CN103944729A - Data security interactive method - Google Patents
Data security interactive method Download PDFInfo
- Publication number
- CN103944729A CN103944729A CN201410171806.7A CN201410171806A CN103944729A CN 103944729 A CN103944729 A CN 103944729A CN 201410171806 A CN201410171806 A CN 201410171806A CN 103944729 A CN103944729 A CN 103944729A
- Authority
- CN
- China
- Prior art keywords
- intelligent cipher
- terminal
- cipher equipment
- information
- system server
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Pending
Links
Abstract
The invention discloses a data security interactive method. The data security interactive method comprises the steps that identification information of a scanned intelligent cryptographic device is obtained by a terminal, corresponding user information is obtained and stored to an active user list established in advance, transaction information is generated, and transaction request information is obtained and sent to the intelligent cryptographic device; the intelligent cryptographic device obtains transaction information, gives a prompt and generates transaction confirmation information; the terminal obtains a transaction data package according to the transaction confirmation information and sends the transaction data package to a background system server; the background system server obtains the transaction confirmation information according to the transaction data package, verifies the transaction confirmation information and executes a transaction after verification is passed. Thus, a customer can complete payment without a wallet, a credit card, a mobile phone and the like, so that interactive operation of the customer and a merchant in the payment process is simplified, payment efficiency is improved, and experience of the customer in the near field payment process is improved; meanwhile, security of the payment process of the customer is guaranteed.
Description
Technical field
The present invention relates to a kind of information security field, relate in particular to a kind of data security exchange method.
Background technology
A kind of method of service that mobile payment allows user to use its mobile terminal (terminals such as smart mobile phone, PDA, panel computer, notebook computer) to carry out account payment to consumed commodity or service exactly.Unit or individual by mobile terminal, the Internet or closely sensing directly or indirectly to bank finance mechanism, send the behavior that payment instruction produces monetary payoff and fund flow, thereby realize mobile payment function.Mobile payment is merged mobile terminal, the Internet, application provider and financial institution mutually, for user provides monetary payoff, the financial business such as pay the fees.
Mobile payment mainly comprises that remote payment and near field pay two kinds.Remote payment refer to user by mobile terminal login that bank's webpage pays, account operation etc., be mainly used in shopping and the consumption of e-commerce website on line; Near field pays and refers to that consumer is when buying commodity or service, IMU is crossed mobile terminal and is paid to businessman, the processing paying is carried out at the scene, and be not need to use under mobile network's line to operate, by using the passages such as the radio frequency (NFC) of mobile terminal, infrared, bluetooth, the local communication of realization and automatic vending machine and POS machine.
In the process of whole mobile payment, the participant who relates to payment comprises: consumption user, trade company, mobile operator, third party service provider, bank.Consumption user and trade company are the service objects of system, and mobile operator provides network support, and bank side provides bank's related service, and third party service provider provides payment platform service, and the combination by each side is to realize business.The electronization of means of payment and mobile have become inevitable development trend, and the safety issue of mobile-payment system is the key problem of mobile e-business safety.
How in the process of mobile payment, to guarantee that the fail safe of data interaction is problem demanding prompt solution.
Summary of the invention
The present invention is intended to one of address the above problem.
Main purpose of the present invention is to provide a kind of data security exchange method.
For achieving the above object, technical scheme of the present invention is specifically achieved in that
One aspect of the present invention provides a kind of data security exchange method, comprising: terminal is at signal cover interscan intelligent cipher equipment, and obtains the identification information of the described intelligent cipher equipment scanning; Described terminal is obtained user profile corresponding to described intelligent cipher equipment according to the identification information of the described intelligent cipher equipment scanning; Described terminal stores described user profile in active user's list of setting up in advance; Described terminal generates Transaction Information according to user profile corresponding to intelligent cipher equipment to be transacted, and obtains transaction request information according to described Transaction Information; Described terminal sends described transaction request information to described intelligent cipher equipment; Described intelligent cipher equipment receives after described transaction request information, according to Transaction Information described in described transaction request information acquisition; Transaction Information described in described intelligent cipher device prompts; Described intelligent cipher equipment confirmation of receipt instruction, and generate trade confirmation information; Described terminal receives described trade confirmation information; Described terminal is according to described trade confirmation information acquisition transaction data package, and sends described transaction data package to described background system server; Described background system server receives after described transaction data package, according to described transaction data package, obtains described trade confirmation information; Described background system server is verified described trade confirmation information, and carry out transaction after being verified.
The identification information of the described intelligent cipher equipment that in addition, described terminal basis scans obtains user profile corresponding to described intelligent cipher equipment and comprises: described terminal sends identification information and the user profile read requests of described intelligent cipher equipment to described background system server; Described background system server receives after the identification information and described user profile read requests of described intelligent cipher equipment, according to the identification information of described intelligent cipher equipment, obtains the user profile corresponding with described intelligent cipher equipment; Described background system server obtains the response message of described user profile read requests according to described user profile, and to described terminal, sends the response message of described user profile read requests; Described terminal receives after the response message of described user profile read requests, according to the response message of described user profile read requests, obtains described user profile.
The identification information of the described intelligent cipher equipment that in addition, described terminal basis scans obtains user profile corresponding to described intelligent cipher equipment and comprises: described terminal sends user profile read requests according to the identification information of the described intelligent cipher equipment scanning to described intelligent cipher equipment; Described intelligent cipher equipment obtains pre-stored user profile, and according to described user profile, obtains the response message of described user profile read requests, and to described terminal, sends the response message of described user profile read requests; Described terminal receives after the response message of described user profile read requests, according to the response message of described user profile read requests, obtains described user profile.
In addition, described terminal is at signal cover interscan intelligent cipher equipment, and after obtaining the step of identification information of the described intelligent cipher equipment scan, described method also comprises: described terminal obtains the identification information of the whole intelligent cipher equipment in the signal cover of described terminal, generates real-time identification list; Described terminal was compared the identification information of the intelligent cipher equipment in the identification information of the intelligent cipher equipment in described real-time identification list and described active user's list according to the default time interval; If the identification information of the intelligent cipher equipment in described real-time identification list not in described active user's list, is carried out described terminal and is obtained the step of the user profile that described intelligent cipher equipment is corresponding according to the identification information of the described intelligent cipher equipment scanning; And if the identification information of the intelligent cipher equipment in described active user's list is in described real-time identification list, delete in described active user's list the not user profile of the intelligent cipher equipment in described real-time identification list.
In addition, described terminal is at signal cover interscan intelligent cipher equipment, and after obtaining the step of identification information of the described intelligent cipher equipment scan, described method also comprises: described terminal obtains the identification information of the whole intelligent cipher equipment in the signal cover of described terminal, generates real-time identification list; Described terminal was compared the identification information of the intelligent cipher equipment in the identification information of the intelligent cipher equipment in described real-time identification list and described active user's list according to the default time interval; If the identification information of the intelligent cipher equipment in described real-time identification list is not in described active user's list, carry out described terminal and according to the identification information of the described intelligent cipher equipment scanning, obtain the step of the user profile that described intelligent cipher equipment is corresponding, and obtain after described user profile in described terminal, described user profile is stored in described real-time identification list; And if the identification information of the intelligent cipher equipment in described real-time identification list is in described active user's list, the user profile of described intelligent cipher equipment in described active user's list is stored in described real-time identification list; Described active user's list using described real-time identification list after upgrading.
In addition, described terminal is after described background system server sends the identification information of described intelligent cipher equipment and the step of user profile read requests, and described method also comprises: described background system server judges whether the identification information of described intelligent cipher equipment is included in the intelligent cipher unit exception list prestoring in described background system server; Described background system server is after the identification information of judging described intelligent cipher equipment is in described intelligent cipher unit exception list, obtain locking intelligent cipher device directive, and utilize the private key of described background system server to sign and obtain the 5th signing messages locking intelligent cipher device directive, and to described intelligent cipher equipment, send described locking intelligent cipher device directive and described the 5th signing messages by described terminal; Described intelligent cipher equipment receives after described locking intelligent cipher device directive and described the 5th signing messages, utilizes the PKI in the described background system server certificate prestoring to verify described the 5th signing messages; Described intelligent cipher equipment, after described the 5th signing messages of checking passes through, is carried out lock operation according to described locking intelligent cipher device directive.
In addition, described method also comprises: the application for registration of described background system server receiving terminal, and described endpoint registration application is examined; Described background system server is in audit after described endpoint registration application passes through, to described terminal transmitting terminal key to generating instruction; Described terminal receives described terminal key to generating after instruction, generates terminal key pair; Described terminal sends the PKI of described terminal key centering to described background system server; Described background system server receives after the PKI of described terminal key centering, generates described terminal certificate, and sends described terminal certificate to described terminal; Terminal certificate described in described terminal storage; And the application of described background system server reception intelligent cipher facility registration, and application is examined to described intelligent cipher facility registration; Described background system server, after the application of the described intelligent cipher facility registration of audit is passed through, sends intelligent cipher device keys to generating instruction to described intelligent cipher equipment; Described intelligent cipher equipment receives described intelligent cipher device keys to generating after instruction, generates intelligent cipher device keys pair; Described intelligent cipher equipment sends the PKI of described intelligent cipher device keys centering to described background system server; Described background system server receives after the PKI of described intelligent cipher device keys centering, generates described intelligent cipher device certificate, and sends described intelligent cipher device certificate to described intelligent cipher equipment; Intelligent cipher device certificate described in described intelligent cipher device storage.
In addition, described method also comprises: described terminal is obtained terminal cancellation application, utilize the private key of described terminal to sign and obtain the 6th signing messages described cancellation application, and send described terminal cancellation application and described the 6th signing messages to described background system server; Described background system server receives after described terminal cancellation application and described the 6th signing messages, utilizes the PKI in the described terminal certificate prestoring to verify described the 6th signing messages; Described background system server after described the 6th signing messages passes through, is deleted the described terminal certificate prestoring in checking, and generates terminal cancellation and complete information, sends described terminal cancellation complete information to described terminal; Described terminal receives described terminal cancellation and completes after information, deletes the private key of described terminal; And/or described intelligent cipher equipment obtains intelligent cipher equipment cancellation application, utilize the private key of described intelligent cipher equipment to sign and obtain the 7th signing messages described cancellation application, and send described intelligent cipher equipment cancellation application and described the 7th signing messages to described background system server; Described background system server receives after described intelligent cipher equipment cancellation application and described the 7th signing messages, utilizes the PKI in the described intelligent cipher device certificate prestoring to verify described the 7th signing messages; Described background system server is after described the 7th signing messages of checking passes through, the described intelligent cipher device certificate that deletion prestores, and generate the cancellation of intelligent cipher equipment and complete information, to described intelligent cipher equipment, send the cancellation of described intelligent cipher equipment and complete information; Described intelligent cipher equipment receives the cancellation of described intelligent cipher equipment and completes after information, deletes the private key of described intelligent cipher equipment.
In addition, after described background system server receives the identification information of described intelligent cipher equipment and the step of described user profile read requests, described background system server sends the step of response message of described user profile read requests to described terminal before, described method also comprises: described background system server sends user-authorization-request information by described terminal to described intelligent cipher equipment; Described intelligent cipher equipment receives after described user-authorization-request information, generates authorization message, and to described background system server, sends described authorization message by described terminal; Described background system server receives after described authorization message, carries out described background system server and to described terminal, sends the step of the response message of described user profile read requests.
In addition, described intelligent cipher equipment receives after described user-authorization-request information, and the step that generates authorization message comprises: described intelligent cipher equipment, after receiving described user-authorization-request information, is converted to wake-up states by resting state; Described intelligent cipher equipment generates authorization message under wake-up states.
In addition, described intelligent cipher equipment receives after described transaction request information, according to the step of Transaction Information described in described transaction request information acquisition, comprise: described intelligent cipher equipment receives after described transaction request information, by resting state, is converted to wake-up states; Described intelligent cipher equipment under wake-up states according to Transaction Information described in described transaction request information acquisition.
In addition, the step that described intelligent cipher equipment generates trade confirmation information comprises: described in described intelligent cipher equipment utilization, the private key of intelligent cipher equipment is signed to described Transaction Information, generates trading signature information as trade confirmation information; Or described intelligent cipher equipment generates dynamic password as trade confirmation information.
In addition, the step that described intelligent cipher equipment generates trade confirmation information comprises: described intelligent cipher equipment generates single transaction sign, and utilize the private key of described intelligent cipher equipment to sign to described Transaction Information and described single transaction sign, generate trading signature information as trade confirmation information; Or described intelligent cipher equipment generates single transaction sign, utilize the private key of described intelligent cipher equipment to sign and obtain the signing messages of single transaction sign described single transaction sign, and generating dynamic password, the signing messages that single transaction is identified and described dynamic password are as trade confirmation information.
In addition the step that, described terminal receives described trade confirmation information comprises: described terminal receives acoustic signals that described intelligent cipher equipment sends and to the described acoustic signals acquisition trade confirmation information of decode; Or described terminal gathers the image information of described intelligent cipher equipment demonstration and described image information is decoded and obtained described trade confirmation information; Or the communication interface that described terminal is mated with described intelligent cipher equipment by described terminal receives described trade confirmation information; Or trade confirmation information described in the information acquisition that described terminal is inputted by described terminal.
In addition, described background system server is verified described trade confirmation information, and carry out the step of transaction after being verified after, described method also comprises: described background system server sends Transaction Success acknowledgement information to described terminal; Or described background system server sends Transaction Success acknowledgement information by described terminal to described intelligent cipher equipment; Described intelligent cipher equipment receives after described Transaction Success acknowledgement information, points out described Transaction Success acknowledgement information.
In addition, described background system server is verified described trade confirmation information, and carry out the step of transaction after being verified after, described method also comprises: described terminal sends reimbursement information to described intelligent cipher equipment; Described intelligent cipher equipment receives after described reimbursement information, points out described reimbursement information; Described intelligent cipher equipment receives reimbursement and confirms instruction, and utilizes the private key of described intelligent cipher equipment to sign to described reimbursement information, generates reimbursement confirmation; Described terminal receives described reimbursement confirmation, described reimbursement confirmation is verified, and after being verified, utilized the private key of described terminal to sign and generate reimbursement confirmation bag described reimbursement confirmation; Described terminal sends described reimbursement to described background system server and confirms bag and described reimbursement confirmation; Described background system server receives described reimbursement to be confirmed after bag and described reimbursement confirmation, respectively described reimbursement confirmation bag and described reimbursement confirmation is verified, and after being all verified, is carried out reimbursement operation.
In addition, described background system server is verified described trade confirmation information, and carry out the step of transaction after being verified after, described method also comprises: described intelligent cipher equipment sends refund request to described terminal; Described terminal generates reimbursement information, and sends described reimbursement information to described intelligent cipher equipment; Described intelligent cipher equipment receives after described reimbursement information, points out described reimbursement information; Described intelligent cipher equipment receives reimbursement and confirms instruction, and utilizes the private key of described intelligent cipher equipment to sign to described reimbursement information, generates reimbursement confirmation; Described terminal receives described reimbursement confirmation, described reimbursement confirmation is verified, and after being verified, utilized the private key of described terminal to sign and generate reimbursement confirmation bag described reimbursement confirmation; Described terminal sends described reimbursement to described background system server and confirms bag and described reimbursement confirmation; Described background system server receives described reimbursement to be confirmed after bag and described reimbursement confirmation, respectively described reimbursement confirmation bag and described reimbursement confirmation is verified, and after being all verified, is carried out reimbursement operation.
In addition, described background system server is verified described trade confirmation information, and carry out the step of transaction after being verified after, described method also comprises: described intelligent cipher equipment sends refund request to described terminal; Described terminal generates refund request sign, and sends described refund request sign to described intelligent cipher equipment; Described intelligent cipher equipment receives after described refund request sign, generates reimbursement information, and utilizes the private key of described intelligent cipher equipment to sign to described reimbursement information, obtains reimbursement confirmation, and sends described reimbursement confirmation to described terminal; Described terminal receives described reimbursement confirmation, described reimbursement confirmation is verified, and after being verified, utilized the private key of described terminal to sign and generate reimbursement confirmation bag described reimbursement confirmation; Described terminal sends described reimbursement to described background system server and confirms bag and described reimbursement confirmation; Described background system server receives described reimbursement to be confirmed after bag and described reimbursement confirmation, respectively described reimbursement confirmation bag and described reimbursement confirmation is verified, and after being all verified, is carried out reimbursement operation.
In addition, in described reimbursement information, also comprise duplet bill.
In addition, described Transaction Success acknowledgement information also comprises duplet bill.
In addition, in described Transaction Information, also comprise duplet bill.
In addition, described terminal is at signal cover interscan intelligent cipher equipment, and before obtaining the identification information of the described intelligent cipher equipment scanning, described method also comprises: described intelligent cipher equipment enters and can be scanned state.
In addition,, before described terminal obtains according to the identification information of the described intelligent cipher equipment scanning the user profile that described intelligent cipher equipment is corresponding, described method also comprises: described terminal and described background system server authenticate mutually.
In addition, described terminal and background system server carry out mutually authenticating and comprising: described terminal generates first and treats signing messages; Described terminal sends described first to backstage system server and treats signing messages and the first authentication request information; Described background system server receives described first after signing messages and described the first authentication request information, generates second and treats signing messages; Described background system server sends described second to described terminal and treats signing messages and background system server certificate; Whether described terminal receives described second after signing messages and described background system server certificate, utilize described in root certification authentication corresponding to the background system server certificate prestore background system server certificate legal; Described terminal is after the described background system server certificate of checking is legal, and the private key that utilizes described terminal treats that to described first signing messages and described second treats signing messages generation the first signing messages of sign; Described terminal sends described the first signing messages and terminal certificate to described background system server; Described in root certification authentication corresponding to terminal certificate that described background system server by utilizing prestores, whether terminal certificate is legal; Described background system server, after the described terminal certificate of checking is legal, utilizes the first signing messages described in the public key verifications in described terminal certificate; Described background system server, generates backstage and has authenticated message after described the first signing messages passes through in checking, and to described terminal, sends described backstage and authenticated message; Described terminal receives described backstage and has authenticated after message, verifies that described backstage has authenticated message; Described terminal is after the described backstage of checking authenticate message and passed through, and generation terminal authentication first completes message, sends described terminal authentication first complete message to described background system server; Described background system server receives described terminal authentication first and completes after message, verifies that described terminal authentication first completes message; Described background system server is after checking described terminal authentication first completes message and passes through, and described terminal and described background system server complete mutual authentication.
In addition, described the first authentication request information comprises the identification information of described terminal; Described background system server receives described first after signing messages and described the first authentication request information, judges whether the identification information of described terminal is included in the terminal abnormal list prestoring in described background system server; Described background system server is after the identification information of judging described terminal is in described terminal abnormal list, obtain locking terminal instruction, and the private key that utilizes described background system server to locking terminal instruction sign and obtain the 4th signing messages, and send described locking terminal instruction and described the 4th signing messages to described terminal; Described terminal receives after described locking terminal instruction and described the 4th signing messages, utilizes the PKI in the described background system server certificate prestoring to verify described the 4th signing messages; Described terminal, after described the 4th signing messages of checking passes through, is carried out lock operation according to described locking terminal instruction.
In addition,, before described terminal obtains according to the identification information of the described intelligent cipher equipment scanning the user profile that described intelligent cipher equipment is corresponding, described method also comprises: described terminal and described intelligent cipher equipment authenticate mutually.
In addition, described terminal and described intelligent cipher equipment carry out mutually authenticating and comprising: described terminal generates the 3rd and treats signing messages; Described terminal sends the described the 3rd to described intelligent cipher equipment and treats signing messages and the second authentication request information; Described intelligent cipher equipment receives the described the 3rd after signing messages and described the second authentication request information, generates the 4th and treats signing messages; Described in described intelligent cipher equipment utilization, the private key of intelligent cipher equipment is treated to the described the 3rd that signing messages is signed and is obtained the second signing messages, and to described terminal, sends the described the 4th and treat signing messages, described the second signing messages and intelligent cipher device certificate; Whether described terminal receives the described the 4th after signing messages, described the second signing messages and described intelligent cipher device certificate, utilize described in the root certification authentication that the intelligent cipher device certificate prestore is corresponding intelligent cipher device certificate legal; Described terminal, after the described intelligent cipher device certificate of checking is legal, utilizes the PKI in described intelligent cipher device certificate to verify described the second signing messages; Described terminal is in checking after described the second signing messages passes through, and the private key that utilizes described terminal treats that to the described the 3rd signing messages and the described the 4th treats signing messages acquisition the 3rd signing messages of sign; Described terminal sends described the 3rd signing messages and described terminal certificate to described intelligent cipher equipment; Whether described intelligent cipher equipment receives after described the 3rd signing messages and described terminal certificate, utilize described in the root certification authentication that the described terminal certificate prestore is corresponding terminal certificate legal; Described intelligent cipher equipment, after the described terminal certificate of checking is legal, utilizes the PKI in described terminal certificate to verify described the 3rd signing messages; Described intelligent cipher equipment, after described the 3rd signing messages of checking passes through, generates intelligent cipher device authentication and completes message; Described intelligent cipher equipment sends described intelligent cipher device authentication to described terminal and completes message; Described terminal receives described intelligent cipher device authentication and completes after message, verifies that described intelligent cipher device authentication completes message; Described terminal, after the described intelligent cipher device authentication of checking completes message and passes through, generates terminal authentication second and completes message, sends described terminal authentication second complete message to described intelligent cipher equipment; Described intelligent cipher equipment receives described terminal authentication second and completes after message, verifies that described terminal authentication second completes message; Described in described intelligent cipher device authentication, terminal authentication second completes after message, and described terminal and described intelligent cipher equipment complete mutual authentication.
In addition, described intelligent cipher equipment receives the described the 3rd after signing messages and described the second authentication request information, generating the 4th step until signing messages comprises: described intelligent cipher equipment is receiving after described the second authentication request information, by resting state, is converted to wake-up states; Described intelligent cipher equipment generates the 4th and treats signing messages under wake-up states.
In addition, the information of transmitting between described background system server and described terminal all by the first session key, calculates and/or rear transmission is calculated in verification, wherein, described the first session key is pre-stored in described background system server and described terminal or described the first session key is consulted to generate by described background system server and described terminal; And/or the information of transmitting between described terminal and described intelligent cipher equipment all by the second session key, calculates and/or rear transmission is calculated in verification, wherein, described the second session key is pre-stored in described terminal and described intelligent cipher equipment or described the second session key is consulted to generate by described terminal and described intelligent cipher equipment.
As seen from the above technical solution provided by the invention, client can be without completing payment by modes such as wallet, credit card, mobile phones, thereby simplified the interactive operation in payment process of client and trade company, improved payment efficiency, promoted the experience of client in the payment process of near field; Utilize the fail safe of the safety profile promise customer payment process of intelligent cipher equipment simultaneously.
Client has chosen commodity later when checkout, terminal is without obtaining user profile by the mode that allows client manually swipe the card or to brush mobile phone again, during checkout, client only need quote the name of oneself, terminal can directly be sent to the Transaction Informations such as the amount of money after clearing client's intelligent cipher equipment and show, now, client only need utilize intelligent cipher equipment to confirm, and export trade confirmation information, terminal generates transaction data package and sends to background system server, the processing of transferring accounts after this transaction data package of background system server authentication is accurate, can complete payment process.
When client walks out the signal cover in this family shop, intelligent cipher equipment is connected and will automatically interrupts with the network between terminal, and user profile disappears from active user's list in this shop.If when client enters again another family shop, will automatically enter in active user's list in this another family shop, start another shopping.Do not need like this client to carry out any operation, just can bring seamless experience for client.
Accompanying drawing explanation
In order to be illustrated more clearly in the technical scheme of the embodiment of the present invention, below the accompanying drawing of required use during embodiment is described is briefly described, apparently, accompanying drawing in the following describes is only some embodiments of the present invention, for those of ordinary skill in the art, do not paying under the prerequisite of creative work, can also obtain other accompanying drawings according to these accompanying drawings.
Fig. 1 is data security interactive system structural representation provided by the invention;
Fig. 2 is the flow chart of data security exchange method provided by the invention.
Embodiment
Below in conjunction with the accompanying drawing in the embodiment of the present invention, the technical scheme in the embodiment of the present invention is clearly and completely described, obviously, described embodiment is only the present invention's part embodiment, rather than whole embodiment.Based on embodiments of the invention, those of ordinary skills, not making the every other embodiment obtaining under creative work prerequisite, belong to protection scope of the present invention.
In description of the invention, it will be appreciated that, term " " center ", " longitudinally ", " laterally ", " on ", D score, " front ", " afterwards ", " left side ", " right side ", " vertically ", " level ", " top ", " end ", " interior ", orientation or the position relationship of indications such as " outward " are based on orientation shown in the drawings or position relationship, only the present invention for convenience of description and simplified characterization, rather than device or the element of indication or hint indication must have specific orientation, with specific orientation structure and operation, therefore can not be interpreted as limitation of the present invention.In addition, term " first ", " second " be only for describing object, and can not be interpreted as indication or hint relative importance or quantity or position.
In description of the invention, it should be noted that, unless otherwise clearly defined and limited, term " installation ", " being connected ", " connection " should be interpreted broadly, and for example, can be to be fixedly connected with, and can be also to removably connect, or connect integratedly; Can be mechanical connection, can be to be also electrically connected to; Can be to be directly connected, also can indirectly be connected by intermediary, can be the connection of two element internals.For the ordinary skill in the art, can concrete condition understand above-mentioned term concrete meaning in the present invention.
Below in conjunction with accompanying drawing, the embodiment of the present invention is described in further detail.
Data security exchange method provided by the invention, system architecture applicatory as shown in Figure 1, comprising: background system server, terminal and intelligent cipher equipment.Wherein:
Background system server can complete paired terminal and the management of intelligent cipher equipment and to the storage of user profile with issue management, such as comprising that, to management such as the registration of terminal and intelligent cipher equipment, cancellation, locking, authentications, it can provide the financial services such as bank's related service, payment platform service; Can comprise the combination of one or more servers such as paying server, certificate server, management server.
Terminal can be the terminal of trade company's end, to complete the initiation of mobile payment, authentication to intelligent cipher equipment and background system server, the maintenance of user profile etc., this terminal can arrive the intelligent cipher equipment in its signal cover by automatic scan, and the communication connection of foundation and intelligent cipher equipment, obtain the user profile that intelligent cipher equipment is corresponding.
Intelligent cipher equipment possesses secure payment (for example: electronic signature, dynamic password generate) function, and the authentication to terminal, this intelligent cipher equipment possesses wireless communication module (such as bluetooth, infrared ray, RFID, NFC, light, sound wave, heat energy, vibration, WIFI etc.), can and terminal between by this wireless communication module, communicate, certainly, this intelligent cipher equipment can also include line interface (such as audio interface, USB interface, serial ports etc.), and communicates by wireline interface and terminal.In addition, intelligent cipher equipment can also possess connectivity option function, if user does not open this function, terminal cannot be obtained the identification information of intelligent cipher equipment and corresponding user profile.For example: intelligent cipher equipment can enter the state that can be scanned, so that terminal scanning arrives this intelligent cipher equipment.The connectivity option function that intelligent cipher equipment possesses, can open and realize for the hardware switch that arranges on intelligent cipher equipment, also can by software, open realization for intelligent cipher equipment.
As shown in Figure 2, data security exchange method provided by the invention, comprising:
Step 1: terminal and intelligent cipher equipment are registered to backstage system server:
Comprise following two aspects:
1, terminal is registered to backstage system server, wherein:
The application for registration of background system server receiving terminal, and application is examined to endpoint registration; Concrete, trade company can arrive the application for registration that bank counter is handled this terminal, also can handle by the Internet the application for registration of this terminal, and background system server receives after this application for registration, and the legitimacy of the identity of Dui Gai trade company is examined.
Background system server after audit terminal application for registration is passed through, to terminal transmitting terminal key to generating instruction; Concrete, the legitimacy of background system server audit merchant identification etc. after passing through is agreed to the terminal of trade company to register, and sends key to generating instruction to terminal simultaneously, be used to indicate terminal and generate terminal key pair, this terminal key is to comprising a pair of public and private key.
Terminal receives terminal key to generating after instruction, generates terminal key pair; Concrete, in terminal, can preset a generating mode that key is right, in terminal, receive terminal key to generating after instruction, according to default key, generating mode is generated to terminal key pair, generate a pair of public and private key.
Terminal is to the PKI of backstage system server transmitting terminal cipher key pair; Concrete, terminal can send the PKI of the terminal key centering of its generation by believable communication link to backstage system server, with the fail safe that guarantees that the PKI of terminal sends; Also can the PKI of the terminal key centering of its generation be sent to backstage system server by the Internet, to improve the convenience of the PKI transmission of terminal.
Background system server receives after the PKI of terminal key centering, generates terminal certificate, and to terminal transmitting terminal certificate; Concrete, background system server can calculate and generate terminal certificate the PKI of the information of trade company and terminal with the private key of backstage system server; In background system server, can also comprise CA server, the private key by this CA server calculates and generates terminal certificate the PKI of the information of trade company and terminal; Background system server can also be sent to CA by the PKI of the information of trade company and terminal, and CA calculates and generates terminal certificate the PKI of the information of trade company and terminal according to the private key of CA, and sends to terminal by background system server.
Terminal storage terminal certificate; Concrete, terminal, after receiving the terminal certificate of background system server transmission, is stored in this terminal certificate in the memory block of carrying out safety function.Certainly, for different background system servers, terminal can also be stored the different terminal certificate that different background system servers sends.
2, intelligent cipher equipment is registered to backstage system server, wherein:
Background system server receives the application of intelligent cipher facility registration, and application is examined to intelligent cipher facility registration; Concrete, the user who holds intelligent cipher equipment can arrive the application for registration that bank counter is handled this intelligent cipher equipment, also can handle by the Internet the application for registration of this intelligent cipher equipment, background system server receives after this application for registration, and the legitimacy of this user's identity is examined.
Background system server, after the application of audit intelligent cipher facility registration is passed through, sends intelligent cipher device keys to generating instruction to intelligent cipher equipment; Concrete, after the legitimacy of background system server audit user identity etc. is passed through, agreed to user's intelligent cipher equipment to register, to intelligent cipher equipment, send key to generating instruction simultaneously, be used to indicate intelligent cipher equipment and generate intelligent cipher device keys pair, this intelligent cipher device keys is to comprising a pair of public and private key.
Intelligent cipher equipment receives intelligent cipher device keys to generating after instruction, generates intelligent cipher device keys pair; Concrete, in intelligent cipher equipment, can preset a generating mode that key is right, at intelligent cipher equipment, receive intelligent cipher device keys to generating after instruction, according to default key, generating mode is generated to intelligent cipher device keys pair, generate a pair of public and private key.
Intelligent cipher equipment sends the PKI of intelligent cipher device keys centering to backstage system server; Concrete, intelligent cipher equipment can send the PKI of the intelligent cipher device keys centering of its generation by believable communication link to backstage system server, with the fail safe that guarantees that the PKI of intelligent cipher equipment sends; Also can the PKI of the intelligent cipher device keys centering of its generation be sent to backstage system server by the Internet, to improve the convenience of the PKI transmission of intelligent cipher equipment.
Background system server receives after the PKI of intelligent cipher device keys centering, generates intelligent cipher device certificate, and sends intelligent cipher device certificate to intelligent cipher equipment; Concrete, background system server can calculate and generate intelligent cipher device certificate the PKI of user's information and intelligent cipher equipment with the private key of backstage system server; In background system server, can also comprise CA server, the private key by this CA server calculates and generates intelligent cipher device certificate the PKI of user's information and intelligent cipher equipment; Background system server can also be sent to CA by the PKI of user's information and intelligent cipher equipment, CA calculates and generates intelligent cipher device certificate the PKI of user's information and intelligent cipher equipment according to the private key of CA, and sends to intelligent cipher equipment by background system server.
Intelligent cipher device storage intelligent cipher device certificate; Concrete, intelligent cipher equipment, after receiving the intelligent cipher device certificate of background system server transmission, is stored in this intelligent cipher device certificate in the memory block of carrying out safety function.Certainly, for different background system servers, intelligent cipher equipment can also be stored the different intelligent cipher device certificate that different background system servers sends.
Step 2: terminal is at signal cover interscan intelligent cipher equipment, and obtain the identification information of the intelligent cipher equipment scanning:
Concrete, terminal can send request signal (for example sequence number of terminal) according to certain time interval and inquire about the intelligent cipher equipment in certain wireless signal coverage;
Intelligent cipher equipment is intercepted (inquiry scan) to the inquiry of terminal, after intelligent cipher equipment enters in the signal cover of terminal, the identification information that sends intelligent cipher equipment to terminal, thus, terminal scanning has arrived the identification information of intelligent cipher equipment.
Below, provide two kinds to realize the method that terminal scanning obtains the identification information of intelligent cipher equipment:
(1) terminal can be used IAC (Inquiry Access Code, Inquiry Access Code) to inquire about the intelligent cipher equipment in certain wireless signal coverage;
Intelligent cipher equipment is intercepted (inquiry scan) to the inquiry of terminal, after intelligent cipher equipment enters in the signal cover of terminal, sends address and the clock information of intelligent cipher equipment to terminal;
Intelligent cipher equipment intercepts the paging information of self terminal, carries out page scan;
The intelligent cipher equipment that paging terminal has inquired;
Intelligent cipher equipment receives after paging information, sends the DAC (Device Access Code, device access code) of intelligent cipher equipment to terminal.
(2) terminal sends request signal and inquires about the intelligent cipher equipment in certain wireless signal coverage;
Intelligent cipher equipment is intercepted (inquiry scan) to the request signal of terminal, after intelligent cipher equipment enters in the signal cover of terminal, sends the address of intelligent cipher equipment to terminal.
Certainly, how the present invention only obtains the identification information of intelligent cipher equipment with above two examples explanation terminal, but the present invention is not limited thereto, based on above-mentioned two methods that obtain the identification information of intelligent cipher equipment, intelligent cipher equipment can be when receiving any information of terminal transmission, the information that all terminal can be sent is as dormancy awakening signal, and intelligent cipher equipment, according to dormancy awakening signal, switches to wake-up states (being normal mode of operation) by resting state.Meanwhile, intelligent cipher equipment, after any command execution finishes, all can automatically reply resting state.Intelligent cipher equipment enters resting state to save the electric energy of intelligent cipher equipment, increases the service life.
Before this step terminal scanning intelligent cipher equipment, intelligent cipher equipment also needs to enter the state that can be scanned, so that terminal can scan this intelligent cipher equipment, wherein, intelligent cipher equipment enters the state that can be scanned and can be opened and be realized by the hardware switch arranging on intelligent cipher equipment, also can be opened and be realized by intelligent cipher device software.
In the present invention, terminal can authenticate mutually with background system server, and/or terminal can also authenticate mutually with intelligent cipher equipment:
1, terminal and background system server authenticate mutually, wherein:
Terminal generates first and treats signing messages; Concrete, terminal can generate random number by random number generator and treat signing messages as first, also can adopt self sequence number, MAC Address or other identification information to treat signing messages as first, can be also that the combination of random number and identification information is treated signing messages as first.Wherein, as long as all can be used as first, the information that can be signed by background system server treats signing messages, so that background system server authenticates background system server after returning to signing messages.Random number can be a kind of or several combination arbitrarily in the characters such as numeral, letter, spcial character.
Terminal sends first to backstage system server and treats signing messages and the first authentication request information; Concrete, terminal can treat that by first signing messages and the first authentication request information send to backstage system server by believable communication link, the fail safe sending with guarantee information; Also can by first, treat that signing messages and the first authentication request information send to backstage system server by the Internet, to improve the convenience of communication.
In addition, background system server is in order to ensure the fail safe of data interaction and the legitimacy of terminal, background system server can also receive first after signing messages and the first authentication request information, whether the identification information that judges terminal is included in the terminal abnormal list prestoring in background system server, wherein, the first authentication request information comprises the identification information of terminal; Background system server is after the identification information of judging terminal is in terminal abnormal list, obtain locking terminal instruction, and the private key that utilizes background system server to locking terminal instruction sign and obtain the 4th signing messages, and send locking terminal instruction and the 4th signing messages to terminal; Termination is received after locking terminal instruction and the 4th signing messages, utilizes the PKI in the background system server certificate prestoring to verify the 4th signing messages; Terminal, after checking the 4th signing messages passes through, is carried out lock operation according to locking terminal instruction.
Concrete, terminal abnormal list can be for blacklist, report the loss list, inefficacy list etc. represents arbitrarily the illegal list of terminal identity; If the identification information of terminal is in terminal abnormal list, illustrate that this terminal is illegal terminal, now, in order to ensure fail safe, background system server sends lock instruction to lock this illegal terminal to this illegal terminal, and meanwhile, background system server is also signed to this lock instruction, to guarantee the legal source of lock instruction, avoid the malicious operation of illegal locking terminal.
Certainly, the present invention is not limited thereto, for practical application, as long as can legal locking illegal terminal.
In addition, background system server can not signed to lock instruction yet, only send lock instruction to illegal terminal to lock this illegal terminal.
Terminal is carried out lock operation according to locking terminal instruction and can be comprised: terminal refusal is carried out any request, destroys the any-modes such as certificate of self storing.
Certainly, background system server, after sending lock instruction, can also be carried out any request of this illegal terminal of refusal.
As can be seen here, when terminal occurs losing or suffers the abnormal conditions such as illegal report, the identification information of this terminal will be entered into the reporting the loss in the abnormal list such as list or blacklist of background system server, after this, if someone attempts to use this terminal to conclude the business illegally to transfer accounts while stealing fund again, when terminal and background system server authenticate, background system server can be compared terminal identification information at abnormal list, if find, the identification information of this terminal is in abnormal list, background system server will lock terminal, thereby protection user account safety.
Background system server receives first after signing messages and the first authentication request information, generates second and treats signing messages; Concrete, background system server can be after receiving the first authentication request information, generate second and treat signing messages, can generate random number by random number generator and treat signing messages as second, also can adopt self sequence number, MAC Address or other identification information to treat signing messages as second, can be also that the combination of random number and identification information is treated signing messages as second.Wherein, as long as all can be used as second, the information that can be signed by terminal treats signing messages, so that terminal authenticates terminal after returning to signing messages.Random number can be a kind of or several combination arbitrarily in the characters such as numeral, letter, spcial character.
Background system server sends second to terminal and treats signing messages and background system server certificate; Concrete, background system server can treat that by second signing messages and background system server certificate send to terminal by believable communication link, the fail safe sending with guarantee information; Also can by second, treat that signing messages and background system server certificate send to terminal by the Internet, to improve the convenience of communication.
Whether terminal receives second after signing messages and background system server certificate, utilize root certification authentication background system server certificate corresponding to the background system server certificate prestore legal; Concrete, terminal also needs to get root certificate corresponding to background system server certificate in registration process, to background system server certificate is carried out to legitimate verification.
Terminal is after checking background system server certificate is legal, and the private key that utilizes terminal treats that to first signing messages and second treats signing messages generation the first signing messages of sign; Concrete, terminal treats that to first signing messages and second treats that signing messages signs, thus, terminal transfers to background system server by signing messages, can guarantee the legal source of these data, also guaranteed the fail safe of important information in data, the first signing messages in the present invention can be by first until signing messages acquisition of signing of the information after signing messages is connected with second, can be also by the first acquisition of signing of the information after signing messages is adjusted according to the adjustment scheme of consulting in advance until signing messages and second.Certainly, terminal is after checking background system server certificate is legal, can also generate shared master key, this shared master key specifically can be for generating the first session key, now, terminal also utilizes the PKI in background system server certificate to be encrypted generation the first enciphered message to sharing master key; Can safe transmission share master key thus.
Terminal sends the first signing messages and terminal certificate to backstage system server; Certainly, if terminal has also generated shared master key, and be encrypted acquisition the first enciphered message to sharing master key, in this step, terminal, except to backstage system server sends the first signing messages and terminal certificate, also sends the first enciphered message to backstage system server.
Whether the root certification authentication terminal certificate that terminal certificate that background system server by utilizing prestores is corresponding is legal; Concrete, background system server also gets the root certificate that terminal certificate is corresponding in the registration process of terminal, to terminal certificate is carried out to legitimate verification.
Background system server, after verification terminal certificate is legal, utilizes public key verifications the first signing messages in terminal certificate;
Background system server, after checking the first signing messages passes through, generates backstage and has authenticated message, and has authenticated message to terminal transmission backstage; Certainly, if background system server also receives the first enciphered message,, in this step, background system server also utilizes the private key of background system server to decipher the first enciphered message, obtains and shares master key.
Terminal receives backstage and has authenticated after message, and checking backstage has authenticated message; Concrete, terminal has authenticated message to backstage and has carried out legitimate verification.
Terminal, after checking backstage authenticate message and passes through, generates terminal authentication first and completes message, authenticates first complete message to backstage system server transmitting terminal; Certainly, if terminal has generated shared master key,, in this step, terminal can also be according to sharing master key calculation the first session key;
Background system server receives terminal authentication first and completes after message, and verification terminal authentication first completes message; Concrete background system server completes message to terminal authentication first and carries out legitimate verification.
Background system server is after verification terminal authentication first completes message and passes through, and terminal and background system server complete mutual authentication.Certainly, if background system server is also deciphered, obtained shared master key,, in this step, background system server can also be according to sharing master key calculation the first session key.
Two-way authentication based between above-mentioned terminal and background system server, can guarantee both sides' legitimacy, improves the fail safe of subsequent treatment.
In addition, background system server is after verification terminal authentication first completes message and passes through, also for example, to the corresponding authority of open-destination: terminal can be obtained the user profile that intelligent cipher equipment is corresponding from background system server, to realize the management of background system server to terminal.
Certainly, if also generate the first session key between terminal and background system server, can guarantee fail safe and/or the integrality of transfer of data between background system server and terminal, so that when background system server and terminal are carried out subsequent data transmission, utilize the first session key that data to be transmitted is encrypted and is calculated and/or verification calculating.This first session key can comprise encryption key and/or check key, check key can be MAC verification computation key or HASH verification computation key, encryption key is symmetric cryptography computation key, and the encryption key that this first session key is included and/or check key can be for decomposing and obtain by sharing master key.
Certainly, the present invention is not limited thereto plants the first session key generative process of being initiated by terminal, can also initiate this first session key generative process by background system server.Now, for the locking of terminal, need only and can be judged by background system server after background system server receives the identification information of terminal.
In addition, after the either party that the first session key can be in terminal or background system server generates, and send to the other side after being encrypted with the other side's PKI, reduce a side computation complexity.
Between terminal and background system server, generate the first session key process can and following terminal and intelligent cipher equipment between to generate the process of the second session key identical.
Below, provide the mode that authenticates and generate in conjunction with the first session key between a concrete terminal and background system server, the present invention is not limited thereto certainly:
1) terminal of trade company's end produces random number R 1;
2) terminal of trade company's end sends to background system server by random number R 1, and sends authentication request to backstage system server;
3) background system server receives the authentication request of self terminal, produces random number R 2;
4) background system server sends random number R 2 and background system server certificate to terminal;
5) the background system server certificate that root certification authentication corresponding to background system server certificate prestoring in terminal use terminal received;
If checking is not passed through, finish;
If the verification passes, terminal produces shares master key MKey, with the PKI in background system server certificate, MKey is encrypted and obtains E1;
6) terminal connects R1 and R2 obtains R3, R3 is carried out to digest calculations and obtain H1, then uses the private key of terminal to carry out signature calculation to H1 and obtains S1;
7) terminal is sent to background system server by S1, E1 and terminal certificate;
8) background system server is used root certification authentication terminal certificate legitimacy corresponding to terminal certificate;
If verification terminal certificate does not pass through, finish;
If verification terminal certificate passes through, use terminal certificate checking S1;
If checking S1 does not pass through, finish;
If checking S1 passes through, from E1, deciphering obtains sharing master key MKey;
9) background system server carries out digest calculations to background system server certificate and obtains H2, terminal certificate is carried out to digest calculations and obtain H3, R1, R2, H2, H3, S1, E1 are obtained to T1 after connecting, T1 is carried out through HMAC, calculating " background system server authentication completes message " again after digest calculations;
10) background system server sends " background system server authentication completes message " to terminal;
11) " background system server authentication completes message " that the background system server that terminal checking receives is sent;
If checking is not passed through, finish;
If the verification passes, generate " terminal authentication completes message " (referring to mode of above-mentioned generation " background system server authentication completes message ");
12) terminal sends " terminal authentication completes message " to background system server;
13) " terminal authentication completes message " that background system server authentication receives;
If checking is not passed through, finish;
If the verification passes, represent mutual authentication process success, both sides' session key, and the encryption key K1 decompositing from session key, for carrying out the encrypting and decrypting of transfer of data between background system server and terminal, and/or the check key MACKEY of verification calculating, for generation and the verification of check value.
So between the terminal of trade company and background system server, just carried out two-way authentication, guaranteed that the other side is legal, and negotiated public session key (comprising encryption key and/or check key), can be used between terminal and background system server data encryption when data pass mutually and/or the generation of check value.The terminal of this trade company has also completed " the registering " at background system server place, can carry out follow-up user profile and read the operation requests with transaction request.
It should be noted that, the check value generating in the time of transmission data in this example between background system server and terminal is MAC form.When specific implementation, the MAC value that described check value might not just generate with MAC key, also can generate check value by the generation mode of signature again of making a summary.
In this step, by terminal and background system server, mutually authenticate and set up escape way, authentication is held the trade company of this terminal background system server " registering " by having completed later, be that background system server has been assert the legitimacy of the trade company that holds this terminal and negotiated the first session key with terminal, to utilize this first session key to realize the transaction data of background system server and terminal encrypted transmission when mutual, carry out the follow-up preparation to operations such as user profile transmission corresponding to intelligent cipher equipment and transmission of transaction data.The terminal of this process background system server authentication can be verified the legitimacy of intelligent cipher equipment by background system server afterwards, and obtains the relevant user information of legal intelligent cipher equipment.
2, terminal and intelligent cipher equipment authenticate mutually, wherein:
Terminal generates the 3rd and treats signing messages; Concrete, terminal can generate random number by random number generator and treat signing messages as the 3rd, also can adopt self sequence number, MAC Address or other identification information to treat signing messages as the 3rd, can be also that the combination of random number and identification information is treated signing messages as the 3rd.Wherein, as long as all can be used as the 3rd, the information that can be signed by intelligent cipher equipment treats signing messages, so that intelligent cipher equipment authenticates intelligent cipher equipment after returning to signing messages.Random number can be a kind of or several combination arbitrarily in the characters such as numeral, letter, spcial character.
Terminal sends the 3rd to intelligent cipher equipment and treats signing messages and the second authentication request information; Concrete, terminal can treat that by the 3rd signing messages and the second authentication request information send to intelligent cipher equipment by wireless communication link, the convenience sending with guarantee information; Also can by the 3rd, treat that signing messages and the second authentication request information send to intelligent cipher equipment by wireline interface, to improve the fail safe of communication.
Intelligent cipher equipment receives the 3rd after signing messages and the second authentication request information, generates the 4th and treats signing messages; Concrete, intelligent cipher equipment can be after receiving the second authentication request information, generate the 4th and treat signing messages, can generate random number by random number generator and treat signing messages as the 4th, also can adopt self sequence number, MAC Address or other identification information (for example device access code DAC) to treat signing messages as the 4th, can be also that the combination of random number and identification information is treated signing messages as the 4th.Wherein, as long as all can be used as the 4th, the information that can be signed by terminal treats signing messages, so that terminal authenticates terminal after returning to signing messages.Random number can be a kind of or several combination arbitrarily in the characters such as numeral, letter, spcial character.
In addition, intelligent cipher equipment is receiving the 3rd after signing messages and the second authentication request information, generate the 4th and treat in the step of signing messages, intelligent cipher equipment can also, after receiving the second authentication request information, be converted to wake-up states by resting state; Intelligent cipher equipment generates the 4th and treats signing messages under wake-up states.By resting state, be converted to wake-up states to complete normal work, and after intelligent cipher equipment is finished the work, again switch to resting state, to reduce electric energy loss, increase the service life.
The private key of intelligent cipher equipment utilization intelligent cipher equipment treats to the 3rd that signing messages is signed and obtains the second signing messages, and to terminal, sends the 4th and treat signing messages, the second signing messages and intelligent cipher device certificate;
Whether terminal receives the 4th after signing messages, the second signing messages and intelligent cipher device certificate, utilize the root certification authentication intelligent cipher device certificate that the intelligent cipher device certificate prestore is corresponding legal; Concrete, terminal also needs to obtain the root certificate that intelligent cipher device certificate is corresponding, to intelligent cipher device certificate is carried out to legitimate verification.
Terminal, after checking intelligent cipher device certificate is legal, utilizes the PKI in intelligent cipher device certificate to verify the second signing messages;
Terminal is in checking after the second signing messages passes through, and the private key that utilizes terminal treats that to the 3rd signing messages and the 4th treats signing messages acquisition the 3rd signing messages of sign; Concrete, terminal is after checking the second signing messages passes through, also to the 3rd, treat that signing messages and the 4th treats that signing messages signs, to guarantee that the 3rd treats that signing messages and the 4th treats fail safe and the non repudiation of signing messages transmission, the legal source of guarantee information transmission.Certainly, terminal can also generate the first session key and generate the factor, utilize the PKI in intelligent cipher device certificate to be encrypted and to obtain the second enciphered message the first session key generation factor, terminal is after the signature of checking intelligent cipher device certificate and intelligent cipher equipment all passes through, between generation terminal and intelligent cipher equipment, (the first session key generates the factor to the generation factor of the session key of data interaction, this first session key generates the factor for generating the session key of data interaction between terminal and intelligent cipher equipment), simultaneously, utilize the PKI in intelligent cipher device certificate to be encrypted this first session key generation factor, to guarantee that the first session key generates the fail safe of factor transmission.
Terminal sends the 3rd signing messages and terminal certificate to intelligent cipher equipment; Certainly, if terminal has also generated the first session key and has generated the factor, and utilize the PKI in intelligent cipher device certificate to be encrypted and to obtain the second enciphered message the first session key generation factor, in this step, terminal, except to backstage system server sends the 3rd signing messages and terminal certificate, also sends the second enciphered message to backstage system server.
Whether intelligent cipher equipment receives after the 3rd signing messages and terminal certificate, utilize the root certification authentication terminal certificate that the terminal certificate prestore is corresponding legal; Concrete, intelligent cipher equipment also needs to get the root certificate that terminal certificate is corresponding, to terminal certificate is carried out to legitimate verification.Certainly, if terminal also sends the second enciphered message to intelligent cipher equipment,, in this step, intelligent cipher equipment is the second enciphered message of receiving terminal transmission also.
Intelligent cipher equipment, after verification terminal certificate is legal, utilizes the PKI in terminal certificate to verify the 3rd signing messages;
Intelligent cipher equipment, after checking the 3rd signing messages passes through, generates intelligent cipher device authentication and completes message; Concrete, intelligent cipher equipment, after the signing messages of verification terminal certificate and terminal all passes through, also generates intelligent cipher device authentication and completes message, to inform that terminal intelligent encryption device has authenticated.Certainly, if intelligent cipher equipment also receives the second enciphered message, in this step, intelligent cipher equipment also generates the second session key and generates the factor, utilize the PKI in terminal certificate to be encrypted and to obtain the 3rd enciphered message the second session key generation factor, wherein, intelligent cipher equipment is after the signing messages of verification terminal certificate and terminal all passes through, (the second session key generates the factor also to generate the generation factor of the session key of data interaction between terminal and intelligent cipher equipment, this second session key generates the factor for generating the session key of data interaction between terminal and intelligent cipher equipment), simultaneously, utilize the PKI in terminal certificate to be encrypted this second session key generation factor, to guarantee that the second session key generates the fail safe of factor transmission.
Intelligent cipher equipment sends intelligent cipher device authentication to terminal and completes message; Certainly, if intelligent cipher equipment has also generated the second session key and has generated the factor, and the second session key generation factor is encrypted and obtains the 3rd enciphered message, in this step, intelligent cipher equipment completes message except sending intelligent cipher device authentication to terminal, also to terminal, sends the 3rd enciphered message.
Terminal receives intelligent cipher device authentication and completes after message, and checking intelligent cipher device authentication completes message; Concrete, terminal also authentication intelligent encryption device has authenticated message, to guarantee to have authenticated the legal source of message.Certainly, if intelligent cipher equipment has also sent the 3rd enciphered message to terminal,, in this step, terminal also receives the 3rd enciphered message.
Terminal, after checking intelligent cipher device authentication completes message and passes through, generates terminal authentication second and completes message, to intelligent cipher equipment transmitting terminal authentication second, completes message; Concrete, terminal is after authentication intelligent encryption device authenticate message and passed through, and generation terminal authentication second completes message, to inform that intelligent cipher device end has authenticated.Certainly, if terminal also receives the 3rd enciphered message, in this step, terminal also generates the factor according to the second session key of the first session key generation factor and deciphering the 3rd enciphered message acquisition and generates the second session key, to and carry out data interaction by this second session key between intelligent cipher equipment.
Intelligent cipher equipment receives terminal authentication second and completes after message, and verification terminal authentication second completes message; Concrete, intelligent cipher equipment also authenticates terminal authentication second and completes message, to guarantee to have authenticated the legal source of message.
Intelligent cipher device authentication terminal authentication second completes after message, and terminal and intelligent cipher equipment complete mutual authentication.Certainly, if intelligent cipher equipment has also generated the second session key and has generated the factor and received the second enciphered message, in this step, intelligent cipher equipment also generates the factor according to the first session key of the second session key generation factor and deciphering the second enciphered message acquisition and generates the second session key, to and carry out data interaction by this second session key between terminal.
Two-way authentication based between above-mentioned terminal and intelligent cipher equipment, can guarantee both sides' legitimacy, improves the fail safe of subsequent treatment.
Certainly, the present invention is not limited thereto plants the second session key generative process of being initiated by terminal, can also initiate this second session key generative process by intelligent cipher equipment.
In addition, after the either party that the second session key can be in terminal or intelligent cipher equipment generates, and send to the other side after being encrypted with the other side's PKI, reduce a side computation complexity.
Certainly, between terminal of the present invention and intelligent cipher equipment, generate the second session key process can and above-mentioned terminal and background system server between to generate the process of the first session key identical.The second session key also can obtain by decomposing the mode of shared master key.
Below, the mode that provides a concrete terminal and intelligent cipher authentication between devices and generate in conjunction with the second session key, the present invention is not limited thereto certainly:
1) terminal sends authentication request to intelligent cipher equipment, and sends random number R 01;
2) the intelligent cipher equipment in resting state is waken up after receiving the authentication request that terminal sends;
3) intelligent cipher equipment generates random number R 02, and R01 is carried out to digest calculations also with its encrypted private key summarization generation signature S01, and intelligent cipher equipment sends to terminal by random number R 02, signature S01 and intelligent cipher device certificate;
4) terminal is used the legitimacy of the root certification authentication intelligent cipher device certificate that the intelligent cipher device certificate that prestores in terminal is corresponding;
If checking intelligent cipher device certificate is illegal, finish to connect;
If checking intelligent cipher device certificate is legal, perform step 5);
5) whether terminal certifying signature S01 is correct,
If certifying signature S01 is incorrect, finish to connect;
If certifying signature S01 is correct, perform step 6);
6) terminal couples together R01, R02 to form R01|R02, and R01|R02 is generated and makes a summary and sign, and obtains the S02 that signs, and generates random number R 03, utilizes the public key encryption R03 generating ciphertext E01 of intelligent cipher equipment.E01, terminal certificate and S02 are sent to intelligent cipher equipment;
7) legitimacy of the root certification authentication terminal certificate that intelligent cipher equipment is used intelligent cipher equipment to prestore terminal certificate is corresponding;
If verification terminal certificate is illegal, finish to connect;
If verification terminal certificate is legal, perform step 8);
8) whether intelligent cipher device authentication signature S02 is correct;
If certifying signature S02 is incorrect, finish to connect;
If certifying signature S02 is correct, perform step 9);
9) intelligent cipher equipment generates random number R 04, utilizes the PKI of terminal to encrypt generating ciphertext E02 to R04, and ciphertext E02 is issued to terminal;
10) terminal generates and has authenticated message, to terminal certificate, the computing of making a summary obtains H01 to terminal, to intelligent cipher device certificate, the computing of making a summary obtains H02, by R01, R02, E01, E02, H01, H02, S01, S02 obtain T01 after connecting, and then T01 are made a summary and are signed, obtain " backstage has authenticated message " F01, to intelligent cipher equipment, send F01;
11) intelligent cipher equipment is received F01, and F01 is verified;
If checking F01 does not pass through, return to error message and finish to connect;
If checking F01 passes through, perform step 12);
12) intelligent cipher equipment generates and to have authenticated message F02 with the same manner, and the authentication of generation is completed to information sends to terminal;
13) terminal checking F02;
If checking F02 does not pass through, return to error message and finish to connect;
If checking F02 passes through, perform step 14);
14) intelligent cipher equipment is connected respectively R03, R04 with terminal, obtains R03|R04, utilizes R03|R04 to generate the second session key K2 (this key can be only encryption key), for the safe transmission of data after both.
As can be seen here, the mutual authentication process of terminal and intelligent cipher equipment (process two) and backstage and terminal mutually authenticate (process one) difference and are:
Process one has generated encryption key and check key (for example MACKEY), and two of processes have generated encryption key, does not generate check key (can certainly generate check key).
The effect of check key is for generating check value, and whether check value is used for being tampered in checking data transmitting procedure.Data receiver adopts special algorithm to utilize check key that the data of transmission are generated to check value, and whether the data that data receiver utilizes check value and check key to come verification to receive are tampered.And be directed to terminal of the present invention and the follow-up flow process of intelligent cipher equipment, while transmitting transaction data between terminal and intelligent cipher equipment, user can artificially judge that by the information showing on intelligent cipher equipment whether data are correct, so need not introduce check value again; Also the verification intelligent cipher equipment of signature can send by to(for) terminal judges whether information is tampered, also without introducing check value, therefore in order to simplify handling process, improve communication efficiency, when generating the second session key, can not need to generate check key.Certainly, in order further to improve fail safe, also can generate check key.
Between background system server and terminal, because background system server is not known transaction particular content, for guaranteeing safety, need to judge by introducing the mode of check value whether data are tampered.
As can be seen here, process one is to be produced and shared master key by a side, then adopts special algorithm to process sharing master key, and decompose, obtains encryption key and check key; Process two is composing factors that authentication both sides respectively produce an encryption key, finally synthetic encryption key.Certainly, in the session key generating mode adopting in process one and process two, the session key generating mode of employing both can be for the generation of session key between terminal and background system server, also can be for the generation of session key between terminal and intelligent cipher equipment.
Thus, in terminal and intelligent cipher equipment, carried out, after two-way authentication, can taking precautions against fishing risk, prevented the transaction risks such as the distorting of transmission information, long-range abduction and man-in-the-middle attack, thereby effectively ensured the fund security of terminal and intelligent cipher equipment.
In this step, can only build between background system server and terminal and carry out the method system of authentication mutually, set up the escape way between the two; Also can only build between terminal and intelligent cipher equipment and carry out the method system of authentication mutually, set up the escape way between the two; Can also build between background system server, terminal, intelligent cipher equipment three and carry out the method system of authentication mutually, set up the escape way between three.Any method system mutually authenticating based in above-mentioned three kinds, can take precautions against fishing risk, prevent that Transaction Information from distorting, the transaction risk such as long-range abduction and man-in-the-middle attack, thereby effective guarantee is held the user and the account fund safety of holding the trade company of terminal of intelligent cipher equipment.
In addition, the present invention is not limited to this step 3 and completes after step 2, also can before step 2, complete or complete with step 2 simultaneously, as long as completed authentication before step 4.
Certainly, the first session key in the present invention can be pre-stored in background system server and terminal, also can consult to generate by background system server and terminal, when consult generating the first session key, in the process that can authenticate at terminal and background system server, consult to generate (referring to above-mentioned terminal and background system server, carrying out the mutual flow process authenticating).
Certainly, all information of transmitting between background system server and terminal in the present invention all can be calculated and/or the rear transmission of verification calculating by the first session key.
The second session key in the present invention can be pre-stored in terminal and intelligent cipher equipment, also can consult to generate by terminal and intelligent cipher equipment, when consult generating the second session key, in the process that can authenticate at terminal and intelligent cipher equipment, consult to generate (referring to above-mentioned terminal and intelligent cipher equipment, carrying out the mutual flow process authenticating).
Certainly, all information of transmitting between terminal and intelligent cipher equipment in the present invention also all can be calculated and/or the rear transmission of verification calculating by the second session key.
Step 3: terminal is obtained user profile:
Concrete, in this step, terminal (is for example obtained user profile that intelligent cipher equipment is corresponding according to the identification information of the intelligent cipher equipment that scans, can be user's the information such as photo, name, account), specifically can obtain the user profile that intelligent cipher equipment is corresponding through but not limited to following mode:
Mode one, terminal obtain from background system server the user profile that intelligent cipher equipment is corresponding:
Terminal sends identification information and the user profile read requests of intelligent cipher equipment to backstage system server; Concrete, when terminal sends the identification information of intelligent cipher equipment and user profile read requests to backstage system server, can directly to backstage system server, send identification information and the user profile read requests of intelligent cipher equipment, also can utilize the first session key that the identification information of intelligent cipher equipment and/or user profile read requests are encrypted and are calculated and/or verification sends after calculating again, with fail safe and the integrality of guarantee information transmission.
Background system server receives after the identification information and user profile read requests of intelligent cipher equipment, according to the identification information of intelligent cipher equipment, obtains the user profile corresponding with intelligent cipher equipment; Concrete, background system server user profile corresponding to registered each intelligent cipher equipment that prestored, to obtain according to the identification information of the intelligent cipher equipment receiving the user profile that this intelligent cipher equipment is corresponding.Certainly, if terminal has sent the information after computations and/or verification calculating to backstage system server, so in this step, background system server also needs to utilize the first session key to be decrypted the information receiving and/or verification checking calculate errorless after, obtain identification information and/or the user profile read requests of complete intelligent cipher equipment.
In addition, in order to ensure the fail safe of data interaction and the legitimacy of intelligent cipher equipment, background system server, after receiving the identification information and user profile read requests of intelligent cipher equipment, also judges whether the identification information of intelligent cipher equipment is included in the intelligent cipher unit exception list prestoring in background system server; Background system server is after the identification information of judging intelligent cipher equipment is in intelligent cipher unit exception list, obtain locking intelligent cipher device directive, and utilize the private key of background system server to sign and obtain the 5th signing messages locking intelligent cipher device directive, and to intelligent cipher equipment, send locking intelligent cipher device directive and the 5th signing messages by terminal; Intelligent cipher equipment receives after locking intelligent cipher device directive and the 5th signing messages, utilizes the PKI in the background system server certificate prestoring to verify the 5th signing messages; Intelligent cipher equipment, after checking the 5th signing messages passes through, is carried out lock operation according to locking intelligent cipher device directive.
Concrete, intelligent cipher unit exception list can be for blacklist, report the loss list, inefficacy list etc. represents arbitrarily the illegal list of intelligent cipher equipment identities; If the identification information of intelligent cipher equipment is in intelligent cipher unit exception list, illustrate that this intelligent cipher equipment is illegal intelligent cipher equipment, now, in order to ensure fail safe, background system server sends lock instruction to lock this illegal intelligent cipher equipment by terminal to this illegal intelligent cipher equipment, and meanwhile, background system server is also signed to this lock instruction, to guarantee the legal source of lock instruction, avoid illegally locking the malicious operation of intelligent cipher equipment.
Certainly, the present invention is not limited thereto, for practical application, as long as can the illegal intelligent cipher equipment of legal locking.
In addition, background system server can not signed to lock instruction yet, only send lock instruction to illegal terminal to lock this illegal terminal.
Intelligent cipher equipment is carried out lock operation according to locking intelligent cipher device directive and can be comprised: intelligent cipher equipment refusal is carried out any request, destroys the any-modes such as certificate of self storing.
Certainly, background system server, after sending lock instruction, can also be carried out any request of this illegal intelligent cipher equipment of refusal.
Visible, to adopt this example to provide method can be reported the loss to backstage system server after user has lost intelligent cipher equipment, and background system server registers to the EIC equipment identification code of this intelligent cipher equipment to report the loss on list; Or occur that account the situation such as reported extremely, background system server also can be by these intelligent cipher device registration in blacklist.Equipment in these abnormal lists all can be as abnormal device registration on abnormal list.Before each transaction, background system server can authenticate intelligent cipher equipment, can be by this device identification and exception name digital ratio pair, if this intelligent cipher equipment is locked on list in verification process.Application the method, if someone usurps other people intelligent cipher equipment, and illegal this intelligent cipher equipment that uses of attempt is transferred accounts while stealing user's fund, owing to all can intelligent cipher equipment being authenticated before the each transaction of background system server, background system server can be long-range by this intelligent cipher equipment locking, even if therefore this intelligent cipher equipment is illegally usurped and also can be ensured that user account do not suffer a loss by others.
In addition, in the present invention, when background system server sends locking intelligent cipher device directive and the 5th signing messages by terminal to intelligent cipher equipment, can also utilize the first session key to be encrypted calculating and/or verification calculating to locking intelligent cipher device directive and the 5th signing messages, to guarantee fail safe and/or the integrality of locking intelligent cipher device directive and the transmission of the 5th signing messages, terminal receives after the information after computations and/or verification calculating, utilize the first session key to be decrypted after calculating and/or verification checking calculating, obtain locking intelligent cipher device directive and the 5th signing messages.Certainly, terminal is after obtaining locking intelligent cipher device directive and the 5th signing messages, can also utilize the second session key to be encrypted after calculating and/or verification calculating locking intelligent cipher device directive and the 5th signing messages, information after computations and/or verification calculating is sent to intelligent cipher equipment, fail safe and/or integrality with guarantee information transmission, intelligent cipher equipment is after receiving the information of terminal transmission, be decrypted and calculate and/or verification checking calculating, to obtain locking intelligent cipher device directive and the 5th signing messages.
In addition, in order to guarantee the fail safe of user profile, background system server also needs user profile corresponding to this intelligent cipher equipment to be sent to terminal by intelligent cipher equipment holder's mandate.Background system server sends user-authorization-request information (for example, this user-authorization-request information can be random number) by terminal to intelligent cipher equipment; Intelligent cipher equipment receives after user-authorization-request information, generates authorization message (for example, this authorization message can be the information obtaining after this random number is signed), and to backstage system server, sends authorization message by terminal; Background system server receives after authorization message, carries out background system server and to terminal, sends the step of the response message of user profile read requests.Certainly, after background system server can also utilize the private key of background system server that user-authorization-request information is signed, by terminal, to intelligent cipher equipment, send, intelligent cipher equipment receives after the information of signature, signature is verified, after being verified, think that user-authorization-request information is to come from legal background system server, and this request is confirmed to authorize background system server; Intelligent cipher equipment sends to background system server by terminal after also can utilizing the private key of intelligent cipher equipment to sign to authorization message, background system server receives after the information of signature, signature is verified, after being verified, think that authorization message is to come from correct intelligent cipher equipment, to carry out subsequent operation according to authorization message; Background system server sends to terminal after can also utilizing the first session key to be encrypted calculating and/or verification calculating to user-authorization-request information, and terminal utilizes the first session key that the information receiving is decrypted and is calculated and/or verification checking calculating; Terminal sends to intelligent cipher equipment after utilizing the second session key to be encrypted calculating and/or verification calculating to user-authorization-request information, and intelligent cipher equipment utilization the second session key is decrypted and calculates and/or verification checking calculating the information receiving; Background system server recycles the first session key and is encrypted calculating and/or verification calculating after can also utilizing the private key of background system server to sign to user-authorization-request information, terminal utilizes the first session key that the information receiving is decrypted and is calculated and/or verification checking calculating; Information after terminal utilizes the second session key to background system server signature is sent to intelligent cipher equipment after being encrypted calculating and/or verification calculating, intelligent cipher equipment utilization the second session key is decrypted and calculates and/or verification checking calculating the information receiving, and signature is carried out to sign test.Below be only background system server to several modes of intelligent cipher device request mandate, the present invention is not limited thereto, above all kinds of distortion combinations also should belong to protection scope of the present invention.
Certainly, at intelligent cipher equipment, receiving after user-authorization-request information, can also be converted to wake-up states by resting state; Intelligent cipher equipment generates authorization message under wake-up states.So that saving electric energy, the useful life of prolongation intelligent cipher equipment.
Background system server obtains the response message of user profile read requests according to user profile, and to terminal, sends the response message of user profile read requests; Certainly, can also utilize the first session key that user profile is encrypted and is calculated and/or verification calculating, to guarantee fail safe and/or the integrality of user profile transmission.
Terminal receives after the response message of user profile read requests, according to the response message of user profile read requests, obtains user profile; Certainly, if what terminal was received is that user profile is encrypted to the information obtaining after calculating and/or verification calculating, terminal also utilizes the first session key that the response message of user profile read requests is decrypted and is calculated and/or the rear acquisition of verification checking calculating user profile in this step.
Mode two, terminal obtain from intelligent cipher equipment the user profile that intelligent cipher equipment is corresponding:
Terminal sends user profile read requests according to the identification information of the intelligent cipher equipment scanning to intelligent cipher equipment; Concrete, terminal can directly send user profile read requests to intelligent cipher equipment, also after can utilizing the second session key to be encrypted calculating and/or verification calculating to user profile read requests, send again, with fail safe and the integrality of guarantee information transmission.
Intelligent cipher equipment obtains pre-stored user profile, and according to user profile, obtains the response message of user profile read requests, and to terminal, sends the response message of user profile read requests; Concrete, intelligent cipher equipment can directly send to terminal by the user profile getting, and the response message that also can utilize the second session key to be encrypted calculating and/or the rear acquisition of verification calculating user profile read requests to the user profile getting sends to terminal.
Terminal receives after the response message of user profile read requests, according to the response message of user profile read requests, obtains user profile.Certainly, if what terminal was received is that user profile is encrypted to the information obtaining after calculating and/or verification calculating, terminal also utilizes the second session key that the response message of user profile read requests is decrypted and is calculated and/or the rear acquisition of verification checking calculating user profile in this step.
In addition,, if the holder of intelligent cipher equipment refuses to send user profile, can or to terminal, send exclude information by software control by the button that arranges on intelligent cipher equipment, to guarantee the safety of user profile.Certainly, this exclude information also can calculate and/or the rear transmission of verification calculating by the second session key.
Terminal stores user profile in active user's list of setting up in advance; Concrete, due to flowing of the variation of the volume of the flow of passengers in shop, terminal place, personnel, the intelligent cipher equipment detecting is also constantly to change, and now, this current user list can upgrade through but not limited to following mode:
Mode one:
Terminal obtains the identification information of the whole intelligent cipher equipment in the signal cover of terminal, generates real-time identification list;
Terminal was compared the identification information of the intelligent cipher equipment in the identification information of the intelligent cipher equipment in real-time identification list and active user's list according to the default time interval;
If the identification information of the intelligent cipher equipment in identification list is not in active user's list in real time, carries out terminal and according to the identification information of the intelligent cipher equipment scanning, obtain the step of the user profile that intelligent cipher equipment is corresponding; And if the identification information of the intelligent cipher equipment in active user's list is in real-time identification list, delete in active user's list not the user profile of the intelligent cipher equipment in identification list in real time.
By the manner, active user's list is upgraded, can guarantee that user profile corresponding to intelligent cipher equipment in terminal signaling coverage can update in active user's list, for user profile corresponding to intelligent cipher equipment of leaving in terminal signaling coverage, can from active user's list, delete in time, guarantee fail safe.
Mode two:
Terminal obtains the identification information of the whole intelligent cipher equipment in the signal cover of terminal, generates real-time identification list;
Terminal was compared the identification information of the intelligent cipher equipment in the identification information of the intelligent cipher equipment in real-time identification list and active user's list according to the default time interval;
If the identification information of the intelligent cipher equipment in identification list is not in active user's list in real time, carry out terminal and according to the identification information of the intelligent cipher equipment scanning, obtain the step of the user profile that intelligent cipher equipment is corresponding, and obtain after user profile in terminal, user profile is stored in real-time identification list; And if the identification information of the intelligent cipher equipment in real-time identification list is in active user's list, the user profile of the intelligent cipher equipment in active user's list is stored in real-time identification list;
Active user's list using real-time identification list after upgrading.
By the manner, active user's list is upgraded, can only user profile corresponding to intelligent cipher equipment in the signal cover of terminal be upgraded in time, improve and upgrade efficiency.Utilize the manner, terminal is when obtaining user profile, the user profile that in shop, original intelligent cipher equipment is corresponding directly can be copied in real-time identification list from original active user's list, user profile corresponding to client of newly entering shop can be by obtaining to backstage system server or intelligent cipher equipment proposition user profile read requests.
As can be seen here, when shop, the terminal place volume of the flow of passengers changes, do not need trade company to carry out any operation, active user's list can be upgraded automatically, has facilitated the salesman of trade company to safeguard client's information management.
In addition, terminal can show user profile corresponding to user in stored active user's list, so that the holder of intelligent cipher equipment checks this user profile, guarantees the correctness of transaction.
In prior art, process of exchange all needs SIM card or smart card etc. to possess the equipment of account memory function, user's operations such as mobile phone of need to swiping the card, and so trade company could obtain user's accounts information.
Be different from prior art, the terminal of trade company can be by first reading the identification information of intelligent cipher equipment, and the identification information that recycles this intelligent cipher equipment obtains the user profile that intelligent cipher equipment is corresponding.Therefore, client can be without carrying out payment for merchandise by modes such as wallet, credit card, mobile phones, thereby simplified the interactive operation of client and trade company, promoted user's experience.
Step 4: Transaction Information is processed:
Terminal generates Transaction Information according to user profile corresponding to intelligent cipher equipment to be transacted, and obtains transaction request information according to Transaction Information; Concrete, Transaction Information can comprise dealing money, bank settlement both sides' account information, bank settlement both sides' the information such as identification information, in Transaction Information, can also comprise duplet bill, user can be according to duplet bill audit trade detail, for example, concrete exchange hour, transaction odd numbers, the article of dealing money, purchase etc.Certainly, terminal can also utilize the second session key that Transaction Information is encrypted and is calculated and/or verification calculates to guarantee fail safe and/or the integrality of Transaction Information transmission.
Terminal sends transaction request information to intelligent cipher equipment; Concrete, terminal can send transaction request information through but not limited to following mode: terminal sends by acoustic signals after transaction request information is encoded; Or terminal carries out also showing so that intelligent cipher equipment carries out IMAQ after encoding of graphs to transaction request information; Or the communication interface that terminal is mated with intelligent cipher equipment by terminal sends transaction request information.
Intelligent cipher equipment receives after transaction request information, according to transaction request information acquisition Transaction Information; Certainly, if intelligent cipher equipment receives, to be terminal be encrypted and calculate and/or transaction request information that verification calculates Transaction Information by the second session key, in this step, intelligent cipher equipment also utilizes the second session key that transaction request information is decrypted and is calculated and/or verification checking calculating acquisition Transaction Information, to guarantee fail safe and/or the integrality of Transaction Information transmission.
In order to save the electric energy of intelligent cipher equipment, increase the service life, intelligent cipher equipment can also, after receiving transaction request information, be converted to wake-up states by resting state; Intelligent cipher equipment under wake-up states according to transaction request information acquisition Transaction Information, certainly, intelligent cipher equipment can also utilize the second session key that transaction request information is decrypted and is calculated and/or verification checking calculating acquisition Transaction Information under wake-up states.
Intelligent cipher device prompts Transaction Information; Concrete, intelligent cipher equipment can show Transaction Information by display screen, also can by loud speaker etc., by Transaction Information, the mode with voice plays back.Certainly, intelligent cipher equipment can also point out user to know real Transaction Information by other means, guarantees the safety of transaction.In addition, intelligent cipher equipment gets after Transaction Information, can also to Transaction Information, carry out the extraction of key message, and intelligent cipher equipment is only pointed out key message, concrete prompting mode can be referring to intelligent cipher equipment the prompting mode to Transaction Information.
Intelligent cipher equipment confirmation of receipt instruction, and generate trade confirmation information; Concrete, the information confirmation of receipt instruction that intelligent cipher equipment can send when the acknowledgement key being arranged on intelligent cipher equipment being detected and be pressed, also can touch the information confirmation of receipt instruction that the virtual acknowledgement key of screen display sends when clicked by detecting, the biological informations such as voice that can also be by detecting, fingerprint, iris are as confirming the any-modes such as instruction.Further, intelligent cipher equipment can generate trade confirmation information through but not limited to following mode: the private key of intelligent cipher equipment utilization intelligent cipher equipment is signed to Transaction Information, generates trading signature information as trade confirmation information; Or intelligent cipher equipment generates dynamic password as trade confirmation information, certain above-mentioned trade confirmation information can also be the information of utilizing after the second session key calculating and/or verification are calculated.Certainly, in order to prevent repeat business, guarantee user's account safety, when intelligent cipher equipment generates trade confirmation information at every turn, intelligent cipher equipment also generates single transaction sign, and utilize the private key of intelligent cipher equipment to sign to Transaction Information and single transaction sign, generate trading signature information as trade confirmation information; Or intelligent cipher equipment generates single transaction sign, utilize the private key of intelligent cipher equipment to sign and obtain the signing messages of single transaction sign single transaction sign, and generate dynamic password, the signing messages that single transaction is identified and dynamic password are as trade confirmation information, to guarantee that once transaction is only successfully executed once, wherein single transaction sign can be for random number etc., and certain above-mentioned trade confirmation information can be also to utilize the second session key to calculate and/or the information of verification after calculating.Because wireless network transmissions circuit is unstable, may occur that intelligent cipher equipment can not receive the situation of receipt, if single transaction sign is not set, terminal is not when receiving the signing messages of intelligent cipher equipment, may need the user who holds this intelligent cipher equipment repeatedly to confirm signature operation, namely intelligent cipher equipment repeatedly sends signing messages to terminal, so just likely cause terminal can utilize these a plurality of signature values to generate a plurality of transaction data package and send to background system server, thereby account corresponding to intelligent cipher equipment repeated to withhold.And if be provided with single transaction sign, when occurring that circuit is unstable, intelligent cipher equipment will continue Transaction Information and same single transaction sign to sign again and send to terminal again, until receive receipt.The signature value that terminal is sent with intelligent cipher equipment generates transaction data package; background system server receives that transaction data package can identify and judge the single transaction of the inside; if this single transaction sign has been kept in transaction daily record; that is to say and conclude the business; just can to this transaction data package, not process again; can not cause repeatedly or repeat to withhold, thereby having protected intelligent cipher equipment user's account fund safety.
Terminal receives trade confirmation information; Concrete, terminal can receive trade confirmation information through but not limited to following mode: terminal receives the acoustic signals of intelligent cipher equipment transmission and acoustic signals is decoded and (for example obtained trade confirmation information, can adopt sound wave identification equipment to identify acoustic signals, adopt sound wave decoder to decode and obtain trade confirmation information acoustic signals); Or terminal gathers image information that intelligent cipher equipment shows to image information (for example, Quick Response Code, bar code etc.) decoding obtains trade confirmation information (for example adopt image capture device to gather image information, employing decoder obtains trade confirmation information after image information is decoded); Or the communication interface that terminal is mated with intelligent cipher equipment by terminal receives trade confirmation information; Or the information acquisition trade confirmation information that terminal is inputted by terminal.If trade confirmation information utilizes the second session key to calculate and/or verification calculates, in this step, also utilize the second session key that the information after calculating is decrypted and is calculated and/or verification checking calculating so.
Terminal is according to trade confirmation information acquisition transaction data package, and sends transaction data package to backstage system server; Concrete, in transaction data package, also can comprise other information such as Transaction Information.Transaction Information can comprise dealing money, bank settlement both sides' account information, bank settlement both sides' the information such as identification information, in Transaction Information, can also comprise duplet bill, user can be according to duplet bill audit trade detail, for example, concrete exchange hour, transaction odd numbers, the article of dealing money, purchase etc.Certainly, terminal can also utilize the first session key to be encrypted and to calculate and/or verification calculating to trade confirmation information or to the information after trade confirmation decrypts information, with fail safe and/or the integrality of guarantee information transmission.
Background system server receives after transaction data package, according to transaction data package, obtains trade confirmation information; Certainly, background system server can also utilize the first session key that transaction data package is decrypted and is calculated and/or verification checking calculating acquisition trade confirmation information.
Background system server is verified trade confirmation information, and carry out transaction after being verified; Concrete, background system server only after the Information Authentication of checking trade confirmation is passed through, just illustrates that this transaction passed through the confirmation of legal intelligent cipher equipment, and carries out and conclude the business according to the result after confirming.Certainly, in order to guarantee that the holder of intelligent cipher equipment knows transaction and completes, background system server can also send Transaction Success acknowledgement information to intelligent cipher equipment by terminal; Intelligent cipher equipment receives after Transaction Success acknowledgement information, prompting Transaction Success acknowledgement information, in Transaction Success acknowledgement information, can also comprise duplet bill, user can examine trade detail according to duplet bill, for example, and concrete exchange hour, transaction odd numbers, the article of dealing money, purchase etc., in addition, background system server can also send Transaction Success acknowledgement information to terminal, so that terminal is known, has concluded the business.Certainly, Transaction Success acknowledgement information sends to terminal after can utilizing the first session key calculating and/or verification to calculate, terminal deciphering calculating and/or verification checking send to intelligent cipher equipment after utilizing the second session key to be encrypted calculating and/or verification calculating after calculating, and the calculating of intelligent cipher device decrypts and/or verification checking are prompted to user after calculating and know; Transaction Success acknowledgement information can be also by terminal, to send to intelligent cipher equipment after the private key of background system server by utilizing background system server is signed, intelligent cipher equipment to the information of signature carry out sign test by after be prompted to user and know; Can also be to send to terminal after utilizing the first session key calculating and/or verification to calculate after background system server signature, terminal deciphering calculates and/or verification utilizes after calculating the second session key to calculate and/or verification sends to intelligent cipher equipment after calculating, intelligent cipher device decrypts is calculated and/or verification checking calculate after and sign test by after be prompted to user and know.
Step 5: reimbursement:
When customer need reimbursement, can carry out but be not limited to following several mode to realize reimbursement operation:
Mode one, terminal send reimbursement information to intelligent cipher equipment; Concrete, reimbursement information can comprise: reimbursement both sides' account, refund amount, reimbursement transaction odd numbers, reimbursement both sides' the combination in any such as identification information, in reimbursement information, can also comprise duplet bill, user can be according to duplet bill audit reimbursement details, for example, concrete reimbursement time, reimbursement transaction odd numbers, refund amount, the article replaced etc.Certainly, this reimbursement information is sent to intelligent cipher equipment after can also being encrypted calculating and/or verification calculating by the second session key, with fail safe and/or the integrality of guarantee information transmission.Terminal can also send reimbursement information through but not limited to following mode: terminal sends by acoustic signals after reimbursement information is encoded; Or terminal carries out also showing so that intelligent cipher equipment carries out IMAQ after encoding of graphs to reimbursement information; Or the communication interface that terminal is mated with intelligent cipher equipment by terminal sends reimbursement information.
Intelligent cipher equipment receives after reimbursement information, prompting reimbursement information; Concrete, intelligent cipher equipment, after receiving reimbursement information, is crossed this reimbursement information exchange the any-modes such as speech play or display screen demonstration and is prompted to user and knows, so that user determines this reimbursement information, is real reimbursement information.When terminal, utilize the second session key and reimbursement information is encrypted after calculating and/or verification calculating, this step also needs to utilize the second session key that the information receiving is decrypted and is calculated and/or verification checking calculating.
In order to save the electric energy of intelligent cipher equipment, increase the service life, intelligent cipher equipment can also, after receiving reimbursement information, be converted to wake-up states by resting state; Intelligent cipher equipment is pointed out reimbursement information under wake-up states.
Intelligent cipher equipment receives reimbursement and confirms instruction, and utilizes the private key of intelligent cipher equipment to sign to reimbursement information, generates reimbursement confirmation; Concrete, user, after having determined that reimbursement information is real reimbursement information, confirms by modes such as the physical button that arranges on intelligent cipher equipment or virtual keys.Intelligent cipher equipment after sending reimbursement confirmation to terminal (for example, send after acoustic signals corresponding to reimbursement confirmation, or show that image information corresponding to reimbursement confirmation reached after predetermined time), by wake-up states, be converted to resting state.
Terminal receives reimbursement confirmation, reimbursement confirmation is verified, and after being verified, utilized the private key of terminal to sign and generate reimbursement confirmation bag reimbursement confirmation; Concrete, terminal can receive reimbursement confirmation through but not limited to following mode: terminal receives the acoustic signals of intelligent cipher equipment transmission and acoustic signals is decoded and (for example obtained reimbursement confirmation, can adopt sound wave identification equipment to identify acoustic signals, adopt sound wave decoder to decode and obtain reimbursement confirmation acoustic signals); Or terminal gathers image information that intelligent cipher equipment shows to image information (for example, Quick Response Code, bar code etc.) decoding obtains reimbursement confirmation (for example adopt image capture device to gather image information, employing decoder obtains reimbursement confirmation after image information is decoded); Or the communication interface that terminal is mated with intelligent cipher equipment by terminal receives reimbursement confirmation.In addition, terminal utilizes the PKI of intelligent cipher equipment to verify reimbursement confirmation.
Terminal sends reimbursement to backstage system server and confirms bag and reimbursement confirmation; Concrete, terminal can directly send reimbursement to backstage system server and confirm bag and reimbursement confirmation, terminal also can utilize the first session key to confirm to be sent to background system server after bag and reimbursement confirmation are encrypted calculating and/or verification calculating to reimbursement, with fail safe and/or the integrality of guarantee information transmission.
Background system server receives reimbursement to be confirmed after bag and reimbursement confirmation, respectively reimbursement confirmation bag and reimbursement confirmation is verified, and after being all verified, is carried out reimbursement operation.Concrete, if terminal has utilized the first session key to confirm that to reimbursement bag and reimbursement confirmation have been carried out computations and/or verification is calculated, in this step, background system server also utilizes the first session key that the information receiving is decrypted and is calculated and/or verification checking calculating so.In addition, background system server also utilizes the PKI of terminal to confirm to wrap to reimbursement and verifies, utilizes the PKI of intelligent cipher equipment to verify reimbursement confirmation.
For mode one, provide a kind of application scenarios of reimbursement, but the present invention is not limited thereto below:
Shop is according to client's reimbursement purpose, (this reimbursement information can be to obtain by searching the Transaction Information having recorded by terminal, to generate reimbursement information, also can be a reimbursement information or the other forms of reimbursement information regenerating), and use the second session key reimbursement information between terminal and intelligent cipher equipment, and send to intelligent cipher equipment;
After the reimbursement information of intelligent cipher equipment after receiving encryption, by resting state, be converted to wake-up states, and utilize the second session key to decipher this encryption reimbursement information, obtain reimbursement information, and reimbursement information is shown, for client, confirm;
Client confirms that this reimbursement information is correct, the acknowledgement key of pressing on intelligent cipher equipment is confirmed, intelligent cipher equipment receives this reimbursement and confirms after instruction, utilize the private key of intelligent cipher equipment to sign and obtain reimbursement confirmation reimbursement information, and utilize the second session key to be encrypted reimbursement confirmation, send to terminal;
Terminal receives after the reimbursement confirmation after encryption, utilize the second session key to decipher this information, obtain reimbursement confirmation, and utilize the correctness of the public key verifications reimbursement confirmation of intelligent cipher equipment, if correct, terminal utilizes the private key of terminal to sign and obtain reimbursement confirmation bag reimbursement confirmation, and certainly, terminal can also directly be signed and obtain reimbursement confirmation bag reimbursement information;
Terminal utilizes the first session key to confirm to be sent to background system server after bag and reimbursement confirmation are encrypted to reimbursement;
Background system server receives after the information after encryption, utilize the first session key to be decrypted the information receiving, and utilize the PKI of terminal to verify reimbursement confirmation bag, utilize the PKI of intelligent cipher equipment to verify reimbursement confirmation, and after the two checking is all passed through, execution reimbursement operation, and send reimbursement success receipt information to terminal and/or intelligent cipher equipment.
Mode two, which two are with the difference of mode one: before terminal sends reimbursement information to intelligent cipher equipment, this terminal also receives the refund request that this intelligent cipher equipment sends, and generates reimbursement information according to refund request.Concrete, client can be by pressing button on intelligent cipher equipment to generate refund request, and intelligent cipher equipment receives after this refund request, and this refund request is sent to this terminal.In reimbursement information, can also comprise duplet bill, user can be according to duplet bill audit reimbursement details, for example, and concrete reimbursement time, reimbursement transaction odd numbers, refund amount, the article replaced etc.Certainly, anyly can trigger the implementation that intelligent cipher equipment generates refund request and all belong in protection scope of the present invention.
In order to save the electric energy of intelligent cipher equipment, increase the service life, intelligent cipher equipment can also, sending before refund request to terminal, be converted to wake-up states by resting state; Intelligent cipher equipment sends refund request to terminal under wake-up states.Intelligent cipher equipment is converted to resting state by wake-up states after sending refund request.When intelligent cipher equipment receives the reimbursement information of terminal transmission, by resting state, be converted to wake-up states, under wake-up states, carry out the operation of prompting reimbursement information and generation reimbursement confirmation.Intelligent cipher equipment after sending reimbursement confirmation to terminal (for example, send after acoustic signals corresponding to reimbursement confirmation, or show that image information corresponding to reimbursement confirmation reached after predetermined time), by wake-up states, be converted to resting state.
Mode three, intelligent cipher equipment send refund request to terminal; Concrete, client can be by pressing button on intelligent cipher equipment to generate refund request, and intelligent cipher equipment receives after this refund request, and this refund request is sent to this terminal.Certainly, anyly can trigger the implementation that intelligent cipher equipment generates refund request and all belong in protection scope of the present invention.
In order to save the electric energy of intelligent cipher equipment, increase the service life, intelligent cipher equipment can also, sending before refund request to terminal, be converted to wake-up states by resting state; Intelligent cipher equipment sends refund request to terminal under wake-up states.
Terminal generates refund request sign, and sends refund request sign to intelligent cipher equipment; Concrete, terminal can generate random number, and this random number is identified as refund request, and this random number is used for offering intelligent cipher equipment to generate reimbursement information.
Intelligent cipher equipment receives after refund request sign, generates reimbursement information, and utilizes the private key of intelligent cipher equipment to sign to reimbursement information, obtains reimbursement confirmation, and sends reimbursement confirmation to terminal; Concrete, the Information generation reimbursement information such as this refund request sign of intelligent cipher equipment utilization, refund amount, reimbursement account, this reimbursement information can also comprise reimbursement transaction odd numbers, reimbursement both sides' the combination in any such as identification information; Wherein, refund amount can be inputted by the button on intelligent cipher equipment, certainly, also can be by other means (for example, phonetic entry) input, reimbursement account can be inputted by the button on intelligent cipher equipment, can also the reimbursement account in intelligent cipher equipment input by reading pre-stored; Certainly, can also after completing, transaction preserve Transaction Information on intelligent cipher equipment, by inquiring about Transaction Information to obtain the information such as refund amount and reimbursement account; Certainly, this reimbursement information is sent to terminal after can also being encrypted calculating and/or verification calculating by the second session key, with fail safe and/or the integrality of guarantee information transmission.Intelligent cipher equipment can also send reimbursement information through but not limited to following mode: intelligent cipher equipment sends by acoustic signals after reimbursement information is encoded; Or intelligent cipher equipment carries out also showing so that terminal is carried out IMAQ after encoding of graphs to reimbursement information; Or the communication interface that intelligent cipher equipment mates with terminal by intelligent cipher equipment sends reimbursement information.
In order to save the electric energy of intelligent cipher equipment, increase the service life, intelligent cipher equipment can also be after sending reimbursement confirmation to terminal (for example, send after acoustic signals corresponding to reimbursement confirmation, or show that image information corresponding to reimbursement confirmation reached after predetermined time), by wake-up states, be converted to resting state.
Terminal receives reimbursement confirmation, reimbursement confirmation is verified, and after being verified, utilized the private key of terminal to sign and generate reimbursement confirmation bag reimbursement confirmation; Concrete, when intelligent cipher equipment utilization the second session key is encrypted reimbursement information after calculating and/or verification calculating, this step also needs to utilize the second session key to be decrypted calculating to the information receiving and/or verification checking is calculated; Terminal can receive reimbursement confirmation through but not limited to following mode: terminal receives the acoustic signals of intelligent cipher equipment transmission and acoustic signals is decoded and (for example obtained reimbursement confirmation, can adopt sound wave identification equipment to identify acoustic signals, adopt sound wave decoder to decode and obtain reimbursement confirmation acoustic signals); Or terminal gathers image information that intelligent cipher equipment shows to image information (for example, Quick Response Code, bar code etc.) decoding obtains reimbursement confirmation (for example adopt image capture device to gather image information, employing decoder obtains reimbursement confirmation after image information is decoded); Or the communication interface that terminal is mated with intelligent cipher equipment by terminal receives reimbursement confirmation.In addition, terminal utilizes the PKI of intelligent cipher equipment to verify reimbursement confirmation.
Terminal sends reimbursement to backstage system server and confirms bag and reimbursement confirmation; Concrete, terminal directly sends reimbursement to backstage system server and confirms bag and reimbursement confirmation, terminal also can utilize the first session key to confirm to be sent to background system server after bag and reimbursement confirmation are encrypted calculating and/or verification calculating to reimbursement, with fail safe and/or the integrality of guarantee information transmission.
Background system server receives reimbursement to be confirmed after bag and reimbursement confirmation, respectively reimbursement confirmation bag and reimbursement confirmation is verified, and after being all verified, is carried out reimbursement operation.Concrete, if terminal has utilized the first session key to confirm that to reimbursement bag and reimbursement confirmation have been carried out computations and/or verification is calculated, in this step, background system server also utilizes the first session key that the information receiving is decrypted and is calculated and/or verification checking calculating so.In addition, background system server also utilizes the PKI of terminal to confirm to wrap to reimbursement and verifies, utilizes the PKI of intelligent cipher equipment to verify reimbursement confirmation.
For mode three, provide a kind of application scenarios of reimbursement, but the present invention is not limited thereto below:
Intelligent cipher equipment is converted to wake-up states by resting state; For example, can make intelligent cipher equipment enter wake-up states by holding the client's of this intelligent cipher equipment button operation;
Client can be by pressing button on intelligent cipher equipment to generate refund request, and intelligent cipher equipment receives after this refund request, and this refund request is sent to this terminal;
Terminal can generate random number R, by this random number, as R, is refund request sign, and sends refund request sign to intelligent cipher equipment;
Intelligent cipher equipment generates reimbursement information, and utilizes the private key of intelligent cipher equipment to sign to reimbursement information, obtains reimbursement confirmation, and sends reimbursement confirmation to terminal, wherein, this reimbursement information at least comprises: refund request sign, refund amount, the information such as reimbursement account, wherein, refund amount, the information such as reimbursement account can be inputted by the button on intelligent cipher equipment by client, or refund amount can be by client by the key-press input on intelligent cipher equipment, the information that reimbursement account prestores from intelligent cipher equipment, read acquisition, or refund amount, the information such as reimbursement account all can read acquisition from the information that intelligent cipher equipment prestores, intelligent cipher equipment is used the second session key reimbursement confirmation between terminal and intelligent cipher equipment, and send to terminal,
Terminal receives after the reimbursement confirmation after encryption, utilize the second session key to decipher this information, obtain reimbursement confirmation, and utilize the correctness of the public key verifications reimbursement confirmation of intelligent cipher equipment, if correct, terminal utilizes the private key of terminal to sign and obtain reimbursement confirmation bag reimbursement confirmation, and certainly, terminal can also directly be signed and obtain reimbursement confirmation bag reimbursement information;
Terminal utilizes the first session key to confirm to be sent to background system server after bag and reimbursement confirmation are encrypted to reimbursement;
Background system server receives after the information after encryption, utilize the first session key to be decrypted the information receiving, and utilize the PKI of terminal to verify reimbursement confirmation bag, utilize the PKI of intelligent cipher equipment to verify reimbursement confirmation, and after the two checking is all passed through, execution reimbursement operation, and send reimbursement success receipt information to terminal and/or intelligent cipher equipment.
In above three kinds of reimbursement modes, reimbursement is confirmed can also comprise single reimbursement sign in bag or reimbursement confirmation, and this single reimbursement sign can be random number, to guarantee that a reimbursement is only successfully executed once.Certainly, this single reimbursement sign can be generated by terminal, also can be generated by intelligent cipher equipment, can confirm by terminal, to be signed in bag in reimbursement, also can be by intelligent cipher device subscription in reimbursement confirmation.
Certainly, background system server, after carrying out reimbursement operation, can also send reimbursement success receipt information to terminal and/or intelligent cipher equipment, so that shop and/or client can learn reimbursement success.
As can be seen here, by above-mentioned reimbursement flow process, can greatly simplify the operation of client in reimbursement process, the device-dependent safety function of application intelligent cipher can ensure the fail safe of client's reimbursement process, for consumer brings seamless experience.
Step 6: cancellation:
Comprise the cancellation of terminal and the cancellation of intelligent cipher equipment, below first the cancellation of terminal described:
Terminal is obtained terminal cancellation application, utilizes the private key of terminal to sign and obtain the 6th signing messages cancellation application, and to backstage system server transmitting terminal cancellation application and the 6th signing messages; Concrete, terminal can directly send cancellation application and the 6th signing messages to backstage system server, terminal also can utilize the first session key that the 6th signing messages is encrypted and is calculated and/or verification calculating, and the information after calculating is sent to background system server, with fail safe and/or the integrality of guarantee information transmission.
Background system server receives after terminal cancellation application and the 6th signing messages, utilizes the PKI in the terminal certificate prestoring to verify the 6th signing messages; Concrete, if terminal also utilizes the first session key to carry out computations and/or verification is calculated, in this step, background system server also utilizes the first session key that the information receiving is decrypted and is calculated and/or verification checking calculating.
Background system server after the 6th signing messages passes through, is deleted the terminal certificate prestoring in checking, and generates terminal cancellation and complete information, to the cancellation of terminal transmitting terminal, completes information; Concrete, background system server, when carrying out cancellation, except deleting the terminal certificate prestoring, can also be put into information corresponding to this terminal in the default cancellation list of background system server and wait other cancellations to operate.In addition, cancellation completes that information also can be utilized the first session key to be encrypted to calculate and/or verification calculates, also can be to utilize the private key of background system server to sign to obtain, or after utilizing the private key of background system server to sign, recycle the first session key and be encrypted and calculate and/or verification calculates.
Terminal receives terminal cancellation and completes after information, deletes the private key of terminal.Concrete, terminal receives terminal cancellation and completes after information, deletes private key, certainly, can also refuse to carry out any with send this terminal cancellation and complete the relevant transaction of the background system server of information and operate.In addition, terminal can also utilize the first session key to be decrypted calculating and/or verification checking calculating and/or sign test operation etc.
Below the cancellation of intelligent cipher equipment is described:
Intelligent cipher equipment obtains intelligent cipher equipment cancellation application, utilizes the private key of intelligent cipher equipment to sign and obtain the 7th signing messages cancellation application, and sends intelligent cipher equipment cancellation application and the 7th signing messages to backstage system server; Concrete, the 7th signing messages can send by terminal, also can manually handle, when sending by terminal, can utilize the first session key and the second session key to be encrypted the calculating such as calculating and/or verification calculating, with the fail safe of guarantee information transmission.
Background system server receives after the cancellation application of intelligent cipher equipment and the 7th signing messages, utilizes the PKI in the intelligent cipher device certificate prestoring to verify the 7th signing messages; Concrete, if terminal also utilizes the first session key to carry out computations and/or verification is calculated, in this step, background system server also utilizes the first session key that the information receiving is decrypted and is calculated and/or verification checking calculating.
Background system server after the 7th signing messages passes through, is deleted the intelligent cipher device certificate prestoring in checking, and generates the cancellation of intelligent cipher equipment and complete information, sends the cancellation of intelligent cipher equipment complete information to intelligent cipher equipment; Concrete, background system server, when carrying out cancellation, except deleting the intelligent cipher device certificate prestoring, can also be put into information corresponding to this intelligent cipher equipment in the default cancellation list of background system server and wait other cancellations to operate.In addition, cancellation completes information also can be sent to intelligent cipher equipment by terminal, now can utilize the first session key to be encrypted to calculate and/or verification calculates, also can be to utilize the private key of background system server to sign to obtain, or after utilizing the private key of background system server to sign, recycle the first session key and be encrypted and calculate and/or verification calculates.
Intelligent cipher equipment receives the cancellation of intelligent cipher equipment and completes after information, deletes the private key of intelligent cipher equipment.Concrete; intelligent cipher equipment can carry out sign test to signing messages; and after sign test is passed through; carry out deletion action; also the information that can utilize the second session key deciphering and/or verification checking to obtain; certainly, after the information that can also utilize the second session key deciphering and/or verification checking to obtain, again signing messages is carried out to sign test, as long as fail safe and/or the integrality of guarantee information transmission all should be included in protection scope of the present invention.
Registration, cancellation, the authentication of background system server by office terminal and intelligent cipher equipment and lock several aspects, guarantee the legitimacy of terminal and intelligent cipher equipment, the property loss having produced while having stopped illegally to be usurped due to terminal or intelligent cipher equipment.
What deserves to be explained is; above step 1 to step 6 is not carried out successively; it can only complete wherein several steps; in addition; above step 1 to step 6 is also not limited only to complete under same application scenarios; no matter under which kind of application scenarios, as long as use arbitrary step of the present invention, and can safety execute transaction and should belong to protection scope of the present invention.
Below, provide the exemplary a kind of application scenarios of the present invention:
In this application scene, integrated wireless communication module on intelligent cipher equipment, and status control module forms the novel intelligent cipher equipment that can be used for secure payment of the present invention.This intelligent cipher equipment comprises wireless communication module, it can be bluetooth communication or WIFI communication module etc., this wireless communication module can carry out inquiry scan and page scan to other equipment, and can carry out the mutual of signal and data with other wireless devices.On this intelligent cipher equipment, also comprise a status control module simultaneously, can control the operating state of wireless communication module and the main frame of intelligent cipher equipment.And intelligent cipher equipment of the present invention possesses two states: resting state and wake-up states, under resting state, only have transceiver (wireless communication module) and status control module in work, CPU will close, (for example: signature can not carry out command operating, receive, send the functions such as data), thus make the state of intelligent cipher equipment in a kind of low-power consumption.When other wireless devices are issued this intelligent cipher equipment application instruction from outside, status control module can be identified these signals, and generates wake-up signal, and CPU is waken up as wake-up states, starts to carry out this utility command.After command execution is complete, CPU will enter resting state again.
Below, for transaction flow process of the present invention, be briefly described:
Intelligent cipher equipment is in resting state, user enters in the wireless signal coverage of terminal with this intelligent cipher equipment, intelligent cipher equipment and terminal complete the interactive identification of wireless device, and terminal can be known has intelligent cipher equipment to enter shop, terminal place and connects with this intelligent cipher equipment.
After terminal and intelligent cipher equipment connect, terminal can send to intelligent cipher equipment the request of authenticating device, intelligent cipher equipment receives this request, status control module can be sent wake-up signal, now CPU will be waken up, intelligent cipher equipment enters wake-up states, and carries out corresponding operation.
After intelligent cipher equipment completes command adapted thereto, return to resting state, and continue the equipment interactive identification of maintenance and terminal, so that terminal can judge the holder of intelligent cipher equipment, whether check out.
After terminal and intelligent cipher equipment mutually authenticate and pass through, terminal can propose the request of reading user profile to backstage system server, background system server proposes the request of input authorized user message, and now terminal can send user-authorization-request to intelligent cipher equipment.
The user-authorization-request that intelligent cipher equipment under resting state receives self terminal to send, enters wake-up states.Intelligent cipher equipment is by the request of display terminal, and prompting user judges whether to authorize.
The request that user sends according to the terminal showing judges whether to authorize, if authorize, the acknowledgement key of pressing on intelligent cipher equipment makes intelligent cipher equipment produce authorization message and send to terminal, then proceed to resting state, otherwise, intelligent cipher device end fill order, directly proceeds to resting state.
When clearing, terminal can send customer transaction again and confirm request instruction to the intelligent cipher equipment of resting state, intelligent cipher equipment under resting state receives this instruction and enters wake-up states, intelligent cipher equipment shows the Transaction Information receiving, user confirms, if Transaction Information is correct, presses acknowledgement key intelligent cipher equipment is signed to Transaction Information, and return to terminal; Otherwise, finishing executable operations, intelligent cipher equipment proceeds to resting state.
Below, provide another kind of application scenarios of the present invention:
Background system server and terminal authenticate mutually, set up escape way and consult common session key K1;
Terminal is set up active user's list at home server, and this current user list can be used for storing user profile corresponding to intelligent cipher equipment that the client in current shop holds;
Terminal home server for example, is monitored the intelligent cipher equipment in the wireless signal coverage of terminal by wireless mode (adopting wireless exploration equipment);
Client is carrying the shopping of going window-shopping of the intelligent cipher equipment (in resting state) with wireless communication function, and in this client enters the wireless signal coverage of terminal, intelligent cipher equipment can be arrived by terminal searching, and sets up wireless connections with terminal;
Terminal and intelligent cipher equipment authenticate mutually, and set up escape way and negotiate common session key K2;
Terminal sends the request of reading the user profile that intelligent cipher equipment is corresponding to backstage system server;
Background system server produces random number (single mandate sign), and as the parameter that generates authorized user message, background system server by utilizing session key K1 encrypts this random number;
Background system server sends user-authorization-request information to terminal, and this random number ciphertext is sent to terminal;
Terminal deciphering ciphertext, the session key K2 consulting between recycling terminal and intelligent cipher equipment is to this random number encryption;
Terminal sends user-authorization-request information to intelligent cipher equipment, and this random number ciphertext is issued to intelligent cipher equipment;
Intelligent cipher equipment receives after this user-authorization-request information, convert wake-up states to, and utilize session key K2 to be decrypted this random number ciphertext receiving, then in this user-authorization-request information of demonstration screen display of intelligent cipher equipment, wait for that user confirms;
User judges this information, if do not allowed, refuses, and intelligent cipher equipment proceeds to resting state;
If allowed, press the acknowledgement key on intelligent cipher equipment, intelligent cipher equipment is made a summary and is signed this random number (single mandate sign), and using signature value as authorized user message, utilize session key K2 ciphering signature value to be sent to terminal, then proceed to resting state;
Terminal is received signature value and is utilized session key K2 deciphering, and recycling session key K1 encrypts, and sends background system server to;
Background system server by utilizing session key K1 deciphering is signed, the PKI decrypted signature of recycling intelligent cipher equipment, the value obtaining after the summary that utilizes the random number that himself generates to generate and decrypted signature is contrasted, if inconsistent, return to error message end operation;
If consistent, background system server utilizes session key K1 to be encrypted user profile, and generating authorized user message check value (the first check value), this check value can be MAC form or hash function form of adding signature etc., and ciphertext and check value are sent to terminal;
After terminal is received user profile, user profile is stored in active user's list;
After finishing, client's shopping settles accounts to cashier;
Terminal settlement amounts, and account corresponding to intelligent cipher equipment of choosing this client to hold in active user's list;
Terminal generates Transaction Information by dealing money, bank settlement both sides account, bank settlement both sides identification information etc., utilizes session key K2 encrypted transaction message;
Terminal sends transaction request information to intelligent cipher equipment, and Transaction Information ciphertext is sent to intelligent cipher equipment;
Intelligent cipher equipment receives the transaction request information of terminal, proceeds to wake-up states, and Transaction Information is decrypted into expressly and is shown on screen;
Client confirms Transaction Information, if having problem by cancellation, and trading suspension, intelligent cipher equipment proceeds to resting state;
If no problem, press acknowledgement key, intelligent cipher equipment generates random number, as single transaction, identifies;
Intelligent cipher equipment is made a summary and is signed Transaction Information and this random number, utilizes session key K2 ciphering signature, obtains customer transaction confirmation and sends to terminal;
Terminal is decrypted customer transaction confirmation, and generate transaction data package and (comprise dealing money, bank settlement both sides account and unique identifying information separately etc.), utilize session key K1 to transaction data packet encryption, and generate transaction data package check value (the second check value);
Terminal sends to backstage system server concurrent transaction data package ciphertext and the second check value of sending of application of transferring accounts;
The background system server processing of transferring accounts, and send to transfer accounts to terminal and has successfully paid information, certain, background system server can also complete payment information exchange and cross terminal and send to intelligent cipher equipment, so that client learns, has concluded the business;
Terminal receives that this payment completes information, to client, pays commodity, and checkout completes.
By the authentication of carrying out between terminal and background system server, after terminal has been assert the legitimacy of background system server, can utilize believable background system server to authenticate the legitimacy of intelligent cipher equipment.Determined that at the same time background system server and intelligent cipher equipment are in believable situation, have so just guaranteed the transaction security of terminal.While utilizing background system server to the legitimacy authentication of terminal and transaction, intelligent cipher equipment, to showing the link of information manual confirmation, has also guaranteed intelligent cipher equipment holder's transaction security simultaneously.
Based on data security exchange method provided by the invention, client is when entering shop and conclude the business, without related account vehicle equipments such as matching with mobile phone, bank card or financial IC cards, complete payment, and the payment process of original technology all need to possess by SIM card or smart card etc. the equipment of account memory function, user also needs to swipe the card, brush the operations such as mobile phone just can complete transaction.Adopt method provided by the invention, client can be without completing payment by modes such as wallet, credit card, mobile phones, thereby simplified the interactive operation in payment process of client and trade company, improved payment efficiency, promoted the experience of client in the payment process of near field; Utilize the fail safe of the safety profile promise customer payment process of intelligent cipher equipment simultaneously.
Client has chosen commodity later when checkout, terminal is without obtaining user profile by the mode that allows client manually swipe the card or to brush mobile phone again, to have suffered because this user profile has been stored in active user's list of terminal when just entering shop, during checkout, client only need quote the name of oneself, terminal can directly be sent to the Transaction Informations such as the amount of money after clearing client's intelligent cipher equipment and show, now, client only need utilize intelligent cipher equipment to confirm, and export trade confirmation information, terminal generates transaction data package and sends to background system server, the processing of transferring accounts after this transaction data package of background system server authentication is accurate, can complete payment process.
When client walks out the signal cover in this family shop, intelligent cipher equipment is connected and will automatically interrupts with the network between terminal, and user profile disappears from active user's list in this shop.If when client enters again another family shop, will automatically enter in active user's list in this another family shop, start another shopping.Do not need like this client to carry out any operation, only need client, when shopping, a small and exquisite intelligent cipher equipment is put into oneself to pocket, adopt the present invention just can bring seamless experience for client.
In flow chart or any process of otherwise describing at this or method describe and can be understood to, represent to comprise that one or more is for realizing module, fragment or the part of code of executable instruction of the step of specific logical function or process, and the scope of the preferred embodiment of the present invention comprises other realization, wherein can be not according to order shown or that discuss, comprise according to related function by the mode of basic while or by contrary order, carry out function, this should be understood by embodiments of the invention person of ordinary skill in the field.
Should be appreciated that each several part of the present invention can realize with hardware, software, firmware or their combination.In the above-described embodiment, a plurality of steps or method can realize with being stored in memory and by software or the firmware of suitable instruction execution system execution.For example, if realized with hardware, the same in another embodiment, can realize by any one in following technology well known in the art or their combination: have for data-signal being realized to the discrete logic of the logic gates of logic function, the application-specific integrated circuit (ASIC) with suitable combinational logic gate circuit, programmable gate array (PGA), field programmable gate array (FPGA) etc.
Those skilled in the art are appreciated that realizing all or part of step that above-described embodiment method carries is to come the hardware that instruction is relevant to complete by program, described program can be stored in a kind of computer-readable recording medium, this program, when carrying out, comprises step of embodiment of the method one or a combination set of.
In addition, each functional unit in each embodiment of the present invention can be integrated in a processing module, can be also that the independent physics of unit exists, and also can be integrated in a module two or more unit.Above-mentioned integrated module both can adopt the form of hardware to realize, and also can adopt the form of software function module to realize.If described integrated module usings that the form of software function module realizes and during as production marketing independently or use, also can be stored in a computer read/write memory medium.
The above-mentioned storage medium of mentioning can be read-only memory, disk or CD etc.
In the description of this specification, the description of reference term " embodiment ", " some embodiment ", " example ", " concrete example " or " some examples " etc. means to be contained at least one embodiment of the present invention or example in conjunction with specific features, structure, material or the feature of this embodiment or example description.In this manual, the schematic statement of above-mentioned term is not necessarily referred to identical embodiment or example.And the specific features of description, structure, material or feature can be with suitable mode combinations in any one or more embodiment or example.
Although illustrated and described embodiments of the invention above, be understandable that, above-described embodiment is exemplary, can not be interpreted as limitation of the present invention, those of ordinary skill in the art can change above-described embodiment within the scope of the invention in the situation that not departing from principle of the present invention and aim, modification, replacement and modification.Scope of the present invention is by claims and be equal to and limit.
Claims (29)
1. a data security exchange method, is characterized in that, comprising:
Terminal is at signal cover interscan intelligent cipher equipment, and obtains the identification information of the described intelligent cipher equipment scanning;
Described terminal is obtained user profile corresponding to described intelligent cipher equipment according to the identification information of the described intelligent cipher equipment scanning;
Described terminal stores described user profile in active user's list of setting up in advance;
Described terminal generates Transaction Information according to user profile corresponding to intelligent cipher equipment to be transacted, and obtains transaction request information according to described Transaction Information;
Described terminal sends described transaction request information to described intelligent cipher equipment;
Described intelligent cipher equipment receives after described transaction request information, according to Transaction Information described in described transaction request information acquisition;
Transaction Information described in described intelligent cipher device prompts;
Described intelligent cipher equipment confirmation of receipt instruction, and generate trade confirmation information;
Described terminal receives described trade confirmation information;
Described terminal is according to described trade confirmation information acquisition transaction data package, and sends described transaction data package to described background system server;
Described background system server receives after described transaction data package, according to described transaction data package, obtains described trade confirmation information;
Described background system server is verified described trade confirmation information, and carry out transaction after being verified.
2. method according to claim 1, is characterized in that, described terminal is obtained user profile corresponding to described intelligent cipher equipment according to the identification information of the described intelligent cipher equipment scanning and comprised:
Described terminal sends identification information and the user profile read requests of described intelligent cipher equipment to described background system server;
Described background system server receives after the identification information and described user profile read requests of described intelligent cipher equipment, according to the identification information of described intelligent cipher equipment, obtains the user profile corresponding with described intelligent cipher equipment;
Described background system server obtains the response message of described user profile read requests according to described user profile, and to described terminal, sends the response message of described user profile read requests;
Described terminal receives after the response message of described user profile read requests, according to the response message of described user profile read requests, obtains described user profile.
3. method according to claim 1, is characterized in that, described terminal is obtained user profile corresponding to described intelligent cipher equipment according to the identification information of the described intelligent cipher equipment scanning and comprised:
Described terminal sends user profile read requests according to the identification information of the described intelligent cipher equipment scanning to described intelligent cipher equipment;
Described intelligent cipher equipment obtains pre-stored user profile, and according to described user profile, obtains the response message of described user profile read requests, and to described terminal, sends the response message of described user profile read requests;
Described terminal receives after the response message of described user profile read requests, according to the response message of described user profile read requests, obtains described user profile.
4. according to the method described in claims 1 to 3 any one, it is characterized in that, described terminal is at signal cover interscan intelligent cipher equipment, and after obtaining the step of identification information of the described intelligent cipher equipment scanning, described method also comprises:
Described terminal obtains the identification information of the whole intelligent cipher equipment in the signal cover of described terminal, generates real-time identification list;
Described terminal was compared the identification information of the intelligent cipher equipment in the identification information of the intelligent cipher equipment in described real-time identification list and described active user's list according to the default time interval;
If the identification information of the intelligent cipher equipment in described real-time identification list not in described active user's list, is carried out described terminal and is obtained the step of the user profile that described intelligent cipher equipment is corresponding according to the identification information of the described intelligent cipher equipment scanning; And if the identification information of the intelligent cipher equipment in described active user's list is in described real-time identification list, delete in described active user's list the not user profile of the intelligent cipher equipment in described real-time identification list.
5. according to the method described in claims 1 to 3 any one, it is characterized in that, described terminal is at signal cover interscan intelligent cipher equipment, and after obtaining the step of identification information of the described intelligent cipher equipment scanning, described method also comprises:
Described terminal obtains the identification information of the whole intelligent cipher equipment in the signal cover of described terminal, generates real-time identification list;
Described terminal was compared the identification information of the intelligent cipher equipment in the identification information of the intelligent cipher equipment in described real-time identification list and described active user's list according to the default time interval;
If the identification information of the intelligent cipher equipment in described real-time identification list is not in described active user's list, carry out described terminal and according to the identification information of the described intelligent cipher equipment scanning, obtain the step of the user profile that described intelligent cipher equipment is corresponding, and obtain after described user profile in described terminal, described user profile is stored in described real-time identification list; And if the identification information of the intelligent cipher equipment in described real-time identification list is in described active user's list, the user profile of described intelligent cipher equipment in described active user's list is stored in described real-time identification list;
Described active user's list using described real-time identification list after upgrading.
6. method according to claim 2, is characterized in that, described terminal is after described background system server sends the identification information of described intelligent cipher equipment and the step of user profile read requests, and described method also comprises:
Described background system server judges whether the identification information of described intelligent cipher equipment is included in the intelligent cipher unit exception list prestoring in described background system server;
Described background system server is after the identification information of judging described intelligent cipher equipment is in described intelligent cipher unit exception list, obtain locking intelligent cipher device directive, and utilize the private key of described background system server to sign and obtain the 5th signing messages locking intelligent cipher device directive, and to described intelligent cipher equipment, send described locking intelligent cipher device directive and described the 5th signing messages by described terminal;
Described intelligent cipher equipment receives after described locking intelligent cipher device directive and described the 5th signing messages, utilizes the PKI in the described background system server certificate prestoring to verify described the 5th signing messages;
Described intelligent cipher equipment, after described the 5th signing messages of checking passes through, is carried out lock operation according to described locking intelligent cipher device directive.
7. according to the method described in claim 1 to 6 any one, it is characterized in that, described method also comprises:
The application for registration of described background system server receiving terminal, and described endpoint registration application is examined;
Described background system server is in audit after described endpoint registration application passes through, to described terminal transmitting terminal key to generating instruction;
Described terminal receives described terminal key to generating after instruction, generates terminal key pair;
Described terminal sends the PKI of described terminal key centering to described background system server;
Described background system server receives after the PKI of described terminal key centering, generates described terminal certificate, and sends described terminal certificate to described terminal;
Terminal certificate described in described terminal storage;
And
Described background system server receives the application of intelligent cipher facility registration, and application is examined to described intelligent cipher facility registration;
Described background system server, after the application of the described intelligent cipher facility registration of audit is passed through, sends intelligent cipher device keys to generating instruction to described intelligent cipher equipment;
Described intelligent cipher equipment receives described intelligent cipher device keys to generating after instruction, generates intelligent cipher device keys pair;
Described intelligent cipher equipment sends the PKI of described intelligent cipher device keys centering to described background system server;
Described background system server receives after the PKI of described intelligent cipher device keys centering, generates described intelligent cipher device certificate, and sends described intelligent cipher device certificate to described intelligent cipher equipment;
Intelligent cipher device certificate described in described intelligent cipher device storage.
8. method according to claim 7, is characterized in that, described method also comprises:
Described terminal is obtained terminal cancellation application, utilizes the private key of described terminal to sign and obtain the 6th signing messages described cancellation application, and sends described terminal cancellation application and described the 6th signing messages to described background system server; Described background system server receives after described terminal cancellation application and described the 6th signing messages, utilizes the PKI in the described terminal certificate prestoring to verify described the 6th signing messages; Described background system server after described the 6th signing messages passes through, is deleted the described terminal certificate prestoring in checking, and generates terminal cancellation and complete information, sends described terminal cancellation complete information to described terminal; Described terminal receives described terminal cancellation and completes after information, deletes the private key of described terminal; And/or
Described intelligent cipher equipment obtains intelligent cipher equipment cancellation application, utilize the private key of described intelligent cipher equipment to sign and obtain the 7th signing messages described cancellation application, and send described intelligent cipher equipment cancellation application and described the 7th signing messages to described background system server; Described background system server receives after described intelligent cipher equipment cancellation application and described the 7th signing messages, utilizes the PKI in the described intelligent cipher device certificate prestoring to verify described the 7th signing messages; Described background system server is after described the 7th signing messages of checking passes through, the described intelligent cipher device certificate that deletion prestores, and generate the cancellation of intelligent cipher equipment and complete information, to described intelligent cipher equipment, send the cancellation of described intelligent cipher equipment and complete information; Described intelligent cipher equipment receives the cancellation of described intelligent cipher equipment and completes after information, deletes the private key of described intelligent cipher equipment.
9. method according to claim 2, it is characterized in that, after described background system server receives the identification information of described intelligent cipher equipment and the step of described user profile read requests, described background system server sends the step of response message of described user profile read requests to described terminal before, described method also comprises:
Described background system server sends user-authorization-request information by described terminal to described intelligent cipher equipment;
Described intelligent cipher equipment receives after described user-authorization-request information, generates authorization message, and to described background system server, sends described authorization message by described terminal;
Described background system server receives after described authorization message, carries out described background system server and to described terminal, sends the step of the response message of described user profile read requests.
10. method according to claim 9, is characterized in that, described intelligent cipher equipment receives after described user-authorization-request information, and the step that generates authorization message comprises:
Described intelligent cipher equipment, after receiving described user-authorization-request information, is converted to wake-up states by resting state;
Described intelligent cipher equipment generates authorization message under wake-up states.
11. according to the method described in claim 1 to 10 any one, it is characterized in that, described intelligent cipher equipment receives after described transaction request information, according to the step of Transaction Information described in described transaction request information acquisition, comprises:
Described intelligent cipher equipment receives after described transaction request information, by resting state, is converted to wake-up states;
Described intelligent cipher equipment under wake-up states according to Transaction Information described in described transaction request information acquisition.
12. according to the method described in claim 1 to 11 any one, it is characterized in that, the step that described intelligent cipher equipment generates trade confirmation information comprises:
Described in described intelligent cipher equipment utilization, the private key of intelligent cipher equipment is signed to described Transaction Information, generates trading signature information as trade confirmation information; Or
Described intelligent cipher equipment generates dynamic password as trade confirmation information.
13. according to the method described in claim 1 to 11 any one, it is characterized in that, the step that described intelligent cipher equipment generates trade confirmation information comprises:
Described intelligent cipher equipment generates single transaction sign, and utilizes the private key of described intelligent cipher equipment to sign to described Transaction Information and described single transaction sign, generates trading signature information as trade confirmation information; Or
Described intelligent cipher equipment generates single transaction sign, utilize the private key of described intelligent cipher equipment to sign and obtain the signing messages of single transaction sign described single transaction sign, and generating dynamic password, the signing messages that single transaction is identified and described dynamic password are as trade confirmation information.
14. according to the method described in claim 12 or 13, it is characterized in that, the step that described terminal receives described trade confirmation information comprises:
Described terminal receives the acoustic signals of described intelligent cipher equipment transmission and described acoustic signals is decoded and obtained trade confirmation information; Or
Described terminal gathers the image information of described intelligent cipher equipment demonstration and described image information is decoded and obtained described trade confirmation information; Or
The communication interface that described terminal is mated with described intelligent cipher equipment by described terminal receives described trade confirmation information; Or
Trade confirmation information described in the information acquisition that described terminal is inputted by described terminal.
15. according to the method described in claim 1 to 14 any one, it is characterized in that, described background system server is verified described trade confirmation information, and carry out the step of transaction after being verified after, described method also comprises:
Described background system server sends Transaction Success acknowledgement information to described terminal; Or
Described background system server sends Transaction Success acknowledgement information by described terminal to described intelligent cipher equipment; Described intelligent cipher equipment receives after described Transaction Success acknowledgement information, points out described Transaction Success acknowledgement information.
16. according to the method described in claim 1 to 15 any one, it is characterized in that, described background system server is verified described trade confirmation information, and carry out the step of transaction after being verified after, described method also comprises:
Described terminal sends reimbursement information to described intelligent cipher equipment;
Described intelligent cipher equipment receives after described reimbursement information, points out described reimbursement information;
Described intelligent cipher equipment receives reimbursement and confirms instruction, and utilizes the private key of described intelligent cipher equipment to sign to described reimbursement information, generates reimbursement confirmation;
Described terminal receives described reimbursement confirmation, described reimbursement confirmation is verified, and after being verified, utilized the private key of described terminal to sign and generate reimbursement confirmation bag described reimbursement confirmation;
Described terminal sends described reimbursement to described background system server and confirms bag and described reimbursement confirmation;
Described background system server receives described reimbursement to be confirmed after bag and described reimbursement confirmation, respectively described reimbursement confirmation bag and described reimbursement confirmation is verified, and after being all verified, is carried out reimbursement operation.
17. according to the method described in claim 1 to 15 any one, it is characterized in that, described background system server is verified described trade confirmation information, and carry out the step of transaction after being verified after, described method also comprises:
Described intelligent cipher equipment sends refund request to described terminal;
Described terminal generates reimbursement information, and sends described reimbursement information to described intelligent cipher equipment;
Described intelligent cipher equipment receives after described reimbursement information, points out described reimbursement information;
Described intelligent cipher equipment receives reimbursement and confirms instruction, and utilizes the private key of described intelligent cipher equipment to sign to described reimbursement information, generates reimbursement confirmation;
Described terminal receives described reimbursement confirmation, described reimbursement confirmation is verified, and after being verified, utilized the private key of described terminal to sign and generate reimbursement confirmation bag described reimbursement confirmation;
Described terminal sends described reimbursement to described background system server and confirms bag and described reimbursement confirmation;
Described background system server receives described reimbursement to be confirmed after bag and described reimbursement confirmation, respectively described reimbursement confirmation bag and described reimbursement confirmation is verified, and after being all verified, is carried out reimbursement operation.
18. according to the method described in claim 1 to 15 any one, it is characterized in that, described background system server is verified described trade confirmation information, and carry out the step of transaction after being verified after, described method also comprises:
Described intelligent cipher equipment sends refund request to described terminal;
Described terminal generates refund request sign, and sends described refund request sign to described intelligent cipher equipment;
Described intelligent cipher equipment receives after described refund request sign, generates reimbursement information, and utilizes the private key of described intelligent cipher equipment to sign to described reimbursement information, obtains reimbursement confirmation, and sends described reimbursement confirmation to described terminal;
Described terminal receives described reimbursement confirmation, described reimbursement confirmation is verified, and after being verified, utilized the private key of described terminal to sign and generate reimbursement confirmation bag described reimbursement confirmation;
Described terminal sends described reimbursement to described background system server and confirms bag and described reimbursement confirmation;
Described background system server receives described reimbursement to be confirmed after bag and described reimbursement confirmation, respectively described reimbursement confirmation bag and described reimbursement confirmation is verified, and after being all verified, is carried out reimbursement operation.
19. according to the method described in claim 16 or 17, it is characterized in that, in described reimbursement information, also comprises duplet bill.
20. methods according to claim 15, is characterized in that, described Transaction Success acknowledgement information also comprises duplet bill.
21. according to the method described in claim 1 to 18 any one, it is characterized in that, also comprises duplet bill in described Transaction Information.
22. according to the method described in claim 1 to 21 any one, it is characterized in that, described terminal is at signal cover interscan intelligent cipher equipment, and before obtaining the identification information of the described intelligent cipher equipment scanning, described method also comprises:
Described intelligent cipher equipment enters and can be scanned state.
23. according to the method described in claim 1 to 22 any one, it is characterized in that, before described terminal obtains according to the identification information of the described intelligent cipher equipment scanning the user profile that described intelligent cipher equipment is corresponding, described method also comprises:
Described terminal and described background system server authenticate mutually.
24. methods according to claim 23, is characterized in that, described terminal and background system server carry out authentication mutually and comprise:
Described terminal generates first and treats signing messages;
Described terminal sends described first to backstage system server and treats signing messages and the first authentication request information;
Described background system server receives described first after signing messages and described the first authentication request information, generates second and treats signing messages;
Described background system server sends described second to described terminal and treats signing messages and background system server certificate;
Whether described terminal receives described second after signing messages and described background system server certificate, utilize described in root certification authentication corresponding to the background system server certificate prestore background system server certificate legal;
Described terminal is after the described background system server certificate of checking is legal, and the private key that utilizes described terminal treats that to described first signing messages and described second treats signing messages generation the first signing messages of sign;
Described terminal sends described the first signing messages and terminal certificate to described background system server;
Described in root certification authentication corresponding to terminal certificate that described background system server by utilizing prestores, whether terminal certificate is legal;
Described background system server, after the described terminal certificate of checking is legal, utilizes the first signing messages described in the public key verifications in described terminal certificate;
Described background system server, generates backstage and has authenticated message after described the first signing messages passes through in checking, and to described terminal, sends described backstage and authenticated message;
Described terminal receives described backstage and has authenticated after message, verifies that described backstage has authenticated message;
Described terminal is after the described backstage of checking authenticate message and passed through, and generation terminal authentication first completes message, sends described terminal authentication first complete message to described background system server;
Described background system server receives described terminal authentication first and completes after message, verifies that described terminal authentication first completes message;
Described background system server is after checking described terminal authentication first completes message and passes through, and described terminal and described background system server complete mutual authentication.
25. methods according to claim 24, is characterized in that, described the first authentication request information comprises the identification information of described terminal;
Described background system server receives described first after signing messages and described the first authentication request information, judges whether the identification information of described terminal is included in the terminal abnormal list prestoring in described background system server;
Described background system server is after the identification information of judging described terminal is in described terminal abnormal list, obtain locking terminal instruction, and the private key that utilizes described background system server to locking terminal instruction sign and obtain the 4th signing messages, and send described locking terminal instruction and described the 4th signing messages to described terminal;
Described terminal receives after described locking terminal instruction and described the 4th signing messages, utilizes the PKI in the described background system server certificate prestoring to verify described the 4th signing messages;
Described terminal, after described the 4th signing messages of checking passes through, is carried out lock operation according to described locking terminal instruction.
26. according to the method described in claim 1 to 25 any one, it is characterized in that, before described terminal obtains according to the identification information of the described intelligent cipher equipment scanning the user profile that described intelligent cipher equipment is corresponding, described method also comprises:
Described terminal and described intelligent cipher equipment authenticate mutually.
27. according to the method for claim 26, it is characterized in that, described terminal and described intelligent cipher equipment carry out authentication mutually and comprises:
Described terminal generates the 3rd and treats signing messages;
Described terminal sends the described the 3rd to described intelligent cipher equipment and treats signing messages and the second authentication request information;
Described intelligent cipher equipment receives the described the 3rd after signing messages and described the second authentication request information, generates the 4th and treats signing messages;
Described in described intelligent cipher equipment utilization, the private key of intelligent cipher equipment is treated to the described the 3rd that signing messages is signed and is obtained the second signing messages, and to described terminal, sends the described the 4th and treat signing messages, described the second signing messages and intelligent cipher device certificate;
Whether described terminal receives the described the 4th after signing messages, described the second signing messages and described intelligent cipher device certificate, utilize described in the root certification authentication that the intelligent cipher device certificate prestore is corresponding intelligent cipher device certificate legal;
Described terminal, after the described intelligent cipher device certificate of checking is legal, utilizes the PKI in described intelligent cipher device certificate to verify described the second signing messages;
Described terminal is in checking after described the second signing messages passes through, and the private key that utilizes described terminal treats that to the described the 3rd signing messages and the described the 4th treats signing messages acquisition the 3rd signing messages of sign;
Described terminal sends described the 3rd signing messages and described terminal certificate to described intelligent cipher equipment;
Whether described intelligent cipher equipment receives after described the 3rd signing messages and described terminal certificate, utilize described in the root certification authentication that the described terminal certificate prestore is corresponding terminal certificate legal;
Described intelligent cipher equipment, after the described terminal certificate of checking is legal, utilizes the PKI in described terminal certificate to verify described the 3rd signing messages;
Described intelligent cipher equipment, after described the 3rd signing messages of checking passes through, generates intelligent cipher device authentication and completes message;
Described intelligent cipher equipment sends described intelligent cipher device authentication to described terminal and completes message;
Described terminal receives described intelligent cipher device authentication and completes after message, verifies that described intelligent cipher device authentication completes message;
Described terminal, after the described intelligent cipher device authentication of checking completes message and passes through, generates terminal authentication second and completes message, sends described terminal authentication second complete message to described intelligent cipher equipment;
Described intelligent cipher equipment receives described terminal authentication second and completes after message, verifies that described terminal authentication second completes message;
Described in described intelligent cipher device authentication, terminal authentication second completes after message, and described terminal and described intelligent cipher equipment complete mutual authentication.
28. methods according to claim 27, is characterized in that, described intelligent cipher equipment receives the described the 3rd after signing messages and described the second authentication request information, generate the 4th and treat that the step of signing messages comprises:
Described intelligent cipher equipment, after receiving described the second authentication request information, is converted to wake-up states by resting state;
Described intelligent cipher equipment generates the 4th and treats signing messages under wake-up states.
29. according to the method described in claim 1 to 28 any one, it is characterized in that,
The information of transmitting between described background system server and described terminal all by the first session key, calculates and/or rear transmission is calculated in verification, wherein, described the first session key is pre-stored in described background system server and described terminal or described the first session key is consulted to generate by described background system server and described terminal; And/or
The information of transmitting between described terminal and described intelligent cipher equipment all by the second session key, calculates and/or rear transmission is calculated in verification, wherein, described the second session key is pre-stored in described terminal and described intelligent cipher equipment or described the second session key is consulted to generate by described terminal and described intelligent cipher equipment.
Priority Applications (3)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN201410171806.7A CN103944729A (en) | 2014-04-25 | 2014-04-25 | Data security interactive method |
| HK15100238.5A HK1200609A1 (en) | 2014-04-25 | 2015-01-09 | Safe data interaction method |
| PCT/CN2015/071354 WO2015161691A1 (en) | 2014-04-25 | 2015-01-22 | Secure data interaction method and system |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN201410171806.7A CN103944729A (en) | 2014-04-25 | 2014-04-25 | Data security interactive method |
Publications (1)
| Publication Number | Publication Date |
|---|---|
| CN103944729A true CN103944729A (en) | 2014-07-23 |
Family
ID=51192229
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN201410171806.7A Pending CN103944729A (en) | 2014-04-25 | 2014-04-25 | Data security interactive method |
Country Status (2)
| Country | Link |
|---|---|
| CN (1) | CN103944729A (en) |
| HK (1) | HK1200609A1 (en) |
Cited By (10)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| WO2015161691A1 (en) * | 2014-04-25 | 2015-10-29 | 天地融科技股份有限公司 | Secure data interaction method and system |
| CN107491954A (en) * | 2016-06-13 | 2017-12-19 | 邓斌涛 | Information interacting method, authentication and electronic fare payment system and method |
| CN107770281A (en) * | 2017-11-01 | 2018-03-06 | 深圳市金立通信设备有限公司 | A kind of method, server and computer-readable recording medium for notifying trade company's reimbursement information |
| CN108429719A (en) * | 2017-02-14 | 2018-08-21 | 华为技术有限公司 | Cryptographic key protection method and device |
| CN109417539A (en) * | 2016-07-15 | 2019-03-01 | 华为技术有限公司 | Key acquisition method and device |
| CN109643300A (en) * | 2016-08-05 | 2019-04-16 | 传感器有限公司 | The system and method for privacy of user are safeguarded in the application program that product and/or service are provided |
| CN110049067A (en) * | 2019-05-30 | 2019-07-23 | 全链通有限公司 | Transmission method, equipment and the computer readable storage medium of session key |
| CN110880114A (en) * | 2019-10-28 | 2020-03-13 | 淮安信息职业技术学院 | Transaction protection system and method based on block chain |
| CN111144875A (en) * | 2019-11-30 | 2020-05-12 | 飞天诚信科技股份有限公司 | Terminal equipment and working method thereof |
| CN112700232A (en) * | 2020-12-31 | 2021-04-23 | 深圳市证通电子股份有限公司 | Refund method, terminal device and readable storage medium |
Citations (3)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN101465019A (en) * | 2009-01-14 | 2009-06-24 | 北京华大智宝电子系统有限公司 | Method and system for implementing network authentication |
| CN101789934A (en) * | 2009-11-17 | 2010-07-28 | 北京飞天诚信科技有限公司 | Method and system for online security trading |
| CN103259765A (en) * | 2012-02-19 | 2013-08-21 | 上海博路信息技术有限公司 | Zone social intercourse system based on Bluetooth |
-
2014
- 2014-04-25 CN CN201410171806.7A patent/CN103944729A/en active Pending
-
2015
- 2015-01-09 HK HK15100238.5A patent/HK1200609A1/en unknown
Patent Citations (3)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN101465019A (en) * | 2009-01-14 | 2009-06-24 | 北京华大智宝电子系统有限公司 | Method and system for implementing network authentication |
| CN101789934A (en) * | 2009-11-17 | 2010-07-28 | 北京飞天诚信科技有限公司 | Method and system for online security trading |
| CN103259765A (en) * | 2012-02-19 | 2013-08-21 | 上海博路信息技术有限公司 | Zone social intercourse system based on Bluetooth |
Cited By (13)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| WO2015161691A1 (en) * | 2014-04-25 | 2015-10-29 | 天地融科技股份有限公司 | Secure data interaction method and system |
| CN107491954A (en) * | 2016-06-13 | 2017-12-19 | 邓斌涛 | Information interacting method, authentication and electronic fare payment system and method |
| CN109417539A (en) * | 2016-07-15 | 2019-03-01 | 华为技术有限公司 | Key acquisition method and device |
| CN109643300A (en) * | 2016-08-05 | 2019-04-16 | 传感器有限公司 | The system and method for privacy of user are safeguarded in the application program that product and/or service are provided |
| CN108429719A (en) * | 2017-02-14 | 2018-08-21 | 华为技术有限公司 | Cryptographic key protection method and device |
| CN107770281A (en) * | 2017-11-01 | 2018-03-06 | 深圳市金立通信设备有限公司 | A kind of method, server and computer-readable recording medium for notifying trade company's reimbursement information |
| CN110049067A (en) * | 2019-05-30 | 2019-07-23 | 全链通有限公司 | Transmission method, equipment and the computer readable storage medium of session key |
| CN110049067B (en) * | 2019-05-30 | 2021-06-01 | 全链通有限公司 | Transmission method and device of session key and computer-readable storage medium |
| CN110880114A (en) * | 2019-10-28 | 2020-03-13 | 淮安信息职业技术学院 | Transaction protection system and method based on block chain |
| CN110880114B (en) * | 2019-10-28 | 2022-07-12 | 淮安信息职业技术学院 | Transaction protection system and method based on block chain |
| CN111144875A (en) * | 2019-11-30 | 2020-05-12 | 飞天诚信科技股份有限公司 | Terminal equipment and working method thereof |
| CN111144875B (en) * | 2019-11-30 | 2023-04-18 | 飞天诚信科技股份有限公司 | Terminal equipment and working method thereof |
| CN112700232A (en) * | 2020-12-31 | 2021-04-23 | 深圳市证通电子股份有限公司 | Refund method, terminal device and readable storage medium |
Also Published As
| Publication number | Publication date |
|---|---|
| HK1200609A1 (en) | 2015-08-07 |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| EP3136646B1 (en) | Secure data interaction method and system | |
| CN103942687A (en) | Data security interactive system | |
| CN103942688A (en) | Data security interactive system | |
| CN103944736A (en) | Data security interactive method | |
| CN103942690A (en) | Data security interactive system | |
| EP1277301B1 (en) | Method for transmitting payment information between a terminal and a third equipement | |
| CN103944729A (en) | Data security interactive method | |
| CN103944734A (en) | Data security interactive method | |
| WO2015161690A1 (en) | Secure data interaction method and system | |
| CN103942684A (en) | Data security interactive system | |
| JP2014529964A (en) | System and method for secure transaction processing via a mobile device | |
| TWI591553B (en) | Systems and methods for mobile devices to trade financial documents | |
| KR101644124B1 (en) | Server for transaction using pre-authentication and method thereof | |
| CN103942685A (en) | Data security interactive system | |
| CN103944735A (en) | Data security interactive method | |
| CN103944730A (en) | Data security interactive system | |
| CN103944728A (en) | Data security interactive system | |
| CN103944908A (en) | Data updating method and system | |
| CN101944216A (en) | Two-factor online transaction safety authentication method and system | |
| CN103944731A (en) | Data security interactive method | |
| Abughazalah et al. | Secure mobile payment on NFC-enabled mobile phones formally analysed using CasperFDR | |
| CN103942686A (en) | Data security interactive system | |
| CN103944911A (en) | Data security interactive system | |
| CN103944909A (en) | Data updating method and system | |
| CN103944907A (en) | Data updating method and system |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| C06 | Publication | ||
| PB01 | Publication | ||
| C10 | Entry into substantive examination | ||
| SE01 | Entry into force of request for substantive examination | ||
| REG | Reference to a national code |
Ref country code: HK Ref legal event code: DE Ref document number: 1200609 Country of ref document: HK |
|
| RJ01 | Rejection of invention patent application after publication | ||
| RJ01 | Rejection of invention patent application after publication |
Application publication date: 20140723 |
|
| REG | Reference to a national code |
Ref country code: HK Ref legal event code: WD Ref document number: 1200609 Country of ref document: HK |