CN108564361A - A kind of information processing method, device and equipment - Google Patents
A kind of information processing method, device and equipment Download PDFInfo
- Publication number
- CN108564361A CN108564361A CN201810394687.XA CN201810394687A CN108564361A CN 108564361 A CN108564361 A CN 108564361A CN 201810394687 A CN201810394687 A CN 201810394687A CN 108564361 A CN108564361 A CN 108564361A
- Authority
- CN
- China
- Prior art keywords
- identifying code
- sim card
- confirmed
- mobile terminal
- safety operation
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Granted
Links
Classifications
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06Q—INFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES, NOT OTHERWISE PROVIDED FOR
- G06Q20/00—Payment architectures, schemes or protocols
- G06Q20/30—Payment architectures, schemes or protocols characterised by the use of specific devices or networks
- G06Q20/32—Payment architectures, schemes or protocols characterised by the use of specific devices or networks using wireless devices
- G06Q20/322—Aspects of commerce using mobile devices [M-devices]
- G06Q20/3229—Use of the SIM of a M-device as secure element
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06Q—INFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES, NOT OTHERWISE PROVIDED FOR
- G06Q20/00—Payment architectures, schemes or protocols
- G06Q20/38—Payment protocols; Details thereof
- G06Q20/40—Authorisation, e.g. identification of payer or payee, verification of customer or shop credentials; Review and approval of payers, e.g. check credit lines or negative lists
- G06Q20/401—Transaction verification
- G06Q20/4014—Identity check for transactions
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/08—Network architectures or network communication protocols for network security for authentication of entities
- H04L63/083—Network architectures or network communication protocols for network security for authentication of entities using passwords
- H04L63/0838—Network architectures or network communication protocols for network security for authentication of entities using passwords using one-time-passwords
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04W—WIRELESS COMMUNICATION NETWORKS
- H04W12/00—Security arrangements; Authentication; Protecting privacy or anonymity
- H04W12/06—Authentication
Landscapes
- Engineering & Computer Science (AREA)
- Business, Economics & Management (AREA)
- Computer Networks & Wireless Communication (AREA)
- Computer Security & Cryptography (AREA)
- Accounting & Taxation (AREA)
- Strategic Management (AREA)
- Physics & Mathematics (AREA)
- General Business, Economics & Management (AREA)
- General Physics & Mathematics (AREA)
- Theoretical Computer Science (AREA)
- Signal Processing (AREA)
- Finance (AREA)
- General Engineering & Computer Science (AREA)
- Computing Systems (AREA)
- Computer Hardware Design (AREA)
- Telephone Function (AREA)
- Telephonic Communication Services (AREA)
Abstract
The present invention discloses a kind of information processing method, device and equipment, the method includes:Dress SIM card on mobile terminals shows STK windows by STK proactive commands on the interface of mobile terminal, is shown on the STK windows with the relevant safety operation data of any safety operation and the input control for inputting identifying code;After SIM card receives operation information of the mobile terminal from the identifying code to be confirmed got in input control and for safety operation data-triggered, determine whether to verify identifying code to be confirmed according to operation information;SIM card verifies identifying code to be confirmed using the identifying code being generated in advance after identifying code to be confirmed is verified in determination, and handles safety operation according to verification result.So, the application prevents other people from threatening to user information safety by way of forging confirmation message by way of increasing user during handling safety operation and inputting random identifying code, the safety that ensure that user information to a certain extent also improves the safety of safety operation.
Description
Technical field
This application involves data processing fields, and in particular to a kind of information processing method, device and equipment.
Background technology
Existing mobile phone SIM (Subscriber Identity Module, client identification module) card can be supported various
The loading of security application can provide the security functions such as digital signature, encryption and decryption by security application.Since SIM card is not present
Show equipment and physical button, so, STK is generally used when providing above-mentioned security function, and (SIM Card Tool Kit are used
Family identification application development tool) proactive command realize that the display of information and " confirmation " and " cancellation " of physical button are pressed
Key.
But due to realizing that the display of information and physical button function are to rely on mobile phone using the proactive command of STK
System built-in application is come what is realized, once cell phone system is promoted permission (commonly referred to as root) by force, then Malware is organic
The cell phone system built-in application that can disguise oneself as handle information display and physical button function so that should pop up STK windows by with
The step of family progress validation of information, is distorted by Malware, threatens to the information security of user.
Invention content
In view of this, a kind of information processing method of the embodiment of the present application offer, device and equipment, to solve in the prior art
There is security risk in the information of user.
To solve the above problems, technical solution provided by the embodiments of the present application is as follows:
In a first aspect, this application provides a kind of information processing method, it is applied to the SIM card of installation on mobile terminals,
This method includes:
The SIM card shows STK windows, the STK windows by STK proactive commands on the interface of the mobile terminal
It is shown on mouth with the relevant safety operation data of any safety operation and the input control for inputting identifying code;
The SIM card receives the identifying code and needle to be confirmed that the mobile terminal is got from the input control
After the operation information of the safety operation data-triggered, determined whether to the identifying code to be confirmed according to the operation information
It is verified;
The SIM card is after the identifying code to be confirmed is verified in determination, using the identifying code being generated in advance to institute
It states identifying code to be confirmed to be verified, and the safety operation is handled according to verification result.
In an optional implementation manner, the SIM card by STK proactive commands at the interface of the mobile terminal
Before upper display STK windows, further include:
The SIM card and the mobile terminal establish secure connection, wherein the secure connection for the SIM card with
Secure communication between the mobile terminal.
In an optional implementation manner, described that the identifying code to be confirmed is carried out using the identifying code being generated in advance
Before verification, further include:
Based on the secure connection, the SIM card generates identifying code with the mobile terminal by preset algorithm, described to test
Card code is for verifying the identifying code to be confirmed.
In an optional implementation manner, described to be determined whether to the identifying code to be confirmed according to the operation information
It is verified, including:
If the operation information is to determine information, the identifying code to be determined is verified in the SIM card determination;
Correspondingly, described verify the identifying code to be confirmed using the identifying code being generated in advance, and according to verification
Safety operation described in result treatment, including:
The SIM card matches the identifying code being generated in advance with the identifying code to be confirmed, if successful match,
Execute the safety operation;Otherwise, the safety operation is terminated.
In an optional implementation manner, described to be determined whether to the identifying code to be confirmed according to the operation information
It is verified, including:
If the operation information is to cancel information, the SIM card is determined to the identifying code to be confirmed without testing
Card;
Correspondingly, the method further includes:
If the SIM card is determined to the identifying code to be confirmed without verification, the safety operation is terminated.
Second aspect, this application provides a kind of information processing methods should applied to the mobile terminal for being equipped with SIM card
Method includes:
The identifying code being generated in advance is shown on interface by the mobile terminal, and comes from the SIM card receiving
STK proactive commands after, STK windows are shown on interface;Wherein, it is shown and any safety operation on the STK windows
Relevant safety operation data and the input control for inputting identifying code;
To be confirmed identifying code of the mobile terminal in receiving the input control and it is directed to the safety operation
After the operation information of data-triggered, the identifying code to be confirmed and the operation information are forwarded to the SIM card, so as to described
SIM card determines whether to verify the identifying code to be confirmed according to the operation information, and is handled according to verification result
The safety operation.
In an optional implementation manner, the identifying code being generated in advance is shown on interface by the mobile terminal, with
And after receiving the STK proactive commands from the SIM card, before STK windows are shown on interface, further include:
The mobile terminal and the SIM card establish secure connection, wherein the secure connection for the SIM card with
Secure communication between the mobile terminal.
In an optional implementation manner, the identifying code being generated in advance is shown on interface it by the mobile terminal
Before, further include:
Based on the secure connection, the mobile terminal generates identifying code with the SIM card by preset algorithm, described to test
Card code is for verifying the identifying code to be confirmed.
In an optional implementation manner, the identifying code being generated in advance is shown on interface it by the mobile terminal
Before, further include:
After the mobile terminal handles the identifying code being generated in advance, identifying code after being handled;
Correspondingly, the identifying code being generated in advance is shown on interface by the mobile terminal, specially:
Identifying code after the processing is shown on interface by the mobile terminal.
The third aspect, this application provides a kind of information processing unit, described device is applied to installation on mobile terminals
SIM card, described device includes:
Command sending unit, for sending STK proactive commands to the mobile terminal, so as in the mobile terminal
STK windows are shown on interface, are shown on the STK windows and the relevant safety operation data of any safety operation and are used for
Input the input control of identifying code;
Determination unit, the identifying code to be confirmed got from the input control for receiving the mobile terminal with
And for the operation information of the safety operation data-triggered after, determine whether to be confirmed to test to described according to the operation information
Card code is verified;
Verification and processing unit, for after the identifying code to be confirmed is verified in determination, utilizing what is be generated in advance
Identifying code verifies the identifying code to be confirmed, and handles the safety operation according to verification result.
In an optional implementation manner, described device further includes:
Secure connection establishes unit, for establishing secure connection with the mobile terminal, wherein the secure connection is used for
Secure communication between the SIM card and the mobile terminal.
In an optional implementation manner, described device further includes:
Generation unit generates identifying code, institute with the mobile terminal for being based on the secure connection by preset algorithm
Identifying code is stated for being verified to the identifying code to be confirmed.
In an optional implementation manner, the determination unit includes:
First determination subelement, if being to determine information for the operation information, it is determined that the verification to be determined
Code is verified;
Correspondingly, the verification and processing unit include:
Coupling subelement, for matching the identifying code being generated in advance with the identifying code to be confirmed, if matching
Success, then execute the safety operation;Otherwise, the safety operation is terminated.
In an optional implementation manner, the determination unit includes:
Second determination subelement, if being to cancel information for the operation information, it is determined that the verification to be confirmed
Code is without verification;
Correspondingly, described device further includes:
Unit is terminated, is used to if it is determined that the identifying code to be confirmed without verification, then terminate the safety operation.
Fourth aspect, this application provides a kind of information processing unit, described device is applied to be equipped with the movement of SIM card
Terminal, described device include:
Display unit for the identifying code being generated in advance to be shown in interface, and comes from the SIM card receiving
STK proactive commands after, STK windows are shown on interface;Wherein, it is shown and any safety operation on the STK windows
Relevant safety operation data and the input control for inputting identifying code;
Retransmission unit, in receiving the input control identifying code to be confirmed and be directed to the safety operation
After the operation information of data-triggered, the identifying code to be confirmed and the operation information are forwarded to the SIM card, so as to described
SIM card determines whether to verify the identifying code to be confirmed according to the operation information, and is handled according to verification result
The safety operation.
In an optional implementation manner, described device further includes:
Secure connection establishes unit, for establishing secure connection with the SIM card, wherein the secure connection is used for institute
State the secure communication between SIM card and the mobile terminal.
In an optional implementation manner, described device further includes:
Generation unit generates identifying code with the SIM card for being based on the secure connection by preset algorithm, described
Identifying code is for verifying the identifying code to be confirmed.
In an optional implementation manner, described device further includes:
Processing unit, after handling the identifying code being generated in advance, identifying code after being handled;
Correspondingly, the display unit includes:
First display subelement, for identifying code after the processing to be shown in interface.
5th aspect, this application provides a kind of information processing equipment, the equipment includes memory and processor,
Said program code is transferred to the processor by the memory for storing program code;
The processor is used to, according to the instruction in said program code, execute above-mentioned first aspect and second aspect provides
Any one of them information processing method.
In this application, SIM card on mobile terminals is installed by STK proactive commands on the interface of mobile terminal
Show STK windows, wherein shown on STK windows with the relevant safety operation data of any safety operation and for inputting
The input control of identifying code;Then, SIM card receive the identifying code to be confirmed that mobile terminal is got from input control with
And for the operation information of safety operation data-triggered after, determined the need for the identifying code to be confirmed according to the operation information
It is verified;After determination needs to verify identifying code to be confirmed, SIM card is using the identifying code being generated in advance to be confirmed
Identifying code is verified, and handles safety operation according to verification result.Therefore, the application passes through the process in processing safety operation
Middle increase user inputs the method for random identifying code to prevent other people from pacifying to user information by way of forging confirmation message
It threatens entirely, ensure that the safety of user information to a certain extent, also improve the safety of safety operation.
Description of the drawings
In order to more clearly explain the technical solutions in the embodiments of the present application, make required in being described below to embodiment
Attached drawing is briefly described, it should be apparent that, the accompanying drawings in the following description is only some embodiments of the present application, for
For those of ordinary skill in the art, without having to pay creative labor, it can also be obtained according to these attached drawings
His attached drawing.
Fig. 1 is the block schematic illustration of exemplary application scene provided by the embodiments of the present application;
Fig. 2 is a kind of flow chart of information processing method embodiment provided by the embodiments of the present application;
Fig. 3 is the method that App provided by the embodiments of the present application negotiates identifying code by secure connection channel and Applet
Interaction diagrams;
Fig. 4 is a kind of schematic diagram of identifying code display mode provided by the embodiments of the present application;
Fig. 5 is the interaction diagrams of information processing method embodiment provided by the embodiments of the present application;
Fig. 6 is a kind of one of structural schematic diagram of information processing unit provided by the embodiments of the present application;
Fig. 7 is a kind of second structural representation of information processing unit provided by the embodiments of the present application;
Fig. 8 provides a kind of structural schematic diagram of information processing equipment for the embodiment of the present application.
Specific implementation mode
Below in conjunction with the attached drawing in the embodiment of the present application, technical solutions in the embodiments of the present application carries out clear, complete
Site preparation describes, it is clear that described embodiments are only a part of embodiments of the present application, instead of all the embodiments.It is based on
Embodiment in the application, it is obtained by those of ordinary skill in the art without making creative efforts every other
Embodiment shall fall in the protection scope of this application.
For the ease of understanding technical solution provided by the present application, first the application scenarios of the application in practice are carried out below
It introduces.
It is the Sample Scenario figure of the application in practical applications, as shown in Figure 1, at information provided by the present application referring to Fig. 1
Reason method can be achieved in the mobile terminal 102 for being mounted with SIM card 101;Wherein, SIM card 101 is also referred to as user identity and knows
Not Ka, smart card, the chip card of microprocessor is really housed, the storage inside information of digital mobile phone client adds
The contents such as the close telephone directory of key and user, for global system for mobile communications (Global System for Mobile
Communication, GSM) network client identity differentiated, and voice messaging when conversing client is encrypted.Such as hand
SIM chip etc. built in the mobile phone card installed in machine, bank card;Mobile terminal 102 refers to the calculating that can be used on the move
Machine equipment can install SIM card and client etc., and become an integrated information processing from simple call tool and put down
Platform, such as smart mobile phone and tablet computer with a variety of application functions.
As shown in Figure 1, in practical applications, when user triggers any safety operation on mobile terminal 102, such as
It is transferred accounts or is paid the fees by mobile terminal, the type of the safety operation is sent to SIM card, the application profit by mobile terminal
STK proactive commands are sent to mobile terminal 102 with the SIM card 101 on mobile terminal 102, mobile terminal will be advance
The identifying code of generation is shown on interface, and after receiving STK proactive commands, display includes safety operation number on its interface
According to this and the STK windows 103 of input control.Then, mobile terminal 102 will obtain input by user to be confirmed from input control
Identifying code and operation information for safety operation data-triggered, and it is sent to SIM card 101, in order to 101 basis of SIM card
The operation information determines whether to verify the identifying code to be confirmed, and then handles the safety operation according to verification result.
As it can be seen that this method provided by the present application increases user during handling safety operation inputs random verification
Code is tested, it is therefore prevented that other people forge the confirmation message of user, improve the safety of transaction.
Based on use above scene, the embodiment of the present application provides a kind of information processing method, below with reference to attached drawing pair
This method is described in detail.
Referring to Fig. 2, it illustrates a kind of flow chart of information processing method provided by the embodiments of the present application, this method can be with
Applied to the SIM card of installation on mobile terminals, as shown in Fig. 2, this method includes:
Step 201:The identifying code being generated in advance is shown on interface by mobile terminal.
Step 202:SIM card sends STK proactive commands to mobile terminal, and mobile terminal is to receive the STK active
After order, STK windows are shown on its interface, wherein shown on STK windows and the relevant safety operation of any safety operation
Data and input control for inputting identifying code.
In practical applications, when user needs to be traded signature using the application program installed on mobile terminal, it is
The safety for ensuring customer transaction, generally requires the interaction by SIM card and mobile terminal, to verify the true of user identity
Property, realize Secure Transaction.SIM card in this application refers to supporting the SIM card of a variety of communication ports, such as bluetooth SIM card
Deng.In SIM card and the interactive process of mobile terminal, the safety operation that SIM card triggers on mobile terminals in response to user, example
Such as, user carries out money transfer transactions using the Mobile banking's application program (Application, abbreviation App) installed on mobile terminal
When, user needs to trigger this safety operation of money transfer transactions button on terminal interface to realize money transfer transactions, once SIM card obtains
After knowing that safety operation is triggered, send STK proactive commands to mobile terminal first, wherein STK orders be a kind of SIM card and
The interactive instruction of mobile terminal, and SIM card sends STK proactive commands to mobile terminal and refers to through the active lives of the STK
It enables, SIM card can indicate that mobile terminal execution shows the behavior of STK windows, be shown on STK windows and any safety of user
Operate relevant safety operation data, wherein safety operation refers to the operation of user security information, such as transfers accounts, with
The relevant safety operation data of any safety operation in family refer to and the safety operation is relevant that user is needed to be traded signature
Operation data be traded signature needing user for example, when user carries out money transfer transactions using the mobile phone A pp of certain bank
Interface, show that this relevant operation data of merchandising, such as user are transferred to the bank card information produced, transaction amount, all belong to
Relevant safety operation data when being traded signature to this money transfer transactions with user.
In step 201, the identifying code being generated in advance is shown on interface by mobile terminal, wherein what is be generated in advance tests
Card code is in order to verify user identity, and to be come out with SIM card joint consultation when App needs to carry out safety operation and pass through peace
Full mode is shown on interface of mobile terminal, and in this application, the STK windows on the terminal interface of mobile terminal are not only shown
With the relevant safety operation data of any safety operation, the input control that identifying code is inputted for user, Yong Huke are also shown
With according to being generated in advance and be shown in after treatment the identifying code on interface of mobile terminal, STK windows identifying code it is defeated
Enter and input identifying code to be confirmed in control, in order to the confirmation to user identity.
In above-mentioned steps 202, STK proactive commands are sent to mobile terminal in SIM card, so that mobile terminal is at its interface
Before upper display STK windows, present invention also provides a kind of optional embodiments to be:
SIM card establishes secure connection with mobile terminal, wherein the secure connection is for the SIM card and the movement
Secure communication between terminal.
During specific implementation, in order to ensure the secure communication between SIM card and mobile terminal, establish between
One secure connection.Based on the secure connection, be installed on mobile terminal need complete safety operation using SIM card
App can be securely communicated with the security application Applet installed in SIM card.Wherein, Applet refers to being mounted on SIM card
On security application, complete safety operation for receiving host computer instruction, and STK proactive commands and mobile terminal can be passed through
Cooperation completes the displaying of safety operation information and obtains response.
During establishing the secure connection, first, mobile terminal by other channels, such as bluetooth, closely without
Line communication technology (Near Field Communication, NFC) etc., is connected to SIM card, then, be based on the connection, App with
Negotiate a channel key between Applet, and the contact instruction communicated therebetween be encrypted using the channel key,
It is transmitted in order to be subsequently all made of after the channel key is encrypted to communication instruction between the two, to establish one between
A secure connection, and then realize the secure communication between SIM card and mobile terminal.
After SIM card and mobile terminal establish secure connection, in order to verify user identity, present invention also provides one kind can
The embodiment of choosing is:
Based on above-mentioned secure connection, SIM card and mobile terminal generate identifying code by preset algorithm, the identifying code for pair
Identifying code to be confirmed is verified.
During specific implementation, in order to verify the identity of user, it is installed on mobile terminal and needs to come using SIM card
The App for completing safety operation is held consultation by the secure connection channel with Applet, and verification is generated in advance by preset algorithm
Code, and the check code safe handling and be shown on the interface of mobile terminal, for be confirmed being tested to input by user
Card code is verified.
The method that App negotiates identifying code by secure connection channel with Applet is more, here, this application provides one kind
The method that identifying code is generated in advance, specially:First, when the current safety operational order that SIM card inquires App is that transaction is signed
Name when the method for safety operation is that requirement shows critical data by STK windows and verifies identifying code, calculates random in Applet
Number R1, and return to specific response code;After App receives the answer code, random number R 2 is generated, R2 is encrypted to obtain using R1 close
Then C1 is negotiated instruction by identifying code and is sent to Applet by literary C1.Simultaneously 4 are obtained by special algorithm Calc (R1, R2)
Position identifying code M1;It after Applet receives C1, is decrypted by R1, obtains R2, then obtain by specific algorithm Calc (R1, R2)
4 bit digital identifying code M1, are stored in SIM card.Meanwhile identifying code M1 is included in mobile terminal by way of safety by App
Interface on.
Method for the ease of understanding above-mentioned generation identifying code, shown in Figure 3, it illustrates the embodiment of the present application offers
App negotiated by secure connection channel and Applet identifying code method interactive process schematic diagram, may include following step
Suddenly:
Step 301:When the current safety operational order that SIM card inquires App is trading signature, SIM card is by query safe
Operating list such as needs to generate identifying code, then security application in SIM card to confirm whether trading signature needs to generate identifying code
Applet calculates random number R 1.
In practical applications, it is previously stored with safety operation list in SIM card, and which safety operation recorded in the table
Type need not give birth to verification and which safety operation type that the safety of user information is carried out in requisition for generation identifying code
It is verified at identifying code, if for example, the safety operation type of user's triggering is that " transferring accounts " can in safety operation list
It is to need to generate the verification that identifying code carries out user information safety that " transferring accounts ", which can be recorded,;If the safety operation of user's triggering
Type is " inquiry ", then in safety operation list, it is that need not generate identifying code to carry out user's letter that may describe " inquiry "
Cease the verification of safety.That is, the safety operation list stored in SIM card describes the difference safety behaviour of user's triggering
Make the corresponding relationship for whether needing to generate the security verification that identifying code carries out user information of type, specific safety operation row
Table can be configured according to application demand.
Step 302:Specific response code is back to App by Applet, this answer code may be notified that APP current safeties operate needs
Identifying code is verified, and the answer code includes R1.
Step 303:After App receives answer code, random number R 2 is generated, R2 is encrypted using R1 to obtain ciphertext C1, together
When 4 identifying code M1 are obtained by special algorithm Calc (R1, R2).
Step 304:C1 is negotiated instruction by identifying code and is sent to Applet by App.
Step 305:After Applet receives C1, decrypted by R1, obtain R2, then by specific algorithm Calc (R1,
R2 4 bit digital identifying code M1) are obtained, are stored in SIM card.
Step 306:Identifying code M1 is included on the interface of mobile terminal by way of safety by App.
It should be noted that above-mentioned steps 303 and step 304 are carried out at the same time, the not differentiation of sequencing, together
The priority that reason, step 305 and step 306 are similarly not carried out sequence is distinguished, and can be carried out at the same time.
It is to pass through movement present applicant proposes a kind of optional embodiment for mode safe in above-mentioned steps 306
After the identifying code that terminal-pair is generated in advance is handled, identifying code after being handled.Then correspondingly, the mobile terminal will be advance
The identifying code of generation is shown on interface, specially:Identifying code after the processing is shown on interface by the mobile terminal.Its
In, it can includes diversified forms to handle the identifying code being generated in advance, for example converts thereof into picture, picture scrambling, turns
It is changed to the various modes such as mathematical problem and shows identifying code.
For example, it is assumed that the application be generated in advance identifying code be number 5 when, mobile terminal can be by its turn
The mode for being changed to mathematical problem is shown, and is shown as the identifying code being generated in advance such as on interface:3+2=.
Using the above method, secure connection is established between SIM card and mobile terminal, is based on the secure connection, SIM card
Identifying code is generated by preset algorithm with mobile terminal, and after mobile terminal handles the identifying code, is shown in boundary
On face, for being verified to identifying code to be confirmed input by user.Therefore, it is tested based on what the secure connection was realized in the application
Card code check method makes other people that can not threaten to user information safety by way of forging user's confirmation message, centainly
It ensure that the safety of user information in degree.
After identifying code to be confirmed when user's trigger action information and to be input to the STK display windows of mobile terminal,
Execute step 203.
Step 203:Mobile terminal is receiving the identifying code to be confirmed and be directed to peace that user inputs in input control
After the operation information of full operation data-triggered, the identifying code to be confirmed and operation information are forwarded to SIM card.
Step 204:SIM card determines whether after receiving identifying code to be confirmed and operation information according to the operation information
The identifying code to be confirmed is verified.
In practical applications, user inputs in input control and waits for really according to the identifying code for being shown in interface of mobile terminal
Recognize identifying code, and according to safety operation data-triggered operation information.It is inputted when mobile terminal receives user on its interface
Identifying code to be confirmed and for the operation information of safety operation data-triggered after, the two is forwarded to SIM card immediately, and
SIM card first has to judge the operation information of user after receiving identifying code to be confirmed and operation information, further according to sentencing
Disconnected result determines the need for verifying identifying code to be confirmed.
Wherein, the possible realization side of the following two kinds is provided to the judging result of the operation information of user for SIM card
Formula:
One kind is possible to be achieved in that, if SIM card judges that the operation information of user is to determine information, basis should
Determine that information, SIM card determination need to verify identifying code to be confirmed.
Alternatively possible is achieved in that, if SIM card judges that the operation information of user is to cancel information, basis
The cancellation information, SIM card determination need not verify identifying code to be confirmed.For example, as shown in figure 4, if user clicks
Be the " Cancel " button, carried out cancelling the operation transferred accounts, then SIM card judges that the operation information of user is to cancel information, into
Without being verified to identifying code to be confirmed input by user.
After SIM card determination needs to verify identifying code to be confirmed, step 205 is executed.
Step 205:SIM card utilizes the identifying code pair being generated in advance after the identifying code to be confirmed is verified in determination
The identifying code to be confirmed is verified, and handles safety operation according to verification result.
In practical applications, it after the identifying code to be confirmed is verified in SIM card determination, will utilize pre- in step 201
The identifying code being first generated and saved in SIM card verifies the identifying code to be confirmed, and is handled and connect according to the verification result
The safety operation got off.
Wherein, according to SIM card to the identifying code to be confirmed verified as a result, handling the mistake of next safety operation
Journey, this application provides a kind of possible realization methods:
If SIM card determination the identifying code to be confirmed is verified after, SIM card by the identifying code being generated in advance with it is described
Identifying code to be confirmed is matched, if successful match, executes safety operation;Otherwise, the safety operation is terminated.
For example, it is assumed that the identifying code being generated in advance is number 5, if SIM card determination waits for really this
Recognize identifying code to be verified, then SIM card carries out the identifying code being generated in advance " 5 " and identifying code to be confirmed input by user
Match, if user inscribes according to the number that the identifying code of interface display is converted, by result of calculation " 5 " as identifying code to be confirmed input control
Part and then can then execute the safety operation, otherwise, terminate the safety with identifying code " 5 " successful match for being generated in advance
Operation.
In this application, SIM card on mobile terminals is installed by STK proactive commands on the interface of mobile terminal
Show STK windows, wherein shown on STK windows with the relevant safety operation data of any safety operation and for inputting
The input control of identifying code;Then, SIM card receive the identifying code to be confirmed that mobile terminal is got from input control with
And for the operation information of safety operation data-triggered after, determined the need for the identifying code to be confirmed according to the operation information
It is verified;After determination needs to verify identifying code to be confirmed, SIM card is using the identifying code being generated in advance to be confirmed
Identifying code is verified, and handles safety operation according to verification result.Therefore, the application passes through the process in processing safety operation
Middle increase user inputs the mode of random identifying code to prevent other people from forging confirmation message, improves the safety of user information
Property, also improve the safety of safety operation.
Shown in Figure 5 for the ease of understanding the application, it illustrates realization information processings provided by the embodiments of the present application
The interactive process schematic diagram of method, may comprise steps of:
Step 501:The identifying code being generated in advance is shown on interface by mobile terminal.
Step 502:SIM card sends STK proactive commands to mobile terminal.
Step 503:Mobile terminal shows STK windows after receiving STK proactive commands on interface.
Step 504:To user, the input pin in STK windows believes the operation of safety operation data-triggered to acquisition for mobile terminal
Breath and identifying code to be confirmed.
Step 505:Identifying code to be confirmed and operation information are forwarded to SIM card by mobile terminal.
Step 506:SIM card receives the identifying code to be confirmed that mobile terminal is got from input control and for peace
After the operation information of full operation data-triggered, determine whether to verify the identifying code to be confirmed according to operation information, such as
Fruit is to enter step 507, if not, entering step 509.
Step 507:Whether SIM card is correct using the identifying code verification identifying code to be confirmed being generated in advance, if so, into
Step 508, if not, entering step 509.
Step 508:SIM card executes safety operation.
Step 509:SIM card terminates safety operation.
Realization information processing method provided by the embodiments of the present application realizes safety of the user on the App of mobile terminal
Operation, while subscriber identity information is demonstrated during executing safety operation, fully ensure that the safety of user information,
Also improve the safety of safety operation.
Shown in Figure 6, the application also provides a kind of information processing unit embodiment, which includes:
Command sending unit 601, for sending STK proactive commands to the mobile terminal, so as to described mobile whole
STK windows are shown on the interface at end, shown on the STK windows with the relevant safety operation data of any safety operation and
Input control for inputting identifying code;
Determination unit 602, the verification to be confirmed got from the input control for receiving the mobile terminal
Code and for the operation information of the safety operation data-triggered after, according to the operation information determine whether to it is described wait for really
Recognize identifying code to be verified;
Verification and processing unit 603, for after determining and being verified to the identifying code to be confirmed, using being generated in advance
Identifying code the identifying code to be confirmed is verified, and the safety operation is handled according to verification result.
Optionally, described device further includes:
Secure connection establishes unit, for establishing secure connection with the mobile terminal, wherein the secure connection is used for
Secure communication between the SIM card and the mobile terminal.
Optionally, described device further includes:
Generation unit generates identifying code, institute with the mobile terminal for being based on the secure connection by preset algorithm
Identifying code is stated for being verified to the identifying code to be confirmed.
Optionally, the determination unit 602 includes:
First determination subelement, if being to determine information for the operation information, it is determined that the verification to be determined
Code is verified;
Correspondingly, the verification and processing unit 603 include:
Coupling subelement, for matching the identifying code being generated in advance with the identifying code to be confirmed, if matching
Success, then execute the safety operation;Otherwise, the safety operation is terminated.
Optionally, the determination unit 602 includes:
Second determination subelement, if being to cancel information for the operation information, it is determined that the verification to be confirmed
Code is without verification;
Correspondingly, described device further includes:
Unit is terminated, is used to if it is determined that the identifying code to be confirmed without verification, then terminate the safety operation.
Shown in Figure 7, the application also provides a kind of information processing unit embodiment, which includes:
Display unit 701 for the identifying code being generated in advance to be shown in interface, and is being received from described
After the STK proactive commands of SIM card, STK windows are shown on interface;Wherein, it is shown and any safety on the STK windows
Operate relevant safety operation data and the input control for inputting identifying code;
Retransmission unit 702, in receiving the input control identifying code to be confirmed and be directed to the safety
After the operation information of operation data triggering, the identifying code to be confirmed and the operation information are forwarded to the SIM card, so as to
The SIM card determines whether to verify the identifying code to be confirmed according to the operation information, and according to verification result
Handle the safety operation.
Optionally, described device further includes:
Secure connection establishes unit, for establishing secure connection with the SIM card, wherein the secure connection is used for institute
State the secure communication between SIM card and the mobile terminal.
Optionally, described device further includes:
Generation unit generates identifying code with the SIM card for being based on the secure connection by preset algorithm, described
Identifying code is for verifying the identifying code to be confirmed.
Optionally, described device further includes:
Processing unit, after handling the identifying code being generated in advance, identifying code after being handled;
Correspondingly, the display unit 701 includes:
First display subelement, for identifying code after the processing to be shown in interface.
In this application, SIM card on mobile terminals is installed by STK proactive commands on the interface of mobile terminal
Show STK windows, wherein shown on STK windows with the relevant safety operation data of any safety operation and for inputting
The input control of identifying code;Then, SIM card receive the identifying code to be confirmed that mobile terminal is got from input control with
And for the operation information of safety operation data-triggered after, determined the need for the identifying code to be confirmed according to the operation information
It is verified;After determination needs to verify identifying code to be confirmed, SIM card is using the identifying code being generated in advance to be confirmed
Identifying code is verified, and handles safety operation according to verification result.Therefore, the application passes through the process in processing safety operation
Middle increase user inputs the mode of random identifying code to prevent other people from forging confirmation message, improves the safety of user information
Property, also improve the safety of safety operation.
Correspondingly, the embodiment of the present invention also provides a kind of information processing equipment, it is shown in Figure 8, may include:
Processor 801, memory 802, input unit 803 and output device 804.Processor in information processing equipment
801 quantity can be one or more, in Fig. 8 by taking a processor as an example.In some embodiments of the invention, processor
801, memory 802, input unit 803 and output device 804 can be connected by bus or other means, wherein with logical in Fig. 8
It crosses for bus connection.
Memory 802 can be used for storing software program and module, and processor 801 is stored in memory 802 by operation
Software program and module, to execution information processing equipment various function application and data processing.Memory 802 can
Include mainly storing program area and storage data field, wherein storing program area can storage program area, needed at least one function
Application program etc..In addition, memory 802 may include high-speed random access memory, can also include non-volatile memories
Device, for example, at least a disk memory, flush memory device or other volatile solid-state parts.Input unit 803 can be used
It is related with the user setting of information processing equipment and function control in the number or character information that receive input, and generation
Signal inputs.
Specifically in the present embodiment, processor 801 can be according to following instruction, by one or more application program
The corresponding executable file of process be loaded into memory 802, and be stored in memory 802 by processor 801 to run
Application program, to realize the various functions in above- mentioned information processing method.
For device embodiments, since it corresponds essentially to embodiment of the method, so related place is referring to method reality
Apply the part explanation of example.The apparatus embodiments described above are merely exemplary, wherein described be used as separating component
The unit of explanation may or may not be physically separated, and the component shown as unit can be or can also
It is not physical unit, you can be located at a place, or may be distributed over multiple network units.It can be according to actual
It needs that some or all of module therein is selected to achieve the purpose of the solution of this embodiment.Those of ordinary skill in the art are not
In the case of making the creative labor, you can to understand and implement.
It should be noted that herein, relational terms such as first and second and the like are used merely to a reality
Body or operation are distinguished with another entity or operation, are deposited without necessarily requiring or implying between these entities or operation
In any actual relationship or order or sequence.Moreover, the terms "include", "comprise" or its any other variant are intended to
Non-exclusive inclusion, so that the process, method, article or equipment including a series of elements is not only wanted including those
Element, but also include other elements that are not explicitly listed, or further include for this process, method, article or equipment
Intrinsic element.In the absence of more restrictions, the element limited by sentence "including a ...", it is not excluded that
There is also other identical elements in process, method, article or equipment including the element.
A kind of information processing method, device and the equipment provided above the embodiment of the present application is described in detail,
Specific examples are used herein to illustrate the principle and implementation manner of the present application, and the explanation of above example is only used
Understand the present processes and its core concept in help;Meanwhile for those of ordinary skill in the art, according to the application's
Thought, there will be changes in the specific implementation manner and application range, in conclusion the content of the present specification should not be construed as
Limitation to the application.
Claims (11)
1. a kind of information processing method, which is characterized in that the method is applied to the SIM card of installation on mobile terminals, described
Method includes:
The SIM card shows STK windows by STK proactive commands on the interface of the mobile terminal, on the STK windows
It shows with the relevant safety operation data of any safety operation and the input control for inputting identifying code;
The SIM card receives the identifying code to be confirmed that the mobile terminal is got from the input control and is directed to institute
After the operation information for stating safety operation data-triggered, determine whether to carry out the identifying code to be confirmed according to the operation information
Verification;
The SIM card is waited for using the identifying code being generated in advance described after the identifying code to be confirmed is verified in determination
Confirm that identifying code is verified, and the safety operation is handled according to verification result.
2. according to the method described in claim 1, it is characterized in that, the SIM card by STK proactive commands in the movement
Before showing STK windows on the interface of terminal, further include:
The SIM card and the mobile terminal establish secure connection, wherein the secure connection for the SIM card with it is described
Secure communication between mobile terminal.
3. according to the method described in claim 2, it is characterized in that, described utilize the identifying code being generated in advance to described to be confirmed
Before identifying code is verified, further include:
Based on the secure connection, the SIM card generates identifying code, the identifying code with the mobile terminal by preset algorithm
For being verified to the identifying code to be confirmed.
4. according to the method described in claim 1, it is characterized in that, described determine whether to wait for described according to the operation information
Confirm that identifying code is verified, including:
If the operation information is to determine information, the identifying code to be determined is verified in the SIM card determination;
Correspondingly, described verify the identifying code to be confirmed using the identifying code being generated in advance, and according to verification result
The safety operation is handled, including:
The SIM card matches the identifying code being generated in advance with the identifying code to be confirmed, if successful match, executes
The safety operation;Otherwise, the safety operation is terminated.
5. according to the method described in claim 1, it is characterized in that, described determine whether to wait for described according to the operation information
Confirm that identifying code is verified, including:
If the operation information is to cancel information, the SIM card is determined to the identifying code to be confirmed without verification;
Correspondingly, the method further includes:
If the SIM card is determined to the identifying code to be confirmed without verification, the safety operation is terminated.
6. a kind of information processing method, which is characterized in that the method is applied to be equipped with the mobile terminal of SIM card, the side
Method includes:
The identifying code being generated in advance is shown on interface by the mobile terminal, and is receiving the STK from the SIM card
After proactive command, STK windows are shown on interface;Wherein, it is shown on the STK windows relevant with any safety operation
Safety operation data and input control for inputting identifying code;
To be confirmed identifying code of the mobile terminal in receiving the input control and it is directed to the safety operation data
After the operation information of triggering, the identifying code to be confirmed and the operation information are forwarded to the SIM card, so as to the SIM
Card determines whether to verify the identifying code to be confirmed according to the operation information, and described in being handled according to verification result
Safety operation.
7. according to the method described in claim 6, it is characterized in that, the identifying code being generated in advance is shown in by the mobile terminal
On interface, and after receiving the STK proactive commands from the SIM card, before STK windows are shown on interface, also
Including:
The mobile terminal and the SIM card establish secure connection, wherein the secure connection for the SIM card with it is described
Secure communication between mobile terminal.
8. the method according to the description of claim 7 is characterized in that the identifying code being generated in advance is shown in by the mobile terminal
Before on interface, further include:
Based on the secure connection, the mobile terminal generates identifying code, the identifying code with the SIM card by preset algorithm
For being verified to the identifying code to be confirmed.
9. according to the method described in claim 6, it is characterized in that, the identifying code being generated in advance is shown in by the mobile terminal
Before on interface, further include:
After the mobile terminal handles the identifying code being generated in advance, identifying code after being handled;
Correspondingly, the identifying code being generated in advance is shown on interface by the mobile terminal, specially:
Identifying code after the processing is shown on interface by the mobile terminal.
10. a kind of information processing unit, which is characterized in that described device is applied to the SIM card of installation on mobile terminals, described
Device includes:
Command sending unit, for sending STK proactive commands to the mobile terminal, so as at the interface of the mobile terminal
Upper display STK windows are shown with the relevant safety operation data of any safety operation on the STK windows and for inputting
The input control of identifying code;
Determination unit, the identifying code and needle to be confirmed got from the input control for receiving the mobile terminal
After the operation information of the safety operation data-triggered, determined whether to the identifying code to be confirmed according to the operation information
It is verified;
Verification and processing unit, for after the identifying code to be confirmed is verified in determination, utilizing the verification being generated in advance
Code verifies the identifying code to be confirmed, and handles the safety operation according to verification result.
11. a kind of information processing unit, which is characterized in that described device is applied to be equipped with the mobile terminal of SIM card, the dress
Set including:
Display unit for the identifying code being generated in advance to be shown in interface, and is being received from the SIM card
After STK proactive commands, STK windows are shown on interface;Wherein, it is shown on the STK windows and any safety operation phase
The safety operation data of pass and the input control for inputting identifying code;
Retransmission unit, in receiving the input control identifying code to be confirmed and be directed to the safety operation data
After the operation information of triggering, the identifying code to be confirmed and the operation information are forwarded to the SIM card, so as to the SIM
Card determines whether to verify the identifying code to be confirmed according to the operation information, and described in being handled according to verification result
Safety operation.
Priority Applications (1)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
CN201810394687.XA CN108564361B (en) | 2018-04-27 | 2018-04-27 | Information processing method, device and equipment |
Applications Claiming Priority (1)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
CN201810394687.XA CN108564361B (en) | 2018-04-27 | 2018-04-27 | Information processing method, device and equipment |
Publications (2)
Publication Number | Publication Date |
---|---|
CN108564361A true CN108564361A (en) | 2018-09-21 |
CN108564361B CN108564361B (en) | 2020-10-16 |
Family
ID=63537283
Family Applications (1)
Application Number | Title | Priority Date | Filing Date |
---|---|---|---|
CN201810394687.XA Active CN108564361B (en) | 2018-04-27 | 2018-04-27 | Information processing method, device and equipment |
Country Status (1)
Country | Link |
---|---|
CN (1) | CN108564361B (en) |
Cited By (1)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN111738723A (en) * | 2020-07-04 | 2020-10-02 | 广州云智通讯科技有限公司 | Online secure transaction method and device and readable storage medium |
Citations (3)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
US20150302215A1 (en) * | 2012-11-16 | 2015-10-22 | Tencent Technology (Shenzhen) Company Limited | Sensitive operation verification method, terminal device, server, and verification system |
CN106211032A (en) * | 2016-06-28 | 2016-12-07 | 公安部第三研究所 | The pairing of bluetooth SIM and the method for digital signature process is realized based on STK |
CN106657032A (en) * | 2016-12-05 | 2017-05-10 | 北京博惠城信息科技有限公司 | System and method for realizing identity identification and data authentication based on security medium confidential short message |
-
2018
- 2018-04-27 CN CN201810394687.XA patent/CN108564361B/en active Active
Patent Citations (4)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
US20150302215A1 (en) * | 2012-11-16 | 2015-10-22 | Tencent Technology (Shenzhen) Company Limited | Sensitive operation verification method, terminal device, server, and verification system |
US9703971B2 (en) * | 2012-11-16 | 2017-07-11 | Tencent Technology (Shenzhen) Company Limited | Sensitive operation verification method, terminal device, server, and verification system |
CN106211032A (en) * | 2016-06-28 | 2016-12-07 | 公安部第三研究所 | The pairing of bluetooth SIM and the method for digital signature process is realized based on STK |
CN106657032A (en) * | 2016-12-05 | 2017-05-10 | 北京博惠城信息科技有限公司 | System and method for realizing identity identification and data authentication based on security medium confidential short message |
Cited By (2)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN111738723A (en) * | 2020-07-04 | 2020-10-02 | 广州云智通讯科技有限公司 | Online secure transaction method and device and readable storage medium |
CN111738723B (en) * | 2020-07-04 | 2021-01-29 | 和宇健康科技股份有限公司 | Online secure transaction method and device and readable storage medium |
Also Published As
Publication number | Publication date |
---|---|
CN108564361B (en) | 2020-10-16 |
Similar Documents
Publication | Publication Date | Title |
---|---|---|
US11232430B2 (en) | Method for processing a transaction from a communication terminal | |
AU2014283648B2 (en) | Display card with user interface | |
US7766223B1 (en) | Method and system for mobile services | |
EP1772832A1 (en) | Method of making secure payment or collection transactions using programmable mobile telephones | |
CN101615322B (en) | Mobile terminal payment method and mobile terminal payment system for realizing magnetic payment function | |
RU2651245C2 (en) | Secure electronic entity for authorising transaction | |
EP2701415A1 (en) | Mobile electronic device and use thereof for electronic transactions | |
US20120078735A1 (en) | Secure account provisioning | |
EP2989601B1 (en) | Secure voice transactions | |
WO2015001473A1 (en) | Authorizing transactions using mobile device based rules | |
US20110196796A1 (en) | Process of selling in electronic shop accessible from the mobile communication device | |
US9342664B2 (en) | Method to make payment or charge safe transactions using programmable mobile telephones | |
CN107026815A (en) | A kind of payment transaction processing method, paying server, relevant device and system | |
CN105898418A (en) | Intelligent terminal, remote controller, and intelligent terminal payment method | |
EP3008678A1 (en) | Secure data entry and display for a communication device | |
US9792606B2 (en) | Method and secure device for performing a secure transaction with a terminal | |
CN108985768B (en) | Data transfer system, method and device | |
CN108900525A (en) | The processing method and device of identifying code request | |
US20040029570A1 (en) | Method and apparatus for electronic payment through mobile communication devices | |
EP3148158B1 (en) | Monitoring a transaction and apparatus for monitoring a mobile payment transaction | |
CN108564361A (en) | A kind of information processing method, device and equipment | |
CN108173749B (en) | Mobile payment method and device based on big data and mobile terminal | |
CN106161528B (en) | A kind of method and device for business processing | |
US20190188725A1 (en) | Wireless payments using a wearable device | |
CN104077688A (en) | Internet payment method based on IC card and relevant device |
Legal Events
Date | Code | Title | Description |
---|---|---|---|
PB01 | Publication | ||
PB01 | Publication | ||
SE01 | Entry into force of request for substantive examination | ||
SE01 | Entry into force of request for substantive examination | ||
GR01 | Patent grant | ||
GR01 | Patent grant |