CN111460471A - Self-service data processing device and method - Google Patents
Self-service data processing device and method Download PDFInfo
- Publication number
- CN111460471A CN111460471A CN202010190735.0A CN202010190735A CN111460471A CN 111460471 A CN111460471 A CN 111460471A CN 202010190735 A CN202010190735 A CN 202010190735A CN 111460471 A CN111460471 A CN 111460471A
- Authority
- CN
- China
- Prior art keywords
- information
- encrypted
- identified
- module
- card
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Pending
Links
- 238000012545 processing Methods 0.000 title claims abstract description 63
- 238000000034 method Methods 0.000 title abstract description 9
- 230000005540 biological transmission Effects 0.000 claims abstract description 25
- 230000003993 interaction Effects 0.000 claims description 9
- 238000007651 thermal printing Methods 0.000 claims description 9
- 238000003672 processing method Methods 0.000 claims description 6
- 238000004891 communication Methods 0.000 abstract description 17
- 238000005516 engineering process Methods 0.000 abstract description 4
- 238000013461 design Methods 0.000 description 4
- 238000010586 diagram Methods 0.000 description 2
- 230000009286 beneficial effect Effects 0.000 description 1
- 238000010276 construction Methods 0.000 description 1
- 238000001514 detection method Methods 0.000 description 1
- 230000004807 localization Effects 0.000 description 1
- 230000003287 optical effect Effects 0.000 description 1
- 230000002093 peripheral effect Effects 0.000 description 1
- 238000012827 research and development Methods 0.000 description 1
Images
Classifications
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/60—Protecting data
- G06F21/606—Protecting data by securing the transmission between two devices or processes
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/60—Protecting data
- G06F21/602—Providing cryptographic facilities or services
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/60—Protecting data
- G06F21/64—Protecting data integrity, e.g. using checksums, certificates or signatures
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06K—GRAPHICAL DATA READING; PRESENTATION OF DATA; RECORD CARRIERS; HANDLING RECORD CARRIERS
- G06K17/00—Methods or arrangements for effecting co-operative working between equipments covered by two or more of main groups G06K1/00 - G06K15/00, e.g. automatic card files incorporating conveying and reading operations
Landscapes
- Engineering & Computer Science (AREA)
- Theoretical Computer Science (AREA)
- Computer Security & Cryptography (AREA)
- Physics & Mathematics (AREA)
- General Physics & Mathematics (AREA)
- Health & Medical Sciences (AREA)
- Bioethics (AREA)
- General Health & Medical Sciences (AREA)
- Computer Hardware Design (AREA)
- Software Systems (AREA)
- General Engineering & Computer Science (AREA)
- Storage Device Security (AREA)
Abstract
The invention provides a self-service data processing device and a method, wherein the device comprises: the image information reading module is used for reading image information to be identified from the electronic equipment; the main control module is used for identifying the graphic information to be identified to obtain service information; the decryption data processing module is used for reading information to be encrypted from the information card to be identified through a contact type card reader or a non-contact type card reader, encrypting the information to be encrypted according to a pre-loaded SM2 cryptographic algorithm to obtain encrypted information, and sending the encrypted information to the main control module. The invention prevents data from being tampered in the transmission process, ensures the confidentiality of data transmission and the safety of data communication, gets rid of excessive dependence on foreign technologies and products, and provides an effective solution for establishing a safe, autonomous and controllable network security environment.
Description
Technical Field
The invention mainly relates to the technical field of financial information, in particular to a self-service data processing device and a self-service data processing method.
Background
At present, self-service equipment is widely used in business places such as banks, telecommunications, medical treatment and the like, and the equipment gradually plays an important role in daily life of people due to convenient deployment and efficiency improvement. The scheme that an Intel x86 architecture CPU mainboard is adopted by most domestic self-service equipment, the whole autonomous localization degree of various equipment is low, inconvenience and risks are brought to certain degree to national economy under the condition that people increasingly rely on the intelligent self-service equipment, communication data of an existing Windows operating system or a domestic operating system industrial control host and an intelligent card reading module are transmitted in a plaintext mode, service sensitive data are easy to intercept and crack, and data security cannot be guaranteed.
Disclosure of Invention
The invention aims to solve the technical problem of the prior art and provides a self-service data processing device and a self-service data processing method.
The technical scheme for solving the technical problems is as follows: a self-service data processing apparatus comprising:
the graphic information reading module, the main control module and the decryption processing module;
the graphic information reading module is used for reading the graphic information to be identified from the electronic equipment;
the main control module is used for identifying the graphic information to be identified to obtain service information;
the decryption data processing module is used for reading information to be encrypted from an information card to be identified through a contact type card reader or a non-contact type card reader, encrypting the information to be encrypted according to a pre-loaded SM2 cryptographic algorithm to obtain encrypted information, and sending the encrypted information to the main control module;
the main control module is further configured to identify the encrypted information to obtain information to be decrypted, and decrypt the information to be decrypted according to a pre-loaded SM2 cryptographic algorithm to obtain decrypted information.
Another technical solution of the present invention for solving the above technical problems is as follows: a self-service data processing method comprises the following steps:
reading the graph information to be identified from the electronic equipment;
identifying the graph information to be identified to obtain service information;
reading information to be encrypted from an information card to be identified through a contact type card reader or a non-contact type card reader, encrypting the information to be encrypted according to a pre-loaded SM2 cryptographic algorithm to obtain encrypted information, and sending the encrypted information to the main control module;
and identifying the encrypted information to obtain information to be decrypted, and decrypting the information to be decrypted according to a pre-loaded SM2 cryptographic algorithm to obtain decrypted information.
The invention has the beneficial effects that: the method comprises the steps of obtaining service information through identification of graph information to be identified, obtaining encrypted information through encryption of the information to be encrypted according to a pre-loaded SM2 state cipher algorithm, sending the encrypted information to a main control module, obtaining information to be decrypted through identification of the encrypted information by the main control module, obtaining decrypted information through decryption of the information to be decrypted according to a pre-loaded SM2 state cipher algorithm, preventing data from being tampered in the transmission process, guaranteeing confidentiality of data transmission and safety of data communication, and meanwhile providing an effective solution for building a safe and independently controllable network security environment.
Drawings
FIG. 1 is a block diagram of a self-service data processing apparatus according to an embodiment of the present invention;
fig. 2 is a schematic flow chart of a self-service data processing method according to an embodiment of the present invention.
Detailed Description
The principles and features of this invention are described below in conjunction with the following drawings, which are set forth by way of illustration only and are not intended to limit the scope of the invention.
Fig. 1 is a block diagram of modules for processing self-service data according to an embodiment of the present invention.
As shown in fig. 1, a self-service data processing apparatus includes:
the graphic information reading module, the main control module and the decryption processing module;
the graphic information reading module is used for reading the graphic information to be identified from the electronic equipment;
the main control module is used for identifying the graphic information to be identified to obtain service information;
the decryption data processing module is used for reading information to be encrypted from an information card to be identified through a contact type card reader or a non-contact type card reader, encrypting the information to be encrypted according to a pre-loaded SM2 cryptographic algorithm to obtain encrypted information, and sending the encrypted information to the main control module;
the main control module is further configured to identify the encrypted information to obtain information to be decrypted, and decrypt the information to be decrypted according to a pre-loaded SM2 cryptographic algorithm to obtain decrypted information.
Preferably, the main control module can be a CPU mainboard of an onboard Loongson 3A-3000 model, and carries L oongnix operating system.
Specifically, the unencrypted data processing module and the master control module may both use SM2 or SM4 cryptographic algorithm to encrypt and transmit the information to be encrypted.
It should be understood that the master control module and the decryption data processing module are used for encrypting and decrypting data by using SM2 cryptographic algorithm; the decryption data processing module encrypts communication data by using a public key of a built-in security module of the main control module and sends the communication data to the main control module, and the security module of the main control module decrypts the encrypted data sent by the decryption data processing module by using a corresponding private key.
Specifically, data communication between the unencrypted data processing module and the main control module is transmitted in a plaintext or ciphertext mode, sensitive data access is in a ciphertext mode, and the unencrypted data processing module receives sensitive data encryption and decryption instructions and conducts encryption and decryption on the sensitive data.
It should be understood that the de-encryption data processing module supports reading and writing of contact-Type intelligent CPU cards conforming to ISO7816 specifications T-0 and T-1 protocols and supports reading and writing of non-contact-Type intelligent CPU cards conforming to ISO14443 specifications Type A and Type B protocols.
Specifically, the decryption data processing module adopts a domestic chip self-help research and development design, and communication between the decryption data processing module and the main control module is completed through a user-defined communication protocol.
In the above embodiment, the service information is obtained by obtaining the identification of the graphic information to be identified, the encrypted information is obtained by encrypting the information to be encrypted according to the pre-loaded SM2 national encryption algorithm, the encrypted information is sent to the main control module, the main control module identifies the encrypted information to obtain the information to be decrypted, and the decrypted information is obtained by decrypting the information to be decrypted according to the pre-loaded SM2 national encryption algorithm, so that data is prevented from being tampered in the transmission process, the confidentiality of data transmission and the security of data communication are ensured, and an effective solution is provided for establishing a safe, autonomous and controllable network security environment.
Optionally, as an embodiment of the present invention, the to-be-identified pattern information includes magnetic stripe card to-be-identified information, two-dimensional code to-be-identified information, and thermal printing to-be-identified information, and the pattern information reading module includes a magnetic stripe card data obtaining unit, a two-dimensional code data obtaining unit, and a thermal printing data obtaining unit;
the magnetic stripe card data obtaining unit is used for obtaining the information to be identified of the magnetic stripe card from the magnetic stripe card to be identified;
the two-dimensional code data obtaining unit is used for obtaining the information to be identified of the two-dimensional code from the two-dimensional code to be identified;
the thermal printing data obtaining unit is used for obtaining the thermal printing to-be-identified information from the thermal printer to be identified.
In the above embodiment, the information to be identified of the magnetic stripe card, the information to be identified of the two-dimensional code, and the information to be identified of the thermal printing are obtained from the magnetic stripe card, the two-dimensional code, and the thermal printer, respectively, so that various types of data information can be read, the diversity of the device is realized, and a foundation is provided for ensuring various types of data transmission and data communication.
Optionally, as an embodiment of the present invention, the mobile terminal further includes a password keyboard information reading module, where the password keyboard information reading module is configured to obtain keyboard password information to be identified from a password keyboard;
the main control module is further used for identifying the information to be identified of the keyboard password to obtain the keyboard password information.
In the embodiment, the keyboard password information is obtained by identifying the information to be identified of the keyboard password, different types of data information can be processed differently, and an intelligent processing mode is embodied.
Optionally, as an embodiment of the present invention, the unencrypted data processing module includes a data processing unit, a security algorithm unit, an information card to be identified obtaining unit, and a data transmission unit;
the information card to be identified acquisition unit is used for reading information to be encrypted from the information card to be identified;
the security algorithm unit is used for encrypting the information to be encrypted according to a pre-loaded SM2 cryptographic algorithm to obtain encrypted information to be identified;
the data processing unit is used for identifying the encrypted information to be identified to obtain encrypted information;
and the data transmission unit is used for sending the encrypted information to the main control module.
Preferably, the data processing unit may be a GD32F103VCT6 master control chip, and the security algorithm unit may be a CIU98320B security algorithm chip.
It should be understood that the information interaction between the security algorithm unit and the data processing unit adopts a USART mode, and the information interaction between the data transmission unit and the data processing unit adopts a USB or RS232 mode
Specifically, the data transmission unit provides two forms of USB or USART, so that the communication with the main control module is more flexible.
It should be understood that the GD32F103VCT6 main control chip is a 32-bit MCU from a core M3 of a megaly homemade ARM architecture, and has the characteristics of good performance, high speed, rich peripheral resources and the like; the CIU98320B security algorithm chip is a 32-bit controller security chip based on an ARM kernel, and the hardware algorithm coprocessor is used for providing DES/3DES, RSA, ECC, SM2, SM1/SM3/SM4, SHA-1/SHA-256/SHA-512 security algorithms and true random number generators with excellent performance.
Specifically, the contact type or non-contact type CPU card and the data processing unit interactively return to the encryption and decryption transmission mode of the data processing unit.
In the embodiment, the information to be encrypted is encrypted according to the pre-loaded SM2 national encryption algorithm to obtain the information to be encrypted and the information to be encrypted is identified to obtain the encrypted information, so that data is prevented from being tampered in the transmission process, the confidentiality of data transmission and the safety of data communication are ensured, meanwhile, the domestic chip design is adopted to get rid of excessive dependence on foreign technologies and products, and an effective solution is provided for the construction of a safe, autonomous and controllable network security environment.
Optionally, as an embodiment of the present invention, the system further includes a magnetic barcode acquisition module, where the magnetic barcode acquisition module is configured to read and obtain information to be encrypted of the magnetic barcode from the magnetic barcode to be identified;
the security algorithm unit is also used for encrypting the information to be encrypted of the magnetic bar code according to a pre-loaded SM2 cryptographic algorithm to obtain the information to be identified of the magnetic bar code;
the data processing unit is also used for identifying the information to be identified of the magnetic bar code to obtain magnetic bar code encryption information;
the data transmission unit is also used for sending the magnetic bar code encryption information to the main control module;
the main control module is further configured to identify the magnetic barcode encrypted information to obtain magnetic barcode information to be decrypted, and decrypt the magnetic barcode information to be decrypted according to a pre-loaded SM2 cryptographic algorithm to obtain magnetic barcode decrypted information.
Preferably, the magnetic barcode acquisition module can be a PA1100 magnetic stripe decoding chip.
It should be understood that the PA1100 magnetic stripe decoding chip supports the ISO7811 standard, supports forward and reverse magnetic stripe card swiping, and supports single, double and three-track magnetic stripe card decoding.
Specifically, the information interaction between the magnetic barcode acquisition module and the data processing unit adopts a 12C mode.
In the embodiment, the information to be encrypted of the magnetic barcode is encrypted according to the preloaded SM2 cryptographic algorithm to obtain the information to be identified of the magnetic barcode, the information to be identified of the magnetic barcode is identified to obtain the encrypted information of the magnetic barcode, the encrypted information of the magnetic barcode is sent to the main control module, the main control module identifies the encrypted information of the magnetic barcode to obtain the information to be decrypted of the magnetic barcode, the information to be decrypted of the magnetic barcode is decrypted according to the preloaded SM2 cryptographic algorithm to obtain the decrypted information of the magnetic barcode, different types of data information can be processed differently, an intelligent processing mode is embodied, meanwhile, data is prevented from being tampered in the transmission process, confidentiality of data transmission and safety of data communication are guaranteed, and excessive dependence on foreign technologies and products is eliminated by adopting a domestic chip design.
Optionally, as an embodiment of the present invention, the data processing unit is further configured to generate an information reading instruction to be encrypted;
the security algorithm unit is further configured to encrypt the information reading instruction to be encrypted according to a pre-loaded SM2 cryptographic algorithm to obtain the information reading instruction to be encrypted;
the information card to be identified acquisition unit is also used for receiving the information reading instruction to be encrypted;
the security algorithm unit is further configured to decrypt the information reading instruction to be encrypted according to a pre-loaded SM2 cryptographic algorithm to obtain an information reading instruction;
the information card to be identified acquisition unit is also used for reading the information card to be identified according to the information reading instruction to obtain information to be encrypted;
the data processing unit is also used for generating a magnetic bar code information reading instruction to be encrypted;
the security algorithm unit is further used for encrypting the magnetic barcode information reading instruction to be encrypted according to a pre-loaded SM2 cryptographic algorithm to obtain a magnetic barcode information reading instruction to be encrypted;
the magnetic bar code acquisition module is also used for receiving a magnetic bar code information reading instruction to be encrypted;
the security algorithm unit is further used for decrypting the magnetic barcode information reading instruction to be encrypted according to a pre-loaded SM2 cryptographic algorithm to obtain a magnetic barcode information reading instruction;
the magnetic bar code acquisition module is also used for reading the magnetic bar code to be identified according to the magnetic bar code information reading instruction to obtain the information to be encrypted of the magnetic bar code.
It should be understood that the communication data of the data processing unit and the information card to be identified obtaining unit and the magnetic bar code obtaining module can be encrypted by the SM2 cryptographic algorithm before being transmitted.
In the above embodiment, an instruction for reading information to be encrypted is generated, an instruction for reading information to be encrypted is obtained by encrypting the instruction for reading information to be encrypted according to a preloaded SM2 cryptographic algorithm, an instruction for reading information is obtained by decrypting the instruction for reading information to be encrypted according to a preloaded SM2 cryptographic algorithm, information to be encrypted is obtained by reading an information card to be identified according to the instruction for reading information, an instruction for reading information to be encrypted of a magnetic barcode is generated at the same time, an instruction for reading information to be encrypted of the magnetic barcode is obtained by encrypting the instruction for reading information to be encrypted of the magnetic barcode according to a preloaded SM2 cryptographic algorithm, an instruction for reading information to be encrypted of the magnetic barcode is obtained by decrypting the instruction for reading information to be encrypted of the magnetic barcode according to a preloaded SM2 cryptographic algorithm, information to be encrypted of the magnetic barcode is obtained according to the instruction for reading the magnetic barcode, and data is prevented from being tampered, the confidentiality of data transmission and the safety of data communication are further ensured.
Optionally, as an embodiment of the present invention, the information to be encrypted includes contact card data information and non-contact card data information, the information reading instruction includes a contact card information obtaining instruction and a non-contact card information obtaining instruction, and the information card to be identified obtaining unit includes a contact card data obtaining unit and a non-contact card data obtaining unit;
the contact card data obtaining unit is used for obtaining contact card data information from a contact card to be identified according to the contact card information obtaining instruction;
and the non-contact card data obtaining unit is used for obtaining the non-contact card data information from the non-contact card to be identified according to the non-contact card information obtaining instruction.
Preferably, the contact card data obtaining unit may be an AU9541 contact card chip, and the non-contact card data obtaining unit may be a THM3070 radio frequency chip.
It should be understood that the AU9541 contact card chip supports the operation of contact Type intelligent CPU card conforming to the ISO7816 specification T-0 and T-1, the THM3070 radio frequency chip supports the CPU intelligent card operation conforming to the ISO14443 specification Type A/Type B protocol, and the EMV L evel1 detection authentication is passed.
Specifically, the information interaction between the contact card data obtaining unit and the data processing unit adopts a USART mode, and the information interaction between the non-contact card data obtaining unit and the data processing unit adopts an SPI mode.
In the embodiment, the contact card data information and the non-contact card data information are respectively obtained from the contact card and the non-contact card, so that valuable and easily stolen data can be obtained in different modes, data is prevented from being tampered in the transmission process, the confidentiality of data transmission and the safety of data communication are ensured, meanwhile, the excessive dependence on foreign technologies and products is eliminated by adopting a domestic chip design, and an effective solution is provided for establishing a safe, autonomous and controllable network security environment.
Optionally, as an embodiment of the present invention, the system further includes a second generation certificate security module, where the information to be encrypted by the magnetic barcode includes second generation certificate data information;
the second generation certificate security module is used for obtaining the original encrypted data information of the second generation certificate from the magnetic bar code of the second generation certificate to be identified and decrypting the original encrypted data information of the second generation certificate to obtain the data information of the second generation certificate.
It should be understood that the second generation documents include resident second/third generation identification cards, hong Kong and Australia station residence cards, and foreigners permanent residence cards.
Specifically, when the user identity card information is read, the second generation certificate security module reads the unencrypted identity card characters, pictures and fingerprint information, and then sends the unencrypted information to the security algorithm unit; the security algorithm unit encrypts data through an SM2 encryption algorithm; the encrypted data is transmitted back to the data processing unit; and sending the data to the PC end through a USB interface or a USART interface.
Specifically, the information interaction between the second generation certificate security module and the data processing unit adopts a USART mode.
In the embodiment, the second-generation certificate data information is obtained by decrypting the original encrypted data information of the second-generation certificate, so that correct data information can be obtained in a targeted manner, the data information is encrypted, data is prevented from being tampered in the transmission process, the confidentiality of data transmission and the safety of data communication are guaranteed, and meanwhile, an effective solution is provided for establishing a safe and independently controllable network security environment.
Optionally, as an embodiment of the present invention, the present invention further includes a power module, a display module, a camera module, and a network interface module;
the power supply module is used for providing power for the graphic information reading module, the main control module and the decryption processing module;
the display module is used for respectively displaying the service information, the decryption information, the keyboard password information and the magnetic bar code decryption information in corresponding password frames;
the camera module is used for taking a picture of the user to obtain user picture information;
the main control module is also used for storing the user photo information;
and the network interface module is used for carrying out information interaction with a preset server.
Optionally, as an embodiment of the present invention, the camera module is specifically configured to:
the face of the user is recognized.
Preferably, the camera module may be a face recognition camera.
In the above embodiment, the power supply is provided for the device, and meanwhile, the service information, the decryption information, the keyboard password information and the magnetic barcode decryption information are respectively displayed in the corresponding password frames, and the user photo information is stored and is subjected to information interaction with the preset server, so that a guarantee is provided for preventing embezzlement, and meanwhile, data sharing with networks of organizations such as banks, telecommunications, medical care and the like can be realized.
Fig. 2 is a schematic flow chart of self-service data processing according to an embodiment of the present invention.
Optionally, as another embodiment of the present invention, as shown in fig. 2, a self-service data processing method includes the following steps:
reading the graph information to be identified from the electronic equipment;
identifying the graph information to be identified to obtain service information;
reading information to be encrypted from an information card to be identified through a contact type card reader or a non-contact type card reader, encrypting the information to be encrypted according to a pre-loaded SM2 cryptographic algorithm to obtain encrypted information, and sending the encrypted information to the main control module;
and identifying the encrypted information to obtain information to be decrypted, and decrypting the information to be decrypted according to a pre-loaded SM2 cryptographic algorithm to obtain decrypted information.
It is clear to those skilled in the art that, for convenience and brevity of description, the specific working processes of the above-described apparatuses and units may refer to the corresponding processes in the foregoing method embodiments, and are not described herein again.
In the several embodiments provided in the present application, it should be understood that the disclosed apparatus and method may be implemented in other ways. For example, the above-described apparatus embodiments are merely illustrative, and for example, a division of a unit is merely a logical division, and an actual implementation may have another division, for example, a plurality of units or components may be combined or integrated into another system, or some features may be omitted, or not executed.
Units described as separate parts may or may not be physically separate, and parts displayed as units may or may not be physical units, may be located in one place, or may be distributed on a plurality of network units. Some or all of the units can be selected according to actual needs to achieve the purpose of the solution of the embodiment of the present invention.
In addition, functional units in the embodiments of the present invention may be integrated into one processing unit, or each unit may exist alone physically, or two or more units are integrated into one unit. The integrated unit can be realized in a form of hardware, and can also be realized in a form of a software functional unit.
The integrated unit, if implemented in the form of a software functional unit and sold or used as a stand-alone product, may be stored in a computer readable storage medium. It will be understood that the technical solution of the present invention essentially contributes to the prior art, or all or part of the technical solution can be embodied in the form of a software product stored in a storage medium and including instructions for causing a computer device (which may be a personal computer, a server, or a network device) to execute all or part of the steps of the method according to the embodiments of the present invention. And the aforementioned storage medium includes: a U-disk, a removable hard disk, a Read-Only Memory (ROM), a Random Access Memory (RAM), a magnetic disk or an optical disk, and other various media capable of storing program codes.
While the invention has been described with reference to specific embodiments, it will be understood by those skilled in the art that various changes in form and details may be made therein without departing from the spirit and scope of the invention as defined by the appended claims. Therefore, the protection scope of the present invention shall be subject to the protection scope of the claims.
Claims (10)
1. A self-service data processing apparatus, comprising: the graphic information reading module, the main control module and the decryption processing module;
the graphic information reading module is used for reading the graphic information to be identified from the electronic equipment;
the main control module is used for identifying the graphic information to be identified to obtain service information;
the decryption data processing module is used for reading information to be encrypted from an information card to be identified through a contact type card reader or a non-contact type card reader, encrypting the information to be encrypted according to a pre-loaded SM2 cryptographic algorithm to obtain encrypted information, and sending the encrypted information to the main control module;
the main control module is further configured to identify the encrypted information to obtain information to be decrypted, and decrypt the information to be decrypted according to a pre-loaded SM2 cryptographic algorithm to obtain decrypted information.
2. The self-service data processing device according to claim 1, wherein the graphic information to be identified comprises magnetic stripe card information to be identified, two-dimensional code information to be identified and thermal printing information to be identified, and the graphic information reading module comprises a magnetic stripe card data obtaining unit, a two-dimensional code data obtaining unit and a thermal printing data obtaining unit;
the magnetic stripe card data obtaining unit is used for obtaining the information to be identified of the magnetic stripe card from the magnetic stripe card to be identified;
the two-dimensional code data obtaining unit is used for obtaining the information to be identified of the two-dimensional code from the two-dimensional code to be identified;
the thermal printing data obtaining unit is used for obtaining the thermal printing to-be-identified information from the thermal printer to be identified.
3. The self-service data processing device of claim 1, further comprising a password keyboard information reading module, wherein the password keyboard information reading module is configured to obtain keyboard password to-be-identified information from a password keyboard;
the main control module is further used for identifying the information to be identified of the keyboard password to obtain the keyboard password information.
4. The self-service data processing device of claim 1, wherein the de-encrypted data processing module comprises a data processing unit, a security algorithm unit, an information card to be identified acquisition unit, and a data transmission unit;
the information card to be identified acquisition unit is used for reading information to be encrypted from the information card to be identified;
the security algorithm unit is used for encrypting the information to be encrypted according to a pre-loaded SM2 cryptographic algorithm to obtain encrypted information to be identified;
the data processing unit is used for identifying the encrypted information to be identified to obtain encrypted information;
and the data transmission unit is used for sending the encrypted information to the main control module.
5. The self-service data processing device according to claim 3 or 4, further comprising a magnetic barcode acquisition module, wherein the magnetic barcode acquisition module is used for reading magnetic barcode to-be-encrypted information from the magnetic barcode to be identified;
the security algorithm unit is also used for encrypting the information to be encrypted of the magnetic bar code according to a pre-loaded SM2 cryptographic algorithm to obtain the information to be identified of the magnetic bar code;
the data processing unit is also used for identifying the information to be identified of the magnetic bar code to obtain magnetic bar code encryption information;
the data transmission unit is also used for sending the magnetic bar code encryption information to the main control module;
the main control module is further configured to identify the magnetic barcode encrypted information to obtain magnetic barcode information to be decrypted, and decrypt the magnetic barcode information to be decrypted according to a pre-loaded SM2 cryptographic algorithm to obtain magnetic barcode decrypted information.
6. The self-service data processing device of claim 5, wherein the data processing unit is further configured to generate an information reading instruction to be encrypted;
the security algorithm unit is further configured to encrypt the information reading instruction to be encrypted according to a pre-loaded SM2 cryptographic algorithm to obtain the information reading instruction to be encrypted;
the information card to be identified acquisition unit is also used for receiving the information reading instruction to be encrypted;
the security algorithm unit is further configured to decrypt the information reading instruction to be encrypted according to a pre-loaded SM2 cryptographic algorithm to obtain an information reading instruction;
the information card to be identified acquisition unit is also used for reading the information card to be identified according to the information reading instruction to obtain information to be encrypted;
the data processing unit is also used for generating a magnetic bar code information reading instruction to be encrypted;
the security algorithm unit is further used for encrypting the magnetic barcode information reading instruction to be encrypted according to a pre-loaded SM2 cryptographic algorithm to obtain a magnetic barcode information reading instruction to be encrypted;
the magnetic bar code acquisition module is also used for receiving a magnetic bar code information reading instruction to be encrypted;
the security algorithm unit is further used for decrypting the magnetic barcode information reading instruction to be encrypted according to a pre-loaded SM2 cryptographic algorithm to obtain a magnetic barcode information reading instruction;
the magnetic bar code acquisition module is also used for reading the magnetic bar code to be identified according to the magnetic bar code information reading instruction to obtain the information to be encrypted of the magnetic bar code.
7. The self-service data processing device according to claim 6, wherein the information to be encrypted includes contact card data information and non-contact card data information, the information reading instruction includes a contact card information acquisition instruction and a non-contact card information acquisition instruction, and the information card to be identified acquisition unit includes a contact card data acquisition unit and a non-contact card data acquisition unit;
the contact card data obtaining unit is used for obtaining contact card data information from a contact card to be identified according to the contact card information obtaining instruction;
and the non-contact card data obtaining unit is used for obtaining the non-contact card data information from the non-contact card to be identified according to the non-contact card information obtaining instruction.
8. The self-service data processing device of claim 5, further comprising a second generation certificate security module, wherein the magnetic barcode information to be encrypted comprises second generation certificate data information;
the second generation certificate security module is used for obtaining the original encrypted data information of the second generation certificate from the magnetic bar code of the second generation certificate to be identified and decrypting the original encrypted data information of the second generation certificate to obtain the data information of the second generation certificate.
9. A self-service data processing device according to any of claims 1-8, further comprising a power module, a display module, a camera module and a network interface module;
the power supply module is used for providing power for the graphic information reading module, the main control module and the decryption processing module;
the display module is used for respectively displaying the service information, the decryption information, the keyboard password information and the magnetic bar code decryption information in corresponding password frames;
the camera module is used for taking a picture of the user to obtain user picture information;
the main control module is also used for storing the user photo information;
and the network interface module is used for carrying out information interaction with a preset server.
10. A self-service data processing method is characterized by comprising the following steps:
reading the graph information to be identified from the electronic equipment;
identifying the graph information to be identified to obtain service information;
reading information to be encrypted from an information card to be identified through a contact type card reader or a non-contact type card reader, encrypting the information to be encrypted according to a pre-loaded SM2 cryptographic algorithm to obtain encrypted information, and sending the encrypted information to the main control module;
and identifying the encrypted information to obtain information to be decrypted, and decrypting the information to be decrypted according to a pre-loaded SM2 cryptographic algorithm to obtain decrypted information.
Priority Applications (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN202010190735.0A CN111460471A (en) | 2020-03-18 | 2020-03-18 | Self-service data processing device and method |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN202010190735.0A CN111460471A (en) | 2020-03-18 | 2020-03-18 | Self-service data processing device and method |
Publications (1)
| Publication Number | Publication Date |
|---|---|
| CN111460471A true CN111460471A (en) | 2020-07-28 |
Family
ID=71680832
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN202010190735.0A Pending CN111460471A (en) | 2020-03-18 | 2020-03-18 | Self-service data processing device and method |
Country Status (1)
| Country | Link |
|---|---|
| CN (1) | CN111460471A (en) |
Citations (11)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN101231762A (en) * | 2007-08-14 | 2008-07-30 | 郭人和 | Passimeter of train ticket with true name |
| CN201742425U (en) * | 2009-04-16 | 2011-02-09 | 深圳市数智国兴信息科技有限公司 | Non-contact type CPU card multi-application security authentication and encryption system |
| JP2012015623A (en) * | 2010-06-29 | 2012-01-19 | Denso Wave Inc | Ic card reading system and driving control system |
| CN202486808U (en) * | 2012-03-20 | 2012-10-10 | 成都华唯科技有限责任公司 | Health card reader-writer system |
| CN103986582A (en) * | 2014-05-28 | 2014-08-13 | 中国广核集团有限公司 | Data encryption transmission method, device and system based on dynamic encryption technology |
| CN105160242A (en) * | 2015-08-07 | 2015-12-16 | 北京亿速码数据处理有限责任公司 | Certificate loading method and certificate updating method of card reader and card reader |
| CN105205939A (en) * | 2014-08-09 | 2015-12-30 | 北京互帮国际技术有限公司 | Cashing credential reading and writing system and method for self-service terminal |
| CN205091758U (en) * | 2015-08-07 | 2016-03-16 | 北京亿速码数据处理有限责任公司 | Card reader and CPU card transaction system |
| CN106845300A (en) * | 2016-12-02 | 2017-06-13 | 北京握奇智能科技有限公司 | A kind of secure readers and safe card reading method |
| CN106886728A (en) * | 2015-12-16 | 2017-06-23 | 国民技术股份有限公司 | The reading device and method of a kind of smart card |
| CN206506540U (en) * | 2016-08-02 | 2017-09-19 | 天地融科技股份有限公司 | A kind of intelligent cipher key equipment and business handling system |
-
2020
- 2020-03-18 CN CN202010190735.0A patent/CN111460471A/en active Pending
Patent Citations (11)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN101231762A (en) * | 2007-08-14 | 2008-07-30 | 郭人和 | Passimeter of train ticket with true name |
| CN201742425U (en) * | 2009-04-16 | 2011-02-09 | 深圳市数智国兴信息科技有限公司 | Non-contact type CPU card multi-application security authentication and encryption system |
| JP2012015623A (en) * | 2010-06-29 | 2012-01-19 | Denso Wave Inc | Ic card reading system and driving control system |
| CN202486808U (en) * | 2012-03-20 | 2012-10-10 | 成都华唯科技有限责任公司 | Health card reader-writer system |
| CN103986582A (en) * | 2014-05-28 | 2014-08-13 | 中国广核集团有限公司 | Data encryption transmission method, device and system based on dynamic encryption technology |
| CN105205939A (en) * | 2014-08-09 | 2015-12-30 | 北京互帮国际技术有限公司 | Cashing credential reading and writing system and method for self-service terminal |
| CN105160242A (en) * | 2015-08-07 | 2015-12-16 | 北京亿速码数据处理有限责任公司 | Certificate loading method and certificate updating method of card reader and card reader |
| CN205091758U (en) * | 2015-08-07 | 2016-03-16 | 北京亿速码数据处理有限责任公司 | Card reader and CPU card transaction system |
| CN106886728A (en) * | 2015-12-16 | 2017-06-23 | 国民技术股份有限公司 | The reading device and method of a kind of smart card |
| CN206506540U (en) * | 2016-08-02 | 2017-09-19 | 天地融科技股份有限公司 | A kind of intelligent cipher key equipment and business handling system |
| CN106845300A (en) * | 2016-12-02 | 2017-06-13 | 北京握奇智能科技有限公司 | A kind of secure readers and safe card reading method |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| CN201181472Y (en) | Hardware key device and movable memory system | |
| CN100490372C (en) | A method for backup and recovery of encryption key | |
| CN108683509B (en) | Block chain-based secure transaction method, device and system | |
| CN101551784B (en) | Method and device for encrypting data in ATA memory device with USB interface | |
| JP4461145B2 (en) | Computer system and method for SIM device | |
| CN103415855A (en) | Mass storage device memory encryption methods, systems, and apparatus | |
| CN104219044B (en) | A kind of key secret method for being used to encrypt storage device | |
| RU2014132162A (en) | TRANSFER DATA PROTECTION | |
| TW201428529A (en) | A fingerprint authentication system and fingerprint authentication method based on the near field communication (NFC) | |
| CN1825341A (en) | Biometric authentication apparatus, terminal device and automatic transaction machine | |
| CN103020682A (en) | Two-dimension code identification generating device, two-dimension code identification recognition device and two-dimension code identification system of book | |
| JP2008028940A (en) | Information processing system, information processor, mobile terminal, and access control method | |
| CN101488111A (en) | Identification authentication method and system | |
| CN102812487A (en) | A Method And System For Providing An Internet Based Transaction | |
| CN107332660A (en) | A kind of Novel movable data encryption security system | |
| CN102831346A (en) | Method and system for file protection | |
| CN102468962A (en) | Method for personal identity authentication utilizing a personal cryptographic device | |
| KR100968494B1 (en) | Tag security processing method using One Time Password | |
| CN105337742A (en) | LFSR (Linear Feedback Shift Register) file encryption and decryption methods based on human face image features and GPS (Global Position System) information | |
| CN103606223A (en) | Card authentication method and device | |
| EP2910042B1 (en) | Secure information transfer via bar codes | |
| CN102662874A (en) | Double-interface encryption memory card and management method and system of data in double-interface encryption memory card | |
| CN112487839B (en) | Anti-copy RFID safety system | |
| CN104700125A (en) | AES encryption and verification of ultra high frequency radio identification system | |
| CN113595714A (en) | Contactless card with multiple rotating security keys |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| PB01 | Publication | ||
| PB01 | Publication | ||
| SE01 | Entry into force of request for substantive examination | ||
| SE01 | Entry into force of request for substantive examination | ||
| RJ01 | Rejection of invention patent application after publication |
Application publication date: 20200728 |
|
| RJ01 | Rejection of invention patent application after publication |