CN105894277A - Dynamic password - Google Patents
Dynamic password Download PDFInfo
- Publication number
- CN105894277A CN105894277A CN201510034913.XA CN201510034913A CN105894277A CN 105894277 A CN105894277 A CN 105894277A CN 201510034913 A CN201510034913 A CN 201510034913A CN 105894277 A CN105894277 A CN 105894277A
- Authority
- CN
- China
- Prior art keywords
- password
- bank card
- dynamic password
- card
- data
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Pending
Links
Abstract
A dynamic password is a variable password which utilizes a read-write storage medium of a bank card or an erasable portion of a card surface of the back card and replaces an original password through writing a new password after finishing password authentication, and the encrypted password is stored in a database. The password changes a password input by a card holder into a dynamic password so as to prevent cracking.
Description
Technical field
This technology belongs to bank card password technology.
Background technology
Current bank card password technology is mainly MD5 algorithm and asymmetric arithmetic, the former is to utilize MD5 algorithm, the information such as the password of input are converted into MD5 value, the latter is to utilize public spoon algorithm and private spoon algorithm, i.e. the public spoon of input obtains private spoon or the private spoon of input obtains public spoon, rivest, shamir, adelman two keys of needs: public-key cryptography (publickey) and private cipher key (privatekey).Public-key cryptography and private cipher key are a pair, if be encrypted data with public-key cryptography, only could decipher with corresponding private cipher key;If data are encrypted with private cipher key, then only could decipher with corresponding public-key cryptography.Two different keys are used, so this algorithm is called rivest, shamir, adelman with deciphering because encrypting.Rivest, shamir, adelman realizes the basic process of confidential information exchange: Party A generates pair of secret keys and discloses one therein to other side as Public key;The Party B obtaining this Public key uses this double secret key confidential information to be then forwarded to Party A after being encrypted;Information after encryption is decrypted by Party A again with another private key oneself preserved.
On the other hand, Party A can use the PKI of Party B to be then forwarded to Party B after signing confidential information;Party B carries out sign test with the private spoon of oneself to data again.
Party A can only decipher by any information after its public-key encryption with its private key, and the confidentiality of rivest, shamir, adelman is relatively good, which eliminates end user and exchanges the needs of key.
The feature of asymmetric cryptosystem: algorithm intensity is complicated, safety depends on algorithm with key still owing to its algorithm is complicated, and the speed making encrypting and decrypting speed not have symmetric cryptography to decipher is fast.A kind of key in DSE arithmetic, and be private, the other side must be allowed to know key if to decipher.So ensureing that its safety is ensuring that the safety of key, and Asymmetric encryption has two kinds of keys, and one of them is disclosed, thus can need not transmit the key of the other side as symmetric cryptography.So safety with regard to big a lot (about the content quotation of asymmetric arithmetic from Baidupedia).
But, asymmetric arithmetic is generally used for Net silver, has technical difficulty for bank card, i.e. how holder completes the exchange existing problems of publickey and privatekey with server.
Summary of the invention
Technical scheme: utilize read-write storage medium or the erasable position in bank card card face that bank card exists, write new password after transaction every time, here dynamicspassword it is designated as, i.e. dynamic password, the password that dynamicspassword introduces user's input is encrypted, input password is designated as inputpassword, inputpassword is introduced dynamicspassword to be encrypted simultaneously, replace last password, what data base preserved is the data after encryption, the two encryption need to follow different AESs or different encrypting steps, dynamic password need to design complex data, in case utilizing Brute Force method or dictionary to crack the enumeration methodology such as method carry out password cracking.
Detailed description of the invention: embodiment 1: utilize R/W track, general magnetic stripe divides a read track and read-write magnetic track, what dynamic password used is exactly R/W track, the most read-write magnetic track, owing to R/W track data are not required to holder's memory, so, dynamic password can be designed to the most complicated, it is encrypted after R/W track data are introduced the password of input, further strengthen the safety of password, simultaneously, also it is encrypted after the password of input being introduced R/W track data, so, the password of input is also to convert every time, for safety, the encryption that inputpassword encryption and R/W track data are carried out should use different encryption methods or AES.
nullEmbodiment 2: utilize the erasable region in bank card card face,In order to prevent the equipment of taking on the sly from taking on the sly bank card number and dynamicspassword simultaneously,Typically the erasable region in bank card card face should be designed at the bank card back side,The erasable information of automatic teller machine can be plaintext symbol,It can also be bar code,Quick Response Codes etc. need the symbol that decoding device decodes,Every time after password authentification,Just original information is wiped,And carry out corresponding encrypted work after writing fresh information,The deficiency of this method is to need the erasable equipment of specialty,If limiting sales counter staff when opening card to carry out this operation or open card apparatus and do not possess this function,Holder is needed to carry out voluntarily opening activation work on automatic teller machine,So,Open card people owing to the automatic teller machine of Kai Ka bank may not be used to activate,There is certain safety.
Embodiment 3: for IC-card or other can pass through computer or the bank card of handset identity, the data extraction channel such as golden finger or winding displacement can be designed on bank card, it is connected to mobile phone or computer by data connecting line, after use, connecting line is taken off from golden finger or winding displacement, dynamicspassword can be stored in IC chip or other chips, automatic teller machine can also be designed different dynamicspassword modules with Mobile banking or Web bank, be not communicated with between them.
Claims (3)
- null1. a bank card dynamic password,It is characterized in that,Utilize read-write storage medium or the erasable position in bank card card face that bank card exists,Write new password after password authentification every time,Here dynamicspassword it is designated as,I.e. dynamic password,The password that dynamicspassword introduces user's input is encrypted,Input password is designated as inputpassword,Inputpassword is introduced dynamicspassword to be encrypted simultaneously,Replace last password,What data base preserved is the data after encryption,The two encryption need to follow different AESs or different encrypting steps,And dynamic password is it is generally required to the complicated data of design comparison,In case Brute Force method or dictionary the enumeration methodology such as crack and crack.
- 2. according to the dynamic password described in claim 1, the read-write storage medium of described bank card is characterized in that, they can be the read-write magnetic track in magnetic stripe, can also be the read-write storage medium in IC chip, for IC chip or other can be designed golden finger on bank card by computer or the information of handset identity, the data extraction channels such as winding displacement, it is attached by connecting line, is written and read work, after completing, data wire is taken off from golden finger or winding displacement.
- 3. according to the dynamic password described in claim 1, described bank card is erasable be is characterized in that, erasable position optimum is at the bank card back side, in case taking on the sly, equipment is taken on the sly bank card number and dynamic password simultaneously, its data can be clear-text passwords, it can also be Quick Response Code, bar codes etc. need the information of decoding, the initial work of its dynamic password limits bank clerk or bank opens card apparatus and completes, needing holder to complete on automatic teller machine voluntarily, this needs automatic teller machine to have the erasable function of specialty.
Priority Applications (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN201510034913.XA CN105894277A (en) | 2015-01-25 | 2015-01-25 | Dynamic password |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN201510034913.XA CN105894277A (en) | 2015-01-25 | 2015-01-25 | Dynamic password |
Publications (1)
| Publication Number | Publication Date |
|---|---|
| CN105894277A true CN105894277A (en) | 2016-08-24 |
Family
ID=56999544
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN201510034913.XA Pending CN105894277A (en) | 2015-01-25 | 2015-01-25 | Dynamic password |
Country Status (1)
| Country | Link |
|---|---|
| CN (1) | CN105894277A (en) |
Citations (4)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN102129743A (en) * | 2010-01-18 | 2011-07-20 | 上海启电信息科技有限公司 | System for preventing bank card from being stolen |
| CN102129741A (en) * | 2010-01-18 | 2011-07-20 | 上海启电信息科技有限公司 | Anti-theft system for bank card |
| CN201936338U (en) * | 2011-02-21 | 2011-08-17 | 广州市华标科技发展有限公司 | Erasable identity card |
| CN103699829A (en) * | 2014-01-12 | 2014-04-02 | 汪风珍 | Password card |
-
2015
- 2015-01-25 CN CN201510034913.XA patent/CN105894277A/en active Pending
Patent Citations (4)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN102129743A (en) * | 2010-01-18 | 2011-07-20 | 上海启电信息科技有限公司 | System for preventing bank card from being stolen |
| CN102129741A (en) * | 2010-01-18 | 2011-07-20 | 上海启电信息科技有限公司 | Anti-theft system for bank card |
| CN201936338U (en) * | 2011-02-21 | 2011-08-17 | 广州市华标科技发展有限公司 | Erasable identity card |
| CN103699829A (en) * | 2014-01-12 | 2014-04-02 | 汪风珍 | Password card |
Non-Patent Citations (1)
| Title |
|---|
| 杨振野: "《IC卡技术及其应用》", 31 July 2006 * |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| CN107077670B (en) | Method and apparatus for transmitting and processing transaction message, computer readable storage medium | |
| CN101765996B (en) | Device and method for remote authentication and transaction signatures | |
| WO2016061899A1 (en) | Fingerprint decryption method and device | |
| JP2019521620A (en) | Establish secure channel | |
| CN102123027A (en) | Information security processing method and mobile terminal | |
| CN105491077A (en) | Identity authentication system | |
| CN103929308B (en) | Information Authentication method applied to rfid card | |
| WO2018096559A1 (en) | System and method for translation and authentication of secure pin and sensitive data | |
| CN104376465A (en) | Safe mobile payment method | |
| US20170076285A1 (en) | Payment Method and Apparatus and Payment Factor Processing Method and Apparatus | |
| US11922428B2 (en) | Security for contactless transactions | |
| JP2007524275A (en) | Method and system for secure data exchange in electronic transactions | |
| WO2007072450A3 (en) | Puf protocol with improved backward security | |
| CN106789977A (en) | A kind of method and system that handset token is realized based on Secret splitting | |
| KR101666591B1 (en) | One time password certifacation system and method | |
| CN103514540A (en) | USBKEY business realization method and system | |
| CN105894277A (en) | Dynamic password | |
| KR101302947B1 (en) | Finance system and financial transaction data transmission method and data decryption system and method for securely delivering of financial transaction information | |
| US20200167778A1 (en) | Trusted communication in transactions | |
| TWI220502B (en) | Method of using cryptography with biometric verification on security authentication | |
| GB2373616A (en) | Remote cardholder verification process | |
| CN1889420B (en) | Method for realizing encrypting | |
| CN103345799B (en) | Bank card information encryption method and swiping card equipment in swiping card equipment | |
| CN105827659B (en) | Safety control system applied to mobile terminal | |
| CN103155010B (en) | For smart card being carried out personalized method for simplifying and the equipment being associated |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| C06 | Publication | ||
| PB01 | Publication | ||
| C10 | Entry into substantive examination | ||
| SE01 | Entry into force of request for substantive examination | ||
| WD01 | Invention patent application deemed withdrawn after publication |
Application publication date: 20160824 |
|
| WD01 | Invention patent application deemed withdrawn after publication |