CN105471580B - Signature rechecking method and device - Google Patents
Signature rechecking method and device Download PDFInfo
- Publication number
- CN105471580B CN105471580B CN201410458853.XA CN201410458853A CN105471580B CN 105471580 B CN105471580 B CN 105471580B CN 201410458853 A CN201410458853 A CN 201410458853A CN 105471580 B CN105471580 B CN 105471580B
- Authority
- CN
- China
- Prior art keywords
- user terminal
- transaction
- mac value
- information
- user
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Active
Links
Images
Classifications
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L9/00—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
- H04L9/32—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials
Abstract
The invention provides a signature rechecking method and a signature rechecking device, wherein the signature rechecking device is connected with a user terminal, receives password information sent by the user terminal and verifies the identity of the password information; receiving a transaction message generated by the user terminal, and analyzing the transaction message to obtain identifiable transaction information; interrupting the connection with the user terminal and displaying the transaction information to the user; receiving a transaction selection instruction input by a user, and generating transaction selection instruction information according to the transaction selection instruction; the method comprises the steps of connecting with a user terminal, receiving a first instruction message sent by the user terminal, and verifying the user terminal and a rechecking signature device according to the first instruction message; and processing the transaction according to the transaction selection instruction information after the verification is successful. And the safety of the transaction information is ensured by using multifunctional rechecking signature equipment and rechecking signature authentication.
Description
Technical Field
The present invention relates to the field of communications technologies, and in particular, to a signature rechecking method and device.
Background
Along with the development of the internet and the popularization of the internet bank, the online transaction of the user is greatly facilitated, such as: the online operations of shopping, money transfer and remittance bring the safety problem of online transaction.
At present, there are several methods for ensuring the security of online transactions: dynamic password, dynamic short message confirmation code, USBKEY or U shield. The dynamic password and the USBKEY are both based on independent hardware media, the USBKEY can be divided into a first generation USBKEY and a second generation USBKEY, the former is mainly different from the latter in that the first generation USBKEY does not have a human-computer interaction interface and cannot enable a user to confirm the correctness of the transaction in real time, and the second generation USBKEY has a human-computer interaction interface such as a keyboard and a display and has the function of enabling the user to check transaction information on the USBKEY, so that the correctness and the safety of the transaction are ensured.
However, the second generation USBKEY in the prior art belongs to a proprietary device, which is specially used for providing services for online transactions, and has a single function and poor portability.
Disclosure of Invention
The invention provides a rechecking signature method and equipment, which realize the multifunction of transaction equipment, the rechecking signature authentication of transaction information and the problem of convenient carrying of the transaction equipment.
In a first aspect, an embodiment of the present invention provides a signature rechecking method, where the method includes:
the rechecking signature equipment is connected with the user terminal, receives password information sent by the user terminal and verifies the identity of the password information;
receiving a transaction message generated by the user terminal, and analyzing the transaction message to obtain identifiable transaction information;
interrupting the connection with the user terminal and displaying the transaction information to the user;
receiving a transaction selection instruction input by a user, and generating transaction selection instruction information according to the transaction selection instruction;
the method comprises the steps of connecting with a user terminal, receiving a first instruction message sent by the user terminal, and verifying the user terminal and a rechecking signature device according to the first instruction message;
and processing the transaction according to the transaction selection instruction information after the verification is successful.
Preferably, before receiving the transaction message generated by the user terminal, the method further includes:
negotiating a first session key with the user terminal.
Preferably, the rechecking signature device includes a preset second session key, and the negotiating the first session key with the user terminal includes:
and receiving the user terminal random number sent by the user terminal, and dispersing the user terminal random number according to the second session key to generate the first session key.
Preferably, before the displaying the transaction information to the user, the method further comprises:
detecting the connection interruption with the user terminal, sending a starting instruction to start up, and automatically acquiring the transaction information after the rechecking signature device is started up; or
And the user starts the rechecking signature device, and the user acquires the transaction information after the rechecking signature device is started.
Preferably, after the interrupting the connection with the user terminal, the method further comprises:
timing the time of the transaction selection instruction input by the user, and if the timing exceeds a preset time threshold value, generating transaction overtime information.
Preferably, the verifying the user terminal and the rechecking signature device according to the first instruction packet includes:
receiving a first instruction message sent by a user terminal, and calculating a first MAC value by using the first session key according to the first instruction message;
the first instruction message comprises a second MAC value, and the first MAC value is matched with the second MAC value;
if the first MAC value matches the second MAC value, the verification is successful;
the authentication fails if the first MAC value does not match the second MAC value.
Preferably, the method further comprises:
receiving a second instruction message sent by the user terminal, and calculating a third MAC value by using the first session key according to the second instruction message;
the second instruction message comprises a fourth MAC value, and the third MAC value is matched with the fourth MAC value;
resetting the double-check signature device if the third MAC value matches the fourth MAC value.
In a second aspect, an embodiment of the present invention further provides a signature rechecking device, where the signature rechecking device includes: the system comprises a safety unit, a micro control unit, an input unit and a display unit;
after the re-checking signature device establishes a connection with the user terminal,
the security unit is used for receiving password information sent by a user terminal and carrying out identity authentication on the password information;
the safety unit is also used for receiving the transaction message generated by the user terminal and analyzing the transaction message to obtain identifiable transaction information;
after interrupting the connection between the reset signature device and the user terminal,
the safety unit sends the transaction information to the micro control unit, and the micro control unit controls the display unit to display the transaction information to a user;
the input unit is used for receiving a transaction selection instruction input by a user;
the micro control unit generates transaction selection instruction information according to the transaction selection instruction and sends the transaction selection instruction information to the safety unit;
after the re-checking signature device is connected with the user terminal,
the safety unit is also used for receiving a first instruction message sent by the user terminal and verifying the user terminal and the rechecking signature device according to the first instruction message;
the security unit is further configured to process the transaction according to the transaction selection instruction information.
Preferably, the security unit is specifically configured to:
and negotiating a first session key with the user terminal before receiving the transaction message generated by the user terminal.
Preferably, the double-check signature device includes a preset second session key, and the security unit is specifically configured to:
and receiving the user terminal random number sent by the user terminal, and dispersing the user terminal random number according to the second session key to generate the first session key.
Preferably, the micro control unit is specifically configured to:
and after the connection between the rechecking signature device and the user terminal is interrupted, timing the time of a transaction selection instruction to be input by a user, and if the timing exceeds a preset time threshold value, generating transaction overtime information.
Preferably, the micro control unit is specifically configured to:
before the transaction information is displayed to the user, detecting the connection interruption with the user terminal, sending a starting instruction to start up, and after the rechecking signature device is started up, sending a transaction information acquisition instruction to a security unit to acquire the transaction information; or
And controlling the input unit to start, controlling the operation of the user on the input unit after the rechecking signature device is started, and sending a transaction information acquisition instruction to the security unit to acquire the transaction information.
Preferably, the security unit is specifically configured to:
receiving a first instruction message sent by a user terminal, and calculating a first MAC value by using the first session key according to the first instruction message;
the first instruction message comprises a second MAC value, and the first MAC value is matched with the second MAC value;
if the first MAC value matches the second MAC value, the verification is successful;
the authentication fails if the first MAC value does not match the second MAC value.
Preferably, the apparatus further comprises: a reset unit for resetting the position of the optical pickup unit,
the security unit receives a second instruction message sent by the user terminal, and calculates a third MAC value by using a first session key according to the second instruction message;
the second instruction message comprises a fourth MAC value, and the safety unit matches the third MAC value with the fourth MAC value;
the reset unit is used for: resetting the double-check signature device if the third MAC value matches the fourth MAC value.
Therefore, the signature rechecking method provided by the invention realizes the transaction information rechecking, signing and authenticating through the multifunctionalization of the signature rechecking device, and ensures the security of the transaction information.
Drawings
Fig. 1 is a flowchart of a signature rechecking method according to an embodiment of the present invention;
fig. 2 is a schematic diagram of an interaction process of a double-check signature device according to a second embodiment of the present invention;
fig. 3 is a schematic structural diagram of a signature review device according to a third embodiment of the present invention.
Detailed Description
The technical solution of the present invention is further described in detail by the accompanying drawings and embodiments.
The signature rechecking method is realized by connecting, interrupting and reconnecting a signature rechecking device and a user terminal, wherein the signature rechecking device can be a visible IC card with a keyboard and a display screen, and the user terminal can be a computer, a mobile phone, a Point of sale (POS), an Automatic Teller Machine (ATM) and the like.
The present invention may use any security authentication method of digital signature or digital encryption, and is not limited to the security authentication method in the embodiment of the present invention. In the following embodiments, the signature review device is specifically a visual IC card, and a system function of the visual IC card adopts a Public Key Infrastructure (PKI) function.
Fig. 1 is a flowchart of a signature rechecking method according to an embodiment of the present invention.
The method for rechecking a signature is described in detail below with reference to fig. 1, and as shown in fig. 1, the method for rechecking a signature includes the following steps:
specifically, the visual IC card comprises at least one communication interface connected with a user terminal, and a user inserts the communication interface of the visual IC card into the communication interface of the user terminal to perform communication between the visual IC card and the user terminal.
102, the visible IC card receives password information sent by a user terminal and carries out identity authentication on the password information;
specifically, after the connection between the visible IC card and the user terminal is established, the user terminal prompts the user to input password information, where the password information may be a Personal Identification Number (PIN) code or any password authentication method; for example, a PIN code verification mode is adopted, after the PIN code input by the user is received by the user terminal, the PIN code is encrypted by using a proprietary algorithm, and the encrypted PIN code is sent to the visual IC card; the visual IC card receives a PIN code sent by a user terminal, the received PIN code is matched with the PIN code set by the user before the IC card is used by the user, and if the PIN code is matched with the PIN code set by the user, the identity authentication is successful.
103, dispersing the terminal random number by using a preset second session key by the visual IC card to generate a first session key;
specifically, the second session key is a code input by a programmer in writing operation on the visual IC card, and is used for protecting the security of transaction information in use of the visual IC card. After the visual IC card successfully verifies the PIN code, the user terminal generates a public and private key pair and a user terminal random number and sends the public key and the terminal random number to the visual IC card in a message form; and after receiving the terminal random number sent by the user terminal, the visual IC card uses a preset second session key to disperse the terminal random number, generates and stores the first session key. Then, the visual IC card encrypts the first session key by using the received public key and sends the encrypted first session key to the user terminal; and the user terminal decrypts the received first session key by using a private key and stores the decrypted first session key.
104, the visual IC card receives a transaction message generated by the user terminal and analyzes the transaction message to obtain identifiable transaction information;
specifically, after step 103 is executed, the user terminal prompts the user to input information related to the transaction, such as a bank account used for the transaction, a money transfer amount or a consumed amount; the user inputs information corresponding to the prompt of the user terminal, such as user account transfer, and inputs transaction information such as the name of a receiver, the bank account of the receiver, the amount of account transfer and the like according to the prompt on the user terminal; after receiving the information input by the user, the user terminal generates a transaction message according to the information and sends the transaction message to the visual IC card; the visible IC card calculates the abstract value of the transaction message by adopting a Hash algorithm according to the transaction message, analyzes the transaction message into transaction information which can be identified by the visible IC card and stores the transaction information; at this time, the user terminal prompts the user to confirm the transaction information on the visual IC card.
In this embodiment, the digest value of the transaction message may be calculated by using methods such as MD5, SHA-1, SHA-2, SM3, and the like.
105, the visual IC card interrupts the connection with the user terminal;
and the user pulls out or removes the visual IC card from the communication interface of the user terminal, and the communication between the visual IC card and the user terminal is interrupted.
106, the visual IC card displays the transaction information to a user;
specifically, after the connection between the visual IC card and the user terminal is interrupted, the visual IC card may be in any one of a power-on state and a power-off state;
in a specific example, if the visible IC card is in a power-off state when the connection between the visible IC card and the terminal is interrupted, the user powers on the visible IC card through a "power-on" key on the visible IC card, and after the visible IC card is powered on, the user obtains transaction information through a "obtain transaction information" key on the visible IC card; meanwhile, the visible IC card starts a timeout mechanism and displays the acquired transaction information on a Liquid Crystal Display (LCD);
in another specific example, if the visual IC card is in a power-on state when the connection with the terminal is interrupted, the visual IC card detects the interruption of the connection with the user terminal, sends a power-on instruction to the analog key, the analog key executes the power-on, and after the visual IC card is powered on, the visual IC card starts to acquire the transaction information, displays the acquired transaction information on the LCD, and starts a timeout mechanism.
In another specific example, if the visible IC card is in the power-on state after the visible IC card is disconnected from the user terminal, the visible IC card directly displays the transaction information on the LCD and starts a timeout mechanism.
Step 107, the visual IC card receives a transaction selection instruction input by a user and generates transaction selection instruction information according to the transaction selection instruction;
specifically, a user browses the transaction information by turning up or down the transaction information through an up-turning key and a down-turning key on the visual IC card according to the transaction information displayed on the LCD, and determines or cancels the transaction information through an 'confirm' key or a 'cancel' key on the visual IC card, or the time for the user to select the 'confirm' key or the 'cancel' key exceeds a preset time threshold, the visual IC card generates transaction selection instruction information according to a transaction operation result selected by the user, and the transaction selection instruction information comprises overtime information generated when the time for the visual IC card to wait for the user to input the 'confirm' key or the 'cancel' key exceeds the preset time threshold; and simultaneously, the visual IC card records the transaction selection instruction information. In the process, the visual IC card is not connected with the user terminal, any operation of the user on the visual IC card for transaction information is interrupted with the outside, and the user terminal cannot obtain any information related to the transaction information from the visual IC card, so that the safety of the transaction information is ensured.
Step 108, connecting the visual IC card with a user terminal;
the connection process may be as described above in step 101, and is not described here.
specifically, the first instruction packet may be any security verification information, in this embodiment, a Message Authentication Code (MAC) value is used for performing identity verification, the first instruction packet includes a preset transaction result command packet and a second MAC value, the transaction result command packet is encoding information input by a programmer during writing operation on the visual IC card, and the second MAC is calculated by the user terminal according to the transaction result command packet by using the first session key. After the visual IC card is connected with the user terminal again, the visual IC card receives a first instruction message sent by the user terminal, calculates a first MAC value by using the first session key according to the first instruction message, and matches the first MAC value with the second MAC value to determine whether the user terminal and the visual IC card are replaced, if the first MAC value is matched with the second MAC value, the verification is successful, and the user terminal and the visual IC card are not replaced; if the first MAC value does not match the second MAC value, the authentication fails, one of the user terminal and the visual IC card is replaced, or both are replaced.
And step 110, after the verification is successful, the visible IC card processes the transaction according to the transaction selection instruction information.
Specifically, after the verification in step 109 is successful, the visible IC card signs the digest value calculated in step 104 using a preset private key, and sends the signed digest value and the transaction selection instruction information to the user terminal; and after receiving the encrypted digest value and the transaction selection instruction information sent by the visual IC card, the user terminal performs corresponding transaction confirmation, cancellation or overtime operation according to the transaction information and the transaction selection instruction information and prompts the user to complete the transaction.
The signature rechecking method in this embodiment further includes the step that the user terminal calculates a fourth MAC value by using the first session key according to a preset notification command packet, and sends a second command packet carrying the fourth MAC value to the visual IC card.
Specifically, the second instruction packet includes the notification command packet and a fourth MAC value, where the notification command packet is encoded information input by a programmer during writing operation on the visual IC card, and the fourth MAC value is calculated by the visual IC card according to a preset notification command packet by using the first session key. When the user terminal prompts the user to finish the transaction, the user terminal sends the second instruction message to the visual IC card; and the visual IC card calculates a third MAC value by using the first session key according to the second instruction message, matches the third MAC value with the fourth MAC value, resets the rechecking signature device if the third MAC value is matched with the fourth MAC value, namely clears the transaction information, the transaction selection instruction information and the first session key of the current transaction in the visual IC card, and resets the visual IC card to a state before the transaction is not started so as to prepare for starting the next transaction.
In this embodiment, the resetting of the visual IC card may be performed before the user terminal prompts the user of completion of the transaction, or may be performed simultaneously with the user terminal prompting completion of the transaction, or the resetting of the visual IC card may be performed after the user terminal prompts the user of completion of the transaction, when the user moves the visual IC card away from the user terminal, the visual IC card is automatically reset, and in this embodiment, the timing sequence of the resetting of the visual IC card and the completion of the transaction information prompted by the user terminal is not limited.
The method for rechecking the signature provided by the embodiment of the invention realizes the rechecking of the signature authentication transaction information and ensures the security of the transaction information through the multifunctionalization of the rechecking signature device.
The second embodiment of the present invention provides a schematic diagram of a signature re-checking interaction process, which describes a signature re-checking method provided in the first embodiment of the present invention in more detail.
Fig. 2 is a schematic diagram of a double-check signature interaction process according to a second embodiment of the present invention. As shown in fig. 2, the signature review interaction process includes the following steps:
step 201, connecting a visible IC card with a user terminal;
specifically, the visual IC card includes at least one communication interface connected with a user terminal. And the user inserts the communication interface of the visual IC card into the communication interface of the user terminal to carry out communication between the visual IC card and the user terminal.
Step 202, the user terminal receives a PIN code input by a user;
specifically, after the visual IC card is connected to the user terminal, the user terminal prompts the user to input a password, where the password may be a PIN code or any password verification method, and in this embodiment, the password is a PIN code, and the user inputs the PIN code according to the prompt of the user terminal and sends the input PIN code to the user terminal.
Step 203, the visual IC card receives the encrypted PIN code sent by the user terminal;
specifically, after receiving a PIN code input by a user, the user terminal encrypts the PIN code by using a special algorithm and sends the encrypted PIN code to the visual IC card.
Step 204, the visual IC card carries out identity verification according to the PIN code;
specifically, the visual IC card receives a PIN code sent by a user terminal, matches the received PIN code with a PIN code set by a user before the user uses the visual IC card, and if the PIN code is matched with the PIN code set by the user, the authentication is successful.
Step 205, sending the result of the authentication in step 204 to the user terminal.
Step 206, the visual IC card receives the public key and the user terminal random number sent by the user terminal;
specifically, after the user terminal receives a successful verification result sent by the visual IC card, the user terminal generates a public and private key pair and a user terminal random number, and the user terminal sends the generated public key and the user terminal random number to the visual IC card in a form of a message.
Step 207, dispersing the user terminal random number by the visual IC card, generating a first session key, and encrypting the first session key;
specifically, the second session key is a code input by a programmer in writing operation on the visual IC card, and is used for protecting the security of transaction information in use of the visual IC card. And the visual IC card disperses the random number of the user terminal by using a preset second session key to generate and store a first session key, and then encrypts the first session key by using a public key of a receiving user terminal.
Step 208, the visual IC card sends the encrypted first session key to the user terminal;
specifically, after receiving the encrypted first session key sent by the visual IC card, the user terminal decrypts the received public key by using the private key to encrypt the first session, and stores the decrypted first session key.
Step 209, the user terminal prompts the user to input the relevant transaction information;
specifically, the related transaction information may be information such as a bank account number used for the transaction, an amount of the transaction, a name and an account of a payee at the time of transfer, and the like.
Step 210, the user sends the input related transaction information;
specifically, the user inputs related transaction information such as transfer of the user to a certain person according to prompt information of the user terminal, inputs related transaction information such as name of a receiver, bank account number of the receiver, transfer amount and the like at the user terminal, and sends the input information to the user terminal.
Step 211, the user terminal sends a transaction message to the visible IC card;
specifically, after the user terminal receives the information input by the user, the information is generated into a transaction message, and the transaction message is sent to the visual IC card.
Step 212, the visible IC card analyzes the transaction message into identifiable transaction information;
after the visible IC card receives the transaction message, calculating the abstract value of the transaction message by adopting a Hash algorithm, analyzing the transaction message into transaction information which can be identified by the visible IC card, and storing the transaction information; at this time, the user terminal prompts the user to confirm the transaction information on the visual IC card.
Step 213, interrupting the connection between the visual IC card and the user terminal;
specifically, the user pulls out the visual IC card from the communication interface of the user terminal, and interrupts communication between the visual IC card and the user terminal.
Step 214, the visual IC card displays transaction information to a user;
specifically, after the connection between the visual IC card and the user terminal is interrupted, the visual IC card may be in any one of a power-on state and a power-off state;
in a specific example, if the IC card is in a power-off state when the connection between the IC card and the terminal is interrupted, the user powers on the visual IC card through a "power-on" key on the visual IC card, and selects a public key infrastructure PKI function; the user acquires the transaction information through the 'acquire transaction information' key on the visual IC card; and simultaneously, the visible IC card starts a time-out mechanism and displays the acquired transaction information on an LCD, wherein the time-out mechanism is used for timing the time for confirming or cancelling the transaction by the user.
In another specific example, if the IC card is in a power-on state when the connection between the IC card and the terminal is interrupted, the visible IC card directly displays the acquired transaction information on the LCD, and simultaneously starts a timeout mechanism.
Step 215, the user inputs a transaction selection instruction;
specifically, the transaction selection instruction is confirmation, cancellation or timeout operation of the transaction information by the user. The user browses the transaction information by turning up or down the transaction information through the up-turning and down-turning keys on the visual IC card according to the transaction information displayed on the LCD, and determines or cancels the transaction information through the confirmation or cancel keys on the visual IC card; when the time of the transaction selection instruction input by the peer-to-peer user by the visual IC card exceeds a preset time threshold value, the transaction is overtime.
Step 216, the visible IC card generates transaction selection instruction information according to the transaction selection instruction;
specifically, the visual IC card receives a transaction selection instruction sent by a user, generates transaction selection instruction information according to the transaction selection instruction, and if the time for the user to confirm or cancel the selection exceeds the preset time, the visual IC card generates transaction timeout information, and meanwhile, the visual IC card records the transaction selection instruction information or the timeout information, and after the user operates the transaction information on the selection instruction, the user can reconnect the visual IC card with the user terminal.
In the execution process of steps 213 to 216, any transaction information operation performed by the user on the visible IC card is interrupted from the outside, and in the process, the user terminal cannot obtain any information related to the transaction information from the visible IC card, so that the security of the transaction information is ensured.
Step 217, connecting the visible IC card with the user terminal;
the connection process may be as described in step 201 above, and is not described here again.
Step 218, performing identity verification on the user terminal and the visual IC card;
specifically, after the visible IC card is reconnected to the user terminal, the user terminal calculates a second MAC value using the first session key according to a preset transaction result command message, and sends the transaction result command message carrying the second MAC value to the visible IC; the transaction result command message is a kind of encoded information input by a programmer when writing the visible IC card. In this embodiment, a transaction result message carrying a second MAC value is referred to as a first instruction message, when the visual IC card receives a first instruction message sent by a user terminal, a first MAC value is calculated by using the first session key according to the first instruction message, and the first MAC value is matched with the second MAC value to determine whether the user terminal and the visual IC card are replaced, and if the first MAC value is matched with the second MAC value, the verification is successful and neither the user terminal nor the visual IC card is replaced; if the first MAC value does not match the second MAC value, the authentication fails, one of the user terminal and the visual IC card is replaced, or both are replaced.
Step 219, the user terminal receives the transaction selection instruction information sent by the visual IC card;
specifically, after the verification in step 218 is successful, the visible IC card encrypts the digest value calculated in step 212 according to the transaction message using a preset private key to ensure the security of the transaction information, and then sends the transaction information and the transaction selection instruction information to the user terminal.
Step 220, the user terminal performs corresponding transaction operation according to the transaction selection instruction information and prompts the user to complete the transaction;
specifically, after receiving the transaction selection instruction information and the transaction information sent by the visual IC card, the user terminal performs corresponding transaction determination, cancellation, or timeout operation according to the corresponding transaction selection information, notifies the visual IC card that the transaction information is successfully obtained, and then prompts the user on a user terminal display that the transaction is completed, at this time, the user terminal may interrupt the visual IC card from the user terminal.
In addition, after the user terminal prompts the user that the transaction is completed, the method may further include:
and the visual IC card receives a second instruction message sent by a user terminal, calculates a third MAC value by using the first session key according to the second instruction message, matches the third MAC value with the fourth MAC value, and resets the rechecking signature device if the third MAC value is matched with the fourth MAC value.
Specifically, after the user terminal prompts the user that the transaction is completed, the user terminal calculates a fourth MAC value by using the first session key according to a preset notification command message, and sends the notification command message carrying the fourth MAC value to the visual IC card, where in this embodiment, the notification command message carrying the fourth MAC value is collectively referred to as a second command message; the visual IC card receives a second instruction message sent by a user terminal, calculates a third MAC value by using the first session key according to the second instruction message, matches the third MAC value with the fourth MAC value, resets the rechecking signature device if the third MAC value is matched with the fourth MAC value, namely resets the visual IC card, clears the transaction information, the transaction selection instruction information and the first session key of the transaction, and resets the visual IC card to a state before the transaction is not started so as to prepare for starting the next transaction.
The reset of the visual IC card can be performed before the user terminal prompts the user to complete the transaction, or can be performed while the user terminal prompts the user to complete the transaction, or after the user terminal prompts the user to complete the transaction, the user automatically resets the visual IC card when the visual IC card is disconnected from the user terminal, and the reset of the visual IC card and the timing sequence of the user terminal prompting the user to complete the transaction information are not limited in this embodiment.
The method for rechecking the signature provided by the embodiment of the invention realizes the rechecking of the signature authentication transaction information and ensures the security of the transaction information through the multifunctionalization of the rechecking signature device.
Correspondingly, the third embodiment of the invention also provides a signature rechecking device, which is used for realizing the signature rechecking method provided by the first embodiment of the invention. Fig. 3 is a schematic diagram of a signature review device according to a third embodiment of the present invention.
As shown in fig. 3, the double-check signature apparatus includes: a security unit 301, a micro control unit 302, an input unit 303, and a display unit 304;
the rechecking signature device can be embodied as a visible IC card, and the visible IC card can have functions of a financial IC card, a dynamic password card, a U shield and the like.
The security Unit 301 may be implemented by an intelligent chip, and is used for processing security information in a signature rechecking process, communicating with a user terminal, such as a computer or a mobile phone, and communicating with a Micro Control Unit (MCU).
A micro control unit 302 for initiating communication with the security unit 301.
The input unit 303 may be a key, a microphone, or a touch screen integrated on the visual IC card, where the key includes a key for starting up, turning down, confirming, canceling, and acquiring transaction information; the Display unit 304 may be a Liquid Crystal Display (LCD).
The visual IC card further includes a power supply (not shown in the figure) for supplying power to the security unit 301, the micro control unit 302, the input unit 303, and the display unit 304.
The security unit 301 comprises at least one interface for communicating with a user terminal. The security unit 301 is implemented by adopting two communication modes, namely a contact interface and a non-contact interface, wherein the contact interface adopts an ISO7816 communication protocol, and the non-contact interface adopts an ISO1443 communication protocol; in the embodiment, a contact interface ISO7816 communication protocol is used as an example for description, and transfer or consumption is performed through a user terminal, such as a computer, a Point of sale (POS), an Automatic Teller Machine (ATM), a mobile phone, and the like.
Specifically, after the signature device is checked to establish connection with the user terminal,
the security unit 301 is configured to receive password information sent by a user terminal, and perform identity authentication on the password information;
the security unit 301 is further configured to receive a transaction message generated by the user terminal, and analyze the transaction message to obtain identifiable transaction information;
after interrupting the connection between the reset signature device and the user terminal,
the security unit 301 sends the transaction information to the micro control unit 302, so that the micro control unit 302 controls the display unit 304 to display the transaction information to the user;
an input unit 303, configured to receive a transaction selection instruction input by a user;
the micro-control unit 302 generates transaction selection instruction information according to the transaction selection instruction and sends the transaction selection instruction information to the safety unit 301;
after the re-checking of the signature device in connection with the user terminal,
the security unit 301 is further configured to receive a first instruction packet sent by the user terminal, and verify the user terminal and the double-check signature device according to the first instruction packet;
the security unit 301 is further configured to process the transaction according to the transaction selection instruction information.
Preferably, the security unit 301 is specifically configured to:
and negotiating a first session key with the user terminal before receiving the transaction message generated by the user terminal.
Optionally, the double-check signature device includes a preset second session key, and the security unit is specifically configured to:
and receiving the user terminal random number sent by the user terminal, and dispersing the user terminal random number according to the second session key to generate a first session key.
Optionally, the security unit 301 is specifically configured to:
and calculating the abstract value of the transaction message by adopting a Hash algorithm according to the transaction message, and analyzing the transaction message into identifiable transaction information.
Optionally, the micro control unit 302 is specifically configured to:
and after the connection between the rechecking signature device and the user terminal is interrupted, timing the time of the transaction selection instruction input by the user, and if the timing exceeds a preset time threshold value, generating transaction overtime information.
Preferably, the micro control unit 302 is specifically configured to:
before the transaction information is displayed to the user, detecting the connection interruption with the user terminal, sending a starting instruction to start up, and after the signature equipment is checked again and started up, sending a transaction information acquisition instruction to the security unit 301 to acquire the transaction information; or
And controlling the input unit 303 to start, after the signature device is checked again, controlling the operation of the user on the input unit 303, and sending a transaction information acquisition instruction to the security unit 301 to acquire the transaction information.
Optionally, the security unit 301 is specifically configured to:
receiving a first instruction message sent by a user terminal, and calculating a first MAC value by using a first session key according to the first instruction message;
the first instruction message comprises a second MAC value, and the first MAC value is matched with the second MAC value;
if the first MAC value matches the second MAC value, the verification is successful;
the authentication fails if the first MAC value does not match the second MAC value.
Optionally, the apparatus further comprises: a reset unit (not shown in the figure),
the security unit 301 receives a second instruction packet sent by the user terminal, and calculates a third MAC value using the first session key according to the second instruction packet;
the second instruction packet includes a fourth MAC value, and the security unit 301 matches the third MAC value with the fourth MAC value;
the reset unit is used for: resetting the double-check signature device if the third MAC value matches the fourth MAC value.
The embodiment of the invention provides a rechecking signature device and a user terminal connected with the same, wherein the specific working process of the rechecking signature device comprises the following steps: the signature rechecking device is specifically a visible IC card.
First, a user connects the IC card with a user terminal, and the specific connection method is described in the first embodiment and the second embodiment, which is not described in detail in this embodiment. After the user terminal detects the visual IC card and establishes connection with the security unit 301 of the visual IC card, the user terminal prompts the user to input a PIN code, the user prompts the user to input the PIN code according to the user terminal, and after receiving the PIN code input by the user, the user terminal encrypts the PIN code by using a proprietary algorithm and sends the encrypted PIN code to the security unit 301; the security unit 301 matches the PIN code set by the user before using the IC card according to the PIN code sent by the user terminal, and if the PIN code matches the PIN code set by the user, the authentication is successful.
After the security unit 301 successfully verifies the PIN code, the user terminal generates a public and private key pair and a user terminal random number, and sends the public key and the terminal random number to the security unit 301 in a message form; after receiving the terminal random number sent by the user terminal, the security unit 301 uses a preset second session key to disperse the terminal random number, generate the first session key, and store the first session key. Then, the security unit 301 encrypts the first session key using the received public key and transmits the encrypted first session key to the user terminal; and the user terminal decrypts the received first session key by using a private key and stores the decrypted first session key.
After the user terminal stores the first session key, the user is prompted to input relevant transaction information such as an account, a transaction amount and the like; the user inputs related account or related transaction information such as transaction amount according to the prompt of the user terminal, and sends the related transaction information to the user terminal, and the user terminal generates a transaction message according to the related transaction information and sends the transaction message to the safety unit 301; the security unit 301 calculates the digest value of the transaction message by using a hash algorithm according to the transaction message, analyzes the transaction message into transaction information which can be identified by the micro control unit 302, and stores the transaction information; at this time, the user terminal prompts the user to confirm the transaction information on the visual IC card.
Secondly, the user interrupts the connection between the visual IC card and the user terminal, and when the user terminal is disconnected from the visual IC card, in a specific example, the security unit 301 detects the disconnection with the user terminal, and after the security unit 301 detects the disconnection with the user terminal, the security unit 301 sends a connection interruption instruction to the micro control unit 302; after receiving the interrupt instruction sent by the security unit 301, the micro control unit 302 sends an instruction for acquiring transaction information to the security unit 301, the security unit 301 sends the transaction information to the micro control unit 302, the micro control unit 302 displays the acquired transaction information on the display unit 304, and the micro control unit 302 starts a timeout mechanism; or, when the user terminal is disconnected from the visual IC card, the visual IC card is in a power-on state, then the micro control unit 302 of the visual IC card directly sends a transaction information acquisition instruction to the security unit 301, after the security unit 301 receives the transaction information acquisition instruction, the transaction information is sent to the micro control unit 302, the micro control unit 302 displays the acquired transaction information on the display unit 304, and the micro control unit 302 starts a timeout mechanism; in another specific example, after the user powers on the visual IC card through the input unit 303, the micro control unit 302 waits for the user to obtain the transaction information, the user obtains the transaction information through the input unit 303, the micro control unit 302 drives the input unit 303 and sends a transaction information obtaining instruction to the security unit 301, meanwhile, the micro control unit 302 starts a timeout mechanism, after the security unit 301 receives the transaction information obtaining instruction, the transaction information is sent to the micro control unit 302, and the micro control unit 302 displays the obtained transaction information on the display unit 304.
The user browses the transaction information through the up-turning and down-turning keys in the input unit 303 on the visual IC card according to the transaction information displayed on the display unit 304, and determines or cancels the transaction information through the confirm key or the cancel key in the input unit 303 on the visual IC card, or the time for the user to select the confirm key or the cancel key exceeds a preset threshold, the micro control unit 302 generates transaction selection instruction information according to the result selected by the user, and the transaction selection instruction information includes timeout information generated when the time for the user to operate the selection instruction exceeds the preset time threshold. Meanwhile, the micro control unit 302 sends the transaction selection instruction information to the security unit 301, and the security unit 301 receives the transaction selection instruction information and records the transaction selection instruction information. When the security unit 301 communicates with the micro control unit 302, the visible IC card is not connected to the user terminal, and the user terminal cannot acquire the transaction information through the contact interface of the security unit 301, thereby ensuring the security of the transaction information.
Thirdly, the user connects the visible IC card with the user terminal again, after the user terminal detects the visible IC card and establishes connection with the visible IC card, the user terminal calculates a second MAC value according to a preset transaction result command message, in this embodiment, preferably, the first session key is used to calculate the second MAC value, and the transaction result command message carrying the second MAC value is sent to the security unit 301; the security unit 301 receives a transaction result message sent by the user terminal, calculates a first MAC value by using a first session key according to the transaction result message, matches the first MAC value with the second MAC value, and if the first MAC value is matched with the second MAC value, the authentication is successful; if the first MAC value does not match the second MAC value, the authentication fails.
After the verification is successful, the user terminal obtains the transaction selection instruction information from the security unit 301, performs corresponding confirmation, cancellation or timeout operation according to the transaction selection instruction information, notifies the security unit 301 that the transaction selection instruction information is successfully obtained, and meanwhile, prompts the user terminal to complete the transaction.
In this embodiment, before the user terminal prompts that the transaction is completed, the security unit 301 further includes a reset for the visual IC card, and when the user terminal notifies the security unit 301 that the instruction for obtaining the transaction selection information is successful, the user terminal calculates a fourth MAC value by using the first session key according to a preset notification command message, and sends the transaction notification command message carrying the fourth MAC value to the security unit 301; the security unit 301 receives a notification command message sent by the user terminal, calculates a third MAC value using the first session key according to the notification command message, matches the third MAC value with the fourth MAC value, and resets the visible IC card if the third MAC value matches the fourth MAC value;
the reset of the visual IC card can be performed simultaneously with the prompt of the user terminal to complete the transaction, or the visual IC card can be automatically reset after the user terminal prompts the completion of the transaction, or when the user disconnects the visual IC card from the user terminal.
The rechecking signature equipment provided by the application realizes the multifunction of transaction equipment, the rechecking signature authentication of transaction information and the problem that the transaction equipment is convenient to carry, realizes the rechecking signature authentication of the transaction information, and ensures the security of the transaction information.
Those of skill would further appreciate that the various illustrative components and algorithm steps described in connection with the embodiments disclosed herein may be implemented as electronic hardware, computer software, or combinations of both, and that the various illustrative components and steps have been described above generally in terms of their functionality in order to clearly illustrate this interchangeability of hardware and software. Whether such functionality is implemented as hardware or software depends upon the particular application and design constraints imposed on the implementation. Skilled artisans may implement the described functionality in varying ways for each particular application, but such implementation decisions should not be interpreted as causing a departure from the scope of the present invention.
The steps of a method or algorithm described in connection with the embodiments disclosed herein may be embodied in hardware, a software module executed by a processor, or a combination of the two. A software module may reside in Random Access Memory (RAM), memory, Read Only Memory (ROM), electrically programmable ROM, electrically erasable programmable ROM, registers, hard disk, a removable disk, a CD-ROM, or any other form of storage medium known in the art.
The above-mentioned embodiments are intended to illustrate the objects, technical solutions and advantages of the present invention in further detail, and it should be understood that the above-mentioned embodiments are merely exemplary embodiments of the present invention, and are not intended to limit the scope of the present invention, and any modifications, equivalent substitutions, improvements and the like made within the spirit and principle of the present invention should be included in the scope of the present invention.
Claims (11)
1. A method of reviewing a signature, the method comprising:
the rechecking signature equipment is connected with the user terminal, receives password information sent by the user terminal and verifies the identity of the password information;
negotiating a first session key with the user terminal;
receiving a transaction message generated by the user terminal, and analyzing the transaction message to obtain identifiable transaction information;
interrupting the connection with the user terminal and displaying the transaction information to the user;
receiving a transaction selection instruction input by a user, and generating transaction selection instruction information according to the transaction selection instruction;
the method comprises the steps of connecting with a user terminal, receiving a first instruction message sent by the user terminal, and verifying the user terminal and a rechecking signature device according to the first instruction message; wherein, the verifying the user terminal and the rechecking signature device according to the first instruction packet comprises: receiving a first instruction message sent by a user terminal, and calculating a first MAC value by using a first session key according to the first instruction message; the first instruction message comprises a second MAC value, and the first MAC value is matched with the second MAC value; if the first MAC value matches the second MAC value, the verification is successful; if the first MAC value does not match the second MAC value, the authentication fails;
and processing the transaction according to the transaction selection instruction information after the verification is successful.
2. The method of claim 1, wherein the rechecking signature device comprises a preset second session key, and wherein negotiating the first session key with the user terminal comprises:
and receiving the user terminal random number sent by the user terminal, and dispersing the user terminal random number according to the second session key to generate the first session key.
3. The method of claim 1, further comprising, after the interrupting the connection with the user terminal:
timing the time of the transaction selection instruction input by the user, and if the timing exceeds a preset time threshold, generating transaction overtime information.
4. The method of claim 1, further comprising, prior to said displaying said transaction information to a user:
detecting the connection interruption with the user terminal, sending a starting instruction to start up, and automatically acquiring the transaction information after the rechecking signature device is started up; or
And the user starts the rechecking signature device, and the user acquires the transaction information after the rechecking signature device is started.
5. The method of claim 1, further comprising:
receiving a second instruction message sent by the user terminal, and calculating a third MAC value by using the first session key according to the second instruction message;
the second instruction message comprises a fourth MAC value, and the third MAC value is matched with the fourth MAC value;
resetting the double-check signature device if the third MAC value matches the fourth MAC value.
6. A rechecking signature apparatus, characterized in that the rechecking signature apparatus comprises: the system comprises a safety unit, a micro control unit, an input unit and a display unit;
after the re-checking signature device establishes a connection with the user terminal,
the security unit is used for receiving password information sent by a user terminal and carrying out identity authentication on the password information;
the safety unit is also used for receiving the transaction message generated by the user terminal and analyzing the transaction message to obtain identifiable transaction information;
after interrupting the connection between the reset signature device and said user terminal,
the safety unit sends the transaction information to the micro control unit, and the micro control unit controls the display unit to display the transaction information to a user;
the input unit is used for receiving a transaction selection instruction input by a user;
the micro control unit generates transaction selection instruction information according to the transaction selection instruction and sends the transaction selection instruction information to the safety unit;
after the re-checking signature device is connected with the user terminal,
the safety unit is also used for receiving a first instruction message sent by the user terminal and verifying the user terminal and the rechecking signature device according to the first instruction message; wherein the security unit is specifically configured to: receiving a first instruction message sent by a user terminal, and calculating a first MAC value by using a first session key according to the first instruction message; the first instruction message comprises a second MAC value, and the first MAC value is matched with the second MAC value; if the first MAC value matches the second MAC value, the verification is successful; if the first MAC value does not match the second MAC value, the authentication fails;
the security unit is further configured to process the transaction according to the transaction selection instruction information.
7. The device for double-check signature as claimed in claim 6, wherein the security unit is specifically configured to:
and negotiating a first session key with the user terminal before receiving the transaction message generated by the user terminal.
8. The device according to claim 7, wherein the re-checking signature device comprises a preset second session key, and the security unit is specifically configured to:
and receiving the user terminal random number sent by the user terminal, and dispersing the user terminal random number according to the second session key to generate the first session key.
9. The device according to claim 6, characterized in that said micro control unit is specifically configured to:
and after the connection between the rechecking signature device and the user terminal is interrupted, timing the time of a transaction selection instruction to be input by a user, and if the timing exceeds a preset time threshold, generating transaction overtime information.
10. The device according to claim 6, characterized in that said micro control unit is specifically configured to:
before the transaction information is displayed to the user, detecting the connection interruption with the user terminal, sending a starting instruction to start up, and after the rechecking signature device is started up, sending a transaction information acquisition instruction to a security unit to acquire the transaction information; or
And controlling the input unit to start, controlling the operation of the user on the input unit after the rechecking signature device is started, and sending a transaction information acquisition instruction to the security unit to acquire the transaction information.
11. The apparatus of claim 6, further comprising: a reset unit for resetting the position of the optical pickup unit,
the security unit receives a second instruction message sent by the user terminal, and calculates a third MAC value by using a first session key according to the second instruction message;
the second instruction message comprises a fourth MAC value, and the safety unit matches the third MAC value with the fourth MAC value;
the reset unit is used for: resetting the double-check signature device if the third MAC value matches the fourth MAC value.
Priority Applications (2)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN201410458853.XA CN105471580B (en) | 2014-09-11 | 2014-09-11 | Signature rechecking method and device |
| PCT/CN2015/088847 WO2016037541A1 (en) | 2014-09-11 | 2015-09-02 | Checking and signing method and device |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN201410458853.XA CN105471580B (en) | 2014-09-11 | 2014-09-11 | Signature rechecking method and device |
Publications (2)
| Publication Number | Publication Date |
|---|---|
| CN105471580A CN105471580A (en) | 2016-04-06 |
| CN105471580B true CN105471580B (en) | 2021-12-24 |
Family
ID=55458342
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN201410458853.XA Active CN105471580B (en) | 2014-09-11 | 2014-09-11 | Signature rechecking method and device |
Country Status (2)
| Country | Link |
|---|---|
| CN (1) | CN105471580B (en) |
| WO (1) | WO2016037541A1 (en) |
Families Citing this family (3)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN106161211B (en) * | 2016-07-27 | 2019-02-26 | 上海瀚之友信息技术服务有限公司 | A kind of activity management method and system based on instant message applications |
| CN110351091B (en) * | 2019-05-30 | 2023-04-07 | 平安科技(深圳)有限公司 | Resource replacement method and device based on double signatures and computer equipment |
| CN115107701B (en) * | 2022-07-26 | 2024-02-23 | 合众新能源汽车股份有限公司 | Automobile anti-theft authentication method and system |
Citations (5)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN101588364A (en) * | 2009-03-31 | 2009-11-25 | 北京飞天诚信科技有限公司 | Signature method, device and system thereof |
| US20100250952A1 (en) * | 2007-11-08 | 2010-09-30 | China Iwncomm Co.., Ltd. | two-way access authentication method |
| CN102868531A (en) * | 2012-09-10 | 2013-01-09 | 武汉信安珞珈科技有限公司 | Networked transaction certification system and method |
| CN103136664A (en) * | 2013-03-06 | 2013-06-05 | 天地融科技股份有限公司 | Trading system and trading method of smart card with electronic signature function |
| CN103701598A (en) * | 2013-12-05 | 2014-04-02 | 武汉信安珞珈科技有限公司 | SM2 signature algorithm-based double-check signature method and digital signature equipment |
Family Cites Families (6)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN101540677B (en) * | 2009-04-30 | 2011-07-20 | 北京飞天诚信科技有限公司 | Method, apparatus and system for signiture |
| US8544089B2 (en) * | 2009-08-17 | 2013-09-24 | Fatskunk, Inc. | Auditing a device |
| CN201886553U (en) * | 2010-08-11 | 2011-06-29 | 谭丽芬 | Online banking secure payment terminal |
| CN102609740A (en) * | 2012-01-31 | 2012-07-25 | 潘铁军 | Mobile smart card system with identity authentication function and security method of mobile smart card system |
| CN103198401B (en) * | 2013-03-06 | 2016-09-14 | 天地融科技股份有限公司 | There is smart card method of commerce and the system of electronic signature functionality |
| CN103839160B (en) * | 2014-03-20 | 2015-09-02 | 武汉信安珞珈科技有限公司 | A kind of network trading digital signature method and device |
-
2014
- 2014-09-11 CN CN201410458853.XA patent/CN105471580B/en active Active
-
2015
- 2015-09-02 WO PCT/CN2015/088847 patent/WO2016037541A1/en active Application Filing
Patent Citations (5)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| US20100250952A1 (en) * | 2007-11-08 | 2010-09-30 | China Iwncomm Co.., Ltd. | two-way access authentication method |
| CN101588364A (en) * | 2009-03-31 | 2009-11-25 | 北京飞天诚信科技有限公司 | Signature method, device and system thereof |
| CN102868531A (en) * | 2012-09-10 | 2013-01-09 | 武汉信安珞珈科技有限公司 | Networked transaction certification system and method |
| CN103136664A (en) * | 2013-03-06 | 2013-06-05 | 天地融科技股份有限公司 | Trading system and trading method of smart card with electronic signature function |
| CN103701598A (en) * | 2013-12-05 | 2014-04-02 | 武汉信安珞珈科技有限公司 | SM2 signature algorithm-based double-check signature method and digital signature equipment |
Non-Patent Citations (1)
| Title |
|---|
| 《复核型USB Key与普通USB Key的混合应用探讨》;飞天诚信科技有限公司;《保密科学技术》;20110331;全文 * |
Also Published As
| Publication number | Publication date |
|---|---|
| WO2016037541A1 (en) | 2016-03-17 |
| CN105471580A (en) | 2016-04-06 |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| TWI792284B (en) | Methods for validating online access to secure device functionality | |
| CN106611310B (en) | Data processing method, wearable electronic device and system | |
| TW201523471A (en) | Online payments using a secure element of an electronic device | |
| KR20180049163A (en) | Secure provisioning of credentials on an electronic device | |
| TW201528020A (en) | Provisioning and authenticating credentials on an electronic device | |
| CN103747012A (en) | Security verification method, device and system of network transaction | |
| CN103839160B (en) | A kind of network trading digital signature method and device | |
| CN105631655A (en) | HCE-based mobile payment method, device and mobile terminal | |
| US20170076285A1 (en) | Payment Method and Apparatus and Payment Factor Processing Method and Apparatus | |
| CN105471580B (en) | Signature rechecking method and device | |
| US20140025946A1 (en) | Audio-security storage apparatus and method for managing certificate using the same | |
| CN101635076B (en) | A kind of transaction system and implementation method | |
| CN104867004A (en) | Mobile payment system and mobile payment method thereof | |
| CN104318440A (en) | IC card | |
| CN105989481B (en) | Data interaction method and system | |
| KR20070089427A (en) | Authentication system for on-line banking, and user terminal for the same | |
| US20210385093A1 (en) | Digital signature terminal and secure communication method | |
| CN105405010B (en) | Transaction device, transaction system using the same and transaction method | |
| CN106713225B (en) | Two-dimensional code device and system based on two-dimensional code authentication and operation method thereof | |
| KR101394147B1 (en) | How to use Certificate safely at Mobile Terminal | |
| US20230028625A1 (en) | Method and system for operating a mobile point-of-sales application | |
| KR20180003069A (en) | Method for Managing Battery Replacement of OTP Token Device | |
| CN106941615B (en) | Payment method, set top box and system | |
| CN104463588B (en) | A kind of online transaction method and Key equipment based on Key equipment | |
| WO2016070799A1 (en) | Data interaction method and system |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| C06 | Publication | ||
| PB01 | Publication | ||
| C10 | Entry into substantive examination | ||
| SE01 | Entry into force of request for substantive examination | ||
| GR01 | Patent grant | ||
| GR01 | Patent grant |