager 623 or point of sale agency 633 comprises:

(a) send request to initiate upload operation in batches to point of sale security identity module 628;

(b) after described point of sale security identity module 628 is agreed described batch upload request, fetch the transaction record of accumulation with the form of APDU order in " a collection of " that from described point of sale security identity module 628, is labeled or " one group ";

(c) create one or more and comprise the internet message that the described APDU that fetches orders;

(d) by escape way 619 described one or more internet message is sent to point of sale (pos) transactions processing server 613;

(e) confirmation of receipt signature information from described point of sale (pos) transactions processing server 613;

(f) described affirmation signature information is transferred to described point of sale security identity module 628 to examine with the form of APDU, delete the transaction record of having been uploaded through confirming then; And

(g) if other transaction records of not uploaded are still arranged in described same " criticizing " or " group ", then repeating step (b) is to step (f).

Fig. 6 C has showed a width of cloth process flow diagram, according to a specific embodiment of the present invention, has described to use the portable equipment 630 that serves as mobile sale point and has used and support the process 650 that the device 636 of electronic token carries out Mobile business as single function card.To understand in order being more convenient for, preferably process 650 to be associated together with before diagram, especially Fig. 6 A and Fig. 6 B and investigate.Described process 650 can realize with the mode of software, hardware or soft or hard combination.

As the holder who supports electronic token device (for example Mifare card or support stored value card and simulate the portable phone of single function card), when wishing by mobile sale point (being portable equipment 630) purchase article or subscribed services, process 650 (for example performed process of the point of sale manager among Fig. 6 A 623) just can be activated.In step 652, portable equipment 630 reads the device of described support electronic token and fetches electronic token (for example label ID of Mifare card).Whether then, process 650 is examined the described electronic token of fetching in step 654 effective.If support among Fig. 6 A that the device 636 of electronic token is single function card (for example Mifare), then the described verification process of being carried out by point of sale manager 623 comprises: (i) read the card sign (ID) of described card, described card sign is kept at not protected or only is subjected on the zone of known cryptographic key protection; (ii) send the APDU request that comprises described card sign to point of sale security identity module 628; (iii) receive one or more by key (key that for example is used for transaction count, publisher's data etc.) after the conversion of point of sale security identity module 628 generations.If the described one or more conversions back key that receives is invalid, the promptly described electronic token of fetching is invalid, and then terminal procedure 650.Else process 650 will be advanced into step 656 along "Yes" branch, and whether will judge in step 656 has enough remaining sums to pay the expense that current exchange needs in the described electronic token of fetching.If the result that step 656 is judged is a "No", process 650 can select to propose that described holder supplements (promptly be written into, inject or raise funds) with money for its electronic token in step 657.If described holder selects " negating " described proposal, then process 650 finishes.Described else if holder carries out charging in real time with the device that means described support electronic token, and then process 650 is carried out in step 658 and supplemented with money or virtually supplement operation with money.Process 650 is returned step 656 afterwards.If enough coin remaining sums are arranged in electronic token, process 650 deducts from the electronic token of supporting electronic token device 636 in step 660 or debit is finished the number that described purchase need be paid.In the situation of described single function card, described one or more conversions back key is used to authorize described deduction operation.In step 662, the one or more off-line transactions records that accumulate in the point of sale security identity module 628 are uploaded to point of sale (pos) transactions processing server 613 and handle at last.Described upload operation can or be concluded the business in batches and carry out by cellular communications networks 520 or 521 pairs of single transaction of PD network.

Process 400 among Fig. 4 A has been described the aforesaid operation of supplementing with money.Virtual supplement with money the operation be described specific type of supplementing operation with money, common sponsored people or donor are used for improving the credit line of electronic token.In order to use the virtual operation of supplementing with money, described sponsor need set up an account, and with described account and the device of supporting electronic token (portable phone of for example single function card, multi-functional card, support electronic token or the like) binding.For example, account on the line that provides by commercial entity (for example enterprise, bank or the like).In case described sponsor has charged into electronic token in the account on described line, support the holder of electronic token device just can when inserting mobile sale point, from described line, receive electronic token the account.Multiple different safety practice will be carried out to guarantee that described virtual to supplement operation with money be safety and reliably.A described virtual representative application scenario of supplementing with money is that father (mother) parent (being the sponsor) can charge into electronic token in the account on a line, account is connected with a children's (being the equipment possessor) portable phone (promptly supporting the device of electronic token) on the described line, therefore as described children during at mobile sale point purchase article, described children just can receive the described electronic token that is charged into.Except various ecommerce described herein and Mobile business function, point of sale manager 623 also is set to multiple query manipulation can be provided, for example, (a) the revenue and expenditure record of the not formation batch of accumulating in the security identity module of inspection point of sale (promptly not uploaded), (b) list and do not form transaction log in batches in the security identity module of point of sale, (c) show the details that is kept at the particular transaction in the security identity module of point of sale, (d) the current remaining sum of the device of electronic token is supported in inspection, (e) list the transaction log of the device of supporting electronic token, and the details that (f) shows the particular transaction of the device of supporting electronic token.

Process flow diagram among Fig. 6 D, according to a specific embodiment of the present invention, the portable equipment 630 and the device 636 that uses and support electronic token as multi-functional card, the representative process 670 of carrying out Mobile business that can serve as mobile sale point have been described to use.To understand in order being more convenient for, preferably process 670 to be connected together with before diagram, especially Fig. 6 A and Fig. 6 B and investigate.Described process 670 can realize with the mode of software, hardware or soft or hard combination.

When the holder who supports electronic token device 636 (for example multi-functional card or support the portable phones of stored value card and simulation multifunctional card) wished to buy article or subscribed services by mobile sale point (being portable equipment 630), process 670 (for example performed process of point of sale manager 623 among Fig. 6 A) just can be activated.In step 672, process 670 sends the initial request of buying to the device 636 of supporting electronic token.Buying expenses and described initial purchase request (for example APDU order) together send.Process 670 proceeds to determination step 674 then.When not having enough remaining sums in the device 636 of supporting electronic token, point of sale manager 623 will be received receiveing the response of the described initial purchase request of refusal.The result is that process 670 finishes owing to described purchase request is rejected.If in the device 636 of support electronic token enough remaining sums are arranged, the result of determination step 674 is a "Yes", and process 670 will proceed to step 676 along "Yes" branch.The answer (for example APDU order) of receiving from device 636 theres of supporting electronic token will be forwarded to point of sale security identity module 628.Information in the described answer comprises the version of electronic token key, and the random number that will be used to set up escape way, described escape way will connect the point of sale security identity module 628 of installing on applet program (for example stored value card applet) and the portable equipment 630 on the device 636 of supporting electronic token.Then, in step 678, process 670 is received by point of sale security identity module 628 and is replied (being the answer in the step 676) in order to respond described forwarding, and the debit request that generates (for example APDU order).Described debit request contains message cognizance code (MAC, Message Authentication Code) so that applet program (being stored value card applet program) is examined the debit that is about to carry out operates, the wherein said debit operation that is about to carry out is carried out in order to respond the debit request that sends in the step 680.Process 670 is advanced to step 682, receives the affirmation message of described debit operation.Comprise in the described acknowledge message by point of sale security identity module 628 and point of sale (pos) transactions processing server 613 and be used for the additional messages cognizance code examining and handle respectively.Next in step 684, described debit acknowledge message is forwarded to point of sale security identity module 628 to examine.In case described message cognizance code is verified to effectively, and purchase-transaction is recorded in the point of sale security identity module 628, and the described transaction that is recorded is shown in step 686, and process 670 finishes then.It should be noted that the aforementioned electronic business transaction can onlinely be undertaken by point of sale (pos) transactions processing server 613 down or on the line.And when Sorry, your ticket has not enough value in the device of supporting electronic token, can carry out according to the process of describing among Fig. 4 A and Fig. 4 B 400 and supplement or register capital to operation with money.

Fig. 7 has showed the representative setting when portable equipment is used to the electronic bill application.Portable equipment 730 is configured to comprise stored value card 724.When the owner of described portable equipment 730 or possessor wished to buy the bill (for example concert tickets, ball match admission ticket etc.) of participating in a specific activities, described owner can use stored value card 724 by electronic ticket service provider 720 bookings.It is predetermined and buy described bill that described electronic ticket service provider 720 can get in touch on traditional box office reservation system 716 or the line ticketing service application program 710.Electronic token (for example electronic money) is by deduction from the stored value card 724 of portable equipment 730 afterwards, with to credit/debit system 714 (for example financial institution, bank) pay bills buying expenses.Security identity module 718 is access in described electronic bill service provider 720, is correctly validated to guarantee the stored value card 724 in the portable equipment 730.After receiving that payment is confirmed, electronic ticket is transferred into portable equipment 730 by aerial connection (for example cellular communications networks), and is stored on the safety element 726 in the mode of electronization, for example in the mode of electronic ticket code, key or password.Afterwards, as the owner of described portable equipment 730, when promptly the holder of described electronic ticket attended described specific activities, described electronic ticket holder only need allow inlet registration reader 734 read electronic ticket code or the key of preserving in the portable equipment 730.In a specific embodiment, described inlet registration reader 734 is a contactless reader (for example observing the very-short-reach coupling device of ISO 14443).Described portable equipment 730 is mobile phones of supporting short-range communication (NFC).

The present invention is more suitable for adopting form of software to realize, but also the form of available hardware or software and hardware combining realizes.The present invention also can be implemented as the code that can be read by computing machine on the computer-readable media.Described computer-readable media is that any can preservation can be by the data storage device of the data of computer system reads.The example of computer-readable media comprises ROM (read-only memory), random access memory, CD CD (CD-ROM), Digital video disc (DVD), tape, optical data storage device, and carrier wave.Described computer-readable media also can be distributed in many computer systems that link to each other by network, describedly like this can will be stored and move in distributed mode by the code that computing machine reads.

The present invention provides sufficient details to describe on the basis of its specific singularity.Those of skill in the art will appreciate that specific embodiments of the invention just are disclosed by the mode of example, can make under the prerequisite of purport that does not depart from the present invention and stated and scope in the change aspect arrangement of parts and the composition in a large number.Therefore, scope of the present invention is defined by appended claim, but not is defined by the description to specific embodiment before.

Claims

1, a kind of portable equipment that makes can be carried out the Mobile business transaction method, and described method comprises:

Receive the bulleted list that the service provider provides for the services request of responding from described portable equipment;

From described bulleted list, download selected one or more projects;

Use the project of user's the personalized described download of input; And

Based on the customized information that described personalized download items forms, download Mobile business transaction manager module.

2, the method for claim 1 is characterized in that, described Mobile business transaction manager module loading is in the base band of described portable equipment, and the project of described download is kept in the safety element.

3, the method for claim 1 is characterized in that, also comprises pre-build-in services manager module, to assist described installation, personalization and down operation.

4, method as claimed in claim 3 is characterized in that, a project in the project of described download is the mobile sale point manager module, and described mobile sale point manager module can assist to use the transaction of electronic token.

5, method as claimed in claim 2 is characterized in that, described safety element is a smart card.

6, method as claimed in claim 5 is characterized in that, a project in the project of described download is ecommerce and Mobile business transaction modules, and described individuation process also comprises:

Be connected with personalization server, to set up escape way at the service provider place;

Send personalized request to described personalization server;

The internet message that comprises the individuation data group from described personalization server reception one or more; And

Transmit described individuation data group to described ecommerce and Mobile business transaction modules.

7, method as claimed in claim 6 is characterized in that, described escape way is based upon on cellular communications networks or the PD network.

8, method as claimed in claim 6, it is characterized in that, described individuation data group comprises the identifying information after the conversion, described identifying information uses the proprietary identifier of described safety element to generate by described personalization server, also can select to use the card identifier of the simulator of described safety element to generate.

9, method as claimed in claim 8 is characterized in that, described individuation data group also comprises various keys and the code based on the particular demands of described Mobile business transaction modules.

10, method as claimed in claim 6 is characterized in that, described individuation data group is by forming with the corresponding to order of Application Protocol Data Unit APDU.

11, method as claimed in claim 8 is characterized in that, also comprises personalized described simulator.

12, the method for claim 1, it is characterized in that, described bulleted list comprises a plurality of server addresss, described server address is used for the download of the download of described one or more projects, described individuation process and described move transaction manager module, also can select to comprise service program information in the described bulleted list.

13, a kind of system that is used to carry out the Mobile business transaction, described system comprises:

Be configured to the portable equipment of mobile sale point, comprise through installing and personalized point of sale manager and point of sale security identity module SAM; And

Can use the device of electronic token, wherein, electronic token is set to be read by the noncontact interface of described portable equipment.

14, system as claimed in claim 13 is characterized in that, also comprises the point of sale (pos) transactions processing server, and described point of sale (pos) transactions processing server inserts described point of sale manager by the escape way on the cellular communications networks.

15, system as claimed in claim 14 is characterized in that, described point of sale manager is the MIDlet program that operates in the base band of described portable equipment;

16, system as claimed in claim 14 is characterized in that, described point of sale security identity module is the applet program on the safety element that operates in the described portable equipment;

17, system as claimed in claim 13 is characterized in that, described portable equipment is the mobile phone that can use short-range communication NFC.

18, system as claimed in claim 13 is characterized in that, described can to use the device of electronic token be single function card or multifunction card.

19, system as claimed in claim 13 is characterized in that, described noncontact interface is the very-short-reach coupling device of abideing by standard.

20, a kind of use portable equipment is carried out the Mobile business transaction method, and described method comprises:

By reading the device that can use electronic token, the holder who carries out the described device of purchase-transaction from hope fetches electronic token there;

The point of sale security identity module that use is installed on the described portable equipment judges whether the described electronic token of fetching is effective; And

If described electronic token is judged as effectively and have enough remaining sums to buy cost with payment, by deducting described electronic token with the described purchase-transaction of record in the security identity module of described point of sale;

Otherwise refuse described purchase-transaction.

21, method as claimed in claim 20 is characterized in that, comprises that also by cellular communications networks or PD network, the point of sale (pos) transactions processing server is uploaded the transaction of accumulating in the security identity module of described point of sale to the back-end.

22, method as claimed in claim 20 is characterized in that, also comprises from the account of financial institution or connection, and the point of sale manager by described portable equipment is the injection fund in the described device that can use electronic token.

23, method as claimed in claim 22 is characterized in that, the account of described connection is set up and the injection fund by sponsor or donor.

24, method as claimed in claim 20 is characterized in that, also comprises when described purchase cost surpasses predefined thresholding, is connected to rear end point of sale (pos) transactions processing server, so that described electronic token is further authenticated.