CN103619013A - Safety binding method for mobile phone and smart card interactive application - Google Patents
Safety binding method for mobile phone and smart card interactive application Download PDFInfo
- Publication number
- CN103619013A CN103619013A CN201310641231.6A CN201310641231A CN103619013A CN 103619013 A CN103619013 A CN 103619013A CN 201310641231 A CN201310641231 A CN 201310641231A CN 103619013 A CN103619013 A CN 103619013A
- Authority
- CN
- China
- Prior art keywords
- mobile phone
- smart card
- card
- binding
- active coding
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Pending
Links
Images
Landscapes
- Mobile Radio Communication Systems (AREA)
- Telephone Function (AREA)
Abstract
The invention discloses a safety binding method for mobile phone and smart card interactive application. The method is applicable to the mobile phone and smart card interactive application such as internet banking, mobile banking and e-payment with safety requirements. The method includes the first step of safely storing key information referring to binding such as a mobile phone number, a mobile phone card IMSI, a mobile phone IMEI and a personal identification code (PIN), the second step of binding a target mobile phone and a target smart card, and the third step of confirming the binding process, the query process and the operation process of the mobile phone and the smart card. Through the safety binding method, the mobile phone and smart card interactive application has reliable safety guarantee.
Description
Technical field
The present invention relates to the interactive application of mobile phone and smart card, as: Mobile banking, Web bank, online payment, stored value card etc.
Background technology
Along with the development of mobile phone and mechanics of communication, new application model constantly occurs.NFC(near-field communication) appearance of technology, for development space has further been expanded in the application of mobile phone.The mobile phone popularity rate with NFC function is more and more higher, for the interactive application of mobile phone and contactless smart card (smart card with NFC function) is had laid a good foundation.Yet the application of contactless smart card, often emphasizes its versatility, as card reader of application requirements of mass transit card can be read and write all mass transit cards.But have the mobile phone of NFC function as card reader, often its application model is more suitable for the situation of " one to one ", as carry out transaction of financial IC card etc.How to guarantee that contactless smart card and the mobile phone with NFC function carry out the safety of " one to one " interactive application, up to the present, go back the fairly perfect solution of neither one.
Summary of the invention
For solving contactless smart card and the mobile phone with NFC function, carry out the safety problem of " one to one " interactive application, the invention discloses a kind of secure binding method of mobile phone and smart card interactive application.
Technical scheme of the present invention is: a kind of secure binding method of mobile phone and smart card interactive application, it is characterized in that, and said method comprising the steps of:
(1), key message memory space initialization are set on smart card: this key message memory space at least comprises for the key message storing: one of cell-phone number, Mobile phone card IMSI, mobile phone IMEI, PIN (PIN), intelligent card state sign;
(2), cell-phone number is sent to smart card: the described cell-phone number that input will be bound with smart card on described mobile phone, and by Mobile phone card IMSI described in handset program automatic acquisition or/and mobile phone IMEI then send it on described smart card;
(3), smart card at least stores one of cell-phone number, Mobile phone card IMSI and mobile phone IMEI, and binding state is set: described cell-phone number, Mobile phone card IMSI and mobile phone IMEI are stored in to the above key message memory space of smart card, and intelligent card state identifies memory space and is set to binding state.
Before described step (2), be also provided with the step of bindings person being carried out to authentication: the PIN arranging separately in checking smart card; By Third Party Authentication binding person's legitimacy.
After described step (2), be also provided with following two steps:
A, generation active coding also send: described smart card computing produces active coding, and active coding is sent on this mobile phone with short message mode by described mobile phone;
B, active coding postback smart card: mobile phone is received after note active coding, by artificial input or by handset program automatic transmission, use NFC communication modes, and this active coding is sent to smart card;
C, smart card are confirmed active coding: described smart card receives the active coding that described mobile phone sends, and compares with the active coding in steps A, if the two is consistent, carry out described step (3); Otherwise cancel binding.
When carrying out step (3), smart card is affixed on to the mobile phone back side, by the NFC communication of mobile phone and smart card, one in cell-phone number, Mobile phone card IMSI and mobile phone IMEI is sent on smart card, and usings the confirmation of this operating process as mobile phone and smart card security binding.
The beneficial effect that the present invention embodies is:
1, solved mobile phone and how smart card interactive application realizes man-to-man problem.
2, mobile phone storage itself, the unsafe problem of checking PIN have been solved.
3, by completing NFC communication as confirming action, simplify operation, and made to confirm that action is distincter, there is better customer experience.
4, on this basis, can also solve the interactive application demand of mobile phone and smart card " one-to-many ", " many-one ".As the operation of can transferring accounts on a plurality of mobile phones of a: bank card, or mobile phone can use the operation of transferring accounts of multiple different bank cards.
Accompanying drawing explanation
Fig. 1 is the flow chart of the embodiment of the present invention.
Embodiment
Referring to Fig. 1, when enforcement is of the present invention, in order to guarantee that contactless smart card and the mobile phone with NFC function carry out the safety of " one to one " interactive application, first should be clear and definite, in above-mentioned interactive application, some key messages are extremely important.Here it is: the state of cell-phone number, Mobile phone card IMSI, mobile phone IMEI, PIN (PIN) and smart card and mobile phone interaction application.Wherein, does the state of smart card and mobile phone interaction application refer to: smart card can carry out with plurality of mobile phones alternately? or smart card can only carry out with a mobile phone alternately.Therefore, the present invention emphasizes, above-mentioned key message must be stored on smart card.Because the technical characterictic of smart card, the data in card are to be stored in independently in physical space exactly, can keep isolation physically with other data.So the first step of the present invention is the memory space that above-mentioned critical data is set on smart card, and by memory space initialization.Such as establishing the state that cell-phone number is " 000000 " or " 888888 ", smart card and mobile phone interaction application for " 0 ", mobile phone IMEI for " 0 ", PIN (PIN) for " 0 ", Mobile phone card IMSI, for representing smart card, " 0 " can carry out alternately with plurality of mobile phones (" 1 " represents that smart card can only carry out with a mobile phone alternately).
Secondly, due to mobile phone and smart card realization " one to one " interactive application, also realizing binding, itself is a method that improves safety in utilization.Therefore, which sheet smart card which mobile phone can bind? who has the right to change binding state? it itself is exactly the process of a needs authentication.Only have clearly binding to authorize, binding method just has the meaning that improves fail safe.So it should be explicitly made clear at this point, mobile phone and smart card, before carrying out bindings, should authenticate bindings person's identity.Carry out authentication and can use the PIN (PIN) of verifying when the interior PIN(arranging separately of smart card and mobile phone are applied, not same, need special setting, as increased the memory space of binding authentication PIN on smart card, and by smart card is random, generate a number as the independent PIN arranging of binding authentication when initialization, the PIN simultaneously this being arranged separately gives the operator who authorizes binding with the form of cipher envelope, so that bindings person authenticates.) complete, also can by Third Party Authentication binding person legitimacy (as after identity verification certificate passes through, the PIN arranging separately for binding authentication producing when bindings person sends initialization.) mode complete.The process of this authentication can be used as second step of the present invention.
On this basis, when smart card and mobile phone need one to one interactive application, the implementation process of binding method of the present invention comprises the steps:
1, the cell-phone number (should be loCal number certainly) that input will be bound on mobile phone, and by Mobile phone card IMSI and mobile phone IMEI described in handset program automatic acquisition, then by smart card being affixed on to the mobile phone back side, realize the NFC communication of mobile phone and smart card, namely cell-phone number, Mobile phone card IMSI and mobile phone IMEI are sent on described smart card in the lump.
2, meanwhile, smart card computing produces an active coding (for confirming that user will carry out bindings really), and this active coding is sent to mobile phone (by NFC communication), and send instruction to mobile phone simultaneously, allow mobile phone send note with active coding content to the machine.
3, mobile phone is received after note active coding, or by artificial input, or by handset program automatic transmission, use NFC communication modes, active coding is sent to smart card.
4, smart card is compared after receiving active coding, if correctly just carry out next step, if mistake is just sent error code and stopped binding.
5, smart card is stored in described smart card key message memory space by described phone number, Mobile phone card IMSI and mobile phone IMEI, and intelligent card state identifies memory space and is set to binding state (" 1 ").
So far, binding finishes.List, from completing binding procedure, can be ignored above-mentioned 2,3,4 steps, is also the technical scheme that the present invention protects.
In above-mentioned steps, there is a very important summary of the invention, exactly: the feature while carrying out NFC communication based on mobile phone and smart card, communication each time (exchanges data) between them, is all affixed on the mobile phone back side by smart card and realizes during with voice response.And in the secure binding process of mobile phone and smart card interactive application, before each step is carried out exchanges data, demand according to application, often needs to have the action of confirmation, as the storage on smart card of: binding information, modification of PIN (PIN) etc.This confirmation action, traditional mode is exactly by acknowledgement key on keyboard.And in the interactive application of mobile phone and smart card, this confirmation action repeats with NFC communication action (smart card is affixed on the mobile phone back side).Therefore, with NFC communication action, as confirming that action is more reasonable, and this method is also original at other application scenarioss, therefore hereby emphasize, this method is also as the content of patent protection.
It is to be noted, before smart card and mobile phone are bound one to one, or when smart card and mobile phone carry out interactive application, will often first check that this smart card and this mobile phone bind? or whether this smart card still in binding state not? for this inspection, as long as smart card is affixed on to the mobile phone back side (realizing NFC communication), if the intelligent card state that mobile phone reads is designated " 0 ", not binding (being in generic state) of smart card is just described; If intelligent card state is designated " 1 ", and Mobile phone card IMSI or mobile phone IMEI data that on smart card, the data of Mobile phone card IMSI or mobile phone IMEI memory location obtain by NFC communication with smart card are identical, just illustrate that this Mobile phone card or mobile phone and this smart card have binding relationship one to one, otherwise be not just.
In addition, as the PIN (PIN) of key message, its storage, use and modification etc., also require emphasis.Because the use of PIN is as a kind of known method, be widely used in many fields, therefore at this, there is no the value of patent protection.But for guaranteeing the fail safe of PIN storage, and from the operating principle of protection PIN, realize PIN can only unidirectionally store, can not two-wayly read that to wait requirement, PIN to be stored in smart card be very important (mobile phone is before this applied all cannot realize this function).
Claims (4)
1. a secure binding method for mobile phone and smart card interactive application, is characterized in that, said method comprising the steps of:
(1), key message memory space initialization are set on smart card: this key message memory space at least comprises for the key message storing: one of cell-phone number, Mobile phone card IMSI, mobile phone IMEI, PIN (PIN), intelligent card state sign;
(2), cell-phone number is sent to smart card: the described cell-phone number that input will be bound with smart card on described mobile phone, and by Mobile phone card IMSI described in handset program automatic acquisition or/and mobile phone IMEI then send it on described smart card;
(3), smart card at least stores one of cell-phone number, Mobile phone card IMSI and mobile phone IMEI, and binding state is set: described cell-phone number, Mobile phone card IMSI and mobile phone IMEI are stored in to the above key message memory space of smart card, and intelligent card state identifies memory space and is set to binding state.
2. the secure binding method of mobile phone as claimed in claim 1 and smart card interactive application, is characterized in that, is also provided with the step of bindings person being carried out to authentication before described step (2): the PIN arranging separately in checking smart card; By Third Party Authentication binding person's legitimacy.
3. the secure binding method of mobile phone as claimed in claim 1 or 2 and smart card interactive application, is characterized in that, is also provided with following two steps after described step (2):
A, generation active coding also send: described smart card computing produces active coding, and active coding is sent on this mobile phone with short message mode by described mobile phone;
B, active coding postback smart card: mobile phone is received after note active coding, by artificial input or by handset program automatic transmission, use NFC communication modes, and this active coding is sent to smart card;
C, smart card are confirmed active coding: described smart card receives the active coding that described mobile phone sends, and compares with the active coding in steps A, if the two is consistent, carry out described step (3); Otherwise cancel binding.
4. the secure binding method of mobile phone as claimed in claim 1 and smart card interactive application, it is characterized in that, when carrying out step (3), smart card is affixed on to the mobile phone back side, by the NFC communication of mobile phone and smart card, one in cell-phone number, Mobile phone card IMSI and mobile phone IMEI is sent on smart card, and usings the confirmation of this operating process as mobile phone and smart card security binding.
Priority Applications (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN201310641231.6A CN103619013A (en) | 2013-12-04 | 2013-12-04 | Safety binding method for mobile phone and smart card interactive application |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN201310641231.6A CN103619013A (en) | 2013-12-04 | 2013-12-04 | Safety binding method for mobile phone and smart card interactive application |
Publications (1)
| Publication Number | Publication Date |
|---|---|
| CN103619013A true CN103619013A (en) | 2014-03-05 |
Family
ID=50169717
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN201310641231.6A Pending CN103619013A (en) | 2013-12-04 | 2013-12-04 | Safety binding method for mobile phone and smart card interactive application |
Country Status (1)
| Country | Link |
|---|---|
| CN (1) | CN103619013A (en) |
Cited By (4)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN104881598A (en) * | 2015-05-08 | 2015-09-02 | 北京数码视讯科技股份有限公司 | Smart card, smart terminal, smart card cipher verification system and smart card cipher verification method |
| WO2015180243A1 (en) * | 2014-05-27 | 2015-12-03 | 中兴通讯股份有限公司 | Method, device, and system for dynamically binding a smart card |
| CN105225105A (en) * | 2015-09-24 | 2016-01-06 | 广东欧珀移动通信有限公司 | The method for security protection that NFC pays and system |
| CN108834144A (en) * | 2018-06-05 | 2018-11-16 | 江苏恒宝智能系统技术有限公司 | Association management method and system of operator's code number with account |
Citations (5)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN101401111A (en) * | 2006-03-10 | 2009-04-01 | 日本电气株式会社 | Mobile terminal, ic card module, information processing method, and program |
| US20100011449A1 (en) * | 2007-02-20 | 2010-01-14 | Bundesdruckerei Gmbh | Chip Card Having A First User Function, Method For Selecting An Identifier, And Computer System |
| CN101727706A (en) * | 2008-10-24 | 2010-06-09 | 中兴通讯股份有限公司 | Electronic payment system and method for updating mobile user numbers corresponding to intelligent cards |
| CN101951585A (en) * | 2010-09-06 | 2011-01-19 | 深圳市融创天下科技发展有限公司 | User identity authentication method, system and mobile communication terminal |
| CN103258169A (en) * | 2007-10-29 | 2013-08-21 | 联邦印刷有限公司 | Method for protection of chip card from unauthorized use, chip card and chip card terminal |
-
2013
- 2013-12-04 CN CN201310641231.6A patent/CN103619013A/en active Pending
Patent Citations (5)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN101401111A (en) * | 2006-03-10 | 2009-04-01 | 日本电气株式会社 | Mobile terminal, ic card module, information processing method, and program |
| US20100011449A1 (en) * | 2007-02-20 | 2010-01-14 | Bundesdruckerei Gmbh | Chip Card Having A First User Function, Method For Selecting An Identifier, And Computer System |
| CN103258169A (en) * | 2007-10-29 | 2013-08-21 | 联邦印刷有限公司 | Method for protection of chip card from unauthorized use, chip card and chip card terminal |
| CN101727706A (en) * | 2008-10-24 | 2010-06-09 | 中兴通讯股份有限公司 | Electronic payment system and method for updating mobile user numbers corresponding to intelligent cards |
| CN101951585A (en) * | 2010-09-06 | 2011-01-19 | 深圳市融创天下科技发展有限公司 | User identity authentication method, system and mobile communication terminal |
Cited By (7)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| WO2015180243A1 (en) * | 2014-05-27 | 2015-12-03 | 中兴通讯股份有限公司 | Method, device, and system for dynamically binding a smart card |
| CN105228125A (en) * | 2014-05-27 | 2016-01-06 | 中兴通讯股份有限公司 | A kind of smart card dynamic binding method, apparatus and system |
| US10356602B2 (en) | 2014-05-27 | 2019-07-16 | Zte Corporation | Method, device, and system for dynamically binding a smart card |
| CN104881598A (en) * | 2015-05-08 | 2015-09-02 | 北京数码视讯科技股份有限公司 | Smart card, smart terminal, smart card cipher verification system and smart card cipher verification method |
| CN105225105A (en) * | 2015-09-24 | 2016-01-06 | 广东欧珀移动通信有限公司 | The method for security protection that NFC pays and system |
| CN108834144A (en) * | 2018-06-05 | 2018-11-16 | 江苏恒宝智能系统技术有限公司 | Association management method and system of operator's code number with account |
| CN108834144B (en) * | 2018-06-05 | 2021-01-15 | 恒宝股份有限公司 | Method and system for managing association of operator number and account |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| US11263625B2 (en) | Method, device and system for securing payment data for transmission over open communication networks | |
| CN1904923B (en) | Method for implementing space transference and apparatus thereof | |
| EP3017580B1 (en) | Signatures for near field communications | |
| US20150142666A1 (en) | Authentication service | |
| CN102737311A (en) | Internet bank security authentication method and system | |
| CN104301110A (en) | Authentication method, authentication device and system applied to intelligent terminal | |
| CN106485851A (en) | A kind of nothing card automatic teller machine and nothing card withdrawal system | |
| CN101916459B (en) | Safe electronic ticket method | |
| US20150142667A1 (en) | Payment authorization system | |
| CN102332127A (en) | Network TV (television) online payment service based account binding method and payment method | |
| CN101916476A (en) | Mobile data transmission method based on combination of SD (Secure Digital) encrypted card and short-distance wireless communication technology | |
| KR101499906B1 (en) | Smart card having OTP generation function and OTP authentication server | |
| CN102136172A (en) | Card terminal and realization method thereof used by individuals or families | |
| CN104123793A (en) | Money withdrawing system based on NFC function, money withdrawing method of money withdrawing system based on NFC function and money withdrawing machine | |
| CN109242469A (en) | Resource transfers method, system based on near-field communication, resource transfers terminal | |
| US11868988B2 (en) | Devices and methods for selective contactless communication | |
| CN103619013A (en) | Safety binding method for mobile phone and smart card interactive application | |
| CN104680371A (en) | Card-free transaction processing method and system | |
| CN101882343A (en) | Method, system and equipment for cardless operation of automatic teller machine | |
| CN105704092A (en) | User identity authentication method, device and system | |
| CN104835038A (en) | Networking payment device and networking payment method | |
| WO2023093876A1 (en) | Authorization device-based transaction method and system | |
| CN105743855B (en) | A kind of safety control system of Internet application equipment and its distribution, application method | |
| CN106535082A (en) | Method, device and system for processing data | |
| CN105741111A (en) | Mobile payment method, system and device |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| PB01 | Publication | ||
| PB01 | Publication | ||
| C10 | Entry into substantive examination | ||
| SE01 | Entry into force of request for substantive examination | ||
| C41 | Transfer of patent application or patent right or utility model | ||
| TA01 | Transfer of patent application right |
Effective date of registration: 20151229 Address after: The national hi tech Development Zone, Qingdao City, Shandong province 266109 (Hongdao High-tech Zone) Songyuan Road No. 17 Qingdao Industrial Technology Research Institute A1 District 413 room Applicant after: QINGDAO FENGHUA ERA INFORMATION TECHNOLOGY CO., LTD. Address before: 9FA1 building G2 software industry base in Shandong province 266071 Shinan District of Qingdao City Applicant before: Sun Guohua |
|
| RJ01 | Rejection of invention patent application after publication | ||
| RJ01 | Rejection of invention patent application after publication |
Application publication date: 20140305 |