CN108053012A - A kind of Bluetooth intelligent card and its method for controlling transaction risk - Google Patents

A kind of Bluetooth intelligent card and its method for controlling transaction risk Download PDF

Info

Publication number
CN108053012A
CN108053012A CN201711454809.1A CN201711454809A CN108053012A CN 108053012 A CN108053012 A CN 108053012A CN 201711454809 A CN201711454809 A CN 201711454809A CN 108053012 A CN108053012 A CN 108053012A
Authority
CN
China
Prior art keywords
transaction
risk
data
intelligent card
merchant tenninal
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Granted
Application number
CN201711454809.1A
Other languages
Chinese (zh)
Other versions
CN108053012B (en
Inventor
陆舟
于华章
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
Feitian Technologies Co Ltd
Original Assignee
Feitian Technologies Co Ltd
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Feitian Technologies Co Ltd filed Critical Feitian Technologies Co Ltd
Priority to CN201711454809.1A priority Critical patent/CN108053012B/en
Publication of CN108053012A publication Critical patent/CN108053012A/en
Application granted granted Critical
Publication of CN108053012B publication Critical patent/CN108053012B/en
Active legal-status Critical Current
Anticipated expiration legal-status Critical

Links

Classifications

    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06KGRAPHICAL DATA READING; PRESENTATION OF DATA; RECORD CARRIERS; HANDLING RECORD CARRIERS
    • G06K19/00Record carriers for use with machines and with at least a part designed to carry digital markings
    • G06K19/06Record carriers for use with machines and with at least a part designed to carry digital markings characterised by the kind of the digital marking, e.g. shape, nature, code
    • G06K19/067Record carriers with conductive marks, printed circuits or semiconductor circuit elements, e.g. credit or identity cards also with resonating or responding marks without active components
    • G06K19/07Record carriers with conductive marks, printed circuits or semiconductor circuit elements, e.g. credit or identity cards also with resonating or responding marks without active components with integrated circuit chips
    • G06K19/0723Record carriers with conductive marks, printed circuits or semiconductor circuit elements, e.g. credit or identity cards also with resonating or responding marks without active components with integrated circuit chips the record carrier comprising an arrangement for non-contact communication, e.g. wireless communication circuits on transponder cards, non-contact smart cards or RFIDs
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06QINFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES, NOT OTHERWISE PROVIDED FOR
    • G06Q20/00Payment architectures, schemes or protocols
    • G06Q20/38Payment protocols; Details thereof
    • G06Q20/40Authorisation, e.g. identification of payer or payee, verification of customer or shop credentials; Review and approval of payers, e.g. check credit lines or negative lists
    • G06Q20/401Transaction verification
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06QINFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES, NOT OTHERWISE PROVIDED FOR
    • G06Q20/00Payment architectures, schemes or protocols
    • G06Q20/38Payment protocols; Details thereof
    • G06Q20/40Authorisation, e.g. identification of payer or payee, verification of customer or shop credentials; Review and approval of payers, e.g. check credit lines or negative lists
    • G06Q20/401Transaction verification
    • G06Q20/4016Transaction verification involving fraud or risk level assessment in transaction processing

Landscapes

  • Engineering & Computer Science (AREA)
  • Business, Economics & Management (AREA)
  • Accounting & Taxation (AREA)
  • Theoretical Computer Science (AREA)
  • Physics & Mathematics (AREA)
  • General Physics & Mathematics (AREA)
  • Computer Security & Cryptography (AREA)
  • Finance (AREA)
  • Strategic Management (AREA)
  • General Business, Economics & Management (AREA)
  • Microelectronics & Electronic Packaging (AREA)
  • Computer Hardware Design (AREA)
  • Computer Networks & Wireless Communication (AREA)
  • Financial Or Insurance-Related Operations Such As Payment And Settlement (AREA)

Abstract

The invention discloses a kind of Bluetooth intelligent card and its methods for controlling transaction risk, are related to technical field of intelligent card, before Bluetooth intelligent card and merchant tenninal are traded, will obtain request of data to be verified and be sent to merchant tenninal;Receive the data to be verified from merchant tenninal;Bluetooth intelligent card judges transaction with the presence or absence of risk according to the first safe key, risk verification data and data to be verified, if so, risky to merchant tenninal prompting transaction;Otherwise it is traded with merchant tenninal;Bluetooth intelligent card provided by the invention can be traded with merchant tenninal, without completing to merchandise by financial terminal in entire process of exchange, so as to reduce the risk of the sensitive information leakages such as user's PIN code or signing messages, improve the convenience and security of transaction, and blue-tooth intelligence is stuck in start transaction with merchant tenninal before, judge that transaction with the presence or absence of risk, is traded again with merchant tenninal after being judged as NO, further ensures the security of transaction.

Description

A kind of Bluetooth intelligent card and its method for controlling transaction risk
Technical field
The present invention relates to field of intelligent cards, more particularly to a kind of Bluetooth intelligent card and its method for controlling transaction risk.
Background technology
In the prior art, smart card need by financial terminal (such as:POS machine) financial transaction, convenience could be completed Difference, and the sensitive informations such as user's PIN code or signing messages are easily revealed in process of exchange, and there are security risks.
The content of the invention
The present invention provides a kind of Bluetooth intelligent card and its methods for controlling transaction risk, solve above-mentioned technical problem.
The present invention provides a kind of method of blue-tooth intelligence card control transaction risk, including:
Step s1:Bluetooth intelligent card establishes bluetooth connection with merchant tenninal;
Step s2:The Bluetooth intelligent card receives the request from the merchant tenninal by Bluetooth channels;When receiving Step s3 is performed during transaction request;
Step s3:The Bluetooth intelligent card selects to apply according to the transaction request;
Step s4:The Bluetooth intelligent card is traded preparation, obtains transaction and prepares result;
Step s5:The Bluetooth intelligent card prepares result according to the transaction and carries out behavioural analysis, obtains Trading Authorization knot Fruit;
Step s6:The Bluetooth intelligent card sends transaction message by Bluetooth channels to the merchant tenninal;The transaction Message includes the Transaction Information in the Trading Authorization result and the transaction request;
Step s7:The Bluetooth intelligent card receives the transaction response from the merchant tenninal by Bluetooth channels;According to The transaction response generation transaction record, the transaction record is sent by Bluetooth channels to the merchant tenninal;
After the step s1, further included before performing step s4:The Bluetooth intelligent card judges whether current transaction deposits In risk, if it is, risky to merchant tenninal prompting transaction;Otherwise, continuous business.
The present invention also provides a kind of Bluetooth intelligent card, including:First link block, the first receiving module, first choice Application module, the first transaction preparation module, the first behavior analysis module, the first sending module, the second receiving module, the first transaction Logging modle, the second sending module and the first risk authentication module;
First link block, for establishing bluetooth connection with merchant tenninal;
First receiving module, for receiving the request from the merchant tenninal by Bluetooth channels;
The first choice application module, the transaction request selection for being received according to first receiving module should With;
The first transaction preparation module obtains transaction preparation result for being traded preparation;
The first behavior analysis module, the transaction for being obtained according to the described first transaction preparation module prepare knot Fruit carries out behavioural analysis, obtains Trading Authorization result;
First sending module, it is described for sending transaction message to the merchant tenninal by the Bluetooth channels Transaction message includes the Trading Authorization result that the first behavior analysis module obtains and first receiving module connects Transaction Information in the transaction request received;
Second receiving module, for receiving the transaction response from the merchant tenninal by Bluetooth channels;
First trades record module, for the transaction response generation received according to second receiving module Transaction record;
Second sending module sends the first transaction record mould for passing through Bluetooth channels to the merchant tenninal The transaction record of block generation;
The first risk authentication module for working as after first receiving module receives the transaction request, works as institute It states the first transaction preparation module to be traded before preparation, judges current transaction with the presence or absence of risk;If it is, to the business Family terminal notifying transaction is risky;Otherwise, continuous business.
Beneficial effects of the present invention:The present invention provides a kind of Bluetooth intelligent card and its method for controlling transaction risk, sheets Invention provide Bluetooth intelligent card can be traded with merchant tenninal, in entire process of exchange without by financial terminal come Transaction is completed, so as to reduce the risk of the sensitive information leakages such as user's PIN code or signing messages, improves the convenience of transaction And security, and blue-tooth intelligence is stuck in before starting transaction with merchant tenninal, judges that transaction with the presence or absence of risk, is judged as NO It is traded again with merchant tenninal afterwards, further ensures the security of transaction.
Description of the drawings
Fig. 1 is a kind of flow chart of the method for blue-tooth intelligence card control transaction risk that the embodiment of the present invention 2 provides;
Fig. 2-1, Fig. 2-2 and Fig. 2-3 are a kind of side for blue-tooth intelligence card control transaction risk that the embodiment of the present invention 3 provides The flow chart of method;
Fig. 3-1, Fig. 3-2 and Fig. 3-3 are a kind of side for blue-tooth intelligence card control transaction risk that the embodiment of the present invention 4 provides The flow chart of method;
Fig. 4 is a kind of structure diagram for Bluetooth intelligent card that the embodiment of the present invention 5 provides.
Specific implementation method
Below in conjunction with the attached drawing in the embodiment of the present invention, the technical solution in the embodiment of the present invention is carried out clear, complete Site preparation describes, it is clear that described embodiment is only part of the embodiment of the present invention, instead of all the embodiments.It is based on Embodiment in the present invention, those of ordinary skill in the art are obtained every other without making creative work Embodiment belongs to the scope of protection of the invention.
Embodiment 1
A kind of method of blue-tooth intelligence card control transaction risk is present embodiments provided, including:
Step s1:Bluetooth intelligent card establishes bluetooth connection with merchant tenninal;
Step s2:Bluetooth intelligent card receives the request from merchant tenninal by Bluetooth channels;When receiving transaction request Shi Zhihang steps s3;
Step s3:Bluetooth intelligent card selects to apply according to transaction request;
Step s4:Bluetooth intelligent card is traded preparation, obtains transaction and prepares result;
In the present embodiment, transaction, which prepares result, to be included:Off line authentication result, processing limitation result, holder's verification result With terminal risk management result;Correspondingly:
Step s4 is specifically included:
Step g1:Application record is read in the application that blue-tooth intelligence card initialization has selected;
Step g2:Bluetooth intelligent card carries out off line certification, obtains off line authentication result;
Step g3:Bluetooth intelligent card carries out processing limitation, obtains processing limitation result;
Step g4:Bluetooth intelligent card applies record to verify holder according to what is read, obtains holder's verification As a result;
Step g5:Bluetooth intelligent card carries out terminal risk management, obtains terminal risk management result.
Step s5:Bluetooth intelligent card prepares result according to transaction and carries out behavioural analysis, obtains Trading Authorization result;
Step s6:Bluetooth intelligent card sends transaction message by Bluetooth channels to merchant tenninal;Transaction message includes handing over Transaction Information in easy Authorization result and transaction request;
Step s7:Bluetooth intelligent card receives the transaction response from merchant tenninal by Bluetooth channels;According to transaction response Transaction record is generated, transaction record is sent to merchant tenninal by Bluetooth channels;
After step s1, further included before performing step s4:Bluetooth intelligent card judges that current transaction whether there is risk, such as Fruit is, then risky to merchant tenninal prompting transaction;Otherwise, continuous business.
In the present embodiment, further included in institute step s2:When Bluetooth intelligent card is received by Bluetooth channels from trade company's end During the risk checking request at end, then step M1 is performed;
Step M1:Acquisition request of data to be verified including the risk of itself verification data is passed through bluetooth by Bluetooth intelligent card Passage is sent to merchant tenninal;Receive the data to be verified from merchant tenninal;Bluetooth intelligent card is according to the first safe key, wind Danger verification data and data to be verified judge transaction with the presence or absence of risk, if it is, risk verification is not by merchant tenninal Risky, the return to step s2 of prompting transaction;Otherwise, risk is verified, and starts to merchandise to merchant tenninal prompting, return to step s2;
Correspondingly, Bluetooth intelligent card judges that current transaction with the presence or absence of risk, is specially:Bluetooth intelligent card judges whether to lead to Risk verification is crossed, there is no risks if it is, judging current transaction;Otherwise, judge that there are risks for current transaction.
Further, after being judged as NO in step M1, further include:Set Secure Transaction mark corresponding with merchant tenninal Position;
Bluetooth intelligent card judges whether to verify by risk, is specially:Bluetooth intelligent card detection is corresponding with merchant tenninal Whether Secure Transaction flag bit is set, if it is, judging to verify by risk;Otherwise, judge not verify by risk.
Further, further included before step M1:Bluetooth intelligent card detects Secure Transaction mark corresponding with merchant tenninal Whether will position is set, if it is, start to merchandise to merchant tenninal prompting, return to step s2;Otherwise, step M1 is performed.
In the present embodiment, Bluetooth intelligent card judges that current transaction with the presence or absence of risk, can also be specially:Bluetooth intelligent card Acquisition request of data to be verified including the risk of itself verification data is sent to merchant tenninal by Bluetooth channels;It receives and From the data to be verified of merchant tenninal;Bluetooth intelligent card is sentenced according to the first safe key, risk verification data and data to be verified It breaks off a friendship easily with the presence or absence of risk.
Further, when Bluetooth intelligent card judges that current transaction there is no after risk, further includes:Set and merchant tenninal pair The Secure Transaction flag bit answered;Bluetooth intelligent card judges that current transaction further includes before with the presence or absence of risk:Bluetooth intelligent card is examined Survey whether Secure Transaction flag bit corresponding with merchant tenninal is set, if it is, continuous business;Otherwise, perform and judge to work as Preceding transaction is with the presence or absence of risk.
In the present embodiment, Bluetooth intelligent card further includes after the power is turned on and/or before lower electricity:Reset peace corresponding with merchant tenninal Full transaction signature position.
In the present embodiment, risk verification data include:Smartcard identification and/or random number;
When risk, which is verified, does not include smartcard identification in data, gone back before receiving the data to be verified from merchant tenninal Including:Smartcard identification is sent to merchant tenninal by Bluetooth intelligent card by Bluetooth channels.
Further, when risk verification data include smartcard identification, the side of blue-tooth intelligence card control transaction risk Method further includes:Merchant tenninal sends risk verification data to application server;Receive the data to be verified from application server;
When risk, which is verified, does not include smartcard identification in data, the method for blue-tooth intelligence card control transaction risk is also wrapped It includes:Merchant tenninal sends risk verification data and smartcard identification to application server;It receives from the to be tested of application server Demonstrate,prove data.
In the present embodiment, smartcard identification is the identity of Bluetooth intelligent card, is the number that can identify Bluetooth intelligent card According to.
Further, further included in the present embodiment:Application server is obtained according to smartcard identification and Bluetooth intelligent card Corresponding second safe key;Risk verification data are encrypted to obtain data to be verified using the second safe key.
Yet further, application server obtains the second safe key corresponding with Bluetooth intelligent card according to smartcard identification Before, further include:
Step h1:Merchant tenninal sends merchant identification to application server;
Step h2:Application server encrypts merchant identification using application server private key to obtain the first encryption data;To Merchant tenninal sends the first encryption data and the second random number of itself;
Step h3:Merchant tenninal is decrypted the first encryption data using application server public key to obtain the first decryption number According to;
Step h4:Merchant tenninal judges whether the first ciphertext data and merchant identification match, if so, performing step h5; Otherwise, report an error to Bluetooth intelligent card;
Step h5:The second random number is encrypted using trade company's private key the second encryption data of generation, Xiang Ying in merchant tenninal The second encryption data is sent with server;
Step h6:Application server is decrypted the second encryption data using trade company's public key to obtain the second ciphertext data;
Step h7:Application server judges whether the second ciphertext data and the second random number match, if it is, application clothes Device be engaged according to smartcard identification acquisition the second safe key corresponding with Bluetooth intelligent card;Otherwise, report an error to merchant tenninal.
In the present embodiment, Bluetooth intelligent card judges to hand over according to the first safe key, risk verification data and data to be verified Easily with the presence or absence of risk, can specifically include:Bluetooth intelligent card is encrypted according to the first safe key and risk verification data Computing obtains the second fiducial value;Bluetooth intelligent card judges whether data to be verified and the second fiducial value match, if it is, transaction There is no risks;Otherwise, there are risks for transaction.
In the present embodiment, Bluetooth intelligent card judges to hand over according to the first safe key, risk verification data and data to be verified Easily with the presence or absence of risk, can also specifically include:Bluetooth intelligent card obtains wind using the first secure key decryption data to be verified Dangerous comparison value carries out summary computing to risk verification data and obtains the first digest value, judges that the first digest value and risk are tested Whether card fiducial value matches, if it is, there is no risks for transaction;Otherwise, there are risks for transaction.
In the present embodiment, Bluetooth intelligent card judges to hand over according to the first safe key, risk verification data and data to be verified Easily with the presence or absence of risk, and can specifically include:Bluetooth intelligent card obtains wind using the first secure key decryption data to be verified Dangerous comparison value;Bluetooth intelligent card judges whether risk verification data and risk comparison value match, if it is, transaction There is no risks;Otherwise, there are risks for transaction.
In the present embodiment, after merchant tenninal gets smartcard identification, the method for blue-tooth intelligence card control transaction risk It further includes:Merchant tenninal sends smartcard identification to application server, receives from application server and smartcard identification pair The second safe key answered generates data to be verified according to the second safe key, risk verification data.
Correspondingly, data to be verified are generated according to the second safe key, risk verification data, can is specially:Trade company is whole End carries out summary computing to risk verification data and obtains the second digest value, is worth to using the second secure key encryption second summary Data to be verified;
Data to be verified are generated, and can be specially according to the second safe key, risk verification data:Merchant tenninal uses Second secure key encryption risk verification data obtain data to be verified.
Correspondingly, merchant tenninal receive from application server the second safe key corresponding with smartcard identification it Before, it further includes:
Step d1:Merchant tenninal sends merchant identification to application server;
Step d2:Application server encrypts merchant identification using application server private key to obtain the first encryption data;To Merchant tenninal sends the first encryption data and the second random number of itself;
Step d3:Merchant tenninal is decrypted the first encryption data using application server public key to obtain the first decryption number According to;
Step d4:Merchant tenninal judges whether the first ciphertext data and merchant identification match, if so, performing step d5; Otherwise, report an error to Bluetooth intelligent card;
Step d5:The second random number is encrypted using trade company's private key the second encryption data of generation, Xiang Ying in merchant tenninal The second encryption data is sent with server;
Step d6:Application server is decrypted the second encryption data using trade company's public key to obtain the second ciphertext data;
Step d7:Application server judges whether the second ciphertext data and the second random number match, if it is, application clothes Business device obtains the second safe key corresponding with smartcard identification;Otherwise, report an error to merchant tenninal.
In the present embodiment, after merchant tenninal gets smartcard identification, the method for blue-tooth intelligence card control transaction risk It further includes:Merchant tenninal sends smartcard identification to application server, receives from application server and smartcard identification pair Encrypted second safe key answered;Merchant tenninal is decrypted to obtain the second safe key to encrypted second safe key, Computing is encrypted according to the second safe key and risk verification data and generates data to be verified.
Further, merchant tenninal receives encrypted second safety corresponding with smartcard identification from application server Before key, further include:
Step f1:Merchant tenninal sends merchant identification to application server;
Step f2:Application server encrypts merchant identification using application server private key to obtain the first encryption data;To Merchant tenninal sends the first encryption data and the second random number of itself;
Step f3:Merchant tenninal is decrypted the first encryption data using application server public key to obtain the first decryption number According to;
Step f4:Merchant tenninal judges whether the first ciphertext data and merchant identification match, if so, performing step f5; Otherwise, report an error to Bluetooth intelligent card;
Step f5:The second random number is encrypted using trade company's private key the second encryption data of generation, Xiang Ying in merchant tenninal The second encryption data is sent with server;
Step f6:Application server is decrypted the second encryption data using trade company's public key to obtain the second ciphertext data;
Step f7:Application server judges whether the second ciphertext data and the second random number match, if it is, application clothes Business device obtains the second safe key corresponding with smartcard identification, and it is close that encrypted second safety is obtained to the second secure key encryption Key;Otherwise, report an error to merchant tenninal.
In the present embodiment, transaction, which prepares result, to be included:Off line authentication result, processing limitation result, holder's verification result With terminal risk management result;
Step s4 is specifically included:
Step g1:Application record is read in the application that blue-tooth intelligence card initialization has selected;
Step g2:Bluetooth intelligent card carries out off line certification, obtains off line authentication result;
Step g3:Bluetooth intelligent card carries out processing limitation, obtains processing limitation result;
Step g4:Bluetooth intelligent card applies record to verify holder according to what is read, obtains holder's verification As a result;
Step g5:Bluetooth intelligent card carries out terminal risk management, obtains terminal risk management result.
In the present embodiment, it can also include after step g1:Transaction Information of the Bluetooth intelligent card in transaction request is sentenced The disconnected transaction amount whether shown in Transaction Information, if it is not, then performing step g2;If it is, display transaction amount, waits User confirms, if detecting user's confirmation message in the first preset time, performs step g2;If in the first preset time User's confirmation message is not detected, then Bluetooth intelligent card shows error message, refusal transaction, and returns to mistake to merchant tenninal Information;After refusal transaction, further include:Bluetooth intelligent card display refusal Transaction Information.
In the present embodiment, step g4 is specially:Bluetooth intelligent card obtains holder's verification according to the application record read Mode when holder's verification mode is inputs online PIN, prompts user to input online PIN, if being obtained in the second preset time Online PIN input by user is got, then holder is verified, obtains holder's verification result, is verified and tied according to holder Fruit updates terminal authentication result;If not getting online PIN input by user in the second preset time, holder is tested Card unsuccessfully as holder's verification result, updates terminal authentication result according to holder's verification result;It is further included in transaction message Online PIN input by user.
Present embodiments provide a kind of method of blue-tooth intelligence card control transaction risk, Bluetooth intelligent card and merchant tenninal into Before row transaction, request of data to be verified will be obtained and be sent to merchant tenninal;Receive the data to be verified from merchant tenninal;It is blue Tooth smart card judges transaction with the presence or absence of risk according to the first safe key, risk verification data and data to be verified, if so, It is risky to merchant tenninal prompting transaction;Otherwise it is traded with merchant tenninal;Bluetooth intelligent card provided by the invention can be with Merchant tenninal is traded, without completing to merchandise by financial terminal in entire process of exchange, so as to reduce user PIN The risk of the sensitive information leakages such as code or signing messages improves the convenience and security of transaction, and blue-tooth intelligence is stuck in Before starting transaction with merchant tenninal, judge that transaction whether there is risk, be traded again with merchant tenninal after being judged as NO, into One step ensure that the security of transaction.
Embodiment 2
A kind of method of blue-tooth intelligence card control transaction risk is present embodiments provided, as shown in Figure 1, including:
Step 101:Bluetooth intelligent card establishes bluetooth connection with merchant tenninal;
Trade company's application is installed, merchant tenninal can be, but not limited to move eventually for trade company in the present embodiment, in merchant tenninal End.
Step 102:The request to be received from merchant tenninal such as Bluetooth intelligent card performs step when receiving transaction request Rapid 103;When receiving risk checking request, then step 108 is performed;
Step 103:Bluetooth intelligent card selects to apply according to transaction request;
Step 104:Bluetooth intelligent card is traded preparation, obtains transaction and prepares result;
Step 105:Bluetooth intelligent card prepares result according to transaction and carries out behavioural analysis, obtains Trading Authorization result;
Step 106:Bluetooth intelligent card includes Trading Authorization result to merchant tenninal transmission by Bluetooth channels and transaction please The transaction message of Transaction Information in asking;
Step 107:Bluetooth intelligent card receives the transaction response from merchant tenninal by Bluetooth channels;According to transaction response Transaction record is generated, transaction record, return to step 102 are sent to merchant tenninal by Bluetooth channels;
Step 108:Acquisition request of data to be verified including the risk of itself verification data is passed through indigo plant by Bluetooth intelligent card Tooth passage is sent to merchant tenninal;Receive the data to be verified from merchant tenninal;Bluetooth intelligent card according to the first safe key, Risk verifies that data and data to be verified judge transaction with the presence or absence of risk, if it is, risk verification is not by whole to trade company End prompting risk authentication failed, return to step 102;Otherwise, risk is verified, and is verified to merchant tenninal prompting risk, Return to step 102;
After receiving transaction request, before performing step 103 or step 104, further include:Judge that risk verifies whether to lead to It crosses, if it is, judging current transaction, there is no risks;Otherwise, judge that there are risks for current transaction.
After being judged as NO in step 108, further include:Set Secure Transaction flag bit corresponding with merchant tenninal;Correspondingly, Bluetooth intelligent card judges that risk is verified whether by being specially:Bluetooth intelligent card detects Secure Transaction corresponding with merchant tenninal Whether flag bit is set, if it is, judging that risk is verified, otherwise, judges that risk verification does not pass through.
Further, further included before step 108:Bluetooth intelligent card detects Secure Transaction mark corresponding with merchant tenninal Whether position is set, if so, start to merchandise to merchant tenninal prompting, return to step 102;Otherwise, step 108 is performed.
In the present embodiment, Bluetooth intelligent card further includes after the power is turned on and/or before lower electricity:Reset peace corresponding with merchant tenninal Full transaction signature position.
In the present embodiment, risk verification data include:Smartcard identification and/or random number;
When risk, which is verified, does not include smartcard identification in data, gone back before receiving the data to be verified from merchant tenninal Including:Smartcard identification is sent to merchant tenninal by Bluetooth intelligent card by Bluetooth channels.
Further, when risk verification data include smartcard identification, the side of blue-tooth intelligence card control transaction risk Method further includes:Merchant tenninal sends risk verification data to application server;Receive the data to be verified from application server;
When risk, which is verified, does not include smartcard identification in data, the method for blue-tooth intelligence card control transaction risk is also wrapped It includes:Merchant tenninal sends risk verification data and smartcard identification to application server;It receives from the to be tested of application server Demonstrate,prove data.
Further, further included in the present embodiment:Application server is obtained according to smartcard identification and Bluetooth intelligent card Corresponding second safe key;Risk verification data are encrypted to obtain data to be verified using the second safe key.
Yet further, before obtaining the second safe key corresponding with Bluetooth intelligent card according to smartcard identification, also wrap It includes:
Step h1:Merchant tenninal sends merchant identification to application server;
Step h2:Application server encrypts merchant identification using application server private key to obtain the first encryption data;To Merchant tenninal sends the first encryption data and the second random number of itself;
Step h3:Merchant tenninal is decrypted the first encryption data using application server public key to obtain the first decryption number According to;
Step h4:Merchant tenninal judges whether the first ciphertext data and merchant identification match, if so, performing step h5; Otherwise, report an error to Bluetooth intelligent card;
Step h5:The second random number is encrypted using trade company's private key the second encryption data of generation, Xiang Ying in merchant tenninal The second encryption data is sent with server;
Step h6:Application server is decrypted the second encryption data using trade company's public key to obtain the second ciphertext data;
Step h7:Application server judges whether the second ciphertext data and the second random number match, if it is, application clothes Device be engaged according to smartcard identification acquisition the second safe key corresponding with Bluetooth intelligent card;Otherwise, report an error to merchant tenninal.
In the present embodiment, Bluetooth intelligent card judges to hand over according to the first safe key, risk verification data and data to be verified Easily with the presence or absence of risk, can specifically include:Bluetooth intelligent card is encrypted according to the first safe key and risk verification data Computing obtains the second fiducial value;Bluetooth intelligent card judges whether data to be verified and the second fiducial value match, if it is, transaction There is no risks;Otherwise, there are risks for transaction.
In the present embodiment, Bluetooth intelligent card judges to hand over according to the first safe key, risk verification data and data to be verified Easily with the presence or absence of risk, can also specifically include:Bluetooth intelligent card obtains wind using the first secure key decryption data to be verified Dangerous comparison value carries out summary computing to risk verification data and obtains the first digest value, judges that the first digest value and risk are tested Whether card fiducial value matches, if it is, there is no risks for transaction;Otherwise, there are risks for transaction.
In the present embodiment, Bluetooth intelligent card judges to hand over according to the first safe key, risk verification data and data to be verified Easily with the presence or absence of risk, and can specifically include:Bluetooth intelligent card obtains wind using the first secure key decryption data to be verified Dangerous comparison value;Bluetooth intelligent card judges whether risk verification data and risk comparison value match, if it is, transaction There is no risks;Otherwise, there are risks for transaction.
In the present embodiment, after merchant tenninal gets smartcard identification, the method for blue-tooth intelligence card control transaction risk It further includes:Merchant tenninal sends smartcard identification to application server, receives from application server and smartcard identification pair The second safe key answered generates data to be verified according to the second safe key, risk verification data.
Correspondingly, data to be verified are generated according to the second safe key, risk verification data, can is specially:Trade company is whole End carries out summary computing to risk verification data and obtains the second digest value, is worth to using the second secure key encryption second summary Data to be verified;
Data to be verified are generated, and can be specially according to the second safe key, risk verification data:Merchant tenninal uses Second secure key encryption risk verification data obtain data to be verified.
Correspondingly, merchant tenninal receive from application server the second safe key corresponding with smartcard identification it Before, it further includes:
Step d1:Merchant tenninal sends merchant identification to application server;
Step d2:Application server encrypts merchant identification using application server private key to obtain the first encryption data;To Merchant tenninal sends the first encryption data and the second random number of itself;
Step d3:Merchant tenninal is decrypted the first encryption data using application server public key to obtain the first decryption number According to;
Step d4:Merchant tenninal judges whether the first ciphertext data and merchant identification match, if so, performing step d5; Otherwise, report an error to Bluetooth intelligent card;
Step d5:The second random number is encrypted using trade company's private key the second encryption data of generation, Xiang Ying in merchant tenninal The second encryption data is sent with server;
Step d6:Application server is decrypted the second encryption data using trade company's public key to obtain the second ciphertext data;
Step d7:Application server judges whether the second ciphertext data and the second random number match, if it is, application clothes Business device obtains the second safe key corresponding with smartcard identification;Otherwise, report an error to merchant tenninal.
In the present embodiment, after merchant tenninal gets smartcard identification, the method for blue-tooth intelligence card control transaction risk It further includes:Merchant tenninal sends smartcard identification to application server, receives from application server and smartcard identification pair Encrypted second safe key answered;Merchant tenninal is decrypted to obtain the second safe key to encrypted second safe key, Computing is encrypted according to the second safe key and risk verification data and generates data to be verified.
Further, merchant tenninal receives encrypted second safety corresponding with smartcard identification from application server Before key, further include:
Step f1:Merchant tenninal sends merchant identification to application server;
Step f2:Application server encrypts merchant identification using application server private key to obtain the first encryption data;To Merchant tenninal sends the first encryption data and the second random number of itself;
Step f3:Merchant tenninal is decrypted the first encryption data using application server public key to obtain the first decryption number According to;
Step f4:Merchant tenninal judges whether the first ciphertext data and merchant identification match, if so, performing step f5; Otherwise, report an error to Bluetooth intelligent card;
Step f5:The second random number is encrypted using trade company's private key the second encryption data of generation, Xiang Ying in merchant tenninal The second encryption data is sent with server;
Step f6:Application server is decrypted the second encryption data using trade company's public key to obtain the second ciphertext data;
Step f7:Application server judges whether the second ciphertext data and the second random number match, if it is, application clothes Business device obtains the second safe key corresponding with smartcard identification, and it is close that encrypted second safety is obtained to the second secure key encryption Key;Otherwise, report an error to merchant tenninal.
In the present embodiment, transaction, which prepares result, to be included:Off line authentication result, processing limitation result, holder's verification result With terminal risk management result;
Step 104 specifically includes:
Step g1:Application record is read in the application that blue-tooth intelligence card initialization has selected;
Step g2:Bluetooth intelligent card carries out off line certification, obtains off line authentication result;
Step g3:Bluetooth intelligent card carries out processing limitation, obtains processing limitation result;
Step g4:Bluetooth intelligent card applies record to verify holder according to what is read, obtains holder's verification As a result;
Step g5:Bluetooth intelligent card carries out terminal risk management, obtains terminal risk management result.
In the present embodiment, it can also include after step g1:Transaction Information of the Bluetooth intelligent card in transaction request is sentenced The disconnected transaction amount whether shown in Transaction Information, if it is not, then performing step g2;If it is, display transaction amount, waits User confirms, if detecting user's confirmation message in the first preset time, performs step g2;If in the first preset time User's confirmation message is not detected, then Bluetooth intelligent card shows error message, refusal transaction, and returns to mistake to merchant tenninal Information;After refusal transaction, further include:Bluetooth intelligent card display refusal Transaction Information.
In the present embodiment, step g4 is specially:Bluetooth intelligent card obtains holder's verification according to the application record read Mode when holder's verification mode is inputs online PIN, prompts user to input online PIN, if being obtained in the second preset time Online PIN input by user is got, then holder is verified, obtains holder's verification result, is verified and tied according to holder Fruit updates terminal authentication result;If not getting online PIN input by user in the second preset time, holder is tested Card unsuccessfully as holder's verification result, updates terminal authentication result according to holder's verification result;It is further included in transaction message Online PIN input by user.
Present embodiments provide a kind of method of blue-tooth intelligence card control transaction risk, Bluetooth intelligent card and merchant tenninal into Before row transaction, request of data to be verified will be obtained and be sent to merchant tenninal;Receive the data to be verified from merchant tenninal;It is blue Tooth smart card judges transaction with the presence or absence of risk according to the first safe key, risk verification data and data to be verified, if so, It is risky to merchant tenninal prompting transaction;Otherwise it is traded with merchant tenninal;Bluetooth intelligent card provided by the invention can be with Merchant tenninal is traded, without completing to merchandise by financial terminal in entire process of exchange, so as to reduce user PIN The risk of the sensitive information leakages such as code or signing messages improves the convenience and security of transaction, and blue-tooth intelligence is stuck in Before starting transaction with merchant tenninal, judge that transaction whether there is risk, be traded again with merchant tenninal after being judged as NO, into One step ensure that the security of transaction.
Embodiment 3
The present embodiment is a kind of side of the blue-tooth intelligence card control transaction risk provided on the basis of based on embodiment 1 Method, as shown in Fig. 2-1, Fig. 2-2 and Fig. 2-3, including:
Step 201:Bluetooth intelligent card establishes bluetooth connection with merchant tenninal;
Trade company's application is installed, merchant tenninal can be, but not limited to move eventually for trade company in the present embodiment, in merchant tenninal End.
Step 202:Merchant tenninal sends transaction request by Bluetooth channels to Bluetooth intelligent card;
Step 203:Bluetooth intelligent card adds according to the first safe key of itself and the First ray number generation first of itself Key;
Specifically, Bluetooth intelligent card uses the first preset algorithm to the first safe key and the First ray of itself of itself Number encryption generation the first encryption key.
In the present embodiment, the first preset algorithm can be, but not limited to as SHA-1.
Such as:Bluetooth intelligent card is using SHA-1 to the first safe key of itself 6363AFD159B2CA634BF9B27AC2B22BB5 and the First ray number of itself 3B9A958131809F48313043522E46543030C4 encryption the first encryption keys of generation 0F7B5DAB1FC0BAD20EE805758B041B93。
Step 204:Bluetooth intelligent card generates the first random number;
Such as:First random number of Bluetooth intelligent card generation is 32CF3E1B0B60B963B7F577FC7D85611F.
Step 205:Bluetooth intelligent card leads to the first random number, the second sequence number of itself and First ray number by bluetooth Road is sent to merchant tenninal;
In the present embodiment, the second sequence number and/or the smartcard identification that First ray number is Bluetooth intelligent card.
For example, Bluetooth intelligent card is by the first random number 32CF3E1B0B60B963B7F577FC7D85611F, itself Two sequence number 92FDB131C2DDCB07 and First ray 3B9A958131809F48313043522E46543030C4 pass through Bluetooth channels are sent to merchant tenninal.
Step 206:Second sequence number and merchant identification are sent to application server by merchant tenninal;
Such as:Merchant tenninal is by the second sequence number 92FDB131C2DDCB0791 and merchant identification 6263646566676831323334353637 are sent to application server.
Step 207:Application server judges whether trade company is registered according to merchant identification, if it is, performing step 208;Otherwise, step 245 is performed;
Step 208:Application server verifies whether trade company's certificate is legal according to CA certificate, if it is, performing step 209;Otherwise, step 245 is performed;
Specifically, application server obtains trade company corresponding with merchant identification certificate, uses the public key verifications in CA certificate Whether the signature in trade company's certificate is legal, if it is, judging that trade company's certificate is legal, then performs step 209;Otherwise, step is performed Rapid 245.
Preferably, application server can obtain when merchant tenninal asks the application of installation trade company and preserve trade company's end Trade company's certificate at end.
Step 209:Application server encrypts merchant identification using application server private key to obtain the first encryption data;It is raw Into the second random number, random number encryption data are obtained to the second random number encryption using application server private key;
Specifically, application server is encrypted to obtain using application server private key according to the second preset algorithm to merchant identification First encryption data;The second random number is generated, the second random number is added using application server private key according to the second preset algorithm It is close to obtain random number encryption data.
In the present embodiment, the second preset algorithm can be, but not limited to as RSA Algorithm.
Such as:Application server uses application server private key (D, N) according to RSA Algorithm
D=158657519BCCAE6AA00ACAD34A8F028C59EB5FDF9905498AE8E5FE F28D137EB9
N=704E326BA1CE9A1A8109A85D88BD3C4C5C4D86AE463CF98D4206A0 913FAADB93 couple Merchant identification 6263646566676831323334353637 is encrypted to obtain the first encryption data 9088D3B0D9EA687AB1DED87E3694E81A892895FC501D32372E8B17F07DB803;Generate the second random number B281F172C8135E92035C2F7C3EA6AB7F;Application server private key (D, N) is used according to RSA Algorithm
D=158657519BCCAE6AA00ACAD34A8F028C59EB5FDF9905498AE8E5FE F28D137EB9
N=704E326BA1CE9A1A8109A85D88BD3C4C5C4D86AE463CF98D4206A0 913FAADB93 couple Second random number encryption obtains random number encryption data 5C33BA2A0DBB740BB1D6F9C448F589C9B6F3580FAF2D8 6D63B8FADD468FBE634。
Step 210:Application server sends the first encryption data and random number encryption data to merchant tenninal;
Step 211:Whether merchant tenninal is legal using CA certificate verification application server certificate, if it is, performing step Rapid 212;Otherwise, step 246 is performed;
Specifically, merchant tenninal obtains application server certificate, is demonstrate,proved using the public key verifications application server in CA certificate Whether the signature in book is legal, if it is, judging that application server certificate is legal, then performs step 212;Otherwise, step is performed Rapid 246.
In the present embodiment, merchant tenninal can obtain when trade company's application is installed and preserve the application of application server Server certificate.
Step 212:Merchant tenninal use application server certificate in application server public key to the first encryption data into Row decryption obtains the first ciphertext data;Using the application server public key in application server certificate to random number encryption data into Row decryption obtains the second random number;
Specifically, merchant tenninal uses the application server public key pair in application server certificate according to the second preset algorithm First encryption data is decrypted to obtain the first ciphertext data;Answering in application server certificate is used according to the second preset algorithm Random number encryption data are decrypted with server public key to obtain the second random number;
Such as:Merchant tenninal uses the application server public key in application server certificate according to the second preset algorithm RSA (E,N)
E=10001
N=04E326BA1CE9A1A8109A85D88BD3C4C5C4D86AE463CF98D4206A09 13FAADB93
To the first encryption data 9088D3B0D9EA687AB1DED87E3694E81A892895FC501D32372E8B17F 07DB803
It is decrypted to obtain the first ciphertext data 6263646566676831323334353637.Merchant tenninal is according to second Preset algorithm RSA uses the application server public key (E, N) in application server certificate
E=10001
N=04E326BA1CE9A1A8109A85D88BD3C4C5C4D86AE463CF98D4206A09 13FAADB93
To random number encryption data 5C33BA2A0DBB740BB1D6F9C448F589C9B6F3580FAF2D86D63B8FA DD468FBE634 is decrypted to obtain the second random number B281F172C8135E92035C2F7C3EA6AB7F.
Step 213:Merchant tenninal judges whether the first ciphertext data and merchant identification match, if it is, performing step 214;Otherwise, step 246 is performed;
For example, merchant tenninal judges the first ciphertext data 6263646566676831323334353637 and merchant identification 6263646566676831323334353637 matchings, perform step 214.
Step 214:Merchant tenninal generates the second encryption data using trade company's private key to the second random number encryption;
Specifically, merchant tenninal adds the second random number encryption generation second using trade company's private key according to the second preset algorithm Ciphertext data.
Such as:Merchant tenninal uses trade company's private key (D, N) according to the second preset algorithm RSA
D=55C486D76A9D825B5690E7A6DE5BA4824451EE1B286EDCE4C84CDF 46947AF9A5
N=7B6FE7C7ECD2D87494312B64B6F2930C8956213C9F8B97EFA27005 91900AE111
The second encryption data of generation is encrypted to the second random number B281F172C8135E92035C2F7C3EA6AB7F FF1E7657E635CDB30B941B2C2C2EB72725AD30BFE276D886166E9FA7D3D054F。
Step 215:Merchant tenninal sends the second encryption data to application server;
Step 216:Application server is decrypted to obtain second using trade company's public key in trade company's certificate to the second encryption data Ciphertext data;
Specifically, application server encrypts number using trade company's public key in trade company's certificate according to the second preset algorithm to second The second ciphertext data is obtained according to decryption;
Such as:Application server uses trade company's public key (E, N) in trade company's certificate according to the second preset algorithm RSA
E=10001
N=7B6FE7C7ECD2D87494312B64B6F2930C8956213C9F8B97EFA27005 91900AE111 couple Second encryption data decrypts to obtain the second ciphertext data B281F172C8135E92035C2F7C3EA6AB7F.
Step 217:Application server judges whether the second ciphertext data and the second random number match, if so, performing step Rapid 218;Otherwise, step 245 is performed;
For example, application server judges the second ciphertext data B281F172C8135E92035C2F7C3EA6AB7F and second Random number B281F172C8135E92035C2F7C3EA6AB7F is matched, and performs step 218.
Step 218:Application server obtains the second safe key corresponding with Bluetooth intelligent card according to the second sequence number;
Such as:Application server obtains corresponding with Bluetooth intelligent card according to the second sequence number 92FDB131C2DDCB0791 Second safe key 6363AFD159B2CA634BF9B27AC2B22BB5.
In the present embodiment, the first safe key and the second safe key are identical.According to the second sequence number in application server Prestore the second safe key corresponding with Bluetooth intelligent card.
Step 219:Application server is encrypted the second safe key using the second random number as the second encryption key Obtain the first secret cryptographic key;
Specifically, application server is pacified using the second random number as the second encryption key according to the 3rd preset algorithm to second Full key is encrypted to obtain the first secret cryptographic key;
Preferably, the 3rd preset algorithm can be, but not limited to as 3DES algorithms.
Such as:Application server adds the second random number B281F172C8135E92035C2F7C3EA6AB7F as second Key carries out the second safe key 6363AFD159B2CA634BF9B27AC2B22BB5 according to the 3rd preset algorithm 3DES Encryption obtains the first secret cryptographic key 8C414A5DEF1F52FE555675FEDDA8FAFB;
Step 220:Application server sends the first secret cryptographic key to merchant tenninal;
Step 221:Merchant tenninal is decrypted the first secret cryptographic key using the second random number as decruption key, obtains To the second safe key;
Specifically, merchant tenninal encrypts the first safety according to the 3rd preset algorithm using the second random number as decruption key Key is decrypted, and obtains the second safe key;
Preferably, the 3rd preset algorithm can be, but not limited to as 3DES algorithms.
Such as:Merchant tenninal is using the second random number B281F172C8135E92035C2F7C3EA6AB7F as decruption key The first secret cryptographic key 8C414A5DEF1F52FE555675FEDDA8FAFB is solved according to the 3rd preset algorithm 3DES It is close, obtain the second safe key 6363AFD159B2CA634BF9B27AC2B22BB5.
Step 222:First ray number generation second of the merchant tenninal according to the second safe key and from Bluetooth intelligent card Encryption key;
Specifically, merchant tenninal using the first preset algorithm to the second safe key and the first sequence from Bluetooth intelligent card Row number generates the second encryption key.
Such as:Merchant tenninal is using SHA-1 algorithms to the second safe key 6363AFD159B2CA634BF9B27AC2B22BB5 and the First ray number from Bluetooth intelligent card 3B9A958131809F48313043522E46543030C4 encryption the second encryption keys of generation 0F7B5DAB1FC0BAD20EE805758B041B93。
Step 223:Merchant tenninal is encrypted the first random number from Bluetooth intelligent card using the second encryption key Obtain the first fiducial value;
Specifically, merchant tenninal uses the second encryption key to first from Bluetooth intelligent card according to the 3rd preset algorithm Random number is encrypted to obtain the first fiducial value.
In the present embodiment, the 3rd preset algorithm can be, but not limited to as 3DES algorithms.
Such as:Merchant tenninal uses the second encryption key according to the 3rd preset algorithm 0F7B5DAB1FC0BAD20EE805758B041B93 is to the first random number from Bluetooth intelligent card 32CF3E1B0B60B963B7F577FC7D85611F is encrypted to obtain the first fiducial value CA3EE77981C900A1FC2491872EFB9347。
Step 224:Merchant tenninal sends the first fiducial value by Bluetooth channels to Bluetooth intelligent card;
In the present embodiment, the first fiducial value is a specific example of the data to be verified in embodiment 1.
Step 225:Bluetooth intelligent card is encrypted the first random number using the first encryption key to obtain the second fiducial value, Judge whether the first fiducial value and the second fiducial value match, if it is, performing step 226;Otherwise, refusal transaction;
Specifically, Bluetooth intelligent card is encrypted the first random number using the first encryption key according to the 3rd preset algorithm The second fiducial value is obtained, judges whether the first fiducial value and the second fiducial value match, if it is, performing step 226;Otherwise, Refusal transaction.
Such as:Bluetooth intelligent card uses the first encryption key according to the 3rd preset algorithm 3DES 0F7B5DAB1FC0BAD20EE805758B041B93 is to the first random number 32CF3E1B0B60B963B7F577FC7D85611F It is encrypted to obtain the second fiducial value, judges the ratios of the first fiducial value CA3EE77981C900A1FC2491872EFB9347 and second It is matched compared with value CA3EE77981C900A1FC2491872EFB9347, then performs step 226.
In the present embodiment, step 225 may be replaced with:Bluetooth intelligent card judges the first fiducial value and the second fiducial value Whether match, if it is, performing step 226;Otherwise, refusal transaction;Correspondingly, Bluetooth intelligent card can also be in step 204 Afterwards, further included before step 225:Bluetooth intelligent card is encrypted to obtain second using the first encryption key to random number to be compared Value.
Step 226:Bluetooth intelligent card obtains Transaction Information from transaction request;
Step 227:Bluetooth intelligent card selects to apply according to transaction request;
Specifically, type of transaction selection application of the Bluetooth intelligent card in transaction request.
In the present embodiment, type of transaction can be on-line transaction, such as:Main account remaining sum is looked into, consumes, transfers accounts, load etc..
Step 228:The application that blue-tooth intelligence card initialization has selected;
Step 229:Bluetooth intelligent card reads application record;
Step 230:Bluetooth intelligent card carries out off line certification;
Specifically, Bluetooth intelligent card carries out off line certification according to the off line authentication mode of itself.
In the present embodiment, off line authentication mode is static certification or dynamic authentication or hybrid authentication.
Step 231:Bluetooth intelligent card carries out processing limitation;
Step 232:Bluetooth intelligent card verifies holder;
Specifically, Bluetooth intelligent card verifies holder according to holder's authentication mode.
In the present embodiment, holder's authentication mode includes:Off line plaintext PIN is verified;Online PIN verifications;Signature;CVM loses It loses;Without CVM;Signature is combined with off line plaintext PIN verifications;A variety of methods such as off line ciphertext PIN verifications.
Step 233:Bluetooth intelligent card carries out terminal risk management;
Step 234:Bluetooth intelligent card carries out behavioural analysis, sets Trading Authorization result;
Specifically, Bluetooth intelligent card is according to off line authentication result, processing limitation result, holder's verification result and risk pipe Reason result carries out behavioural analysis, if setting Trading Authorization as a result, behavioural analysis result is authorization requests ciphertext (ARQC), by friendship Easy Authorization result is arranged to on-line transaction, performs step 235;If behavioural analysis result is application authorization ciphertext (AAC), will hand over Easy Authorization result is arranged to refusal transaction.
For example, Bluetooth intelligent card is according to off line authentication result, processing limitation result, holder's verification result and risk management As a result behavioural analysis is carried out, behavioural analysis result authorization requests ciphertext (ARQC) is obtained, according to behavioural analysis as a result, transaction is awarded Power result is arranged to on-line transaction " 0x02 ".
Step 235:Bluetooth intelligent card includes Transaction Information and Trading Authorization knot by Bluetooth channels to merchant tenninal transmission The transaction message of fruit;
Specifically, Bluetooth intelligent card tissue includes the transaction message of Transaction Information and Trading Authorization result, is led to by bluetooth Road includes the transaction message of Transaction Information and Trading Authorization result to merchant tenninal transmission.
Such as:After Bluetooth intelligent card tissue includes the transaction message of Transaction Information and Trading Authorization result, obtained transaction Message is:02 95 05 08 80 00 00 00 9a 03 15 12 24 9f 37 04 cb b9 32 b3 82 02 7c 00 9f 36 02 00 3b 9f 27 01 80 9f 26 08 b7 63 29 74 b0 98 77 92 9f 10 08 07 01 01 03 a4 b8 04 01 9f 34 03 41 03 02 9f 41 04 00 00 00 03 84 07 a0 00 00 03 33 01 01 9f 09 02 00 8c 9c 01 31 5f 2a 02 01 56 9f 1a 02 01 56 9f 03 06 00 00 00 00 00 00 9f 33 03 a0 c8 c8 9f 35 01 34 9f 1e 08 00 00 00 00 00 00 00 00 9f 02 06 00 00 00 00 00 00.Wherein, first character section " 02 " is Trading Authorization as a result, representing on-line transaction;“9f 02 06 00 00 00 00 00 00 " it is transaction amount, it is 0 yuan to represent transaction amount;" 9a 03 15 12 24 " be trade date, table It is on December 24th, 2015 to show trade date.
It should be noted that if Bluetooth intelligent card tests holder according to online PIN verification modes in step 232 It demonstrate,proves, the online PIN code input by user that Bluetooth intelligent card is got is further included in transaction message.
Step 236:Merchant tenninal is according to the online message of transaction message tissue;
Step 237:Online message is sent to trading server by merchant tenninal;
Step 238:Trading server carries out risk management according to online message, obtains risk management result;
Step 239:Trading server is according to the transaction response of risk management result tissue;
Step 240:Trading server sends transaction response to merchant tenninal;
Step 241:Merchant tenninal sends transaction response by Bluetooth channels to Bluetooth intelligent card;
Step 242:Bluetooth intelligent card is according to transaction response generation transaction record;
Step 243:Bluetooth intelligent card sends transaction record by Bluetooth channels to merchant tenninal;
Step 244:Merchant tenninal completes transaction according to transaction record.
Step 245:Application server reports an error to merchant tenninal;
Step 246:Merchant tenninal reports an error to Bluetooth intelligent card, closes the trade;
Step 247:Blue-tooth intelligence Card Rejections are merchandised.
In the present embodiment, to further improve the security that Bluetooth intelligent card is traded, step 206 can also replace For:Second sequence number, merchant identification and the first random number are sent to application server by merchant tenninal;Correspondingly, step 218 it Afterwards, application server can also according to the second safe key and the First ray number from Bluetooth intelligent card generation second encryption it is close Key;The first random number from merchant tenninal is encrypted to obtain the first fiducial value using the second encryption key;It is whole to trade company End sends the first fiducial value, and merchant tenninal continues to execute step 224.
Correspondingly, in step 206, merchant tenninal can also use application server public key and the second sequence number, trade company marked Know and the first random number is encrypted, encrypted second sequence number, merchant identification and the first random number are sent to using clothes Be engaged in device, correspondingly, application server use application server private key pair encryption after the second sequence number, merchant identification and first with Machine number is decrypted to obtain the second sequence number, merchant identification and the first random number.
In the present embodiment, it can also include after step 228:Transaction Information of the Bluetooth intelligent card in transaction request is sentenced The disconnected transaction amount whether shown in Transaction Information, if it is not, then performing step 229;If it is, display transaction amount, etc. It treats that user confirms, if detecting user's confirmation message in the first preset time, performs step 229;If when first is default Interior not detect user's confirmation message, then Bluetooth intelligent card shows error message, refusal transaction, and is returned to merchant tenninal Error message;After refusal transaction, further include:Bluetooth intelligent card display refusal Transaction Information.
In the present embodiment, step 232 is specially:If Bluetooth intelligent card obtains holder according to the application record read and tests Card mode then prompts user to input online PIN, if in the second preset time to input holder's verification mode of online PIN Online PIN input by user is got, then holder is tested according to the holder's authentication mode for including inputting online PIN Card obtains holder's verification result, updates terminal authentication result according to holder's verification result;If do not have in the second preset time Online PIN input by user is got, then holder's verification result is holder's authentication failed, according to holder's verification result Update terminal authentication result;
Correspondingly, online PIN input by user is further included in the transaction message sent in step 235.
Embodiment 4
The present embodiment is the method for a kind of blue-tooth intelligence card control transaction risk provided based on embodiment 1, as Fig. 3-1, Shown in Fig. 3-2 and Fig. 3-3, including:
Step 301:Bluetooth intelligent card establishes bluetooth connection with merchant tenninal;
Trade company's application is installed, merchant tenninal can be, but not limited to move eventually for trade company in the present embodiment, in merchant tenninal End.
Step 302:Merchant tenninal sends transaction request by Bluetooth channels to Bluetooth intelligent card;
Step 303:Bluetooth intelligent card generates the 3rd random number;
For example, Bluetooth intelligent card generates the 3rd random number E960CDE18F5AD84842470BC6E615DF7F.
Step 304:Bluetooth intelligent card leads to the 3rd random number, the second sequence number of itself and First ray number by bluetooth Road is sent to merchant tenninal;
For example, Bluetooth intelligent card is by the 3rd random number E960CDE18F5AD84842470BC6E615DF7F, itself Two sequence number 92FDB131C2DDCB07 and First ray 3B9A958131809F48313043522E46543030C4 pass through Bluetooth channels are sent to merchant tenninal.
Step 305:Second sequence number and merchant identification are sent to application server by merchant tenninal;
Such as:Merchant tenninal is by the second sequence number 92FDB131C2DDCB0791 and merchant identification 6263646566676831323334353637 are sent to application server.
In the present embodiment, merchant identification can be, but not limited to the handset serial for merchant tenninal.
Step 306:Application server judges whether trade company is registered according to merchant identification, if it is, performing step 307;Otherwise, step 344 is performed;
Step 307:Application server verifies whether trade company's certificate is legal according to CA certificate, if it is, performing step 308;Otherwise, step 344 is performed;
Specifically, application server obtains trade company corresponding with merchant identification certificate, uses the public key verifications in CA certificate Whether the signature in trade company's certificate is legal, if it is, judging that trade company's certificate is legal, performs step 308;Otherwise, step is performed 344。
Preferably, application server can obtain when merchant tenninal asks the application of installation trade company and preserve trade company's end Trade company's certificate at end.
Step 308:Application server encrypts merchant identification using application server private key to obtain the first encryption data;It is raw Into the second random number, random number encryption data are obtained to the second random number encryption using application server private key;
Specifically, application server is encrypted to obtain using application server private key according to the second preset algorithm to merchant identification First encryption data;The second random number is generated, the second random number is added using application server private key according to the second preset algorithm It is close to obtain random number encryption data.
In the present embodiment, the second preset algorithm can be, but not limited to as RSA Algorithm.
Such as:Application server uses application server private key (D, N) according to RSA Algorithm
D=158657519BCCAE6AA00ACAD34A8F028C59EB5FDF9905498AE8E5FE F28D137EB9
N=704E326BA1CE9A1A8109A85D88BD3C4C5C4D86AE463CF98D4206A0 913FAADB93 couple Merchant identification 6263646566676831323334353637 is encrypted to obtain the first encryption data 9088D3B0D9EA687AB1DED87E3694E81A892895FC501D32372E8B17F07DB803;Generate the second random number B281F172C8135E92035C2F7C3EA6AB7F;Application server private key (D, N) is used according to RSA Algorithm
D=158657519BCCAE6AA00ACAD34A8F028C59EB5FDF9905498AE8E5FE F28D137EB9
N=704E326BA1CE9A1A8109A85D88BD3C4C5C4D86AE463CF98D4206A0 913FAADB93 couple Second random number encryption obtains random number encryption data.
Step 309:Application server sends the first encryption data and random number encryption data to merchant tenninal;
Step 310:Whether merchant tenninal is legal using CA certificate verification application server certificate, is to perform step 311; Otherwise, step 345 is performed;
Specifically, merchant tenninal obtains application server certificate, is demonstrate,proved using the public key verifications application server in CA certificate Whether the signature in book is legal, if it is, judging that application server certificate is legal, then performs step 311;Otherwise, step is performed Rapid 345.
In the present embodiment, merchant tenninal can obtain when trade company's application is installed and preserve the application of application server Server certificate.
Step 311:Merchant tenninal use application server certificate in application server public key to the first encryption data into Row decryption obtains the first ciphertext data;Using the application server public key in application server certificate to random number encryption data into Row decryption obtains the second random number;
Specifically, merchant tenninal uses the application server public key pair in application server certificate according to the second preset algorithm First encryption data is decrypted to obtain the first ciphertext data;Answering in application server certificate is used according to the second preset algorithm Random number encryption data are decrypted with server public key to obtain the second random number;
Such as:Merchant tenninal uses the application server public key in application server certificate according to the second preset algorithm RSA (E,N)
E=10001
N=04E326BA1CE9A1A8109A85D88BD3C4C5C4D86AE463CF98D4206A09 13FAADB93
To the first encryption data 9088D3B0D9EA687AB1DED87E3694E81A892895FC501D32372E8B17F 07DB803
It is decrypted to obtain the first ciphertext data 6263646566676831323334353637.Merchant tenninal is according to second Preset algorithm RSA uses the application server public key (E, N) in application server certificate
E=10001
N=04E326BA1CE9A1A8109A85D88BD3C4C5C4D86AE463CF98D4206A09 13FAADB93
Random number encryption data are decrypted to obtain the second random number B281F172C8135E92035C2F7C3EA6AB7F.
Step 312:Merchant tenninal judges whether the first ciphertext data and merchant identification match, if it is, performing step 313;Otherwise, step 345 is performed;
For example, merchant tenninal judges the first ciphertext data 6263646566676831323334353637 and merchant identification 6263646566676831323334353637 matchings, perform step 313.
Step 313:Merchant tenninal generates the second encryption data using trade company's private key to the second random number encryption;
Specifically, merchant tenninal adds the second random number encryption generation second using trade company's private key according to the second preset algorithm Ciphertext data.
Such as:Merchant tenninal uses trade company's private key (D, N) according to the second preset algorithm RSA
D=55C486D76A9D825B5690E7A6DE5BA4824451EE1B286EDCE4C84CDF 46947AF9A5
N=7B6FE7C7ECD2D87494312B64B6F2930C8956213C9F8B97EFA27005 91900AE111
The second encryption data of generation is encrypted to the second random number B281F172C8135E92035C2F7C3EA6AB7F FF1E7657E635CDB30B941B2C2C2EB72725AD30BFE276D886166E9FA7D3D054F。
Step 314:Merchant tenninal sends the second encryption data to application server;
Step 315:Application server is decrypted to obtain second using trade company's public key in trade company's certificate to the second encryption data Ciphertext data;
Specifically, application server encrypts number using trade company's public key in trade company's certificate according to the second preset algorithm to second The second ciphertext data is obtained according to decryption;
Such as:Application server uses trade company's public key (E, N) in trade company's certificate according to the second preset algorithm RSA
E=10001
N=7B6FE7C7ECD2D87494312B64B6F2930C8956213C9F8B97EFA27005 91900AE111 couple Second encryption data decrypts to obtain the second ciphertext data B281F172C8135E92035C2F7C3EA6AB7F.
Step 316:Application server judges whether the second ciphertext data and the second random number match, if so, performing step Rapid 317;Otherwise, step 344 is performed;
For example, application server judges the second ciphertext data B281F172C8135E92035C2F7C3EA6AB7F and second Random number B281F172C8135E92035C2F7C3EA6AB7F is matched, and performs step 317.
Step 317:Application server obtains the second safe key corresponding with Bluetooth intelligent card according to the second sequence number;
Such as:The second safe key corresponding with Bluetooth intelligent card that application server is got according to the second sequence number is Public key (E, N) in Bluetooth intelligent card:E=10001
N=537F07C5A22F7A624B4418918F50F4024FAC024EE4C864F418FB20 B5D062240F.
In the present embodiment, the second safe key is public key corresponding with the private key in Bluetooth intelligent card.In application server Prestore the second safe key corresponding with Bluetooth intelligent card.
Step 318:Application server is encrypted the second safe key using the second random number as the second encryption key Obtain the second secret cryptographic key;
Specifically, application server is pacified using the second random number as the second encryption key according to the 3rd preset algorithm to second Full key is encrypted to obtain the second secret cryptographic key;
Preferably, the 3rd preset algorithm can be, but not limited to as 3DES algorithms.
For example, application server is using the second random number as the second encryption key B281F172C8135E92035C2F7C3EA6AB7F is encrypted the second safe key according to the 3rd preset algorithm 3DES To the second secret cryptographic key;
Step 319:Application server sends the second secret cryptographic key to merchant tenninal;
Step 320:Merchant tenninal is decrypted the second secret cryptographic key using the second random number as decruption key, obtains To the second safe key;
Step 321:Merchant tenninal obtains the second digest value according to the 3rd random number and First ray number, uses the second safety The second digest value is encrypted in key, obtains the 3rd encryption data;
Specifically, merchant tenninal is carried out being calculated second and plucked according to digest algorithm to the 3rd random number and First ray number It is worth, using the second safe key the second digest value is encrypted to obtain the 3rd encryption data according to the second preset algorithm.
For example, merchant tenninal according to digest algorithm sha-1 to the 3rd random number E960CDE18F5AD84842470BC6E615DF7F and First ray number 3B9A958131809F48313043522E46543030C4 carries out that the second digest value is calculated 0C358066D93C574F42F1EB2C74B3BF6745E7800A is used according to the second preset algorithm RSA in Bluetooth intelligent card Public key (E, N):E=10001
N=537F07C5A22F7A624B4418918F50F4024FAC024EE4C864F418FB20 B5D062240F.
Second digest value 0C358066D93C574F42F1EB2C74B3BF6745E7800A is encrypted to obtain the 3rd Encryption data 2F94F70669744789A6197BB281B7C242DE171CDA7C7E480E716D972B F9F834A9.
Step 322:3rd encryption data is sent to Bluetooth intelligent card by merchant tenninal by Bluetooth channels;
In the present embodiment, the 3rd encryption data is a specific example of the data to be verified in embodiment 1.
Step 323:Bluetooth intelligent card obtains the first digest value according to the 3rd random number and First ray number;Using itself The 3rd encryption data of first secure key decryption obtains the second digest value;
In the present embodiment, the first safe key is the private key in Bluetooth intelligent card.Second digest value is the wind in embodiment 1 One specific example of dangerous comparison value.
Specifically, Bluetooth intelligent card carries out being calculated first according to digest algorithm to the 3rd random number and First ray number Digest value;Second digest value is obtained using the 3rd encryption data of the first secure key decryption of itself according to the second preset algorithm.
Such as:Bluetooth intelligent card is according to digest algorithm sha-1 to the 3rd random number E960CDE18F5AD84842470BC6E615DF7F and First ray number 3B9A958131809F48313043522E46543030C4 carries out that the first digest value is calculated 0C358066D93C574F42F1EB2C74B3BF6745E7800A, according to the second preset algorithm RSA using itself private key (N, D)
N=537F07C5A22F7A624B4418918F50F4024FAC024EE4C864F418FB20 B5D062240F
D=2E7AAE56E3FBCE02DDA7208E16DB9798F6B00961896041EDC914D5 733E3646F1 are solved Close 3rd encryption data 2F94F70669744789A6197BB281B7C242DE171CDA7C7E480E716D972B F9F834A 9 obtain the second digest value 0C358066D93C574F42F1EB2C74B3BF6745E7800A.
Step 324:Bluetooth intelligent card judges whether the first digest value and the second digest value match, if it is, performing Step 325;Otherwise, refusal transaction;
Such as:Bluetooth intelligent card judges the first digest value and the second digest values match, performs step 325.
Step 325:Bluetooth intelligent card obtains Transaction Information from transaction request;
Step 326:Bluetooth intelligent card selects to apply according to transaction request;
Specifically, type of transaction selection application of the Bluetooth intelligent card in transaction request.
In the present embodiment, type of transaction can be on-line transaction, such as:Main account remaining sum is looked into, consumes, transfers accounts, load etc..
Step 327:The application that blue-tooth intelligence card initialization has selected;
Step 328:Bluetooth intelligent card reads application record;
Step 329:Bluetooth intelligent card carries out off line certification;
Specifically, Bluetooth intelligent card carries out off line certification according to the off line authentication mode of itself.
In the present embodiment, off line authentication mode is static certification or dynamic authentication or hybrid authentication.
Step 330:Bluetooth intelligent card carries out processing limitation;
Step 331:Bluetooth intelligent card verifies holder;
Specifically, Bluetooth intelligent card verifies holder according to holder's authentication mode.
In the present embodiment, holder's authentication mode includes:Off line plaintext PIN is verified;Online PIN verifications;Signature;CVM loses It loses;Without CVM;Signature is combined with off line plaintext PIN verifications;A variety of methods such as off line ciphertext PIN verifications.
Step 332:Bluetooth intelligent card carries out terminal risk management;
Step 333:Bluetooth intelligent card carries out behavioural analysis, sets Trading Authorization result;
Specifically, Bluetooth intelligent card is according to off line authentication result, processing limitation result, holder's verification result and terminal wind Danger management result carry out behavioural analysis, if obtain behavioural analysis as a result, behavioural analysis result be authorization requests ciphertext (ARQC), Trading Authorization result is arranged to on-line transaction;If behavioural analysis result is application authorization ciphertext (AAC), by Trading Authorization knot Fruit is arranged to refusal transaction.
For example, Bluetooth intelligent card is according to off line authentication result, processing limitation result, holder's verification result and terminal risk It manages result and carries out behavioural analysis, obtain behavioural analysis result authorization requests ciphertext (ARQC), according to behavioural analysis as a result, will hand over Easy Authorization result is arranged to on-line transaction " 0x02 ".
Step 334:Bluetooth intelligent card includes Transaction Information and Trading Authorization knot by Bluetooth channels to merchant tenninal transmission The transaction message of fruit;
Specifically, Bluetooth intelligent card tissue includes the transaction message of Transaction Information and Trading Authorization result, is led to by bluetooth Road includes the transaction message of Transaction Information and Trading Authorization result to merchant tenninal transmission.
Such as:After Bluetooth intelligent card tissue includes the transaction message of Transaction Information and Trading Authorization result, obtained transaction Message is:02 95 05 08 80 00 00 00 9a 03 15 12 24 9f 37 04 cb b9 32 b3 82 02 7c 00 9f 36 02 00 3b 9f 27 01 80 9f 26 08 b7 63 29 74 b0 98 77 92 9f 10 08 07 01 01 03 a4 b8 04 01 9f 34 03 41 03 02 9f 41 04 00 00 00 03 84 07 a0 00 00 03 33 01 01 9f 09 02 00 8c 9c 01 31 5f 2a 02 01 56 9f 1a 02 01 56 9f 03 06 00 00 00 00 00 00 9f 33 03 a0 c8 c8 9f 35 01 34 9f 1e 08 00 00 00 00 00 00 00 00 9f 02 06 00 00 00 00 00 00.Wherein, first character section " 02 " is Trading Authorization as a result, representing on-line transaction;“9f 02 06 00 00 00 00 00 00 " it is transaction amount, it is 0 yuan to represent transaction amount;" 9a 03 15 12 24 " be trade date, table It is on December 24th, 2015 to show trade date.
It should be noted that if Bluetooth intelligent card verifies holder according to online PIN verification modes in step 331 When, the online PIN code input by user that Bluetooth intelligent card is got is further included in transaction message.
Step 335:Merchant tenninal is according to the online message of transaction message tissue;
Step 336:Online message is sent to trading server by merchant tenninal;
Step 337:Trading server carries out risk management according to online message, obtains risk management result;
Step 338:Trading server is according to the transaction response of risk management result tissue;
Step 339:Trading server sends transaction response to merchant tenninal;
Step 340:Merchant tenninal sends transaction response by Bluetooth channels to Bluetooth intelligent card;
Step 341:Bluetooth intelligent card is according to transaction response generation transaction record;
Step 342:Bluetooth intelligent card sends transaction record by Bluetooth channels to merchant tenninal;
Step 343:Merchant tenninal completes transaction according to transaction record.
Step 344:Application server reports an error to merchant tenninal;
Step 345:Merchant tenninal reports an error to Bluetooth intelligent card, closes the trade;
Step 346:Blue-tooth intelligence Card Rejections are merchandised.
In the present embodiment, step 321 may be replaced by:Merchant tenninal using the second safe key to the 3rd random number and First ray number is encrypted, and obtains the 3rd encryption data, performs step 322;
Correspondingly:Step 323 replaces with:Bluetooth intelligent card uses the 3rd encryption data of the first secure key decryption of itself Obtain random number fiducial value and First ray fiducial value;
In the present embodiment, Bluetooth intelligent card is obtained random using the 3rd encryption data of the first secure key decryption of itself Number fiducial value and another specific example that First ray fiducial value is the risk comparison value in embodiment 1.
Step 324 replaces with:Bluetooth intelligent card judges random number fiducial value and whether the 3rd random number matches and first Whether sequence number fiducial value and First ray number match, if it is, performing step 325;Otherwise, refusal transaction.
In the present embodiment, it can also include after step 328:Transaction Information of the Bluetooth intelligent card in transaction request is sentenced The disconnected transaction amount whether shown in Transaction Information, if it is not, then performing step 329;If it is, display transaction amount, etc. It treats that user confirms, if detecting user's confirmation message in the first preset time, performs step 329;If when first is default Interior not detect user's confirmation message, then Bluetooth intelligent card shows error message, refusal transaction, and is returned to merchant tenninal Error message;After refusal transaction, further include:Bluetooth intelligent card display refusal Transaction Information.
In the present embodiment, step 331 is specially:If Bluetooth intelligent card obtains holder according to the application record read and tests Card mode then prompts user to input online PIN, if in the second preset time to input holder's verification mode of online PIN Online PIN input by user is got, then holder is tested according to the holder's authentication mode for including inputting online PIN Card obtains holder's verification result, updates terminal authentication result according to holder's verification result;If do not have in the second preset time Online PIN input by user is got, then holder's verification result is holder's authentication failed, according to holder's verification result Update terminal authentication result;
Correspondingly, online PIN input by user is further included in the transaction message sent in step 334.
In the present embodiment, after application server is judged as YES in step 307, step 401 can also carry out;
Step 401:Application server encrypts merchant identification using application server private key to obtain the first encryption data;It is raw Into the second random number;
Step 402:Application server sends the first encryption data and the second random number to merchant tenninal;
Step 403:Whether merchant tenninal is legal using CA certificate verification application server certificate, if it is, performing step Rapid 404;Otherwise, step 345 is performed;
Step 404:Merchant tenninal use application server certificate in application server public key to the first encryption data into Row decryption obtains the first ciphertext data;
Step 405:Merchant tenninal judges whether the first ciphertext data and merchant identification match, if it is, performing step 406;Otherwise, step 345 is performed;
Step 406:Merchant tenninal generates the second encryption data using trade company's private key to the second random number encryption;
Step 407:Merchant tenninal sends the second encryption data to application server;
Step 408:Application server is decrypted to obtain second using trade company's public key in trade company's certificate to the second encryption data Ciphertext data;
Step 409:Application server judges whether the second ciphertext data and the second random number match, if so, performing step Rapid 410;Otherwise, step 344 is performed;
Step 410:Application server obtains the second safe key corresponding with Bluetooth intelligent card according to the second sequence number;To Merchant tenninal sends the second safe key, and merchant tenninal performs step 321.
Embodiment 5
A kind of Bluetooth intelligent card is present embodiments provided, as shown in figure 4, including:First link block 01, first receives mould Block 02, first choice application module 03, first merchandise preparation module 04, the first behavior analysis module 05, the first sending module 06, Second receiving module 07, the first trades record module 08, the second sending module 09 and the first risk authentication module 10;
First link block 01, for establishing bluetooth connection with merchant tenninal;
First receiving module 02, for receiving the request from merchant tenninal by Bluetooth channels;
First choice application module 03, the transaction request for being received according to the first receiving module 02 select application;
First transaction preparation module 04 after the selection application of first choice application module 03, is traded and prepares Prepare result to transaction;
First behavior analysis module 05, the transaction for being obtained according to the first transaction preparation module 04 prepare result into every trade For analysis, Trading Authorization result is obtained;
First sending module 06 sends transaction message for passing through Bluetooth channels to merchant tenninal, and transaction message includes Transaction in the transaction request that the Trading Authorization result and the first receiving module 02 that first behavior analysis module 05 obtains receive Information;
Second receiving module 07, for receiving the transaction response from merchant tenninal by Bluetooth channels;
First trades record module 08, for the transaction response generation transaction note received according to the second receiving module 07 Record;
Second sending module 09 sends the generation of the first trades record module 08 for passing through Bluetooth channels to merchant tenninal Transaction record;
First risk authentication module 10, for after the first receiving module 02 receives transaction request, when the first transaction is accurate Standby module 04 is traded before preparation, judges current transaction with the presence or absence of risk;If it is, it prompts to merchandise to merchant tenninal It is risky;Otherwise, continuous business.
The Bluetooth intelligent card provided in the present embodiment, further includes:Second risk authentication module;
Second risk authentication module specifically includes:First transmitting element, the first receiving unit, the first authentication unit and first Returning unit;
First transmitting element, during for receiving the risk checking request from merchant tenninal when the first receiving module 02, Request of data to be verified will be obtained and be sent to merchant tenninal;It obtains request of data to be verified and includes the risk of Bluetooth intelligent card and test Demonstrate,prove data;
First receiving unit, for receiving the data to be verified from merchant tenninal;
First authentication unit, for the first safe key, the risk verification number of Bluetooth intelligent card according to Bluetooth intelligent card Judge transaction with the presence or absence of risk according to the data to be verified received with the first receiving unit;
First returning unit, for after the first authentication unit is judged as YES, merchandising to merchant tenninal prompting risky;When After first authentication unit is judged as NO, start to merchandise to merchant tenninal prompting;
First risk authentication module 10, specifically for after the first receiving module 02 receives transaction request, first merchandises Preparation module 04 is traded before preparation, judges whether the first authentication unit is verified by risk, if it is, judging current There is no risks for transaction;Otherwise, judge that there are risks for current transaction.
Further, the Bluetooth intelligent card provided in the present embodiment further includes the first setup module;
First setup module, for after the first authentication unit is judged as NO, set safety corresponding with merchant tenninal to be handed over Easy flag bit;
First risk authentication module 10, specifically for after the first receiving module 02 receives transaction request, first merchandises Preparation module 04 is traded before preparation, detects whether Secure Transaction flag bit corresponding with merchant tenninal is set, if It is then to judge to verify by risk, otherwise, judgement is not verified by risk.
Further, the Bluetooth intelligent card provided in the present embodiment, further includes:First detection module;
First detection module, for when the first transmitting element will obtain request of data to be verified be sent to merchant tenninal it Before, detect whether Secure Transaction flag bit corresponding with merchant tenninal is set, if it is, continuous business;
First transmitting element, specifically for work as first detection module be detected as it is no after, request of data to be verified hair will be obtained Give merchant tenninal;Obtaining request of data to be verified includes the risk verification data of Bluetooth intelligent card.
In the present embodiment, the Bluetooth intelligent card that is provided in the present embodiment further includes and powers on module and lower electric module;
Module is powered on, is powered on for Bluetooth intelligent card;Lower electricity module, for electric under Bluetooth intelligent card;
First setup module is additionally operable to when power on module after the power is turned on and/or under lower electric module before electricity, is resetted and merchant tenninal Corresponding Secure Transaction flag bit.
In the present embodiment, the first risk authentication module 10 can also specifically include:
First transmitting element, the first receiving unit and the first authentication unit;
First transmitting element is sent to merchant tenninal for that will obtain request of data to be verified;Obtaining data to be verified please Asking includes the risk verification data of Bluetooth intelligent card;
First receiving unit, for receiving the data to be verified from merchant tenninal;
First authentication unit, for the first safe key, the risk verification number of Bluetooth intelligent card according to Bluetooth intelligent card Judge transaction with the presence or absence of risk according to the data to be verified received with the first receiving unit.
Further, the Bluetooth intelligent card provided in the present embodiment, further includes:Second setup module and the second detection mould Block;
Second setup module, for after the first authentication unit is judged as NO, set safety corresponding with merchant tenninal to be handed over Easy flag bit;
Second detection module, for when the first transmitting element will obtain request of data to be verified be sent to merchant tenninal it Before, detect whether Secure Transaction flag bit corresponding with merchant tenninal is set, if it is, continuous business;
First transmitting element, specifically for work as first detection unit be detected as it is no after, request of data to be verified hair will be obtained Give merchant tenninal;Obtaining request of data to be verified includes the risk verification data of Bluetooth intelligent card.
Further, the Bluetooth intelligent card provided in the present embodiment further includes and powers on module and lower electric module;
Module is powered on, is powered on for Bluetooth intelligent card;Lower electricity module, for electric under Bluetooth intelligent card;
Second setup module is additionally operable to, when power on module after the power is turned on and/or under lower electric module before electricity, reset Secure Transaction mark Will position.
In the present embodiment, risk verification data include:Smartcard identification and/or random number;
When risk, which is verified, does not include smartcard identification in data, the first transmitting element is additionally operable to pass through smartcard identification Bluetooth channels are sent to merchant tenninal.
In the present embodiment, the first authentication unit can be specifically used for the first safe key and wind according to Bluetooth intelligent card Danger verification data are encrypted computing and obtain the second fiducial value;Judge the data to be verified and second that the first receiving unit receives Whether fiducial value matches, if it is, there is no risks for transaction;Otherwise, there are risks for transaction.
In the present embodiment, the first authentication unit can also be specifically used for the first safe key solution using Bluetooth intelligent card The data to be verified that close first receiving unit receives obtain risk comparison value, and summary computing is carried out to risk verification data The first digest value is obtained, judges whether the first digest value and risk comparison value match, if it is, there is no wind for transaction Danger;Otherwise, there are risks for transaction.
In the present embodiment, the first authentication unit, and the first safe key solution using Bluetooth intelligent card can be specifically used for It is close to state the data to be verified that the first receiving unit receives and obtain risk comparison value;Bluetooth intelligent card judges Bluetooth intelligent card Risk verification data and risk comparison value whether match, if it is, transaction is there is no risk;Otherwise, transaction exists Risk.
In the present embodiment, transaction, which prepares result, to be included:Off line authentication result, processing limitation result, holder's verification result With terminal risk management result;
First transaction preparation module 04 specifically includes:Read record unit, off line authentication unit handle limiting unit, hold People's authentication unit, terminal risk management unit;
Read record unit for initializing the application that first choice application module 03 has selected, reads application record;
Off line authentication unit for carrying out off line certification, obtains off line authentication result;
Limiting unit is handled, for carrying out processing limitation, obtains processing limitation result;
Holder's authentication unit is verified holder using record for what is read according to read record unit, is obtained To holder's verification result;
Terminal risk management unit for carrying out terminal risk management, obtains terminal risk management result.
Further, the Bluetooth intelligent card provided in embodiment, further includes:First judgment module, the first display module, One confirms that module, the 3rd detection module, refusal transaction modules, first return to module;
First judgment module is for the Transaction Information judgement in the transaction request that is received according to the first receiving module 02 Transaction amount in no display Transaction Information;
First display module, for after the first judgment module is judged as YES, showing transaction amount;When the 3rd detection module User's confirmation message is not detected in the first preset time, shows error message;
Refuse transaction modules, for not detecting user's confirmation message in the first preset time when the 3rd detection module When, refusal transaction;
First returns to module, for not detecting user's confirmation message in the first preset time when the 3rd detection module When, return to error message to merchant tenninal;
First confirms module, for user to be waited to confirm transaction amount;
3rd detection module, for detecting user's confirmation message in the first preset time;
Off line authentication unit, specifically for after the first judgment module is judged as NO, carrying out off line certification, obtaining off line and recognize Demonstrate,prove result;After the 3rd detection module detects user's confirmation message in the first preset time, off line certification is carried out, is taken off Machine authentication result.
In the present embodiment, holder's authentication unit specifically includes:First obtains subelement, the first prompting subelement, second Obtain subelement, the first holder verifies subelement and the first update subelement;
Online PIN input by user is further included in transaction message;
First obtains subelement, and holder's authentication is obtained for the application record read according to read record unit Formula;
First prompting subelement, holder's verification mode for obtaining subelement acquisition when first are to input online PIN When, user is prompted to input online PIN;
Second obtains subelement, for the online PIN input by user to be obtained such as in the second preset time;
First holder's certification subelement, for get user in the second preset time defeated when the second acquisition subelement After the online PIN entered, holder is verified, obtains holder's verification result;When the second acquisition subelement is default second After online PIN input by user is not got in time, using holder's authentication failed as holder's verification result;
First update subelement, holder's verification result for being obtained according to first holder's certification subelement update eventually Hold verification result.
The Bluetooth intelligent card provided in the present embodiment can be traded with merchant tenninal, need not in entire process of exchange It completes to merchandise by financial terminal, so as to reduce the risk of the sensitive information leakages such as user's PIN code or signing messages, improve The convenience and security of transaction, and blue-tooth intelligence is stuck in before starting transaction with merchant tenninal, judges whether transaction deposits It in risk, is traded again with merchant tenninal after being judged as NO, further ensures the security of transaction.
The foregoing is only a preferred embodiment of the present invention, but protection scope of the present invention be not limited thereto, Any one skilled in the art is in technical scope disclosed by the invention, the change or replacement that can readily occur in, It should be covered by the protection scope of the present invention.Therefore, protection scope of the present invention should be with scope of the claims Subject to.

Claims (37)

  1. A kind of 1. method of blue-tooth intelligence card control transaction risk, which is characterized in that including:
    Step s1:Bluetooth intelligent card establishes bluetooth connection with merchant tenninal;
    Step s2:The Bluetooth intelligent card receives the request from the merchant tenninal by Bluetooth channels;It merchandises when receiving Step s3 is performed during request;
    Step s3:The Bluetooth intelligent card selects to apply according to the transaction request;
    Step s4:The Bluetooth intelligent card is traded preparation, obtains transaction and prepares result;
    Step s5:The Bluetooth intelligent card prepares result according to the transaction and carries out behavioural analysis, obtains Trading Authorization result;
    Step s6:The Bluetooth intelligent card sends transaction message by Bluetooth channels to the merchant tenninal;The transaction message Include the Transaction Information in the Trading Authorization result and the transaction request;
    Step s7:The Bluetooth intelligent card receives the transaction response from the merchant tenninal by Bluetooth channels;According to described Response of merchandising generates transaction record, and the transaction record is sent to the merchant tenninal by Bluetooth channels;
    After the step s1, further included before performing step s4:The Bluetooth intelligent card judges current transaction with the presence or absence of wind Danger, if it is, risky to merchant tenninal prompting transaction;Otherwise, continuous business.
  2. 2. it according to the method described in claim 1, it is characterized in that, is further included in the step s2:When the Bluetooth intelligent card When receiving the risk checking request from the merchant tenninal by Bluetooth channels, then step M1 is performed;
    Step M1:Acquisition request of data to be verified including the risk of itself verification data is passed through bluetooth by the Bluetooth intelligent card Passage is sent to the merchant tenninal;Receive the data to be verified from the merchant tenninal;The Bluetooth intelligent card is according to One safe key, risk verification data and the data to be verified judge transaction with the presence or absence of risk, if it is, risk Verification to the merchant tenninal by not prompting risky, the return to step s2 that merchandises;Otherwise, risk is verified, whole to trade company End prompting starts to merchandise, return to step s2;
    The Bluetooth intelligent card judges that current transaction with the presence or absence of risk, is specially:
    The Bluetooth intelligent card judges whether to verify by risk, if it is, judging that risk is not present in current transaction;Otherwise, Judge that there are risks for current transaction.
  3. 3. according to the method described in claim 2, it is characterized in that, after being judged as NO in the step M1, further include:Set with The corresponding Secure Transaction flag bit of the merchant tenninal;
    The Bluetooth intelligent card judges whether to verify by risk, is specially:The Bluetooth intelligent card detection and the trade company are whole Hold whether corresponding Secure Transaction flag bit is set, if it is, judging to verify by risk, otherwise, judgement does not pass through wind Danger verification.
  4. 4. it according to the method described in claim 3, it is characterized in that, is further included before the step M1:The Bluetooth intelligent card Whether detection Secure Transaction flag bit corresponding with the merchant tenninal is set, if it is, starting to merchant tenninal prompting Transaction, return to step s2;Otherwise, step M1 is performed.
  5. 5. according to the method described in claim 1, it is characterized in that, the Bluetooth intelligent card judges current transaction with the presence or absence of wind Danger is specially:
    The Bluetooth intelligent card sends out the acquisition request of data to be verified including the risk of itself verification data by Bluetooth channels Give the merchant tenninal;Receive the data to be verified from the merchant tenninal;The Bluetooth intelligent card is according to the first safety Key, risk verification data and the data to be verified judge transaction with the presence or absence of risk.
  6. 6. according to the method described in claim 5, it is characterized in that, there is no wind when the Bluetooth intelligent card judges current transaction Behind danger, further include:Set Secure Transaction flag bit corresponding with the merchant tenninal;
    The Bluetooth intelligent card judges that current transaction further includes before with the presence or absence of risk:Bluetooth intelligent card detection with it is described Whether the corresponding Secure Transaction flag bit of merchant tenninal is set, if it is, continuous business;Otherwise, the judgement is performed to work as Preceding transaction is with the presence or absence of risk.
  7. 7. the method according to claim 3 or 6, which is characterized in that the Bluetooth intelligent card after the power is turned on and/or it is lower electricity before, It further includes:Reset Secure Transaction flag bit corresponding with the merchant tenninal.
  8. 8. the method according to claim 2 or 5, which is characterized in that the risk verification data include:Smartcard identification And/or random number;
    When the risk, which is verified, does not include the smartcard identification in data, the reception is from the to be tested of the merchant tenninal It is further included before card data:The smartcard identification is sent to trade company's end by the Bluetooth intelligent card by Bluetooth channels End.
  9. 9. the method according to claim 2 or 5, which is characterized in that the Bluetooth intelligent card is according to the first safe key, institute It states risk verification data and the data to be verified judges that transaction with the presence or absence of risk, specifically includes:The Bluetooth intelligent card root Computing is encrypted and obtains the second fiducial value according to first safe key and risk verification data;The Bluetooth intelligent card Judge whether the data to be verified and the second fiducial value match, if it is, there is no risks for transaction;Otherwise, transaction exists Risk.
  10. 10. the method according to claim 2 or 5, which is characterized in that the Bluetooth intelligent card according to the first safe key, The risk verification data and the data to be verified judge that transaction with the presence or absence of risk, specifically includes:The Bluetooth intelligent card Obtain risk comparison value using data to be verified described in first secure key decryption, to the risk verify data into Row summary computing obtains the first digest value, judges whether first digest value and the risk comparison value match, if It is that then there is no risks for transaction;Otherwise, there are risks for transaction.
  11. 11. the method according to claim 2 or 5, which is characterized in that the Bluetooth intelligent card according to the first safe key, The risk verification data and the data to be verified judge that transaction with the presence or absence of risk, specifically includes:The Bluetooth intelligent card Risk comparison value is obtained using data to be verified described in first secure key decryption;The Bluetooth intelligent card judges institute It states risk verification data and whether the risk comparison value matches, if it is, there is no risks for transaction;Otherwise, merchandise There are risks.
  12. 12. it according to the method described in claim 8, it is characterized in that, further includes:The merchant tenninal is sent to application server The smartcard identification receives the second safe key corresponding with the smartcard identification from the application server, root The data to be verified are generated according to second safe key, risk verification data.
  13. 13. according to the method for claim 12, which is characterized in that described according to second safe key, the risk It verifies that data generate the data to be verified, is specially:The merchant tenninal carries out summary computing to risk verification data The second digest value is obtained, the data to be verified are worth to using the second summary described in the second secure key encryption;
    Or it is specially:The merchant tenninal is obtained described to be verified using risk verification data described in the second secure key encryption Data.
  14. 14. according to the method for claim 12, which is characterized in that the merchant tenninal is received from the application server The second safe key corresponding with the smartcard identification before, further include:
    Step d1:The merchant tenninal sends merchant identification to the application server;
    Step d2:The application server encrypts the merchant identification using application server private key to obtain the first encryption number According to;First encryption data and the second random number of itself are sent to the merchant tenninal;
    Step d3:The merchant tenninal is decrypted to obtain the first solution using application server public key to first encryption data Ciphertext data;
    Step d4:The merchant tenninal judges whether first ciphertext data and merchant identification match, if so, performing step d5;Otherwise, report an error to the Bluetooth intelligent card;
    Step d5:Second random number is encrypted using trade company's private key the second encryption data of generation in the merchant tenninal, Second encryption data is sent to the application server;
    Step d6:The application server is decrypted the second encryption data using trade company's public key to obtain the second ciphertext data;
    Step d7:The application server judges whether second ciphertext data and second random number match, if so, Then application server obtains the second safe key corresponding with the smartcard identification;Otherwise, report an error to the merchant tenninal.
  15. 15. it according to the method described in claim 8, it is characterized in that, further includes:The merchant tenninal is sent to application server The smartcard identification receives close from the application server encrypted second safety corresponding with the smartcard identification Key;The merchant tenninal is decrypted to obtain the second safe key to encrypted second safe key, according to the described second safety Key and risk verification data are encrypted computing and generate the data to be verified.
  16. 16. according to the method for claim 15, which is characterized in that the merchant tenninal is received from the application server Encrypted second safe key corresponding with the smartcard identification before, further include:
    Step f1:The merchant tenninal sends merchant identification to the application server;
    Step f2:The application server encrypts the merchant identification using application server private key to obtain the first encryption number According to;First encryption data and the second random number of itself are sent to the merchant tenninal;
    Step f3:The merchant tenninal is decrypted to obtain the first solution using application server public key to first encryption data Ciphertext data;
    Step f4:The merchant tenninal judges whether first ciphertext data and merchant identification match, if so, performing step f5;Otherwise, report an error to the Bluetooth intelligent card;
    Step f5:Second random number is encrypted using trade company's private key the second encryption data of generation in the merchant tenninal, Second encryption data is sent to the application server;
    Step f6:The application server is decrypted the second encryption data using trade company's public key to obtain the second ciphertext data;
    Step f7:The application server judges whether second ciphertext data and second random number match, if so, Then application server obtains the second safe key corresponding with the smartcard identification, and the second secure key encryption is encrypted The second safe key;Otherwise, report an error to the merchant tenninal.
  17. 17. according to the method described in claim 8, it is characterized in that, when risk verification data include the smart card During mark, the method further includes:The merchant tenninal sends the risk to application server and verifies data;It receives from institute State the data to be verified of application server;
    When the risk, which is verified, does not include the smartcard identification in data, the method further includes:The merchant tenninal to Application server sends the risk verification data and the smartcard identification;It receives from the to be verified of the application server Data.
  18. 18. according to the method for claim 17, which is characterized in that further include:The application server is according to the intelligence Card mark obtains the second safe key corresponding with the Bluetooth intelligent card;The risk is tested using second safe key Card data are encrypted to obtain the data to be verified.
  19. 19. according to the method for claim 18, which is characterized in that the application server is obtained according to the smartcard identification Before taking the second safe key corresponding with the Bluetooth intelligent card, further include:
    Step h1:The merchant tenninal sends merchant identification to the application server;
    Step h2:The application server encrypts the merchant identification using application server private key to obtain the first encryption number According to;First encryption data and the second random number of itself are sent to the merchant tenninal;
    Step h3:The merchant tenninal is decrypted to obtain the first solution using application server public key to first encryption data Ciphertext data;
    Step h4:The merchant tenninal judges whether first ciphertext data and merchant identification match, if so, performing step h5;Otherwise, report an error to the Bluetooth intelligent card;
    Step h5:Second random number is encrypted using trade company's private key the second encryption data of generation in the merchant tenninal, Second encryption data is sent to the application server;
    Step h6:The application server is decrypted the second encryption data using trade company's public key to obtain the second ciphertext data;
    Step h7:The application server judges whether second ciphertext data and second random number match, if so, Then application server obtains the second safe key corresponding with the Bluetooth intelligent card according to the smartcard identification;Otherwise, to The merchant tenninal reports an error.
  20. 20. according to the method described in claim 1, it is characterized in that, the transaction preparation result includes:Off line authentication result, Processing limitation result, holder's verification result and terminal risk management result;
    The step s4 is specifically included:
    Step g1:Application record is read in the application that the blue-tooth intelligence card initialization has selected;
    Step g2:The Bluetooth intelligent card carries out off line certification, obtains off line authentication result;
    Step g3:The Bluetooth intelligent card carries out processing limitation, obtains processing limitation result;
    Step g4:The Bluetooth intelligent card applies record to verify holder according to what is read, obtains holder's verification As a result;
    Step g5:The Bluetooth intelligent card carries out terminal risk management, obtains terminal risk management result.
  21. 21. according to the method for claim 20, which is characterized in that further included after the step g1:The blue-tooth intelligence Block Transaction Information in the transaction request to judge whether to show the transaction amount in the Transaction Information, if it is not, then Perform step g2;If it is, showing the transaction amount, user is waited to confirm, if detecting use in the first preset time Family confirmation message then performs step g2;If not detecting user's confirmation message in the first preset time, the bluetooth intelligence It can block and show error message, refusal transaction, and return to error message to the merchant tenninal;
    After the refusal transaction, further include:The Bluetooth intelligent card display refusal Transaction Information.
  22. 22. according to the method for claim 20, which is characterized in that the step g4 is specially:The Bluetooth intelligent card root Holder's verification mode is obtained according to the application record read, when holder's verification mode is inputs online PIN, prompts user Online PIN is inputted, if getting online PIN input by user in the second preset time, holder is verified, is obtained Holder's verification result updates the terminal authentication result according to holder's verification result;If do not have in the second preset time Online PIN input by user is got, then using holder's authentication failed as holder's verification result, is verified and tied according to holder Fruit updates terminal authentication result;
    Online PIN input by user is further included in the transaction message.
  23. 23. a kind of Bluetooth intelligent card, which is characterized in that including:First link block, the first receiving module, first choice application Module, the first transaction preparation module, the first behavior analysis module, the first sending module, the second receiving module, the first transaction record Module, the second sending module and the first risk authentication module;
    First link block, for establishing bluetooth connection with merchant tenninal;
    First receiving module, for receiving the request from the merchant tenninal by Bluetooth channels;
    The first choice application module, the transaction request for being received according to first receiving module select application;
    The first transaction preparation module obtains transaction preparation result for being traded preparation;
    The first behavior analysis module, for according to the described first obtained transaction of transaction preparation module prepare result into Row behavioural analysis obtains Trading Authorization result;
    First sending module, for sending transaction message, the transaction to the merchant tenninal by the Bluetooth channels Message includes the Trading Authorization result that the first behavior analysis module obtains and first receiving module receives The transaction request in Transaction Information;
    Second receiving module, for receiving the transaction response from the merchant tenninal by Bluetooth channels;
    First trades record module, the transaction response for being received according to second receiving module generate transaction Record;
    Second sending module sends the first trades record module life for passing through Bluetooth channels to the merchant tenninal Into the transaction record;
    The first risk authentication module, for working as after first receiving module receives the transaction request, when described One transaction preparation module is traded before preparation, judges current transaction with the presence or absence of risk;It is if it is, whole to the trade company End prompting transaction is risky;Otherwise, continuous business.
  24. 24. Bluetooth intelligent card according to claim 23, which is characterized in that further include:Second risk authentication module;
    The second risk authentication module specifically includes:First transmitting element, the first receiving unit, the first authentication unit and first Returning unit;
    First transmitting element, for work as first receiving module receive from the merchant tenninal risk verification please When asking, request of data to be verified will be obtained and be sent to the merchant tenninal;The acquisition request of data to be verified includes bluetooth The risk verification data of smart card;
    First receiving unit, for receiving the data to be verified from the merchant tenninal;
    First authentication unit, for according to the Bluetooth intelligent card the first safe key, the institute of the Bluetooth intelligent card It states risk verification data and data to be verified that first receiving unit receives judges transaction with the presence or absence of risk, such as Fruit is that then risk verification does not pass through;Otherwise, risk is verified;
    First returning unit for working as after first authentication unit is judged as YES, is prompted to merchandise to the merchant tenninal It is risky;After first authentication unit is judged as NO, start to merchandise to merchant tenninal prompting;
    The first risk authentication module, it is described specifically for working as after first receiving module receives the transaction request First transaction preparation module is traded before preparation, judges whether first authentication unit is verified by risk, if so, Then judge that there is no risks for current transaction;Otherwise, judge that there are risks for current transaction.
  25. 25. Bluetooth intelligent card according to claim 24, which is characterized in that further include the first setup module;
    First setup module, for working as after first authentication unit is judged as NO, set is corresponding with the merchant tenninal Secure Transaction flag bit;
    The first risk authentication module, it is described specifically for working as after first receiving module receives the transaction request First transaction preparation module is traded before preparation, detect corresponding with merchant tenninal Secure Transaction flag bit whether by Set, if it is, judging to verify by risk, otherwise, judgement is not verified by risk.
  26. 26. Bluetooth intelligent card according to claim 25, which is characterized in that further include:First detection module;
    The first detection module will obtain request of data to be verified for working as first transmitting element and be sent to the trade company Before terminal, detect whether Secure Transaction flag bit corresponding with the merchant tenninal is set, if it is, continuous business;
    First transmitting element, specifically for work as the first detection module be detected as it is no after, will obtain data to be verified please It asks and is sent to the merchant tenninal.
  27. 27. Bluetooth intelligent card according to claim 25, which is characterized in that further include and power on module and lower electric module;
    It is described to power on module, it is powered on for Bluetooth intelligent card;The lower electric module, for electric under Bluetooth intelligent card;
    First setup module is additionally operable to power on module after the power is turned on and/or under the lower electric module before electricity when described, reset with The corresponding Secure Transaction flag bit of the merchant tenninal.
  28. 28. Bluetooth intelligent card according to claim 23, which is characterized in that the first risk authentication module, it is specific to wrap It includes:
    First transmitting element, the first receiving unit and the first authentication unit;
    First transmitting element is sent to the merchant tenninal for that will obtain request of data to be verified;The acquisition is to be tested Card request of data includes the risk verification data of Bluetooth intelligent card;
    First receiving unit, for receiving the data to be verified from the merchant tenninal;
    First authentication unit, for according to the Bluetooth intelligent card the first safe key, the institute of the Bluetooth intelligent card It states risk verification data and data to be verified that first receiving unit receives judges transaction with the presence or absence of risk.
  29. 29. Bluetooth intelligent card according to claim 28, which is characterized in that further include:Second setup module and the second inspection Survey module;
    Second setup module, for working as after first authentication unit is judged as NO, set is corresponding with the merchant tenninal Secure Transaction flag bit;
    Second detection module will obtain request of data to be verified for working as first transmitting element and be sent to the trade company Before terminal, detect whether Secure Transaction flag bit corresponding with the merchant tenninal is set, if it is, continuous business;
    First transmitting element, specifically for work as the first detection unit be detected as it is no after, will obtain data to be verified please It asks and is sent to the merchant tenninal;The acquisition request of data to be verified includes the risk verification data of Bluetooth intelligent card.
  30. 30. Bluetooth intelligent card according to claim 29, which is characterized in that further include and power on module and lower electric module;
    It is described to power on module, it is powered on for Bluetooth intelligent card;The lower electric module, for electric under Bluetooth intelligent card;
    Second setup module is additionally operable to power on module after the power is turned on and/or under the lower electric module before electricity when described, resets peace Full transaction signature position.
  31. 31. the Bluetooth intelligent card according to claim 24 or 28, which is characterized in that the risk verification data include:Intelligence It can card mark and/or random number;
    When the risk, which is verified, does not include the smartcard identification in data, first transmitting element is additionally operable to the intelligence Mark can be blocked and be sent to the merchant tenninal by Bluetooth channels.
  32. 32. the Bluetooth intelligent card according to claim 24 or 28, which is characterized in that first authentication unit, it is specific to use Computing is encrypted and obtains second according to first safe key of the Bluetooth intelligent card and risk verification data Fiducial value;Judge whether data to be verified that first receiving unit receives and the second fiducial value match, if so, Then there is no risks for transaction;Otherwise, there are risks for transaction.
  33. 33. the Bluetooth intelligent card according to claim 24 or 28, which is characterized in that first authentication unit, it is specific to use In the data to be verified that the first receiving unit described in first secure key decryption of the Bluetooth intelligent card is used to receive Risk comparison value is obtained, carrying out summary computing to risk verification data obtains the first digest value, judges described first Whether digest value and the risk comparison value match, if it is, there is no risks for transaction;Otherwise, there are risks for transaction.
  34. 34. the Bluetooth intelligent card according to claim 24 or 28, which is characterized in that first authentication unit, it is specific to use The data to be verified that the first receiving unit receives are stated in first secure key decryption for using the Bluetooth intelligent card to obtain To risk comparison value;Judge whether the risk verification data and the risk comparison value match, if it is, handing over Risk is easily not present;Otherwise, there are risks for transaction.
  35. 35. Bluetooth intelligent card according to claim 23, which is characterized in that the transaction, which prepares result, to be included:Off line is recognized Demonstrate,prove result, processing limitation result, holder's verification result and terminal risk management result;
    The first transaction preparation module specifically includes:Read record unit, off line authentication unit, processing limiting unit, holder Authentication unit, terminal risk management unit;
    The read record unit for initializing the application that the first choice application module has selected, reads application record;
    The off line authentication unit for carrying out off line certification, obtains off line authentication result;
    The processing limiting unit for carrying out processing limitation, obtains processing limitation result;
    Holder's authentication unit tests holder using record for what is read according to the read record unit Card, obtains holder's verification result;
    The terminal risk management unit for carrying out terminal risk management, obtains terminal risk management result.
  36. 36. Bluetooth intelligent card according to claim 35, which is characterized in that further include:First judgment module, the first display Module, first confirm that module, the 3rd detection module, refusal transaction modules, first return to module;
    First judgment module, for the Transaction Information in the transaction request that is received according to first receiving module Judge whether to show the transaction amount in the Transaction Information;
    First display module for working as after first judgment module is judged as YES, shows the transaction amount;When the described 3rd When detection module does not detect user's confirmation message in the first preset time, error message is shown;
    Refuse transaction modules, user's confirmation message is not detected in the first preset time for working as the 3rd detection module When, refusal transaction;
    First returns to module, and user's confirmation message is not detected in the first preset time for working as the 3rd detection module When, return to error message to the merchant tenninal;
    First confirms module, for user to be waited to confirm transaction amount;
    3rd detection module, for detecting user's confirmation message in the first preset time;
    The off line authentication unit specifically for working as after first judgment module is judged as NO, carries out off line certification, is taken off Machine authentication result;After the 3rd detection module detects user's confirmation message in the first preset time, carry out off line and recognize Card, obtains off line authentication result.
  37. 37. Bluetooth intelligent card according to claim 35, which is characterized in that holder's authentication unit specifically includes: First obtains subelement, the first prompting subelement, the second acquisition subelement, the first holder verification subelement and the first update Unit;
    Online PIN input by user is further included in the transaction message;
    First obtains subelement, and holder's authentication is obtained for the application record read according to the read record unit Formula;
    The first prompting subelement is that input is online for working as the described first holder's verification mode for obtaining subelement acquisition During PIN, user is prompted to input online PIN;
    Described second obtains subelement, for the online PIN input by user to be obtained such as in the second preset time;
    The first holder certification subelement, for get user in the second preset time defeated when the second acquisition subelement After the online PIN entered, holder is verified, obtains holder's verification result;When the second acquisition subelement is default second After online PIN input by user is not got in time, using holder's authentication failed as holder's verification result;
    The first update subelement, for holder's verification result for being obtained according to the first holder certification subelement more New terminal verification result.
CN201711454809.1A 2017-12-28 2017-12-28 A kind of Bluetooth intelligent card and its method for controlling transaction risk Active CN108053012B (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
CN201711454809.1A CN108053012B (en) 2017-12-28 2017-12-28 A kind of Bluetooth intelligent card and its method for controlling transaction risk

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
CN201711454809.1A CN108053012B (en) 2017-12-28 2017-12-28 A kind of Bluetooth intelligent card and its method for controlling transaction risk

Publications (2)

Publication Number Publication Date
CN108053012A true CN108053012A (en) 2018-05-18
CN108053012B CN108053012B (en) 2018-10-30

Family

ID=62128720

Family Applications (1)

Application Number Title Priority Date Filing Date
CN201711454809.1A Active CN108053012B (en) 2017-12-28 2017-12-28 A kind of Bluetooth intelligent card and its method for controlling transaction risk

Country Status (1)

Country Link
CN (1) CN108053012B (en)

Cited By (1)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN109413648A (en) * 2018-10-26 2019-03-01 国民技术股份有限公司 Access control method, terminal, smart card, background server and storage medium

Citations (5)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN103986713A (en) * 2014-05-16 2014-08-13 天地融科技股份有限公司 Information interaction method and system and transaction terminal
US20140291392A1 (en) * 2013-04-02 2014-10-02 Nxp B.V. Digital wallet bridge
CN106056419A (en) * 2015-11-25 2016-10-26 天地融科技股份有限公司 Method, system and device for realizing independent transaction by using electronic signature equipment
US20170039599A1 (en) * 2015-07-15 2017-02-09 NXT-ID, Inc. System and Method to Personalize Products and Services
CN106845995A (en) * 2017-01-19 2017-06-13 飞天诚信科技股份有限公司 A kind of method of Bluetooth intelligent card and its control transaction risk

Patent Citations (5)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US20140291392A1 (en) * 2013-04-02 2014-10-02 Nxp B.V. Digital wallet bridge
CN103986713A (en) * 2014-05-16 2014-08-13 天地融科技股份有限公司 Information interaction method and system and transaction terminal
US20170039599A1 (en) * 2015-07-15 2017-02-09 NXT-ID, Inc. System and Method to Personalize Products and Services
CN106056419A (en) * 2015-11-25 2016-10-26 天地融科技股份有限公司 Method, system and device for realizing independent transaction by using electronic signature equipment
CN106845995A (en) * 2017-01-19 2017-06-13 飞天诚信科技股份有限公司 A kind of method of Bluetooth intelligent card and its control transaction risk

Cited By (1)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN109413648A (en) * 2018-10-26 2019-03-01 国民技术股份有限公司 Access control method, terminal, smart card, background server and storage medium

Also Published As

Publication number Publication date
CN108053012B (en) 2018-10-30

Similar Documents

Publication Publication Date Title
CN106651331B (en) A kind of electronic trade method and system based on digital cash
CN103731259B (en) A kind of terminal master key TMK safety downloading method and systems
CN102789607B (en) A kind of network trading method and system
CN102867366B (en) Portable bank card data processing device, system and method
CN103237005A (en) Method and system for key management
CN101340285A (en) Method and system for identity authentication by finger print USBkey
KR101644124B1 (en) Server for transaction using pre-authentication and method thereof
CN104077690B (en) Method and device for generating one-time password, authentication method and authentication system
CN106845995B (en) A kind of Bluetooth intelligent card and its method for controlling transaction risk
CN103326862A (en) Electronically signing method and system
CN106209386B (en) A kind of methods, devices and systems for realizing safety certification
CN104871186A (en) Application system for mobile payment and method for providing and using mobile means for payment
CN105897721A (en) Method and device for verifying reliability of identity of financial card user
CN104318437A (en) Online payment system and payment method for virtual prepaid card
CN103026656A (en) Message storage and transfer system
CN106056419A (en) Method, system and device for realizing independent transaction by using electronic signature equipment
CN104835038A (en) Networking payment device and networking payment method
EP2215553A1 (en) System and method for authenticating one-time virtual secret information
KR20180024994A (en) Radio link authentication system and methods using Devices and automation devices
CN107506998A (en) Fingerprint password payment method, device and system based on NFC verification
CN105635164B (en) The method and apparatus of safety certification
CN108053012B (en) A kind of Bluetooth intelligent card and its method for controlling transaction risk
CN102148799A (en) Key downloading method and system
CN107395600A (en) Business datum verification method, service platform and mobile terminal
CN108932619A (en) A kind of chargeable service method and system that terminal is offline

Legal Events

Date Code Title Description
PB01 Publication
PB01 Publication
SE01 Entry into force of request for substantive examination
SE01 Entry into force of request for substantive examination
GR01 Patent grant
GR01 Patent grant