CN103065107B - A kind of noncontact swipe the card application implementation method and device - Google Patents

A kind of noncontact swipe the card application implementation method and device Download PDF

Info

Publication number
CN103065107B
CN103065107B CN201110322788.4A CN201110322788A CN103065107B CN 103065107 B CN103065107 B CN 103065107B CN 201110322788 A CN201110322788 A CN 201110322788A CN 103065107 B CN103065107 B CN 103065107B
Authority
CN
China
Prior art keywords
security module
card
noncontact
order
module
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Active
Application number
CN201110322788.4A
Other languages
Chinese (zh)
Other versions
CN103065107A (en
Inventor
乐祖晖
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
China Mobile Communications Group Co Ltd
Original Assignee
China Mobile Communications Group Co Ltd
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by China Mobile Communications Group Co Ltd filed Critical China Mobile Communications Group Co Ltd
Priority to CN201110322788.4A priority Critical patent/CN103065107B/en
Publication of CN103065107A publication Critical patent/CN103065107A/en
Application granted granted Critical
Publication of CN103065107B publication Critical patent/CN103065107B/en
Active legal-status Critical Current
Anticipated expiration legal-status Critical

Links

Landscapes

  • Mobile Radio Communication Systems (AREA)

Abstract

The invention discloses a kind of noncontact to swipe the card the implementation method of application and device, main technical schemes comprises: CLF module in NFC terminal receives noncontact and to swipe the card order, wherein carries the application identities of application of swiping the card; According to security module mark and the corresponding relation of application identities of the security module of preserving, security module corresponding to the application identities of carrying in order of determining to swipe the card with noncontact identifies; Order of noncontact being swiped the card is sent to and identifies corresponding security module with the security module determined and process.According to this technical scheme, the CLF module each security module built-in with NFC terminal is connected, and order of noncontact can being swiped the card according to the corresponding relation preserved is routed to corresponding security module processes, avoid and swipe the card and apply the security module supported owing to there is the security module that is effectively connected and noncontact with CLF module and do not mate and the problem of failure of swiping the card that causes, thus improve noncontact and to swipe the card the use success ratio applied.

Description

A kind of noncontact swipe the card application implementation method and device
Technical field
The present invention relates to communication technical field, particularly relate to a kind of noncontact swipe the card application implementation method and device.
Background technology
Along with noncontact is swiped the card the development of technology, the noncontact mode of swiping the card has possessed more and more contact that is better than and to have swiped the card the performance of mode, such as, noncontact is swiped the card in mode, between non-contact card with card-reading terminal, mechanical contacts, avoiding the various faults produced due to Mechanical Contact card-reading terminal, swiping the card in mode due to rough plug-in card, non-card foreign object insert, dust or greasy dirt enter the loose contact factors such as plug-in card region and cause Card Reader failure in contact as avoided.In addition, non-contact card is compared with contact card, and surface is without exposed module, and avoid the problems such as module comes off, electrostatic breakdown, bending damage, the dependability of card is higher.Therefore, non-contact card relies on its good performance and higher cost performance to be widely applied, and has been widely used in the every field such as public transport, medical treatment, all-in-one campus card, gate inhibition at present.
To swipe the card technology to utilize noncontact better, the mobile terminal that technology and application of noncontact having been swiped the card at present is popularized very much merges, this possesses mobile terminal and the NFC (NearFieldCommunication of noncontact function of swiping card, close range wireless communication) terminal, by built-in aerial and security module, by noncontact, technology of swiping the card is combined with mobile terminal NFC terminal, be subject to for user provides good use sense, wherein, security module can be SIM (SubscriberIdentityModule client identification module) card, SD (SecureDigitalMemoryCard, safe digital card), independently SE (Secure, safety) module etc.
NFC terminal can have three kinds of mode of operations, respectively: snap gauge simulation models, card reader pattern and ad hoc mode, the implementation of typical NFC terminal is divided into two classes at present: a class is CLF (ContactlessFronted, non-contact front-end) module is connected with single security module, and the another kind of CLF of being module is connected with each security module of terminal built-in simultaneously.Fig. 1 shows the structural representation that CLF module is connected with single security module, and as shown in Figure 1, the CLF module in NFC terminal is only connected with a security module, and this security module can be SIM card, SD or independently SE module etc.Fig. 2 shows the structural representation that CLF module is connected with each security module of terminal built-in simultaneously, and as shown in Figure 2, the CLF module in the NFC terminal simultaneously security module such as SIM card, SD and SE module built-in with NFC terminal is connected.
In the connected mode of the CLF module shown in Fig. 1 and security module, CLF module is only fixing to be connected with single security module, there is NFC terminal like this and introduce new security module or the security module that is connected with CLF module applies the unmatched situation of the security module supported with swiping the card, thus cause the noncontact of NFC terminal to swipe the card unsuccessfully.Such as, the CLF module in NFC terminal only with SE model calling, if insert SIM card in this NFC terminal, then the non-contact application in this SIM card cannot use.In the connected mode of the CLF module shown in Fig. 2 and security module, although the CLF module in NFC terminal can simultaneously with SE module, multiple security modules that the NFC terminal such as SIM card are supported are connected, but in actual applications, NFC terminal can only support that CLF module communicates with a security module in be connected each security module, state of activation is set to by the interface channel between CLF module and a security module in be connected each security module, all the other interface channels are set to dormant state, the interface channel being only in state of activation could normally use, there is the security module be connected with CLF module that NFC terminal introduces new security module or be set to state of activation so equally with swiping the card applies the unmatched situation of the security module supported, thus cause the noncontact of NFC terminal to swipe the card unsuccessfully.Such as, CLF module in NFC terminal is connected with SE module and SIM card, the interface channel of CLF module and SE module is set to state of activation, the interface channel of CLF module and SIM card is set to dormant state, then when the security module of non-contact application support is SIM card, then this application cannot use.
In sum, existing NFC terminal exist the NFC terminal caused for above-mentioned reasons cannot support noncontact swipe the card application situation, noncontact swipe the card application use success ratio low.
Summary of the invention
In view of this, the embodiment of the present invention provide a kind of noncontact swipe the card application implementation method and device, adopt this technical scheme, can improve noncontact swipe the card application use success ratio.
The embodiment of the present invention is achieved through the following technical solutions:
According to an aspect of the embodiment of the present invention, provide a kind of noncontact swipe the card application implementation method, comprising:
Non-contact front-end CLF module in close range wireless communication NFC terminal receives noncontact and to swipe the card order, and described noncontact is swiped the card and carried the application identities of application of swiping the card in order;
According to built-in the identify and the corresponding relation of application identities with the security module of the security module of described CLF model calling of the described NFC terminal of preserving, security module corresponding to the described application identities of carrying in order of determining to swipe the card with described noncontact identifies;
Order of described noncontact being swiped the card is sent to and identifies corresponding security module with the described security module determined and process.
According to another aspect of the embodiment of the present invention, additionally provide a kind of noncontact swipe the card application implement device, comprising:
Receiving element, to swipe the card order for receiving noncontact, and described noncontact is swiped the card and carried the application identities of application of swiping the card in order;
First storage unit, built-inly in close range wireless communication NFC terminal identifies the corresponding relation with application identities with the security module of the security module of non-contact front-end CLF model calling for preserving;
Security module mark determining unit, for the described corresponding relation preserved according to described first storage unit, security module corresponding to the described application identities of carrying in order of determining to swipe the card with described noncontact identifies;
Call allocation unit, the order of swiping the card of the noncontact for being received by described receiving element is sent to and identifies described security module that determining unit determines with described security module and identify corresponding security module and process.
By at least one technical scheme above-mentioned that the embodiment of the present invention provides, CLF module in NFC terminal receives noncontact and to swipe the card order, this noncontact is swiped the card and is carried the application identities of application of swiping the card in order, according to built-in the identify and the corresponding relation of application identities with the security module of the security module of CLF model calling of the NFC terminal of preserving, security module corresponding to the application identities of carrying in order of determining to swipe the card with this noncontact identifies, and order of noncontact being swiped the card is sent to and identifies corresponding security module with the security module determined and process.According to this technical scheme, the CLF module each security module built-in with NFC terminal is connected, and can according to the security module of preserving and the corresponding relation of application identities, order of noncontact being swiped the card is routed to corresponding security module and processes, avoid and swipe the card and apply the security module supported owing to there is the security module that is effectively connected and noncontact with CLF module and do not mate and the problem of failure of swiping the card that causes, thus improve noncontact and to swipe the card the use success ratio applied.
Other features and advantages of the present invention will be set forth in the following description, and, partly become apparent from instructions, or understand by implementing the present invention.Object of the present invention and other advantages realize by structure specifically noted in write instructions, claims and accompanying drawing and obtain.
Accompanying drawing explanation
Accompanying drawing is used to provide a further understanding of the present invention, and forms a part for instructions, is used from explanation the present invention, is not construed as limiting the invention with the embodiment of the present invention one.In the accompanying drawings:
Fig. 1 to swipe the card the schematic flow sheet of implementation method of application for noncontact that the embodiment of the present invention one provides;
The structural representation of the NFC terminal that Fig. 2 provides for the embodiment of the present invention one;
The schematic flow sheet of the preservation security module mark that Fig. 3 provides for the embodiment of the present invention one and the corresponding relation of application identities;
What Fig. 4 provided for the embodiment of the present invention one determines to process this noncontact by the mode of broadcast and to swipe the card the schematic flow sheet of security module of order;
The schematic diagram of CLF module and security module connection status in the NFC terminal that Fig. 5 provides for the embodiment of the present invention one;
The CLF module that Fig. 6 provides for the embodiment of the present invention one is preserved for identifying the schematic flow sheet that the interface channel state of described CLF module and security module is the information of opening or closing;
The schematic flow sheet verified based on the transmit leg of symmetric key mechanisms to indication information that Fig. 7 provides for the embodiment of the present invention one;
The schematic flow sheet verified based on the transmit leg of asymmetric key mechanisms to indication information that Fig. 8 provides for the embodiment of the present invention one;
Fig. 9 to swipe the card the application scenarios schematic diagram of application for noncontact that the embodiment of the present invention two provides;
The schematic flow sheet of the application of swiping the card based on the Scene realization noncontact shown in Fig. 9 that Figure 10 provides for the embodiment of the present invention two;
Figure 11 to swipe the card the structural representation of implement device of application for a kind of noncontact that the embodiment of the present invention three provides;
Figure 12 to swipe the card the structural representation of implement device of application for another noncontact that the embodiment of the present invention three provides.
Embodiment
Improve noncontact to swipe the card the implementation of use success ratio of application to provide, embodiments provide a kind of noncontact swipe the card application implementation method and device, below in conjunction with Figure of description, the preferred embodiments of the present invention are described, be to be understood that, preferred embodiment described herein, only for instruction and explanation of the present invention, is not intended to limit the present invention.And when not conflicting, the embodiment in the application and the feature in embodiment can combine mutually.
Embodiment one
The embodiment of the present invention one provide a kind of noncontact swipe the card application implementation method, this implementation method can be applied in NFC terminal, specifically can realize in the CLF module in NFC terminal, by realizing the method in CLF module, can realize noncontact swipe the card application automatic route, thus improve noncontact swipe the card application use success ratio.
The noncontact that Fig. 1 shows the embodiment of the present invention one to be provided is swiped the card the schematic flow sheet of implementation method of application, and as shown in Figure 1, the method mainly comprises the steps:
CLF module in step 101, NFC terminal receives noncontact and to swipe the card order, and this noncontact is swiped the card and carried the application identities of application of swiping the card in order.
Step 102, CLF module are according to the security module mark of preserving and the corresponding relation of application identities, and security module corresponding to the application identities of carrying in order of determining to swipe the card with this noncontact identifies.
In this step 102, the security module of preservation be designated NFC terminal built-in with the mark of the security module of CLF model calling.
The order of the noncontact of reception being swiped the card of step 103, CLF module is sent to and identifies corresponding security module with the security module determined and process.
So far, noncontact swipe the card application realization flow terminate.
According to above-mentioned flow process, the CLF module each security module built-in with NFC terminal is connected, and can according to the security module of preserving and the corresponding relation of application identities, order of noncontact being swiped the card is routed to corresponding security module and processes, avoid and swipe the card and apply the security module supported owing to there is the security module that is effectively connected and noncontact with CLF module and do not mate and the problem of failure of swiping the card that causes, thus improve noncontact and to swipe the card the use success ratio applied.
NFC terminal involved in the embodiment of the present invention one comprises CLF module and at least one security module, this CLF module is connected with antenna adapter, CPU (central processing unit) and each security module respectively, in practical application, the structural representation of this NFC terminal can be as shown in Figure 2, all kinds of security modules that CLF module and this NFC comprise are connected (note: schematically provide CLF module in figure and be connected with SD, SE and SIM card, NFC terminal can select kind and the quantity of the security module be connected with CLF module according to actual needs).The application obtained can be write the security module corresponding with this application by CLF module by CLF module and CPU, CPU by each security module, and this CLF module application data can carry out format conversion as required.Preferably, all kinds of security module also can directly be connected with the CPU of NFC terminal, and this CPU can obtain application and by the application write that obtains with its connection and in the security module corresponding with this application, thus without the need to through CLF module converts.
In the technique scheme that the embodiment of the present invention one provides, the corresponding relation of security module mark and application identities is saved in CLF module, particularly, this corresponding relation can be preserved after CPU is by application write security module, the process of the corresponding relation of this preservation security module mark and application identities as shown in Figure 3, mainly comprises the steps:
After step 301, CPU get the application data of application, determine the security module of this application correspondence.
In this step 301, the security module of application correspondence can be specified by the provider of this application, also can be specified by user, and same application can be written into multiple security module.
This application, according to the connected mode with each security module, is written in the security module of this application correspondence determined by step 302, CPU.
In this step 302, CPU can for being directly connected with security module or being connected with security module by CLF module with the connected mode of each security module, if be directly connected with security module, then directly by this connection, this application data is write the security module corresponding with this application, if be connected with security module by CLF module, then by CLF module, this application data is write the security module corresponding with this application.Further, if the security module corresponding with application determined is multiple, then need this application to write respectively in the plurality of security module.
The corresponding relation that the security module of the security module that step 303, the application identities of preserving this application and this application are written into identifies.
This step 302 also can step 301 determine with apply corresponding security module after perform, the corresponding relation that the application identities of namely preserving this application identifies with the security module of the security module corresponding with this application determined.
So far, preserve security module mark to terminate with the flow process of the corresponding relation of application identities.
By the flow process that Fig. 3 is corresponding, the corresponding relation (this corresponding relation can be called routing table) of security module mark and application identities can be preserved in CLF module, particularly, CLF module preserve security module mark with can in the mode of list during the corresponding relation of application identities, as shown in table 1 below:
Table 1
Application identities Security module identifies
0xD1560001018003800000000100000001 SE
0xD1560001018003800000000100000002 SIM
0xD1560001018003800000000200000003 SD
The corresponding relation that the application identities of preserving according to upper table 1 and security module identify, application identities is the corresponding security module SE of application of " 0xD1560001018003800000000100000001 ", application identities is the corresponding security module SIM of application of " 0xD1560001018003800000000100000002 ", and application identities is the corresponding security module SD of application of " 0xD1560001018003800000000100000003 ".
The embodiment of the present invention one further provides the specific implementation process of the step 103 that the corresponding flow process of Fig. 1 comprises, namely the order of the noncontact of reception being swiped the card of CLF module is sent to the detailed process identifying corresponding security module with the security module determined and carry out processing, and this process comprises:
Step 102 determine with this noncontact swipe the card security module corresponding to the application identities of carrying in order be designated one time, then the security module that direct order of this noncontact being swiped the card is sent to the security module mark determined corresponding processes;
Step 102 determine with this noncontact swipe the card security module corresponding to the application identities of carrying in order be designated two or more time, then the security module that order of this noncontact being swiped the card is sent to the highest security module mark of the security module mark medium priority determined corresponding processes.Wherein, the priority of security module mark can be specified by the provider applied in advance, also can be specified by user, the precedence information of this security module mark can identify with security module and the corresponding relation of application identities is preserved in the lump, such as, the security module of corresponding limit priority mark is set to default, when the corresponding multiple security module mark of same application identities, the security module selecting to be set to default security module mark correspondence is the security module mark processing application corresponding to this application identities, generally, one is only had to be set to default in multiple security module marks that same application identities is corresponding, and the application identities in same security module does not allow repetition.Such as, electronic wallet application (application AID is 0xD1560001018003800000000100000000) is preset in SE and SIM card, and the electronic wallet application wherein on SE is default application, shown in table 2 specific as follows:
Table 2
Application identities Security module identifies Whether default application
0xD1560001018003800000000100000000 SE Be
0xD1560001018003800000000100000000 SIM card No
According to the corresponding relation that upper table 1 is preserved, application identities is that the electronic wallet application of " 0xD1560001018003800000000100000000 " can simultaneously in security module SE and security module SIM card, but be only set to default on security module SE, therefore, have during subsequent applications this electronic wallet application swipe the card order time, this order can be routed to SE process, unless the interface channel between CLF module and SE is closed.
In the above-mentioned flow process that Fig. 1 that the embodiment of the present invention one provides is corresponding, if the determination result of above-mentioned steps 102 is: according to the corresponding relation preserved, CLF module does not determine that security module corresponding to the application identities of carrying in order of swiping the card with this noncontact identifies, then in order to improve the use success ratio that noncontact is swiped the card, CLF module can be determined to process this noncontact further by the mode of broadcast and to swipe the card the security module of order, this process is concrete as shown in Figure 4, mainly comprises the steps:
Step 401, CLF module are broadcasted this noncontact to connected each security module that this NFC terminal is built-in and to be swiped the card order.
In this step 401, CLF module can send this noncontact to connected all security modules and to swipe the card order, and object is to determine can to this security module applied and process of swiping the card.
Step 402, CLF module receive the information for identifying application corresponding to the application identities supporting this noncontact to swipe the card to carry in order of security module feedback.
In this step 402, security module is after order is swiped the card in the noncontact receiving the transmission of CLF module, obtain the application identities that this noncontact is swiped the card in order, if security module determines the application self supporting that this application identities is corresponding, then support the information of this application to CLF module feedback for identifying, if do not support, then without the need to feedback.Wherein, the form for the information identifying the application supporting this application identities that security module sends can pre-determine, such as, in order to reduce transinformation, set can be established to represent support, " 0 " representative is not supported, can determine this information format flexibly, will not enumerate herein in practical application.
Step 403, CLF module indication feedback process this noncontact order of swiping the card for identifying a security module supporting this noncontact to swipe the card in the security module of the application identities of carrying in order.
In this step 403, support that the swipe the card security module of the application identities of carrying in order of this noncontact is multiple if fed back for identifying, then CLF module can go out a security module and processes this noncontact order of swiping the card according to the rules selection preset.
So far, determine to process the swipe the card flow process of security module of order of this noncontact by the mode of broadcast to terminate.
By the flow process that Fig. 4 is corresponding, even if the corresponding relation preserved according to CLF module does not determine the application identities of carrying in order of swiping the card with this noncontact, corresponding security module identifies, CLF module also can be determined and can be swiped the card the security module that order processes to this noncontact by broadcast mode, thus ensure that noncontact is swiped the card the use success ratio of application.
Further, if the corresponding relation preserved according to CLF module does not determine the application identities of carrying in order of swiping the card with this noncontact, corresponding security module identifies, the corresponding relation that CLF module is not preserved this application identities and security module and identified then is described, in the case, the determination result of the security module that order processes of can swiping the card to this noncontact that CLF module can be determined according to this broadcast further, the corresponding relation that the application identities of preserving and security module identify is upgraded, particularly, after above-mentioned steps 402, namely CLF module receive security module feedback for identify application corresponding to the application identities supporting this noncontact to swipe the card to carry in order information after, CLF module can be preserved respectively to have fed back and be supported that swipe the card security module mark and this noncontact of security module of the application identities of carrying in order of this noncontact is swiped the card the corresponding relation of the described application identities of carrying in order for identifying, thus follow-up have the noncontact comprising this application identities swipe the card order time, directly can determine according to the corresponding relation preserved and this noncontact is swiped the card the security module that order processes, thus improve efficiency of swiping the card.
The noncontact that the embodiment of the present invention one provides is swiped the card in the implementation method of application, in order to improve the control to NFC terminal, can also control the connection status of CLF module and each security module in NFC terminal.Fig. 5 shows the schematic diagram of CLF module and security module connection status in this NFC terminal, as shown in Figure 5, this CLF module comprises controller, security module the control CLF module sent and the order setting security module interface channel closure or openness that this controller comprises for receiving safety equipment.In practical application, the interface channel of CLF module and each security module can arrange switch, if when controller receives the order that control CLF module opens with setting security module interface channel, this switch can be closed, now this interface channel is effective, can communicate; If when control CLF module is closed with setting security module interface channel, can open this switch, now this interface channel is invalid, cannot communicate.Be to be understood that, the mode with the interface channel of switch control rule CLF module and security module described herein is only and realizes a kind of implementation of the present invention, in practical application, can have multiple control modes, as arranged the significance bit etc. of interface channel, will not enumerate herein.And, in practical application, the equipment that safety equipment shown in Fig. 5 can provide application provider or NFC terminal operator, namely these safety equipment are independent of NFC terminal, for applying provider or NFC terminal operator manages application, these safety equipment also can be built in NFC terminal inside, are controlled by user, control so that user carries out management to self NFC terminal.
Fig. 6 shows CLF module and preserves for identifying the schematic flow sheet that the interface channel state of described CLF module and security module is the information of opening or closing, and as shown in Figure 6, this process mainly comprises the steps:
Step 601, CLF module receive the indication information that the interface channel of security module was opened or closed and set in instruction, carry the security module mark of described setting security module in this indication information.
In this step 601, this indication information can be sent by the security module of the safety equipment shown in Fig. 5.
Step 602, the transmit leg of CLF module to this indication information are verified, and after being verified, the interface channel controlling to identify with the security module of carrying in this indication information corresponding security module according to this indication information is opened or closed.
It is the information of opening or closing that step 603, CLF module are preserved for identifying the interface channel state of CLF module and this security module.
So far, CLF module is preserved for identifying the interface channel state of described CLF module and security module is that the flow process of the information of opening or closing terminates.
In the above-mentioned steps 602 that the corresponding flow process of Fig. 6 comprises, CLF module is carried out checking to the transmit leg of indication information and based on the authentication mechanism such as symmetric key mechanisms, asymmetric key mechanisms, can be specifically described below for the flow process based on symmetric key mechanisms, asymmetric key mechanisms checking.
One, verify based on the transmit leg of symmetric key mechanisms to indication information
Fig. 7 shows the schematic flow sheet verified based on the transmit leg of symmetric key mechanisms to indication information, and particularly, in CLF module, mark, the sub-key KEYSUB of preset CLF module, preserve root key KEYROOT in the security module of safety equipment.As shown in Figure 7, this checking flow process mainly comprises:
Step 1, security module send the order (GetID order) of the mark obtaining CLF module to CLF module;
Step 2, CLF CMOS macro cell random parameter RAND 1;
Step 3, CLF module return response message (Response) to security module, carry the mark of RAND1 and the CLF module of generation in this response message;
Step 4, security module generate RAND2, utilize the mark of KEYROOT to CLF module to be encrypted and generate KEYSUB, utilize KEYSUB to be encrypted session key generation KEYSession to RAND1||RAND2, and utilize KEYSession to carry out process generation MAC1 to interface channel unlatching or closedown (Open/CloseChannel) order body;
Step 5, security module send Open/CloseChannel order to CLF module, this order gathers and comprises: the security module mark information such as (ChannelID), RAND2, MAC1, opens or close the interface channel of certain CLF module security module corresponding with this ChannelID in order to instruction;
After step 6, CLF module receive Open/CloseChannel order, KEYSUB is utilized to be encrypted session key generation KEYSession to RAND1||RAND2, utilize KEYSession to carry out process to Open/CloseChannel order body and generate MAC2, then MAC1 and MAC2 is compared, if MAC1 and MAC2 is equal, opens according to instruction or close the appointment interface channel of CLF module and security module, otherwise returning error message;
Step 7, CLF module return to security module and perform response message (Response).
So far, the flow process verified based on the transmit leg of symmetric key mechanisms to indication information terminates.
Two, verify based on the transmit leg of asymmetric key mechanisms to indication information
Fig. 8 shows the schematic flow sheet verified based on the transmit leg of asymmetric key mechanisms to indication information, particularly, in CLF module, the mark of preset publisher's certificate (containing publisher's PKI) or publisher's PKI KEYPUB, CLF module, preserves publisher's private key KEYPRIVATE in security module.As described in Figure 8, this proof procedure mainly comprises the steps:
Step 1, security module send the order (GetID order) of the mark obtaining CLF module to CLF module;
Step 2, CLF CMOS macro cell random parameter RAND 1;
Step 3, CLF module return response message (Response) to security module, carry the mark ID of RAND1, CLF module of generation in this response message;
Step 4, security module generate RAND2, utilize the cryptographic hash of KEYPRIVATE to interface channel unlatching or closedown (Open/CloseChannel) order body to be encrypted generation signature MAC1;
Step 5, safety equipment send Open/CloseChannel order to CLF module, this order comprises information such as security module mark (ChannelID), RAND1, RAND2, MAC1 etc., in order to the interface channel of On/Off CLF module security module corresponding to ChannelID;
After step 6, CLF module receive Open/CloseChannel order, KEYPUB is utilized to be decrypted MAC1, the cryptographic hash of calculation command body, compare with decrypted result, if both are equal, according to the appointment interface channel of instruction On/Off CLF module and security module, otherwise return error message;
Step 7, CLF module return to safety equipment and perform response message (Response).
So far, the flow process verified based on the transmit leg of asymmetric key mechanisms to indication information terminates.
According to above-mentioned processing procedure, can control flexibly the closure or openness of the interface channel of CLF module and security module, thus improve the efficiency of management to security module and application of swiping the card.
Based on above-mentioned processing procedure, the CLF module interface channel state saved for identifying CLF module and security module is the information of opening or closing, particularly, the CLF module interface channel state saved for identifying CLF module and security module is that the information of opening or closing can identify with security module and the corresponding relation of application identities is preserved in the lump, such as, as shown in table 3 below:
Table 3
Application identities Security module identifies Interface channel state
0xD1560001018003800000000100000001 SE Open
0xD1560001018003800000000100000002 SIM Open
0xD1560001018003800000000200000003 SD Close
According to the content that table 3 is preserved, the interface channel between CLF module and security module SE and security module SIM card is in opening, and namely available, the interface channel between CLF module and security module SD is in closed condition, namely unavailable.
According to said process, if close the link between CLF module and certain security module, then in the corresponding relation (or being called order routing table) preserved, " the interface channel state " with this security module relevant entries is marked and be set to " closedown ", if certain (or the some) application in this security module is default application, then user needs to select default application from the remaining list item of order routing table, if the list item do not satisfied condition, does not perform this step.If open the link between CLF module and certain security module, then in order routing table, " the interface channel state " with this security module relevant entries is marked and be set to " unlatching ", if certain (or some) application identities does not have default application in order routing table in these list items, user needs to select default application, if the list item do not satisfied condition, does not perform this step.
In order to ensure that security module can successfully process noncontact order of swiping the card, before the step 103 that the corresponding flow process of execution Fig. 1 comprises, namely be sent to identify with the security module determined before corresponding security module processes in noncontact the swiped the card order of CLF module, also perform following process further:
Is the information of opening or closing according to preservation for identifying the interface channel state of CLF module and security module, and from the security module that the security module mark determined is corresponding, select interface channel state is the security module of opening;
So, correspondingly, above-mentioned steps 103 is when performing, namely the order of noncontact being swiped the card of CLF module is sent to and identifies corresponding security module with the security module determined and process, and it is that the security module of opening processes that order of specifically this noncontact being swiped the card is sent to the interface channel state selected.
The technique scheme that the embodiment of the present invention provides can also be supported to swipe the card the dynamic installation of application and deletion, that is:
If dynamically install application in security module, after then applying successful installation, need the information of this application to add in order routing table, if the security module residing for this application and the link between CLF module are in opening, also need to determine whether the application of newly installing is set to default application;
If dynamically delete application in security module, then application is deleted successfully, the information of this application is needed to delete from order routing table, if this application is default application, then user needs to select default application from the remaining list item of order routing table, if the list item do not satisfied condition, does not perform this step.
Embodiment two
The noncontact that the embodiment of the present invention two provides above-described embodiment one to be provided swipe the card application a specific implementation process.
Fig. 9 show this noncontact swipe the card application application scenarios schematic diagram, as shown in Figure 9, noncontact POS/realize communicating by CLF module between read head with security module, noncontact POS/communicate can order with APDU (ApplicationProtocolDataUnit, Application Protocol Data Unit) between read head and security module.
Figure 10 show based on the Scene realization noncontact shown in Fig. 9 swipe the card application schematic flow sheet, as shown in Figure 10, mainly comprise the steps:
Step 1001, noncontact POS/read head sends application choice order to NFC terminal, and this order comprises the application identities (AID) of application;
After step 1002, CLF module receive application choice order, search in order routing table (corresponding relation that the application identities of namely preserving and security module identify) according to the AID wherein comprised;
Step 1003, CLF module judge whether to find the list item (namely corresponding with this AID security module identifies) mated with this AID, if find the list item of coupling, then continue to perform step 1004; The list item mated if do not find, skips to step 1006;
If step 1004 finds the list item of AID coupling, CLF module judges whether this list item is default application, if skip to step 1009; If the list item found is not default application, then perform step 1005;
Step 1005, CLF module continue to search in order routing table, and return step 1003;
The security module that step 1006, CLF module are in opening to all interface channels forwards application choice order;
Step 1007, CLF module judge whether to receive correct response (namely whether receiving the message for identifying application corresponding to this AID of support of security module feedback), if the security module being in opening all returns miscue (namely apply and do not find), CLF module returns application to noncontact POS/read head and does not find response, and flow process terminates; Otherwise continue to perform step 1008;
If the security module that step 1008 certain (or some) is in opening returns correct response, CLF module lists all application satisfied condition, select default application by user, all application messages add in order routing table by CLF module, and arrange default application;
Step 1009, CLF module select default application from order routing table;
Subsequent commands is routed to this application by step 1010, CLF module, until closing the transaction or receive new application choice order.
So far, flow process terminates.
Embodiment three
Corresponding with the flow process that above-described embodiment one and embodiment two provide, the embodiment of the present invention three provide a kind of noncontact swipe the card application implement device, as shown in figure 11, this device comprises:
Receiving element 1101, first storage unit 1102, security module mark determining unit 1103 and call allocation unit 1104;
Wherein:
Receiving element 1101, to swipe the card order for receiving noncontact, and noncontact is swiped the card and carried the application identities of application of swiping the card in order;
First storage unit 1102, built-inly in close range wireless communication NFC terminal identifies the corresponding relation with application identities with the security module of the security module of non-contact front-end CLF model calling for preserving;
Security module mark determining unit 1103, for the corresponding relation preserved according to the first storage unit 1102, security module corresponding to the application identities of carrying in order of determining to swipe the card with noncontact identifies;
Call allocation unit 1104, the order of swiping the card of the noncontact for being received by receiving element 1101 is sent to and identifies security module that determining unit 1103 determines with security module and identify corresponding security module and process.
In the preferred implementation that the embodiment of the present invention three provides, the call allocation unit 1104 that Figure 11 shown device comprises, during specifically for being designated one in the security module determined, the security module that order of directly noncontact being swiped the card is sent to the security module mark correspondence determined processes; When the security module determined is designated two or more, the security module that order of noncontact being swiped the card is sent to the highest security module mark of the security module mark medium priority determined corresponding processes.
In the preferred implementation that the embodiment of the present invention three provides, the call allocation unit 1101 that Figure 11 shown device comprises, time also for not determining that at the corresponding relation preserved according to the first storage unit 1102 security module corresponding to the application identities of carrying in order of swiping the card with noncontact identifies, to built-in the broadcasting noncontact with each security module of CLF model calling and to swipe the card order of NFC terminal, and indication feedback processes noncontact order of swiping the card for identifying a security module supporting noncontact to swipe the card in the security module of the application identities of carrying in order.
In the preferred implementation that the embodiment of the present invention three provides, the first storage unit 1102 that Figure 11 shown device comprises, also in each security module of CLF model calling broadcast noncontact swipe the card order after built-in to NFC terminal of call allocation unit, preserve respectively to have fed back and support that swipe the card security module mark and the noncontact of security module of the application identities of carrying in order of noncontact is swiped the card the corresponding relation of the application identities of carrying in order for identifying.
As shown in figure 12, in the preferred implementation that the embodiment of the present invention three provides, Figure 11 shown device can further include:
Second storage unit 1105 is the information of opening or closing for the interface channel state of preserving for identifying CLF module and security module;
Correspondingly, security module selection unit 1103, being sent to for order of noncontact being swiped the card at call allocation unit 1104 to identify before corresponding security module processes with the security module determined, is the information of opening or closing according to the second storage unit 1105 preservation for identifying the interface channel state of CLF module and security module, and from the security module that the security module mark determined is corresponding, select interface channel state is the security module of opening;
Call allocation unit 1104, being sent to the interface channel state selected specifically for order of noncontact being swiped the card is that the security module of opening processes.
In the preferred implementation that the embodiment of the present invention three provides, the second storage unit 1105 that Figure 12 shown device comprises, opening or closing and setting the indication information of the interface channel of security module specifically for receiving instruction, in indication information, carrying the security module mark of setting security module; And after the sender authentication of indication information is passed through, the interface channel controlling to identify with the security module of carrying in indication information corresponding security module according to indication information is opened or is closed, and preservation is the information of opening or closing for identifying the interface channel state of CLF module and security module.
Should be appreciated that the swipe the card unit that comprises of implement device of application of above noncontact is only the logical partitioning that the function that realizes according to this terminal carries out, in practical application, superposition or the fractionation of said units can be carried out.The implementation method flow process one_to_one corresponding applied and the function that the implement device that application is swiped the card in the noncontact that this embodiment provides realizes and the noncontact that above-described embodiment provides are swiped the card, for the treatment scheme specifically that this device realizes, be described in detail in said method embodiment, be not described in detail herein.
Further, the noncontact in the present embodiment three swipe the card application implement device also there is the functional module that can realize embodiment one and embodiment two scheme, repeat no more herein.
By at least one technical scheme above-mentioned that the embodiment of the present invention provides, CLF module in NFC terminal receives noncontact and to swipe the card order, this noncontact is swiped the card and is carried the application identities of application of swiping the card in order, according to built-in the identify and the corresponding relation of application identities with the security module of the security module of CLF model calling of the NFC terminal of preserving, security module corresponding to the application identities of carrying in order of determining to swipe the card with this noncontact identifies, and order of noncontact being swiped the card is sent to and identifies corresponding security module with the security module determined and process.According to this technical scheme, the CLF module each security module built-in with NFC terminal is connected, and can according to the security module of preserving and the corresponding relation of application identities, order of noncontact being swiped the card is routed to corresponding security module and processes, avoid and swipe the card and apply the security module supported owing to there is the security module that is effectively connected and noncontact with CLF module and do not mate and the problem of failure of swiping the card that causes, thus improve noncontact and to swipe the card the use success ratio applied.
Although described the preferred embodiment of the application, those skilled in the art once obtain the basic creative concept of cicada, then can make other change and amendment to these embodiments.So claims are intended to be interpreted as comprising preferred embodiment and falling into all changes and the amendment of the application's scope.
Obviously, those skilled in the art can carry out various change and modification to the present invention and not depart from the spirit and scope of the present invention.Like this, if these amendments of the present invention and modification belong within the scope of the claims in the present invention and equivalent technologies thereof, then the present invention is also intended to comprise these change and modification.

Claims (10)

1. noncontact swipe the card application an implementation method, it is characterized in that, comprising:
Non-contact front-end CLF module in close range wireless communication NFC terminal receives noncontact and to swipe the card order, and described noncontact is swiped the card and carried the application identities of application of swiping the card in order;
According to built-in the identify and the corresponding relation of application identities with the security module of the security module of described CLF model calling of the described NFC terminal of preserving, security module corresponding to the described application identities of carrying in order of determining to swipe the card with described noncontact identifies;
Order of described noncontact being swiped the card is sent to and identifies corresponding security module with the described security module determined and process;
If do not determine that security module corresponding to the described application identities of carrying in order of swiping the card with described noncontact identifies according to the described corresponding relation preserved, described method also comprises:
To built-in the broadcasting described noncontact with each security module of described CLF model calling and to swipe the card order of described NFC terminal;
And indication feedback processes described noncontact order of swiping the card for identifying security module supporting described noncontact to swipe the card in the security module of the described application identities of carrying in order.
2. the method for claim 1, is characterized in that, order of described noncontact being swiped the card is sent to and identifies corresponding security module with the described security module determined and process, and comprising:
When the described security module determined is designated one, the security module that order of directly described noncontact being swiped the card is sent to the described security module mark correspondence determined processes;
When the described security module determined is designated two or more, the security module that order of described noncontact being swiped the card is sent to the highest security module mark of the described security module mark medium priority determined corresponding processes.
3. the method for claim 1, is characterized in that, to built-in the broadcasting described noncontact with each security module of described CLF model calling and swipe the card after order of described NFC terminal, also comprises:
Preserve respectively to have fed back and support that swipe the card security module mark and the described noncontact of security module of the described application identities of carrying in order of described noncontact is swiped the card the corresponding relation of the described application identities of carrying in order for identifying.
4. the method for claim 1, is characterized in that, order of described noncontact being swiped the card is sent to and identifies with the described security module determined before corresponding security module processes, and also comprises:
Is the information of opening or closing according to preservation for identifying the interface channel state of described CLF module and security module, and from the security module that the described security module mark determined is corresponding, select interface channel state is the security module of opening;
Order of described noncontact being swiped the card is sent to and identifies corresponding security module with the described security module determined and process, and comprising:
It is that the security module of opening processes that order of described noncontact being swiped the card is sent to the interface channel state selected.
5. method as claimed in claim 4, it is characterized in that, the interface channel state of preserving for identifying described CLF module and security module is the mode of the information of opening or closing, and comprising:
Receive the indication information that the interface channel of security module was opened or closed and set in instruction, in described indication information, carry the security module mark of described setting security module;
After the sender authentication of described indication information is passed through, the interface channel controlling to identify with the described security module of carrying in described indication information corresponding security module according to described indication information is opened or is closed, and preservation is the information of opening or closing for identifying the interface channel state of described CLF module and described security module.
6. noncontact swipe the card application an implement device, it is characterized in that, comprising:
Receiving element, to swipe the card order for receiving noncontact, and described noncontact is swiped the card and carried the application identities of application of swiping the card in order;
First storage unit, built-inly in close range wireless communication NFC terminal identifies the corresponding relation with application identities with the security module of the security module of non-contact front-end CLF model calling for preserving;
Security module mark determining unit, for the described corresponding relation preserved according to described first storage unit, security module corresponding to the described application identities of carrying in order of determining to swipe the card with described noncontact identifies;
Call allocation unit, the order of swiping the card of the noncontact for being received by described receiving element is sent to and identifies described security module that determining unit determines with described security module and identify corresponding security module and process;
Described call allocation unit, time also for not determining that at the described corresponding relation preserved according to described first storage unit security module corresponding to the described application identities of carrying in order of swiping the card with described noncontact identifies, to built-in the broadcasting described noncontact with each security module of described CLF model calling and to swipe the card order of described NFC terminal, and indication feedback processes described noncontact order of swiping the card for identifying a security module supporting described noncontact to swipe the card in the security module of the described application identities of carrying in order.
7. device as claimed in claim 6, it is characterized in that, described call allocation unit, during specifically for being designated one in the described security module determined, the security module that order of directly described noncontact being swiped the card is sent to the described security module mark correspondence determined processes; When the described security module determined is designated two or more, the security module that order of described noncontact being swiped the card is sent to the highest security module mark of the described security module mark medium priority determined corresponding processes.
8. device as claimed in claim 6, it is characterized in that, described first storage unit, also in each security module of described CLF model calling broadcast described noncontact swipe the card order after built-in to described NFC terminal of described call allocation unit, preserve respectively to have fed back and support that swipe the card security module mark and the described noncontact of security module of the described application identities of carrying in order of described noncontact is swiped the card the corresponding relation of the described application identities of carrying in order for identifying.
9. device as claimed in claim 6, is characterized in that, also comprise:
Second storage unit is the information of opening or closing for the interface channel state of preserving for identifying described CLF module and security module;
Security module selection unit, being sent to for order of described noncontact being swiped the card at described call allocation unit to identify before corresponding security module processes with the described security module determined, is the information of opening or closing according to described second storage unit preservation for identifying the interface channel state of described CLF module and security module, and from the security module that the described security module mark determined is corresponding, select interface channel state is the security module of opening;
Described call allocation unit, being sent to the interface channel state selected specifically for order of described noncontact being swiped the card is that the security module of opening processes.
10. device as claimed in claim 9, it is characterized in that, described second storage unit, opens or closes specifically for receiving instruction and set the indication information of the interface channel of security module, carries the security module mark of described setting security module in described indication information; And after the sender authentication of described indication information is passed through, the interface channel controlling to identify with the described security module of carrying in described indication information corresponding security module according to described indication information is opened or is closed, and preservation is the information of opening or closing for identifying the interface channel state of described CLF module and described security module.
CN201110322788.4A 2011-10-21 2011-10-21 A kind of noncontact swipe the card application implementation method and device Active CN103065107B (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
CN201110322788.4A CN103065107B (en) 2011-10-21 2011-10-21 A kind of noncontact swipe the card application implementation method and device

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
CN201110322788.4A CN103065107B (en) 2011-10-21 2011-10-21 A kind of noncontact swipe the card application implementation method and device

Publications (2)

Publication Number Publication Date
CN103065107A CN103065107A (en) 2013-04-24
CN103065107B true CN103065107B (en) 2015-12-02

Family

ID=48107733

Family Applications (1)

Application Number Title Priority Date Filing Date
CN201110322788.4A Active CN103065107B (en) 2011-10-21 2011-10-21 A kind of noncontact swipe the card application implementation method and device

Country Status (1)

Country Link
CN (1) CN103065107B (en)

Families Citing this family (15)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN104426572A (en) * 2013-09-11 2015-03-18 中兴通讯股份有限公司 Method and system for multiplexing radio-frequency front end
CN104753550B (en) * 2013-12-30 2017-06-20 中国移动通信集团公司 A kind of wireless communication terminal and data processing method
CN104166917B (en) * 2014-07-31 2018-05-15 宇龙计算机通信科技(深圳)有限公司 The Notification Method and system of NFC transaction events
WO2016049852A1 (en) * 2014-09-30 2016-04-07 华为技术有限公司 Information processing method and nfc terminal
CN105682074B (en) * 2014-11-20 2018-12-28 中国移动通信集团公司 A kind of update method and device of the application identities AID based on HCE application
CN105472546B (en) * 2015-12-31 2019-05-24 华为技术有限公司 Near field communication method and mobile terminal
CN107239469B (en) * 2016-03-29 2022-01-28 中兴通讯股份有限公司 Routing information query method and device
CN105933036B (en) * 2016-04-20 2019-06-14 Oppo广东移动通信有限公司 A kind of NFC communication device and method
WO2017201682A1 (en) * 2016-05-25 2017-11-30 华为技术有限公司 Routing configuration method and apparatus for non-contact application
CN106685485B (en) * 2016-12-30 2020-08-14 宇龙计算机通信科技(深圳)有限公司 Signal processing method and device based on Near Field Communication (NFC)
CN107911319B (en) * 2017-11-22 2021-05-11 中兴通讯股份有限公司 Routing method of multiple security modules, NFC controller and NFC equipment
WO2020088318A1 (en) 2018-11-01 2020-05-07 华为技术有限公司 Automatic activation method for nfc application, and terminal
CN111124503B (en) * 2018-11-01 2021-09-14 华为终端有限公司 Automatic activation method of NFC application and terminal
CN111107525B (en) 2019-04-26 2022-01-14 华为技术有限公司 Automatic routing method of SE (secure element) and electronic equipment
CN110191054B (en) * 2019-05-06 2021-07-13 Oppo广东移动通信有限公司 Route processing method and device, storage medium and electronic equipment

Citations (5)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN101241541A (en) * 2008-02-27 2008-08-13 上海复旦微电子股份有限公司 Device and method suitable for NFC terminal for storing, substituting and accessing application data
WO2010102488A1 (en) * 2009-03-11 2010-09-16 中兴通讯股份有限公司 Method and terminal realizing apply selection in non-contract electronic payment
CN101866463A (en) * 2009-04-14 2010-10-20 中兴通讯股份有限公司 eNFC terminal, eNFC intelligent card and communication method thereof
CN101944225A (en) * 2009-07-06 2011-01-12 中国移动通信集团公司 Method for subscribing and checking electronic ticket and relevant system
CN102064856A (en) * 2010-10-27 2011-05-18 上海复旦微电子股份有限公司 Method and device for transmitting data

Patent Citations (5)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN101241541A (en) * 2008-02-27 2008-08-13 上海复旦微电子股份有限公司 Device and method suitable for NFC terminal for storing, substituting and accessing application data
WO2010102488A1 (en) * 2009-03-11 2010-09-16 中兴通讯股份有限公司 Method and terminal realizing apply selection in non-contract electronic payment
CN101866463A (en) * 2009-04-14 2010-10-20 中兴通讯股份有限公司 eNFC terminal, eNFC intelligent card and communication method thereof
CN101944225A (en) * 2009-07-06 2011-01-12 中国移动通信集团公司 Method for subscribing and checking electronic ticket and relevant system
CN102064856A (en) * 2010-10-27 2011-05-18 上海复旦微电子股份有限公司 Method and device for transmitting data

Also Published As

Publication number Publication date
CN103065107A (en) 2013-04-24

Similar Documents

Publication Publication Date Title
CN103065107B (en) A kind of noncontact swipe the card application implementation method and device
EP3116161B1 (en) Security unit management method and terminal
US8485449B2 (en) Method, system and smart card reader for management of access to a smart card
US8762720B2 (en) Method of mutual authentication between a communication interface and a host processor of an NFC chipset
JP6193879B2 (en) Method for routing in a mobile terminal emulating a contactless payment card
JP4885945B2 (en) Peripheral device management method using SIM card in wireless communication terminal and peripheral device for executing the method
US8000755B2 (en) Information-communication terminal device and automatic backup system including the same
CN105701427B (en) A kind of method and device of smart card write-in data
JP2008011416A (en) Information processing apparatus and control method
CN104507130A (en) SIM (Subscriber Identity Module) card and system supporting mobile communication network switching
JPWO2006064575A1 (en) Wireless communication terminal and control method thereof
CN106792994A (en) A kind of dual system termi-nal WIFI shared method and apparatus
JP5740867B2 (en) Communication apparatus, information processing system, and encryption switching method
WO2018161224A1 (en) Data processing method and related device
WO2007132056A1 (en) Method and system for loading value to a smartcard
CN112312394A (en) Wireless fidelity Wi-Fi management method, device and related equipment
CN111383011B (en) Method for processing relay attack and safety unit
KR20150080467A (en) Method for Processing Security Certification by using IC Chip
JP2022054665A (en) System and program
KR101513434B1 (en) Method and Module for Protecting Key Input
KR20170021815A (en) Method for Processing Security Certification by using IC Chip
KR20170135784A (en) Method for Processing Security Certification by using IC Chip
CN106104551A (en) Information processor, information processing method and program
KR20160053869A (en) Method for Processing Security Certification by using IC Chip
EP2871865A1 (en) Method of managing communication between two secure elements

Legal Events

Date Code Title Description
C06 Publication
PB01 Publication
C10 Entry into substantive examination
SE01 Entry into force of request for substantive examination
C14 Grant of patent or utility model
GR01 Patent grant