CN108564361A - A kind of information processing method, device and equipment - Google Patents

A kind of information processing method, device and equipment Download PDF

Info

Publication number
CN108564361A
CN108564361A CN201810394687.XA CN201810394687A CN108564361A CN 108564361 A CN108564361 A CN 108564361A CN 201810394687 A CN201810394687 A CN 201810394687A CN 108564361 A CN108564361 A CN 108564361A
Authority
CN
China
Prior art keywords
identifying code
sim card
confirmed
mobile terminal
safety operation
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Granted
Application number
CN201810394687.XA
Other languages
Chinese (zh)
Other versions
CN108564361B (en
Inventor
周飞
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
Beijing Huada Zhibao Electronic System Co Ltd
Original Assignee
Beijing Huada Zhibao Electronic System Co Ltd
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Beijing Huada Zhibao Electronic System Co Ltd filed Critical Beijing Huada Zhibao Electronic System Co Ltd
Priority to CN201810394687.XA priority Critical patent/CN108564361B/en
Publication of CN108564361A publication Critical patent/CN108564361A/en
Application granted granted Critical
Publication of CN108564361B publication Critical patent/CN108564361B/en
Active legal-status Critical Current
Anticipated expiration legal-status Critical

Links

Classifications

    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06QINFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES, NOT OTHERWISE PROVIDED FOR
    • G06Q20/00Payment architectures, schemes or protocols
    • G06Q20/30Payment architectures, schemes or protocols characterised by the use of specific devices or networks
    • G06Q20/32Payment architectures, schemes or protocols characterised by the use of specific devices or networks using wireless devices
    • G06Q20/322Aspects of commerce using mobile devices [M-devices]
    • G06Q20/3229Use of the SIM of a M-device as secure element
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06QINFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES, NOT OTHERWISE PROVIDED FOR
    • G06Q20/00Payment architectures, schemes or protocols
    • G06Q20/38Payment protocols; Details thereof
    • G06Q20/40Authorisation, e.g. identification of payer or payee, verification of customer or shop credentials; Review and approval of payers, e.g. check credit lines or negative lists
    • G06Q20/401Transaction verification
    • G06Q20/4014Identity check for transactions
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/08Network architectures or network communication protocols for network security for authentication of entities
    • H04L63/083Network architectures or network communication protocols for network security for authentication of entities using passwords
    • H04L63/0838Network architectures or network communication protocols for network security for authentication of entities using passwords using one-time-passwords
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04WWIRELESS COMMUNICATION NETWORKS
    • H04W12/00Security arrangements; Authentication; Protecting privacy or anonymity
    • H04W12/06Authentication

Landscapes

  • Engineering & Computer Science (AREA)
  • Business, Economics & Management (AREA)
  • Computer Networks & Wireless Communication (AREA)
  • Computer Security & Cryptography (AREA)
  • Accounting & Taxation (AREA)
  • Strategic Management (AREA)
  • Physics & Mathematics (AREA)
  • General Business, Economics & Management (AREA)
  • General Physics & Mathematics (AREA)
  • Theoretical Computer Science (AREA)
  • Signal Processing (AREA)
  • Finance (AREA)
  • General Engineering & Computer Science (AREA)
  • Computing Systems (AREA)
  • Computer Hardware Design (AREA)
  • Telephone Function (AREA)
  • Telephonic Communication Services (AREA)

Abstract

The present invention discloses a kind of information processing method, device and equipment, the method includes:Dress SIM card on mobile terminals shows STK windows by STK proactive commands on the interface of mobile terminal, is shown on the STK windows with the relevant safety operation data of any safety operation and the input control for inputting identifying code;After SIM card receives operation information of the mobile terminal from the identifying code to be confirmed got in input control and for safety operation data-triggered, determine whether to verify identifying code to be confirmed according to operation information;SIM card verifies identifying code to be confirmed using the identifying code being generated in advance after identifying code to be confirmed is verified in determination, and handles safety operation according to verification result.So, the application prevents other people from threatening to user information safety by way of forging confirmation message by way of increasing user during handling safety operation and inputting random identifying code, the safety that ensure that user information to a certain extent also improves the safety of safety operation.

Description

A kind of information processing method, device and equipment
Technical field
This application involves data processing fields, and in particular to a kind of information processing method, device and equipment.
Background technology
Existing mobile phone SIM (Subscriber Identity Module, client identification module) card can be supported various The loading of security application can provide the security functions such as digital signature, encryption and decryption by security application.Since SIM card is not present Show equipment and physical button, so, STK is generally used when providing above-mentioned security function, and (SIM Card Tool Kit are used Family identification application development tool) proactive command realize that the display of information and " confirmation " and " cancellation " of physical button are pressed Key.
But due to realizing that the display of information and physical button function are to rely on mobile phone using the proactive command of STK System built-in application is come what is realized, once cell phone system is promoted permission (commonly referred to as root) by force, then Malware is organic The cell phone system built-in application that can disguise oneself as handle information display and physical button function so that should pop up STK windows by with The step of family progress validation of information, is distorted by Malware, threatens to the information security of user.
Invention content
In view of this, a kind of information processing method of the embodiment of the present application offer, device and equipment, to solve in the prior art There is security risk in the information of user.
To solve the above problems, technical solution provided by the embodiments of the present application is as follows:
In a first aspect, this application provides a kind of information processing method, it is applied to the SIM card of installation on mobile terminals, This method includes:
The SIM card shows STK windows, the STK windows by STK proactive commands on the interface of the mobile terminal It is shown on mouth with the relevant safety operation data of any safety operation and the input control for inputting identifying code;
The SIM card receives the identifying code and needle to be confirmed that the mobile terminal is got from the input control After the operation information of the safety operation data-triggered, determined whether to the identifying code to be confirmed according to the operation information It is verified;
The SIM card is after the identifying code to be confirmed is verified in determination, using the identifying code being generated in advance to institute It states identifying code to be confirmed to be verified, and the safety operation is handled according to verification result.
In an optional implementation manner, the SIM card by STK proactive commands at the interface of the mobile terminal Before upper display STK windows, further include:
The SIM card and the mobile terminal establish secure connection, wherein the secure connection for the SIM card with Secure communication between the mobile terminal.
In an optional implementation manner, described that the identifying code to be confirmed is carried out using the identifying code being generated in advance Before verification, further include:
Based on the secure connection, the SIM card generates identifying code with the mobile terminal by preset algorithm, described to test Card code is for verifying the identifying code to be confirmed.
In an optional implementation manner, described to be determined whether to the identifying code to be confirmed according to the operation information It is verified, including:
If the operation information is to determine information, the identifying code to be determined is verified in the SIM card determination;
Correspondingly, described verify the identifying code to be confirmed using the identifying code being generated in advance, and according to verification Safety operation described in result treatment, including:
The SIM card matches the identifying code being generated in advance with the identifying code to be confirmed, if successful match, Execute the safety operation;Otherwise, the safety operation is terminated.
In an optional implementation manner, described to be determined whether to the identifying code to be confirmed according to the operation information It is verified, including:
If the operation information is to cancel information, the SIM card is determined to the identifying code to be confirmed without testing Card;
Correspondingly, the method further includes:
If the SIM card is determined to the identifying code to be confirmed without verification, the safety operation is terminated.
Second aspect, this application provides a kind of information processing methods should applied to the mobile terminal for being equipped with SIM card Method includes:
The identifying code being generated in advance is shown on interface by the mobile terminal, and comes from the SIM card receiving STK proactive commands after, STK windows are shown on interface;Wherein, it is shown and any safety operation on the STK windows Relevant safety operation data and the input control for inputting identifying code;
To be confirmed identifying code of the mobile terminal in receiving the input control and it is directed to the safety operation After the operation information of data-triggered, the identifying code to be confirmed and the operation information are forwarded to the SIM card, so as to described SIM card determines whether to verify the identifying code to be confirmed according to the operation information, and is handled according to verification result The safety operation.
In an optional implementation manner, the identifying code being generated in advance is shown on interface by the mobile terminal, with And after receiving the STK proactive commands from the SIM card, before STK windows are shown on interface, further include:
The mobile terminal and the SIM card establish secure connection, wherein the secure connection for the SIM card with Secure communication between the mobile terminal.
In an optional implementation manner, the identifying code being generated in advance is shown on interface it by the mobile terminal Before, further include:
Based on the secure connection, the mobile terminal generates identifying code with the SIM card by preset algorithm, described to test Card code is for verifying the identifying code to be confirmed.
In an optional implementation manner, the identifying code being generated in advance is shown on interface it by the mobile terminal Before, further include:
After the mobile terminal handles the identifying code being generated in advance, identifying code after being handled;
Correspondingly, the identifying code being generated in advance is shown on interface by the mobile terminal, specially:
Identifying code after the processing is shown on interface by the mobile terminal.
The third aspect, this application provides a kind of information processing unit, described device is applied to installation on mobile terminals SIM card, described device includes:
Command sending unit, for sending STK proactive commands to the mobile terminal, so as in the mobile terminal STK windows are shown on interface, are shown on the STK windows and the relevant safety operation data of any safety operation and are used for Input the input control of identifying code;
Determination unit, the identifying code to be confirmed got from the input control for receiving the mobile terminal with And for the operation information of the safety operation data-triggered after, determine whether to be confirmed to test to described according to the operation information Card code is verified;
Verification and processing unit, for after the identifying code to be confirmed is verified in determination, utilizing what is be generated in advance Identifying code verifies the identifying code to be confirmed, and handles the safety operation according to verification result.
In an optional implementation manner, described device further includes:
Secure connection establishes unit, for establishing secure connection with the mobile terminal, wherein the secure connection is used for Secure communication between the SIM card and the mobile terminal.
In an optional implementation manner, described device further includes:
Generation unit generates identifying code, institute with the mobile terminal for being based on the secure connection by preset algorithm Identifying code is stated for being verified to the identifying code to be confirmed.
In an optional implementation manner, the determination unit includes:
First determination subelement, if being to determine information for the operation information, it is determined that the verification to be determined Code is verified;
Correspondingly, the verification and processing unit include:
Coupling subelement, for matching the identifying code being generated in advance with the identifying code to be confirmed, if matching Success, then execute the safety operation;Otherwise, the safety operation is terminated.
In an optional implementation manner, the determination unit includes:
Second determination subelement, if being to cancel information for the operation information, it is determined that the verification to be confirmed Code is without verification;
Correspondingly, described device further includes:
Unit is terminated, is used to if it is determined that the identifying code to be confirmed without verification, then terminate the safety operation.
Fourth aspect, this application provides a kind of information processing unit, described device is applied to be equipped with the movement of SIM card Terminal, described device include:
Display unit for the identifying code being generated in advance to be shown in interface, and comes from the SIM card receiving STK proactive commands after, STK windows are shown on interface;Wherein, it is shown and any safety operation on the STK windows Relevant safety operation data and the input control for inputting identifying code;
Retransmission unit, in receiving the input control identifying code to be confirmed and be directed to the safety operation After the operation information of data-triggered, the identifying code to be confirmed and the operation information are forwarded to the SIM card, so as to described SIM card determines whether to verify the identifying code to be confirmed according to the operation information, and is handled according to verification result The safety operation.
In an optional implementation manner, described device further includes:
Secure connection establishes unit, for establishing secure connection with the SIM card, wherein the secure connection is used for institute State the secure communication between SIM card and the mobile terminal.
In an optional implementation manner, described device further includes:
Generation unit generates identifying code with the SIM card for being based on the secure connection by preset algorithm, described Identifying code is for verifying the identifying code to be confirmed.
In an optional implementation manner, described device further includes:
Processing unit, after handling the identifying code being generated in advance, identifying code after being handled;
Correspondingly, the display unit includes:
First display subelement, for identifying code after the processing to be shown in interface.
5th aspect, this application provides a kind of information processing equipment, the equipment includes memory and processor,
Said program code is transferred to the processor by the memory for storing program code;
The processor is used to, according to the instruction in said program code, execute above-mentioned first aspect and second aspect provides Any one of them information processing method.
In this application, SIM card on mobile terminals is installed by STK proactive commands on the interface of mobile terminal Show STK windows, wherein shown on STK windows with the relevant safety operation data of any safety operation and for inputting The input control of identifying code;Then, SIM card receive the identifying code to be confirmed that mobile terminal is got from input control with And for the operation information of safety operation data-triggered after, determined the need for the identifying code to be confirmed according to the operation information It is verified;After determination needs to verify identifying code to be confirmed, SIM card is using the identifying code being generated in advance to be confirmed Identifying code is verified, and handles safety operation according to verification result.Therefore, the application passes through the process in processing safety operation Middle increase user inputs the method for random identifying code to prevent other people from pacifying to user information by way of forging confirmation message It threatens entirely, ensure that the safety of user information to a certain extent, also improve the safety of safety operation.
Description of the drawings
In order to more clearly explain the technical solutions in the embodiments of the present application, make required in being described below to embodiment Attached drawing is briefly described, it should be apparent that, the accompanying drawings in the following description is only some embodiments of the present application, for For those of ordinary skill in the art, without having to pay creative labor, it can also be obtained according to these attached drawings His attached drawing.
Fig. 1 is the block schematic illustration of exemplary application scene provided by the embodiments of the present application;
Fig. 2 is a kind of flow chart of information processing method embodiment provided by the embodiments of the present application;
Fig. 3 is the method that App provided by the embodiments of the present application negotiates identifying code by secure connection channel and Applet Interaction diagrams;
Fig. 4 is a kind of schematic diagram of identifying code display mode provided by the embodiments of the present application;
Fig. 5 is the interaction diagrams of information processing method embodiment provided by the embodiments of the present application;
Fig. 6 is a kind of one of structural schematic diagram of information processing unit provided by the embodiments of the present application;
Fig. 7 is a kind of second structural representation of information processing unit provided by the embodiments of the present application;
Fig. 8 provides a kind of structural schematic diagram of information processing equipment for the embodiment of the present application.
Specific implementation mode
Below in conjunction with the attached drawing in the embodiment of the present application, technical solutions in the embodiments of the present application carries out clear, complete Site preparation describes, it is clear that described embodiments are only a part of embodiments of the present application, instead of all the embodiments.It is based on Embodiment in the application, it is obtained by those of ordinary skill in the art without making creative efforts every other Embodiment shall fall in the protection scope of this application.
For the ease of understanding technical solution provided by the present application, first the application scenarios of the application in practice are carried out below It introduces.
It is the Sample Scenario figure of the application in practical applications, as shown in Figure 1, at information provided by the present application referring to Fig. 1 Reason method can be achieved in the mobile terminal 102 for being mounted with SIM card 101;Wherein, SIM card 101 is also referred to as user identity and knows Not Ka, smart card, the chip card of microprocessor is really housed, the storage inside information of digital mobile phone client adds The contents such as the close telephone directory of key and user, for global system for mobile communications (Global System for Mobile Communication, GSM) network client identity differentiated, and voice messaging when conversing client is encrypted.Such as hand SIM chip etc. built in the mobile phone card installed in machine, bank card;Mobile terminal 102 refers to the calculating that can be used on the move Machine equipment can install SIM card and client etc., and become an integrated information processing from simple call tool and put down Platform, such as smart mobile phone and tablet computer with a variety of application functions.
As shown in Figure 1, in practical applications, when user triggers any safety operation on mobile terminal 102, such as It is transferred accounts or is paid the fees by mobile terminal, the type of the safety operation is sent to SIM card, the application profit by mobile terminal STK proactive commands are sent to mobile terminal 102 with the SIM card 101 on mobile terminal 102, mobile terminal will be advance The identifying code of generation is shown on interface, and after receiving STK proactive commands, display includes safety operation number on its interface According to this and the STK windows 103 of input control.Then, mobile terminal 102 will obtain input by user to be confirmed from input control Identifying code and operation information for safety operation data-triggered, and it is sent to SIM card 101, in order to 101 basis of SIM card The operation information determines whether to verify the identifying code to be confirmed, and then handles the safety operation according to verification result.
As it can be seen that this method provided by the present application increases user during handling safety operation inputs random verification Code is tested, it is therefore prevented that other people forge the confirmation message of user, improve the safety of transaction.
Based on use above scene, the embodiment of the present application provides a kind of information processing method, below with reference to attached drawing pair This method is described in detail.
Referring to Fig. 2, it illustrates a kind of flow chart of information processing method provided by the embodiments of the present application, this method can be with Applied to the SIM card of installation on mobile terminals, as shown in Fig. 2, this method includes:
Step 201:The identifying code being generated in advance is shown on interface by mobile terminal.
Step 202:SIM card sends STK proactive commands to mobile terminal, and mobile terminal is to receive the STK active After order, STK windows are shown on its interface, wherein shown on STK windows and the relevant safety operation of any safety operation Data and input control for inputting identifying code.
In practical applications, when user needs to be traded signature using the application program installed on mobile terminal, it is The safety for ensuring customer transaction, generally requires the interaction by SIM card and mobile terminal, to verify the true of user identity Property, realize Secure Transaction.SIM card in this application refers to supporting the SIM card of a variety of communication ports, such as bluetooth SIM card Deng.In SIM card and the interactive process of mobile terminal, the safety operation that SIM card triggers on mobile terminals in response to user, example Such as, user carries out money transfer transactions using the Mobile banking's application program (Application, abbreviation App) installed on mobile terminal When, user needs to trigger this safety operation of money transfer transactions button on terminal interface to realize money transfer transactions, once SIM card obtains After knowing that safety operation is triggered, send STK proactive commands to mobile terminal first, wherein STK orders be a kind of SIM card and The interactive instruction of mobile terminal, and SIM card sends STK proactive commands to mobile terminal and refers to through the active lives of the STK It enables, SIM card can indicate that mobile terminal execution shows the behavior of STK windows, be shown on STK windows and any safety of user Operate relevant safety operation data, wherein safety operation refers to the operation of user security information, such as transfers accounts, with The relevant safety operation data of any safety operation in family refer to and the safety operation is relevant that user is needed to be traded signature Operation data be traded signature needing user for example, when user carries out money transfer transactions using the mobile phone A pp of certain bank Interface, show that this relevant operation data of merchandising, such as user are transferred to the bank card information produced, transaction amount, all belong to Relevant safety operation data when being traded signature to this money transfer transactions with user.
In step 201, the identifying code being generated in advance is shown on interface by mobile terminal, wherein what is be generated in advance tests Card code is in order to verify user identity, and to be come out with SIM card joint consultation when App needs to carry out safety operation and pass through peace Full mode is shown on interface of mobile terminal, and in this application, the STK windows on the terminal interface of mobile terminal are not only shown With the relevant safety operation data of any safety operation, the input control that identifying code is inputted for user, Yong Huke are also shown With according to being generated in advance and be shown in after treatment the identifying code on interface of mobile terminal, STK windows identifying code it is defeated Enter and input identifying code to be confirmed in control, in order to the confirmation to user identity.
In above-mentioned steps 202, STK proactive commands are sent to mobile terminal in SIM card, so that mobile terminal is at its interface Before upper display STK windows, present invention also provides a kind of optional embodiments to be:
SIM card establishes secure connection with mobile terminal, wherein the secure connection is for the SIM card and the movement Secure communication between terminal.
During specific implementation, in order to ensure the secure communication between SIM card and mobile terminal, establish between One secure connection.Based on the secure connection, be installed on mobile terminal need complete safety operation using SIM card App can be securely communicated with the security application Applet installed in SIM card.Wherein, Applet refers to being mounted on SIM card On security application, complete safety operation for receiving host computer instruction, and STK proactive commands and mobile terminal can be passed through Cooperation completes the displaying of safety operation information and obtains response.
During establishing the secure connection, first, mobile terminal by other channels, such as bluetooth, closely without Line communication technology (Near Field Communication, NFC) etc., is connected to SIM card, then, be based on the connection, App with Negotiate a channel key between Applet, and the contact instruction communicated therebetween be encrypted using the channel key, It is transmitted in order to be subsequently all made of after the channel key is encrypted to communication instruction between the two, to establish one between A secure connection, and then realize the secure communication between SIM card and mobile terminal.
After SIM card and mobile terminal establish secure connection, in order to verify user identity, present invention also provides one kind can The embodiment of choosing is:
Based on above-mentioned secure connection, SIM card and mobile terminal generate identifying code by preset algorithm, the identifying code for pair Identifying code to be confirmed is verified.
During specific implementation, in order to verify the identity of user, it is installed on mobile terminal and needs to come using SIM card The App for completing safety operation is held consultation by the secure connection channel with Applet, and verification is generated in advance by preset algorithm Code, and the check code safe handling and be shown on the interface of mobile terminal, for be confirmed being tested to input by user Card code is verified.
The method that App negotiates identifying code by secure connection channel with Applet is more, here, this application provides one kind The method that identifying code is generated in advance, specially:First, when the current safety operational order that SIM card inquires App is that transaction is signed Name when the method for safety operation is that requirement shows critical data by STK windows and verifies identifying code, calculates random in Applet Number R1, and return to specific response code;After App receives the answer code, random number R 2 is generated, R2 is encrypted to obtain using R1 close Then C1 is negotiated instruction by identifying code and is sent to Applet by literary C1.Simultaneously 4 are obtained by special algorithm Calc (R1, R2) Position identifying code M1;It after Applet receives C1, is decrypted by R1, obtains R2, then obtain by specific algorithm Calc (R1, R2) 4 bit digital identifying code M1, are stored in SIM card.Meanwhile identifying code M1 is included in mobile terminal by way of safety by App Interface on.
Method for the ease of understanding above-mentioned generation identifying code, shown in Figure 3, it illustrates the embodiment of the present application offers App negotiated by secure connection channel and Applet identifying code method interactive process schematic diagram, may include following step Suddenly:
Step 301:When the current safety operational order that SIM card inquires App is trading signature, SIM card is by query safe Operating list such as needs to generate identifying code, then security application in SIM card to confirm whether trading signature needs to generate identifying code Applet calculates random number R 1.
In practical applications, it is previously stored with safety operation list in SIM card, and which safety operation recorded in the table Type need not give birth to verification and which safety operation type that the safety of user information is carried out in requisition for generation identifying code It is verified at identifying code, if for example, the safety operation type of user's triggering is that " transferring accounts " can in safety operation list It is to need to generate the verification that identifying code carries out user information safety that " transferring accounts ", which can be recorded,;If the safety operation of user's triggering Type is " inquiry ", then in safety operation list, it is that need not generate identifying code to carry out user's letter that may describe " inquiry " Cease the verification of safety.That is, the safety operation list stored in SIM card describes the difference safety behaviour of user's triggering Make the corresponding relationship for whether needing to generate the security verification that identifying code carries out user information of type, specific safety operation row Table can be configured according to application demand.
Step 302:Specific response code is back to App by Applet, this answer code may be notified that APP current safeties operate needs Identifying code is verified, and the answer code includes R1.
Step 303:After App receives answer code, random number R 2 is generated, R2 is encrypted using R1 to obtain ciphertext C1, together When 4 identifying code M1 are obtained by special algorithm Calc (R1, R2).
Step 304:C1 is negotiated instruction by identifying code and is sent to Applet by App.
Step 305:After Applet receives C1, decrypted by R1, obtain R2, then by specific algorithm Calc (R1, R2 4 bit digital identifying code M1) are obtained, are stored in SIM card.
Step 306:Identifying code M1 is included on the interface of mobile terminal by way of safety by App.
It should be noted that above-mentioned steps 303 and step 304 are carried out at the same time, the not differentiation of sequencing, together The priority that reason, step 305 and step 306 are similarly not carried out sequence is distinguished, and can be carried out at the same time.
It is to pass through movement present applicant proposes a kind of optional embodiment for mode safe in above-mentioned steps 306 After the identifying code that terminal-pair is generated in advance is handled, identifying code after being handled.Then correspondingly, the mobile terminal will be advance The identifying code of generation is shown on interface, specially:Identifying code after the processing is shown on interface by the mobile terminal.Its In, it can includes diversified forms to handle the identifying code being generated in advance, for example converts thereof into picture, picture scrambling, turns It is changed to the various modes such as mathematical problem and shows identifying code.
For example, it is assumed that the application be generated in advance identifying code be number 5 when, mobile terminal can be by its turn The mode for being changed to mathematical problem is shown, and is shown as the identifying code being generated in advance such as on interface:3+2=.
Using the above method, secure connection is established between SIM card and mobile terminal, is based on the secure connection, SIM card Identifying code is generated by preset algorithm with mobile terminal, and after mobile terminal handles the identifying code, is shown in boundary On face, for being verified to identifying code to be confirmed input by user.Therefore, it is tested based on what the secure connection was realized in the application Card code check method makes other people that can not threaten to user information safety by way of forging user's confirmation message, centainly It ensure that the safety of user information in degree.
After identifying code to be confirmed when user's trigger action information and to be input to the STK display windows of mobile terminal, Execute step 203.
Step 203:Mobile terminal is receiving the identifying code to be confirmed and be directed to peace that user inputs in input control After the operation information of full operation data-triggered, the identifying code to be confirmed and operation information are forwarded to SIM card.
Step 204:SIM card determines whether after receiving identifying code to be confirmed and operation information according to the operation information The identifying code to be confirmed is verified.
In practical applications, user inputs in input control and waits for really according to the identifying code for being shown in interface of mobile terminal Recognize identifying code, and according to safety operation data-triggered operation information.It is inputted when mobile terminal receives user on its interface Identifying code to be confirmed and for the operation information of safety operation data-triggered after, the two is forwarded to SIM card immediately, and SIM card first has to judge the operation information of user after receiving identifying code to be confirmed and operation information, further according to sentencing Disconnected result determines the need for verifying identifying code to be confirmed.
Wherein, the possible realization side of the following two kinds is provided to the judging result of the operation information of user for SIM card Formula:
One kind is possible to be achieved in that, if SIM card judges that the operation information of user is to determine information, basis should Determine that information, SIM card determination need to verify identifying code to be confirmed.
Alternatively possible is achieved in that, if SIM card judges that the operation information of user is to cancel information, basis The cancellation information, SIM card determination need not verify identifying code to be confirmed.For example, as shown in figure 4, if user clicks Be the " Cancel " button, carried out cancelling the operation transferred accounts, then SIM card judges that the operation information of user is to cancel information, into Without being verified to identifying code to be confirmed input by user.
After SIM card determination needs to verify identifying code to be confirmed, step 205 is executed.
Step 205:SIM card utilizes the identifying code pair being generated in advance after the identifying code to be confirmed is verified in determination The identifying code to be confirmed is verified, and handles safety operation according to verification result.
In practical applications, it after the identifying code to be confirmed is verified in SIM card determination, will utilize pre- in step 201 The identifying code being first generated and saved in SIM card verifies the identifying code to be confirmed, and is handled and connect according to the verification result The safety operation got off.
Wherein, according to SIM card to the identifying code to be confirmed verified as a result, handling the mistake of next safety operation Journey, this application provides a kind of possible realization methods:
If SIM card determination the identifying code to be confirmed is verified after, SIM card by the identifying code being generated in advance with it is described Identifying code to be confirmed is matched, if successful match, executes safety operation;Otherwise, the safety operation is terminated.
For example, it is assumed that the identifying code being generated in advance is number 5, if SIM card determination waits for really this Recognize identifying code to be verified, then SIM card carries out the identifying code being generated in advance " 5 " and identifying code to be confirmed input by user Match, if user inscribes according to the number that the identifying code of interface display is converted, by result of calculation " 5 " as identifying code to be confirmed input control Part and then can then execute the safety operation, otherwise, terminate the safety with identifying code " 5 " successful match for being generated in advance Operation.
In this application, SIM card on mobile terminals is installed by STK proactive commands on the interface of mobile terminal Show STK windows, wherein shown on STK windows with the relevant safety operation data of any safety operation and for inputting The input control of identifying code;Then, SIM card receive the identifying code to be confirmed that mobile terminal is got from input control with And for the operation information of safety operation data-triggered after, determined the need for the identifying code to be confirmed according to the operation information It is verified;After determination needs to verify identifying code to be confirmed, SIM card is using the identifying code being generated in advance to be confirmed Identifying code is verified, and handles safety operation according to verification result.Therefore, the application passes through the process in processing safety operation Middle increase user inputs the mode of random identifying code to prevent other people from forging confirmation message, improves the safety of user information Property, also improve the safety of safety operation.
Shown in Figure 5 for the ease of understanding the application, it illustrates realization information processings provided by the embodiments of the present application The interactive process schematic diagram of method, may comprise steps of:
Step 501:The identifying code being generated in advance is shown on interface by mobile terminal.
Step 502:SIM card sends STK proactive commands to mobile terminal.
Step 503:Mobile terminal shows STK windows after receiving STK proactive commands on interface.
Step 504:To user, the input pin in STK windows believes the operation of safety operation data-triggered to acquisition for mobile terminal Breath and identifying code to be confirmed.
Step 505:Identifying code to be confirmed and operation information are forwarded to SIM card by mobile terminal.
Step 506:SIM card receives the identifying code to be confirmed that mobile terminal is got from input control and for peace After the operation information of full operation data-triggered, determine whether to verify the identifying code to be confirmed according to operation information, such as Fruit is to enter step 507, if not, entering step 509.
Step 507:Whether SIM card is correct using the identifying code verification identifying code to be confirmed being generated in advance, if so, into Step 508, if not, entering step 509.
Step 508:SIM card executes safety operation.
Step 509:SIM card terminates safety operation.
Realization information processing method provided by the embodiments of the present application realizes safety of the user on the App of mobile terminal Operation, while subscriber identity information is demonstrated during executing safety operation, fully ensure that the safety of user information, Also improve the safety of safety operation.
Shown in Figure 6, the application also provides a kind of information processing unit embodiment, which includes:
Command sending unit 601, for sending STK proactive commands to the mobile terminal, so as to described mobile whole STK windows are shown on the interface at end, shown on the STK windows with the relevant safety operation data of any safety operation and Input control for inputting identifying code;
Determination unit 602, the verification to be confirmed got from the input control for receiving the mobile terminal Code and for the operation information of the safety operation data-triggered after, according to the operation information determine whether to it is described wait for really Recognize identifying code to be verified;
Verification and processing unit 603, for after determining and being verified to the identifying code to be confirmed, using being generated in advance Identifying code the identifying code to be confirmed is verified, and the safety operation is handled according to verification result.
Optionally, described device further includes:
Secure connection establishes unit, for establishing secure connection with the mobile terminal, wherein the secure connection is used for Secure communication between the SIM card and the mobile terminal.
Optionally, described device further includes:
Generation unit generates identifying code, institute with the mobile terminal for being based on the secure connection by preset algorithm Identifying code is stated for being verified to the identifying code to be confirmed.
Optionally, the determination unit 602 includes:
First determination subelement, if being to determine information for the operation information, it is determined that the verification to be determined Code is verified;
Correspondingly, the verification and processing unit 603 include:
Coupling subelement, for matching the identifying code being generated in advance with the identifying code to be confirmed, if matching Success, then execute the safety operation;Otherwise, the safety operation is terminated.
Optionally, the determination unit 602 includes:
Second determination subelement, if being to cancel information for the operation information, it is determined that the verification to be confirmed Code is without verification;
Correspondingly, described device further includes:
Unit is terminated, is used to if it is determined that the identifying code to be confirmed without verification, then terminate the safety operation.
Shown in Figure 7, the application also provides a kind of information processing unit embodiment, which includes:
Display unit 701 for the identifying code being generated in advance to be shown in interface, and is being received from described After the STK proactive commands of SIM card, STK windows are shown on interface;Wherein, it is shown and any safety on the STK windows Operate relevant safety operation data and the input control for inputting identifying code;
Retransmission unit 702, in receiving the input control identifying code to be confirmed and be directed to the safety After the operation information of operation data triggering, the identifying code to be confirmed and the operation information are forwarded to the SIM card, so as to The SIM card determines whether to verify the identifying code to be confirmed according to the operation information, and according to verification result Handle the safety operation.
Optionally, described device further includes:
Secure connection establishes unit, for establishing secure connection with the SIM card, wherein the secure connection is used for institute State the secure communication between SIM card and the mobile terminal.
Optionally, described device further includes:
Generation unit generates identifying code with the SIM card for being based on the secure connection by preset algorithm, described Identifying code is for verifying the identifying code to be confirmed.
Optionally, described device further includes:
Processing unit, after handling the identifying code being generated in advance, identifying code after being handled;
Correspondingly, the display unit 701 includes:
First display subelement, for identifying code after the processing to be shown in interface.
In this application, SIM card on mobile terminals is installed by STK proactive commands on the interface of mobile terminal Show STK windows, wherein shown on STK windows with the relevant safety operation data of any safety operation and for inputting The input control of identifying code;Then, SIM card receive the identifying code to be confirmed that mobile terminal is got from input control with And for the operation information of safety operation data-triggered after, determined the need for the identifying code to be confirmed according to the operation information It is verified;After determination needs to verify identifying code to be confirmed, SIM card is using the identifying code being generated in advance to be confirmed Identifying code is verified, and handles safety operation according to verification result.Therefore, the application passes through the process in processing safety operation Middle increase user inputs the mode of random identifying code to prevent other people from forging confirmation message, improves the safety of user information Property, also improve the safety of safety operation.
Correspondingly, the embodiment of the present invention also provides a kind of information processing equipment, it is shown in Figure 8, may include:
Processor 801, memory 802, input unit 803 and output device 804.Processor in information processing equipment 801 quantity can be one or more, in Fig. 8 by taking a processor as an example.In some embodiments of the invention, processor 801, memory 802, input unit 803 and output device 804 can be connected by bus or other means, wherein with logical in Fig. 8 It crosses for bus connection.
Memory 802 can be used for storing software program and module, and processor 801 is stored in memory 802 by operation Software program and module, to execution information processing equipment various function application and data processing.Memory 802 can Include mainly storing program area and storage data field, wherein storing program area can storage program area, needed at least one function Application program etc..In addition, memory 802 may include high-speed random access memory, can also include non-volatile memories Device, for example, at least a disk memory, flush memory device or other volatile solid-state parts.Input unit 803 can be used It is related with the user setting of information processing equipment and function control in the number or character information that receive input, and generation Signal inputs.
Specifically in the present embodiment, processor 801 can be according to following instruction, by one or more application program The corresponding executable file of process be loaded into memory 802, and be stored in memory 802 by processor 801 to run Application program, to realize the various functions in above- mentioned information processing method.
For device embodiments, since it corresponds essentially to embodiment of the method, so related place is referring to method reality Apply the part explanation of example.The apparatus embodiments described above are merely exemplary, wherein described be used as separating component The unit of explanation may or may not be physically separated, and the component shown as unit can be or can also It is not physical unit, you can be located at a place, or may be distributed over multiple network units.It can be according to actual It needs that some or all of module therein is selected to achieve the purpose of the solution of this embodiment.Those of ordinary skill in the art are not In the case of making the creative labor, you can to understand and implement.
It should be noted that herein, relational terms such as first and second and the like are used merely to a reality Body or operation are distinguished with another entity or operation, are deposited without necessarily requiring or implying between these entities or operation In any actual relationship or order or sequence.Moreover, the terms "include", "comprise" or its any other variant are intended to Non-exclusive inclusion, so that the process, method, article or equipment including a series of elements is not only wanted including those Element, but also include other elements that are not explicitly listed, or further include for this process, method, article or equipment Intrinsic element.In the absence of more restrictions, the element limited by sentence "including a ...", it is not excluded that There is also other identical elements in process, method, article or equipment including the element.
A kind of information processing method, device and the equipment provided above the embodiment of the present application is described in detail, Specific examples are used herein to illustrate the principle and implementation manner of the present application, and the explanation of above example is only used Understand the present processes and its core concept in help;Meanwhile for those of ordinary skill in the art, according to the application's Thought, there will be changes in the specific implementation manner and application range, in conclusion the content of the present specification should not be construed as Limitation to the application.

Claims (11)

1. a kind of information processing method, which is characterized in that the method is applied to the SIM card of installation on mobile terminals, described Method includes:
The SIM card shows STK windows by STK proactive commands on the interface of the mobile terminal, on the STK windows It shows with the relevant safety operation data of any safety operation and the input control for inputting identifying code;
The SIM card receives the identifying code to be confirmed that the mobile terminal is got from the input control and is directed to institute After the operation information for stating safety operation data-triggered, determine whether to carry out the identifying code to be confirmed according to the operation information Verification;
The SIM card is waited for using the identifying code being generated in advance described after the identifying code to be confirmed is verified in determination Confirm that identifying code is verified, and the safety operation is handled according to verification result.
2. according to the method described in claim 1, it is characterized in that, the SIM card by STK proactive commands in the movement Before showing STK windows on the interface of terminal, further include:
The SIM card and the mobile terminal establish secure connection, wherein the secure connection for the SIM card with it is described Secure communication between mobile terminal.
3. according to the method described in claim 2, it is characterized in that, described utilize the identifying code being generated in advance to described to be confirmed Before identifying code is verified, further include:
Based on the secure connection, the SIM card generates identifying code, the identifying code with the mobile terminal by preset algorithm For being verified to the identifying code to be confirmed.
4. according to the method described in claim 1, it is characterized in that, described determine whether to wait for described according to the operation information Confirm that identifying code is verified, including:
If the operation information is to determine information, the identifying code to be determined is verified in the SIM card determination;
Correspondingly, described verify the identifying code to be confirmed using the identifying code being generated in advance, and according to verification result The safety operation is handled, including:
The SIM card matches the identifying code being generated in advance with the identifying code to be confirmed, if successful match, executes The safety operation;Otherwise, the safety operation is terminated.
5. according to the method described in claim 1, it is characterized in that, described determine whether to wait for described according to the operation information Confirm that identifying code is verified, including:
If the operation information is to cancel information, the SIM card is determined to the identifying code to be confirmed without verification;
Correspondingly, the method further includes:
If the SIM card is determined to the identifying code to be confirmed without verification, the safety operation is terminated.
6. a kind of information processing method, which is characterized in that the method is applied to be equipped with the mobile terminal of SIM card, the side Method includes:
The identifying code being generated in advance is shown on interface by the mobile terminal, and is receiving the STK from the SIM card After proactive command, STK windows are shown on interface;Wherein, it is shown on the STK windows relevant with any safety operation Safety operation data and input control for inputting identifying code;
To be confirmed identifying code of the mobile terminal in receiving the input control and it is directed to the safety operation data After the operation information of triggering, the identifying code to be confirmed and the operation information are forwarded to the SIM card, so as to the SIM Card determines whether to verify the identifying code to be confirmed according to the operation information, and described in being handled according to verification result Safety operation.
7. according to the method described in claim 6, it is characterized in that, the identifying code being generated in advance is shown in by the mobile terminal On interface, and after receiving the STK proactive commands from the SIM card, before STK windows are shown on interface, also Including:
The mobile terminal and the SIM card establish secure connection, wherein the secure connection for the SIM card with it is described Secure communication between mobile terminal.
8. the method according to the description of claim 7 is characterized in that the identifying code being generated in advance is shown in by the mobile terminal Before on interface, further include:
Based on the secure connection, the mobile terminal generates identifying code, the identifying code with the SIM card by preset algorithm For being verified to the identifying code to be confirmed.
9. according to the method described in claim 6, it is characterized in that, the identifying code being generated in advance is shown in by the mobile terminal Before on interface, further include:
After the mobile terminal handles the identifying code being generated in advance, identifying code after being handled;
Correspondingly, the identifying code being generated in advance is shown on interface by the mobile terminal, specially:
Identifying code after the processing is shown on interface by the mobile terminal.
10. a kind of information processing unit, which is characterized in that described device is applied to the SIM card of installation on mobile terminals, described Device includes:
Command sending unit, for sending STK proactive commands to the mobile terminal, so as at the interface of the mobile terminal Upper display STK windows are shown with the relevant safety operation data of any safety operation on the STK windows and for inputting The input control of identifying code;
Determination unit, the identifying code and needle to be confirmed got from the input control for receiving the mobile terminal After the operation information of the safety operation data-triggered, determined whether to the identifying code to be confirmed according to the operation information It is verified;
Verification and processing unit, for after the identifying code to be confirmed is verified in determination, utilizing the verification being generated in advance Code verifies the identifying code to be confirmed, and handles the safety operation according to verification result.
11. a kind of information processing unit, which is characterized in that described device is applied to be equipped with the mobile terminal of SIM card, the dress Set including:
Display unit for the identifying code being generated in advance to be shown in interface, and is being received from the SIM card After STK proactive commands, STK windows are shown on interface;Wherein, it is shown on the STK windows and any safety operation phase The safety operation data of pass and the input control for inputting identifying code;
Retransmission unit, in receiving the input control identifying code to be confirmed and be directed to the safety operation data After the operation information of triggering, the identifying code to be confirmed and the operation information are forwarded to the SIM card, so as to the SIM Card determines whether to verify the identifying code to be confirmed according to the operation information, and described in being handled according to verification result Safety operation.
CN201810394687.XA 2018-04-27 2018-04-27 Information processing method, device and equipment Active CN108564361B (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
CN201810394687.XA CN108564361B (en) 2018-04-27 2018-04-27 Information processing method, device and equipment

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
CN201810394687.XA CN108564361B (en) 2018-04-27 2018-04-27 Information processing method, device and equipment

Publications (2)

Publication Number Publication Date
CN108564361A true CN108564361A (en) 2018-09-21
CN108564361B CN108564361B (en) 2020-10-16

Family

ID=63537283

Family Applications (1)

Application Number Title Priority Date Filing Date
CN201810394687.XA Active CN108564361B (en) 2018-04-27 2018-04-27 Information processing method, device and equipment

Country Status (1)

Country Link
CN (1) CN108564361B (en)

Cited By (1)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN111738723A (en) * 2020-07-04 2020-10-02 广州云智通讯科技有限公司 Online secure transaction method and device and readable storage medium

Citations (3)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US20150302215A1 (en) * 2012-11-16 2015-10-22 Tencent Technology (Shenzhen) Company Limited Sensitive operation verification method, terminal device, server, and verification system
CN106211032A (en) * 2016-06-28 2016-12-07 公安部第三研究所 The pairing of bluetooth SIM and the method for digital signature process is realized based on STK
CN106657032A (en) * 2016-12-05 2017-05-10 北京博惠城信息科技有限公司 System and method for realizing identity identification and data authentication based on security medium confidential short message

Patent Citations (4)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US20150302215A1 (en) * 2012-11-16 2015-10-22 Tencent Technology (Shenzhen) Company Limited Sensitive operation verification method, terminal device, server, and verification system
US9703971B2 (en) * 2012-11-16 2017-07-11 Tencent Technology (Shenzhen) Company Limited Sensitive operation verification method, terminal device, server, and verification system
CN106211032A (en) * 2016-06-28 2016-12-07 公安部第三研究所 The pairing of bluetooth SIM and the method for digital signature process is realized based on STK
CN106657032A (en) * 2016-12-05 2017-05-10 北京博惠城信息科技有限公司 System and method for realizing identity identification and data authentication based on security medium confidential short message

Cited By (2)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN111738723A (en) * 2020-07-04 2020-10-02 广州云智通讯科技有限公司 Online secure transaction method and device and readable storage medium
CN111738723B (en) * 2020-07-04 2021-01-29 和宇健康科技股份有限公司 Online secure transaction method and device and readable storage medium

Also Published As

Publication number Publication date
CN108564361B (en) 2020-10-16

Similar Documents

Publication Publication Date Title
US11232430B2 (en) Method for processing a transaction from a communication terminal
AU2014283648B2 (en) Display card with user interface
US7766223B1 (en) Method and system for mobile services
EP1772832A1 (en) Method of making secure payment or collection transactions using programmable mobile telephones
CN101615322B (en) Mobile terminal payment method and mobile terminal payment system for realizing magnetic payment function
RU2651245C2 (en) Secure electronic entity for authorising transaction
EP2701415A1 (en) Mobile electronic device and use thereof for electronic transactions
US20120078735A1 (en) Secure account provisioning
EP2989601B1 (en) Secure voice transactions
WO2015001473A1 (en) Authorizing transactions using mobile device based rules
US20110196796A1 (en) Process of selling in electronic shop accessible from the mobile communication device
US9342664B2 (en) Method to make payment or charge safe transactions using programmable mobile telephones
CN107026815A (en) A kind of payment transaction processing method, paying server, relevant device and system
CN105898418A (en) Intelligent terminal, remote controller, and intelligent terminal payment method
EP3008678A1 (en) Secure data entry and display for a communication device
US9792606B2 (en) Method and secure device for performing a secure transaction with a terminal
CN108985768B (en) Data transfer system, method and device
CN108900525A (en) The processing method and device of identifying code request
US20040029570A1 (en) Method and apparatus for electronic payment through mobile communication devices
EP3148158B1 (en) Monitoring a transaction and apparatus for monitoring a mobile payment transaction
CN108564361A (en) A kind of information processing method, device and equipment
CN108173749B (en) Mobile payment method and device based on big data and mobile terminal
CN106161528B (en) A kind of method and device for business processing
US20190188725A1 (en) Wireless payments using a wearable device
CN104077688A (en) Internet payment method based on IC card and relevant device

Legal Events

Date Code Title Description
PB01 Publication
PB01 Publication
SE01 Entry into force of request for substantive examination
SE01 Entry into force of request for substantive examination
GR01 Patent grant
GR01 Patent grant