CN110555693B - System and method for realizing two-dimension code safety by using SIM card - Google Patents

System and method for realizing two-dimension code safety by using SIM card Download PDF

Info

Publication number
CN110555693B
CN110555693B CN201810564395.6A CN201810564395A CN110555693B CN 110555693 B CN110555693 B CN 110555693B CN 201810564395 A CN201810564395 A CN 201810564395A CN 110555693 B CN110555693 B CN 110555693B
Authority
CN
China
Prior art keywords
sim card
data
address book
dimensional code
unit
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Active
Application number
CN201810564395.6A
Other languages
Chinese (zh)
Other versions
CN110555693A (en
Inventor
王庆林
邹重人
张福玺
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
Ziguang Tongxin Microelectronics Co Ltd
Original Assignee
Ziguang Tongxin Microelectronics Co Ltd
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Ziguang Tongxin Microelectronics Co Ltd filed Critical Ziguang Tongxin Microelectronics Co Ltd
Priority to CN201810564395.6A priority Critical patent/CN110555693B/en
Publication of CN110555693A publication Critical patent/CN110555693A/en
Application granted granted Critical
Publication of CN110555693B publication Critical patent/CN110555693B/en
Active legal-status Critical Current
Anticipated expiration legal-status Critical

Links

Classifications

    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06QINFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES, NOT OTHERWISE PROVIDED FOR
    • G06Q20/00Payment architectures, schemes or protocols
    • G06Q20/30Payment architectures, schemes or protocols characterised by the use of specific devices or networks
    • G06Q20/32Payment architectures, schemes or protocols characterised by the use of specific devices or networks using wireless devices
    • G06Q20/326Payment applications installed on the mobile devices
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06QINFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES, NOT OTHERWISE PROVIDED FOR
    • G06Q20/00Payment architectures, schemes or protocols
    • G06Q20/30Payment architectures, schemes or protocols characterised by the use of specific devices or networks
    • G06Q20/32Payment architectures, schemes or protocols characterised by the use of specific devices or networks using wireless devices
    • G06Q20/322Aspects of commerce using mobile devices [M-devices]
    • G06Q20/3229Use of the SIM of a M-device as secure element
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06QINFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES, NOT OTHERWISE PROVIDED FOR
    • G06Q20/00Payment architectures, schemes or protocols
    • G06Q20/30Payment architectures, schemes or protocols characterised by the use of specific devices or networks
    • G06Q20/32Payment architectures, schemes or protocols characterised by the use of specific devices or networks using wireless devices
    • G06Q20/327Short range or proximity payments by means of M-devices
    • G06Q20/3274Short range or proximity payments by means of M-devices using a pictured code, e.g. barcode or QR-code, being displayed on the M-device
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06QINFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES, NOT OTHERWISE PROVIDED FOR
    • G06Q20/00Payment architectures, schemes or protocols
    • G06Q20/38Payment protocols; Details thereof
    • G06Q20/382Payment protocols; Details thereof insuring higher security of transaction
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04WWIRELESS COMMUNICATION NETWORKS
    • H04W12/00Security arrangements; Authentication; Protecting privacy or anonymity
    • H04W12/02Protecting privacy or anonymity, e.g. protecting personally identifiable information [PII]
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04WWIRELESS COMMUNICATION NETWORKS
    • H04W8/00Network data management
    • H04W8/18Processing of user or subscriber data, e.g. subscribed services, user preferences or user profiles; Transfer of user or subscriber data
    • H04W8/183Processing at user equipment or user record carrier

Landscapes

  • Engineering & Computer Science (AREA)
  • Business, Economics & Management (AREA)
  • Computer Networks & Wireless Communication (AREA)
  • Accounting & Taxation (AREA)
  • Theoretical Computer Science (AREA)
  • Physics & Mathematics (AREA)
  • General Business, Economics & Management (AREA)
  • General Physics & Mathematics (AREA)
  • Strategic Management (AREA)
  • Computer Security & Cryptography (AREA)
  • Signal Processing (AREA)
  • Finance (AREA)
  • Databases & Information Systems (AREA)
  • Mobile Radio Communication Systems (AREA)
  • Telephone Function (AREA)
  • Telephonic Communication Services (AREA)

Abstract

The invention provides a system and a method for realizing two-dimension code security by using a SIM card, wherein the system comprises mobile equipment, a cloud server and an electronic terminal, wherein the electronic terminal has a two-dimension code scanning and identifying function, the mobile equipment comprises the SIM card, an APP unit, a two-dimension code generating unit and a display screen, and the SIM card comprises an ISO7816 interface, an OS system unit and a secret key unit. The invention adopts the traditional ISO7816 physical interface form of the SIM card, does not change the software interface form of the existing mobile phone operating system, realizes the method for safely paying and applying the mobile phone two-dimension code, adds the redefinition of the instruction of address book data in the OS system unit design of the SIM card, achieves the aim of encrypting the sensitive data, and in the process of realizing the method step of two-dimension code safety by using the SIM card, any verification link is not passed, the two-dimension code is considered invalid, thereby ensuring the timeliness of the two-dimension code and preventing copying, and having the characteristics of convenient use and high safety.

Description

System and method for realizing two-dimension code safety by using SIM card
Technical Field
The invention relates to the technical field of information security, in particular to a system and a method for realizing two-dimensional code security by using a SIM card.
Background
In recent years, the functions of mobile phones are more and more powerful, including third party payment such as WeChat and payment treasures, and APP completing payment functions of various banks are applied on a large scale, and two-dimensional code payment forms of the APP account for the majority. As shown in fig. 1, a diagram of a conventional mobile device payment system is shown; in the mobile equipment payment system, mobile equipment is loaded with a mobile client APP, a two-dimensional code generated by the mobile client APP is displayed on a display screen of the mobile equipment, and when payment is carried out, an electronic terminal scans the two-dimensional code on the display screen and then carries out payment. However, because of the huge security problem of the mobile phone operation system, the mobile phone operation system has huge potential safety hazards when carrying out the two-dimension code payment application. Firstly, a mobile client APP responsible for generating a two-dimensional code runs on an unsafe mobile phone operating system, and the safety of the mobile client APP cannot be ensured at all; second, two-dimensional codes themselves do not have security, can be copied, illegally spread, and the like, and similar examples have been largely found in real life. In order to solve these security problems, a security mechanism is needed to solve the security problem of the mobile phone and the security problem of the two-dimensional code. At present, a plurality of schemes for solving the safety problem of the mobile phone, such as TEE, SE, HCE, are continuously developed at home and abroad, but the new technologies are not popularized in each mobile phone, especially in huge mobile phone stock markets, and no safety measures exist. Therefore, there is no particularly effective solution on the market for the security problem of the two-dimensional code.
Disclosure of Invention
Aiming at the defects existing in the prior art, the invention aims to provide a system and a method for realizing two-dimension code security by using a SIM card, so as to realize mobile phone two-dimension code security payment application, redefinition of address book data instructions is added in the design of an OS system unit of the SIM card on the basis of not changing the existing mobile phone operating system, the aim of encrypting sensitive information is fulfilled, and the encrypted information is applied to the field of security payment in a two-dimension code mode.
In order to achieve the technical purpose, the invention adopts the following technical scheme:
the system comprises mobile equipment, a cloud server and an electronic terminal, wherein the electronic terminal has a two-dimensional code scanning and identifying function, the mobile equipment comprises an SIM card, an APP unit, a two-dimensional code generating unit and a display screen, the SIM card comprises an ISO7816 interface, an OS system unit and a key unit, the key unit stores a key which is prestored in the issuing stage of the SIM card and is the same as a key of the cloud server, a fixed position in the SIM card stores address book data, the address book data consists of real-time, monotonically increasing counter values, SIM card serial numbers, application identification marks AIDs and identification codes CRC of the above data, and the key unit prestores and writes the key to encrypt the address book data and stores the address book data;
when the mobile equipment starts two-dimensional code payment, an APP unit in the SIM card transmits the current time to an OS system unit in the SIM card through an update instruction of address book data, the OS system unit encrypts the address book data by using a key pre-stored and written by the key unit, and updates ciphertext data to a fixed position of the address book data, the numerical value of a monotonically increasing counter is increased by 1 when the update instruction is executed once, then the APP unit reads the fixed position of the address book data by adopting a read instruction of the address book data and records the fixed position of the address book data, so that encrypted data is obtained, and the encrypted data is transmitted to a two-dimensional code generating unit, and the two-dimensional code generating unit generates the encrypted data into a two-dimensional code and displays the two-dimensional code on a display screen;
the electronic terminal scans the two-dimensional code on the display screen of the mobile device, analyzes the encrypted data contained in the two-dimensional code, and then transmits the encrypted data to the cloud server;
after receiving the encrypted data sent by the electronic terminal, the cloud server decrypts the encrypted data by using a key which is the same as a key unit in the SIM card, thereby obtaining real-time, a serial number of the SIM card, a monotonically increasing counter value, an application identification mark AID and an identification code CRC of the data, and then verifying the correctness of the identification code CRC to determine whether the decrypted data is correct; if the decrypted data is correct, the cloud server verifies whether the real-time is different from the current time by more than 10 minutes, if not more than 10 minutes, the cloud server verifies whether the value of the monotonically increasing counter is larger than the value of the counter in the SIM card recorded in the cloud server, if the value of the monotonically increasing counter is larger than the value recorded in the cloud server, the decrypted data is finally indicated to be valid, and the transaction is normally carried out.
Preferably, the OS system unit redefines an update instruction for the fixed location of the address book data, where the update instruction is relocated to transfer the current time of the mobile device OS system unit as a parameter to the SIM card.
Preferably, the OS system unit redefines a read instruction of a fixed location of the address book data, and the read instruction redefines encrypted information of the address book data in the SIM card, which is present in a specific location, and gives the read encrypted information as security data to the mobile terminal APP unit for processing.
A method for realizing two-dimension code safety by using a SIM card is implemented based on the system for realizing two-dimension code safety by using the SIM card, and comprises the following specific steps:
step one: storing address book data in the SIM card and carrying out encryption processing; the method comprises the steps that address book data are stored in a fixed position in an SIM card, wherein the address book data consist of real-time, monotonically increasing counter values, SIM card serial numbers, application identification marks AIDs and identification codes CRC of the data, and a key unit pre-stores a written key to encrypt the address book data and then store the encrypted address book data;
step two: forming a two-dimensional code in the SIM card and displaying the two-dimensional code on a display screen; when the mobile equipment starts two-dimensional code payment, an APP unit in the SIM card transmits the current time to an OS system unit in the SIM card through an update instruction of address book data, the OS system unit encrypts the address book data by using a key pre-stored and written by the key unit, and updates ciphertext data to a fixed position of the address book data, the number of a monotonically increasing counter is increased by 1 when the update instruction is executed once, then the APP unit reads the fixed position of the address book data by adopting a read instruction of the address book data and records the fixed position of the address book data, so that encrypted data is obtained, and the encrypted data is transmitted to a two-dimensional code generating unit, and the two-dimensional code generating unit generates the encrypted data into a two-dimensional code and displays the two-dimensional code on a display screen;
step three: the electronic terminal completes two-dimensional code analysis and transmits encrypted data to the cloud server; the electronic terminal scans the two-dimensional code on the display screen of the mobile device, analyzes the encrypted data contained in the two-dimensional code, and then transmits the encrypted data to the cloud server;
step four: the cloud server decrypts the received encrypted data and verifies whether the decrypted data is correct; after receiving the encrypted data sent by the electronic terminal, the cloud server decrypts the encrypted data by using a key which is the same as a key unit in the SIM card, thereby obtaining real-time, a serial number of the SIM card, a monotonically increasing counter value, an application identification mark AID and an identification code CRC of the data, and then verifying the correctness of the identification code CRC to determine whether the decrypted data is correct;
step five: the cloud server verifies the real-time and the monotonically increasing counter value and determines whether the decrypted data is valid or not; if the decrypted data is correct, the cloud server verifies whether the real-time is different from the current time by more than 10 minutes, if not more than 10 minutes, the cloud server verifies whether the value of the monotonically increasing counter is larger than the value of the counter in the SIM card recorded in the cloud server, if the value of the monotonically increasing counter is larger than the value recorded in the cloud server, the decrypted data is finally indicated to be effective, and the transaction is normally performed.
The invention adopts the general SIM card as the core safety unit, and has the beneficial effects that the physical interface form of the ISO7816 of the traditional SIM card is adopted, the software interface form of the existing mobile phone operating system is not changed, the method for safely paying and applying the mobile phone two-dimension code can be realized, the instruction redefining of address book data is added in the OS system unit design of the SIM card, sensitive data is encrypted and displayed in the form of the two-dimension code on the mobile phone screen, any verification link is not passed in the process of realizing the two-dimension code safety by the SIM card, and the two-dimension code is considered invalid, thereby ensuring the timeliness of the two-dimension code and preventing copying and having the characteristics of convenient use and high safety.
The invention is further described below with reference to the drawings and the detailed description.
Drawings
Fig. 1 is a diagram of a prior art mobile device payment system framework.
Fig. 2 is a system frame diagram for realizing two-dimensional code security by using a SIM card according to an embodiment of the present invention.
Figure 3 is a block diagram of a SIM card embodying the present invention.
Fig. 4 is a step diagram of a method for realizing two-dimensional code security by using a SIM card according to an embodiment of the present invention.
Detailed Description
Referring to fig. 2, a system frame diagram for implementing two-dimensional code security by using a SIM card according to an embodiment of the present invention is shown. The invention relates to a system for realizing two-dimensional code safety by utilizing a SIM card, which comprises a mobile device, a cloud server and an electronic terminal, wherein the electronic terminal has a two-dimensional code scanning and identifying function, the mobile device comprises the SIM card, an APP unit, a two-dimensional code generating unit and a display screen, wherein the SIM card comprises an ISO7816 interface, an OS system unit and a key unit, the key unit stores a key which is prestored and written in the issuing stage of the SIM card and is the same as a key of the cloud server, a fixed position in the SIM card stores address book data, the address book data consists of real-time, monotonically increasing counter values, SIM card serial numbers, application identification marks AIDs and identification codes CRC of the above data, and the key unit prestores and writes the address book data after encryption processing; referring to fig. 2, in the embodiment of the present invention, (i) real time of address book data is transferred from the mobile phone APP to the SIM card by the SIM card address book update command to the nearest 10 minutes; (ii) the SIM card serial number is a globally unique number inherent to the SIM; (iii) an application identification tag AID for identifying the application; (iv) The identification code CRC adopts a CCITT16 mode, and is obtained by carrying out CRC operation on real-time, a monotonically increasing counter, a SIM card serial number and an application identification mark AID.
Referring to fig. 2, in the specific embodiment of the present invention, when a mobile device starts two-dimensional code payment, an APP unit in a SIM card transmits current time to an OS system unit in the SIM card through an update instruction of address book data, the OS system unit encrypts address book data by using a key pre-stored in a key unit, updates ciphertext data to a fixed position of the address book data, increases a counter value by 1 monotonically every time the update instruction is executed, and then the APP unit reads the fixed position of the address book data and records the address book data by adopting a read instruction of the address book data, thereby obtaining encrypted data, the encrypted data is transmitted to a two-dimensional code generating unit, and the two-dimensional code generating unit generates the encrypted data into a two-dimensional code and displays the two-dimensional code on a display screen; the electronic terminal scans the two-dimensional code on the display screen of the mobile device, analyzes the encrypted data contained in the two-dimensional code, and then transmits the encrypted data to the cloud server; referring to fig. 2, in the embodiment of the present invention, the OS system unit redefines an update instruction for the fixed location of the address book data, where the update instruction is relocated to transfer the current time of the mobile device OS system unit as a parameter to the SIM card; and the OS system unit redefines a reading instruction on the fixed position of the address book data, wherein the reading instruction redefines the reading instruction as reading the encrypted information of the address book data in the SIM card at the specific position, and the encrypted information is used as the safety data and is sent to the mobile terminal APP unit for processing.
Referring to fig. 2, in the embodiment of the present invention, after receiving encrypted data sent by an electronic terminal, a cloud server decrypts the encrypted data by using a key identical to a key unit in a SIM card, thereby obtaining real-time, a serial number of the SIM card, a monotonically increasing counter value, an application identification mark AID, and an identification code CRC of the above data, and then, verifying the correctness of the identification code CRC, and determining whether the decrypted data is correct; if the decrypted data is correct, the cloud server verifies whether the real-time is different from the current time by more than 10 minutes, if not more than 10 minutes, the cloud server verifies whether the value of the monotonically increasing counter is larger than the value of the counter in the SIM card recorded in the cloud server, if the value of the monotonically increasing counter is larger than the value recorded in the cloud server, the decrypted data is finally indicated to be valid, and the transaction is normally carried out.
Referring to fig. 3, a SIM card embodying the present invention is shown in block diagram form. The SIM card comprises an ISO7816 interface, an OS system unit and a key unit, wherein the key unit stores a key which is pre-stored and written in the issuing stage of the SIM card and is the same as a key of a cloud server, address book data are stored in a fixed position in the SIM card, the address book data are composed of real-time, monotonically increasing counter values, SIM card serial numbers, application identification marks AIDs and identification codes CRC of the data, and the key unit pre-stores the key which is pre-stored and written in the key unit, encrypts the address book data and stores the encrypted address book data.
Referring to fig. 4, a method for realizing two-dimensional code security by using a SIM card according to an embodiment of the present invention is shown. A method for realizing two-dimension code safety by using SIM card comprises the following specific steps:
step one: storing address book data in the SIM card and carrying out encryption processing; the method comprises the steps that address book data are stored in a fixed position in an SIM card, wherein the address book data consist of real-time, monotonically increasing counter values, SIM card serial numbers, application identification marks AIDs and identification codes CRC of the data, and a key unit pre-stores a written key to encrypt the address book data and then store the encrypted address book data;
step two: forming a two-dimensional code in the SIM card and displaying the two-dimensional code on a display screen; when the mobile equipment starts two-dimensional code payment, an APP unit in the SIM card transmits the current time to an OS system unit in the SIM card through an update instruction of address book data, the OS system unit encrypts the address book data by using a key pre-stored and written by the key unit, and updates ciphertext data to a fixed position of the address book data, the number of a monotonically increasing counter is increased by 1 when the update instruction is executed once, then the APP unit reads the fixed position of the address book data by adopting a read instruction of the address book data and records the fixed position of the address book data, so that encrypted data is obtained, and the encrypted data is transmitted to a two-dimensional code generating unit, and the two-dimensional code generating unit generates the encrypted data into a two-dimensional code and displays the two-dimensional code on a display screen;
step three: the electronic terminal completes two-dimensional code analysis and transmits encrypted data to the cloud server; the electronic terminal scans the two-dimensional code on the display screen of the mobile device, analyzes the encrypted data contained in the two-dimensional code, and then transmits the encrypted data to the cloud server;
step four: the cloud server decrypts the received encrypted data and verifies whether the decrypted data is correct; after receiving the encrypted data sent by the electronic terminal, the cloud server decrypts the encrypted data by using a key which is the same as a key unit in the SIM card, thereby obtaining real-time, a serial number of the SIM card, a monotonically increasing counter value, an application identification mark AID and an identification code CRC of the data, and then verifying the correctness of the identification code CRC to determine whether the decrypted data is correct;
step five: the cloud server verifies the real-time and the monotonically increasing counter value, determines whether decryption data are valid or not, and completes the transaction; if the decrypted data is correct, the cloud server verifies whether the real-time is different from the current time by more than 10 minutes, if not more than 10 minutes, the cloud server verifies whether the value of the monotonically increasing counter is larger than the value of the counter in the SIM card recorded in the cloud server, and if the value of the monotonically increasing counter is larger than the value recorded in the cloud server, the decrypted data is finally indicated to be valid, and the transaction is completed.
The invention is not limited to the embodiments discussed above, and the above description of specific embodiments is intended to describe and illustrate the technical solutions to which the invention relates. Obvious variations or substitutions based on the teachings of the present invention should also be considered to fall within the scope of the present invention; the above description is provided to disclose a best mode for practicing the invention, so as to enable any person skilled in the art to utilize the invention in various embodiments and with various alternatives.

Claims (4)

1. The system comprises mobile equipment, a cloud server and an electronic terminal, wherein the electronic terminal has a two-dimensional code scanning and identifying function, and is characterized in that the mobile equipment comprises an SIM card, an APP unit, a two-dimensional code generating unit and a display screen, wherein the SIM card comprises an ISO7816 interface, an OS system unit and a key unit, the key unit stores a key which is prestored in the issuing stage of the SIM card and is the same as a key of the cloud server, address book data is stored in a fixed position in the SIM card, the address book data consists of real-time, a monotonically increasing counter value, an SIM card serial number, an application identification mark AID and an identification code CRC of the data, and the key unit prestores the written key to encrypt the address book data and stores the address book data;
when the mobile equipment starts two-dimensional code payment, an APP unit in the SIM card transmits the current time to an OS system unit in the SIM card through an update instruction of address book data, the OS system unit encrypts the address book data by using a key pre-stored and written by the key unit, and updates ciphertext data to a fixed position of the address book data, the numerical value of a monotonically increasing counter is increased by 1 when the update instruction is executed once, then the APP unit reads the fixed position of the address book data by adopting a read instruction of the address book data and records the fixed position of the address book data, so that encrypted data is obtained, and the encrypted data is transmitted to a two-dimensional code generating unit, and the two-dimensional code generating unit generates the encrypted data into a two-dimensional code and displays the two-dimensional code on a display screen;
the electronic terminal scans the two-dimensional code on the display screen of the mobile device, analyzes the encrypted data contained in the two-dimensional code, and then transmits the encrypted data to the cloud server;
after receiving the encrypted data sent by the electronic terminal, the cloud server decrypts the encrypted data by using a key which is the same as a key unit in the SIM card to generate decrypted data, acquires the decrypted data including real-time, a serial number of the SIM card, a monotonically increasing counter value and an application identification mark AID, acquires an identification code CRC of the decrypted data, then verifies the correctness of the identification code CRC, and determines whether the decrypted data is correct; if the decrypted data is correct, the cloud server verifies whether the real-time is different from the current time by more than 10 minutes, if not more than 10 minutes, the cloud server verifies whether the value of the monotonically increasing counter is larger than the value of the counter in the SIM card recorded in the cloud server, and if the value of the monotonically increasing counter is larger than the value recorded in the cloud server, the decrypted data is finally indicated to be valid, and the transaction is completed.
2. The system for realizing two-dimensional code security by using a SIM card according to claim 1, wherein the OS system unit redefines an update instruction for the fixed location of address book data, the update instruction being relocated to transfer the current time of the OS system unit of the mobile device as a parameter to the SIM card.
3. The system for realizing two-dimensional code security by using a SIM card according to claim 1, wherein the OS system unit redefines a reading instruction for reading the encrypted information of the address book data in the SIM card at a specific position and gives the encrypted information as security data to the mobile terminal APP unit for processing.
4. A method for realizing two-dimension code safety by using a SIM card is characterized by comprising the following specific steps:
step one: storing address book data in the SIM card and carrying out encryption processing; the method comprises the steps that address book data are stored in a fixed position in an SIM card, wherein the address book data consist of real-time, monotonically increasing counter values, SIM card serial numbers, application identification marks AIDs and identification codes CRC of the data, and a key unit pre-stores a written key to encrypt the address book data and then store the encrypted address book data;
step two: forming a two-dimensional code in the SIM card and displaying the two-dimensional code on a display screen; when the mobile equipment starts two-dimensional code payment, an APP unit in the SIM card transmits the current time to an OS system unit in the SIM card through an update instruction of address book data, the OS system unit encrypts the address book data by using a key pre-stored and written by the key unit, and updates ciphertext data to a fixed position of the address book data, the number of a monotonically increasing counter is increased by 1 when the update instruction is executed once, then the APP unit reads the fixed position of the address book data by adopting a read instruction of the address book data and records the fixed position of the address book data, so that encrypted data is obtained, and the encrypted data is transmitted to a two-dimensional code generating unit, and the two-dimensional code generating unit generates the encrypted data into a two-dimensional code and displays the two-dimensional code on a display screen;
step three: the electronic terminal completes two-dimensional code analysis and transmits encrypted data to the cloud server; the electronic terminal scans the two-dimensional code on the display screen of the mobile device, analyzes the encrypted data contained in the two-dimensional code, and then transmits the encrypted data to the cloud server;
step four: the cloud server decrypts the received encrypted data and verifies whether the decrypted data is correct; after receiving the encrypted data sent by the electronic terminal, the cloud server decrypts the encrypted data by using a key which is the same as a key unit in the SIM card, thereby obtaining real-time, a serial number of the SIM card, a monotonically increasing counter value, an application identification mark AID and an identification code CRC of the data, and then verifying the correctness of the identification code CRC to determine whether the decrypted data is correct;
step five: the cloud server verifies the real-time and the monotonically increasing counter value, determines whether decryption data are valid or not, and completes the transaction; if the decrypted data is correct, the cloud server verifies whether the real-time is different from the current time by more than 10 minutes, if not more than 10 minutes, the cloud server verifies whether the value of the monotonically increasing counter is larger than the value of the counter in the SIM card recorded in the cloud server, and if the value of the monotonically increasing counter is larger than the value recorded in the cloud server, the decrypted data is finally indicated to be valid, and the transaction is completed.
CN201810564395.6A 2018-06-04 2018-06-04 System and method for realizing two-dimension code safety by using SIM card Active CN110555693B (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
CN201810564395.6A CN110555693B (en) 2018-06-04 2018-06-04 System and method for realizing two-dimension code safety by using SIM card

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
CN201810564395.6A CN110555693B (en) 2018-06-04 2018-06-04 System and method for realizing two-dimension code safety by using SIM card

Publications (2)

Publication Number Publication Date
CN110555693A CN110555693A (en) 2019-12-10
CN110555693B true CN110555693B (en) 2023-09-12

Family

ID=68735970

Family Applications (1)

Application Number Title Priority Date Filing Date
CN201810564395.6A Active CN110555693B (en) 2018-06-04 2018-06-04 System and method for realizing two-dimension code safety by using SIM card

Country Status (1)

Country Link
CN (1) CN110555693B (en)

Families Citing this family (1)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN114897112B (en) * 2022-04-18 2023-07-18 上海美的茵信息技术有限公司 Diagnostic data transmission method based on two-dimension code, computer equipment and storage medium

Citations (4)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN103489102A (en) * 2013-09-13 2014-01-01 惠州Tcl移动通信有限公司 Method and system for preventing unauthorized credit card swiping through mobile phone based on two-dimensional code
CN103957105A (en) * 2014-04-28 2014-07-30 中国联合网络通信集团有限公司 Use identity authentication method and SIM card
CN104715370A (en) * 2013-12-12 2015-06-17 中国电信股份有限公司 Method and system for carrying out safety payment based on encrypted two-dimension code
WO2016045520A1 (en) * 2014-09-28 2016-03-31 中国银联股份有限公司 Token-based mobile payment method and mobile payment system

Family Cites Families (1)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN105207774B (en) * 2014-05-30 2019-03-01 北京奇虎科技有限公司 The cryptographic key negotiation method and device of verification information

Patent Citations (4)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN103489102A (en) * 2013-09-13 2014-01-01 惠州Tcl移动通信有限公司 Method and system for preventing unauthorized credit card swiping through mobile phone based on two-dimensional code
CN104715370A (en) * 2013-12-12 2015-06-17 中国电信股份有限公司 Method and system for carrying out safety payment based on encrypted two-dimension code
CN103957105A (en) * 2014-04-28 2014-07-30 中国联合网络通信集团有限公司 Use identity authentication method and SIM card
WO2016045520A1 (en) * 2014-09-28 2016-03-31 中国银联股份有限公司 Token-based mobile payment method and mobile payment system

Also Published As

Publication number Publication date
CN110555693A (en) 2019-12-10

Similar Documents

Publication Publication Date Title
US11877213B2 (en) Methods and systems for asset obfuscation
US9280770B2 (en) Secure point of sale presentation of a barcode at an information handling system display
CN107077670B (en) Method and apparatus for transmitting and processing transaction message, computer readable storage medium
AU2012303620B2 (en) System and method for secure transaction process via mobile device
US20140244514A1 (en) Methods and arrangements for smartphone payments and transactions
CN106527673A (en) Method and apparatus for binding wearable device, and electronic payment method and apparatus
WO2014134180A2 (en) Methods and arrangements for smartphone payments and transactions
KR20150002609A (en) Multi-issuer secure element partition architecture for nfc enabled devices
JP2010098367A (en) Information processor, code changeover method, and program
CN102184499A (en) Account information binding method, financial transaction method and mobile terminal
US20210272107A1 (en) Digital currency payment system, payment method and payment apparatus
KR101638787B1 (en) Mobile ticket security system and method of based location information and terminal unique number
CN110555693B (en) System and method for realizing two-dimension code safety by using SIM card
CN105635164A (en) Method and device for security authentication
JP2021175184A (en) Contactless card with multiple rotating security keys
US11631062B2 (en) Voucher verification auxiliary device, voucher verification auxiliary system, and voucher verification auxiliary method
JP4626566B2 (en) Coupon data data processing system and data processing method
CN113169873A (en) System and method for password authentication of contactless cards
CN110048831A (en) The distribution method and diostribution device of POS terminal master key
CN101986684A (en) Processing system and method for rechargeable paying
CN115422584A (en) Data deformation method and device
KR101639045B1 (en) Method and system for issuing electronic receipts
KR101426223B1 (en) Method for checking confidential information using smartcard and smart terminal, and computer-readable recording medium for the same
JP7014901B2 (en) Information display method and its devices, storage media and electronic devices
JP4360417B2 (en) Information providing system, information processing server, providing server, communication apparatus, program, and information providing method

Legal Events

Date Code Title Description
PB01 Publication
PB01 Publication
SE01 Entry into force of request for substantive examination
SE01 Entry into force of request for substantive examination
GR01 Patent grant
GR01 Patent grant