CN106874732B - Authorization system based on CPU card - Google Patents
Authorization system based on CPU card Download PDFInfo
- Publication number
- CN106874732B CN106874732B CN201611231560.3A CN201611231560A CN106874732B CN 106874732 B CN106874732 B CN 106874732B CN 201611231560 A CN201611231560 A CN 201611231560A CN 106874732 B CN106874732 B CN 106874732B
- Authority
- CN
- China
- Prior art keywords
- authorization
- cpu card
- key
- value
- ciphertext
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Active
Links
Images
Classifications
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/30—Authentication, i.e. establishing the identity or authorisation of security principals
- G06F21/31—User authentication
- G06F21/34—User authentication involving the use of external additional devices, e.g. dongles or smart cards
Landscapes
- Engineering & Computer Science (AREA)
- Computer Security & Cryptography (AREA)
- Theoretical Computer Science (AREA)
- Computer Hardware Design (AREA)
- Software Systems (AREA)
- Physics & Mathematics (AREA)
- General Engineering & Computer Science (AREA)
- General Physics & Mathematics (AREA)
- Storage Device Security (AREA)
Abstract
The invention discloses an authorization system based on a CPU card, which comprises a non-contact CPU card, an authorization device for right extraction and an authorization device for right equipment; the non-contact CPU card is used for recording the authorization information of the entitlement device; the right extraction authorization device is used for performing first bidirectional security verification with the contactless CPU card, and changing the authorization information of the right device in the contactless CPU card after the verification is passed so as to perform right authorization on the right device; the right equipment is used for carrying out second bidirectional security verification with the right extraction authorization device, and the right extraction authorization device authorizes the right after the verification is passed. The invention can improve the security of the right authorization of the right equipment.
Description
Technical Field
The invention relates to the technical field of information authorization security, in particular to an authorization system based on a CPU card.
Background
The right authorization refers to a key step of authorizing the use of the commodity in the supply relationship between the merchant and the customer, the cooperative relationship between the developer and the application provider, and the legal or illegal competition relationship between the developer and other developers.
The traditional right authorization includes registration code authorization, password authorization, certificate authorization and the like, but basically the right authorization is performed in a software form. The biggest disadvantage of software authorization is that the software authorization is easy to crack, so that a registry flows out and the security level is not high. Once the rights authorization is broken, the cracker can authorize and use the rights without limit, causing huge loss to the merchant.
Disclosure of Invention
The invention aims to overcome the defects of the prior art and provide the CPU card-based authorization system with high safety.
In order to achieve the purpose of the invention, the technical scheme adopted by the invention is as follows:
the first aspect of the embodiments of the present invention provides an authorization system based on a CPU card, where the authorization system includes a contactless CPU card, an entitlement extraction authorization apparatus, and an entitlement device;
the non-contact CPU card is used for recording the authorization information of the entitlement device;
the right extraction authorization device is used for performing first bidirectional security verification with the contactless CPU card, and changing the authorization information of the right device in the contactless CPU card after the verification is passed so as to perform right authorization on the right device;
the right equipment is used for carrying out second bidirectional security verification with the right extraction authorization device, and the right extraction authorization device authorizes the right after the verification is passed.
In an embodiment of the invention, the authorization information comprises a number of rights; the right extraction authorization device comprises a first CPU card value adding and subtracting module, a first data processing module and a second data processing module, wherein the first CPU card value adding and subtracting module is used for generating a value-added key and/or a value-subtracted key according to a key and writing the value-added key and/or the value-subtracted key into the non-contact CPU card;
the non-contact CPU card comprises a second CPU card add-subtract value module which is used for generating a first random number R1 and sending the first random number R1 to the first CPU card add-subtract value module in the right extraction authorization device when the first bidirectional security verification is carried out;
the first CPU card add-subtract value module is further configured to generate a first message authentication code according to the random number R1 and the superior key of the value-added key or the value-subtracted key, and simultaneously generate a second random number R2 and send the first message authentication code and the second random number R2 to the second CPU card add-subtract value module in the contactless CPU card;
the second CPU card add-subtract value module is further configured to verify the first message authentication code according to the value-added key or the value-subtracted key, and after the verification is passed, calculate a second message authentication code according to the second random number R2 and return the second message authentication code to the first CPU card add-subtract value module in the right extraction authorization apparatus;
and the first CPU card add-subtract value module is also used for verifying the second message authentication code, and changing the second message authentication code after the verification is passed so as to increase or decrease the right times.
In an embodiment of the present invention, the right device is further configured to generate a first random identification code during the second bidirectional security authentication, encrypt the first random identification code with a key a to obtain a ciphertext a1, and transmit the ciphertext a1 to the right extraction authorization apparatus;
the right extraction authorization apparatus is further configured to decrypt the ciphertext a1 with a key a to obtain the first random identifier, generate a second random identifier, encrypt the first random identifier and at least part of the second random identifier with a key B to obtain a ciphertext B12, and transmit the ciphertext B12 to the right device;
the device is further configured to perform decryption check on the ciphertext B12 using key B.
In an embodiment of the invention, said key B is constituted by a part of said second random identification code.
In the embodiment of the invention, the right device and the right extraction authorization device adopt a 3DES encryption and decryption algorithm in encryption and decryption.
In an embodiment of the invention, the rights device comprises:
the first random identification code calculation module is used for calculating and generating different first random identification codes for different right devices in different authorization operations.
In an embodiment of the present invention, the right extraction authorization apparatus includes:
and the second random identification code calculation module is used for calculating and generating different second random identification codes at different moments.
In an embodiment of the present invention, the key a and the key B are held in common by the rights issuer and the rights extraction authorizer.
In an embodiment of the invention, the rights device comprises:
a first ciphertext coding-decoding module, configured to decrypt the ciphertext A1 with the key A to obtain the first random identification code,
in an embodiment of the present invention, the right extraction authorization apparatus includes:
and the second ciphertext coding and decoding module is used for decrypting the ciphertext A1 by using the key A to obtain the first random identification code, and encrypting the first random identification code and at least part of the second random identification code by using the key B.
Compared with the prior art, the invention has the beneficial effects that:
the invention takes the non-contact CPU card as an authorization bridge, the right extraction authorization device authorizes the right equipment, and by combining software and hardware, a cracker can not break away from one party to be cracked, the authorization security is high, the security of the whole right equipment in the authorization is improved, and the authorization can be carried out by matching with a ciphertext and a random identification code, thereby avoiding the loss of a merchant caused by the cracker cracking the authorization of the right equipment and facilitating the control of the merchant on the authorization of the right.
Drawings
In order to more clearly illustrate the embodiments of the present invention or the technical solutions in the prior art, the drawings used in the description of the embodiments or the prior art will be briefly described below, it is obvious that the drawings in the following description are only some embodiments of the present invention, and for those skilled in the art, other drawings can be obtained according to the drawings without creative efforts.
FIG. 1 is a block diagram schematically illustrating a CPU card based authorization system provided by an embodiment of the present invention;
FIG. 2 is a block diagram schematically illustrating another CPU card based authorization system provided by an embodiment of the present invention;
fig. 3 schematically shows a scene diagram of the CPU card-based authorization system provided in the embodiment of the present invention.
Detailed Description
The technical solutions in the embodiments of the present invention will be clearly and completely described below with reference to the drawings in the embodiments of the present invention, and it is obvious that the described embodiments are only a part of the embodiments of the present invention, and not all of the embodiments. All other embodiments, which can be derived by a person skilled in the art from the embodiments given herein without making any creative effort, shall fall within the protection scope of the present invention.
Fig. 1 is a structural diagram of an authorization system based on a CPU card according to an embodiment of the present invention. As shown in fig. 1, the authorization system 100 may include a contactless CPU card 101, a rights extraction authorization apparatus 102, and a rights device 103. Wherein:
the contactless CPU card 101 is configured to record authorization information of the rights device 103. For example, the authorization information may include the number of rights.
The right extraction authorization device 102 is configured to perform a first bidirectional security authentication with the contactless CPU card 101, and after the authentication passes, modify authorization information of the right device 103 in the contactless CPU card 101 to authorize the right of the right device 103.
The right device 103 is configured to perform a second bidirectional security authentication with the right extraction authorization apparatus 102, and after the authentication is passed, the right extraction authorization apparatus 102 authorizes the right extraction device.
In an exemplary embodiment of the present invention, the right extraction authorization apparatus 102 includes a first CPU card add-subtract module, configured to generate an add-value key and/or a subtract-value key according to a key, and write the add-value key and/or the subtract-value key into the contactless CPU card.
The contactless CPU card 101 includes a second CPU card add/subtract module, configured to generate a first random number R1 and send the first random number R1 to the first CPU card add/subtract module in the right extraction authorization apparatus 102 during the first bidirectional security verification. The first CPU card add/subtract value module is further configured to generate a first message authentication code according to the random number R1 and the superior key of the value-added key or the value-subtracted key, and simultaneously generate a second random number R2, and send the first message authentication code and the second random number R2 to the second CPU card add/subtract value module in the contactless CPU card 101. The second CPU card add/subtract value module is further configured to verify the first message authentication code according to the value-added key or the value-subtracted key, and after the verification is passed, calculate a second message authentication code according to the second random number R2 and return the second message authentication code to the first CPU card add/subtract value module in the right extraction authorization apparatus 102. And the first CPU card add-subtract value module is also used for verifying the second message authentication code, and changing the second message authentication code after the verification is passed so as to increase or decrease the right times.
In an exemplary embodiment of the present invention, the right device 103 is further configured to generate a first random identification code during the second bidirectional security authentication, encrypt the first random identification code with a key a to obtain a ciphertext a1, and transmit the ciphertext a1 to the right extraction authorization apparatus 102. The right extraction authorization apparatus 102 is further configured to decrypt the ciphertext a1 with a key a to obtain the first random identifier, generate a second random identifier, encrypt the first random identifier and at least a portion of the second random identifier with a key B to obtain a ciphertext B12, and transmit the ciphertext B12 to the right device 103. The device 103 is further configured to perform decryption check on the ciphertext B12 using the key B.
Illustratively, the key B may be constituted by a part of the second random identification code. For example, the second random identification code may be split into parts as the key B. While the remainder of the second random identification code may be encrypted with the first random identification code using key B to obtain ciphertext B12. The right device 103 and the right extraction authorization device 102 both use a 3DES encryption and decryption algorithm in encryption and decryption. Of course, other encryption and decryption algorithms may be used, and are not particularly limited. The key a and the key B are held in common by the rights issuer 102 and the rights issuer 103.
As shown in fig. 2, in an exemplary embodiment of the present invention, the right device 103 may include a first random identification code calculation module for calculating and generating different first random identification codes for different right devices in different authorization operations.
In an exemplary embodiment of the present invention, the right extraction authorization apparatus 102 may include a second random identification code calculation module, configured to calculate and generate different second random identification codes at different time instants.
In an exemplary embodiment of the present invention, the right device 103 may include a first ciphertext codec module, configured to decrypt the ciphertext a1 with the key a to obtain the first random identification code,
in an exemplary embodiment of the present invention, the right extraction authorization apparatus 102 may include a second ciphertext codec module, configured to decrypt the ciphertext a1 with the key a to obtain the first random identification code, and encrypt the first random identification code and at least a portion of the second random identification code with the key B.
The invention is described below with reference to a specific example. Referring to fig. 3, an authorization representative medium according to an embodiment of the present invention may include: a contactless CPU card, a rights extraction authorization device (such as a contactless CPU card issuing device) and a rights device.
The authorization system and the authorization method based on the CPU card have the advantages that the authorization device extracts the rights of the non-contact CPU card and authorizes the authorization equipment, and the bridge function of connecting the rights conversion between the non-contact CPU card and the authorization equipment is achieved in the whole authorization system and mode based on the CPU card. For example, in an authorization process of a GPS positioning device (right device), the card issuing device (right extraction authorization device) performs a card issuing operation on the contactless CPU card. The card issuing device charges the non-contact CPU card. The card issuing device acquires the right state of the GPS positioning equipment. And the card issuing device subtracts the value of the non-contact CPU card weight and performs right authorization on the GPS positioning equipment. Thus, the whole CPU card-based right authorization mode is completed.
The right authorization process in the embodiment of the invention relates to the application of a symmetric encryption and decryption algorithm and a right code dynamic authorization technology. The right extraction authorization device and the non-contact CPU card are used as typical media and jointly bear a CPU card add-subtract module. The right extraction authorization device sends, adds, subtracts and inquires the non-contact CPU card. The card issuing operation of the non-contact CPU card comprises the establishment of a file structure of the non-contact CPU card, wherein the establishment of a key file exists. In the established key file, the right extraction authorization device performs multi-level score (typical dispersion level is 3 levels) on the root key factor to obtain an added value key KeyPlus required by the added and subtracted module of the CPU card, writes the added value key KeyPlus into the key file of the non-contact CPU card, wherein the added value key is used for the added value function of the added and subtracted module of the CPU card, the added value key KeyPlus is only stored in the key file of the non-contact CPU card, the key file belongs to the encrypted file type, cannot be read and only can be written and used, and after being written, the added value key KeyPlus is used in a key calculation mode, so that the key itself is not leaked, and the confidentiality of the added value key KeyPlus is ensured. The right extraction authorization device only keeps the superior key of the value-added key KeyPlus, and disperses the physical identification codes (8 bytes after ATS) of the value-added non-contact CPU cards when the value-added and subtracted modules of the CPU cards perform value-added operation, and the value-added key KeyPlus obtained by dispersing the right extraction authorization device is unique because the physical identification code of each non-contact CPU card is unique, so that the situation of one secret and multiple purposes is prevented, and the maximum benefit of a merchant is ensured not to be damaged. In the value-added operation, the right extraction authorization device and the non-contact CPU card complete one complete value-added operation through the two parts of value-added initialization and value-added operation. The value-added initialization operation requires the right to extract the random number 1 returned by the authorization device to the non-contact CPU card, and the value-added key is obtained by dispersing the superior key of the value-added key KeyPlus, so as to calculate the message authentication code 1. In the value-added operation, the right extraction authorization device sends the calculated message authentication code 1 and the generated random number 2 to the non-contact CPU card, the non-contact CPU card verifies the message authentication code 1, if the authentication is successful, the message authentication code 2 is calculated according to the random number 2 and is returned to the right extraction authorization device, and the right extraction authorization device verifies the message authentication code 2. In the process, the random number generated by the right extraction authorization device and the non-contact CPU card together and the calculation message verification code have uniqueness and irreparable modification, so a cracker cannot tamper with the value-adding parameters to ensure the safety of the value-adding process. Similarly, the right extraction authorization device obtains the reduced value key KeyMinus required by the CPU card reduced value module through multi-stage dispersion of the root key factors, and writes the reduced value key KeyMinus into the key file of the non-contact CPU card. The subtracting process consists of two parts, subtracting initialization and subtracting. The non-contact CPU card generates a random number 1 by the decrement initialization operation, and the right extraction authorization apparatus calculates a message authentication code 1 by using the decrement key KeyMinus based on the random number 1, and transmits the calculated random number 2 to the non-contact CPU card. The non-contact CPU card with the value-reducing operation verifies the message authentication code 1 by using the value-reducing key KeyMinus, calculates the message authentication code 2 according to the random number 2 and transmits the message authentication code 2 back to the right extraction authorization device. The right extraction authorization device checks the message authentication code 2 and completes the whole value reduction process. The CPU card add-subtract value module carried by the right extraction authorization device integrates a key dispersion algorithm, a CPU card file structure card issuing function and an add-subtract value transaction data encryption and decryption algorithm. The non-contact CPU card is provided with a cos authorization mode, and ciphertext transmission and integrity verification are adopted for value adding and subtracting operation. The key is stored in two media and is not disclosed to the outside, so that the key is ensured not to be leaked.
The right extraction authorization device and the right equipment are used as typical media to jointly carry the ciphertext coding and decoding module. The right extraction authorization device queries the right state of the right equipment, acquires the ciphertext random identification code 1, acquires the ciphertext random identification code 2 and authorizes the right. There are 2 states of the right: unauthorized and authorized. A symmetric encryption and decryption algorithm, namely a 3DES encryption and decryption algorithm, is integrated in ciphertext coding and decoding modules carried by the right extraction authorization device and the right equipment, and the right extraction authorization device and the right equipment jointly hold a secret key A. The rights device encrypts the random identification code 1 with the key a to obtain the ciphertext a 1. The right device transmits the ciphertext A1 to the right extraction authorization apparatus, and the right extraction authorization apparatus decrypts the ciphertext A1 by using the key A to obtain the random identification code 1. The right extraction authorization device generates a random identification code 2, splits the random identification code 2 to form a key B, encrypts the random identification code 1 and part of the random identification code 2 again to obtain a ciphertext B12, transmits the ciphertext B12 to the right device, and decrypts the ciphertext B12 by using the key B to obtain the ciphertext parts of the random identification code 1' and the random identification code 2. Because the random identification code 1 is transmitted by ciphertext in the data transmission of the whole ciphertext coding and decoding module all the time, the random identification codes at each time are different, the encrypted ciphertext is also different, the key random identification code 1 is protected in the two ciphertext transmissions and is authenticated by the right extraction authorization device, a cracker cannot crack the ciphertext to obtain the random identification code 1 and cannot forge the ciphertext B12 to forge the authentication, and the authorization right of a merchant is protected.
The right extraction authorization device and the right equipment are taken as typical media and jointly carry a random identification code calculation module. The random identification code calculation module carried by the right device calculates the random identification code 1 according to the value of the internal timer register as a seed. The internal timer of the module starts counting when the internal chip starts oscillation, the minimum counting unit is 1 microsecond, the numerical values of internal timer registers at different moments are different, the calculated random identification codes 1 are also different, and a cracker is prevented from cracking an authorization ciphertext in a repeated exhaustion mode. The random identification code calculation module carried by the right extraction authorization device calculates the random identification code 2 according to different time of each authorization as a seed. The random identification code calculation module disperses the encryption key in different authorization operations of different right devices to generate a unique ciphertext, so that the uniqueness of the ciphertext transmitted each time is ensured, the cracking difficulty is increased, and the security of an authorization mode is enhanced.
It should be noted that although in the above detailed description several modules or units of the device for action execution are mentioned, such a division is not mandatory. Indeed, the features and functionality of two or more modules or units described above may be embodied in one module or unit, according to embodiments of the invention. Conversely, the features and functions of one module or unit described above may be further divided into embodiments by a plurality of modules or units. The components shown as modules or units may or may not be physical units, i.e. may be located in one place or may also be distributed over a plurality of network units. Some or all of the modules can be selected according to actual needs to achieve the purpose of the disclosed solution. One of ordinary skill in the art can understand and implement it without inventive effort.
Other embodiments of the invention will be apparent to those skilled in the art from consideration of the specification and practice of the invention disclosed herein. This application is intended to cover any variations, uses, or adaptations of the invention following, in general, the principles of the invention and including such departures from the present disclosure as come within known or customary practice within the art to which the invention pertains. It is intended that the specification and examples be considered as exemplary only, with a true scope and spirit of the invention being indicated by the following claims.
Claims (8)
1. An authorization system based on a CPU card is characterized in that the system comprises a non-contact CPU card, an authorization device for rights extraction and a right device;
the non-contact CPU card is used for recording the authorization information of the entitlement device; the authorization information includes a number of rights;
the right extraction authorization device is used for performing first bidirectional security verification with the contactless CPU card, and changing the authorization information of the right device in the contactless CPU card after the verification is passed so as to perform right authorization on the right device;
the right equipment is used for carrying out second bidirectional security verification with the right extraction authorization device, and the right extraction authorization device authorizes the right after the verification is passed;
wherein:
the right extraction authorization apparatus includes:
the first CPU card value adding and subtracting module is used for generating a value-adding key and/or a value-subtracting key according to a key and writing the value-adding key and/or the value-subtracting key into the non-contact CPU card;
the contactless CPU card includes:
the second CPU card add-subtract module is configured to generate a first random number R1 and send the first random number R1 to the first CPU card add-subtract module in the right extraction authorization apparatus when performing the first bidirectional security verification;
the first CPU card add-subtract value module is further configured to generate a first message authentication code according to the random number R1 and the superior key of the value-added key or the value-subtracted key, and simultaneously generate a second random number R2 and send the first message authentication code and the second random number R2 to the second CPU card add-subtract value module in the contactless CPU card;
the second CPU card add-subtract value module is further configured to verify the first message authentication code according to the value-added key or the value-subtracted key, and after the verification is passed, calculate a second message authentication code according to the second random number R2 and return the second message authentication code to the first CPU card add-subtract value module in the right extraction authorization apparatus;
the first CPU card add-subtract value module is further used for verifying the second message authentication code, and changing the second message authentication code after the verification is passed so as to increase or decrease the right times;
the right device is further configured to generate a first random identification code during the second bidirectional security authentication, encrypt the first random identification code with a key a to obtain a ciphertext a1, and transmit the ciphertext a1 to the right extraction authorization apparatus;
the right extraction authorization apparatus is further configured to decrypt the ciphertext a1 with a key a to obtain the first random identifier, generate a second random identifier, encrypt the first random identifier and at least part of the second random identifier with a key B to obtain a ciphertext B12, and transmit the ciphertext B12 to the right device;
the device is further configured to perform decryption check on the ciphertext B12 using key B.
2. The CPU card based authorization system according to claim 1, characterized in that the key B is constituted by a part of the second random identification code.
3. The CPU card-based authorization system according to claim 1 or 2, wherein the entitlement device and the entitlement extraction authorization apparatus employ a 3DES encryption/decryption algorithm in both encryption and decryption.
4. The CPU card-based authorization system according to claim 1, wherein the entitlement device comprises:
the first random identification code calculation module is used for calculating and generating different first random identification codes for different right devices in different authorization operations.
5. The CPU card-based authorization system according to claim 1, wherein the right extraction authorization means comprises:
and the second random identification code calculation module is used for calculating and generating different second random identification codes at different moments.
6. The CPU card-based authorization system according to claim 1, wherein the key a and the key B are held by the rights device and the rights extraction authorization apparatus in common.
7. The CPU card-based authorization system according to claim 1, wherein the entitlement device comprises:
and the first ciphertext coding and decoding module is used for decrypting the ciphertext A1 by using the key A to obtain the first random identification code.
8. The CPU card-based authorization system according to claim 1, wherein the right extraction authorization means comprises:
and the second ciphertext coding and decoding module is used for decrypting the ciphertext A1 by using the key A to obtain the first random identification code, and encrypting the first random identification code and at least part of the second random identification code by using the key B.
Priority Applications (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN201611231560.3A CN106874732B (en) | 2016-12-28 | 2016-12-28 | Authorization system based on CPU card |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN201611231560.3A CN106874732B (en) | 2016-12-28 | 2016-12-28 | Authorization system based on CPU card |
Publications (2)
| Publication Number | Publication Date |
|---|---|
| CN106874732A CN106874732A (en) | 2017-06-20 |
| CN106874732B true CN106874732B (en) | 2020-11-06 |
Family
ID=59164861
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN201611231560.3A Active CN106874732B (en) | 2016-12-28 | 2016-12-28 | Authorization system based on CPU card |
Country Status (1)
| Country | Link |
|---|---|
| CN (1) | CN106874732B (en) |
Citations (3)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN102129730A (en) * | 2010-01-14 | 2011-07-20 | 上海峥创电子有限公司 | Non-contact CPU (Central Processing Unit) card entrance guard reader |
| CN103247096A (en) * | 2013-05-20 | 2013-08-14 | 郑州天迈科技有限公司 | Electronic lock of slot machine and method for unlocking electronic lock |
| CN104022886A (en) * | 2014-06-27 | 2014-09-03 | 深圳市捷顺科技实业股份有限公司 | Safety authentication method applied to parking lot as well as related device and system |
-
2016
- 2016-12-28 CN CN201611231560.3A patent/CN106874732B/en active Active
Patent Citations (3)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN102129730A (en) * | 2010-01-14 | 2011-07-20 | 上海峥创电子有限公司 | Non-contact CPU (Central Processing Unit) card entrance guard reader |
| CN103247096A (en) * | 2013-05-20 | 2013-08-14 | 郑州天迈科技有限公司 | Electronic lock of slot machine and method for unlocking electronic lock |
| CN104022886A (en) * | 2014-06-27 | 2014-09-03 | 深圳市捷顺科技实业股份有限公司 | Safety authentication method applied to parking lot as well as related device and system |
Also Published As
| Publication number | Publication date |
|---|---|
| CN106874732A (en) | 2017-06-20 |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| US11856104B2 (en) | Methods for secure credential provisioning | |
| US11068608B2 (en) | Mutual authentication of software layers | |
| CN106797311B (en) | System, method and storage medium for secure password generation | |
| CN107925572B (en) | Secure binding of software applications to communication devices | |
| US6128391A (en) | Method and apparatus for asymetric key management in a cryptographic system | |
| KR101468626B1 (en) | System for paying card of smart phone using key exchange with van server | |
| JP6743276B2 (en) | System and method for end-to-end key management | |
| CN113812128A (en) | NFC mobile money transfer | |
| KR20180136562A (en) | Secure remote payment transaction processing | |
| CN105160242A (en) | Certificate loading method and certificate updating method of card reader and card reader | |
| CN103905196A (en) | PIN switch encryption method | |
| CN103929308A (en) | Information verification method applied to RFID card | |
| TWI476629B (en) | Data security and security systems and methods | |
| JPS60136440A (en) | Method of altering session cryptographic key | |
| KR101295038B1 (en) | How to use Certificate by using Secure Reader | |
| CN106874732B (en) | Authorization system based on CPU card | |
| KR100642940B1 (en) | System and method for authentication data delivery of smart card | |
| KR101633043B1 (en) | Method and system for providing service card transaction approval | |
| CN106961446A (en) | A kind of online transaction system and method | |
| CN110505063A (en) | A kind of method and system guaranteeing financial payment safety | |
| CN113393242B (en) | Method and equipment for safe off-line electronic payment of token model payers | |
| JPH0199158A (en) | Terminal authorizing method | |
| JPH0199159A (en) | Terminal authorizing method |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| PB01 | Publication | ||
| PB01 | Publication | ||
| SE01 | Entry into force of request for substantive examination | ||
| SE01 | Entry into force of request for substantive examination | ||
| GR01 | Patent grant | ||
| GR01 | Patent grant |