CN105303377A - Smart card slave security domain key updating method and electronic payment system - Google Patents

Smart card slave security domain key updating method and electronic payment system Download PDF

Info

Publication number
CN105303377A
CN105303377A CN201510655668.4A CN201510655668A CN105303377A CN 105303377 A CN105303377 A CN 105303377A CN 201510655668 A CN201510655668 A CN 201510655668A CN 105303377 A CN105303377 A CN 105303377A
Authority
CN
China
Prior art keywords
security domain
management platform
card
application provider
key
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Granted
Application number
CN201510655668.4A
Other languages
Chinese (zh)
Other versions
CN105303377B (en
Inventor
余万涛
马景旺
贾倩
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
ZTE Corp
Original Assignee
ZTE Corp
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by ZTE Corp filed Critical ZTE Corp
Priority to CN201510655668.4A priority Critical patent/CN105303377B/en
Publication of CN105303377A publication Critical patent/CN105303377A/en
Application granted granted Critical
Publication of CN105303377B publication Critical patent/CN105303377B/en
Expired - Fee Related legal-status Critical Current
Anticipated expiration legal-status Critical

Links

Classifications

    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06QINFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES, NOT OTHERWISE PROVIDED FOR
    • G06Q20/00Payment architectures, schemes or protocols
    • G06Q20/38Payment protocols; Details thereof
    • G06Q20/382Payment protocols; Details thereof insuring higher security of transaction
    • G06Q20/3829Payment protocols; Details thereof insuring higher security of transaction involving key management
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/06Network architectures or network communication protocols for network security for supporting key management in a packet data network
    • H04L63/062Network architectures or network communication protocols for network security for supporting key management in a packet data network for key distribution, e.g. centrally by trusted party
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/30Authentication, i.e. establishing the identity or authorisation of security principals
    • G06F21/31User authentication
    • G06F21/34User authentication involving the use of external additional devices, e.g. dongles or smart cards
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06QINFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES, NOT OTHERWISE PROVIDED FOR
    • G06Q20/00Payment architectures, schemes or protocols
    • G06Q20/38Payment protocols; Details thereof
    • G06Q20/40Authorisation, e.g. identification of payer or payee, verification of customer or shop credentials; Review and approval of payers, e.g. check credit lines or negative lists
    • G06Q20/401Transaction verification
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/08Network architectures or network communication protocols for network security for authentication of entities
    • H04L63/0853Network architectures or network communication protocols for network security for authentication of entities using an additional device, e.g. smartcard, SIM or a different communication terminal
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04WWIRELESS COMMUNICATION NETWORKS
    • H04W12/00Security arrangements; Authentication; Protecting privacy or anonymity
    • H04W12/04Key management, e.g. using generic bootstrapping architecture [GBA]
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04WWIRELESS COMMUNICATION NETWORKS
    • H04W12/00Security arrangements; Authentication; Protecting privacy or anonymity
    • H04W12/08Access security
    • H04W12/086Access security using security domains

Abstract

The invention provides a smart card slave security domain key updating method and an electronic payment system. The smart card slave security domain key updating method comprises the steps of triggering an application downloading request by a user, and transmitting the application downloading request to an application provider management platform; transmitting security domain establishing request information by the application provider management platform to a card issuer management platform; transmitting an initial key of the slave security domain by the card issuer management platform to a smart card main security domain by means of the application provider management platform and an application provider service terminal, and initializing the slave security domain by the smart card main security domain according to the initial key of the slave security domain; and transferring a control right of the slave security domain to the application provider management platform by the card issuer management platform, and updating the initial key of the smart card slave security domain by the application provider management platform. The smart card slave security domain key updating method and the electronic payment system realize transmission of a new slave security domain key to the smart card slave security domain through a safe communication channel, thereby updating the slave security domain key.

Description

A kind of key of slave security domain of intelligent card update method and electronic fare payment system
This case is the divisional application of patented claim 200810177014.5, and the applying date of original application is on November 10th, 2008, and application number is 200810177014.5, and invention and created name is that a kind of key of slave security domain of intelligent card upgrades distribution method, system and mobile terminal.
Technical field
The present invention relates to the electronic payment of mobile terminal technology based on NFC (NearFieldCommunication, near-field communication technology), especially, relate to a kind of key of slave security domain of intelligent card update method and electronic fare payment system.
Background technology
Near-field communication technology (NearFieldCommunication, NFC) is a kind of the short distance wireless communication technology working in 13.56MHz, is merged develop by RFID technique and interconnection technique.After the integrated NFC technique of the mobile communication terminals such as mobile phone, non-contact IC card can be simulated, for the relevant application paid by mails.Mobile communication terminal realizes the program to need in terminal, increase NFC analog front-end chip and NFC antenna, and use the smart card supporting to pay by mails.
IC-card particularly non-contact IC card, through the development of more than ten years, has been widely used in the fields such as public transport, gate inhibition, doit electronic payment.Meanwhile, mobile phone experiences more than 20 year developing rapidly, is substantially popularized in resident, brings very large facility to the work of people and life.From strength to strength, and there is integrated multi-purpose trend in the function of mobile phone.By mobile phone and non-contact IC card combine with technique, mobile phone is applied to E-Payment field, and can expand the usable range of mobile phone further, it is convenient to bring to the life of people, there is wide application prospect.
For realizing the mobile electronic payment based on NFC technique, need to set up electronic payment of mobile terminal system, the management to the electronic payment of mobile terminal based on NFC is realized by this system, comprise: the distribution of smart card, pay the download of application, installation and individualized by mails, adopt correlation technique and operating strategy to realize paying by mails the safety etc. of application.
Business framework based on the electronic payment of mobile terminal system of NFC technique adopts many application frameworks of GlobalPlatform (global platform) specification usually, under this framework, support that the smart card of GlobalPlatform specification refers to and meet GlobalPlatformCardSpecificationV2.1.1/V2.2 (global platform calliper model version 2 .1.1/2.2, GP2.1.1 or GP2.2) the IC chip of specification or smart card, it can be SIM/USIM card physical form, i.e. client identification module (SubscriberIdentityModel)/UMTS Subscriber identification module (UMTSSubscriberIdentityModuleUMTS), pluggable intelligent memory card or integrated IC chip on mobile terminals.
If support GP2.1.1 specification based on the electronic payment of mobile terminal system of near-field communication (NFC) technology, escape way agreement needs to support SCP02 (based on symmetric key), if support GP2.2 specification based on the electronic payment of mobile terminal system of near-field communication technology, escape way agreement needs to support SCP02 (based on symmetric key) and SCP10 (based on unsymmetrical key), and card issuing business, application provider can select according to security strategy demand.
Generally, the mobile terminal mobile terminal that closely electronic fare payment system has E-Payment application function smart card primarily of card issuing business management platform, application provider's management platform and support based on NFC forms, and can there is multiple application providers management platform in this system.
The smart card supporting GlobalPlatform specification can install multiple application, in order to realize the safety paying application by mails, smart card is separated into several independently security domains, to ensure multiple application isolation each other and independence, each application provider manages respective security domain and application, application data etc.
Security domain is that the outer entity of card comprises card publisher and the application provider representative on card, and they comprise the key for supporting the running of escape way agreement and smart card Content Management.Security domain comprises main security domain and from security domain etc.Main security domain is that card publisher compulsory card on smart cards represents.That card publisher or application provider on smart cards additional can card selection previous generation table from security domain.
The secret generating of security domain, distribution are responsible for by the card publisher or application provider that manage this security domain with renewal, which ensure that can to coexist on same card from the application of different application supplier and data.The key of security domain comprises main security domain key, from security domain initial key with from security domain key.Main security domain key and being generated by card distributor management platform from security domain initial key, generates from the card distributor management platform of security domain or application provider's management platform from security domain key by managing.
E-Payment application is being downloaded and before being installed to smart card, is needing first to create from security domain for this application on smart cards.The establishment of slave security domain of intelligent card is completed by card distributor management platform.After smart card issuance, create slave security domain of intelligent card time, from security domain initial key must by card distributor management platform by secure way import to smart card from security domain.
After having created from security domain, download pay by mails application time, need will be updated to from security domain initial key pay by mails application use key, be namely updated to pay by mails application use from security domain key.When what E-Payment application used has certain life cycle from security domain key, the renewal from security domain key must be completed before terminating from security domain key life cycle.In addition, also may due to security reason need force upgrade pay by mails application use from security domain key.From security domain key as confidential data, need to take reliable and safe method that relevant key is imported to slave security domain of intelligent card in key updating process, to realize distributing from the security update of security domain key.
It is relevant with the specific implementation of SNA from the renewal distribution procedure of security domain key that E-Payment application uses.In order to realize the security management of smart card and pay the download, installation etc. of application by mails, smart card needs to set up with card distributor management platform and application provider's management platform to communicate.Smart card can be communicated with management platform foundation by service terminal.Service terminal is the equipment can read and write smart card, as the POS etc. be connected with computing machine.When using service terminal, for the situation of symmetric key, how realizing the security update distribution of key of slave security domain of intelligent card, is the problem that electronic payment of mobile terminal needs to solve.
Summary of the invention
The technical problem to be solved in the present invention is to provide a kind of key of slave security domain of intelligent card update method and electronic fare payment system, realizes the security update from security domain key when using service terminal.
In order to solve the problems of the technologies described above, the invention provides a kind of key of slave security domain of intelligent card update method, realize based on electronic payment of mobile terminal system, described electronic payment of mobile terminal system comprises the smart card having and pay application function by mails, application provider's service terminal, application provider's management platform and card distributor management platform, described smart card is directly connected with described application provider management platform by described application provider service terminal, described application provider management platform and described card distributor management platform pass through private line access, described application provider management platform management smart card from security domain, described method comprises:
User triggers application and downloads application, submits to application to download application to described application provider management platform;
Described application provider management platform is submitted to from security domain request to create information to described card distributor management platform;
Described card distributor management platform sends from security domain initial key to the main security domain of smart card via application provider's management platform and application provider's service terminal, the main security domain of described smart card with described from the initialization of security domain initial key from security domain;
Control from security domain is handed to described application provider management platform by described card distributor management platform, and described application provider management platform upgrades the initial key of slave security domain of intelligent card.
In order to solve the problems of the technologies described above, present invention also offers a kind of electronic fare payment system, comprise the smart card, application provider's service terminal, application provider's management platform and the card distributor management platform that have and pay application function by mails, described smart card is directly connected with described application provider management platform by described application provider service terminal, described application provider management platform and described card distributor management platform by private line access, described application provider management platform management smart card from security domain; Wherein,
Described application provider management platform, application is downloaded in the application submitted to for receiving user, submits to from security domain request to create information to described card distributor management platform; Also for upgrading the initial key of slave security domain of intelligent card;
Described card distributor management platform, for sending from security domain initial key to the main security domain of smart card via application provider's management platform and application provider's service terminal; Also for the control from security domain is handed to described application provider management platform;
Described smart card, for receive described card distributor management platform send from security domain initial key, initialization is from security domain.
The key of slave security domain of intelligent card update method that the present invention proposes and electronic fare payment system, can solve after hair fastener, for the situation of symmetric key, when user's down loading updating, generate new for security domain key, and by secured communication channel, this new is sent to slave security domain of intelligent card from security domain key, to upgrade from security domain key.
Accompanying drawing explanation
Fig. 1 is the electronic payment of mobile terminal system architecture schematic diagram that the present invention is based on near-field communication technology;
Fig. 2 be for card publisher management from security domain, the present invention is based on card publisher service terminal from security domain initial key renewal distribution flow schematic diagram;
Fig. 3 be for application provider's management from security domain, what the present invention is based on application provider's service terminal upgrades distribution flow schematic diagram from security domain initial key;
Fig. 4 be the present invention is directed to card publisher management from security domain, expire due to key or force to upgrade cause based on card publisher service terminal from security domain key renewal distribution flow schematic diagram;
Fig. 5 be the present invention is directed to application provider's management from security domain, expire due to key or force to upgrade cause upgrade distribution flow schematic diagram based on application provider's service terminal from security domain key.
Embodiment
For making object of the present invention, technical scheme and advantage are clearly understood, to develop simultaneously preferred embodiments referring to accompanying drawing, the present invention is described in more detail.
The present invention is based on the electronic payment of mobile terminal system architecture shown in Fig. 1 is that example is described, but is not limited to the system architecture of electronic payment of mobile terminal shown in Fig. 1.
Fig. 1 shows electronic payment of mobile terminal system of the present invention, comprise application provider's management platform, card distributor management platform, application provider's service terminal, card publisher service terminal, mobile terminal and smart card, smart card is installed on mobile terminals, this system also can not comprise mobile terminal, and now smart card is an autonomous device.Application provider's management platform and card distributor management platform are referred to as management platform, and application provider's service terminal and card publisher service terminal are referred to as service terminal.
Described smart card supports GlobalPlatformCardSpecificationV2.1.1/V2.2 specification; There is the smart card paying application function by mails can be directly connected with card distributor management platform or application provider's management platform respectively with application provider service terminal by card publisher service terminal.When there is the smart card paying application function by mails and installing on mobile terminals, mobile terminal can be connected with card distributor management platform and application provider's management platform respectively by card publisher's service terminal or application provider's service terminal, for carrying out recognizing each other card with the management platform of management slave security domain of intelligent card, and receive described management platform distribution from security domain key, upgrade from security domain key, described mutual verification process and from security domain key distribution all by described application provider service terminal or the realization of card publisher service terminal.
Card publisher service terminal, is managed by card distributor management platform, and smart card is by mobile terminal and card publisher's service terminal or directly communicated with card distributor management platform by card publisher service terminal;
Application provider's service terminal, is managed by application provider's management platform, and smart card is by mobile terminal and application provider's service terminal or directly communicated with application provider management platform by application provider's service terminal;
Card distributor management platform, be responsible for distribution and the management of smart card, the resource of smart card and life cycle, key, certificate are managed, be responsible for the establishment from security domain, and with other security domain interactive application data, comprising establishment from security domain, carry out recognizing each other with described smart card and demonstrate,prove and set up interim conversation key, and generation is from security domain initial key and new for security domain key.With regard to specific implementation, card distributor management platform can comprise card management system, application management system, key management system, certificate management system, application provider's management system etc., wherein certificate management system uses when supporting unsymmetrical key, and certificate management system is connected with card issuing business certification authority (CA) system;
Application provider's management platform, be responsible for paying providing and management function of application by mails, miscellaneous service is provided to apply, and carry out safety management to corresponding with it on smart card from security domain, described application key, certificate, data etc. from security domain is controlled, the functions such as the secure download of application, installation are provided.Demonstrate,prove and set up interim conversation key comprising carrying out recognizing each other with described smart card, and generate new for security domain key.With regard to specific implementation, application provider's management platform can comprise application management system, key management system, certificate management system, wherein certificate management system uses when supporting unsymmetrical key, and certificate management system is connected with certification authority of application provider (CA) system.
Card distributor management platform and application provider's management platform can provide E-Payment regarding service by respective service terminal: participate in process and pay subscriber information management by mails, participate in the establishment from security domain and key distribution, the download of E-Payment application and the individualized of E-Payment application etc.Safe lane (as private line access) can be passed through between application provider's management platform and card distributor management platform communicate.
Be that example is described below in conjunction with the electronic payment of mobile terminal system architecture shown in Fig. 1, but be not limited to the system architecture of electronic payment of mobile terminal shown in Fig. 1, distribution method is upgraded to key of slave security domain of intelligent card of the present invention and is described:
Two kinds are related generally to from the key updating of security domain:
One, when user downloads and pays application by mails, need the initial key of the slave security domain of intelligent card with this E-Payment association to be updated to from security domain key.
Step s1, card distributor management platform creates slave security domain of intelligent card.
Card distributor management platform can create from security domain on smart cards according to downloading relevant application information with application, downloads relevant application information can comprise smart card ICCID information, application identities and application provider's identity information etc. with application.This application information sends to card distributor management platform by user by card publisher service terminal, or send to application provider's management platform by user by application provider's service terminal, application provider's management platform sends to card distributor management platform again, or is submitted to from security domain request to create to card distributor management platform according to described application information by application provider's management platform.
Step s2, the management platform difference according to this slave security domain of intelligent card takes different initial key update methods.
After slave security domain of intelligent card has created, if managed from security domain by application provider's management platform, card distributor management platform will send to application provider's management platform from security domain essential information (should comprise slave security domain of intelligent card identification information from security domain essential information) and initial key, thus the control from security domain is handed to the application provider management platform of management from security domain, then application provider's management platform upgrades the initial key from security domain;
If slave security domain of intelligent card is managed by card distributor management platform, apply for concrete E-Payment of downloading the initial key upgraded from security domain by card distributor management platform.
When upgrading, comprise following steps:
Step s201, manage this card distributor management platform from security domain or application provider's management platform according to information such as initial key of slave security domain of intelligent card, start card distributor management platform or application provider's management platform and recognizing each other of slave security domain of intelligent card and demonstrate,prove and set up secure communication channel.For the slave security domain of intelligent card of card distributor management platform management, described mutual verification process completes between described card distributor management platform and described smart card via described card publisher service terminal.For the slave security domain of intelligent card of application provider's management platform management, described mutual verification process completes between described application provider management platform and described smart card via described application provider service terminal.Complete after recognizing each other card, described card distributor management platform or set up interim conversation key between described application provider management platform and described slave security domain of intelligent card, this interim conversation key can be followed GlobalPlatformCardSpecificationV2.1.1/V2.2 specification and set up, and also can pass through other method establishment; This interim conversation key is used for card distributor management platform or the communication encryption between application provider's management platform and slave security domain of intelligent card.
Step s202, described card distributor management platform or described application provider management platform generate new for security domain key, by described card distributor management platform or the secure communication channel set up between described application provider management platform and described smart card, what card distributor management platform or application provider management platform are generated new imports to described slave security domain of intelligent card from security domain key via card publisher service terminal or application provider's service terminal, completes and distributes from the security update of security domain key.
Two, distribute because key expires or force to upgrade upgrading from security domain key of carrying out
When the E-Payment associated with slave security domain of intelligent card apply current use from security domain key, there is an appointment life cycle time, must by the management card distributor management platform of this slave security domain of intelligent card or application provider's management platform upgrading from security domain key this current use before the terminating from the life cycle of security domain key of current use;
When need due to security reason the E-Payment upgrading slave security domain of intelligent card association apply current use from security domain key time, pressures renewal can be carried out to this current use from security domain key by the management card distributor management platform of this slave security domain of intelligent card or application provider's management platform.
Concrete update method comprises:
When expiring from security domain key or force to upgrade from security domain key due to security reason, according to current using from security domain key, start card distributor management platform or application provider's management platform and recognizing each other of slave security domain of intelligent card is demonstrate,proved and set up secure communication channel.For card publisher management from security domain, described mutual verification process completes between described card distributor management platform and described smart card via card publisher service terminal.For application provider management from security domain, described mutual verification process can complete between described application provider management platform and described smart card via described application provider service terminal.
Complete after recognizing each other card, described card distributor management platform or set up interim conversation key between described application provider management platform and described slave security domain of intelligent card, this interim conversation key can be followed GlobalPlatformCardSpecificationV2.1.1/V2.2 specification and set up, and also can pass through other method establishment.This interim conversation key is used for card distributor management platform or the communication encryption between application provider's management platform and slave security domain of intelligent card.
Described card distributor management platform or described application provider management platform generate new for security domain key, by described card distributor management platform or the secure communication channel set up between described application provider management platform and described smart card, what card distributor management platform or application provider management platform are generated new imports to described slave security domain of intelligent card from security domain key via described card publisher's service terminal or application provider's service terminal, completes and distributes from the security update of security domain key.
Key of slave security domain of intelligent card update method of the present invention is further illustrated below by example, wherein, Fig. 2, Fig. 3 relate to and distributing from the renewal of security domain initial key, Fig. 4, Fig. 5 relate to because key expires or forces to upgrade the renewal from security domain key caused and distributes.
Fig. 2 is according to of the present invention, for card publisher management from security domain based on card publisher service terminal from security domain initial key renewal distribution flow schematic diagram.As shown in Figure 2, for the comprising from security domain initial key renewal distribution flow step based on card publisher service terminal of card publisher management:
Step 201: card distributor management platform, according to from security domain initial key, sends SELECT command message via card publisher service terminal to smart card, selects from security domain;
Step 202: smart card submits SELECT command response message via card publisher service terminal to card distributor management platform;
Step 203: card distributor management platform sets up secure communication channel via card publisher service terminal and slave security domain of intelligent card, such as sets up SCP02 safe lane;
The method setting up secure communication channel is: carry out between card distributor management platform and slave security domain of intelligent card recognizing each other card, after carrying out recognizing each other card, set up interim conversation key, for communication encryption between the two, this interim conversation key can be followed GlobalPlatformCardSpecificationV2.1.1/V2.2 specification and set up, and also can pass through other method establishment; Described mutual verification process completes between described card distributor management platform and described slave security domain of intelligent card via card publisher service terminal.
Step 204: card distributor management platform generates new for security domain key;
Step 205: card distributor management platform, by PUTKEY order, sends new for security domain key via card publisher service terminal to slave security domain of intelligent card;
Step 206: slave security domain of intelligent card receives new after security domain key, completes the renewal rewards theory from security domain initial key;
Step 207: slave security domain of intelligent card sends PUTKEY command response via card publisher service terminal to card distributor management platform, terminates the renewal process from security domain initial key.
Before above-mentioned steps 201, also comprise card distributor management platform and apply according to user and download application and set up slave security domain of intelligent card, and issue initial key of slave security domain of intelligent card to from the step of slave security domain of intelligent card.
Fig. 3 is according to of the present invention, upgrades distribution flow schematic diagram for application provider's management from security domain based on application provider's service terminal from security domain initial key.As shown in Figure 3, for the comprising from security domain initial key renewal distribution flow step based on application provider's service terminal from security domain of application provider's management:
Step 301: user triggers application by application provider's service terminal client-side program or card-programm and downloads application, and submit to application to download application to application provider's management platform, application is downloaded application and is comprised smartcard identification information (ICCID) etc.;
Step 302: application provider's management platform is submitted to from security domain request to create information to card distributor management platform, comprises application provider's identity information (ASP-ID) and smartcard identification information (ICCID) etc. at request message;
Step 303: the checking of card distributor management platform should from security domain request to create information, and determine whether to allow this request.Card distributor management platform judges whether to be created from security domain by application provider's management platform.
If card distributor management platform judges not need to create from security domain according to the smartcard identification information in this request to create information and application provider's identity etc., then stop from security domain constructive process, otherwise, continue to perform subsequent step;
Step 304: card distributor management platform sends SELECT command message via application provider's management platform, application provider's service terminal to smart card, selects main security domain;
Step 305: smart card submits SELECT command response message via application provider's service terminal and application provider's management platform to card distributor management platform;
Step 306: card distributor management platform and the main security domain of smart card set up secure communication channel via application provider's management platform and application provider's service terminal, as set up SCP02 safe lane;
The method setting up secure communication channel is: carry out recognizing each other card between card distributor management platform and the main security domain of smart card, after carrying out recognizing each other card, set up interim conversation key, for communication encryption between the two, this interim conversation key can be followed GlobalPlatformCardSpecificationV2.1.1/V2.2 specification and set up, and also can pass through other method establishment; Described mutual verification process completes between described card distributor management platform and the main security domain of described smart card via application provider's management platform, application provider's service terminal.
Step 307: card distributor management platform sends INSTALL order via application provider's management platform and application provider's service terminal to smart card;
Step 308: smart card submits INSTALL command response via application provider's service terminal and application provider's management platform to card distributor management platform;
Step 309: card distributor management platform generates from security domain initial key;
Step 310: card distributor management platform, by PUTKEY order, sends from security domain initial key to the main security domain of smart card via application provider's management platform and application provider's service terminal;
Step 311: the main security domain of smart card receives after security domain initial key, with receive from the initialization of security domain initial key from security domain;
Step 312: the main security domain of smart card sends PUTKEY command response via application provider's service terminal and application provider's management platform to card distributor management platform;
Step 313: card distributor management platform returns from security domain essential information and from security domain initial key to application provider's management platform;
Wherein, slave security domain of intelligent card identification information should be comprised from security domain essential information.
Step 314: application provider's management platform is added from security domain relevant information in a database;
Step 315: application provider's management platform sends SELECT command message via application provider's service terminal to smart card, selects from security domain;
Step 316: smart card submits SELECT command response via application provider's service terminal to application provider's key management system;
Step 317: application provider's management platform sets up secure communication channel via application provider's service terminal and slave security domain of intelligent card, as set up SCP02 safe lane;
The method setting up secure communication channel is: carry out between application provider's management platform and slave security domain of intelligent card recognizing each other card, after carrying out recognizing each other card, set up interim conversation key, for communication encryption between the two, this interim conversation key can be followed GlobalPlatformCardSpecificationV2.1.1/V2.2 specification and set up, and also can pass through other method establishment; Described mutual verification process completes between described application provider management platform and described slave security domain of intelligent card via application provider's service terminal.
Step 318: application provider management platform generates new for security domain key;
Step 319: application provider's management platform, by PUTKEY order, sends new for security domain key via application provider's service terminal to slave security domain of intelligent card;
Step 320: slave security domain of intelligent card receives new after security domain key, completes the renewal rewards theory from security domain initial key;
Step 321: slave security domain of intelligent card sends PUTKEY command response via application provider's service terminal to application provider's management platform, terminates from security domain key distribution procedure.
Fig. 4 is according to of the present invention, for card publisher management from security domain, expire due to key or force to upgrade cause based on card publisher service terminal from security domain key renewal distribution flow schematic diagram.As shown in Figure 4, for card publisher management from security domain, expire due to key or force to upgrade the comprising from security domain key renewal distribution flow step based on card publisher service terminal caused:
Step 401, card distributor management platform send SELECT command message via card publisher service terminal to smart card, select from security domain;
Step 402, smart card submit SELECT command response via card publisher service terminal to card distributor management platform;
Step 403, card distributor management platform set up secure communication channel via card publisher service terminal and slave security domain of intelligent card, as set up SCP02 safe lane;
The method setting up secure communication channel is: carry out between card distributor management platform and slave security domain of intelligent card recognizing each other card, after carrying out recognizing each other card, set up interim conversation key, for communication encryption between the two, this interim conversation key can be followed GlobalPlatformCardSpecificationV2.1.1/V2.2 specification and set up, and also can pass through other method establishment; Described mutual verification process completes between described card distributor management platform and described slave security domain of intelligent card via card publisher service terminal.
Step 404, card distributor management platform generate new for security domain key;
Step 405, card distributor management platform, by PUTKEY order, send new for security domain key via card publisher service terminal to slave security domain of intelligent card;
Step 406, slave security domain of intelligent card receive new after security domain key, complete the renewal rewards theory of key of slave security domain of intelligent card;
Step 407, slave security domain of intelligent card send PUTKEY command response via card publisher service terminal to card distributor management platform, terminate from security domain key renewal process.
Fig. 5 is according to of the present invention, for application provider's management from security domain, expire due to key or force to upgrade cause upgrade distribution flow schematic diagram based on application provider's service terminal from security domain key.As shown in Figure 5, for application provider's management from security domain, expire due to key or force to upgrade the upgrading distribution flow step from security domain key and comprising based on application provider's service terminal caused:
Step 501, application provider's management platform send SELECT command message via application provider's service terminal to smart card, select from security domain;
Step 502, smart card submit SELECT command response via application provider's service terminal to application provider's management platform;
Step 503, application provider's management platform set up SCP02 safe lane via application provider's service terminal and slave security domain of intelligent card;
The method setting up secure communication channel is: carry out between application provider's management platform and slave security domain of intelligent card recognizing each other card, after carrying out recognizing each other card, set up interim conversation key, for communication encryption between the two, this interim conversation key can be followed GlobalPlatformCardSpecificationV2.1.1/V2.2 specification and set up, and also can pass through other method establishment; Described mutual verification process completes between described application provider management platform and described slave security domain of intelligent card via application provider's service terminal.
Step 504, application provider management platform generate new for security domain key;
Step 505, application provider's management platform, by PUTKEY order, are carried new for security domain key in order, send new for security domain key via application provider's service terminal to slave security domain of intelligent card;
Step 506, slave security domain of intelligent card receive new after security domain key, complete the renewal rewards theory from security domain key;
Step 507, slave security domain of intelligent card send PUTKEY command response via application provider's service terminal to application provider's management platform, terminate from security domain key renewal process.
Key of slave security domain of intelligent card update method of the present invention, system and mobile terminal, the situation for symmetric key can be solved, by card distributor management platform through card publisher service terminal, or application provider's management platform will import slave security domain of intelligent card safely from security domain key through application provider's service terminal, realize the security update distribution of key of slave security domain of intelligent card.
The present invention also can have other various embodiments; when not deviating from the present invention's spirit and essence thereof; those of ordinary skill in the art are when making various corresponding change and distortion according to the present invention, and these change accordingly and are out of shape the protection domain that all should belong to the claim appended by the present invention.

Claims (10)

1. a key of slave security domain of intelligent card update method, it is characterized in that, realize based on electronic payment of mobile terminal system, described electronic payment of mobile terminal system comprises the smart card having and pay application function by mails, application provider's service terminal, application provider's management platform and card distributor management platform, described smart card is directly connected with described application provider management platform by described application provider service terminal, described application provider management platform and described card distributor management platform pass through private line access, described application provider management platform management smart card from security domain, described method comprises:
User triggers application and downloads application, submits to application to download application to described application provider management platform;
Described application provider management platform is submitted to from security domain request to create information to described card distributor management platform;
Described card distributor management platform sends from security domain initial key to the main security domain of smart card via application provider's management platform and application provider's service terminal, the main security domain of described smart card with described from the initialization of security domain initial key from security domain;
Control from security domain is handed to described application provider management platform by described card distributor management platform, and described application provider management platform upgrades the initial key of slave security domain of intelligent card.
2. the method for claim 1, it is characterized in that, wherein, describedly to send from security domain initial key to the main security domain of smart card via application provider's management platform and application provider's service terminal, the main security domain of described smart card, specifically comprises from the initialization of security domain initial key from security domain with described:
Described card distributor management platform and the main security domain of smart card set up secure communication channel via described application provider management platform and application provider's service terminal;
Described card distributor management platform sends INSTALL order by described secure communication channel to smart card;
Described smart card submits INSTALL command response by described secure communication channel to card distributor management platform;
Described card distributor management platform generates from security domain initial key;
Described card distributor management platform utilizes PUTKEY order, sends described from security domain initial key by described secure communication channel to the main security domain of smart card;
The main security domain of described smart card with described in receiving from the initialization of security domain initial key from security domain;
The main security domain of described smart card sends PUTKEY command response by described secure communication channel to card distributor management platform.
3. method as claimed in claim 2, it is characterized in that, wherein, described card distributor management platform and the main security domain of smart card set up secure communication channel via described application provider management platform and application provider's service terminal, specifically comprise:
Described card distributor management platform sends SELECT command message via described application provider management platform and application provider's service terminal to smart card, selects main security domain;
Described smart card submits SELECT command response message via described application provider service terminal and application provider's management platform to card distributor management platform;
Described card distributor management platform and the main security domain of smart card set up secure communication channel via described application provider management platform and application provider's service terminal; Described secure communication channel of setting up is specially: carry out recognizing each other card between described card distributor management platform and the main security domain of smart card, after carrying out recognizing each other card, sets up the interim conversation key for communication encryption between the two.
4. the method for claim 1, it is characterized in that, wherein, the control from security domain is handed to described application provider management platform by described card distributor management platform, described application provider management platform upgrades the initial key from security domain, specifically comprises:
Described card distributor management platform sends from security domain essential information with from security domain initial key to application provider's management platform;
Described application provider management platform is added described from security domain relevant information in a database;
Described application provider management platform sends SELECT command message via described application provider service terminal to smart card, selects from security domain;
Described smart card submits SELECT command response via described application provider service terminal to application provider;
Described application provider management platform and slave security domain of intelligent card set up secure communication channel, new send to slave security domain of intelligent card from security domain key by described secure communication channel by what generate, described slave security domain of intelligent card completes the renewal rewards theory from security domain initial key.
5. method as claimed in claim 4, it is characterized in that, wherein, described application provider management platform and slave security domain of intelligent card set up secure communication channel, new slave security domain of intelligent card is sent to from security domain key by described secure communication channel by what generate, described slave security domain of intelligent card completes the renewal rewards theory from security domain initial key, specifically comprises:
Described application provider management platform sets up secure communication channel via described application provider service terminal and slave security domain of intelligent card; Described secure communication channel of setting up is specially: carry out between described application provider management platform and slave security domain of intelligent card recognizing each other card, after carrying out recognizing each other card, sets up the interim conversation key for communication encryption between the two;
Described application provider management platform generates new for security domain key;
Described application provider management platform utilizes PUTKEY order, sends new for security domain key by described secure communication channel to slave security domain of intelligent card;
Described slave security domain of intelligent card receives new after security domain key, completes the renewal rewards theory from security domain initial key;
Described slave security domain of intelligent card sends PUTKEY command response by described secure communication channel to application provider's management platform.
6. an electronic fare payment system, it is characterized in that, comprise the smart card, application provider's service terminal, application provider's management platform and the card distributor management platform that have and pay application function by mails, described smart card is directly connected with described application provider management platform by described application provider service terminal, described application provider management platform and described card distributor management platform by private line access, described application provider management platform management smart card from security domain; Wherein,
Described application provider management platform, application is downloaded in the application submitted to for receiving user, submits to from security domain request to create information to described card distributor management platform; Also for upgrading the initial key of slave security domain of intelligent card;
Described card distributor management platform, for sending from security domain initial key to the main security domain of smart card via application provider's management platform and application provider's service terminal; Also for the control from security domain is handed to described application provider management platform;
Described smart card, for receive described card distributor management platform send from security domain initial key, initialization is from security domain.
7. system as claimed in claim 6, is characterized in that:
Described card distributor management platform, for setting up secure communication channel with the main security domain of smart card via described application provider management platform and application provider's service terminal, sends INSTALL order by described secure communication channel to smart card; Also for generating from security domain initial key, utilizing PUTKEY order, sending to the main security domain of smart card described from security domain initial key by described secure communication channel;
Described smart card, for submitting INSTALL command response by described secure communication channel to card distributor management platform; Also for described in receiving from the initialization of security domain initial key from security domain; Also for sending PUTKEY command response by described secure communication channel to card distributor management platform.
8. system as claimed in claim 7, is characterized in that:
Described card distributor management platform, for sending SELECT command message via described application provider management platform and application provider's service terminal to smart card, selects main security domain; Also for setting up secure communication channel with the main security domain of smart card via described application provider management platform and application provider's service terminal; Described secure communication channel of setting up is specially: carry out recognizing each other card between described card distributor management platform and the main security domain of smart card, after carrying out recognizing each other card, sets up the interim conversation key for communication encryption between the two;
Described smart card, for submitting SELECT command response message via described application provider service terminal and application provider's management platform to card distributor management platform.
9. system as claimed in claim 6, is characterized in that:
Described card distributor management platform, for sending from security domain essential information with from security domain initial key to application provider's management platform;
Described application provider management platform, described from security domain relevant information for adding in a database; Also for sending SELECT command message via described application provider service terminal to smart card, select from security domain; Also for setting up secure communication channel with slave security domain of intelligent card, new send to slave security domain of intelligent card from security domain key by described secure communication channel by what generate;
Described smart card, for submitting SELECT command response via described application provider service terminal to application provider; Also for completing the renewal rewards theory to initial key of slave security domain of intelligent card.
10. system as claimed in claim 7, is characterized in that:
Described application provider management platform, for setting up secure communication channel via described application provider service terminal and slave security domain of intelligent card; Described secure communication channel of setting up is specially: carry out between described application provider management platform and slave security domain of intelligent card recognizing each other card, after carrying out recognizing each other card, sets up the interim conversation key for communication encryption between the two; Also new for security domain key for generating, utilize PUTKEY order, send to slave security domain of intelligent card new for security domain key by described secure communication channel;
Described smart card, new after security domain key for receiving, complete the renewal rewards theory from security domain initial key; Also for sending PUTKEY command response by described secure communication channel to application provider's management platform.
CN201510655668.4A 2008-11-10 2008-11-10 A kind of key of slave security domain of intelligent card update method and electronic fare payment system Expired - Fee Related CN105303377B (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
CN201510655668.4A CN105303377B (en) 2008-11-10 2008-11-10 A kind of key of slave security domain of intelligent card update method and electronic fare payment system

Applications Claiming Priority (2)

Application Number Priority Date Filing Date Title
CN200810177014A CN101742479A (en) 2008-11-10 2008-11-10 Method and system for updating and distributing smart card secondary security domain keys and mobile terminal
CN201510655668.4A CN105303377B (en) 2008-11-10 2008-11-10 A kind of key of slave security domain of intelligent card update method and electronic fare payment system

Related Parent Applications (1)

Application Number Title Priority Date Filing Date
CN200810177014A Division CN101742479A (en) 2008-11-10 2008-11-10 Method and system for updating and distributing smart card secondary security domain keys and mobile terminal

Publications (2)

Publication Number Publication Date
CN105303377A true CN105303377A (en) 2016-02-03
CN105303377B CN105303377B (en) 2019-10-29

Family

ID=42152479

Family Applications (2)

Application Number Title Priority Date Filing Date
CN201510655668.4A Expired - Fee Related CN105303377B (en) 2008-11-10 2008-11-10 A kind of key of slave security domain of intelligent card update method and electronic fare payment system
CN200810177014A Pending CN101742479A (en) 2008-11-10 2008-11-10 Method and system for updating and distributing smart card secondary security domain keys and mobile terminal

Family Applications After (1)

Application Number Title Priority Date Filing Date
CN200810177014A Pending CN101742479A (en) 2008-11-10 2008-11-10 Method and system for updating and distributing smart card secondary security domain keys and mobile terminal

Country Status (2)

Country Link
CN (2) CN105303377B (en)
WO (1) WO2010051716A1 (en)

Cited By (2)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
WO2017143885A1 (en) * 2016-02-25 2017-08-31 华为技术有限公司 Application processing method and apparatus for embedded universal integrated circuit card
CN113490210A (en) * 2021-06-17 2021-10-08 中国联合网络通信集团有限公司 Method and system for establishing auxiliary security domain

Families Citing this family (1)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN112491558A (en) * 2020-11-26 2021-03-12 湖南中育至诚数字科技有限公司 Data writing method, system and storage medium of multi-application chip card

Citations (4)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
WO2007052116A1 (en) * 2005-11-02 2007-05-10 Nokia Corporation Method and apparatus for initializing a secure element in a wireless terminal .
CN101083792A (en) * 2007-06-27 2007-12-05 浙江省电信有限公司 PHS non-contact card small amount payment system for public transport system
CN101164086A (en) * 2005-03-07 2008-04-16 诺基亚公司 Methods, system and mobile device capable of enabling credit card personalization using a wireless network
CN101295394A (en) * 2007-04-23 2008-10-29 美国通宝科技有限公司 Method and device for providing e-commerce and m-commerce

Family Cites Families (8)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US6481632B2 (en) * 1998-10-27 2002-11-19 Visa International Service Association Delegated management of smart card applications
US20040123152A1 (en) * 2002-12-18 2004-06-24 Eric Le Saint Uniform framework for security tokens
KR100437513B1 (en) * 2004-02-09 2004-07-03 주식회사 하이스마텍 Smart card for containing plural Issuer Security Domain and Method for installing plural Issuer Security Domain in a smart card
KR100562255B1 (en) * 2004-09-21 2006-03-22 에스케이 텔레콤주식회사 Method for initializing key of security domain
US20090235352A1 (en) * 2004-12-07 2009-09-17 Koninklijke Philips Electronics N.V. System and method for application management on multi-application smart cards
EP1999680A2 (en) * 2006-03-15 2008-12-10 ActivIdentity, Inc. Method and system for obtaining assurance that a content control key is securely stored in a remote security module for further secure communications between a content provider and said security module.
CN101370248B (en) * 2007-08-15 2011-12-07 中国移动通信集团公司 Cryptographic key updating method, third party server and system for activating third party application
CN101374153B (en) * 2007-08-23 2012-02-29 中国移动通信集团公司 Method for activating a third party application safely, a third party server, terminal and system

Patent Citations (4)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN101164086A (en) * 2005-03-07 2008-04-16 诺基亚公司 Methods, system and mobile device capable of enabling credit card personalization using a wireless network
WO2007052116A1 (en) * 2005-11-02 2007-05-10 Nokia Corporation Method and apparatus for initializing a secure element in a wireless terminal .
CN101295394A (en) * 2007-04-23 2008-10-29 美国通宝科技有限公司 Method and device for providing e-commerce and m-commerce
CN101083792A (en) * 2007-06-27 2007-12-05 浙江省电信有限公司 PHS non-contact card small amount payment system for public transport system

Cited By (3)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
WO2017143885A1 (en) * 2016-02-25 2017-08-31 华为技术有限公司 Application processing method and apparatus for embedded universal integrated circuit card
US10776683B2 (en) 2016-02-25 2020-09-15 Huawei Technologies Co., Ltd. Application processing method and apparatus for embedded universal integrated circuit card
CN113490210A (en) * 2021-06-17 2021-10-08 中国联合网络通信集团有限公司 Method and system for establishing auxiliary security domain

Also Published As

Publication number Publication date
CN101742479A (en) 2010-06-16
CN105303377B (en) 2019-10-29
WO2010051716A1 (en) 2010-05-14

Similar Documents

Publication Publication Date Title
CN101742480B (en) Method and system for distributing initial key of slave security domain of intelligent card and mobile terminal
CN101742478B (en) Method and system for updating and distributing key of slave security domain of intelligent card and mobile terminal
CN101729502B (en) Method and system for distributing key
CN103530775B (en) Method and system for providing a controllable trusted service management platform
CN101819696B (en) Application downloading system and method
US8538332B2 (en) Communications devices comprising NFC communicators
CN101729503B (en) Method and system for distributing key
CN101739756B (en) Method for generating secrete key of smart card
CN103117856B (en) Method and apparatus for provisioning applications in mobile devices
CN101742481B (en) Method and system for distributing secondary security domain initial keys of smart card and mobile terminal
CN103268249B (en) The method and apparatus simulating multiple cards in the mobile device
CN104574530A (en) Method and system for recharging OBU through mobile terminal as well as mobile terminal and OBU
CN105719391A (en) Mobile device supporting multiple payment cards and method
JP2015011498A (en) Sim card and access system of application program for portable terminal device
CN102630083A (en) System for using mobile terminal to carry out card operation and method thereof
CN108665269A (en) A kind of method and device being traded using mobile device
CN101729246B (en) Method and system for distributing key
CN105303377A (en) Smart card slave security domain key updating method and electronic payment system
TWI643148B (en) Mobile device, method, computer program product, and distribution system thereof for configuring ticket co-branded credit card based on coding technology
CN101729245B (en) Method and system for distributing key
CN101727706B (en) Electronic payment system and method for updating mobile user numbers corresponding to intelligent cards
CN106412881B (en) Terminal device and card management method
KR20130048909A (en) Method for providing collective application of module type
TWI498741B (en) A signal transmission method, a transaction message display method, and a mobile device
KR101145832B1 (en) Payment terminal and card payment method of a payment terminal via virtual merchant network

Legal Events

Date Code Title Description
C06 Publication
PB01 Publication
C10 Entry into substantive examination
SE01 Entry into force of request for substantive examination
GR01 Patent grant
GR01 Patent grant
CF01 Termination of patent right due to non-payment of annual fee

Granted publication date: 20191029

Termination date: 20201110

CF01 Termination of patent right due to non-payment of annual fee