CN106254076B - 对手表的集成电路中的银行数据编程的方法 - Google Patents

对手表的集成电路中的银行数据编程的方法 Download PDF

Info

Publication number
CN106254076B
CN106254076B CN201610405987.4A CN201610405987A CN106254076B CN 106254076 B CN106254076 B CN 106254076B CN 201610405987 A CN201610405987 A CN 201610405987A CN 106254076 B CN106254076 B CN 106254076B
Authority
CN
China
Prior art keywords
integrated circuit
portable object
data
public key
watch
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Active
Application number
CN201610405987.4A
Other languages
English (en)
Other versions
CN106254076A (zh
Inventor
S·萨尔加多
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
EM Microelectronic Marin SA
Original Assignee
EM Microelectronic Marin SA
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by EM Microelectronic Marin SA filed Critical EM Microelectronic Marin SA
Publication of CN106254076A publication Critical patent/CN106254076A/zh
Application granted granted Critical
Publication of CN106254076B publication Critical patent/CN106254076B/zh
Active legal-status Critical Current
Anticipated expiration legal-status Critical

Links

Classifications

    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06QINFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES, NOT OTHERWISE PROVIDED FOR
    • G06Q20/00Payment architectures, schemes or protocols
    • G06Q20/30Payment architectures, schemes or protocols characterised by the use of specific devices or networks
    • G06Q20/32Payment architectures, schemes or protocols characterised by the use of specific devices or networks using wireless devices
    • G06Q20/326Payment applications installed on the mobile devices
    • G06Q20/3265Payment applications installed on the mobile devices characterised by personalisation for use
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06QINFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES, NOT OTHERWISE PROVIDED FOR
    • G06Q20/00Payment architectures, schemes or protocols
    • G06Q20/30Payment architectures, schemes or protocols characterised by the use of specific devices or networks
    • G06Q20/32Payment architectures, schemes or protocols characterised by the use of specific devices or networks using wireless devices
    • G06Q20/321Payment architectures, schemes or protocols characterised by the use of specific devices or networks using wireless devices using wearable devices
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/32Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials
    • H04L9/3263Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials involving certificates, e.g. public key certificate [PKC] or attribute certificate [AC]; Public key infrastructure [PKI] arrangements
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06QINFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES, NOT OTHERWISE PROVIDED FOR
    • G06Q20/00Payment architectures, schemes or protocols
    • G06Q20/08Payment architectures
    • G06Q20/10Payment architectures specially adapted for electronic funds transfer [EFT] systems; specially adapted for home banking systems
    • G06Q20/108Remote banking, e.g. home banking
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/30Authentication, i.e. establishing the identity or authorisation of security principals
    • G06F21/31User authentication
    • G06F21/33User authentication using certificates
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/30Authentication, i.e. establishing the identity or authorisation of security principals
    • G06F21/31User authentication
    • G06F21/34User authentication involving the use of external additional devices, e.g. dongles or smart cards
    • G06F21/35User authentication involving the use of external additional devices, e.g. dongles or smart cards communicating wirelessly
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/60Protecting data
    • G06F21/602Providing cryptographic facilities or services
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06QINFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES, NOT OTHERWISE PROVIDED FOR
    • G06Q20/00Payment architectures, schemes or protocols
    • G06Q20/02Payment architectures, schemes or protocols involving a neutral party, e.g. certification authority, notary or trusted third party [TTP]
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06QINFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES, NOT OTHERWISE PROVIDED FOR
    • G06Q20/00Payment architectures, schemes or protocols
    • G06Q20/30Payment architectures, schemes or protocols characterised by the use of specific devices or networks
    • G06Q20/32Payment architectures, schemes or protocols characterised by the use of specific devices or networks using wireless devices
    • G06Q20/322Aspects of commerce using mobile devices [M-devices]
    • G06Q20/3223Realising banking transactions through M-devices
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06QINFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES, NOT OTHERWISE PROVIDED FOR
    • G06Q20/00Payment architectures, schemes or protocols
    • G06Q20/30Payment architectures, schemes or protocols characterised by the use of specific devices or networks
    • G06Q20/32Payment architectures, schemes or protocols characterised by the use of specific devices or networks using wireless devices
    • G06Q20/322Aspects of commerce using mobile devices [M-devices]
    • G06Q20/3226Use of secure elements separate from M-devices
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06QINFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES, NOT OTHERWISE PROVIDED FOR
    • G06Q20/00Payment architectures, schemes or protocols
    • G06Q20/30Payment architectures, schemes or protocols characterised by the use of specific devices or networks
    • G06Q20/32Payment architectures, schemes or protocols characterised by the use of specific devices or networks using wireless devices
    • G06Q20/322Aspects of commerce using mobile devices [M-devices]
    • G06Q20/3227Aspects of commerce using mobile devices [M-devices] using secure elements embedded in M-devices
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06QINFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES, NOT OTHERWISE PROVIDED FOR
    • G06Q20/00Payment architectures, schemes or protocols
    • G06Q20/30Payment architectures, schemes or protocols characterised by the use of specific devices or networks
    • G06Q20/32Payment architectures, schemes or protocols characterised by the use of specific devices or networks using wireless devices
    • G06Q20/327Short range or proximity payments by means of M-devices
    • G06Q20/3278RFID or NFC payments by means of M-devices
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06QINFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES, NOT OTHERWISE PROVIDED FOR
    • G06Q20/00Payment architectures, schemes or protocols
    • G06Q20/30Payment architectures, schemes or protocols characterised by the use of specific devices or networks
    • G06Q20/36Payment architectures, schemes or protocols characterised by the use of specific devices or networks using electronic wallets or electronic money safes
    • G06Q20/363Payment architectures, schemes or protocols characterised by the use of specific devices or networks using electronic wallets or electronic money safes with the personal data of a user
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06QINFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES, NOT OTHERWISE PROVIDED FOR
    • G06Q20/00Payment architectures, schemes or protocols
    • G06Q20/38Payment protocols; Details thereof
    • G06Q20/382Payment protocols; Details thereof insuring higher security of transaction
    • G06Q20/3821Electronic credentials
    • G06Q20/38215Use of certificates or encrypted proofs of transaction rights
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06QINFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES, NOT OTHERWISE PROVIDED FOR
    • G06Q20/00Payment architectures, schemes or protocols
    • G06Q20/38Payment protocols; Details thereof
    • G06Q20/382Payment protocols; Details thereof insuring higher security of transaction
    • G06Q20/3829Payment protocols; Details thereof insuring higher security of transaction involving key management
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06QINFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES, NOT OTHERWISE PROVIDED FOR
    • G06Q20/00Payment architectures, schemes or protocols
    • G06Q20/38Payment protocols; Details thereof
    • G06Q20/40Authorisation, e.g. identification of payer or payee, verification of customer or shop credentials; Review and approval of payers, e.g. check credit lines or negative lists
    • G06Q20/401Transaction verification
    • G06Q20/4014Identity check for transactions
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06QINFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES, NOT OTHERWISE PROVIDED FOR
    • G06Q20/00Payment architectures, schemes or protocols
    • G06Q20/38Payment protocols; Details thereof
    • G06Q20/40Authorisation, e.g. identification of payer or payee, verification of customer or shop credentials; Review and approval of payers, e.g. check credit lines or negative lists
    • G06Q20/405Establishing or using transaction specific rules
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06QINFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES, NOT OTHERWISE PROVIDED FOR
    • G06Q20/00Payment architectures, schemes or protocols
    • G06Q20/38Payment protocols; Details thereof
    • G06Q20/40Authorisation, e.g. identification of payer or payee, verification of customer or shop credentials; Review and approval of payers, e.g. check credit lines or negative lists
    • G06Q20/409Device specific authentication in transaction processing
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/04Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks
    • H04L63/0428Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks wherein the data content is protected, e.g. by encrypting or encapsulating the payload
    • H04L63/0442Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks wherein the data content is protected, e.g. by encrypting or encapsulating the payload wherein the sending and receiving network entities apply asymmetric encryption, i.e. different keys for encryption and decryption
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/08Network architectures or network communication protocols for network security for authentication of entities
    • H04L63/0823Network architectures or network communication protocols for network security for authentication of entities using certificates
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/30Public key, i.e. encryption algorithm being computationally infeasible to invert or user's encryption keys not requiring secrecy
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F2211/00Indexing scheme relating to details of data-processing equipment not covered by groups G06F3/00 - G06F13/00
    • G06F2211/007Encryption, En-/decode, En-/decipher, En-/decypher, Scramble, (De-)compress
    • G06F2211/008Public Key, Asymmetric Key, Asymmetric Encryption
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06QINFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES, NOT OTHERWISE PROVIDED FOR
    • G06Q2220/00Business processing using cryptography
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L2209/00Additional information or applications relating to cryptographic mechanisms or cryptographic arrangements for secret or secure communication H04L9/00
    • H04L2209/24Key scheduling, i.e. generating round keys or sub-keys for block encryption

Landscapes

  • Engineering & Computer Science (AREA)
  • Business, Economics & Management (AREA)
  • Accounting & Taxation (AREA)
  • Theoretical Computer Science (AREA)
  • Physics & Mathematics (AREA)
  • General Physics & Mathematics (AREA)
  • Computer Security & Cryptography (AREA)
  • Strategic Management (AREA)
  • General Business, Economics & Management (AREA)
  • Computer Networks & Wireless Communication (AREA)
  • Finance (AREA)
  • Computer Hardware Design (AREA)
  • General Engineering & Computer Science (AREA)
  • Signal Processing (AREA)
  • Computing Systems (AREA)
  • Software Systems (AREA)
  • Development Economics (AREA)
  • Economics (AREA)
  • General Health & Medical Sciences (AREA)
  • Bioethics (AREA)
  • Health & Medical Sciences (AREA)
  • Telephone Function (AREA)
  • Storage Device Security (AREA)
  • Credit Cards Or The Like (AREA)

Abstract

本发明涉及一种对手表的集成电路中的银行数据编程的方法。所述方法使能通过非对称加密和解密算法在手表(1)的集成电路中对银行数据编程。所述方法包括:将所述集成电路的公钥(KpubIC)和数字证书(CertIC)从便携物体发送到银行(20),所述数字证书(CertIC)由认证机构基于其私钥和所述集成电路的公钥生成;通过所述机构的公钥在所述银行中检验所述数字证书,如果所述数字证书被验证,则将针对所述便携物体的所有者个性化的已加密机密数据从所述银行发送到所述便携物体,以及通过所述集成电路的私钥,对由所述便携物体的所述专用集成电路接收的已加密数据解密,以存储针对所述便携物体所有者个性化的已解密机密数据。

Description

对手表的集成电路中的银行数据编程的方法
技术领域
本发明涉及一种用于在诸如手表之类的便携物体的专用集成电路中对诸如银行数据之类的机密或安全数据编程以便显著影响支付交易的方法。
本发明还涉及具备专用集成电路的诸如手表之类的便携物体,所述专用集成电路用于根据所述编程方法被个性化和编程的诸如银行数据之类的机密或安全数据。
背景技术
存在已知的已连接便携物体,它们能够执行数个功能。通常,这些物体可以是具备通信模块的移动电话。移动电话能够使用数个通信协议,例如Wifi协议、蓝牙协议或NFC协议。这些移动电话然后可以用于执行所谓的“连接”功能,例如非接触支付、电子票务或非接触接入。
对于商品或服务的支付,还可以使用个性化和安全的智能卡作为便携物体。智能卡可以具备用于经由天线与商品或服务供应位置的读取设备进行NFC短距离通信的装置。使用NFC协议的短距离通信通常用于针对存储在所述智能卡中的银行数据执行检验操作,以及用于所需商品或服务的后续支付。
如图1中所示,用于商品或服务支付的每个智能卡1’在制造期间必须由银行机构20认可和授权的智能卡制造商10个性化。一个此类认可的卡制造商例如是Oberthur、Gemalto或G&D。必须在高安全性环境中将诸如身份凭证或个人标识符、银行账号之类的银行数据加载到智能卡中。
卡制造商10从持卡者的银行或金融机构20接收该银行数据。智能卡芯片通常例如必须在诸如NXP或Infineon之类的专用芯片制造商处由Eurocard、Mastercard或Visa认证。当在卡制造商10的制造设施处制造卡时,持卡者和银行都是已知的。因此当在卡制造商的设施处制造卡时将银行数据加载到芯片中。最后,将已制造的卡发送到卡1’的持卡者,该卡具有个人银行数据的所有身份凭证。
如图2中所示,另一种类型的已连接物体可以是手表1,其还可以用于非接触支付。该手表1包括用于支付功能的芯片或专用集成电路。支付芯片可以由银行机构20提供并且放置在支架上,然后将该支架插入产品中的特定机架中,或者将空白芯片直接放置在产品内部并且然后由银行机构20编程。
该芯片可以具备用于数据接收和发送的与天线2结合使用的NFC短距离通信装置或接口。为了对手表1的所述空白芯片编程,可以使用对称或非对称加密/解密算法以便与在芯片中对其账户编程的账户持有者的银行20通信。
在对称加密/解密的情况下,芯片存储器可以包括一组密钥。这些密钥是加密/解密数据、完整性或标识检验数据以及用于认证外部数据(其可以是手表)的数据。金融或银行机构20基于存储在手表芯片中的认证数据,立即认证该手表。一旦手表已被认证,金融或银行机构20对银行数据加密,并且再次使用对称算法(DES或AES)检验身份参考和加密/解密数据。然后,将已加密数据发送到手表芯片。
因为手表进行NFC短距离通信,所以还必须使用中间长距离通信终端。该通信终端或装置可以是移动电话30,其布置在距离手表不远处以便使用NFC协议通信。由银行20加密的银行数据ENC因此在由手表1接收之前通过通信电话30。最后,接收到已加密数据ENC的手表1的芯片能够解密和存储数据ENC。
使用对称加密对芯片编程的一个问题是知道银行和手表能够如何共享密钥。当制造时,手表尚未知道银行。因此,不能仅将密钥发送到最终用户银行,而且将密钥分发给所有银行,这构成一个缺点。
在非对称加密/解密的情况下,手表1的芯片存储器保存临时数据,其是与发送到所有银行20的公钥关联的私钥。从银行,例如能够使用如RSA型(来自发明者RonaldRevest、Adi Shamir和Leonard Aldelman)的非对称加密和解密算法。银行使用手表1的芯片的公钥,对特定于银行账户持有者的银行数据加密,然后发送该已加密数据ENC。
如上所述,因为手表进行NFC短距离通信,所以还必须使用中间长距离通信终端,例如移动电话30。由银行加密的银行数据因此在由手表1接收之前通过通信电话30。最后,接收已加密数据ENC的手表1的芯片能够经由其私钥对数据ENC解密,并且将特定于手表持有者的银行数据存储在非易失性存储器中。还可以将该银行数据锁定在芯片中。
要注意的是,当使用非对称加密执行用于对手表芯片中的银行数据编程的方法时,银行仅知道公钥,这是有利的。但是,必须具有数据库,其具有用于要个性化的所有手表芯片的公钥。该数据库可能变得非常大,具体取决于要个性化的手表芯片的数量。此外,假设使用诸如移动电话之类的通信终端,则没有此类银行数据编程需要的所有安全性。这些是缺点。
类似于非对称加密的使用,可能会提及第699 083 B1号瑞士专利。在该专利中,描述一种用于诸如手表之类的物体的数字证书认证以便防止伪造的方法。通过生成存储在芯片中用于非对称加密的公钥和私钥,获得数字证书。还提供认证和/或验证机构以便检查豪华手表的真实性。但是,未提供手表芯片的安全编程以便用于商品或服务的非接触支付。
发明内容
因此,本发明的一个目标是通过提供一种用于在手表的专用集成电路中对诸如银行数据之类的机密或安全数据编程,同时保证不安全环境中的整体编程安全性的方法,克服上述现有技术的缺点。具体地说,对与天线结合使用的手表的专用集成电路编程使得执行支付交易成为可能。
为此,本发明涉及一种用于在手表的专用集成电路中对诸如银行数据之类的机密或安全数据编程的方法,其包括在独立权利要求1中限定的特征。
所述编程方法的特定步骤在从属权利要求2至7中限定。
所述编程方法的一个优点在于以下事实:它使能从特定于所述集成电路的数字证书验证后的金融或银行机构发送已加密数据,并且由所述手表将所述已加密数据以及所述集成电路的公钥发送到所述机构。将所述已加密数据从所述银行机构发送到所述手表的所述集成电路或芯片能够通过不安全通信终端,而不会损害所述集成电路的独有编程安全性。所述集成电路能够使用其私钥对所述已加密数据解密,以便存储所述数据,这意味着具备所述专用集成电路的所述手表能够用于采用与专用读取器的短距离通信进行商品或服务的非接触支付。
有利地,使用该编程方法,不需要知道发送所述已加密数据的实体,因为只能通过所述手表所有者的私钥对该数据解密,所述私钥与用于数据加密的公钥关联。此外,使用来自认证机构的公钥在所述金融机构中执行数字证书检验,所述认证机构基于所述认证机构的所述私钥和所述集成手表电路的所述公钥,生成所述集成手表电路的所述数字证书。
此外,本发明的一个目标是提供一种具备专用集成电路的诸如手表之类的便携物体,所述专用集成电路用于根据所述编程方法个性化和编程的诸如银行数据之类的机密或安全数据。
为此,本发明涉及一种便携物体,其具备用于根据所述编程方法编程的诸如银行数据之类的机密或安全数据的专用集成电路,并且包括在独立权利要求8中限定的特征。
所述便携物体的特定实施例在从属权利要求9至12中限定。
附图说明
在以下基于由附图示出的至少一个非限制性实例的描述中,用于在诸如手表之类的便携物体的专用集成电路中对机密或安全数据编程的方法,以及具备所述专用电路的便携物体的目标、优点和特性将显得更清晰,这些附图是:
图1(已经引用)示意性地表示现有技术中用于使用银行数据个性化智能卡的标准方法;
图2(已经引用)示意性地表示现有技术中用于使用银行数据个性化手表芯片的标准方法;
图3示意性地表示根据本发明的用于以个性方式使用诸如来自金融或银行机构的银行数据之类的机密或安全数据对诸如手表之类的便携物体的专用集成电路编程的方法;
图4a和4b表示在使用本发明的编程方法获得的编程之前和之后的具有用于支付交易的专用集成电路的手表;以及
图5表示根据本发明的用于对手表的专用集成电路编程的方法的不同步骤。
具体实施方式
在以下描述中,将仅以简化方式描述用于对便携物体中的机密或安全数据编程的所有这些手段,它们对于本技术领域中的技术人员而言是公知的。主要重点在于使用非对称加密和解密技术,对便携物体的芯片或集成电路中的机密或安全数据编程。
图3示意性地表示用于对诸如手表1之类的便携物体的专用集成电路中的机密或安全数据编程的各种元件。如下面参考图4a、4b和5更详细地解释的那样,在对私钥KprivIC编程之前,手表1的芯片或专用集成电路能够至少临时存储电路的关联公钥KpubIC和数字证书CertIC。认证机构能够基于手表芯片的公钥和认证机构的私钥KprivAC,生成该数字证书(如数字签名)。认证机构可以是制造便携物体(尤其是手表)的公司,例如斯沃琪集团(Swatch Group)。
为了对诸如银行数据之类的机密或安全数据编程,诸如手表1之类的便携物体经由天线2并且使用NFC短距离通信协议,发送数字证书CertIC和集成电路的公钥KpubIC。天线可以布置在表壳内的表圈下面并且包括数个同轴线圈,这些线圈的直径接近于表盘或表壳中部的直径。
因为从手表进行NFC短距离通信,所以必须通过长距离终端或装置,例如移动电话30。该移动电话30不可知并且充当通信隧道。根据移动电话中提供的功能,可以在最多大约30cm的距离内自动与手表建立无线接触。还在移动电话30与银行机构20之间建立通信,便携物体的所有者可以在该银行机构20中具有至少一个银行账户。
在接收特定于手表的数字证书CertIC和集成电路公钥KpubIC时,金融或银行机构20首先借助认证机构公钥KpubAC检验该数字证书。如果数字证书检验被接受,则验证了诸如手表1之类的便携物体的公钥。借助手表1的公钥KpubIC对尤其是银行账户持有者的机密或安全数据加密,并且从金融或银行机构20发送该已加密数据ENC。在经由手表1的天线2发送到手表的专用集成电路之前,数据ENC首先由移动电话30接收。
在接收已加密数据ENC时,手表1的专用集成电路能够借助其至少临时存储在存储器中的私钥KprivIC对数据ENC解密。诸如涉及手表所有者账户的银行数据之类的机密或安全数据能够被存储在存储器中,优选地存储在非易失性存储器中,并且可能被锁定在存储器中。
一旦将手表所有者的个人数据存储在专用集成电路中,连接到手表天线2的集成电路就可以用于非接触支付。使用与特定位置或销售商品或服务的商店的读取器的NFC近距离通信来进行非接触支付。借助读取器并且通过与手表1的所有者的银行的通信,执行机密数据检验。
还要注意的是,认证机构的公钥(例如斯沃琪公司(Swatch)的公钥)只能被分发给作为斯沃琪集团的合作伙伴的银行或金融机构。在这种情况下,能够经由中间通信终端将个性化后的银行数据发送到制造之后的手表1,该中间通信终端是充当通信隧道的不可知的移动电话30。
还可以认证其它数据,例如集成电路标识代码,其可以经过EMV认证(Eurocard-MasterCard-Visa)。除了保护手表1的所有者的银行数据之外,这还使能标识手表的专用集成电路,并且例如认证所述集成电路的制造商。这些特性确保手表实际上是原装斯沃琪手表。仅机密数据在手表的专用集成电路的安全存储器中。因此没有可以被攻击的数据库。
在图4a和4b中以简化方式表示便携物体1。该便携物体优选地是手表1。但是,还可设想具有作为手镯、项链或者甚至戒指的便携物体,前提是能够插入具有NFC短距离通信装置的所有者特定的集成电路。
图4a示出手表1的简化顶视图,其中在表壳内部布置集成电路3,集成电路3尚未针对手表所有者被个性化。该集成电路3通过公知的NFC通信接口连接到天线2。按钮4或表冠可以用于时间和日期的常规设置,或者用于针对NFC短距离通信启动集成电路。但是,通信的开始还可以由布置在近距离处的移动电话自动控制。
集成电路可以在硬件部分中包括NFC通信接口(RF)、处理器逻辑单元以及存储器,该存储器可以是非易失性存储器。集成电路还可以在软件部分中包括Java虚拟机、操作系统、第一银行应用(例如Visa、MasterCard或Eurocard)、第二银行应用以及其它可能的应用。操作系统能够实现所有基本软件功能、与硬件部分的对接、外围设备和存储器的管理。
要注意的是,将用于启动非对称算法的特定于集成电路的密钥KpubIC、KprivIC、CertIC存储在非易失性存储器中。在根据本发明的编程方法结束时,在集成电路的永久编程或个性化之前,临时存储这些密钥。
图4b示出手表1的简化顶视图,其中在表壳内部布置集成电路3,集成电路3在根据本发明的编程方法结束时针对手表所有者被个性化。一旦集成电路3经由天线2从手表所有者的银行接收已加密数据ENC的RF信号,就使用存储的私钥KprivIC执行数据解密。已解密机密或安全数据能够被永久地存储在非易失性存储器中。该机密数据可以是手表所有者的姓名、他的密钥和银行账号。还可设想在锁定机密数据之前,从存储器中删除私钥和公钥以及数字证书。一旦使用其银行数据针对手表所有者个性化,具有连接到天线2的集成电路3的手表1就能够用于通过与特定位置或商店的读取器通信,进行产品或服务的非接触支付。
图5示意性地表示用于对便携物体(其优选地是手表1)的专用集成电路中的机密或安全数据编程的方法的不同步骤。下面描述的步骤110至118构成根据本发明的编程方法的重要步骤,并且足以单独限定本发明的范围。
在使用机密或安全数据对专用集成电路编程之前,可以设置步骤200,其生成认证机构的私钥KprivAC和公钥KpubAC。该认证机构例如可以是手表制造公司,或者制造集团(例如斯沃琪集团)的实体。在步骤206,一旦生成,将认证机构的私钥KprivAC和公钥KpubAC存储在安全单元(例如保险箱)中。在步骤202,将认证机构公钥KpubAC发送到银行,并且尤其是发送到作为斯沃琪集团的合作伙伴的银行或金融机构。在步骤204,银行或金融机构接收公钥KpubAC,它们将该公钥存储在存储器中。
对于根据本发明对机密或安全数据编程,在步骤100,可以生成集成电路的一组私钥KprivIC和公钥KpubIC。可以在集成电路制造工艺结束时或者在诸如手表之类的便携物体的制造设施中生成所述私钥和公钥。这些私钥和公钥KprivIC和KpubIC被至少临时存储在集成电路存储器(例如非易失性存储器)中。这些私钥和公钥特定于每个已制造的集成电路,并且专用于手表中的特定使用功能。
在步骤102,一旦存储了集成电路的私钥和公钥KprivIC和KpubIC,就将集成电路公钥KpubIC发送到认证机构,例如发送到斯沃琪集团的公司。在步骤104接收公钥KpubIC时,基于认证机构私钥KprivIC计算集成电路的数字证书。根据通用公式CertIC=F(KpubIC,KprivAC)获得数字证书。在步骤106,一旦已计算集成电路数字证书,就将证书CertIC发送到集成电路或手表的制造商。在步骤108,针对已制造的手表个性化专用集成电路。个性化包括将手表的公钥KpubIC、私钥KprivIC和集成电路数字证书CertIC至少临时存储在集成电路的存储器中。
在步骤110,一旦将私钥和公钥KprivIC和KpubIC以及证书CertIC存储在集成电路中,就由与集成电路关联的手表天线将公钥KpubIC和数字证书CertIC发送到银行或金融机构。通过通信终端(例如在手表附近的移动电话)或者通过商店系统(尤其是斯沃琪商店,其中未来手表所有者能够购买手表)进行发送。在步骤112,借助认证机构公钥KpubAC,根据公式V=G(CertIC,KpubAC),在被购买手表的所有者的银行或金融机构中检验数字证书CertIC。如果证书被验证,则银行或金融机构针对要个性化的手表生成机密或安全数据,例如银行数据。使用从集成电路接收的公钥KpubIC,根据公式EncryptedData=H(BankingData,KpubIC),对该数据加密。
在步骤114,银行或金融机构将已加密数据发送到集成手表电路。在由手表天线接收之前,该已加密数据首先通过充当隧道的通信终端。在步骤116,一旦集成电路接收了已加密数据,就使用集成电路私钥KprivIC对已加密数据解密。在步骤118,将涉及手表所有者的机密数据(尤其是银行数据)的已加密数据存储在集成电路的非易失性存储器中。该存储的数据能够被锁定以使得它不能被破坏。在随后的步骤120,可以删除存储在集成电路存储器中的临时数据以便释放存储空间。
可以仅执行一次机密或安全数据的编程,并且仅从手表发送和接收一次公钥和证书,以及仅发送和接收一次从银行接收的已加密数据。在解密之后,可以仅锁定一次存储的机密数据。这可以在所有者购买手表之后非常快速地实现,同时个性化手表以便以后进行商品或服务的非接触支付。
从刚刚给出的描述中,本领域的技术人员能够设计用于在诸如手表之类的便携物体的专用集成电路中对机密或安全数据编程的方法、以及具备根据所述方法编程的集成电路的便携物体的若干变型而不偏离由权利要求限定的本发明的范围。便携物体例如还可以是手镯、戒指或项链,前提是可插入集成电路并且建立短距离通信。还可以在不使用通信终端的情况下,直接在银行或金融机构处执行对便携物体的集成电路中的机密或安全数据编程。机密或安全数据可以是除银行数据之外的数据,以使得便携物体还可以与针对设备(例如车辆)的位置或租赁的电子票务或非接触接入或者针对其它功能被编程的专用集成电路一起使用。

Claims (12)

1.一种用于在便携物体的集成电路(3)中对机密或安全数据编程的方法,针对所述方法使用非对称加密/解密算法来执行数据编程,
其特征在于,所述方法包括以下步骤:
-将所述集成电路(3)的公钥(KpubIC)和数字证书(CertIC)从所述便携物体(1)发送到金融机构,所述数字证书(CertIC)是由认证机构基于所述认证机构的私钥(KprivAC)和所述集成电路的公钥而生成的,
-借助所述认证机构的公钥(KpubAC),在所述金融机构中检验所述数字证书(CertIC),并且如果所述数字证书被验证,则
-将针对所述便携物体(1)的所有者个性化的已加密机密或安全数据从所述金融机构发送到所述便携物体(1),并且
-借助所述集成电路(3)的私钥(KprivIC),对所述便携物体(1)的所述集成电路(3)所接收的已加密数据解密,以便存储针对所述便携物体(1)的所述所有者个性化的已解密机密或安全数据。
2.根据权利要求1所述的编程方法,其中所述集成电路(3)连接到所述便携物体(1)的天线(2),以便向所述便携物体所有者的所述金融机构发送数据信号和从其接收数据信号,其特征在于,经由通信终端(30)实现所述集成电路(3)的所述公钥(KpubIC)和所述数字证书(CertIC)的发送,并且其特征在于,经由所述通信终端(30)实现由连接到所述便携物体(1)的所述集成电路(3)的所述天线(2)从所述金融机构接收所述已加密机密或安全数据。
3.根据权利要求2所述的编程方法,其中在所述便携物体(1)与所述通信终端之间建立使用NFC协议的短距离通信,所述通信终端是充当通信隧道的移动电话(30)。
4.根据权利要求1所述的编程方法,其特征在于,在发送所述公钥(KpubIC)和所述数字证书(CertIC)的步骤之前,将所述集成电路的所述私钥(KprivIC)和公钥(KpubIC)以及所述数字证书(CertIC)临时存储在所述集成电路(3)的非易失性存储器中,并且其特征在于,一旦所接收的已加密数据被解密并被存储在所述集成电路的存储器中,则从所述存储器删除所述集成电路的所述私钥(KprivIC)和公钥(KpubIC)以及所述数字证书(CertIC)。
5.根据权利要求1所述的编程方法,其特征在于,在检验所述数字证书之后,所述金融机构对涉及所述便携物体的所述所有者的银行账户的银行数据加密。
6.根据权利要求1所述的编程方法,其特征在于,所述方法包括以下预备步骤:
-在所述集成电路的制造期间或者在所述便携物体(1)的制造设施中,生成特定于所述集成电路(3)的私钥(KprivIC)和公钥(KpubIC),
-将所述集成电路(3)的所述公钥(KpubIC)发送到所述认证机构,以便基于所述认证机构的私钥(KprivAC)计算所述数字证书(CertIC),
-在将所述集成电路(3)的所述公钥(KpubIC)和所述数字证书(CertIC)发送到所述金融机构之前,将所述数字证书(CertIC)发送到所述集成电路(3)或所述便携物体(1)的制造商,以便使用临时数据个性化所述集成电路。
7.根据权利要求1所述的编程方法,其特征在于,所述方法包括以下预备步骤:
-生成所述认证机构的私钥(KprivAC)和公钥(KpubAC),
-将所述认证机构的所述公钥(KpubAC)发送到所述金融机构,以及
-将所述认证机构的所述私钥(KprivAC)和公钥(KpubAC)存储在安全单元中。
8.一种具备集成电路(3)的便携物体(1),所述集成电路(3)用于根据权利要求1所述的编程方法被个性化和编程的机密或安全数据,所述便携物体还包括连接到所述集成电路(3)的天线(2),所述集成电路(3)包括用于发送和接收数据信号的通信接口,其特征在于,所述集成电路(3)包括处理器逻辑单元、操作系统以及存储器,所述存储器用于存储特定于所述便携物体的所述所有者的机密和安全数据。
9.根据权利要求8所述的便携物体(1),其特征在于,便携物体是在表壳内部具有天线的手表,所述天线连接到所述集成电路(3)的所述通信接口。
10.根据权利要求8所述的便携物体(1),其特征在于,所述集成电路(3)的所述通信接口是短距离通信接口(NFC)以便通过通信终端(30)与所述金融机构建立通信。
11.根据权利要求8所述的便携物体(1),其特征在于,所述集成电路(3)被配置为在其存储器中临时存储所述集成电路的所述私钥(KprivIC)和公钥(KpubIC)以及所述集成电路的数字证书(CertIC),而在编程之后,所述机密或安全数据被锁定在所述存储器中。
12.根据权利要求10所述的便携物体(1),其特征在于,所述便携物体(1)包括至少一个按钮(4),其用于时间和日期的常规设置,或者用于针对短距离通信(NFC)启动所述集成电路。
CN201610405987.4A 2015-06-12 2016-06-08 对手表的集成电路中的银行数据编程的方法 Active CN106254076B (zh)

Applications Claiming Priority (2)

Application Number Priority Date Filing Date Title
EP15171811.1 2015-06-12
EP15171811.1A EP3104320B1 (fr) 2015-06-12 2015-06-12 Procédé de programmation de données bancaires dans un circuit intégré d'une montre

Publications (2)

Publication Number Publication Date
CN106254076A CN106254076A (zh) 2016-12-21
CN106254076B true CN106254076B (zh) 2019-06-25

Family

ID=53442536

Family Applications (1)

Application Number Title Priority Date Filing Date
CN201610405987.4A Active CN106254076B (zh) 2015-06-12 2016-06-08 对手表的集成电路中的银行数据编程的方法

Country Status (6)

Country Link
US (1) US11308465B2 (zh)
EP (1) EP3104320B1 (zh)
JP (1) JP6220011B2 (zh)
KR (2) KR102004589B1 (zh)
CN (1) CN106254076B (zh)
TW (1) TWI727953B (zh)

Families Citing this family (4)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US9953479B1 (en) * 2017-03-17 2018-04-24 Ca, Inc. Controlling access to physical compartment using mobile device and transaction authentication system
JP2019125132A (ja) * 2018-01-16 2019-07-25 株式会社デンソー パスコード管理プログラム、パスコード管理方法
EP3640878B1 (fr) * 2018-10-17 2023-06-21 Swatch Ag Procede et systeme d'activation d'un objet portable de paiement sans contact
CH715678B1 (fr) * 2018-12-20 2022-09-30 Boninchi Sa Dispositif de communication comprenant une montre munie d'une puce radiofréquence.

Citations (2)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN101777978A (zh) * 2008-11-24 2010-07-14 华为终端有限公司 一种基于无线终端的数字证书申请方法、系统及无线终端
CN103167491A (zh) * 2011-12-15 2013-06-19 上海格尔软件股份有限公司 一种基于软件数字证书的移动终端唯一性认证方法

Family Cites Families (51)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
AU1265195A (en) * 1993-12-06 1995-06-27 Telequip Corporation Secure computer memory card
DE69534490T2 (de) * 1994-07-19 2006-06-29 Certco, Llc Verfahren zur sicheren anwendung digitaler unterschriften in einem kommerziellen verschlüsselungssystem
IL113259A (en) * 1995-04-05 2001-03-19 Diversinet Corp A device and method for a secure interface for secure communication and data transfer
US5677955A (en) * 1995-04-07 1997-10-14 Financial Services Technology Consortium Electronic funds transfer instruments
US5745574A (en) * 1995-12-15 1998-04-28 Entegrity Solutions Corporation Security infrastructure for electronic transactions
US6038551A (en) * 1996-03-11 2000-03-14 Microsoft Corporation System and method for configuring and managing resources on a multi-purpose integrated circuit card using a personal computer
US6085320A (en) * 1996-05-15 2000-07-04 Rsa Security Inc. Client/server protocol for proving authenticity
US7287271B1 (en) * 1997-04-08 2007-10-23 Visto Corporation System and method for enabling secure access to services in a computer network
KR100358426B1 (ko) * 1998-08-18 2003-01-29 한국전자통신연구원 전자현금거래방법
JP2000113085A (ja) * 1998-10-08 2000-04-21 Sony Corp 電子現金システム
US6820202B1 (en) * 1998-11-09 2004-11-16 First Data Corporation Account authority digital signature (AADS) system
JP2000184085A (ja) * 1998-12-18 2000-06-30 Fujitsu Ltd 携帯機器、携帯端末用アタッチメント及び携帯機器を用いたシステム
JP2000311196A (ja) * 1999-04-28 2000-11-07 Toshiba Corp 申請手続処理システム及びそれに使用されるicカード
EP1056014A1 (en) * 1999-05-28 2000-11-29 Hewlett-Packard Company System for providing a trustworthy user interface
AU762560B2 (en) * 1999-06-30 2003-06-26 Silverbrook Research Pty Ltd Method and system for banking
US6842863B1 (en) * 1999-11-23 2005-01-11 Microsoft Corporation Certificate reissuance for checking the status of a certificate in financial transactions
CA2305249A1 (en) * 2000-04-14 2001-10-14 Branko Sarcanin Virtual safe
JP2001344537A (ja) * 2000-05-31 2001-12-14 Ntt Docomo Inc 電子バリューシステム、通信端末及びサーバ
JP2002073568A (ja) * 2000-08-31 2002-03-12 Sony Corp 個人認証システムおよび個人認証方法、並びにプログラム提供媒体
US7356690B2 (en) * 2000-12-11 2008-04-08 International Business Machines Corporation Method and system for managing a distributed trust path locator for public key certificates relating to the trust path of an X.509 attribute certificate
JP2002207427A (ja) * 2001-01-10 2002-07-26 Sony Corp 公開鍵証明書発行システム、公開鍵証明書発行方法、および情報処理装置、情報記録媒体、並びにプログラム記憶媒体
US6983381B2 (en) * 2001-01-17 2006-01-03 Arcot Systems, Inc. Methods for pre-authentication of users using one-time passwords
US7366905B2 (en) * 2002-02-28 2008-04-29 Nokia Corporation Method and system for user generated keys and certificates
US20040030887A1 (en) * 2002-08-07 2004-02-12 Harrisville-Wolff Carol L. System and method for providing secure communications between clients and service providers
CN1708942B (zh) * 2002-10-31 2010-11-03 艾利森电话股份有限公司 设备特定安全性数据的安全实现及利用
US7533012B2 (en) * 2002-12-13 2009-05-12 Sun Microsystems, Inc. Multi-user web simulator
US20050021975A1 (en) * 2003-06-16 2005-01-27 Gouping Liu Proxy based adaptive two factor authentication having automated enrollment
CA2529800A1 (en) * 2003-06-17 2004-12-29 Visa International Service Association Method and systems for securely exchanging data in an electronic transaction
EP1687931B1 (en) * 2003-10-28 2021-12-29 BlackBerry Limited Method and apparatus for verifiable generation of public keys
US20050177518A1 (en) * 2004-02-10 2005-08-11 Brown Collie D. Electronic funds transfer and electronic bill receipt and payment system
JP4652842B2 (ja) * 2005-02-21 2011-03-16 株式会社エヌ・ティ・ティ・ドコモ Icカード
TW200704044A (en) * 2005-03-31 2007-01-16 Willrich Innovations Inc Cellular data communication core
EP2667344A3 (en) * 2005-10-06 2014-08-27 C-Sam, Inc. Transactional services
FR2897222A1 (fr) * 2006-02-03 2007-08-10 Gemplus Sa Acces a distance a une memoire de masse et une memoire de securite dans un objet communicant portable
WO2007094036A1 (ja) * 2006-02-13 2007-08-23 Seiko Instruments Inc. 情報処理システム
JP2007251437A (ja) * 2006-03-14 2007-09-27 Fuji Electric Holdings Co Ltd 認証方法及び安全な通信制御方法
WO2008112048A1 (en) * 2007-02-02 2008-09-18 Tecordia Technologies, Inc. Method and system to authorize and assign digital certificates without loss of privacy
US8041338B2 (en) * 2007-09-10 2011-10-18 Microsoft Corporation Mobile wallet and digital payment
US20090143104A1 (en) * 2007-09-21 2009-06-04 Michael Loh Wireless smart card and integrated personal area network, near field communication and contactless payment system
JP2009118110A (ja) * 2007-11-06 2009-05-28 Nippon Telegr & Teleph Corp <Ntt> 認証システムのメタデータプロビジョニング方法、システム、そのプログラムおよび記録媒体
CN101471867A (zh) * 2007-12-27 2009-07-01 深圳华为通信技术有限公司 网络访问权限控制方法及系统、接入终端、运营支撑系统
US20090198618A1 (en) * 2008-01-15 2009-08-06 Yuen Wah Eva Chan Device and method for loading managing and using smartcard authentication token and digital certificates in e-commerce
CH699083B1 (fr) 2008-07-28 2013-10-15 Wisekey Sa Procédé pour la certification numérique d'authenticité d'un objet physique et support d'enregistrement pour la mise en œuvre d'un tel procédé
US20120101951A1 (en) * 2010-10-22 2012-04-26 Michael Li Method and System for Secure Financial Transactions Using Mobile Communications Devices
KR20120108599A (ko) * 2011-03-25 2012-10-05 주식회사 스마트솔루션 온라인 신용카드 결제 단말기를 활용한 신용카드 결제 서비스
KR101428865B1 (ko) * 2012-10-25 2014-08-12 순천향대학교 산학협력단 Nfc 모바일 결제정보보호를 위한 ntru 암호체계 기반 영지식 증명 시스템 및 방법
US20140237256A1 (en) * 2013-02-17 2014-08-21 Mourad Ben Ayed Method for securing data using a disposable private key
KR101565566B1 (ko) * 2013-02-22 2015-11-03 서울시립대학교 산학협력단 휴대용 단말기와 액세서리를 이용하는 안전결제 시스템 및 방법
US20140379584A1 (en) * 2013-06-25 2014-12-25 FraudFree Finance, LLC Anti-fraud financial transaction method
KR20150026233A (ko) * 2013-09-02 2015-03-11 삼성에스디에스 주식회사 디지털 카드 기반의 결제 시스템 및 방법
CN104243484B (zh) * 2014-09-25 2016-04-13 小米科技有限责任公司 信息交互方法及装置、电子设备

Patent Citations (2)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN101777978A (zh) * 2008-11-24 2010-07-14 华为终端有限公司 一种基于无线终端的数字证书申请方法、系统及无线终端
CN103167491A (zh) * 2011-12-15 2013-06-19 上海格尔软件股份有限公司 一种基于软件数字证书的移动终端唯一性认证方法

Also Published As

Publication number Publication date
US11308465B2 (en) 2022-04-19
KR20160146562A (ko) 2016-12-21
EP3104320A1 (fr) 2016-12-14
KR20170115015A (ko) 2017-10-16
KR102004589B1 (ko) 2019-07-26
TWI727953B (zh) 2021-05-21
JP6220011B2 (ja) 2017-10-25
CN106254076A (zh) 2016-12-21
EP3104320B1 (fr) 2018-08-15
JP2017005712A (ja) 2017-01-05
TW201717138A (zh) 2017-05-16
US20160364704A1 (en) 2016-12-15

Similar Documents

Publication Publication Date Title
US10057235B2 (en) Methods apparatuses and systems for providing user authentication
US20200364696A1 (en) Biometric reader in card
US11580527B2 (en) Battery life estimation
US20200356984A1 (en) Transaction recording
US20120166344A1 (en) Secure wireless payment system and method thereof
CN106254076B (zh) 对手表的集成电路中的银行数据编程的方法
US20190043045A1 (en) Limited operational life password for digital transactions
WO2017127876A1 (en) Validating transactions
AU2022283682A1 (en) Indirect security system and method
CN101714216A (zh) 半导体元件、生物体认证方法和系统、便携式终端
TWI794155B (zh) 與數位交易處理單元通信的裝置與方法
TWI803456B (zh) 韌體更新的系統與方法
AU2022271408A1 (en) Cryptographic data transfer
WO2012049832A1 (ja) 情報処理システム
KR20160139073A (ko) 일회용코드를 이용한 거래 연동 인증 방법
AU2022271407A1 (en) Cryptographic linking
KR20150144362A (ko) 종단 간 매체 소유 인증과 일회용 인증코드 인증을 이용한 가맹점 결제 처리 방법
KR20150144361A (ko) 종단 간 매체 소유 인증과 일회용 인증코드 인증을 이중 결합한 2채널 인증을 이용한 결제 처리 방법
KR20160137802A (ko) 비접촉 매체 연동 기반 서버형 일회용코드를 이용한 거래 연동 인증 방법

Legal Events

Date Code Title Description
C06 Publication
PB01 Publication
C10 Entry into substantive examination
SE01 Entry into force of request for substantive examination
GR01 Patent grant
GR01 Patent grant