CN105844755A - 一种用于atm运维管理的三方交叉认证安全机制 - Google Patents
一种用于atm运维管理的三方交叉认证安全机制 Download PDFInfo
- Publication number
- CN105844755A CN105844755A CN201610224022.5A CN201610224022A CN105844755A CN 105844755 A CN105844755 A CN 105844755A CN 201610224022 A CN201610224022 A CN 201610224022A CN 105844755 A CN105844755 A CN 105844755A
- Authority
- CN
- China
- Prior art keywords
- task
- paper money
- lock
- web terminal
- unblanking
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Granted
Links
Classifications
-
- G—PHYSICS
- G07—CHECKING-DEVICES
- G07C—TIME OR ATTENDANCE REGISTERS; REGISTERING OR INDICATING THE WORKING OF MACHINES; GENERATING RANDOM NUMBERS; VOTING OR LOTTERY APPARATUS; ARRANGEMENTS, SYSTEMS OR APPARATUS FOR CHECKING NOT PROVIDED FOR ELSEWHERE
- G07C9/00—Individual registration on entry or exit
- G07C9/00174—Electronically operated locks; Circuits therefor; Nonmechanical keys therefor, e.g. passive or active electrical keys or other data carriers without mechanical keys
- G07C9/00182—Electronically operated locks; Circuits therefor; Nonmechanical keys therefor, e.g. passive or active electrical keys or other data carriers without mechanical keys operated with unidirectional data transmission between data carrier and locks
-
- G—PHYSICS
- G07—CHECKING-DEVICES
- G07C—TIME OR ATTENDANCE REGISTERS; REGISTERING OR INDICATING THE WORKING OF MACHINES; GENERATING RANDOM NUMBERS; VOTING OR LOTTERY APPARATUS; ARRANGEMENTS, SYSTEMS OR APPARATUS FOR CHECKING NOT PROVIDED FOR ELSEWHERE
- G07C9/00—Individual registration on entry or exit
- G07C9/00174—Electronically operated locks; Circuits therefor; Nonmechanical keys therefor, e.g. passive or active electrical keys or other data carriers without mechanical keys
- G07C9/00571—Electronically operated locks; Circuits therefor; Nonmechanical keys therefor, e.g. passive or active electrical keys or other data carriers without mechanical keys operated by interacting with a central unit
-
- G—PHYSICS
- G07—CHECKING-DEVICES
- G07C—TIME OR ATTENDANCE REGISTERS; REGISTERING OR INDICATING THE WORKING OF MACHINES; GENERATING RANDOM NUMBERS; VOTING OR LOTTERY APPARATUS; ARRANGEMENTS, SYSTEMS OR APPARATUS FOR CHECKING NOT PROVIDED FOR ELSEWHERE
- G07C9/00—Individual registration on entry or exit
- G07C9/00174—Electronically operated locks; Circuits therefor; Nonmechanical keys therefor, e.g. passive or active electrical keys or other data carriers without mechanical keys
- G07C9/00896—Electronically operated locks; Circuits therefor; Nonmechanical keys therefor, e.g. passive or active electrical keys or other data carriers without mechanical keys specially adapted for particular uses
-
- G—PHYSICS
- G07—CHECKING-DEVICES
- G07F—COIN-FREED OR LIKE APPARATUS
- G07F19/00—Complete banking systems; Coded card-freed arrangements adapted for dispensing or receiving monies or the like and posting such transactions to existing accounts, e.g. automatic teller machines
- G07F19/20—Automatic teller machines [ATMs]
-
- G—PHYSICS
- G07—CHECKING-DEVICES
- G07F—COIN-FREED OR LIKE APPARATUS
- G07F19/00—Complete banking systems; Coded card-freed arrangements adapted for dispensing or receiving monies or the like and posting such transactions to existing accounts, e.g. automatic teller machines
- G07F19/20—Automatic teller machines [ATMs]
- G07F19/211—Software architecture within ATMs or in relation to the ATM network
-
- G—PHYSICS
- G07—CHECKING-DEVICES
- G07C—TIME OR ATTENDANCE REGISTERS; REGISTERING OR INDICATING THE WORKING OF MACHINES; GENERATING RANDOM NUMBERS; VOTING OR LOTTERY APPARATUS; ARRANGEMENTS, SYSTEMS OR APPARATUS FOR CHECKING NOT PROVIDED FOR ELSEWHERE
- G07C9/00—Individual registration on entry or exit
- G07C9/00174—Electronically operated locks; Circuits therefor; Nonmechanical keys therefor, e.g. passive or active electrical keys or other data carriers without mechanical keys
- G07C9/00182—Electronically operated locks; Circuits therefor; Nonmechanical keys therefor, e.g. passive or active electrical keys or other data carriers without mechanical keys operated with unidirectional data transmission between data carrier and locks
- G07C2009/0023—Electronically operated locks; Circuits therefor; Nonmechanical keys therefor, e.g. passive or active electrical keys or other data carriers without mechanical keys operated with unidirectional data transmission between data carrier and locks with encription of the transmittted data signal
-
- G—PHYSICS
- G07—CHECKING-DEVICES
- G07C—TIME OR ATTENDANCE REGISTERS; REGISTERING OR INDICATING THE WORKING OF MACHINES; GENERATING RANDOM NUMBERS; VOTING OR LOTTERY APPARATUS; ARRANGEMENTS, SYSTEMS OR APPARATUS FOR CHECKING NOT PROVIDED FOR ELSEWHERE
- G07C9/00—Individual registration on entry or exit
- G07C9/00174—Electronically operated locks; Circuits therefor; Nonmechanical keys therefor, e.g. passive or active electrical keys or other data carriers without mechanical keys
- G07C9/00182—Electronically operated locks; Circuits therefor; Nonmechanical keys therefor, e.g. passive or active electrical keys or other data carriers without mechanical keys operated with unidirectional data transmission between data carrier and locks
- G07C2009/00238—Electronically operated locks; Circuits therefor; Nonmechanical keys therefor, e.g. passive or active electrical keys or other data carriers without mechanical keys operated with unidirectional data transmission between data carrier and locks the transmittted data signal containing a code which is changed
Landscapes
- Physics & Mathematics (AREA)
- General Physics & Mathematics (AREA)
- Engineering & Computer Science (AREA)
- Business, Economics & Management (AREA)
- Accounting & Taxation (AREA)
- Finance (AREA)
- Computer Networks & Wireless Communication (AREA)
- Software Systems (AREA)
- Financial Or Insurance-Related Operations Such As Payment And Settlement (AREA)
- Lock And Its Accessories (AREA)
Abstract
本发明涉及到的是一种用于ATM运维管理的三方交叉认证安全机制,其特征为包括以下步骤:S10,用户在移动端APP登录用户账号,经联网的WEB端校验成功后登录成功;用户点击WEB端之前下发至移动端APP的开锁任务,利用个人密码继续和WEB端进行验证以申请获取开锁码,成功通过后得到WEB端通过联网发送来该开锁任务的开锁私钥;S20,将开锁私钥输入ATM机动态密码锁,如正确则开锁成功,如错误则返回S10;S30,开锁后,操作加钞过程,加钞结束后,按动态密码锁锁门键进行闭锁,闭锁后动态密码锁内嵌入式代码会将动态密码锁信息计算编译成二维码。
Description
技术领域
本发明涉及到的是一种用于ATM运维管理的三方交叉认证安全机制。
背景技术
传统开锁,是这样一个流程,固定的电子密码,需要人工去改变,而且需要机械钥匙配合,机械钥匙管理不易,固定电子密码容易泄漏且无任何校验机制。因此需要开发一种新的开锁流程与校验机制。
发明内容
有鉴于此,为了解决上述问题,本发明提供一种用于ATM运维管理的三方交叉认证安全机制。
一种用于ATM运维管理的三方交叉认证安全机制,包括以下步骤:
S10,用户在移动端APP登录用户账号,经联网的WEB端校验成功后登录成功;用户点击WEB端之前下发至移动端APP的开锁任务,利用个人密码继续和WEB端进行验证以申请获取开锁码,成功通过后得到WEB端通过联网发送来该开锁任务的开锁私钥;
S20,将开锁私钥输入ATM机动态密码锁,如正确则开锁成功,如错误则返回S10;
S30,开锁后,操作加钞过程,加钞结束后,按动态密码锁锁门键进行闭锁,闭锁后动态密码锁内嵌入式代码会将动态密码锁信息计算编译成一段二维码,该二维码包含动态密码锁的各项属性包括动态密码锁ID,客户编号,电池电量,开锁次数,关锁时间,报警次数,报警时间等;
S40,移动端APP扫码上传至WEB端,即为二维码公钥,WEB端将二维码公钥解密为解密函数,并保存为原文;
S50,下一次WEB端收到移动端APP发送来的开锁任务请求时,经过验证个人密码成功后,将该开锁任务对应的动态密码锁上次形成的解密函数加密为私钥发送到移动端APP。
进一步的,还包括S1,后台管理员在WEB端人工输入加钞任务,包括任务日期、线路、网点名称、需要加钞的ATM
机信息、选用哪几个钞箱,个多少钱,加钞人员信息,该加钞任务通过WEB端事先下发至移动端APP;在S10,登录用户账号成功以后,先获取加钞任务,用户根据加钞任务现行达到指定银行网点以后再申请开锁任务。
进一步的,S1的加钞任务内还包括开锁日期;S10时WEB端收到开锁任务申请时,核对该申请的日期是否和加钞任务的开锁日期一致,如一致则继续进行下一步验证,如不一致系统报错。
三方校验是在开锁流程基础上在动态密码锁,移动端APP,WEB服务端后台之间的校验机制,包括动态密码锁和WEB服务端后台之间的校验,通过开锁密码和二维码实现,如此确定动态密码锁和WEB服务端后台定义的开锁动作正确。二维码是当动态密码锁ID、客户编号、校验位正确时才认定WEB服务端后台定义的关锁动作正确完成,移动端APP和WEB服务端后台之间的校验,通过用户名,密码,手机串号,身份验证密码一致才能判定此用户登录的移动端APP有效,锁和移动端APP之间,通过APP下发的开锁任务,锁ID一致才能保证正常开关锁,进行了唯一认证。
该安全机制一次一码,每次开锁后,下次开锁密码完全不同,摆脱了传统锁的密码机制,更安全,不用担心密码泄露。后台、手机、锁的三方校验,后台会比对在此开锁任务开锁人员是否正确,确认后下方秘钥,如锁不同则无法打开,确定了所需要打开锁的身份,开锁后需闭锁扫码后离开,加钞人员确定锁门动作,且会有语音提示,后台人员可监控锁的状态,与锁的记录信息,更安全可靠。
附图说明
图1是本发明实施例1的流程图。
具体实施方式
实施例1:
参考图1,一种用于ATM运维管理的三方交叉认证安全机制,包括以下步骤:
S10,用户在移动端APP登录用户账号,经联网的WEB端校验成功后登录成功;用户点击WEB端之前下发至移动端APP的开锁任务,利用个人密码继续和WEB端进行验证以申请获取开锁码,成功通过后得到WEB端通过联网发送来该开锁任务的开锁私钥;
S20,将开锁私钥输入ATM机动态密码锁,如正确则开锁成功,如错误则返回S10;
S30,开锁后,操作加钞过程,加钞结束后,按动态密码锁锁门键进行闭锁,闭锁后动态密码锁内嵌入式代码会将动态密码锁信息计算编译成一段二维码,该二维码包含动态密码锁的各项属性包括动态密码锁ID,客户编号,电池电量,开锁次数,关锁时间,报警次数,报警时间等;
S40,移动端APP扫码上传至WEB端,即为二维码公钥,WEB端将二维码公钥解密为解密函数,并保存为原文;
S50,下一次WEB端收到移动端APP发送来的开锁任务请求时,经过验证个人密码成功后,将该开锁任务对应的动态密码锁上次形成的解密函数加密为私钥发送到移动端APP。
实施例2:
做为本方案的另一种实施例,还包括S1,后台管理员在WEB端人工输入加钞任务,包括任务日期、线路、网点名称、需要加钞的ATM 机信息、选用哪几个钞箱,个多少钱,加钞人员信息,该加钞任务通过WEB端事先下发至移动端APP;在S10,登录用户账号成功以后,先获取加钞任务,用户根据加钞任务现行达到指定银行网点以后再申请开锁任务。
实施例3:
做为本方案的又一种实施例,
S1的加钞任务内还包括开锁日期;S10时WEB端收到开锁任务申请时,核对该申请的日期是否和加钞任务的开锁日期一致,如一致则继续进行下一步验证,如不一致系统报错。
Claims (3)
1.一种用于ATM运维管理的三方交叉认证安全机制,其特征为包括以下步骤:
S10,用户在移动端APP登录用户账号,经联网的WEB端校验成功后登录成功;用户点击WEB端之前下发至移动端APP的开锁任务,利用个人密码继续和WEB端进行验证以申请获取开锁码,成功通过后得到WEB端通过联网发送来该开锁任务的开锁私钥;
S20,将开锁私钥输入ATM机动态密码锁,如正确则开锁成功,如错误则返回S10;
S30,开锁后,操作加钞过程,加钞结束后,按动态密码锁锁门键进行闭锁,闭锁后动态密码锁内嵌入式代码会将动态密码锁信息计算编译成二维码,该二维码包含动态密码锁的各项属性包括动态密码锁ID,客户编号,电池电量,开锁次数,关锁时间,报警次数,报警时间等;
S40,移动端APP扫码上传至WEB端,即为二维码公钥,WEB端将二维码公钥解密为解密函数,并保存为原文;
S50,下一次WEB端收到移动端APP发送来的开锁任务请求时,经过验证个人密码成功后,将该开锁任务对应的动态密码锁上次形成的解密函数加密为私钥发送到移动端APP。
2.如权利要求1所述一种用于ATM运维管理的三方交叉认证安全机制,其特征为还包括S1,后台管理员在WEB端人工输入加钞任务,包括任务日期、线路、网点名称、需要加钞的ATM 机信息、选用哪几个钞箱,个多少钱,加钞人员信息,该加钞任务通过WEB端事先下发至移动端APP;在S10,登录用户账号成功以后,先获取加钞任务,用户根据加钞任务现行达到指定银行网点以后再申请开锁任务。
3.如权利要求2所述一种用于ATM运维管理的三方交叉认证安全机制,其特征为S1的加钞任务内还包括开锁日期;S10时WEB端收到开锁任务申请时,核对该申请的日期是否和加钞任务的开锁日期一致,如一致则继续进行下一步验证,如不一致系统报错。
Priority Applications (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN201610224022.5A CN105844755B (zh) | 2016-04-12 | 2016-04-12 | 一种用于atm运维管理的三方交叉认证安全机制 |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN201610224022.5A CN105844755B (zh) | 2016-04-12 | 2016-04-12 | 一种用于atm运维管理的三方交叉认证安全机制 |
Publications (2)
| Publication Number | Publication Date |
|---|---|
| CN105844755A true CN105844755A (zh) | 2016-08-10 |
| CN105844755B CN105844755B (zh) | 2019-03-19 |
Family
ID=56597427
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN201610224022.5A Active CN105844755B (zh) | 2016-04-12 | 2016-04-12 | 一种用于atm运维管理的三方交叉认证安全机制 |
Country Status (1)
| Country | Link |
|---|---|
| CN (1) | CN105844755B (zh) |
Citations (4)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| US20130043973A1 (en) * | 2011-08-18 | 2013-02-21 | David J. Greisen | Electronic lock and method |
| CN104282060A (zh) * | 2014-08-21 | 2015-01-14 | 厦门华数电力科技有限公司 | 一种安全智能锁系统的开锁方法 |
| CN104424678A (zh) * | 2013-08-30 | 2015-03-18 | 聚龙股份有限公司 | 一种电子密码锁系统及其控制方法 |
| CN105005862A (zh) * | 2015-07-22 | 2015-10-28 | 深圳市俊武科技有限公司 | 一种互联网动态密码开锁管理系统 |
-
2016
- 2016-04-12 CN CN201610224022.5A patent/CN105844755B/zh active Active
Patent Citations (4)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| US20130043973A1 (en) * | 2011-08-18 | 2013-02-21 | David J. Greisen | Electronic lock and method |
| CN104424678A (zh) * | 2013-08-30 | 2015-03-18 | 聚龙股份有限公司 | 一种电子密码锁系统及其控制方法 |
| CN104282060A (zh) * | 2014-08-21 | 2015-01-14 | 厦门华数电力科技有限公司 | 一种安全智能锁系统的开锁方法 |
| CN105005862A (zh) * | 2015-07-22 | 2015-10-28 | 深圳市俊武科技有限公司 | 一种互联网动态密码开锁管理系统 |
Also Published As
| Publication number | Publication date |
|---|---|
| CN105844755B (zh) | 2019-03-19 |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| CN105632002B (zh) | 一种基于物联网的身份识别和移动定位的多重确认安全操作方法 | |
| CN109150541B (zh) | 一种认证系统及其工作方法 | |
| CN100459488C (zh) | 便携式一次性动态密码生成器以及使用其的安全认证系统 | |
| EP2819050B1 (en) | Electronic signature system for an electronic document using a third-party authentication circuit | |
| CN102158488B (zh) | 动态口令生成方法及装置、认证方法及系统 | |
| CN103929306B (zh) | 智能密钥设备和智能密钥设备的信息管理方法 | |
| CN107248075B (zh) | 一种实现智能密钥设备双向认证和交易的方法及装置 | |
| CN104464117B (zh) | 基于动态二维码银行自动柜员机取款方法及系统 | |
| CN102281138B (zh) | 一种提高验证码安全性的方法和系统 | |
| CN105913187A (zh) | 基于物联网和移动应用的智能atm运维监管系统及方法 | |
| EP3534584A1 (en) | Service implementation method and apparatus | |
| US20170046673A1 (en) | Automatic transaction device and automatic transaction system | |
| CN105635075A (zh) | 登录云终端的方法、云终端、云服务器及云系统 | |
| CN105550928A (zh) | 一种商业银行网络远程开户的系统及其方法 | |
| CN101216915A (zh) | 安全移动支付方法 | |
| CN109067881A (zh) | 远程授权方法及其装置、设备和存储介质 | |
| CN110660145A (zh) | 一种基于移动终端的锁控制方法、系统、锁及存储介质 | |
| CN111340987A (zh) | 物联门锁通信方法、装置、系统及计算机存储介质 | |
| CN113963464B (zh) | 基于区块链的银行保管箱开锁系统及方法 | |
| CN104618356A (zh) | 身份验证方法及装置 | |
| CN104835038A (zh) | 一种联网支付装置及方法 | |
| CN110535809B (zh) | 一种标识码的拉取方法、存储介质及终端设备和服务器 | |
| CN104703180A (zh) | 基于移动互联网智能终端的一种隐形多重认证方法 | |
| CN105678547B (zh) | 一种检查持卡人身份的终端及其工作方法 | |
| CN109933974B (zh) | 密码初始化方法、装置、计算机设备及存储介质 |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| C06 | Publication | ||
| PB01 | Publication | ||
| C10 | Entry into substantive examination | ||
| SE01 | Entry into force of request for substantive examination | ||
| TA01 | Transfer of patent application right | ||
| TA01 | Transfer of patent application right |
Effective date of registration: 20190115 Address after: 214000 China Sensor Network International Innovation Park G1-902, 200 Linghu Avenue, Xinwu District, Wuxi City, Jiangsu Province Applicant after: WUXI SAFUTE INTELLIGENT TECHNOLOGY CO., LTD. Address before: 2000 14th Floor, 1138 Chang'an Road, Zhabei District, Shanghai Applicant before: Shanghai Qingtian Electronic Technology Co., Ltd. |
|
| GR01 | Patent grant | ||
| GR01 | Patent grant | ||
| TR01 | Transfer of patent right | ||
| TR01 | Transfer of patent right |
Effective date of registration: 20200601 Address after: Room a1-3841, 58 Fumin Road, Hengsha Township, Chongming District, Shanghai 202150 (Hengtai Economic Development Zone, Shanghai) Patentee after: Shanghai Jiesheng Liye Network Technology Co.,Ltd. Address before: 214000 China Sensor Network International Innovation Park G1-902, 200 Linghu Avenue, Xinwu District, Wuxi City, Jiangsu Province Patentee before: WUXI SAFIOT INTELLIGENT TECHNOLOGY Co.,Ltd. |