CN110555693B - System and method for realizing two-dimension code safety by using SIM card - Google Patents
System and method for realizing two-dimension code safety by using SIM card Download PDFInfo
- Publication number
- CN110555693B CN110555693B CN201810564395.6A CN201810564395A CN110555693B CN 110555693 B CN110555693 B CN 110555693B CN 201810564395 A CN201810564395 A CN 201810564395A CN 110555693 B CN110555693 B CN 110555693B
- Authority
- CN
- China
- Prior art keywords
- sim card
- data
- address book
- dimensional code
- unit
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Active
Links
Classifications
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06Q—INFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES, NOT OTHERWISE PROVIDED FOR
- G06Q20/00—Payment architectures, schemes or protocols
- G06Q20/30—Payment architectures, schemes or protocols characterised by the use of specific devices or networks
- G06Q20/32—Payment architectures, schemes or protocols characterised by the use of specific devices or networks using wireless devices
- G06Q20/326—Payment applications installed on the mobile devices
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06Q—INFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES, NOT OTHERWISE PROVIDED FOR
- G06Q20/00—Payment architectures, schemes or protocols
- G06Q20/30—Payment architectures, schemes or protocols characterised by the use of specific devices or networks
- G06Q20/32—Payment architectures, schemes or protocols characterised by the use of specific devices or networks using wireless devices
- G06Q20/322—Aspects of commerce using mobile devices [M-devices]
- G06Q20/3229—Use of the SIM of a M-device as secure element
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06Q—INFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES, NOT OTHERWISE PROVIDED FOR
- G06Q20/00—Payment architectures, schemes or protocols
- G06Q20/30—Payment architectures, schemes or protocols characterised by the use of specific devices or networks
- G06Q20/32—Payment architectures, schemes or protocols characterised by the use of specific devices or networks using wireless devices
- G06Q20/327—Short range or proximity payments by means of M-devices
- G06Q20/3274—Short range or proximity payments by means of M-devices using a pictured code, e.g. barcode or QR-code, being displayed on the M-device
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06Q—INFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES, NOT OTHERWISE PROVIDED FOR
- G06Q20/00—Payment architectures, schemes or protocols
- G06Q20/38—Payment protocols; Details thereof
- G06Q20/382—Payment protocols; Details thereof insuring higher security of transaction
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04W—WIRELESS COMMUNICATION NETWORKS
- H04W12/00—Security arrangements; Authentication; Protecting privacy or anonymity
- H04W12/02—Protecting privacy or anonymity, e.g. protecting personally identifiable information [PII]
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04W—WIRELESS COMMUNICATION NETWORKS
- H04W8/00—Network data management
- H04W8/18—Processing of user or subscriber data, e.g. subscribed services, user preferences or user profiles; Transfer of user or subscriber data
- H04W8/183—Processing at user equipment or user record carrier
Landscapes
- Engineering & Computer Science (AREA)
- Business, Economics & Management (AREA)
- Computer Networks & Wireless Communication (AREA)
- Accounting & Taxation (AREA)
- Theoretical Computer Science (AREA)
- Physics & Mathematics (AREA)
- General Business, Economics & Management (AREA)
- General Physics & Mathematics (AREA)
- Strategic Management (AREA)
- Computer Security & Cryptography (AREA)
- Signal Processing (AREA)
- Finance (AREA)
- Databases & Information Systems (AREA)
- Mobile Radio Communication Systems (AREA)
- Telephone Function (AREA)
- Telephonic Communication Services (AREA)
Abstract
The invention provides a system and a method for realizing two-dimension code security by using a SIM card, wherein the system comprises mobile equipment, a cloud server and an electronic terminal, wherein the electronic terminal has a two-dimension code scanning and identifying function, the mobile equipment comprises the SIM card, an APP unit, a two-dimension code generating unit and a display screen, and the SIM card comprises an ISO7816 interface, an OS system unit and a secret key unit. The invention adopts the traditional ISO7816 physical interface form of the SIM card, does not change the software interface form of the existing mobile phone operating system, realizes the method for safely paying and applying the mobile phone two-dimension code, adds the redefinition of the instruction of address book data in the OS system unit design of the SIM card, achieves the aim of encrypting the sensitive data, and in the process of realizing the method step of two-dimension code safety by using the SIM card, any verification link is not passed, the two-dimension code is considered invalid, thereby ensuring the timeliness of the two-dimension code and preventing copying, and having the characteristics of convenient use and high safety.
Description
Technical Field
The invention relates to the technical field of information security, in particular to a system and a method for realizing two-dimensional code security by using a SIM card.
Background
In recent years, the functions of mobile phones are more and more powerful, including third party payment such as WeChat and payment treasures, and APP completing payment functions of various banks are applied on a large scale, and two-dimensional code payment forms of the APP account for the majority. As shown in fig. 1, a diagram of a conventional mobile device payment system is shown; in the mobile equipment payment system, mobile equipment is loaded with a mobile client APP, a two-dimensional code generated by the mobile client APP is displayed on a display screen of the mobile equipment, and when payment is carried out, an electronic terminal scans the two-dimensional code on the display screen and then carries out payment. However, because of the huge security problem of the mobile phone operation system, the mobile phone operation system has huge potential safety hazards when carrying out the two-dimension code payment application. Firstly, a mobile client APP responsible for generating a two-dimensional code runs on an unsafe mobile phone operating system, and the safety of the mobile client APP cannot be ensured at all; second, two-dimensional codes themselves do not have security, can be copied, illegally spread, and the like, and similar examples have been largely found in real life. In order to solve these security problems, a security mechanism is needed to solve the security problem of the mobile phone and the security problem of the two-dimensional code. At present, a plurality of schemes for solving the safety problem of the mobile phone, such as TEE, SE, HCE, are continuously developed at home and abroad, but the new technologies are not popularized in each mobile phone, especially in huge mobile phone stock markets, and no safety measures exist. Therefore, there is no particularly effective solution on the market for the security problem of the two-dimensional code.
Disclosure of Invention
Aiming at the defects existing in the prior art, the invention aims to provide a system and a method for realizing two-dimension code security by using a SIM card, so as to realize mobile phone two-dimension code security payment application, redefinition of address book data instructions is added in the design of an OS system unit of the SIM card on the basis of not changing the existing mobile phone operating system, the aim of encrypting sensitive information is fulfilled, and the encrypted information is applied to the field of security payment in a two-dimension code mode.
In order to achieve the technical purpose, the invention adopts the following technical scheme:
the system comprises mobile equipment, a cloud server and an electronic terminal, wherein the electronic terminal has a two-dimensional code scanning and identifying function, the mobile equipment comprises an SIM card, an APP unit, a two-dimensional code generating unit and a display screen, the SIM card comprises an ISO7816 interface, an OS system unit and a key unit, the key unit stores a key which is prestored in the issuing stage of the SIM card and is the same as a key of the cloud server, a fixed position in the SIM card stores address book data, the address book data consists of real-time, monotonically increasing counter values, SIM card serial numbers, application identification marks AIDs and identification codes CRC of the above data, and the key unit prestores and writes the key to encrypt the address book data and stores the address book data;
when the mobile equipment starts two-dimensional code payment, an APP unit in the SIM card transmits the current time to an OS system unit in the SIM card through an update instruction of address book data, the OS system unit encrypts the address book data by using a key pre-stored and written by the key unit, and updates ciphertext data to a fixed position of the address book data, the numerical value of a monotonically increasing counter is increased by 1 when the update instruction is executed once, then the APP unit reads the fixed position of the address book data by adopting a read instruction of the address book data and records the fixed position of the address book data, so that encrypted data is obtained, and the encrypted data is transmitted to a two-dimensional code generating unit, and the two-dimensional code generating unit generates the encrypted data into a two-dimensional code and displays the two-dimensional code on a display screen;
the electronic terminal scans the two-dimensional code on the display screen of the mobile device, analyzes the encrypted data contained in the two-dimensional code, and then transmits the encrypted data to the cloud server;
after receiving the encrypted data sent by the electronic terminal, the cloud server decrypts the encrypted data by using a key which is the same as a key unit in the SIM card, thereby obtaining real-time, a serial number of the SIM card, a monotonically increasing counter value, an application identification mark AID and an identification code CRC of the data, and then verifying the correctness of the identification code CRC to determine whether the decrypted data is correct; if the decrypted data is correct, the cloud server verifies whether the real-time is different from the current time by more than 10 minutes, if not more than 10 minutes, the cloud server verifies whether the value of the monotonically increasing counter is larger than the value of the counter in the SIM card recorded in the cloud server, if the value of the monotonically increasing counter is larger than the value recorded in the cloud server, the decrypted data is finally indicated to be valid, and the transaction is normally carried out.
Preferably, the OS system unit redefines an update instruction for the fixed location of the address book data, where the update instruction is relocated to transfer the current time of the mobile device OS system unit as a parameter to the SIM card.
Preferably, the OS system unit redefines a read instruction of a fixed location of the address book data, and the read instruction redefines encrypted information of the address book data in the SIM card, which is present in a specific location, and gives the read encrypted information as security data to the mobile terminal APP unit for processing.
A method for realizing two-dimension code safety by using a SIM card is implemented based on the system for realizing two-dimension code safety by using the SIM card, and comprises the following specific steps:
step one: storing address book data in the SIM card and carrying out encryption processing; the method comprises the steps that address book data are stored in a fixed position in an SIM card, wherein the address book data consist of real-time, monotonically increasing counter values, SIM card serial numbers, application identification marks AIDs and identification codes CRC of the data, and a key unit pre-stores a written key to encrypt the address book data and then store the encrypted address book data;
step two: forming a two-dimensional code in the SIM card and displaying the two-dimensional code on a display screen; when the mobile equipment starts two-dimensional code payment, an APP unit in the SIM card transmits the current time to an OS system unit in the SIM card through an update instruction of address book data, the OS system unit encrypts the address book data by using a key pre-stored and written by the key unit, and updates ciphertext data to a fixed position of the address book data, the number of a monotonically increasing counter is increased by 1 when the update instruction is executed once, then the APP unit reads the fixed position of the address book data by adopting a read instruction of the address book data and records the fixed position of the address book data, so that encrypted data is obtained, and the encrypted data is transmitted to a two-dimensional code generating unit, and the two-dimensional code generating unit generates the encrypted data into a two-dimensional code and displays the two-dimensional code on a display screen;
step three: the electronic terminal completes two-dimensional code analysis and transmits encrypted data to the cloud server; the electronic terminal scans the two-dimensional code on the display screen of the mobile device, analyzes the encrypted data contained in the two-dimensional code, and then transmits the encrypted data to the cloud server;
step four: the cloud server decrypts the received encrypted data and verifies whether the decrypted data is correct; after receiving the encrypted data sent by the electronic terminal, the cloud server decrypts the encrypted data by using a key which is the same as a key unit in the SIM card, thereby obtaining real-time, a serial number of the SIM card, a monotonically increasing counter value, an application identification mark AID and an identification code CRC of the data, and then verifying the correctness of the identification code CRC to determine whether the decrypted data is correct;
step five: the cloud server verifies the real-time and the monotonically increasing counter value and determines whether the decrypted data is valid or not; if the decrypted data is correct, the cloud server verifies whether the real-time is different from the current time by more than 10 minutes, if not more than 10 minutes, the cloud server verifies whether the value of the monotonically increasing counter is larger than the value of the counter in the SIM card recorded in the cloud server, if the value of the monotonically increasing counter is larger than the value recorded in the cloud server, the decrypted data is finally indicated to be effective, and the transaction is normally performed.
The invention adopts the general SIM card as the core safety unit, and has the beneficial effects that the physical interface form of the ISO7816 of the traditional SIM card is adopted, the software interface form of the existing mobile phone operating system is not changed, the method for safely paying and applying the mobile phone two-dimension code can be realized, the instruction redefining of address book data is added in the OS system unit design of the SIM card, sensitive data is encrypted and displayed in the form of the two-dimension code on the mobile phone screen, any verification link is not passed in the process of realizing the two-dimension code safety by the SIM card, and the two-dimension code is considered invalid, thereby ensuring the timeliness of the two-dimension code and preventing copying and having the characteristics of convenient use and high safety.
The invention is further described below with reference to the drawings and the detailed description.
Drawings
Fig. 1 is a diagram of a prior art mobile device payment system framework.
Fig. 2 is a system frame diagram for realizing two-dimensional code security by using a SIM card according to an embodiment of the present invention.
Figure 3 is a block diagram of a SIM card embodying the present invention.
Fig. 4 is a step diagram of a method for realizing two-dimensional code security by using a SIM card according to an embodiment of the present invention.
Detailed Description
Referring to fig. 2, a system frame diagram for implementing two-dimensional code security by using a SIM card according to an embodiment of the present invention is shown. The invention relates to a system for realizing two-dimensional code safety by utilizing a SIM card, which comprises a mobile device, a cloud server and an electronic terminal, wherein the electronic terminal has a two-dimensional code scanning and identifying function, the mobile device comprises the SIM card, an APP unit, a two-dimensional code generating unit and a display screen, wherein the SIM card comprises an ISO7816 interface, an OS system unit and a key unit, the key unit stores a key which is prestored and written in the issuing stage of the SIM card and is the same as a key of the cloud server, a fixed position in the SIM card stores address book data, the address book data consists of real-time, monotonically increasing counter values, SIM card serial numbers, application identification marks AIDs and identification codes CRC of the above data, and the key unit prestores and writes the address book data after encryption processing; referring to fig. 2, in the embodiment of the present invention, (i) real time of address book data is transferred from the mobile phone APP to the SIM card by the SIM card address book update command to the nearest 10 minutes; (ii) the SIM card serial number is a globally unique number inherent to the SIM; (iii) an application identification tag AID for identifying the application; (iv) The identification code CRC adopts a CCITT16 mode, and is obtained by carrying out CRC operation on real-time, a monotonically increasing counter, a SIM card serial number and an application identification mark AID.
Referring to fig. 2, in the specific embodiment of the present invention, when a mobile device starts two-dimensional code payment, an APP unit in a SIM card transmits current time to an OS system unit in the SIM card through an update instruction of address book data, the OS system unit encrypts address book data by using a key pre-stored in a key unit, updates ciphertext data to a fixed position of the address book data, increases a counter value by 1 monotonically every time the update instruction is executed, and then the APP unit reads the fixed position of the address book data and records the address book data by adopting a read instruction of the address book data, thereby obtaining encrypted data, the encrypted data is transmitted to a two-dimensional code generating unit, and the two-dimensional code generating unit generates the encrypted data into a two-dimensional code and displays the two-dimensional code on a display screen; the electronic terminal scans the two-dimensional code on the display screen of the mobile device, analyzes the encrypted data contained in the two-dimensional code, and then transmits the encrypted data to the cloud server; referring to fig. 2, in the embodiment of the present invention, the OS system unit redefines an update instruction for the fixed location of the address book data, where the update instruction is relocated to transfer the current time of the mobile device OS system unit as a parameter to the SIM card; and the OS system unit redefines a reading instruction on the fixed position of the address book data, wherein the reading instruction redefines the reading instruction as reading the encrypted information of the address book data in the SIM card at the specific position, and the encrypted information is used as the safety data and is sent to the mobile terminal APP unit for processing.
Referring to fig. 2, in the embodiment of the present invention, after receiving encrypted data sent by an electronic terminal, a cloud server decrypts the encrypted data by using a key identical to a key unit in a SIM card, thereby obtaining real-time, a serial number of the SIM card, a monotonically increasing counter value, an application identification mark AID, and an identification code CRC of the above data, and then, verifying the correctness of the identification code CRC, and determining whether the decrypted data is correct; if the decrypted data is correct, the cloud server verifies whether the real-time is different from the current time by more than 10 minutes, if not more than 10 minutes, the cloud server verifies whether the value of the monotonically increasing counter is larger than the value of the counter in the SIM card recorded in the cloud server, if the value of the monotonically increasing counter is larger than the value recorded in the cloud server, the decrypted data is finally indicated to be valid, and the transaction is normally carried out.
Referring to fig. 3, a SIM card embodying the present invention is shown in block diagram form. The SIM card comprises an ISO7816 interface, an OS system unit and a key unit, wherein the key unit stores a key which is pre-stored and written in the issuing stage of the SIM card and is the same as a key of a cloud server, address book data are stored in a fixed position in the SIM card, the address book data are composed of real-time, monotonically increasing counter values, SIM card serial numbers, application identification marks AIDs and identification codes CRC of the data, and the key unit pre-stores the key which is pre-stored and written in the key unit, encrypts the address book data and stores the encrypted address book data.
Referring to fig. 4, a method for realizing two-dimensional code security by using a SIM card according to an embodiment of the present invention is shown. A method for realizing two-dimension code safety by using SIM card comprises the following specific steps:
step one: storing address book data in the SIM card and carrying out encryption processing; the method comprises the steps that address book data are stored in a fixed position in an SIM card, wherein the address book data consist of real-time, monotonically increasing counter values, SIM card serial numbers, application identification marks AIDs and identification codes CRC of the data, and a key unit pre-stores a written key to encrypt the address book data and then store the encrypted address book data;
step two: forming a two-dimensional code in the SIM card and displaying the two-dimensional code on a display screen; when the mobile equipment starts two-dimensional code payment, an APP unit in the SIM card transmits the current time to an OS system unit in the SIM card through an update instruction of address book data, the OS system unit encrypts the address book data by using a key pre-stored and written by the key unit, and updates ciphertext data to a fixed position of the address book data, the number of a monotonically increasing counter is increased by 1 when the update instruction is executed once, then the APP unit reads the fixed position of the address book data by adopting a read instruction of the address book data and records the fixed position of the address book data, so that encrypted data is obtained, and the encrypted data is transmitted to a two-dimensional code generating unit, and the two-dimensional code generating unit generates the encrypted data into a two-dimensional code and displays the two-dimensional code on a display screen;
step three: the electronic terminal completes two-dimensional code analysis and transmits encrypted data to the cloud server; the electronic terminal scans the two-dimensional code on the display screen of the mobile device, analyzes the encrypted data contained in the two-dimensional code, and then transmits the encrypted data to the cloud server;
step four: the cloud server decrypts the received encrypted data and verifies whether the decrypted data is correct; after receiving the encrypted data sent by the electronic terminal, the cloud server decrypts the encrypted data by using a key which is the same as a key unit in the SIM card, thereby obtaining real-time, a serial number of the SIM card, a monotonically increasing counter value, an application identification mark AID and an identification code CRC of the data, and then verifying the correctness of the identification code CRC to determine whether the decrypted data is correct;
step five: the cloud server verifies the real-time and the monotonically increasing counter value, determines whether decryption data are valid or not, and completes the transaction; if the decrypted data is correct, the cloud server verifies whether the real-time is different from the current time by more than 10 minutes, if not more than 10 minutes, the cloud server verifies whether the value of the monotonically increasing counter is larger than the value of the counter in the SIM card recorded in the cloud server, and if the value of the monotonically increasing counter is larger than the value recorded in the cloud server, the decrypted data is finally indicated to be valid, and the transaction is completed.
The invention is not limited to the embodiments discussed above, and the above description of specific embodiments is intended to describe and illustrate the technical solutions to which the invention relates. Obvious variations or substitutions based on the teachings of the present invention should also be considered to fall within the scope of the present invention; the above description is provided to disclose a best mode for practicing the invention, so as to enable any person skilled in the art to utilize the invention in various embodiments and with various alternatives.
Claims (4)
1. The system comprises mobile equipment, a cloud server and an electronic terminal, wherein the electronic terminal has a two-dimensional code scanning and identifying function, and is characterized in that the mobile equipment comprises an SIM card, an APP unit, a two-dimensional code generating unit and a display screen, wherein the SIM card comprises an ISO7816 interface, an OS system unit and a key unit, the key unit stores a key which is prestored in the issuing stage of the SIM card and is the same as a key of the cloud server, address book data is stored in a fixed position in the SIM card, the address book data consists of real-time, a monotonically increasing counter value, an SIM card serial number, an application identification mark AID and an identification code CRC of the data, and the key unit prestores the written key to encrypt the address book data and stores the address book data;
when the mobile equipment starts two-dimensional code payment, an APP unit in the SIM card transmits the current time to an OS system unit in the SIM card through an update instruction of address book data, the OS system unit encrypts the address book data by using a key pre-stored and written by the key unit, and updates ciphertext data to a fixed position of the address book data, the numerical value of a monotonically increasing counter is increased by 1 when the update instruction is executed once, then the APP unit reads the fixed position of the address book data by adopting a read instruction of the address book data and records the fixed position of the address book data, so that encrypted data is obtained, and the encrypted data is transmitted to a two-dimensional code generating unit, and the two-dimensional code generating unit generates the encrypted data into a two-dimensional code and displays the two-dimensional code on a display screen;
the electronic terminal scans the two-dimensional code on the display screen of the mobile device, analyzes the encrypted data contained in the two-dimensional code, and then transmits the encrypted data to the cloud server;
after receiving the encrypted data sent by the electronic terminal, the cloud server decrypts the encrypted data by using a key which is the same as a key unit in the SIM card to generate decrypted data, acquires the decrypted data including real-time, a serial number of the SIM card, a monotonically increasing counter value and an application identification mark AID, acquires an identification code CRC of the decrypted data, then verifies the correctness of the identification code CRC, and determines whether the decrypted data is correct; if the decrypted data is correct, the cloud server verifies whether the real-time is different from the current time by more than 10 minutes, if not more than 10 minutes, the cloud server verifies whether the value of the monotonically increasing counter is larger than the value of the counter in the SIM card recorded in the cloud server, and if the value of the monotonically increasing counter is larger than the value recorded in the cloud server, the decrypted data is finally indicated to be valid, and the transaction is completed.
2. The system for realizing two-dimensional code security by using a SIM card according to claim 1, wherein the OS system unit redefines an update instruction for the fixed location of address book data, the update instruction being relocated to transfer the current time of the OS system unit of the mobile device as a parameter to the SIM card.
3. The system for realizing two-dimensional code security by using a SIM card according to claim 1, wherein the OS system unit redefines a reading instruction for reading the encrypted information of the address book data in the SIM card at a specific position and gives the encrypted information as security data to the mobile terminal APP unit for processing.
4. A method for realizing two-dimension code safety by using a SIM card is characterized by comprising the following specific steps:
step one: storing address book data in the SIM card and carrying out encryption processing; the method comprises the steps that address book data are stored in a fixed position in an SIM card, wherein the address book data consist of real-time, monotonically increasing counter values, SIM card serial numbers, application identification marks AIDs and identification codes CRC of the data, and a key unit pre-stores a written key to encrypt the address book data and then store the encrypted address book data;
step two: forming a two-dimensional code in the SIM card and displaying the two-dimensional code on a display screen; when the mobile equipment starts two-dimensional code payment, an APP unit in the SIM card transmits the current time to an OS system unit in the SIM card through an update instruction of address book data, the OS system unit encrypts the address book data by using a key pre-stored and written by the key unit, and updates ciphertext data to a fixed position of the address book data, the number of a monotonically increasing counter is increased by 1 when the update instruction is executed once, then the APP unit reads the fixed position of the address book data by adopting a read instruction of the address book data and records the fixed position of the address book data, so that encrypted data is obtained, and the encrypted data is transmitted to a two-dimensional code generating unit, and the two-dimensional code generating unit generates the encrypted data into a two-dimensional code and displays the two-dimensional code on a display screen;
step three: the electronic terminal completes two-dimensional code analysis and transmits encrypted data to the cloud server; the electronic terminal scans the two-dimensional code on the display screen of the mobile device, analyzes the encrypted data contained in the two-dimensional code, and then transmits the encrypted data to the cloud server;
step four: the cloud server decrypts the received encrypted data and verifies whether the decrypted data is correct; after receiving the encrypted data sent by the electronic terminal, the cloud server decrypts the encrypted data by using a key which is the same as a key unit in the SIM card, thereby obtaining real-time, a serial number of the SIM card, a monotonically increasing counter value, an application identification mark AID and an identification code CRC of the data, and then verifying the correctness of the identification code CRC to determine whether the decrypted data is correct;
step five: the cloud server verifies the real-time and the monotonically increasing counter value, determines whether decryption data are valid or not, and completes the transaction; if the decrypted data is correct, the cloud server verifies whether the real-time is different from the current time by more than 10 minutes, if not more than 10 minutes, the cloud server verifies whether the value of the monotonically increasing counter is larger than the value of the counter in the SIM card recorded in the cloud server, and if the value of the monotonically increasing counter is larger than the value recorded in the cloud server, the decrypted data is finally indicated to be valid, and the transaction is completed.
Priority Applications (1)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
CN201810564395.6A CN110555693B (en) | 2018-06-04 | 2018-06-04 | System and method for realizing two-dimension code safety by using SIM card |
Applications Claiming Priority (1)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
CN201810564395.6A CN110555693B (en) | 2018-06-04 | 2018-06-04 | System and method for realizing two-dimension code safety by using SIM card |
Publications (2)
Publication Number | Publication Date |
---|---|
CN110555693A CN110555693A (en) | 2019-12-10 |
CN110555693B true CN110555693B (en) | 2023-09-12 |
Family
ID=68735970
Family Applications (1)
Application Number | Title | Priority Date | Filing Date |
---|---|---|---|
CN201810564395.6A Active CN110555693B (en) | 2018-06-04 | 2018-06-04 | System and method for realizing two-dimension code safety by using SIM card |
Country Status (1)
Country | Link |
---|---|
CN (1) | CN110555693B (en) |
Families Citing this family (1)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN114897112B (en) * | 2022-04-18 | 2023-07-18 | 上海美的茵信息技术有限公司 | Diagnostic data transmission method based on two-dimension code, computer equipment and storage medium |
Citations (4)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN103489102A (en) * | 2013-09-13 | 2014-01-01 | 惠州Tcl移动通信有限公司 | Method and system for preventing unauthorized credit card swiping through mobile phone based on two-dimensional code |
CN103957105A (en) * | 2014-04-28 | 2014-07-30 | 中国联合网络通信集团有限公司 | Use identity authentication method and SIM card |
CN104715370A (en) * | 2013-12-12 | 2015-06-17 | 中国电信股份有限公司 | Method and system for carrying out safety payment based on encrypted two-dimension code |
WO2016045520A1 (en) * | 2014-09-28 | 2016-03-31 | 中国银联股份有限公司 | Token-based mobile payment method and mobile payment system |
Family Cites Families (1)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN105207774B (en) * | 2014-05-30 | 2019-03-01 | 北京奇虎科技有限公司 | The cryptographic key negotiation method and device of verification information |
-
2018
- 2018-06-04 CN CN201810564395.6A patent/CN110555693B/en active Active
Patent Citations (4)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN103489102A (en) * | 2013-09-13 | 2014-01-01 | 惠州Tcl移动通信有限公司 | Method and system for preventing unauthorized credit card swiping through mobile phone based on two-dimensional code |
CN104715370A (en) * | 2013-12-12 | 2015-06-17 | 中国电信股份有限公司 | Method and system for carrying out safety payment based on encrypted two-dimension code |
CN103957105A (en) * | 2014-04-28 | 2014-07-30 | 中国联合网络通信集团有限公司 | Use identity authentication method and SIM card |
WO2016045520A1 (en) * | 2014-09-28 | 2016-03-31 | 中国银联股份有限公司 | Token-based mobile payment method and mobile payment system |
Also Published As
Publication number | Publication date |
---|---|
CN110555693A (en) | 2019-12-10 |
Similar Documents
Publication | Publication Date | Title |
---|---|---|
US11877213B2 (en) | Methods and systems for asset obfuscation | |
US9280770B2 (en) | Secure point of sale presentation of a barcode at an information handling system display | |
CN107077670B (en) | Method and apparatus for transmitting and processing transaction message, computer readable storage medium | |
AU2012303620B2 (en) | System and method for secure transaction process via mobile device | |
US20140244514A1 (en) | Methods and arrangements for smartphone payments and transactions | |
CN106527673A (en) | Method and apparatus for binding wearable device, and electronic payment method and apparatus | |
WO2014134180A2 (en) | Methods and arrangements for smartphone payments and transactions | |
KR20150002609A (en) | Multi-issuer secure element partition architecture for nfc enabled devices | |
JP2010098367A (en) | Information processor, code changeover method, and program | |
CN102184499A (en) | Account information binding method, financial transaction method and mobile terminal | |
US20210272107A1 (en) | Digital currency payment system, payment method and payment apparatus | |
KR101638787B1 (en) | Mobile ticket security system and method of based location information and terminal unique number | |
CN110555693B (en) | System and method for realizing two-dimension code safety by using SIM card | |
CN105635164A (en) | Method and device for security authentication | |
JP2021175184A (en) | Contactless card with multiple rotating security keys | |
US11631062B2 (en) | Voucher verification auxiliary device, voucher verification auxiliary system, and voucher verification auxiliary method | |
JP4626566B2 (en) | Coupon data data processing system and data processing method | |
CN113169873A (en) | System and method for password authentication of contactless cards | |
CN110048831A (en) | The distribution method and diostribution device of POS terminal master key | |
CN101986684A (en) | Processing system and method for rechargeable paying | |
CN115422584A (en) | Data deformation method and device | |
KR101639045B1 (en) | Method and system for issuing electronic receipts | |
KR101426223B1 (en) | Method for checking confidential information using smartcard and smart terminal, and computer-readable recording medium for the same | |
JP7014901B2 (en) | Information display method and its devices, storage media and electronic devices | |
JP4360417B2 (en) | Information providing system, information processing server, providing server, communication apparatus, program, and information providing method |
Legal Events
Date | Code | Title | Description |
---|---|---|---|
PB01 | Publication | ||
PB01 | Publication | ||
SE01 | Entry into force of request for substantive examination | ||
SE01 | Entry into force of request for substantive examination | ||
GR01 | Patent grant | ||
GR01 | Patent grant |