CN102013026B - A kind of smart card dynamic password Verification System and smart card dynamic password authentication method - Google Patents
A kind of smart card dynamic password Verification System and smart card dynamic password authentication method Download PDFInfo
- Publication number
- CN102013026B CN102013026B CN201010572806.XA CN201010572806A CN102013026B CN 102013026 B CN102013026 B CN 102013026B CN 201010572806 A CN201010572806 A CN 201010572806A CN 102013026 B CN102013026 B CN 102013026B
- Authority
- CN
- China
- Prior art keywords
- smart card
- dynamic password
- cpu
- card
- port manager
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Active
Links
Abstract
The invention discloses a kind of smart card dynamic password Verification System, for field of intelligent cards, in order to solve the problem of data safety of existing smart card, described system includes: smart card, port manager, CPU and far-end server, described CPU sets up electrical connection by described port manager with described smart card, wherein, described CPU comprises a dynamic password generation modules; Described port manager is for providing the communication interface of described smart card and CPU; CPU is for when receiving card reader to the read write command of described smart card, starting described dynamic password generation modules, generate one group of dynamic password; Described far-end server is for regularly producing random cipher, and whether dynamic password described in certification is consistent with the dynamic password verifying described random cipher with synchronize to generate. Utilize the password dynamically generated that smart card reader process is encrypted and is verified, be effectively increased Information Security and the transaction security of smart card.
Description
Technical field
The present invention relates to IC field of intelligent cards, particularly relate to a kind of smart card dynamic password Verification System and smart card dynamic password authentication method.
Background technology
IC-card (integrated circuit card, IntegratedCircuitCard) it is another the novel information instrument occurred after magnetic card, IC-card in some countries and regions also referred to as smart card (smartcard), smart card (intelligentcard), microcircuit card (microcircuitcard) or chip card etc., it is to be embedded in the card base meeting ISO7816 standard by a microelectronic chip, makes card form; Extremely it is widely used in and has included a lot of field such as finance, traffic, social security, be mainly used in the automatic fare collection system of public transport, ferry, subway, be also employed in entrance guard management, proof of identification and stored value card.
Smart card belongs to quasiconductor card, adopts microelectric technique to carry out the storage of information, process. Composition structure according to smart card, it is possible to be divided into general memory card, encrypted memory card, central processor CPU card and supper-intelligent card:
(1) memory card, its embedded chip is equivalent to normal serial E2PROM memorizer, this kind of card information convenient storage, use simple, low price, the alternative magnetic card of a lot of occasions, but information privacy function is not possessed due to itself, therefore it is only used for the application scenario that confidentiality requirement is not high.
(2) encrypted memory card, its embedded chip adds control logic outside memory block, needs password check before access storage areas, only password is correct, just carrying out accessing operation, this kind of information privacy is better, but uses similar with normal memory card.
(3) CPU card, its embedded chip is equivalent to the single-chip microcomputer of a specific type, internal except with controller, memorizer, time sequence control logic etc., also with algorithm unit and operating system. There are the characteristics such as memory capacity is big, disposal ability strong, information storage security due to CPU card, are widely used in Information Security and require extra high occasion.
(4) supper-intelligent card, it has micro-central processing unit MPU and memorizer and equipped with button, liquid crystal display and power supply, and some cards also have fingerprint identification device etc.
When the global IC Industry market competition is fiercer, smart card develops to higher level direction, such as shift from contact-type, smart cards to contactless smart cards, develop from low memory capacity smart card to high storage capacity, convert to multi-function intelligent card from single function smart card, convert from the smart card of single system to multisystem smart card, non-banking system turn to banking system to apply, by civilian turn to military, by LAN to the Internet migration etc. Along with these development, the application security of smart card is required also more and more higher. Smart card especially as electronic money, on it, record has a large amount of important information, safety is extremely important, is necessary for smart card system as application of IC cards system developer and provides rationally effective safety measure, to ensure the transaction data safety of smart card and application system thereof.
The principal element affecting smart card and application system security has: (1) uses user's loss or stolen smart card, pretends to be validated user to enter application system, it is thus achieved that unlawful interests; (2) carry out illegal copy of data with that forge or blank card, enter application system; (3) data on legal card are modified by the read-write equipment for smart card outside use system, change operation rank etc.; (4) in smart card process of exchange, after normally having blocked authentication, midway converts smart card, so that the data of the upper storage of card are inconsistent with system; (5) in smart card reader operates, the flow of information being made to exchange when docking port equipment and smart card communications carries out interception, and invalid information is even inserted in amendment, to obtain unlawful interests, or the system of destruction.
To above Safety Influence Factors, conventional safe practice has: identity differentiates and smart card legitimacy confirms, Package authentication technology, data encryption mechanics of communication etc. These technology adopt the data that can ensure smart card to a certain extent integrity in storage and process of exchange, effectiveness and verity, thus being effectively prevented, smart card carry out illegally read-write and amendment. But for flow of information the in the case of of stealing with interception, above technology cannot ensure that the turnover in process of exchange or code data are all safe.
Summary of the invention
The requirement of high security can not be met based on existing smart card techniques, the invention provides a kind of novel smart card dynamic password Verification System, its embedded dynamic password generation technique, further on the basis that existing intelligent card data is encrypted, then carry out the safety certification once intelligent card data read and write.
In order to realize above goal of the invention, a kind of smart card dynamic password Verification System that the embodiment of the present invention provides is to be realized by following technical scheme:
A kind of smart card dynamic password Verification System, described system includes:
Smart card, port manager, CPU and far-end server, described CPU sets up electrical connection by described port manager with described smart card, and wherein, described CPU comprises a dynamic password generation modules;
Described port manager is for providing the communication interface of described smart card and CPU;
CPU is for when receiving smart card reader to the read write command of described smart card, starting described dynamic password generation modules, generate one group of dynamic password;
Described far-end server is for regularly producing random cipher, and whether dynamic password described in certification is consistent with the dynamic password verifying described random cipher with synchronize to generate.
Further, described CPU also includes a synchronised clock, is used for providing the described CPU time synchronized with far-end server.
Further, when described random cipher is consistent with the dynamic password synchronizing generation, described CPU starts described smart card by described port manager, and described smart card carries out the read operation of data message.
Further, described system also includes a display screen and button, and described CPU and display screen, button are respectively connected with, and described button is used for controlling whether described display screen shows described dynamic password.
Further, described display screen is additionally operable to show the reading result of described intelligent card data information.
In order to realize foregoing invention purpose, the embodiment of the present invention additionally provides a kind of smart card dynamic password authentication method, said method comprising the steps of:
When described smart card is written and read operating by smart card reader, the CPU being connected with described smart card by Single port manager is received and is synchronized to read write command, and the dynamic password generation modules in described CPU is activated one group of dynamic password of generation;
Far-end server timing produces random cipher, and synchronizes to receive and dynamic password described in certification, verifies that whether the dynamic password that described random cipher synchronizes to generate with described CPU is consistent.
Further, when described random cipher is consistent with the dynamic password synchronizing generation, described CPU starts described smart card by described port manager, carries out the read operation of described intelligent card data information.
Further, described method also includes, and the time synchronized of described far-end server and CPU is completed by a synchronised clock.
Further, described method also includes, it is provided that one respectively with the described CPU button connected and display screen, when described button is pressed, described display screen shows described dynamic password.
Further, described method also includes, and after intelligent card data information has read, described display screen shows the reading result of described intelligent card data information.
Smart card system that the embodiment of the present invention provides and based on the smart card dynamic password verification method of this system, utilizes the password dynamically generated that smart card reader process is encrypted and is verified, is effectively increased Information Security and the transaction security of smart card.
Accompanying drawing explanation
Below in conjunction with drawings and Examples, the present invention is further described:
Fig. 1 is the schematic diagram of 1 one kinds of smart card dynamic password Verification Systems of the embodiment of the present invention;
Fig. 2 is the schematic diagram of the another kind of smart card dynamic password Verification System of the embodiment of the present invention 2;
Fig. 3 is the flow chart of the embodiment of the present invention 3 smart card dynamic password authentication method.
Detailed description of the invention
Schematic diagram such as smart card dynamic password Verification System that Fig. 1 is the embodiment of the present invention 1.
As it is shown in figure 1, a kind of smart card dynamic password Verification System of the embodiment of the present invention 1, described system includes:
Smart card, port manager, CPU and far-end server, described CPU sets up electrical connection by described port manager with described smart card, and wherein, described CPU comprises a dynamic password generation modules;
Described port manager is for providing the communication interface of described smart card and CPU;
CPU is for when receiving smart card reader to the read write command of described smart card, starting described dynamic password generation modules, generate one group of dynamic password;
Whether described far-end server is for regularly producing random cipher, and receive consistent with the described dynamic password verifying described random cipher with synchronize to generate with dynamic password described in certification.
Intelligent card read/write device is the bridge between smart card and application system, is referred to as IFD (interface equipment, InterfaceDevice) in ISO international standard. CPU in card reader is connected with smart card by an interface circuit and is communicated. This interface circuit is vital part in intelligent card read/write device, the difference according to real application systems, and the read-write chip of optional parallel communications, half duplex series communication and the different communication protocol such as I2C communicates and smart card communicates.
The card-reading mode of smart card is included contact Card Reader and contactless read-write card two ways by smart card reader: (1) contact read-write card, the contact on the contact of card reader and smart card card contacting carries out reading and writing data; (2) contactless read-write card, by smart card and card reader without electrical contact, be written and read (such as light or radiotechnics) by contactless read-write technology. This kind of read-write mode is commonly used in the occasion that access is frequent, use bad environments.
When smart card is written and read card by smart card reader, synchronously, described CPU receives read write command, when described CPU receives card reader to the read write command of described smart card, will start its built-in dynamic password generation modules, generates one group of dynamic password.
Far-end server is as a certification main body, for the multiple smart cards in management server system, it is provided that the identity authentication function of smart card; It is ceaselessly generating random cipher, in order to provide the certification comparison of dynamic password that the CPU dynamic password generation modules with smart card system generates. When described dynamic password generates, far-end server receives the dynamic password generated the certification of the dynamic password of this synchronization generation. It is to say, at a time, whether the dynamic password of the random cipher generation Tong Bu with smart card that far-end server generates is authenticated, see at two passwords of synchronization consistent.
Further, described system also includes a synchronised clock, is used for the time synchronized providing described far-end server with CPU. Such guarantee uses the smart card of same password create-rule and far-end server to be authenticated at synchronization. Synchronised clock is used for providing the time synchronized generating described dynamic password CPU and far-end server.
When described random cipher is consistent with the dynamic password synchronizing generation, the authentication of described smart card is passed through, described CPU will start described port manager, and start described smart card by this port manager, carry out the read operation of described intelligent card data information; When two passwords are inconsistent, described smart card is illegal card, it is impossible to by certification, will refuse the further data read-write operation of described smart card. Preferably, described system also includes a battery, is connected with described CPU, for described system power supply.
Here, this smart card system is as that be widely used in on-site payment occasion, safe and reliable stored value card or fiscard, by the dynamic password produced, to support that card user carries out authentication in the occasion such as network trading, phone trading, it is respectively provided with certain safety and reliability.
As in figure 2 it is shown, the embodiment of the present invention 2 provides another kind of smart card dynamic password system, described system includes:
Smart card, port manager, CPU and far-end server, described CPU sets up electrical connection by described port manager with described smart card, and wherein, described CPU comprises a dynamic password generation modules;
Described port manager is for providing the communication interface of described smart card and CPU;
CPU is for when receiving card reader to the read write command of described smart card, starting described dynamic password generation modules, generate one group of dynamic password;
Whether described far-end server is for regularly producing random cipher, and receive consistent with the described dynamic password verifying described random cipher with synchronize to generate with dynamic password described in certification;
Described system also includes a display screen and button, and described CPU and display screen, button are respectively connected with, and described button is used for controlling whether described display screen shows described dynamic password.
When described button is pressed, display screen described in CPU shows described dynamic password.
Preferably, described system also includes a battery, is connected with described CPU, for described system power supply.
When described random cipher is consistent with the dynamic password synchronizing generation, the authentication of described smart card is passed through, described CPU will start described port manager, and start described smart card by this port manager, carry out the read operation of described intelligent card data information; When two passwords are inconsistent, described smart card is illegal card, it is impossible to by certification, will refuse the further data read-write operation of described smart card. It is further preferred that described display screen is additionally operable to show the reading result of described intelligent card data information.
By the checking of dynamic password, intelligent card data can be carried out read operation, after reading data process, again the result data of smart card is displayed, user can see the result data of return by display screen, judge whether this transaction results meets correctly by these data, it is to avoid the error in data that may result in process operation data.
As it is shown on figure 3, the embodiment of the present invention 3 additionally provides a kind of smart card dynamic password verification method, said method comprising the steps of:
Step one, when described smart card is written and read operating by smart card reader, the CPU connected with described smart card by Single port manager Tong Bu receives read write command;
Dynamic password generation modules in step 2, described CPU is activated one group of dynamic password of generation;
The timing of step 3, far-end server produces random cipher, and synchronizes to receive and dynamic password described in certification, verifies that whether the dynamic password that described random cipher synchronizes to generate with described CPU is consistent.
The time synchronized of described far-end server and CPU is completed by a synchronised clock. Far-end server is as a certification main body, for the multiple smart cards in management server system, it is provided that the identity authentication function of smart card; It is ceaselessly generating random cipher, in order to provide the certification comparison of dynamic password that the CPU dynamic password generation modules with smart card system generates. When described dynamic password generates, far-end server receives the dynamic password generated the certification of the dynamic password of this synchronization generation. It is to say, at a time, whether the dynamic password of the random cipher generation Tong Bu with smart card that far-end server generates is authenticated, see at two passwords of synchronization consistent.
When described random cipher is consistent with the dynamic password synchronizing generation, the authentication of described smart card is passed through, described CPU will start described port manager, and start described smart card by this port manager, carry out the read operation of described intelligent card data information; When two passwords are inconsistent, described smart card is illegal card, it is impossible to by certification, will refuse the further data read-write operation of described smart card. It is further preferred that provide one respectively with the described CPU button connected and display screen, when described button is pressed, described display screen shows described dynamic password.
It is further preferred that after intelligent card data information read, described display screen shows the reading result of described intelligent card data information. So, user can see the result data of return by display screen, judges whether this transaction results meets correctly by these data, it is to avoid the error in data that may result in process operation data.
Above method, by the dynamic password produced, to support that card user carries out authentication in the occasion such as network trading, phone trading, has certain safety and reliability.
Those skilled in the art will recognize that; above-mentioned detailed description of the invention is illustrative of; it is to enable those skilled in the art to be better understood from this patent content; should not be understood as the restriction to this patent protection domain; as long as any equivalent change made according to the disclosed spirit of this patent or modification, each fall within this patent protection domain.
Claims (10)
1. a smart card dynamic password Verification System, it is characterised in that described system includes:
Smart card, port manager, CPU and far-end server, described smart card is stored value card or fiscard; Described CPU sets up electrical connection by described port manager with described smart card, and wherein, described CPU comprises a dynamic password generation modules;
Described port manager is for providing the communication interface of described smart card and CPU;
CPU is for when receiving smart card reader to the read write command of described smart card, starting described dynamic password generation modules, generate one group of dynamic password;
Described far-end server is for regularly producing random cipher, and whether dynamic password described in certification is consistent with the described dynamic password verifying described random cipher with synchronize to generate.
2. smart card dynamic password Verification System according to claim 1, it is characterised in that described CPU also includes a synchronised clock, is used for the time synchronized providing described far-end server with CPU.
3. smart card dynamic password Verification System according to claim 1, it is characterized in that, when described random cipher is consistent with the dynamic password synchronizing generation, described CPU starts described smart card by port manager, and described smart card carries out the read operation of data message.
4. smart card dynamic password Verification System according to claim 1, it is characterized in that, described system also includes a display screen and button, and described CPU and display screen, button are respectively connected with, and described button is used for controlling whether described display screen shows described dynamic password.
5. smart card dynamic password Verification System according to claim 4, it is characterised in that described display screen is additionally operable to show the reading result of described intelligent card data information.
6. a smart card dynamic password authentication method, it is characterised in that described smart card is stored value card or fiscard, said method comprising the steps of:
When described smart card is written and read operating by smart card reader, the CPU connected with described smart card by Single port manager Tong Bu receives read write command, and the dynamic password generation modules in described CPU is activated and generates one group of dynamic password;
Far-end server timing produces random cipher, and synchronizes to receive and dynamic password described in certification, verifies that whether the dynamic password that described random cipher synchronizes to generate with described CPU is consistent.
7. smart card dynamic password authentication method according to claim 6, it is characterized in that, when described random cipher is consistent with the dynamic password synchronizing generation, described CPU starts described smart card by described port manager, and described smart card carries out the read operation of data message.
8. smart card dynamic password authentication method according to claim 7, it is characterised in that the time synchronized of described far-end server and CPU is completed by a synchronised clock.
9. smart card dynamic password authentication method according to claim 6, it is characterised in that described method also includes:
There is provided one respectively with the described CPU button connected and display screen, when described button is pressed, described display screen shows described dynamic password.
10. smart card dynamic password authentication method according to claim 9, it is characterised in that described method also includes, after intelligent card data information has read, described display screen shows the reading result of described intelligent card data information.
Priority Applications (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN201010572806.XA CN102013026B (en) | 2010-12-04 | 2010-12-04 | A kind of smart card dynamic password Verification System and smart card dynamic password authentication method |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN201010572806.XA CN102013026B (en) | 2010-12-04 | 2010-12-04 | A kind of smart card dynamic password Verification System and smart card dynamic password authentication method |
Publications (2)
| Publication Number | Publication Date |
|---|---|
| CN102013026A CN102013026A (en) | 2011-04-13 |
| CN102013026B true CN102013026B (en) | 2016-06-01 |
Family
ID=43843198
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN201010572806.XA Active CN102013026B (en) | 2010-12-04 | 2010-12-04 | A kind of smart card dynamic password Verification System and smart card dynamic password authentication method |
Country Status (1)
| Country | Link |
|---|---|
| CN (1) | CN102013026B (en) |
Families Citing this family (6)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN102932146B (en) * | 2012-10-08 | 2015-06-17 | 天地融科技股份有限公司 | Electronic signature tool and system |
| CN103905388A (en) * | 2012-12-26 | 2014-07-02 | 中国移动通信集团广东有限公司 | Authentication method, authentication device, smart card, and server |
| CN103971139B (en) * | 2013-01-29 | 2019-02-05 | 上海易销电子商务有限公司 | IC card remote operating system and method |
| CN104281952A (en) * | 2013-07-08 | 2015-01-14 | 北京旋极信息技术股份有限公司 | Dynamic password verification method |
| EP3217343A1 (en) * | 2016-03-08 | 2017-09-13 | Gemalto Sa | A method to compensate by a server a clock deviation of a card |
| CN108599962A (en) * | 2018-05-08 | 2018-09-28 | 国网天津市电力公司 | A kind of switchgear house comprehensive entrance guard system and application method based on time synchronization dynamic password |
Citations (3)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN1614924A (en) * | 2004-11-26 | 2005-05-11 | 王小矿 | Identity certifying system based on intelligent card and dynamic coding |
| CN101252435A (en) * | 2008-03-27 | 2008-08-27 | 上海柯斯软件有限公司 | Method for realizing dynamic password generation and judge on smart card |
| CN101477607A (en) * | 2009-01-16 | 2009-07-08 | 北京海升天达科技有限公司 | Smart card and smart card user identity authentication process thereof |
Family Cites Families (2)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| EP1139200A3 (en) * | 2000-03-23 | 2002-10-16 | Tradecard Inc. | Access code generating system including smart card and smart card reader |
| CN201436627U (en) * | 2009-03-17 | 2010-04-07 | 上海动联信息技术有限公司 | Electronic paper smart card token |
-
2010
- 2010-12-04 CN CN201010572806.XA patent/CN102013026B/en active Active
Patent Citations (3)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN1614924A (en) * | 2004-11-26 | 2005-05-11 | 王小矿 | Identity certifying system based on intelligent card and dynamic coding |
| CN101252435A (en) * | 2008-03-27 | 2008-08-27 | 上海柯斯软件有限公司 | Method for realizing dynamic password generation and judge on smart card |
| CN101477607A (en) * | 2009-01-16 | 2009-07-08 | 北京海升天达科技有限公司 | Smart card and smart card user identity authentication process thereof |
Also Published As
| Publication number | Publication date |
|---|---|
| CN102013026A (en) | 2011-04-13 |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| US11842334B2 (en) | Smart card for generating virtual card number, and method and program for providing smart card-based virtual card number | |
| Jurgensen et al. | Smart cards: the developer's toolkit | |
| CN102013026B (en) | A kind of smart card dynamic password Verification System and smart card dynamic password authentication method | |
| CA2903341A1 (en) | Smart card and smart card system with enhanced security features | |
| CN101833676B (en) | Method for controlling reading and writing of intelligent card with USBKEY module and reader thereof | |
| US20150161594A1 (en) | Payment unit, system and method | |
| Hendry | Multi-application smart cards: technology and applications | |
| US20190005495A1 (en) | Method for verifying transactions in chip cards | |
| NZ537305A (en) | Passport authentication and verification with machine readable data and chip held biometric certificate | |
| CN102611551A (en) | Physical authentication method, physical authentication device, and dynamic password token | |
| CN104410968A (en) | Portable universal integrated circuit card (UICC) subscriber terminal equipment and identity authentication system thereof | |
| CN100587735C (en) | Method for securing on-line transaction | |
| CN102034307A (en) | Electronic wallet-based dynamic password authentication system and method | |
| CN109753837B (en) | Anti-copying and anti-tampering method for IC card | |
| Le et al. | Building an Application that reads Secure Information Stored on the Chip of the Citizen Identity Card in Vietnam | |
| CN201946038U (en) | Security certificate device of internet-banking remote payment based on dual-interface safety smart card | |
| CN102118394A (en) | Safety authentication method for remote payment through internet banking based on dual-interface safety intelligent card | |
| CN102073888A (en) | Intelligent card system capable of displaying transaction data in real time and method thereof | |
| CA2797890C (en) | Portable communication equipment, system and method for communicating between a local terminal and a plurality of portable equipment | |
| CN102054184B (en) | A kind of realize the system and method that double-interface smart card real-time transaction data information shows | |
| US9659425B2 (en) | Electronic key for authentication | |
| CN110135547A (en) | A kind of fingerprint IC card for supporting eID identification | |
| RU2212708C2 (en) | Fingerprint-identified integrated-circuit card | |
| CN113408583B (en) | Identity verification method, device and equipment | |
| RU2736507C1 (en) | Method and system for creating and using trusted digital image of document and digital image of document created by this method |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| C06 | Publication | ||
| PB01 | Publication | ||
| C10 | Entry into substantive examination | ||
| SE01 | Entry into force of request for substantive examination | ||
| C14 | Grant of patent or utility model | ||
| GR01 | Patent grant |