CN104954134B - The safe communication method of visible card - Google Patents
The safe communication method of visible card Download PDFInfo
- Publication number
- CN104954134B CN104954134B CN201510271878.3A CN201510271878A CN104954134B CN 104954134 B CN104954134 B CN 104954134B CN 201510271878 A CN201510271878 A CN 201510271878A CN 104954134 B CN104954134 B CN 104954134B
- Authority
- CN
- China
- Prior art keywords
- chip
- communication
- channel
- safety
- safety chip
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Expired - Fee Related
Links
Landscapes
- Control Of Vending Devices And Auxiliary Devices For Vending Devices (AREA)
- Credit Cards Or The Like (AREA)
Abstract
The invention discloses a kind of safe communication methods of visible card, it include: to be connected to the third communication channel between control chip and safety chip different from 7816 interfaces in setting in visible card, the communications protocol for being matched with the third communication channel, the both-way communication carried out between the control chip and safety chip by the third communication channel and communications protocol are set.Third communication channel is arranged in this method in visual card control chip and safety chip, and control aspect realizes the software isolation of data channel by setting channel isolation, thus 7816 interfaces are independent, solve the problems, such as two-way communication and safety issue.
Description
Technical field
The present invention relates to visible card fields, more particularly to a kind of safe communication method of visible card.
Background technique
Visible card is a kind of novel IC card piece, is mainly used in financial IC card field at present, not with traditional IC card piece
Same to be noteworthy characterized by: visible card has display and keypress function.Display screen mostly uses Electronic Paper or flexibility LCD to carry out data
It has been shown that, can show the stored value card amount of money, account information;The keypress function of visible card is usually implemented as PIN password, the amount of money, account
Input module;Visible card can realize the strong identity authentication function for reaching " finding is signed " in conjunction with PKI function on card
Can, it can reach the level of security of two generation KEY using security intensity in payment scene.
Currently, there is a kind of common visible card to have the function of OTP, inquiry electronics balance facilit, inquiry electronic cash consumption note
Recording function, it might even be possible to which switching is applied more.These movements are usually to be started by user's key, initiate to operate by control chip,
Safety chip is by the process of dynamic response.
For inquiring electronic cash balances, the communication modes of chip and safety chip are controlled are as follows:
(1) user presses inquiry electronic cash balances key;
(2) after control chip receives, APDU is sent to safety chip and obtains electronic cash balances data;
(3) safety chip sends response, returns to electronic cash balances data to control chip;
(4) control chip is shown to electronic cash balances data on display screen.
In above-mentioned process, the communication of chip and safety chip is usually controlled using 7816 protocols, controls chip
For holotype, it is responsible for initiating communication, sends data to safety chip, and receive response;Safety chip is Passive Mode, by the sound of something astir
The request of chip should be controlled.And this communication modes are based on, safety chip is in Passive Mode always, can not actively initiate data
Transmission.Therefore this communication modes, under the inquiry electronic cash amount of money, the similar operations such as consumer record be it is feasible, be able to satisfy
It is required that these application operatings are to receive user information by control die terminals, initiate to request to safety chip.But there are some fields
The operation of scape, application must be initiated by safety chip end, and existing scheme is then unable to satisfy requirement.
The shortcomings that above-mentioned existing common visible card is that the communication of MCU and SE is initiated by MCU, SE be by dynamic response,
It can not solve to communicate the demand actively initiated by SE.To solve the problems of above-mentioned existing common visible card, currently, also
A kind of improved common visible card increases a control line (as shown in Figure 1) at safety chip end.By increasing a control
Line, using control line, safety chip can signal to control chip, after control chip receives the signal of safety chip, open
Dynamic data communication.The data of the common visible card of the increase control line are described with the PKI application trading signature scene of visible card
Communication process,
Process of data communication is described with the PKI application trading signature scene of visible card, is based on mobile terminal trading signature
Process it is as follows:
(1) mobile terminal sends transaction message to safety chip by NFC antenna;
(2) safety chip analytic message obtains display data.And get out the display data for needing to send to control terminal;
(3) safety chip changes the level of control line, for example switchs to low level or on the contrary by initial high level;
(4) control chip receives the level change of control line;
(5) control terminal sends APDU instruction to safety chip, obtains data from safety chip;
(6) after safety chip receives APDU instruction, display data are sent to control chip;
(7) control chip receives the confirmation message of user, and confirmation message is sent to safety chip by 7816 mouthfuls;
(8) safety chip signs to transaction data;
(9) safety chip sends response data to mobile terminal.
Under scene based on PC transaction, the end PC is needed with a contact card reader, by 7816 interfaces with visually stick into
It is as follows that row communicates its trading signature process:
(1) PC sends transaction message to safety chip by 7816 interfaces;
(2) safety chip analytic message obtains display data.And get out the display data for needing to send to control terminal;
(3) safety chip changes the level of control line, for example switchs to low level or on the contrary by initial high level;
(4) control chip receives the level change of control line;
(5) control terminal sends APDU instruction to safety chip by 7816 mouthfuls, obtains data from safety chip;
(6) after safety chip receives APDU instruction, display data are sent to control chip;
(7) control chip receives the confirmation message of user, and confirmation message is sent to safety chip by 7816 mouthfuls;
(8) safety chip signs to transaction data;
(9) safety chip sends response data to the end PC.
And common visual card device after this improvement, there is also the safeties for reducing visible card, and there are certain safety
Hidden danger, there are loophole, is easy to incur hacker attack in the scene that the end PC is traded by 7816 interfaces and visible card.Cause
It is, visible card (as financial IC card) there are two types of communication interface, one is being communicated by mobile terminal with NFC, another
It is to be communicated in the way of contact 7816 the end PC.The end PC is communicated using contact 7816 with safety chip,
And control terminal similarly passes through 7816 and is communicated with SE, this will lead to safety chip can not identify bottom be which equipment therewith
Communication.This communication mode can cause a kind of security breaches.In PC application scenarios, 7816 interfaces are by PC card reader and control core
Piece multiplexing, hacker can bypass control chip completely, long-range to control PC and card reader, complete payment by sending to instruct, and nothing
It need to be confirmed by user, the security level of such PKI trading signature will substantially reduce, and be unable to reach the effect that finding is signed
Fruit.
Summary of the invention
Based on the above existing technology problems, the present invention provides a kind of safe communication method of visible card, can protect
Demonstrate,prove the safety when control chip and safety chip both-way communication of visible card.
In order to solve the above technical problems, the present invention provides a kind of safe communication method of visible card, comprising:
It is connected to the third communication channel between control chip and safety chip in setting in visible card, setting is matched with institute
The communications protocol in third communication channel is stated, passes through the third communication channel and communication between control chip and the safety chip
The both-way communication that agreement carries out.
The invention has the benefit that being different from 7816 by being arranged between the control chip and safety chip of visible card
The third communication channel of interface, 7816 interfaces are independent, communication isolation is carried out from hardware aspect, and then ensure that control
Chip and safety chip carry out the safety of both-way communication.
Detailed description of the invention
In order to illustrate the technical solution of the embodiments of the present invention more clearly, required use in being described below to embodiment
Attached drawing be briefly described, it should be apparent that, drawings in the following description are only some embodiments of the invention, for this
For the those of ordinary skill in field, without creative efforts, it can also be obtained according to these attached drawings other
Attached drawing.
Fig. 1 is visible card schematic diagram used in safe communication method provided in an embodiment of the present invention;
Fig. 2 is the processing mode schematic diagram of safe communication method provided in an embodiment of the present invention.
Specific embodiment
The following is a clear and complete description of the technical scheme in the embodiments of the invention, it is clear that described embodiment
Only a part of the embodiment of the present invention, instead of all the embodiments.Based on the embodiment of the present invention, ordinary skill
Personnel's every other embodiment obtained without making creative work, belongs to protection scope of the present invention.
Method of the invention is described further in the following with reference to the drawings and specific embodiments.
The embodiment of the present invention provides a kind of safe communication method of visible card, can provide the control chip and safety of visible card
The safety of both-way communication between chip, comprising:
Third communication channel (the structure of visible card between control chip and safety chip is connected in setting in visible card
As shown in Figure 1), setting is matched with the communications protocol in third communication channel, controls logical by third between chip and safety chip
Believe channel and the both-way communication that communications protocol carries out.
In the above method, the third communication channel between control chip and safety chip is connected in setting in visible card and is wrapped
It includes:
The data line of both one group of connections is added as third communication channel between control chip and safety chip;
Or, be connected to existing two IO lines simulation channel UART between control chip and safety chip, the channel I2C or
Other can be carried out the data channel of two-way communication as third communication channel.
In the above method, the communications protocol that setting is matched with third communication channel includes:
If third communication channel is the data line for adding both connections between control chip and safety chip, association is communicated
View controls the customized communications protocol of chip and safety chip both-way communication to be able to satisfy;
If third communication channel is with being connected to existing two IO lines simulation UART between control chip and safety chip
Channel, the channel I2C or other can be carried out the data channel of two-way communication, then communications protocol is logical using the channel UART, I2C is matched with
Road or other can be carried out the communications protocol of the data channel of two-way communication, it is corresponding using being matched with UART when such as using the channel UART
The communications protocol in channel can be carried out double using being corresponded to when the channel I2C using the communications protocol for being matched with the channel I2C using other
The communications protocol that can be carried out two-way communication for being matched with the data channel is then used to the data channel of communication.
In the above method, control between chip and safety chip carried out by third communication channel and communications protocol it is two-way
Communication are as follows: when control chip is as communication initiator, safety chip is as communication recipient;Or, safety chip is as communication hair
When playing side, control chip is as communication recipient.I.e. control chip and safety chip can be used as communication initiator, thus controlling
Both-way communication is realized between coremaking piece and safety chip.
The above method further includes, and channel isolation is arranged between safety chip and control chip, by the channel isolation come
Transmission control chip instruction and control chip data.The channel isolation can be through software-controlled manner in third communication channel
The software channel isolation virtually formed, it is ensured that the safety of data transmission.
Method of the invention is different from the third of 7816 interfaces by control chip and the safety chip setting in visible card
Communication channel not only solves the problems, such as that control chip and safety chip two-way traffic, especially safety chip actively initiate communication
Situation;And 7816 interfaces are independent, communication isolation has been carried out from hardware aspect, has solved control chip and safety chip
Safety communication problem.
As shown in upper figure, in the present solution, the third communication that control chip is connect with the main third communication interface of safety chip
Channel carries out data communication.The third communication interface in third communication channel specifically can be defined independently, for example be controlled using being connected to
Two IO lines between coremaking piece and safety chip simulate UART interface, I2C interface, and then form the channel UART or the channel I2C,
Or one group of data channel is added, the communications protocol of use can be matched with third communication channel type, if third communication channel is
Customized, then communications protocol can also be customized.When communication, control chip and safety chip can be regardless of principals and subordinates, either party is
It can be the initiator communicated, and then realize the both-way communication between control chip and safety chip.
For example with PKI trading signature, the process description traded to visible card using the means of communication of the present invention is as follows:
(1) exterior terminal sends transaction message to safety chip by NFC antenna or 7816 contact interfaces;
(2) safety chip analytic message obtains display data.And get out the display data for needing to send to control terminal;
(3) safety chip sends display data to control chip by third communication interface;
(4) control chip is shown to data on display screen;
(5) user confirms data;
(6) state is sent to safety chip by third communication interface by control chip;
(7) safety chip signs to transaction data, and signature result is returned to exterior terminal.
Method of the invention is independent by 7816 interfaces by the way that third communication channel is arranged, and carries out from hardware aspect
Communication isolation.In terms of control instruction, it can also be adjusted correspondingly.Chip and exterior terminal are controlled, for comparatively safe chip
All it is peripheral terminal, is all communicated using identical agreement, for example is all instructed using APDU.If both to safety chip
Identical instruction is sent, then it is that the data in which channel send over that safety chip, which possibly can not determine on earth, like that still
There are loophole, because hacker still can be disguised oneself as by 7816 interfaces, safety chip is cheated in third communication channel.Therefore, exist
Increase software channel isolation in safety chip COS between third communication channel and 7816 channels, 14443NFC interface and (is equivalent to use
Control software fictionalizes a channel isolation) it is instructed and control chip data to securely transmit control chip.It is as shown in Figure 2: logical
The adjustment of control mode is crossed, visible card PKI application only receives the use that control chip issues safety chip on third communication channel
Family acknowledgement state, safety greatly reinforce.Therefore, this method not only solves the problems, such as control chip and safety chip two-way traffic, but also
Solve the problems, such as the safety communication of control chip and safety chip.
Method of the invention, is arranged third communication channel in visual card control chip and safety chip, and control aspect is logical
Setting channel isolation is crossed, realizes the software isolation of data channel, thus 7816 interfaces are independent, it solves two-way communication and asks
Topic and safety issue.
The foregoing is only a preferred embodiment of the present invention, but scope of protection of the present invention is not limited thereto,
Within the technical scope of the present disclosure, any changes or substitutions that can be easily thought of by anyone skilled in the art,
It should be covered by the protection scope of the present invention.Therefore, protection scope of the present invention should be with the protection model of claims
Subject to enclosing.
Claims (2)
1. a kind of safe communication method of visible card characterized by comprising
The third communication channel for being different from 7816 interfaces between control chip and safety chip is connected in setting in visible card, it will
7816 interfaces are independent, and setting is matched with the communications protocol in the third communication channel, the control chip and safety chip
Between pass through the third communication channel and communications protocol and carry out both-way communication;The setting in visible card is connected to control core
Third communication channel between piece and safety chip includes: to add both connections between the control chip and safety chip
Data line is as third communication channel;
If the communications protocol that the setting is matched with the third communication channel includes: that the third communication channel is in the control
The data line of both one group of connections is added between coremaking piece and safety chip, then communications protocol is to be able to satisfy control chip and safety
The customized communications protocol of chip both-way communication;
It further include that channel isolation is set between the safety chip and the control chip, is transmitted by the channel isolation
Chip instruction and control chip data are controlled, the channel isolation is by software-controlled manner in third communication channel virtual shape
At software channel isolation.
2. the safe communication method of visible card according to claim 1, which is characterized in that the control chip and safe core
Both-way communication is carried out by the third communication channel and communications protocol between piece are as follows:
When the control chip is as communication initiator, the safety chip is as communication recipient;
Or, the control chip is as communication recipient when the safety chip is as communication initiator.
Priority Applications (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN201510271878.3A CN104954134B (en) | 2015-05-25 | 2015-05-25 | The safe communication method of visible card |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN201510271878.3A CN104954134B (en) | 2015-05-25 | 2015-05-25 | The safe communication method of visible card |
Publications (2)
| Publication Number | Publication Date |
|---|---|
| CN104954134A CN104954134A (en) | 2015-09-30 |
| CN104954134B true CN104954134B (en) | 2019-08-20 |
Family
ID=54168512
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN201510271878.3A Expired - Fee Related CN104954134B (en) | 2015-05-25 | 2015-05-25 | The safe communication method of visible card |
Country Status (1)
| Country | Link |
|---|---|
| CN (1) | CN104954134B (en) |
Families Citing this family (2)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN108108802B (en) * | 2017-12-06 | 2021-08-13 | 河北吕望信息科技有限公司 | Visual card and balance display method thereof |
| CN108319879B (en) * | 2018-01-30 | 2022-01-04 | 河北吕望信息科技有限公司 | Based on I2C protocol visual card and information display method thereof |
Family Cites Families (6)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN1316720A (en) * | 2000-04-04 | 2001-10-10 | 王耀 | Improved interface structure of intelligent IC card and embedded SAM security module |
| CN101193045A (en) * | 2006-11-21 | 2008-06-04 | 中兴通讯股份有限公司 | Method for capturing and limiting speed of data packets via line card |
| CN101916391B (en) * | 2010-07-27 | 2012-12-19 | 武汉天喻信息产业股份有限公司 | Mobile payment smart card and control method thereof |
| CN104346648B (en) * | 2014-10-14 | 2018-01-23 | 北京金玉衡科技有限责任公司 | Multifunctional visible card device |
| CN204270354U (en) * | 2014-12-02 | 2015-04-15 | 上海动联信息技术股份有限公司 | Portable two-dimensional code order generates terminal |
| CN104795866A (en) * | 2015-05-04 | 2015-07-22 | 北京金玉衡科技有限责任公司 | Power control method for visual cards |
-
2015
- 2015-05-25 CN CN201510271878.3A patent/CN104954134B/en not_active Expired - Fee Related
Also Published As
| Publication number | Publication date |
|---|---|
| CN104954134A (en) | 2015-09-30 |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| CN103560886B (en) | Authentication method for electronic signature equipment | |
| KR101561499B1 (en) | Authentication method using the NFC authentication card | |
| CN103793815A (en) | Mobile intelligent terminal acquirer system and method suitable for bank cards and business cards | |
| EP2908249A1 (en) | System for multiplexing usb interface transmission data | |
| CN210691384U (en) | Face recognition payment terminal platform based on security unit and trusted execution environment | |
| CN102521744A (en) | Network payment method and apparatus thereof | |
| CN105117905A (en) | Wireless Key payment system based on visible light communications and payment method | |
| US9396468B2 (en) | Apparatus for securing electronic transactions using secure electronic signatures | |
| CN105138892A (en) | Data interaction method and apparatus applied to composite smart card device | |
| US20170161473A1 (en) | Secure pairing of personal device with host device | |
| CN104954134B (en) | The safe communication method of visible card | |
| CN103368612B (en) | By switching to silence, electronic equipment communication is controlled method and apparatus | |
| CN103854181B (en) | A kind of electric endorsement method and electronic signature equipment, client and system | |
| CN203490736U (en) | Portable payment device | |
| CN103873256A (en) | Working method of NFC token | |
| CN104574054A (en) | Wearable device with payment function and method for exerting payment function | |
| CN105743855B (en) | A kind of safety control system of Internet application equipment and its distribution, application method | |
| CN207869159U (en) | Mobile device and subscriber identity module card | |
| KR102210898B1 (en) | Method for Linking Transaction to One Time Authentication Code | |
| CN104901957A (en) | Method and device for initializing electronic token equipment | |
| CN105228088B (en) | The self refresh public-key cryptographic keys of mobile payment near-field communication exchange method | |
| CN215268339U (en) | Remote government affair service terminal | |
| KR101755095B1 (en) | System for operating virtual electronic cashbox using automatic teller machine and method thereof | |
| CN204967837U (en) | Electron token equipment | |
| CN203102332U (en) | Mobile phone payment card with SIM interface, SD interface and wireless function |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| C06 | Publication | ||
| PB01 | Publication | ||
| C10 | Entry into substantive examination | ||
| SE01 | Entry into force of request for substantive examination | ||
| GR01 | Patent grant | ||
| GR01 | Patent grant | ||
| CF01 | Termination of patent right due to non-payment of annual fee | ||
| CF01 | Termination of patent right due to non-payment of annual fee |
Granted publication date: 20190820 Termination date: 20200525 |