CN101727704A - Handheld equipment specially used for mobile bank terminal - Google Patents

Handheld equipment specially used for mobile bank terminal Download PDF

Info

Publication number
CN101727704A
CN101727704A CN200810051342A CN200810051342A CN101727704A CN 101727704 A CN101727704 A CN 101727704A CN 200810051342 A CN200810051342 A CN 200810051342A CN 200810051342 A CN200810051342 A CN 200810051342A CN 101727704 A CN101727704 A CN 101727704A
Authority
CN
China
Prior art keywords
mobile phone
dynamic password
account
key
card
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Pending
Application number
CN200810051342A
Other languages
Chinese (zh)
Inventor
李慧
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
Individual
Original Assignee
Individual
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Individual filed Critical Individual
Priority to CN200810051342A priority Critical patent/CN101727704A/en
Publication of CN101727704A publication Critical patent/CN101727704A/en
Pending legal-status Critical Current

Links

Images

Landscapes

  • Mobile Radio Communication Systems (AREA)
  • Telephone Function (AREA)

Abstract

The invention relates to a mobile phone and an application method thereof, wherein the main body of the mobile phone can be provided with a module which can store a plurality of mobile bank fund accounts and a plurality of dynamic password groups at the same time and has the password safety protection function and the POS (point of sale) machine near-field payment function. The mobile bank fund accounts and the dynamic password groups are memorized in read only memories (ROMs) of an integrated circuit (IC) card, wherein the ROMs stimulate the standard shape of a subscriber identity module (SIM) card; different mobile bank fund accounts are respectively memorized in different ROMs of the IC card; and the user selectively uses more mobile bank fund accounts by inserting and changing different ROMs of the IC card. The module which is provided with the ROMs of the IC card establishes the only communication relation through an element and a base band or the SIM card or a coprocessor, wherein the element is used for realizing the simplex communication. The safety of the passwords memorized in the ROMs of the IC card is protected by replying the circulating long-string dynamic password groups. The module carries out near-field communication for the POS machine by the connection of the base band or the SIM card or the coprocessor with a coupling module antenna.

Description

Handheld equipment specially used for mobile bank terminal
Technical field:
The present invention relates to mobile phone, particularly, the integrated application that on mobile phone, realizes a plurality of mobile bankings credit card account that the present invention relates to a kind of novelty and relevant dynamic password safeguard protection and to the module and the method for the near field payment function of POS machine.
Background technology:
Mobile phone is as the most universal intelligent terminal product next to the shin, integrated speech communication in succession, recreation, network service, music audiovisual etc. all multi-functional after, become a super application platform, next step is exactly how to ensure that the safety of mobile banking's capital account and integrated application are to satisfy the application demand in electronic money epoch.Is the NFC functional mobile phone at the representative mobile phone products of integrated financial payment function aspects at present, NFC is the short-distance wireless communication technology standard of a kind of RFID of being similar to of being promoted mainly by Philips, NOKIA and Sony.The NFC functional mobile phone has better solved the function of utilizing mobile phone to realize the near field small amount payment. but powerless for more various and deeper user's request, the terminal user of mobile banking conducts interviews to the account by conventional methods, manage and finish and transfer accounts, operations such as payment, the deficiency of said usual manner and its existence is: 1, the wireless communication of mobile banking adopts high-intensity SSL data encryption protocol and download and install encryption software on the user terminal mobile phone, but all also be not enough to eliminate fully the stolen risk of user terminal password, to such an extent as to all Mobile bankings all have nothing for it but user account be provided with limit very low the same day the highest transaction limits to take precautions against, both brought quite inconvenience, and also made the development of Mobile banking rest on the primary stage all the time to the user; 2, also can better protect the cryptosecurity of terminal password safety to escort product in Internet bank's widespread use is USB Key, but be limited by form and high amount of traffic amount and can't be in mobile communication effectively use, using the more cryptosecurity method of escorting at mobile banking's user terminal at present is dynamic password storehouse pattern, the dynamic password card of China Construction Bank for example, but existing dynamic password storehouse product still has by the security breaches of illegal invasion, also need simultaneously to carry separately rather than be integrated together with mobile phone and bring inconvenience, do not meet the integrated requirement of cell-phone function; 3, the terminal user can carry out the near field small amount payment to read write line with the NFC functional mobile phone, but is limited by the structural security breaches of NFC itself, can't be directly carry out account's wholesale payment near field with mobile phone to the POS machine, causes the account to use huge restriction in the payment; 4, a lot of users hold the credit card of how tame bank simultaneously, many standard size credits card are filled in the wallet, to carry and use cause quite inconvenient.The present invention is by using a kind of new functional module that can store a plurality of different fund numbers of the account and dynamic password respectively on mobile phone, solving these problems in conjunction with replying this new dynamic password mechanism of the dynamically long string password of circulation.
Summary of the invention:
The present invention has adopted novel design and method to solve the problems referred to above; can hold on the low-cost basis of disposing of use, business service merchant in terminal user's low cost, have height valid password safety protection function, have a plurality of credit card account integrated management functions and a mobile phone products simultaneously the near field wholesale settlement function of POS machine.
Concrete technical scheme is as follows:
1, load on a kind of body and can store a plurality of mobile bankings number of the account and dynamic password group simultaneously, and have the cryptosecurity safeguard function and be the implementation method of terminals to the mobile phone of the module of the near field payment function of POS machine with this mobile phone, this mobile phone body comprises microprocessor, program storage, A/D converter, the conventional components of all mobile phones such as key and display, and the coupling module antenna that comprises the new support near-field communication of using, it is characterized in that: comprise that further several load the draw-in groove and the functional unit thereof of the IC-card ROM storer of imitative SIM card standard shape, the draw-in groove of above-mentioned loading IC-card ROM storer and the Power Management Unit of functional unit thereof, IC-card ROM storer in the above-mentioned draw-in groove is carried out the key of reading command, IC-card ROM storer in the above-mentioned draw-in groove and mobile phone baseband (or coprocessor or SIM card) are carried out the control element of simplex, and cell phone rear cover is opened sensing element.And comprise and use the cipher safe protecting method reply the dynamically long string cipher code set of circulation.
2, according to above-mentioned 1,
User mobile banking number of the account and corresponding dynamic password group are stored in the IC-card ROM storer, and each storer only allows to store mobile banking's number of the account and corresponding dynamic password group, and the face shaping of storer is identical with SIM card.
3, according to above-mentioned 1,
Loading the draw-in groove of IC-card ROM storer can arrange more than one in mobile phone body simultaneously; IC-card ROM storer loads and unloads in draw-in groove in the mode of plug.
4, according to above-mentioned 1,
When arranging the draw-in groove of two or more plug IC-cards ROM storer, unique circuit of the functional units share of these draw-in grooves and base band (or coprocessor or SIM card) are set up the simplex relation, promptly in addition, the functional unit of these draw-in grooves and base band (or coprocessor or SIM card) no longer include the contact of communication line.
5, according to above-mentioned 4,
Simplex contact on unique communication line that the draw-in groove of above-mentioned loading IC-card ROM storer and functional unit thereof and mobile phone baseband (or coprocessor or SIM card) are set up is realized by the intermediate circuit control element.It is the simplex control element that sends to after the functional unit of the number of the account of above-mentioned store memory and the draw-in groove that dynamic password is loaded this storer reads on this circuit, transmit by this control element again and give base band (or coprocessor or SIM card), and base band (or coprocessor or SIM card) do not need not to allow above-mentioned store memory information is conducted interviews and reads yet;
6, according to above-mentioned 1,
When arranging that two or more load the draw-in groove and the functional unit thereof of IC-card ROM storer, these functional units do not comprise independently power supply and power management module, these functional units and mobile phone main body power supply are set up a unique supply line, obtain power supply by these functional units of this circuit; In the main body power supply and power management module of mobile phone, the Power Management Unit that comprises an increase to these functional units, this Power Management Unit is carried out power management so that the mode of password input authentication is independent to these functional units, and only the correct password of input just can be powered to these functional units on cell phone keyboard; Promptly after mobile phone power-on entered conventional normal operating conditions, these functional units did not obtain power supply automatically and are and the asynchronous duty that enters.
7, according to above-mentioned 6,
On cell phone keyboard, arrange a power switch key that provides power supply to the draw-in groove and the functional unit thereof of loading IC-card ROM storer; Press above-mentioned power switch key input user on the cell phone keyboard behind the password of setting, the Power Management Unit that this key connects starts the power supply to the above-mentioned functions unit; When vice-minister again pins above-mentioned power switch key, the Power Management Unit that this key connects is closed the power supply to the above-mentioned functions unit, and duty is removed in the above-mentioned functions unit.
8, according to above-mentioned 1,
Each loads the draw-in groove and the functional unit thereof of IC-card ROM storer, all comprise one independently instruction read and send the key that reads of the number of the account of the IC-card ROM memory stores of loading and dynamic password information, reading key is arranged on the cell phone keyboard, read on key and the keyboard not shared interface of other key except that updating key, circuit contact does not take place, and reads key and only sets up circuit with the draw-in groove of corresponding loading IC-card ROM storer and functional unit thereof and get in touch.
9, according to above-mentioned 8,
Two or more load the draw-in groove and the functional unit thereof of IC-card ROM storer, comprise jointly one independently instruction read and browse the number of the account of IC-card ROM memory stores of loading and the updating key of dynamic password information, updating key is arranged on the cell phone keyboard, other key on updating key and the keyboard except that reading key is shared interface not, circuit contact does not take place, and updating key is only set up circuit with the draw-in groove of corresponding loading IC-card ROM storer and functional unit thereof and is got in touch.
10, according to above-mentioned 8,
If click fast and read key, then the draw-in groove of Dui Ying loading IC-card ROM storer and functional unit thereof can read out number of the account and this number of the account is sent to base band (or coprocessor or SIM card) through the simplex circuit, and the latter is judging that mobile phone end is in not-connected status with communicating by letter of mobile banking server end and then automatically this number of the account is presented on the mobile telephone display.
11, according to above-mentioned 8,
If click fast and read key, then the draw-in groove of Dui Ying loading IC-card ROM storer and functional unit thereof can read out number of the account and this number of the account is sent to base band (or coprocessor or SIM card) through the simplex circuit, the latter is after judging that mobile phone end and communicating by letter of mobile banking server end are in connection status and have imported confirmed account's access code in mobile phone end, automatically this number of the account is considered as sending instruction, this number of the account is together sent to mobile banking's server by the antenna for mobile phone that is connected the mobile network with access code.
12, according to above-mentioned 8,
If long pinning read key 2 seconds, the dynamic password that then holds pride of place in the draw-in groove of Dui Ying loading IC-card ROM storer and number of the account that functional unit can read out internal memory thereof and the current ordering also is sent to base band (or coprocessor or SIM card) through the simplex circuit, the latter judge mobile phone end communicate by letter with the individual subscriber account window of mobile banking server end be in connection status after, automatically this number of the account is considered as sending instruction, after this number of the account of filtering, this dynamic password and transfer of financial resources information are together sent to the server of mobile banking by the antenna for mobile phone that is connected the mobile network.
13, according to above-mentioned 8,
If long pinning read key 2 seconds, the dynamic password that then holds pride of place in the draw-in groove of Dui Ying loading IC-card ROM storer and number of the account that functional unit can read out internal memory thereof and the current ordering also is sent to base band (or coprocessor or SIM card) through the simplex circuit, the latter is after judging mobile phone end and communicating by letter of mobile banking server end is not in connection status, automatically this number of the account is considered as sending instruction, keep user account, and together give the POS machine by near field coupling module antenna transmission with dynamic password and transfer of financial resources information.
14, according to above-mentioned 9,
If click fast and read key, connect fast simultaneously and click updating key, then this reads a dynamic password that holds pride of place in the current ordering of the ROM store memory storage that key connects and is climbed over, promptly next time again the vice-minister to pin what read and send when reading key be the dynamic password that the ordering of a renewal holds pride of place.
15, according to above-mentioned 1,
Method only limits to mobile phone and by the mobile network bank server is submitted to cryptosecurity method when transferring accounts, does not comprise the method when mobile phone passes through the near field coupled antenna POS machine is communicated by letter.At first, mobile banking's number of the account and the corresponding dynamically long string cipher code set of circulation of replying are stored in the IC-card ROM storer, and a mobile phone loads several this storeies simultaneously.Should be meant a plurality of generated at random in advance and the seniority passwords of ordering are successively left in user mobile phone end and mobile banking's server end respectively with the relation of correspondence with the dynamically long string dynamic password of circulation group, the bank server end authenticates the legitimacy that the account funds of user mobile phone end is operated in a looping fashion according to the synchronous use relation to this password.
The step 1 mobile phone end at first sends number of the account and number of the account access code to the bank server end, and this access code is learnt by heart by the user, not in company with in the IC-card ROM storer that is stored in the mobile phone.
After the correct access code of sending by mobile phone end is received and verified to step 2 at the bank server end, this cellphone subscriber's personal account window and this mobile phone are set up the authorized communication relation.
If step 3 user will carry out the transfer of financial resources operation, then, submit the dynamic password that holds pride of place in the current ordering of internal memory in the IC-card ROM storer again to when the bank server end is submitted transfer accounts number of the account, the amount of money of transferring accounts to, otherwise invalid.
After step 4 bank server end is received user's dynamic password, if identical then authentication with the dynamic password that holds pride of place in the current ordering of putting on record at server of this user is passed through, can send the affirmation receipt again to the user, confirm that receipt comprises that the information of submitting to before the duplicate customer of transferring accounts requires that also this information is carried out new dynamic password and confirms.
Step 5 is after the user receives the affirmation receipt, can upgrade the dynamic password ordering of storage, the dynamic password that the ordering of before having used at that time holds pride of place does not re-use, the dynamic password that its Next dynamic password holds pride of place as new current ordering also sends to bank server, and server is received the back if pass through with the identical then authentication of dynamic password that the current ordering of this user after the synchronous renewal of putting on record at server holds pride of place.
The step 6 bank server receives that correct affirmation receipt password rear line sends Transaction Success information.
If the user need carry out new transfer of financial resources operation then need to import new dynamic password, said new dynamic password is meant the dynamic password ordering of storage is upgraded, the dynamic password that the ordering of before having used at that time holds pride of place does not re-use the dynamic password that its Next dynamic password holds pride of place as new current ordering.By that analogy.
Each dynamic password is embroidered with the sorting position in its dynamic password group of storing after all in IC-card ROM storer, read when sending the password of storing in the storer at every turn, password does not show on display screen, still the sorting position of password suffix can be shown on display screen, with the prompting user.
16, according to above-mentioned 1,
The junction of the movable bonnet of mobile phone and covering battery of mobile phone is equipped with the sensor that movable bonnet is opened sensing element; The movable bonnet of mobile phone all sensor record of automatic sensed element that at every turn is unlocked, institute's recorded information sensing unit sends to the handset processes device, processor should be responded to record and be presented on the mobile phone screen or by sound signal and constantly point out out, and the user has only by password can eliminate induction record or the sound signal prompting that shows on the screen.
Mobile banking provided by the invention is mobile phone dedicated compared with prior art to have clear superiority:
1, the possibility that all has two-way illegal invasion is gone up in any two-way communication based on digital communication technology in theory, mobile phone of the present invention combines with simplex mode and will be stored mobile banking's fund number of the account and reply the storer of the dynamically long string cipher code set of circulation based on circuit component, only allow this storer that base band (or SIM card or auxilliary processor) is sent password and number of the account, and do not allow the latter to the former visit with read, block fully the hacker from the outside to the invasion of this storer may.
2, the fund card and the corresponding dynamically long string cipher code set of circulation of replying of a plurality of mobile bankings are inserted integrated use on a plurality of draw-in groove modules of a mobile phone with card form, to have realized with the mobile phone being that the credit card of carrier uses with the height of management integrated, also realized that the user is not subjected to mobile phone or phone number binding restriction to the fund card of different bank and freely changes on mobile phone and use simultaneously; Set up physical isolation by the mode that in the mobile phone different numbers of the account is stored in different storing card simultaneously, make the fund card service provider can be business independently deployment and safety management separately.
3, do not need USB Key and so on peripheral hardware safety equipment, do not need manually to import the long string of number of the account dynamic password, greatly improved ease of use.
4, replace simple dynamic cipher password by the method for replying the dynamically long string cipher code set of circulation, blocked the security breaches of common dynamic password pattern fully.
5, under the simplex pattern, number of the account with reply the dynamically long string cipher code set of circulation and only need be stored on the easy IC-card ROM storer, so just can give Base-Band Processing the logical operation in the use of being correlated with, more make full use of mobile phone main body base-band resource; And it is highly important that above-mentioned card can not occupy big physical space space in mobile phone inside; But and user's plug-in card usefulness when on mobile phone, using above-mentioned card, need not to drive; And the card cost is compared very cheap with SD Card, therefore the replying of some when internal memory can directly abandon old card replacement neocaine after circulation dynamic password group uses up, greatly having improved ease of use and cost economy, is a kind of security, convenience, all good perfect solutions of economy.
6, mobile phone possess by the mobile network to bank account remote access and management function in, have near field wholesale payment function concurrently to the POS machine.
7, do not set up the duplex communication relation at dynamic password at reservoir and base band (or SIM card or auxilliary processor), be to the unencrypted dynamic password of latter's one-way transmission by storer, therefore do not need mobile phone that corresponding high-speed high capacity interface module is provided, do not need the handset processes device to provide corresponding than the macrooperation resource, can set up correspondence with plain mode and base band (or SIM card or auxilliary processor), layout is simple with wiring, does not need existing mobile phone is carried out the great transformation of the way; And the big bandwidth resources that do not take the mobile network, can under the prerequisite that does not influence former network system efficient and reliability, be easy to be integrated in service provider's active computer main frame and the various types of network computer system, farthest avoid overlapping development, realize that cost is extremely low existing system.
In a word, as a kind of functional module of the integrated brand-new exploitation of mode with low-cost and high reliability and the financial mobile phone of mobile banking's special use of cryptographic methods, under the situation that has realized the original terminal structure safety of thorough elimination slit, the user can be convenient to use a phone and simultaneously a plurality of capital accounts be carried out long-range use, the POS machine carried out account's wholesale payment near field by the mobile network.
Description of drawings:
Fig. 1, mobile phone body structured flowchart
Fig. 2, cell phone keyboard synoptic diagram
Fig. 3, storer synoptic diagram
The draw-in groove of Fig. 4, loading IC-card ROM storer is arranged synoptic diagram in mobile phone
Fig. 5, functional module B and mobile phone other parts logical relation synoptic diagram
Fig. 6, reply the dynamically long string password of circulation and implement synoptic diagram
Fig. 7, cell phone rear cover are opened the inductive hint synoptic diagram
Embodiment:
Communication terminal such as mobile phone according to the preferred embodiment of describing for the purpose of illustrating the invention and here are suitable for communicating via honeycomb network address such as GSM900/1800MHz network, but also can be suitable for using with demal multi-address (CDMA) network, G3 network or in order to the network based on TCP/IP that covers possible voip network (for example via WLAN, WIMAX etc.).In wireless near field communication is used, comprise being suitable for non-contact radio-frequency identification (RFID).
All conventional components that comprise mobile communication terminal according to the mobile communication terminal of preferred embodiment described herein, such as digital baseband processor, application processor, radio frequency component, the modulus electric hybrid module, RAM, Flash, SD Card, antennal interface, Man Machine Interface, power module or the like.And comprise the new parts of using, as near field coupled antenna module.Because these parts are well-known, do not illustrate them less than systemic in the accompanying drawings so both further described their yet.To recognize that also the present invention can be applied to other mobile communication terminal device except that mobile phone equally.
Referring now to accompanying drawing, and consider the present invention more specifically,
Fig. 1 is as mobile phone body structured flowchart of the present invention, show by diagram, remove the conventional components comprise mobile phone as mobile phone body of the present invention as digital baseband processor a1, conventional simulation/logic module a2, radio frequency component (power amplifier/transceiver/frequency converter etc.) a3, modulus electric hybrid module a4, application processor c1, LCD/ backlight driver c2, image engine c3, internal memory (RAM) c4, flash memory (Flash) c5, storage card (SD Card) c6, antennal interface d1, earphone/MIC interface d2, Man Machine Interface (LCD, keyboard, input pen etc.) d3, camera d4, power supply and power management e1, clock assembly e2 etc.On this basis, also comprise the applied newly-increased functional module B of embodiment the present invention, the Power Management Unit e3 that cell phone rear cover is opened sensing unit d5, module B as mobile phone of the present invention.
Fig. 2 embodies the applied cell phone keyboard of the present invention as mobile phone of the present invention, comprise conventional district 1 and newly-increased district 2, the part that wherein conventional district 1 is the conventional key of mobile phone, the various conventional utility keies such as numerical key 13 that are furnished with telephone receiving key 11, hang-up key 12 above and include 0~9, the applied newly-increased key on conventional keyboard basis of the present invention is embodied in newly-increased district 2, is furnished with the applied power switch key 21 of what's new module B, updating key 22 above, reads key 1, reads key 2 24; Conventional district key 1 is arranged on the mobile phone body keyboard jointly with newly-increased district 2 keys, layout but this layout only is to use for the convenience of the user on outward appearance is used, the power control key in newly-increased district 2 and conventional 1 the shared interface of other key of distinguishing, but the updating key 22 in newly-increased district 2, other key shared interface not that reads key 23,24 and cell phone keyboard do not have circuit to get in touch yet.
Fig. 3 is the IC-card ROM storer outside drawing that stores the dynamic password group of mobile banking's number of the account and correspondence, and each storer only allows to store mobile banking's number of the account and corresponding dynamic password group, and the face shaping of storer is identical with SIM card.Occupation space was very little when storer was arranged in mobile phone like this, and the cost of IC-card ROM storer is very low, is convenient to very much extensive popularization and application.
Fig. 4 is that the draw-in groove that loads IC-card ROM storer is arranged synoptic diagram in mobile phone, h is that shown mobile phone IC-card draw-in groove is arranged outward appearance after opening cell phone rear cover and taking out battery, and wherein h1 is a draw-in groove of assigning number card of the SIM card of mobile service provider distribution or other form; H2, h3, h4 compare the draw-in groove that is used for assigning the IC-card ROM storer of storing mobile banking's number of the account and dynamic password group that conventional mobile phone increases newly, both can arrange h2 or h3 or h4 separately, also h2 and h3, h4 can be arranged simultaneously, the draw-in groove that more has said function can also be arranged by that analogy.H2, h3, h4 are identical with face shaping and the pluggable mode of h1, are arranged in parallel at the mobile phone rear portion jointly, promptly open the IC-card ROM storer that place that cell phone rear cover can see is loaded to make things convenient for the user to load and unload.
Fig. 5 is the logical organization synoptic diagram of applied functional module B of mobile phone of the present invention and mobile phone other parts,
Use other relevant parts with module B in the mobile phone and be made as modules A, power supply and power management A1 comprising the conventional components part, module B is carried out power supply management unit A11, the routine district key A2 of keyboard, the power switch key A21 in the newly-increased district of keyboard, display screen A3, base band (or SIM card or coprocessor) A4, portable antenna modules A 5, near field coupling module antenna A6; B is module B, the draw-in groove and the functional unit B1 thereof that comprise the IC-card ROM storer that loads storage mobile banking's number of the account and dynamic password group, same draw-in groove and the functional unit B2 thereof that loads the IC-card ROM storer of storage mobile banking's number of the account and dynamic password group, the instruction that is arranged in the newly-increased district of keyboard read canned data among the B1 read key B11, be equally the instruction that is arranged in the newly-increased district of keyboard read canned data among the B2 read key B21, and be equally be arranged in canned data among the instruction B1 in the newly-increased district of keyboard and the B2 updating key B3, realize that module B carries out single industry control system element B4 of simplex to modules A, modules A is to unique S1 of supply line of module B, module B is to unique communication line S2 of modules A, the server end C of mobile banking, POS machine end D.
Battery A1 on modules A and the module B shared module A is as power supply, and module B is the power supply that circuit S1 obtains A1 by unique supply line, and module B does not include power supply and power management.
Modules A enters normal operating conditions behind the mobile phone power-on, and module B does not obtain power supply simultaneously, and promptly module B still is in the off working state of not having the electricity supply behind the mobile phone power-on.So, because the function of module B is not in frequent user mode as a rule, use so do not influence the function of module B, can not cause the interference that mobile phone modules A self is used on the contrary owing to the maloperation on keyboard or cause the maloperation of module B function.
When needs use the function of module B, at first need import the electric power starting password, and click the power switch key A21 in newly-increased district at the conventional key A2 of keyboard, password is set up on their own by the Power Management Unit A11 among the mobile module A by the user; Determine that at Power Management Unit A11 the correct back of password is that circuit S1 begins power supply to module B by unique supply line, module B enters duty.After the application that finishes functions of modules B, then press once more and longly pin 2 seconds power-on button A21, then Power Management Unit A11 finishes the power supply to module B, module B power cut-off state.So, just can prevent that user people at one's side from using the module B function of user mobile phone without permission and privately, thus the cryptosecurity of protection user account.
Behind the power connection of module B, module B can be that circuit S2 and modules A are set up simplex and got in touch by unique communication line, and what it sent modules A is unencryption number of the account and dynamic password; B4 is the control element that operation circuit S2 carries out simplex, and B1 or B2 are sent to B4 after the number of the account of internal memory and encrypted message are read, and B4 sends to A4 with password and the account information of receiving; Two-way exchanges data does not take place between the IC-card storer among modules A and the module B.The hacker can't invade by modules A and be snatched password in the IC-card ROM storer of physically-isolated module B like this, and that the unencrypted code data of module B transmission takies the resource of A4 is also considerably less.
Module B comprises the draw-in groove and the functional unit B1 thereof of the IC-card ROM storer that loads storage user's mobile banking's number of the account and dynamic password group, and or can comprise the draw-in groove and the functional unit B2 thereof of the IC-card ROM storer that loads storage user's mobile banking's number of the account and dynamic password group equally, or comprise by that analogy more, thereby make mobile phone integrated a plurality of different mobile banking's numbers of the account and dynamic password group thereof simultaneously.
If click B11 key (or B21 key, down with) fast, then the B1 unit is transferred to A4 with the number of the account of internal memory by circuit S2, and A4 is in not-connected status at judge module A with communicating by letter of the server end C of mobile banking and then automatically this number of the account is presented on the display A3.
If click the B11 key fast, then the B1 unit is transferred to A4 with the number of the account of internal memory by circuit S2, A4 is after judge module A and communicating by letter of the server end C of mobile banking are in connection status and have imported confirmed account's access code in modules A, automatically this number of the account is considered as sending instruction, this number of the account and access code is together sent to the server C of mobile banking by portable antenna A5.So just do not need manually to import number of the account by keyboard A2.
If length was pinned the B11 key 2 seconds, then the B1 unit is transferred to A4 with a dynamic password that holds pride of place in the number of the account of internal memory and the current ordering by circuit S2, A4 judge module A communicate by letter with the user account window of the server end C of mobile banking be in connection status after, automatically this number of the account is considered as sending instruction, behind the filtering user account this dynamic password and transfer of financial resources information is together sent to the server C of mobile banking by portable antenna A5.So just do not need manually to import dynamic password by keyboard A2, therefore this dynamic password can be arranged to the much longer link digitals of six figure place passwords commonly used to improve safety coefficient, and this dynamic password yet need not show on display A3 and can't be peeped.
If length was pinned the B11 key 2 seconds, then the B1 unit is transferred to A4 with a dynamic password that holds pride of place in the number of the account of internal memory and the current ordering by circuit S2, A4 is judge module A communicates by letter the state that do not connect with the user account window of the server end C of mobile banking after, automatically this number of the account is considered as sending instruction, keep user account, and together send to POS machine D by near field coupling module antenna A6 together with this dynamic password and transfer of financial resources information.So also do not need manually to import dynamic password by keyboard A2, therefore this dynamic password can be arranged to the much longer link digitals of six figure place passwords commonly used to improve safety coefficient, and this dynamic password yet need not show on display A3 and can't be peeped.
If click the B11 key fast, connect fast simultaneously and click updating key B3, the dynamic password that then holds pride of place in the current ordering of unit B 1 stored that connected of B11 key is climbed over, and what promptly send when the vice-minister pins the B11 key again in next time is the dynamic password that the ordering of a renewal holds pride of place.
Fig. 6 is promptly the circulate application example synoptic diagram of authentication dynamic password group of the method among the present invention, this method only limits to mobile phone by the communication of mobile network to bank server, does not comprise the near-field communication of mobile phone to the POS machine, wherein, A is made as mobile phone end, and B is made as the bank server end.
At first, mobile banking's number of the account and corresponding dynamic password group are stored in the IC-card ROM storer, and a mobile phone can load several these storeies and use simultaneously simultaneously.The dynamic password group is meant a plurality of generated at random in advance and the seniority passwords of ordering are successively left in user mobile phone end and mobile banking's server end respectively in advance with the relation of correspondence, and the bank server end authenticates the legitimacy that the account funds of user mobile phone end is operated in a looping fashion according to the synchronous use relation to this password.Then,
Step 1 is that mobile phone end A at first sends number of the account and number of the account access code to bank server end B, this access code is learnt by heart by the user, rather than be stored in the user mobile phone, like this, in case user mobile phone is lost, the person of picking up also can't carry out illegal operation with the number of the account and the dynamic password information of this mobile phone EMS memory.
Step 11 is meant after bank server end B receives and verify the correct access code of sending by mobile phone end A, and this cellphone subscriber's personal account window and this mobile phone A are set up the authorized communication relation.
Step 2 is meant if the user will carry out the transfer of financial resources operation, then when bank server end B submits transfer accounts number of the account, the amount of money of transferring accounts to, submits the dynamic password that holds pride of place in the ordering of a current internal memory of mobile phone A again to, otherwise invalid.Like this, even if access code is in use grasped by the hacker, the hacker also still can't carry out illegal fund to the account and transfer.This dynamic password can not show on the display screen of mobile phone body, but can be on display screen the remaining dynamic password quantity of display memory, with the prompting user.
After step 22 is meant that bank server end B receives user's dynamic password, if identical then authentication with the dynamic password that holds pride of place in the current ordering of putting on record at server of this user is passed through, can send the affirmation receipt again to user A, confirm that receipt comprises that the information of submitting to before the duplicate customer of transferring accounts requires that also this information is carried out dynamic password and confirms.
Step 3 is after user A receives the affirmation receipt, can upgrade the dynamic password ordering of storage, the dynamic password that the ordering of before having used at that time holds pride of place does not re-use, the dynamic password that its Next dynamic password holds pride of place as new current ordering also sends to bank server B, and server B is received the back if pass through with the identical then authentication of dynamic password that the current ordering of this user after the synchronous renewal of putting on record at server holds pride of place.The security breaches of general like this dynamic cipher password method just are blocked in the dust.The security breaches of said here general dynamic cipher password method are for example: the hacker is after the user mobile phone end is intercepted and captured the appended dynamic password of the transfer of financial resources of user's input, might make losing between user mobile phone and the bank server by hacker's means and write to each other, personation client identity is distorted the transfer of financial resources object during this then, utilizes the dynamic password of grasping to carry out illegal fund then and transfers.And this method increased the bank server end to mobile phone end send receive before this carry out the receipt program that a new dynamic password is confirmed again about this user's transfer of financial resources information and to this information, thereby blocked the cryptosecurity leak that may exist.This dynamic password can not show on the display screen of mobile phone body, but can be on display screen the remaining dynamic password quantity of display memory, with the prompting user.
Step 33 is meant that bank server B receives that correct affirmation receipt password rear line sends Transaction Success information.
If the user need carry out new transfer of financial resources operation then need to import new dynamic password, said new dynamic password is meant the dynamic password ordering of storage is upgraded, the dynamic password that the ordering of before having used at that time holds pride of place does not re-use the dynamic password that its Next dynamic password holds pride of place as new current ordering.By that analogy.
Each dynamic password is embroidered with the sorting position in its dynamic password group of storing after all in IC-card ROM storer, read when sending the password of storing in the storer at every turn, password does not show on mobile phone display screen, but the sorting position of password suffix can be shown on mobile phone display screen, with the prompting user.
Fig. 7 embodies the applied cell phone rear cover of the present invention as mobile phone of the present invention to open the inductive hint synoptic diagram, wherein be that phone housing 1 is connected with the movable bonnet 2 of mobile phone, the inductor 31 of cell phone rear cover unlatching sensing element 3 is set at the junction of phone housing 1 inboard and the movable bonnet 2 of mobile phone, it is each after cell phone rear cover 2 is opened, inductor 31 all can be with the induction record, sensing element 3 sends to handset processes device 4 with induced signal then, processor 4 will respond to that record is presented on the mobile telephone display 5 or by the sound continuous prompting of signal of audio-frequency module 6, the user has only by password can eliminate induction record or the sound prompting that shows on the screen.So, just can prevent effectively that the storage number of the account in the user mobile phone from stealthily being changed by the peripheral people of user with the storer of dynamic password.
Though specifically described the present invention, understand that such details only is used for this illustrative purpose, and those skilled in the art can change therefrom without departing from the present invention for illustrative purpose.

Claims (11)

1. load on the body and can store a plurality of mobile bankings number of the account and dynamic password group simultaneously, and have the cryptosecurity safeguard function and be the implementation method of terminals to the mobile phone of the module of the near field payment function of POS machine with this mobile phone, this mobile phone body comprises microprocessor, program storage, A/D converter, the conventional components of all mobile phones such as key and display, and the coupling module antenna that comprises the new support near-field communication of using simultaneously again, it is characterized in that: comprise that further several load the draw-in groove and the functional unit thereof of the IC-card ROM storer of imitative SIM card standard shape, the draw-in groove of above-mentioned loading IC-card ROM storer and the Power Management Unit of functional unit thereof, IC-card ROM storer in the above-mentioned draw-in groove is carried out the key of reading command, IC-card ROM storer in the above-mentioned draw-in groove and mobile phone baseband (or coprocessor or SIM card) are carried out the control element of simplex, and the movable bonnet of mobile phone is opened sensing element.And comprise and use the cipher safe protecting method reply the dynamically long string cipher code set of circulation.
2. mobile phone according to claim 1 is characterized in that:
User mobile banking number of the account and corresponding dynamic password group are stored in the IC-card ROM storer, each storer only allows to store mobile banking's number of the account and corresponding dynamic password group, loads the draw-in groove of IC-card ROM storer and can arrange more than one in mobile phone body simultaneously; IC-card ROM storer loads and unloads in draw-in groove in the mode of plug.
3. mobile phone according to claim 1 is characterized in that:
When arranging the draw-in groove of two or more plug IC-cards ROM storer, simplex control element on the unique circuit of the functional units share of these draw-in grooves and base band (or coprocessor or SIM card) are set up the simplex relation, it is the simplex control element that sends to after the functional unit of the number of the account of above-mentioned store memory and the draw-in groove that dynamic password is loaded this storer reads on this circuit, transmit by this control element again and give base band (or coprocessor or SIM card), and base band (or coprocessor or SIM card) do not need not to allow above-mentioned store memory information is conducted interviews and reads yet; Promptly in addition, the functional unit of these draw-in grooves and base band (or coprocessor or SIM card) no longer include the contact of communication line.
4. mobile phone according to claim 1 and method is characterized in that:
When arranging that two or more load the draw-in groove and the functional unit thereof of IC-card ROM storer, these functional units do not comprise independently power supply and power management module, these functional units and mobile phone main body power supply are set up a unique supply line, obtain power supply by these functional units of this circuit; In the main body power supply and power management module of mobile phone, the Power Management Unit that comprises an increase to these functional units, comprising on cell phone keyboard, arranging a power switch key, behind the password that the input user sets certainly on the cell phone keyboard, press above-mentioned power switch key, the Power Management Unit that this key connects starts the power supply to the above-mentioned functions unit; When pressing above-mentioned power switch key once more, the Power Management Unit that this key connects is closed power supply is then removed in the power supply of above-mentioned functions unit.
5. mobile phone according to claim 1 is characterized in that:
Each loads the draw-in groove and the functional unit thereof of IC-card ROM storer, all comprise one independently instruction read and send the key that reads of the number of the account of the IC-card ROM memory stores of loading and dynamic password information, reading key is arranged on the cell phone keyboard, read on key and the keyboard not shared interface of other key except that updating key, circuit contact does not take place, and reads key and only sets up circuit with the draw-in groove of corresponding loading IC-card ROM storer and functional unit thereof and get in touch.
6. mobile phone according to claim 5 is characterized in that:
Two or more load the draw-in groove and the functional unit thereof of IC-card ROM storer, comprise jointly one independently instruction read and browse the number of the account of IC-card ROM memory stores of loading and the updating key of dynamic password information, updating key is arranged on the cell phone keyboard, other key on updating key and the keyboard except that reading key is shared interface not, circuit contact does not take place, and updating key is only set up circuit with the draw-in groove of corresponding loading IC-card ROM storer and functional unit thereof and is got in touch.
7. mobile phone according to claim 5, its method is characterised in that:
If click fast and read key, then the draw-in groove of Dui Ying loading IC-card ROM storer and functional unit thereof can read out number of the account and this number of the account is sent to base band (or coprocessor or SIM card) through the simplex circuit, and the latter is if judge that mobile phone end is in not-connected status with communicating by letter of mobile banking server end and then automatically this number of the account is presented on the mobile telephone display; If the latter is after judging that mobile phone end and communicating by letter of mobile banking server end are in connection status and have imported confirmed account's access code in mobile phone end, automatically this number of the account is considered as sending instruction, this number of the account is together sent to mobile banking's server by the antenna for mobile phone that is connected the mobile network with access code.
8. mobile phone according to claim 5, its method is characterised in that:
If long pinning read key 2 seconds, the dynamic password that then holds pride of place in the draw-in groove of Dui Ying loading IC-card ROM storer and number of the account that functional unit can read out internal memory thereof and the current ordering also is sent to base band (or coprocessor or SIM card) through the simplex circuit, the latter if judge mobile phone end communicate by letter with the individual subscriber account window of mobile banking server end be in connection status after, automatically this number of the account is considered as sending instruction, after this number of the account of filtering, this dynamic password is together sent to mobile banking's server by the antenna for mobile phone that is connected the mobile network with transfer of financial resources information; If the latter is after judging mobile phone end and communicating by letter of mobile banking server end not being in connection status, automatically this number of the account is considered as sending instruction, keep user account, and together give the POS machine by near field coupling module antenna transmission with dynamic password and transfer of financial resources information.
9. mobile phone according to claim 6, its method is characterised in that:
If click fast and read key, connect fast simultaneously and click updating key, then this reads a dynamic password that holds pride of place in the current ordering of the ROM store memory storage that key connects and is climbed over, promptly next time again the vice-minister to pin what read and send when reading key be the dynamic password that the ordering of a renewal holds pride of place.
10. method according to claim 1 is characterized in that:
Method only limits to mobile phone and by the mobile network bank server is submitted to cryptosecurity method when transferring accounts, does not comprise the method when mobile phone passes through the near field coupled antenna POS machine is communicated by letter.At first, mobile banking's number of the account and the corresponding dynamically long string cipher code set of circulation of replying are stored in the IC-card ROM storer, and a mobile phone loads several this storeies simultaneously.Should be meant a plurality of generated at random in advance and the seniority passwords of ordering are successively left in user mobile phone end and mobile banking's server end respectively in advance with the relation of correspondence with the dynamically long string dynamic password of circulation group, the bank server end authenticates the legitimacy that the account funds of user mobile phone end is operated in a looping fashion according to the synchronous use relation to this password.
The step 1 mobile phone end at first sends number of the account and number of the account access code to the bank server end, and this access code is learnt by heart by the user, not in company with in the IC-card ROM storer that is stored in the mobile phone.
After the correct access code of sending by mobile phone end is received and verified to step 2 at the bank server end, this cellphone subscriber's personal account window and this mobile phone are set up the authorized communication relation.
If step 3 user will carry out the transfer of financial resources operation, then, submit the dynamic password that holds pride of place in the current ordering of internal memory in the IC-card ROM storer again to when the bank server end is submitted transfer accounts number of the account, the amount of money of transferring accounts to, otherwise invalid.
After step 4 bank server end is received user's dynamic password, if identical then authentication with the dynamic password that holds pride of place in the current ordering of putting on record at server of this user is passed through, can send the affirmation receipt again to the user, confirm that receipt comprises that the information of submitting to before the duplicate customer of transferring accounts requires that also this information is carried out new dynamic password and confirms.
Step 5 is after the user receives the affirmation receipt, can upgrade the dynamic password ordering of storage, the dynamic password that the ordering of before having used at that time holds pride of place does not re-use, the dynamic password that its Next dynamic password holds pride of place as new current ordering also sends to bank server, and server is received the back if pass through with the identical then authentication of dynamic password that the current ordering of this user after the synchronous renewal of putting on record at server holds pride of place.
The step 6 bank server receives that correct affirmation receipt password rear line sends Transaction Success information.
If the user need carry out new transfer of financial resources operation then need to import new dynamic password, said new dynamic password is meant the dynamic password ordering of storage is upgraded, the dynamic password that the ordering of before having used at that time holds pride of place does not re-use the dynamic password that its Next dynamic password holds pride of place as new current ordering.By that analogy.
Each dynamic password is embroidered with the sorting position in its dynamic password group of storing after all in IC-card ROM storer, read when sending the password of storing in the storer at every turn, password does not show on display screen, still the sorting position of password suffix can be shown on display screen, with the prompting user.
11. mobile phone according to claim 1 and method is characterized in that:
The junction of the movable bonnet of mobile phone and covering battery of mobile phone is equipped with the sensor that movable bonnet is opened sensing unit; The movable bonnet of the mobile phone sensor record of sensing unit automatically that at every turn is unlocked all, the sensed handset processes device that sends to of institute's recorded information, processor should be responded to record and be presented on the mobile phone screen or by sound signal and constantly point out out, and the user has only by password can eliminate induction record or the sound signal prompting that shows on the screen.
CN200810051342A 2008-10-27 2008-10-27 Handheld equipment specially used for mobile bank terminal Pending CN101727704A (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
CN200810051342A CN101727704A (en) 2008-10-27 2008-10-27 Handheld equipment specially used for mobile bank terminal

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
CN200810051342A CN101727704A (en) 2008-10-27 2008-10-27 Handheld equipment specially used for mobile bank terminal

Publications (1)

Publication Number Publication Date
CN101727704A true CN101727704A (en) 2010-06-09

Family

ID=42448549

Family Applications (1)

Application Number Title Priority Date Filing Date
CN200810051342A Pending CN101727704A (en) 2008-10-27 2008-10-27 Handheld equipment specially used for mobile bank terminal

Country Status (1)

Country Link
CN (1) CN101727704A (en)

Cited By (8)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN102300211A (en) * 2010-06-22 2011-12-28 国民技术股份有限公司 Mobile terminal having intelligent key function and smart key system and method
CN102348204A (en) * 2010-08-02 2012-02-08 奚伟祖 Mobile phone payment user account protection method using triple passwords
CN103368615A (en) * 2012-03-27 2013-10-23 慧智网股份有限公司 Near field communication connection method
CN104636920A (en) * 2015-02-06 2015-05-20 西安酷派软件科技有限公司 Data interaction method, equipment and system
CN104899741A (en) * 2014-03-05 2015-09-09 中国银联股份有限公司 Online payment method and online payment system based on IC bank card
CN109074571A (en) * 2016-04-29 2018-12-21 华为技术有限公司 Method of commerce and equipment based on near-field communication NFC
WO2019174507A1 (en) * 2018-03-16 2019-09-19 东莞盛世科技电子实业有限公司 Temporary password usage control method and system
CN110520908A (en) * 2017-02-13 2019-11-29 温科尼克斯多夫国际有限公司 Input equipment, ATM and method

Cited By (12)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN102300211A (en) * 2010-06-22 2011-12-28 国民技术股份有限公司 Mobile terminal having intelligent key function and smart key system and method
CN102348204A (en) * 2010-08-02 2012-02-08 奚伟祖 Mobile phone payment user account protection method using triple passwords
CN103368615A (en) * 2012-03-27 2013-10-23 慧智网股份有限公司 Near field communication connection method
CN103368615B (en) * 2012-03-27 2015-06-24 慧智网股份有限公司 near field communication connection method
CN104899741A (en) * 2014-03-05 2015-09-09 中国银联股份有限公司 Online payment method and online payment system based on IC bank card
CN104899741B (en) * 2014-03-05 2018-11-27 中国银联股份有限公司 A kind of on-line payment method and on-line payment system based on IC bank card
CN104636920A (en) * 2015-02-06 2015-05-20 西安酷派软件科技有限公司 Data interaction method, equipment and system
CN109074571A (en) * 2016-04-29 2018-12-21 华为技术有限公司 Method of commerce and equipment based on near-field communication NFC
CN109074571B (en) * 2016-04-29 2022-05-06 华为技术有限公司 Transaction method and device based on Near Field Communication (NFC)
CN110520908A (en) * 2017-02-13 2019-11-29 温科尼克斯多夫国际有限公司 Input equipment, ATM and method
WO2019174507A1 (en) * 2018-03-16 2019-09-19 东莞盛世科技电子实业有限公司 Temporary password usage control method and system
US11657128B2 (en) 2018-03-16 2023-05-23 Smart Electronic Industrial (Dong Guan) Co., Ltd. Temporary password usage control method and system

Similar Documents

Publication Publication Date Title
KR100587882B1 (en) Smart card wallet
CN101394615B (en) Mobile payment terminal and payment method based on PKI technique
CN101727704A (en) Handheld equipment specially used for mobile bank terminal
JP5260500B2 (en) System and method for enabling a telephone-based payment device
CN101199221B (en) Method for administrating peripheral unit with SIM card in wireless communication terminal and peripheral unit implementing the method
CN1214674C (en) Chip card and method for communication between external device and chip card
CN101154281B (en) Method and mobile device for migrating finance data in smart card
CN103886455A (en) Digital wallet device for virtual wallet
CN101771754A (en) Mobile terminal and method for near-field communication thereof
CN102497465A (en) High-secrecy mobile information safety system and safety method for distributed secret keys
CN102521744A (en) Network payment method and apparatus thereof
CN101917216A (en) System and method for realizing safe mobile application by adopting Bluetooth intelligent card
CN1514635A (en) Method of realizing mobile electronic business using finger print intelligence terminal and intelligent hand set
CN101894430B (en) Mobile payment terminal, system and mobile payment method
US7416114B2 (en) Electronic value transfer device equipped with non-contact IC interface
CN101807424B (en) Multifunctional U disk and U disk system
CN102542697A (en) POS (Point of Sale) terminal based on electronic equipment having network access function
CN101009555A (en) An intelligent secret key device and the method for information interaction with the host
CN102547681A (en) Intelligent key device and identity authentication method
CN101359413A (en) Wireless terminal for processing personalization smart card and method
CN201853285U (en) Mobile payment terminal and payment system
CN207869159U (en) Mobile device and subscriber identity module card
CN102487320A (en) Method and system used for automatic teller machine identity authentication
CN201243341Y (en) Mobile phone device supporting TF2.0 card with electronic payment function
CN100483468C (en) Mobile communication terminal mounting bank safety information card and information handling method thereof

Legal Events

Date Code Title Description
C06 Publication
PB01 Publication
C10 Entry into substantive examination
SE01 Entry into force of request for substantive examination
C02 Deemed withdrawal of patent application after publication (patent law 2001)
WD01 Invention patent application deemed withdrawn after publication

Application publication date: 20100609