CN108540457A - A kind of safety equipment and its biological identification control method and device - Google Patents
A kind of safety equipment and its biological identification control method and device Download PDFInfo
- Publication number
- CN108540457A CN108540457A CN201810229137.2A CN201810229137A CN108540457A CN 108540457 A CN108540457 A CN 108540457A CN 201810229137 A CN201810229137 A CN 201810229137A CN 108540457 A CN108540457 A CN 108540457A
- Authority
- CN
- China
- Prior art keywords
- biological
- biological identification
- identification control
- safety equipment
- safety
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Granted
Links
Classifications
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/08—Network architectures or network communication protocols for network security for authentication of entities
- H04L63/0861—Network architectures or network communication protocols for network security for authentication of entities using biometrical features, e.g. fingerprint, retina-scan
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/08—Network architectures or network communication protocols for network security for authentication of entities
- H04L63/0853—Network architectures or network communication protocols for network security for authentication of entities using an additional device, e.g. smartcard, SIM or a different communication terminal
Landscapes
- Engineering & Computer Science (AREA)
- Computer Hardware Design (AREA)
- Computer Security & Cryptography (AREA)
- Computing Systems (AREA)
- General Engineering & Computer Science (AREA)
- Computer Networks & Wireless Communication (AREA)
- Signal Processing (AREA)
- Health & Medical Sciences (AREA)
- Biomedical Technology (AREA)
- General Health & Medical Sciences (AREA)
- Measurement Of The Respiration, Hearing Ability, Form, And Blood Characteristics Of Living Organisms (AREA)
- Financial Or Insurance-Related Operations Such As Payment And Settlement (AREA)
Abstract
A kind of biological identification control method of safety equipment includes:The biological identification control module acquisition and certification user biological characteristic information;If the user biological characteristic information certification passes through, the biological identification control module initiates external authentication requests according to preset key to the transaction security chip;External authentication requests described in the transaction security chip processing;If the external authentication requests certification passes through, the biological identification of the safety equipment passes through.When so that the comparative device safety chip in transaction security chip being replaced, since key is also replaced accordingly, thus the certification of transaction security chip still cannot be obtained, can effectively ensure that the safety of equipment.
Description
Technical field
The invention belongs to safety certification field more particularly to a kind of safety equipment and its biological identification control method and dresses
It sets.
Background technology
Current safety equipment is usually made of transaction security chip and biological identification chip, when biological identification chip to
Family carries out after biological identification passes through, and sends certification by signal to transaction security chip, then transaction security chip controls are set safely
Standby biological identification passes through, and certification is easy to be forged by signal, and safety is relatively low.
Invention content
In view of this, an embodiment of the present invention provides safety equipment and its biological identification control method and device, to solve
Biological identification in safety equipment in the prior art is easy to be forged by signal, the relatively low problem of safety.
The first aspect of the embodiment of the present invention provides a kind of biological identification control method of safety equipment, and the safety is set
Standby includes transaction security chip and biological identification control module, and the biological identification control method of the safety equipment includes:
The biological identification control module acquisition and certification user biological characteristic information;
If the user biological characteristic information certification passes through, the biological identification control module is according to preset key to institute
It states transaction security chip and initiates external authentication requests;
External authentication requests described in the transaction security chip processing;
If the external authentication requests certification passes through, the biological identification of the safety equipment passes through.
With reference to first aspect, in the first possible realization method of first aspect, the biological identification control module packet
Include main control MCU, comparative device safety chip, physical characteristics collecting device;
The step of biological identification control module acquisition and certification user biological characteristic information includes:
The physical characteristics collecting device acquires user biological characteristic information and is sent to the main control MCU;
The main control MCU extracts the characteristic value of the user biological characteristic information and is sent to the safe core of the comparative device
Piece;
The characteristic value is compared the comparative device safety chip with the user characteristics value to prestore, passes through if comparing,
Then the user biological characteristic information certification passes through.
The possible realization method of with reference to first aspect the first, in second of possible realization method of first aspect,
If the user biological characteristic information certification passes through, the biological identification control module is according to preset key
Include to the step of transaction security chip initiation external authentication requests:
If the user biological characteristic information certification passes through,
The main control MCU obtains the transaction security chip random number and is sent to the comparative device safety chip;
The comparative device safety chip carries out operation to the random number according to preset key and generates external authentication information simultaneously
It is sent to the main control MCU;
The main control MCU initiates external authentication requests according to the external authentication information to the transaction security chip.
The possible realization method of second with reference to first aspect, in the third possible realization method of first aspect, institute
It states physical characteristics collecting device acquisition user biological characteristic information and further includes after being sent to the main control MCU:The biological characteristic
Collector enters low-power consumption mode;
The comparative device safety chip carries out operation to the random number according to preset key and generates external authentication information simultaneously
Further include after being sent to the main control MCU:The comparative device safety chip enters low-power consumption mode.
With reference to first aspect, in the 4th kind of possible realization method of first aspect, the biological characteristic includes fingerprint spy
One or more in sign, iris feature, face characteristic or sound characteristic.
With reference to first aspect, in the 5th kind of possible realization method of first aspect, if the user biological feature
Authentification of message passes through, then the biological identification control module initiates external authentication according to preset key to the transaction security chip
The step of request includes:
If the user biological characteristic information certification passes through, the biological identification control module is according to the user biological
Characteristic information searches corresponding first preset key information, and the biological identification control module is believed according to first preset key
It ceases to the transaction security chip and initiates external authentication requests.
The second aspect of the embodiment of the present invention provides a kind of biological identification control device of safety equipment, and the safety is set
Standby includes transaction security chip and biological identification control module, and the biological identification control device of the safety equipment includes:
Biological identification unit, for acquiring and the biological information of certification user;
Control unit, for when the biological information certification of user by when, from the biological identification control module to
The transaction security chip initiates external authentication requests;
External authentication unit, for handling the external authentication requests.
In conjunction with second aspect, in the first possible realization method of second aspect, the biological identification of the safety equipment
Control device further includes:
Preset key searching unit, for being looked into according to the user biological characteristic information by the biological identification control module
Look for corresponding first preset key information, so as to the biological identification control module according to the first preset key information to institute
It states transaction security chip and initiates external authentication requests.
The third aspect of the embodiment of the present invention provides a kind of safety equipment, including memory, processor and is stored in
In the memory and the computer program that can run on the processor, when the processor executes the computer program
It realizes as described in any one of first aspect the step of the biological identification control method of safety equipment.
The fourth aspect of the embodiment of the present invention provides a kind of computer readable storage medium, the computer-readable storage
Media storage has computer program, which is characterized in that realizes that first aspect such as is appointed when the computer program is executed by processor
The step of biological identification control method of one safety equipment.
Existing advantageous effect is the embodiment of the present invention compared with prior art:Simultaneously by the acquisition of biological identification control module
Certification user biological characteristic information, if the biological information certification passes through, the biological identification control module is according to pre-
The key set initiates external authentication requests to Secure Transaction chip, if the external authentication transaction request of Secure Transaction chip is logical
It crosses, then passes through the biological identification of the safety equipment.Due to by external authentication requests to the biological identification control module into
Row certification is conducive to avoid forging biological characteristic authentication by message, so that biological characteristic authentication more may be used by message
It leans on, further increases the safety of safety equipment.
Description of the drawings
It to describe the technical solutions in the embodiments of the present invention more clearly, below will be to embodiment or description of the prior art
Needed in attached drawing be briefly described, it should be apparent that, the accompanying drawings in the following description be only the present invention some
Embodiment for those of ordinary skill in the art without having to pay creative labor, can also be according to these
Attached drawing obtains other attached drawings.
Fig. 1 is the system structure diagram of safety equipment provided in an embodiment of the present invention;
Fig. 2 is the implementation process schematic diagram of the biological identification control method of safety equipment provided in an embodiment of the present invention;
Fig. 3 is a kind of biological identification control method of safety equipment based on unsymmetrical key provided in an embodiment of the present invention
Implementation process schematic diagram;
Fig. 4 is a kind of biological identification control method of safety equipment based on symmetric key provided in an embodiment of the present invention
Implementation process schematic diagram;
Fig. 5 is the schematic diagram of the biological identification control device of safety equipment provided in an embodiment of the present invention;
Fig. 6 is the schematic diagram of safety equipment provided in an embodiment of the present invention.
Specific implementation mode
In being described below, for illustration and not for limitation, it is proposed that such as tool of particular system structure, technology etc
Body details, to understand thoroughly the embodiment of the present invention.However, it will be clear to one skilled in the art that there is no these specific
The present invention can also be realized in the other embodiments of details.In other situations, it omits to well-known system, device, electricity
The detailed description of road and method, in case unnecessary details interferes description of the invention.
In order to illustrate technical solutions according to the invention, illustrated below by specific embodiment.
If Fig. 1 is a kind of system structure diagram of safety equipment provided by the embodiments of the present application, as shown in Figure 1, described
Safety equipment includes transaction security chip 1, biological identification control module 2, wherein the biological identification control module 2 can wrap
Main control MCU 21, comparative device safety chip 22 and physical characteristics collecting device 23 are included, the transaction security chip 1 and the biology are recognized
Preset symmetric key or unsymmetrical key in the comparative device safety chip 22 in control module 2 are demonstrate,proved, for example, can be by master control
MCU generates random number and is sent respectively to comparative device safety chip 22 and transaction security chip as symmetric key, or can be by
Comparative device safety chip 22 generates unsymmetrical key and preserves private key, and public key can be transmitted to transaction security core by main control MCU 21
Piece, or unsymmetrical key can be generated by transaction security chip 1 and preserve private key, public key can be transmitted to by main control MCU 21
Comparative device safety chip 22.
For the physical characteristics collecting device 23 for acquiring biological attribute data, the biological attribute data may include fingerprint
One or more in feature, iris feature, face characteristic or sound characteristic.The fingerprint characteristic can pass through fingerprint sensing
Device is acquired, and the iris feature and the face characteristic can be acquired by camera, and the sound characteristic can be with
It is acquired by microphone.
The biological attribute data that the comparative device safety chip 22 can be used for being acquired physical characteristics collecting device 23, with
The biological attribute data of the pre-stored user with permission is compared, can be by the user if be consistent
Verification.
The comparative device safety chip 22 and the main control MCU can be same processor, i.e., by same processor
The data of acquisition are carried out with the extraction of biological characteristic, and the biological characteristic of extraction is compared, it is of course also possible to be separated
Two processors.
It is a kind of implementation process schematic diagram of authentication method based on the safety equipment described in Fig. 1 as described in Figure 2, is described in detail such as
Under:
In step s 201, the biological identification control module acquisition and certification user biological characteristic information;
It is adopted specifically, the feature verification control module may include main control MCU, comparative device safety chip and biological characteristic
Storage, wherein the physical characteristics collecting device may include one or more, can according to the difference of concrete application scene,
Different verification modes is set.For example for the higher application scenarios of safety requirements, two or more can be needed
Feature is compared, and needs all to pass through comparison.
The acquisition of biological characteristic, such as acquisition fingerprint, iris, palmmprint can be carried out by the physical characteristics collecting device
Feature extraction is carried out Deng, data acquired to physical characteristics collecting device by the main control MCU, and by the characteristic of extraction
It is sent to the comparative device safety chip, by the comparative device safety chip by the characteristic extracted and the characteristic that prestores
According to being compared, judge whether to be consistent with pre-stored characteristic, if the biological attribute data of acquisition and the spy to prestore
Sign data are consistent, then the biological attribute data is legal biological attribute data.
In step S202, if the user biological characteristic information certification passes through, the biological identification control module root
According to preset key external authentication requests are initiated to the transaction security chip;
After determining that the biological attribute data is legal biological attribute data, it is also necessary to further verify the biology
Whether certification control module is legal, in this application, key data is provided in transaction security chip in advance, to the comparison
Device safety chip is further verified, so as to avoid having replaced the comparative device safety chip in biological identification control module
After replacement, the permission of the key data in the transaction security chip is caused to be acquired.
When being verified to the comparative device safety chip, external authentication can be initiated by the transaction security chip
Request, wherein the external authentication requests can be encrypted random data by the comparative device safety chip, described random
Number can be generated by the transaction security chip, and be transmitted to the comparative device safety chip after being obtained by the master control MUC;
Or the random number can also be generated by the comparative device safety chip, and Secure Transaction is transmitted to by main control MCU
Chip, or can also be generated by the main control MCU, it is sent respectively to Secure Transaction chip and comparative device safety chip.
When the random number is generated by the transaction security chip, then the comparative device safety chip is only needed to described
Transaction security chip sends accidental enciphering data, when the random number is generated by the comparative device safety chip, then described in
Comparative device safety chip needs to send random number and the accidental enciphering data to the transaction security chip.The accidental enciphering
Data are encrypted random number or are signed and generate by the comparative device safety chip.
The transaction security chip can be the smart card security chip with ISO7816 interfaces or NFC interface, or
USBKEY safety chips with USB interface..
It is possible to further preset multigroup key in transaction security chip and comparative device safety chip, in step S202
In, the biological identification control module initiates external authentication requests to the transaction security chip according to preset key and includes:Institute
It states biological identification control module and corresponding first preset key information, the biology is searched according to the user biological characteristic information
Certification control module initiates external authentication requests according to the first preset key information to the transaction security chip.It can lead to
It crosses different biological features information and corresponds to different preset keys, different preset keys control different user permission, pass through to realize
Different biological features information controls the function of different user permission.
In step S203, external authentication requests described in the transaction security chip processing.
In step S204, if the external authentication requests certification passes through, the biological identification of the safety equipment passes through.
The transaction security chip is according to pre-stored key, including private key or public key or symmetric key, to described
Accidental enciphering data are decrypted or sign test, obtain decrypted result, and verify decrypted result, than decrypted result as will be described with
Machine number is compared, and judges whether the two is identical, if the two is identical, by recognizing the biological identification control module
Card, the acquired biological characteristic are the biological characteristic set by user, you can complete user to the smart card security core
The certification of piece obtains the mandate of the smart card security chip.
In addition, as a kind of preferred embodiment of the application, the life of user is collected in the physical characteristics collecting device
After object feature, the physical characteristics collecting device can be controlled and enter dormant state, when the comparative device safety chip completes feature
After comparison and after random number encryption or signature, the comparative device safety chip enters dormant state.The spy of setting can be passed through
Fixed button or activation condition, again so that the physical characteristics collecting device or comparative device safety chip enter working condition,
So as to preferably save system power dissipation, system standby continuation of the journey usage time is improved.For example, described in being triggered by button
Physical characteristics collecting device enters working condition, after the physical characteristics collecting device collects data, triggers the comparative device peace
Full chip enters working condition.
The biological attribute data of user, the life by comparative device safety chip to being acquired are acquired by physical characteristics collecting device
Object characteristic is compared with the biological attribute data to prestore, by biological characteristic validation if the two is consistent, by comparing
Random number is encrypted or is signed by device safety chip, and encryption data is sent to transaction security chip, by transaction security core
It is decrypted piece or sign test, judges whether the data after decryption or sign test are legal, if legal, obtains the transaction peace
The certification of full chip, so that the comparative device safety chip in transaction security chip is replaced, due to key also quilt accordingly
It replaces, thus still cannot obtain the certification of transaction security chip, can effectively ensure that the safety of equipment.
Fig. 3 is the implementation process schematic diagram of another safety equipment method provided by the embodiments of the present application, and details are as follows:
In step S301, physical characteristics collecting device acquires the biological attribute data of user, and is sent to by main control MCU
The biological characteristic acquired is compared in comparative device safety chip, the comparative device safety chip, judges the biological characteristic
Data are legal;
In step s 302, when the biological characteristic is legal, the comparative device safety chip by scheduled private key or
Public key, which is signed to random number or encrypted, generates accidental enciphering data, and the accidental enciphering data are sent to the transaction security core
Piece;
The private key or public key are set in advance in the comparative device safety chip, are judged as closing in the biological characteristic of acquisition
When method, then random number is signed or encrypted by the private key or public key.The private key or public key and setting are in the friendship
Public key or private key pair in easy safety chip, and the pairs of private key and the public key have been separately positioned on before manufacture
In the comparative device safety chip and transaction security chip.
In step S303, the transaction security chip carries out sign test according to accidental enciphering data described in preset key pair
Or decryption, the certification for obtaining the transaction security chip is determined whether according to the result of sign test or decryption.
User needs first to obtain the biological characteristic authentication, then to completing to obtain the certification of the safety equipment
The biological comparative device safety chip of biological characteristic authentication is authenticated, i.e. the public key by being set in advance in transaction security chip
Or private key, the biological comparative device safety chip is authenticated.Due to the public key or private key being arranged in transaction security chip
It cannot change, therefore, when disabled user replaces comparative device safety chip, the comparative device safety chip after replacement cannot be handed over
The certification of easy safety chip, it is thus possible to which the effective safety for ensureing comparative device safety chip also just protects transaction accordingly
The safety of safety chip.
Fig. 4 is the implementation process schematic diagram of another safety equipment method provided by the embodiments of the present application, and details are as follows:
In step S401, physical characteristics collecting device acquires the biological attribute data of user, and is sent to comparative device safety
The biological characteristic acquired is compared in chip, the comparative device safety chip, judges that the biological attribute data is legal;
In step S402, when the biological characteristic is legal, the comparative device safety chip passes through scheduled symmetrical close
Key generates accidental enciphering data to random number encryption, and the accidental enciphering data are sent to the transaction security chip;
Different from the biological identification control method of the safety equipment described in Fig. 3, the biology of the safety equipment described in Fig. 4 is recognized
It demonstrate,proves in control method, identical symmetric key is previously provided in the comparative device safety chip and the transaction security chip,
The symmetric key can be the symmetric key based on AES, DES, 3DES, IDEA, FEAL, BLOWFISH scheduling algorithm.
In step S403, the transaction security chip carries out the accidental enciphering data according to preset symmetric key
Decryption obtains decrypted result, and the certification for obtaining the transaction security chip is determined whether according to the decrypted result.
The transaction security chip is according to pre-set symmetric key to adding at random described in the comparative device safety chip
Ciphertext data is decrypted, can be to adding at random since the symmetric key is identical as the symmetric key in comparative device safety chip
The result that ciphertext data is decrypted is identical as the random number, therefore, according to the comparison result, it can be determined that the comparative device peace
Whether full chip is legal, is conducive to the judgement by comparative device safety chip, ensures the safety of the transaction security chip.
It should be understood that the size of the serial number of each step is not meant that the order of the execution order in above-described embodiment, each process
Execution sequence should be determined by its function and internal logic, the implementation process without coping with the embodiment of the present invention constitutes any limit
It is fixed.
Fig. 5 is a kind of structural schematic diagram of the biological identification control device of safety equipment provided by the embodiments of the present application, institute
The biological identification control device for stating safety equipment includes:
Biological identification unit 501, for acquiring and the biological information of certification user;
Control unit 502, for when the biological information certification of user by when, by the biological identification control module
External authentication requests are initiated to the transaction security chip;
External authentication unit 503, for handling the external authentication requests.
Preferably, the biological identification control device of the safety equipment further includes:
Preset key searching unit, for being looked into according to the user biological characteristic information by the biological identification control module
Look for corresponding first preset key information, so as to the biological identification control module according to the first preset key information to institute
It states transaction security chip and initiates external authentication requests.
The biological identification control device of safety equipment described in Fig. 5 is controlled with the biological identification of the safety equipment described in Fig. 1-4
Method corresponds to.
Fig. 6 is the schematic diagram for the safety equipment that one embodiment of the invention provides.As shown in fig. 6, the safety of the embodiment is set
Standby 6 include:Processor 60, memory 61 and it is stored in the meter that can be run in the memory 61 and on the processor 60
Calculation machine program 62, for example, safety equipment authentication procedure.The processor 60 is realized above-mentioned when executing the computer program 62
Step in the biological identification control method embodiment of each safety equipment, such as step 101 shown in FIG. 1 is to 103.Alternatively,
The processor 60 realizes the function of each module/unit in above-mentioned each device embodiment, example when executing the computer program 62
The function of module 501 to 503 as shown in Figure 5.
Illustratively, the computer program 62 can be divided into one or more module/units, it is one or
Multiple module/units are stored in the memory 61, and are executed by the processor 60, to complete the present invention.Described one
A or multiple module/units can be the series of computation machine program instruction section that can complete specific function, which is used for
Implementation procedure of the computer program 62 in the safety equipment 6 is described.For example, the computer program 62 can be divided
It is cut into comparing unit, encryption unit and authentication unit, each unit concrete function is as follows:
Comparing unit, the biological attribute data for acquiring user by physical characteristics collecting device, and it is sent to comparative device peace
The biological characteristic acquired is compared in full chip, the comparative device safety chip, judges that the biological attribute data is legal;
Encryption unit, for when the biological characteristic is legal, passing through scheduled key by the comparative device safety chip
Accidental enciphering data are generated to random number encryption, the accidental enciphering data are sent to the transaction security chip;
Authentication unit, for being solved according to accidental enciphering data described in preset key pair by the transaction security chip
It is close to obtain decrypted result, the certification for obtaining the transaction security chip is determined whether according to the decrypted result.
The safety equipment may include, but be not limited only to, processor 60, memory 61.Those skilled in the art can manage
Solution, Fig. 6 is only the example of safety equipment 6, does not constitute the restriction to safety equipment 6, may include more or more than illustrating
Few component either combines certain components or different components, such as the safety equipment can also be set including input and output
Standby, network access equipment, bus etc..
Alleged processor 60 can be central processing unit (Central Processing Unit, CPU), can also be
Other general processors, digital signal processor (Digital Signal Processor, DSP), application-specific integrated circuit
(Application Specific Integrated Circuit, ASIC), ready-made programmable gate array (Field-
Programmable Gate Array, FPGA) either other programmable logic device, discrete gate or transistor logic,
Discrete hardware components etc..General processor can be microprocessor or the processor can also be any conventional processor
Deng.
The memory 61 can be the internal storage unit of the safety equipment 6, such as the hard disk of safety equipment 6 or interior
It deposits.The memory 61 can also be to be equipped on the External memory equipment of the safety equipment 6, such as the safety equipment 6
Plug-in type hard disk, intelligent memory card (Smart Media Card, SMC), secure digital (Secure Digital, SD) card dodge
Deposit card (Flash Card) etc..Further, the memory 61 can also both include the storage inside list of the safety equipment 6
Member also includes External memory equipment.The memory 61 is for storing needed for the computer program and the safety equipment
Other programs and data.The memory 61 can be also used for temporarily storing the data that has exported or will export.
It is apparent to those skilled in the art that for convenience of description and succinctly, only with above-mentioned each work(
Can unit, module division progress for example, in practical application, can be as needed and by above-mentioned function distribution by different
Functional unit, module are completed, i.e., the internal structure of described device are divided into different functional units or module, more than completion
The all or part of function of description.Each functional unit, module in embodiment can be integrated in a processing unit, also may be used
It, can also be above-mentioned integrated during two or more units are integrated in one unit to be that each unit physically exists alone
The form that hardware had both may be used in unit is realized, can also be realized in the form of SFU software functional unit.In addition, each function list
Member, the specific name of module are also only to facilitate mutually distinguish, the protection domain being not intended to limit this application.Above system
The specific work process of middle unit, module, can refer to corresponding processes in the foregoing method embodiment, and details are not described herein.
In the above-described embodiments, it all emphasizes particularly on different fields to the description of each embodiment, is not described in detail or remembers in some embodiment
The part of load may refer to the associated description of other embodiments.
Those of ordinary skill in the art may realize that lists described in conjunction with the examples disclosed in the embodiments of the present disclosure
Member and algorithm steps can be realized with the combination of electronic hardware or computer software and electronic hardware.These functions are actually
It is implemented in hardware or software, depends on the specific application and design constraint of technical solution.Professional technician
Each specific application can be used different methods to achieve the described function, but this realization is it is not considered that exceed
The scope of the present invention.
In embodiment provided by the present invention, it should be understood that disclosed device/terminal device and method, it can be with
It realizes by another way.For example, device described above/terminal device embodiment is only schematical, for example, institute
The division of module or unit is stated, only a kind of division of logic function, formula that in actual implementation, there may be another division manner, such as
Multiple units or component can be combined or can be integrated into another system, or some features can be ignored or not executed.Separately
A bit, shown or discussed mutual coupling or direct-coupling or communication connection can be by some interfaces, device
Or INDIRECT COUPLING or the communication connection of unit, can be electrical, machinery or other forms.
The unit illustrated as separating component may or may not be physically separated, aobvious as unit
The component shown may or may not be physical unit, you can be located at a place, or may be distributed over multiple
In network element.Some or all of unit therein can be selected according to the actual needs to realize the mesh of this embodiment scheme
's.
In addition, each functional unit in each embodiment of the present invention can be integrated in a processing unit, it can also
It is that each unit physically exists alone, it can also be during two or more units be integrated in one unit.Above-mentioned integrated list
The form that hardware had both may be used in member is realized, can also be realized in the form of SFU software functional unit.
If the integrated module/unit be realized in the form of SFU software functional unit and as independent product sale or
In use, can be stored in a computer read/write memory medium.Based on this understanding, the present invention realizes above-mentioned implementation
All or part of flow in example method, can also instruct relevant hardware to complete, the meter by computer program
Calculation machine program can be stored in a computer readable storage medium, the computer program when being executed by processor, it can be achieved that on
The step of stating each embodiment of the method..Wherein, the computer program includes computer program code, the computer program
Code can be source code form, object identification code form, executable file or certain intermediate forms etc..Computer-readable Jie
Matter may include:Can carry the computer program code any entity or device, recording medium, USB flash disk, mobile hard disk,
Magnetic disc, CD, computer storage, read-only memory (ROM, Read-Only Memory), random access memory (RAM,
Random Access Memory), electric carrier signal, telecommunication signal and software distribution medium etc..It should be noted that described
The content that computer-readable medium includes can carry out increasing appropriate according to legislation in jurisdiction and the requirement of patent practice
Subtract, such as in certain jurisdictions, according to legislation and patent practice, computer-readable medium do not include be electric carrier signal and
Telecommunication signal.
Embodiment described above is merely illustrative of the technical solution of the present invention, rather than its limitations;Although with reference to aforementioned reality
Applying example, invention is explained in detail, it will be understood by those of ordinary skill in the art that:It still can be to aforementioned each
Technical solution recorded in embodiment is modified or equivalent replacement of some of the technical features;And these are changed
Or replace, the spirit and scope for various embodiments of the present invention technical solution that it does not separate the essence of the corresponding technical solution should all
It is included within protection scope of the present invention.
Claims (10)
1. a kind of biological identification control method of safety equipment, which is characterized in that the safety equipment includes transaction security chip
Biological identification control method with biological identification control module, the safety equipment includes:
The biological identification control module acquisition and certification user biological characteristic information;
If the user biological characteristic information certification passes through, the biological identification control module is according to preset key to the friendship
Easy safety chip initiates external authentication requests;
External authentication requests described in the transaction security chip processing;
If the external authentication requests certification passes through, the biological identification of the safety equipment passes through.
2. the biological identification control method of safety equipment according to claim 1, which is characterized in that
The biological identification control module includes main control MCU, comparative device safety chip, physical characteristics collecting device;
The step of biological identification control module acquisition and certification user biological characteristic information includes:
The physical characteristics collecting device acquires user biological characteristic information and is sent to the main control MCU;
The main control MCU extracts the characteristic value of the user biological characteristic information and is sent to the comparative device safety chip;
The characteristic value is compared the comparative device safety chip with the user characteristics value to prestore, passes through if comparing, institute
User biological characteristic information certification is stated to pass through.
3. the biological identification control method of safety equipment according to claim 2, which is characterized in that
If the user biological characteristic information certification passes through, the biological identification control module is according to preset key to institute
Stating the step of transaction security chip initiates external authentication requests includes:
If the user biological characteristic information certification passes through,
The main control MCU obtains the transaction security chip random number and is sent to the comparative device safety chip;
The comparative device safety chip carries out operation generation external authentication information to the random number according to preset key and sends
To the main control MCU;
The main control MCU initiates external authentication requests according to the external authentication information to the transaction security chip.
4. the biological identification control method of safety equipment according to claim 3, which is characterized in that
The physical characteristics collecting device acquires user biological characteristic information and further includes after being sent to the main control MCU:The life
Object characteristic collector enters low-power consumption mode;
The comparative device safety chip carries out operation generation external authentication information to the random number according to preset key and sends
Further include after to the main control MCU:The comparative device safety chip enters low-power consumption mode.
5. the biological identification control method of safety equipment according to claim 1, which is characterized in that the biological characteristic packet
Include the one or more in fingerprint characteristic, iris feature, face characteristic or sound characteristic.
6. the biological identification control method of safety equipment according to claim 1, which is characterized in that
If the user biological characteristic information certification passes through, the biological identification control module is according to preset key to institute
Stating the step of transaction security chip initiates external authentication requests includes:
If the user biological characteristic information certification passes through, the biological identification control module is according to the user biological feature
The corresponding first preset key information of information searching, the biological identification control module according to the first preset key information to
The transaction security chip initiates external authentication requests.
7. a kind of biological identification control device of safety equipment, which is characterized in that the safety equipment includes transaction security chip
Biological identification control device with biological identification control module, the safety equipment includes:
Biological identification unit, for acquiring and the biological information of certification user;
Control unit, for when the biological information certification of user by when, from the biological identification control module to described
Transaction security chip initiates external authentication requests;
External authentication unit, for handling the external authentication requests.
8. the biological identification control device of safety equipment according to claim 7, which is characterized in that the safety equipment
Biological identification control device further includes:
Preset key searching unit is used for by the biological identification control module according to user biological characteristic information lookup pair
The the first preset key information answered, so as to the biological identification control module according to the first preset key information to the friendship
Easy safety chip initiates external authentication requests.
9. a kind of safety equipment, including memory, processor and it is stored in the memory and can be on the processor
The computer program of operation, which is characterized in that the processor realizes such as claim 1 to 6 when executing the computer program
The step of biological identification control method of any one safety equipment.
10. a kind of computer readable storage medium, the computer-readable recording medium storage has computer program, feature to exist
In the biological identification of realization safety equipment as described in any one of claim 1 to 6 when the computer program is executed by processor
The step of control method.
Priority Applications (1)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
CN201810229137.2A CN108540457B (en) | 2018-03-20 | 2018-03-20 | Safety equipment and biological authentication control method and device thereof |
Applications Claiming Priority (1)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
CN201810229137.2A CN108540457B (en) | 2018-03-20 | 2018-03-20 | Safety equipment and biological authentication control method and device thereof |
Publications (2)
Publication Number | Publication Date |
---|---|
CN108540457A true CN108540457A (en) | 2018-09-14 |
CN108540457B CN108540457B (en) | 2021-09-17 |
Family
ID=63484929
Family Applications (1)
Application Number | Title | Priority Date | Filing Date |
---|---|---|---|
CN201810229137.2A Active CN108540457B (en) | 2018-03-20 | 2018-03-20 | Safety equipment and biological authentication control method and device thereof |
Country Status (1)
Country | Link |
---|---|
CN (1) | CN108540457B (en) |
Cited By (6)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
WO2019120323A3 (en) * | 2019-03-29 | 2020-01-23 | Alibaba Group Holding Limited | Securely performing cryptographic operations |
CN111226450A (en) * | 2019-11-26 | 2020-06-02 | 深圳市汇顶科技股份有限公司 | External security authentication device, man-machine interaction device, communication system and authentication method |
WO2020144510A1 (en) * | 2019-01-10 | 2020-07-16 | International Business Machines Corporation | Method and system for privacy preserving biometric authentication |
US11023620B2 (en) | 2019-03-29 | 2021-06-01 | Advanced New Technologies Co., Ltd. | Cryptography chip with identity verification |
US11063749B2 (en) | 2019-03-29 | 2021-07-13 | Advanced New Technologies Co., Ltd. | Cryptographic key management based on identity information |
US11251941B2 (en) | 2019-03-29 | 2022-02-15 | Advanced New Technologies Co., Ltd. | Managing cryptographic keys based on identity information |
Citations (7)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
US20090289760A1 (en) * | 2008-04-30 | 2009-11-26 | Takao Murakami | Biometric authentication system, authentication client terminal, and biometric authentication method |
CN101986597A (en) * | 2010-10-20 | 2011-03-16 | 杭州晟元芯片技术有限公司 | Identity authentication system with biological characteristic recognition function and authentication method thereof |
CN102316449A (en) * | 2010-07-07 | 2012-01-11 | 国民技术股份有限公司 | Security terminal system and authentication and interruption method thereof |
CN104506315A (en) * | 2014-08-28 | 2015-04-08 | 金硕澳门离岸商业服务有限公司 | Method, equipment and system for biometric authentication |
CN105450419A (en) * | 2015-05-05 | 2016-03-30 | 北京天诚盛业科技有限公司 | Method, device and system |
CN106157031A (en) * | 2015-04-08 | 2016-11-23 | 董建飞 | The method and device of intelligent card payment transaction configuration item is set after biological identification success |
CN106899551A (en) * | 2015-12-21 | 2017-06-27 | 中国电信股份有限公司 | Authentication method, certification terminal and system |
-
2018
- 2018-03-20 CN CN201810229137.2A patent/CN108540457B/en active Active
Patent Citations (7)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
US20090289760A1 (en) * | 2008-04-30 | 2009-11-26 | Takao Murakami | Biometric authentication system, authentication client terminal, and biometric authentication method |
CN102316449A (en) * | 2010-07-07 | 2012-01-11 | 国民技术股份有限公司 | Security terminal system and authentication and interruption method thereof |
CN101986597A (en) * | 2010-10-20 | 2011-03-16 | 杭州晟元芯片技术有限公司 | Identity authentication system with biological characteristic recognition function and authentication method thereof |
CN104506315A (en) * | 2014-08-28 | 2015-04-08 | 金硕澳门离岸商业服务有限公司 | Method, equipment and system for biometric authentication |
CN106157031A (en) * | 2015-04-08 | 2016-11-23 | 董建飞 | The method and device of intelligent card payment transaction configuration item is set after biological identification success |
CN105450419A (en) * | 2015-05-05 | 2016-03-30 | 北京天诚盛业科技有限公司 | Method, device and system |
CN106899551A (en) * | 2015-12-21 | 2017-06-27 | 中国电信股份有限公司 | Authentication method, certification terminal and system |
Cited By (12)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
WO2020144510A1 (en) * | 2019-01-10 | 2020-07-16 | International Business Machines Corporation | Method and system for privacy preserving biometric authentication |
GB2595381A (en) * | 2019-01-10 | 2021-11-24 | Ibm | Method and system for privacy preserving biometric authentication |
US11201745B2 (en) | 2019-01-10 | 2021-12-14 | International Business Machines Corporation | Method and system for privacy preserving biometric authentication |
GB2595381B (en) * | 2019-01-10 | 2023-05-03 | Ibm | Method and system for privacy preserving biometric authentication |
WO2019120323A3 (en) * | 2019-03-29 | 2020-01-23 | Alibaba Group Holding Limited | Securely performing cryptographic operations |
US11023620B2 (en) | 2019-03-29 | 2021-06-01 | Advanced New Technologies Co., Ltd. | Cryptography chip with identity verification |
US11063749B2 (en) | 2019-03-29 | 2021-07-13 | Advanced New Technologies Co., Ltd. | Cryptographic key management based on identity information |
US11088831B2 (en) | 2019-03-29 | 2021-08-10 | Advanced New Technologies Co., Ltd. | Cryptographic key management based on identity information |
US11251950B2 (en) | 2019-03-29 | 2022-02-15 | Advanced New Technologies Co., Ltd. | Securely performing cryptographic operations |
US11251941B2 (en) | 2019-03-29 | 2022-02-15 | Advanced New Technologies Co., Ltd. | Managing cryptographic keys based on identity information |
US11258591B2 (en) | 2019-03-29 | 2022-02-22 | Advanced New Technologies Co., Ltd. | Cryptographic key management based on identity information |
CN111226450A (en) * | 2019-11-26 | 2020-06-02 | 深圳市汇顶科技股份有限公司 | External security authentication device, man-machine interaction device, communication system and authentication method |
Also Published As
Publication number | Publication date |
---|---|
CN108540457B (en) | 2021-09-17 |
Similar Documents
Publication | Publication Date | Title |
---|---|---|
CN108540457A (en) | A kind of safety equipment and its biological identification control method and device | |
US20200394651A1 (en) | Dynamic off-chain digital currency transaction processing | |
JP6239788B2 (en) | Fingerprint authentication method, apparatus, intelligent terminal, and computer storage medium | |
CN105429761B (en) | A kind of key generation method and device | |
CN111898148A (en) | Information supervision method and device based on block chain | |
CN108476404A (en) | Safety equipment matches | |
CN210691384U (en) | Face recognition payment terminal platform based on security unit and trusted execution environment | |
CN103955733B (en) | Electronic identity card chip card, card reader and electronic identity card verification system and method | |
CN103198247B (en) | A kind of computer safety protective method and system | |
CN104346550B (en) | A kind of information processing method and a kind of electronic equipment | |
CN102096967A (en) | Off-line payment method and consumption terminal for electronic purse | |
CN109034796A (en) | Transaction monitoring and managing method, electronic device and readable storage medium storing program for executing based on alliance's chain | |
CN108090366A (en) | Data guard method and device, computer installation and readable storage medium storing program for executing | |
CN104281272B (en) | Password Input processing method and processing device | |
CN104820814A (en) | Second-generation ID card anti-counterfeiting verification system | |
CN112769548A (en) | Block chain numerical information transmission method, system, device and computer medium | |
CN105743853A (en) | Fingerprint USB KEY and fingerprint center server for identity authentication, and system and method | |
CN108183889A (en) | Identity identifying method and identification authentication system | |
CN105956858B (en) | Payment method and electronic equipment | |
CN205015906U (en) | Anti -fake verification system of electron certificate | |
CN108780491A (en) | Safety device and its operating method | |
CN110266653A (en) | A kind of method for authenticating, system and terminal device | |
CN106778160A (en) | Data item display methods and device | |
CN105939195A (en) | Transaction method and system | |
CN105741444B (en) | Application authentication method and device based on linux system financial self-service equipment |
Legal Events
Date | Code | Title | Description |
---|---|---|---|
PB01 | Publication | ||
PB01 | Publication | ||
SE01 | Entry into force of request for substantive examination | ||
SE01 | Entry into force of request for substantive examination | ||
GR01 | Patent grant | ||
GR01 | Patent grant |