CN103778535A - Apparatus and method for processing data access requests from mobile terminal - Google Patents
Apparatus and method for processing data access requests from mobile terminal Download PDFInfo
- Publication number
- CN103778535A CN103778535A CN201210412344.4A CN201210412344A CN103778535A CN 103778535 A CN103778535 A CN 103778535A CN 201210412344 A CN201210412344 A CN 201210412344A CN 103778535 A CN103778535 A CN 103778535A
- Authority
- CN
- China
- Prior art keywords
- data
- mobile terminal
- request
- data access
- processing
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Granted
Links
Images
Classifications
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06Q—INFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES, NOT OTHERWISE PROVIDED FOR
- G06Q20/00—Payment architectures, schemes or protocols
- G06Q20/38—Payment protocols; Details thereof
- G06Q20/382—Payment protocols; Details thereof insuring higher security of transaction
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06Q—INFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES, NOT OTHERWISE PROVIDED FOR
- G06Q20/00—Payment architectures, schemes or protocols
- G06Q20/38—Payment protocols; Details thereof
- G06Q20/40—Authorisation, e.g. identification of payer or payee, verification of customer or shop credentials; Review and approval of payers, e.g. check credit lines or negative lists
- G06Q20/401—Transaction verification
- G06Q20/4012—Verifying personal identification numbers [PIN]
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06Q—INFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES, NOT OTHERWISE PROVIDED FOR
- G06Q20/00—Payment architectures, schemes or protocols
- G06Q20/38—Payment protocols; Details thereof
- G06Q20/40—Authorisation, e.g. identification of payer or payee, verification of customer or shop credentials; Review and approval of payers, e.g. check credit lines or negative lists
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06Q—INFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES, NOT OTHERWISE PROVIDED FOR
- G06Q20/00—Payment architectures, schemes or protocols
- G06Q20/38—Payment protocols; Details thereof
- G06Q20/40—Authorisation, e.g. identification of payer or payee, verification of customer or shop credentials; Review and approval of payers, e.g. check credit lines or negative lists
- G06Q20/401—Transaction verification
- G06Q20/4014—Identity check for transactions
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06Q—INFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES, NOT OTHERWISE PROVIDED FOR
- G06Q20/00—Payment architectures, schemes or protocols
- G06Q20/38—Payment protocols; Details thereof
- G06Q20/42—Confirmation, e.g. check or permission by the legal debtor of payment
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04W—WIRELESS COMMUNICATION NETWORKS
- H04W12/00—Security arrangements; Authentication; Protecting privacy or anonymity
- H04W12/06—Authentication
Landscapes
- Business, Economics & Management (AREA)
- Engineering & Computer Science (AREA)
- Accounting & Taxation (AREA)
- General Business, Economics & Management (AREA)
- Finance (AREA)
- Strategic Management (AREA)
- Physics & Mathematics (AREA)
- Computer Security & Cryptography (AREA)
- General Physics & Mathematics (AREA)
- Theoretical Computer Science (AREA)
- Signal Processing (AREA)
- Computer Networks & Wireless Communication (AREA)
- Storage Device Security (AREA)
Abstract
The invention provides a method for processing data access requests from a mobile terminal. The method includes the following steps that: a data access request transmitted to a data storage device is received; a requirement for identity authentication is put forward; the content of the identity authentication is verified; verification results can be reflected through changing the state of a one-time session identifier; if the verification is approved, a data modification request is ratified and executed, and modified content is recorded in a state information table; and when the mobile terminal sends out an encryption service request, only if the encryption service request contains information corresponding to records in the state information table, the encryption service request can be responded. With the method for processing the data access requests from the mobile terminal of the invention adopted, problems such as the problem that electronic cashes are accessed and deducted by malicious programs can be solved.
Description
Technical field
Present invention relates in general to the information processing technology, relate in particular to the technology about access and the processing of the data in IC-card.
Background technology
Along with the continuous propelling of IC-card migrating processes and the development of mobile payment service, increasing mobile terminal has been placed into safety chip.These chips include but not limited to intelligent SD card, SIM card, " apple skin " annex etc.And these mobile terminals have loaded PBOC electronic cash application, pay and experience thereby user has been enjoyed efficiently.But because PBOC standard time has only been considered the conventional transaction disposal environment based on POS terminal in definition, think that POS terminal is believable entity, do not considered that one day electronic cash can implanted mobile terminal, and for mobile payment.
Under traditional POS terminal disposal environment, POS terminal can be initiated mutual and the operation of withholing with the application of purpose electronic cash; And under mobile terminal environment, because mobile terminal is incredible entity, if also carried out alternately according to the flow process of accepting of current electronic cash application, will certainly cause electronic cash application accessed by illegitimate client and withhold, bring corresponding property loss to holder.Simultaneously according to the definition of electronic cash offline transaction, after offline transaction completes, can generate the offline transaction credential information of withholing and be kept in POS terminal for clearance in the future, in like manner, if this offline transaction is withholdd, credential information is stored on mobile terminal and also will be illegally distorted and steal.
Therefore, need a kind of new technology solve electronic cash by malevolence program from accessing withhold, apply to the offline transaction data of non-account be encrypted and electronic cash offline transaction data in upper process of giving backstage by problems such as illegally stealing and distort.In addition, also wish a kind of technology and solve the problem of the data in the memory storage of visit data safely in wider scope.
Summary of the invention
For the aspect at least addressing the above problem, the present invention proposes the method for a kind of processing in data storage device from the data access request of mobile terminal, comprising: receive the request of the data access sending to described data storage device; To the promoter of described request, authentication requirement is proposed; Verify that described promoter responds the authentication content that described authentication requirement is inputted; Reflect the result of checking by changing the state of disposable session identification, the state of wherein said disposable session identification is the state in not passing through to verify in the time receiving deal with data request of access at every turn; If by checking, ratify and carry out the modification request to described data, and revised context is recorded in status information table; And in the time that mobile terminal sends cryptographic service request, only in described cryptographic service request, contain with described status information table in record corresponding information time respond described cryptographic service request.
Described processing is from the method for the data access request of mobile terminal, wherein said data are electronic cash account datas, described modification request is caused by the transaction of described electronic cash account, the value of described data modification is the mandate amount of money of described transaction, described status information table is offline transaction completion status information table, it at least comprises application transaction counter and the described mandate amount of money
Described processing comprises from the corresponding information that records with in described status information table containing in cryptographic service request described in the method for the data access request of mobile terminal: account correspondence, transaction counter value correspondence; And mandate amount of money correspondence.
Described processing also comprises that from the method for the data access request of mobile terminal the transaction data information to there is matched record in described status information table is encrypted and the calculating of authentication of message code, and result of calculation is sent to background system.
Described processing is IC-card from data storage device described in the method for the data access request of mobile terminal.
Described processing is mobile phone or panel computer from mobile terminal described in the method for the data access request of mobile terminal.
Described processing is electronic cash account data from the data of storing in data storage device described in the method for the data access request of mobile terminal.
Described processing is symmetry algorithm or asymmetric arithmetic from the cryptographic algorithm in the method for the data access request of mobile terminal, the step that exists the transaction data information of matched record to be encrypted in described status information table being used, and described transaction data information is the credential information of withholing.
Described processing is from also sending to backstage to verify the message after encrypting in the method for the data access request of mobile terminal.
Described processing is only supported to apply from the information table of offline transaction completion status described in the method for the data access request of mobile terminal and self is inserted and deletion action.
Described processing from described in the method for the data access request of mobile terminal, revised context is recorded to step in status information table comprise by application transaction counter corresponding described transaction only and the described mandate amount of money be inserted in described offline transaction completion status information table.
The present invention proposes the equipment of a kind of processing in data storage device from the data access request of mobile terminal, comprising: receiving trap, it receives the request of the data access sending to described data storage device; Authentication apparatus for initiating, its promoter to described request proposes authentication requirement; Demo plant, it verifies that described promoter responds the authentication content that described authentication requirement is inputted; The result pen recorder, reflects the result of checking by changing the state of disposable session identification, the state of wherein said disposable session identification in the time receiving deal with data request of access at every turn in not by the state of checking; Modifier, if by checking, ratify and carry out the modification request to described data, and revised context is recorded in status information table; And cryptographic service request responding device, in the time that mobile terminal sends cryptographic service request, only in described cryptographic service request, contain with described status information table in record corresponding information time respond described cryptographic service request.
The application of the invention, can effectively prevent from being withholdd by malevolence program from accessing in the situation that not obtaining holder's mandate, can effectively prevent the offline transaction data of non-account to be encrypted, and can effectively prevent that electronic cash offline transaction data from illegally being stolen and distorting in upper process of giving backstage.In wider scope, the present invention is the data in visit data memory storage more safely.
Accompanying drawing explanation
For ease of understanding, by indefiniteness example, embodiments of the invention are described with reference to the accompanying drawings.In figure:
Fig. 1 shows the step of processing from the method for the data access request of mobile terminal;
Fig. 2 shows offline transaction completion status information table;
Fig. 3 shows the processing that offline transaction completion status information table is carried out.
Embodiment
Unless separately added and illustrated, as also cognoscible from following discussion, this instructions in the whole text in, utilize such as " processings ", " judgement " the discussion of term to represent action or the process of the particular device of use such as computing machine or similar computing electronics.In the context of the present specification, computing machine or similar computing electronics can be handled or figure signal.These signals are typically expressed as physical electronic or the quantity of magnetism in storer, register or out of Memory memory storage, transmitting device or the display device of computing machine or similar computing electronics.For example, computing electronics can comprise the one or more processor of carrying out one or more specific functions.
Electronic cash transaction, can be regarded as processing the process of data in data storage device.Under contact interface, carry out electronic cash transaction, first can carry out plug-in card people off line personal identification identification number (PIN) checking by mandatory requirement.On mobile terminal, when client and electronic cash are when mutual, this mechanism will have following effect: (1) authenticates holder's identity; (2) client of access electronic cash application is authenticated.
In order to realize above-mentioned security mechanism, introduce " holder PIN is verified mark " here, this is masked as disposable session mark, selects after electronic cash application at every turn, and this mark all can be reset as invalid.And after once holder's off line PIN is proved to be successful, in card, electronic cash apply set " holder PIN is verified mark ", this mark by be used to electronic cash application generation ratify offline transaction ciphertext according to one of.
Therefore, for the processing in data storage device is from the data access request of mobile terminal, can implement following steps, comprise: receive the request (S101) of the data access sending to data storage device; Propose authentication to the promoter of request and require (S102); Checking promoter responds the authentication content (S103) that described authentication requirement is inputted; And reflect the result (S104) of checking by changing the state of disposable session identification.The state of the disposable session identification is here the state in not passing through to verify in the time receiving deal with data request of access at every turn.Then, if by checking, ratify and carry out the modification request to described data, and revised context is recorded to (S105) in status information table; Finally, in the time that mobile terminal sends cryptographic service request, only in described cryptographic service request, contain with described status information table in record corresponding information time respond described cryptographic service request (S106).Fig. 1 shows above-mentioned steps.The described cryptographic service request of response in step S106 comprises carrying out encrypts, deletes corresponding record and the result of encryption is returned to mobile terminal from status information table.
Accordingly, the processing in data storage device can comprise receiving trap, authentication apparatus for initiating, demo plant and the result pen recorder from the equipment of the data access request of mobile terminal.Receiving trap receives the request of the data access sending to data storage device; Authentication apparatus for initiating proposes authentication requirement to the promoter of request; The authentication content that demo plant checking promoter response identity authentication requesting is inputted; The result pen recorder reflects the result of checking by changing the state of disposable session identification, the state of the disposable session identification is here the state in not passing through to verify in the time receiving deal with data request of access at every turn.
Accordingly, the mobile terminal of the data of access in data storage device comprises request unit, checking input media, DAA and result receiving trap.Request unit sends the request of data access to data storage device; Checking input media is used for inputting authentication content; Data in DAA access and Update Table memory storage; Result receiving trap receives the data after the modification in data storage device.
In the application about electronic cash, the intelligent cards that electronic cash is housed is received to generate and is carried out the electronic cash operating process of withholing after application cryptogram order.
Introduce after holder's off line PIN authentication mechanism, on mobile terminal, carry out electronic cash payment transaction by contact interface, in the time that client determines to the corresponding transaction application ciphertext of card request type according to the behavioural analysis result of self, after this request is received in electronic cash application on card, carry out following processing: be first to check that holder PIN is verified mark and whether is set.If the result checking is "No", directly return and the processing of not withholing so.If the result checking is "Yes", so next deduction is authorized the amount of money, and upgrades afterwards the remaining sum of electronic cash.
Here, only have after holder PIN is verified (be holder PIN be verified mark be set), just allow that electronic cash is carried out to off line and withhold.
In order to prevent that the offline transaction data of non-account are encrypted, introduce offline transaction completion status information table here.In this embodiment, between the deduction mandate amount of money in said method and these two steps of remaining sum of renewal electronic cash, also has a step that offline transaction completion status information table is set.The structure of this table as shown in Figure 2.The size of this table is not fixing, can arrange according to actual needs.As optimal way, its large I is set in 5.Field contents also can be expanded according to actual needs simultaneously.This table is by applying self maintained, externally not read-write.
This table is only supported to apply and self is inserted and delete two operations, and concrete purposes is as follows:
(1) insert.
When card is ratified after this offline transaction, application transaction counter value corresponding this transaction and the mandate amount of money are inserted in this table.
(2) delete.
In the time that the outer entity of card is served to electronic cash application request offline transaction data encryption in card, after data are received in card inherence, first judge whether this offline transaction belongs to this account's consumer sale, and basis for estimation mainly contains the account informations such as primary account number, credit card issuer application data and electronic cash credit card issuer authorization code.If the result of judgement is "No", return to so errors validity code; If the result of judgement is "Yes", judge whether so again to exist the record of coupling.If the result of judgement is "No", so still return to errors validity code.If the result of judgement is "Yes", judge that so more whether the mandate amount of money is consistent.If the result of judgement is "No", return to so errors validity code; If the result of judgement is "Yes", be encrypted so, then from offline transaction completion status information table, delete corresponding record, and finally return to the result of encryption.Can guarantee that so only the offline transaction data to this account are encrypted.Fig. 3 shows above-mentioned steps.
In order to guarantee the safety of offline transaction data, also introduced here a set of safe transmission key code system to offline transaction data be encrypted, the operation such as authentication of message code (MAC) calculating.The cryptographic algorithm using can be that symmetry algorithm can be also asymmetric arithmetic.
Safe transmission key code system at least comprises following key: the encryption key of (1) offline transaction voucher data, also calculates corresponding MAC simultaneously; (2) the message transmission encryption key externally providing; (3) the message transmission MAC computation key externally providing.Transaction voucher data contain the content that in status information table, record relates to, thereby realize, legitimacy and the uniqueness of request encrypted content are authenticated.
So the electronic cash through expansion need to provide following safe operation interface: (1) offline transaction voucher data encryption and MAC calculating operation interface; (2) the message transmission encipher interface externally providing; (3) the message transmission MAC externally providing calculates interface.The wherein operating right of (1): be judged as and belong to this account's and the offline transaction voucher data that complete on mobile terminal; (2) operating right: holder's off line PIN is verified; (3) operating right: holder's off line PIN is verified.
Above-mentioned safe key system can be symmetrical, can be also asymmetric based on PKI.
Method described here can realize by variety of way according to application at least partly according to special characteristic or example.For example, this method can realize by hardware, firmware, software or their any combination.In hardware is realized, for example, device can be at one or more special IC (ASICs), digital signal processor (DSPs), digital signal processing device (DSPDs), programmable logic device (PLD) (PLDs), field programmable gate array (FPGAs), processor, controller, microcontroller, microprocessor, electronic installation or is designed to carry out in other device units of all functions as described herein or their any combination and realizes.
Equally, in certain embodiments, method can adopt the module of carrying out function described here or their any combination to realize.For example, any machine readable media of visibly specializing instruction can use realizing in these class methods.In one embodiment, for example, software or code can be stored in storer and by processing unit and move.Storer can be in processing unit and/or processing unit outside realize.Here the term " storer " that used represents long-term, short-term, volatibility, non-volatile or other storer of any type, and is not limited to any particular type or the quantity of storer or the type of storage medium of storer.
Storage medium can comprise any usable medium that can be visited by computing machine, computing platform, calculation element etc.As an example rather than restriction, computer-readable medium can comprise RAM, ROM, EEPROM, CD-ROM or other optical disc storage, disk storage or other magnetic memory apparatus, or can be used for carrying or storing the program code of the expectation of taking instruction or data structure form and other any medium that can be visited by computing machine, computing platform or calculation element.
Although shown the current content that is considered to exemplary characteristics above, one skilled in the art will appreciate that in the case of not deviating from claimed theme, can carry out various modifications to specific embodiment described in the present invention.Particularly, the embodiment as an example of the electronic cash in IC-card example can be applied to the application of the data in other data storage device equally, comprises corresponding method and apparatus.Therefore, claimed theme is not limited to disclosed specific example, and on the contrary, it has comprised all the elements within the scope that falls into claims.
Claims (12)
1. the processing in data storage device, from a method for the data access request of mobile terminal, comprising:
Receive the request of the data access sending to described data storage device;
To the promoter of described request, authentication requirement is proposed;
Verify that described promoter responds the authentication content that described authentication requirement is inputted;
Reflect the result of checking by changing the state of disposable session identification, the state of wherein said disposable session identification is the state in not passing through to verify in the time receiving deal with data request of access at every turn;
If by checking, ratify and carry out the modification request to described data, and revised context is recorded in status information table; And
In the time that mobile terminal sends cryptographic service request, only in described cryptographic service request, contain with described status information table in record corresponding information time respond described cryptographic service request.
2. processing as claimed in claim 1 is from the method for the data access request of mobile terminal, wherein said data are electronic cash account datas, described modification request is caused by the transaction of described electronic cash account, the value of described data modification is the accounts information such as the mandate amount of money and corresponding stateful transaction counter of described transaction, described status information table is offline transaction completion status information table, and it at least comprises application transaction counter and the described mandate amount of money.
3. processing as claimed in claim 2 is from the method for the data access request of mobile terminal, in wherein said cryptographic service request, contain with described status information table in record corresponding information, comprising:
Account correspondence,
Transaction counter value correspondence; And
Mandate amount of money correspondence.
4. processing as claimed in claim 1 is from the method for the data access request of mobile terminal, also comprise that the transaction data information to there is matched record in described status information table is encrypted and the calculating of authentication of message code, and result of calculation is sent to background system.
5. the processing as described in any one in claim 1-4 is from the method for the data access request of mobile terminal, and wherein said data storage device is IC-card.
6. the processing as described in any one in claim 1-4 is from the method for the data access request of mobile terminal, and wherein said mobile terminal is mobile phone or panel computer.
7. the processing as described in any one in claim 1-4 is from the method for the data access request of mobile terminal, and the data of storing in wherein said data storage device are electronic cash account datas.
8. processing as claimed in claim 4 is from the method for the data access request of mobile terminal, the cryptographic algorithm wherein step that exists the transaction data information of matched record to be encrypted in described status information table being used is symmetry algorithm or asymmetric arithmetic, and described transaction data information is the credential information of withholing.
9. processing as claimed in claim 8, from the method for the data access request of mobile terminal, wherein also sends to backstage to verify the Transaction Information voucher message after encrypting.
10. processing as claimed in claim 2 is from the method for the data access request of mobile terminal, and wherein said offline transaction completion status information table is only supported to apply and self inserted and deletion action.
11. processing as claimed in claim 2 are from the method for the data access request of mobile terminal, wherein said by revised context be recorded to step in status information table comprise by application transaction counter corresponding described transaction only and the described mandate amount of money be inserted in described offline transaction completion status information table.
12. 1 kinds of processing in data storage device, from the equipment of the data access request of mobile terminal, comprising:
Receiving trap, it receives the request of the data access sending to described data storage device;
Authentication apparatus for initiating, its promoter to described request proposes authentication requirement;
Demo plant, it verifies that described promoter responds the authentication content that described authentication requirement is inputted;
The result pen recorder, reflects the result of checking by changing the state of disposable session identification, the state of wherein said disposable session identification in the time receiving deal with data request of access at every turn in not by the state of checking;
Modifier, if by checking, ratify and carry out the modification request to described data, and revised context is recorded in status information table; And
Cryptographic service request responding device, in the time that mobile terminal sends cryptographic service request, only in described cryptographic service request, contain with described status information table in record corresponding information time respond described cryptographic service request.
Priority Applications (2)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN201210412344.4A CN103778535B (en) | 2012-10-25 | 2012-10-25 | Handle the apparatus and method of the data access request from mobile terminal |
| PCT/CN2013/083846 WO2014063546A1 (en) | 2012-10-25 | 2013-09-19 | Method and device for processing data access request coming from mobile terminal |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN201210412344.4A CN103778535B (en) | 2012-10-25 | 2012-10-25 | Handle the apparatus and method of the data access request from mobile terminal |
Publications (2)
| Publication Number | Publication Date |
|---|---|
| CN103778535A true CN103778535A (en) | 2014-05-07 |
| CN103778535B CN103778535B (en) | 2017-08-25 |
Family
ID=50543983
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN201210412344.4A Active CN103778535B (en) | 2012-10-25 | 2012-10-25 | Handle the apparatus and method of the data access request from mobile terminal |
Country Status (2)
| Country | Link |
|---|---|
| CN (1) | CN103778535B (en) |
| WO (1) | WO2014063546A1 (en) |
Families Citing this family (1)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN105590200A (en) * | 2015-03-11 | 2016-05-18 | 中国银联股份有限公司 | Data transmission method and user equipment for mobile near field payment |
Citations (4)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| US20060265586A1 (en) * | 2003-07-24 | 2006-11-23 | Estelle Transy | Method and system for double secured authenication of a user during access to a service by means of a data transmission network |
| CN1889419A (en) * | 2005-06-30 | 2007-01-03 | 联想(北京)有限公司 | Method and apparatus for realizing encrypting |
| CN1963854A (en) * | 2006-11-27 | 2007-05-16 | 北京握奇数据系统有限公司 | Method for shortening exchanging time of electron money |
| CN101394615A (en) * | 2007-09-20 | 2009-03-25 | 中国银联股份有限公司 | Mobile payment terminal and payment method based on PKI technique |
Family Cites Families (2)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN102118745B (en) * | 2011-01-14 | 2013-10-16 | 中国工商银行股份有限公司 | Method and device for secure encryption for mobile payment data, and mobile phone |
| CN102665208B (en) * | 2012-04-06 | 2016-04-13 | 中国工商银行股份有限公司 | Mobile terminal, terminal banking safety certifying method and system |
-
2012
- 2012-10-25 CN CN201210412344.4A patent/CN103778535B/en active Active
-
2013
- 2013-09-19 WO PCT/CN2013/083846 patent/WO2014063546A1/en active Application Filing
Patent Citations (4)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| US20060265586A1 (en) * | 2003-07-24 | 2006-11-23 | Estelle Transy | Method and system for double secured authenication of a user during access to a service by means of a data transmission network |
| CN1889419A (en) * | 2005-06-30 | 2007-01-03 | 联想(北京)有限公司 | Method and apparatus for realizing encrypting |
| CN1963854A (en) * | 2006-11-27 | 2007-05-16 | 北京握奇数据系统有限公司 | Method for shortening exchanging time of electron money |
| CN101394615A (en) * | 2007-09-20 | 2009-03-25 | 中国银联股份有限公司 | Mobile payment terminal and payment method based on PKI technique |
Also Published As
| Publication number | Publication date |
|---|---|
| WO2014063546A1 (en) | 2014-05-01 |
| CN103778535B (en) | 2017-08-25 |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| US11823186B2 (en) | Secure wireless card reader | |
| US11374943B2 (en) | Secure interface using non-secure element processors | |
| AU2015219276B2 (en) | Methods, devices, and systems for secure provisioning, transmission, and authentication of payment data | |
| CN109118193B (en) | Apparatus and method for secure element transaction and asset management | |
| CN113475035A (en) | Flick to copy data to clipboard through NFC | |
| CN112602300A (en) | System and method for password authentication of contactless cards | |
| US11880832B2 (en) | Method and system for enhancing the security of a transaction | |
| CN115004208A (en) | Generating barcodes using cryptographic techniques | |
| KR20210066795A (en) | System and method for cryptographic authentication of contactless card | |
| US20170132618A1 (en) | Mobile card service method utilizing hce, and mobile terminal applying same | |
| CN103778535A (en) | Apparatus and method for processing data access requests from mobile terminal | |
| KR101019156B1 (en) | System and method for generating a security card | |
| KR102652497B1 (en) | Did authentication method using smart card and smart card device | |
| JP2002024773A (en) | Ic card service addition authorizing device, ic card issuing device, issuing method, issuing system, and storage medium recording ic card service addition authorization program | |
| WO2022005638A1 (en) | Authorization data processing for multiple issuers | |
| KR20120129617A (en) | Identification card, apparatus and method for issuing card |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| C06 | Publication | ||
| PB01 | Publication | ||
| C10 | Entry into substantive examination | ||
| SE01 | Entry into force of request for substantive examination | ||
| GR01 | Patent grant | ||
| GR01 | Patent grant |