CN103116847B - Smart card, intelligent card transaction system and method with electronic signature functionality - Google Patents
Smart card, intelligent card transaction system and method with electronic signature functionality Download PDFInfo
- Publication number
- CN103116847B CN103116847B CN201310070753.5A CN201310070753A CN103116847B CN 103116847 B CN103116847 B CN 103116847B CN 201310070753 A CN201310070753 A CN 201310070753A CN 103116847 B CN103116847 B CN 103116847B
- Authority
- CN
- China
- Prior art keywords
- smart card
- combined password
- message
- pos machine
- signature
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Active
Links
Landscapes
- Cash Registers Or Receiving Machines (AREA)
Abstract
The invention discloses a kind of smart card with electronic signature functionality, intelligent card transaction system and smart card method of commerce, and wherein method includes: A, smart card access POS machine, receive transaction message;B, smart card generates combined password;C, smart card generates signature message according to transaction message and combined password;D, signature message is at least sent to POS machine by smart card;E, POS machine receives the combined password generated by the smart card of key-press input, and transaction message, signature message and combined password are at least sent to bank server;F, bank server verifying signature message and combined password, and after being verified, transactional operation is executed according to transaction message.The interaction that data needed for trading are completed by the primary access of smart card and POS machine reduces the risk that important information caused by repeatedly access is trapped, improves safety.
Description
Technical field
The present invention relates to a kind of electronic technology field more particularly to a kind of smart cards with electronic signature functionality, intelligence
Card transaction system and method.
Background technique
Now, bankcard consumption has become mainstream.Electronic signature transaction is realized using following process:
Step S101, user holds accesses POS machine in a non contact fashion;Wherein, cordless can be radio frequency, indigo plant
Any cordless such as tooth, NFC.
Transaction Information is sent to the smart card of user's access by step S102, POS machine;Wherein, Transaction Information can be at least
It certainly can also include transaction details information including account number and the amount of money.
Step S103, smart card receive Transaction Information, show Transaction Information, after user confirms that Transaction Information is errorless, connect
The confirmation password for receiving user's input, signs to Transaction Information;
Step S104, smart card access POS machine in a non contact fashion again, and signing messages is sent to POS machine;
Transaction Information and signing messages are uploaded to bank server by step S105, POS machine, so as to bank server according to
Transaction Information executes transaction.
It can be seen that existing smart card needs in a non contact fashion during completing and signing to Transaction Information
It is accessed at least twice with POS machine, so that can have that Transaction Information and/or signing messages in access procedure be held as a hostage asks
Topic, causes user to lose, safety is not high.
Summary of the invention
Present invention seek to address that existing smart card Transaction Information and/or signing messages in multiple access procedure be held as a hostage and
Caused by the not high problem of safety.
It is an object of the present invention to provide a kind of smart card method of commerce with electronic signature functionality.
It is an object of the present invention to provide a kind of smart cards with electronic signature functionality.
Another object of the present invention is to provide a kind of intelligent card transaction system with electronic signature functionality.
In order to achieve the above objectives, technical solution of the present invention is specifically achieved in that
One aspect of the present invention provides a kind of smart card method of commerce with electronic signature functionality, which comprises
A, the smart card with electronic signature functionality accesses POS machine, receives transaction message;B, the smart card generates combined password;C,
The smart card generates signature message according to the transaction message and the combined password;D, the smart card is at least by the label
Name message is sent to the POS machine;E, the POS machine receives the combined password generated by the smart card of key-press input,
The transaction message, the signature message and the combined password are at least sent to bank server;F, the bank service
Device verifies the signature message and the combined password, and after being verified, and executes transactional operation according to the transaction message.
In addition, the step C includes: the summary info that the smart card calculates the transaction message;The smart card pair
The combined password carries out encryption and obtains encryption combined password;The smart card is to the summary info of the transaction message and described
Encryption combined password is signed, and signature message is generated.
In addition, the step C includes: the summary info that the smart card calculates the transaction message;The smart card pair
The combination of the combined password and random number carries out encryption and obtains encryption combined password;The smart card is to the transaction message
Summary info and the encryption combined password sign, generate signature message.
In addition, the encryption combined password and the signature message are also sent to institute by the smart card in the step D
State POS machine;In the step E, the POS machine also by the encryption combined password, the transaction message, the signature message and
The combined password is sent to bank server.
In addition, the step C includes: the summary info that the smart card calculates the transaction message;The smart card pair
The combined password carries out encryption and obtains encryption combined password, and calculates the summary info of the encryption combined password;The intelligence
It can block and sign to the summary info of the transaction message and the summary info of the encryption combined password, generate signature report
Text.
In addition, the smart card also reports the summary info of the encryption combined password and the signature in the step D
Text is sent to the POS machine;In the step E, the POS machine also reports the summary info of the combined password, the transaction
Literary, the described signature message and the combined password are sent to bank server.
In addition, between the step D and the step E, the method also includes: the smart card disconnect with it is described
The connection of POS machine;The smart card shows the transaction message;The smart card receives the confirmation password for passing through key-press input
And/or confirmation instruction;The smart card shows the combined password.
In addition, the smart card accesses the POS machine by cordless.
Another aspect of the present invention also provides a kind of smart card with electronic signature functionality, and the smart card includes: transmitting-receiving
Module, secret generation module, signature blocks and display module;The transceiver module receives transaction message simultaneously for accessing POS machine
It is sent to the signature blocks;The secret generation module is sent to the signature blocks and institute for generating combined password
State display module;The signature blocks generate signature message according to the transaction message and the combined password, and by described
The signature message is at least sent to the POS machine by transceiver module.
In addition, the transceiver module after sending the signature message to the POS machine, also disconnects and the POS machine
Connection;The display module also shows the transaction message after the transceiver module disconnects the connection with the POS machine.
In addition, the smart card further include: key module;The key module according to the confirmation password received and/or
Confirmation instruction, triggers the display module and shows the combined password.
Another aspect of the invention provides a kind of intelligent card transaction system with electronic signature functionality, the system packet
It includes: POS machine, bank server and smart card above-mentioned;The POS machine receives the smart card generation for passing through key-press input
The transaction message, the signature message and the combined password are at least sent to the bank server by combined password;Institute
It states bank server and verifies the signature message and the combined password, and after being verified, held according to the transaction message
Row transactional operation.
As seen from the above technical solution provided by the invention, the present invention provides a kind of with electronic signature functionality
Smart card, the intelligent card transaction system with electronic signature functionality and the smart card method of commerce with electronic signature functionality lead to
The interaction of data needed for crossing the primary access completion transaction of smart card and POS machine, reduces important information caused by repeatedly access
The risk being trapped, improves safety.Combined password of the invention can be the number generated at random in each transaction, word
Female and character one or more combinations must be transmitted, this hair different from existing trading password and OTP using ciphertext
Bright combined password can be by being transmitted in plain text, and will not reduce the safety of account in process of exchange;Connection of the invention
Close password be generates and be uploaded to bank server in smart card side, also different from existing OTP need bank server with
Terminal generates simultaneously, and the unilateral combined password that generates of the invention is simultaneously signed, with guarantee combined password transmission safety and
The accuracy of combined password verifying;POS machine of the invention is to send related data after having input combined password (to can be friendship
Easy message, signature message and combined password) to bank server, so that being sent to the needs of bank server by silver by POS machine
The data that row server is handled are that ensure that safety by authorization and effective data, improve work efficiency.
Detailed description of the invention
In order to illustrate the technical solution of the embodiments of the present invention more clearly, required use in being described below to embodiment
Attached drawing be briefly described, it should be apparent that, drawings in the following description are only some embodiments of the invention, for this
For the those of ordinary skill in field, without creative efforts, it can also be obtained according to these attached drawings other
Attached drawing.
Fig. 1 is the method flow diagram of existing electronic signature transaction;
Fig. 2 is the flow chart for the smart card method of commerce embodiment 1 that the present invention has electronic signature functionality;
Fig. 3 is the flow chart for the smart card method of commerce embodiment 2 that the present invention has electronic signature functionality;
Fig. 4 is the structural schematic diagram for the intelligent card transaction system that the present invention has electronic signature functionality.
Specific embodiment
With reference to the attached drawing in the embodiment of the present invention, technical solution in the embodiment of the present invention carries out clear, complete
Ground description, it is clear that described embodiments are only a part of the embodiments of the present invention, instead of all the embodiments.Based on this
The embodiment of invention, every other implementation obtained by those of ordinary skill in the art without making creative efforts
Example, belongs to protection scope of the present invention.
In the description of the present invention, it is to be understood that, term " center ", " longitudinal direction ", " transverse direction ", "upper", "lower",
The orientation or positional relationship of the instructions such as "front", "rear", "left", "right", "vertical", "horizontal", "top", "bottom", "inner", "outside" is
It is based on the orientation or positional relationship shown in the drawings, is merely for convenience of description of the present invention and simplification of the description, rather than instruction or dark
Show that signified device or element must have a particular orientation, be constructed and operated in a specific orientation, therefore should not be understood as pair
Limitation of the invention.In addition, term " first ", " second " are used for description purposes only, it is not understood to indicate or imply opposite
Importance or quantity or position.
In the description of the present invention, it should be noted that unless otherwise clearly defined and limited, term " installation ", " phase
Even ", " connection " shall be understood in a broad sense, for example, it may be being fixedly connected, may be a detachable connection, or be integrally connected;It can
To be mechanical connection, it is also possible to be electrically connected;It can be directly connected, can also can be indirectly connected through an intermediary
Connection inside two elements.For the ordinary skill in the art, above-mentioned term can be understood at this with concrete condition
Concrete meaning in invention.
The embodiment of the present invention is described in further detail below in conjunction with attached drawing.
Embodiment 1
Fig. 2 is the flow chart for the smart card method of commerce embodiment 1 that the present invention has electronic signature functionality.Now in conjunction with Fig. 2,
There is the smart card method of commerce of electronic signature functionality to be illustrated the present invention, specific as follows:
The present invention have electronic signature functionality smart card method of commerce include:
Step S201: the smart card with electronic signature functionality accesses POS machine, receives transaction message;
Specifically, POS machine can pass through manually input, net before the smart card with electronic signature functionality accesses POS machine
The modes such as network, items scanning information obtain transaction message.
Smart card can access POS machine by cordless, receive the transaction message that POS machine is sent.Wherein, transaction message
Including at least account and the amount of money, it may also include transaction details information.
Certainly, smart card can also access POS machine by the way of contact.
Smart card of the invention accesses POS machine peace with higher compared with the way of contact using cordless access POS machine
Quan Xing prevents information to be acquired.
Step S202: smart card generates combined password;
Specifically, smart card is randomly generated number, letter and/or symbol, one kind is selected from number, letter and symbol
Or multiple combinations generate combined password, it is ensured that the nonuniqueness of combined password, randomness improve the safety of combined password
Property.
Step S203: smart card generates signature message according to transaction message and combined password;
Specifically, smart card can directly sign to transaction message and combined password, signature message is generated;Or
Smart card calculates the summary info of transaction message, the summary info of combined password is calculated, to the abstract of transaction message
The summary info of information and combined password is signed, and signature message is generated;Or
Smart card calculates the summary info of transaction message, carries out encryption to combined password and obtains encryption combined password, to friendship
The summary info and encryption combined password of easy message are signed, and signature message is generated;Or
Smart card calculates the summary info of transaction message, carries out encryption to combined password and obtains encryption combined password, and counts
The summary info of the summary info for calculating encryption combined password, summary info and encryption combined password to transaction message is signed
Name generates signature message.
Wherein, summary info may include following one kind or combinations thereof: by the cryptographic Hash of hash algorithm calculating, pass through
The MAC value that MAC algorithm calculates, the ciphertext itself obtained by symmetric cryptography.
In addition, cryptographic calculation can for symmetric cryptography or asymmetric encryption (such as by the public key of bank server into
Row encryption).In order to further increase the safety of combined password transmission, smart card can also generate a random number, will combine
Password and the random number are combined according to preset format, and it is close to carry out encryption acquisition encryption joint to the data after combination
Code.Combined password and random number are combined at this time, to prevent Replay Attack.
The present invention can be using by carrying out digest calculations to combined password, encrypting to combined password or to encryption connection
It closes password and carries out digest calculations, ensure that the safety of combined password transmission;It can summary info to combined password, encryption connection
The summary info for closing password or encryption combined password is signed, and the safety of transaction is improved.
Step S204: signature message is at least sent to POS machine by smart card;
Specifically, in step S203, if calculate the scheme of encryption combined password using smart card, in this step,
Encryption combined password and signature message are also sent to POS machine by smart card.
In step S203, if calculate the scheme of the summary info of encryption combined password using smart card, this step
In, the summary info for encrypting combined password and signature message are also sent to POS machine by smart card.
Certainly, no matter in step S203, which kind of information what smart card calculated is, smart card can send out the information of calculating
It send to POS machine.
Step S205:POS machine receives the combined password generated by the smart card of key-press input, at least by transaction message,
Signature message and combined password are sent to bank server;
Specifically, in step S203, if calculate the scheme of encryption combined password using smart card, in this step,
Encryption combined password, transaction message, signature message and combined password are also sent to bank server by POS machine.
In step S203, if calculate the scheme of the summary info of encryption combined password using smart card, this step
In, the summary info of combined password, transaction message, signature message and combined password are also sent to bank server by POS machine.
Certainly, no matter in step S203, which kind of information what smart card calculated is, what POS machine can calculate smart card
Information is sent to bank server.
POS machine of the invention, just can be by transaction message, signature message only after the combined password for receiving user's input
It is sent to bank server with combined password, completes transaction to trigger bank server, so that bank server is close according to combining
Code and signature message authenticate user identity, improve the safety of transaction.In addition, combined password of the invention can be
The one or more combinations of number, letter and character generated at random when transaction every time, be different from existing trading password and
OTP must be transmitted using ciphertext, and combined password of the invention can be by being transmitted in plain text, and will not be reduced and be traded
The safety of account in journey;Combined password of the invention is to generate and be uploaded to bank server in smart card side, also different
Bank server and terminal are needed in existing OTP while being generated, unilateral generation combined password of the invention is simultaneously signed, with
Guarantee the safety of combined password transmission and the accuracy of combined password verifying;POS machine of the invention be have input joint it is close
Related data (can be transaction message, signature message and combined password) is sent after code to bank server, so that by POS machine
It is to guarantee by authorization and effective data that the needs of bank server, which are sent to, by the data that bank server is handled
Safety, improves work efficiency.
Step S206: bank server verifying signature message and combined password, and after being verified, according to transaction message
Execute transactional operation.
It can be seen that smart card method of commerce of the invention, completes exchange by the primary access of smart card and POS machine
The interaction for needing data reduces the risk that important information caused by repeatedly access is trapped, improves safety.
Embodiment 2
Fig. 3 is the flow chart for the smart card method of commerce embodiment 2 that the present invention has electronic signature functionality.Now in conjunction with Fig. 3,
There is the smart card method of commerce of electronic signature functionality to be illustrated the present invention, specific as follows:
The present invention have electronic signature functionality smart card method of commerce include:
Step S301: the smart card with electronic signature functionality accesses POS machine, receives transaction message;
Specifically, POS machine can pass through manually input, net before the smart card with electronic signature functionality accesses POS machine
The modes such as network, items scanning information obtain transaction message.
Smart card can access POS machine by cordless, receive the transaction message that POS machine is sent.Wherein, transaction message
Including at least account and the amount of money, it may also include transaction details information.
Certainly, smart card can also access POS machine by the way of contact.
Smart card of the invention accesses POS machine peace with higher compared with the way of contact using cordless access POS machine
Quan Xing prevents information to be acquired.
Step S302: smart card generates combined password;
Specifically, smart card is randomly generated number, letter and/or symbol, one kind is selected from number, letter and symbol
Or multiple combinations generate combined password, it is ensured that the nonuniqueness of combined password, randomness improve the safety of combined password
Property.
Step S303: smart card generates signature message according to transaction message and combined password;
Specifically, smart card can directly sign to transaction message and combined password, signature message is generated;Or
Smart card calculates the summary info of transaction message, the summary info of combined password is calculated, to the abstract of transaction message
The summary info of information and combined password is signed, and signature message is generated;Or
Smart card calculates the summary info of transaction message, carries out encryption to combined password and obtains encryption combined password, to friendship
The summary info and encryption combined password of easy message are signed, and signature message is generated;Or
Smart card calculates the summary info of transaction message, carries out encryption to combined password and obtains encryption combined password, and counts
The summary info of the summary info for calculating encryption combined password, summary info and encryption combined password to transaction message is signed
Name generates signature message.
Wherein, summary info may include following one kind or combinations thereof: by the cryptographic Hash of hash algorithm calculating, pass through
The MAC value that MAC algorithm calculates, the ciphertext itself obtained by symmetric cryptography.
In addition, cryptographic calculation can for symmetric cryptography or asymmetric encryption (such as by the public key of bank server into
Row encryption).In order to further increase the safety of combined password transmission, smart card can also generate a random number, will combine
Password and the random number are combined according to preset format, and it is close to carry out encryption acquisition encryption joint to the data after combination
Code.Combined password and random number are combined at this time, to prevent Replay Attack.
The present invention can be using by carrying out digest calculations to combined password, encrypting to combined password or to encryption connection
It closes password and carries out digest calculations, ensure that the safety of combined password transmission;It can summary info to combined password, encryption connection
The summary info for closing password or encryption combined password is signed, and the safety of transaction is improved.
Step S304: signature message is at least sent to POS machine by smart card;
Specifically, in step S303, if calculate the scheme of encryption combined password using smart card, in this step,
Encryption combined password and signature message are also sent to POS machine by smart card.
In step S303, if calculate the scheme of the summary info of encryption combined password using smart card, this step
In, the summary info for encrypting combined password and signature message are also sent to POS machine by smart card.
Certainly, no matter in step S303, which kind of information what smart card calculated is, smart card can send out the information of calculating
It send to POS machine.
Step S305: smart card disconnects the connection with POS machine;
Specifically, user holds smart card and leaves the induction range of POS machine i.e. in the case where contactless mode accesses
It can;In the case where contact mode accesses, user extracts smart card from POS machine.The connection with POS machine is disconnected to guarantee
Smart card is once contacted with POS machine, is reduced the risk that multiple-contact information is trapped, is improved the safety of data transmission
Property.
Step S306: smart card shows transaction message;
Specifically, smart card shows the transaction message received on a display screen, so that user confirms the true of the transaction
Property, guarantee the safety of transaction.
Step S307: smart card receives confirmation password and/or confirmation instruction by key-press input;
Specifically, user after it confirmed the authenticity of Transaction Information, can pass through input validation password and/or confirmation
The operation of instruction, the combined password that triggering smart card display generates.It is close that smart card display joint is triggered by input validation password
Code can prevent combined password from being known by other people, improve the confidentiality of combined password.
Step S308: smart card shows combined password.
Specifically, smart card shows that combined password inputs the combined password so that user can know the combined password
To POS machine, to complete to trade.
In order to further increase the safety of combined password, prevent other people from obtaining the cleartext information of combined password, in step
When S302, combined password encrypt and deposit encrypted combined password with preset symmetric encipherment algorithm in plain text
Storage receives user by the confirmation password of key-press input and/or after confirming instruction within a smart card, in smart card, then default with this
Symmetric encipherment algorithm decrypt combined password in plain text shown.
Step S309:POS machine receives the combined password generated by the smart card of key-press input, at least by transaction message,
Signature message and combined password are sent to bank server;
Specifically, in step S303, if calculate the scheme of encryption combined password using smart card, in this step,
Encryption combined password, transaction message, signature message and combined password are also sent to bank server by POS machine.
In step S303, if calculate the scheme of the summary info of encryption combined password using smart card, this step
In, the summary info of combined password, transaction message, signature message and combined password are also sent to bank server by POS machine.
Certainly, no matter in step S303, which kind of information what smart card calculated is, what POS machine can calculate smart card
Information is sent to bank server.
POS machine of the invention, just can be by transaction message, signature message only after the combined password for receiving user's input
It is sent to bank server with combined password, completes transaction to trigger bank server, so that bank server is close according to combining
Code and signature message authenticate user identity, improve the safety of transaction.In addition, combined password of the invention can be
The one or more combinations of number, letter and character generated at random when transaction every time, be different from existing trading password and
OTP must be transmitted using ciphertext, and combined password of the invention can be by being transmitted in plain text, and will not be reduced and be traded
The safety of account in journey;Combined password of the invention is to generate and be uploaded to bank server in smart card side, also different
Bank server and terminal are needed in existing OTP while being generated, unilateral generation combined password of the invention is simultaneously signed, with
Guarantee the safety of combined password transmission and the accuracy of combined password verifying;POS machine of the invention be have input joint it is close
Related data (can be transaction message, signature message and combined password) is sent after code to bank server, so that by POS machine
It is to guarantee by authorization and effective data that the needs of bank server, which are sent to, by the data that bank server is handled
Safety, improves work efficiency.
Step S310: bank server verifying signature message and combined password, and after being verified, according to transaction message
Execute transactional operation.
It can be seen that smart card method of commerce of the invention, completes exchange by the primary access of smart card and POS machine
The interaction for needing data reduces the risk that important information caused by repeatedly access is trapped, improves safety.
Fig. 4 is the structural schematic diagram for the intelligent card transaction system that the present invention has electronic signature functionality.Fig. 4 is first combined, it is right
There is the present invention structure of the intelligent card transaction system of electronic signature functionality to be illustrated, specific as follows:
Intelligent card transaction system with electronic signature functionality of the invention include: POS machine 10, bank server 20 and
Smart card 30 with electronic signature functionality.Smart card 30 is the equipment with electronic signature functionality, may include containing user
The card chip of account information and the safety chip being digitally signed using key, or including having above-mentioned two chip functions
Integrated chip.
Wherein, the smart card 30 with electronic signature functionality includes: transceiver module 301, secret generation module 302, signature
Module 303 and display module 304;In other words, the above-mentioned module that the smart card 30 with electronic signature functionality includes can integrate
On a single die, can also the chip according to used by smart card 30 quantity and function, be integrated on multiple chips, herein
It is not illustrating one by one.
Transceiver module 301 is for accessing POS machine 10, receiving transaction message and being sent to signature blocks 303.
Secret generation module 302 is sent to signature blocks 303 and display module 304 for generating combined password.Specifically
, secret generation module 302 can generate combined password after transceiver module 301 receives transaction message.
Signature blocks 303 generate signature message according to transaction message and combined password, and at least will by transceiver module 301
Signature message is sent to POS machine 10.
POS machine 10 receives the combined password generated by the smart card 30 of key-press input, at least reports transaction message, signature
Text and combined password are sent to bank server 20.
The verifying of bank server 20 signature message and combined password, and after being verified, friendship is executed according to transaction message
It is easy to operate.
Certainly, on the basis of above structure, the transceiver module 301 of smart card 30 of the invention is sending signature message extremely
After POS machine 10, the connection with POS machine 10 is also disconnected, so that display module 304 shows transaction message.To guarantee the present invention
Smart card 30 only contacted with POS machine 10 once just complete transaction needed for data interaction, reduce due to secondary contact generation number
According to the risk being trapped, the safety of transaction is improved.
Certainly, bank server 20 can lock the intelligence after verifying combined password failure preset times (such as 3 times)
Block corresponding account to protect the safety of user account.
In addition, smart card 30 can also include: key module 305.Key module 305 is according to the confirmation password received
And/or confirmation instruction, triggering display module 304 show combined password.
Specifically, such as user can trigger display module 304 in the following way shows combined password:
(1) input validation password, after smart card 30 is verified and confirms that password is correct, display module 304 shows combined password;
Or
(2) confirmation key is pressed, triggering display module 304 shows combined password;Or
(3) input validation password, and confirmation key is pressed, after smart card 30 is verified and confirms that password is correct, display module
304 display combined passwords.
Of course, it is possible to combined password condition is shown for different spending amount setting triggering display modules 304, for example,
Small amount consumption only needs user to press confirmation key, wholesale consumer need user's input validation password etc..
It can be seen that the smart card with electronic signature functionality and the smart card with electronic signature functionality of the invention is handed over
Easy system completes the interaction of data needed for trading by the primary access of smart card and POS machine, caused by reducing repeatedly access
The risk that important information is trapped, improves safety.
Any process described otherwise above or method description are construed as in flow chart or herein, and expression includes
It is one or more for realizing specific logical function or process the step of executable instruction code module, segment or portion
Point, and the range of the preferred embodiment of the present invention includes other realization, wherein can not press shown or discussed suitable
Sequence, including according to related function by it is basic simultaneously in the way of or in the opposite order, Lai Zhihang function, this should be of the invention
Embodiment person of ordinary skill in the field understood.
It should be appreciated that each section of the invention can be realized with hardware, software, firmware or their combination.Above-mentioned
In embodiment, software that multiple steps or method can be executed in memory and by suitable instruction execution system with storage
Or firmware is realized.It, and in another embodiment, can be under well known in the art for example, if realized with hardware
Any one of column technology or their combination are realized: having a logic gates for realizing logic function to data-signal
Discrete logic, with suitable combinational logic gate circuit specific integrated circuit, programmable gate array (PGA), scene
Programmable gate array (FPGA) etc..
Those skilled in the art are understood that realize all or part of step that above-described embodiment method carries
It suddenly is that relevant hardware can be instructed to complete by program, the program can store in a kind of computer-readable storage medium
In matter, which when being executed, includes the steps that one or a combination set of embodiment of the method.
It, can also be in addition, each functional unit in each embodiment of the present invention can integrate in a processing module
It is that each unit physically exists alone, can also be integrated in two or more units in a module.Above-mentioned integrated mould
Block both can take the form of hardware realization, can also be realized in the form of software function module.The integrated module is such as
Fruit is realized and when sold or used as an independent product in the form of software function module, also can store in a computer
In read/write memory medium.
Storage medium mentioned above can be read-only memory, disk or CD etc..
In the description of this specification, reference term " one embodiment ", " some embodiments ", " example ", " specifically show
The description of example " or " some examples " etc. means specific features, structure, material or spy described in conjunction with this embodiment or example
Point is included at least one embodiment or example of the invention.In the present specification, schematic expression of the above terms are not
Centainly refer to identical embodiment or example.Moreover, particular features, structures, materials, or characteristics described can be any
One or more embodiment or examples in can be combined in any suitable manner.
Although the embodiments of the present invention has been shown and described above, it is to be understood that above-described embodiment is example
Property, it is not considered as limiting the invention, those skilled in the art are not departing from the principle of the present invention and objective
In the case where can make changes, modifications, alterations, and variations to the above described embodiments within the scope of the invention.The scope of the present invention
By appended claims and its equivalent limit.
Claims (11)
1. a kind of smart card method of commerce with electronic signature functionality, which is characterized in that the described method includes:
A, the smart card with electronic signature functionality accesses POS machine, receives transaction message;
B, the smart card generates combined password;
C, the smart card generates signature message according to the transaction message and the combined password;
D, the signature message is at least sent to the POS machine and shows the combined password by the smart card;
E, the POS machine receives the combined password generated by the smart card of key-press input, at least by the transaction message,
The signature message and the combined password are sent to bank server;
F, the bank server verifies the signature message and the combined password, and after being verified, according to the friendship
Easy message executes transactional operation.
2. the method according to claim 1, wherein the step C includes:
The smart card calculates the summary info of the transaction message;
The smart card carries out encryption to the combined password and obtains encryption combined password;
The smart card signs to the summary info of the transaction message and the encryption combined password, generates signature report
Text.
3. the method according to claim 1, wherein the step C includes:
The smart card calculates the summary info of the transaction message;
The smart card carries out encryption to the combination of the combined password and random number and obtains encryption combined password;
The smart card signs to the summary info of the transaction message and the encryption combined password, generates signature report
Text.
4. according to the method in claim 2 or 3, which is characterized in that
In the step D, the encryption combined password and the signature message are also sent to the POS machine by the smart card;
In the step E, the POS machine is also by the encryption combined password, the transaction message, the signature message and described
Combined password is sent to bank server.
5. the method according to claim 1, wherein the step C includes:
The smart card calculates the summary info of the transaction message;
The smart card carries out encryption to the combined password and obtains encryption combined password, and calculates the encryption combined password
Summary info;
The smart card signs to the summary info of the transaction message and the summary info of the encryption combined password, raw
At signature message.
6. according to the method described in claim 5, it is characterized in that,
In the step D, the summary info of the encryption combined password and the signature message are also sent to by the smart card
The POS machine;
In the step E, the POS machine is also by the summary info of the combined password, the transaction message, the signature message
Bank server is sent to the combined password.
7. the method according to claim 1, wherein between the step D and the step E, the method
Further include:
The smart card disconnects the connection with the POS machine;
The smart card shows the transaction message;
The smart card receives confirmation password and/or confirmation instruction by key-press input;
The smart card shows the combined password.
8. method according to any one of claims 1 to 7, which is characterized in that the smart card is connect by cordless
Enter the POS machine.
9. a kind of intelligent card transaction system with electronic signature functionality, which is characterized in that the system comprises: POS machine, bank
Server and smart card, wherein
The smart card includes: transceiver module, secret generation module, signature blocks and display module;
The transceiver module is for accessing POS machine, receiving transaction message and being sent to the signature blocks;
The secret generation module is sent to the signature blocks and the display module for generating combined password;
The signature blocks generate signature message according to the transaction message and the combined password, and pass through the transceiver module
The signature message is at least sent to the POS machine;
The display module is for showing the combined password;
The POS machine, the combined password that the smart card for receiving through key-press input generates, at least reports the transaction
Literary, the described signature message and the combined password are sent to the bank server;
The bank server, for verifying the signature message and the combined password, and after being verified, according to described
Transaction message executes transactional operation.
10. system according to claim 9, which is characterized in that the transceiver module is sending the signature message to institute
After stating POS machine, the connection with the POS machine is also disconnected;
The display module also shows the transaction message after the transceiver module disconnects the connection with the POS machine.
11. system according to claim 10, which is characterized in that the smart card further include: key module;
The key module is instructed according to the confirmation password that receives and/or confirmation, trigger the display module show it is described
Close password.
Priority Applications (3)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
CN201810462779.7A CN108596605A (en) | 2013-02-06 | 2013-03-06 | Smart card with electronic signature functionality |
CN201310070753.5A CN103116847B (en) | 2013-02-06 | 2013-03-06 | Smart card, intelligent card transaction system and method with electronic signature functionality |
PCT/CN2014/071657 WO2014121721A1 (en) | 2013-02-06 | 2014-01-28 | Smart card with electronic signature function, and smart card transaction system and method |
Applications Claiming Priority (7)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
CN201310047316.1 | 2013-02-06 | ||
CN201320069875 | 2013-02-06 | ||
CN2013100473161 | 2013-02-06 | ||
CN201310047316 | 2013-02-06 | ||
CN2013200698758 | 2013-02-06 | ||
CN201320069875.8 | 2013-02-06 | ||
CN201310070753.5A CN103116847B (en) | 2013-02-06 | 2013-03-06 | Smart card, intelligent card transaction system and method with electronic signature functionality |
Related Child Applications (1)
Application Number | Title | Priority Date | Filing Date |
---|---|---|---|
CN201810462779.7A Division CN108596605A (en) | 2013-02-06 | 2013-03-06 | Smart card with electronic signature functionality |
Publications (2)
Publication Number | Publication Date |
---|---|
CN103116847A CN103116847A (en) | 2013-05-22 |
CN103116847B true CN103116847B (en) | 2019-06-25 |
Family
ID=48415212
Family Applications (3)
Application Number | Title | Priority Date | Filing Date |
---|---|---|---|
CN 201320102167 Expired - Lifetime CN203242029U (en) | 2013-02-06 | 2013-03-06 | An intelligent card containing an electronic signature function and an intelligent card transaction system |
CN201810462779.7A Pending CN108596605A (en) | 2013-02-06 | 2013-03-06 | Smart card with electronic signature functionality |
CN201310070753.5A Active CN103116847B (en) | 2013-02-06 | 2013-03-06 | Smart card, intelligent card transaction system and method with electronic signature functionality |
Family Applications Before (2)
Application Number | Title | Priority Date | Filing Date |
---|---|---|---|
CN 201320102167 Expired - Lifetime CN203242029U (en) | 2013-02-06 | 2013-03-06 | An intelligent card containing an electronic signature function and an intelligent card transaction system |
CN201810462779.7A Pending CN108596605A (en) | 2013-02-06 | 2013-03-06 | Smart card with electronic signature functionality |
Country Status (2)
Country | Link |
---|---|
CN (3) | CN203242029U (en) |
HK (1) | HK1194247A2 (en) |
Families Citing this family (10)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
WO2014121721A1 (en) * | 2013-02-06 | 2014-08-14 | 天地融科技股份有限公司 | Smart card with electronic signature function, and smart card transaction system and method |
CN103366278B (en) * | 2013-06-04 | 2016-11-23 | 天地融科技股份有限公司 | Process the method and system of operation requests |
CN104282092B (en) * | 2013-07-04 | 2017-02-08 | 中国银联股份有限公司 | Method for achieving digital signature and POS terminal used for achieving digital signature |
CN103973455B (en) * | 2014-05-28 | 2018-09-18 | 天地融科技股份有限公司 | A kind of information interacting method |
CN103984906B (en) * | 2014-05-28 | 2018-01-16 | 天地融科技股份有限公司 | A kind of electronic key equipment of no button |
CN104166914A (en) * | 2014-08-20 | 2014-11-26 | 武汉天喻信息产业股份有限公司 | Secure system and method based on secure element and applied to host card emulation technology |
CN104935441B (en) * | 2015-06-30 | 2018-09-21 | 京东方科技集团股份有限公司 | A kind of authentication method and relevant apparatus, system |
CN105023374A (en) * | 2015-07-22 | 2015-11-04 | 天地融科技股份有限公司 | Transaction system of POS machine |
CN105023150A (en) * | 2015-07-22 | 2015-11-04 | 天地融科技股份有限公司 | Data processing method and device for POS machine |
CN112950200A (en) * | 2021-02-05 | 2021-06-11 | 中国建设银行股份有限公司 | Transaction management method and system suitable for bankbook |
Citations (3)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN1831865A (en) * | 2006-04-24 | 2006-09-13 | 北京易恒信认证科技有限公司 | Electronic bank safety authorization system and method based on CPK |
CN101178802A (en) * | 2006-11-08 | 2008-05-14 | 李东声 | Dynamic password realization method in network bank trading and electronic signing device |
CN102609750A (en) * | 2012-02-15 | 2012-07-25 | 东信和平智能卡股份有限公司 | Intelligent card provided with input device and output device |
Family Cites Families (7)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
JPH0670818B2 (en) * | 1984-09-07 | 1994-09-07 | カシオ計算機株式会社 | Verification card and its authentication method |
US5317636A (en) * | 1992-12-09 | 1994-05-31 | Arris, Inc. | Method and apparatus for securing credit card transactions |
FR2771533B1 (en) * | 1997-11-21 | 2003-01-31 | Taib Thierry Baillie | SECURITY CARD FOR SECURE PAYMENT BY CREDIT CARD |
US6816058B2 (en) * | 2001-04-26 | 2004-11-09 | Mcgregor Christopher M | Bio-metric smart card, bio-metric smart card reader and method of use |
US7581678B2 (en) * | 2005-02-22 | 2009-09-01 | Tyfone, Inc. | Electronic transaction card |
US20070241183A1 (en) * | 2006-04-14 | 2007-10-18 | Brown Kerry D | Pin-secured dynamic magnetic stripe payment card |
CN102542452A (en) * | 2011-11-09 | 2012-07-04 | 王筱雨 | Method and system for verifying transaction passwords of point-of-sale (POS) machine terminal |
-
2013
- 2013-03-06 CN CN 201320102167 patent/CN203242029U/en not_active Expired - Lifetime
- 2013-03-06 CN CN201810462779.7A patent/CN108596605A/en active Pending
- 2013-03-06 CN CN201310070753.5A patent/CN103116847B/en active Active
-
2014
- 2014-01-30 HK HK14101027.9A patent/HK1194247A2/en not_active IP Right Cessation
Patent Citations (3)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN1831865A (en) * | 2006-04-24 | 2006-09-13 | 北京易恒信认证科技有限公司 | Electronic bank safety authorization system and method based on CPK |
CN101178802A (en) * | 2006-11-08 | 2008-05-14 | 李东声 | Dynamic password realization method in network bank trading and electronic signing device |
CN102609750A (en) * | 2012-02-15 | 2012-07-25 | 东信和平智能卡股份有限公司 | Intelligent card provided with input device and output device |
Also Published As
Publication number | Publication date |
---|---|
CN103116847A (en) | 2013-05-22 |
CN108596605A (en) | 2018-09-28 |
CN203242029U (en) | 2013-10-16 |
HK1194247A2 (en) | 2014-10-10 |
Similar Documents
Publication | Publication Date | Title |
---|---|---|
CN103116847B (en) | Smart card, intelligent card transaction system and method with electronic signature functionality | |
CN104243451B (en) | A kind of information interacting method, system and intelligent cipher key equipment | |
CN103136664B (en) | There is smart card transaction system and the method for electronic signature functionality | |
CN106656510B (en) | A kind of encryption key acquisition methods and system | |
CN104217327B (en) | A kind of financial IC card internet terminal and its method of commerce | |
CN103793815A (en) | Mobile intelligent terminal acquirer system and method suitable for bank cards and business cards | |
CN103326862B (en) | Electronically signing method and system | |
CN107077670A (en) | Transaction message is sent | |
CN104243162B (en) | A kind of information interacting method, system and intelligent cipher key equipment | |
CN105827656B (en) | Identity identifying method and device based on NFC payment | |
CN107358441A (en) | Method, system and the mobile device and safety certificate equipment of payment verification | |
CN103136665B (en) | A kind of network trading method and system | |
Basin et al. | Card brand mixup attack: bypassing the {PIN} in {non-Visa} cards by using them for visa transactions | |
CN104967612A (en) | Data encryption storage method, server and system | |
CN103532719A (en) | Dynamic password generation method, dynamic password generation system, as well as processing method and processing system of transaction request | |
CN103366278B (en) | Process the method and system of operation requests | |
CN103516525A (en) | Dynamic password generation method and system | |
CN103888942B (en) | Data processing method based on negotiation secret keys | |
CN104182875A (en) | Payment method and payment system | |
El Madhoun et al. | A cloud-based secure authentication protocol for contactless-nfc payment | |
CN106027250A (en) | Identity card information safety transmission method and system | |
CN103813333B (en) | A kind of data processing method based on arranging key | |
CN103136667B (en) | There is the smart card of electronic signature functionality, smart card transaction system and method | |
CN103945375B (en) | A kind of data processing method based on arranging key | |
CN103716328B (en) | Operation request processing method and system |
Legal Events
Date | Code | Title | Description |
---|---|---|---|
C06 | Publication | ||
PB01 | Publication | ||
C10 | Entry into substantive examination | ||
SE01 | Entry into force of request for substantive examination | ||
REG | Reference to a national code |
Ref country code: HK Ref legal event code: DE Ref document number: 1184894 Country of ref document: HK |
|
GR01 | Patent grant | ||
GR01 | Patent grant |