CN107679858A - Mobile terminal and method of mobile payment - Google Patents

Mobile terminal and method of mobile payment Download PDF

Info

Publication number
CN107679858A
CN107679858A CN201710998316.8A CN201710998316A CN107679858A CN 107679858 A CN107679858 A CN 107679858A CN 201710998316 A CN201710998316 A CN 201710998316A CN 107679858 A CN107679858 A CN 107679858A
Authority
CN
China
Prior art keywords
application
file
management module
wallet
mobile terminal
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Granted
Application number
CN201710998316.8A
Other languages
Chinese (zh)
Other versions
CN107679858B (en
Inventor
范楠迪
周晨
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
Hengbao Co Ltd
Original Assignee
Hengbao Co Ltd
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Hengbao Co Ltd filed Critical Hengbao Co Ltd
Priority to CN201710998316.8A priority Critical patent/CN107679858B/en
Publication of CN107679858A publication Critical patent/CN107679858A/en
Application granted granted Critical
Publication of CN107679858B publication Critical patent/CN107679858B/en
Active legal-status Critical Current
Anticipated expiration legal-status Critical

Links

Classifications

    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06QINFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES, NOT OTHERWISE PROVIDED FOR
    • G06Q20/00Payment architectures, schemes or protocols
    • G06Q20/38Payment protocols; Details thereof
    • G06Q20/382Payment protocols; Details thereof insuring higher security of transaction
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/50Monitoring users, programs or devices to maintain the integrity of platforms, e.g. of processors, firmware or operating systems
    • G06F21/52Monitoring users, programs or devices to maintain the integrity of platforms, e.g. of processors, firmware or operating systems during program execution, e.g. stack integrity ; Preventing unwanted data erasure; Buffer overflow
    • G06F21/53Monitoring users, programs or devices to maintain the integrity of platforms, e.g. of processors, firmware or operating systems during program execution, e.g. stack integrity ; Preventing unwanted data erasure; Buffer overflow by executing in a restricted environment, e.g. sandbox or secure virtual machine
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06QINFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES, NOT OTHERWISE PROVIDED FOR
    • G06Q20/00Payment architectures, schemes or protocols
    • G06Q20/30Payment architectures, schemes or protocols characterised by the use of specific devices or networks
    • G06Q20/36Payment architectures, schemes or protocols characterised by the use of specific devices or networks using electronic wallets or electronic money safes
    • G06Q20/367Payment architectures, schemes or protocols characterised by the use of specific devices or networks using electronic wallets or electronic money safes involving electronic purses or money safes

Abstract

The application provides a kind of mobile terminal, mobile terminal supports mutually isolated open system environment and credible performing environment, wallet is run in credible performing environment and pays application, wallet, which pays application, includes communication management module, document management module, safety management module and order management module;Communication management module is interacted by APDU command responses pair with open system environment;Order management module is connected with communication management module, for receiving APDU orders and returning to the result of APDU orders;Safety management module and document management module are connected with order management module, are respectively used to manage safety certification data and file data.While the application avoids the equipment in application system from being transformed, itself and open system data isolation are improved the safe class that wallet pays application by TEE environment.

Description

Mobile terminal and method of mobile payment
Technical field
The application is related to credible performing environment technical field, more particularly to a kind of mobile terminal and method of mobile payment.
Background technology
The small amount payment field such as existing public transport, subway, supermarket, largely carry out bankcard consumption using card.During payment, The payment system of POS sends APDU orders to the operating system of card, and operating system will place after handling APDU orders Reason result returns to POS, completes to pay.
With the propulsion of mobile payment technology, the carrier of small amount payment application is not only limited to card, based on mobile phone, bracelet Payment application Deng electronic equipment is gradually ripe, but because carrier that electronic equipment is paid no longer is the card of physical isolation, institute With also just to proposing new requirement safely.
Payment application based on electronic device carriers such as mobile phones, if based on open operating system, meeting in payment process Kinds of risks be present, for example mobile phone viruses, fishing, wooden horse etc., for ensure safety, pay application may on-line real-time, renewal Key, but existing card pays and all carried out in offline state, this, which just needs to transform existing public transport, subway etc., sets Standby system, research and development and equipment replacement cost are higher.
The content of the invention
The purpose of the application is to provide a kind of mobile terminal and method of mobile payment, reduces O&M cost, simplify expense Way to manage, facilitate joint venture and large scale application.
To reach above-mentioned purpose, the application provides a kind of mobile terminal, and mobile terminal supports mutually isolated open system Environment and credible performing environment, wallet is run in credible performing environment and pays application, wallet, which pays application, includes communication management mould Block, document management module, safety management module and order management module;Communication management module passes through APDU orders-response pair Interacted with open system environment;Order management module is connected with communication management module, for receiving APDU orders and returning Return the result of APDU orders;Safety management module and document management module are connected with order management module, are respectively used to pipe Manage safety certification data and file data.
As above, wherein, document management module includes at least one application file, each application file and mobile terminal One application function is corresponding, and different application files is mutually isolated;Each application function has unique application identifier, applies The application identifier of the entitled corresponding application function of file of file.
As above, wherein, each application file includes at least one second grade file, and different second grade files is in application file In there is respective offset.
As above, wherein, each second grade file has file identification corresponding with its data source types.
As above, wherein, order management module supports APDU command sets, and APDU command sets include individualized order and application Order, utility command deposit order, consumption order, compound consumption order including circle.
As above, wherein, safety management module includes security attribute setting submodule, safe condition manages submodule, close Code algorithm submodule, safety certification submodule and transmission data protection submodule.
The application also provides a kind of method of mobile payment, and suitable for mobile terminal, mobile terminal supports mutually isolated open Place system environment and credible performing environment, wallet is run in credible performing environment and pays application, method of mobile payment includes:It is credible Performing environment receives the APDU orders of the payment applications client from open system environment;Body is carried out to paying applications client Part checking;If authentication is by calling wallet to pay the file in application, APDU orders being handled, and will handle As a result return and pay applications client.
As above, wherein, wallet, which pays application, includes at least one application file, each application file and mobile terminal One application function is corresponding, and each application file has unique application identifier as file name;Wherein, APDU orders are wrapped Include the application identifier for the application function for needing to open;Wallet pays application and calls corresponding practical writing according to application identifier Part.
As above, wherein, carrying out processing to APDU orders includes:Credible performing environment copies called application file Into the caching of credible performing environment;APDU orders are handled using application file in the buffer;And by result Return before paying applications client, the data updated in processing procedure write-in wallet is paid into corresponding practical writing in application Part.
As above, wherein, each application file includes at least one second grade file, and different second grade files is in application file In there is respective offset;Wherein, result is returned before paying applications client, calculates two level text in application file The minimum renewal offset of part, and the data updated in processing procedure are write into corresponding second grade file.
What the application realized has the beneficial effect that:
(1) wallet of the application is paid using the file management requirement in compatible existing application system comprehensively to card, peace Full guard requirement, command interface requirement, and operate in credible performing environment, avoid equipment (POS, the lock in application system Machine etc.) while transformed, itself and open system data isolation are improved wallet and pay safety of application etc. by TEE environment Level.
(2) the application is transferred by the application identifier of application file, avoids unwanted application file from being opened, Make to form nature isolation between application file, it is ensured that the safety of application file.
(3) the application copies called application file at the place that APDU orders are carried out in the caching of credible performing environment Reason, improve the read or write speed of file.
(4) the application improves data processing speed using minimum renewal offset renewal application file.
Brief description of the drawings
, below will be to embodiment or existing in order to illustrate more clearly of the embodiment of the present application or technical scheme of the prior art There is the required accompanying drawing used in technology description to be briefly described, it should be apparent that, drawings in the following description are only this Some embodiments described in application, for those skilled in the art, it can also be obtained according to these accompanying drawings other attached Figure.
Fig. 1 is the structure chart according to the mobile terminal of the embodiment of the present application;
Fig. 2 is the structure chart that application is paid according to the wallet of the embodiment of the present application;
Fig. 3 is the structure chart according to the application file of the embodiment of the present application;
Fig. 4 is the flow chart for the method for mobile payment that the embodiment of the present application provides;
Fig. 5 is the processing schematic diagram for the APDU orders that the embodiment of the present application provides;
Fig. 6 is the flow chart of starting stage and activation stage that the wallet that the embodiment of the present application provides pays application.
Embodiment
With reference to the accompanying drawing in the embodiment of the present application, the technical scheme in the embodiment of the present application is carried out clear, complete Ground describes, it is clear that described embodiment is some embodiments of the present application, rather than whole embodiments.Based on the application In embodiment, the every other embodiment that those skilled in the art are obtained under the premise of creative work is not made, all Belong to the scope of the application protection.
Embodiment one
This application provides a kind of mobile terminal (such as mobile phone, bracelet), as shown in figure 1, mobile terminal support mutually every From open system environment 200 and credible performing environment (Trusted Execution Environment, TEE) 100.TEE is One piece of individual secure region on mobile terminal primary processor, it is and existing Mobile operating system (OS) and the safety operation system that deposits System, security function is provided by the mobile OS environment that is isolated into of software and hardware.
Run wallet in credible performing environment to pay using (TA), wallet is paid to be downloaded to using TA program, data In TEE environment, isolate with open operating system.As shown in figure 1, wallet is paid includes communication management module 110, text using TA Part management module 140, safety management module 130 and order management module 120.Order management module 120 and communication management mould Block 110 is connected, and safety management module 130 and document management module 140 are connected with order management module 120.
Communication management module 110 is in credible performing environment TEE by APDU orders-response pair and open system environment Payment applications client CA (such as POS, gate, card reader pay application function) interact, mobile terminal and Open System Environment of uniting pays the transmission channel applied between TA as terminal and wallet.APDU orders-response is to including ordering APDU and answering Answer APDU.After receiving APDU orders, communication management module 110 checks command format, the qualified backward order management module 120 of form Dispatching commands.After command process, communication management module 110 returns to response to applications client CA is paid.
According to its usage scenario, order management module supports APDU command sets, and it includes individualized order and utility command Two class orders.Individualized order include establishment file, write-in key, more new file, more new record, read file, read record, External authentication etc. is ordered.The trade commands such as utility command is deposited including circle, consumed, compound consumption.
Wallet pays the command set example such as following table using TA:
Wallet is paid realizes various command functions using TA by order management module 120.According to usage scenario, order work( Two classes can be divided into:Personalization function, application function.Personalization function includes installation, deletes application, establishment file, loads key, Paid for the initial data source for paying application to be individualized into wallet using in TA;Application function includes selection application, renewal Data, read data, circle is deposited, consumed, compound consumption etc., for supplementing with money in scene is paid, consume.
At least one application file is provided with document management module 140, one of each application file and mobile terminal should It is corresponding with function, it is mutually isolated between different application files.Each application function has unique application identifier (AID), Therefore filename of the application identifier as its application file is used.Due to the uniqueness of application identifier, wallet pays application TA is then indexed by filename, is searched the application file to be accessed.
Wallet is paid creates an application file using TA for each application, is divided for its second grade file in application file One region, different second grade files have respective offset in application file, and wallet is paid using TA with offset Mode manages each second grade file in application file.Fig. 2 shows that wallet pays the structure chart of application, and it includes municipal all-purpose card Using the application file of multiple applications such as, subway application.Fig. 3 shows the structure of the application file of " city leads to ".
Preferably, each second grade file has file identification (FID) corresponding with its data source types.Data source types are such as Key file, essential information file, wallet file etc..Wallet is paid calls corresponding two using TA using file identification as index Level file.
In scene is actually used, wallet, which is paid, applies application file different in TA to pass through region according to region division Isolation ensure each application file data source isolation, ensured the firewall system between each application.
The data source that safety management module pays application to wallet provides safeguard protection.Safety management module includes safety and belonged to Property setting submodule, safe condition management submodule, cryptographic algorithm submodule, safety certification submodule and transmission data protection Submodule.It is all to enforce that wallet, which is paid using security mechanisms all TA, once setting cannot be got around, so as to effectively protect Protect the renewal of its data source, read.
Security attribute setting submodule is used to set level of security for each second grade file, for protecting the access of data source. Being stored in the data source that wallet is paid in application can not arbitrarily be changed, and the security attribute in each region, more new file, which need to encrypt, to be protected Shield or the link layer protection for adding MAC, or external authentication is needed before more new file, certification could update after.
Key management submodule is used to manage key, and key needs link layer encryption to protect when writing.Key is written into money Bag can not be read after paying application.
Safe condition management submodule is used for the safe condition for safeguarding each second grade file, and safety certification is by that could obtain phase The safe condition answered, so as to open the access rights of second grade file data source.It is second grade file setting 16 that wallet, which is paid using TA, Individual level of security state.
, it is necessary to follow the transaction using code requirement when the amount of money that crypto-operation submodule is used in wallet file updates Flow (combination of trade command), process key is produced, the MAC of link layer is calculated by process key, just can after being verified The remaining sum of storage is updated.
Random number is encrypted using key for safety certification submodule, passes through encrypted result validation of payment applications client Whether identical key is grasped, so as to identify identity.
Transmission data protection submodule interaction data can be encrypted by key computing or link layer MAC protections.
In the present embodiment, wallet is paid using the file management requirement in compatible existing application system comprehensively to card, peace Full guard requirement, command interface requirement, and operate in credible performing environment, avoid equipment (POS, the lock in application system Machine etc.) while transformed, itself and open system data isolation are improved wallet and pay safety of application etc. by TEE environment Level.
Embodiment two
This application provides the method for mobile payment suitable for above-mentioned mobile terminal.Being run in credible performing environment TEE has Wallet, which is paid, applies (TA), and its program, data are downloaded in credible performing environment TEE, the operation system with open system environment System isolation, has been effectively shielded from the risk that open operation system is brought.
Wallet pays and downloaded to using TA after mobile terminal, it is necessary to after the safety certification for passing through the starting stage, can just swash Its function living.As shown in fig. 6, in the starting stage, wallet pays the related command that safety certification is only supported using TA, selects main peace Initialization escape way is established after universe, enters the activation stage by rear in safety certification.Complete order is supported in the activation stage, Such as the related command of safety certification, installation and the order of deletion application file, using individualized order and using trade command Deng.
In starting stage and activation stage, wallet is paid provides security attribute setting, safe condition management, password using TA The security strategies such as algorithm, safety certification, transmission data protection etc. be complete.
As shown in figure 4, when moving payment using mobile terminal, comprise the following steps:
S410:The communication management module that wallet pays application receives the payment applications client CA from open system environment APDU orders, and check the form of APDU orders;If form is qualified, the APDU orders are dispatched to order management module.
S420:Order management module calls safety management module, and authentication is carried out to paying applications client CA;
S430:If authentication is by the way that order management module calls the application file in document management module, to APDU Order is handled, and result is returned and pays applications client CA.
As one embodiment, at least one application file is provided with document management module 140, each application file is with moving One application function of dynamic terminal is corresponding, mutually isolated between different application files.Each application function, which has, uniquely should With identifier (AID), therefore use filename of the application identifier as its application file.
In this embodiment, in S410, APDU orders include the application identifier for the application function that needs are opened (AID).In S430, if authentication by, order management module call in document management module with answering in APDU orders The application file corresponding to identifier.So, paying applications client CA in each transaction can only be with one of practical writing Part interacts, and it is isolated naturally with other application files, it is ensured that the safety of other application files.
On this basis, wallet, which pays to apply in TA, is stored with application function registration table, is stored with the registration table available Application function application identifier.In S420, safety management module is by the application identifier and application function in APDU orders Application identifier in registration table is matched, and if there is the application identifier of matching, then authentication passes through.
In payment process, because credible performing environment TEE is slower to opening, the read and write access speed of file, and money Bag is paid can be to the data frequent operation in file using TA so that the speed of payment is slow, the poor performance of whole system.
In order to optimize performance, it is preferable that as shown in figure 5, paying called wallet using TA's in payment process Application file is copied in credible performing environment TEE caching (such as RAM), and APDU orders are handled in the buffer, will be located Manage result to return before paying applications client CA, the data source after renewal is write back in application file.In this embodiment, As shown in figure 3, the data source in all second grade files is rewritten data.
The characteristics of such operation is abundant using the cache resources of TEE environment improves processing speed, and data-moving is arrived In caching, using the data in caching during command process, reduce the number of reading and writing application file, optimize performance.
Preferably, wallet is paid creates an application file using TA for each application, and each second grade file in it exists A region is divided in application file, different second grade files has respective offset in application file, and wallet is paid should Each second grade file in application file is managed in a manner of offset with TA.
In the APDU command process shown in Fig. 5, result is returned before paying applications client CA, calculated The minimum renewal offset of second grade file in application file, and the data source after renewal is write back in application file.For example, such as Shown in Fig. 3, the corresponding offset of each second grade file, Key files (2), wallet file are have invoked when handling APDU orders (6) and transaction record file (9), then minimum renewal offset is 1-9, then in master catalogue entrance (1) to transaction record file (9) In re-write data, distribution of information file (10) is without renewal.
In the embodiment, carry out according to minimum renewal offset when updating application file, without updating unnecessary part, carry High data processing speed.
What the application realized has the beneficial effect that:
(1) wallet of the application is paid using the file management requirement in compatible existing application system comprehensively to card, peace Full guard requirement, command interface requirement, and operate in credible performing environment, avoid equipment (POS, the lock in application system Machine etc.) while transformed, itself and open system data isolation are improved wallet and pay safety of application etc. by TEE environment Level.
(2) the application is transferred by the application identifier of application file, avoids unwanted application file from being opened, Make to form nature isolation between application file, it is ensured that the safety of application file.
(3) the application copies called application file at the place that APDU orders are carried out in the caching of credible performing environment Reason, improve the read or write speed of file.
(4) the application improves data processing speed using minimum renewal offset renewal application file.
Although having been described for the preferred embodiment of the application, those skilled in the art once know basic creation Property concept, then can make other change and modification to these embodiments.So appended claims be intended to be construed to include it is excellent Select embodiment and fall into having altered and changing for the application scope.Obviously, those skilled in the art can be to the application Various changes and modification are carried out without departing from spirit and scope.So, if these modifications and variations of the application Belong within the scope of the application claim and its equivalent technologies, then the application is also intended to exist comprising these changes and modification It is interior.

Claims (10)

1. a kind of mobile terminal, the mobile terminal supports mutually isolated open system environment and credible performing environment, and it is special Sign is, wallet is run in the credible performing environment and pays application, the wallet, which pays application, includes communication management module, text Part management module, safety management module and order management module;
The communication management module is interacted by APDU orders-response pair with the open system environment;
The order management module is connected with the communication management module, for receiving APDU orders and returning to APDU orders Result;
The safety management module and the document management module are connected with the order management module, are respectively used to management safety Authentication data and file data.
2. mobile terminal according to claim 1, it is characterised in that the document management module includes at least one application File, each application file is corresponding with an application function of the mobile terminal, and the different application files is mutual Isolation;Each application function has unique application identifier, applies work(corresponding to the file of the application file is entitled The application identifier of energy.
3. mobile terminal according to claim 2, it is characterised in that each application file includes at least one two level File, the different second grade files have respective offset in the application file.
4. the mobile terminal according to Claims 2 or 3, it is characterised in that each second grade file has and its data The corresponding file identification of Source Type.
5. mobile terminal according to claim 1, it is characterised in that the order management module supports APDU command sets, The APDU command sets include individualized order and utility command, and the utility command deposits order including circle, consumption is ordered, compound Consumption order.
6. mobile terminal according to claim 1, it is characterised in that the safety management module is set including security attribute Submodule, safe condition management submodule, cryptographic algorithm submodule, safety certification submodule and transmission data protection submodule Block.
7. a kind of method of mobile payment, suitable for mobile terminal, the mobile terminal supports mutually isolated open system environment With credible performing environment, it is characterised in that wallet is run in the credible performing environment and pays application, the method for mobile payment Including:
Receive the APDU orders of the payment applications client from the open system environment;
Authentication is carried out to the payment applications client;
If the authentication by, call the wallet to pay the file in application, the APDU orders handled, And result is returned into the payment applications client.
8. method of mobile payment according to claim 7, it is characterised in that the wallet pays at least one using including Application file, each application file is corresponding with an application function of the mobile terminal, each application file tool There is unique application identifier as file name;
Wherein, the APDU orders include the application identifier for the application function that needs are opened;
The wallet pays application and calls corresponding application file according to the application identifier.
9. method of mobile payment according to claim 8, it is characterised in that carrying out processing to the APDU orders includes:
The credible performing environment copies called application file in the caching of the credible performing environment to;
The APDU orders are handled using the application file in the caching;And
Before result is returned into the payment applications client, the data updated in processing procedure are write into the wallet branch Pay corresponding application file in application.
10. method of mobile payment according to claim 9, it is characterised in that each application file includes at least one Individual second grade file, the different second grade files have respective offset in the application file;
Wherein, before result being returned into the payment applications client, second grade file is calculated in the application file most Small renewal offset, and the data updated in processing procedure are write into corresponding second grade file.
CN201710998316.8A 2017-10-24 2017-10-24 Mobile terminal and mobile payment method Active CN107679858B (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
CN201710998316.8A CN107679858B (en) 2017-10-24 2017-10-24 Mobile terminal and mobile payment method

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
CN201710998316.8A CN107679858B (en) 2017-10-24 2017-10-24 Mobile terminal and mobile payment method

Publications (2)

Publication Number Publication Date
CN107679858A true CN107679858A (en) 2018-02-09
CN107679858B CN107679858B (en) 2019-12-10

Family

ID=61140408

Family Applications (1)

Application Number Title Priority Date Filing Date
CN201710998316.8A Active CN107679858B (en) 2017-10-24 2017-10-24 Mobile terminal and mobile payment method

Country Status (1)

Country Link
CN (1) CN107679858B (en)

Cited By (1)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN109145628A (en) * 2018-09-06 2019-01-04 江苏恒宝智能系统技术有限公司 A kind of collecting method and system based on credible performing environment

Citations (9)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN1920889A (en) * 2006-06-22 2007-02-28 北京飞天诚信科技有限公司 Method for controlling multiple operations of smart card
CN101246615A (en) * 2008-03-07 2008-08-20 北京握奇数据系统有限公司 System and device for long-range managing electronic purse state
US20140012749A1 (en) * 2012-06-29 2014-01-09 Kt Corporation Electronic wallet based remittance
CN104899506A (en) * 2015-05-08 2015-09-09 深圳市雪球科技有限公司 Security system implementation method based on virtual security element in trusted execution environment
CN105590201A (en) * 2015-04-23 2016-05-18 中国银联股份有限公司 Mobile payment device and mobile payment system
CN105843653A (en) * 2016-04-12 2016-08-10 恒宝股份有限公司 TA (trusted application) configuration method and device
CN106254323A (en) * 2016-07-27 2016-12-21 恒宝股份有限公司 The exchange method of a kind of TA and SE, TA, SE and TSM platform
CN107004189A (en) * 2014-09-22 2017-08-01 万事达卡国际股份有限公司 Payment system and the method used for managing payment card
US20170257655A1 (en) * 2016-03-03 2017-09-07 Ingenico Group Method for the execution and processing of data, corresponding device and computer program

Patent Citations (9)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN1920889A (en) * 2006-06-22 2007-02-28 北京飞天诚信科技有限公司 Method for controlling multiple operations of smart card
CN101246615A (en) * 2008-03-07 2008-08-20 北京握奇数据系统有限公司 System and device for long-range managing electronic purse state
US20140012749A1 (en) * 2012-06-29 2014-01-09 Kt Corporation Electronic wallet based remittance
CN107004189A (en) * 2014-09-22 2017-08-01 万事达卡国际股份有限公司 Payment system and the method used for managing payment card
CN105590201A (en) * 2015-04-23 2016-05-18 中国银联股份有限公司 Mobile payment device and mobile payment system
CN104899506A (en) * 2015-05-08 2015-09-09 深圳市雪球科技有限公司 Security system implementation method based on virtual security element in trusted execution environment
US20170257655A1 (en) * 2016-03-03 2017-09-07 Ingenico Group Method for the execution and processing of data, corresponding device and computer program
CN105843653A (en) * 2016-04-12 2016-08-10 恒宝股份有限公司 TA (trusted application) configuration method and device
CN106254323A (en) * 2016-07-27 2016-12-21 恒宝股份有限公司 The exchange method of a kind of TA and SE, TA, SE and TSM platform

Cited By (2)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN109145628A (en) * 2018-09-06 2019-01-04 江苏恒宝智能系统技术有限公司 A kind of collecting method and system based on credible performing environment
CN109145628B (en) * 2018-09-06 2020-08-25 江苏恒宝智能系统技术有限公司 Data acquisition method and system based on trusted execution environment

Also Published As

Publication number Publication date
CN107679858B (en) 2019-12-10

Similar Documents

Publication Publication Date Title
CN109214197B (en) Method, apparatus and storage medium for processing private data based on block chain
CN108830601B (en) Smart city information safe use method and system based on block chain
EP3968200B1 (en) Methods and devices for transferring the result of processing on data assets based on blockchain
CN111164629A (en) Methods, apparatus, and computer-readable media for compliance-aware tokenization and control of asset value
US11803519B2 (en) Method and system for managing and securing subsets of data in a large distributed data store
US20110246518A1 (en) Method and system of distributed caching
JP2022504637A (en) Distributed ledger for encrypted digital IDs
CN107533616A (en) System and method for making data safety
CN101827101A (en) Information asset protection method based on credible isolated operating environment
AU2012266675B2 (en) Access control to data stored in a cloud
US11520905B2 (en) Smart data protection
US9996686B2 (en) Password retrieval system and method involving token usage without prior knowledge of the password
CN109039652A (en) A kind of number leads to generation and the application method of card
CN112583887B (en) Data credible sharing method based on block chain
CN109388957A (en) Information transfer method, device, medium and electronic equipment based on block chain
CN101840471A (en) Document right control method and device
CN106156345B (en) Item file deposits card method, deposits card equipment and terminal device
CN113015991A (en) Secure digital wallet processing system
CN109446259A (en) Data processing method and device, processor and storage medium
CN102063431B (en) Information database system and method for controlling systematic access of information database
CN106372874A (en) Internet of things mobile finance payment system based on cloud platform
CN108319849A (en) Equipment strategy management system based on Android twin containers system and management domain implementation method
CN111160803A (en) Business process safety and management method and system based on block chain
CN103561042A (en) Method and device for processing cross-regional important data
CN107679858A (en) Mobile terminal and method of mobile payment

Legal Events

Date Code Title Description
PB01 Publication
PB01 Publication
SE01 Entry into force of request for substantive examination
SE01 Entry into force of request for substantive examination
GR01 Patent grant
GR01 Patent grant