CN101938357B - Method based on off-line authorization of safety access module, card tool and authentication card - Google Patents
Method based on off-line authorization of safety access module, card tool and authentication card Download PDFInfo
- Publication number
- CN101938357B CN101938357B CN201010258049A CN201010258049A CN101938357B CN 101938357 B CN101938357 B CN 101938357B CN 201010258049 A CN201010258049 A CN 201010258049A CN 201010258049 A CN201010258049 A CN 201010258049A CN 101938357 B CN101938357 B CN 101938357B
- Authority
- CN
- China
- Prior art keywords
- card
- tsam
- authorization
- consumption
- mac2
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Active
Links
Images
Abstract
The invention relates to a method based on the off-line authorization of a TSAM (Terminal Safety Access Module) card, comprising the following steps that: the TSAM card verifies whether an input PIN (Personal Identification Number) is correct or not; if the input PIN is correct, an authorization card verifies consumption MAC2 (Media Access Control) generated after the TSAM card corresponds to the authorization card through consumption MAC1 generated by the TSAM card; the TSAM card verifies authorization MAC1 generated by a user card after the TSAM card corresponds to the authorization card through the consumption MAC2 generated by the authorization card; the TSAM card generates authorization MAC2 after successfully verifying the consumption MAC2 and the authorization MAC1; and the user card inputs the used user card from a deducted request amount of the authorization card after successfully verifying the authorization MAC2. The invention also discloses a card tool based on the off-line authorization of a safety access module and an authentication card of the off-line authorization. The invention can be used for enhancing the safety of an off-line authorization system.
Description
Technical field
The present invention relates to the authorization technique field, more specifically, relate to a kind of method, card facility and authentication card based on the secure access module offline authorization.
Background technology
Support the IC-card of authorizing to obtain extensive use in occasions such as Bus Card, highway electric Fare Collection Systems.These systems realize based on " China's finance integrated circuit (IC) calliper model " (hereinafter to be referred as the PBOC standard) mostly.What relate in the PBOC standard has initialization and a mandate etc.
For the IC-card that the user held is that subscriber card carries out online mandate, in subscriber card, write the mandate volume through on-line system, with the purpose that realizes authorizing.The on-line system of realize authorizing, owing to need get in touch with the card issuer constantly, so its operation cost height and site are provided with the restriction that receives network condition.If do not reach the requirement network condition, then can't authorize for subscriber card.
In off-line system, utilize and supplement secure access module (ISAM) card with money, the mandate volume of appointment is transferred in the subscriber card, with the purpose that realizes authorizing for the subscriber card mandate.Off-line system need not to get in touch with the card issuer, only utilizes to comprise that ISAM is stuck in interior single computer and just can authorizes for subscriber card.The computer of off-line system is meant the computer that is not connected with card issuer's network among the present invention.In specific I C card, set up the ISAM file system and write the initialization that the related application data are called the ISAM card.
Be based on ISAM card initialization schematic flow sheet in the ISAM card offline authorization system referring to Fig. 1, specifically may further comprise the steps:
In an IC-card, set up ISAM Cavan part system, comprise and set up master file (MF zone), catalogue data file, card public information file, end message file, card key file and application file.
Computer imports successively in the card key file and upgrades card master control key, card maintenance key.Introduction method is with reference to the PBOC standard.
The card master control key is the key that the visit control of entire I C card is used, and the manufacturer writes initial key by card, the preceding card master control key that is replaced with the card issuer by the card issuer of actual use.
The card maintenance key is used for the applicating maintenance in card MF zone, under the control of card master control key, loads and renewal.
Under the application file of IC-card, create application area and comprise, create application directory, use public information file, terminal applies transaction data unit and application key file.
In the card key file, import successively and the update functions key.The function key comprises authorization key etc.Authorization key is used for calculating the process key that uses in the licensing process.Licensing process is the process of input subscriber card mandate volume.
Be based on offline authorization schematic flow sheet in the ISAM card offline authorization system referring to Fig. 2
Computer is after subscriber card sends the mandate initialization command, and subscriber card produces random number and authentication of message sign indicating number (MAC1).Subscriber card is the IC-card that the user holds.Random number is the numeral that IC-card produces at random, participates in the calculating of MAC, is used for the authentication computer and the security attack of prevention decryption.Subscriber card has had the mandate sub-key that the card issuer produces after disperseing to this particular user card, process key in initialization procedure.Utilize the mandate sub-key in the subscriber card to calculate MAC1.Authorizing the generation of sub-key, random number and authentication of message sign indicating number is prior art, just repeats no more at this.
The ISAM cartoon is crossed MAC1, verifies the legitimacy that subscriber card is this time authorized.If the MAC11 that utilizes the authorization key in the ISAM card to calculate equals MAC1, then the MAC1 checking is passed through, and the ISAM card will utilize authorization key to produce MAC2 and export computer to.Specifically how producing MAC11 and MAC2 is prior art, and this paper repeats no more.
Computer is behind the MAC2 that receives the output of ISAM card, and then sending to authorize to subscriber card increases order to upgrade mandate volume on the subscriber card.
After subscriber card was received and authorized the increase order, the validity of checking MAC2 promptly utilized the authorization key of subscriber card to produce MAC21, if MAC21 equals MAC2, then MAC2 is effective.If MAC2 is effectively, according to mandate volume in the mandate volume increase subscriber card of computer input.
It more than is the offline authorization system based on the ISAM card of the prior art.This system is not possessing under the online environment, adopts offline mode independently to accomplish the mandate to subscriber card.Be ISAM when being stuck in to the subscriber card offline authorization, only need ISAM card and user's card mutual authentication after, just can mandate volume related in the verification process be transferred in the subscriber card.Make things convenient for the user though operation cost is low, can the site intensively be set, exist serious potential safety hazard.One of which, system only uses factor of ISAM card to the control of business, and authentication success just can be authorized each other between ISAM card and subscriber card; Its two, after to the mandate of ISAM card, the ISAM card can carry out the mandate of any amount and arbitrary number of times for arbitrary subscriber card; Therefore, in case the ISAM card is lost, the loss that causes can not be controlled.
To sum up, there is comparatively serious potential safety hazard in the offline authorization system in the middle of the prior art.
Summary of the invention
The embodiment of the invention proposes a kind of method of the offline authorization based on the account transfer secure access module, the fail safe that can improve the offline authorization system.
The embodiment of the invention also proposes a kind of card facility of offline authorization based on the account transfer secure access module, the fail safe that can improve the offline authorization system.
The embodiment of the invention also proposes a kind of authentication card of offline authorization, the fail safe that can improve the offline authorization system.
The technical scheme of the embodiment of the invention is following:
A kind of method based on secure access module TSAM card offline authorization is applied to be connected with in the computer system of card facility, and this method comprises, when said computer operation in the off-line state of card issuer's network break link the time,
Whether the PIN of the TSAM card checking input in the card facility is correct;
If PIN is correct in input, after the consumption MAC1 that the authorization card in the card facility produces through said TSAM card verifies said TSAM card and said authorization card is corresponding, consumption MAC2 is deducted and produced to amount of the claim from the mandate amount of self; After said TSAM cartoon is crossed consumption MAC2 that said authorization card produces and is verified said TSAM card and said authorization card is corresponding; The mandate MAC1 that the checking subscriber card produces; After said TSAM card checking consumption MAC2 and mandate MAC1 are all successful, the mandate MAC2 and the described request forelock that produce are delivered to said subscriber card; After the MAC2 success is authorized in said subscriber card checking, the described request volume is imported said subscriber card;
If whether input PIN mistake then judges input PIN errors number more than or equal to threshold value, if more than or equal to threshold value, then locked said PIN can not continue to use said TSAM card; Otherwise, import PIN once more;
Said authorization card verifies that through the consumption MAC1 that the TSAM card produces said TSAM card comprises with said authorization card is corresponding; Consumption key calculation by said authorization card obtains consuming MAC11; MAC11 equals to consume MAC1 when consumption, confirms that then said TSAM card is corresponding with said authorization card;
Said TSAM card checking consumption MAC2 all successfully comprises with the mandate MAC1 that subscriber card produces, and obtains consuming MAC21 by the consumption key calculation of said TSAM card, consumes MAC21 and equals to consume MAC2;
And, calculate mandate MAC11 by the authorization key of said TSAM card, when authorizing MAC11 to equal to authorize MAC1, the mandate MAC1 that TSAM card checking consumption MAC2 and subscriber card produce is all successful.
The checking of said subscriber card authorizes MAC2 successfully to comprise, is calculated by the authorization key of said subscriber card and authorizes MAC21, when authorizing MAC21 to equal to authorize MAC2, confirms that the subscriber card checking authorizes the MAC2 success.
In the consumption key importing process of said TSAM card, the publisher is consumed key disperse computing, dispersion factor is the fixed combination of said TSAM card card number and said authorization card card number;
In the consumption key importing process of said authorization card, the publisher is consumed key disperse computing, dispersion factor is the fixed combination of said TSAM card card number and said authorization card card number.
Said TSAM card further comprises PIN Personal Unlocking Key and PIN refitting key, and said PIN Personal Unlocking Key and PIN refitting key all are in unactivated state.
At the said TSAM card of said checking with after said authorization card is corresponding; Further comprise before the said generation consumption MAC2; Said authorization card judges that whether the described request volume is smaller or equal to the current the highest mandate volume in the said authorization card; If, then amount of the claim is deducted from the mandate amount of self, upgrade the highest current mandate volume with the difference of said the highest current mandate volume and described request volume; Otherwise, finish.
A kind of card facility based on secure access module TSAM card offline authorization are equipped with in the said card facility,
Authorization card; Be used for when with the computer operation that is connected of card facility in the off-line state of card issuer's network break link the time; After verifying said TSAM card and said authorization card is corresponding through consumption MAC1, consumption MAC2 is deducted and produced to amount of the claim be sent to said TSAM card from the mandate amount of self from the TSAM card;
The said consumption MAC1 that produces through the TSAM card verifies that said TSAM card comprises with said authorization card is corresponding; Consumption key calculation by said authorization card obtains consuming MAC11; MAC11 equals to consume MAC1 when consumption, confirms that then said TSAM card is corresponding with said authorization card;
The TSAM card, whether correct, if input PIN is correct, then send consumption MAC1 to said authorization card if being used for checking input PIN; After the consumption MAC2 that produces through said authorization card verifies said TSAM card and said authorization card is corresponding; Checking is from the mandate MAC1 of subscriber card, verifies that said consumption MAC2 and said mandate MAC1 all after the success, are sent to subscriber card with the described request volume with the mandate MAC2 that self produces; If input PIN mistake judges that then whether input PIN errors number is more than or equal to threshold value, if more than or equal to the then locked said PIN of threshold value;
Said checking consumption MAC2 all successfully comprises with the mandate MAC1 that subscriber card produces, and obtains consuming MAC21 by the consumption key calculation of said TSAM card, consumes MAC21 and equals to consume MAC2;
And, calculate mandate MAC11 by the authorization key of said TSAM card, when authorizing MAC11 to equal to authorize MAC1, the mandate MAC1 that TSAM card checking consumption MAC2 and subscriber card produce is all successful.
Said card facility further are mounted with subscriber card,
Subscriber card is used for sending mandate MAC1 to said TSAM card, after the MAC2 success is authorized in checking, the described request volume is increased to the mandate amount of self.
Said TSAM card further comprises PIN Personal Unlocking Key and PIN refitting key, and said PIN Personal Unlocking Key and PIN refitting key all are in unactivated state.
A kind of authentication card of offline authorization, said authentication card comprises secure access module card (TSAM) and authorization card, wherein,
Authorization card; Be used for when the computer operation that is connected with the card facility that carry said authorization card and TSAM card with the off-line state of card issuer's network break link the time; After the consumption MAC1 that produces through the TSAM card verifies said TSAM card and said authorization card is corresponding, amount of the claim deducted from the mandate amount of self and produce consume MAC2 and be sent to said TSAM card;
The said consumption MAC1 that produces through the TSAM card verifies that said TSAM card comprises with said authorization card is corresponding; Consumption key calculation by said authorization card obtains consuming MAC11; MAC11 equals to consume MAC1 when consumption, confirms that then said TSAM card is corresponding with said authorization card;
The TSAM card, whether correct, if input PIN is correct, then send consumption MAC1 to said authorization card if being used for checking input PIN; The consumption MAC2 that produces through said authorization card verifies that said TSAM card is corresponding with said authorization card; If input PIN mistake judges that then whether input PIN errors number is more than or equal to threshold value, if more than or equal to the then locked said PIN of threshold value.
Said TSAM card further comprises PIN Personal Unlocking Key and PIN refitting key, and said PIN Personal Unlocking Key and PIN refitting key all are in unactivated state.
Can find out from technique scheme in embodiments of the present invention, whether the TSAM card checking input PIN that at first blocks in the facility is correct; If PIN is correct in input, after the consumption MAC1 that the authorization card in the card facility produces through said TSAM card verifies said TSAM card and said authorization card is corresponding, consumption MAC2 is deducted and produced to amount of the claim from the mandate amount of self; After said TSAM cartoon is crossed consumption MAC2 that said authorization card produces and is verified said TSAM card and said authorization card is corresponding; The mandate MAC1 that the checking subscriber card produces; After said TSAM card checking consumption MAC2 and mandate MAC1 are all successful, the mandate MAC2 and the described request forelock that produce are delivered to said subscriber card; After the MAC2 success is authorized in said subscriber card checking, the described request volume is imported said subscriber card; Promptly after authorization card, TSAM card and the success of subscriber card three card mutual authentications, could amount of the claim be imported in the subscriber card.If do not obtain the mutual authentication of authorization card, TSAM card and subscriber card simultaneously, amount of the claim can not be imported in the subscriber card so, thereby has avoided the loss that is caused of losing of authorization card or TSAM card, improves the fail safe of offline authorization system.If input PIN mistake judges that then whether input PIN errors number is more than or equal to threshold value, if more than or equal to the then locked said PIN of threshold value; Otherwise, import PIN once more.Lose when the TSAM card of device PIN, other people also can't utilize PIN to decipher the TSAM card.
In addition; In the consumption key importing process of TSAM card and authorization card; Utilize same publisher's key to carry out branch and calculate computing; And dispersion factor is the fixed combination of TSAM card number and authorization card card number, and then the consumption key of TSAM card and mandate is identical, and promptly TSAM card and authorization card are to concern one to one.Utilize the TSAM card only can be to authorizing with the unique corresponding authorization card of this TSAM card, arbitrary calcellation in two cards, another then can't continue to use, thus the fail safe that has further improved the offline authorization system.
Description of drawings
Fig. 1 is based on ISAM card initialization schematic flow sheet in the offline authorization system of ISAM card;
Fig. 2 is based on offline authorization schematic flow sheet in the offline authorization system of ISAM card;
Fig. 3 is the initialization schematic flow sheet of the embodiment of the invention based on TSAM card in the offline authorization system of TSAM card;
Fig. 4 is the initialization schematic flow sheet of the embodiment of the invention based on authorization card in the offline authorization system of TSAM card;
Fig. 5 is the online authorization flow sketch map of the authorization card of the embodiment of the invention;
Fig. 6 is the offline authorization schematic flow sheet of the embodiment of the invention based on the TSAM card;
Fig. 7 is the device sketch map that Fig. 6 adopts;
Fig. 8 is the idiographic flow sketch map of step 603;
Fig. 9 is the structural representation of the embodiment of the invention based on the offline authorization system of TSAM card.
Embodiment
For making the object of the invention, technical scheme and advantage express clearlyer, the present invention is remake further detailed explanation below in conjunction with accompanying drawing and specific embodiment.
In the present invention, through authorization card and TSAM card subscriber card is carried out authentication, the amount of the claim that could will from authorization card, deduct behind the authentication success is increased in the subscriber card.Owing to adopt identical parameter to disperse computing to consumption key in authorization card and the TSAM card, so authorization card is to concern one to one with the TSAM card, make two block in arbitrary card lose, card in addition just can not continue use.In addition, even authorization card and TSAM card are lost simultaneously,, can loss be dropped to minimum because the current the highest mandate volume in the authorization card is set to limitedly.Therefore adopt the technical scheme among the present invention, the fail safe that can improve the offline authorization system.
Accompanying drawing 3 is based on the initialization schematic flow sheet of TSAM card in the offline authorization system of TSAM card, specifically may further comprise the steps:
The initialization step 302,303,306 of TSAM card is identical with the initialization step 102,103 and 105 of ISAM card in the accompanying drawing 1 respectively, just repeats no more at this.Step 301 in the accompanying drawing 3,304,305 different with accompanying drawing 1, specific as follows:
Step 301, set up TSAM Cavan part system.
In IC-card, set up TSAM Cavan part system, comprise master file, catalogue data file, card public information file, end message file, card key file and application file.
Step 304, loading are used master control key.
Import and renewal application master control key to card application key file.
Step 305, loading consumption key and authorization key.
Import consumption key and authorization key to card application key file.In the importing process of consumption key, the publisher to be consumed key carry out twice dispersion, dispersion factor is TSAM card number and the fixed combination of authorizing card number.Utilizing dispersion factor to disperse computing is prior art, and this paper repeats no more.
The hair fastener flow process of above TSAM card meets the PBOC standard.
Accompanying drawing 4 is based on the initialization schematic flow sheet of authorization card in the offline authorization system of TSAM card, and the initialization of authorization card is except that setting up authorization card file system difference in step 401, and the initialization step of TSAM card is identical in all the other steps and the accompanying drawing 3.
Disperse owing to authorization card in TSAM card in the step 305 and the step 405 all is to use the TSAM card number with the mandate card number same card issuer to be consumed key, so the consumption key of TSAM card and authorization card is identical.In same hair fastener flow process, can not send two above different authorisation cards to a TSAM card, same, can not send TSAM cards different more than two to an authorization card.This has guaranteed the corresponding one by one of TSAM card and authorization card, and promptly in the TSAM of correspondence card and authorization card, arbitrary card cancels, and an other card all can't continue to use.
In addition, PIN Personal Unlocking Key in authorization card and PIN refitting key all are in unactivated state, thereby can realize " the PIN input error surpasses restriction, just can soft self-destruction " purpose.
The hair fastener flow process of above authorization card meets the PBOC standard.
Accompanying drawing 5 be authorization card through general online authorized transactions, realize the online mandate of authorization card, thereby the schematic flow sheet of the highest mandate volume of card of obtaining the authorization comprises the steps:
Computer is after authorization card is sent the mandate initialization command, and authorization card produces random number and authorizes MAC1.Computer in the accompanying drawing 5 need be got in touch with the card issuer constantly, so that authorization card is carried out online mandate.
Computer is passed to the card issuer with random number and data such as authorizing MAC1.Whether the card issuer will confirm to authorize MAC1 effective.
Confirm to authorize MAC1 the card issuer, then can carry out authorized transactions after, produce to authorize MAC2.The card issuer sends the mandate volume of authorizing MAC2 and increase to computer.
Behind the mandate volume of mandate MAC2 that receives the card issuer and increase, computer sends to authorize to authorization card increases order to upgrade the highest mandate volume of authorization card.
Behind step 505, the authorization card checking card issuer, the mandate volume of the increase that the increase card issuer confirms.
It is effectively that MAC2 is authorized in authorization card checking, then increases the mandate volume of the increase that the card issuer confirms.
According to above-mentioned steps, the highest mandate volume increases in the authorization card card, and the highest mandate volume of authorization card is as the highest mandate volume of following offline authorization simultaneously.Even authorization card is lost, loss also can be controlled.Lose the highest mandate volume in the authorization card at most.
In offline authorization based on the TSAM card, need TSAM card, authorization card and user's card mutual authentication after, the amount of the claim of the subscriber card that could will from authorization card, deduct is transferred in the subscriber card.Accompanying drawing 6 is based on the offline authorization schematic flow sheet of TSAM card, adopts the device in the accompanying drawing 7.In accompanying drawing 7, the computer 701 that is not connected with card issuer's network is connected with code keypad 703 with card facility 702 respectively.In card facility 702, TSAM card 705 and authorization card 706 are arranged.When subscriber card 704 is seated in the top of card facility 702, card facility 702 read the information in the subscriber card 704.Be input in the TSAM card 705 through the PIN password of computer the code keypad input; Judge the correctness of input PIN password by TSAM card 705; Behind authorization card 706, TSAM card 705 and the subscriber card 704 mutual authentication successs, the mandate volume in the authorization card 706 is transferred in the subscriber card 704 then.Comprise the steps:
The TSAM card is verified the PIN code of input.If PIN is correctly then execution in step 603, otherwise, execution in step 604.
Behind step 603, authorization card, TSAM card and the mutual authentication success of subscriber card, will be increased to the subscriber card from the amount of the claim of authorization card deduction.
Or adopt PIN to attempt counter.The wrong input of the maximum number of times that PIN attempts counter at first is set, and when the PIN code mistake of judging input, after then PIN trial counter subtracted 1 automatically, if judge that PIN attempts counter and equals 0, then execution in step 605; Otherwise, return step 601.
Referring to accompanying drawing 8 are idiographic flow sketch mapes of step 603, comprise the steps:
Step 801, TSAM card produce consumption MAC1.
Computer sends the consumption initialization directive to authorization card, obtains random number.Also comprise amount of the claim in the consumption initialization directive.Amount of the claim is through importing like the numeric keypad that links to each other with computer in the accompanying drawing 7.
Computer sends TSAM consumption initialization directive to the TSAM card, no longer carries out scatter operation, directly utilizes the consumption key in the TSAM card to obtain consumption MAC1.Also comprise amount of the claim in the consumption initialization directive.The procurement process of consumption MAC1 is a prior art, and this paper just repeats no more.
Step 802, authorization card produce consumption MAC2.
Computer sends the instruction that comprises consumption MAC1 and amount of the claim to authorization card.Authorization card is verified the legitimacy of TSAM card through the consumption MAC1 that checking TSAM card produces.Utilize the consumption key calculation of authorization card to obtain consuming MAC11, if consumption MCA11 equals to consume MAC1, then authorization card checking consumption key MAC1 success.Authorization card checking consumption key MAC1 success simultaneously, has only when the highest mandate volume of amount of the claim smaller or equal to authorization card the amount of the claim of then from authorization card, deducting input subscriber card.Difference with the highest current mandate volume and amount of the claim is upgraded the highest current mandate volume; When amount of the claim during, then finish greater than the highest mandate volume in the authorization card.
After the authorization card checking consumption key MAC1 success, utilize the consumption key calculation of authorization card to produce consumption MAC2, will consume MAC2H and amount of the claim and be sent to the TSAM card.
Step 803, subscriber card produce authorizes MAC1.
Computer is sent out the mandate initialization directive to subscriber card, and subscriber card utilizes the consumption key of self to produce and authorizes MAC1.To authorize MAC1 to be sent to computer.
Step 803 can be after step 801, and the random time before the step 804 is carried out.
Step 804, TSAM card checking consumption MAC2 and mandate MAC1 produce and authorize MAC2.
Computer sends the instruction that comprises consumption MAC2, authorizes MAC1 and amount of the claim to the TSAM card.In this instruction, TSAM is stuck in the atomic transaction, accomplish following three operations: TSAM card checking consumption earlier MAC2, MAC1 is authorized in checking then.Consume the MAC2 success when verifying, and verify when authorizing MAC1 also successful the authorized MAC2 of stored authorized key calculation of TSAM Cali.Send mandate MAC2 and amount of the claim to subscriber card.Consumption key calculation by the TSAM card obtains consuming MAC21, and consumption MAC21 equals to consume MAC2, TSAM card checking consumption MAC2 success.Authorization key by the TSAM card calculates mandate MAC11, and when authorizing MAC11 to equal to authorize MAC1, the MAC1 success is authorized in the checking of TSAM card.So far, all successes of mandate MAC1 of TSAM card checking consumption MAC2 and subscriber card generation.
Affairs are exactly one or one group of operation.Atomic transaction has atomicity, and is promptly indivisible, and success simultaneously or failure simultaneously can roll back to initial conditions after the failure.In this step, computer sends command request TSAM card and accomplishes three operations.Above-mentioned three operations are success all, is called the completion instruction manipulation; Otherwise the TSAM card returns failure, and returns to the instruction state before of accepting.
MAC2 is authorized in step 805, subscriber card checking.
Computer sends to subscriber card and comprises the instruction of authorizing MAC2 and amount of the claim.Subscriber card utilizes self stored authorized key generation mandate MAC21, if authorize MAC21 to equal to authorize MAC2, then confirms the legitimacy of TSAM.After confirming the legitimacy of TSAM, amount of the claim is imported in the subscriber card.
Among the present invention, three operations that completing steps 804 is described in an atomic transaction are to realize the offline authorization of subscriber card.
In ISAM offline authorization technology, licensing process only needs the authentication of ISAM card just can authorize subscriber card.What the present invention was different with it is to have adopted authorization card and TSAM card double factor authentication, i.e. two card combined authorizations.Lack wherein any one card, all can not successfully authorize subscriber card.
In the offline authorization process of subscriber card, need to use system like Fig. 9, this system comprises:
Authorization card 901; Be used for when with the computer operation that is connected of card facility in the off-line state of card issuer's network break link the time; After verifying said TSAM card and said authorization card is corresponding through consumption MAC1, consumption MAC2 is deducted and produced to amount of the claim be sent to said TSAM card from the mandate amount of self from the TSAM card.
TSAM card 902, whether correct, if input PIN is correct, then send consumption MAC1 to said authorization card if being used for checking input PIN; After the consumption MAC2 that produces through said authorization card verifies said TSAM card and said authorization card is corresponding; Checking is from the mandate MAC1 of subscriber card, verifies that said consumption MAC2 and said mandate MAC1 all after the success, are sent to subscriber card with the described request volume with the mandate MAC2 that self produces; If input PIN mistake judges then whether attempt counter equals zero, if more than or equal to the then locked said PIN of threshold value.The TSAM card comprises PIN Personal Unlocking Key and PIN refitting key, and said PIN Personal Unlocking Key and PIN refitting key all are in unactivated state.
Subscriber card 903 is used for sending mandate MAC1 to said TSAM card, after the MAC2 success is authorized in checking, the described request volume is increased to self authorizes amount.
The detailed process of TSAM card, authorization card and user's card mutual authentication is seen step 801 to step 805.
Also disclose the authentication card in a kind of system of offline authorization in the present invention, the authentication card comprises TSAM card and authorization card.
Authorization card; Be used for when the computer operation that is connected with the card facility that carry said authorization card and TSAM card with the off-line state of card issuer's network break link the time; After the consumption MAC1 that produces through the TSAM card verifies said TSAM card and said authorization card is corresponding, amount of the claim deducted from the mandate amount of self and produce consume MAC2 and be sent to said TSAM card.
The TSAM card, whether correct, if input PIN is correct, then send consumption MAC1 to said authorization card if being used for checking input PIN; The consumption MAC2 that produces through said authorization card verifies that said TSAM card is corresponding with said authorization card; If input PIN mistake judges that then whether input PIN errors number is more than or equal to threshold value, if then shut said PIN more than or equal to threshold value; The TSAM card comprises PIN Personal Unlocking Key and PIN refitting key, and said PIN Personal Unlocking Key and PIN refitting key all are in unactivated state.。
The design of native system has realized the offline authorization of subscriber card again both without prejudice to the criterion of PBOC, has disperseed controlling power of ISAM card simultaneously, reduced card lose or PIN lose the security risk that causes.Because the restriction of the highest mandate volume in the authorization card, even TSAM card and authorization card are lost simultaneously and the PIN of TSAM card reveals, loss also is controlled in the scope that can bear.
The above is merely preferred embodiment of the present invention, is not to be used to limit protection scope of the present invention.All within spirit of the present invention and principle, any modification of being done, be equal to replacement, improvement etc., all should be included within protection scope of the present invention.
Claims (10)
1. the method based on secure access module TSAM card offline authorization is applied to be connected with in the computer system of card facility, it is characterized in that, this method comprises, when said computer operation in the off-line state of card issuer's network break link the time,
Whether the PIN of the TSAM card checking input in the card facility is correct;
If PIN is correct in input, after the consumption MAC1 that the authorization card in the card facility produces through said TSAM card verifies said TSAM card and said authorization card is corresponding, consumption MAC2 is deducted and produced to amount of the claim from the mandate amount of self; After said TSAM cartoon is crossed consumption MAC2 that said authorization card produces and is verified said TSAM card and said authorization card is corresponding; The mandate MAC1 that the checking subscriber card produces; After said TSAM card checking consumption MAC2 and mandate MAC1 are all successful, the mandate MAC2 and the described request forelock that produce are delivered to said subscriber card; After the MAC2 success is authorized in said subscriber card checking, the described request volume is imported said subscriber card;
If whether input PIN mistake then judges input PIN errors number more than or equal to threshold value, if more than or equal to threshold value, then locked said PIN can not continue to use said TSAM card; Otherwise, import PIN once more;
Said authorization card verifies that through the consumption MAC1 that the TSAM card produces said TSAM card comprises with said authorization card is corresponding; Consumption key calculation by said authorization card obtains consuming MAC11; MAC11 equals to consume MAC1 when consumption, confirms that then said TSAM card is corresponding with said authorization card;
Said TSAM card checking consumption MAC2 all successfully comprises with the mandate MAC1 that subscriber card produces, and obtains consuming MAC21 by the consumption key calculation of said TSAM card, consumes MAC21 and equals to consume MAC2;
And, calculate mandate MAC11 by the authorization key of said TSAM card, when authorizing MAC11 to equal to authorize MAC1, the mandate MAC1 that TSAM card checking consumption MAC2 and subscriber card produce is all successful.
2. according to the said method of claim 1 based on secure access module card offline authorization; It is characterized in that; Said subscriber card checking authorizes MAC2 successfully to comprise; Authorization key by said subscriber card calculates mandate MAC21, when authorizing MAC21 to equal to authorize MAC2, confirms subscriber card checking mandate MAC2 success.
3. according to the said method of claim 1 based on secure access module card offline authorization; It is characterized in that; In the consumption key importing process of said TSAM card, the publisher is consumed key disperse computing, dispersion factor is the fixed combination of said TSAM card card number and said authorization card card number;
In the consumption key importing process of said authorization card, the publisher is consumed key disperse computing, dispersion factor is the fixed combination of said TSAM card card number and said authorization card card number.
4. according to the said method based on secure access module card offline authorization of claim 1, it is characterized in that said TSAM card further comprises PIN Personal Unlocking Key and PIN refitting key, said PIN Personal Unlocking Key and PIN refitting key all are in unactivated state.
5. according to the said method of claim 1 based on secure access module card offline authorization; It is characterized in that, with after said authorization card is corresponding, further comprise before the said generation consumption MAC2 at the said TSAM card of said checking; Said authorization card judges that whether the described request volume is smaller or equal to the current the highest mandate volume in the said authorization card; If, then amount of the claim is deducted from the mandate amount of self, upgrade the highest current mandate volume with the difference of said the highest current mandate volume and described request volume; Otherwise, finish.
6. the card facility based on secure access module TSAM card offline authorization is characterized in that, be equipped with in the said card facility,
Authorization card; Be used for when with the computer operation that is connected of card facility in the off-line state of card issuer's network break link the time; After verifying said TSAM card and said authorization card is corresponding through consumption MAC1, consumption MAC2 is deducted and produced to amount of the claim be sent to said TSAM card from the mandate amount of self from the TSAM card;
The said consumption MAC1 that produces through the TSAM card verifies that said TSAM card comprises with said authorization card is corresponding; Consumption key calculation by said authorization card obtains consuming MAC11; MAC11 equals to consume MAC1 when consumption, confirms that then said TSAM card is corresponding with said authorization card;
The TSAM card, whether correct, if input PIN is correct, then send consumption MAC1 to said authorization card if being used for checking input PIN; After the consumption MAC2 that produces through said authorization card verifies said TSAM card and said authorization card is corresponding; Checking is from the mandate MAC1 of subscriber card, verifies that said consumption MAC2 and said mandate MAC1 all after the success, are sent to subscriber card with the described request volume with the mandate MAC2 that self produces; If input PIN mistake judges that then whether input PIN errors number is more than or equal to threshold value, if more than or equal to the then locked said PIN of threshold value;
Said checking consumption MAC2 all successfully comprises with the mandate MAC1 that subscriber card produces, and obtains consuming MAC21 by the consumption key calculation of said TSAM card, consumes MAC21 and equals to consume MAC2;
And, calculate mandate MAC11 by the authorization key of said TSAM card, when authorizing MAC11 to equal to authorize MAC1, the mandate MAC1 that TSAM card checking consumption MAC2 and subscriber card produce is all successful.
7. according to the said card facility of claim 6, it is characterized in that said card facility further are mounted with subscriber card based on secure access module card offline authorization,
Subscriber card is used for sending mandate MAC1 to said TSAM card, after the MAC2 success is authorized in checking, the described request volume is increased to the mandate amount of self.
8. according to claim 7 or 8 said card facility based on the secure access module offline authorization, it is characterized in that said TSAM card further comprises PIN Personal Unlocking Key and PIN refitting key, said PIN Personal Unlocking Key and PIN refitting key all are in unactivated state.
9. the authentication card of an offline authorization is characterized in that, said authentication card comprises secure access module card (TSAM) and authorization card, wherein,
Authorization card; Be used for when the computer operation that is connected with the card facility that carry said authorization card and TSAM card with the off-line state of card issuer's network break link the time; After the consumption MAC1 that produces through the TSAM card verifies said TSAM card and said authorization card is corresponding, amount of the claim deducted from the mandate amount of self and produce consume MAC2 and be sent to said TSAM card;
The said consumption MAC1 that produces through the TSAM card verifies that said TSAM card comprises with said authorization card is corresponding; Consumption key calculation by said authorization card obtains consuming MAC11; MAC11 equals to consume MAC1 when consumption, confirms that then said TSAM card is corresponding with said authorization card;
The TSAM card, whether correct, if input PIN is correct, then send consumption MAC1 to said authorization card if being used for checking input PIN; The consumption MAC2 that produces through said authorization card verifies that said TSAM card is corresponding with said authorization card; If input PIN mistake judges that then whether input PIN errors number is more than or equal to threshold value, if more than or equal to the then locked said PIN of threshold value.
10. authentication card according to claim 9 is characterized in that, said TSAM card further comprises PIN Personal Unlocking Key and PIN refitting key, and said PIN Personal Unlocking Key and PIN refitting key all are in unactivated state.
Priority Applications (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN201010258049A CN101938357B (en) | 2010-08-19 | 2010-08-19 | Method based on off-line authorization of safety access module, card tool and authentication card |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN201010258049A CN101938357B (en) | 2010-08-19 | 2010-08-19 | Method based on off-line authorization of safety access module, card tool and authentication card |
Publications (2)
| Publication Number | Publication Date |
|---|---|
| CN101938357A CN101938357A (en) | 2011-01-05 |
| CN101938357B true CN101938357B (en) | 2012-10-03 |
Family
ID=43391506
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN201010258049A Active CN101938357B (en) | 2010-08-19 | 2010-08-19 | Method based on off-line authorization of safety access module, card tool and authentication card |
Country Status (1)
| Country | Link |
|---|---|
| CN (1) | CN101938357B (en) |
Families Citing this family (6)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN102982614B (en) * | 2012-11-07 | 2016-09-07 | 高新现代智能系统股份有限公司 | Update the method and device of rechargeable card internal information |
| CN103023901A (en) * | 2012-12-07 | 2013-04-03 | 北京网秦天下科技有限公司 | Login method and login system of mobile terminal |
| WO2017166118A1 (en) * | 2016-03-30 | 2017-10-05 | 李昕光 | Key management method |
| CN111292089A (en) * | 2020-02-12 | 2020-06-16 | 北京智慧云测科技有限公司 | PSAM card protection management method and PSAM card |
| CN113077558B (en) * | 2021-02-25 | 2023-06-30 | 北京中交国通智能交通系统技术有限公司 | PSAM card two-stage online authorization authentication method, device and system |
| CN114040366B (en) * | 2021-09-22 | 2024-04-09 | 惠州城市职业学院(惠州商贸旅游高级职业技术学校) | Bluetooth connection encryption method with high network communication security |
Family Cites Families (2)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN101064050A (en) * | 2006-04-30 | 2007-10-31 | 网安科技股份有限公司 | Multifunctional intelligent type parking time counting and paying apparatus and method thereof |
| CN101075316A (en) * | 2007-06-25 | 2007-11-21 | 陆航程 | Method for managing electronic ticket trade certification its carrier structure, system and terminal |
-
2010
- 2010-08-19 CN CN201010258049A patent/CN101938357B/en active Active
Also Published As
| Publication number | Publication date |
|---|---|
| CN101938357A (en) | 2011-01-05 |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| CN101938357B (en) | Method based on off-line authorization of safety access module, card tool and authentication card | |
| CN102160070B (en) | Electronic payment application system and payment authorization method | |
| CN101095162B (en) | System and method for a secure transaction module | |
| JP6859519B2 (en) | Credit card payment methods and devices based on mobile terminal card emulation | |
| CN203386245U (en) | Electronic toll collection (ETC) on board unit on-line issuing system combining mobile terminal | |
| CN104412285A (en) | Systems, methods, and computer program products for securing and managing applications on secure elements | |
| CN103247085A (en) | Front-mounted electronic toll collection (ETC) on board unit online publication system and method | |
| CN102081821A (en) | IC (integrated circuit) card paying system and method as well as multi-application IC card and payment terminal | |
| CN101110113A (en) | Multi-use safety device for computing electronic payment code and its generating method | |
| US9311636B2 (en) | Mobile payment method and mobile payment apparatus | |
| CN102034323A (en) | Public traffic one-card service system and implementation method, service platform and point of sale (POS) machine thereof | |
| CN105610871B (en) | A kind of vehicle input-output control system and control method based on semi-on-line key | |
| CN105512543A (en) | Mutual mobile authentication system using a key management center, method and server computer | |
| CN101833676B (en) | Method for controlling reading and writing of intelligent card with USBKEY module and reader thereof | |
| CN105117963A (en) | Device and method based on digital signature | |
| CN103152174A (en) | Data processing method, device and parking lot management system applied to parking lot | |
| CN105243542A (en) | System and method of dynamic electronic certificate authentication | |
| CN106682905B (en) | Application unlocking method | |
| JPS60136440A (en) | Method of altering session cryptographic key | |
| CN103778713A (en) | Financial ic card system | |
| EP2860710B1 (en) | Method and system for off-line credit for load | |
| KR100977552B1 (en) | Method for finance transaction using an imagination account and system thereof | |
| CN104835038A (en) | Networking payment device and networking payment method | |
| JPH1063722A (en) | Card transaction system and its method | |
| CN101673434A (en) | Secret key management method of IC card terminal |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| C06 | Publication | ||
| PB01 | Publication | ||
| C10 | Entry into substantive examination | ||
| SE01 | Entry into force of request for substantive examination | ||
| C53 | Correction of patent for invention or patent application | ||
| CB02 | Change of applicant information |
Address after: 100070 Beijing city Fengtai District Haiying Road No. 1 Building No. 2 hospital 12 Applicant after: Beijing Sutong Technology Co., Ltd. Address before: 100070 Beijing city Fengtai District Haiying Road No. 1 Building No. 2 hospital 12 Applicant before: Beijing Kuaitong Expressway Electronic Toll Collection System Co., Ltd. |
|
| COR | Change of bibliographic data |
Free format text: CORRECT: APPLICANT; FROM: BEIJING KUAITONG HIGHWAY ETC SYSTEM CO., LTD. TO: BEIJING SUTONG TECHNOLOGY CO., LTD. |
|
| C14 | Grant of patent or utility model | ||
| GR01 | Patent grant |