CN108734005B - Security/identity authentication method, mobile equipment and storage device - Google Patents
Security/identity authentication method, mobile equipment and storage device Download PDFInfo
- Publication number
- CN108734005B CN108734005B CN201810271957.8A CN201810271957A CN108734005B CN 108734005 B CN108734005 B CN 108734005B CN 201810271957 A CN201810271957 A CN 201810271957A CN 108734005 B CN108734005 B CN 108734005B
- Authority
- CN
- China
- Prior art keywords
- security
- identity information
- identity
- information data
- safety
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Active
Links
Images
Classifications
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/30—Authentication, i.e. establishing the identity or authorisation of security principals
- G06F21/44—Program or device authentication
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04W—WIRELESS COMMUNICATION NETWORKS
- H04W4/00—Services specially adapted for wireless communication networks; Facilities therefor
- H04W4/80—Services using short range communication, e.g. near-field communication [NFC], radio-frequency identification [RFID] or low energy communication
Landscapes
- Engineering & Computer Science (AREA)
- Computer Security & Cryptography (AREA)
- Theoretical Computer Science (AREA)
- Computer Networks & Wireless Communication (AREA)
- Signal Processing (AREA)
- Computer Hardware Design (AREA)
- Software Systems (AREA)
- Physics & Mathematics (AREA)
- General Engineering & Computer Science (AREA)
- General Physics & Mathematics (AREA)
- Telephonic Communication Services (AREA)
Abstract
The application discloses a security/identity authentication method, mobile equipment, a server and a device with a storage function. The method comprises the following steps: the mobile equipment receives a request for reading the safety/identity information, which is initiated by the safety/identity identification equipment, by utilizing an NFC device of the mobile equipment, wherein the request comprises a card application identification code; the mobile equipment responds to the request for reading the safety/identity information, and matches the card application identification code in the request with the identification code of the card application installed in the mobile equipment; if the corresponding card application identification code is matched, the mobile equipment sends the security/identity information data which is stored in the card application and matched with the request to the security/identity identification equipment, so that the security/identity identification equipment can verify the security/identity information. By means of the mode, the safety and the flexibility and convenience of safety/identity verification can be improved.
Description
Technical Field
The present application relates to the field of near field communication technologies, and in particular, to a security/identity authentication method, a mobile device, a server, and a device having a storage function.
Background
In daily life of people, public resources such as supermarkets, hotels and the like are often needed to be used, and in order to facilitate management, operators generally transact membership cards, house cards and the like for users when using the public resources, so that the users can be used for points or opening doors and the like. With the development of society, the convenience of life of people is improved, and more shared products appear in life of people, such as shared bicycle, shared car, shared umbrella etc.. The unlocking mode of each shared product is different from operator to operator, and some shared single cars need to be unlocked by scanning the two-dimensional code, and some shared single cars need to be unlocked by swiping the IC card. In order to adapt to different shared products, a user may carry a plurality of different cards at the same time, the carrying is troublesome, the management is not easy, and the utilization rate of part of shared products is reduced.
In a long-term research and development process, the inventor of the present application finds that with the development of Near Field Communication (NFC) technology, a mobile device can be simulated as a virtual card by using a card simulation function of NFC, thereby reducing the issuance of a physical card. However, in the card simulation process, different operators may have different rules for opening and using cards, which results in that a user needs to download a plurality of Applications (APPs), remember a plurality of usage rules, and the like, and thus, the popularization and Application of the technology are limited.
Disclosure of Invention
The technical problem mainly solved by the application is to provide a security/identity authentication method, a mobile device, a server and a device with a storage function, which can improve the security and flexibility and convenience of security/identity authentication.
In order to solve the technical problem, the application adopts a technical scheme that: there is provided a method of security/identity verification, the method comprising: the mobile equipment receives a request for reading the safety/identity information, which is initiated by the safety/identity identification equipment, by utilizing an NFC device of the mobile equipment, wherein the request comprises a card application identification code; the mobile equipment responds to the request for reading the safety/identity information, and matches the card application identification code in the request with the identification code of the card application installed in the mobile equipment; if the corresponding card application identification code is matched, the mobile equipment sends the security/identity information data which is stored in the card application and matched with the request to the security/identity identification equipment, so that the security/identity identification equipment can verify the security/identity information.
In order to solve the above technical problem, another technical solution adopted by the present application is: there is provided a method of security/identity verification, the method comprising: the application server receives a request for acquiring the safety/identity information data from the mobile equipment and sends the request for acquiring the safety/identity information data to the corresponding operator server so that the operator server generates the corresponding safety/identity information data, wherein the request for acquiring the safety/identity information data is provided with an operator identification code, and the application server is connected with a plurality of different operator servers; the application server receives the security/identity information data with the operator identification code from the operator server and sends the security/identity information data with the operator identification code to the mobile device.
In order to solve the above technical problem, another technical solution adopted by the present application is: a mobile device is provided that includes a processor, an NFC device, and a communication circuit, the processor coupled to the NFC device and the communication circuit and configured to execute instructions in operation to implement the above-described security/authentication method in cooperation with the NFC device and the communication circuit.
In order to solve the above technical problem, another technical solution adopted by the present application is: there is provided a server comprising a processor and a communication circuit, the processor being coupled to the communication circuit and executing instructions when in operation, the above-mentioned security/authentication use method being implemented.
In order to solve the above technical problem, another technical solution adopted by the present application is: there is provided a device having a storage function, the device having the storage function storing a program which, when executed, implements the above-described security/authentication method.
The beneficial effect of this application is: different from the situation of the prior art, the security/identity authentication using method provided by the application simulates the mobile equipment into a virtual card for identity identification authentication by using the NFC device in the mobile equipment. And meanwhile, the application server is connected with a plurality of operators, so that the mobile equipment can be simulated into different types of virtual cards. In this way, the security and flexible convenience of security/identity verification can be improved.
Drawings
Fig. 1 is a schematic flow chart of a first embodiment of the security/identity verification method of the present application.
Fig. 2 is a schematic flow chart of a second embodiment of the security/identity verification method of the present application.
Fig. 3 is a schematic flow chart of a third embodiment of the security/identity verification method of the present application.
Fig. 4 is a schematic flow chart of a fourth embodiment of the security/identity verification method of the present application.
Fig. 5 is a schematic structural diagram of a first embodiment of the mobile device of the present application.
Fig. 6 is a schematic structural diagram of a first embodiment of the server according to the present application.
Fig. 7 is a schematic structural diagram of a first embodiment of the apparatus with a storage function according to the present application.
Detailed Description
In order to make the purpose, technical solution and effect of the present application clearer and clearer, the present application is further described in detail below with reference to the accompanying drawings and examples.
The application provides a security/identity authentication method, which is characterized in that an NFC device of mobile equipment is used for simulating the mobile equipment into a virtual card for security/identity authentication, and an application server is simultaneously used for being respectively connected with the mobile equipment and a plurality of different operators, so that the mobile equipment can be simulated into a plurality of different cards at the same time, and a user can conveniently use identity authentication in different scenes. Specifically, opening and using the NFC analog card function generally has the procedures of opening and using the card and the like.
Referring to fig. 1, fig. 1 is a schematic flow chart of a security/identity verification method according to a first embodiment of the present application. In this embodiment, a process of opening an NFC virtual card is mainly described, and the main steps are as follows:
s101: the application server receives a request for obtaining the security/identity information data from the mobile device and sends the request for obtaining the security/identity information data to the corresponding operator server, so that the operator server generates the security/identity information data with the operator identification code.
The request for obtaining the security/identity information data is provided with an operator identification code, user identity information, card type information and the like. And the application server sends the request to a corresponding operator server according to the operator identification code in the request for acquiring the safety/identity information data. The application server is connected with a plurality of different operator servers, can apply for obtaining different merchants and different types of safety/identity information data according to different requirements, and simulates the mobile equipment into a plurality of different cards, such as a member card for opening an XX supermarket, a riding card for an XX bicycle, a house card for an XX hotel and the like.
S102: the application server receives the security/identity information data with the operator identification code from the operator server, processes the security/identity information data, and then sends the security/identity information data with the operator identification code to the mobile device.
In order to improve the data security, the application server and the operator server can encrypt the security/identity information data with the operator identification code in a mode of exchanging keys between the two parties, decrypt the security/identity information data with the operator identification code after receiving the security/identity information data, and send the security/identity information data with the operator identification code to the mobile equipment in a secure channel mode after encrypting the security/identity information data again. In order to improve the data confidentiality, the application server does not need to store the safety/identity information data, the user data and the like of the operator, and can also obtain the safety/identity information data from the operator server in a real-time request mode according to a protocol and separate the service data and the user data related to the safety/identity information data of different operators.
Optionally, in an embodiment, the mobile device uses a client of the application server to send a request for obtaining security/identity information data to the application server, and the mobile device uses the client of the same application server to send a request for obtaining security/identity information data with different operator identification codes to the application server, so as to obtain security/identity information data with different operator identification codes from different operator servers through the application server. The client of the application server may be an app (application) installed on the mobile device, or may open a special website or page through a browser provided by the mobile device. Specifically, please refer to fig. 2, fig. 2 is a flowchart illustrating a security/identity verification method according to a second embodiment of the present application. In the embodiment, a user opens a client of an application server installed in the mobile device to enter a corresponding interface, and after registration/login, fills in an application for acquiring security/identity information data, wherein the security/identity information data of which operator needs to be applied is filled in, after submission, the mobile device generates a request for acquiring the security/identity information data, and sends the request for acquiring the security/identity information data to the application server. The application server receives the request for obtaining the safety/identity information data with the operator identification code, and sends the request for obtaining the safety/identity information data with the operator identification code to the corresponding operator server, so that the operator server generates the safety/identity information data with the operator identification code. The application server receives the safety/identity information data with the operator identification code from the operator server, sends the safety/identity information data with the operator identification code to the mobile equipment, and simultaneously sends safety/identity information data acquisition completion information to the mobile equipment. The security/identity information data may include one or more of user identity information, card number information, card balance information, etc.
Before the security/identity information data is acquired from the application server, a card application provided by the application server is installed in the mobile device, so that the acquired security/identity information data is stored in the card application.
Specifically, the mobile device sends a request for obtaining the card application to the application server by using a client of the application server, the application server receives the request for obtaining the card application and sends the card application to the mobile device based on the request, and the card application is provided with a card application identification code.
The mobile device receives a card application from the application server and installs the card application in a secure chip of the NFC device, such that all security level calculations related to security/identity information are performed in the NFC secure chip; the card application carries an application identification of the application server, i.e. a card application identification code.
After the card application is installed, the acquired security/identity information data can be stored in the card application, and the mobile device is simulated as a virtual card for security/identity verification, which carries the acquired security/identity information data and the card application identification code. For convenience of explanation, hereinafter, an application process after acquiring security/identity information data will be described as a process using a virtual card.
The card application can store a plurality of different safety/identity information data, and the different safety/identity information data are distinguished and identified; these security/identity information data may come from different operators. In this way, the mobile device can be emulated as a plurality of virtual cards of different types, different operators. Therefore, a user can open a plurality of different types and virtual cards of different operators by downloading an application program (APP) and a card application in the mobile equipment, and the method is more convenient and flexible.
Referring to fig. 3, fig. 3 is a schematic flow chart of a security/identity verification method according to a third embodiment of the present application. In this embodiment, a process of using the NFC virtual card is mainly described, and the main steps are as follows:
s301: the mobile device receives a request for reading security/identity information initiated by the security/identity recognition device by using the own NFC device.
Wherein, the request for reading the security/identity information comprises the card application identification code.
Specifically, the security/identity recognition device is an NFC card reader, the mobile device is brought close to the NFC card reader, and after near field radio frequency communication is established, the NFC card reader initiates a request for reading security/identity information data to the mobile device.
S302: the mobile device responds to the request to read the security/identity information by matching the card application identification code in the request with the identification code of the card application installed in the mobile device.
The mobile device is provided with a card application with an identification code, and the NFC card reader can further read the security/identity information data stored in the card application only when the two identification codes are matched.
S303: if the corresponding card application identification code is matched, the mobile equipment sends the security/identity information data which is stored in the card application and matched with the request to the security/identity identification equipment, so that the security/identity identification equipment can verify the security/identity information.
Specifically, the mobile device sends the security/identity information data to the NFC card reader through the NFC controller of the NFC device, and the NFC card reader verifies the security information or the user identity information in the security/identity information data.
Therefore, the security/identity verification method provided by the application is suitable for any scene needing identity information verification, such as unlocking of door access, access of a limited area, unlocking of a shared bicycle, identification of member identity information and the like.
Optionally, in an embodiment, the security/identity information data comprises user identity information or user account information. After the security/identity information is verified, the security/identity recognition device can indirectly/directly control unlocking of the corresponding device or modification or permission operation of the user account.
Specifically, the safety/identity recognition device is connected to a locking device of the shared vehicle, the shared house or the shared living goods, and after the safety/identity recognition device verifies the safety/identity information, the locking device is indirectly/directly controlled to unlock the shared vehicle, the shared house or the shared living goods. The safety/identity recognition equipment directly sends the information that the identity information passes the verification to the locking device, and controls the intelligent lock to unlock the corresponding equipment; or the safety/identity recognition equipment sends the safety/identity information to a background management system of the corresponding equipment, the background management system verifies the card number information or the user identity information in the safety/identity information data, and the background management system controls the intelligent lock to unlock the corresponding equipment.
Or the safety/identity recognition equipment is connected with the operator management system, and after the safety/identity recognition equipment passes the safety/identity information verification, the safety/identity recognition equipment indirectly/directly controls the operator to deduct the fee from the virtual card account or modifies the point in the virtual card account.
Optionally, in an embodiment, after the corresponding device is used up or account information management is completed, the operator server sends the corresponding device usage details or account information change details to the mobile device through the application server, and displays the mobile device to the user through the client of the application server. The mobile device receives corresponding device use details or account information change details sent by different operator servers through the application server by using a client of the same application server.
Optionally, in an embodiment, the card application in the mobile device is installed in a secure chip of the NFC device, the security/identity information data is stored in the card application, and all security level calculations related to the security/identity information data are performed in the NFC secure chip. Specifically, please refer to fig. 4, in which fig. 4 is a schematic flowchart illustrating a fourth embodiment of the security/identity authentication method according to the present application. In this embodiment, the main process of using the NFC virtual card is as follows:
the mobile equipment is close to the safety/identity recognition equipment, and after near field radio frequency communication is established, the safety/identity recognition equipment initiates a request for reading safety/identity information data to the mobile equipment.
The NFC controller of the mobile equipment sends a received security/identity information data reading request to the NFC security chip, and after the NFC security chip receives the security/identity information data reading request, the NFC security chip matches a card application identification code in the request with a card application identification code installed on the NFC security chip; and if the corresponding card application identification code is matched, the NFC security chip sends the corresponding security/identity information data stored in the card application to the security/identity identification device through the NFC controller.
Wherein the NFC controller and the NFC secure chip are both integrated in the NFC chip (Ese full terminal scheme); or the NFC security chip and the NFC controller are independent respectively, the NFC controller is integrated in the NFC chip, and the NFC security chip is integrated in the SIM/SD card (machine-card cooperation scheme); or both the NFC secure chip and the NFC controller are integrated in the SIM/SD card (full card solution). Since the NFC security chip has a higher security level, by storing the security/identity information data in the NFC security chip and processing the security/identity information data-related service using the NFC security chip, the security of the application can be improved.
After receiving the security/identity information data, the security/identity recognition device performs different operations according to the settings or application environments of different operators.
Optionally, in an embodiment, a virtual card simulated by the mobile device is used as the identity for unlocking the corresponding device, and the corresponding device may be a shared vehicle, a shared house or a shared living goods, etc. Specifically, the lock can be applied to unlocking of a shared bicycle, opening of hotel rooms, opening of movie theaters and park scenic spots and the like. At this time, the virtual card can be regarded as a riding card, a hotel room card, a scenic spot ticket and the like of the shared bicycle. For example, security/identity information data with a valid period can be sent to the eSE mobile phone of the user when a hotel registers, and the user can unlock the hotel by using the NFC mobile phone. In other embodiments, the method is not limited to the shared products listed here, and is applicable to any scenario that requires authentication to pass.
Specifically, the security/identification device is arranged on a corresponding device product, and can be unlocked in an off-line mode or an on-line mode. The safety/identity recognition equipment is connected with the intelligent lock, and after the safety/identity recognition equipment receives the safety/identity information data and carries out local verification, the intelligent lock is directly controlled to be unlocked according to a verification result. Or the safety/identity recognition equipment is set to communicate with the shared product management background, the received safety/identity information data is sent to the corresponding equipment management background, and after the safety/identity recognition equipment is verified, the corresponding equipment management background controls the intelligent lock to unlock.
Optionally, in another embodiment, a virtual card emulated by the mobile device is used as the identity for the operator to manage the relevant information in the virtual card account. Such as the operator debiting the virtual card account or modifying points in the virtual card account. The virtual card may be considered a bus card, membership card, etc. Likewise, the method is applicable to any scenario in which a background account is the management mode.
Specifically, the security/identity recognition device is set to be in communication connection with an operator management background, and the security/identity recognition device sends the received security/identity information data to the operator management background, so that the operator management background acquires account information or identity information in the security/identity information data to correspondingly deduct the cost in the account or change the credit in the account.
In one application scenario, the above security/authentication method is described by taking the example of using a mobile device to simulate an XX shared bicycle riding card to unlock a shared bicycle. A user downloads an application client for installing an application server in mobile equipment, opens an application service client, and fills an application service opening request after registration and login so as to acquire a download card application; and after receiving the card application acquisition request, the application server sends the card application to the mobile phone, and the mobile phone receives and installs the card application in a security chip of the NFC device. After the card application is installed, the mobile phone can be used for acquiring the authentication data to perform card simulation. And selecting the riding card for opening the XX sharing bicycle in the application service client, filling basic information and submitting the basic information. And sending the XX riding card opening request to an application server, and after receiving the XX riding card opening request, the application server judges that the XX riding card opening request needs to be sent to the XX shared bicycle management server according to the XX identification in the request. The XX sharing bicycle management server receives and processes the request, XX riding card data are generated and sent to the application server, the application server decrypts and encrypts the XX riding card data and sends the XX riding card data to the mobile equipment through the secure channel, and the XX riding card data are stored in the NFC secure chip by the host system of the mobile equipment according to a protocol. The XX riding card data is provided with user identity information, virtual card numbers, virtual card account information and the like. After the card is opened, the mobile device can be used as an XX riding card. When the mobile phone is used, the mobile phone is directly close to a card reader on the XX sharing bicycle for card swiping (without opening an application service client interface), after card swiping response, the locking of the sharing bicycle is released, and a user uses the sharing bicycle.
After the bicycle is unlocked, the card number information of the XX riding card can be stored in the bicycle lock or the card reader. When the sharing bicycle is used, the intelligent lock is directly locked without swiping the card again. At the moment, the intelligent lock of the shared bicycle generates a statement request based on unlocking time, locking time, the bicycle lock identification code and the card number information of the riding card, and sends the statement request to the shared bicycle management server. And the shared bicycle management server processes the order-ending request, deducts the cost in the riding card and returns bill information to the mobile equipment. The shared bicycle management server can send the bill information to the mobile device through the application server and display the bill information to the user through the application service client.
In addition, besides the XX shared bicycle, the YY shared bicycle, or the MM hotel, the same application server and the application service client may be used for renting and managing the shared bicycle or hotel rooms, so that the application server becomes a common server and a platform for sharing products.
The existing unlocking mode of the shared bicycle is generally to scan a two-dimensional code on a bicycle body for identifying unlocking, but when light is poor or the two-dimensional code is worn, the identification efficiency is reduced; meanwhile, a plurality of different applications APP are required to be downloaded to pay for code scanning in order to use different brands of shared bicycles. By the method, NFC radio frequency communication is utilized, the identification efficiency is improved, meanwhile, the application server is utilized, a plurality of riding cards of different brands can be opened only by installing one application APP, and meanwhile, when card swiping identification is carried out, a corresponding application APP interface does not need to be opened any more, so that the method is more flexible and convenient; in addition, the operator does not need to develop and maintain the server serving as the virtual card operation background, even does not need to develop and maintain the application APP serving as the client in the mobile terminal, and only needs to provide the basic server for the user and the service management, so that the cost can be greatly reduced, the effort can be reduced, and the use efficiency of the shared product can be improved.
In further embodiments, the operator may even give the user, the service management base server, and the application server instead, and only need to retain control or ownership.
The present application further provides a mobile device for implementing the above security/identity verification method, specifically please refer to fig. 5, where fig. 5 is a schematic structural diagram of a first embodiment of the mobile device according to the present application. In this embodiment, the mobile device includes a processor 501, an NFC device 502, and a communication circuit 503, where the processor 501 is coupled to the NFC device 502 and the communication circuit 503, and executes an instruction when operating to implement the above security/identity verification method in cooperation with the NFC device 502 and the communication circuit 503, and a specific operating process is consistent with the above method embodiment, so that details are not repeated here, and please refer to the above description of the corresponding method step in detail. The mobile device can be a mobile phone, a tablet computer, a wearable device and the like.
Optionally, in an embodiment, the NFC device 502 includes an NFC secure chip and an NFC controller, the card application is installed in the NFC secure chip, the security/identity information data is stored in the card application, and corresponding calculation is performed in the NFC secure chip, so that the security of the virtual card can be improved.
The present application further provides a server for implementing the above security/identity verification method, specifically please refer to fig. 6, where fig. 6 is a schematic structural diagram of a first embodiment of the server in the present application. In this embodiment, the server includes a processor 601 and a communication circuit 602, where the processor 601 is coupled to the communication circuit 602, and executes an instruction when working, so as to implement the above security/identity verification method in cooperation with the communication circuit 602, and a specific working process is consistent with the above method embodiment, so that details are not repeated herein, and refer to the description of the corresponding method steps above in detail. The server can be a single server or a server cluster, and forms a service platform.
The server may serve as an application server to provide a trusted service management platform (SP TSM). On one hand, the SP TSM accesses to an SE provider TSM (SEI TSM) to acquire access authority to the SE, and a safe environment is provided for application service; on the other hand, the SP TSM serves as a bridge between various Service Providers (SPs) and users and supports access of a plurality of SPs. By the method, the participators can share service resources and infrastructure of cross-industry, the industry cooperation and resource sharing are realized, a wider market can be provided for application providers, and meanwhile, richer mobile services are provided for users.
The present application further provides a device with a storage function for implementing the above-mentioned security/identity authentication method, and specifically please refer to fig. 7, where fig. 7 is a schematic structural diagram of a first embodiment of the device with a storage function according to the present application. In this embodiment, the device 70 having a storage function stores a program 701, and the program 701 implements the above-described security/authentication method when executed. The specific working process is the same as the above method embodiment, and therefore, detailed description is not repeated here, and please refer to the description of the corresponding method steps above in detail. The storage device may be a portable storage medium such as a usb disk, an optical disk, a portable hard disk, a Read-Only Memory (ROM), a Random Access Memory (RAM), a magnetic disk, or other various media that can store program codes, and may also be a terminal, a server, or other media.
According to the scheme, the safety/identity authentication method provided by the application simulates the mobile equipment into the virtual card for identity identification authentication by using the NFC device in the mobile equipment. Meanwhile, the application server is utilized to simulate the mobile equipment into different types of virtual cards, and the safety/identity information data contains operator identification codes for distinguishing. By the method, the safety, flexibility and convenience of management and use of the shared product can be improved.
In the several embodiments provided in the present application, it should be understood that the disclosed system, apparatus and method may be implemented in other manners. For example, the above-described apparatus embodiments are merely illustrative, and for example, the division of the modules or units is only one logical division, and other divisions may be realized in practice, for example, a plurality of units or components may be combined or integrated into another system, or some features may be omitted, or not executed. In addition, the shown or discussed mutual coupling or direct coupling or communication connection may be an indirect coupling or communication connection through some interfaces, devices or units, and may be in an electrical, mechanical or other form.
The units described as separate parts may or may not be physically separate, and parts displayed as units may or may not be physical units, may be located in one place, or may be distributed on a plurality of network units. Some or all of the units can be selected according to actual needs to achieve the purpose of the embodiment.
In addition, functional units in the embodiments of the present application may be integrated into one processing unit, or each unit may exist alone physically, or two or more units may be integrated into one unit. The integrated unit can be realized in a form of hardware, and can also be realized in a form of a software functional unit.
The integrated unit, if implemented in the form of a software functional unit and sold or used as a stand-alone product, may be stored in a computer readable storage medium. Based on such understanding, the technical solution of the present application may be substantially implemented or contributed by the prior art, or all or part of the technical solution may be embodied in a software product, which is stored in a storage medium and includes instructions for causing a computer device (which may be a personal computer, a server, a network device, or the like) or a processor (processor) to execute all or part of the steps of the method according to the embodiments of the present application.
The above description is only for the purpose of illustrating embodiments of the present application and is not intended to limit the scope of the present application, and all modifications of equivalent structures and equivalent processes, which are made by the contents of the specification and the drawings of the present application or are directly or indirectly applied to other related technical fields, are also included in the scope of the present application.
Claims (12)
1. A method of security/identity verification, the method comprising:
the mobile equipment receives a request for reading the safety/identity information, which is initiated by the safety/identity identification equipment, by utilizing an NFC device of the mobile equipment, wherein the request comprises a card application identification code;
the mobile equipment responds to the request for reading the safety/identity information, and matches the card application identification code in the request with the identification code of the card application installed in the mobile equipment;
if the corresponding card application identification code is matched, the mobile equipment sends the security/identity information data which is stored in the card application and matched with the request to the security/identity identification equipment so that the security/identity identification equipment can verify the security/identity information, the card application stores a plurality of security/identity information data from different operators, and the plurality of security/identity information data from different operators are obtained by the mobile equipment from the application server by using a client of the same application server.
2. The method of claim 1, wherein the mobile device receiving a security/identity device initiated request to read security/identity information using its own NFC device is preceded by:
the mobile device receiving a card application from an application server and installing the card application in a secure chip of an NFC device such that all security level calculations related to the security/identity information are performed in the secure chip of the NFC device; the card application carries a card application identification code.
3. The method of claim 2, wherein the mobile device, using its own NFC device, prior to receiving the request for reading security/identity information from the security/identity recognition device further comprises:
the mobile equipment sends a request for acquiring security/identity information data to the application server by using a client of the application server;
the mobile device receives security/identity information data from the application server and stores the security/identity information data in the card application.
4. The method of claim 3, wherein the mobile device, using its own NFC device, prior to receiving the request for reading security/identity information from the security/identity recognition device further comprises:
the mobile device receives a plurality of different security/identity information data from the application server, stores the plurality of different security/identity information data in the card application, and performs partition identification on the different security/identity information data;
wherein the application server is connected to a plurality of different operator servers, the plurality of different security/identity information data being obtained by the application server from the plurality of different operator servers.
5. The method according to claim 1, wherein the security/identity information data includes user identity information or user account information, so that the security/identity recognition device indirectly/directly controls unlocking of the corresponding device or modification or permission of the user account after passing the security/identity information verification.
6. The method according to claim 5, wherein the indirectly/directly controlling unlocking of the corresponding device or modification or permission of the user account after the security/identity information is verified by the security/identity recognition device comprises:
the safety/identity recognition equipment is connected with a locking device of a shared vehicle, a shared house or a shared living article, and after the safety/identity recognition equipment passes the safety/identity information verification, the safety/identity recognition equipment indirectly/directly controls the locking device to unlock the shared vehicle, the shared house or the shared living article; or
The safety/identity recognition equipment is connected with an operator management system, and after the safety/identity recognition equipment passes the safety/identity information verification, the safety/identity recognition equipment indirectly/directly controls the operator to deduct the fee from the virtual card account or modifies the point in the virtual card account.
7. The method of claim 6, further comprising:
and the mobile equipment receives the corresponding equipment use details or account information change details information sent by different operator servers through the application server by utilizing the client of the same application server.
8. A method of security/identity verification, the method comprising:
the method comprises the steps that an application server receives a request for acquiring safety/identity information data from a mobile device and sends the request for acquiring the safety/identity information data to a corresponding operator server so that the operator server can generate corresponding safety/identity information data, wherein the request for acquiring the safety/identity information data is provided with an operator identification code, the application server is connected with a plurality of different operator servers, and the requests for acquiring the safety/identity information data provided with different operator identification codes come from the same application of the mobile device;
the application server receives the security/identity information data with the operator identification code from the operator server, processes the security/identity information data, and then sends the security/identity information data with the operator identification code to the mobile device.
9. The method of claim 8, wherein the application server receiving the request for security/identity information data from the mobile device comprises:
the application server receives a request for obtaining a card application from a mobile device, and sends the card application to the mobile device based on the request, wherein the card application is provided with a card application identification code.
10. A mobile device comprising a processor, an NFC device, and communication circuitry, the processor coupled to the NFC device and communication circuitry and operable to execute instructions to implement the security/authentication method of any of claims 1-7 in cooperation with the NFC device and communication circuitry.
11. A server, comprising a processor and a communication circuit, wherein the processor is coupled to the communication circuit, and wherein the processor, when operating, executes instructions to implement the security/authentication method of any one of claims 8 to 9.
12. An apparatus having a storage function, characterized by storing a program which, when executed, implements the security/authentication method according to any one of claims 1 to 9.
Applications Claiming Priority (2)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN201810143894 | 2018-02-09 | ||
| CN2018101438948 | 2018-02-09 |
Publications (2)
| Publication Number | Publication Date |
|---|---|
| CN108734005A CN108734005A (en) | 2018-11-02 |
| CN108734005B true CN108734005B (en) | 2021-02-09 |
Family
ID=63940539
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN201810271957.8A Active CN108734005B (en) | 2018-02-09 | 2018-03-29 | Security/identity authentication method, mobile equipment and storage device |
Country Status (1)
| Country | Link |
|---|---|
| CN (1) | CN108734005B (en) |
Families Citing this family (5)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN109858925A (en) * | 2019-01-08 | 2019-06-07 | 深圳市网心科技有限公司 | Display methods, system, terminal, electronic product, computer readable storage medium |
| CN110648131B (en) * | 2019-08-27 | 2022-06-17 | Oppo广东移动通信有限公司 | Near field communication-based card swiping method and device, electronic equipment and storage medium |
| CN112529564A (en) * | 2019-09-18 | 2021-03-19 | 华为技术有限公司 | Method and electronic equipment for near field wireless communication |
| WO2021196966A1 (en) * | 2020-04-02 | 2021-10-07 | 中国银联股份有限公司 | Transaction method, gateway device, payment platform, merchant device and transaction system |
| CN114980046A (en) * | 2021-02-25 | 2022-08-30 | 华为技术有限公司 | Communication method, device and system |
Citations (3)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN201654884U (en) * | 2010-04-19 | 2010-11-24 | 泉州市华大数码科技有限公司 | Third-party access system for one-card system |
| CN201788535U (en) * | 2010-08-23 | 2011-04-06 | 天津渤海化工有限责任公司天津碱厂 | One-card intelligent management system |
| CN103455828A (en) * | 2012-06-04 | 2013-12-18 | 深圳商联商用科技有限公司 | Method and system for achieving all-purpose card |
Family Cites Families (5)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| US20120271692A1 (en) * | 2011-04-23 | 2012-10-25 | Xingang Huang | Method and System for Smart Phone Based Virtual Card |
| EP3050335B1 (en) * | 2013-09-24 | 2019-12-04 | Intel Corporation | Systems and methods for nfc access control in a secure element centric nfc architecture |
| CN106940767A (en) * | 2016-01-05 | 2017-07-11 | 阿里巴巴集团控股有限公司 | A kind of application of IC cards safe verification method and device |
| CN105976177A (en) * | 2016-04-29 | 2016-09-28 | 广州市香港科大霍英东研究院 | NFC (near field communication)-oriented cloud payment method |
| CN106384183A (en) * | 2016-05-03 | 2017-02-08 | 深圳市微付充科技有限公司 | ID card management system |
-
2018
- 2018-03-29 CN CN201810271957.8A patent/CN108734005B/en active Active
Patent Citations (3)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN201654884U (en) * | 2010-04-19 | 2010-11-24 | 泉州市华大数码科技有限公司 | Third-party access system for one-card system |
| CN201788535U (en) * | 2010-08-23 | 2011-04-06 | 天津渤海化工有限责任公司天津碱厂 | One-card intelligent management system |
| CN103455828A (en) * | 2012-06-04 | 2013-12-18 | 深圳商联商用科技有限公司 | Method and system for achieving all-purpose card |
Also Published As
| Publication number | Publication date |
|---|---|
| CN108734005A (en) | 2018-11-02 |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| CN108734005B (en) | Security/identity authentication method, mobile equipment and storage device | |
| CN105991287B (en) | A kind of generation of signed data and finger print identifying requesting method and device | |
| CN110073387A (en) | Confirm being associated between communication equipment and user | |
| KR20120089786A (en) | Nfc transaction server | |
| US10311436B2 (en) | User authentication method and device for credentials back-up service to mobile devices | |
| KR20170027160A (en) | Electronic device and method for payment transaction | |
| CN104025137A (en) | System and method for authorizing transactions utilizing unpredictable passwords | |
| CN109992949A (en) | A kind of equipment authentication method, air card-writing method and apparatus authentication device | |
| JP2001195548A (en) | Information carrying and processing system, access device for information carrying device, and information carrying device | |
| KR101702748B1 (en) | Method, system and recording medium for user authentication using double encryption | |
| US20210194691A1 (en) | Methods and apparatus for authorizing and providing of distributed goods or services | |
| US20190026704A1 (en) | Method of registering a membership for an electronic payment, system for same, and apparatus and terminal thereof | |
| CN107924516B (en) | Payment authentication method and device of mobile terminal and mobile terminal | |
| US11182777B2 (en) | Systems and methods using a primary account number to represent identity attributes | |
| KR101660674B1 (en) | an NFC mobile phone ID card certification system by the using of HCE function | |
| JP2015133567A (en) | Portable communication terminal, management server, electronic ticket system, and program | |
| US20210166224A1 (en) | Methods and apparatus for authorizing and providing of goods or services with reduced hardware resources | |
| US20190279213A1 (en) | Method for processing transaction data, corresponding communications terminal, card reader and program | |
| KR101795849B1 (en) | Authentication apparatus and method for connectivity of fintech services, and computer program for the same | |
| KR101710950B1 (en) | Method for distributing encrypt key, card reader and system for distributing encrypt key thereof | |
| KR101639794B1 (en) | Authentication method and system for user confirmation and user authentication | |
| KR20130040032A (en) | Method, system and apparatus for providing electronic payment by using login information | |
| CN109801059B (en) | Mobile payment system and mobile payment method | |
| EP3446274A1 (en) | Method and device for authorizing mobile transactions | |
| Kasper et al. | Rights management with NFC smartphones and electronic ID cards: A proof of concept for modern car sharing |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| PB01 | Publication | ||
| PB01 | Publication | ||
| SE01 | Entry into force of request for substantive examination | ||
| SE01 | Entry into force of request for substantive examination | ||
| GR01 | Patent grant | ||
| GR01 | Patent grant |