CN109660355B - Method, device, storage medium and terminal for preventing POS terminal from being illegally tampered - Google Patents

Method, device, storage medium and terminal for preventing POS terminal from being illegally tampered Download PDF

Info

Publication number
CN109660355B
CN109660355B CN201811537335.1A CN201811537335A CN109660355B CN 109660355 B CN109660355 B CN 109660355B CN 201811537335 A CN201811537335 A CN 201811537335A CN 109660355 B CN109660355 B CN 109660355B
Authority
CN
China
Prior art keywords
pos terminal
key
key information
random
terminal
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Active
Application number
CN201811537335.1A
Other languages
Chinese (zh)
Other versions
CN109660355A (en
Inventor
郭鸿志
万利强
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
Shenzhen Jiecheng Technology Service Co ltd
Original Assignee
Shenzhen Jiecheng Technology Service Co ltd
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Shenzhen Jiecheng Technology Service Co ltd filed Critical Shenzhen Jiecheng Technology Service Co ltd
Priority to CN201811537335.1A priority Critical patent/CN109660355B/en
Publication of CN109660355A publication Critical patent/CN109660355A/en
Application granted granted Critical
Publication of CN109660355B publication Critical patent/CN109660355B/en
Active legal-status Critical Current
Anticipated expiration legal-status Critical

Links

Images

Classifications

    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/32Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials
    • H04L9/3247Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials involving digital signatures
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06QINFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES, NOT OTHERWISE PROVIDED FOR
    • G06Q20/00Payment architectures, schemes or protocols
    • G06Q20/08Payment architectures
    • G06Q20/20Point-of-sale [POS] network systems
    • G06Q20/204Point-of-sale [POS] network systems comprising interface for record bearing medium or carrier for electronic funds transfer or payment credit
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06QINFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES, NOT OTHERWISE PROVIDED FOR
    • G06Q20/00Payment architectures, schemes or protocols
    • G06Q20/38Payment protocols; Details thereof
    • G06Q20/382Payment protocols; Details thereof insuring higher security of transaction
    • G06Q20/3825Use of electronic signatures
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06QINFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES, NOT OTHERWISE PROVIDED FOR
    • G06Q20/00Payment architectures, schemes or protocols
    • G06Q20/38Payment protocols; Details thereof
    • G06Q20/382Payment protocols; Details thereof insuring higher security of transaction
    • G06Q20/3829Payment protocols; Details thereof insuring higher security of transaction involving key management
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/08Network architectures or network communication protocols for network security for authentication of entities
    • H04L63/0876Network architectures or network communication protocols for network security for authentication of entities based on the identity of the terminal or configuration, e.g. MAC address, hardware or software configuration or device fingerprint
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/12Applying verification of the received information
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/14Network architectures or network communication protocols for network security for detecting or protecting against malicious traffic
    • H04L63/1441Countermeasures against malicious traffic
    • H04L63/1466Active attacks involving interception, injection, modification, spoofing of data unit addresses, e.g. hijacking, packet injection or TCP sequence number attacks
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/08Key distribution or management, e.g. generation, sharing or updating, of cryptographic keys or passwords
    • H04L9/0816Key establishment, i.e. cryptographic processes or cryptographic protocols whereby a shared secret becomes available to two or more parties, for subsequent use
    • H04L9/085Secret sharing or secret splitting, e.g. threshold schemes
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/08Key distribution or management, e.g. generation, sharing or updating, of cryptographic keys or passwords
    • H04L9/0861Generation of secret information including derivation or calculation of cryptographic keys or passwords
    • H04L9/0869Generation of secret information including derivation or calculation of cryptographic keys or passwords involving random numbers or seeds

Landscapes

  • Engineering & Computer Science (AREA)
  • Computer Security & Cryptography (AREA)
  • Business, Economics & Management (AREA)
  • Accounting & Taxation (AREA)
  • Computer Networks & Wireless Communication (AREA)
  • Signal Processing (AREA)
  • Finance (AREA)
  • Strategic Management (AREA)
  • Theoretical Computer Science (AREA)
  • Computing Systems (AREA)
  • Computer Hardware Design (AREA)
  • Physics & Mathematics (AREA)
  • General Business, Economics & Management (AREA)
  • General Physics & Mathematics (AREA)
  • General Engineering & Computer Science (AREA)
  • Development Economics (AREA)
  • Economics (AREA)
  • Power Engineering (AREA)
  • Cash Registers Or Receiving Machines (AREA)
  • Storage Device Security (AREA)
  • Management, Administration, Business Operations System, And Electronic Commerce (AREA)

Abstract

The invention provides a method for preventing a POS terminal from being illegally tampered, which comprises the following steps: acquiring key information of the POS terminal; wherein the key information comprises at least one of: CPU id, FLASH id, product serial number and MAC id; judging whether the key information is consistent with the key information acquired by the POS terminal in real time; and if so, the POS terminal normally operates. The invention also provides a device for preventing the POS terminal from being illegally tampered, a storage medium and the POS terminal. The invention can improve the safety of the POS terminal and prevent the POS terminal from being illegally tampered.

Description

Method, device, storage medium and terminal for preventing POS terminal from being illegally tampered
Technical Field
The present invention relates to the field of electronic technologies, and in particular, to a method, an apparatus, a storage medium, and a POS terminal for preventing a POS terminal from being illegally tampered.
Background
The POS terminal is a multifunctional terminal, and is installed in special commercial tenant and accepting network of credit card to form network with computer, so that it can implement automatic transfer of electronic fund, and has the functions of supporting consumption, preauthorization, balance inquiry and transfer, etc. and is safe, quick and reliable in use.
The current POS terminal generally adopts a digital signature manner to protect the software system and the application program step by step to prevent illegal installation and replacement. The existing POS terminal is easy to replace a root certificate and a program in a brute force cracking mode, so that the safety is low.
Disclosure of Invention
In view of the above, it is desirable to provide a method, an apparatus, a storage medium and a POS terminal for preventing the POS terminal from being illegally tampered with, which can improve the security of the POS terminal.
The invention provides a method for preventing a POS terminal from being illegally tampered, which comprises the following steps:
acquiring key information of the POS terminal; wherein the key information comprises at least one of: CPU id, FLASH id, product serial number and MAC id;
judging whether the key information is consistent with the key information acquired by the POS terminal in real time;
and if so, the POS terminal normally operates.
Further, the acquiring of the key information of the POS terminal includes:
acquiring an authentication code ciphertext of the POS terminal; encrypting original key information of the terminal through a shared secret key of the POS terminal to obtain the authentication code ciphertext;
and decrypting the authentication code ciphertext through the shared secret key to obtain the key information.
Further, encrypting the shared secret key by a random secret key of the POS terminal; after the obtaining of the authentication code ciphertext of the POS terminal, the method includes:
decrypting the encrypted shared key with the random key.
Further, the random key is obtained by storing a true random number generated by the POS terminal in an OTP memory of a CPU when the POS terminal is started for the first time.
Further, before the POS terminal operates normally, the method further includes:
decrypting the encrypted digital signature by the random key; encrypting the digital signature through the random key to obtain an encrypted digital signature;
verifying the integrity and the legality of the program file through the digital signature;
and if the program file is complete and legal, executing the normal operation of the POS terminal.
The present invention also provides an apparatus for preventing a POS terminal from being illegally tampered, the apparatus including:
the acquisition module is used for acquiring key information of the POS terminal; wherein the key information comprises at least one of: CPU id, FLASH id, product serial number and MAC id;
the judging module is used for judging whether the key information is consistent with the key information acquired by the POS terminal in real time;
and the operation module is used for normally operating the POS terminal when the key information is consistent with the key information acquired by the POS terminal in real time.
Further, the obtaining module is specifically configured to:
acquiring an authentication code ciphertext of the POS terminal; encrypting original key information of the terminal through a shared secret key of the POS terminal to obtain the authentication code ciphertext;
and decrypting the authentication code ciphertext through the shared secret key to obtain the key information.
Further, encrypting the shared secret key by a random secret key of the POS terminal; the device further comprises:
and the decryption module is used for decrypting the encrypted shared secret key through the random secret key after the authentication code ciphertext of the POS terminal is obtained.
The invention also provides a POS terminal, which comprises a storage device and a processor, wherein the processor is connected with the storage device, the storage device is stored with a computer program, and the processor realizes the steps of the method for preventing the POS terminal from being illegally tampered when executing the computer program.
The invention also provides a readable storage medium, on which a computer program is stored, characterized in that the computer program, when executed by a processor, implements the steps of the method for preventing a POS terminal from being illegally tampered with.
Compared with the prior art, the invention has the following beneficial effects: acquiring key information of the POS terminal; wherein the key information comprises at least one of: CPU id, FLASH id, product serial number and MAC id; judging whether the key information is consistent with the key information acquired by the POS terminal in real time; and if so, the POS terminal normally operates. The invention can verify whether the key information of the POS terminal is changed or not, and the POS terminal normally operates without being changed, thereby improving the safety of the POS terminal and preventing illegal tampering.
Drawings
Fig. 1 is a flowchart of a method for preventing a POS terminal from being illegally tampered according to a first embodiment of the present invention.
Fig. 2 is a flowchart of a method for preventing a POS terminal from being illegally tampered according to a second embodiment of the present invention.
Fig. 3 is a flowchart of a method for preventing a POS terminal from being illegally tampered according to a third embodiment of the present invention.
Fig. 4 is a flowchart of a method for preventing a POS terminal from being illegally tampered according to a second embodiment of the present invention.
Fig. 5 is a schematic structural diagram of an apparatus for preventing a POS terminal from being illegally tampered with according to the present invention.
The following detailed description will further illustrate the invention in conjunction with the above-described figures.
Detailed Description
The technical solutions in the embodiments of the present invention will be clearly and completely described below with reference to the drawings in the embodiments of the present invention, and it is obvious that the described embodiments are only a part of the embodiments of the present invention, and not all of the embodiments. All other embodiments, which can be derived by a person skilled in the art from the embodiments of the present invention without any inventive step, are within the scope of the present invention. It is to be understood that the drawings are provided solely for the purposes of reference and illustration and are not intended as a definition of the limits of the invention.
Referring to fig. 1, fig. 1 is a flowchart illustrating a method for preventing a POS terminal from being illegally tampered according to a first embodiment of the present invention.
In this embodiment, the method for preventing the POS terminal from being illegally tampered may include the following steps.
S11: and acquiring key information of the POS terminal.
In step S11, the key information includes at least one of: the CPU id, the FLASH id, the product serial number and the MAC id can be one or more. Further, the key information may include at least: CPU id and/or FLASH id. The key information is already loaded into the terminal at the time of manufacture of the terminal.
S12: and judging whether the key information is consistent with the key information acquired by the POS terminal in real time, if so, executing the step S13, and if not, ending or prompting abnormity, and then performing abnormity processing.
When the key information is one item, only the key information is verified, if the key information is multiple items, whether the information of each item is consistent with the key information acquired by the POS terminal in real time can be sequentially verified, and the verification sequence can be preset or can be randomly verified.
S13: and the POS terminal normally operates.
The most core module in the POS terminal is a secure CPU, but the internal storage resources of the secure CPU are generally scarce, and data such as firmware programs and digital certificates have to be stored in an external memory, such as SPI FLASH, NAND FLASH, and therefore, the existing POS terminal is easily removed violently to tamper with, replace data, and restore the terminal. The method for preventing the POS terminal from being illegally tampered provided by the embodiment can prevent the hardware composition of the POS terminal from being violently disassembled, and if the hardware is illegally replaced, the POS terminal prompts abnormity and cannot normally run.
Referring to fig. 2, fig. 2 is a flowchart illustrating a method for preventing a POS terminal from being illegally tampered according to a second embodiment of the present invention. It should be understood that the technical solutions in the first embodiment can be correspondingly applied to the second embodiment, which is not described herein.
In this embodiment, the method for preventing the POS terminal from being illegally tampered may include the following steps.
S21: and obtaining an authentication code ciphertext of the POS terminal.
In this embodiment, the authentication code ciphertext is obtained by encrypting the original key information of the terminal with the shared key of the POS terminal.
During the POS terminal shipment phase, each POS terminal has a shared secret key that can be actively imported and generated by the factory manufacturing system. Each POS terminal may be provided with a unique shared key according to management needs, but of course, the same shared key may be used in accordance with a production lot, customer classification, or production date for convenience of management.
The shared key may encrypt original key information of the terminal through a 3DES (triple data encryption algorithm). The shared secret key can also encrypt the ID of other hardware, such as the ID of a Bluetooth chip, so as to improve the security when the terminal is illegally detached.
S22: and decrypting the authentication code ciphertext through the shared secret key to obtain key information.
The shared secret key can decrypt the authentication code ciphertext through a 3DES algorithm to obtain key information.
S23: and judging whether the key information is consistent with the key information acquired by the POS terminal in real time, if so, executing the step S24, and if not, ending or prompting abnormity, and then performing abnormity processing.
S24: and the POS terminal normally operates.
The method for preventing the POS terminal from being illegally tampered according to the embodiment comprises the following steps: and acquiring an authentication code ciphertext of the POS terminal, decrypting the authentication code ciphertext through the shared key to obtain the key information, judging whether the key information is consistent with the key information acquired by the POS terminal in real time, and if so, normally operating the POS terminal. Therefore, this embodiment has the advantages of the first embodiment, and can further improve the security of the key information, prevent the key information from leaking, and further prevent the POS terminal from being illegally tampered.
Referring to fig. 3, fig. 3 is a flowchart illustrating a method for preventing a POS terminal from being illegally tampered according to a third embodiment of the present invention. It should be understood that the technical solutions in the first embodiment and/or the second embodiment may be correspondingly applied to the third embodiment, and are not described herein.
In this embodiment, the method for preventing the POS terminal from being illegally tampered may include the following steps.
S31: and obtaining an authentication code ciphertext of the POS terminal.
In this embodiment, the authentication code ciphertext is obtained by encrypting the original key information of the POS terminal with the shared key of the POS terminal, and the shared key is encrypted with the random key of the POS terminal, which is then re-encrypted, thereby improving security. The random key may also encrypt the shared key by the 3DES algorithm.
Preferably, the random key is obtained by storing a true random number generated by the POS terminal in an OTP memory (one-time programmable memory) of the CPU when the POS terminal is first started, and after the program is burned into the CPU, the true random number cannot be changed and cleared again, and the random key stored in the OTP memory of the CPU is the highest in security. Therefore, only the original hardware of the POS terminal itself can identify and use the random key, and cannot derive the random key, and the random key of each terminal is unique, that is, only the original hardware of the POS terminal itself can decrypt the encrypted shared key. The random key may encrypt not only the shared key but also digital certificates, security configuration information, and the like.
S32: the encrypted shared key is decrypted by the random key.
S33: and decrypting the authentication code ciphertext through the shared secret key to obtain the key information.
S34: and judging whether the key information is consistent with the key information acquired by the POS terminal in real time, if so, executing the step S35, and if not, ending or prompting abnormity, and then performing abnormity processing.
S35: and the POS terminal normally operates.
The method for preventing the POS terminal from being illegally tampered comprises the steps of obtaining an authentication code ciphertext of the POS terminal, decrypting the encrypted shared secret key through the random secret key, decrypting the authentication code ciphertext through the shared secret key to obtain the key information, judging whether the key information is consistent with the key information obtained by the POS terminal in real time, and if so, enabling the POS terminal to normally operate.
Referring to fig. 4, fig. 4 is a flowchart illustrating a method for preventing a POS terminal from being illegally tampered according to a fourth embodiment of the present invention. It should be understood that the technical solutions in the first embodiment and/or the second embodiment and/or the third embodiment may be correspondingly applied to the fourth embodiment, which is not described herein again.
In this embodiment, the method for preventing the POS terminal from being illegally tampered may include the following steps.
S41: and obtaining an authentication code ciphertext of the POS terminal.
S42: the encrypted shared key is decrypted by the random key.
S43: and decrypting the authentication code ciphertext through the shared secret key to obtain the key information.
S44: and judging whether the key information is consistent with the key information acquired by the POS terminal in real time, if so, executing the step S45, and if not, ending or prompting abnormity, and then performing abnormity processing.
S45: decrypting the encrypted digital signature by the random key; and encrypting the digital signature through the random key to obtain an encrypted digital signature.
S46: and verifying the integrity and the legality of the program file through the digital signature, if the program file is complete and legal, executing step 47, and if the program file is incomplete and/or illegal, ending or prompting an exception, and then performing exception handling.
S47: and the POS terminal normally operates.
The embodiment can not only prevent the terminal hardware from being illegally tampered, but also well prevent the terminal program file from being illegally tampered, thereby further improving the safety of the POS terminal.
Fig. 5 is a schematic structural diagram of an apparatus 200 for preventing a POS terminal from being illegally tampered with according to the present invention. The device 200 can be stored in a storage unit of the terminal 100 and executed by a processor of the terminal 100, thereby realizing the method for preventing the POS terminal from being illegally tampered.
The apparatus 200 for preventing the POS terminal from being illegally tampered with may include: an acquisition module 21, a judgment module 22 and an operation module 23.
The obtaining module 21 is configured to obtain key information of the POS terminal; wherein the key information comprises at least one of: CPU id, FLASH id, product serial number and MAC id.
The judging module 22 is configured to judge whether the key information is consistent with the key information obtained by the POS terminal in real time.
The operation module 23 is configured to, when the key information is consistent with the key information obtained by the POS terminal in real time, enable the POS terminal to operate normally.
Further, the obtaining module 21 is specifically configured to:
acquiring an authentication code ciphertext of the POS terminal; and encrypting the original key information of the terminal through the shared secret key of the POS terminal to obtain the authentication code ciphertext.
And decrypting the authentication code ciphertext through the shared secret key to obtain the key information.
Further, the shared key is encrypted by the random key of the POS terminal, and the apparatus further includes a decryption module 24.
The first decryption module 24 is configured to decrypt the encrypted shared key through the random key after the authentication code ciphertext of the POS terminal is obtained.
Further, the random key is obtained by storing a true random number generated by the POS terminal in an OTP memory of a CPU when the POS terminal is started for the first time.
Further, the apparatus further comprises a second decryption module 25 and a verification module 26.
The second decryption module 25 is configured to decrypt the encrypted digital signature through the random key before the POS terminal operates normally; and encrypting the digital signature through the random key to obtain an encrypted digital signature.
The verification module 26 is configured to verify the integrity and validity of the program file through the digital signature.
The operation module 23 is configured to, when the program file is complete and legal, normally operate the POS terminal.
Various software may be implemented in the terminal 100, software code may be implemented in software programmed according to any suitable software language, and the software code may be stored in a storage device and executed by the processor.
The processor may implement the steps of the method for preventing the illegal tampering of the POS terminal of the present invention when executing the program related to the method for preventing the illegal tampering of the POS terminal stored in the storage device.
The invention provides a readable storage medium, which stores a computer program, and the computer program realizes the steps of the method for preventing the POS terminal from being illegally tampered according to the embodiments of the invention when being executed by a processor.
The above description is only for the purpose of illustrating the preferred embodiments of the present invention and is not to be construed as limiting the invention, and any modifications, equivalents and improvements made within the spirit and principle of the present invention are intended to be included within the scope of the present invention.

Claims (5)

1. A method for preventing illegal tampering with a POS terminal, the method comprising:
acquiring an authentication code ciphertext of the POS terminal; the authentication code ciphertext is obtained by encrypting original key information of the terminal through a shared secret key of the POS terminal, and the shared secret key is encrypted through a random secret key of the POS terminal; the random key is obtained by storing a true random number generated by the POS terminal in an OTP memory of a CPU when the POS terminal is started for the first time; the key information includes at least one of: CPUid, FLASHId, product serial number and MACid;
decrypting the encrypted shared key by the random key;
decrypting the authentication code ciphertext through the shared secret key to obtain the key information;
judging whether the key information is consistent with the key information acquired by the POS terminal in real time;
and if so, the POS terminal normally operates.
2. The method of preventing illegal tampering with a POS terminal of claim 1, further comprising, before the POS terminal is operating normally:
decrypting the encrypted digital signature by the random key; encrypting the digital signature through the random key to obtain an encrypted digital signature;
verifying the integrity and the legality of the program file through the digital signature;
and if the program file is complete and legal, executing the normal operation of the POS terminal.
3. An apparatus for preventing illegal tampering with a POS terminal, the apparatus comprising:
the obtaining module is used for obtaining the authentication code ciphertext of the POS terminal; the authentication code ciphertext is obtained by encrypting original key information of the terminal through a shared secret key of the POS terminal, and the shared secret key is encrypted through a random secret key of the POS terminal; the random key is obtained by storing a true random number generated by the POS terminal in an OTP memory of a CPU when the POS terminal is started for the first time; the key information includes at least one of: CPUid, FLASHId, product serial number and MACid;
a decryption module for decrypting the encrypted shared key by the random key;
the judging module is used for judging whether the key information is consistent with the key information acquired by the POS terminal in real time;
and the operation module is used for normally operating the POS terminal when the key information is consistent with the key information acquired by the POS terminal in real time.
4. A POS terminal comprising a storage device and a processor, said processor being connected to said storage device, wherein said storage device has a computer program stored thereon, said processor, when executing said computer program, implementing the steps of the method for preventing illegal tampering of a POS terminal according to claim 1 or 2.
5. A readable storage medium on which a computer program is stored, the computer program, when being executed by a processor, implementing the steps of the method for preventing illegal tampering of a POS terminal according to claim 1 or 2.
CN201811537335.1A 2018-12-15 2018-12-15 Method, device, storage medium and terminal for preventing POS terminal from being illegally tampered Active CN109660355B (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
CN201811537335.1A CN109660355B (en) 2018-12-15 2018-12-15 Method, device, storage medium and terminal for preventing POS terminal from being illegally tampered

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
CN201811537335.1A CN109660355B (en) 2018-12-15 2018-12-15 Method, device, storage medium and terminal for preventing POS terminal from being illegally tampered

Publications (2)

Publication Number Publication Date
CN109660355A CN109660355A (en) 2019-04-19
CN109660355B true CN109660355B (en) 2022-04-26

Family

ID=66114356

Family Applications (1)

Application Number Title Priority Date Filing Date
CN201811537335.1A Active CN109660355B (en) 2018-12-15 2018-12-15 Method, device, storage medium and terminal for preventing POS terminal from being illegally tampered

Country Status (1)

Country Link
CN (1) CN109660355B (en)

Family Cites Families (3)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN101482887B (en) * 2009-02-18 2013-01-09 北京数码视讯科技股份有限公司 Anti-tamper verification method for key data in database
WO2018165920A1 (en) * 2017-03-15 2018-09-20 深圳大趋智能科技有限公司 Security verification method and apparatus for pos machine
CN107330333B (en) * 2017-06-06 2020-04-03 百富计算机技术(深圳)有限公司 Method and device for ensuring safety of firmware of POS (point-of-sale) machine

Also Published As

Publication number Publication date
CN109660355A (en) 2019-04-19

Similar Documents

Publication Publication Date Title
US11743054B2 (en) Method and system for creating and checking the validity of device certificates
US8930700B2 (en) Remote device secure data file storage system and method
CN107004083B (en) Device key protection
CN106452764B (en) Method for automatically updating identification private key and password system
US20160072626A1 (en) Cryptographically-verifiable attestation label
CN107920052B (en) Encryption method and intelligent device
US20180204004A1 (en) Authentication method and apparatus for reinforced software
CN104579680B (en) A kind of method of secure distribution seed
CN111814132B (en) Security authentication method and device, security authentication chip and storage medium
US20090119505A1 (en) Transaction method and verification method
CN112528236B (en) Application software authorization method based on virtual machine
US20100031045A1 (en) Methods and system and computer medium for loading a set of keys
CN108494783A (en) The guard method of high in the clouds data
CN112800392A (en) Authorization method and device based on soft certificate and storage medium
CN108768941B (en) Method and device for remotely unlocking safety equipment
US20210406405A1 (en) Pqa unlock
CN103592927A (en) Method for binding product server and service function through license
WO2013079893A1 (en) User access control based on a graphical signature
CN110445774B (en) Security protection method, device and equipment for IoT (Internet of things) equipment
CN103281188A (en) Method and system for backing up private key in electronic signature token
US20170330177A1 (en) Payment terminal authentication
CN101661573B (en) Method for producing electronic seal and method for using electronic seal
CN109660355B (en) Method, device, storage medium and terminal for preventing POS terminal from being illegally tampered
CN110210189B (en) Software verification method, software and hardware binding method and programmable device thereof
CN114297673A (en) Password verification method, solid state disk and upper computer

Legal Events

Date Code Title Description
PB01 Publication
PB01 Publication
SE01 Entry into force of request for substantive examination
SE01 Entry into force of request for substantive examination
GR01 Patent grant
GR01 Patent grant