CN110719175B - Interface calling verification method, automatic teller machine and storage medium - Google Patents
Interface calling verification method, automatic teller machine and storage medium Download PDFInfo
- Publication number
- CN110719175B CN110719175B CN201910968985.XA CN201910968985A CN110719175B CN 110719175 B CN110719175 B CN 110719175B CN 201910968985 A CN201910968985 A CN 201910968985A CN 110719175 B CN110719175 B CN 110719175B
- Authority
- CN
- China
- Prior art keywords
- interface
- authentication
- random number
- algorithm
- calling
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Active
Links
Images
Classifications
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L9/00—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
- H04L9/32—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials
- H04L9/3226—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials using a predetermined code, e.g. password, passphrase or PIN
- H04L9/3228—One-time or temporary data, i.e. information which is sent for every authentication or authorization, e.g. one-time-password, one-time-token or one-time-key
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L9/00—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
- H04L9/08—Key distribution or management, e.g. generation, sharing or updating, of cryptographic keys or passwords
- H04L9/0861—Generation of secret information including derivation or calculation of cryptographic keys or passwords
- H04L9/0869—Generation of secret information including derivation or calculation of cryptographic keys or passwords involving random numbers or seeds
Landscapes
- Engineering & Computer Science (AREA)
- Computer Security & Cryptography (AREA)
- Computer Networks & Wireless Communication (AREA)
- Signal Processing (AREA)
- Financial Or Insurance-Related Operations Such As Payment And Settlement (AREA)
Abstract
The invention relates to an interface calling verification method, an automatic teller machine and a storage medium, wherein the method comprises the following steps: calling an external authentication control to obtain a logic name of a program to be verified; searching a corresponding SP DLL in an XFS configuration registry; matching a corresponding external authentication interface; acquiring an SP authentication version; acquiring a pre-configured algorithm and a key, and calling a random number generation interface to generate a random number; encrypting the random number to generate a verification ciphertext; and carrying out external verification on the verification ciphertext, and allowing the obtained program corresponding to the logic name to call a system interface if the verification is passed. The interface calling verification method provided by the invention judges whether the program is a legal program or not in a mode of verifying the ciphertext, and allows the program to call the system interface only when the verification passes, thereby reducing the probability of illegal profit of a hacker from an automatic teller machine by implanting a malicious program; and the algorithm and the secret key used by the method do not need to be communicated through an interface, so that the safety of the algorithm and the secret key is ensured.
Description
Technical Field
The invention relates to the technical field of using safety of automatic teller machines, in particular to an interface calling verification method, an automatic teller machine and a storage medium.
Background
The ATM is a highly precise electromechanical integrated device, realizes self-service of financial transactions by utilizing a magnetic code card or an intelligent card, and replaces the work of bank counter personnel. The work of withdrawing cash, inquiring deposit balance, transferring funds among accounts, inquiring balance and the like can be carried out; it is also possible to perform cash deposit (real-time posting), check deposit, passbook entry, intermediate business, and the like. The card holder can use credit card or deposit card to transact services such as automatic withdrawal, balance inquiry, account transfer, cash deposit, bankbook registration, fund purchase, password change, mobile phone charge payment and the like according to the password.
The traditional automatic teller machine has potential safety hazards, two malicious programs of cgdidisp exe and cgdidisp new exe are implanted into a hacker group, so that the automatic teller machine can disguise money at a specific time, and the economic loss is great. After-the-fact analysis shows that a hacker calls the XFS API WFS Async Execute through an implanted malicious program, directly issues a WFS _ CMD _ CDM _ DISPENSE command to an SP program, and forcibly enables an automatic teller machine to spit money at a specific time.
How to identify malicious instructions sent by illegal processes and prevent hackers from violently cracking the automatic teller machine by detecting data becomes a technical problem to be solved urgently.
Therefore, the prior art has yet to be improved.
Disclosure of Invention
In view of the above, it is necessary to provide an interface call authentication method, an automatic teller machine, and a storage medium for identifying malicious instructions sent by an illegal process and preventing a hacker from violently cracking the automatic teller machine by means of data detection.
The technical scheme of the invention is as follows:
an interface call validation method, comprising:
calling an external authentication control to obtain a logic name of a program to be verified;
searching a corresponding SP DLL in an XFS configuration registry according to the acquired logical name;
matching an external authentication interface corresponding to the SP DLL according to the search result;
calling the external authentication interface to obtain an SP authentication version;
acquiring a pre-configured algorithm and a key according to the version information of the SP authentication version, and calling a random number generation interface to generate a random number;
encrypting the random number by using the obtained algorithm and the key to generate a verification ciphertext;
and calling an external authentication command interface to carry out external authentication of the authentication ciphertext, and allowing the program corresponding to the acquired logic name to call a system interface if the authentication is passed.
In a further preferred embodiment, the step of obtaining a preconfigured algorithm and a key according to the version information of the SP authentication version and invoking a random number generation interface to generate a random number is replaced with:
Acquiring a pre-configured key bank and an algorithm according to the version information of the SP authentication version, and calling a random number generation interface to generate a random number;
after the step of obtaining a pre-configured key bank and algorithm according to the version information of the SP authentication version and calling a random number generation interface to generate a random number, the step of encrypting the random number by using the obtained algorithm and key and generating a verification ciphertext further comprises:
randomly selecting a secret key ID and an algorithm ID;
the step of encrypting the random number by using the obtained algorithm and key to generate the verification ciphertext specifically comprises:
and encrypting the random number by using the key corresponding to the selected key ID and the algorithm corresponding to the algorithm ID to generate a verification ciphertext.
In a further preferred embodiment, the interface call verification method further includes: the static library and the corresponding source code are periodically issued to periodically update the key.
In a further preferred embodiment, the interface call verification method further includes: and receiving a user operation instruction, and destroying the leaked secret key.
In a further preferred embodiment, after the step of calling the external authentication interface to obtain the SP authentication version, the step of obtaining a preconfigured algorithm and key according to the version information of the SP authentication version and calling the random number generation interface to generate the random number further includes:
And judging whether the SP authentication version is the same as the control authentication version, and if so, executing the next step.
In a further preferred embodiment, after the step of invoking the external authentication interface to obtain the SP authentication version, the step of obtaining a pre-configured algorithm and a pre-configured key according to the version information of the SP authentication version and invoking the random number generation interface to generate the random number further includes:
and traversing the control authentication version library, judging whether the SP authentication version is the same as one of the control authentication versions, and if so, executing the next step.
In a further preferred embodiment, the step of calling the external authentication command interface to perform external authentication of the authentication ciphertext, and if the authentication is passed, allowing the program corresponding to the obtained logical name to call the system interface specifically includes:
the middleware calls an external authentication command interface and sends the ciphertext to the SP;
and after receiving the external authentication command, the SP decrypts the verification ciphertext by using a specified rule to obtain data, compares the data with the random number generated by the SP, if the data are consistent with the random number, the verification is passed, and allows a program corresponding to the obtained logic name to call a system interface.
In a further preferred scheme, the external authentication interface is a WFMGetAuthType interface, the random number generation interface is a WFMGenerateRand interface, and the external authentication command interface is a WFM ExtAuth interface.
An automated teller machine comprising a memory, and one or more programs, wherein the one or more programs are stored in the memory and configured to be executed by one or more processors the one or more programs including for performing the interface call authentication method as described above.
A storage medium having stored thereon a computer program, wherein the computer program when executed by a processor implements the steps of an interface call validation method as claimed in any one of the preceding claims.
Compared with the prior art, the interface call verification method provided by the invention comprises the following steps: calling an external authentication control to obtain a logic name of a program to be verified; searching a corresponding SP DLL in an XFS configuration registry according to the acquired logical name; matching an external authentication interface corresponding to the SP DLL according to the search result; calling the external authentication interface to obtain an SP authentication version; acquiring a pre-configured algorithm and a key according to the version information of the SP authentication version, and calling a random number generation interface to generate a random number; encrypting the random number by using the obtained algorithm and the key to generate a verification ciphertext; and calling an external authentication command interface to carry out external authentication of the authentication ciphertext, and allowing the program corresponding to the acquired logic name to call a system interface if the authentication is passed. The interface calling verification method provided by the invention judges whether the program is a legal program or not in a mode of verifying the ciphertext, and allows the program to call the system interface only when the verification passes, thereby reducing the probability of illegal profit of a hacker from an automatic teller machine by implanting a malicious program; and the algorithm and the secret key used by the method do not need to be communicated through an interface, so that the safety of the algorithm and the secret key is ensured.
Drawings
Fig. 1 is a flow chart of an interface call validation method in a preferred embodiment of the invention.
FIG. 2 is a functional block diagram of an automated teller machine in a preferred embodiment of the present invention.
Detailed Description
In order to make the objects, technical solutions and advantages of the present invention more apparent, the present invention is described in further detail below with reference to the accompanying drawings and embodiments. It should be understood that the specific embodiments described herein are merely illustrative of the invention and do not delimit the invention.
Known as a vicious illegal profit-making event, a hacker calls an XFS API WFS Async Execute through an implanted malicious program, directly issues a WFS _ CMD _ CDM _ DISPENSE command to an SP program, and forcibly enables an automatic teller machine to spit money at a specific time. Then, the event can be prevented from happening again as long as the permission of the program in the automatic teller machine for calling the XFS API WFS Async Execute can be limited, and the safety protection surface can be expanded by limiting the permission of the program for calling other interfaces of the system; but obviously, the authority of the program for calling the system interface cannot be completely eliminated, so that discrimination is required.
Based on the above thought, the present invention provides an interface call verification method, as shown in fig. 1, which includes the steps of:
And S100, calling an external authentication control to obtain the logic name of the program to be verified.
In a preferred embodiment, the logical name is configured by an application program, for example, the logical name of the withdrawal module may be a Cash Dispenser. The external authentication is to generate a random number, and the random number is calculated by using the key equipment outside to finish the data authentication of the terminal; the method avoids the problem of secret key leakage because the secret key is obtained at each time and is a temporary value, the random number must be calculated at each time, and the secret key is read out and can only be used for calculation, so that the calculation value of the random number cannot be used at the next time even if the calculation value is leaked, and the accuracy of a verification result is ensured because the calculation value cannot be used at the next time.
S200, searching a corresponding SP DLL in an XFS configuration registry according to the acquired logical name.
Dll (dynamic Link library) files are dynamic Link library files, also called "application development", which are software file types. In Windows, many applications are not a complete executable file, but are partitioned into relatively independent dynamic link libraries, i.e., DLL files, that are placed in the system. When we execute a certain program, the corresponding DLL file will be called. An application may use multiple DLL files, one DLL file may also be used by different applications, and such DLL files are referred to as shared DLL files.
An SP (service provider) service vendor, also referred to herein as a service vendor provided driver, an SP DLL is a DLL file for a service vendor provided driver.
In specific implementation, after the corresponding SP DLL is searched in the XFS configuration registry, the SP DLL is loaded.
S300, matching an external authentication interface corresponding to the SP DLL according to a search result; for example, the external authentication interface may be a WFMGetAuthType interface.
S400, calling the external authentication interface to obtain an SP authentication version, wherein the SP authentication version is an external authentication version supported by the SP.
Preferably, after S400, further comprising: judging whether the SP authentication version is the same as the control authentication version, if so, executing the next step; or traversing the control authentication version library, judging whether the SP authentication version is the same as one control authentication version, and if so, executing the next step. The external authentication control compares the authentication mode Type supported by the external authentication control with the external authentication version supported by the SP acquired by the manufacturer SP interface (WFM Get Auth Type), and looks to see whether the corresponding authentication mode is supported, if not, the authentication is failed. If the external authentication version supported by the SP is not obtained, failure is directly returned.
In specific implementation, after the SP authentication version and the control authentication version are compared, whether the next step is continued or not is judged according to the safety rule, if the safety rule is judged to be not, failure is returned, and if the safety rule is judged to be not, the next step is carried out.
S500, acquiring a pre-configured algorithm and a pre-configured key according to the version information of the SP authentication version, and calling a random number generation interface to generate a random number.
Preferably, the random number generation interface is a WFMGenerateRand interface, the random number is used for generating the external authentication information, and the length of the random number is set by a security rule, for example, 16 bytes.
S600, encrypting the random number by using the obtained algorithm and the key to generate a verification ciphertext.
S700, calling an external authentication command interface (preferably WFM Get Auth Type) to perform external authentication of the authentication ciphertext, and allowing the program corresponding to the acquired logic name to call a system interface if the authentication is passed.
Further, the S700 specifically includes:
the middleware calls an external authentication command interface and sends the ciphertext to the SP;
and after receiving the external authentication command, the SP decrypts the verification ciphertext by a specified rule to obtain data, compares the data with the random number generated by the SP, if the data is consistent with the random number, the verification is passed, and the program corresponding to the acquired logic name is allowed to call a system interface.
According to the interface calling verification method provided by the invention, whether the program is a legal program is judged by verifying the ciphertext, and the program is allowed to call the system interface only when the verification passes, so that the probability of illegal profit of a hacker from an automatic teller machine by implanting a malicious program is reduced; and the algorithm and the secret key used by the method do not need to be communicated through an interface, so that the safety of the algorithm and the secret key is ensured.
As an improvement of the foregoing preferred embodiment, the step of obtaining a preconfigured algorithm and a key according to the version information of the SP authentication version, and invoking a random number generation interface to generate a random number is replaced with:
acquiring a pre-configured key bank and an algorithm according to the version information of the SP authentication version, and calling a random number generation interface to generate a random number;
after the step of obtaining a pre-configured key bank and algorithm according to the version information of the SP authentication version and calling a random number generation interface to generate a random number, the step of encrypting the random number by using the obtained algorithm and key and generating a verification ciphertext further comprises the steps of:
randomly selecting a secret key ID and an algorithm ID;
the step of encrypting the random number by using the obtained algorithm and the key to generate the verification ciphertext specifically comprises the following steps:
And encrypting the random number by using the key corresponding to the selected key ID and the algorithm corresponding to the algorithm ID to generate a verification ciphertext.
That is, the present invention preferably has multiple sets of the keys and algorithms, and during the calculation process of the verification ciphertext, a set of the keys and algorithms is randomly selected, so that the complexity of the interface data is increased, and the detection data is prevented from being violently cracked.
Preferably, the interface call verification method further includes: the static library and the corresponding source code are periodically issued to periodically update the key. The external authentication guarantees the identity authentication safety based on the key and the algorithm, and the key is updated regularly, so that the safety of the whole structure is guaranteed. And a mode of regularly releasing a static library and corresponding source codes is adopted, and a manufacturer is responsible for realizing a corresponding verification interface.
According to another aspect of the present invention, the interface call verification method further comprises: and receiving a user operation instruction, and destroying the leaked secret key. And adopting a destruction strategy aiming at the leaked key, shielding the key in the application authentication control according to the security strategy, and if the key is leaked before the 5 th version is controlled, the operation can be normally carried out only if the key is updated to the 5 th version and later versions.
In summary, the invention has the following advantages:
(1) the external authentication adopts a one-time pad mode to carry out authentication, so that brute force cracking through detection data is prevented;
(2) and a plurality of groups of algorithms and keys are adopted for random verification, so that the complexity of interface data is increased, and the violent cracking of the detection data is prevented.
(3) The identity is verified through the secret key and the algorithm, and the algorithm and the secret key do not communicate through the interface, so that the safety of the algorithm and the secret key is guaranteed.
(4) The authentication key and the algorithm are updated regularly, and the key updating adopts a channel different from the production environment, so that the updating safety of the key and the algorithm is ensured.
(5) When the security risk is possibly suffered (such as personnel leaving the work and key leakage), the equipment with the security risk is isolated, and the security risk is relieved and then the equipment is served.
(6) The external authentication interface keeps expansibility, and more verification algorithms and keys can be added subsequently, so that the safety is ensured.
As shown in fig. 2, the present invention also provides an automatic teller machine comprising a memory 10, and one or more programs, wherein the one or more programs are stored in the memory 10, and configured to be executed by the one or more processors 20 comprises a module for executing the interface call verification method as described above.
The present invention also provides a storage medium having a computer program stored thereon, wherein the computer program, when executed by a processor, implements the steps of the interface call validation method as described above.
It will be understood by those skilled in the art that all or part of the processes of the methods of the embodiments described above can be implemented by hardware instructions of a computer program, which can be stored in a non-volatile computer-readable storage medium, and when executed, can include the processes of the embodiments of the methods described above. Any reference to memory, storage, databases, or other media used in embodiments provided herein may include non-volatile and/or volatile memory. Non-volatile memory can include read-only memory (ROM), Programmable ROM (PROM), Electrically Programmable ROM (EPROM), Electrically Erasable Programmable ROM (EEPROM), or flash memory. Volatile memory can include Random Access Memory (RAM) or external cache memory. By way of illustration and not limitation, RAM is available in a variety of forms such as Static RAM (SRAM), Dynamic RAM (DRAM), Synchronous DRAM (SDRAM), Double Data Rate SDRAM (DDRSDRAM), Enhanced SDRAM (ESDRAM), synchronous Link (SyNchlinNk) DRAM (SLDRAM), Rambus (Rambus) direct RAM (RDRAM), direct memory bus dynamic RAM (DRDRAM), and memory bus dynamic RAM (RDRAM).
The technical features of the above embodiments can be arbitrarily combined, and for the sake of brevity, all possible combinations of the technical features in the above embodiments are not described, but should be considered as the scope of the present specification as long as there is no contradiction between the combinations of the technical features.
The above-mentioned embodiments only express several embodiments of the present invention, and the description thereof is more specific and detailed, but not construed as limiting the scope of the invention. It should be noted that, for a person skilled in the art, several variations and modifications can be made without departing from the inventive concept, which falls within the scope of the present invention. Therefore, the protection scope of the present patent shall be subject to the appended claims.
Claims (8)
1. An interface call verification method, comprising:
calling an external authentication control to obtain a logic name of a program to be verified;
searching a corresponding SP DLL in an XFS configuration registry according to the acquired logical name;
matching an external authentication interface corresponding to the SP DLL according to the search result;
calling the external authentication interface to obtain an SP authentication version;
Judging whether the SP authentication version is the same as the control authentication version, if so, executing the next step;
acquiring a pre-configured algorithm and a key according to the version information of the SP authentication version, and calling a random number generation interface to generate a random number;
encrypting the random number by using the obtained algorithm and the key to generate a verification ciphertext;
calling an external authentication command interface to carry out external authentication of the authentication ciphertext, and if the authentication is passed, allowing a program corresponding to the obtained logic name to call a system interface;
the step of calling the external authentication command interface to perform external authentication of the authentication ciphertext, and if the authentication is passed, allowing the program corresponding to the obtained logic name to call the system interface specifically includes:
the middleware calls an external authentication command interface and sends the ciphertext to the SP;
and after receiving the external authentication command, the SP decrypts the verification ciphertext by a specified rule to obtain data, compares the data with the random number generated by the SP, if the data is consistent with the random number, the verification is passed, and the program corresponding to the acquired logic name is allowed to call a system interface.
2. The interface call verification method according to claim 1, wherein the step of obtaining a preconfigured algorithm and key according to the version information of the SP authentication version and calling a random number generation interface to generate a random number is replaced with:
Acquiring a pre-configured key bank and an algorithm according to the version information of the SP authentication version, and calling a random number generation interface to generate a random number;
after the step of obtaining a pre-configured key bank and algorithm according to the version information of the SP authentication version and calling a random number generation interface to generate a random number, the step of encrypting the random number by using the obtained algorithm and key and generating a verification ciphertext further comprises:
randomly selecting a secret key ID and an algorithm ID;
the step of encrypting the random number by using the obtained algorithm and key to generate the verification ciphertext specifically comprises:
and encrypting the random number by using the key corresponding to the selected key ID and the algorithm corresponding to the algorithm ID to generate a verification ciphertext.
3. The interface call validation method of claim 1, further comprising: the static library and the corresponding source code are periodically issued to periodically update the key.
4. The interface call validation method of claim 1, further comprising: and receiving a user operation instruction, and destroying the leaked secret key.
5. The interface call verification method according to claim 1, wherein after the step of calling the external authentication interface and obtaining the SP authentication version, the step of obtaining a preconfigured algorithm and key according to the version information of the SP authentication version and calling the random number generation interface to generate the random number further comprises:
and traversing the control authentication version library, judging whether the SP authentication version is the same as one of the control authentication versions, and if so, executing the next step.
6. The interface call verification method according to claim 1, wherein the external authentication interface is a WFMGetAuthType interface, the random number generation interface is a WFMGenerateRand interface, and the external authentication command interface is a WFM ExtAuth interface.
7. An automated teller machine comprising a memory, and one or more programs, wherein the one or more programs are stored in the memory, and wherein execution of the one or more programs by one or more processors comprises execution of the interface call authentication method of any one of claims 1 to 6.
8. A storage medium having stored thereon a computer program, wherein the computer program, when executed by a processor, implements the steps of the interface call authentication method according to any one of claims 1 to 6.
Priority Applications (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN201910968985.XA CN110719175B (en) | 2019-10-12 | 2019-10-12 | Interface calling verification method, automatic teller machine and storage medium |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN201910968985.XA CN110719175B (en) | 2019-10-12 | 2019-10-12 | Interface calling verification method, automatic teller machine and storage medium |
Publications (2)
| Publication Number | Publication Date |
|---|---|
| CN110719175A CN110719175A (en) | 2020-01-21 |
| CN110719175B true CN110719175B (en) | 2022-06-28 |
Family
ID=69212590
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN201910968985.XA Active CN110719175B (en) | 2019-10-12 | 2019-10-12 | Interface calling verification method, automatic teller machine and storage medium |
Country Status (1)
| Country | Link |
|---|---|
| CN (1) | CN110719175B (en) |
Citations (3)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN107077561A (en) * | 2017-01-10 | 2017-08-18 | 深圳怡化电脑股份有限公司 | Verify method, self-aided terminal and the application server of upper layer application identity |
| CN108279947A (en) * | 2018-01-03 | 2018-07-13 | 深圳怡化电脑股份有限公司 | The method and device of financial self-service equipment SP installation kits adaptation |
| CN109102659A (en) * | 2018-07-24 | 2018-12-28 | 苏州浪潮智能软件有限公司 | A method of promoting bank self-help terminal security performance |
Family Cites Families (1)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| GB0427696D0 (en) * | 2004-12-17 | 2005-01-19 | Ncr Int Inc | Method of authenticating an executable application |
-
2019
- 2019-10-12 CN CN201910968985.XA patent/CN110719175B/en active Active
Patent Citations (4)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN107077561A (en) * | 2017-01-10 | 2017-08-18 | 深圳怡化电脑股份有限公司 | Verify method, self-aided terminal and the application server of upper layer application identity |
| WO2018129658A1 (en) * | 2017-01-10 | 2018-07-19 | 深圳怡化电脑股份有限公司 | Upper-layer application identity verification method, self-service terminal, and application server |
| CN108279947A (en) * | 2018-01-03 | 2018-07-13 | 深圳怡化电脑股份有限公司 | The method and device of financial self-service equipment SP installation kits adaptation |
| CN109102659A (en) * | 2018-07-24 | 2018-12-28 | 苏州浪潮智能软件有限公司 | A method of promoting bank self-help terminal security performance |
Non-Patent Citations (1)
| Title |
|---|
| 基于XFS规范的ATM设备驱动程序;余东;《硕士学位论文电子期刊》;20120615;全文 * |
Also Published As
| Publication number | Publication date |
|---|---|
| CN110719175A (en) | 2020-01-21 |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| US10635430B2 (en) | Over-the-air provisioning of application library | |
| US8807440B1 (en) | Routing secure element payment requests to an alternate application | |
| EP2332092B1 (en) | Apparatus and method for preventing unauthorized access to payment application installed in contactless payment device | |
| WO2015168333A1 (en) | Systems and methods for data desensitization | |
| WO2011060115A1 (en) | One time pin generation | |
| CN107077561B (en) | Method for verifying identity of upper-layer application, self-service terminal and application server | |
| CN107210912B (en) | Authorized access to application libraries | |
| CN110582774A (en) | System and method for software module binding | |
| US11170614B1 (en) | System and method of authentication using a re-writable security value of a transaction card | |
| WO2018156384A1 (en) | Determining legitimate conditions at a computing device | |
| KR102665574B1 (en) | transaction authorization | |
| EP1489535A1 (en) | Cash automatic dealing system | |
| CN110727946A (en) | Process protection method based on fingerprint verification, automatic teller machine and storage medium | |
| CN110719175B (en) | Interface calling verification method, automatic teller machine and storage medium | |
| WO2018156382A1 (en) | Security architecture for device applications | |
| US20170011366A1 (en) | Method and settlement processing system for reinforcing security of settlement | |
| US20220383307A1 (en) | Method and system for payment when network is blocked | |
| EP3971851A1 (en) | An electronic device, method and computer program product for instructing performance of a transaction which has been requested at an automated teller machine | |
| EP3862953A1 (en) | Method for enhancing sensitive data security | |
| RU2672710C2 (en) | System and method for protecting financial devices using the xfs standard from unauthorized access | |
| AU2016253607B2 (en) | Apparatus and method for preventing unauthorized access to application installed in a device | |
| AU2015202512B2 (en) | Apparatus and method for preventing unauthorized access to application installed in mobile device | |
| WO2023006249A1 (en) | User pattern oriented method and system for prevention of risk in card based transactions | |
| KR20120082288A (en) | Ic card, ic card handling apparatus and method for discriminating authenticity thereof |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| PB01 | Publication | ||
| PB01 | Publication | ||
| SE01 | Entry into force of request for substantive examination | ||
| SE01 | Entry into force of request for substantive examination | ||
| GR01 | Patent grant | ||
| GR01 | Patent grant | ||
| TR01 | Transfer of patent right | ||
| TR01 | Transfer of patent right |
Effective date of registration: 20220816 Address after: Floor C20, Building 1, Shenzhen Software Industry Base, No. 81, 83, 85, Gaoxin South 10th Road, Binhai Community, Yuehai Street, Nanshan District, Shenzhen, Guangdong 518000 Patentee after: SHENZHEN ZIJIN FULCRUM TECHNOLOGY Co.,Ltd. Address before: 12a, West building, Chang'an Xingrong center, 1 naoshikou street, Xicheng District, Beijing 100032 Patentee before: BEIJING ZIJIN FULCRUM TECHNOLOGY Co.,Ltd. |