CN102547620A - Mobile payment system and method for updating key - Google Patents
Mobile payment system and method for updating key Download PDFInfo
- Publication number
- CN102547620A CN102547620A CN2010106134302A CN201010613430A CN102547620A CN 102547620 A CN102547620 A CN 102547620A CN 2010106134302 A CN2010106134302 A CN 2010106134302A CN 201010613430 A CN201010613430 A CN 201010613430A CN 102547620 A CN102547620 A CN 102547620A
- Authority
- CN
- China
- Prior art keywords
- security key
- transmission security
- sim
- key
- payment transaction
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Pending
Links
Images
Abstract
The invention provides a mobile payment system and a method for updating a key. The method comprises the following steps that: A, a subscriber identity module (SIM) surface-mount card sends a payment service opening short message with an SIM surface-mount card identifier and a first transmission key; B, a mobile phone short message platform compares the received SIM surface-mount card identifier and first transmission key with contents stored in a local database; if received SIM surface-mount card identifier and the first transmission key are matched with the stored contents, a second transmission key is generated, and is encrypted by the first transmission key; C, the mobile phone short message platform sends a key updating short message with the encrypted second transmission key to a mobile terminal; and D, a mobile terminal transmits a key updating instruction with the encrypted second transmission key to the SIM surface-mount card; and the SIM surface-mount card decrypts the encrypted second transmission key by using the first transmission key and performs atomic write operation for updating the second transmission key; if the write operation is successful, the second transmission key replaces the first transmission key, otherwise, the step A is performed.
Description
Technical field
The present invention relates to the mobile payment technical field, relate in particular to a kind of mobile-payment system and the method for new key more thereof.
Background technology
Along with popularizing of mobile phone terminal, the application of mobile phone is also more and more, has also generally carried out based on the ecommerce of mobile phone.Mobile phone brings easily simultaneously to the consumer, has also brought the worry of consumer to e-commerce security.Present most mobile phone application is to the authentication of personal identification and professional carry out normally used to be simple link encryption, to rely on the relative closure property of communication network, and the minority mobile phone application has been used digital certificate of file like Mobile banking.But along with the development of mobile phone viruses is propagated, the safety of all kinds of mobile payment services such as Mobile banking is carried out the requirement that just is faced with safety upgrade.As the development of the experience file mode of Web bank originally to hardware mode, the solution that Mobile banking's class business also begins to seek hardware security.
The mobile phone SIM paste card is a kind of data processing safety chip that is installed between mobile phone terminal and the SIM, and the mobile phone SIM paste card is the smart card that meets the ISO7816 standard, has smart card and intelligent card read/write device function simultaneously.The Chinese patent publication number is CN101600267A, denomination of invention just disclose this paste card for the patent documentation of " a kind of intelligent paste card that can stick on the mobile communication intelligent card " principle, physical aspect and an assembled relation.SIM cards of mobile phones is wanted the ability operate as normal, and except physical aspect and assembling, the mobile phone SIM paste card also will carry out data handling procedures such as Data Receiving, forwarding, interception, processing, reorganization.Wherein, how secure download just becomes problem to the key that is adopted in the mobile-payment system in the mobile phone SIM paste card.
The Chinese patent publication number is that CN101835151A, denomination of invention have only been put down in writing the key updating of related system equipment in the wireless network in " air interface key updating method and wireless access system " patent documentation, and how the key of not putting down in writing the terminal security module carries out over-the-air updating.The Chinese patent publication number is that CN101742478A, denomination of invention are upgraded distribution method, system and portable terminal for having described key of slave security domain of intelligent card in " key of slave security domain of intelligent card upgrades distribution method, system and portable terminal " patent documentation.This method can solve the situation that behind hair fastener, is directed against symmetric key based on air download (OTA) technology, and slave security domain of intelligent card is carried out safe key updating and distribution.This scheme is based on near-field communication technology (NFC), and flow process is complicated, and the renewal key processes needs transaction back and forth, and this can be because the SMS communication unreliability be led more new key affairs interruption, error in data under the SMS communication pattern.
[0002]Key in technical field herein and describe paragraph.
Summary of the invention
In view of this, the invention provides a kind of mobile-payment system and the method for new key more thereof, can guarantee that all kinds of mobile payments are applied in maintaining secrecy and safety in the process of exchange.
The method of new key more in a kind of mobile-payment system that the embodiment of the invention proposes comprises the steps:
A, SIM paste card through portable terminal to handset short message platform send carry the SIM paste card sign and first transmission security key open the payment transaction note;
B, handset short message platform compare the content of being received of preserving in SIM paste card sign and first transmission security key and the local data base in the payment transaction note of opening; If compare correct; Then generate second transmission security key, and second transmission security key is encrypted with said first transmission security key;
C, handset short message platform send the key updating note of second transmission security key that carries said encryption to portable terminal;
D, portable terminal are received the key updating note; Carry the key updating instruction of second transmission security key of encryption to the transmission of SIM paste card; The SIM paste card is deciphered second transmission security key of encrypting with first transmission security key; The SIM paste card carries out the atomic write operation that second transmission security key upgrades, if write success, replaces first transmission security key with second transmission security key; If steps A is returned in failure.
Preferably, the said handset short message platform of step B is compared the content of being received of preserving in SIM paste card sign and first transmission security key and the local data base in the payment transaction note of opening to comprise:
Handset short message platform is searched local data base according to the said SIM paste card sign of opening in the payment transaction note; Find consistent SIM paste card sign; Whether consistent with the corresponding transmission security key version number of said SIM paste card sign and said in the judgment data storehouse if opening the version number of first transmission security key in the payment transaction note then, if unanimity then compare correct.
Preferably, the said SIM paste card of step D carries out the atomic write operation that second transmission security key upgrades and comprises:
D1, SIM paste card obtain the version number of second transmission security key;
D2, SIM paste card write backup file with said second transmission security key, and in backup file, write the backup significant notation;
D3, SIM paste card write key file with second transmission security key in the backup file, and the sign of key file is set to effectively, and current transmission security key version number is updated to the version number of said second transmission security key;
D4, SIM paste card are wiped the backup significant notation in the backup file, and wipe second transmission security key in the backup file.
Preferably, further comprise after the said step D:
E, SIM paste card send the payment transaction of carrying with the encryption of second transmission security key through portable terminal to handset short message platform and open the service fulfillment request note of request;
F, handset short message platform are deciphered, are analyzed with second transmission security key the service fulfillment request note of receiving, the request of opening is sent requested service to the payment transaction platform and opened packet according to payment transaction;
G, payment transaction platform receive that requested service opens packet, and the payment transaction data that will download send to handset short message platform after encrypting packing with maintenance key;
After H, handset short message platform are received the service fulfillment packet that the payment transaction platform sends; Said packet is encrypted packing with second transmission security key be organized into the service fulfillment note, and send the service fulfillment note of carrying the payment transaction information of encrypting with second transmission security key to portable terminal;
I, portable terminal send said service fulfillment note to the SIM paste card; After the SIM paste card is deciphered the payment transaction information in the service fulfillment note of being received with second transmission security key; With maintenance key receiving payment transaction information is carried out the secondary deciphering again; The atomic write operation of the business information of paying is if the write operation success returns to the payment transaction data that portable terminal can successfully use; If step e is returned in failure.
Preferably, step I is said to return to after the payment transaction data that portable terminal can successfully use, and further comprises:
J, SIM paste card generate the success confirmation information of opening of encrypting with second transmission security key, and the said success confirmation information of opening is transmitted to portable terminal;
K, portable terminal are transmitted to carry to encrypt and are opened the up note of opening successfully of success confirmation information to the mobile phone SMS platform;
L, handset short message platform are received and are opened successfully up note, carry out the communication deciphering, analyze with second transmission security key, open successfully packet according to opening successfully up note to the transmission of payment transaction platform;
After M, payment transaction platform are received and opened successfully packet, upgrade the account status of said portable terminal according to packet content.
Preferably, the said SIM paste card of step D is deciphered second transmission security key of encrypting with first transmission security key and is comprised:
Whether the backup significant notation of a, SIM paste card inspection backup file is effective, if, execution in step c; Otherwise execution in step b;
B, judge whether the content of backup file is full sky, if go to step f, otherwise go to step e;
C, read first transmission security key in the backup file, first transmission security key that is read is write key file;
D, wipe the backup significant notation of backup file;
E, the data of wiping backup file;
F, read first transmission security key in the key file, and second transmission security key of encrypting is deciphered with first transmission security key.
The embodiment of the invention also proposes a kind of mobile-payment system, comprises portable terminal, handset short message platform and payment transaction platform, and the SIM of said portable terminal is installed in the circuit board of portable terminal through the SIM paste card;
Said SIM paste card be used for through portable terminal to handset short message platform send carry the SIM paste card sign and first transmission security key open the payment transaction note; And reception is from the key updating instruction of second transmission security key that carries encryption of portable terminal; With first transmission security key second transmission security key of encrypting is deciphered; The SIM paste card carries out the atomic write operation that second transmission security key upgrades; If write success, replace first transmission security key with second transmission security key, send the payment transaction of carrying through portable terminal to handset short message platform then and open the service fulfillment request note of request with the encryption of second transmission security key; If write failure, once more through portable terminal to handset short message platform send carry the SIM paste card sign and first transmission security key open the payment transaction note; After the SIM paste card also is used for second transmission security key payment transaction information of the service fulfillment note received being deciphered; With maintenance key receiving payment transaction information is carried out the secondary deciphering again; The atomic write operation of the business information of paying; If write operation success; Return to the payment transaction data that portable terminal can successfully use, if failure is sent the payment transaction of carrying with the encryption of second transmission security key through portable terminal once more to handset short message platform and opened the service fulfillment request note of request;
Said handset short message platform is used for the content of preserving in the SIM paste card sign of being received of opening the payment transaction note and first transmission security key and the local data base is compared; If compare correct; Then generate second transmission security key, and second transmission security key is encrypted with said first transmission security key; And the key updating note of sending second transmission security key carry said encryption to portable terminal; Service fulfillment request note to receiving is deciphered, is analyzed with second transmission security key, and the request of opening is sent requested service to the payment transaction platform and opened packet according to payment transaction; And after receiving the service fulfillment packet that the payment transaction platform sends; Said packet is encrypted packing with second transmission security key be organized into the service fulfillment note, and send the service fulfillment note of carrying the payment transaction information of encrypting with second transmission security key to portable terminal;
The requested service that said payment transaction platform is used to receive from handset short message platform is opened packet, and the payment transaction data that will download send to handset short message platform after encrypting packing with maintenance key;
Said portable terminal is used for opening the payment transaction note to what handset short message platform sent the said SIM of the carrying paste card sign and first transmission security key; Receive the key updating note, carry the key updating instruction of second transmission security key of encryption to the transmission of SIM paste card; And send the service fulfillment note that receives to the SIM paste card.
Preferably, said handset short message platform is compared the content of being received of preserving in SIM paste card sign and first transmission security key and the local data base in the payment transaction note of opening to comprise:
Handset short message platform is searched local data base according to the said SIM paste card sign of opening in the payment transaction note; Find consistent SIM paste card sign; Whether consistent with the corresponding transmission security key version number of said SIM paste card sign and said in the judgment data storehouse if opening the version number of first transmission security key in the payment transaction note then, if unanimity then compare correct.
Preferably, said SIM paste card comprises:
The atomic write operating unit is used to obtain the version number of second transmission security key; Said second transmission security key is write backup file, and in backup file, write the backup significant notation; Second transmission security key in the backup file is write key file, and the sign of key file is set to effectively, and current transmission security key version number is updated to the version number of said second transmission security key; And wipe the backup significant notation in the backup file, and wipe second transmission security key in the backup file.
Preferably, said SIM paste card is further used for generating the success confirmation information of opening of encrypting with second transmission security key, and the said success confirmation information of opening is transmitted to portable terminal;
Said portable terminal is further used for transmitting carrying to encrypt opens the up note of opening successfully of success confirmation information to the mobile phone SMS platform;
Said handset short message platform is further used for receiving opens successfully up note, carries out the communication deciphering, analyzes with second transmission security key, opens successfully packet according to opening successfully up note to the transmission of payment transaction platform;
After said payment transaction platform is further used for receiving and opens successfully packet, upgrade the account status of said portable terminal according to packet content.
Preferably, said SIM paste card further comprises:
Key check and backup recovery unit were used for before the SIM paste card is deciphered second transmission security key of encrypting with first transmission security key, and whether the backup significant notation of inspection backup file is effective,
If, carry out and read first transmission security key in the backup file, the transmission security key that is read is write key file; Wipe the backup significant notation of backup file and the data of backup file, read first transmission security key in the key file, and second transmission security key of encrypting is deciphered with first transmission security key;
Otherwise, judge whether the content of backup file is full sky, if read first transmission security key in the key file, and second transmission security key of encrypting is deciphered with first transmission security key; Otherwise wipe the data of backup file, read first transmission security key in the key file again, and second transmission security key of encrypting is deciphered with first transmission security key.
Can find out from above technical scheme, preserve current transmission security key at SIM paste card and payment transaction platform, before the business of paying, portable terminal is initiated the key updating flow process to the payment transaction platform, to upgrade current transmission security key; And the business datum of transmitting between portable terminal and the payment transaction platform is encrypted by transmission security key, is the ciphertext transmission to guarantee business datum; Adopt the atomic write operation to carry out key updating, guaranteed mistake can not occur in the key updating process.
Description of drawings
Fig. 1 is the composition sketch map of this mobile-payment system;
The key distribution that Fig. 2 proposes for the embodiment of the invention, upgrade and open flow chart based on mobile-payment system shown in Figure 1;
Fig. 3 is the detail flowchart of the key updating atomic write operation in Fig. 2 step 204;
The key that Fig. 4 proposes for the embodiment of the invention reads and recovers flow chart.
Embodiment
For the characteristics that make technical scheme of the present invention are clearer, below set forth in detail through specific embodiment.
As shown in Figure 1, mobile-payment system of the present invention comprises payment transaction platform 101, handset short message platform 102 and portable terminal 103, and the SIM 105 of said portable terminal 103 is installed in the circuit board of portable terminal 103 through SIM paste card 104.Said portable terminal 103 is supported SMS.
Described SIM paste card 104 has e commerce transactions payment application function.SIM paste card 104 carries out mutual authentication with payment transaction platform 101, and the key of said payment transaction platform 101 distributions of SIM paste card 104 receptions carries out key updating.Described distribution, renewal process all realize through handset short message platform 102 and portable terminal 103.SIM paste card 104 is all preserved current transmission security key with payment transaction platform 101, and said transmission security key is used in transmission course data being encrypted, and guarantees that the transmission course data are ciphertexts.
Below in conjunction with mobile-payment system framework shown in Figure 1 is example, in the mobile-payment system of the present invention more the method for new key describe.But the mobile-payment system framework that the present invention program was suitable for is not limited to mobile-payment system framework shown in Figure 1.
Be illustrated in figure 2 as key distribution that the embodiment of the invention proposes, upgrade and open flow process, comprising based on mobile-payment system shown in Figure 1:
Step 200: after portable terminal 103 starts, the user confirms to open payment transaction through STK (STK, SIM Tool Kit), and portable terminal 103 sends the service fulfillment instruction to SIM paste card 104.
After step 201:SIM paste card 104 is received the service fulfillment instruction; Transmission security key version number in the inspection SIM paste card 104; And sending the up payment transaction note of opening to handset short message platform 102 through portable terminal 103, sign, system that said up note is carried SIM paste card 104 open the payment transaction and first transmission security key.Said first transmission security key is the current transmission security key of SIM paste card 104, and the version number that establishes first transmission security key is 00.
Step 202: handset short message platform 102 is received the said up payment transaction note of opening; This note is analyzed; If the content of preserving in the database of the SIM paste card wherein sign and first transmission security key and handset short message platform 102 compares correct; Then generate second transmission security key (version number establishes 01), and second transmission security key is encrypted with said first transmission security key transmission security key of SIM paste card 104 (promptly from).
Said comparison can comprise following processing procedure: search local data base according to the said SIM paste card sign of opening in the payment transaction note; Find consistent SIM paste card sign; Whether consistent with the corresponding transmission security key version number of said SIM paste card sign and said in the judgment data storehouse if opening the version number of first transmission security key in the payment transaction note then, if unanimity then compare correct.
Step 203: handset short message platform 104 sends descending key updating note to portable terminal 103, carries second transmission security key of said encryption in the said downlink short message.
Step 204: portable terminal 103 is received the key updating note; Carry the key updating instruction of second transmission security key of encryption to 104 transmission of SIM paste card; SIM paste card 104 usefulness first transmission security key is deciphered second transmission security key of encrypting, and SIM paste card 104 carries out the atomic write operation that transmission security key upgrades then, promptly replaces first transmission security key with second transmission security key; If write success, proceed step 205.If failure is returned step 200 and is restarted.
In intelligent card chip, flash memory (flash) memory carries out Data Update needs several operating procedures:
A, sense data are to buffer memory;
B, the data of wiping the flash memory;
Data in c, the renewal buffer memory;
D, the data in the buffer memory are written back in the flash memory.
In these operating process, might cause operation disruption because of various uncertain reasons at any time, and then cause states such as Data Update failure, initial data are destroyed, new data is not written into, the data of flash memory are in unknowable state.
Atomic write operation is meant adopts backup, inspection, and operating procedures such as write-back realize data at the flash data updating process, guarantee the flash data in a state of nature or be updated state, and the data processing mechanism of the third state can not occur.In key updating process, adopt the atomic write method of operation, guarantee that key data is in primary key and one of two states that upgrades the back key, and the state of key data partial update can not occur.
Step 205:SIM paste card 104 is opened payment transaction through portable terminal 103 to handset short message platform 102 requests.
Step 206: portable terminal 103 sends to handset short message platform 102 with up service fulfillment request note, carries the payment transaction of encrypting with second transmission security key in the said service fulfillment request note and opens request.
Step 207: the service fulfillment request note that 102 pairs of handset short message platforms are received is deciphered, is analyzed with second transmission security key, opens request according to payment transaction, sends requested service to payment transaction platform 101 and opens packet.
Step 208: payment transaction platform 101 receives that requested service opens packet; The payment transaction data that will download (for example: personal identification number (PIN; Personal Identification Number), PIN PUK (PUK; PIN UnBlock) etc.), encrypt packing, send to handset short message platform 102 with maintenance key.Said maintenance key is used in payment transaction data being encrypted, and the business datum of guaranteeing payment is a ciphertext.
Step 209: after handset short message platform 102 is received the service fulfillment packet that payment transaction platform 101 sends, packet is encrypted packing with second transmission security key be organized into the service fulfillment note.
Step 210: handset short message platform 102 as downlink short message breath (comprising the payment transaction information of encrypting with second transmission security key), sends to portable terminal 103 with the service fulfillment note.
Step 211: portable terminal 103 is received the service fulfillment note; Send SIM paste card 104 to, SIM paste card 104 is received the service fulfillment note, after with second transmission security key payment transaction information wherein being deciphered; With maintenance key receiving payment transaction information is carried out the secondary deciphering again; The atomic write operation of the business information of paying is if the write operation success carry out step 212; If failure is returned step 205 and is opened payment transaction to handset short message platform 102 requests.
After step 212:SIM paste card 104 carries out step 211 success, return to the payment transaction data of portable terminal 103, generate the success confirmation information of opening of encrypting, and the said success confirmation information of opening is transmitted to portable terminal 103 with second transmission security key.
Step 213: portable terminal 103 is transmitted to carry to encrypt and is opened the up note of opening successfully of success confirmation information to mobile phone SMS platform 102.
Step 214: handset short message platform 102 is received and is opened successfully up note, carries out the communication deciphering, analyzes with second transmission security key (version 01), according to opening successfully up note, opens successfully packet to 101 transmissions of payment transaction platform.
Step 215: after payment transaction platform 101 is received and opened successfully packet, upgrade the account status of said portable terminal 103 according to packet content.Accomplish the key updating of SIM paste card and open flow process.
The detailed process of the key atomic write operation that the step 204 in the above-mentioned flow process is related is as shown in Figure 3, comprises the steps:
Step 301:SIM paste card obtains the version number of second transmission security key;
Step 302:SIM paste card writes backup file with said second transmission security key, and in backup file, writes the backup significant notation;
Step 303:SIM paste card writes key file with second transmission security key in the backup file, and the sign of key file is set to effectively, and current transmission security key version number is updated to the version number of said second transmission security key;
Step 304:SIM paste card is wiped the backup significant notation in the backup file, and wipes second transmission security key in the backup file.
In order further to guarantee to avoid the key data in the key file to lose efficacy, before, can adopt reading and the key recovery flow process of key file as shown in Figure 4 at each transmission security key (the transmission content is encrypted or deciphered) that uses, comprise the steps:
Step 400: begin to read key data.
Step 401: whether the backup significant notation of inspection backup file is effective, if, execution in step 403; Otherwise execution in step 402.Under the normal situation of key data in key file, the backup significant notation of backup file should be to be wiped free of, if it is effectively, shows that then the key file content is unusual, need carry out key recovery.
Step 402: whether the content of judging backup file is full sky, if go to step 406, otherwise go to step 405;
Step 403: read the transmission security key in the backup file, the transmission security key that is read is write key file;
Step 404: the backup significant notation of wiping backup file;
Step 405: the data of wiping backup file;
Step 406: read the transmission security key in the key file.
Step 407: key data reads completion, utilizes the transmission security key that is read to encrypt or decipher.
The embodiment of the invention proposes a kind of mobile-payment system, comprises portable terminal, handset short message platform and payment transaction platform, and the SIM of said portable terminal is installed in the circuit board of portable terminal through the SIM paste card;
Said SIM paste card be used for through portable terminal to handset short message platform send carry the SIM paste card sign and first transmission security key open the payment transaction note; And reception is from the key updating instruction of second transmission security key that carries encryption of portable terminal; With first transmission security key second transmission security key of encrypting is deciphered; The SIM paste card carries out the atomic write operation that second transmission security key upgrades; If write success, replace first transmission security key with second transmission security key, send the payment transaction of carrying through portable terminal to handset short message platform then and open the service fulfillment request note of request with the encryption of second transmission security key; If write failure, once more through portable terminal to handset short message platform send carry the SIM paste card sign and first transmission security key open the payment transaction note; After the SIM paste card also is used for second transmission security key payment transaction information of the service fulfillment note received being deciphered; With maintenance key receiving payment transaction information is carried out the secondary deciphering again; The atomic write operation of the business information of paying; If write operation success; Return to the payment transaction data that portable terminal can successfully use, if failure is sent the payment transaction of carrying with the encryption of second transmission security key through portable terminal once more to handset short message platform and opened the service fulfillment request note of request;
Said handset short message platform is used for the content of preserving in the SIM paste card sign of being received of opening the payment transaction note and first transmission security key and the local data base is compared; If compare correct; Then generate second transmission security key, and second transmission security key is encrypted with said first transmission security key; And the key updating note of sending second transmission security key carry said encryption to portable terminal; Service fulfillment request note to receiving is deciphered, is analyzed with second transmission security key, and the request of opening is sent requested service to the payment transaction platform and opened packet according to payment transaction; And after receiving the service fulfillment packet that the payment transaction platform sends; Said packet is encrypted packing with second transmission security key be organized into the service fulfillment note, and send the service fulfillment note of carrying the payment transaction information of encrypting with second transmission security key to portable terminal;
The requested service that said payment transaction platform is used to receive from handset short message platform is opened packet, and the payment transaction data that will download send to handset short message platform after encrypting packing with maintenance key;
Said portable terminal is used for opening the payment transaction note to what handset short message platform sent the said SIM of the carrying paste card sign and first transmission security key; Receive the key updating note, carry the key updating instruction of second transmission security key of encryption to the transmission of SIM paste card; And send the service fulfillment note that receives to the SIM paste card.
Preferably, said handset short message platform is compared the content of being received of preserving in SIM paste card sign and first transmission security key and the local data base in the payment transaction note of opening to comprise:
Handset short message platform is searched local data base according to the said SIM paste card sign of opening in the payment transaction note; Find consistent SIM paste card sign; Whether consistent with the corresponding transmission security key version number of said SIM paste card sign and said in the judgment data storehouse if opening the version number of first transmission security key in the payment transaction note then, if unanimity then compare correct.
Preferably, said SIM paste card comprises:
The atomic write operating unit is used to obtain the version number of second transmission security key; Said second transmission security key is write backup file, and in backup file, write the backup significant notation; Second transmission security key in the backup file is write key file, and the sign of key file is set to effectively, and current transmission security key version number is updated to the version number of said second transmission security key; And wipe the backup significant notation in the backup file, and wipe second transmission security key in the backup file.
Preferably, said SIM paste card is further used for generating the success confirmation information of opening of encrypting with second transmission security key, and the said success confirmation information of opening is transmitted to portable terminal;
Said portable terminal is further used for transmitting carrying to encrypt opens the up note of opening successfully of success confirmation information to the mobile phone SMS platform;
Said handset short message platform is further used for receiving opens successfully up note, carries out the communication deciphering, analyzes with second transmission security key, opens successfully packet according to opening successfully up note to the transmission of payment transaction platform;
After said payment transaction platform is further used for receiving and opens successfully packet, upgrade the account status of said portable terminal according to packet content.
Preferably, said SIM paste card further comprises:
Key check and backup recovery unit were used for before the SIM paste card is deciphered second transmission security key of encrypting with first transmission security key, and whether the backup significant notation of inspection backup file is effective,
If, carry out and read first transmission security key in the backup file, the transmission security key that is read is write key file; Wipe the backup significant notation of backup file and the data of backup file, read first transmission security key in the key file, and second transmission security key of encrypting is deciphered with first transmission security key;
Otherwise, judge whether the content of backup file is full sky, if read first transmission security key in the key file, and second transmission security key of encrypting is deciphered with first transmission security key; Otherwise wipe the data of backup file, read first transmission security key in the key file again, and second transmission security key of encrypting is deciphered with first transmission security key.
The above is merely preferred embodiment of the present invention, and is in order to restriction the present invention, not all within spirit of the present invention and principle, any modification of being made, is equal to replacement, improvement etc., all should be included within the scope that the present invention protects.
Claims (11)
1. the method for new key more in the mobile-payment system is characterized in that, comprises the steps:
A, SIM paste card through portable terminal to handset short message platform send carry the SIM paste card sign and first transmission security key open the payment transaction note;
B, handset short message platform compare the content of being received of preserving in SIM paste card sign and first transmission security key and the local data base in the payment transaction note of opening; If compare correct; Then generate second transmission security key, and second transmission security key is encrypted with said first transmission security key;
C, handset short message platform send the key updating note of second transmission security key that carries said encryption to portable terminal;
D, portable terminal are received the key updating note; Carry the key updating instruction of second transmission security key of encryption to the transmission of SIM paste card; The SIM paste card is deciphered second transmission security key of encrypting with first transmission security key; The SIM paste card carries out the atomic write operation that second transmission security key upgrades, if write success, replaces first transmission security key with second transmission security key; If steps A is returned in failure.
2. method according to claim 1 is characterized in that, the said handset short message platform of step B is compared the content of being received of preserving in SIM paste card sign and first transmission security key and the local data base in the payment transaction note of opening to comprise:
Handset short message platform is searched local data base according to the said SIM paste card sign of opening in the payment transaction note; Find consistent SIM paste card sign; Whether consistent with the corresponding transmission security key version number of said SIM paste card sign and said in the judgment data storehouse if opening the version number of first transmission security key in the payment transaction note then, if unanimity then compare correct.
3. method according to claim 1 is characterized in that, the atomic write operation that the said SIM paste card of step D carries out the renewal of second transmission security key comprises:
D1, SIM paste card obtain the version number of second transmission security key;
D2, SIM paste card write backup file with said second transmission security key, and in backup file, write the backup significant notation;
D3, SIM paste card write key file with second transmission security key in the backup file, and the sign of key file is set to effectively, and current transmission security key version number is updated to the version number of said second transmission security key;
D4, SIM paste card are wiped the backup significant notation in the backup file, and wipe second transmission security key in the backup file.
4. method according to claim 1 is characterized in that, further comprises after the said step D:
E, SIM paste card send the payment transaction of carrying with the encryption of second transmission security key through portable terminal to handset short message platform and open the service fulfillment request note of request;
F, handset short message platform are deciphered, are analyzed with second transmission security key the service fulfillment request note of receiving, the request of opening is sent requested service to the payment transaction platform and opened packet according to payment transaction;
G, payment transaction platform receive that requested service opens packet, and the payment transaction data that will download send to handset short message platform after encrypting packing with maintenance key;
After H, handset short message platform are received the service fulfillment packet that the payment transaction platform sends; Said packet is encrypted packing with second transmission security key be organized into the service fulfillment note, and send the service fulfillment note of carrying the payment transaction information of encrypting with second transmission security key to portable terminal;
I, portable terminal send said service fulfillment note to the SIM paste card; After the SIM paste card is deciphered the payment transaction information in the service fulfillment note of being received with second transmission security key; With maintenance key receiving payment transaction information is carried out the secondary deciphering again; The atomic write operation of the business information of paying is if the write operation success returns to the payment transaction data that portable terminal can successfully use; If step e is returned in failure.
5. method according to claim 4 is characterized in that, step I is said to return to after the payment transaction data that portable terminal can successfully use, and further comprises:
J, SIM paste card generate the success confirmation information of opening of encrypting with second transmission security key, and the said success confirmation information of opening is transmitted to portable terminal;
K, portable terminal are transmitted to carry to encrypt and are opened the up note of opening successfully of success confirmation information to the mobile phone SMS platform;
L, handset short message platform are received and are opened successfully up note, carry out the communication deciphering, analyze with second transmission security key, open successfully packet according to opening successfully up note to the transmission of payment transaction platform;
After M, payment transaction platform are received and opened successfully packet, upgrade the account status of said portable terminal according to packet content.
6. method according to claim 3 is characterized in that, the said SIM paste card of step D is deciphered second transmission security key of encrypting with first transmission security key and comprised:
Whether the backup significant notation of a, SIM paste card inspection backup file is effective, if, execution in step c; Otherwise execution in step b;
B, judge whether the content of backup file is full sky, if go to step f, otherwise go to step e;
C, read first transmission security key in the backup file, first transmission security key that is read is write key file;
D, wipe the backup significant notation of backup file;
E, the data of wiping backup file;
F, read first transmission security key in the key file, and second transmission security key of encrypting is deciphered with first transmission security key.
7. a mobile-payment system comprises portable terminal, handset short message platform and payment transaction platform, it is characterized in that, the SIM of said portable terminal is installed in the circuit board of portable terminal through the SIM paste card;
Said SIM paste card be used for through portable terminal to handset short message platform send carry the SIM paste card sign and first transmission security key open the payment transaction note; And reception is from the key updating instruction of second transmission security key that carries encryption of portable terminal; With first transmission security key second transmission security key of encrypting is deciphered; The SIM paste card carries out the atomic write operation that second transmission security key upgrades; If write success, replace first transmission security key with second transmission security key, send the payment transaction of carrying through portable terminal to handset short message platform then and open the service fulfillment request note of request with the encryption of second transmission security key; If write failure, once more through portable terminal to handset short message platform send carry the SIM paste card sign and first transmission security key open the payment transaction note; After the SIM paste card also is used for second transmission security key payment transaction information of the service fulfillment note received being deciphered; With maintenance key receiving payment transaction information is carried out the secondary deciphering again; The atomic write operation of the business information of paying; If write operation success; Return to the payment transaction data that portable terminal can successfully use, if failure is sent the payment transaction of carrying with the encryption of second transmission security key through portable terminal once more to handset short message platform and opened the service fulfillment request note of request;
Said handset short message platform is used for the content of preserving in the SIM paste card sign of being received of opening the payment transaction note and first transmission security key and the local data base is compared; If compare correct; Then generate second transmission security key, and second transmission security key is encrypted with said first transmission security key; And the key updating note of sending second transmission security key carry said encryption to portable terminal; Service fulfillment request note to receiving is deciphered, is analyzed with second transmission security key, and the request of opening is sent requested service to the payment transaction platform and opened packet according to payment transaction; And after receiving the service fulfillment packet that the payment transaction platform sends; Said packet is encrypted packing with second transmission security key be organized into the service fulfillment note, and send the service fulfillment note of carrying the payment transaction information of encrypting with second transmission security key to portable terminal;
The requested service that said payment transaction platform is used to receive from handset short message platform is opened packet, and the payment transaction data that will download send to handset short message platform after encrypting packing with maintenance key;
Said portable terminal is used for opening the payment transaction note to what handset short message platform sent the said SIM of the carrying paste card sign and first transmission security key; Receive the key updating note, carry the key updating instruction of second transmission security key of encryption to the transmission of SIM paste card; And send the service fulfillment note that receives to the SIM paste card.
8. system according to claim 7 is characterized in that, said handset short message platform is compared the content of being received of preserving in SIM paste card sign and first transmission security key and the local data base in the payment transaction note of opening to comprise:
Handset short message platform is searched local data base according to the said SIM paste card sign of opening in the payment transaction note; Find consistent SIM paste card sign; Whether consistent with the corresponding transmission security key version number of said SIM paste card sign and said in the judgment data storehouse if opening the version number of first transmission security key in the payment transaction note then, if unanimity then compare correct.
9. system according to claim 7 is characterized in that, said SIM paste card comprises:
The atomic write operating unit is used to obtain the version number of second transmission security key; Said second transmission security key is write backup file, and in backup file, write the backup significant notation; Second transmission security key in the backup file is write key file, and the sign of key file is set to effectively, and current transmission security key version number is updated to the version number of said second transmission security key; And wipe the backup significant notation in the backup file, and wipe second transmission security key in the backup file.
10. system according to claim 7 is characterized in that,
Said SIM paste card is further used for generating the success confirmation information of opening of encrypting with second transmission security key, and the said success confirmation information of opening is transmitted to portable terminal;
Said portable terminal is further used for transmitting carrying to encrypt opens the up note of opening successfully of success confirmation information to the mobile phone SMS platform;
Said handset short message platform is further used for receiving opens successfully up note, carries out the communication deciphering, analyzes with second transmission security key, opens successfully packet according to opening successfully up note to the transmission of payment transaction platform;
After said payment transaction platform is further used for receiving and opens successfully packet, upgrade the account status of said portable terminal according to packet content.
11. system according to claim 9 is characterized in that, said SIM paste card further comprises:
Key check and backup recovery unit were used for before the SIM paste card is deciphered second transmission security key of encrypting with first transmission security key, and whether the backup significant notation of inspection backup file is effective,
If, carry out and read first transmission security key in the backup file, the transmission security key that is read is write key file; Wipe the backup significant notation of backup file and the data of backup file, read first transmission security key in the key file, and second transmission security key of encrypting is deciphered with first transmission security key;
Otherwise, judge whether the content of backup file is full sky, if read first transmission security key in the key file, and second transmission security key of encrypting is deciphered with first transmission security key; Otherwise wipe the data of backup file, read first transmission security key in the key file again, and second transmission security key of encrypting is deciphered with first transmission security key.
Priority Applications (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN2010106134302A CN102547620A (en) | 2010-12-30 | 2010-12-30 | Mobile payment system and method for updating key |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN2010106134302A CN102547620A (en) | 2010-12-30 | 2010-12-30 | Mobile payment system and method for updating key |
Publications (1)
| Publication Number | Publication Date |
|---|---|
| CN102547620A true CN102547620A (en) | 2012-07-04 |
Family
ID=46353338
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN2010106134302A Pending CN102547620A (en) | 2010-12-30 | 2010-12-30 | Mobile payment system and method for updating key |
Country Status (1)
| Country | Link |
|---|---|
| CN (1) | CN102547620A (en) |
Cited By (5)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN103684750A (en) * | 2013-11-27 | 2014-03-26 | 武汉铁路局科学技术研究所 | Method for encrypting and decrypting in file transmission |
| CN105634736A (en) * | 2014-10-28 | 2016-06-01 | 艾优有限公司 | Method for data encryption |
| CN103684750B (en) * | 2013-11-27 | 2016-11-30 | 武汉千里路智能交通科技有限公司 | The encryption and decryption approaches of file transmission |
| CN108574572A (en) * | 2017-03-13 | 2018-09-25 | 杭州海康威视数字技术股份有限公司 | A kind of card washes the method and device of card distribution |
| TWI824489B (en) * | 2022-02-11 | 2023-12-01 | 廣達電腦股份有限公司 | Methods for securely updating software |
Citations (5)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN101034449A (en) * | 2007-04-17 | 2007-09-12 | 华中科技大学 | Method, system and mobile terminal for implementing electronic payment |
| WO2007129081A1 (en) * | 2006-05-05 | 2007-11-15 | Omnifone Limited | A method of providing digital rights management for music content by means of a flat-rate subscription |
| CN101588573A (en) * | 2009-06-29 | 2009-11-25 | 方秀芹 | Safe verification method, system and portable terminal, server |
| CN101841806A (en) * | 2010-04-21 | 2010-09-22 | 钱袋网(北京)信息技术有限公司 | Service card information processing method, device and system and communication terminal |
| CN101841416A (en) * | 2009-12-31 | 2010-09-22 | 北京握奇数据系统有限公司 | Method, device and system for realizing mobile phone bank |
-
2010
- 2010-12-30 CN CN2010106134302A patent/CN102547620A/en active Pending
Patent Citations (5)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| WO2007129081A1 (en) * | 2006-05-05 | 2007-11-15 | Omnifone Limited | A method of providing digital rights management for music content by means of a flat-rate subscription |
| CN101034449A (en) * | 2007-04-17 | 2007-09-12 | 华中科技大学 | Method, system and mobile terminal for implementing electronic payment |
| CN101588573A (en) * | 2009-06-29 | 2009-11-25 | 方秀芹 | Safe verification method, system and portable terminal, server |
| CN101841416A (en) * | 2009-12-31 | 2010-09-22 | 北京握奇数据系统有限公司 | Method, device and system for realizing mobile phone bank |
| CN101841806A (en) * | 2010-04-21 | 2010-09-22 | 钱袋网(北京)信息技术有限公司 | Service card information processing method, device and system and communication terminal |
Cited By (6)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN103684750A (en) * | 2013-11-27 | 2014-03-26 | 武汉铁路局科学技术研究所 | Method for encrypting and decrypting in file transmission |
| CN103684750B (en) * | 2013-11-27 | 2016-11-30 | 武汉千里路智能交通科技有限公司 | The encryption and decryption approaches of file transmission |
| CN105634736A (en) * | 2014-10-28 | 2016-06-01 | 艾优有限公司 | Method for data encryption |
| CN108574572A (en) * | 2017-03-13 | 2018-09-25 | 杭州海康威视数字技术股份有限公司 | A kind of card washes the method and device of card distribution |
| CN108574572B (en) * | 2017-03-13 | 2020-10-30 | 杭州海康威视数字技术股份有限公司 | Card washing and issuing method and device |
| TWI824489B (en) * | 2022-02-11 | 2023-12-01 | 廣達電腦股份有限公司 | Methods for securely updating software |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| CN101729502B (en) | Method and system for distributing key | |
| CN101615322B (en) | Mobile terminal payment method and mobile terminal payment system for realizing magnetic payment function | |
| JP5964499B2 (en) | System and method for enabling secure transactions with mobile devices | |
| US8832441B2 (en) | Mobile terminal, data communication method, and computer program | |
| US10318944B2 (en) | Near field communication terminal for performing secure payment and secure payment method using the same | |
| CN101729503B (en) | Method and system for distributing key | |
| CN1904923B (en) | Method for implementing space transference and apparatus thereof | |
| US20070075133A1 (en) | Method, System and Computer-Readable Medium for Radio Frequency Identification Device | |
| US20150339599A1 (en) | System, mobile device and method for electronic ticket peer to peer secure transferring by near field communication (nfc) technology | |
| CN101261675A (en) | Secure method for loading service access data in an NFC chipset | |
| CN103366140A (en) | Card writing method and card writing device based on NFC (Near Field Communication) | |
| CN101742504A (en) | Method for carrying out identity authentication by utilizing short messages | |
| CN102426720A (en) | Electronic purse air transfer cell phone intelligent card, cell phone terminal, system and method | |
| CN202444629U (en) | System for carrying out card operation by using mobile terminal | |
| CN109685499A (en) | A kind of SIM card and implementation method of embedded digital wallet function | |
| CN104461616A (en) | Updating method and system of software of chip card | |
| CN104240080A (en) | Realization method for mobile payment and device thereof | |
| CN102547620A (en) | Mobile payment system and method for updating key | |
| CN103414790A (en) | File transfer system based on NFC | |
| CN101841806A (en) | Service card information processing method, device and system and communication terminal | |
| CN102685704A (en) | Method and system for mobile phone trading | |
| CN110636491A (en) | Service-oriented trusted execution module and communication method | |
| CN103905624B (en) | Generation method and the mobile phone terminal of digital signature | |
| CN103699994A (en) | Method and system for loading credit over air for electronic purse of mobile terminal | |
| CN101877835A (en) | STK (SIM (Subscriber Identity Module) Tool Kit) business processing method and system as well as mobile terminal |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| C06 | Publication | ||
| PB01 | Publication | ||
| C10 | Entry into substantive examination | ||
| SE01 | Entry into force of request for substantive examination | ||
| C02 | Deemed withdrawal of patent application after publication (patent law 2001) | ||
| WD01 | Invention patent application deemed withdrawn after publication |
Application publication date: 20120704 |