CN101882233A - Multifunctional chip card - Google Patents
Multifunctional chip card Download PDFInfo
- Publication number
- CN101882233A CN101882233A CN2010101909297A CN201010190929A CN101882233A CN 101882233 A CN101882233 A CN 101882233A CN 2010101909297 A CN2010101909297 A CN 2010101909297A CN 201010190929 A CN201010190929 A CN 201010190929A CN 101882233 A CN101882233 A CN 101882233A
- Authority
- CN
- China
- Prior art keywords
- module
- card
- control module
- chip card
- management module
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Pending
Links
- 238000000034 method Methods 0.000 claims description 25
- 238000012545 processing Methods 0.000 claims description 22
- 238000012986 modification Methods 0.000 claims description 4
- 230000004048 modification Effects 0.000 claims description 4
- 238000012544 monitoring process Methods 0.000 claims description 3
- 238000010295 mobile communication Methods 0.000 abstract description 5
- 230000002093 peripheral effect Effects 0.000 description 32
- 230000008569 process Effects 0.000 description 18
- 238000005516 engineering process Methods 0.000 description 12
- 230000008859 change Effects 0.000 description 7
- 238000004891 communication Methods 0.000 description 4
- 241000030538 Thecla Species 0.000 description 3
- 238000012508 change request Methods 0.000 description 3
- 238000000926 separation method Methods 0.000 description 3
- 238000001514 detection method Methods 0.000 description 2
- 238000012795 verification Methods 0.000 description 2
- XLYOFNOQVPJJNP-UHFFFAOYSA-N water Substances O XLYOFNOQVPJJNP-UHFFFAOYSA-N 0.000 description 2
- 101100059544 Arabidopsis thaliana CDC5 gene Proteins 0.000 description 1
- 101100244969 Arabidopsis thaliana PRL1 gene Proteins 0.000 description 1
- 102100039558 Galectin-3 Human genes 0.000 description 1
- 101100454448 Homo sapiens LGALS3 gene Proteins 0.000 description 1
- 101150115300 MAC1 gene Proteins 0.000 description 1
- 101150051246 MAC2 gene Proteins 0.000 description 1
- 239000000654 additive Substances 0.000 description 1
- 230000000996 additive effect Effects 0.000 description 1
- 230000001186 cumulative effect Effects 0.000 description 1
- 238000013461 design Methods 0.000 description 1
- 238000011161 development Methods 0.000 description 1
- 238000010586 diagram Methods 0.000 description 1
- 230000005611 electricity Effects 0.000 description 1
- 239000000446 fuel Substances 0.000 description 1
- 238000010438 heat treatment Methods 0.000 description 1
- 230000006698 induction Effects 0.000 description 1
- 238000007689 inspection Methods 0.000 description 1
- 230000010354 integration Effects 0.000 description 1
- 238000012423 maintenance Methods 0.000 description 1
- 230000007246 mechanism Effects 0.000 description 1
- 238000005192 partition Methods 0.000 description 1
- 230000008439 repair process Effects 0.000 description 1
- 238000011160 research Methods 0.000 description 1
- 239000004065 semiconductor Substances 0.000 description 1
Images
Landscapes
- Financial Or Insurance-Related Operations Such As Payment And Settlement (AREA)
Abstract
The invention discloses a multifunctional chip card which comprises a non-contact radio frequency interface, a USB interface, an SD card interface, an identity information management module, an electronic wallet management module, a control module, a safety management module and a storage module, and the memory of the chip card has the serial number of a user SIM card, wherein user identity information is placed in the identity information management module; the electronic wallet management module is used for managing the data, such as trades, balances, recharging, consumption and the like of an electronic wallet; and the safety management module is used for carrying out safety management for the information input by the outside. The chip card further comprises a card-based interface. The invention not only solves the problem that the close-distance, middle-distance and far-distance payment of a payment card can coexist on a terminal, but also solves the safety management problem of the payment card, realizes the effective combination of a financial card and a mobile communication network and achieves the purpose of one card for multiple uses.
Description
Technical Field
The invention relates to a chip card, and belongs to the field of semiconductors.
Background
At present, mobile electronic commerce is developed vigorously, mobile payment becomes a new generation payment mode, mobile banking and mobile electronic wallet are developed vigorously at home and abroad, banks, mobile communication companies and many third-party enterprises invest in huge resource research and trial-and-error mobile electronic commerce, mobile payment and mobile multi-application systems on mobile interconnection networks, and government offices supervise mobile communication service industry and financial service industry respectively due to the fact that the mobile communication network and the financial network are relatively independent. Therefore, for applications of mobile payment, mobile banking and the like across financial and communication systems at the same time, the problems of conflict and cooperation in the aspects of safety and application management are difficult to solve by various current mobile phone non-contact technologies. For example, the security of the financial system is different from the security of the communication system, the security of the financial information in the mobile phone is guaranteed, and the management subject of the electronic wallet is also different. For these problems, at present, no matter the NFC technology, the RFSIM technology, the SIMPASS dual-interface card technology, or the patch card technology, they cannot fundamentally solve the above problems, and thus, the development of mobile electronic commerce and mobile electronic payment in our country is severely limited and hindered.
Disclosure of Invention
The technical problem to be solved by the invention is as follows: the multifunctional chip card solves the problem that the payment card can be used for short-distance, medium-distance and long-distance payment at the terminal, solves the safety management problem of the payment card, realizes effective combination of a financial card and a mobile communication network, and achieves the purpose of one card with multiple purposes.
The technical solution of the invention is as follows: the invention provides a multifunctional chip card, which comprises a non-contact radio frequency interface, a USB interface, an SD card interface, an identity information management module, an electronic wallet management module, a control module, a safety management module and a storage module, wherein the serial number of a user SIM card is stored in the chip card; wherein,
the identity information management module: user identity information is arranged in the mobile terminal, and the control module verifies the user identity information under the control of the control module;
the electronic wallet management module: under the control of the control module, data of transaction, balance, recharge, consumption and the like of the electronic wallet are managed, and a processing result is fed back to the control module;
the control module: sending externally input information into a security management module, and controlling an identity information management module, an electronic wallet management module and a storage module to perform corresponding operations or not performing any operation according to a feedback result of the security management module;
the safety management module is used for: the method comprises the steps of carrying out safety monitoring on externally input information, allowing a control module to execute corresponding operation if the information is legal, and forbidding the control module to execute corresponding operation if the information is not legal; carrying out initialization and modification setting on safety information, wherein the safety information mainly refers to key information and authority information of operation;
the storage module: and storing the information under the control of the control module.
Further, the chip card also comprises a card-based interface; the card base is a card-like device mainly composed of a radio frequency antenna and a basic circuit, and the device cannot work alone and can work only by being combined with a chip card.
The frequency of the card after the chip card is combined with the card base is 13.56 MHz.
Still further, the chip card also comprises a digital certificate module which is controlled by the control module and is used for the digital signature of the internet banking payment, and the network comprises a wired network and a wireless network.
Still further, the chip card further comprises a payment limiting module, which is controlled by the control module, and in the passive mode, if the payment amount or the payment times exceeds the range limited by the parameters, the payment limiting module locks the payment function temporarily.
The payment limiting module comprises parameters of single consumption limit, accumulated consumption times limit, single-day consumption limit and single-day consumption times limit.
The serial number of the user SIM card can be stored in the storage module and also can be stored in the identity information management module.
The design concept of the invention is as follows: the bank issues a special chip card with built-in financial information, the bank initializes the chip card, and then a user inserts the chip card into a specific mobile phone (the specific mobile phone is a mobile phone capable of supporting the chip card), so that the user can conveniently realize the functions of on-site payment, remote payment and electronic wallet of the mobile phone. The user can connect the chip card with other charging equipment or card base with standard interface, or connect with charging equipment with antenna through mobile phone radio frequency antenna, to complete functions of payment, electronic commerce, electronic ticket, etc. The chip card can also integrate the identity information of the user for medical treatment, insurance, identity authentication, entrance guard identification and other functions. The chip card can also realize OTA recharging, wireless network application payment, electronic ticket downloading and the like by utilizing the wireless communication function (short message, GPRS and the like) of the mobile phone.
Compared with the prior art, the invention has the following advantages:
(1) the prior art mainly comprises two major types, one is based on the technology of a built-in RFID chip of a mobile phone, and the other is based on the technology of an RFID chip of an SIM card, and the two technologies have the difficulties that the setting and the safety of financial information on the chip and dispute after errors occur can not be solved; because the enterprise to be repaired may be the manufacturer of the mobile phone or the manufacturer of the SIM card, the financial information in the chip belongs to the bank, but the bank has no ability to complete the repair of the mobile phone and the SIM card. After the scheme is adopted, the information safety on the chip card is problematic, and the problems of the SIM and the mobile phone can be well defined, or the information is leaked from other channels by the user. The scheme fundamentally solves the problems, the financial institution is a chip card issuing mechanism and is responsible for the chip card, a mobile phone manufacturer is responsible for the mobile phone, and an SIM card manufacturer is responsible for the SIM card. When a problem occurs, a clear responsible party is responsible, and the financial institution can independently perform various operations such as security management, security control, initialization, information rewriting and the like on the chip card, thereby ensuring the information security of the chip card.
(2) The prior art can not solve the problem of the payment integration of the mobile phone and the computer. The existing mobile phone radio frequency short-distance payment technology cannot support computer payment at the same time. The chip card supports a USB standard interface, can be directly inserted into a computer to be used as a USBKey (USB flash disk electronic certificate), can also directly deduct the cost in an electronic wallet through the USB interface, or can be charged and transacted (downloaded and used) by an electronic ticket.
(3) The prior art does not support the internet of things payment technology. The internet of things is a new technology, no uniform payment technical standard exists at present, the invention provides payment interfaces of various standards for the internet of things, such as a USB interface, an SD card interface and a card-based interface, can provide payment interfaces which accord with financial standards for the internet of things, and can complete charging through the interfaces for future pay televisions, water meters, electric meters, gas meters, heating meters, fuel charging meters, parking meters and the like.
(4) The prior art does not support the chip and antenna separation technique. The existing payment cards are basically that a payment module and a radio frequency antenna are integrated on one card, and the separation of a chip and the antenna is not supported. The chip card of the invention can be inserted into the card base of a novel large card with a radio frequency antenna, and the chip card and the card base are combined together to form a non-contact radio frequency card with payment capability and authentication security capability.
(5) The chip card of the invention has the functions of identity authentication, electronic wallet, electronic ticket and security control, and the existing mobile phone payment technology can not solve the problems of card issuance, multi-application management, key distributed management, electronic wallet maintenance, chip and antenna separation and the like.
(6) The chip card of the invention can also be applied to various charging equipment with standard interfaces, such as water meters, gas meters, electricity meters, oiling machines and the like, and is used as a safety tool for solving internet payment.
Drawings
FIG. 1 is a block diagram of a multi-function chip card according to an embodiment of the present invention.
Detailed Description
Embodiments of the present invention will be described below with reference to the accompanying drawings.
The multifunctional chip card comprises a non-contact radio frequency interface, a USB interface, an SD card interface, an identity information management module, an electronic wallet management module, a control module, a safety management module and a storage module, wherein the chip card stores a serial number of a SIM card of a user, and the serial number of the SIM card can be stored in the storage module or the identity information management module.
The SD card interface is an interface module of the chip card and the mobile phone. The contactless radio frequency interface adopts an international standard ISO14443 protocol. The non-contact radio frequency interface is actually a connecting part of a chip card and a built-in radio frequency antenna of the mobile phone terminal, the connecting part is a baseband chip, and the chip card, the baseband and the radio frequency antenna jointly form the radio frequency card with the RFID capability.
The identity information management module: user identity information is arranged in the mobile terminal, and the control module verifies the user identity information under the control of the control module;
the electronic wallet management module: under the control of the control module, data of transaction, balance, recharge, consumption and the like of the electronic wallet are managed, and a processing result is fed back to the control module;
the control module: a core processing module of the chip card; the method comprises the steps of sending externally input information into a security management module, and controlling an identity information management module, an electronic wallet management module and a storage module to perform corresponding operations or not performing any operation according to a feedback result of the security management module;
the safety management module is used for: the method comprises the steps of carrying out safety monitoring on externally input information, allowing a control module to execute corresponding operation if the information is legal, and forbidding the control module to execute corresponding operation if the information is not legal; performing initialization and modification setting on security information, wherein the security information mainly refers to key information and operation authority information;
the storage module: and storing the information under the control of the control module.
In practice, a chip card may be divided into a plurality of application areas, each of which may store a plurality of application files, such as identity information, an electronic wallet, and a storage area; each application area is independent of each other, and cannot be accessed, and safety access control exists.
The core part of the chip card is actually a micro operating system, the application partition management, the key control, the information storage and the like in the chip are executed by using a control module in the operating system, and the security management module is mainly used for carrying out security management on transaction security, communication security, identity authentication information and the like.
In order to extend the functionality of a chip card, the chip card further comprises a card-based interface. The card base is a card-like device mainly composed of a radio frequency antenna and a basic circuit, the device cannot work alone and can work only by being combined with a chip card, the frequency of the combined card is 13.56MHz, the card can work in a passive state, and the card can be used as a bus card, a bank card, a social security card, a campus card, an enterprise internal employee card and the like.
In order to expand the functions of the chip card, the chip card further comprises a digital certificate module, the digital certificate module is solidified in storage hardware and is controlled by the control module and used for digital signature of internet banking payment, the digital certificate module is added to ensure the safety, and the network comprises a wired network and a wireless network. The chip card has a bank digital certificate, and when a user carries out online bank payment, the digital certificate module ensures the encryption of a user password and a data message, thereby ensuring the data security and the transaction security.
In order to extend the functionality of the chip card, the chip card further comprises a payment restriction module, which is solidified in the storage hardware. The payment limiting module is controlled by the control module, and in the passive mode, if the payment amount or the payment times exceeds the range limited by the parameters, the payment limiting module locks the payment function temporarily. The payment limit module may include single-stroke consumption limit, cumulative consumption times limit, single-day consumption limit, and single-day consumption times limit parameters.
After the chip card is combined with the mobile phone terminal, the chip card conducts transaction in a passive mode under the condition that the mobile phone terminal is powered off, the safety of specific transaction is determined by a payment limiting module of the chip card, parameters such as single consumption limit, accumulated consumption frequency limit, single-day consumption limit and single-day consumption frequency limit exist in the payment limiting module, once the payment amount or the payment frequency reaches any parameter limit, the payment function of the chip card is temporarily locked by the chip card until the mobile phone terminal is restarted and successfully passes the security authentication, and after the security authentication is passed, the mobile phone terminal can reset an amount or frequency counter in the chip card again.
The first embodiment is as follows: the chip card of the invention is used as a payment card
As shown in fig. 1, the process of payment with a chip card is:
(1) the peripheral device sends a payment request APDU (Application Protocol Data Unit) command to a control module (core processing module of the chip card) of the chip card through the interface module. The instruction content is as follows: 805401000F0000000120100412160000AD8FE 92B.
Specifically, if the peripheral device is a mobile phone terminal, the mobile phone terminal sends an instruction to a control module of the chip card through a non-contact interface and an SD card interface; if the peripheral equipment is a card base, the card base sends an instruction to a control module of the chip card through a non-contact interface; and if the peripheral equipment is USB equipment, the USB equipment sends an instruction to the control module of the chip card through the SD card interface or the USB interface.
(2) The control module analyzes the instruction content, judges whether the instruction is standard or not and sends the analyzed instruction to the safety management module. The analysis mode mainly refers to an APDU instruction specified in PBOC2.0 standard formulated by people's banks in China, and the control module analyzes whether the instruction is legal or not and belongs to an instruction set of COS existing in the chip or not.
The chip card is in the process of payment transaction, the specific payment instruction content is pre-checked and analyzed by the control module, and the process mainly comprises the steps of payment initialization and specific payment. These two processes are described in detail below.
a. Payment initialization
After the control module receives the payment initialization instruction, the control module firstly performs pre-check on the APDU instruction to check whether the APDU instruction conforms to the CLA, INS, P1, P2, LC, DATA and LE formats, and the control module directly prompts that the instruction format is wrong for the non-conforming instruction. After the instruction format is checked correctly, the instruction content is analyzed and checked, and whether the key index number provided in the command is supported in the control module is mainly checked. If not, the status word '9403' (unsupported key index) is returned, but no other data is returned. The specific payment initialization instruction is as follows: 805001020B 01000001000000000000000F.
b. Payment
After receiving a specific payment instruction, the control module performs pre-check on the APDU instruction, checks whether the format of the APDU instruction conforms to CLA, INS, P1, P2, LC, DATA and LE formats, if the format is correct, the control module analyzes specific DATA, mainly verifies the DATA in a DATA DATA domain, checks whether the DATA in the DATA domain consists of a terminal transaction serial number of 4 bytes, a transaction date of 4 bytes, transaction time of 3 bytes and MAC1 of 4 bytes, and for the non-conforming instruction, the safety control module directly informs a chip core processing module that the instruction is wrong. The specific payment instruction is as follows: 805401000F0000000120100506161010E193F23A 08.
(3) The safety management module verifies the instruction sent by the control module, judges whether the instruction has the authority of operating the electronic wallet management module and feeds back the judgment result to the control module; if the instruction has the authority to operate the electronic wallet management module, the feedback result is yes, and if the instruction does not have the authority to operate the electronic wallet management module, the feedback result is no.
The safety management module checks whether the command sent by the control module has the authority information for operating the electronic wallet. Whether the method accords with the limit of the electronic wallet module in the aspects of read-only information, addition-only information, update-only information and unreadable information; meanwhile, for large payment, the security management module limits the payment request, and requires a user to provide PIN (Personal Identification Number) authentication, wherein the PIN is a 4-8 digit Number, the card is allowed to be operated only if the input digit passes the authentication, and if the input digit is authenticated for 3 times, the card is locked; after the safety management module verifies that the payment instruction meets the necessary authority limit, the control module can carry out payment operation on the electronic wallet. Otherwise, the safety management module prompts error information of insufficient authority.
(4) And the control module determines whether to send a payment request to the electronic wallet management module according to the feedback result of the safety management module.
(5) If the feedback result is 'yes', the control module sends a payment request to the electronic wallet management module, the electronic wallet management module carries out payment processing according to the instruction sent by the control module, and the processing result is returned to the control module in an instruction stream mode.
(6) And if the feedback result is 'no', the control module does not send a payment request to the electronic wallet management module.
(7) And the control module returns the payment result to the peripheral equipment through the non-contact radio frequency interface, and the payment process is finished.
The contactless rf interface is actually transmitted between the chip and the peripheral device by electromagnetic wave induction.
Example two: recharging the chip card of the invention
As shown in fig. 1, the process of recharging with a chip card is:
(1) the peripheral device sends a recharge request APDU (Application Protocol Data Unit) instruction to a control module (a core processing module of the chip card) of the chip card through the interface module. The instruction content is as follows: 805200000B20100412160000AD8FE92B 04.
Specifically, if the peripheral device is a mobile phone terminal, the mobile phone terminal sends an instruction to a control module of the chip card through a non-contact interface and an SD card interface; if the peripheral equipment is a card base, the card base sends an instruction to a control module of the chip card through a non-contact interface; and if the peripheral equipment is USB equipment, the USB equipment sends an instruction to the control module of the chip card through the SD card interface or the USB interface.
(2) The control module analyzes the instruction content, judges whether the instruction is standard or not and sends the analyzed instruction to the safety management module. The analysis mode mainly refers to an APDU instruction specified in PBOC2.0 standard formulated by people's banks in China, and the control module analyzes whether the instruction is legal or not and belongs to an instruction set of COS existing in the chip or not.
The chip card is in the process of charging transaction, the specific charging instruction content is pre-checked and analyzed by the control module, and the specific charging instruction content mainly comprises the steps of charging initialization and specific charging. These two processes are described in detail below.
a. Recharge initialization
After the control module receives the recharge initialization instruction, the control module firstly pre-checks the APDU instruction to check whether the APDU instruction conforms to the CLA, INS, P1, P2, LC, DATA and LE formats, and directly prompts an instruction format error for the non-conforming instruction. After the instruction format is checked correctly, the instruction content is analyzed and checked, and whether the key index number provided in the command is supported in the control module is mainly checked. If not, the status word '9403' (unsupported key index) is returned, but no other data is returned. The specific payment initialization instruction is as follows: 805000020B 010000001000000000000010.
b. Recharge
After receiving a specific recharging instruction, the control module performs pre-inspection on the APDU instruction, checks whether the format of the APDU instruction conforms to CLA, INS, P1, P2, LC, DATA and LE formats, if the format is correct, the control module analyzes specific DATA, mainly verifies the DATA in a DATA DATA domain, checks whether the DATA in the DATA domain consists of a terminal transaction serial number of 4 bytes, a transaction date of 4 bytes, transaction time of 3 bytes and MAC2 of 4 bytes, and for the non-conforming instruction, the safety control module directly informs a chip core processing module that the instruction is wrong. The specific payment instruction is as follows: 805200000B20100506161010F901E2AC 04.
(3) The safety management module verifies the instruction sent by the control module, judges whether the instruction has the authority of operating the electronic wallet management module and feeds back the judgment result to the control module; if the instruction has the authority to operate the electronic wallet management module, the feedback result is yes, and if the instruction does not have the authority to operate the electronic wallet management module, the feedback result is no.
The safety management module checks whether the command sent by the control module has the authority information for operating the electronic wallet. Whether the method accords with the limit of the electronic wallet module in the aspects of read-only information, addition-only information, update-only information and unreadable information; after the safety management module verifies that the payment instruction meets the necessary authority limit, the control module can charge the electronic wallet. Otherwise, the safety management module prompts error information of insufficient authority.
(4) The control module determines whether to send a recharging request to the electronic wallet management module according to a feedback result of the safety management module;
(5) if the feedback result is 'yes', the control module sends a recharging request to the electronic wallet management module, the electronic wallet management module carries out recharging processing according to the instruction sent by the control module, and returns the processing result to the control module in an instruction stream mode;
(6) if the feedback result is 'no', the control module does not send a recharging request to the electronic wallet management module;
(7) the control module returns the recharging result to the peripheral equipment through the non-contact radio frequency interface, and the recharging process is finished.
Example three: the chip card of the invention is used as an identity card
As shown in fig. 1, the process of acquiring identity information is as follows:
(1) the peripheral device sends a recharge request APDU (Application Protocol Data Unit) instruction to a control module (a core processing module of the chip card) of the chip card through the interface module. The instruction content is as follows: 00B0C 001000000.
Specifically, if the peripheral device is a mobile phone terminal, the mobile phone terminal sends an instruction to a control module of the chip card through a non-contact interface and an SD card interface; if the peripheral equipment is a card base, the card base sends an instruction to a control module of the chip card through a non-contact interface; and if the peripheral equipment is USB equipment, the USB equipment sends an instruction to the control module of the chip card through the SD card interface or the USB interface.
(2) The control module analyzes the instruction content, judges whether the instruction is standard or not and sends the analyzed instruction to the safety management module. The analysis mode mainly refers to an APDU instruction specified in PBOC2.0 standard formulated by people's Bank of China, and the control module analyzes whether the instruction is legal or not and belongs to an instruction set of COS existing in the chip or not;
the chip card is used for carrying out information acquisition, the specific information acquisition instruction content is subjected to pre-detection and analysis by the control module, after the control module receives the information acquisition instruction, the control module firstly carries out pre-detection on an APDU instruction, checks whether the APDU instruction conforms to CLA, INS, P1, P2, LC, DATA and LE formats, and directly prompts that the instruction format is wrong for the non-conforming instruction. After the instruction format is checked correctly, the instruction content is analyzed and checked, and whether the control module supports the file data block control parameters provided in the command is mainly checked. If so, allowing the specified file data block to be accessed, otherwise, returning error prompt information. The specific information acquisition instruction is as follows: 00B0C 001000000.
(3) The safety management module verifies the instruction sent by the control module, judges whether the instruction has the authority of operating the identity information management module, and feeds back the judgment result to the control module; if the instruction has the authority to operate the identity information management module, the feedback result is yes, and if the instruction does not have the authority to operate the identity information management module, the feedback result is no.
The safety management module checks whether the command sent by the control module has the authority information for operating the identity information module, and mainly comprises the protection of the card body from the aspect of limiting the range of the chip card user, such as the acquisition of public information and the like; the method for limiting the reading of the information of the smart card can be divided into four aspects of read-only information, additive-only information, updateable information, unreadable information and the like. And the safety management module judges whether the instruction meets the authority limit, if so, the information acquisition operation in the range of the identity information module is carried out, and otherwise, the safety management module returns error prompt information with insufficient authority.
(4) The control module determines whether to send an information acquisition request to the identity information management module according to a feedback result of the security management module;
(5) if the feedback result is 'yes', the control module sends an information acquisition request to the identity information management module, the identity information management module performs information acquisition processing according to the instruction sent by the control module, and returns the processing result to the control module in an instruction stream mode;
(6) if the feedback result is 'no', the control module does not send an information acquisition request to the identity information management module;
(7) the control module returns the information acquisition result to the peripheral equipment through the non-contact radio frequency interface, and the recharging process is finished.
The identity information changing process comprises the following steps:
(1) the peripheral device sends a recharge request APDU (Application Protocol Data Unit) instruction to a control module (a core processing module of the chip card) of the chip card through the interface module. The instruction content is as follows:
04D6C0010A ID card AD8FE92B00
Specifically, if the peripheral device is a mobile phone terminal, the mobile phone terminal sends an instruction to a control module of the chip card through a non-contact interface and an SD card interface; if the peripheral equipment is a card base, the card base sends an instruction to a control module of the chip card through a non-contact interface; and if the peripheral equipment is USB equipment, the USB equipment sends an instruction to the control module of the chip card through the SD card interface or the USB interface.
(2) The control module analyzes the instruction content, judges whether the instruction is standard or not and sends the analyzed instruction to the safety management module. The analysis mode mainly refers to an APDU instruction specified in PBOC2.0 standard formulated by people's Bank of China, and the control module analyzes whether the instruction is legal or not and belongs to an instruction set of COS existing in the chip or not;
the chip card performs pre-check and analysis on specific information change instruction contents in the information change process by the control module, after the control module receives the information change instruction, the control module firstly performs pre-check on an APDU instruction to check whether the APDU instruction conforms to CLA, INS, P1, P2, LC, DATA and LE formats, and directly prompts an instruction format error for the non-conforming instruction. After the instruction format is checked correctly, the instruction content is analyzed and checked, and whether the control module supports the file data block control parameters provided in the command is mainly checked. If so, allowing the specified file data block to be accessed, otherwise, returning error prompt information. The specific information change instruction is as follows: 04D6C0010a123456789012A0B1C2D 300.
(3) The safety management module verifies the instruction sent by the control module, judges whether the instruction has the authority of operating the identity information management module, and feeds back the judgment result to the control module; if the instruction has the authority to operate the identity information management module, the feedback result is yes, and if the instruction does not have the authority to operate the identity information management module, the feedback result is no.
The safety management module checks whether the instruction sent by the control module has authority information for updating the identity information module, firstly, whether the instruction passes PIN verification is verified, the PIN verification mainly means that a user inputs 4-8 digits, only if the input digits pass authentication, the card is allowed to be operated, and if the input digits are authenticated for 3 times, the card is locked; secondly, whether the card passes the card issuing bank authentication or not is verified, which mainly means that the card can change the identity information module only after passing the 16-32 bit password authentication, namely, after the external authentication; and finally, verifying whether the information meets the four-aspect limitation of meeting read-only information, addition-only information, update-only information, unreadable information and the like in a mode of limiting reading of the information of the smart card. And the safety management module judges whether the instruction meets the authority limit, if so, the change operation of the range of the identity information module is carried out, otherwise, the safety management module returns error prompt information with insufficient authority.
(4) The control module determines whether to send an information change request to the identity information management module according to a feedback result of the security management module;
(5) if the feedback result is 'yes', the control module sends an information change request to the identity information management module, the identity information management module carries out information change processing according to the instruction sent by the control module, and returns the processing result to the control module in an instruction stream mode;
(6) if the feedback result is 'no', the control module does not send an information change request to the identity information management module;
(7) the control module returns the information updating result to the peripheral equipment through the non-contact radio frequency interface, and the recharging process is finished.
Example four: the chip card of the invention is used as a U disk
As shown in FIG. 1, the process of using the chip card as USB flash disk is as follows:
(1) the peripheral equipment (such as USB equipment) sends an information storage application request APDU instruction to a control module (a core processing module of the chip card) of the chip card through a USB interface, and the instruction content is as follows: 00B 00000010000.
(2) The control module analyzes the instruction content, judges whether the instruction is standard or not and sends the analyzed instruction to the safety management module. The analysis mode is mainly to verify whether the USB operation instruction accords with the APDU instruction format or not, and the control module analyzes whether the instruction is legal or not and whether the instruction belongs to the existing instruction set of COS in the chip or not;
after the USB device integrated with the chip card is inserted into a computer and other peripheral devices, a control module in the chip card actively sends an instruction to the control module when being requested by a peripheral USB interface, wherein the content of the instruction is 00B00000010000, and the instruction requests whether the external device can access the storage module or not; after the control module receives the instruction, the control module firstly performs pre-check on the APDU instruction to check whether the APDU instruction conforms to the CLA, INS, P1, P2, LC, DATA and LE formats, and the control module directly prompts that the instruction format is wrong for the non-conforming instruction. After the instruction format is checked correctly, the instruction content is analyzed and checked, and whether the command is supported in the control module or not is mainly checked, and whether the storage management module allows access or not is checked. If so, allowing the access to the specified storage file, and otherwise, returning error prompt information.
(3) The safety management module verifies the instruction sent by the control module, judges whether the instruction has the authority of operating the storage module and feeds back the judgment result to the control module; and if the instruction has the authority of the storage module, the feedback result is yes, and if the instruction does not have the authority of operating the storage module, the feedback result is no.
The safety management module checks whether the instruction sent by the control module has the authority information for operating the storage module. Whether the information accords with the limit of the storage module in the aspects of read-only information, information which can only be added, information which can only be updated and information which can not be read; and the safety management module judges whether the instruction meets the authority limit, if so, the operation in the range of the storage module is carried out, otherwise, the safety management module returns error prompt information with insufficient authority.
(4) The control module returns the feedback result to the peripheral equipment through the USB interface, and the peripheral equipment judges whether the storage area of the chip card can be accessed according to the feedback result;
(5) if the feedback result is 'yes', the control module sends a read-write request to the storage module, and the storage module carries out read-write processing according to the instruction sent by the control module;
(6) if the feedback result is 'no', the control module does not send a read-write request to the storage module;
(7) the control module returns the read-write result to the peripheral equipment through the USB interface, and the access process is finished.
Example five: the chip card of the invention is used as the internet bank authentication
As shown in fig. 1, the process of using the chip card as internet bank certificate is as follows:
(1) the peripheral equipment (such as USB equipment) sends an application request APDU instruction of information data signature to a control module (core processing module of the chip card) of the chip card through a USB interface, and the instruction content is as follows: 00D 00000010000.
(2) The control module analyzes the instruction content, judges whether the instruction is standard or not and sends the analyzed instruction to the safety management module. The analysis mode is mainly to verify whether the USB operation instruction accords with the APDU instruction format or not, and the control module analyzes whether the instruction is legal or not and whether the instruction belongs to the existing instruction set of COS in the chip or not;
after the USB device integrated with the chip card is inserted into peripheral equipment such as a computer, peripheral software in the computer sends an APDU (application protocol DATA Unit) command for requesting information DATA signature to a control module of the chip card through an interface module, the command is preprocessed and analyzed by a core processing module before the control module, the specific command content is 00D00000010000, the command carries out DATA signature on the peripheral DATA content through a specified bank certificate, after the control module receives the command, the APDU command is firstly pre-checked to check whether the formats conform to CLA, INS, P1, P2, LC, DATA and LE, and the command format error is directly prompted by the non-conforming command. After the instruction format is checked correctly, the instruction content is analyzed and checked, and whether the command is supported in the control module or not is mainly checked, and whether the specified bank certificate index exists or not is checked. If the bank certificate exists, the specified bank certificate is allowed to be accessed, otherwise, error prompt information is returned.
(3) The safety management module verifies the instruction sent by the control module, judges whether the instruction can use a specified bank certificate and has an operation authority, and feeds back the judgment result to the control module; and if the instruction has the authority of the storage module, the feedback result is yes, and if the instruction does not have the authority of operating the storage module, the feedback result is no.
The safety management module checks whether the instruction sent by the control module has the authority information for operating the specified bank certificate. Whether the information accords with the limit of the storage module in the aspects of read-only information, information which can only be added, information which can only be updated and information which can not be read; and the safety management module judges whether the instruction meets the authority limit, if so, the operation within the range of the bank certificate is carried out, otherwise, the safety management module returns error prompt information with insufficient authority.
(4) The control module signs the data by using a specified financial certificate according to the feedback result of the safety management module and returns the signed data to the peripheral equipment through the USB interface;
(5) and ending the data signature acquisition process.
Those skilled in the art will appreciate that the details of the invention not described in detail in this specification are well within the skill of those skilled in the art.
The above-described embodiments are intended to illustrate rather than to limit the invention, and any modifications and variations of the present invention are within the spirit of the invention and the scope of the appended claims.
Claims (8)
1. A multi-functional chip card, characterized by: the smart card comprises a non-contact radio frequency interface, a USB interface, an SD card interface, an identity information management module, an electronic wallet management module, a control module, a safety management module and a storage module, wherein the serial number of a user SIM card is stored in the chip card; wherein,
the identity information management module: user identity information is arranged in the mobile terminal, and the control module verifies the user identity information under the control of the control module;
the electronic wallet management module: under the control of the control module, data of transaction, balance, recharge, consumption and the like of the electronic wallet are managed, and a processing result is fed back to the control module;
the control module: sending externally input information into a security management module, and controlling an identity information management module, an electronic wallet management module and a storage module to perform corresponding operations or not performing any operation according to a feedback result of the security management module;
the safety management module is used for: the method comprises the steps of carrying out safety monitoring on externally input information, allowing a control module to execute corresponding operation if the information is legal, and forbidding the control module to execute corresponding operation if the information is not legal; the security information is also subjected to initialization and modification setting;
the storage module: and storing the information under the control of the control module.
2. Multifunctional chip card according to claim 1, characterized in that: the chip card further comprises a card-based interface; the card base is a card-like device mainly composed of a radio frequency antenna and a basic circuit, and the device cannot work alone and can work only by being combined with a chip card.
3. Multifunctional chip card according to claim 2, characterized in that: the frequency of the card after the chip card is combined with the card base is 13.56 MHz.
4. Multifunctional chip card according to claim 1 or 2, characterized in that: the chip card also comprises a digital certificate module which is controlled by the control module and is used for the digital signature of the internet bank payment, and the network comprises a wired network and a wireless network.
5. Multifunctional chip card according to claim 1 or 2, characterized in that: the chip card also comprises a payment limiting module which is controlled by the control module, and in the passive mode, if the payment amount or the payment times exceeds the range limited by the parameters, the payment limiting module locks the payment function temporarily.
6. Multifunctional chip card according to claim 5, characterized in that: the payment limiting module comprises parameters of single consumption limit, accumulated consumption times limit, single-day consumption limit and single-day consumption times limit.
7. Multifunctional chip card according to claim 1 or 2, characterized in that: and the serial number of the user SIM card is stored in the storage module or the identity information management module.
8. Multifunctional chip card according to claim 1 or 2, characterized in that: the security information mainly refers to key information and authority information of operation.
Priority Applications (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN2010101909297A CN101882233A (en) | 2010-06-02 | 2010-06-02 | Multifunctional chip card |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN2010101909297A CN101882233A (en) | 2010-06-02 | 2010-06-02 | Multifunctional chip card |
Publications (1)
| Publication Number | Publication Date |
|---|---|
| CN101882233A true CN101882233A (en) | 2010-11-10 |
Family
ID=43054245
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN2010101909297A Pending CN101882233A (en) | 2010-06-02 | 2010-06-02 | Multifunctional chip card |
Country Status (1)
| Country | Link |
|---|---|
| CN (1) | CN101882233A (en) |
Cited By (14)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN102215053A (en) * | 2011-06-03 | 2011-10-12 | 惠州Tcl移动通信有限公司 | Near field communication terminal with security mechanism |
| CN102542323A (en) * | 2010-11-16 | 2012-07-04 | 北京中电华大电子设计有限责任公司 | Multifunctional visual intelligent card |
| CN102685073A (en) * | 2011-03-11 | 2012-09-19 | 中国移动通信集团公司 | Secure payment method and mobile terminal |
| CN103164738A (en) * | 2013-02-06 | 2013-06-19 | 厦门盛华电子科技有限公司 | Mobile phone user identification card based on mobile payment multichannel digital certificate |
| WO2013097467A1 (en) * | 2011-12-26 | 2013-07-04 | 东信和平科技股份有限公司 | Smart card and security implementation method for application terminal accessing smart card |
| CN103400266A (en) * | 2013-07-22 | 2013-11-20 | 孙伟 | Dual-interface card module combination equipment and card service implementation system and method |
| CN103530672A (en) * | 2013-10-21 | 2014-01-22 | 镇江三鑫科技信息有限公司 | School one-card |
| CN104123646A (en) * | 2014-07-21 | 2014-10-29 | 深圳前海君浩银通科技发展有限公司 | Composite type mobile uKey and electronic wallet payment system |
| CN104242990A (en) * | 2013-06-24 | 2014-12-24 | 上海海尔集成电路有限公司 | Power line carrier communication chip |
| CN104700269A (en) * | 2015-03-31 | 2015-06-10 | 小米科技有限责任公司 | Mobile payment method and device |
| WO2015101166A1 (en) * | 2013-12-30 | 2015-07-09 | 中国银联股份有限公司 | Method for detecting false card risk and transaction processing system for implementing same |
| WO2015113319A1 (en) * | 2014-01-28 | 2015-08-06 | 上海复旦微电子集团股份有限公司 | Device having storage function |
| CN108027951A (en) * | 2015-09-03 | 2018-05-11 | 武礼伟仁株式会社 | A kind of multifunction card and card settlement terminal and card settling account system |
| CN108846662A (en) * | 2018-05-29 | 2018-11-20 | 数字乾元科技有限公司 | wireless payment method and wearable device |
Citations (2)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| US5748737A (en) * | 1994-11-14 | 1998-05-05 | Daggar; Robert N. | Multimedia electronic wallet with generic card |
| CN101105776A (en) * | 2007-01-10 | 2008-01-16 | 上海瀚银信息技术有限公司 | Standard extension card with embedded CPU IC and method for realizing electronic payment |
-
2010
- 2010-06-02 CN CN2010101909297A patent/CN101882233A/en active Pending
Patent Citations (2)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| US5748737A (en) * | 1994-11-14 | 1998-05-05 | Daggar; Robert N. | Multimedia electronic wallet with generic card |
| CN101105776A (en) * | 2007-01-10 | 2008-01-16 | 上海瀚银信息技术有限公司 | Standard extension card with embedded CPU IC and method for realizing electronic payment |
Cited By (19)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN102542323A (en) * | 2010-11-16 | 2012-07-04 | 北京中电华大电子设计有限责任公司 | Multifunctional visual intelligent card |
| CN102685073B (en) * | 2011-03-11 | 2016-04-27 | 中国移动通信集团公司 | Safe payment method and mobile terminal |
| CN102685073A (en) * | 2011-03-11 | 2012-09-19 | 中国移动通信集团公司 | Secure payment method and mobile terminal |
| CN102215053A (en) * | 2011-06-03 | 2011-10-12 | 惠州Tcl移动通信有限公司 | Near field communication terminal with security mechanism |
| WO2013097467A1 (en) * | 2011-12-26 | 2013-07-04 | 东信和平科技股份有限公司 | Smart card and security implementation method for application terminal accessing smart card |
| CN103164738A (en) * | 2013-02-06 | 2013-06-19 | 厦门盛华电子科技有限公司 | Mobile phone user identification card based on mobile payment multichannel digital certificate |
| CN103164738B (en) * | 2013-02-06 | 2015-09-30 | 厦门盛华电子科技有限公司 | A kind of cellphone subscriber's identification card based on the certification of mobile payment multi-channel digital |
| WO2014121603A1 (en) * | 2013-02-06 | 2014-08-14 | 厦门盛华电子科技有限公司 | Mobile phone subscriber identity card based on multichannel digital authentication of mobile payment |
| CN104242990A (en) * | 2013-06-24 | 2014-12-24 | 上海海尔集成电路有限公司 | Power line carrier communication chip |
| CN104242990B (en) * | 2013-06-24 | 2016-05-18 | 上海东软载波微电子有限公司 | power line carrier communication chip |
| CN103400266A (en) * | 2013-07-22 | 2013-11-20 | 孙伟 | Dual-interface card module combination equipment and card service implementation system and method |
| CN103530672A (en) * | 2013-10-21 | 2014-01-22 | 镇江三鑫科技信息有限公司 | School one-card |
| TWI621082B (en) * | 2013-12-30 | 2018-04-11 | Method for monitoring pseudo card risk and transaction processing system implementing the method | |
| WO2015101166A1 (en) * | 2013-12-30 | 2015-07-09 | 中国银联股份有限公司 | Method for detecting false card risk and transaction processing system for implementing same |
| WO2015113319A1 (en) * | 2014-01-28 | 2015-08-06 | 上海复旦微电子集团股份有限公司 | Device having storage function |
| CN104123646A (en) * | 2014-07-21 | 2014-10-29 | 深圳前海君浩银通科技发展有限公司 | Composite type mobile uKey and electronic wallet payment system |
| CN104700269A (en) * | 2015-03-31 | 2015-06-10 | 小米科技有限责任公司 | Mobile payment method and device |
| CN108027951A (en) * | 2015-09-03 | 2018-05-11 | 武礼伟仁株式会社 | A kind of multifunction card and card settlement terminal and card settling account system |
| CN108846662A (en) * | 2018-05-29 | 2018-11-20 | 数字乾元科技有限公司 | wireless payment method and wearable device |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| CN101882233A (en) | Multifunctional chip card | |
| US8215547B2 (en) | Data communicating apparatus and method for managing memory of data communicating apparatus | |
| EP2204782A1 (en) | Transaction method with e-payment card and e-payment card | |
| ES2526641T3 (en) | Communication procedure, communication device and secure processor | |
| WO2010022129A1 (en) | Secure smart card system | |
| US7516479B2 (en) | Data communicating apparatus and method for managing memory of data communicating apparatus | |
| CN102542697B (en) | Based on the POS terminal of electronic equipment with network access functions | |
| CN101783040B (en) | Smart card swipe machine and information exchange method | |
| CN101872454A (en) | Sales terminal transaction processing method, equipment and mobile terminal transaction processing method | |
| CN101639960A (en) | Electronic payment device for personal use | |
| CN101807424B (en) | Multifunctional U disk and U disk system | |
| CN104123793A (en) | Money withdrawing system based on NFC function, money withdrawing method of money withdrawing system based on NFC function and money withdrawing machine | |
| CN101727683B (en) | Public transport IC card identity identifying and authenticating system | |
| CN103295345A (en) | POS machine system and POS machine server | |
| CN201780624U (en) | Multifunctional chip card | |
| KR20080052540A (en) | System for operating ic card | |
| WO2009017292A1 (en) | Mobile status detection contactless module | |
| CN102315936A (en) | Authentication processing device and relevant movement device thereof | |
| CN202838553U (en) | Electronic payment terminal | |
| CN201607736U (en) | Multi-functional U disc and U disc system | |
| SK500352009A3 (en) | Method and system for entering the PIN code at non-cash payments, carrier PIN code | |
| KR101505040B1 (en) | A smart card and operating system thereof, which includes the Universal Subscriber information | |
| KR101061496B1 (en) | Method for Processing Exchange Money | |
| KR20000051010A (en) | Credit card system adopting contact/contactless authentification and/or prepaid/post-paid payment method | |
| CN202662045U (en) | Electronic transaction card |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| C06 | Publication | ||
| PB01 | Publication | ||
| C10 | Entry into substantive examination | ||
| SE01 | Entry into force of request for substantive examination | ||
| C02 | Deemed withdrawal of patent application after publication (patent law 2001) | ||
| WD01 | Invention patent application deemed withdrawn after publication |
Application publication date: 20101110 |