CN107679858A - Mobile terminal and method of mobile payment - Google Patents
Mobile terminal and method of mobile payment Download PDFInfo
- Publication number
- CN107679858A CN107679858A CN201710998316.8A CN201710998316A CN107679858A CN 107679858 A CN107679858 A CN 107679858A CN 201710998316 A CN201710998316 A CN 201710998316A CN 107679858 A CN107679858 A CN 107679858A
- Authority
- CN
- China
- Prior art keywords
- application
- file
- management module
- wallet
- mobile terminal
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Granted
Links
Classifications
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06Q—INFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES, NOT OTHERWISE PROVIDED FOR
- G06Q20/00—Payment architectures, schemes or protocols
- G06Q20/38—Payment protocols; Details thereof
- G06Q20/382—Payment protocols; Details thereof insuring higher security of transaction
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/50—Monitoring users, programs or devices to maintain the integrity of platforms, e.g. of processors, firmware or operating systems
- G06F21/52—Monitoring users, programs or devices to maintain the integrity of platforms, e.g. of processors, firmware or operating systems during program execution, e.g. stack integrity ; Preventing unwanted data erasure; Buffer overflow
- G06F21/53—Monitoring users, programs or devices to maintain the integrity of platforms, e.g. of processors, firmware or operating systems during program execution, e.g. stack integrity ; Preventing unwanted data erasure; Buffer overflow by executing in a restricted environment, e.g. sandbox or secure virtual machine
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06Q—INFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES, NOT OTHERWISE PROVIDED FOR
- G06Q20/00—Payment architectures, schemes or protocols
- G06Q20/30—Payment architectures, schemes or protocols characterised by the use of specific devices or networks
- G06Q20/36—Payment architectures, schemes or protocols characterised by the use of specific devices or networks using electronic wallets or electronic money safes
- G06Q20/367—Payment architectures, schemes or protocols characterised by the use of specific devices or networks using electronic wallets or electronic money safes involving electronic purses or money safes
Abstract
The application provides a kind of mobile terminal, mobile terminal supports mutually isolated open system environment and credible performing environment, wallet is run in credible performing environment and pays application, wallet, which pays application, includes communication management module, document management module, safety management module and order management module;Communication management module is interacted by APDU command responses pair with open system environment;Order management module is connected with communication management module, for receiving APDU orders and returning to the result of APDU orders;Safety management module and document management module are connected with order management module, are respectively used to manage safety certification data and file data.While the application avoids the equipment in application system from being transformed, itself and open system data isolation are improved the safe class that wallet pays application by TEE environment.
Description
Technical field
The application is related to credible performing environment technical field, more particularly to a kind of mobile terminal and method of mobile payment.
Background technology
The small amount payment field such as existing public transport, subway, supermarket, largely carry out bankcard consumption using card.During payment,
The payment system of POS sends APDU orders to the operating system of card, and operating system will place after handling APDU orders
Reason result returns to POS, completes to pay.
With the propulsion of mobile payment technology, the carrier of small amount payment application is not only limited to card, based on mobile phone, bracelet
Payment application Deng electronic equipment is gradually ripe, but because carrier that electronic equipment is paid no longer is the card of physical isolation, institute
With also just to proposing new requirement safely.
Payment application based on electronic device carriers such as mobile phones, if based on open operating system, meeting in payment process
Kinds of risks be present, for example mobile phone viruses, fishing, wooden horse etc., for ensure safety, pay application may on-line real-time, renewal
Key, but existing card pays and all carried out in offline state, this, which just needs to transform existing public transport, subway etc., sets
Standby system, research and development and equipment replacement cost are higher.
The content of the invention
The purpose of the application is to provide a kind of mobile terminal and method of mobile payment, reduces O&M cost, simplify expense
Way to manage, facilitate joint venture and large scale application.
To reach above-mentioned purpose, the application provides a kind of mobile terminal, and mobile terminal supports mutually isolated open system
Environment and credible performing environment, wallet is run in credible performing environment and pays application, wallet, which pays application, includes communication management mould
Block, document management module, safety management module and order management module;Communication management module passes through APDU orders-response pair
Interacted with open system environment;Order management module is connected with communication management module, for receiving APDU orders and returning
Return the result of APDU orders;Safety management module and document management module are connected with order management module, are respectively used to pipe
Manage safety certification data and file data.
As above, wherein, document management module includes at least one application file, each application file and mobile terminal
One application function is corresponding, and different application files is mutually isolated;Each application function has unique application identifier, applies
The application identifier of the entitled corresponding application function of file of file.
As above, wherein, each application file includes at least one second grade file, and different second grade files is in application file
In there is respective offset.
As above, wherein, each second grade file has file identification corresponding with its data source types.
As above, wherein, order management module supports APDU command sets, and APDU command sets include individualized order and application
Order, utility command deposit order, consumption order, compound consumption order including circle.
As above, wherein, safety management module includes security attribute setting submodule, safe condition manages submodule, close
Code algorithm submodule, safety certification submodule and transmission data protection submodule.
The application also provides a kind of method of mobile payment, and suitable for mobile terminal, mobile terminal supports mutually isolated open
Place system environment and credible performing environment, wallet is run in credible performing environment and pays application, method of mobile payment includes:It is credible
Performing environment receives the APDU orders of the payment applications client from open system environment;Body is carried out to paying applications client
Part checking;If authentication is by calling wallet to pay the file in application, APDU orders being handled, and will handle
As a result return and pay applications client.
As above, wherein, wallet, which pays application, includes at least one application file, each application file and mobile terminal
One application function is corresponding, and each application file has unique application identifier as file name;Wherein, APDU orders are wrapped
Include the application identifier for the application function for needing to open;Wallet pays application and calls corresponding practical writing according to application identifier
Part.
As above, wherein, carrying out processing to APDU orders includes:Credible performing environment copies called application file
Into the caching of credible performing environment;APDU orders are handled using application file in the buffer;And by result
Return before paying applications client, the data updated in processing procedure write-in wallet is paid into corresponding practical writing in application
Part.
As above, wherein, each application file includes at least one second grade file, and different second grade files is in application file
In there is respective offset;Wherein, result is returned before paying applications client, calculates two level text in application file
The minimum renewal offset of part, and the data updated in processing procedure are write into corresponding second grade file.
What the application realized has the beneficial effect that:
(1) wallet of the application is paid using the file management requirement in compatible existing application system comprehensively to card, peace
Full guard requirement, command interface requirement, and operate in credible performing environment, avoid equipment (POS, the lock in application system
Machine etc.) while transformed, itself and open system data isolation are improved wallet and pay safety of application etc. by TEE environment
Level.
(2) the application is transferred by the application identifier of application file, avoids unwanted application file from being opened,
Make to form nature isolation between application file, it is ensured that the safety of application file.
(3) the application copies called application file at the place that APDU orders are carried out in the caching of credible performing environment
Reason, improve the read or write speed of file.
(4) the application improves data processing speed using minimum renewal offset renewal application file.
Brief description of the drawings
, below will be to embodiment or existing in order to illustrate more clearly of the embodiment of the present application or technical scheme of the prior art
There is the required accompanying drawing used in technology description to be briefly described, it should be apparent that, drawings in the following description are only this
Some embodiments described in application, for those skilled in the art, it can also be obtained according to these accompanying drawings other attached
Figure.
Fig. 1 is the structure chart according to the mobile terminal of the embodiment of the present application;
Fig. 2 is the structure chart that application is paid according to the wallet of the embodiment of the present application;
Fig. 3 is the structure chart according to the application file of the embodiment of the present application;
Fig. 4 is the flow chart for the method for mobile payment that the embodiment of the present application provides;
Fig. 5 is the processing schematic diagram for the APDU orders that the embodiment of the present application provides;
Fig. 6 is the flow chart of starting stage and activation stage that the wallet that the embodiment of the present application provides pays application.
Embodiment
With reference to the accompanying drawing in the embodiment of the present application, the technical scheme in the embodiment of the present application is carried out clear, complete
Ground describes, it is clear that described embodiment is some embodiments of the present application, rather than whole embodiments.Based on the application
In embodiment, the every other embodiment that those skilled in the art are obtained under the premise of creative work is not made, all
Belong to the scope of the application protection.
Embodiment one
This application provides a kind of mobile terminal (such as mobile phone, bracelet), as shown in figure 1, mobile terminal support mutually every
From open system environment 200 and credible performing environment (Trusted Execution Environment, TEE) 100.TEE is
One piece of individual secure region on mobile terminal primary processor, it is and existing Mobile operating system (OS) and the safety operation system that deposits
System, security function is provided by the mobile OS environment that is isolated into of software and hardware.
Run wallet in credible performing environment to pay using (TA), wallet is paid to be downloaded to using TA program, data
In TEE environment, isolate with open operating system.As shown in figure 1, wallet is paid includes communication management module 110, text using TA
Part management module 140, safety management module 130 and order management module 120.Order management module 120 and communication management mould
Block 110 is connected, and safety management module 130 and document management module 140 are connected with order management module 120.
Communication management module 110 is in credible performing environment TEE by APDU orders-response pair and open system environment
Payment applications client CA (such as POS, gate, card reader pay application function) interact, mobile terminal and Open System
Environment of uniting pays the transmission channel applied between TA as terminal and wallet.APDU orders-response is to including ordering APDU and answering
Answer APDU.After receiving APDU orders, communication management module 110 checks command format, the qualified backward order management module 120 of form
Dispatching commands.After command process, communication management module 110 returns to response to applications client CA is paid.
According to its usage scenario, order management module supports APDU command sets, and it includes individualized order and utility command
Two class orders.Individualized order include establishment file, write-in key, more new file, more new record, read file, read record,
External authentication etc. is ordered.The trade commands such as utility command is deposited including circle, consumed, compound consumption.
Wallet pays the command set example such as following table using TA:
Wallet is paid realizes various command functions using TA by order management module 120.According to usage scenario, order work(
Two classes can be divided into:Personalization function, application function.Personalization function includes installation, deletes application, establishment file, loads key,
Paid for the initial data source for paying application to be individualized into wallet using in TA;Application function includes selection application, renewal
Data, read data, circle is deposited, consumed, compound consumption etc., for supplementing with money in scene is paid, consume.
At least one application file is provided with document management module 140, one of each application file and mobile terminal should
It is corresponding with function, it is mutually isolated between different application files.Each application function has unique application identifier (AID),
Therefore filename of the application identifier as its application file is used.Due to the uniqueness of application identifier, wallet pays application
TA is then indexed by filename, is searched the application file to be accessed.
Wallet is paid creates an application file using TA for each application, is divided for its second grade file in application file
One region, different second grade files have respective offset in application file, and wallet is paid using TA with offset
Mode manages each second grade file in application file.Fig. 2 shows that wallet pays the structure chart of application, and it includes municipal all-purpose card
Using the application file of multiple applications such as, subway application.Fig. 3 shows the structure of the application file of " city leads to ".
Preferably, each second grade file has file identification (FID) corresponding with its data source types.Data source types are such as
Key file, essential information file, wallet file etc..Wallet is paid calls corresponding two using TA using file identification as index
Level file.
In scene is actually used, wallet, which is paid, applies application file different in TA to pass through region according to region division
Isolation ensure each application file data source isolation, ensured the firewall system between each application.
The data source that safety management module pays application to wallet provides safeguard protection.Safety management module includes safety and belonged to
Property setting submodule, safe condition management submodule, cryptographic algorithm submodule, safety certification submodule and transmission data protection
Submodule.It is all to enforce that wallet, which is paid using security mechanisms all TA, once setting cannot be got around, so as to effectively protect
Protect the renewal of its data source, read.
Security attribute setting submodule is used to set level of security for each second grade file, for protecting the access of data source.
Being stored in the data source that wallet is paid in application can not arbitrarily be changed, and the security attribute in each region, more new file, which need to encrypt, to be protected
Shield or the link layer protection for adding MAC, or external authentication is needed before more new file, certification could update after.
Key management submodule is used to manage key, and key needs link layer encryption to protect when writing.Key is written into money
Bag can not be read after paying application.
Safe condition management submodule is used for the safe condition for safeguarding each second grade file, and safety certification is by that could obtain phase
The safe condition answered, so as to open the access rights of second grade file data source.It is second grade file setting 16 that wallet, which is paid using TA,
Individual level of security state.
, it is necessary to follow the transaction using code requirement when the amount of money that crypto-operation submodule is used in wallet file updates
Flow (combination of trade command), process key is produced, the MAC of link layer is calculated by process key, just can after being verified
The remaining sum of storage is updated.
Random number is encrypted using key for safety certification submodule, passes through encrypted result validation of payment applications client
Whether identical key is grasped, so as to identify identity.
Transmission data protection submodule interaction data can be encrypted by key computing or link layer MAC protections.
In the present embodiment, wallet is paid using the file management requirement in compatible existing application system comprehensively to card, peace
Full guard requirement, command interface requirement, and operate in credible performing environment, avoid equipment (POS, the lock in application system
Machine etc.) while transformed, itself and open system data isolation are improved wallet and pay safety of application etc. by TEE environment
Level.
Embodiment two
This application provides the method for mobile payment suitable for above-mentioned mobile terminal.Being run in credible performing environment TEE has
Wallet, which is paid, applies (TA), and its program, data are downloaded in credible performing environment TEE, the operation system with open system environment
System isolation, has been effectively shielded from the risk that open operation system is brought.
Wallet pays and downloaded to using TA after mobile terminal, it is necessary to after the safety certification for passing through the starting stage, can just swash
Its function living.As shown in fig. 6, in the starting stage, wallet pays the related command that safety certification is only supported using TA, selects main peace
Initialization escape way is established after universe, enters the activation stage by rear in safety certification.Complete order is supported in the activation stage,
Such as the related command of safety certification, installation and the order of deletion application file, using individualized order and using trade command
Deng.
In starting stage and activation stage, wallet is paid provides security attribute setting, safe condition management, password using TA
The security strategies such as algorithm, safety certification, transmission data protection etc. be complete.
As shown in figure 4, when moving payment using mobile terminal, comprise the following steps:
S410:The communication management module that wallet pays application receives the payment applications client CA from open system environment
APDU orders, and check the form of APDU orders;If form is qualified, the APDU orders are dispatched to order management module.
S420:Order management module calls safety management module, and authentication is carried out to paying applications client CA;
S430:If authentication is by the way that order management module calls the application file in document management module, to APDU
Order is handled, and result is returned and pays applications client CA.
As one embodiment, at least one application file is provided with document management module 140, each application file is with moving
One application function of dynamic terminal is corresponding, mutually isolated between different application files.Each application function, which has, uniquely should
With identifier (AID), therefore use filename of the application identifier as its application file.
In this embodiment, in S410, APDU orders include the application identifier for the application function that needs are opened
(AID).In S430, if authentication by, order management module call in document management module with answering in APDU orders
The application file corresponding to identifier.So, paying applications client CA in each transaction can only be with one of practical writing
Part interacts, and it is isolated naturally with other application files, it is ensured that the safety of other application files.
On this basis, wallet, which pays to apply in TA, is stored with application function registration table, is stored with the registration table available
Application function application identifier.In S420, safety management module is by the application identifier and application function in APDU orders
Application identifier in registration table is matched, and if there is the application identifier of matching, then authentication passes through.
In payment process, because credible performing environment TEE is slower to opening, the read and write access speed of file, and money
Bag is paid can be to the data frequent operation in file using TA so that the speed of payment is slow, the poor performance of whole system.
In order to optimize performance, it is preferable that as shown in figure 5, paying called wallet using TA's in payment process
Application file is copied in credible performing environment TEE caching (such as RAM), and APDU orders are handled in the buffer, will be located
Manage result to return before paying applications client CA, the data source after renewal is write back in application file.In this embodiment,
As shown in figure 3, the data source in all second grade files is rewritten data.
The characteristics of such operation is abundant using the cache resources of TEE environment improves processing speed, and data-moving is arrived
In caching, using the data in caching during command process, reduce the number of reading and writing application file, optimize performance.
Preferably, wallet is paid creates an application file using TA for each application, and each second grade file in it exists
A region is divided in application file, different second grade files has respective offset in application file, and wallet is paid should
Each second grade file in application file is managed in a manner of offset with TA.
In the APDU command process shown in Fig. 5, result is returned before paying applications client CA, calculated
The minimum renewal offset of second grade file in application file, and the data source after renewal is write back in application file.For example, such as
Shown in Fig. 3, the corresponding offset of each second grade file, Key files (2), wallet file are have invoked when handling APDU orders
(6) and transaction record file (9), then minimum renewal offset is 1-9, then in master catalogue entrance (1) to transaction record file (9)
In re-write data, distribution of information file (10) is without renewal.
In the embodiment, carry out according to minimum renewal offset when updating application file, without updating unnecessary part, carry
High data processing speed.
What the application realized has the beneficial effect that:
(1) wallet of the application is paid using the file management requirement in compatible existing application system comprehensively to card, peace
Full guard requirement, command interface requirement, and operate in credible performing environment, avoid equipment (POS, the lock in application system
Machine etc.) while transformed, itself and open system data isolation are improved wallet and pay safety of application etc. by TEE environment
Level.
(2) the application is transferred by the application identifier of application file, avoids unwanted application file from being opened,
Make to form nature isolation between application file, it is ensured that the safety of application file.
(3) the application copies called application file at the place that APDU orders are carried out in the caching of credible performing environment
Reason, improve the read or write speed of file.
(4) the application improves data processing speed using minimum renewal offset renewal application file.
Although having been described for the preferred embodiment of the application, those skilled in the art once know basic creation
Property concept, then can make other change and modification to these embodiments.So appended claims be intended to be construed to include it is excellent
Select embodiment and fall into having altered and changing for the application scope.Obviously, those skilled in the art can be to the application
Various changes and modification are carried out without departing from spirit and scope.So, if these modifications and variations of the application
Belong within the scope of the application claim and its equivalent technologies, then the application is also intended to exist comprising these changes and modification
It is interior.
Claims (10)
1. a kind of mobile terminal, the mobile terminal supports mutually isolated open system environment and credible performing environment, and it is special
Sign is, wallet is run in the credible performing environment and pays application, the wallet, which pays application, includes communication management module, text
Part management module, safety management module and order management module;
The communication management module is interacted by APDU orders-response pair with the open system environment;
The order management module is connected with the communication management module, for receiving APDU orders and returning to APDU orders
Result;
The safety management module and the document management module are connected with the order management module, are respectively used to management safety
Authentication data and file data.
2. mobile terminal according to claim 1, it is characterised in that the document management module includes at least one application
File, each application file is corresponding with an application function of the mobile terminal, and the different application files is mutual
Isolation;Each application function has unique application identifier, applies work(corresponding to the file of the application file is entitled
The application identifier of energy.
3. mobile terminal according to claim 2, it is characterised in that each application file includes at least one two level
File, the different second grade files have respective offset in the application file.
4. the mobile terminal according to Claims 2 or 3, it is characterised in that each second grade file has and its data
The corresponding file identification of Source Type.
5. mobile terminal according to claim 1, it is characterised in that the order management module supports APDU command sets,
The APDU command sets include individualized order and utility command, and the utility command deposits order including circle, consumption is ordered, compound
Consumption order.
6. mobile terminal according to claim 1, it is characterised in that the safety management module is set including security attribute
Submodule, safe condition management submodule, cryptographic algorithm submodule, safety certification submodule and transmission data protection submodule
Block.
7. a kind of method of mobile payment, suitable for mobile terminal, the mobile terminal supports mutually isolated open system environment
With credible performing environment, it is characterised in that wallet is run in the credible performing environment and pays application, the method for mobile payment
Including:
Receive the APDU orders of the payment applications client from the open system environment;
Authentication is carried out to the payment applications client;
If the authentication by, call the wallet to pay the file in application, the APDU orders handled,
And result is returned into the payment applications client.
8. method of mobile payment according to claim 7, it is characterised in that the wallet pays at least one using including
Application file, each application file is corresponding with an application function of the mobile terminal, each application file tool
There is unique application identifier as file name;
Wherein, the APDU orders include the application identifier for the application function that needs are opened;
The wallet pays application and calls corresponding application file according to the application identifier.
9. method of mobile payment according to claim 8, it is characterised in that carrying out processing to the APDU orders includes:
The credible performing environment copies called application file in the caching of the credible performing environment to;
The APDU orders are handled using the application file in the caching;And
Before result is returned into the payment applications client, the data updated in processing procedure are write into the wallet branch
Pay corresponding application file in application.
10. method of mobile payment according to claim 9, it is characterised in that each application file includes at least one
Individual second grade file, the different second grade files have respective offset in the application file;
Wherein, before result being returned into the payment applications client, second grade file is calculated in the application file most
Small renewal offset, and the data updated in processing procedure are write into corresponding second grade file.
Priority Applications (1)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
CN201710998316.8A CN107679858B (en) | 2017-10-24 | 2017-10-24 | Mobile terminal and mobile payment method |
Applications Claiming Priority (1)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
CN201710998316.8A CN107679858B (en) | 2017-10-24 | 2017-10-24 | Mobile terminal and mobile payment method |
Publications (2)
Publication Number | Publication Date |
---|---|
CN107679858A true CN107679858A (en) | 2018-02-09 |
CN107679858B CN107679858B (en) | 2019-12-10 |
Family
ID=61140408
Family Applications (1)
Application Number | Title | Priority Date | Filing Date |
---|---|---|---|
CN201710998316.8A Active CN107679858B (en) | 2017-10-24 | 2017-10-24 | Mobile terminal and mobile payment method |
Country Status (1)
Country | Link |
---|---|
CN (1) | CN107679858B (en) |
Cited By (1)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN109145628A (en) * | 2018-09-06 | 2019-01-04 | 江苏恒宝智能系统技术有限公司 | A kind of collecting method and system based on credible performing environment |
Citations (9)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN1920889A (en) * | 2006-06-22 | 2007-02-28 | 北京飞天诚信科技有限公司 | Method for controlling multiple operations of smart card |
CN101246615A (en) * | 2008-03-07 | 2008-08-20 | 北京握奇数据系统有限公司 | System and device for long-range managing electronic purse state |
US20140012749A1 (en) * | 2012-06-29 | 2014-01-09 | Kt Corporation | Electronic wallet based remittance |
CN104899506A (en) * | 2015-05-08 | 2015-09-09 | 深圳市雪球科技有限公司 | Security system implementation method based on virtual security element in trusted execution environment |
CN105590201A (en) * | 2015-04-23 | 2016-05-18 | 中国银联股份有限公司 | Mobile payment device and mobile payment system |
CN105843653A (en) * | 2016-04-12 | 2016-08-10 | 恒宝股份有限公司 | TA (trusted application) configuration method and device |
CN106254323A (en) * | 2016-07-27 | 2016-12-21 | 恒宝股份有限公司 | The exchange method of a kind of TA and SE, TA, SE and TSM platform |
CN107004189A (en) * | 2014-09-22 | 2017-08-01 | 万事达卡国际股份有限公司 | Payment system and the method used for managing payment card |
US20170257655A1 (en) * | 2016-03-03 | 2017-09-07 | Ingenico Group | Method for the execution and processing of data, corresponding device and computer program |
-
2017
- 2017-10-24 CN CN201710998316.8A patent/CN107679858B/en active Active
Patent Citations (9)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN1920889A (en) * | 2006-06-22 | 2007-02-28 | 北京飞天诚信科技有限公司 | Method for controlling multiple operations of smart card |
CN101246615A (en) * | 2008-03-07 | 2008-08-20 | 北京握奇数据系统有限公司 | System and device for long-range managing electronic purse state |
US20140012749A1 (en) * | 2012-06-29 | 2014-01-09 | Kt Corporation | Electronic wallet based remittance |
CN107004189A (en) * | 2014-09-22 | 2017-08-01 | 万事达卡国际股份有限公司 | Payment system and the method used for managing payment card |
CN105590201A (en) * | 2015-04-23 | 2016-05-18 | 中国银联股份有限公司 | Mobile payment device and mobile payment system |
CN104899506A (en) * | 2015-05-08 | 2015-09-09 | 深圳市雪球科技有限公司 | Security system implementation method based on virtual security element in trusted execution environment |
US20170257655A1 (en) * | 2016-03-03 | 2017-09-07 | Ingenico Group | Method for the execution and processing of data, corresponding device and computer program |
CN105843653A (en) * | 2016-04-12 | 2016-08-10 | 恒宝股份有限公司 | TA (trusted application) configuration method and device |
CN106254323A (en) * | 2016-07-27 | 2016-12-21 | 恒宝股份有限公司 | The exchange method of a kind of TA and SE, TA, SE and TSM platform |
Cited By (2)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN109145628A (en) * | 2018-09-06 | 2019-01-04 | 江苏恒宝智能系统技术有限公司 | A kind of collecting method and system based on credible performing environment |
CN109145628B (en) * | 2018-09-06 | 2020-08-25 | 江苏恒宝智能系统技术有限公司 | Data acquisition method and system based on trusted execution environment |
Also Published As
Publication number | Publication date |
---|---|
CN107679858B (en) | 2019-12-10 |
Similar Documents
Publication | Publication Date | Title |
---|---|---|
CN109214197B (en) | Method, apparatus and storage medium for processing private data based on block chain | |
CN108830601B (en) | Smart city information safe use method and system based on block chain | |
EP3968200B1 (en) | Methods and devices for transferring the result of processing on data assets based on blockchain | |
CN111164629A (en) | Methods, apparatus, and computer-readable media for compliance-aware tokenization and control of asset value | |
US11803519B2 (en) | Method and system for managing and securing subsets of data in a large distributed data store | |
US20110246518A1 (en) | Method and system of distributed caching | |
JP2022504637A (en) | Distributed ledger for encrypted digital IDs | |
CN107533616A (en) | System and method for making data safety | |
CN101827101A (en) | Information asset protection method based on credible isolated operating environment | |
AU2012266675B2 (en) | Access control to data stored in a cloud | |
US11520905B2 (en) | Smart data protection | |
US9996686B2 (en) | Password retrieval system and method involving token usage without prior knowledge of the password | |
CN109039652A (en) | A kind of number leads to generation and the application method of card | |
CN112583887B (en) | Data credible sharing method based on block chain | |
CN109388957A (en) | Information transfer method, device, medium and electronic equipment based on block chain | |
CN101840471A (en) | Document right control method and device | |
CN106156345B (en) | Item file deposits card method, deposits card equipment and terminal device | |
CN113015991A (en) | Secure digital wallet processing system | |
CN109446259A (en) | Data processing method and device, processor and storage medium | |
CN102063431B (en) | Information database system and method for controlling systematic access of information database | |
CN106372874A (en) | Internet of things mobile finance payment system based on cloud platform | |
CN108319849A (en) | Equipment strategy management system based on Android twin containers system and management domain implementation method | |
CN111160803A (en) | Business process safety and management method and system based on block chain | |
CN103561042A (en) | Method and device for processing cross-regional important data | |
CN107679858A (en) | Mobile terminal and method of mobile payment |
Legal Events
Date | Code | Title | Description |
---|---|---|---|
PB01 | Publication | ||
PB01 | Publication | ||
SE01 | Entry into force of request for substantive examination | ||
SE01 | Entry into force of request for substantive examination | ||
GR01 | Patent grant | ||
GR01 | Patent grant |