CN104933565A - IC card transaction method and IC card transaction system - Google Patents

IC card transaction method and IC card transaction system Download PDF

Info

Publication number
CN104933565A
CN104933565A CN201510303111.4A CN201510303111A CN104933565A CN 104933565 A CN104933565 A CN 104933565A CN 201510303111 A CN201510303111 A CN 201510303111A CN 104933565 A CN104933565 A CN 104933565A
Authority
CN
China
Prior art keywords
transaction
card
management system
background management
data
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Granted
Application number
CN201510303111.4A
Other languages
Chinese (zh)
Other versions
CN104933565B (en
Inventor
林祥明
杨明
杨红超
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
Bank of China Ltd
Original Assignee
Bank of China Ltd
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Bank of China Ltd filed Critical Bank of China Ltd
Priority to CN201510303111.4A priority Critical patent/CN104933565B/en
Publication of CN104933565A publication Critical patent/CN104933565A/en
Application granted granted Critical
Publication of CN104933565B publication Critical patent/CN104933565B/en
Active legal-status Critical Current
Anticipated expiration legal-status Critical

Links

Classifications

    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06QINFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES, NOT OTHERWISE PROVIDED FOR
    • G06Q20/00Payment architectures, schemes or protocols
    • G06Q20/30Payment architectures, schemes or protocols characterised by the use of specific devices or networks
    • G06Q20/32Payment architectures, schemes or protocols characterised by the use of specific devices or networks using wireless devices
    • G06Q20/327Short range or proximity payments by means of M-devices
    • G06Q20/3278RFID or NFC payments by means of M-devices
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06QINFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES, NOT OTHERWISE PROVIDED FOR
    • G06Q20/00Payment architectures, schemes or protocols
    • G06Q20/30Payment architectures, schemes or protocols characterised by the use of specific devices or networks
    • G06Q20/32Payment architectures, schemes or protocols characterised by the use of specific devices or networks using wireless devices
    • G06Q20/322Aspects of commerce using mobile devices [M-devices]
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06QINFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES, NOT OTHERWISE PROVIDED FOR
    • G06Q20/00Payment architectures, schemes or protocols
    • G06Q20/30Payment architectures, schemes or protocols characterised by the use of specific devices or networks
    • G06Q20/34Payment architectures, schemes or protocols characterised by the use of specific devices or networks using cards, e.g. integrated circuit [IC] cards or magnetic cards
    • G06Q20/352Contactless payments by cards
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06QINFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES, NOT OTHERWISE PROVIDED FOR
    • G06Q20/00Payment architectures, schemes or protocols
    • G06Q20/38Payment protocols; Details thereof
    • G06Q20/382Payment protocols; Details thereof insuring higher security of transaction

Landscapes

  • Business, Economics & Management (AREA)
  • Engineering & Computer Science (AREA)
  • Accounting & Taxation (AREA)
  • Physics & Mathematics (AREA)
  • Strategic Management (AREA)
  • General Business, Economics & Management (AREA)
  • General Physics & Mathematics (AREA)
  • Theoretical Computer Science (AREA)
  • Computer Networks & Wireless Communication (AREA)
  • Microelectronics & Electronic Packaging (AREA)
  • Computer Security & Cryptography (AREA)
  • Finance (AREA)
  • Financial Or Insurance-Related Operations Such As Payment And Settlement (AREA)

Abstract

The invention provides an IC card transaction method and an IC card transaction system. The method comprises that a mobile intelligent terminal establishes connection with an IC card through an NFC module; the IC card transmits transaction data containing information about the number of transactions to the mobile intelligent terminal; the mobile intelligent terminal sends the transaction data containing the information about the number of transactions to a background management system; the background management system verifies the transaction data containing the information about the number of transactions; a transaction request is processed after the transaction data passes the verification, and a processing result of the background management system is sent to the mobile intelligent terminal; and the mobile intelligent terminal is interacted with the IC card and responds to the processing result of the background management system. According to the invention, the convenience of IC card transaction is improved, and the safety in transaction between the IC card and the background management system can be ensured.

Description

A kind of IC card transaction method and system
Technical field
The invention belongs to financial transaction field, particularly a kind of IC-card method and system of concluding the business.
Background technology
Current sphere is deposited, enclose and carry, recognize circle and to deposit etc. and relate to the financial transaction that IC-card writes card and all need to carry out on the traditional channels such as POS terminal, bank outlets' sales counter, because site and POS dispose limited, this brings inconvenience with regard to giving the use of user, limits the popularization of financial IC card.
Summary of the invention
A kind of IC card transaction method provided by the invention and system, can make client carry out the transaction of IC-card whenever and wherever possible, be user-friendly to, and can ensure the security that IC-card and background management system are concluded the business.
The invention provides a kind of IC card transaction method, comprising:
Mobile intelligent terminal is connected by NFC module and IC-card;
The transaction data of described IC-card transmission containing transaction count information gives described mobile intelligent terminal;
The described transaction data containing transaction count information is sent to described background management system by described mobile intelligent terminal;
Described background management system verifies the described transaction data containing transaction count information;
Verification, by rear, process transaction request, and the result of described background management system is sent to described mobile intelligent terminal;
Described mobile intelligent terminal and described IC-card carry out alternately, responding the result of described background management system.
In one embodiment of the invention, the described transaction data containing transaction count information at least comprises: IC-card number, IC-card remaining sum, current transaction count, authorization requests ciphertext (Authorization Request Cryptogram, ARQC), credit card issuer application data (9F10, a TAG in PBOC standard IC-card), authorization requests data (ARQC source data); Wherein, described ARQC is the ciphertext of ARQC source data, relevant to transaction count; Described 9F10 comprises IC-card remaining sum, and ARQC source data packet is containing dealing money and transaction count; An IC-card transaction count of often concluding the business increases progressively 1.
In one embodiment of the invention, described mobile intelligent terminal receives described containing after the transaction data of transaction count information, described mobile intelligent terminal generates a transaction journal number, and described transaction journal number and the described transaction data containing transaction count information are sent to described background management system.
In one embodiment of the invention, background management system to the process that the transaction data containing transaction count information verifies is: deciphering ARQC, obtain the ARQC source data after deciphering, make comparisons deciphering the ARQC source data obtained with containing the ARQC source data in the transaction data of transaction count information, if comparative result is identical, then described authorization requests ciphertext verification succeeds, if comparative result is different, then background management system reports an error to described mobile intelligent terminal; Deciphering 9F10, obtain the IC-card remaining sum after deciphering, make comparisons deciphering the IC-card remaining sum obtained with containing the IC-card remaining sum in the transaction data of transaction count information, if comparative result is identical, then credit card issuer application data verification succeeds, if comparative result is different, then background management system reports an error to mobile intelligent terminal.
In one embodiment of the invention, verification is by rear, the process of process transaction request comprises: described background management system is according to the IC-card remaining sum after the dealing money computing transaction request in described IC-card remaining sum and described ARQC source data and generate authorization response ciphertext (Authorization Response Cryptogram, ARPC) and credit card issuer script; Wherein, ARPC and ARQC, current transaction count are correlated with; Described credit card issuer script is relevant to the key that the current transaction count of described IC-card, ARQC, dealing money and background management system store.
In one embodiment of the invention, the result process responding described background management system is: verify described authorization response ciphertext, described IC-card takes described authorization requests ciphertext, current transaction count generates an authorization response ciphertext, and itself and background management system are passed the authorization response ciphertext of coming make comparisons, if comparative result is identical, then described authorization response ciphertext verification succeeds, if comparative result is different, then described IC-card reports an error to described intelligent movable device;
Verify described credit card issuer script, described IC-card deciphers described credit card issuer script, obtain transaction count, if the transaction count that deciphering credit card issuer script obtains is identical with current transaction count, then described credit card issuer script verification succeeds, if comparative result is different, then described IC-card reports an error to described mobile intelligent terminal;
Described authorization response ciphertext and described credit card issuer script, all after verification succeeds, perform described credit card issuer script.
In one embodiment of the invention, when background management system process transaction request time-out or IC-card respond the result failure of described background management system, IC card transaction method also comprises rushes positive process of exchange:
Described mobile intelligent terminal is connected by NFC module and IC-card; Described IC-card sends and rushes positive transaction data to described mobile intelligent terminal; Described mobile intelligent terminal at least sends and rushes positive transaction data and last transaction serial number extremely described background management system; Described background management system searches last transaction according to last transaction serial number, and carries out rushing positive transaction verification according to the positive transaction data of described punching and last transaction data; After being verified, described background management system process punching is just concluded the business.
In one embodiment of the invention, the positive transaction data of described punching at least comprises: IC-card number, IC-card remaining sum, ARQC, 9F10, ARQC source data and current transaction count.
In one embodiment of the invention, described mobile intelligent terminal also comprises the process of described IC-card and described mobile intelligent terminal validation-cross after being connected by NFC module and described IC-card.
The present invention separately provides a kind of IC-card transaction system, comprising: IC-card, mobile intelligent terminal and background management system;
Described mobile intelligent terminal comprises: NFC module, information acquisition unit, wireless transmission unit and information interaction unit;
Described NFC module connects described IC-card and described mobile intelligent terminal, for described IC-card and described mobile intelligent terminal provide data transmission channel; Described information acquisition unit receives the transaction data containing transaction count information of IC-card transmission; The described transaction data containing transaction count information is sent to described background management system by described wireless transmission unit; Described information interaction unit and described IC-card carry out alternately, the result of response background management system;
Described background management system comprises: information receiving unit, verification unit, transaction handling unit, communication unit;
Described information receiving unit receives the described transaction data containing transaction count information; The described transaction data containing transaction count information of described verification unit verification; Described transaction handling unit process transaction request; The result of described background management system is sent to described mobile intelligent terminal by described communication unit.
In one embodiment of the invention, the described transaction data containing transaction count information at least comprises: IC-card number, IC-card remaining sum, current transaction count, ARQC, 9F10, ARQC source data; Wherein, ARQC is the ciphertext of ARQC source data, relevant to transaction count, and 9F10 comprises IC-card remaining sum, and described ARQC source data packet is containing dealing money and transaction count, and an IC-card transaction count of often concluding the business increases progressively 1.
In one embodiment of the invention, described mobile intelligent terminal also comprises a transaction journal generation unit, be connected to described information acquisition unit, containing after the transaction data of transaction count information described in receiving when described information acquisition unit, start transaction journal generation unit and generate a transaction journal number, and by wireless transmission unit, described transaction journal number and the described transaction data containing transaction count information are sent to described background management system.
In one embodiment of the invention, described verification unit deciphering ARQC, obtain the ARQC source data after deciphering, make comparisons deciphering the ARQC source data obtained with containing the ARQC source data in the transaction data of transaction count information, if comparative result is identical, then described authorization requests ciphertext verification succeeds, if comparative result is different, then background management system reports an error to mobile intelligent terminal;
Described verification unit deciphering 9F10, obtain the IC-card remaining sum after deciphering, make comparisons deciphering the IC-card remaining sum obtained with the IC-card remaining sum of the transaction data containing transaction count information, if comparative result is identical, then described credit card issuer application data verification succeeds, if comparative result is different, then background management system reports an error to mobile intelligent terminal.
In one embodiment of the invention, background management system also comprises computing unit, and computing unit is according to the IC-card remaining sum after the dealing money computing transaction request in described IC-card remaining sum and described ARQC source data and generate ARPC and credit card issuer script; Wherein, authorization response ciphertext and authorization requests ciphertext, transaction count are relevant; Described credit card issuer script is relevant to the key that the current transaction count of described IC-card, ARQC, dealing money and background management system store.
In one embodiment of the invention, when background management system process transaction request time-out or when IC-card responds the result failure of described background management system, IC-card transaction also comprises rushes positive process of exchange: described mobile intelligent terminal is connected by NFC module and IC-card; Described IC-card sends and rushes positive transaction data to described mobile intelligent terminal; Described mobile intelligent terminal at least sends and rushes positive transaction data and last transaction serial number extremely described background management system; Described background management system searches last transaction according to last transaction serial number, and carries out rushing positive transaction verification according to the positive transaction data of described punching and last transaction data; After being verified, described background management system process punching is just concluded the business.
In one embodiment of the invention, the positive transaction data of described punching at least comprises: IC-card number, IC-card remaining sum, ARQC, 9F10, ARPC source data and current transaction count.
In one embodiment of the invention, after described mobile intelligent terminal is connected by NFC module and described IC-card, also comprise the process of described IC-card and described mobile intelligent terminal validation-cross.
Mobile intelligent terminal provided by the invention can be the terminal such as the mobile phone with NFC function, PAD generally applied, and compared to conventional terminal, drastically increases the convenience of IC-card transaction.The present invention can be connected by NFC module and IC-card, thus the reading realized IC card information, in addition, transaction count information is comprised in the transaction data of IC-card transmission, enhance the security in process of exchange, simultaneously, IC card transaction method provided by the invention also comprises punching and just to conclude the business processing procedure, equally, background management system is when processing punching and just concluding the business, to verify transaction count, dealing money and IC-card remaining sum, further increase mobile intelligent terminal realize with IC-card and background management system mutual time security.IC card transaction method provided by the invention and system can facilitate, the IC-card that realizes of safety is concluded the business.
Accompanying drawing explanation
In order to be illustrated more clearly in the technical scheme of the embodiment of the present invention, below the accompanying drawing used required in describing embodiment is briefly described, apparently, accompanying drawing in the following describes is only some embodiments of the present invention, for those of ordinary skill in the art, under the prerequisite not paying creative work, other accompanying drawing can also be obtained according to these accompanying drawings.
Fig. 1 is a kind of IC card transaction method process flow diagram of one embodiment of the invention;
Fig. 2 is that a kind of IC card transaction method of one embodiment of the invention rushes process flow diagram of just concluding the business;
Fig. 3 is a kind of IC-card transaction system structural drawing of one embodiment of the invention;
Fig. 4 is that transaction flow figure deposited by a kind of IC-card circle of one embodiment of the invention;
Fig. 5 is the IC-card of one embodiment of the invention and mobile intelligent terminal and background management system interaction diagrams.
Embodiment
In order to make technical characterstic of the present invention and effect more obvious; below in conjunction with accompanying drawing, technical scheme of the present invention is described further; the present invention also can have other different instantiations to be illustrated or to implement, and the equivalents that any those skilled in the art do in right all belongs to protection category of the present invention.
As shown in Figure 1, Fig. 1 is a kind of IC card transaction method process flow diagram of one embodiment of the invention, comprising:
Step S1: mobile intelligent terminal is connected by NFC module and IC-card.
In another embodiment of the present invention, mobile intelligent terminal provides human-computer interaction interface, this interface can show the essential information (IC-card number and IC-card sequence number) and type of transaction option etc. of IC-card, during transaction, option dealing type, input dealing money, after confirmation, IC-card and mobile intelligent terminal carry out validation-cross.In the present embodiment, IC-card and mobile intelligent terminal interactive verification process comprise: application initializes, read application data, offline data certification, process limit, holder's certification, terminal behavior analysis and in-line processing, wherein, offline data certification is option.Above-mentioned proof procedure meets PBOC debt-credit note application flow, is described in detail, repeats no more herein about PBOC debt-credit note application flow by the embodiment below.
The transmission of step S2:IC card contains the transaction data of transaction count information to mobile intelligent terminal.In one embodiment of the invention, comprising containing the transaction data of transaction count information of IC-card transmission: IC-card number, IC-card sequence number, current transaction count, IC-card remaining sum, ARQC, 9F10, ARQC source data.Wherein, the enumeration correlation of the ciphertext of ARQC and transaction counter (Application Transaction Counter, ATC), IC-card is often concluded the business once, and the counting of ATC all can increase progressively 1.The security of mobile intelligent terminal as IC-card transaction terminal can be increased substantially by the transaction data transmitted with transaction count information.About the transaction data how utilizing transmission containing transaction count information to ensure that the principle of the security that IC-card is concluded the business will be described in detail in subsequent embodiment, repeat no more herein.
Detailed, ARQC source data refers to generate ARQC data used, comprises the mandate amount of money+other amount of money+terminal country code+terminal authentication result+transaction currency code+trade date+type of transaction+random number+application transaction count+card the result.9F10 is a TAG in PBOC standard IC-card, and represent " credit card issuer application data ", containing current card remaining sum, card the result, MAC value, wherein, MAC value adopts certain algorithm and secret generating by current card remaining sum.ARQC is the ciphertext of ARQC source data, is jointly generated by transaction count and other ARQC source data.IC-card number and IC-card sequence number are the mark of IC-card, and IC-card is number for distinguishing other IC-cards, and IC-card sequence number is for representing the number of times that an IC-card is changed.
Step S3: the transaction data containing transaction count information is sent to background management system by mobile intelligent terminal.Concrete, be sent to background management system again after transaction data group message, background management system stores the interaction data of every transaction.In another embodiment, after mobile intelligent terminal receives the transaction data containing transaction count information, generate a transaction journal number, mobile intelligent terminal is sent to background management system by after the transaction data containing transaction count information and transaction journal number group message, transaction journal, as the mark of every transaction, can be convenient to inquire about transaction record from background management system.
Step S4: background management system verifies the transaction data containing transaction count information.Concrete, background management system is after the message receiving mobile intelligent terminal transmission, deciphering ARQC, obtain the ARQC source data after deciphering, the ARQC source data obtained after comparing deciphering and the authorization requests data contained in the transaction data of transaction count information, if comparative result is identical, then continue verification, if comparative result is different, then background management system reports an error and returns to mobile intelligent terminal, shuts the book.By verifying ARQC, the true and false of IC-card can be verified, distorting of dealing money can be prevented simultaneously, dealing money is comprised in ARQC, if dealing money transfers in the process on backstage in data and is tampered, backstage just cannot be passed through when verifying ARQC, and report an error and return to mobile intelligent terminal, transaction cannot complete.
Deciphering 9F10, obtain the IC-card remaining sum after deciphering, and the IC-card remaining sum in the IC-card remaining sum obtained after deciphering and transaction data made comparisons, if comparative result is identical, then verification succeeds, if comparative result is different, then background management system is shut the book.By distorting of card balance can be prevented to the verification of 9F10.
ARQC and 9F10 after verification succeeds, then enters step S5, it should be noted that, the present invention does not limit the verification order of ARQC and 9F10.
Step S5: verify by rear, process transaction request, and the result of background management system is sent to mobile intelligent terminal.Concrete, process transaction request process is: the IC-card remaining sum (deducting dealing money from the IC-card amount of money transaction request data) after background management system gets the dealing money computing transaction request in IC-card remaining sum and ARQC source data, generates ARPC and credit card issuer script.Wherein, credit card issuer script is relevant to the key that the current transaction count of IC-card, ARQC, dealing money and background management system store; ARPC is generated jointly by the counting of ARQC, ATC and other data.
Step S6: mobile intelligent terminal is undertaken alternately, completing the response of IC-card to the result of background management system by NFC module and IC-card.The result process of response background management system is: verification ARPC, IC-card takes ARQC, current ATC to count generation ARPC, and itself and background management system are passed the ARPC come make comparisons, if comparative result is identical, then ARPC verification succeeds, if comparative result is different, then IC-card reports an error to intelligent movable device.By effectively can prevent the recycling of ARPC to the verification of ARPC.
Verification credit card issuer script, IC-card deciphering credit card issuer script, obtain transaction count, when deciphering, the transaction count obtained is identical with current transaction count, then credit card issuer script verification succeeds, if comparative result is different, then IC-card reports an error to mobile intelligent terminal.By the verification to credit card issuer script, effectively can prevent the recycling of credit card issuer script and ARQC, illustrate the process preventing ARQC from reusing below.Such as, the ATC of current I C card is counted as 2, the ARQC taking ATC to be counted as 1 as assailant be sent to background management system defraud of backstage write card base this, now, the IC-card that backstage generates is write card base and is originally counted with other data by secret generating by ATC, and IC-card is decrypted after taking and writing card base basis, find that ATC is counted as 1, count with current ATC and be not inconsistent, IC-card can be refused to write card base originally, thus Fail Transaction.Preventing from writing this process of recycling of card base is: when credit card issuer script victim repeats to be sent to IC-card, and IC-card is taken and write card base after this and be decrypted it, and find that transaction count is identical with last transaction number of times, refusal is write card base by IC-card.
Authorization response ciphertext and credit card issuer script, all after verification succeeds, perform credit card issuer script.
Optionally, when background management system process transaction request time-out or IC-card respond the result failure of background management system, IC card transaction method also comprises rushes positive process of exchange, below in conjunction with Fig. 2, the detailed process that punching is just being concluded the business is described:
Step S21: mobile intelligent terminal is connected by NFC module and IC-card.In one embodiment of the invention, after IC-card and mobile intelligent terminal connect, also comprise the process that IC-card and mobile intelligent terminal carry out validation-cross.IC-card and mobile intelligent terminal interactive verification process comprise: application initializes, read application data, offline data certification, process limit, holder's certification, terminal behavior analysis and in-line processing, wherein, offline data certification is option, when other use IC card transaction method provided by the invention, also offline data certification can not be carried out.IC-card and mobile intelligent terminal interactive verification process will illustrate in embodiment below, repeat no more herein.
The transmission of step S22:IC card rushes positive transaction data to mobile intelligent terminal.Wherein, rush positive transaction data at least to comprise: IC-card number, IC-card remaining sum, ARQC, 9F10, ARQC source data and current transaction count.IC-card sequence number is also comprised in another embodiment of the present invention
Step S23: mobile intelligent terminal at least sends and rushes positive transaction data and last transaction serial number extremely described background management system.In the present embodiment, mobile intelligent terminal is sent to background management system after rushing positive transaction data, last transaction serial number, last transaction amount of money group message.
Step S24: background management system searches last transaction according to last transaction serial number, and carry out rushing positive transaction verification according to the positive transaction data of described punching and last transaction data, concrete proof procedure is: whether the transaction count of checking last transaction is less by 1 than working as the orthogonal easy transaction count of preshoot; Whether the IC-card remaining sum of checking last transaction equals when the orthogonal easy IC-card remaining sum of preshoot; Whether the dealing money of checking last transaction equals when the orthogonal easy dealing money of preshoot; Positive transaction data is rushed in checking.Checking is rushed positive transaction data and is mainly checked ARQC, 9F10.
Step S25: if above-mentioned checking is all correct, background management system process punching is just concluded the business, if there is place's authentication error, background management system reports an error to mobile intelligent terminal.
One embodiment of the invention provides a kind of IC-card transaction system, and as shown in Figure 3, IC transaction system comprises IC-card 30, mobile intelligent terminal 31 and background management system 32;
Mobile intelligent terminal 31 comprises: NFC module 311, information acquisition unit 313, wireless transmission unit 312, information interaction unit 314;
NFC module 311 for connecting IC-card 30 and mobile intelligent terminal 31, for the data of IC-card 30 with mobile intelligent terminal 31 are transmitted and provide transmission channel alternately; Information acquisition unit 313 receives the transaction data containing transaction count information of IC-card transmission; Transaction data containing transaction count information is sent to background management system 32 by wireless transmission unit 312; Information interaction unit 314 and IC-card 30 carry out alternately, the result of response background management system.
Background management system 32 comprises: information receiving unit 321, verification unit 322, transaction handling unit 323, communication unit 324;
Information receiving unit 321 receives the transaction data containing transaction count information; Verification unit 322 verifies the transaction data containing transaction count information; Transaction handling unit 323 processes transaction request; The result of background management system is sent to mobile intelligent terminal 31 by communication unit 324.
In the present embodiment, the transaction data related at least comprises IC-card number, IC-card sequence number, IC-card remaining sum, current transaction count, ARQC, 9F10, ARQC source data, and wherein, ARQC is the ciphertext of ARQC source data, ARQC comprises dealing money and transaction count, and 9F10 comprises IC-card remaining sum.
In the present embodiment, verification unit verification is by rear, and computing unit is according to IC-card remaining sum after the dealing money computing transaction request in IC-card remaining sum and ARQC source data and generate ARPC and credit card issuer script.Wherein, credit card issuer script is relevant to the key that the current transaction count of IC-card, ARQC, dealing money and background management system store, and ARPC and ARQC, transaction count are relevant.
In one embodiment, mobile intelligent terminal also comprises a transaction journal generation unit, be connected to information acquisition unit, when after the transaction data that information acquisition unit receives containing transaction count information, start transaction journal generation unit and generate a transaction journal number, and by wireless transmission unit, transaction journal number and the transaction data containing transaction count information are sent to background management system.
In addition, when background management system process transaction request time-out, IC-card transaction also comprises rushes positive process of exchange: mobile intelligent terminal is connected by NFC module and IC-card; IC-card sends and rushes positive transaction data to mobile intelligent terminal; Mobile intelligent terminal at least sends and rushes positive transaction data and last transaction serial number to background management system; Background management system searches last transaction according to last transaction serial number, and the verification unit of background management system comprises transaction count comparer, IC-card remaining sum comparer and dealing money comparer further.Whether the transaction count of transaction count comparer checking last transaction is less by 1 than working as the orthogonal easy transaction count of preshoot; Whether IC-card remaining sum comparer checking last transaction IC-card remaining sum equals when the orthogonal easy IC-card remaining sum of preshoot; Dealing money comparer equals when preshoot orthogonal easy dealing money when verifying the dealing money of last transaction.If above-mentioned checking is all correct, rushes described in described transaction handling unit process and just conclude the business, and by described communication unit, the result of described background management system is sent to described mobile intelligent terminal; If there is place's authentication error, described background management system reports an error to described mobile intelligent terminal.
The IC-card transaction related in the present invention refers to circle and deposits, encloses and carry, pintle hook lock, transfer accounts, consume, commonly borrow credit transaction etc., every PBOC that follows initiated by IC-card borrows or lends money the transaction remembering application standard flow process, substantially can include all bank cards and borrow credit transaction.IC-card in the present invention is the common IC-card following PBOC specification, and general financial IC can realize transaction.Mobile intelligent terminal in above-described embodiment can be mobile phone with NFC function or panel computer, or the mobile phone of built-in above-mentioned mobile intelligent terminal or panel computer.Below by be with the mobile phone of NFC function, to realize enclosing the transaction of depositing to describe technical scheme of the present invention in detail, the transaction of other types deposits trading scheme with reference to circle.
Refer to shown in Fig. 4, Fig. 4 is that transaction flow figure deposited by a kind of IC-card circle of one embodiment of the invention.It is as follows that transaction flow deposited by circle:
1, enclose inquiry of filing for reference: mobile phone calls NFC function and IC-card connects, and reads card number, card sequence number, disconnect the connection with IC-card, group message, send circle and file for reference inquiry transaction to background management system.
2, enclose inquiry of filing for reference to return: background management system returns this IC-card can enclose the maximum dollar amount of depositing.
3, transaction deposited by circle: client's input is wanted to enclose the amount of money deposited, after determining, mobile phone calls NFC function and IC-card connects, and carries out the mutual of following several step with IC: application initializes, read application data, offline data certification, process limit, holder's certification, terminal risk management, terminal behavior analysis, card behavioural analysis, in-line processing.After interactive authentication, IC-card transmits transaction data IC-card number, IC-card sequence number, IC-card remaining sum, ARQC, 9F10 (containing IC-card remaining sum), ARQC source data (containing dealing money) etc. to mobile phone, and wherein, the ciphertext of ARQC is relevant to transaction count.Then, transaction journal number produced by mobile phone, and transaction data and a transaction journal number composition message are sent to background management system.
4, circle is deposited and is returned: background management system carries out ARQC verification, 9F10 verification, if verify unsuccessfully, then background management system reports an error to mobile phone.If verification is passed through, then the dealing money got in IC-card remaining sum and ARQC source data carries out business processing, and calculates the IC-card remaining sum, generation APRC and the credit card issuer script command that make new advances, is sent to mobile phone.If report an error during background management system process, then closing the transaction deposited by circle, if the result of background management system successfully returns to mobile phone, then mobile phone utilizes NFC and IC-card to carry out the mutual of following steps: credit card issuer certification, closing the transaction, the process of credit card issuer script, complete whole transaction after mutual, disconnect NFC and connect.
5, punching is just concluded the business: if background management system process time-out or the failure of " process of credit card issuer script " step, then mobile phone re invocation NFC function sets up the connection with IC-card, mobile phone and IC-card carry out the mutual of following several step: application choice, application initializes, read application data, offline data certification, process restriction, holder's certification, terminal risk management, terminal behavior is analyzed, card behavioural analysis, in-line processing, the data that IC-card passes to mobile phone in alternately comprise IC-card number, IC-card sequence number, IC-card remaining sum, ARQC, 9F10, ARQC source data, current transaction count ATC etc., then mobile phone group message (comprises IC-card number, IC-card sequence number, IC-card remaining sum, ARQC, 9F10, ARQC source data, ATC, the APP serial number that former circle is deposited, the dealing money etc. that former circle is deposited) lopping deposits punching and just concluding the business and mail to background management system.
6, punching is just being concluded the business and is being returned: transaction deposited by the former circle of background management system " the APP serial number that former circle is deposited " information searching, and verify ATC that former circle deposits transaction whether than when the orthogonal easy ATC of preshoot little by one, verify whether the IC-card remaining sum that transaction deposited by former circle equals when the orthogonal easy IC-card remaining sum of preshoot, verify whether the dealing money that transaction deposited by former circle equals when the orthogonal easy dealing money of preshoot, the MAC of inspection ARQC, 9F10, if there is the authentication failed of a step, then reporting an error is back to mobile phone; Otherwise the process of rushing positive business is carried out on backstage, and returns successfully to mobile phone.
According to technical scheme of the present invention, the transaction data of transmission containing transaction count information can be realized to background management system by mobile intelligent terminal provided by the invention, certain relation (as dealing money and ARQC source data, IC-card remaining sum and 9F10 etc.) is there is between data in transaction data, and have one-time validity (as, ARQC, ARPC and issuing card script etc.), thus make the malice change of mobile intelligent terminal to any sensitive data all escape the inspection of only take over party, it also avoid malice and reuse.Relate to dynamic family or change the transaction of the IC-card amount of money---such as circle is deposited and circle is deposited punching and just concluded the business and all need read IC-card and generate ARQC by IC-card, and background management system checking ARQC also controls business according to condition, thus ensure that the security concluded the business in dynamic family.
Based under the prerequisite that the security of IC-card itself and the security of background management system cannot be broken, below the safety practice that above-described embodiment circle is deposited in transaction scene is further illustrated:
1, " circle file for reference inquiry " stage is attacked: IC-card number or IC-card sequence number nonsensitive data, be acquired harmless; Be tampered, can affect backstage and return and maximumly enclose the correctness of depositing the amount of money, this amount of money is only used for for reference.
2, " circle file for reference inquiry return " stage is attacked: be modified maximum circle and deposit the amount of money, harmless, can not impact user's IC-card amount of money.
3, " circle is deposited " stage is attacked: IC-card number, IC-card sequence number are tampered, verification ARQC in backstage failure (can generate ARQC source data because ARQC deciphers, IC-card number, IC-card sequence number generate one of ARQC source data), thus Fail Transaction, transaction by mistake can not be caused.IC-card remaining sum is tampered, and backstage verification 9F10 can be failed, this is because 9F10 deciphering generates IC-card remaining sum, the IC-card remaining sum that deciphering generates compares with the IC-card remaining sum in transaction data, thus guarantee can not cause transaction by mistake.ARQC, 9F10 or ARQC source data is tampered, ARQC or 9F10 can be caused to verify unsuccessfully, thus Fail Transaction, transaction by mistake can not be caused.If ARQC or 9F10 is stolen, also cannot reuse, because ARQC with 9F10 is relevant to the transaction count of the transaction counter ATC of IC-card, the ATC of each transaction can change, cause ARQC and 9F10 also can change, and the MAC of ARQC and 9F10 all cannot imitatedly generate.In addition because the security control of IC-card, the interactive step of mobile phone and IC-card can in strict accordance with borrowing or lending money the normal process remembered and apply, and any distorting all can be refused by IC-card, therefore also prevent the attack in flow process.
4, " circle is deposited and the returned " stage is attacked: ARPC or the credit card issuer script on backstage are tampered, and IC-card all can be caused to refuse, prevent malice distort or malice change credit card issuer script in IC-card remaining sum.ARPC and credit card issuer script stolen, also cannot reuse, ARPC and credit card issuer script are all relevant with ARQC at that time with ATC, can only to work as time and to use, cannot wrong time or recycling, and cannot imitate generation.
5, " punching just " stage is attacked: this stage is similar with " circle is deposited " stage by the defendance measure of attacking.In addition, client, under circle is deposited and write the successful situation of card, if still malice is initiated punching and just concluded the business, can cause backstage IC-card remaining sum to verify unsuccessfully.If client is under circle is deposited and write the successful situation of card, done the consumption waiting the amount of money, then the initiation punching of malice is just being concluded the business, though now IC-card remaining sum Transaction Success, ATC verification can failure, because the consumer sale of IC-card can cause ATC to add 1.
6, " punching just return " stage is attacked: be tampered as mistake returns if correctly returned, or mistake returns to be modified to and correctly returns, and does not affect account process.
In order to more clearly demonstrate technical solution of the present invention, lower detailed description is carried out to IC-card and mobile intelligent terminal and background management system interaction flow below, as shown in Figure 5, the interaction flow related in process flow diagram is used idiographic flow in debit/credit transaction processing.Solid box is indispensable flow process, and adding thick dashed line frame is also indispensable flow process, but in such indispensable flow process, perhaps some step is selectable, but the step being labeled as indispensable flow process still should be performed in All Activity.Fine dotted line frame is selectable and according to the parameter of card or terminal, or according to the step that both parameters determine jointly.The card related to below is IC-card, and terminal refers to the mobile intelligent terminal possessing function of the present invention and structure, and backstage refers to the background management system possessing function of the present invention and structure.
Application choice (indispensability)
When being placed in the scope that terminal can read, terminal obtains the list of application that card is supported.
Application initializes (indispensability)
After terminal selective gist, terminal carries out application initializes, obtains the function that card is supported.
Read application data (indispensability)
Terminal uses the application data record in read record order reading card.
Whether offline data certification (optional) terminal to the support of these methods, determines to use the static or Dynamic Data Authentication of off line to carry out off line certification card according to card and terminal.If terminal supports offline data authentication function, and detect that card supports static data certification (SDA) or Dynamic Data Authentication (DDA), then terminal need carry out offline data certification, obtains the dynamic application ciphertext that card generates.
Process restriction (indispensability)
By process restriction, terminal checks whether application transaction allows to continue.The scope of examination comprises application and to come into force the restriction controlled condition of phase, application failure period, application version number and the definition of other credit card issuers, can credit card issuer can use application purpose to control to limit card for domestic or international, maybe be used for cash, shopping or service.
Holder verifies (indispensability)
Terminal must possess holder's identification verification function.Holder's authentication is used for confirming the legitimacy of holder, to prevent loss or the use of stolen card.Terminal is by checking holder's authentication method list (CVMlists) of card determines to use which kind of verification method.There is following several method:
---off line expressly PIN checking;
---online PIN checking;
---signature;
---CVM failure;
---without the need to CVM;
---signature is verified with off line plaintext PIN and is combined;
---identity document is verified.
Terminal risk management (indispensability)
Terminal must possess risk management function, but check item wherein can be selected.Terminal can carry out nil-norm (Floor Limit) inspection by the data that terminal and card provide, transaction frequency inspection, neocaine inspection, terminal abnormal file checking, trade company force the modes such as transaction is online, Stochastic choice on-line transaction to complete risk management.
Terminal behavior analyzes (indispensability)
Terminal to card request application cryptogram, IC-card execute card behavioural analysis, and generate application cryptogram to terminal.
Card behavioural analysis (indispensability)
The risk management algorithm that IC-card can perform credit card issuer definition is swindled to prevent credit card issuer.When card receives the application cryptogram request of terminal, card checks with regard to execute card risk management, determine whether the transaction processing that will change terminal profile, inspection may comprise: the on-line transaction, a upper transaction credit card issuer authentification failure or the offline data authentification failure that had not previously completed, reach the restriction etc. of conclude the business stroke count or the amount of money.IC-card can determine with under type continuous business:
---agree to that off line completes;
---online mandate;
---refusal transaction.
After completing inspection, card uses application data and an application cryptogram process key be stored on card to generate application cryptogram.This ciphertext is turned back to terminal by again.
In-line processing (optional) and credit card issuer script process (optional) have been described in detail in the above-described embodiments, repeat no more herein.
Closing the transaction (indispensability)
Comprising ARPC inspection, write this verification of card base, write this execution of card base, being terminated because processing exception in front several step except nontransaction, otherwise terminal must perform this function is used for closing the trade.Card and terminal perform last process and have carried out transaction.
Mobile intelligent terminal provided by the invention can be the terminal such as the mobile phone with NFC function, PAD generally applied, and compared to conventional terminal, drastically increases the convenience of IC-card transaction.The present invention can be connected by NFC model and IC-card, thus the reading realized IC card information, in addition, transaction count information is comprised in the transaction data of IC-card transmission, enhance the security in process of exchange, simultaneously, IC card transaction method provided by the invention also comprises punching and just to conclude the business processing procedure, equally, background management system is when processing punching and just concluding the business, to verify transaction count, dealing money and IC-card remaining sum, further increase mobile intelligent terminal realize with IC-card and background management system mutual time security.The present invention can facilitate, the IC-card that realizes of safety is concluded the business.
The above is only for illustration of technical scheme of the present invention, and any those of ordinary skill in the art all without prejudice under spirit of the present invention and category, can carry out modifying to above-described embodiment and change.Therefore, protection scope of the present invention should be as the criterion depending on right.

Claims (18)

1. an IC card transaction method, is characterized in that, comprising:
Mobile intelligent terminal is connected by NFC module and IC-card;
The transaction data of described IC-card transmission containing transaction count information gives described mobile intelligent terminal;
The described transaction data containing transaction count information is sent to described background management system by described mobile intelligent terminal;
Described background management system verifies the described transaction data containing transaction count information;
Verification, by rear, process transaction request, and the result of described background management system is sent to described mobile intelligent terminal;
Described mobile intelligent terminal and described IC-card carry out alternately, responding the result of described background management system.
2. IC card transaction method as claimed in claim 1, is characterized in that, the described transaction data containing transaction count information at least comprises: IC-card number, IC-card remaining sum, current transaction count, authorization requests ciphertext, credit card issuer application data, authorization requests data;
Wherein, described authorization requests ciphertext is the ciphertext of described authorization requests data, relevant to current transaction count; Described credit card issuer application data comprises IC-card remaining sum; Described authorization requests packet is containing dealing money and current transaction count; An IC-card transaction count of often concluding the business increases progressively 1.
3. IC card transaction method as claimed in claim 2, it is characterized in that, described mobile intelligent terminal receives described containing after the transaction data of transaction count information, generate a transaction journal number, and described transaction journal number and the described transaction data containing transaction count information are sent to described background management system.
4. IC card transaction method as claimed in claim 2, it is characterized in that, described background management system to the process that the described transaction data containing transaction count information verifies is: decrypt authorized request ciphertext, obtain the authorization requests data after deciphering, it is made comparisons with containing the authorization requests data in the transaction data of transaction count information, if comparative result is identical, then described authorization requests ciphertext verification succeeds, if comparative result is different, then described background management system reports an error to described mobile intelligent terminal;
Decipher described credit card issuer application data, obtain the IC-card remaining sum after deciphering, it is made comparisons with containing the IC-card remaining sum in the transaction data of transaction count information, if comparative result is identical, then described credit card issuer application data verification succeeds, if comparative result is different, then described background management system reports an error to described mobile intelligent terminal.
5. IC card transaction method as claimed in claim 2, is characterized in that, verify by rear, and the process of process transaction request comprises:
Described background management system is according to the IC-card remaining sum after the dealing money computing transaction request in described IC-card remaining sum and described authorization requests data and generate authorization response ciphertext and credit card issuer script;
Wherein, authorization response ciphertext and authorization requests ciphertext, current transaction count are relevant; Credit card issuer script is relevant to the key that the current transaction count of IC-card, authorization requests ciphertext, dealing money and background management system store.
6. IC card transaction method as claimed in claim 5, it is characterized in that, the result process responding described background management system is: verify described authorization response ciphertext, described IC-card takes described authorization requests ciphertext, current transaction count generates an authorization response ciphertext, and itself and background management system are passed the authorization response ciphertext of coming make comparisons, if comparative result is identical, then described authorization response ciphertext verification succeeds, if comparative result is different, then described IC-card reports an error to described intelligent movable device;
Verify described credit card issuer script, described IC-card deciphers described credit card issuer script, obtain transaction count, if the transaction count that deciphering credit card issuer script obtains is identical with current transaction count, then described credit card issuer script verification succeeds, if comparative result is different, then described IC-card reports an error to described mobile intelligent terminal;
Described authorization response ciphertext and described credit card issuer script, all after verification succeeds, perform described credit card issuer script.
7. IC card transaction method as claimed in claim 3, is characterized in that, when background management system process transaction request time-out or IC-card respond the result failure of described background management system, IC card transaction method also comprises rushes positive process of exchange:
Described mobile intelligent terminal is connected by NFC module and IC-card;
Described IC-card sends and rushes positive transaction data to described mobile intelligent terminal;
Described mobile intelligent terminal at least sends and rushes positive transaction data and last transaction serial number extremely described background management system;
Described background management system searches last transaction according to last transaction serial number, and carries out rushing positive transaction verification according to the positive transaction data of described punching and last transaction data;
After being verified, described background management system process punching is just concluded the business.
8. IC card transaction method as claimed in claim 7, it is characterized in that, the positive transaction data of described punching at least comprises: IC-card number, IC-card remaining sum, authorization requests ciphertext, credit card issuer application data, authorization requests data and current transaction count.
9. the IC card transaction method as described in claim 1 or 7, is characterized in that, described mobile intelligent terminal also comprises the process of described IC-card and described mobile intelligent terminal validation-cross after being connected by NFC module and described IC-card.
10. an IC-card transaction system, is characterized in that, comprising: IC-card, mobile intelligent terminal and background management system;
Described mobile intelligent terminal comprises: NFC module, information acquisition unit, wireless transmission unit and information interaction unit;
Described NFC module connects described IC-card and described mobile intelligent terminal, for described IC-card and described mobile intelligent terminal provide data transmission channel; Described information acquisition unit receives the transaction data containing transaction count information of IC-card transmission; The described transaction data containing transaction count information is sent to described background management system by described wireless transmission unit; Described information interaction unit and described IC-card carry out alternately, the result of response background management system;
Described background management system comprises: information receiving unit, verification unit, transaction handling unit, communication unit;
Described information receiving unit receives the described transaction data containing transaction count information; The described transaction data containing transaction count information of described verification unit verification; Described transaction handling unit process transaction request; The result of described background management system is sent to described mobile intelligent terminal by described communication unit.
11. IC-card transaction systems as claimed in claim 10, it is characterized in that, the described transaction data containing transaction count information at least comprises: IC-card number, IC-card remaining sum, current transaction count, authorization requests ciphertext, credit card issuer application data, authorization requests data;
Wherein, described authorization requests ciphertext is the ciphertext of described authorization requests data, relevant to current transaction count; Described credit card issuer application data comprises IC-card remaining sum, and described authorization requests packet is containing dealing money and current transaction count; An IC-card transaction count of often concluding the business increases progressively 1.
12. IC-card transaction systems as claimed in claim 11, it is characterized in that, described mobile intelligent terminal also comprises a transaction journal generation unit, be connected to described information acquisition unit, containing after the transaction data of transaction count information described in receiving when described information acquisition unit, start transaction journal generation unit and generate a transaction journal number, and by wireless transmission unit, described transaction journal number and the described transaction data containing transaction count information are sent to described background management system.
13. IC-card transaction systems as claimed in claim 11, it is characterized in that, described verification unit decrypt authorized request ciphertext, obtain the authorization requests data after deciphering, it is made comparisons with containing the authorization requests data in the transaction data of transaction count information, if comparative result is identical, then described authorization requests ciphertext verification succeeds, if comparative result is different, then described background management system reports an error to mobile intelligent terminal;
Described verification unit deciphering credit card issuer application data, obtain the IC-card remaining sum after deciphering, it is made comparisons with containing the IC-card remaining sum in the transaction data of transaction count information, if comparative result is identical, then described credit card issuer application data verification succeeds, if comparative result is different, then described background management system reports an error to mobile intelligent terminal.
14. IC-card transaction systems as claimed in claim 11, it is characterized in that, described background management system also comprises computing unit, and described computing unit is according to the IC-card remaining sum after the dealing money computing transaction request in described IC-card remaining sum and described authorization requests data and generate authorization response ciphertext and credit card issuer script;
Wherein, authorization response ciphertext and authorization requests ciphertext, current transaction count are relevant; Credit card issuer script is relevant to the key that the current transaction count of described IC-card, authorization requests ciphertext, dealing money and background management system store.
15. IC-card transaction systems as claimed in claim 14, it is characterized in that, the result process of response background management system is: verify described authorization response ciphertext, described IC-card takes described authorization requests ciphertext, current transaction count generates an authorization response ciphertext, and itself and background management system are passed the authorization response ciphertext of coming make comparisons, if comparative result is identical, then described authorization response ciphertext verification succeeds, if comparative result is different, then described IC-card reports an error to described intelligent movable device;
Verify described credit card issuer script, described IC-card deciphers described credit card issuer script, obtain transaction count, the transaction count obtained when deciphering credit card issuer script is identical with current transaction count, then described credit card issuer script verification succeeds, if comparative result is different, then described IC-card reports an error to described mobile intelligent terminal;
Described authorization response ciphertext and described credit card issuer script, all after verification succeeds, perform described credit card issuer script.
16. IC-card transaction systems as claimed in claim 12, is characterized in that, when background management system process transaction request time-out or when IC-card responds the result failure of described background management system, IC-card transaction also comprises rushes positive process of exchange:
Described mobile intelligent terminal is connected by NFC module and IC-card;
Described IC-card sends and rushes positive transaction data to described mobile intelligent terminal;
Described mobile intelligent terminal at least sends and rushes positive transaction data and last transaction serial number extremely described background management system;
Described background management system searches last transaction according to last transaction serial number, and carries out rushing positive transaction verification according to the positive transaction data of described punching and last transaction data;
After being verified, described background management system process punching is just concluded the business.
17. IC-card transaction systems as claimed in claim 16, it is characterized in that, the positive transaction data of described punching at least comprises: IC-card number, IC-card remaining sum, authorization requests ciphertext, credit card issuer application data, authorization requests data and current transaction count.
18. IC-card transaction systems as described in claim 10 or 16, is characterized in that, after described mobile intelligent terminal is connected by NFC module and described IC-card, also comprise the process of described IC-card and described mobile intelligent terminal validation-cross.
CN201510303111.4A 2015-06-05 2015-06-05 A kind of IC card transaction method and system Active CN104933565B (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
CN201510303111.4A CN104933565B (en) 2015-06-05 2015-06-05 A kind of IC card transaction method and system

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
CN201510303111.4A CN104933565B (en) 2015-06-05 2015-06-05 A kind of IC card transaction method and system

Publications (2)

Publication Number Publication Date
CN104933565A true CN104933565A (en) 2015-09-23
CN104933565B CN104933565B (en) 2019-04-05

Family

ID=54120722

Family Applications (1)

Application Number Title Priority Date Filing Date
CN201510303111.4A Active CN104933565B (en) 2015-06-05 2015-06-05 A kind of IC card transaction method and system

Country Status (1)

Country Link
CN (1) CN104933565B (en)

Cited By (9)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN105528699A (en) * 2015-12-24 2016-04-27 中国银行股份有限公司 Chip information verification method and device for financial chip card
CN106096955A (en) * 2016-06-17 2016-11-09 广东工业大学 A kind of many application IC-card transaction data dynamic transfer systems
CN106355399A (en) * 2016-09-19 2017-01-25 安徽爱她有果电子商务有限公司 Agricultural product safes system based on transaction data security
CN106355404A (en) * 2016-08-26 2017-01-25 武汉天喻信息产业股份有限公司 Debit credit transaction system with security loophole protection mechanism and method thereof
WO2017166067A1 (en) * 2016-03-29 2017-10-05 李昕光 Recharging system
CN110177001A (en) * 2019-05-21 2019-08-27 广东联合电子服务股份有限公司 A kind of NFC circle deposit method, system and storage medium based on soft certificate
US11392933B2 (en) * 2019-07-03 2022-07-19 Capital One Services, Llc Systems and methods for providing online and hybridcard interactions
TWI798174B (en) * 2016-03-23 2023-04-11 中國銀聯股份有限公司 Method and system for banking transferring between electronic cash accounts of ic cards
US11989724B2 (en) 2018-10-02 2024-05-21 Capital One Services Llc Systems and methods for cryptographic authentication of contactless cards using risk factors

Citations (6)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
EP2182479A1 (en) * 2008-11-03 2010-05-05 Gemalto SA A method for communicating an authorization response cryptogram to an external entity, and a corresponding system
WO2010131226A4 (en) * 2009-05-14 2011-01-20 Logomotion, S.R.O. Contactless payment device, method of contactless top-up of electronic money on a payment device
CN102640176A (en) * 2009-04-24 2012-08-15 洛格摩提公司 Method and system of electronic payment transaction, in particular by using contactless payment means
CN103310557A (en) * 2012-03-15 2013-09-18 中国移动通信集团公司 Over-the-air electronic cash loading method, system and device for NFC (near field communication) mobile phone
CN103440706A (en) * 2013-08-23 2013-12-11 捷德(中国)信息科技有限公司 Method and device for eliminating QPBOC abnormal transaction of financial IC card
CN104301288A (en) * 2013-07-16 2015-01-21 中钞信用卡产业发展有限公司 Method and system for online identity authentication, online transaction certification, and online certification protection

Patent Citations (6)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
EP2182479A1 (en) * 2008-11-03 2010-05-05 Gemalto SA A method for communicating an authorization response cryptogram to an external entity, and a corresponding system
CN102640176A (en) * 2009-04-24 2012-08-15 洛格摩提公司 Method and system of electronic payment transaction, in particular by using contactless payment means
WO2010131226A4 (en) * 2009-05-14 2011-01-20 Logomotion, S.R.O. Contactless payment device, method of contactless top-up of electronic money on a payment device
CN103310557A (en) * 2012-03-15 2013-09-18 中国移动通信集团公司 Over-the-air electronic cash loading method, system and device for NFC (near field communication) mobile phone
CN104301288A (en) * 2013-07-16 2015-01-21 中钞信用卡产业发展有限公司 Method and system for online identity authentication, online transaction certification, and online certification protection
CN103440706A (en) * 2013-08-23 2013-12-11 捷德(中国)信息科技有限公司 Method and device for eliminating QPBOC abnormal transaction of financial IC card

Non-Patent Citations (2)

* Cited by examiner, † Cited by third party
Title
华宁宁 等: "智能IC卡系统中如何保证交易的一致性", 《金卡工程》 *
卢海华: "PBOC金融应用植入NFC手机的若干关键问题研究", 《中国优秀硕士学位论文全文数据库 信息科技辑》 *

Cited By (9)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN105528699A (en) * 2015-12-24 2016-04-27 中国银行股份有限公司 Chip information verification method and device for financial chip card
TWI798174B (en) * 2016-03-23 2023-04-11 中國銀聯股份有限公司 Method and system for banking transferring between electronic cash accounts of ic cards
WO2017166067A1 (en) * 2016-03-29 2017-10-05 李昕光 Recharging system
CN106096955A (en) * 2016-06-17 2016-11-09 广东工业大学 A kind of many application IC-card transaction data dynamic transfer systems
CN106355404A (en) * 2016-08-26 2017-01-25 武汉天喻信息产业股份有限公司 Debit credit transaction system with security loophole protection mechanism and method thereof
CN106355399A (en) * 2016-09-19 2017-01-25 安徽爱她有果电子商务有限公司 Agricultural product safes system based on transaction data security
US11989724B2 (en) 2018-10-02 2024-05-21 Capital One Services Llc Systems and methods for cryptographic authentication of contactless cards using risk factors
CN110177001A (en) * 2019-05-21 2019-08-27 广东联合电子服务股份有限公司 A kind of NFC circle deposit method, system and storage medium based on soft certificate
US11392933B2 (en) * 2019-07-03 2022-07-19 Capital One Services, Llc Systems and methods for providing online and hybridcard interactions

Also Published As

Publication number Publication date
CN104933565B (en) 2019-04-05

Similar Documents

Publication Publication Date Title
US20200286088A1 (en) Method, device, and system for securing payment data for transmission over open communication networks
CN104933565A (en) IC card transaction method and IC card transaction system
AU2010295188B2 (en) Asset storage and transfer system for electronic purses
US20160117673A1 (en) System and method for secured transactions using mobile devices
US20140297435A1 (en) Bank card secured payment system and method using real-time communication technology
CN104038924B (en) Realize the method and system of Resource Exchange information processing
EP3262817A2 (en) Transaction signing utilizing asymmetric cryptography
CN104504565A (en) Mobile payment system and method based on bank virtual card number
CN105590194A (en) Offline payment method and payment system
AU2011235531B2 (en) Message storage and transfer system
CN103198405A (en) Intelligent payment method and system based on camera scanning verification
CN103400265A (en) Quick payment method and system based on position information
CN103942897A (en) Method for money withdrawing without card on ATM
CN101308557A (en) Method for implementing secured electronic charging
CN107122977A (en) A kind of payment system based on bio-identification
CN101841417A (en) Electronic signature device supporting short-distance wireless communication technology and method for ensuring safety of electronic transaction by applying same
US11868988B2 (en) Devices and methods for selective contactless communication
US11961079B2 (en) Proof-of-age verification in mobile payments
CN109087091B (en) Account transaction safety system and method
CN106251145A (en) Electronic fare payment system, electronic payment devices and electric paying method
CN102236855A (en) Method and system for electronic transaction by using QR (Quick Response) codes
US20220207526A1 (en) Secure contactless credential exchange
CN109801059B (en) Mobile payment system and mobile payment method
Abdulwahab et al. NFC Payments Security in Light of COVID-19 Pandemic: Review of Recent Security Threats and Protection Methods
CN104346726A (en) Full dynamic digital electronic payment transaction identity authentication method with high security

Legal Events

Date Code Title Description
C06 Publication
PB01 Publication
C10 Entry into substantive examination
SE01 Entry into force of request for substantive examination
GR01 Patent grant
GR01 Patent grant