CN106056014A - Identity card reading method, identity card reading system and card reader - Google Patents
Identity card reading method, identity card reading system and card reader Download PDFInfo
- Publication number
- CN106056014A CN106056014A CN201510765384.0A CN201510765384A CN106056014A CN 106056014 A CN106056014 A CN 106056014A CN 201510765384 A CN201510765384 A CN 201510765384A CN 106056014 A CN106056014 A CN 106056014A
- Authority
- CN
- China
- Prior art keywords
- card
- information
- identity card
- card reader
- encryption
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Granted
Links
Classifications
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06K—GRAPHICAL DATA READING; PRESENTATION OF DATA; RECORD CARRIERS; HANDLING RECORD CARRIERS
- G06K7/00—Methods or arrangements for sensing record carriers, e.g. for reading patterns
- G06K7/0008—General problems related to the reading of electronic memory record carriers, independent of its reading method, e.g. power transfer
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/60—Protecting data
- G06F21/602—Providing cryptographic facilities or services
Landscapes
- Engineering & Computer Science (AREA)
- Theoretical Computer Science (AREA)
- General Physics & Mathematics (AREA)
- Physics & Mathematics (AREA)
- General Health & Medical Sciences (AREA)
- Computer Hardware Design (AREA)
- Computer Security & Cryptography (AREA)
- Software Systems (AREA)
- General Engineering & Computer Science (AREA)
- Health & Medical Sciences (AREA)
- Bioethics (AREA)
- Artificial Intelligence (AREA)
- Computer Vision & Pattern Recognition (AREA)
- Storage Device Security (AREA)
Abstract
The invention provides an identity card reading method, an identity card reading system and a card reader. The identity card reading method comprises the steps that the card reader receives a card searching response instruction returned by a first resident identity card; the card reader reads configuration information of the first resident identity card; the card reader judges whether the configuration information is stored in a security chip or not, and stores the configuration information into the security chip under the condition that the configuration information is judged not to be stored in the security chip; the card reader receives a card reading instruction and reads encrypted identity card information stored in the resident identity card; and the card reader sends the configuration information and the encrypted identity card information to a background server.
Description
Technical field
The present invention relates to a kind of electronic technology field, particularly relate to a kind of identity card card reading method, system and card reader.
Background technology
In existing resident identification card Card Reader flow process, before the flow process performing reading identity card, card seeking flow process to be performed, seeking
After resident identification card, then start to perform the flow process of reading identity card.Wherein, card seeking flow process specifically includes that card reader circulates
Transmission card seeking instructs, and when resident identification card enters the readable range of card reader, resident identification card detects that what card reader sent seeks
Card instruction, returns card seeking response instruction to card reader, after card reader receives card seeking response instruction, determines and residential identity detected
Card, card seeking success.After the success of card reader card seeking, user indicates card reader to start reading identity card, and card reader starts and resident
Identity card interacts, and reads the information of storage in resident identification card, the Ministry of Public Security safety control module the authorized residence to reading
People's identity card is decoded, and obtains ID card information in plain text.In the related, card reader after seeking resident identification card,
The information of storage in resident identification card can't be read, but after receiving Card Reader instruction, just read from resident identification card
Information.Owing to card reader is interacted with resident identification card by radio frequency, read the time of the information stored in resident identification card relatively
Long, Consumer's Experience is the highest.
Summary of the invention
Present invention seek to address that the time of the information stored in above-mentioned reading resident identification card is longer, the problem that Consumer's Experience is the highest.
A kind of identity card card reading method of offer is provided;
Another object of the present invention is to provide a kind of card reader;
Another object of the present invention is to provide a kind of identity card card-reading system.
For reaching above-mentioned purpose, the present invention provides techniques below scheme:
Scheme 1, a kind of identity card card reading method, described method includes: card reader receives seeking of the first resident identification card return
Card response instruction;Described card reader reads the configuration information of described first resident identification card;Described card reader judges in safety chip
Whether storage has described configuration information, in the case of not storing described configuration information in judging described safety chip, by described
Configuration information stores in described safety chip;Described card reader receives Card Reader instruction, obtains in described resident identification card and stores
Encryption identity card information;Described configuration information and described encryption identity card information are sent to background server by described card reader.
Scheme 2, according to the method described in scheme 1, the encryption identity card information of storage in described resident identification card that obtains includes:
Described card reader judges whether store the encryption identity card information corresponding with described configuration information in described safety chip;Judging
In described safety chip storage have described encryption identity card information in the case of, described card reader obtain from safety chip described in add
Close ID card information;In the case of not storing described encryption identity card information in judging described safety chip, described card reader
Perform Card Reader flow process, read the encryption identity card information in described first resident identification card, the described encryption identity card letter that will read
Breath is stored in described safety chip, and described encryption identity card information is associated with described configuration information.
Scheme 3, according to the method described in scheme 1, in judging described safety chip, do not store the situation of described configuration information
Under, include when described configuration information is stored in described safety chip: described card reader deletes storage in described safety chip
Configuration information and encryption identity card information, and the described configuration information read is stored in described safety chip;Obtain described residence
In people's identity card, the encryption identity card information of storage includes: described card reader judges whether to have stored in described safety chip encryption body
Part card information;In the case of in judging described safety chip, storage has described encryption identity card information, described card reader is from safety
Chip obtains described encryption identity card information;The feelings of described encryption identity card information are not stored in judging described safety chip
Under condition, described card reader performs Card Reader flow process, reads the encryption identity card information in described first resident identification card, by read
Described encryption identity card information is stored in described safety chip.
Scheme 4, according to the method described in scheme 2 or 3, in described safety chip, the described encryption identity card information of storage includes
Multiple packets;Described encryption identity card information is sent to described background server and includes by described card reader: described card reader will
The plurality of packet that described encryption identity card information includes is sent to described background server successively.
Scheme 5, according to the method described in scheme 4, described method also includes: receiving described background server send weight
During teletype command, described card reader obtains the packet that the instruction of described retransmission instructions needs to retransmit from described safety chip, will obtain
Described data packet retransmission give described background server.
Scheme 6, according to the method described in any one of scheme 1 to 5, in described card reader by described configuration information and described encryption
After ID card information is sent to described background server, described method also includes: described card reader is not the most examined
Measure resident identification card, the configuration information of the resident identification card stored in emptying described safety chip and encryption identity card information.
Scheme 7, according to the method described in any one of scheme 1 to 6, in described card reader by described configuration information and described encryption
After ID card information is sent to described background server, described method also includes: described card reader obtains described background server
The identity card cleartext information that deciphering obtains;Described card reader produces a random key;Described card reader uses described random key
Described identity card cleartext information is encrypted;Described identity card cleartext information after encryption is stored described peace by described card reader
In full chip.
Scheme 8, according to the method described in scheme 7, in described card reader, described identity card cleartext information is stored described safety
After in chip, described method also includes: described card reader receives the card seeking response instruction that the second resident identification card returns;Institute
State card reader and read the configuration information of described second resident identification card;Whether described card reader has stored in judging described safety chip
The current described configuration information read;Described card reader receives the Card Reader instruction of the terminal being attached thereto;Judging described safety
In the case of chip internal memory contains the described configuration information of current reading, it is judged that after whether storing encryption in described safety chip
Described identity card cleartext information;In the case of judging the described identity card cleartext information after described safety chip internal memory contains encryption,
Described identity card cleartext information after the encryption stored in obtaining described safety chip;Described card reader uses described random key pair
Identity card cleartext information after described encryption is decrypted, the identity card cleartext information after output deciphering.
Scheme 9, according to the method described in scheme 7, in described card reader, the described identity card cleartext information after encryption is stored
After in described safety chip, described method also includes: described card reader is not detected by resident identification card in the given time,
Identity card cleartext information after the encryption stored in emptying described safety chip;And/or, described card reader does not has in the given time
In the case of resident identification card being detected or before described card reader execution power-off operation, the described card reader described random key of deletion.
Scheme 10, a kind of card reader, described card reader includes: radio-frequency module, for receiving seeking of the first resident identification card return
Card response instruction, reads the configuration information of described first resident identification card;Judge module, is used for judging whether security module stores
There is described configuration information, in the case of not storing described configuration information in judging described security module, trigger described safe mould
Block stores described configuration information;Described security module, is used for storing described configuration information;Receiver module, is used for receiving Card Reader and refers to
Order;Acquisition module, for obtaining the encryption identity card information of storage in described resident identification card;Communication module, for by described
Configuration information and described encryption identity card information are sent to background server.
Scheme 11, according to the card reader described in scheme 10, described judge module, whether be additionally operable to judge in described security module
Storage has the encryption identity card information corresponding with described configuration information;Described acquisition module, is additionally operable to judge at described judge module
In the case of storage has described encryption identity card information in described security module, from described security module, obtain described crypto identity
Card information, and in the case of not storing described encryption identity card information in described judge module judges described security module,
Described encryption identity card information is read from described first resident identification card;Described security module is additionally operable to believe described encryption identity card
Breath associates storage with described configuration information.
Scheme 12, according to the card reader described in scheme 10, described card reader also includes control module;Described control module, uses
In the case of not storing described configuration information in judging described security module at described judge module, delete described security module
The configuration information of middle storage and encryption identity card information, then trigger described security module store described radio-frequency module read described in join
Confidence ceases;Described judge module, is additionally operable to judge whether to have stored in described security module encryption identity card information;Described acquisition
Module, in the case of in described judge module judges described security module, storage has described encryption identity card information, from institute
Stating and obtain described encryption identity card information in security module, in described judge module judges described security module, storage is not described
In the case of encryption identity card information, read the encryption identity card information of storage in described first resident identification card;Described safe mould
Block is additionally operable to store the described encryption identity card information that described acquisition module reads.
Scheme 13, according to the card reader described in scheme 11 or 12, the described encryption identity card information of described security module storage
Multiple packets;Described encryption identity card information is sent to described background server by described communication module in the following manner: will
Multiple packets of described encryption identity card information send successively to described background server.
Scheme 14, according to the card reader described in scheme 13, described communication module, be additionally operable to receive described background server and send
Retransmission instructions;Described acquisition module, is additionally operable to obtain the number that the instruction of described retransmission instructions needs to retransmit from described security module
According to bag;Described communication module, the described data packet retransmission being additionally operable to obtain described acquisition module is to described background server.
Scheme 15, according to the card reader described in any one of scheme 10 to 14, described radio-frequency module, be additionally operable to detect residential identity
Card;Described control module, is also used in described radio-frequency module when being not detected by resident identification card in the given time, empties described
The configuration information of the resident identification card stored in security module and encryption identity card information.
Scheme 16, according to the card reader described in any one of scheme 10 to 15, described security module, be additionally operable to obtain described backstage
Server deciphers the identity card cleartext information obtained, and produces a random key, uses described random key to described proof of identification
Literary composition information is encrypted, and stores the described identity card cleartext information of encryption.
Scheme 17, according to the card reader described in scheme 16, described card reader also includes deciphering module, wherein, described radio frequency mould
Block, is additionally operable to receive the card seeking response instruction that described second resident identification card returns, reads the configuration of described second resident identification card
Information;Whether described judge module, store the described configuration information of current reading in being additionally operable to judge described security module;Institute
State receiver module, for receiving the Card Reader instruction of the terminal being attached thereto;Described judge module, is additionally operable at described receiver module
After receiving the instruction of described Card Reader, in the case of judging the described configuration information that described security module internal memory contains current reading,
The described identity card cleartext information after encryption whether is stored in judging described security module;Described acquisition module, is additionally operable in institute
State judge module judge described security module internal memory contain encryption after described identity card cleartext information in the case of, obtain described peace
Described identity card cleartext information after the encryption stored in full module;Described deciphering module, is used for using described random key to institute
State the identity card cleartext information after encryption to be decrypted, the identity card cleartext information after output deciphering.
Scheme 18, according to the card reader described in scheme 16, described control module, be additionally operable at described radio-frequency module in pre-timing
In when being not detected by resident identification card, empty the identity card cleartext information after the encryption of storage in described security module;And/or,
In the case of described radio-frequency module is not detected by resident identification card or before execution power-off operation, delete described random key.
The technical scheme provided by the present invention, card reader, after seeking resident identification card, i.e. reads from resident identification card and joins
Confidence ceases, and after subsequently received Card Reader instructs, only reads encryption identity card information from resident identification card, thus has saved
Read the time of configuration information after receiving Card Reader instruction, improve the reading efficiency of identity card, improve Consumer's Experience.
Accompanying drawing explanation
In order to be illustrated more clearly that the technical scheme of the embodiment of the present invention, the required accompanying drawing used in embodiment being described below
It is briefly described, it should be apparent that, the accompanying drawing in describing below is only some embodiments of the present invention, for this area
From the point of view of those of ordinary skill, on the premise of not paying creative work, it is also possible to obtain other accompanying drawings according to these accompanying drawings.
The schematic flow sheet of a kind of identity card card reading method that Fig. 1 provides for the embodiment of the present invention 1;
The schematic flow sheet of a kind of identity card card reading method that Fig. 2 provides for the embodiment of the present invention 2;
The schematic flow sheet of a kind of identity card card reading method that Fig. 3 provides for the embodiment of the present invention 3;
A kind of card reader structure schematic diagram that Fig. 4 provides for the embodiment of the present invention 4;
The another kind of card reader structure schematic diagram that Fig. 5 provides for the embodiment of the present invention 4;
The configuration diagram of the identity card card-reading system that Fig. 6 provides for the embodiment of the present invention 5.
Detailed description of the invention
Below in conjunction with the accompanying drawing in the embodiment of the present invention, the technical scheme in the embodiment of the present invention is clearly and completely described,
Obviously, described embodiment is only a part of embodiment of the present invention rather than whole embodiments.Reality based on the present invention
Execute example, the every other embodiment that those of ordinary skill in the art are obtained under not making creative work premise, broadly fall into
Protection scope of the present invention.
In describing the invention, it is to be understood that term " " center ", " longitudinally ", " laterally ", " on ", D score, " front ",
Orientation or the position relationship of the instruction such as " afterwards ", "left", "right", " vertically ", " level ", " top ", " end ", " interior ", " outward " are base
In orientation shown in the drawings or position relationship, it is for only for ease of the description present invention and simplifies description rather than instruction or hint institute
The device that refers to or element must have specific orientation, with specific azimuth configuration and operation, therefore it is not intended that to the present invention
Restriction.Additionally, term " first ", " second " are only used for describing purpose, and it is not intended that instruction or hint relative importance
Or quantity or position.
In describing the invention, it should be noted that unless otherwise clearly defined and limited, term " install ", " being connected ",
" connect " and should be interpreted broadly, connect for example, it may be fixing, it is also possible to be to removably connect, or be integrally connected;Permissible
It is to be mechanically connected, it is also possible to be electrical connection;Can be to be joined directly together, it is also possible to be indirectly connected to by intermediary, can be two
The connection of individual element internal.For the ordinary skill in the art, can understand that above-mentioned term is in the present invention with concrete condition
In concrete meaning.
Below in conjunction with accompanying drawing, the embodiment of the present invention is described in further detail.
Embodiment 1
The schematic flow sheet of a kind of identity card card reading method that Fig. 1 provides for the present embodiment, as it is shown in figure 1, the present embodiment provides
Identity card card reading method mainly include the following steps that (101-106).
Step 101: card reader receives the card seeking response instruction that the first resident identification card returns;
In the present embodiment, card reader is sent out card seeking by its radio-frequency module at interval of a period of time and instructs, first resident's body
After part card receives the card seeking instruction that card reader sends, the first resident identification card can send card seeking from trend card reader and respond instruction, reads
Card device receives the card seeking response instruction that the first resident identification card returns.The card seeking that card reader is returned by the first resident identification card responds
Instruction sets up communication connection with the first resident identification card.
It should be noted that general card reader is provided with the safety control module of Ministry of Public Security's mandate in order to decipher what card reader read
Encryption identity card information, but the cost being integrated with the safety control module that the Ministry of Public Security authorizes in card reader is high, in the present embodiment,
Card reader is not provided with the safety control module (SAM module) that the Ministry of Public Security authorizes, and safety control module is arranged on far-end, permissible
It is arranged in background server, it is also possible to be independently arranged, is connected by wired (such as, USB interface etc.) with background server,
Can also be by wireless (such as, WIFI, bluetooth etc.), concrete the present embodiment is not construed as limiting.By by card reader and SAM mould
Block is provided separately, and can share a SAM module with multiple card reader, such that it is able to cost-effective.
Step 102: card reader reads the configuration information of the first resident identification card;
In the present embodiment, card reader, after receiving the card seeking response instruction that the first resident identification card returns, determines the most readable
In the range of have identity card, then directly read the configuration information in the first resident identification card.
In actual applications, in the first resident identification card, the information of storage includes the configuration information of the identity card with clear-text way storage
With the encryption identity card information stored with encrypted test mode.Wherein, the configuration information of identity card, refer to the configuration parameter of identity card,
The serial number of such as identity card, for indicating the application data of relevant information of application, the host-host protocol (example arranged in identity card
As, transport protocol type, bit digit rate, maximum frame size) etc., card reader can be with this configuration information of Direct Recognition, it is not necessary to
The safety control module that the Ministry of Public Security authorizes is decrypted.Encryption identity card information, refers to the identity card with ciphertext storage in identity card,
The information such as such as identification card number, name, sex, address and photo, this encryption identity card information is only authorized by the Ministry of Public Security
After safety control module is decrypted, the cleartext information of this identity card could be obtained.The safety control module that the Ministry of Public Security authorizes is solving
During close encryption identity card information, need could be deciphered by configuration information, therefore, when reading identity card, need identity card
The configuration information of middle storage and encryption identity card information are both provided to the safety control module that the Ministry of Public Security authorizes.In the present embodiment,
Regardless of whether receive Card Reader instruction, as long as card reader there are resident identification card and (i.e. receives resident in readable range being detected
The card seeking response instruction that identity card returns), then read the configuration information of this resident identification card.
Step 103: card reader judges whether to have stored in safety chip described configuration information;
In the present embodiment, after card reader reads the configuration information in the first resident identification card, card reader judges the safety of card reader
Whether chip stores the configuration information of the first resident identification card that card reader reads in 102 in steps, has step without storage
The configuration information read in rapid 102, performs step 104;If it addition, the configuration information that storage is read in 102 in steps,
The most directly perform step 105.
Step 104: configuration information is stored in safety chip;
In the present embodiment, in the case of card reader judges not have in safety chip the configuration information that storage is read in 102 in steps,
The configuration information read in step 102 is stored in safety chip by card reader.
Step 105: card reader receives Card Reader instruction, obtains the encryption identity card information of storage in resident identification card;
In the present embodiment, step 103 receives with card reader the step that Card Reader instruction is two not free sequencings,
In actual applications, card reader is probably when performing step 103 and receives Card Reader instruction, it is also possible to be to perform step 103
Receive Card Reader instruction afterwards, it is also possible to performing step 103 again after receiving Card Reader instruction, concrete the present embodiment does not limits
Fixed.
In the present embodiment, Card Reader instruction is the instruction for reading identity card information, and card reader can pass through terminal (such as computer
Or mobile phone etc.) receive Card Reader instruction, it is possible to obtaining Card Reader by card reader self instructs, and card reader obtains the mode of Card Reader instruction
The present embodiment does not limit, as long as card reader can receive Card Reader instruction the most within the scope of the present invention.Card reader
The encryption identity card information of storage in identity card is obtained by the Card Reader instruction received.
In an optional embodiment of the embodiment of the present invention, in the case of in safety chip, storage has encryption identity card information,
Card reader can obtain encryption identity card information from safety chip, or, card reader can also be directly from the first resident identification card
Middle reading encryption identity card information, specifically can refer to the description in embodiment 2.
Step 106: configuration information and encryption identity card information are sent to background server by card reader.
In the present embodiment, card reader obtains in resident identification card after the encryption identity card information of storage, and card reader is by configuration information
And encryption identity card information is sent to background server.Concrete, card reader can pass through terminal (such as computer or mobile phone etc.) and
Background server is set up and is connected and communication, it is also possible to (such as bluetooth, infrared or NFC near-field communication etc.) are straight wirelessly
Connect to set up with background server and be connected and communication.
In the related, when performing resident identification card and reading flow process, in readable range being detected, there are resident identification card
Time, the information of storage in resident identification card can't be read, and be to wait for Card Reader instruction, after receiving Card Reader instruction, then from
Resident identification card reads configuration information and encryption identity card information.And in the identity card Card Reader scheme that the present embodiment provides, read
Card device detect there are resident identification card in readable range time, just directly read the configuration information of resident identification card, receive
After instructing to Card Reader, only need to obtain the encryption identity card information of storage in resident identification card, without reading configuration information again,
Such that it is able to save the Card Reader time, improve Consumer's Experience.
As the optional embodiment of one of the present embodiment, in card reader, configuration information and encryption identity card information are sent to backstage
After server, background server can interact with SAM module, obtains the identity card cleartext information of deciphering, and backstage takes
This identity card cleartext information is sent to card reader by business device.Alternatively, in order to ensure the transmission safety of identity card cleartext information, after
Station server can send after being encrypted identity card cleartext information, and such as, background server can use to be consulted with card reader
Transmission key be encrypted, or, background server can also utilize its private key to be encrypted.Therefore, in this optional enforcement
In mode, after configuration information and encryption identity card information are sent to background server by card reader, the method can also include:
Card reader obtains background server and deciphers the identity card cleartext information obtained, and card reader produces a random key;Card reader uses
Identity card cleartext information is encrypted by random key, and the identity card cleartext information after encryption is stored in safety chip by card reader.
By the identity card cleartext information of encryption is stored in safety chip, can in the case of needs repeatedly reading identity card information,
From safety chip, directly obtain the identity card cleartext information of encryption, it is not necessary to by background server and SAM module the most again
Encryption identity card information is decrypted, in order to save the time of secondary Card Reader, and, by using random key to identity card
Cleartext information is encrypted, it is ensured that the safety of identity card cleartext information.
As the optional embodiment of one of the present embodiment, in card reader, identity card cleartext information is stored in described safety chip
Afterwards, card reader receives the card seeking response instruction that the second resident identification card returns, and card reader reads joining of the second resident identification card
Confidence ceases, whether card reader stores the configuration information currently read in judging safety chip, and card reader receives and is attached thereto
The Card Reader instruction of terminal (such as, the PC of bank front end), is judging that safety chip internal memory contains the configuration letter of current reading
In the case of breath, it is judged that whether store the identity card cleartext information after encryption in safety chip, store in judging safety chip
In the case of having the identity card cleartext information after encryption, the described identity card cleartext information after the encryption stored in obtaining safety chip,
Card reader uses random key to be decrypted the identity card cleartext information after encryption, the identity card cleartext information after output deciphering.
Such as, the identity card cleartext information after deciphering can be sent to terminal by card reader, it is also possible to directly display the identity card after deciphering
Cleartext information.
Concrete, in the case of the second resident identification card and the first resident identification card are same identity card, card reader reads second
The configuration information of resident identification card, and judge that in safety chip, storage has the configuration information of current reading, card reader receives Card Reader and refers to
After order, it is judged that whether store the identity card cleartext information after encryption in safety chip, judging that safety chip internal memory contains encryption
After identity card cleartext information in the case of, card reader obtains the described identity card cleartext information in safety chip after the encryption of storage,
Finally, card reader uses random key to be decrypted the identity card cleartext information after encryption, and the identity card after output deciphering is in plain text
Information.It addition, in the case of the second resident identification card and the first resident identification card are different identity card, card reader reads second
The configuration information of resident identification card, and judge not have in safety chip storage to have the configuration information of current reading, card reader performs the
The Card Reader flow process of two resident identification cards, reads the Card Reader flow process of the second resident identification card and the Card Reader stream reading the first resident identification card
Cheng Xiangtong, does not repeats them here.Judge whether it is secondary Card Reader by configuration information, and judging that storage has and configuration information
During corresponding identity card cleartext information, from safety chip, directly obtain the identity card cleartext information of encryption, saved secondary Card Reader
Time.
In the present embodiment, safety chip can only store the identity card cleartext information of the encryption of an identity card, for example, it is possible to
Arranging a memory space in safety chip, this memory space is used for storing the identity card cleartext information of encryption, it can in addition contain
One memory space is set for storing configuration information.Card reader, when resident identification card being detected, reads this resident identification card
Configuration information, if this configuration information is not stored in safety chip, then empties the memory space of configuration information in safety chip
And the information of storage in the memory space of the identity card cleartext information of encryption, then the configuration information currently read is saved in configuration letter
The memory space of breath, thereby may be ensured that in safety chip, the configuration information of storage belongs to same with the identity card cleartext information of encryption
Identity card.In identity card Card Reader flow process continuous after execution, decipher, getting background server, the identity card cleartext information obtained
After, re-using random key and this identity card cleartext information is encrypted, the storage of the identity card cleartext information being then saved in encryption is empty
Between.When receiving the Card Reader instruction that host computer (such as, the PC of bank front end) sends, card reader may determine that currently
The configuration information that the configuration information of resident identification card stores with safety chip is the most consistent, if unanimously, then and adding from safety chip
The memory space of close identity card cleartext information takes out the identity card cleartext information of encryption, and utilizes random key to be decrypted,
Export after deciphering.
Certainly, safety chip can also store the identity card cleartext information of the encryption of multiple identity card, such as, in storage encryption
Identity card cleartext information time, the identity card cleartext information of this encryption is associated storage with the configuration information of resident identification card.Card Reader
Device, when resident identification card being detected, reads the configuration information of this resident identification card, if this configuration information is not stored in safety
In chip, then the configuration information currently read is saved in the memory space of configuration information, at follow-up this resident identification card of acquisition
During identity card cleartext information, use random key to be encrypted, the identity card cleartext information after encryption is associated with this configuration information
Storage.When the Card Reader of subsequently received host computer instructs, card reader may determine that whether stored current resident in safety chip
The configuration information of identity card, if it has, further judge whether store the encryption associated with this configuration information in safety chip
Identity card cleartext information, if it has, then take out the identity card cleartext information of this encryption from safety chip, and utilize with secret
Key is decrypted, and exports after deciphering.
As the optional embodiment of one of the present embodiment, in card reader, the identity card cleartext information after encryption is stored safe core
After in sheet, in order to ensure the safety of resident identification card information, if card reader is not detected by residential identity in the given time
Card, then the identity card cleartext information after the encryption stored in emptying safety chip.Concrete, card reader is by the identity card after encryption
After cleartext information stores in safety chip, card reader judges whether to detect in the given time resident identification card, works as Card Reader
Body in the case of device is not detected by resident identification card in the given time, after the encryption that card reader stores in emptying safety chip
Part card cleartext information.
As the optional embodiment of one of the present embodiment, in card reader, the identity card cleartext information after encryption is stored safe core
After in sheet, if card reader is not detected by the situation before resident identification card or card reader perform power-off operation in the given time
Under, card reader deletes random key.Concrete, the identity card cleartext information after encryption is stored in safety chip it by card reader
After, card reader judges whether to detect in the given time resident identification card, when card reader is not detected by occupying in the given time
In the case of people's identity card, card reader deletes random key.Certainly, the identity card cleartext information after encryption is stored by card reader
After in safety chip, when card reader performs power-off operation, card reader deletes random key.After deleting random key, even if
This card reader is illegally accessed, and also cannot be decrypted the identity card cleartext information of the encryption of storage in safety chip, thus protect
Demonstrate,prove the safety of resident identification card information, and then make safety chip the identity card cleartext information of encryption can be stored flash memory
(flash) in.
Alternatively, in the present embodiment, the configuration information of resident identification card and the identity card cleartext information of encryption can be with cachings
Mode stores in safety chip, according to the characteristic of caching, under card reader after electricity, automatically empties the information of storage, thus can
To ensure the safety of resident identification card information.
A kind of identity card card reading method provided by the present embodiment, was just read and stored before card reader receives Card Reader instruction
The configuration information of identity card, after receiving Card Reader instruction, card reader need not the configuration information of reading identity card again, only needs
Want the encryption identity card information of storage in reading identity card, save the Card Reader time.It addition, obtained by background server deciphering
Identity card cleartext information is also stored in the safety chip of card reader, when transacting business needs repeatedly the situation of reading identity card information
Under, the identity card cleartext information of encryption can be obtained from safety chip, it is not necessary to background server is repeatedly deciphered, thus enters one
Step decreases the Card Reader time.
Embodiment 2
The schematic flow sheet of the identity card card reading method that Fig. 2 provides for the present embodiment, as in figure 2 it is shown, the body that the present embodiment provides
Part card card reading method mainly includes the following steps that (201-209).
Step 101~104 identical in step 201~204, with embodiment 1, does not repeats them here.
Step 205: card reader receives Card Reader instruction;
Step 206: card reader judges whether store the encryption identity card information corresponding with configuration information in safety chip;
In the present embodiment, after card reader receives Card Reader instruction, it is judged that whether safety chip has stored corresponding with configuration information
Encryption identity card information, when in safety chip storage have the encryption identity card information corresponding with configuration information in the case of, perform
Step 207;In the case of safety chip not having storage have the encryption identity card information corresponding with configuration information, perform step
208。
Step 207: card reader obtains this encryption identity card information from safety chip;
In the present embodiment, during card reader judges safety chip, storage has the situation of the encryption identity card information corresponding with configuration information
Under, card reader obtains the encryption identity card information of the identity card corresponding with this configuration information from safety chip.
Step 208: card reader performs Card Reader flow process, reads the encryption identity card information in the first resident identification card, by read
Encryption identity card information is stored in safety chip, and this encryption identity card information is associated with upper configuration information.
The most in the present embodiment, the configuration information of identity card associates storage, therefore, safety chip with encryption identity card information
In can store configuration information and the encryption identity card information of multiple resident identification cards simultaneously.
In the present embodiment, storage is not had to have the encryption identity card information corresponding with configuration information during card reader judges safety chip
In the case of, card reader needs to perform Card Reader flow process, reads the encryption identity card information of storage, card reader in the first resident identification card
After reading encryption identity card information from the first resident identification card, the encryption identity card information of reading is stored in safety chip.
In the present embodiment, the safety chip in card reader can store multiple configuration information, in adding of card reader reading identity card
After close ID card information, card reader needs to associate the encryption identity card information of reading with the configuration information read in step 202 to deposit
Storage, in order to encryption identity card information can be obtained by configuration information.
Step 209 is identical with the step 106 in embodiment 1, does not repeats them here.
As the optional embodiment of one of the present embodiment, in a step 208, the encryption identity card information of storage in safety chip
Including multiple packets, in step 209, encryption identity card information is sent to background server and includes by card reader: card reader
Multiple packets encryption identity card information included are sent to background server successively.Concrete, card reader reads the first resident
After encryption identity card information in identity card, it is divided into multiple packet to be stored in the safety chip of card reader encryption identity card information
In, after card reader receives Card Reader instruction, multiple packets that encryption identity card information is included by card reader send successively to rear
Station server.By being divided into multiple packet to store encryption identity card information, when facilitating subsequent transmission to make mistakes, carry out Fast retransmission,
Need not retransmit all encryption identity card information.
As the optional embodiment of one of the present embodiment, during the retransmission instructions that station server sends upon receipt, card reader from
Safety chip obtains the packet that retransmission instructions instruction needs to retransmit, by the data packet retransmission of acquisition to background server.Specifically
, when a packet transmission of encryption identity card information makes mistakes to background server, background server sends weight to card reader
Teletype command, and instruction needs the packet retransmitted in retransmission instructions, card reader receives the retransmission instructions that background server sends
After, from safety chip, obtain the packet needing to retransmit of retransmission instructions instruction, and the data packet retransmission obtained is taken to backstage
Business device.Background server needs the packet retransmitted by retransmission instructions instruction card reader, and card reader only need to need the number retransmitted
Retransmit to background server according to bag, save the time of reading identity card.
As the optional embodiment of one of the present embodiment, in card reader, configuration information and encryption identity card information are sent to backstage
After server, in order to ensure resident identification card information security, card reader is not detected by resident identification card in the given time,
The configuration information of the resident identification card stored in emptying safety chip and encryption identity card information.Concrete, card reader is at interval of one
The section time can be sent out card seeking instruction, when described configuration information and encryption identity card information are sent to background server by card reader
Afterwards, card reader is not detected by resident identification card in the given time, illustrates that resident identification card the most can not read in card reader
In the range of, in card reader, encryption identity card information and the configuration information of storage are no longer necessary to, and card reader will empty in safety chip
The configuration information of the resident identification card of storage and encryption identity card information.By detecting resident identification card in the given time and emptying
In safety chip, the information of storage, can save the memory space of safety chip, it is ensured that the safety of resident identification card information.
Alternatively, in the present embodiment, configuration information and the encryption identity card information of resident identification card can be deposited in the way of caching
Store up in safety chip, according to the characteristic of caching, under card reader after electricity, automatically empty the information of storage, thereby may be ensured that
The safety of resident identification card information.
Other unaccomplished matter is same as in Example 1, does not repeats them here.
The identity card card reading method provided by the present embodiment, was just read before card reader receives Card Reader instruction and stores identity
The configuration information of card, after receiving Card Reader instruction, card reader need not the configuration information of reading identity card again, it is only necessary to reads
Take the encryption identity card information of storage in identity card, save the Card Reader time.It addition, the encryption identity card of resident identification card is believed
Breath is divided into multiple packet to be stored in the safety chip of card reader, in order to background server is needed by retransmission instructions instruction card reader
During packet to be retransmitted, card reader only need to further reduce needing the data packet retransmission retransmitted to background server
The time of reading identity card.
Embodiment 3
The schematic flow sheet of the identity card card reading method that Fig. 3 provides for the present embodiment, as it is shown on figure 3, the body that the present embodiment provides
Part card card reading method mainly includes the following steps that (301-309).
Unlike embodiment 2, in order to save memory space, only storage one in the safety chip of card reader in the present embodiment
Open configuration information and the encryption identity card information of resident identification card.
Unlike embodiment 2, in step 304, before card reader is deleted in safety chip storage configuration information and
Encryption identity card information, the more described configuration information read is stored in described safety chip.Concrete, judge in card reader
In the case of safety chip does not has the configuration information read in storing step 302, before first card reader deletes in safety chip
The configuration information of storage and encryption identity card information, and the configuration information read in step 302 is stored in the safe core of card reader
In sheet.
Unlike embodiment 2, in step 308, card reader performs Card Reader flow process, reads in the first resident identification card
Encryption identity card information, the encryption identity card information of reading is stored in safety chip.Concrete, card reader judges safety
In the case of not stored configuration information before in chip, card reader needs to perform Card Reader flow process, reads in the first resident identification card
The encryption identity card information of storage, after card reader reads encryption identity card information from the first resident identification card, the encryption that will read
ID card information is stored in safety chip.Unlike embodiment 2, card reader need not reading in step 302
Configuration information stores with the encryption identity card information association of storage in step 308.
As the optional embodiment of one of the present embodiment, in safety chip, the encryption identity card information of storage can also include multiple
Packet, when encryption identity card information is sent to background server by card reader, multiple data that encryption identity card information is included
Bag is sent to background server successively.By being divided into multiple packet to store encryption identity card information, subsequent transmission is facilitated to make mistakes
Shi Jinhang Fast retransmission, it is not necessary to all encryption identity card information are retransmitted.
As the optional embodiment of one of the present embodiment, during the retransmission instructions that station server sends upon receipt, card reader from
Safety chip obtains the packet that retransmission instructions instruction needs to retransmit, by the data packet retransmission of acquisition to background server.Specifically
, when a packet transmission of encryption identity card information makes mistakes to background server, background server sends weight to card reader
Teletype command, and instruction needs the packet retransmitted in retransmission instructions, card reader receives the retransmission instructions that background server sends
After, from safety chip, obtain the packet needing to retransmit of retransmission instructions instruction, and the data packet retransmission obtained is taken to backstage
Business device.Background server needs the packet retransmitted by retransmission instructions instruction card reader, and card reader only need to need the number retransmitted
Retransmit to background server according to bag, save the time of reading identity card.
In this embodiment it is possible to distribute two memory spaces, i.e. configuration information memory space and crypto identity in safety chip
Card memory space, stores configuration information memory space by the configuration information of same resident identification card, and encryption identity card information is deposited
Storage, to encryption identity card memory space, when resident identification card having been detected, first reads the configuration information of this resident identification card,
If the configuration information of this resident identification card is not stored in safety chip, then empty configuration information memory space and crypto identity
The information of card memory space storage, then the configuration information currently read is stored configuration information memory space, subsequent execution Card Reader
After flow process reads encryption identity card information from resident identification card, encryption identity card information is stored encryption identity card storage sky
Between store.If the configuration information of this resident identification card is stored in safety chip, then receive Card Reader instruction time, directly from
Safety chip encryption identity card memory space obtains encryption identity card information.Adopt in this way, it can be ensured that use before
The safety of resident identification card information, it is to avoid resident identification card information is illegally used.
Alternatively, in the present embodiment, configuration information and the encryption identity card information of resident identification card can be deposited in the way of caching
Store up in safety chip, according to the characteristic of caching, under card reader after electricity, automatically empty the information of storage, thereby may be ensured that
The safety of resident identification card information.
The identity card card reading method provided by the present embodiment, was just read before card reader receives Card Reader instruction and stores identity
The configuration information of card, after receiving Card Reader instruction, card reader need not the configuration information of reading identity card again, it is only necessary to reads
Take the encryption identity card information of storage in identity card, save the Card Reader time.It addition, storage in card reader reading identity card
Before encryption identity card information, it is judged that whether safety chip stores the encryption identity card information corresponding with configuration information, permissible
Avoid repeating to read encryption identity card information from identity card, accelerate card reading speed.It addition, by by encryption identity card information
It is divided into multiple packet, in order to when background server needs, by retransmission instructions instruction card reader, the packet retransmitted, card reader is only
The time of reading identity card need to be further reduced by needing the data packet retransmission retransmitted to background server.It addition, read
Safety chip in card device has only to be provided with configuration information and the storage of encryption identity card information of one resident identification card of storage
Space, while having saved the memory space of safety chip, it is ensured that the safety of resident identification card information.
Embodiment 4
A kind of card reader 40 that Fig. 4 provides for the present embodiment, as shown in Figure 4, this card reader 40 includes: radio-frequency module 401,
Judge module 402, security module 403, receiver module 404, acquisition module 405 and communication module 406, wherein,
Radio-frequency module 401, for receiving the card seeking response instruction that the first resident identification card returns, reads the first resident identification card
Configuration information;Judge module 402, is used for judging whether security module 403 has stored configuration information, is judging security module 403
In do not store configuration information in the case of, trigger security module 403 store configuration information;Security module 403, is used for storing
Configuration information;Receiver module 404, is used for receiving Card Reader instruction;Acquisition module 405, for obtaining storage in resident identification card
Encryption identity card information;Communication module 406, for being sent to background server by configuration information and encryption identity card information.
It should be noted that general card reader is provided with the safety control module of Ministry of Public Security's mandate in order to decipher what card reader read
Encryption identity card information, but the cost being integrated with the safety control module that the Ministry of Public Security authorizes in card reader is high, in the present embodiment,
Card reader 40 is not provided with the safety control module (SAM module) that the Ministry of Public Security authorizes, and safety control module is arranged on far-end, can
To be arranged in background server, it is also possible to be independently arranged, with background server by wired (such as, USB interface etc.) even
Connect, it is also possible to by wireless (such as, WIFI, bluetooth etc.), concrete the present embodiment is not construed as limiting.By by card reader 40 with
SAM module is provided separately, and can share a SAM module with multiple card reader 40, such that it is able to cost-effective.
In a particular application, card reader 40 is sent out card seeking by its radio-frequency module 401 at interval of a period of time and instructs, and first
After resident identification card receives the card seeking instruction that card reader 40 sends, the first resident identification card can send card seeking from trend card reader 40
Response instruction, the radio-frequency module 401 of card reader 40 receives the card seeking response instruction that the first resident identification card returns.Radio-frequency module
401, after receiving the card seeking response instruction that the first resident identification card returns, have identity card, radio frequency in determining current readable range
Module 401 directly reads the configuration information in the first resident identification card.Radio-frequency module 401 reads joining in the first resident identification card
After confidence breath, it is judged that module 402 judges whether to store in the security module 403 of card reader 40 that radio-frequency module 401 reads the
The configuration information of one resident identification card, if not storing the first residential identity that radio-frequency module 401 reads in security module 403
The configuration information of card, triggers security module 403 and stores configuration information.If storage has radio-frequency module 401 in security module 403
The configuration information of the first resident identification card read, after receiver module 404 receives Card Reader instruction, acquisition module 405 obtains
The encryption identity card information of storage in resident identification card;After acquisition module 405 obtains encryption identity card information, communication module 406
Encryption identity card information and configuration information are sent to background server.
In the related, when performing resident identification card and reading flow process, in readable range being detected, there are resident identification card
Time, the information of storage in resident identification card can't be read, and be to wait for Card Reader instruction, after receiving Card Reader instruction, then from
Resident identification card reads configuration information and encryption identity card information.And in the identity card Card Reader scheme that the present embodiment provides, read
Card device 40 detect there are resident identification card in readable range time, just directly read the configuration information of resident identification card, connecing
After receiving Card Reader instruction, only need to obtain the encryption identity card information of storage in resident identification card, without reading configuration information again,
Such that it is able to save the Card Reader time, improve Consumer's Experience.
The optional embodiment of one as the present embodiment, it is judged that module 402, is additionally operable to judge whether deposit in security module 403
Contain the encryption identity card information corresponding with configuration information;Acquisition module 405, is additionally operable to judge safe mould at judge module 402
In the case of storage has encryption identity card information in block 403, from security module 403, obtain encryption identity card information, Yi Ji
In the case of judge module 402 judges not store encryption identity card information in security module 403, read from the first resident identification card
Take encryption identity card information;Security module 403 is additionally operable to be stored in security module 403 the encryption identity card information of reading,
And encryption identity card information is associated with configuration information.Concrete, when security module 403 can store multiple encryption identity card
During information, receiver module 404 receive Card Reader instruction after, it is judged that module 402 judge whether security module 403 has stored with
The encryption identity card information that configuration information is corresponding, in judge module 402 judges security module 403, storage has encryption identity card to believe
In the case of breath, acquisition module 405 obtains encryption identity card information from security module 403.It addition, receiver module 404 connects
After receiving Card Reader instruction, in the case of not having storage to have encryption identity card information in judge module 402 judges security module 403,
Acquisition module 405 reads encryption identity card information from the first resident identification card.After acquisition module 405 obtains encryption identity card information,
The encryption identity card information read is associated storage by security module 403 with configuration information.In present embodiment, acquisition module 405
When in judge module 402 judges security module 403, storage has encryption identity card information, directly obtain from security module 403
Encryption identity card information, has saved the Card Reader time.
As the optional embodiment of one of the present embodiment, as it is shown in figure 5, card reader 40 also includes control module 407, control
Module 407, in the case of not storing configuration information in judge module 402 judges security module 403, deletes safety
The configuration information of storage and encryption identity card information in module 403, then trigger security module 403 and store radio-frequency module 401 and read
Configuration information;Judge module 402, is additionally operable to judge whether to have stored in security module 403 encryption identity card information;Obtain
Module 405, in the case of in judge module 402 judges security module 403, storage has encryption identity card information, from peace
Full module 403 obtains encryption identity card information, in judge module 402 judges security module 403, does not store crypto identity
In the case of card information, read the encryption identity card information of storage in the first resident identification card;Security module 403 is additionally operable to storage
The encryption identity card information that acquisition module 405 reads.Concrete, when arranging a memory space in security module 403, should
Memory space is used for storing encryption identity card information, when a memory space is additionally set for storing configuration information, and card reader 40
In be also provided with control module 407, in judge module 402 judges security module 403, do not store the situation of configuration information
Under, control module 407 deletes configuration information and the encryption identity card information of storage in security module 403, then triggers security module
The configuration information that 403 storage radio-frequency modules 401 read.It addition, after receiver module 404 receives Card Reader instruction, it is judged that module
402 judge whether to have stored in security module 403 encryption identity card information, in judge module 402 judges security module 403
In the case of storage has encryption identity card information, acquisition module 405 obtains encryption identity card information from security module 403;Separately
Outward, after receiver module 404 receives Card Reader instruction, storage is not had to have encryption in judge module 402 judges security module 403
In the case of ID card information, acquisition module 405 reads the encryption body of storage in the first resident identification card by radio-frequency module 401
Part card information is to obtain encryption identity card information.After acquisition module 405 obtains encryption identity card information, by encryption identity card information
It is stored in security module 403.In present embodiment, acquisition module 405 is in judge module 402 judges security module 403
When storage has encryption identity card information, from security module 403, directly obtain encryption identity card information, saved the Card Reader time.
It addition, emptied configuration information and the encryption identity card information of the storage of security module 403 by control module 407, save peace
The memory space of full module 403.
As the optional embodiment of one of the present embodiment, multiple packets of the encryption identity card information of security module 403 storage;
Encryption identity card information is sent to background server by communication module 406 in the following manner: multiple by encryption identity card information
Packet sends successively to background server.Concrete, the encryption identity card information that acquisition module 405 obtains can be divided into multiple
Packet is stored in security module 403, and after receiver module 404 receives Card Reader instruction, communication module 406 is by safe mould
In block 403, multiple packets of encryption identity card information send successively to background server.In the present embodiment, by adding
Close ID card information is divided into multiple packet to store, and carries out Fast retransmission, it is not necessary to by all encryptions when facilitating subsequent transmission to make mistakes
ID card information retransmits.
As the optional embodiment of one of the present embodiment, communication module 406, it is additionally operable to receive the re-transmission that background server sends
Instruction;Acquisition module 405, is additionally operable to from security module 403 obtain the packet that retransmission instructions instruction needs to retransmit;Communication
Module 406, the data packet retransmission being additionally operable to obtain acquisition module 405 is to background server.Concrete, work as encryption identity card
When one packet transmission to background server of information is made mistakes, background server sends retransmission instructions, and at retransmission instructions middle finger
After showing that the packet that needs retransmit, communication module 406 receive the retransmission instructions that background server sends, from security module 403
The packet needing to retransmit of middle acquisition retransmission instructions instruction, and by the data packet retransmission of acquisition to background server.In this enforcement
In mode, background server needs the packet retransmitted by retransmission instructions instruction card reader 40, and card reader 40 only need to be by needs
The data packet retransmission retransmitted, to background server, saves the time of reading identity card.
As the optional embodiment of one of the present embodiment, radio-frequency module 401, it is additionally operable to detect resident identification card;Control module
407, it is also used in radio-frequency module 401 when being not detected by resident identification card in the given time, empties in security module 403 and store
The configuration information of resident identification card and encryption identity card information.Concrete, communication module 406 is by configuration information and crypto identity
After card information is sent to background server, radio-frequency module 401 detects resident identification card in the given time, at radio-frequency module 401
In the case of being not detected by resident identification card in the given time, control module 407 empties the residence of storage in security module 403
The configuration information of people's identity card and encryption identity card information.In the present embodiment, by detecting residential identity in the given time
Demonstrate,prove and empty the information of storage in security module 403, the memory space of safety chip can be saved, it is ensured that resident identification card information
Safety.
As the optional embodiment of one of the present embodiment, security module 403, it is additionally operable to obtain what background server deciphering obtained
Identity card cleartext information, produces a random key, and uses random key to be encrypted identity card cleartext information, Yi Jicun
The identity card cleartext information of storage encryption.Concrete, after configuration information and encryption identity card information are sent to by communication module 406
After station server, background server can interact with SAM module, obtains the identity card cleartext information of deciphering, backstage
This identity card cleartext information is sent to acquisition module 405 by communication module 406 by server, and acquisition module 405 obtains backstage
After the identity card cleartext information that server deciphering obtains, this identity card cleartext information is sent to security module 503, security module
403 produce a random key, use the random key generated that identity card cleartext information is encrypted the identity card obtaining encryption
Cleartext information, then stores the identity card cleartext information of encryption.In the present embodiment, by identity card cleartext information is encrypted
It is stored in security module 403, it is ensured that the safety of identity card cleartext information.
As the optional embodiment of one of the present embodiment, as it is shown in figure 5, card reader 40 also includes deciphering module 410, wherein,
Radio-frequency module 401, is additionally operable to receive the card seeking response instruction that the second resident identification card returns, reads joining of the second resident identification card
Confidence ceases;Whether judge module 402, store the configuration information of current reading in being additionally operable to judge security module 403;Receive
Module 404, for receiving the Card Reader instruction of the terminal being attached thereto;Judge module 402, is additionally operable to receive at receiver module 404
After instructing to Card Reader, in the case of judging the configuration information that security module 403 internal memory contains current reading, it is judged that security module
The identity card cleartext information after encryption whether is stored in 403;Acquisition module 405, is additionally operable to judge safety at judge module 402
In the case of module 403 internal memory contains the identity card cleartext information after encryption, after the encryption stored in obtaining security module 403
Identity card cleartext information;Deciphering module 410, for using random key that the identity card cleartext information after encryption is decrypted,
Identity card cleartext information after output deciphering.Concrete, after security module 403 stores encryption identity card information, radio-frequency module 401
After receiving the card seeking response instruction that the second resident identification card returns, radio-frequency module 401 reads the configuration information of the second resident identification card,
Whether judge module 402 stores the configuration information of current reading in judging security module 403.Receiver module 404 receive with
Connection terminal Card Reader instruction after, it is judged that module 402 judges that security module 403 internal memory contains the configuration information of current reading
In the case of, it is judged that whether module 402 stores the identity card cleartext information after encryption in judging security module 403.Judging
Whether module 402 stores the identity card cleartext information after encryption in judging security module 403 in the case of, acquisition module 405
Identity card cleartext information after the encryption stored in obtaining security module 403.Acquisition module 405 obtains the proof of identification after encryption
After literary composition information, deciphering module 410 uses random key to be decrypted the identity card cleartext information after encryption, after output deciphering
Identity card cleartext information.In the present embodiment, by directly obtaining the identity card cleartext information after encrypting from security module 403,
The time of reading identity card when using same identity card to handle repeatedly business, can be saved.
As the optional embodiment of one of the present embodiment, control module 407, it is additionally operable at radio-frequency module 401 in the scheduled time
When being inside not detected by resident identification card, empty the identity card cleartext information after the encryption of storage in security module 403;And/or,
In the case of radio-frequency module 401 is not detected by resident identification card or before execution power-off operation, delete random key.Concrete,
After security module 403 stores the identity card cleartext information after encryption, it is judged that module 402 judges that whether radio-frequency module 401 is in advance
Resident identification card is detected in fixing time, in the case of radio-frequency module 401 is not detected by resident identification card in the given time,
Identity card cleartext information after the encryption that control module 407 stores in emptying safety chip.It addition, security module 403 storage adds
After identity card cleartext information after close, it is judged that module 402 judges that radio-frequency module 401 detects resident the most in the given time
Identity card, in the case of radio-frequency module 401 is not detected by resident identification card in the given time, card reader 40 is deleted at random
Key.Certainly, after security module 403 stores the identity card cleartext information after encryption, when card reader 40 performs power-off operation,
Control module 407 deletes random key, after control module 407 deletes random key, even if this card reader 40 is illegally accessed,
Also the identity card cleartext information of the encryption of storage in security module 403 cannot be decrypted, thus ensure that resident identification card is believed
The safety of breath, and then the identity card cleartext information of encryption can be stored in flash memory (flash) by security module 403.
Alternatively, in the present embodiment, the configuration information of resident identification card and the identity card cleartext information of encryption can be with cachings
Mode stores in security module 403, according to the characteristic of caching, after 40 times electricity of card reader, automatically empties the information of storage,
Thereby may be ensured that the safety of resident identification card information.
Embodiment 5
Present embodiments provide a kind of identity card card-reading system.
The configuration diagram of the identity card card-reading system that Fig. 6 provides for the present embodiment, as shown in Figure 6, this identity card card-reading system
Including card reader 600 and background server 610.Wherein, card reader 600 can be any embodiment that embodiment 4 provides
Card reader.Background server 600 receives configuration information and the encryption identity card of the first resident identification card that card reader 600 sends
Information.
In an optional embodiment of the present embodiment, background server 600 receives first resident's body that card reader 600 sends
Part card configuration information and encryption identity card information after, can by with SAM module (can be arranged in background server,
Can also be independently arranged) obtain the identity card cleartext information of the first resident identification card, therefore, in this optional embodiment, backstage
Server 610 is additionally operable to obtain the identity card cleartext information of the first resident identification card.Background server 610 gets the first resident
After the identity card cleartext information of identity card, the service can asked according to this identity card cleartext information execution user, such as,
Remotely open an account.
Alternatively, background server 610 is after obtaining the identity card cleartext information of the first resident identification card, it is also possible to by this body
Part card cleartext information is sent to card reader 600.Alternatively, in order to ensure information security, background server 610 can be by identity
It is transmitted further to card reader 600 after card cleartext information encryption.Such as, background server 610 can be held consultation with card reader 600,
Negotiate transmission key, then use this transmission double secret key identity card cleartext information to be encrypted, be then transmitted further to card reader 600.
Any process described otherwise above or method describe and are construed as in flow chart or at this, represent include one or
The module of code, fragment or the part of the executable instruction of the more steps for realizing specific logical function or process, and
The scope of the preferred embodiment of the present invention includes other realization, wherein can not be by order that is shown or that discuss, including root
According to involved function by basic mode simultaneously or in the opposite order, performing function, this should be by embodiments of the invention institute
Belong to those skilled in the art to be understood.
Those skilled in the art are appreciated that it is permissible for realizing all or part of step that above-described embodiment method carries
Instructing relevant hardware by program to complete, described program can be stored in a kind of computer-readable recording medium, this journey
Sequence upon execution, including one or a combination set of the step of embodiment of the method.
In the description of this specification, reference term " embodiment ", " some embodiments ", " example ", " concrete example ",
Or specific features, structure, material or the feature that the description of " some examples " etc. means to combine this embodiment or example describes comprises
In at least one embodiment or example of the present invention.In this manual, the schematic representation to above-mentioned term not necessarily refers to
It is identical embodiment or example.And, the specific features of description, structure, material or feature can at any one or
Multiple embodiments or example combine in an appropriate manner.
Although above it has been shown and described that embodiments of the invention, it is to be understood that above-described embodiment is exemplary,
Being not considered as limiting the invention, those of ordinary skill in the art is in the case of without departing from the principle of the present invention and objective
Above-described embodiment can be changed within the scope of the invention, revise, replace and modification.The scope of the present invention is by appended power
Profit requires and equivalent limits.
Claims (10)
1. an identity card card reading method, it is characterised in that described method includes:
Card reader receives the card seeking response instruction that the first resident identification card returns;
Described card reader reads the configuration information of described first resident identification card;
Described card reader judges whether to have stored in safety chip described configuration information, not storage in judging described safety chip
In the case of described configuration information, described configuration information is stored in described safety chip;
Described card reader receives Card Reader instruction, obtains the encryption identity card information of storage in described resident identification card;
Described configuration information and described encryption identity card information are sent to background server by described card reader.
Method the most according to claim 1, it is characterised in that obtain the encryption identity card of storage in described resident identification card
Information includes:
Described card reader judges whether store the encryption identity card information corresponding with described configuration information in described safety chip;
In the case of in judging described safety chip, storage has described encryption identity card information, described card reader is from safety chip
Obtain described encryption identity card information;
In the case of not storing described encryption identity card information in judging described safety chip, described card reader performs Card Reader stream
Journey, reads the encryption identity card information in described first resident identification card, and the described encryption identity card information read is stored in institute
State in safety chip, and described encryption identity card information is associated with described configuration information.
Method the most according to claim 1, it is characterised in that
In the case of not storing described configuration information in judging described safety chip, described configuration information is stored described peace
Include time in full chip: described card reader deletes configuration information and the encryption identity card information of storage in described safety chip, and will
The described configuration information read stores in described safety chip;
The encryption identity card information of storage in described resident identification card that obtains includes:
Described card reader judges whether to have stored in described safety chip encryption identity card information;
In the case of in judging described safety chip, storage has described encryption identity card information, described card reader is from safety chip
Obtain described encryption identity card information;
In the case of not storing described encryption identity card information in judging described safety chip, described card reader performs Card Reader stream
Journey, reads the encryption identity card information in described first resident identification card, and the described encryption identity card information read is stored in institute
State in safety chip.
4. according to the method described in any one of claims 1 to 3, it is characterised in that in described card reader by described configuration information
After being sent to described background server with described encryption identity card information, described method also includes:
Described card reader obtains described background server and deciphers the identity card cleartext information obtained;
Described card reader produces a random key;
Described card reader uses described random key to be encrypted described identity card cleartext information;
Described identity card cleartext information after encryption is stored in described safety chip by described card reader.
5. a card reader, it is characterised in that described card reader includes:
Radio-frequency module, for receiving the card seeking response instruction that the first resident identification card returns, reads described first resident identification card
Configuration information;
Judge module, is used for judging whether security module has stored described configuration information, does not deposit in judging described security module
In the case of storing up described configuration information, trigger described security module and store described configuration information;
Described security module, is used for storing described configuration information;
Receiver module, is used for receiving Card Reader instruction;
Acquisition module, for obtaining the encryption identity card information of storage in described resident identification card;
Communication module, for being sent to background server by described configuration information and described encryption identity card information.
Card reader the most according to claim 5, it is characterised in that
Described judge module, is additionally operable to judge whether to store in described security module the crypto identity corresponding with described configuration information
Card information;
Described acquisition module, being additionally operable in described judge module judges described security module storage has described encryption identity card information
In the case of, from described security module, obtain described encryption identity card information, and judge described safety at described judge module
In the case of module does not store described encryption identity card information, read described encryption identity card from described first resident identification card
Information;
Described security module is additionally operable to described configuration information, described encryption identity card information is associated storage.
Card reader the most according to claim 5, it is characterised in that described card reader also includes control module;
Described control module, for not storing the situation of described configuration information in described judge module judges described security module
Under, delete configuration information and the encryption identity card information of storage in described security module, then it is described to trigger the storage of described security module
The described configuration information that radio-frequency module reads;
Described judge module, is additionally operable to judge whether to have stored in described security module encryption identity card information;
Described acquisition module, has described encryption identity card information for storage in described judge module judges described security module
In the case of, from described security module, obtain described encryption identity card information, in described judge module judges described security module
In the case of not storing described encryption identity card information, read the encryption identity card information of storage in described first resident identification card;
Described security module is additionally operable to store the described encryption identity card information that described acquisition module reads.
8., according to the card reader described in any one of claim 5 to 7, it is characterised in that described security module, it is additionally operable to obtain
Described background server deciphers the identity card cleartext information obtained, and produces a random key, uses described random key to described
Identity card cleartext information is encrypted, and stores the described identity card cleartext information of encryption.
9. an identity card card-reading system, it is characterised in that including: card reader according to any one of claim 5 to 8,
And background server, wherein,
Described background server, for receiving configuration information and the encryption identity card of the first resident identification card that described card reader sends
Information.
System the most according to claim 9, it is characterised in that
Described background server is additionally operable to obtain the identity card cleartext information of described first resident identification card, and by described identity card
Cleartext information is sent to described card reader.
Priority Applications (1)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
CN201510765384.0A CN106056014B (en) | 2015-11-10 | 2015-11-10 | Identity card card reading method, system and card reader |
Applications Claiming Priority (1)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
CN201510765384.0A CN106056014B (en) | 2015-11-10 | 2015-11-10 | Identity card card reading method, system and card reader |
Publications (2)
Publication Number | Publication Date |
---|---|
CN106056014A true CN106056014A (en) | 2016-10-26 |
CN106056014B CN106056014B (en) | 2019-03-29 |
Family
ID=57179457
Family Applications (1)
Application Number | Title | Priority Date | Filing Date |
---|---|---|---|
CN201510765384.0A Active CN106056014B (en) | 2015-11-10 | 2015-11-10 | Identity card card reading method, system and card reader |
Country Status (1)
Country | Link |
---|---|
CN (1) | CN106056014B (en) |
Cited By (4)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN108734014A (en) * | 2017-04-20 | 2018-11-02 | 深圳兆日科技股份有限公司 | Cryptographic data authentication method and apparatus, code data guard method and device |
CN109101821A (en) * | 2018-06-26 | 2018-12-28 | 上海常仁信息科技有限公司 | A kind of robot ID card information acquisition system and method |
CN111222108A (en) * | 2018-11-27 | 2020-06-02 | 天地融科技股份有限公司 | Cloud identity card implementation method and system |
WO2022252792A1 (en) * | 2021-06-04 | 2022-12-08 | 华为技术有限公司 | Nfc-based data interaction method and device |
Citations (5)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
KR101324476B1 (en) * | 2012-02-28 | 2013-11-01 | 이청종 | Cloud Environment E-DRM System and Service Method thereof |
CN103955733A (en) * | 2014-04-22 | 2014-07-30 | 中国工商银行股份有限公司 | Electronic identity card chip card, card reader and electronic identity card verification system and method |
CN104820814A (en) * | 2015-05-07 | 2015-08-05 | 熊小军 | Second-generation ID card anti-counterfeiting verification system |
CN104966035A (en) * | 2015-05-20 | 2015-10-07 | 李明 | Identity card information acquiring method, device, and system |
JP5798222B2 (en) * | 2007-06-15 | 2015-10-21 | データバンク株式会社 | Vehicle number action instruction device and vehicle number action instruction method |
-
2015
- 2015-11-10 CN CN201510765384.0A patent/CN106056014B/en active Active
Patent Citations (5)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
JP5798222B2 (en) * | 2007-06-15 | 2015-10-21 | データバンク株式会社 | Vehicle number action instruction device and vehicle number action instruction method |
KR101324476B1 (en) * | 2012-02-28 | 2013-11-01 | 이청종 | Cloud Environment E-DRM System and Service Method thereof |
CN103955733A (en) * | 2014-04-22 | 2014-07-30 | 中国工商银行股份有限公司 | Electronic identity card chip card, card reader and electronic identity card verification system and method |
CN104820814A (en) * | 2015-05-07 | 2015-08-05 | 熊小军 | Second-generation ID card anti-counterfeiting verification system |
CN104966035A (en) * | 2015-05-20 | 2015-10-07 | 李明 | Identity card information acquiring method, device, and system |
Cited By (5)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN108734014A (en) * | 2017-04-20 | 2018-11-02 | 深圳兆日科技股份有限公司 | Cryptographic data authentication method and apparatus, code data guard method and device |
CN109101821A (en) * | 2018-06-26 | 2018-12-28 | 上海常仁信息科技有限公司 | A kind of robot ID card information acquisition system and method |
CN111222108A (en) * | 2018-11-27 | 2020-06-02 | 天地融科技股份有限公司 | Cloud identity card implementation method and system |
CN111222108B (en) * | 2018-11-27 | 2022-07-12 | 天地融科技股份有限公司 | Cloud identity card implementation method and system |
WO2022252792A1 (en) * | 2021-06-04 | 2022-12-08 | 华为技术有限公司 | Nfc-based data interaction method and device |
Also Published As
Publication number | Publication date |
---|---|
CN106056014B (en) | 2019-03-29 |
Similar Documents
Publication | Publication Date | Title |
---|---|---|
CN104765999B (en) | Method, terminal and server for processing user resource information | |
US11361319B2 (en) | Service processing method, apparatus, and system | |
CN106156677B (en) | Identity card card reading method and system | |
CN104637131B (en) | A kind of access control system authorization method, device and access control system | |
CN105025486B (en) | Method for connecting network and user equipment | |
CN103501191B (en) | A kind of mobile payment device based on NFC technology and method thereof | |
CN104618117B (en) | The identification authentication system and method for smart card device based on Quick Response Code | |
CN104636777B (en) | ID card information obtains system | |
CN104778773A (en) | System and method for controlling entrance guard by mobile phone | |
CN105144670A (en) | Wireless networking-enabled personal identification system | |
CN106487762A (en) | The recognition methodss of user identity, identification applications client and server | |
CN106027457B (en) | A kind of ID card information transmission method and system | |
CN107018130A (en) | A kind of identity card cloud recognizes Verification System | |
CN110826043A (en) | Digital identity application system and method, identity authentication system and method | |
CN106023366B (en) | Access control system based on two dimensional code | |
CN106056014A (en) | Identity card reading method, identity card reading system and card reader | |
CN103929411A (en) | Information displaying method, terminal, safety server and system | |
CN205845052U (en) | Identity card card-reading system and be not provided with the card reader of SAM module | |
CN104967593A (en) | Identity verification method, apparatus and system | |
CN103107888B (en) | The identity identifying method that the dynamic multi-attribute of facing moving terminal is multi-level | |
CN102223630A (en) | Remote control system and method | |
CN104065681A (en) | Method and system for previewing encryption compression packet in appendix | |
CN106027249B (en) | Identity card card reading method and system | |
CN103259711B (en) | communication information transmission method and system | |
CN105741116A (en) | Fast payment method, apparatus and system |
Legal Events
Date | Code | Title | Description |
---|---|---|---|
C06 | Publication | ||
PB01 | Publication | ||
C10 | Entry into substantive examination | ||
SE01 | Entry into force of request for substantive examination | ||
GR01 | Patent grant | ||
GR01 | Patent grant |