CN102568097B - Method and system for improving safety of electronic wallets - Google Patents

Method and system for improving safety of electronic wallets Download PDF

Info

Publication number
CN102568097B
CN102568097B CN201010578562.6A CN201010578562A CN102568097B CN 102568097 B CN102568097 B CN 102568097B CN 201010578562 A CN201010578562 A CN 201010578562A CN 102568097 B CN102568097 B CN 102568097B
Authority
CN
China
Prior art keywords
card
key
stored value
value card
pin code
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Active
Application number
CN201010578562.6A
Other languages
Chinese (zh)
Other versions
CN102568097A (en
Inventor
邵通
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
Individual
Original Assignee
Individual
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Individual filed Critical Individual
Priority to CN201010578562.6A priority Critical patent/CN102568097B/en
Publication of CN102568097A publication Critical patent/CN102568097A/en
Application granted granted Critical
Publication of CN102568097B publication Critical patent/CN102568097B/en
Active legal-status Critical Current
Anticipated expiration legal-status Critical

Links

Landscapes

  • Storage Device Security (AREA)

Abstract

The invention aims to provide the technical scheme, which realizes pin codes in electronic wallets by storing consumption keys into the electronic wallets. Accordingly, the pin codes are not required during credit payment but required during non-credit payment, and the same electronic wallet is used. Besides, uniformity of quick consumption and safety consumption in credit shops such as a public transportation system is achieved. The invention further provides a method for protecting card issue functions.

Description

A kind of method and system strengthening stored value card safety
Technical field
The invention belongs to information security field.The present invention relates to a kind of strengthen the method for stored value card safety and be System.Specifically, it is related to an a kind of stored value card can use on trusting beneficiary and non-trusted beneficiary terminal simultaneously Method and system.
Background technology
The application of campus card and stored value card is increasingly popularized, and general stored value card uses the mark of ISO14443 less radio-frequency Standard and agreement.The radio frequency only communication interface between radio-frequency card and card-reading terminal.Application in the stored value card of campus card In scheme, the problem of core is to carry out being mutually authenticated of card and card-reading terminal, i.e. three certifications of symmetric cryptography using symmetric cryptography. The purpose of certification is that certification both sides confirm to have identical key, if key is identical or certification is somebody's turn to do it is possible to use by rear The key that both sides have carries out secret communication.
If do not specialized in the following description, we use term " wallet " expression " stored value card ".I.e. two words General.Claims are also such.
Being achieved in that, according to the global unique ID number of different cards, card sender of the stored value card of general campus card at present Structure Choice encryption hash function HX and HZ is as depreciation (consumption) function of the stored value card of card sending mechanism and the increasing of stored value card Value function.In new CPU card, it is typically chosen DES (or 3DES) as HX and HZ, certainly needs for depreciation (consumption) key SX and increment key SZ could become DES into cryptographic Hash function HX and HZ.
For example, the card to a new issue for the card sending mechanism, reads the ID of card first, then calculates DESSX(ID) as depreciation (consumption) key, calculates DESSZ(ID) as increment key.When consumption uses, card reader reads No. ID of card, then uses hair fastener When identical function calculate DESSX(ID), and with depreciation (consumption) key of storage in card carry out symmetrical password authentication, identical Show that this card is that card sending mechanism is issued.The payment of stored value card after cipher authentication, can be carried out, then accordingly reduce electronic money Stored Value in bag.When supplementing with money, card reader reads No. ID of card, then with calculating DES with identical function during hair fastenerSZ(ID), And carry out symmetrical password authentication with the increment key of storage in card, identical show that this card is that card sending mechanism is issued.Cipher authentication Afterwards, the Stored Value in stored value card can be increased.So every card, due to the difference of card number (ID), key is also different.It is exactly in the industry A card one referred to as is close.
It can be seen that the secrecy to cryptographic Hash function HX and HZ (or key SX and SZ) is system from above explanation The key of safety.Cracking of Mifare encryption function, makes the protection that everybody only relies on key to encryption system have more deep Understanding.But it is above in the application process of stored value card it can be seen that depreciation (consumption) key must be present in consumption terminal In (or on PSAM card of terminal), but the loss of this key does not result in the collapse of electronic purse system, reason is to know to disappear What fermi key can only be blocked withholds, and obtains commodity for a user and service just can be withholdd accordingly.Will not have Be provided with commodity or service just carry out the operation that user withholds, if simultaneously using new ID forge card carry out buckleing value, will not from send out Mechanism for card obtains real fund and is found;If forged using issuing card ID, can will be sent out by transaction record Now illegally obtain the terminal of transaction record, this equally easily tracked discovery, fake producer cannot interests economically.Blacklist It is also the effective means preventing complete copy card from attacking.
But the loss of increment key HZ (ID), the leakage of the function HZ that particularly rises in value, will cause serious safety problem, This allows to forge the amount of money of stored value card, after obtaining commodity and service, not real payment funding.Although it is permissible Stoped using the method for blacklist and forge being continuing with of card, but the behavior forging card can constantly be carried out, and will cause business Family and the contradiction of card sending mechanism.The method solving can only be that real-time online is paid, and this is again topmost for stored value card fast Speed is given discarded using the benefit using with off line.Also a method is, using other AES and key to electronics The data such as the amount of money in wallet are encrypted.Take precautions against the attacker obtaining card readwrite key, the amount of money in modification or generation card.Again Auxiliary blacklist means, can very limits ensure stored value card safety.
It is true that there are two kinds of different businessmans in the use of stored value card:Credit businessman and non-credit businessman.Than If this public public institution of public transport MTR is exactly credit payee (credit businessman).The feature of these units is base Originally unit will not forge card to make a profit, and employee forges card again less than corresponding interests.And common businessman, particularly little in a large number In businessman, it is understood that there may be have the lawless person forging card and attacking system.So, although Mifare is cracked, we can To see not having big safety problem using the public transit system of the stored value card of Mifare in a large number;But if handle is collected money with public transport After system identical cash receiving terminal is issued to substantial amounts of medium and small businessman, may just there is businessman that cashing machine is taken in crowd, utilize " wireless " characteristic of Mifare card is illegally collected money.For this reason, Hong Kong just produces so-called " cutting ferrule ", its function is exactly to use electromagnetism The method of shielding, puts into stored value card wherein, to prevent illegal businessman from using cashing machine near the fund of theft stored value card. This method obviously affects promoting the use of of radio-frequency card stored value card.It is true that public transport gathering require quickly through, and businessman receive Money requires with regard to so strong to quick.Input PIN code can be required when using as present bank card completely. The security guaranteed payment with PIN code.
So, the use of stored value card is just divided into two kinds of situations:Credit payment, such as bus card-reading do not need PIN code;Non- Credit payment, for example businessman swipes the card needs PIN code.Thus produce the electronic money how in existing credit payment no PIN code The problem of PIN code is realized on bag card, that is, needs quickly no PIN code can be used to swipe the card in public transport terminal, and need in businessman Uniform technical scheme using PIN code bankcard consumption.
Meanwhile, current stored value card, including CPU card stored value card and ISO14443 agreement, not using open code The security to improve system for the thought learned.Do not provide after PSAM card and SAM card are cracked completely, that is, depreciation function HX and After increment function HZ divulges a secret, whole system faces the problem of collapse.
Content of the invention
Now, the security of stored value card is under attack, and Mifare card is cracked and even more causes very big weight in the whole world Depending on.Attacker can read all information in card, replicate and forged, this can be solved with blacklist.But, and such as Cipher function HX and HZ of fruit hair fastener is compromised, and that attacker just can forge card, and blacklist method will be helpless.And deposit The charging terminal of the SAM module of HZ function, particularly deposits the popularization of the consumption terminal of SAM (PSAM) module of HX function, increases Add the disclosure risk of HZ and HX.Be exactly it is now recognized that safety CPU card key managing project in, equally have the close of hair fastener Code function HX and HZ divulge a secret after system crash risk.So this problem must be solved.We can use public cryptography Thought is strengthening the security of existing system.
So, a kind of method strengthening card safety, it includes:
In the hair fastener stage, card identification data is digitally signed, and is stored in the data field of card;
Operational phase, reads the digital signature of card identification data and card identification data;Compare the uniformity of previous step data, Confirm as the card in system when identical, proceed work, be not otherwise the card in system, quit work.
Preferably, the identification data of card include No. ID of card or (and) user profile blocked or (and) card sending mechanism information Deng.
Further, signature algorithm has encryption function.
It is also possible that also include in signed data other regions (or/and) key data of file.
Above card identification data it is simply that the data that distinguishes between different cards, such as:The sequence number (card number) of card, hair fastener People, holder.In a word it is simply that the different card of any two, the different pieces of information of identical data region composition.
In theory, present stored value card, the particularly stored value card of less radio-frequency are it is only necessary to a memory block Domain, that is, store the region of wallet balances.Certainly this region can have two keys to be protected, and that is, depreciation key and increment are close Key.In order to increase PIN code protection, in addition someone has increased region another and to have stored PIN code (or form of its salt adding).But Be add PIN code can also adopt other modes, see patent application document (a kind of symmetrical password authentication of ZL201010533245 Method), PIN code can be stored without another one area it may also be said to stored value card substantially can be with only one of which area completely: Wallet balances area.
We are intended to a wallet key at the method for invention, and particularly depreciation key is stored in card, so wallet card is necessary You Liangge area:Data area of wallet balances area.Wallet balances area is used for depositing the remaining sum of wallet, and data field is used for depositing wallet Key, certainly can also deposit the other informations such as PIN code., we claim entirely taking Mifare card Bus Card as a example Mifare card is stored value card;In card, the block (as the 4th piece) for stored balance is wallet balances area;The increment in remaining sum area Key, depreciation key and other keys are referred to as wallet key;The region (as the 12nd piece) depositing wallet key is referred to as data field, should The access control key in area is referred to as data field key.
A kind of method strengthening stored value card safety, it includes:It is divided into data area of remaining sum area in stored value card;In hair fastener Stage, by electronic purse balance amount area key storage in data field, in stored value card, the PIN code of storage user;During use, Card reader obtains user's PIN code, certification PIN code, and obtains wallet key from electronic purse data area, and card reader uses wallet close Key is authenticated with stored value card, correct after operated accordingly.
Further, electronic purse data area also has key to be written and read protecting.
Preferably, stored value card key is to be stored in data field in the way of ciphering signature, so also will decipher when using Wallet key just can be obtained.The mode of ciphering signature, is the primitive form using such as RSA Algorithm, rather than using universal at present Using to informative abstract signature method.The function of the encipherment protection information of original RSA Algorithm so can be utilized.
Further, stored value card key and stored value card mark are stored jointly in the way of ciphering signature, when so using The data obtaining from stored value card has to pass through deciphering and just can obtain wallet key and stored value card mark, and also has confirmation solution The stored value card mark obtaining after close identifies consistent step with this stored value card.
More safely, can by using PIN code using combining closely with mark data in the way of store user's PIN code, accordingly PIN code certification is also using the mode of combining closely.The so-called mode of combining closely is exactly the method described in embodiment 5.
Can store in the way of using salt adding typically, for PIN code, PIN code certification also will be adapted.
A kind of system strengthening stored value card safety, it includes:Electronic purse balance amount area, for storing the dress of wallet balances Put;Electronic purse data area, for storing the device of wallet balances area key;Card reader, for reading and writing electronic purse data Device.During use, electronic purse balance amount area key storage, in electronic purse data area, also stores user's in stored value card PIN code;Card reader obtains user's PIN code, then stores user authentication PIN code, and it is close to obtain wallet from electronic purse data area Key, then card reader be authenticated with electronic purse balance amount area using wallet key, correct after operated accordingly.
Further, also there is key read-write protection device in electronic purse data area.
Further, also has deciphering device in card reader, for deciphering the wallet key storing in ciphering signature mode.
More safely, also has ID authentication device in card reader, for from decrypted packet key containing stored value card and electronic money The wallet mark data obtaining in bag mark data, is compared certification with the mark data of this card stored value card.
Brief description
Describe the present invention with reference to the accompanying drawings, wherein
Fig. 1 represents the schematic diagram of preferred embodiment 4 and 5;
Specific embodiment
[embodiment 1] card signature
In the first embodiment of the present invention, for identification card, all can there is a mark typically in card, for example MifareS50 card has a globally unique sequence number.Certainly the hair fastener of application system is in addition it is also necessary to write personal information, hair fastener Unit information, hair fastener temporal information etc..These information also can become identification data, referred to as ID, that is, distinguish this card and other The data of card.
System selects rivest, shamir, adelman RSA and key to (S1, S2);ID is carried out the RSA that signsS1, and store (ID) In the data area of card.When terminal uses, first read out the mark ID of this card and be stored in the ID signature RSA in cardS1(ID), Terminal calculates RSAS2(RSAS1(ID)) obtain ID, and be compared with the ID reading.When consistent, terminal just can confirm that this card Validity.
Through such process, when attacker attacks consumption terminal or charging terminal, obtain stored value card or all-purpose card system It is also not possible to forge card after the consumption function HX of system or increment function HZ.Because signed data RSAS1(ID) protected by private key S1 Shield.By the thought of public-key cryptography, attacker is exactly thoroughly to crack terminal and SAM module obtains:Consumption function HX, increment function HZ, RSA and S2, nor forge the card of other ID, because attacker still can not calculate RSAS1(ID).It should be noted that RSA and S2 is also underground, and only compared with than the S1 being saved in hair fastener company, S2 is saved in the relatively low PSAM of security And in SAM card.Security and the validity of blacklist protection mechanism so can be improved.
Below, in conjunction with stored value card, it is further discussed below this technical scheme.
In order to solve card simultaneously in credit terminal without PIN code, and the uniform technical of PIN code is needed on non-trusted terminal Scheme has embodiment 2
[embodiment 2] no name
The core of the present invention is to adopt to store in stored value card by depreciation key (consumption key), and it is right to reoffer further Depreciation (consumption key) protect to obtain method.Carried out respectively not according to credit gathering and the gathering of non-credit when using stored value card Biconditional operation.According to second embodiment of the present invention, a kind of method of enhancing stored value card safety, we can use Mifare S50 card is illustrating.
Every Mifare S50 card has one globally unique No. ID and 16 memory blocks, and numbering is 0~15.Each storage There are two passwords in area:Increment password and depreciation password.When depreciation cipher authentication by after the data of memory block can be subtracted Value Operations, when rise in value password authentification by after the data of memory block can be carried out increment operation.
Using the electronic purse system of Mifare card, including increment function HX, depreciation (consumption password) function HZ, strengthen letter Number ZQ, electronic purse card mark ID, user's PIN code etc..Our selection regions 1 are as the storage region of remaining sum in stored value card. Region 2 is the region of storage depreciation key.
So, the increment password in region 1 is HZ (ID);Depreciation password is HX (ID);The read-write password in region 2 is that enhancing is close Code ZQ (ID);HX (ID) and user's PIN code are stored in the region 2 protected by enhancing password ZQ (ID).
When credit terminal uses, this is also the method that prior art reads and writes stored value card, and consumption terminal typically has depreciation (consumption password) function HX;Consumption terminal first reads out the mark ID of stored value card, and calculates HX (ID), with HX (ID) with Depreciation (consumption) key in stored value card is authenticated, operation of being withholdd accordingly when consistent;Terminal in card sending mechanism On carry out increment operation when, this terminal have increment function HZ;Terminal first reads out the mark ID of stored value card, and calculates HZ (ID), it is authenticated with HZ (ID) increment key, operation of being rised in value accordingly when consistent;Increment function HZ in terminal is permissible Leave in the SAM card in terminal, to guarantee the safety of this function.Certainly depreciation (consumption) function HX is stored in terminal On PSAM card on ensureing safety.
When non-credit terminal uses, user input PIN code;Terminal reads the mark ID of stored value card, and calculates Go out ZQ (ID), be authenticated with region 2 with ZQ (ID), be stored in HX (ID) and the PIN code in region 2, PIN code by rear reading After being verified, reuse HX (ID) and be authenticated with region 1, by after carry out corresponding depreciation or work of withholing.So non- On credit terminal, avoid the need for storing depreciation (consumption) function HX.
The program can be realized same stored value card and can use on credit terminal and non-credit terminal.In credit eventually End is all consistent with existing using method and internal processes when using;But it is necessary to defeated when using on non-credit terminal Enter PIN code, reach and limit the potential safety hazard that " wireless " use of non-credit terminal brings.Method for reaching this security purpose, It is mainly using data area depreciation key and PIN code being all put on card in the present patent application, and with strengthening password ZQ (ID) protect this region.May also have more easily method, but our this scheme, it is possible to achieve on consumption terminal, thing Can there is no HX function on real, so protect the safety of HX function to a great extent.
ID in this embodiment or card mark data, and it is not only sequence number.ID in following examples is not Plus explanation, it is also such.For CPU card, the mode that it manages data is file.File can also arrange cryptographic key protection, also may be used To be increment password and depreciation password.In a word, the region in embodiment is changed into file, substantially may be used for retouching of CPU card State.Key problem or security model are exactly, for the one group of data (referred to as region or file) in card, can with increment code, subtract Value password and read-write password are protected by, and the core of this embodiment is exactly these passwords and PIN code to be stored in other numbers of card It is protected by according to area and with other password.In addition, the PIN code of storage should be the data after hash, to increase the peace of PIN code Entirely, term is " salt adding ".In order to describe conveniently, the protection to PIN code is just not described in detail.
Because non-credit terminal is to be used by substantial amounts of medium and small businessman, though by PSAM card protection ZQ function it is also possible to Attacked.Safety is wished be not a best selection in the protection rest entirely on PSAM card.
So, further it should HX (ID) is encrypted and signature process.Here it is embodiment 3
[embodiment 3] signs
According to the third embodiment of the present invention, a kind of method of safe electronic wallet, there are increment function HX, depreciation here Function HZ, enhancing function ZQ, stored value card mark ID, rivest, shamir, adelman RSA and key are to (S1, S2), user's PIN code. Our selection regions 1 are as the storage region of remaining sum in stored value card.Region 2 is the region of storage depreciation key.
So, increment password is HZ (ID);Consumption password is HX (ID);Enhancing password is ZQ (ID);Calculate RSAS1(ID, HX (ID)) and be stored in together with PIN code in the region protected by enhancing password ZQ (ID).
When credit terminal uses, this terminal typically has depreciation function HX;Terminal first reads out mark ID of stored value card Number, and calculate HX (ID), it is authenticated with the consumption key in stored value card with HX (ID), withholdd accordingly when consistent Operation;When carrying out increment operation in the terminal of card sending mechanism, this terminal has increment function HZ;Terminal first reads out stored value card Mark ID, and calculate HZ (ID), be authenticated with the increment key in stored value card with HZ (ID), when consistent, carry out phase The increment operation answered;Increment function HZ in terminal may leave in the SAM card in terminal, to guarantee the safety of this function. Certainly depreciation function HX is stored on the PSAM card in terminal.
Rivest, shamir, adelman RSA and key S2 are had on non-credit terminal and strengthens cipher function ZQ.During use, user is defeated Enter PIN code;Terminal reads the mark ID of stored value card, and calculates ZQ (ID);It is authenticated with region 2 with ZQ (ID), lead to Later read RSAS1(ID, HX (ID)) and PIN code, calculate RSAS2(RSAS1(ID, HX (ID))) obtain ID and HX (ID) and PIN Code, after PIN code is verified, and this ID is consistent with the ID of card, is authenticated with region 1 using HX (ID), by after carry out Withhold accordingly work.
RSA Algorithm, key S2 and ZQ can be stored on the PSAM card in terminal.
[embodiment 4] signature+PSAM
According to the 4th kind of embodiment of the present invention, a kind of method of safe electronic wallet is as shown in Figure 1.This is a kind of invention Person thinks than more complete embodiment.In the figure, the publisher of tabulating equipment determines depreciation function HX, increment function HZ, increasing Majorant ZQ142, rivest, shamir, adelman RSA141 and key are to (S1, S2), user's PIN code.Selection region 31 is as electronics The storage region of remaining sum in wallet.Region 32 is the region of storage depreciation key.
In the hair fastener stage, the application according to consumer carries out the individualized of card, stores necessary other information on card;And Determine the remaining sum storage area that region 31 is stored value card.Read mark ID of card, calculating increment password HZ (ID), depreciation are close Code HX (ID) is the protection key of the 31 of region, deposits in wallet region keys area 311;Strengthening password ZQ (ID) is storage region 32 protection key, deposits in storage region 32 key zone 321;Calculate RSAS1(ID, HX (ID)) is simultaneously stored in together with PIN code In the storage region 32 protected by enhancing password ZQ (ID).In SAM card in terminal 1 (non-trusted terminal), store RSA Algorithm And S2 is RSA engine 141, ZQ function 142.
When terminal 5 (credit terminal) uses, the depreciation function HX521 of this terminal leaves in SAM module 52;Terminal 5 First pass through the mark ID connecting 4 reading stored value cards 3, and be sent to SAM module 52;SAM module 52 calculates HX (ID), It is authenticated according to the key that wallet region keys area 311 stores with the wallet region 31 in stored value card 3 with HX (ID), pass through After withholdd accordingly operation.When carrying out increment operation in terminal 5, the increment function HZ522 of this terminal leaves SAM module in In 52;Terminal first reads out the mark ID of stored value card, and is sent to SAM module 52;SAM module 52 calculates HZ (ID), It is authenticated according to the key that wallet region keys area 311 stores with the stored value card region 31 in stored value card 3 with HZ (ID), Rised in value accordingly when consistent operation.
In SAM module 14 in terminal 1 (non-trusted terminal), rivest, shamir, adelman RSA and key S2 is had to be RSA engine 131 and enhancing function ZQ142.During use, after terminal 1 obtains the amount of money and user input PIN code, terminal 1 reads stored value card 3 Mark ID, is sent to terminal 1 and is sent to SAM module 14;SAM module 14 calculates ZQ (ID);SAM module 14 ZQ (ID) With storage region 32 pass through terminal 1 and is connected 2 according to be stored in storage region 32 key zone 321 store key be authenticated, RSA in storage region 32 is stored in by rear readingS1(ID, HX (ID)), is then counted with the RSA engine 141 in SAM module 14 Calculate RSAS2(RSAS1(ID, HX (ID))) obtain ID and HX (ID) and PIN code, PIN code is verified, and compares the ID of this ID and card After consistent, pass through terminal 1 using HX (ID) with wallet region 31 and be connected 2 keys storing according to wallet region keys area 311 Be authenticated, by after withholdd accordingly work.Obviously all data occurring in terminal 1 and connecting on 2 can be through Cross encryption.
It is in fact possible to PIN code more closely be coupled it is simply that embodiment 5 with ZQ function
[embodiment 5] signature+PIN+PSAM
According to the 5th kind of embodiment of the present invention, a kind of method of safe electronic wallet is as shown in Figure 1.This is a kind of invention Person thinks reasonable embodiment.In the figure, the publisher of card determines depreciation function HX, increment function HZ, enhancing function ZQ, rivest, shamir, adelman RSA and key are to (S1, S2), user's PIN code.Selection region 31 is as remaining sum in stored value card Storage region.Region 32 is the region of storage depreciation key.
In the hair fastener stage, the application according to consumer carries out the individualized of card, stores necessary other information on card;And Determine the remaining sum storage area that region 31 is stored value card.Read mark ID of card, calculating increment password HZ (ID), depreciation are close Code HX (ID) is the protection key of the 31 of region, deposits in wallet region keys area 311;Read the PIN code of user, calculate and strengthen Password ZQ (ID, PIN) is the protection key of storage region 32, deposits in storage region 32 key zone 321;Calculate RSAS1(ID, HX ) and be stored in by strengthening in password ZQ (ID, the PIN) region 32 protected (ID).In SAM module 14 card in terminal 1, store RSA Algorithm and S2 are RSA engine 141, ZQ function.
When terminal 5 (credit terminal) uses, the depreciation function HX521 of this terminal leaves in SAM module 52;Terminal 5 First pass through the mark ID connecting 4 reading stored value cards 3, be sent in SAM module 52, SAM module 52 calculates HX (ID), It is authenticated according to the key that wallet region keys area 311 stores with the wallet region 31 in stored value card 3 with HX (ID), pass through After withholdd accordingly operation;When carrying out increment operation in terminal 5, the depreciation function HZ522 of this terminal leaves SAM module in In 52;Terminal first reads out the mark ID of stored value card, is sent in SAM module 52;SAM module 52 calculates HZ (ID), It is authenticated according to the key that wallet region keys area 311 stores with the stored value card region 31 in stored value card 3 with HZ (ID), Rised in value accordingly when consistent operation.(read signature numeral, after HX and HZ function is divulged a secret or cracked, batch can be prevented Produce pseudo- card)
In SAM module 14 in terminal 1 (non-credit terminal), rivest, shamir, adelman RSA and key S2 is had to be RSA engine 131 and enhancing function ZQ142.During use, terminal 1 obtains the amount of money and with producing after input PIN code, and terminal 1 reads stored value card 3 Mark ID, is sent to terminal 1 and is sent to SAM module 14;SAM module 14 calculates ZQ (ID, PIN);With ZQ (ID, PIN) With region 2 pass through terminal 1 and is connected 2 according to be stored in storage region 32 key zone 321 store key be authenticated, by rear Read the RSA being stored in region 2S1(ID, HX (ID)), then SAM module 14 calculating RSAS2(RSAS1(ID, HX (ID))) To ID and HX (ID), compare this ID consistent with the ID of card after, pass through terminal 1 using HX (ID) and wallet region 31 and be connected 2 Key according to wallet region keys area 311 storage is authenticated, by after withholdd accordingly work.Obviously all occur in Terminal 1 and the data connecting on 2 can may pass through encryption.
Different from embodiment 4, PIN code is not placed directly on region 2 here, but special using the present inventor's application Profit, is shown in patent application document (a kind of method of symmetrical password authentication of ZL201010533245), to protect as PIN code control mode The safety in card region 32.So after enhancing function ZQ divulges a secret or is cracked, there is no PIN code nor obtain RSAS1(ID, HX (ID)), so protect the safety of HX (ID) further.
Special declaration uses RSA to represent rivest, shamir, adelman in an embodiment, does not represent and can only use RSA Algorithm.This rivest, shamir, adelman is simply required to have two different keys, i.e. encryption key S1 and decruption key S2;Know solution Key is difficult to obtain encryption key.Decruption key typically claims to become privacy key encryption key S1, and decruption key S2 is referred to as Public-key cryptography, or S1 is called public-key cryptography on the contrary, and S2 is privacy key.But in the present invention, we are signed using S1 It is used, its encryption function can also be utilized simultaneously.S2 is stored in consumption terminal, and its effect can verify this card Moreover it is possible to the signed HX key data of protection while whether ID is signed by S1, so can prevent from having forged card reuse Through signing the ID card of name, can be solved by blacklist for ID card out of joint.Utilize the encryption function of S1 simultaneously, also may be used To ensure No. ID and the safety corresponding to this consumption key of No. ID.So signature does not preferably use common digital digest skill Art, but directly have the cipher system of signature function using this existing encryption function of RSA again.
S2 is commonly referred to as public-key cryptography, but is not intended in the present invention disclose this key;Even should algorithm RSA and Decruption key S2 is placed in the PSAM card of read-write terminal, to ensure safety.
The method of the present invention and system are described with embodiment above.But the present invention simultaneously not exclusively limits for electronic money Bag, is particularly not restricted to the stored value card of radio frequency card media.May not be stored value card, but be electronic bankbook.Although In above embodiment, invention has been described, it is to be understood that, the description of above example is illustrative and description Property, and nonrestrictive.It will be apparent to those skilled in the art that without departing from be defined by the claims this On the premise of bright spirit and scope, various modifications, improvement, modification can be made and replace.Claims illustrate the present invention Protection domain.

Claims (10)

1. a kind of method strengthening stored value card safety, it includes:
It is divided into data area of remaining sum area in stored value card;
The hair fastener stage
A, by electronic purse balance amount area key storage in data field;
B, in stored value card, storage user PIN code;
Operational phase
C, card reader obtain user's PIN code;
D, certification PIN code, and obtain wallet key from electronic purse data area;
E, card reader are authenticated using wallet key and stored value card, correct after operated accordingly.
2. method according to claim 1 is it is characterised in that data field also has key to be written and read protecting.
3. the method according to claim 1 or 2 it is characterised in that in step A stored value card key be in the way of ciphering signature Storage, the data that step D obtains from stored value card has to pass through deciphering and just can obtain wallet key.
4. method according to claim 3 is it is characterised in that stored value card key and stored value card mark are jointly to add in step A The mode of close signature stores, and the data that step D obtains from stored value card has to pass through deciphering and just can obtain wallet key and electronics Wallet identifies, and also has the stored value card mark that confirmation obtains after the deciphering step consistent with the mark of this stored value card.
5. method according to claim 3 is it is characterised in that PIN code stores user with mark data by the way of combining closely PIN code, corresponding PIN code certification is also using the mode of combining closely.
6. method according to claim 3 is it is characterised in that PIN code is stored by the way of salt adding, the PIN code certification of step D Also to be adapted.
7. a kind of system strengthening stored value card safety, it includes:
Electronic purse balance amount area, for storing the device of wallet balances;
Electronic purse data area, for storing the device of wallet balances area key;
Card reader, for reading and writing the device of electronic purse data;
Electronic purse balance amount area key storage, in electronic purse data area, also stores the PIN code of user in stored value card;Card Reader Device obtains user's PIN code, then stores user authentication PIN code, and obtains wallet key from electronic purse data area, then Card Reader Device is authenticated with electronic purse balance amount area using wallet key, correct after operated accordingly.
8. system according to claim 7 is it is characterised in that also there is key read-write protection device in electronic purse data area.
9. the system according to claim 7 or 8 is it is characterised in that also have deciphering device, for deciphering to encrypt label in card reader The wallet key that name mode stores.
10. system according to claim 8 is it is characterised in that also have ID authentication device in card reader, for containing from decrypted packet The wallet mark data obtaining in stored value card key and stored value card mark data, is entered with the mark data of this card stored value card Row compares certification.
CN201010578562.6A 2010-12-08 2010-12-08 Method and system for improving safety of electronic wallets Active CN102568097B (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
CN201010578562.6A CN102568097B (en) 2010-12-08 2010-12-08 Method and system for improving safety of electronic wallets

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
CN201010578562.6A CN102568097B (en) 2010-12-08 2010-12-08 Method and system for improving safety of electronic wallets

Publications (2)

Publication Number Publication Date
CN102568097A CN102568097A (en) 2012-07-11
CN102568097B true CN102568097B (en) 2017-02-22

Family

ID=46413431

Family Applications (1)

Application Number Title Priority Date Filing Date
CN201010578562.6A Active CN102568097B (en) 2010-12-08 2010-12-08 Method and system for improving safety of electronic wallets

Country Status (1)

Country Link
CN (1) CN102568097B (en)

Families Citing this family (5)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
WO2014154129A1 (en) * 2013-03-26 2014-10-02 Shao Tong Two-time near distance connection secure payment device, method, and system
CN104579674B (en) * 2014-08-08 2018-07-20 深圳市金溢科技股份有限公司 Terminal security module and its management method, vehicle toll management method and system
CN106845967A (en) * 2016-12-26 2017-06-13 广东工业大学 Based on the credit payment new application method that national all-purpose card interconnects
TWI668672B (en) * 2018-02-07 2019-08-11 開曼群島商庫幣科技有限公司 Method Of Creating And Recovering Digital Wallet
CN110135840A (en) * 2018-02-09 2019-08-16 库币科技有限公司 The generation of electronic money packet and restoring method

Citations (2)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN101247230A (en) * 2008-02-28 2008-08-20 唐跃文 Anti-counterfeiting method based on non-contact IC card
CN101276431A (en) * 2007-03-29 2008-10-01 西门子公司 Copy-protected chip cards and method related to their production

Family Cites Families (10)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
AU762708B2 (en) * 1998-05-05 2003-07-03 Jay C. Chen A cryptographic system and method for electronic transactions
JP4176898B2 (en) * 1999-02-19 2008-11-05 株式会社東芝 Personal authentication system, portable device and storage medium used therefor
JP3617789B2 (en) * 1999-05-26 2005-02-09 株式会社エヌ・ティ・ティ・データ Public key certificate issuance method, verification method, system, and recording medium
JP2008033789A (en) * 2006-07-31 2008-02-14 Oki Electric Ind Co Ltd Identification/attribute authentication system and identification/attribute authentication method
DE102007000589B9 (en) * 2007-10-29 2010-01-28 Bundesdruckerei Gmbh Method for protecting a chip card against unauthorized use, chip card and chip card terminal
CN100559393C (en) * 2008-03-25 2009-11-11 华南理工大学 RFID label and reader thereof, reading system and safety certifying method
CN101686225A (en) * 2008-09-28 2010-03-31 中国银联股份有限公司 Methods of data encryption and key generation for on-line payment
CN101853453A (en) * 2009-04-03 2010-10-06 中兴通讯股份有限公司 System and method for realizing mobile payment
CN101655949A (en) * 2009-08-13 2010-02-24 北京握奇数据系统有限公司 Intelligent card charging system and method thereof
CN101799954B (en) * 2009-11-20 2012-08-08 飞天诚信科技股份有限公司 Method for loading double electronic purses

Patent Citations (2)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN101276431A (en) * 2007-03-29 2008-10-01 西门子公司 Copy-protected chip cards and method related to their production
CN101247230A (en) * 2008-02-28 2008-08-20 唐跃文 Anti-counterfeiting method based on non-contact IC card

Also Published As

Publication number Publication date
CN102568097A (en) 2012-07-11

Similar Documents

Publication Publication Date Title
US20220156732A1 (en) Data protection with translation
EP2143028B1 (en) Secure pin management
US10134033B2 (en) Payment system and method using IC identification card
JP5050066B2 (en) Portable electronic billing / authentication device and method
US7526652B2 (en) Secure PIN management
US9361619B2 (en) Secure and convenient mobile authentication techniques
US20100169223A1 (en) Payment System and Method Using an IC Identification Card
US8620824B2 (en) Pin protection for portable payment devices
CN102222389A (en) Realization method and device of fingerprint comparison in financial IC (integrated circuit) card
EP3702991A1 (en) Mobile payments using multiple cryptographic protocols
CN102568097B (en) Method and system for improving safety of electronic wallets
CN102236607B (en) Data security protection method and data security protection device
US20110178903A1 (en) Personal identification number changing system and method
Mayes et al. Transport ticketing security and fraud controls
CN102546163A (en) Method for enhancing security of card
Markantonakis et al. Overview of security threats for smart cards in the public transport industry
Rantos et al. Analysis of potential vulnerabilities in payment terminals
CN117541244A (en) Quantum-safe digital currency visible radio frequency card device and payment method thereof
CN201592575U (en) Financial bill
Milosavljević Payment Cards Counterfeiting Methods and Pin Uncovering
Rihaczek TeleTrusT-OSIS and communication security
Nithyanand Securing plastic money using an rfid based protocol stack
Daza et al. SOLDI: Secure Off-Line Disposable CredIts to Secure Mobile Micro Payments
Kolapati CRYPTOGRAPHY & SECURITY
Manaf et al. Design an Improved Encrypting Key Pad Using AVR-ATXMEGA Microcontroller

Legal Events

Date Code Title Description
C06 Publication
PB01 Publication
C10 Entry into substantive examination
SE01 Entry into force of request for substantive examination
C14 Grant of patent or utility model
GR01 Patent grant