CN106056014A

CN106056014A - Identity card reading method, identity card reading system and card reader

Info

Publication number: CN106056014A
Application number: CN201510765384.0A
Authority: CN
Inventors: 李东声
Original assignee: Tendyron Technology Co Ltd
Current assignee: Tendyron Corp; Tendyron Technology Co Ltd
Priority date: 2015-11-10
Filing date: 2015-11-10
Publication date: 2016-10-26
Anticipated expiration: 2035-11-10
Also published as: CN106056014B

Abstract

The invention provides an identity card reading method, an identity card reading system and a card reader. The identity card reading method comprises the steps that the card reader receives a card searching response instruction returned by a first resident identity card; the card reader reads configuration information of the first resident identity card; the card reader judges whether the configuration information is stored in a security chip or not, and stores the configuration information into the security chip under the condition that the configuration information is judged not to be stored in the security chip; the card reader receives a card reading instruction and reads encrypted identity card information stored in the resident identity card; and the card reader sends the configuration information and the encrypted identity card information to a background server.

Description

Identity card card reading method, system and card reader

Technical field

The present invention relates to a kind of electronic technology field, particularly relate to a kind of identity card card reading method, system and card reader.

Background technology

In existing resident identification card Card Reader flow process, before the flow process performing reading identity card, card seeking flow process to be performed, seeking After resident identification card, then start to perform the flow process of reading identity card.Wherein, card seeking flow process specifically includes that card reader circulates Transmission card seeking instructs, and when resident identification card enters the readable range of card reader, resident identification card detects that what card reader sent seeks Card instruction, returns card seeking response instruction to card reader, after card reader receives card seeking response instruction, determines and residential identity detected Card, card seeking success.After the success of card reader card seeking, user indicates card reader to start reading identity card, and card reader starts and resident Identity card interacts, and reads the information of storage in resident identification card, the Ministry of Public Security safety control module the authorized residence to reading People's identity card is decoded, and obtains ID card information in plain text.In the related, card reader after seeking resident identification card, The information of storage in resident identification card can't be read, but after receiving Card Reader instruction, just read from resident identification card Information.Owing to card reader is interacted with resident identification card by radio frequency, read the time of the information stored in resident identification card relatively Long, Consumer's Experience is the highest.

Summary of the invention

Present invention seek to address that the time of the information stored in above-mentioned reading resident identification card is longer, the problem that Consumer's Experience is the highest.

A kind of identity card card reading method of offer is provided；

Another object of the present invention is to provide a kind of card reader；

Another object of the present invention is to provide a kind of identity card card-reading system.

For reaching above-mentioned purpose, the present invention provides techniques below scheme:

Scheme 1, a kind of identity card card reading method, described method includes: card reader receives seeking of the first resident identification card return Card response instruction；Described card reader reads the configuration information of described first resident identification card；Described card reader judges in safety chip Whether storage has described configuration information, in the case of not storing described configuration information in judging described safety chip, by described Configuration information stores in described safety chip；Described card reader receives Card Reader instruction, obtains in described resident identification card and stores Encryption identity card information；Described configuration information and described encryption identity card information are sent to background server by described card reader.

Scheme 2, according to the method described in scheme 1, the encryption identity card information of storage in described resident identification card that obtains includes: Described card reader judges whether store the encryption identity card information corresponding with described configuration information in described safety chip；Judging In described safety chip storage have described encryption identity card information in the case of, described card reader obtain from safety chip described in add Close ID card information；In the case of not storing described encryption identity card information in judging described safety chip, described card reader Perform Card Reader flow process, read the encryption identity card information in described first resident identification card, the described encryption identity card letter that will read Breath is stored in described safety chip, and described encryption identity card information is associated with described configuration information.

Scheme 3, according to the method described in scheme 1, in judging described safety chip, do not store the situation of described configuration information Under, include when described configuration information is stored in described safety chip: described card reader deletes storage in described safety chip Configuration information and encryption identity card information, and the described configuration information read is stored in described safety chip；Obtain described residence In people's identity card, the encryption identity card information of storage includes: described card reader judges whether to have stored in described safety chip encryption body Part card information；In the case of in judging described safety chip, storage has described encryption identity card information, described card reader is from safety Chip obtains described encryption identity card information；The feelings of described encryption identity card information are not stored in judging described safety chip Under condition, described card reader performs Card Reader flow process, reads the encryption identity card information in described first resident identification card, by read Described encryption identity card information is stored in described safety chip.

Scheme 4, according to the method described in scheme 2 or 3, in described safety chip, the described encryption identity card information of storage includes Multiple packets；Described encryption identity card information is sent to described background server and includes by described card reader: described card reader will The plurality of packet that described encryption identity card information includes is sent to described background server successively.

Scheme 5, according to the method described in scheme 4, described method also includes: receiving described background server send weight During teletype command, described card reader obtains the packet that the instruction of described retransmission instructions needs to retransmit from described safety chip, will obtain Described data packet retransmission give described background server.

Scheme 6, according to the method described in any one of scheme 1 to 5, in described card reader by described configuration information and described encryption After ID card information is sent to described background server, described method also includes: described card reader is not the most examined Measure resident identification card, the configuration information of the resident identification card stored in emptying described safety chip and encryption identity card information.

Scheme 7, according to the method described in any one of scheme 1 to 6, in described card reader by described configuration information and described encryption After ID card information is sent to described background server, described method also includes: described card reader obtains described background server The identity card cleartext information that deciphering obtains；Described card reader produces a random key；Described card reader uses described random key Described identity card cleartext information is encrypted；Described identity card cleartext information after encryption is stored described peace by described card reader In full chip.

Scheme 8, according to the method described in scheme 7, in described card reader, described identity card cleartext information is stored described safety After in chip, described method also includes: described card reader receives the card seeking response instruction that the second resident identification card returns；Institute State card reader and read the configuration information of described second resident identification card；Whether described card reader has stored in judging described safety chip The current described configuration information read；Described card reader receives the Card Reader instruction of the terminal being attached thereto；Judging described safety In the case of chip internal memory contains the described configuration information of current reading, it is judged that after whether storing encryption in described safety chip Described identity card cleartext information；In the case of judging the described identity card cleartext information after described safety chip internal memory contains encryption, Described identity card cleartext information after the encryption stored in obtaining described safety chip；Described card reader uses described random key pair Identity card cleartext information after described encryption is decrypted, the identity card cleartext information after output deciphering.

Scheme 9, according to the method described in scheme 7, in described card reader, the described identity card cleartext information after encryption is stored After in described safety chip, described method also includes: described card reader is not detected by resident identification card in the given time, Identity card cleartext information after the encryption stored in emptying described safety chip；And/or, described card reader does not has in the given time In the case of resident identification card being detected or before described card reader execution power-off operation, the described card reader described random key of deletion.

Scheme 10, a kind of card reader, described card reader includes: radio-frequency module, for receiving seeking of the first resident identification card return Card response instruction, reads the configuration information of described first resident identification card；Judge module, is used for judging whether security module stores There is described configuration information, in the case of not storing described configuration information in judging described security module, trigger described safe mould Block stores described configuration information；Described security module, is used for storing described configuration information；Receiver module, is used for receiving Card Reader and refers to Order；Acquisition module, for obtaining the encryption identity card information of storage in described resident identification card；Communication module, for by described Configuration information and described encryption identity card information are sent to background server.

Scheme 11, according to the card reader described in scheme 10, described judge module, whether be additionally operable to judge in described security module Storage has the encryption identity card information corresponding with described configuration information；Described acquisition module, is additionally operable to judge at described judge module In the case of storage has described encryption identity card information in described security module, from described security module, obtain described crypto identity Card information, and in the case of not storing described encryption identity card information in described judge module judges described security module, Described encryption identity card information is read from described first resident identification card；Described security module is additionally operable to believe described encryption identity card Breath associates storage with described configuration information.

Scheme 12, according to the card reader described in scheme 10, described card reader also includes control module；Described control module, uses In the case of not storing described configuration information in judging described security module at described judge module, delete described security module The configuration information of middle storage and encryption identity card information, then trigger described security module store described radio-frequency module read described in join Confidence ceases；Described judge module, is additionally operable to judge whether to have stored in described security module encryption identity card information；Described acquisition Module, in the case of in described judge module judges described security module, storage has described encryption identity card information, from institute Stating and obtain described encryption identity card information in security module, in described judge module judges described security module, storage is not described In the case of encryption identity card information, read the encryption identity card information of storage in described first resident identification card；Described safe mould Block is additionally operable to store the described encryption identity card information that described acquisition module reads.

Scheme 13, according to the card reader described in scheme 11 or 12, the described encryption identity card information of described security module storage Multiple packets；Described encryption identity card information is sent to described background server by described communication module in the following manner: will Multiple packets of described encryption identity card information send successively to described background server.

Scheme 14, according to the card reader described in scheme 13, described communication module, be additionally operable to receive described background server and send Retransmission instructions；Described acquisition module, is additionally operable to obtain the number that the instruction of described retransmission instructions needs to retransmit from described security module According to bag；Described communication module, the described data packet retransmission being additionally operable to obtain described acquisition module is to described background server.

Scheme 15, according to the card reader described in any one of scheme 10 to 14, described radio-frequency module, be additionally operable to detect residential identity Card；Described control module, is also used in described radio-frequency module when being not detected by resident identification card in the given time, empties described The configuration information of the resident identification card stored in security module and encryption identity card information.

Scheme 16, according to the card reader described in any one of scheme 10 to 15, described security module, be additionally operable to obtain described backstage Server deciphers the identity card cleartext information obtained, and produces a random key, uses described random key to described proof of identification Literary composition information is encrypted, and stores the described identity card cleartext information of encryption.

Scheme 17, according to the card reader described in scheme 16, described card reader also includes deciphering module, wherein, described radio frequency mould Block, is additionally operable to receive the card seeking response instruction that described second resident identification card returns, reads the configuration of described second resident identification card Information；Whether described judge module, store the described configuration information of current reading in being additionally operable to judge described security module；Institute State receiver module, for receiving the Card Reader instruction of the terminal being attached thereto；Described judge module, is additionally operable at described receiver module After receiving the instruction of described Card Reader, in the case of judging the described configuration information that described security module internal memory contains current reading, The described identity card cleartext information after encryption whether is stored in judging described security module；Described acquisition module, is additionally operable in institute State judge module judge described security module internal memory contain encryption after described identity card cleartext information in the case of, obtain described peace Described identity card cleartext information after the encryption stored in full module；Described deciphering module, is used for using described random key to institute State the identity card cleartext information after encryption to be decrypted, the identity card cleartext information after output deciphering.

Scheme 18, according to the card reader described in scheme 16, described control module, be additionally operable at described radio-frequency module in pre-timing In when being not detected by resident identification card, empty the identity card cleartext information after the encryption of storage in described security module；And/or, In the case of described radio-frequency module is not detected by resident identification card or before execution power-off operation, delete described random key.

The technical scheme provided by the present invention, card reader, after seeking resident identification card, i.e. reads from resident identification card and joins Confidence ceases, and after subsequently received Card Reader instructs, only reads encryption identity card information from resident identification card, thus has saved Read the time of configuration information after receiving Card Reader instruction, improve the reading efficiency of identity card, improve Consumer's Experience.

Accompanying drawing explanation

In order to be illustrated more clearly that the technical scheme of the embodiment of the present invention, the required accompanying drawing used in embodiment being described below It is briefly described, it should be apparent that, the accompanying drawing in describing below is only some embodiments of the present invention, for this area From the point of view of those of ordinary skill, on the premise of not paying creative work, it is also possible to obtain other accompanying drawings according to these accompanying drawings.

The schematic flow sheet of a kind of identity card card reading method that Fig. 1 provides for the embodiment of the present invention 1；

The schematic flow sheet of a kind of identity card card reading method that Fig. 2 provides for the embodiment of the present invention 2；

The schematic flow sheet of a kind of identity card card reading method that Fig. 3 provides for the embodiment of the present invention 3；

A kind of card reader structure schematic diagram that Fig. 4 provides for the embodiment of the present invention 4；

The another kind of card reader structure schematic diagram that Fig. 5 provides for the embodiment of the present invention 4；

The configuration diagram of the identity card card-reading system that Fig. 6 provides for the embodiment of the present invention 5.

Detailed description of the invention

Below in conjunction with the accompanying drawing in the embodiment of the present invention, the technical scheme in the embodiment of the present invention is clearly and completely described, Obviously, described embodiment is only a part of embodiment of the present invention rather than whole embodiments.Reality based on the present invention Execute example, the every other embodiment that those of ordinary skill in the art are obtained under not making creative work premise, broadly fall into Protection scope of the present invention.

In describing the invention, it is to be understood that term " " center ", " longitudinally ", " laterally ", " on ", D score, " front ", Orientation or the position relationship of the instruction such as " afterwards ", "left", "right", " vertically ", " level ", " top ", " end ", " interior ", " outward " are base In orientation shown in the drawings or position relationship, it is for only for ease of the description present invention and simplifies description rather than instruction or hint institute The device that refers to or element must have specific orientation, with specific azimuth configuration and operation, therefore it is not intended that to the present invention Restriction.Additionally, term " first ", " second " are only used for describing purpose, and it is not intended that instruction or hint relative importance Or quantity or position.

In describing the invention, it should be noted that unless otherwise clearly defined and limited, term " install ", " being connected ", " connect " and should be interpreted broadly, connect for example, it may be fixing, it is also possible to be to removably connect, or be integrally connected；Permissible It is to be mechanically connected, it is also possible to be electrical connection；Can be to be joined directly together, it is also possible to be indirectly connected to by intermediary, can be two The connection of individual element internal.For the ordinary skill in the art, can understand that above-mentioned term is in the present invention with concrete condition In concrete meaning.

Below in conjunction with accompanying drawing, the embodiment of the present invention is described in further detail.

Embodiment 1

The schematic flow sheet of a kind of identity card card reading method that Fig. 1 provides for the present embodiment, as it is shown in figure 1, the present embodiment provides Identity card card reading method mainly include the following steps that (101-106).

Step 101: card reader receives the card seeking response instruction that the first resident identification card returns；

In the present embodiment, card reader is sent out card seeking by its radio-frequency module at interval of a period of time and instructs, first resident's body After part card receives the card seeking instruction that card reader sends, the first resident identification card can send card seeking from trend card reader and respond instruction, reads Card device receives the card seeking response instruction that the first resident identification card returns.The card seeking that card reader is returned by the first resident identification card responds Instruction sets up communication connection with the first resident identification card.

It should be noted that general card reader is provided with the safety control module of Ministry of Public Security's mandate in order to decipher what card reader read Encryption identity card information, but the cost being integrated with the safety control module that the Ministry of Public Security authorizes in card reader is high, in the present embodiment, Card reader is not provided with the safety control module (SAM module) that the Ministry of Public Security authorizes, and safety control module is arranged on far-end, permissible It is arranged in background server, it is also possible to be independently arranged, is connected by wired (such as, USB interface etc.) with background server, Can also be by wireless (such as, WIFI, bluetooth etc.), concrete the present embodiment is not construed as limiting.By by card reader and SAM mould Block is provided separately, and can share a SAM module with multiple card reader, such that it is able to cost-effective.

Step 102: card reader reads the configuration information of the first resident identification card；

In the present embodiment, card reader, after receiving the card seeking response instruction that the first resident identification card returns, determines the most readable In the range of have identity card, then directly read the configuration information in the first resident identification card.

In actual applications, in the first resident identification card, the information of storage includes the configuration information of the identity card with clear-text way storage With the encryption identity card information stored with encrypted test mode.Wherein, the configuration information of identity card, refer to the configuration parameter of identity card, The serial number of such as identity card, for indicating the application data of relevant information of application, the host-host protocol (example arranged in identity card As, transport protocol type, bit digit rate, maximum frame size) etc., card reader can be with this configuration information of Direct Recognition, it is not necessary to The safety control module that the Ministry of Public Security authorizes is decrypted.Encryption identity card information, refers to the identity card with ciphertext storage in identity card, The information such as such as identification card number, name, sex, address and photo, this encryption identity card information is only authorized by the Ministry of Public Security After safety control module is decrypted, the cleartext information of this identity card could be obtained.The safety control module that the Ministry of Public Security authorizes is solving During close encryption identity card information, need could be deciphered by configuration information, therefore, when reading identity card, need identity card The configuration information of middle storage and encryption identity card information are both provided to the safety control module that the Ministry of Public Security authorizes.In the present embodiment, Regardless of whether receive Card Reader instruction, as long as card reader there are resident identification card and (i.e. receives resident in readable range being detected The card seeking response instruction that identity card returns), then read the configuration information of this resident identification card.

Step 103: card reader judges whether to have stored in safety chip described configuration information；

In the present embodiment, after card reader reads the configuration information in the first resident identification card, card reader judges the safety of card reader Whether chip stores the configuration information of the first resident identification card that card reader reads in 102 in steps, has step without storage The configuration information read in rapid 102, performs step 104；If it addition, the configuration information that storage is read in 102 in steps, The most directly perform step 105.

Step 104: configuration information is stored in safety chip；

In the present embodiment, in the case of card reader judges not have in safety chip the configuration information that storage is read in 102 in steps, The configuration information read in step 102 is stored in safety chip by card reader.

Step 105: card reader receives Card Reader instruction, obtains the encryption identity card information of storage in resident identification card；

In the present embodiment, step 103 receives with card reader the step that Card Reader instruction is two not free sequencings, In actual applications, card reader is probably when performing step 103 and receives Card Reader instruction, it is also possible to be to perform step 103 Receive Card Reader instruction afterwards, it is also possible to performing step 103 again after receiving Card Reader instruction, concrete the present embodiment does not limits Fixed.

In the present embodiment, Card Reader instruction is the instruction for reading identity card information, and card reader can pass through terminal (such as computer Or mobile phone etc.) receive Card Reader instruction, it is possible to obtaining Card Reader by card reader self instructs, and card reader obtains the mode of Card Reader instruction The present embodiment does not limit, as long as card reader can receive Card Reader instruction the most within the scope of the present invention.Card reader The encryption identity card information of storage in identity card is obtained by the Card Reader instruction received.

In an optional embodiment of the embodiment of the present invention, in the case of in safety chip, storage has encryption identity card information, Card reader can obtain encryption identity card information from safety chip, or, card reader can also be directly from the first resident identification card Middle reading encryption identity card information, specifically can refer to the description in embodiment 2.

Step 106: configuration information and encryption identity card information are sent to background server by card reader.

In the present embodiment, card reader obtains in resident identification card after the encryption identity card information of storage, and card reader is by configuration information And encryption identity card information is sent to background server.Concrete, card reader can pass through terminal (such as computer or mobile phone etc.) and Background server is set up and is connected and communication, it is also possible to (such as bluetooth, infrared or NFC near-field communication etc.) are straight wirelessly Connect to set up with background server and be connected and communication.

In the related, when performing resident identification card and reading flow process, in readable range being detected, there are resident identification card Time, the information of storage in resident identification card can't be read, and be to wait for Card Reader instruction, after receiving Card Reader instruction, then from Resident identification card reads configuration information and encryption identity card information.And in the identity card Card Reader scheme that the present embodiment provides, read Card device detect there are resident identification card in readable range time, just directly read the configuration information of resident identification card, receive After instructing to Card Reader, only need to obtain the encryption identity card information of storage in resident identification card, without reading configuration information again, Such that it is able to save the Card Reader time, improve Consumer's Experience.

As the optional embodiment of one of the present embodiment, in card reader, configuration information and encryption identity card information are sent to backstage After server, background server can interact with SAM module, obtains the identity card cleartext information of deciphering, and backstage takes This identity card cleartext information is sent to card reader by business device.Alternatively, in order to ensure the transmission safety of identity card cleartext information, after Station server can send after being encrypted identity card cleartext information, and such as, background server can use to be consulted with card reader Transmission key be encrypted, or, background server can also utilize its private key to be encrypted.Therefore, in this optional enforcement In mode, after configuration information and encryption identity card information are sent to background server by card reader, the method can also include: Card reader obtains background server and deciphers the identity card cleartext information obtained, and card reader produces a random key；Card reader uses Identity card cleartext information is encrypted by random key, and the identity card cleartext information after encryption is stored in safety chip by card reader. By the identity card cleartext information of encryption is stored in safety chip, can in the case of needs repeatedly reading identity card information, From safety chip, directly obtain the identity card cleartext information of encryption, it is not necessary to by background server and SAM module the most again Encryption identity card information is decrypted, in order to save the time of secondary Card Reader, and, by using random key to identity card Cleartext information is encrypted, it is ensured that the safety of identity card cleartext information.

As the optional embodiment of one of the present embodiment, in card reader, identity card cleartext information is stored in described safety chip Afterwards, card reader receives the card seeking response instruction that the second resident identification card returns, and card reader reads joining of the second resident identification card Confidence ceases, whether card reader stores the configuration information currently read in judging safety chip, and card reader receives and is attached thereto The Card Reader instruction of terminal (such as, the PC of bank front end), is judging that safety chip internal memory contains the configuration letter of current reading In the case of breath, it is judged that whether store the identity card cleartext information after encryption in safety chip, store in judging safety chip In the case of having the identity card cleartext information after encryption, the described identity card cleartext information after the encryption stored in obtaining safety chip, Card reader uses random key to be decrypted the identity card cleartext information after encryption, the identity card cleartext information after output deciphering. Such as, the identity card cleartext information after deciphering can be sent to terminal by card reader, it is also possible to directly display the identity card after deciphering Cleartext information.

Concrete, in the case of the second resident identification card and the first resident identification card are same identity card, card reader reads second The configuration information of resident identification card, and judge that in safety chip, storage has the configuration information of current reading, card reader receives Card Reader and refers to After order, it is judged that whether store the identity card cleartext information after encryption in safety chip, judging that safety chip internal memory contains encryption After identity card cleartext information in the case of, card reader obtains the described identity card cleartext information in safety chip after the encryption of storage, Finally, card reader uses random key to be decrypted the identity card cleartext information after encryption, and the identity card after output deciphering is in plain text Information.It addition, in the case of the second resident identification card and the first resident identification card are different identity card, card reader reads second The configuration information of resident identification card, and judge not have in safety chip storage to have the configuration information of current reading, card reader performs the The Card Reader flow process of two resident identification cards, reads the Card Reader flow process of the second resident identification card and the Card Reader stream reading the first resident identification card Cheng Xiangtong, does not repeats them here.Judge whether it is secondary Card Reader by configuration information, and judging that storage has and configuration information During corresponding identity card cleartext information, from safety chip, directly obtain the identity card cleartext information of encryption, saved secondary Card Reader Time.

In the present embodiment, safety chip can only store the identity card cleartext information of the encryption of an identity card, for example, it is possible to Arranging a memory space in safety chip, this memory space is used for storing the identity card cleartext information of encryption, it can in addition contain One memory space is set for storing configuration information.Card reader, when resident identification card being detected, reads this resident identification card Configuration information, if this configuration information is not stored in safety chip, then empties the memory space of configuration information in safety chip And the information of storage in the memory space of the identity card cleartext information of encryption, then the configuration information currently read is saved in configuration letter The memory space of breath, thereby may be ensured that in safety chip, the configuration information of storage belongs to same with the identity card cleartext information of encryption Identity card.In identity card Card Reader flow process continuous after execution, decipher, getting background server, the identity card cleartext information obtained After, re-using random key and this identity card cleartext information is encrypted, the storage of the identity card cleartext information being then saved in encryption is empty Between.When receiving the Card Reader instruction that host computer (such as, the PC of bank front end) sends, card reader may determine that currently The configuration information that the configuration information of resident identification card stores with safety chip is the most consistent, if unanimously, then and adding from safety chip The memory space of close identity card cleartext information takes out the identity card cleartext information of encryption, and utilizes random key to be decrypted, Export after deciphering.

Certainly, safety chip can also store the identity card cleartext information of the encryption of multiple identity card, such as, in storage encryption Identity card cleartext information time, the identity card cleartext information of this encryption is associated storage with the configuration information of resident identification card.Card Reader Device, when resident identification card being detected, reads the configuration information of this resident identification card, if this configuration information is not stored in safety In chip, then the configuration information currently read is saved in the memory space of configuration information, at follow-up this resident identification card of acquisition During identity card cleartext information, use random key to be encrypted, the identity card cleartext information after encryption is associated with this configuration information Storage.When the Card Reader of subsequently received host computer instructs, card reader may determine that whether stored current resident in safety chip The configuration information of identity card, if it has, further judge whether store the encryption associated with this configuration information in safety chip Identity card cleartext information, if it has, then take out the identity card cleartext information of this encryption from safety chip, and utilize with secret Key is decrypted, and exports after deciphering.

As the optional embodiment of one of the present embodiment, in card reader, the identity card cleartext information after encryption is stored safe core After in sheet, in order to ensure the safety of resident identification card information, if card reader is not detected by residential identity in the given time Card, then the identity card cleartext information after the encryption stored in emptying safety chip.Concrete, card reader is by the identity card after encryption After cleartext information stores in safety chip, card reader judges whether to detect in the given time resident identification card, works as Card Reader Body in the case of device is not detected by resident identification card in the given time, after the encryption that card reader stores in emptying safety chip Part card cleartext information.

As the optional embodiment of one of the present embodiment, in card reader, the identity card cleartext information after encryption is stored safe core After in sheet, if card reader is not detected by the situation before resident identification card or card reader perform power-off operation in the given time Under, card reader deletes random key.Concrete, the identity card cleartext information after encryption is stored in safety chip it by card reader After, card reader judges whether to detect in the given time resident identification card, when card reader is not detected by occupying in the given time In the case of people's identity card, card reader deletes random key.Certainly, the identity card cleartext information after encryption is stored by card reader After in safety chip, when card reader performs power-off operation, card reader deletes random key.After deleting random key, even if This card reader is illegally accessed, and also cannot be decrypted the identity card cleartext information of the encryption of storage in safety chip, thus protect Demonstrate,prove the safety of resident identification card information, and then make safety chip the identity card cleartext information of encryption can be stored flash memory (flash) in.

Alternatively, in the present embodiment, the configuration information of resident identification card and the identity card cleartext information of encryption can be with cachings Mode stores in safety chip, according to the characteristic of caching, under card reader after electricity, automatically empties the information of storage, thus can To ensure the safety of resident identification card information.

A kind of identity card card reading method provided by the present embodiment, was just read and stored before card reader receives Card Reader instruction The configuration information of identity card, after receiving Card Reader instruction, card reader need not the configuration information of reading identity card again, only needs Want the encryption identity card information of storage in reading identity card, save the Card Reader time.It addition, obtained by background server deciphering Identity card cleartext information is also stored in the safety chip of card reader, when transacting business needs repeatedly the situation of reading identity card information Under, the identity card cleartext information of encryption can be obtained from safety chip, it is not necessary to background server is repeatedly deciphered, thus enters one Step decreases the Card Reader time.

Embodiment 2

The schematic flow sheet of the identity card card reading method that Fig. 2 provides for the present embodiment, as in figure 2 it is shown, the body that the present embodiment provides Part card card reading method mainly includes the following steps that (201-209).

Step 101～104 identical in step 201～204, with embodiment 1, does not repeats them here.

Step 205: card reader receives Card Reader instruction；

Step 206: card reader judges whether store the encryption identity card information corresponding with configuration information in safety chip；

In the present embodiment, after card reader receives Card Reader instruction, it is judged that whether safety chip has stored corresponding with configuration information Encryption identity card information, when in safety chip storage have the encryption identity card information corresponding with configuration information in the case of, perform Step 207；In the case of safety chip not having storage have the encryption identity card information corresponding with configuration information, perform step 208。

Step 207: card reader obtains this encryption identity card information from safety chip；

In the present embodiment, during card reader judges safety chip, storage has the situation of the encryption identity card information corresponding with configuration information Under, card reader obtains the encryption identity card information of the identity card corresponding with this configuration information from safety chip.

Step 208: card reader performs Card Reader flow process, reads the encryption identity card information in the first resident identification card, by read Encryption identity card information is stored in safety chip, and this encryption identity card information is associated with upper configuration information.

The most in the present embodiment, the configuration information of identity card associates storage, therefore, safety chip with encryption identity card information In can store configuration information and the encryption identity card information of multiple resident identification cards simultaneously.

In the present embodiment, storage is not had to have the encryption identity card information corresponding with configuration information during card reader judges safety chip In the case of, card reader needs to perform Card Reader flow process, reads the encryption identity card information of storage, card reader in the first resident identification card After reading encryption identity card information from the first resident identification card, the encryption identity card information of reading is stored in safety chip.

In the present embodiment, the safety chip in card reader can store multiple configuration information, in adding of card reader reading identity card After close ID card information, card reader needs to associate the encryption identity card information of reading with the configuration information read in step 202 to deposit Storage, in order to encryption identity card information can be obtained by configuration information.

Step 209 is identical with the step 106 in embodiment 1, does not repeats them here.

As the optional embodiment of one of the present embodiment, in a step 208, the encryption identity card information of storage in safety chip Including multiple packets, in step 209, encryption identity card information is sent to background server and includes by card reader: card reader Multiple packets encryption identity card information included are sent to background server successively.Concrete, card reader reads the first resident After encryption identity card information in identity card, it is divided into multiple packet to be stored in the safety chip of card reader encryption identity card information In, after card reader receives Card Reader instruction, multiple packets that encryption identity card information is included by card reader send successively to rear Station server.By being divided into multiple packet to store encryption identity card information, when facilitating subsequent transmission to make mistakes, carry out Fast retransmission, Need not retransmit all encryption identity card information.

As the optional embodiment of one of the present embodiment, during the retransmission instructions that station server sends upon receipt, card reader from Safety chip obtains the packet that retransmission instructions instruction needs to retransmit, by the data packet retransmission of acquisition to background server.Specifically , when a packet transmission of encryption identity card information makes mistakes to background server, background server sends weight to card reader Teletype command, and instruction needs the packet retransmitted in retransmission instructions, card reader receives the retransmission instructions that background server sends After, from safety chip, obtain the packet needing to retransmit of retransmission instructions instruction, and the data packet retransmission obtained is taken to backstage Business device.Background server needs the packet retransmitted by retransmission instructions instruction card reader, and card reader only need to need the number retransmitted Retransmit to background server according to bag, save the time of reading identity card.

As the optional embodiment of one of the present embodiment, in card reader, configuration information and encryption identity card information are sent to backstage After server, in order to ensure resident identification card information security, card reader is not detected by resident identification card in the given time, The configuration information of the resident identification card stored in emptying safety chip and encryption identity card information.Concrete, card reader is at interval of one The section time can be sent out card seeking instruction, when described configuration information and encryption identity card information are sent to background server by card reader Afterwards, card reader is not detected by resident identification card in the given time, illustrates that resident identification card the most can not read in card reader In the range of, in card reader, encryption identity card information and the configuration information of storage are no longer necessary to, and card reader will empty in safety chip The configuration information of the resident identification card of storage and encryption identity card information.By detecting resident identification card in the given time and emptying In safety chip, the information of storage, can save the memory space of safety chip, it is ensured that the safety of resident identification card information.

Alternatively, in the present embodiment, configuration information and the encryption identity card information of resident identification card can be deposited in the way of caching Store up in safety chip, according to the characteristic of caching, under card reader after electricity, automatically empty the information of storage, thereby may be ensured that The safety of resident identification card information.

Other unaccomplished matter is same as in Example 1, does not repeats them here.

The identity card card reading method provided by the present embodiment, was just read before card reader receives Card Reader instruction and stores identity The configuration information of card, after receiving Card Reader instruction, card reader need not the configuration information of reading identity card again, it is only necessary to reads Take the encryption identity card information of storage in identity card, save the Card Reader time.It addition, the encryption identity card of resident identification card is believed Breath is divided into multiple packet to be stored in the safety chip of card reader, in order to background server is needed by retransmission instructions instruction card reader During packet to be retransmitted, card reader only need to further reduce needing the data packet retransmission retransmitted to background server The time of reading identity card.

Embodiment 3

The schematic flow sheet of the identity card card reading method that Fig. 3 provides for the present embodiment, as it is shown on figure 3, the body that the present embodiment provides Part card card reading method mainly includes the following steps that (301-309).

Unlike embodiment 2, in order to save memory space, only storage one in the safety chip of card reader in the present embodiment Open configuration information and the encryption identity card information of resident identification card.

Unlike embodiment 2, in step 304, before card reader is deleted in safety chip storage configuration information and Encryption identity card information, the more described configuration information read is stored in described safety chip.Concrete, judge in card reader In the case of safety chip does not has the configuration information read in storing step 302, before first card reader deletes in safety chip The configuration information of storage and encryption identity card information, and the configuration information read in step 302 is stored in the safe core of card reader In sheet.

Unlike embodiment 2, in step 308, card reader performs Card Reader flow process, reads in the first resident identification card Encryption identity card information, the encryption identity card information of reading is stored in safety chip.Concrete, card reader judges safety In the case of not stored configuration information before in chip, card reader needs to perform Card Reader flow process, reads in the first resident identification card The encryption identity card information of storage, after card reader reads encryption identity card information from the first resident identification card, the encryption that will read ID card information is stored in safety chip.Unlike embodiment 2, card reader need not reading in step 302 Configuration information stores with the encryption identity card information association of storage in step 308.

As the optional embodiment of one of the present embodiment, in safety chip, the encryption identity card information of storage can also include multiple Packet, when encryption identity card information is sent to background server by card reader, multiple data that encryption identity card information is included Bag is sent to background server successively.By being divided into multiple packet to store encryption identity card information, subsequent transmission is facilitated to make mistakes Shi Jinhang Fast retransmission, it is not necessary to all encryption identity card information are retransmitted.

In this embodiment it is possible to distribute two memory spaces, i.e. configuration information memory space and crypto identity in safety chip Card memory space, stores configuration information memory space by the configuration information of same resident identification card, and encryption identity card information is deposited Storage, to encryption identity card memory space, when resident identification card having been detected, first reads the configuration information of this resident identification card, If the configuration information of this resident identification card is not stored in safety chip, then empty configuration information memory space and crypto identity The information of card memory space storage, then the configuration information currently read is stored configuration information memory space, subsequent execution Card Reader After flow process reads encryption identity card information from resident identification card, encryption identity card information is stored encryption identity card storage sky Between store.If the configuration information of this resident identification card is stored in safety chip, then receive Card Reader instruction time, directly from Safety chip encryption identity card memory space obtains encryption identity card information.Adopt in this way, it can be ensured that use before The safety of resident identification card information, it is to avoid resident identification card information is illegally used.

The identity card card reading method provided by the present embodiment, was just read before card reader receives Card Reader instruction and stores identity The configuration information of card, after receiving Card Reader instruction, card reader need not the configuration information of reading identity card again, it is only necessary to reads Take the encryption identity card information of storage in identity card, save the Card Reader time.It addition, storage in card reader reading identity card Before encryption identity card information, it is judged that whether safety chip stores the encryption identity card information corresponding with configuration information, permissible Avoid repeating to read encryption identity card information from identity card, accelerate card reading speed.It addition, by by encryption identity card information It is divided into multiple packet, in order to when background server needs, by retransmission instructions instruction card reader, the packet retransmitted, card reader is only The time of reading identity card need to be further reduced by needing the data packet retransmission retransmitted to background server.It addition, read Safety chip in card device has only to be provided with configuration information and the storage of encryption identity card information of one resident identification card of storage Space, while having saved the memory space of safety chip, it is ensured that the safety of resident identification card information.

Embodiment 4

A kind of card reader 40 that Fig. 4 provides for the present embodiment, as shown in Figure 4, this card reader 40 includes: radio-frequency module 401, Judge module 402, security module 403, receiver module 404, acquisition module 405 and communication module 406, wherein,

Radio-frequency module 401, for receiving the card seeking response instruction that the first resident identification card returns, reads the first resident identification card Configuration information；Judge module 402, is used for judging whether security module 403 has stored configuration information, is judging security module 403 In do not store configuration information in the case of, trigger security module 403 store configuration information；Security module 403, is used for storing Configuration information；Receiver module 404, is used for receiving Card Reader instruction；Acquisition module 405, for obtaining storage in resident identification card Encryption identity card information；Communication module 406, for being sent to background server by configuration information and encryption identity card information.

It should be noted that general card reader is provided with the safety control module of Ministry of Public Security's mandate in order to decipher what card reader read Encryption identity card information, but the cost being integrated with the safety control module that the Ministry of Public Security authorizes in card reader is high, in the present embodiment, Card reader 40 is not provided with the safety control module (SAM module) that the Ministry of Public Security authorizes, and safety control module is arranged on far-end, can To be arranged in background server, it is also possible to be independently arranged, with background server by wired (such as, USB interface etc.) even Connect, it is also possible to by wireless (such as, WIFI, bluetooth etc.), concrete the present embodiment is not construed as limiting.By by card reader 40 with SAM module is provided separately, and can share a SAM module with multiple card reader 40, such that it is able to cost-effective.

In a particular application, card reader 40 is sent out card seeking by its radio-frequency module 401 at interval of a period of time and instructs, and first After resident identification card receives the card seeking instruction that card reader 40 sends, the first resident identification card can send card seeking from trend card reader 40 Response instruction, the radio-frequency module 401 of card reader 40 receives the card seeking response instruction that the first resident identification card returns.Radio-frequency module 401, after receiving the card seeking response instruction that the first resident identification card returns, have identity card, radio frequency in determining current readable range Module 401 directly reads the configuration information in the first resident identification card.Radio-frequency module 401 reads joining in the first resident identification card After confidence breath, it is judged that module 402 judges whether to store in the security module 403 of card reader 40 that radio-frequency module 401 reads the The configuration information of one resident identification card, if not storing the first residential identity that radio-frequency module 401 reads in security module 403 The configuration information of card, triggers security module 403 and stores configuration information.If storage has radio-frequency module 401 in security module 403 The configuration information of the first resident identification card read, after receiver module 404 receives Card Reader instruction, acquisition module 405 obtains The encryption identity card information of storage in resident identification card；After acquisition module 405 obtains encryption identity card information, communication module 406 Encryption identity card information and configuration information are sent to background server.

In the related, when performing resident identification card and reading flow process, in readable range being detected, there are resident identification card Time, the information of storage in resident identification card can't be read, and be to wait for Card Reader instruction, after receiving Card Reader instruction, then from Resident identification card reads configuration information and encryption identity card information.And in the identity card Card Reader scheme that the present embodiment provides, read Card device 40 detect there are resident identification card in readable range time, just directly read the configuration information of resident identification card, connecing After receiving Card Reader instruction, only need to obtain the encryption identity card information of storage in resident identification card, without reading configuration information again, Such that it is able to save the Card Reader time, improve Consumer's Experience.

The optional embodiment of one as the present embodiment, it is judged that module 402, is additionally operable to judge whether deposit in security module 403 Contain the encryption identity card information corresponding with configuration information；Acquisition module 405, is additionally operable to judge safe mould at judge module 402 In the case of storage has encryption identity card information in block 403, from security module 403, obtain encryption identity card information, Yi Ji In the case of judge module 402 judges not store encryption identity card information in security module 403, read from the first resident identification card Take encryption identity card information；Security module 403 is additionally operable to be stored in security module 403 the encryption identity card information of reading, And encryption identity card information is associated with configuration information.Concrete, when security module 403 can store multiple encryption identity card During information, receiver module 404 receive Card Reader instruction after, it is judged that module 402 judge whether security module 403 has stored with The encryption identity card information that configuration information is corresponding, in judge module 402 judges security module 403, storage has encryption identity card to believe In the case of breath, acquisition module 405 obtains encryption identity card information from security module 403.It addition, receiver module 404 connects After receiving Card Reader instruction, in the case of not having storage to have encryption identity card information in judge module 402 judges security module 403, Acquisition module 405 reads encryption identity card information from the first resident identification card.After acquisition module 405 obtains encryption identity card information, The encryption identity card information read is associated storage by security module 403 with configuration information.In present embodiment, acquisition module 405 When in judge module 402 judges security module 403, storage has encryption identity card information, directly obtain from security module 403 Encryption identity card information, has saved the Card Reader time.

As the optional embodiment of one of the present embodiment, as it is shown in figure 5, card reader 40 also includes control module 407, control Module 407, in the case of not storing configuration information in judge module 402 judges security module 403, deletes safety The configuration information of storage and encryption identity card information in module 403, then trigger security module 403 and store radio-frequency module 401 and read Configuration information；Judge module 402, is additionally operable to judge whether to have stored in security module 403 encryption identity card information；Obtain Module 405, in the case of in judge module 402 judges security module 403, storage has encryption identity card information, from peace Full module 403 obtains encryption identity card information, in judge module 402 judges security module 403, does not store crypto identity In the case of card information, read the encryption identity card information of storage in the first resident identification card；Security module 403 is additionally operable to storage The encryption identity card information that acquisition module 405 reads.Concrete, when arranging a memory space in security module 403, should Memory space is used for storing encryption identity card information, when a memory space is additionally set for storing configuration information, and card reader 40 In be also provided with control module 407, in judge module 402 judges security module 403, do not store the situation of configuration information Under, control module 407 deletes configuration information and the encryption identity card information of storage in security module 403, then triggers security module The configuration information that 403 storage radio-frequency modules 401 read.It addition, after receiver module 404 receives Card Reader instruction, it is judged that module 402 judge whether to have stored in security module 403 encryption identity card information, in judge module 402 judges security module 403 In the case of storage has encryption identity card information, acquisition module 405 obtains encryption identity card information from security module 403；Separately Outward, after receiver module 404 receives Card Reader instruction, storage is not had to have encryption in judge module 402 judges security module 403 In the case of ID card information, acquisition module 405 reads the encryption body of storage in the first resident identification card by radio-frequency module 401 Part card information is to obtain encryption identity card information.After acquisition module 405 obtains encryption identity card information, by encryption identity card information It is stored in security module 403.In present embodiment, acquisition module 405 is in judge module 402 judges security module 403 When storage has encryption identity card information, from security module 403, directly obtain encryption identity card information, saved the Card Reader time. It addition, emptied configuration information and the encryption identity card information of the storage of security module 403 by control module 407, save peace The memory space of full module 403.

As the optional embodiment of one of the present embodiment, multiple packets of the encryption identity card information of security module 403 storage； Encryption identity card information is sent to background server by communication module 406 in the following manner: multiple by encryption identity card information Packet sends successively to background server.Concrete, the encryption identity card information that acquisition module 405 obtains can be divided into multiple Packet is stored in security module 403, and after receiver module 404 receives Card Reader instruction, communication module 406 is by safe mould In block 403, multiple packets of encryption identity card information send successively to background server.In the present embodiment, by adding Close ID card information is divided into multiple packet to store, and carries out Fast retransmission, it is not necessary to by all encryptions when facilitating subsequent transmission to make mistakes ID card information retransmits.

As the optional embodiment of one of the present embodiment, communication module 406, it is additionally operable to receive the re-transmission that background server sends Instruction；Acquisition module 405, is additionally operable to from security module 403 obtain the packet that retransmission instructions instruction needs to retransmit；Communication Module 406, the data packet retransmission being additionally operable to obtain acquisition module 405 is to background server.Concrete, work as encryption identity card When one packet transmission to background server of information is made mistakes, background server sends retransmission instructions, and at retransmission instructions middle finger After showing that the packet that needs retransmit, communication module 406 receive the retransmission instructions that background server sends, from security module 403 The packet needing to retransmit of middle acquisition retransmission instructions instruction, and by the data packet retransmission of acquisition to background server.In this enforcement In mode, background server needs the packet retransmitted by retransmission instructions instruction card reader 40, and card reader 40 only need to be by needs The data packet retransmission retransmitted, to background server, saves the time of reading identity card.

As the optional embodiment of one of the present embodiment, radio-frequency module 401, it is additionally operable to detect resident identification card；Control module 407, it is also used in radio-frequency module 401 when being not detected by resident identification card in the given time, empties in security module 403 and store The configuration information of resident identification card and encryption identity card information.Concrete, communication module 406 is by configuration information and crypto identity After card information is sent to background server, radio-frequency module 401 detects resident identification card in the given time, at radio-frequency module 401 In the case of being not detected by resident identification card in the given time, control module 407 empties the residence of storage in security module 403 The configuration information of people's identity card and encryption identity card information.In the present embodiment, by detecting residential identity in the given time Demonstrate,prove and empty the information of storage in security module 403, the memory space of safety chip can be saved, it is ensured that resident identification card information Safety.

As the optional embodiment of one of the present embodiment, security module 403, it is additionally operable to obtain what background server deciphering obtained Identity card cleartext information, produces a random key, and uses random key to be encrypted identity card cleartext information, Yi Jicun The identity card cleartext information of storage encryption.Concrete, after configuration information and encryption identity card information are sent to by communication module 406 After station server, background server can interact with SAM module, obtains the identity card cleartext information of deciphering, backstage This identity card cleartext information is sent to acquisition module 405 by communication module 406 by server, and acquisition module 405 obtains backstage After the identity card cleartext information that server deciphering obtains, this identity card cleartext information is sent to security module 503, security module 403 produce a random key, use the random key generated that identity card cleartext information is encrypted the identity card obtaining encryption Cleartext information, then stores the identity card cleartext information of encryption.In the present embodiment, by identity card cleartext information is encrypted It is stored in security module 403, it is ensured that the safety of identity card cleartext information.

As the optional embodiment of one of the present embodiment, as it is shown in figure 5, card reader 40 also includes deciphering module 410, wherein, Radio-frequency module 401, is additionally operable to receive the card seeking response instruction that the second resident identification card returns, reads joining of the second resident identification card Confidence ceases；Whether judge module 402, store the configuration information of current reading in being additionally operable to judge security module 403；Receive Module 404, for receiving the Card Reader instruction of the terminal being attached thereto；Judge module 402, is additionally operable to receive at receiver module 404 After instructing to Card Reader, in the case of judging the configuration information that security module 403 internal memory contains current reading, it is judged that security module The identity card cleartext information after encryption whether is stored in 403；Acquisition module 405, is additionally operable to judge safety at judge module 402 In the case of module 403 internal memory contains the identity card cleartext information after encryption, after the encryption stored in obtaining security module 403 Identity card cleartext information；Deciphering module 410, for using random key that the identity card cleartext information after encryption is decrypted, Identity card cleartext information after output deciphering.Concrete, after security module 403 stores encryption identity card information, radio-frequency module 401 After receiving the card seeking response instruction that the second resident identification card returns, radio-frequency module 401 reads the configuration information of the second resident identification card, Whether judge module 402 stores the configuration information of current reading in judging security module 403.Receiver module 404 receive with Connection terminal Card Reader instruction after, it is judged that module 402 judges that security module 403 internal memory contains the configuration information of current reading In the case of, it is judged that whether module 402 stores the identity card cleartext information after encryption in judging security module 403.Judging Whether module 402 stores the identity card cleartext information after encryption in judging security module 403 in the case of, acquisition module 405 Identity card cleartext information after the encryption stored in obtaining security module 403.Acquisition module 405 obtains the proof of identification after encryption After literary composition information, deciphering module 410 uses random key to be decrypted the identity card cleartext information after encryption, after output deciphering Identity card cleartext information.In the present embodiment, by directly obtaining the identity card cleartext information after encrypting from security module 403, The time of reading identity card when using same identity card to handle repeatedly business, can be saved.

As the optional embodiment of one of the present embodiment, control module 407, it is additionally operable at radio-frequency module 401 in the scheduled time When being inside not detected by resident identification card, empty the identity card cleartext information after the encryption of storage in security module 403；And/or, In the case of radio-frequency module 401 is not detected by resident identification card or before execution power-off operation, delete random key.Concrete, After security module 403 stores the identity card cleartext information after encryption, it is judged that module 402 judges that whether radio-frequency module 401 is in advance Resident identification card is detected in fixing time, in the case of radio-frequency module 401 is not detected by resident identification card in the given time, Identity card cleartext information after the encryption that control module 407 stores in emptying safety chip.It addition, security module 403 storage adds After identity card cleartext information after close, it is judged that module 402 judges that radio-frequency module 401 detects resident the most in the given time Identity card, in the case of radio-frequency module 401 is not detected by resident identification card in the given time, card reader 40 is deleted at random Key.Certainly, after security module 403 stores the identity card cleartext information after encryption, when card reader 40 performs power-off operation, Control module 407 deletes random key, after control module 407 deletes random key, even if this card reader 40 is illegally accessed, Also the identity card cleartext information of the encryption of storage in security module 403 cannot be decrypted, thus ensure that resident identification card is believed The safety of breath, and then the identity card cleartext information of encryption can be stored in flash memory (flash) by security module 403.

Alternatively, in the present embodiment, the configuration information of resident identification card and the identity card cleartext information of encryption can be with cachings Mode stores in security module 403, according to the characteristic of caching, after 40 times electricity of card reader, automatically empties the information of storage, Thereby may be ensured that the safety of resident identification card information.

Embodiment 5

Present embodiments provide a kind of identity card card-reading system.

The configuration diagram of the identity card card-reading system that Fig. 6 provides for the present embodiment, as shown in Figure 6, this identity card card-reading system Including card reader 600 and background server 610.Wherein, card reader 600 can be any embodiment that embodiment 4 provides Card reader.Background server 600 receives configuration information and the encryption identity card of the first resident identification card that card reader 600 sends Information.

In an optional embodiment of the present embodiment, background server 600 receives first resident's body that card reader 600 sends Part card configuration information and encryption identity card information after, can by with SAM module (can be arranged in background server, Can also be independently arranged) obtain the identity card cleartext information of the first resident identification card, therefore, in this optional embodiment, backstage Server 610 is additionally operable to obtain the identity card cleartext information of the first resident identification card.Background server 610 gets the first resident After the identity card cleartext information of identity card, the service can asked according to this identity card cleartext information execution user, such as, Remotely open an account.

Alternatively, background server 610 is after obtaining the identity card cleartext information of the first resident identification card, it is also possible to by this body Part card cleartext information is sent to card reader 600.Alternatively, in order to ensure information security, background server 610 can be by identity It is transmitted further to card reader 600 after card cleartext information encryption.Such as, background server 610 can be held consultation with card reader 600, Negotiate transmission key, then use this transmission double secret key identity card cleartext information to be encrypted, be then transmitted further to card reader 600.

Any process described otherwise above or method describe and are construed as in flow chart or at this, represent include one or The module of code, fragment or the part of the executable instruction of the more steps for realizing specific logical function or process, and The scope of the preferred embodiment of the present invention includes other realization, wherein can not be by order that is shown or that discuss, including root According to involved function by basic mode simultaneously or in the opposite order, performing function, this should be by embodiments of the invention institute Belong to those skilled in the art to be understood.

Those skilled in the art are appreciated that it is permissible for realizing all or part of step that above-described embodiment method carries Instructing relevant hardware by program to complete, described program can be stored in a kind of computer-readable recording medium, this journey Sequence upon execution, including one or a combination set of the step of embodiment of the method.

In the description of this specification, reference term " embodiment ", " some embodiments ", " example ", " concrete example ", Or specific features, structure, material or the feature that the description of " some examples " etc. means to combine this embodiment or example describes comprises In at least one embodiment or example of the present invention.In this manual, the schematic representation to above-mentioned term not necessarily refers to It is identical embodiment or example.And, the specific features of description, structure, material or feature can at any one or Multiple embodiments or example combine in an appropriate manner.

Although above it has been shown and described that embodiments of the invention, it is to be understood that above-described embodiment is exemplary, Being not considered as limiting the invention, those of ordinary skill in the art is in the case of without departing from the principle of the present invention and objective Above-described embodiment can be changed within the scope of the invention, revise, replace and modification.The scope of the present invention is by appended power Profit requires and equivalent limits.

Claims

1. an identity card card reading method, it is characterised in that described method includes:

Card reader receives the card seeking response instruction that the first resident identification card returns；

Described card reader reads the configuration information of described first resident identification card；

Described card reader judges whether to have stored in safety chip described configuration information, not storage in judging described safety chip In the case of described configuration information, described configuration information is stored in described safety chip；

Described card reader receives Card Reader instruction, obtains the encryption identity card information of storage in described resident identification card；

Described configuration information and described encryption identity card information are sent to background server by described card reader.

Method the most according to claim 1, it is characterised in that obtain the encryption identity card of storage in described resident identification card Information includes:

Described card reader judges whether store the encryption identity card information corresponding with described configuration information in described safety chip；

In the case of in judging described safety chip, storage has described encryption identity card information, described card reader is from safety chip Obtain described encryption identity card information；

In the case of not storing described encryption identity card information in judging described safety chip, described card reader performs Card Reader stream Journey, reads the encryption identity card information in described first resident identification card, and the described encryption identity card information read is stored in institute State in safety chip, and described encryption identity card information is associated with described configuration information.

Method the most according to claim 1, it is characterised in that

In the case of not storing described configuration information in judging described safety chip, described configuration information is stored described peace Include time in full chip: described card reader deletes configuration information and the encryption identity card information of storage in described safety chip, and will The described configuration information read stores in described safety chip；

The encryption identity card information of storage in described resident identification card that obtains includes:

Described card reader judges whether to have stored in described safety chip encryption identity card information；

In the case of not storing described encryption identity card information in judging described safety chip, described card reader performs Card Reader stream Journey, reads the encryption identity card information in described first resident identification card, and the described encryption identity card information read is stored in institute State in safety chip.

4. according to the method described in any one of claims 1 to 3, it is characterised in that in described card reader by described configuration information After being sent to described background server with described encryption identity card information, described method also includes:

Described card reader obtains described background server and deciphers the identity card cleartext information obtained；

Described card reader produces a random key；

Described card reader uses described random key to be encrypted described identity card cleartext information；

Described identity card cleartext information after encryption is stored in described safety chip by described card reader.

5. a card reader, it is characterised in that described card reader includes:

Radio-frequency module, for receiving the card seeking response instruction that the first resident identification card returns, reads described first resident identification card Configuration information；

Judge module, is used for judging whether security module has stored described configuration information, does not deposit in judging described security module In the case of storing up described configuration information, trigger described security module and store described configuration information；

Described security module, is used for storing described configuration information；

Receiver module, is used for receiving Card Reader instruction；

Acquisition module, for obtaining the encryption identity card information of storage in described resident identification card；

Communication module, for being sent to background server by described configuration information and described encryption identity card information.

Card reader the most according to claim 5, it is characterised in that

Described judge module, is additionally operable to judge whether to store in described security module the crypto identity corresponding with described configuration information Card information；

Described acquisition module, being additionally operable in described judge module judges described security module storage has described encryption identity card information In the case of, from described security module, obtain described encryption identity card information, and judge described safety at described judge module In the case of module does not store described encryption identity card information, read described encryption identity card from described first resident identification card Information；

Described security module is additionally operable to described configuration information, described encryption identity card information is associated storage.

Card reader the most according to claim 5, it is characterised in that described card reader also includes control module；

Described control module, for not storing the situation of described configuration information in described judge module judges described security module Under, delete configuration information and the encryption identity card information of storage in described security module, then it is described to trigger the storage of described security module The described configuration information that radio-frequency module reads；

Described judge module, is additionally operable to judge whether to have stored in described security module encryption identity card information；

Described acquisition module, has described encryption identity card information for storage in described judge module judges described security module In the case of, from described security module, obtain described encryption identity card information, in described judge module judges described security module In the case of not storing described encryption identity card information, read the encryption identity card information of storage in described first resident identification card；

Described security module is additionally operable to store the described encryption identity card information that described acquisition module reads.

8., according to the card reader described in any one of claim 5 to 7, it is characterised in that described security module, it is additionally operable to obtain Described background server deciphers the identity card cleartext information obtained, and produces a random key, uses described random key to described Identity card cleartext information is encrypted, and stores the described identity card cleartext information of encryption.

9. an identity card card-reading system, it is characterised in that including: card reader according to any one of claim 5 to 8, And background server, wherein,

Described background server, for receiving configuration information and the encryption identity card of the first resident identification card that described card reader sends Information.

System the most according to claim 9, it is characterised in that

Described background server is additionally operable to obtain the identity card cleartext information of described first resident identification card, and by described identity card Cleartext information is sent to described card reader.