CN107240157B - Near field communication security control method, mobile terminal and computer readable storage medium - Google Patents

Abstract

The invention discloses a near field communication safety control method, comprising: when a safe reading mode is started, a near field communication controller reads a data transmission path, and redirects it to a preset buffer area in a trusted execution environment; The preset trusted application of the trusted execution environment reads the first identity of the near field communication card into the preset buffer based on the near field communication controller, and based on the first identity, Perform security verification on the near field communication card; when the near field communication card passes the security verification, set the near field communication application corresponding to the near field communication card in a common execution environment to access the preset trusted application, so that the near field communication application can access the near field communication card through the preset trusted application. The invention also discloses a mobile terminal and a computer-readable storage medium. The present invention can improve the security when the mobile terminal performs near field communication interaction.

Description

Near field communication security control method, mobile terminal and computer-readable storage medium

technical field

The present invention relates to the technical field of mobile terminals, in particular to a near field communication security control method, a mobile terminal and a computer-readable storage medium.

Background technique

NFC (Near Field Communication) is a short-range high-frequency radio technology that allows non-contact point-to-point data transmission and exchange of data between electronic devices. It is evolved from RFID (Radio Frequency Identification, non-contact radio frequency identification). The NFC operating frequency is 13.56Hz, the effective range is within 20cm, and its transmission speed is 106Kbit/sec, 212Kbit/sec or 424Kbit/sec. NFC has 3 working modes: card reader mode, peer-to-peer mode, and card emulation mode.

When the mobile terminal is equipped with an NFC controller and the NFC controller works in the card reader mode, the mobile terminal can generate a radio frequency field through the NFC controller to read and write data from an NFC card with the same standard from the outside. Read the information of the "Shenzhen Pass" card, and perform operations such as recharging. However, due to the low threshold of NFC, criminals can make NFC cards by themselves, and write Trojan programs or other dangerous codes into the NFC card. If the NFC card is read by the user operating the mobile terminal, the Trojan program written in the NFC card Or dangerous codes will be implanted into the user's mobile terminal, resulting in the theft or destruction of user data.

SUMMARY OF THE INVENTION

The present invention provides a near field communication security control method, a mobile terminal and a computer-readable storage medium, aiming to improve the security of the mobile terminal when performing near field communication interaction.

In order to achieve the above purpose of the invention, the present invention provides a near field communication security control method, the near field communication security control method includes:

When the secure read mode is activated, the near field communication controller reads the data transmission path and redirects it to the preset buffer area in the trusted execution environment;

Through the preset trusted application of the trusted execution environment, the first identification of the near field communication card is read into the preset buffer area based on the near field communication controller, and based on the first identification , performing security verification on the near field communication card;

When the near field communication card passes the security verification, it is set that the near field communication application corresponding to the near field communication card in the common execution environment can access the preset trusted application, so that the near field communication application can pass all the The preset trusted application accesses the near field communication card.

Optionally, the near field communication application is a ticketing application, and after the step of setting the near field communication application to be able to access the preset trusted application, the method further includes:

Read the user's real-name information carried by the near field communication card into the preset cache area through the preset trusted application, and generate temporary application information based on the user's real-name information and the preset ticketing information of the ticketing application;

The temporary application information is transmitted to the ticketing application through the access channel between the preset trusted application and the ticketing application, so that the ticketing application can complete the real-name ticket purchase.

Optionally, the step of reading the first identity identifier through a preset trusted application includes:

According to a preset frequency, the preset trusted application is called a preset number of times to instruct the preset trusted application to read the first identity identifier of the near field communication card.

Optionally, after the step of performing security verification on the near field communication card through the preset trusted application based on the first identity identifier, the method further includes:

When the near field communication card fails the security verification, output first prompt information that the near field communication card is not safe.

Optionally, before the step of redirecting the transmission path of the near field communication controller to read data to a preset buffer area in the trusted execution environment when the secure reading mode is activated, the method further includes:

Secure read mode is initiated upon receipt of a secure read mode initiation operation from the user.

Optionally, before starting the safe reading mode, the method further includes:

When receiving the user's safe reading mode startup operation, a preset authentication interface is displayed for the user to input authentication data;

Receive authentication data input by the user based on the displayed preset authentication interface, and perform user identity authentication based on the authentication data;

After the user authentication is passed, the secure read mode is activated.

Optionally, before the step of setting the near field communication application to be able to access the preset trusted application, the method further includes:

When the near field communication card passes the security check, read the second identity of the near field communication application into the preset buffer area through the preset trusted application;

Based on the second identity identifier, perform security verification on the near field communication application by using the preset trusted application;

When the near field communication application passes the security check, it is set that the near field communication application can access the preset trusted application.

Optionally, after the step of performing security verification on the near field communication application by using the preset trusted application based on the second identity identifier, the method further includes:

When the near field communication application fails the security check, output second prompt information that the near field communication application is not safe.

Further, the present invention also provides a mobile terminal, the mobile terminal includes:

A memory storing a near field communication security control program;

A processor configured to execute the near field communication security control program to achieve the following steps:

When the secure read mode is activated, the near field communication controller reads the data transmission path and redirects it to the preset buffer area in the trusted execution environment;

Through the preset trusted application of the trusted execution environment, the first identification of the near field communication card is read into the preset buffer area based on the near field communication controller, and based on the first identification , performing security verification on the near field communication card;

When the near field communication card passes the security verification, it is set that the near field communication application corresponding to the near field communication card in the common execution environment can access the preset trusted application, so that the near field communication application can pass all the The preset trusted application accesses the near field communication card.

Further, the present invention also provides a computer-readable storage medium on which a near-field communication security control program is stored, and the near-field communication security control program is executed by a processor to implement the following steps:

When the secure read mode is activated, the near field communication controller reads the data transmission path and redirects it to the preset buffer area in the trusted execution environment;

Through the preset trusted application of the trusted execution environment, the first identification of the near field communication card is read into the preset buffer area based on the near field communication controller, and based on the first identification , performing security verification on the near field communication card;

When the near field communication card passes the security verification, it is set that the near field communication application corresponding to the near field communication card in the common execution environment can access the preset trusted application, so that the near field communication application can pass all the The preset trusted application accesses the near field communication card.

The near field communication security control method proposed by the present invention combines the reading function of near field communication and the trusted execution environment isolated from the common execution environment, and redirects the transmission path of the data read by the near field communication controller to the trusted execution environment. The preset buffer area in the environment, and the security check of the near field communication card is carried out through the preset trusted application in the trusted execution environment. When and only when the near field communication card passes the security check, set the corresponding close The near field communication application of the field communication card can access the preset trusted application, so that the near field communication application can access the near field communication card through the preset trusted application, so as to achieve the purpose of improving the security of the mobile terminal when performing near field communication interaction.

Description of drawings

FIG. 1 is a schematic diagram of the hardware structure of an optional mobile terminal for realizing the first embodiment of the present invention;

Fig. 2 is a kind of communication network system architecture diagram of the mobile terminal as shown in Fig. 1;

3 is a schematic flowchart of a first embodiment of a near field communication security control method according to the present invention;

FIG. 4 is an example diagram of an operation of reading a near field communication card in the first embodiment of the near field communication security control method of the present invention;

FIG. 5 is an exemplary diagram of a control that triggers a start-up operation of a safe read mode in a third embodiment of the near field communication security control method of the present invention;

6 is an exemplary diagram of an authentication interface in the third embodiment of the near field communication security control method of the present invention;

FIG. 7 is an example diagram of authentication data input by a user in the third embodiment of the near field communication security control method of the present invention.

Detailed ways

It should be understood that the specific embodiments described herein are only used to explain the present invention, but not to limit the present invention.

In the following description, suffixes such as 'module', 'component' or 'unit' used to represent elements are used only to facilitate the description of the present invention and have no specific meaning per se. Thus, "module", "component" or "unit" may be used interchangeably.

The terminal may be implemented in various forms. For example, the terminals described in the present invention may include mobile phones, tablet computers, notebook computers, handheld computers, personal digital assistants (Personal Digital Assistant, PDA), portable media players (Portable Media Player, PMP), navigation devices, Mobile terminals such as wearable devices, smart bracelets, and pedometers, as well as stationary terminals such as digital TVs and desktop computers.

In the following description, a mobile terminal will be used as an example, and those skilled in the art will understand that, in addition to elements specially used for mobile purposes, the configurations according to the embodiments of the present invention can also be applied to stationary type terminals.

Please refer to FIG. 1 , which is a schematic diagram of the hardware structure of a mobile terminal implementing various embodiments of the present invention. The mobile terminal 100 may include: an RF (Radio Frequency, radio frequency) unit 101 , a WiFi module 102 , an audio output unit 103 , A /V (audio/video) input unit 104, sensor 105, display unit 106, user input unit 107, interface unit 108, memory 109, processor 110, and power supply 111 and other components. Those skilled in the art can understand that the structure of the mobile terminal shown in FIG. 1 does not constitute a limitation on the mobile terminal, and the mobile terminal may include more or less components than the one shown, or combine some components, or different components layout.

Below in conjunction with Fig. 1, each component of the mobile terminal is introduced in detail:

The radio frequency unit 101 can be used for receiving and sending signals during transmission and reception of information or during a call. Specifically, after receiving the downlink information of the base station, it is processed by the processor 110; in addition, the uplink data is sent to the base station. Generally, the radio frequency unit 101 includes, but is not limited to, an antenna, at least one amplifier, a transceiver, a coupler, a low noise amplifier, a duplexer, and the like. In addition, the radio frequency unit 101 can also communicate with the network and other devices through wireless communication. The above-mentioned wireless communication can use any communication standard or protocol, including but not limited to GSM (Global System of Mobile communication, Global System for Mobile Communications), GPRS (General Packet Radio Service, General Packet Radio Service), CDMA2000 (CodeDivision Multiple Access 2000, Code Division Multiple Access 2000), WCDMA (Wideband Code Division Multiple Access, Wideband Code Division Multiple Access), TD-SCDMA (Time Division-Synchronous Code Division Multiple Access, Time Division Synchronous Code Division Multiple Access), FDD-LTE (Frequency Division Duplexing-Long Term) Evolution, frequency division duplexing long term evolution) and TDD-LTE (Time Division Duplexing-Long Term Evolution, time division duplexing long term evolution) and so on.

WiFi is a short-distance wireless transmission technology, and the mobile terminal can help users to send and receive emails, browse web pages, access streaming media, etc. through the WiFi module 102, which provides users with wireless broadband Internet access. Although FIG. 1 shows the WiFi module 102, it can be understood that it is not a necessary component of the mobile terminal, and can be completely omitted as required within the scope of not changing the essence of the invention.

When the mobile terminal 100 is in a call signal receiving mode, a talking mode, a recording mode, a voice recognition mode, a broadcast receiving mode, etc., the audio output unit 103 can store the data received by the radio frequency unit 101 or the WiFi module 102 or stored in the memory 109. The audio data is converted into audio signal and output as sound. Also, the audio output unit 103 may also provide audio output related to a specific function performed by the mobile terminal 100 (eg, call signal reception sound, message reception sound, etc.). The audio output unit 103 may include a speaker, a buzzer, and the like.

The A/V input unit 104 is used to receive audio or video signals. The A/V input unit 104 may include a Graphics Processing Unit (GPU) 1041 and a microphone 1042, and the graphics processor 1041 can respond to still pictures or images obtained by an image capture device (such as a camera) in a video capture mode or an image capture mode. The image data of the video is processed. The processed image frames may be displayed on the display unit 106 . The image frames processed by the graphics processor 1041 may be stored in the memory 109 (or other storage medium) or transmitted via the radio frequency unit 101 or the WiFi module 102 . The microphone 1042 can receive sound (audio data) via the microphone 1042 in a telephone call mode, a recording mode, a voice recognition mode, etc. operating modes, and can process such sound into audio data. The processed audio (voice) data can be converted into a format that can be transmitted to a mobile communication base station via the radio frequency unit 101 for output in the case of a telephone call mode. The microphone 1042 may implement various types of noise cancellation (or suppression) algorithms to remove (or suppress) noise or interference generated in the process of receiving and transmitting audio signals.

The mobile terminal 100 also includes at least one sensor 105, such as a light sensor, a motion sensor, and other sensors. Specifically, the light sensor includes an ambient light sensor and a proximity sensor, wherein the ambient light sensor can adjust the brightness of the display panel 1061 according to the brightness of the ambient light, and the proximity sensor can close the display panel 1061 and the display panel 1061 when the mobile terminal 100 is moved to the ear. / or backlight. As a kind of motion sensor, the accelerometer sensor can detect the magnitude of acceleration in all directions (usually three axes), and can detect the magnitude and direction of gravity when it is stationary. games, magnetometer attitude calibration), vibration recognition related functions (such as pedometer, tapping), etc.; as for the fingerprint sensor, pressure sensor, iris sensor, molecular sensor, gyroscope, barometer, hygrometer, etc. Other sensors such as thermometers, infrared sensors, etc. will not be repeated here.

The display unit 106 is used to display information input by the user or information provided to the user. The display unit 106 may include a display panel 1061, and the display panel 1061 may be configured in the form of a liquid crystal display (LCD), an organic light-emitting diode (OLED), or the like.

The user input unit 107 may be used to receive input numerical or character information, and generate key signal input related to user settings and function control of the mobile terminal. Specifically, the user input unit 107 may include a touch panel 1071 and other input devices 1072 . The touch panel 1071, also referred to as a touch screen, can collect the user's touch operations on or near it (such as the user's finger, stylus, etc., any suitable object or attachment on or near the touch panel 1071). operation), and drive the corresponding connection device according to the preset program. The touch panel 1071 may include two parts, a touch detection device and a touch controller. Among them, the touch detection device detects the user's touch orientation, detects the signal brought by the touch operation, and transmits the signal to the touch controller; the touch controller receives the touch information from the touch detection device, converts it into contact coordinates, and then sends it to the touch controller. To the processor 110, and can receive the command sent by the processor 110 and execute it. In addition, the touch panel 1071 can be implemented in various types such as resistive, capacitive, infrared, and surface acoustic waves. In addition to the touch panel 1071 , the user input unit 107 may also include other input devices 1072 . Specifically, other input devices 1072 may include, but are not limited to, one or more of physical keyboards, function keys (such as volume control keys, switch keys, etc.), trackballs, mice, operation sticks, etc., which are not specifically limited here. .

Further, the touch panel 1071 can cover the display panel 1061, and when the touch panel 1071 detects a touch operation on or near it, it transmits it to the processor 110 to determine the type of the touch event, and then the processor 110 determines the type of the touch event according to the touch event. Type provides corresponding visual output on display panel 1061 . Although in FIG. 1 , the touch panel 1071 and the display panel 1061 are used as two independent components to realize the input and output functions of the mobile terminal, but in some embodiments, the touch panel 1071 and the display panel 1061 may be integrated The input and output functions of the mobile terminal are implemented, which is not specifically limited here.

The interface unit 108 serves as an interface through which at least one external device can be connected to the mobile terminal 100 . For example, external devices may include wired or wireless headset ports, external power (or battery charger) ports, wired or wireless data ports, memory card ports, ports for connecting devices with identification modules, audio input/output (I/O) ports, video I/O ports, headphone ports, and more. The interface unit 108 may be used to receive input (eg, data information, power, etc.) from an external device and transmit the received input to one or more elements within the mobile terminal 100 or may be used between the mobile terminal 100 and the external Transfer data between devices.

The memory 109 may be used to store software programs as well as various data. The memory 109 may mainly include a stored program area and a stored data area, wherein the stored program area may store an operating system, an application program (such as a sound playback function, an image playback function, etc.) required for at least one function, and the like; Data created by the use of the mobile phone (such as audio data, phone book, etc.), etc. Additionally, memory 109 may include high-speed random access memory, and may also include non-volatile memory, such as at least one magnetic disk storage device, flash memory device, or other volatile solid state storage device.

The processor 110 is the control center of the mobile terminal, uses various interfaces and lines to connect various parts of the entire mobile terminal, runs or executes the software programs and/or modules stored in the memory 109, and calls the data stored in the memory 109. , perform various functions of the mobile terminal and process data, so as to monitor the mobile terminal as a whole. The processor 110 may include one or more processing units; preferably, the processor 110 may integrate an application processor and a modem processor, wherein the application processor mainly processes the operating system, user interface, and application programs, etc., and the modem The processor mainly handles wireless communication. It can be understood that, the above-mentioned modulation and demodulation processor may not be integrated into the processor 110 .

Near Field Communication (hereinafter referred to as NFC) is a short-range high-frequency radio technology that allows contactless point-to-point data transmission and exchange of data between electronic devices. It is evolved from contactless radio frequency identification (RFID). The NFC operating frequency is 13.56Hz, the effective range is within 20cm, and its transmission speed is 106Kbit/sec, 212Kbit/sec or 424Kbit/sec. NFC has 3 working modes: card reader mode, peer-to-peer mode, and card emulation mode. In card reader mode, the NFC device generates a radio frequency field to read and write data from an external NFC tag using the same standard. In peer-to-peer mode, NFC can communicate with other NFC devices for peer-to-peer data transmission. In the card simulation mode, the card reader is an active device that generates a radio frequency field; the NFC device is a passive device that simulates a contactless card that conforms to the NFC standard to interact with the card reader. The mobile terminal 100 implements NFC functions through the NFC controller 111, such as NFC payment.

The mobile terminal 100 may further include a power supply 112 (such as a battery) for supplying power to various components. Preferably, the power supply 112 may be logically connected to the processor 110 through a power management system, so as to manage charging, discharging, and power consumption management through the power management system and other functions.

Although not shown in FIG. 1 , the mobile terminal 100 may also include a Bluetooth module, etc., which will not be described herein again.

To facilitate understanding of the embodiments of the present invention, the following describes a communication network system on which the mobile terminal of the present invention is based.

Please refer to FIG. 2. FIG. 2 is an architecture diagram of a communication network system according to an embodiment of the present invention. The communication network system is an LTE system of universal mobile communication technology. ) 201 , E-UTRAN (Evolved UMTS Terrestrial Radio Access Network, Evolved UMTS Terrestrial Radio Access Network) 202 , EPC (Evolved Packet Core, Evolved Packet Core) 203 and operator's IP service 204 .

Specifically, the UE 201 may be the above-mentioned mobile terminal 100, which will not be repeated here.

E-UTRAN 202 includes eNodeB 2021 and other eNodeB 2022 and the like. The eNodeB 2021 can be connected to other eNodeBs 2022 through a backhaul (eg X2 interface), the eNodeB 2021 is connected to the EPC 203 , and the eNodeB 2021 can provide access from the UE 201 to the EPC 203 .

EPC 203 may include MME (Mobility Management Entity, Mobility Management Entity) 2031, HSS (Home Subscriber Server, Home Subscriber Server) 2032, other MME 2033, SGW (Serving Gate Way, Serving Gateway) 2034, PGW (PDN Gate Way, packet data) network gateway) 2035 and PCRF (Policy and Charging Rules Function, policy and charging function entity) 2036 and so on. Among them, MME2031 is a control node that processes signaling between UE201 and EPC203, and provides bearer and connection management. The HSS2032 is used to provide some registers to manage functions such as the home location register (not shown in the figure), and to store some user-specific information about service characteristics, data rates, etc. All user data can be sent through SGW2034, PGW2035 can provide IP address allocation and other functions of UE 201, PCRF2036 is the policy and charging control policy decision point of service data flow and IP bearer resources, it is the policy and charging execution function A unit (not shown) selects and provides available policy and charging control decisions.

The IP service 204 may include Internet, intranet, IMS (IP Multimedia Subsystem, IP Multimedia Subsystem) or other IP services.

Although the above description takes the LTE system as an example, those skilled in the art should know that the present invention is not only applicable to the LTE system, but also applicable to other wireless communication systems, such as GSM, CDMA2000, WCDMA, TD-SCDMA and future wireless communication systems. The network system, etc., is not limited here.

Based on the above-mentioned mobile terminal hardware structure and communication network system, various embodiments of the mobile terminal of the present invention are proposed.

Referring to FIG. 1, in the first embodiment of the mobile terminal of the present invention, the mobile terminal includes:

a memory 109 storing the NFC security control program;

The processor 110 is configured to execute the NFC security control program stored in the memory 109 to realize the following operations:

When the secure reading mode is activated, the transmission path of the data read by the NFC controller 111 is redirected to a preset buffer area in the trusted execution environment;

Through the preset trusted application of the trusted execution environment, based on the NFC controller 111, the first identity identifier of the NFC card is read into the preset buffer area, and based on the first identity identifier, the security verification of the NFC card is performed;

When the NFC card passes the security verification, it is set that the NFC application corresponding to the NFC card in the common execution environment can access the preset trusted application, so that the NFC application can access the NFC card through the aforementioned preset trusted application.

Further, the aforementioned NFC application is a ticketing application, and when the processor 110 executes the NFC security control program stored in the memory 109, it also performs the following operations:

Read the user's real-name information carried by the NFC card into the preset cache area through the preset trusted application, and generate temporary application information based on the user's real-name information and the preset ticketing information of the ticketing application;

Through the preset access channel between the trusted application and the ticketing application, the temporary application information is transmitted to the ticketing application, so that the ticketing application can complete the real-name ticket purchase.

Further, when the processor 110 executes the NFC security control program stored in the memory 109, the following operations are also performed:

According to the preset frequency, the preset trusted application is called a preset number of times to instruct the preset trusted application to read the first identity identifier of the NFC card.

Further, when the processor 110 executes the NFC security control program stored in the memory 109, the following operations are also performed:

When the NFC card fails the security verification, output the first prompt message that the NFC card is not secure.

Further, when the processor 110 executes the NFC security control program stored in the memory 109, the following operations are also performed:

Secure read mode is initiated upon receipt of a secure read mode initiation operation from the user.

Further, when the processor 110 executes the NFC security control program stored in the memory 109, the following operations are also performed:

When receiving the user's safe reading mode startup operation, a preset authentication interface is displayed for the user to input authentication data;

Receive authentication data input by the user based on the displayed preset authentication interface, and perform user identity authentication based on the authentication data;

After the user authentication is passed, the secure read mode is activated.

Further, when the processor 110 executes the NFC security control program stored in the memory 109, the following operations are also performed:

Read the second identity of the NFC application into the preset cache area through the preset trusted application;

Based on the second identity identifier, perform security verification on the NFC application through a preset trusted application;

When the NFC application passes the security verification, the NFC application can be set to access the preset trusted application.

Further, when the processor 110 executes the NFC security control program stored in the memory 109, the following operations are also performed:

When the NFC application fails the security verification, output the second prompt message that the NFC application is not secure.

Further, the present invention also provides an NFC security control method, which is applied to a mobile terminal. Referring to FIG. 3 , in the first embodiment of the near field communication security control method of the present invention, the near field communication security control method includes:

Step S10, when starting the secure reading mode, redirect the transmission path of the data read by the NFC controller 111 to a preset buffer area in the trusted execution environment;

Step S20, through the preset trusted application of the trusted execution environment, based on the NFC controller 111, the first identity of the NFC card is read into the preset buffer area, and based on the first identity, the security verification of the NFC card is performed. test;

In step S30, when the NFC card passes the security verification, it is set that the NFC application corresponding to the NFC card in the common execution environment can access the preset trusted application, so that the NFC application can access the NFC card through the aforementioned preset trusted application.

In order to facilitate understanding of the solution of the present invention, the trusted execution environment involved in the present invention is first described below.

Trusted Executive Environment (Trusted Executive Environment, hereinafter referred to as TEE) is a concept proposed by GlobalPlatform (GP).

For the open environment of mobile devices, security issues are increasingly concerned, not only by end users, but also by service providers, mobile operators, and chip manufacturers. TEE is a running environment that coexists with a common execution environment (Rich OSExecution Environment, or rich system execution environment, usually Android, etc., hereinafter referred to as REE) on the device, and provides security services to REE. It has its own execution space and is more secure than REE, but less secure than Secure Element (SE, usually a smart card). But TEE can meet the security needs of most applications. From a cost perspective, TEE provides a balance of safety and cost.

Among them, the software and hardware resources that the TEE can access are separated from the REE. TEE provides a secure execution environment for authorized security software (or trusted applications, hereinafter referred to as TA), and also protects the confidentiality, integrity and access rights of TA resources and data. In order to ensure the root of trust of the TEE itself, the TEE must be authenticated and isolated from the REE during the secure boot process. In TEE, each TA is independent of each other and cannot access each other without authorization.

GP has made great efforts in the standardization of TEE. The basic specifications include TEE internal application programming interface (Application Programming Interface, hereinafter referred to as API), TEE client API, and of course there are a series of supplementary functional API specifications. As well as specifications for application management, debugging functions, safety protection profiles, etc. are being developed. Among them, the TEE internal API mainly includes key management, cryptographic algorithms, secure storage, secure clock resources and services, as well as extended trusted UI and other APIs. Trusted UI means that hardware resources such as screen display and keyboard are completely controlled and accessed by TEE when key information is displayed and user key data (such as password) is input, while software applications in REE cannot access. The internal API is the programming interface provided by the TEE to the TA; the TEE client API is the underlying communication interface that allows the client application (CA) running in the REE to access the TA service and data.

Based on the following brief introduction about TEE, the solution of the present invention will be described below.

In the embodiment of the present invention, a secure read mode is provided, and a preset buffer area is set in the TEE. Among them, due to the soft and hard isolation between TEE and REE, any application on the REE side will not be able to directly access the preset buffer area. In addition, the physical location and size of the preset buffer area are not specifically limited in the present invention, and can be set by those skilled in the art according to actual needs. For example, the storage area belonging to the TEE in the memory 109 can be divided into a size of The storage area of 1Mb is used as the default buffer area.

When the secure reading mode is activated, the processor 110 implements functions based on the near field communication security control program provided by the present invention, firstly initializes the NFC controller 111 to make it work in the card reader mode, and then the NFC controller 111 The transmission path of the read data and redirected to the preset buffer area in the TEE. It is easy to understand that after redirecting the transmission path of the data read by the NFC controller 111 to the default buffer area in the TEE, any data read by the NFC controller 111 will be stored in the default buffer area, Awaiting processing.

After the redirection to the NFC controller 111 is completed, the identification of the NFC card is read into the preset buffer area through the preset TA in the TEE, and the identification of the NFC card (in this embodiment, the identification The unique identification of the NFC card, the identification of different NFC cards is different) is recorded as the first identification, that is, the first identification is the identification of the NFC card. Specifically, through the preset trusted application of the trusted execution environment, based on the NFC controller 111, the first identification of the NFC card is read into the preset cache area, including:

According to the preset frequency, the preset TA is called for a preset number of times to instruct the preset TA to read the first identity identifier of the NFC card.

In this embodiment, the preset TA is repeatedly called, and the preset TA is notified through the repeated calling that the NFC controller 111 is ready to read the first identity of the NFC card. It should be noted that the present invention does not specifically limit the values of the preset frequency and the preset number of times, which can be set by those skilled in the art according to actual needs. 5 calls to instruct the preset TA to read the first identity of the NFC card.

In specific implementation, as shown in FIG. 4 , when the user holds the mobile terminal close to the NFC card, and the distance between the mobile terminal and the NFC card is within the NFC communication distance, the preset TA will pass the radio frequency field generated by the NFC controller 111 . , read the data carried by the NFC card, where the preset TA will read the first identity of the NFC card, and store the read first identity in the preset buffer area of the TEE. It should be noted that, in this embodiment, the NFC card may be an NFC card in the physical form of a card as shown in FIG. 3 , an NFC device working in a card simulation mode, or an NFC card in other forms.

After the preset TA reads the first identity of the NFC card into the preset cache, based on the first identity in the preset cache, the NFC card is checked for security by the preset TA, optionally, In one embodiment, the preset TA includes a first identity authentication rule, and performing security verification on the NFC card by using the preset TA includes:

Determine whether the first identity identifier is in the first identity authentication rule of the preset TA, wherein, when the first identity identifier is in the first identity authentication rule of the preset TA, it is determined that the NFC card has passed the security check, otherwise the NFC card is determined Failed security check.

During specific implementation, the aforementioned first identity authentication rule may be preset in the aforementioned preset TA when the mobile terminal is shipped from the factory or when the aforementioned preset TA is installed. The aforementioned first identity authentication rule includes the identity identifier of the trusted NFC card.

Optionally, in an embodiment, the preset TA includes the agreed first asymmetric encryption algorithm (which asymmetric encryption algorithm is adopted, the present invention does not make specific restrictions, and can be selected by those skilled in the art according to actual needs) , while reading the first identity of the NFC card, it also reads the first ciphertext carried by the NFC card (the ciphertext obtained by the NFC card manufacturer using the agreed first asymmetric encryption algorithm to calculate the first identity), The security verification of the NFC card through the preset TA includes:

By presetting the first asymmetric encryption algorithm of the TA, the read first identity identifier is calculated to obtain the second ciphertext;

It is judged whether the calculated second ciphertext matches the first ciphertext, wherein when the two ciphertexts match, it is determined that the NFC card has passed the security check; otherwise, it is determined that the NFC card has not passed the security check.

When the verification result returned by the preset TA is that the NFC card has passed the security verification, it is set that the NFC application corresponding to the NFC card in the REE can access the preset TA, so that the aforementioned NFC application can access the NFC card through the preset TA.

For example, taking the NFC card as "Shenzhen Pass" as an example, when the security verification is carried out through the preset TA, and the "Shenzhen Pass" passes the security verification, the "Pengtao application" in the REE can be set to access the preset TA , so that "Pengtao App" can access "Shenzhen Tong" through the preset TA, and realize functions such as "balance inquiry" and "recharge" through corresponding read and write operations.

Further, after step S20, it also includes:

When the NFC card fails the security verification, output the first prompt message that the NFC card is not secure.

It is easy to understand that when the NFC card fails the security verification, it means that the NFC card may be counterfeit and there is a certain security risk. At this time, the first prompt message indicating that the NFC card is unsafe is output. The prompt message "NFC card is not safe, there is a security risk".

Optionally, in an embodiment, while outputting the first prompt information that the NFC card is unsafe, the following steps are also performed:

Clear the first ID in the preset buffer area.

The near field communication security control method proposed by the present invention combines the reading function of near field communication and the trusted execution environment isolated from the common execution environment, and redirects the transmission path of the data read by the near field communication controller to the trusted execution environment. The preset buffer area in the environment, and the security check of the near field communication card is carried out through the preset trusted application in the trusted execution environment. When and only when the near field communication card passes the security check, set the corresponding close The near field communication application of the field communication card can access the preset trusted application, so that the near field communication application can access the near field communication card through the preset trusted application, so as to achieve the purpose of improving the security of the mobile terminal when performing near field communication interaction.

Further, based on the first embodiment, a second embodiment of the NFC security control method of the present invention is proposed. In this embodiment, after step S30, the following steps are further included:

Read the user's real-name information carried by the NFC card into the preset cache area through the preset TA, and generate temporary application information based on the user's real-name information and the preset ticketing information of the ticketing application;

Through the preset access channel between the TA and the ticketing application, the temporary application information is transmitted to the ticketing application, so that the ticketing application can complete the real-name ticket purchase.

It is easy to understand that in real life, places such as scenic spots, zoos, amusement parks and other places need to purchase real-name tickets. When users purchase tickets through the ticketing application, they need to manually enter their real-name information to purchase tickets, which is a cumbersome operation. Therefore, based on the foregoing first embodiment, this embodiment further increases the processing operation of provisional application information, which is only described below, and the other may refer to the foregoing embodiment, which will not be repeated here.

In the embodiment of the present invention, the aforementioned NFC application is a ticketing application. When the NFC card passes the security verification and the ticketing application is set to be able to access the preset TA, the user's real-name information carried by the NFC card is further read through the preset TA. Read the user's real-name information into the preset buffer.

After that, based on the preset TA and the access channel of the ticketing application, the preset ticketing information of the ticketing application is acquired, and temporary application information is generated based on the user's real-name information and the preset ticketing information. Among them, the preset ticketing information is other ticketing information other than real-name information required by the user to operate the ticketing application to purchase tickets, including but not limited to the number of tickets purchased, location, etc.; The ticket rule is generated, which can be understood as a ticket purchase request.

After the temporary application information is generated, the generated temporary application information is transmitted to the ticketing application through the aforementioned access channel, and then the ticketing application can transmit the temporary application information to the preset ticketing server to complete the real-name ticket purchase.

For example, the NFC card is an ID card, and the ticketing application is "Ctrip Application". The user operates the "Ctrip Application" to purchase a flight ticket and completes the selection of ticket information (such as location, class, etc.). When the real-name information needs to be entered, the user will The mobile terminal is close to the ID card. The mobile terminal performs security verification on the ID card through the preset TA, and after the ID card passes the security verification, it reads the user's real-name information "ID card number, name, etc." carried in the ID card, and combines the preset user input For ticket information, in accordance with the ticket purchase rules of the "Ctrip App", generate a ticket purchase request "Temporary Application Information" available to the "Ctrip App", transmit the "Temporary Application Information" to the "Ctrip App", and the "Ctrip App" will complete the ticket purchase. Buy.

It should be noted that the aforementioned access channel is the client API.

Further, in this embodiment, after the ticketing application completes the real-name ticket purchase, the ticket purchase certificate (such as a two-dimensional code, barcode, etc. carrying the ticket information) obtained by the ticketing application's real-name ticket purchase is transparently transmitted to the preset TA, and By presetting TA, the ticket purchase voucher is stored in a security element (eg, embedded security element, ESE) according to the GP specification. When the ticket voucher needs to be used, after the NFC controller 111 is configured in the card simulation mode, the verification can be completed by bringing the mobile terminal close to the ticket terminal, which is convenient and quick.

Further, based on the first embodiment, a third embodiment of the NFC security control method of the present invention is proposed. In this embodiment, before step S10, the method further includes:

Secure read mode is initiated upon receipt of a secure read mode initiation operation from the user.

It should be noted that this embodiment adds the start-up operation of the safe reading mode on the basis of the foregoing first embodiment, which is only described below.

In this embodiment of the present invention, a control for enabling the secure reading mode may be added to the "settings" interface of the mobile terminal, or a control for enabling secure reading may be added to the UI of the near field communication security control program provided by the present invention Mode control for user operation, safe read mode has been turned on. For example, as shown in FIG. 5 , the user can trigger the safe reading mode start operation by sliding the circular control shown in FIG. 5 .

Further, in this embodiment, before starting the safe reading mode, the method further includes:

When receiving the user's safe reading mode startup operation, a preset authentication interface is displayed for the user to input authentication data;

Receive authentication data input by the user based on the displayed preset authentication interface, and perform user identity authentication based on the authentication data;

After the user authentication is passed, the secure read mode is activated.

In the embodiment of the present invention, an authentication operation for the user is further added. Specifically, when the user's safe reading mode activation operation is received, a preset authentication interface is displayed for the user to input authentication data. During implementation, the preset authentication interface is displayed through the trusted UI of the TEE, thereby ensuring that hardware resources such as screen display and keyboard are completely controlled and accessed by the TEE, preventing user input authentication data from being stolen. The form of the preset authentication interface is not specifically limited in the present invention, and can be set by those skilled in the art according to actual needs. For example, the embodiment of the present invention adopts the Jiugongge authentication interface shown in FIG. 6 .

After that, the authentication data input by the user is received through the displayed preset authentication interface, and after receiving the authentication data input by the user, the authentication data input by the user is compared with the preset authentication data, so as to realize the user Identity authentication, wherein, when the authentication data of the two are consistent, it is determined that the user identity authentication has passed, otherwise it is determined that the user identity authentication has failed. For example, based on the Jiugongge authentication interface shown in FIG. 6 , the user draws the pattern shown in FIG. 7 (that is, the input authentication data), if the pattern is the same as the preset pattern (that is, the preset authentication data, such as the pre-authorized user If the drawn authentication pattern) is the same, it is determined that the user identity authentication is passed.

After it is determined that the user authentication is passed, the secure reading mode can be started.

Further, based on any of the foregoing embodiments, a fourth embodiment of the NFC security control method of the present invention is proposed. In this embodiment, before step S30, the method further includes:

When the NFC card passes the security verification, read the second identity identifier of the aforementioned NFC application into the preset buffer area through the preset TA;

Based on the second identity identifier, perform security verification on the aforementioned NFC application through a preset TA;

When the aforementioned NFC application passes the security verification, it is set that the aforementioned NFC application can access the preset TA.

It should be noted that, on the basis of the foregoing embodiments, this embodiment further adds a security check operation for NFC applications, which is only described below, and the others can refer to the foregoing embodiments, which will not be repeated here.

In the embodiment of the present invention, after the NFC card passes the security verification and the second identity identifier of the aforementioned NFC application is read into the preset buffer area, based on the second identity identifier in the preset buffer area, the preset The TA performs security verification on the aforementioned NFC application. The second identity identifier may be obtained by parsing the application installation package of the aforementioned NFC application, and may specifically be the hash value of the application certificate of the aforementioned NFC application.

Optionally, in an embodiment, the preset TA includes a second identity authentication rule, and performing security verification on the NFC card by using the preset TA includes:

Judging whether the second identity is in the second identity authentication rule of the preset TA, wherein, when the second identity is in the second identity authentication rule of the preset TA, it is determined that the aforementioned NFC application has passed the security check, otherwise, it is determined that the aforementioned NFC application has passed the security check. The NFC application failed the security check.

During specific implementation, the aforementioned second identity authentication rule may be preset in the aforementioned preset TA when the mobile terminal is shipped from the factory or when the aforementioned preset TA is installed. The aforementioned second identity authentication rule includes an identity identifier of a trusted NFC application.

Optionally, in an embodiment, the preset TA includes the agreed second asymmetric encryption algorithm (which asymmetric encryption algorithm is adopted, the present invention does not make specific restrictions, and can be selected by those skilled in the art according to actual needs) , while reading the second identity identifier of the aforementioned NFC application, it also reads the third ciphertext carried by the aforementioned NFC application (the ciphertext calculated by the NFC application manufacturer for the second identity identifier using the agreed second asymmetric encryption algorithm ), the security verification of the aforementioned NFC application by the preset TA includes:

By presetting the second asymmetric encryption algorithm of the TA, the read second identity identifier is calculated to obtain the fourth ciphertext;

It is judged whether the calculated fourth ciphertext matches the third ciphertext, wherein when the two ciphertexts match, it is determined that the aforementioned NFC application has passed the security check; otherwise, it is determined that the aforementioned NFC application has not passed the security check.

When the verification result returned by the preset TA is that the aforementioned NFC application has passed the security verification, it is set that the aforementioned NFC application can access the preset TA, so that the aforementioned NFC application can access the NFC card through the preset TA.

Further, based on the second identity identifier, after the step of performing security verification on the aforementioned NFC application by using a preset TA. Also includes:

When the aforementioned NFC application fails the security verification, output the second prompt information that the aforementioned NFC application is not safe.

It is easy to understand that when the aforementioned NFC application fails the security check, it means that the aforementioned NFC application may be an illegally released copycat application, and there is a certain security risk. At this time, a second prompt message indicating that the NFC application is unsafe is output. A second prompt message "NFC application is not safe, there is a security risk" is displayed on the screen.

Optionally, in an embodiment, while outputting the second prompt information that the NFC application is unsafe, the following steps are also performed:

Clear the second ID in the preset buffer.

In addition, the present invention also provides a computer-readable storage medium, on which an NFC security control program is stored, and when the NFC security control program is executed by the processor 110, the following operations are implemented:

When the safe reading mode is activated, the transmission path of the data read by the NFC controller 111 is redirected to the preset buffer area in the TEE;

Through the preset TA of the TEE, based on the NFC controller 111, the first identification of the NFC card is read into the preset buffer area, and based on the first identification, the security verification of the NFC card is performed;

When the NFC card passes the security verification, it is set that the NFC application corresponding to the NFC card in the REE can access the preset TA, so that the NFC application can access the NFC card through the aforementioned preset TA.

Further, the NFC application is a ticketing application, and when the aforementioned NFC security control program is executed by the processor 110, the following operations are also implemented:

Read the user's real-name information carried by the NFC card into the preset cache area through the preset TA, and generate temporary application information based on the user's real-name information and the preset ticketing information of the ticketing application;

Through the preset access channel between the TA and the ticketing application, the temporary application information is transmitted to the ticketing application, so that the ticketing application can complete the real-name ticket purchase.

Further, when the aforementioned NFC security control program is executed by the processor 110, the following operations are also implemented:

According to the preset frequency, the preset TA is called for a preset number of times to instruct the preset TA to read the first identity identifier of the NFC card.

Further, when the aforementioned NFC security control program is executed by the processor 110, the following operations are also implemented:

When the NFC card fails the security verification, output the first prompt message that the NFC card is not secure.

Further, when the aforementioned NFC security control program is executed by the processor 110, the following operations are also implemented:

Secure read mode is initiated upon receipt of a secure read mode initiation operation from the user.

Further, when the aforementioned NFC security control program is executed by the processor 110, the following operations are also implemented:

When receiving the user's safe reading mode startup operation, a preset authentication interface is displayed for the user to input authentication data;

Receive authentication data input by the user based on the displayed preset authentication interface, and perform user identity authentication based on the authentication data;

After the user authentication is passed, the secure read mode is activated.

Further, when the aforementioned near field communication security control program is executed by the processor 110, the following operations are also implemented:

Read the second identity of the NFC application into the preset buffer area through the preset TA;

Based on the second identity identifier, the security verification is performed on the NFC application through the preset TA;

When the NFC application passes the security verification, the NFC application can be set to access the preset TA.

Further, when the aforementioned near field communication security control program is executed by the processor 110, the following operations are also implemented:

When the NFC application fails the security verification, output the second prompt message that the NFC application is not secure.

It should be noted that, herein, the terms "comprising", "comprising" or any other variation thereof are intended to encompass non-exclusive inclusion, such that a process, method, article or device comprising a series of elements includes not only those elements, It also includes other elements not expressly listed or inherent to such a process, method, article or apparatus. Without further limitation, an element qualified by the phrase "comprising a..." does not preclude the presence of additional identical elements in a process, method, article or apparatus that includes the element.

The above-mentioned serial numbers of the embodiments of the present invention are only for description, and do not represent the advantages or disadvantages of the embodiments.

From the description of the above embodiments, those skilled in the art can clearly understand that the method of the above embodiment can be implemented by means of software plus a necessary general hardware platform, and of course can also be implemented by hardware, but in many cases the former is better implementation. Based on such understanding, the technical solutions of the present invention can be embodied in the form of software products in essence or the parts that make contributions to the prior art, and the computer software products are stored in a storage medium (such as ROM/RAM) as described above. , magnetic disk, optical disk), including several instructions to make a terminal (which may be a mobile phone, a computer, a server, an air conditioner, or a network device, etc.) execute the methods described in the various embodiments of the present invention.

The embodiments of the present invention have been described above in conjunction with the accompanying drawings, but the present invention is not limited to the above-mentioned specific embodiments, which are merely illustrative rather than restrictive. Under the inspiration of the present invention, without departing from the scope of protection of the present invention and the claims, many forms can be made, which all belong to the protection of the present invention.

Claims (8)

1. A near field communication security control method, applied to a mobile terminal, is characterized in that, the near field communication security control method comprises: When the secure read mode is activated, the near field communication controller reads the data transmission path and redirects it to the preset buffer area in the trusted execution environment; Through the preset trusted application of the trusted execution environment, the first identification of the near field communication card is read into the preset buffer area based on the near field communication controller, and based on the first identification , performing security verification on the near field communication card; When the near field communication card passes the security verification, it is set that the near field communication application corresponding to the near field communication card in the common execution environment can access the preset trusted application, so that the near field communication application can pass all the the preset trusted application accesses the near field communication card; Before the step of redirecting the transmission path of the near field communication controller to read the data to the preset buffer area in the trusted execution environment when the safe reading mode is activated, the method further includes: When receiving the user's safe read mode start operation, start the safe read mode; Before starting the safe reading mode, the method further includes: When receiving the user's safe reading mode startup operation, a preset authentication interface is displayed for the user to input authentication data; Receive authentication data input by the user based on the displayed preset authentication interface, and perform user identity authentication based on the authentication data; After the user authentication is passed, the secure read mode is activated. 2. The near field communication security control method according to claim 1, wherein the near field communication application is a ticketing application, and after the step of setting the near field communication application to be able to access the preset trusted application, Also includes: Read the user's real-name information carried by the near field communication card into the preset cache area through the preset trusted application, and generate temporary application information based on the user's real-name information and the preset ticketing information of the ticketing application; The temporary application information is transmitted to the ticketing application through the access channel between the preset trusted application and the ticketing application, so that the ticketing application can complete the real-name ticket purchase. 3. The near field communication security control method according to claim 1, wherein the step of reading the first identity identifier by a preset trusted application comprises: According to a preset frequency, the preset trusted application is called a preset number of times to instruct the preset trusted application to read the first identity identifier of the near field communication card. 4 . The near field communication security control method according to claim 1 , wherein the method of performing security verification on the near field communication card through the preset trusted application based on the first identity identifier. 5 . After the steps, also include: When the near field communication card fails the security verification, output first prompt information that the near field communication card is not safe. 5. The near field communication security control method according to any one of claims 1-4, wherein before the step of setting the near field communication application to be able to access the preset trusted application, the method further comprises: When the near field communication card passes the security check, read the second identity of the near field communication application into the preset buffer area through the preset trusted application; Based on the second identity identifier, perform security verification on the near field communication application by using the preset trusted application; When the near field communication application passes the security check, it is set that the near field communication application can access the preset trusted application. 6 . The near field communication security control method according to claim 5 , wherein the method of performing security verification on the near field communication application through the preset trusted application based on the second identity identifier. 7 . After the steps, also include: When the near field communication application fails the security check, output second prompt information that the near field communication application is not safe. 7. A mobile terminal, wherein the mobile terminal comprises: A memory storing a near field communication security control program; The processor is configured to execute the near field communication security control program to implement the steps of the near field communication security control method according to any one of claims 1 to 6. 8. A computer-readable storage medium, wherein a near-field communication security control program is stored on the computer-readable storage medium, and when the near-field communication security control program is executed by a processor, the implementation of claims 1 to Steps of the near field communication security control method described in any one of 6.

Images