CN104899496A

CN104899496A - Data reading method and terminal for same

Info

Publication number: CN104899496A
Application number: CN201410505192.1A
Authority: CN
Inventors: 陈华山; 张善湾
Original assignee: Tencent Technology Shenzhen Co Ltd
Current assignee: Tencent Technology Shenzhen Co Ltd
Priority date: 2014-09-26
Filing date: 2014-09-26
Publication date: 2015-09-09
Anticipated expiration: 2034-09-26
Also published as: CN104899496B

Abstract

An embodiment of the present invention discloses a data reading method and a terminal for the same. The method comprises the following steps of: acquiring a data reading position, where identification data of a target user is read, by a currently operating identity reading application; acquiring an identity key from a data carrier card according to the data reading position and verifying the identity key; and after the identity key passes verification, reading the identification data from the data carrier card in a preset radio frequency reading manner according to the data reading position. The condition that the data carrier card is lost can be reduced and meanwhile, safety of service processing can be improved

Description

A kind of method for reading data and terminal thereof

Technical field

The present invention relates to field of computer technology, particularly relate to a kind of method for reading data and terminal thereof.

Background technology

Along with society enters the information age, the application of data carrier card progresses into daily life, such as: bank card, access card etc., because the volume of data carrier card is little, facilitates carrying of user.But the business handling content that every number data carrier card can carry out is limited, user need carry with multiple data carrier cards, therefore easily there is the situation that data carrier card is lost, simultaneously when data carrier card is picked up by lawless person, business handling can be carried out by its usage data carrier card, unnecessary loss is caused to user, have impact on the security of business handling.

Summary of the invention

The embodiment of the present invention provides a kind of method for reading data and terminal thereof, can reduce the situation that data carrier card is lost, and can improve the security of business handling simultaneously.

In order to solve the problems of the technologies described above, embodiment of the present invention first aspect provides a kind of method for reading data, can comprise:

The digital independent position of application acquisition to the identification data of targeted customer is read by the identity of current operation;

In described data carrier card, obtain identity key according to described digital independent position, and described identity key is verified;

After described identity key is verified, default radio frequency reading manner is also adopted to read described identification data in described data carrier card according to described digital independent position.

Embodiment of the present invention second aspect provides a kind of digital independent terminal, can comprise:

Primary importance acquiring unit, for reading the digital independent position of application acquisition to the identification data of targeted customer by the identity of current operation;

Key authentication unit, for obtaining KI according to described digital independent position in described data carrier card, and verifies described identity key;

Data-reading unit, for after described identity key is verified, also adopts default radio frequency reading manner to read described identification data in described data carrier card according to described digital independent position.

In embodiments of the present invention, the digital independent position of application acquisition to the identification data of targeted customer is read by the identity of current operation, in data carrier card, identity key is obtained according to digital independent position, and identity key is verified, after identity key is verified, default radio frequency reading manner is also adopted to read identification data in data carrier card according to digital independent position.By presetting the identification data of targeted customer in data carrier card, when data carrier card is lost, pickup people can according to the identification data of the loss user got, data carrier card is given back, decrease the situation that data carrier card is lost, avoid data carrier card by other people for business handling simultaneously, ensure that the security of business handling; Adopting radio frequency reading manner to carry out the reading of identification data, without the need to reconfiguring corresponding digital independent hardware module, having saved cost.

Accompanying drawing explanation

In order to be illustrated more clearly in the embodiment of the present invention or technical scheme of the prior art, be briefly described to the accompanying drawing used required in embodiment or description of the prior art below, apparently, accompanying drawing in the following describes is only some embodiments of the present invention, for those of ordinary skill in the art, under the prerequisite not paying creative work, other accompanying drawing can also be obtained according to these accompanying drawings.

Fig. 1 is the schematic flow sheet of a kind of method for reading data that the embodiment of the present invention provides;

Fig. 2 is the schematic flow sheet of the another kind of method for reading data that the embodiment of the present invention provides;

Fig. 3 is the schematic flow sheet of another method for reading data that the embodiment of the present invention provides;

Fig. 4 is the scene schematic diagram of a kind of digital independent that the embodiment of the present invention provides;

Fig. 5 is the scene schematic diagram of a kind of data carrier card content that the embodiment of the present invention provides;

Fig. 6 is the structural representation of a kind of digital independent terminal that the embodiment of the present invention provides;

Fig. 7 is the structural representation of the another kind of digital independent terminal that the embodiment of the present invention provides;

Fig. 8 is the structural representation of the key authentication unit that the embodiment of the present invention provides;

Fig. 9 is the structural representation of another digital independent terminal that the embodiment of the present invention provides;

Figure 10 is the structural representation of another digital independent terminal that the embodiment of the present invention provides.

Embodiment

Below in conjunction with the accompanying drawing in the embodiment of the present invention, be clearly and completely described the technical scheme in the embodiment of the present invention, obviously, described embodiment is only the present invention's part embodiment, instead of whole embodiments.Based on the embodiment in the present invention, those of ordinary skill in the art, not making the every other embodiment obtained under creative work prerequisite, belong to the scope of protection of the invention.

The method for reading data that the embodiment of the present invention provides can application data carrier card lose scene, such as: when the data carrier card of targeted customer is lost, pickup user usage data reading terminals can read the digital independent position of application acquisition to the identification data of targeted customer by the identity of current operation, described digital independent terminal obtains identity key according to digital independent position in data carrier card, and identity key is verified, after identity key is verified, described digital independent terminal is according to digital independent position and the default radio frequency reading manner of employing reads identification data in data carrier card, pickup user can according to the identification data of the targeted customer got, data carrier card is carried out the scene etc. of giving back, the scene of carrying out business handling can also be applied to, such as: when targeted customer's usage data carrier card carry out gate inhibition unlock process time, gate control system can gate inhibition's code data in acquisition number data carrier card, also need to adopt digital independent terminal to read the digital independent position of application acquisition to the identification data of targeted customer by the identity of current operation simultaneously, described digital independent terminal obtains identity key according to digital independent position in data carrier card, and identity key is verified, after identity key is verified, described digital independent terminal is according to digital independent position and the default radio frequency reading manner of employing reads identification data in data carrier card, described gate control system carries out certification by obtaining identification data to targeted customer, if authentication success and described gate inhibition's code data is correct, then to the scene etc. that gate inhibition unlocks.Can also being applied to user, lost (old man gets lost, child gets lost) scene, such as: targeted customer has worn data carrier card with it, the user that shows the way usage data reading terminals can read the digital independent position of application acquisition to the identification data of targeted customer by the identity of current operation, described digital independent terminal obtains identity key according to digital independent position in data carrier card, and identity key is verified, after identity key is verified, described digital independent terminal is according to digital independent position and the default radio frequency reading manner of employing reads identification data in data carrier card, the user that shows the way can provide route plan to targeted customer according to the identification data of targeted customer, or the scene etc. of the relatives of targeted customer can be contacted according to identification data.By presetting the identification data of targeted customer in data carrier card, when data carrier card is lost, pickup people can according to the identification data of the loss user got, data carrier card is given back, decreases the situation that data carrier card is lost, avoid data carrier card by other people for business handling simultaneously, ensure that the security of business handling, when user is got lost, identification data can be adopted to carry out providing of route plan, ensure that personal safety; Adopting radio frequency reading manner to carry out the reading of identification data, without the need to reconfiguring corresponding digital independent hardware module, having saved cost.

The digital independent terminal that the embodiment of the present invention relates to can be any terminal possessing radiofrequency signal read functions, such as: the smart machines such as panel computer, mobile phone, personal computer (Personal Computer, PC), notebook computer; Described data carrier card can be the intelligent cards possessing induction radiofrequency signal and store the functions such as related data; Described default radio frequency reading manner is specially the reading manner of near-field communication (Near Field Communication, NFC) or the reading manner of radio-frequency (RF) identification (Radio Frequency Identification, RFID); Described identification data can comprise name, contact method, contact address, head portrait, identification card number, fingerprint, bioelectricity etc., specifically limited by the function of described data carrier card, such as: if described data carrier card is access card, then described identification data can comprise the head portrait, fingerprint, bioelectricity etc. of targeted customer, if described data carrier card is that then described identification data can comprise name, contact method, contact address, head portrait etc. for preventing the card of getting lost.

Below in conjunction with accompanying drawing 1-accompanying drawing 5, the method for reading data that the embodiment of the present invention provides is described in detail.

Refer to Fig. 1, for embodiments providing a kind of schematic flow sheet of method for reading data.As shown in Figure 1, the described method of the embodiment of the present invention can comprise the following steps S101-step S103.

S101, reads the digital independent position of application acquisition to the identification data of targeted customer by the identity of current operation;

Concrete, when needing the identification data obtaining targeted customer, such as: need to verify to realize business handling to the identification data of targeted customer, or when needing the ownership person of the data carrier card checking loss, digital independent terminal can be adopted to read the digital independent position of application acquisition to the identification data of targeted customer by the identity of current operation, and described digital independent position is specially the deposit position of the identification data storing described targeted customer in the storage of data carrier card.

Be understandable that, described data carrier card, when initialization, can be write in described data carrier card from being about to identification data by card writer by targeted customer, or at business handling center, be write by staff to it.Described identity reads application can for the identity read functions in instant messaging application, the fixing write can made an appointment for card issuer or operator in described digital independent position and load position, namely described digital independent terminal can know described digital independent position by described identity reading application; Described digital independent position can also be the position that user carries out when identification data being write data carrier card selecting, this position can be carried out association store with the information that user is arranged (such as: user ID etc.) and be read in described identity and apply in corresponding identity management services device, and described digital independent terminal reads application by described identity can obtain described digital independent position to described identity management services device.

S102, obtains identity key according to described digital independent position, and verifies described identity key in described data carrier card;

Concrete, described digital independent terminal can obtain identity key on the digital independent position of described data carrier card, preferably, can obtain the identity key on the digital independent position of described data carrier card by presetting radio frequency reading manner, described digital independent terminal can be verified described identity key, be understandable that, described identity key is authorization key when reading the identification data in described data carrier card, namely when having described identity key, just can the identification data in described data carrier card be read and write.

It should be noted that, the fixed key that described identity key can be made an appointment for card issuer or operator equally, unified KI can be previously stored with in described digital independent terminal, and by this KI, described identity key is mated, and after fitting through, determine that described identity key is verified; Certainly, described identity key can be sets itself in write data carrier card, association store can be carried out with the information that targeted customer is arranged (such as: user ID etc.) equally to read in described identity and apply in corresponding identity management services device, generate KI, described digital independent terminal reads application by described identity can obtain described KI to described identity management services device, described identity key is mated, and after fitting through, determine that described identity key is verified.

S103, after described identity key is verified, also adopts default radio frequency reading manner to read described identification data in described data carrier card according to described digital independent position;

Concrete, after described identity key is verified, described digital independent terminal can adopt default radio frequency reading manner to read described identification data in the described digital independent position of described data carrier card.

Refer to Fig. 2, for embodiments providing the schematic flow sheet of another kind of method for reading data.As shown in Figure 2, the described method of the embodiment of the present invention can comprise the following steps S201-step S208.

S201, reads the mark load position of application acquisition to the user ID of targeted customer by the identity of current operation;

Concrete, when needing the identification data obtaining targeted customer, such as: need to verify to realize business handling to the identification data of targeted customer, or when needing the ownership person of the data carrier card checking loss, digital independent terminal can read the mark load position of application acquisition to the user ID of targeted customer by the identity of current operation, described identity reads application can for the identity read functions in instant messaging application, described user ID can be the identification card number of described targeted customer, job number, student number etc., described mark load position is specially the deposit position storing the user ID of described targeted customer in described data carrier card, described mark load position is preferably the fixing write and load position that card issuer or operator make an appointment.

S202, obtains described user ID according to described mark load position in described data carrier card;

Concrete, described digital independent terminal can obtain described user ID in the described mark load position of described data carrier card, be understandable that, mark load position herein can the band of position set by the surface at described data carrier card, described user ID can be sprayed in this band of position, preferably, described digital independent terminal first-classly by the shooting in digital independent terminal described in described identity reading application call can obtain described user ID in the described mark load position of described data carrier card.

S203, is sent to identity management services device by described user ID;

Concrete, described digital independent terminal reads application by described identity and sends the identification data request of carrying described user ID to identity management services device, described identity management services device can search the digital independent position of the identification data to targeted customer corresponding to described user ID, and described digital independent position can be back to described digital independent terminal by described identity management services device.

It should be noted that, described digital independent terminal can adopt predetermined encryption algorithm to be encrypted described user ID in conjunction with the terminal iidentification of self, described predetermined encryption algorithm can regularly upgrade, user ID after encryption is read application by described identity and is sent to described identity management services device by described digital independent terminal, described identity management services device can first be verified the user ID after encryption, such as: the display form of the user ID after encryption can be a numerical value, described identity management services device can verify whether this numerical value belongs to the numerical value that can be verified and pass through, if, corresponding default decipherment algorithm then can be adopted to be decrypted this numerical value, obtain described user ID, and search the digital independent position of the identification data to targeted customer corresponding to described user ID.Due to the terminal iidentification in conjunction with described digital independent terminal, represent that described digital independent terminal is the terminal being authorized to carry out identification data reading in advance, combine simultaneously and can the predetermined encryption algorithm of regular update user ID be encrypted, the security of user ID in transmitting procedure can be ensured, and avoid lawless person can obtain identification data in identity management services device digital independent position when getting user ID, and then acquisition identification data, further ensure the security of identification data.

S204, reads the digital independent position of application acquisition to the identification data of targeted customer by the identity of current operation;

Concrete, described digital independent terminal reads the digital independent position of application acquisition to the identification data of targeted customer by the identity of current operation, and described digital independent position is specially the deposit position of the identification data storing described targeted customer in the storage of data carrier card.

Be understandable that, described data carrier card, when initialization, can be write in described data carrier card from being about to identification data by card writer by targeted customer, or at business handling center, be write by staff to it.The fixing write can made an appointment for card issuer or operator in described digital independent position and load position, namely described digital independent terminal can know described digital independent position by described identity reading application; Described digital independent position can also be the position that user carries out when identification data being write data carrier card selecting, this position can be carried out association store with the information that user is arranged (such as: user ID etc.) and be read in described identity and apply in corresponding identity management services device, and described digital independent terminal reads application by described identity can obtain described digital independent position to described identity management services device.

Adopt server stores digital independent position, make the deposit position of the user identification data in every number data carrier card can not be identical, avoid by the reading maliciously carrying out user identification data, ensure the security of user identification data.

S205, reads application by described identity and obtains KI corresponding to described user ID to identity management services device;

Concrete, after data carriers card carries out identity key write, described identity key can be carried out association store with the information that targeted customer is arranged (such as: user ID etc.) and be read in described identity and apply in corresponding identity management services device, generate KI, be understandable that, described KI is identical with described identity key, herein only in order to distinguish.Described digital independent terminal can read application by described identity and obtain KI corresponding to described user ID to identity management services device.Further, when described digital independent terminal carries the identification data request of described user ID by described identity reading application to the transmission of identity management services device, KI request can be sent simultaneously, described identity management services device can obtain KI corresponding to described user ID simultaneously, and described digital independent terminal obtains the described KI that described identity management services device returns.

Certainly, the fixed key that described identity key and described KI can also be made an appointment for card issuer or operator, can be previously stored with unified KI in described digital independent terminal.

It should be noted that, described identity key is authorization key when reading the identification data in described data carrier card, namely when having described identity key, just can read and write the identification data in described data carrier card.For the less demanding business of some security performances, such as: the gate inhibition of same company unlocks, this mode is adopted without the need to asking to server, the efficiency of business processing can be promoted.And adopt server to carry out the storage of KI, make the identity key in every number data carrier card can be set to not identical key, ensure the uniqueness of identity key with this, thus further ensure the security of user identification data.

S206, obtains identity key according to described digital independent position in described data carrier card, and adopts described KI to mate described identity key;

Concrete, described digital independent terminal can obtain identity key on the digital independent position of described data carrier card, preferably, can obtain the identity key on the digital independent position of described data carrier card by presetting radio frequency reading manner, described digital independent terminal adopts described KI to mate described identity key.

S207, when described KI is consistent with described identity key coupling, determines that described identity key is verified;

Concrete, when described KI is consistent with described identity key coupling, when namely described KI is identical with described identity key, described digital independent terminal determines that described identity key is verified.

S208, after described identity key is verified, also adopts default radio frequency reading manner to read described identification data in described data carrier card according to described digital independent position;

In embodiments of the present invention, the digital independent position of application acquisition to the identification data of targeted customer is read by the identity of current operation, in data carrier card, identity key is obtained according to digital independent position, and identity key is verified, after identity key is verified, default radio frequency reading manner is also adopted to read identification data in data carrier card according to digital independent position.By presetting the identification data of targeted customer in data carrier card, when data carrier card is lost, pickup people can according to the identification data of the loss user got, data carrier card is given back, decrease the situation that data carrier card is lost, avoid data carrier card by other people for business handling simultaneously, ensure that the security of business handling; Adopting radio frequency reading manner to carry out the reading of identification data, without the need to reconfiguring corresponding digital independent hardware module, having saved cost; By obtaining data load position and KI to identity management services device, the deposit position of identification data in every number data carrier card and KI can be made all to possess uniqueness, ensure that the security of identification data.

Refer to Fig. 3, for embodiments providing the schematic flow sheet of another method for reading data.As shown in Figure 3, the described method of the embodiment of the present invention can comprise the following steps S301-step S310.

S301, reads the mark load position of application acquisition to the user ID of targeted customer by the identity of current operation;

S302, obtains tagged keys according to described mark load position in described data carrier card, and adopts default public keys to mate described tagged keys;

Concrete, described digital independent terminal reads tagged keys in the described mark load position of described data carrier card, be understandable that, mark load position herein can be the memory location of tagged keys described in described data carrier card storage, preferably, described digital independent terminal can read the local default public keys stored of application acquisition by described identity and mate described tagged keys, namely judges that whether described default public keys is identical with described tagged keys.

S303, when the match is successful for described tagged keys, obtains described user ID according to described mark load position in described data carrier card;

Concrete, when the match is successful for described tagged keys, namely described default public keys is identical with described tagged keys, described digital independent terminal can obtain described user ID in the described mark load position of described data carrier card, preferably, described digital independent terminal can obtain described user ID by presetting radio frequency reading manner in the described mark load position of described data carrier card.

S304, according to described default public keys and the terminal iidentification of self, and the predetermined encryption algorithm combining timing renewal is encrypted described user ID;

Concrete, described digital independent terminal is after the described user ID of acquisition, can according to the terminal iidentification of described default public keys and described digital independent terminal, and in conjunction with predetermined encryption algorithm, described user ID is encrypted, generate the user ID after encryption, described predetermined encryption algorithm can regularly upgrade.

S305, is sent to identity management services device by described user ID;

Concrete, described digital independent terminal reads the identification data request of applying and sending the user ID after carrying described encryption to identity management services device by described identity, described identity management services device can first be verified the user ID after encryption, such as: the display form of the user ID after encryption can be a numerical value, described identity management services device can verify whether this numerical value belongs to the numerical value that can be verified and pass through, if, corresponding default decipherment algorithm then can be adopted to be decrypted this numerical value, obtain described user ID, and search the digital independent position of the identification data to targeted customer corresponding to described user ID, described digital independent position can be back to described digital independent terminal by described identity management services device.Due to the terminal iidentification in conjunction with described digital independent terminal, represent that described digital independent terminal is the terminal being authorized to carry out identification data reading in advance, combine simultaneously and can the predetermined encryption algorithm of regular update user ID be encrypted, the security of user ID in transmitting procedure can be ensured, and avoid lawless person can obtain identification data in identity management services device digital independent position when getting user ID, and then acquisition identification data, further ensure the security of identification data.

S306, reads the digital independent position of application acquisition to the identification data of targeted customer by the identity of current operation;

S307, reads application by described identity and obtains KI corresponding to described user ID to identity management services device;

S308, obtains identity key according to described digital independent position in described data carrier card, and adopts described KI to mate described identity key;

S309, when described KI is consistent with described identity key coupling, determines that described identity key is verified;

S310, after described identity key is verified, also adopts default radio frequency reading manner to read described identification data in described data carrier card according to described digital independent position.

Wherein, the step S306 of the embodiment of the present invention, S307, S308, S309 and S310 can the step S204 of embodiment shown in Figure 2, the specific descriptions of S205, S206, S207 and S208, do not repeat at this.

In embodiments of the present invention, the digital independent position of application acquisition to the identification data of targeted customer is read by the identity of current operation, in data carrier card, identity key is obtained according to digital independent position, and identity key is verified, after identity key is verified, default radio frequency reading manner is also adopted to read identification data in data carrier card according to digital independent position.By presetting the identification data of targeted customer in data carrier card, when data carrier card is lost, pickup people can according to the identification data of the loss user got, data carrier card is given back, decrease the situation that data carrier card is lost, avoid data carrier card by other people for business handling simultaneously, ensure that the security of business handling; Adopting radio frequency reading manner to carry out the reading of identification data, without the need to reconfiguring corresponding digital independent hardware module, having saved cost; By user ID being write in the storage of data carrier card, user ID is avoided to be identified by other people, simultaneously by obtaining data load position and KI to identity management services device, the deposit position of identification data in every number data carrier card and KI can be made all to possess uniqueness, ensure that the security of identification data.

Be introduced quoting the concrete flow process of example to the method for reading data that the embodiment of the present invention provides below.

Refer to Fig. 4 and Fig. 5, Fig. 4 is the scene schematic diagram embodiments providing a kind of digital independent, and Fig. 5 is the scene schematic diagram embodiments providing a kind of data carrier card content.As shown in Figure 4, digital independent terminal reads the digital independent position of application acquisition to the identification data of targeted customer by the identity of current operation, in described data carrier card, identity key is obtained according to described digital independent position, and described identity key is verified, after described identity key is verified, described digital independent terminal is according to described digital independent position and the default radio frequency reading manner of employing reads described identification data in described data carrier card.

Shown in Fig. 5, multiple memory location is had in described data carrier card, each memory location is expressed as a stack district, in Fig. 5,1 ~ 77 Ge Zhan districts represented are only and illustrate, what suppose current described data carrier card Zhong Zhan district 2 write is tagged keys and user ID, what stack district 3 write is identity key and identification data, and what stack district 5 write is business cipher key and business datum.Described digital independent terminal can read the mark load position (stack district 2) of application acquisition to the user ID of targeted customer by the identity of current operation, described digital independent terminal obtains tagged keys in the stack district 2 of described data carrier card, adopt default public keys to mate described tagged keys simultaneously, when the match is successful for described tagged keys, user ID can be obtained in stack district 2.The identity management services device that now described digital independent terminal can read application corresponding according to described user ID to described identity obtains the digital independent position of described identification data in described data carrier card (stack district 3) and KI, described digital independent terminal obtains identity key in the stack district 3 of described data carrier card again, and adopt KI to mate a described point key of establishing, when described KI is consistent with described identity key coupling, described digital independent terminal determines that described identity key is verified, and identification data can be obtained in stack district 3.

It should be noted that, when needs carry out business processing be, described digital independent terminal can adopt the business datum obtained in a like fashion in stack district 5, and carries out business processing by the identification data obtained in conjunction with described business datum.

Below in conjunction with accompanying drawing 6-accompanying drawing 9, the digital independent terminal that the embodiment of the present invention provides is described in detail.It should be noted that, digital independent terminal shown in accompanying drawing 6-accompanying drawing 9, for performing the method for Fig. 1 of the present invention-embodiment illustrated in fig. 5, for convenience of explanation, illustrate only the part relevant to the embodiment of the present invention, concrete ins and outs do not disclose, and please refer to the embodiment shown in Fig. 1-Fig. 5 of the present invention.

Refer to Fig. 6, for embodiments providing a kind of structural representation of digital independent terminal.As shown in Figure 6, the described digital independent terminal 1 of the embodiment of the present invention can comprise: primary importance acquiring unit 11, key authentication unit 12 and data-reading unit 13.

Primary importance acquiring unit 11, for reading the digital independent position of application acquisition to the identification data of targeted customer by the identity of current operation;

In specific implementation, when needing the identification data obtaining targeted customer, such as: need to verify to realize business handling to the identification data of targeted customer, or when needing the ownership person of the data carrier card checking loss, described primary importance acquiring unit 11 reads the digital independent position of application acquisition to the identification data of targeted customer by the identity of current operation, and described digital independent position is specially the deposit position of the identification data storing described targeted customer in the storage of data carrier card.

Be understandable that, described data carrier card, when initialization, can be write in described data carrier card from being about to identification data by card writer by targeted customer, or at business handling center, be write by staff to it.Described identity reads application can for the identity read functions in instant messaging application, the fixing write can made an appointment for card issuer or operator in described digital independent position and load position, namely described primary importance acquiring unit 11 can know described digital independent position by described identity reading application; Described digital independent position can also be the position that user carries out when identification data being write data carrier card selecting, this position can be carried out association store with the information that user is arranged (such as: user ID etc.) and be read in described identity and apply in corresponding identity management services device, and described primary importance acquiring unit 11 reads application by described identity can obtain described digital independent position to described identity management services device.

Key authentication unit 12, for obtaining KI according to described digital independent position in described data carrier card, and verifies described identity key;

In specific implementation, described key authentication unit 12 can obtain identity key on the digital independent position of described data carrier card, preferably, can obtain the identity key on the digital independent position of described data carrier card by presetting radio frequency reading manner, described key authentication unit 12 can be verified described identity key, be understandable that, described identity key is authorization key when reading the identification data in described data carrier card, namely when having described identity key, just can the identification data in described data carrier card be read and write.

It should be noted that, the fixed key that described identity key can be made an appointment for card issuer or operator equally, unified KI can be previously stored with in described digital independent terminal 1, and by this KI, described identity key is mated, and after fitting through, determine that described identity key is verified; Certainly, described identity key can be sets itself in write data carrier card, association store can be carried out with the information that targeted customer is arranged (such as: user ID etc.) equally to read in described identity and apply in corresponding identity management services device, generate KI, described digital independent terminal 1 reads application by described identity can obtain described KI to described identity management services device, described identity key is mated, and after fitting through, determine that described identity key is verified.

Data-reading unit 13, for after described identity key is verified, also adopts default radio frequency reading manner to read described identification data in described data carrier card according to described digital independent position;

In specific implementation, after described identity key is verified, described data-reading unit 13 can adopt default radio frequency reading manner to read described identification data in the described digital independent position of described data carrier card.

Refer to Fig. 7, for embodiments providing the structural representation of another kind of digital independent terminal.As shown in Figure 7, the described digital independent terminal 1 of the embodiment of the present invention can comprise: primary importance acquiring unit 11, key authentication unit 12, data-reading unit 13, second place acquiring unit 14, mark acquiring unit 15, mark transmitting element 16 and key acquiring unit 17.

Second place acquiring unit 14, for reading the mark load position of application acquisition to the user ID of targeted customer by the identity of current operation;

In specific implementation, when needing the identification data obtaining targeted customer, such as: need to verify to realize business handling to the identification data of targeted customer, or when needing the ownership person of the data carrier card checking loss, described second place acquiring unit 14 can read the mark load position of application acquisition to the user ID of targeted customer by the identity of current operation, described identity reads application can for the identity read functions in instant messaging application, described user ID can be the identification card number of described targeted customer, job number, student number etc., described mark load position is specially the deposit position storing the user ID of described targeted customer in described data carrier card, described mark load position is preferably the fixing write and load position that card issuer or operator make an appointment.

Mark acquiring unit 15, for obtaining described user ID according to described mark load position in described data carrier card;

In specific implementation, described mark acquiring unit 15 can obtain described user ID in the described mark load position of described data carrier card, be understandable that, mark load position herein can the band of position set by the surface at described data carrier card, described user ID can be sprayed in this band of position, preferably, described mark acquiring unit 15 first-classly by the shooting in digital independent terminal 1 described in described identity reading application call can obtain described user ID in the described mark load position of described data carrier card.

Mark transmitting element 16, for described user ID is sent to identity management services device, with the digital independent position making described identity management services device search the identification data of described targeted customer corresponding to described user ID;

In specific implementation, described mark transmitting element 16 reads application by described identity and sends the identification data request of carrying described user ID to identity management services device, described identity management services device can search the digital independent position of the identification data to targeted customer corresponding to described user ID, and described digital independent position can be back to described digital independent terminal 1 by described identity management services device.

It should be noted that, described digital independent terminal 1 can adopt predetermined encryption algorithm to be encrypted described user ID in conjunction with the terminal iidentification of self, described predetermined encryption algorithm can regularly upgrade, user ID after encryption is read application by described identity and is sent to described identity management services device by described mark transmitting element 16, described identity management services device can first be verified the user ID after encryption, such as: the display form of the user ID after encryption can be a numerical value, described identity management services device can verify whether this numerical value belongs to the numerical value that can be verified and pass through, if, corresponding default decipherment algorithm then can be adopted to be decrypted this numerical value, obtain described user ID, and search the digital independent position of the identification data to targeted customer corresponding to described user ID.Due to the terminal iidentification in conjunction with described digital independent terminal 1, represent that described digital independent terminal 1 is the terminal being authorized to carry out identification data reading in advance, combine simultaneously and can the predetermined encryption algorithm of regular update user ID be encrypted, the security of user ID in transmitting procedure can be ensured, and avoid lawless person can obtain identification data in identity management services device digital independent position when getting user ID, and then acquisition identification data, further ensure the security of identification data.

In specific implementation, described primary importance acquiring unit 11 reads the digital independent position of application acquisition to the identification data of targeted customer by the identity of current operation, and described digital independent position is specially the deposit position of the identification data storing described targeted customer in the storage of data carrier card.

Be understandable that, described data carrier card, when initialization, can be write in described data carrier card from being about to identification data by card writer by targeted customer, or at business handling center, be write by staff to it.The fixing write can made an appointment for card issuer or operator in described digital independent position and load position, namely described primary importance acquiring unit 11 can know described digital independent position by described identity reading application; Described digital independent position can also be the position that user carries out when identification data being write data carrier card selecting, this position can be carried out association store with the information that user is arranged (such as: user ID etc.) and be read in described identity and apply in corresponding identity management services device, and described primary importance acquiring unit 11 reads application by described identity can obtain described digital independent position to described identity management services device.

Key acquiring unit 17, obtains KI corresponding to described user ID for reading application by described identity to identity management services device;

In specific implementation, after data carriers card carries out identity key write, described identity key can be carried out association store with the information that targeted customer is arranged (such as: user ID etc.) and be read in described identity and apply in corresponding identity management services device, generate KI, be understandable that, described KI is identical with described identity key, herein only in order to distinguish.Described key acquiring unit 17 can read application by described identity and obtain KI corresponding to described user ID to identity management services device.Further, when described key acquiring unit 17 carries the identification data request of described user ID by described identity reading application to the transmission of identity management services device, KI request can be sent simultaneously, described identity management services device can obtain KI corresponding to described user ID simultaneously, and described key acquiring unit 17 obtains the described KI that described identity management services device returns.

It should be noted that, the fixed key that described identity key can be made an appointment for card issuer or operator equally, unified KI can be previously stored with in described digital independent terminal 1, and by this KI, described identity key is mated, and after fitting through, determine that described identity key is verified; Certainly, described identity key can be sets itself in write data carrier card, association store can be carried out with the information that targeted customer is arranged (such as: user ID etc.) equally to read in described identity and apply in corresponding identity management services device, generate KI, described key acquiring unit 16 reads application by described identity can obtain described KI to described identity management services device, described identity key is mated, and after fitting through, determine that described identity key is verified.

Concrete, please also refer to Fig. 8, for embodiments providing the structural representation of key authentication unit.As shown in Figure 8, described key authentication unit 12 can comprise:

Key match subelement 121, for obtaining identity key according to described digital independent position in described data carrier card, and adopts described KI to mate described identity key;

In specific implementation, described key match subelement 121 can obtain identity key on the digital independent position of described data carrier card, preferably, can obtain the identity key on the digital independent position of described data carrier card by presetting radio frequency reading manner, described key match subelement 121 adopts described KI to mate described identity key.

Subelement 122 is determined in checking, for when described KI is consistent with described identity key coupling, determines that described identity key is verified;

In specific implementation, when described KI is consistent with described identity key coupling, when namely described KI is identical with described identity key, described checking determines that subelement 122 determines that described identity key is verified.

In specific implementation, after described identity key is verified, described digital independent terminal can adopt default radio frequency reading manner to read described identification data in the described digital independent position of described data carrier card.

Refer to Fig. 9, for embodiments providing the structural representation of another digital independent terminal.As shown in Figure 9, the described digital independent terminal 1 of the embodiment of the present invention can comprise: primary importance acquiring unit 11, key authentication unit 12, data-reading unit 13, second place acquiring unit 14, mark acquiring unit 15, mark transmitting element 16, key acquiring unit 17, key match unit 18, notification unit 19 and mark encryption unit 20; Wherein, the structure of primary importance acquiring unit 11, key authentication unit 12, data-reading unit 13 and key acquiring unit 17 can the specific descriptions of embodiment shown in Figure 7, do not repeat at this.

Key match unit 18, for obtaining tagged keys according to described mark load position in described data carrier card, and adopts default public keys to mate described tagged keys;

In specific implementation, described key match unit 18 reads tagged keys in the described mark load position of described data carrier card, be understandable that, mark load position herein can be the memory location of tagged keys described in described data carrier card storage, preferably, described key match unit 18 can read the local default public keys stored of application acquisition by described identity and mate described tagged keys, namely judges that whether described default public keys is identical with described tagged keys.

Notification unit 19, during for determining described tagged keys when described key match unit 18 the match is successful, notifies that described mark acquiring unit 15 obtains described user ID according to described mark load position in described data carrier card;

Mark acquiring unit 15, for obtaining described user ID according to described mark load position in described data carrier card.

In specific implementation, when described key match unit 18 is determined described tagged keys the match is successful, namely described default public keys is identical with described tagged keys, described mark acquiring unit 15 can obtain described user ID in the described mark load position of described data carrier card, preferably, described mark acquiring unit 15 can obtain described user ID by presetting radio frequency reading manner in the described mark load position of described data carrier card.

Mark encryption unit 20, for according to described default public keys and the terminal iidentification of self, and combines the predetermined encryption algorithm that timing upgrades and is encrypted described user ID;

In specific implementation, after described mark acquiring unit 15 obtains described user ID, described mark encryption unit 20 can according to the terminal iidentification of described default public keys and described digital independent terminal 1, and in conjunction with predetermined encryption algorithm, described user ID is encrypted, generate the user ID after encryption, described predetermined encryption algorithm can regularly upgrade.

Mark transmitting element 16, for being sent to identity management services device by described user ID;

In specific implementation, described mark transmitting element 16 reads the identification data request of applying and sending the user ID after carrying described encryption to identity management services device by described identity, described identity management services device can first be verified the user ID after encryption, such as: the display form of the user ID after encryption can be a numerical value, described identity management services device can verify whether this numerical value belongs to the numerical value that can be verified and pass through, if, corresponding default decipherment algorithm then can be adopted to be decrypted this numerical value, obtain described user ID, and search the digital independent position of the identification data to targeted customer corresponding to described user ID, described digital independent position can be back to described digital independent terminal by described identity management services device.Due to the terminal iidentification in conjunction with described digital independent terminal 1, represent that described digital independent terminal 1 is the terminal being authorized to carry out identification data reading in advance, combine simultaneously and can the predetermined encryption algorithm of regular update user ID be encrypted, the security of user ID in transmitting procedure can be ensured, and avoid lawless person can obtain identification data in identity management services device digital independent position when getting user ID, and then acquisition identification data, further ensure the security of identification data.

Refer to Figure 10, for embodiments providing the structural representation of another digital independent terminal.As shown in Figure 10, described digital independent terminal 1000 can comprise: at least one processor 1001, such as CPU, at least one network interface 1004, user interface 1003, storer 1005, at least one communication bus 1002.Wherein, communication bus 1002 is for realizing the connection communication between these assemblies.Wherein, user interface 1003 can comprise display screen (Display), keyboard (Keyboard), and optional user interface 1003 can also comprise wireline interface, the wave point of standard.Network interface 1004 optionally can comprise wireline interface, the wave point (as WI-FI interface) of standard.Storer 1005 can be high-speed RAM storer, also can be non-labile storer (non-volatile memory), such as at least one magnetic disk memory.Storer 1005 can also be optionally that at least one is positioned at the memory storage away from aforementioned processor 1001.As shown in Figure 10, operating system, network communication module, Subscriber Interface Module SIM and digital independent application program can be comprised as in a kind of storer 1005 of computer-readable storage medium.

In the digital independent terminal 1000 shown in Figure 10, network interface 1004 is mainly used in identity management services device, carries out data communication with described identity management services device; And user interface 1003 is mainly used in as user provides the interface of input; And processor 1001 may be used for calling the digital independent application program stored in storer 1005, and specifically perform following steps:

In one embodiment, described processor 1001, before execution reads the digital independent position of application acquisition to the identification data of targeted customer by the identity of current operation, also performs following steps:

The mark load position of application acquisition to the user ID of targeted customer is read by the identity of current operation;

In described data carrier card, described user ID is obtained according to described mark load position;

Described user ID is sent to identity management services device, with the digital independent position making described identity management services device search the identification data of described targeted customer corresponding to described user ID.

In one embodiment, described processor 1001, before execution obtains described user ID according to described mark load position in described data carrier card, also performs following steps:

In described data carrier card, obtain tagged keys according to described mark load position, and adopt default public keys to mate described tagged keys;

When the match is successful for described tagged keys, perform the step obtaining described user ID according to described mark load position in described data carrier card.

In one embodiment, described processor 1001, before described user ID is sent to identity management services device by execution, also performs following steps:

According to described default public keys and the terminal iidentification of self, and the predetermined encryption algorithm combining timing renewal is encrypted described user ID;

Described processor 1001, when described user ID is sent to identity management services device by execution, specifically performs following steps:

User ID after described encryption is sent to identity management services device, to make described identity management services device verify the user ID after described encryption, make described identity management services device after being verified, search the digital independent position of the identification data of described targeted customer corresponding to described user ID.

In one embodiment, described processor 1001 is obtaining KI according to described digital independent position in described data carrier card, and before verifying described identity key, also performs following steps:

Read application by described identity and obtain KI corresponding to described user ID to identity management services device.

In one embodiment, described processor 1001, when execution is verified described identity key, specifically performs following steps:

Described KI is adopted to mate described identity key;

When described KI is consistent with described identity key coupling, determine that described identity key is verified.

In one embodiment, described identification data comprises at least one in name, contact method, contact address, head portrait, identification card number, fingerprint and bioelectricity.

In one embodiment, described default radio frequency reading manner is specially the reading manner of NFC or the reading manner of RFID.

One of ordinary skill in the art will appreciate that all or part of flow process realized in above-described embodiment method, that the hardware that can carry out instruction relevant by computer program has come, described program can be stored in a computer read/write memory medium, this program, when performing, can comprise the flow process of the embodiment as above-mentioned each side method.Wherein, described storage medium can be magnetic disc, CD, read-only store-memory body (Read-Only Memory, ROM) or random store-memory body (Random Access Memory, RAM) etc.

Above disclosedly be only present pre-ferred embodiments, certainly can not limit the interest field of the present invention with this, therefore according to the equivalent variations that the claims in the present invention are done, still belong to the scope that the present invention is contained.

Claims

1. a method for reading data, is characterized in that, comprising:

2. method according to claim 1, is characterized in that, the described identity by current operation also comprises before reading the digital independent position of application acquisition to the identification data of targeted customer:

3. method according to claim 2, is characterized in that, described in described data carrier card, obtain described user ID according to described mark load position before, also comprise:

4. method according to claim 3, is characterized in that, described described user ID is sent to identity management services device before, also comprise:

Described described user ID is sent to identity management services device, comprises:

5. method according to claim 2, is characterized in that, describedly in described data carrier card, obtains identity key according to described digital independent position, and before verifying described identity key, also comprises:

6. method according to claim 5, is characterized in that, describedly verifies described identity key, comprising:

Described KI is adopted to mate described identity key;

7. method according to claim 1, is characterized in that, described identification data comprise name,

At least one in contact method, contact address, head portrait, identification card number, fingerprint and bioelectricity.

8. the method according to any one of claim 1-7, is characterized in that, described default radio frequency reading manner is specially the reading manner of near-field communication NFC or the reading manner of radio frequency discrimination RFID.

9. a digital independent terminal, is characterized in that, comprising:

10. terminal according to claim 9, is characterized in that, also comprises:

Second place acquiring unit, for reading the mark load position of application acquisition to the user ID of targeted customer by the identity of current operation;

Mark acquiring unit, for obtaining described user ID according to described mark load position in described data carrier card;

Mark transmitting element, for described user ID is sent to identity management services device, with the digital independent position making described identity management services device search the identification data of described targeted customer corresponding to described user ID.

11. terminals according to claim 10, is characterized in that, also comprise:

Key match unit, for obtaining tagged keys according to described mark load position in described data carrier card, and adopts default public keys to mate described tagged keys;

Notification unit, during for determining described tagged keys when described key match unit the match is successful, notifies that described mark acquiring unit performs the step obtaining described user ID according to described mark load position in described data carrier card.

12. terminals according to claim 10, is characterized in that, also comprise:

Mark encryption unit, for according to described default public keys and the terminal iidentification of self, and combines the predetermined encryption algorithm that timing upgrades and is encrypted described user ID;

Described mark transmitting element is specifically for being sent to identity management services device by the user ID after described encryption, to make described identity management services device verify the user ID after described encryption, make described identity management services device after being verified, search the digital independent position of the identification data of described targeted customer corresponding to described user ID.

13. terminals according to claim 10, is characterized in that, also comprise:

Key acquiring unit, obtains KI corresponding to described user ID for reading application by described identity to identity management services device.

14. terminals according to claim 13, is characterized in that, described key authentication unit comprises:

Key match subelement, for obtaining identity key according to described digital independent position in described data carrier card, and adopts described KI to mate described identity key;

Subelement is determined in checking, for when described KI is consistent with described identity key coupling, determines that described identity key is verified.

15. terminals according to claim 9, is characterized in that, described identification data comprises at least one in name, contact method, contact address, head portrait, identification card number, fingerprint and bioelectricity.

16. terminals according to claim 9-15, it is characterized in that, described default radio frequency reading manner is specially the reading manner of NFC or the reading manner of RFID.