CN112396738B

CN112396738B - Unlocking method of shared device and related device

Info

Publication number: CN112396738B
Application number: CN202011384664.4A
Authority: CN
Inventors: 孙志豪
Original assignee: Shenzhen Goodix Technology Co Ltd
Current assignee: Shenzhen Goodix Technology Co Ltd
Priority date: 2020-12-01
Filing date: 2020-12-01
Publication date: 2022-11-04
Anticipated expiration: 2040-12-01
Also published as: CN112396738A

Abstract

The embodiment of the application provides an unlocking method of a sharing device and a related device, which relate to the technical field of communication, and the method comprises the following steps: reading an NFC tag number on the sharing device, and sending a device key request to a server to obtain a device key; decrypting the encrypted sharing equipment identification number by using the equipment key to obtain a sharing equipment identification number; sending an authorization request to the server to obtain a device token; unlocking the shared device using the device token. The method provided by the embodiment of the application can simplify the operation of the user and improve the safety.

Description

Unlocking method of shared device and related device

Technical Field

The embodiment of the application relates to the technical field of communication, in particular to an unlocking method of shared equipment and related equipment.

Background

With the continuous development of science and technology, sharing science and technology is more and more widely applied to the life of people, for example, sharing a bicycle, sharing an automobile, sharing a charge pal, sharing an umbrella and the like, and the life of people also becomes more and more convenient. Currently, when a user uses a sharing device, a code scanning manner is generally used, for example, a two-dimensional code is pasted on the sharing device, and the user scans the two-dimensional code on the sharing device to unlock the sharing device, so that the sharing device can be used.

Disclosure of Invention

The embodiment of the application provides an unlocking method of a shared device and related devices, and aims to provide a mode of unlocking the shared device through a Near Field Communication (NFC) technology, so that user operation can be simplified, an interaction process between a terminal of a user and the shared device is simplified, safety is improved, interaction speed is improved, unlocking speed can be accelerated, and use experience of the user can be improved.

In a first aspect, an embodiment of the present application provides an unlocking method for a shared device, including:

reading an NFC tag number on a shared device through NFC, wherein the NFC tag number is used for identifying the identity of an NFC tag on the shared device;

sending an equipment key request to a server, wherein the equipment key request is used for acquiring equipment key information from the server, and the key request comprises an NFC tag number and user identification information, the user identification information is determined by a user identification number, and the user identification number is obtained by registering the terminal to the server;

receiving equipment key information sent by the server, and determining an equipment key based on the equipment key information;

reading an encrypted sharing device identification number on the sharing device through NFC, and decrypting the encrypted sharing device identification number by using the device key to obtain a sharing device identification number, wherein the sharing device identification number is used for identifying the identity of the sharing device;

sending an authorization request to the server, wherein the authorization request is used for obtaining device token information from the server, and the authorization request contains shared device identification information, and the shared device identification information is determined by the shared device identification number;

receiving device token information sent by the server, and determining a device token based on the device token information;

unlocking the shared device using the device token through NFC.

In one possible implementation manner, before the reading, by NFC, an NFC tag number on the shared device, the method further includes:

sending a registration request to the server, wherein the registration request is used for acquiring the user identification number and the transmission key from the server, and the registration request comprises a terminal identification number of the terminal;

and receiving the user identification number and the transmission key sent by the server, wherein the transmission key is used for encrypting or decrypting the information transmitted between the terminal and the server.

In one possible implementation manner, the device key request further includes a terminal identification number, and the user identification information is obtained by encrypting the user identification number by using the transmission key by the terminal.

In one possible implementation manner, the device key information includes an encrypted device key, and determining a device key based on the device key information includes:

and decrypting the encrypted device key by using the transmission key to obtain a device key.

In one possible implementation manner, the authorization request further includes a terminal identification number, and the shared device identification information is obtained by encrypting, by the terminal, the shared device identification number using the transmission key.

In one possible implementation manner, the device token information includes an encrypted device token, and determining the device token based on the device token information includes:

and decrypting the encrypted device token by using the transmission key to obtain the device token.

The embodiment of the application further provides an unlocking method of the shared device, which comprises the following steps:

acquiring a sharing equipment identification number and an NFC tag number of sharing equipment;

creating a mapping relation between the shared device identification number and a preset device token and a mapping relation between the NFC tag number and a preset device key;

receiving an equipment key request sent by a terminal, and acquiring an NFC tag number and user identification information in the equipment key request;

determining a device key based on the NFC tag number and the user identification information, and sending device key information to the terminal, wherein the device key information is determined by the device key;

receiving an authorization request sent by the terminal, and acquiring shared equipment identification information in the authorization request;

and determining a device token based on the shared device identification information, and sending device token information to the terminal, wherein the device token information is determined by the device token.

In one possible implementation manner, before receiving the device key request sent by the terminal, the method further includes:

receiving a registration request of the terminal, and acquiring a terminal identification number of the terminal in the registration request;

creating a user identification number and a transmission key, mapping the terminal identification number and the transmission key, and storing the mapping relation between the terminal identification number and the transmission key;

and sending the user identification number and the transmission key to the terminal.

In one possible implementation manner, the device key request further includes a terminal identification number, the user identification information includes an encrypted user identification number, and determining a device key based on the NFC tag number and the user identification information includes:

inquiring and acquiring a transmission key corresponding to the terminal identification number based on the terminal identification number;

decrypting the encrypted user identification number by using the transmission key to obtain a user identification number;

inquiring whether a user consistent with the user identification number exists;

and if the user consistent with the user identification number exists, inquiring to obtain the equipment key corresponding to the NFC tag number.

In one possible implementation manner, the authorization request further includes a terminal identification number, the shared device identification information includes an encrypted shared device identification number, and determining the device token based on the shared device identification information and the user identification information includes:

decrypting the encrypted sharing equipment identification number by using the transmission key to obtain a sharing equipment identification number;

inquiring the occupation state of the sharing equipment identification number;

if the occupied state of the shared equipment identification number is unoccupied, inquiring to obtain an equipment token corresponding to the shared equipment identification number;

setting the occupation state of the sharing equipment identification number as occupied;

and sending the equipment token to the terminal.

In the embodiment, the shared device does not need to interact with the server in the authorization process, so that the authorization convenience can be improved, and the authorization blockage of the shared device due to network limitation is avoided; in addition, the authorization process is completed by the interaction between the terminal of the user and the server, and the sharing equipment does not need to acquire the personal information of the user, so that the safety of the user data can be improved; and the terminal of the user unlocks the sharing device in an NFC mode, complex operation of the user is not needed, safety can be improved, and operation experience of the user can be improved.

In a second aspect, an embodiment of the present application provides an unlocking apparatus for a shared device, including:

the NFC reading module is used for reading an NFC tag number on a sharing device through NFC, wherein the NFC tag number is used for identifying the identity of an NFC tag on the sharing device;

a first request module, configured to send an apparatus key request to a server, where the apparatus key request is used to obtain apparatus key information from the server, and the key request includes an NFC tag number and user identification information, where the user identification information is determined by a user identification number, and the user identification number is obtained by registering the terminal with the server;

a first receiving module, configured to receive device key information sent by the server, and determine a device key based on the device key information;

a second reading module, configured to read an encrypted sharing device identification number on the sharing device through NFC, and decrypt the encrypted sharing device identification number using the device key to obtain a sharing device identification number, where the sharing device identification number is used to identify an identity of the sharing device;

a second request module, configured to send an authorization request to the server, where the authorization request is used to obtain device token information from the server, and the authorization request includes shared device identification information, where the shared device identification information is determined by the shared device identification number;

the second receiving module is used for receiving the device token information sent by the server and determining a device token based on the device token information;

and the unlocking module is used for unlocking the shared equipment by using the equipment token through NFC.

In one possible implementation manner, the apparatus further includes:

a third request module, configured to send a registration request to the server, where the registration request is used to obtain the user identification number and the transmission key from the server, and the registration request includes a terminal identification number of the terminal;

and the third receiving module is used for receiving the user identification number and the transmission key sent by the server, wherein the transmission key is used for encrypting or decrypting the information transmitted between the terminal and the server.

In one possible implementation manner, the device key request further includes a terminal identification number, and the user identification information is obtained by encrypting, by the terminal, the user identification number by using the transmission key.

In one possible implementation manner, the device key information includes an encrypted device key, and the first receiving module is further configured to decrypt the encrypted device key using the transmission key to obtain the device key.

In one possible implementation manner, the device token information includes an encrypted device token, and the second receiving module is further configured to decrypt the encrypted device token using the transmission key to obtain the device token.

An embodiment of the present application further provides an unlocking apparatus for a shared device, including:

the acquisition module is used for acquiring a sharing equipment identification number and an NFC tag number of the sharing equipment;

the first creating module is used for creating a mapping relation between the shared device identification number and a preset device token and a mapping relation between the NFC tag number and a preset device key;

the first receiving module is used for receiving an equipment key request sent by a terminal and acquiring an NFC tag number and user identification information in the equipment key request;

a first sending module, configured to determine an apparatus key based on the NFC tag number and the user identification information, and send apparatus key information to the terminal, where the apparatus key information is determined by the apparatus key;

a second receiving module, configured to receive an authorization request sent by the terminal, and obtain shared device identification information in the authorization request;

a second sending module, configured to determine a device token based on the shared device identification information, and send device token information to the terminal, where the device token information is determined by the device token.

In one possible implementation manner, the apparatus further includes:

a third receiving module, configured to receive a registration request of the terminal, and obtain a terminal identification number of the terminal in the registration request;

the second establishing module is used for establishing a user identification number and a transmission key, mapping the terminal identification number and the transmission key, and storing the mapping relation between the terminal identification number and the transmission key;

and the third sending module is used for sending the user identification number and the transmission key to the terminal.

In one possible implementation manner, the device key request further includes a terminal identification number, the user identification information includes an encrypted user identification number, and the first sending module includes:

a first query unit, configured to query and obtain a transmission key corresponding to the terminal identification number based on the terminal identification number;

the first decryption unit is used for decrypting the encrypted user identification number by using the transmission key to obtain a user identification number;

the first detection unit is used for inquiring whether a user consistent with the user identification number exists or not;

and the second query unit is used for querying and obtaining the equipment key corresponding to the NFC tag number if a user consistent with the user identification number exists.

In one possible implementation manner, the authorization request further includes a terminal identification number, the shared device identification information includes an encrypted shared device identification number, and the second sending module includes:

a third query unit, configured to query for a transmission key corresponding to the terminal identification number based on the terminal identification number;

the second decryption unit is used for decrypting the encrypted sharing equipment identification number by using the transmission key to obtain a sharing equipment identification number;

the second detection unit is used for inquiring the occupation state of the shared equipment identification number;

a fourth query unit, configured to query and obtain an equipment token corresponding to the shared equipment identification number if the occupied state of the shared equipment identification number is unoccupied;

a setting unit, configured to set an occupied state of the shared device identification number as occupied;

and the sending unit is used for sending the equipment token to the terminal.

In a third aspect, an embodiment of the present application provides a terminal, including:

a memory for storing computer program code, the computer program code including instructions that, when read from the memory by the terminal, cause the terminal to perform the steps of:

and unlocking the shared device by using the device token through NFC.

In one possible implementation manner, when the instruction is executed by the terminal, before the terminal performs the step of reading the NFC tag number on the shared device through NFC, the following step is further performed:

In one possible implementation manner, the device key request further includes a terminal identification number, and the user identification information is obtained by encrypting the user identification number by using the transmission key through the terminal.

In one possible implementation manner, the device key information includes an encrypted device key, and the instruction, when executed by the terminal, causes the terminal to perform the step of determining the device key based on the device key information, including:

In one possible implementation manner, the device token information includes an encrypted device token, and the instruction, when executed by the terminal, causes the terminal to perform the step of determining the device token based on the device token information, including:

An embodiment of the present application further provides a server, including:

a memory for storing computer program code, the computer program code including instructions that, when read from the memory by the server, cause the server to perform the steps of:

In one possible implementation manner, when the instruction is executed by the server, before the server performs the step of receiving the device key request sent by the terminal, the following steps are further performed:

In one possible implementation manner, the device key request further includes a terminal identification number, the user identification information includes an encrypted user identification number, and when the instruction is executed by the server, the server executes the step of determining the device key based on the NFC tag number and the user identification information, where the step of determining the device key includes:

inquiring whether a user consistent with the user identification number exists;

and if the user with the same user identification number exists, inquiring to obtain the equipment key corresponding to the NFC label number.

In one possible implementation manner, the authorization request further includes a terminal identification number, the shared device identification information includes an encrypted shared device identification number, and when the instruction is executed by the server, the server executes a step of determining a device token based on the shared device identification information and the user identification information, where the step of determining the device token includes:

inquiring the occupation state of the sharing equipment identification number;

if the occupation state of the shared equipment identification number is unoccupied, inquiring to obtain an equipment token corresponding to the shared equipment identification number;

setting the occupation state of the shared equipment identification number as occupied;

and sending the equipment token to the terminal.

In a fourth aspect, embodiments of the present application provide a computer-readable storage medium having stored thereon a computer program, which, when run on a computer, causes the computer to perform the method according to the first aspect.

In a fifth aspect, embodiments of the present application provide a computer program, which is configured to perform the method according to the first aspect when the computer program is executed by a computer.

In a possible design, the program of the fifth aspect may be stored in whole or in part on a storage medium packaged with the processor, or in part or in whole on a memory not packaged with the processor.

Drawings

Fig. 1 is a schematic view of an application scenario provided in an embodiment of the present application;

fig. 2 is a schematic flowchart of an embodiment of an unlocking method for a shared device according to the present application;

fig. 3 is a schematic structural diagram of an embodiment of an unlocking device of a sharing device provided in the present application;

fig. 4 is a schematic structural diagram of another embodiment of an unlocking device of a sharing device provided in the present application;

fig. 5 is a schematic structural diagram of a terminal according to an embodiment of the present application;

fig. 6 is a schematic structural diagram of a server according to an embodiment of the present application.

Detailed Description

The technical solutions in the embodiments of the present application will be described below with reference to the drawings in the embodiments of the present application. In the description of the embodiments herein, "/" means "or" unless otherwise specified, for example, a/B may mean a or B; "and/or" herein is merely an association describing an associated object, and means that there may be three relationships, e.g., a and/or B, which may mean: a exists alone, A and B exist simultaneously, and B exists alone.

In the following, the terms "first", "second" are used for descriptive purposes only and are not to be understood as indicating or implying relative importance or implicitly indicating the number of technical features indicated. Thus, a feature defined as "first" or "second" may explicitly or implicitly include one or more of that feature. In the description of the embodiments of the present application, "a plurality" means two or more unless otherwise specified.

At present, a user usually scans a two-dimensional code on a sharing device through a portable terminal (e.g., a mobile phone) to unlock the sharing device, and uses the sharing device after unlocking. However, for a user terminal, the interaction between the terminal and the sharing device is complex, the communication speed is slow, and the security is low in a two-dimensional code scanning mode; the two-dimensional code scanning mode needs to be connected with the mobile internet through the sharing device, however, the sharing device is different from the terminal, the terminal has powerful communication hardware and can meet the communication requirements of users in different scenes, and the sharing device does not usually have the powerful communication hardware, for example, the sharing device is not as fast as the terminal when being connected with the mobile internet; in addition, because the two-dimensional code is fragile, the two-dimensional code is also higher for shared device's maintenance cost.

Based on the above problem, an embodiment of the present application provides an unlocking method for a shared device, which unlocks the shared device by using an NFC manner through a terminal of a user, so that user operation can be simplified, an interaction process between the terminal of the user and the shared device is simplified, security is improved, an interaction speed is improved, and further, an unlocking speed can be increased, so that use experience of the user can be improved.

Referring to fig. 1, an application scenario provided in the embodiment of the present application is illustrated in fig. 1, where the application scenario includes a terminal 100 (e.g., a mobile phone, a smart watch, a smart band, or other smart wearable device), a sharing device 200 (e.g., a sharing bicycle, a sharing automobile, a sharing charger, a sharing umbrella, or other types of sharing devices), and a server 300.

The terminal 100 can be a mobile terminal, which can also be referred to as a terminal Equipment, user Equipment (UE), access terminal, subscriber unit, subscriber station, mobile station, remote terminal, mobile device, user terminal, wireless communication device, user agent, or User device. The Mobile terminal may be a cellular telephone, a cordless telephone, a Personal Digital Assistant (PDA) device, a handheld device, computing device or handheld communication device having wireless communication capabilities, a handheld computing device, a satellite radio, and/or other devices for communicating over a wireless system as well as next generation communication systems, e.g., a Mobile terminal in a 5G Network or a Mobile terminal in a future evolved Public Land Mobile Network (PLMN) Network, etc. The mobile terminal may also be a wearable device. Wearable equipment can also be called wearable intelligent equipment, is the general term of applying wearable technique to carry out intelligent design, develop the equipment that can dress to daily wearing, like glasses, gloves, wrist-watch, dress and shoes etc.. A wearable device is a portable device that is worn directly on the body or integrated into the clothing or accessories of the user. The wearable device is not only a hardware device, but also realizes powerful functions through software support, data interaction and cloud interaction. The generalized wearable intelligent device has the advantages that the generalized wearable intelligent device is complete in function and large in size, can realize complete or partial functions without depending on a smart phone, such as a smart watch or smart glasses, and only is concentrated on a certain application function, and needs to be matched with other devices such as the smart phone for use, such as various smart bracelets for monitoring physical signs, smart jewelry and the like.

The embodiment of the present application does not specifically limit the specific form of the terminal 100 that executes the technical solution.

The terminal 100 includes an NFC Controller (NFCC) chip, and the sharing device 200 includes an NFC Tag (NFC Tag) chip and an electronic lock. The terminal 100 communicates with the sharing device 200 through the NFC method, for example, the terminal 100 may communicate with the NFC Tag chip of the sharing device 200 through the NFCC chip to unlock the electronic lock in the sharing device 200. The terminal 100 communicates with the server 300 by a wireless method (e.g., cellular mobile network or WIFI), which is not particularly limited in this application.

As shown in fig. 2, which is a schematic flow diagram of an embodiment of an unlocking method for a shared device provided in the embodiment of the present application, in order to facilitate the public to fully understand the complete solution of the present invention, steps that various roles and devices in the entire system, such as a shared device manufacturer, a server, a terminal, and a user, need to execute in different stages (a shared device launching and using stage, a user registration stage, and a user using stage) are integrated into the description of the flow according to a timeline, but it should be understood that, for a terminal device implementing unlocking of a shared device, only those steps that the terminal device in the flow needs to execute in a daily unlocking and using process need to execute, that is, it can be understood that an execution main body of the unlocking method for a shared device provided in the embodiment of the present application is mainly a terminal device:

step 101, the server creates an identification mapping table and a password mapping table.

Specifically, the sharing device 200 may be configured to have a sharing device identification number (SDevice ID) and an NFC Tag number (Tag ID) of the sharing device preset by a publisher of the sharing device at the time of factory shipment. The SDevice ID and the Tag ID have a one-to-one mapping relationship, that is, one SDevice ID corresponds to one Tag ID. The SDevice ID is used to identify the identity of the sharing device, and is a unique identifier of the sharing device; in a specific implementation, the SDevice ID may be stored in the NFC Tag chip, and may be, for example, a random number of 16 bytes. Further, to improve security, the SDevice ID may be set to read only, thereby preventing the SDevice ID from being tampered.

The Tag ID is used for identifying the identity of the NFC Tag and is a unique identifier of the NFC Tag; in particular implementation, the Tag ID may also be stored in the NFC Tag chip, and the Tag ID may be a random number of 16bytes, for example. It is understood that the SDevice ID may be stored in the block of SDevice IDs and the Tag ID may be stored in the block of Tag IDs to distinguish the SDevice IDs from the Tag IDs. Further, in order to improve security, the Tag ID may be set to read only, whereby tampering with the Tag ID can be avoided.

Further, after the SDevice ID is set, the issuer of the shared Device may set a corresponding Device Token (Device Token) according to the SDevice ID. Wherein the Device Token is used to unlock the electronic lock on the sharing Device 200, and thus, the Device Token can be stored in the sharing Device 200. It can be understood that one SDevice ID corresponds to one Device Token, and an issuer of the sharing Device may produce a large amount of sharing devices, so that an issuer of the sharing devices may obtain an identification mapping table through the correspondence between the SDevice ID and the Device Token; wherein, the identification mapping table includes the mapping relationship between each SDevice ID and its corresponding Device Token, and the identification mapping table may be stored in the server 300. Shown in table 1 is an identification mapping table:

TABLE 1

Serial number	SDevice ID	Device Token
				1	AAA	aaa
2	BBB	bbb
			3	CCC	ccc
…	…	…

In addition, to improve security, the issuer of the sharing device may encrypt the SDevice ID, and for example, the SDevice ID may be encrypted by a preset encryption key and then stored in the NFC Tag chip of the sharing device 200. The key for encrypting the SDevice ID may be a device key (Tag key), which may be set by an issuer of the shared device in advance. It should be noted that the Tag key may use a symmetric or asymmetric key commonly used in the art, and this is not particularly limited in the embodiment of the present application. One Tag ID corresponds to one Tag key, and the SDevice ID and the Tag ID have one-to-one mapping relation, namely, one Tag key can only decrypt one SDevice ID, so that the safety can be improved. Therefore, an issuer of the shared device can obtain a password mapping table through the corresponding relationship between the Tag ID and the Tag Key; the password mapping table includes a mapping relationship between each Tag ID and its corresponding Tag Key, and the password mapping table may be stored in the server 300. Shown in table 2 is a cipher mapping table:

TABLE 2

Serial number	Tag ID	Tag Key
				1	XXX	xxx
2	YYY	yyy
			3	ZZZ	zzz
…	…	…

The issuer of the sharing device may store the id mapping table and the password mapping table in the server 300 after obtaining the id mapping table and the password mapping table.

In step 102, the terminal 100 sends a registration request to the server 300 to obtain a user identification number.

Specifically, the user may operate on the terminal 100, for example, the user may install an application developed by a publisher of the shared device on the terminal 100, which may be used for the shared device published by the publisher using the shared device. Next, the user may perform account registration on the installed application, and in response to the user's registration operation, the terminal 100 transmits a registration request to the server 300 to obtain the user identification number. The registration request may include an account to be registered by the user and a terminal identification number (UDevice ID) of the terminal 100.

In step 103, the server 300 sends the user identification number and the transmission key to the terminal 100.

Specifically, the server 300 receives a registration request from the terminal 100, and assigns a User identification number (User ID) and a transport corresponding to the UDevice ID to the terminal. Wherein the UDevice ID is used to identify the identity of the terminal 100, and the UDevice ID is a unique identifier of the terminal 100. It is understood that the User ID may be represented by a registered account of the User, for example, the server 300 sets the registered account of the User as the User ID after a registration request of the User; the User ID may also be represented by a random number, for example, after the server 300 registers an account for the User, a random number is additionally allocated to the User, and the random number may be, for example, a number of 16bytes, and is set as the User ID; the embodiment of the present application is not particularly limited to this.

The transport is used to encrypt or encrypt a transmission message between the terminal 100 and the server 300. It can be understood that the transaction and the UDevice ID are corresponding, that is, one UDevice ID corresponds to one transaction, and therefore, the server 300 also stores a user mapping table for identifying the mapping relationship between the UDevice ID and the transaction. It should be noted that the key may use a symmetric or asymmetric key commonly used in the art, and this is not particularly limited in the embodiment of the present application. Shown in table 3 is the user mapping table:

TABLE 3

Serial number	UDevice ID	Transkey
				1	111	xxxxxx
2	222	yyyyyy
			3	333	zzzzzz
…	…	…

After allocating the user identification number and the transmission key to the registered user, the server 300 may send the user identification number and the transmission key to the terminal 100 to complete the registration task of the registered user.

In step 104, the terminal 100 reads the Tag ID of the sharing device 200 through NFC.

Specifically, the user may hold the terminal 100 close to the sharing device 200, for example, the user may close the terminal 100 to the NFC Tag area on the sharing device 200, thereby enabling the terminal 100 to read the Tag ID in the NFC Tag chip of the sharing device 200 through the NFCC chip.

In step 105, the terminal 100 sends a device Key request to the server 300 to obtain the Tag Key.

Specifically, after reading the Tag ID in the shared device 200, the terminal 100 sends a device Key request to the server 300, where the device Key request is used to obtain the Tag Key, and the device Key request includes a User ID and the Tag ID.

Optionally, in order to improve security, before the terminal 100 sends the device key request to the server 300, the User ID may be encrypted, for example, the terminal 100 may encrypt the User ID by using a transport issued by the server 300, so as to obtain an encrypted User ID. At this time, the terminal 100 may transmit a device key request including the encryption User ID, the Tag ID, and the UDevice ID to the server 300.

In step 106, the server 300 receives the device key request transmitted from the terminal 100, and authenticates the user.

Specifically, the server 300 may read the content in the device key request after receiving the device key request sent by the terminal 100. If the User ID is encrypted before the terminal 100 sends the encrypted User ID, the device key request includes the encrypted User ID, the Tag ID, and the UDevice ID, and the server 300 may read the encrypted User ID, the Tag ID, and the UDevice ID, perform an inquiry based on the UDevice ID, and obtain a passkey corresponding to the UDevice ID. Then, the server 300 can decrypt the encrypted User ID using the passkey to obtain the User ID. If the User ID is not encrypted before the terminal 100 sends the request, the device key request includes the User ID and the Tag ID, and the server 300 can read the User ID and the Tag ID.

When the server 300 obtains the User ID, the User may be authenticated based on the User ID. For example, the server 300 may query whether a User corresponding to the User ID is stored in the server 300 to complete authentication; if the server 300 stores the User corresponding to the User ID, it indicates that the User has already registered, and the User is a valid User, step 107 may be further performed; if the server 300 does not find the User corresponding to the User ID, it indicates that the User is not registered, and the User is an illegal User, step 108 may be further performed.

In step 107, if the server 300 determines that the user is a valid user, the server may query a corresponding Tag Key based on the Tag ID, and may send the queried Tag Key to the terminal 100.

Optionally, to improve security, the server 300 may encrypt the Tag Key before sending the Tag Key. For example, the server 300 may encrypt the Tag Key using the passkey obtained by querying in step 106 to obtain the encrypted Tag Key. Then, the server 300 can transmit the encrypted Tag Key to the terminal 100.

In step 108, if the server 300 determines that the user is an illegal user, it may feed back failure information to the terminal 100 and reject the device key request.

In step 109, the terminal 100 receives the Tag Key sent by the server 300, and reads the encrypted SDevice ID in the sharing device 200 using the Tag Key to obtain the SDevice ID.

Specifically, after the terminal 100 receives the Tag Key sent by the server 300, the encrypted SDevice ID in the NFC Tag chip of the sharing device 200 may be read through NFC, and the encrypted SDevice ID may be decrypted by using the Tag Key, so that the SDevice ID may be obtained.

If the terminal 100 receives the encrypted Tag Key, the encrypted Tag Key can be decrypted by using a transport stored in the terminal 100, so as to obtain the Tag Key.

In step 110, the terminal 100 sends an authorization request to the server 300.

Specifically, when the terminal 100 reads the SDevice ID, it may send an authorization request to the server 300. Wherein the authorization request is used to obtain a device token for the shared device 200. The authorization request may include the SDevice ID.

Optionally, to improve security, the terminal 100 may encrypt the SDevice ID before sending the authorization request. Illustratively, the terminal 100 may encrypt the SDevice ID using the stored transport, and may thereby obtain the encrypted SDevice ID. Next, the terminal 100 may transmit an authorization request including the encrypted SDevice ID and the UDevice ID encrypted by the transport to the server 300.

In step 111, the server 300 receives the authorization request sent by the terminal 100, and verifies the authorization request.

Specifically, after receiving the authorization request sent by the terminal 100, the server 300 may read the content in the authorization request, where if the SDevice ID is encrypted before the terminal 100 sends, the authorization request includes an encrypted SDevice ID and an encrypted UDevice ID, and the server 300 may read the encrypted SDevice ID and the encrypted UDevice ID, perform an inquiry based on the encrypted SDevice ID, and obtain a passkey corresponding to the encrypted UDevice ID. Next, the server 300 may decrypt the encrypted SDevice ID using the transport to obtain the SDevice ID. If the SDevice ID is not encrypted before the terminal 100 sends the request, the server 300 may read the SDevice ID included in the authorization request.

The server 300 may then detect the unlocked state of the sharing device 200 to complete the verification of the authorization request. Wherein the unlocked state includes unlocked and unlocked. The unlocked state of the sharing device 200 may be characterized by the occupied state of the SDevice ID. For example, if the occupied status of the SDevice ID is occupied, it may indicate that the sharing device 200 is in an unlocked state, that is, the sharing device 200 is occupied by other users; if the occupied state of the SDevice ID is unoccupied, it may indicate that the sharing device 200 is in an unlocked state, that is, the sharing device 200 is not occupied by other users.

If the server 300 determines that the SDevice ID is occupied, step 112 is further performed.

If the server 300 determines that the SDevice ID is not occupied, step 113 is further executed.

In step 112, the server 300 rejects the authorization request of the terminal 100, and feeds back failure information to the terminal 100.

Optionally, the server 300 may further send a prompt message to the terminal 100, where the prompt message is used to identify the reason for the authorization failure. Illustratively, the prompt message may be a text message, such as: the "the shared device is occupied", or may be other prompt information, which is not particularly limited in this embodiment of the present application.

In step 113, the server 300 obtains the Device Token based on the SDevice ID, for example, the server 300 may obtain the Device Token based on a mapping relationship query between the SDevice ID and the Device Token stored in advance. Then, the server 300 may transmit the Device Token to the terminal 100.

Optionally, to improve security, the server 300 may further encrypt the Device Token before transmitting the Device Token to the terminal 100. For example, the server 300 may encrypt the Device Token based on the passkey obtained by the query in step 111 to obtain an encrypted Device Token. Then, the server 300 may transmit the encrypted Device Token to the terminal 100.

Further, the server 300 may also set the occupied status of the SDevice ID to occupied.

In step 114, the terminal 100 initiates an unlocking request to the sharing device 200 through NFC.

Specifically, after receiving the Device Token, the terminal 100 may initiate an unlocking request to the sharing Device 200 through NFC, where the unlocking request includes the Device Token.

It should be noted that, if the terminal 100 receives the encrypted Device Token, the terminal 100 may decrypt the encrypted Device Token using the prestored transport, so as to obtain the Device Token, and then the terminal 100 may send the Device Token to the sharing Device 200 to initiate the unlocking request. If the terminal 100 receives the unencrypted Device Token, the terminal 100 may directly send the Device Token to the sharing Device 200 to initiate the unlocking request.

In step 115, the sharing Device 200 receives the Device Token and verifies the Device Token.

Specifically, after receiving the Device Token sent by the terminal 200, the sharing Device 200 may compare the Device Token with a Device Token stored in advance; if the Device Token is consistent with the pre-stored Device Token, step 116 may be further executed; if the Device Token is not consistent with the pre-stored Device Token, step 117 may be further performed.

In step 116, the sharing device 200 unlocks the electronic lock.

Optionally, after the sharing device 200 unlocks the electronic lock, an unlocking success prompt message may be further sent to the terminal 100, where the prompt message is used to prompt the user that the electronic lock of the sharing device 200 is unlocked, and the sharing device 200 may be used by the user. It is to be understood that the prompt message may be a text or a graphic, and this is not particularly limited in this embodiment of the application.

In step 117, the sharing device 200 rejects the unlocking request sent by the terminal 100, and sends an unlocking failure prompt message to the terminal 200, where the unlocking failure prompt message may be used to prompt the user that the unlocking is failed this time.

In the embodiment, the shared device does not need to interact with the server in the authorization process, so that the authorization convenience can be improved, and the authorization blockage of the shared device due to the limitation of the local area network can be avoided; in addition, the authorization process is completed by the interaction between the terminal of the user and the server, and the sharing equipment does not need to acquire the personal information of the user, so that the safety of the user data can be improved; and the terminal of the user unlocks the sharing device in an NFC mode, complex operation of the user is not needed, safety can be improved, and operation experience of the user can be improved.

Fig. 3 is a schematic structural diagram of an embodiment of an unlocking apparatus of a sharing device according to the present application, and as shown in fig. 3, the unlocking apparatus 30 of the sharing device may include: a first reading module 31, a first request module 32, a first receiving module 33, a second reading module 34, a second request module 35, a second receiving module 36, and an unlocking module 37;

a first reading module 31, configured to read an NFC tag number on a shared device, where the NFC tag number is used to identify an identity of an NFC tag on the shared device;

a first request module 32, configured to send an apparatus key request to a server, where the apparatus key request is used to obtain apparatus key information from the server, and the key request includes an NFC tag number and user identification information, where the user identification information is determined by a user identification number, and the user identification number is obtained by registering the terminal with the server;

a first receiving module 33, configured to receive device key information sent by the server, and determine a device key based on the device key information;

a second reading module 34, configured to read an encrypted shared device identification number on the shared device, and decrypt the encrypted shared device identification number using the device key to obtain a shared device identification number, where the shared device identification number is used to identify an identity of the shared device;

a second request module 35, configured to send an authorization request to the server, where the authorization request is used to obtain device token information from the server, and the authorization request includes shared device identification information, where the shared device identification information is determined by the shared device identification number;

a second receiving module 36, configured to receive the device token information sent by the server, and determine a device token based on the device token information;

an unlocking module 37, configured to unlock the shared device using the device token.

In one possible implementation manner, the apparatus 30 further includes: a third request module 38 and a third receiving module 39;

a third request module 38, configured to send a registration request to the server, where the registration request is used to obtain the user identification number and the transmission key from the server, and the registration request includes the terminal identification number of the terminal;

a third receiving module 39, configured to receive the user identifier and the transmission key sent by the server, where the transmission key is used to encrypt or decrypt information transmitted between the terminal and the server.

In one possible implementation manner, the device key information includes an encrypted device key, and the first receiving module 33 is further configured to decrypt the encrypted device key by using the transmission key to obtain the device key.

In one possible implementation manner, the device token information includes an encrypted device token, and the second receiving module 36 is further configured to decrypt the encrypted device token by using the transmission key to obtain the device token.

Fig. 4 is a schematic structural diagram of another embodiment of an unlocking apparatus of a sharing device according to the present application, and as shown in fig. 4, the unlocking apparatus 40 of the sharing device may include: an obtaining module 41, a first creating module 42, a first receiving module 43, a first sending module 44, a second receiving module 45, and a second sending module 46;

an obtaining module 41, configured to obtain a sharing device identification number and an NFC tag number of a sharing device;

a first creating module 42, configured to create a mapping relationship between the shared device identification number and a preset device token, and a mapping relationship between the NFC tag number and a preset device key;

a first receiving module 43, configured to receive a device key request sent by a terminal, and obtain an NFC tag number and user identification information in the device key request;

a first sending module 44, configured to determine a device key based on the NFC tag number and the user identification information, and send device key information to the terminal, where the device key information is determined by the device key;

a second receiving module 45, configured to receive an authorization request sent by the terminal, and obtain shared device identification information in the authorization request;

a second sending module 46, configured to determine a device token based on the shared device identification information, and send device token information to the terminal, where the device token information is determined by the device token.

In one possible implementation manner, the apparatus 40 further includes: a third receiving module 47, a second creating module 48 and a third sending module 49;

a third receiving module 47, configured to receive a registration request of the terminal, and obtain a terminal identification number of the terminal in the registration request;

a second creating module 48, configured to create a user identification number and a transmission key, map the terminal identification number with the transmission key, and store a mapping relationship between the terminal identification number and the transmission key;

a third sending module 49, configured to send the user identifier and the transmission key to the terminal.

In one possible implementation manner, the device key request further includes a terminal identification number, the user identification information includes an encrypted user identification number, and the first sending module 44 includes: a first query unit 441, a first decryption unit 442, a first detection unit 443, and a second query unit 444;

a first query unit 441, configured to query and obtain a transmission key corresponding to the terminal identification number based on the terminal identification number;

a first decryption unit 442, configured to decrypt the encrypted user identification number using the transmission key to obtain a user identification number;

a first detecting unit 443 configured to query whether there is a user who is consistent with the user identification number;

a second querying unit 444, configured to query for a device key corresponding to the NFC tag number if there is a user that is consistent with the user identification number.

In one possible implementation manner, the authorization request further includes a terminal identification number, the shared device identification information includes an encrypted shared device identification number, and the second sending module 46 includes:

a third querying unit 461, configured to query and obtain a transmission key corresponding to the terminal identification number based on the terminal identification number;

a second decryption unit 462, configured to decrypt the encrypted sharing device identification number using the transmission key to obtain a sharing device identification number;

a second detecting unit 463, configured to query an occupation state of the shared device identification number;

a fourth querying unit 464, configured to query to obtain a device token corresponding to the shared device identification number if the occupied state of the shared device identification number is unoccupied;

a setting unit 465 configured to set an occupied state of the shared device identification number to occupied;

a sending unit 466, configured to send the device token to the terminal.

It should be understood that the division of the modules of the unlocking apparatus of the shared device shown in fig. 3 and 4 is only a logical division, and the actual implementation may be wholly or partially integrated into one physical entity or may be physically separated. And these modules can be realized in the form of software called by processing element; or may be implemented entirely in hardware; and part of the modules can be realized in the form of calling by the processing element in software, and part of the modules can be realized in the form of hardware. For example, the detection module may be a separate processing element, or may be implemented by being integrated in a chip of the terminal. Other modules are implemented similarly. In addition, all or part of the modules can be integrated together or can be independently realized. In implementation, each step of the above method or each module above may be implemented by an integrated logic circuit of hardware in a processor element or an instruction in the form of software.

For example, the above modules may be one or more integrated circuits configured to implement the above methods, such as: one or more Application Specific Integrated Circuits (ASICs), or one or more microprocessors (DSPs), or one or more Field Programmable Gate Arrays (FPGAs), among others. For another example, these modules may be integrated together and implemented in the form of a System-On-a-Chip (SOC)

Fig. 5 is a schematic structural diagram of the terminal 100. The terminal 100 may be configured to perform the functions/steps of the methods provided by the embodiments of fig. 1 and 2 of the present application.

As shown in fig. 5, the terminal 100 may include a processor 110, an external memory interface 120, an internal memory 121, an antenna 1, an antenna 2, a mobile communication module 150, a wireless communication module 160, a display screen 194, and a Subscriber Identification Module (SIM) card interface 195, etc.

It is to be understood that the illustrated structure of the embodiment of the present invention does not specifically limit the terminal 100. In other embodiments of the present application, terminal 100 may include more or fewer components than shown, or some components may be combined, some components may be split, or a different arrangement of components. The illustrated components may be implemented in hardware, software, or a combination of software and hardware.

Processor 110 may include one or more processing units, such as: the processor 110 may include an Application Processor (AP), a modem processor, a Graphics Processing Unit (GPU), an Image Signal Processor (ISP), a controller, a video codec, a Digital Signal Processor (DSP), a baseband processor, and/or a neural-Network Processing Unit (NPU), etc. The different processing units may be separate devices or may be integrated into one or more processors.

The controller can generate an operation control signal according to the instruction operation code and the timing signal to complete the control of instruction fetching and instruction execution.

A memory may also be provided in processor 110 for storing instructions and data. In some embodiments, the memory in the processor 110 is a cache memory. The memory may hold instructions or data that have just been used or recycled by the processor 110. If the processor 110 needs to reuse the instruction or data, it can be called directly from the memory. Avoiding repeated accesses reduces the latency of the processor 110, thereby increasing the efficiency of the system.

The wireless communication function of the terminal 100 may be implemented by the antenna 1, the antenna 2, the mobile communication module 150, the wireless communication module 160, a modem processor, a baseband processor, and the like.

Both antennas 1 and 2 may be used to transmit and receive electromagnetic wave signals. Each antenna in terminal 100 may be used to cover a single or multiple communication bands. Different antennas can also be multiplexed to improve the utilization of the antennas. For example: the antenna 1 may be multiplexed as a diversity antenna for a wireless local area network, although a separate antenna may be provided for each communication scheme in consideration of simplicity of design and influence of other factors. In other embodiments, the antenna may be used in conjunction with a tuning switch.

The mobile communication module 150 may provide a solution including 2G/3G/4G/5G wireless communication and the like applied to the terminal 100. The mobile communication module 150 may include at least one filter, a switch, a power amplifier, a Low Noise Amplifier (LNA), and the like. The mobile communication module 150 may receive the electromagnetic wave from the antenna 1, filter, amplify, etc. the received electromagnetic wave, and transmit the electromagnetic wave to the modem processor for demodulation. The mobile communication module 150 may also amplify the signal modulated by the modem processor, and convert the signal into electromagnetic wave through the antenna 1 to radiate the electromagnetic wave. In some embodiments, at least some of the functional modules of the mobile communication module 150 may be disposed in the processor 110. In some embodiments, at least some of the functional modules of the mobile communication module 150 may be disposed in the same device as at least some of the modules of the processor 110.

The wireless communication module 160 may provide solutions for wireless communication applied to the terminal 100, including Wireless Local Area Networks (WLANs) (e.g., wireless fidelity (Wi-Fi) networks), bluetooth (BT), global Navigation Satellite System (GNSS), frequency Modulation (FM), near Field Communication (NFC), infrared (IR), and the like. The wireless communication module 160 may be one or more devices integrating at least one communication processing module. The wireless communication module 160 receives electromagnetic waves via the antenna 2, performs frequency modulation and filtering processing on electromagnetic wave signals, and transmits the processed signals to the processor 110. The wireless communication module 160 may also receive a signal to be transmitted from the processor 110, perform frequency modulation and amplification on the signal, and convert the signal into electromagnetic waves through the antenna 2 to radiate the electromagnetic waves.

In some embodiments, the antenna 1 of the terminal 100 is coupled to the mobile communication module 150 and the antenna 2 is coupled to the wireless communication module 160 so that the terminal 100 can communicate with a network and other devices through a wireless communication technology. The wireless communication technology may include global system for mobile communications (GSM), general Packet Radio Service (GPRS), code division multiple access (code division multiple access, CDMA), wideband Code Division Multiple Access (WCDMA), time-division code division multiple access (time-division code division multiple access, TD-SCDMA), long Term Evolution (LTE), BT, GNSS, WLAN, NFC, FM, and/or IR technologies, etc. The GNSS may include a Global Positioning System (GPS), a global navigation satellite system (GLONASS), a beidou navigation satellite system (BDS), a quasi-zenith satellite system (QZSS), and/or a Satellite Based Augmentation System (SBAS).

The terminal 100 implements a display function through the GPU, the display screen 194, and the application processor, etc. The GPU is a microprocessor for image processing, and is connected to the display screen 194 and an application processor. The GPU is used to perform mathematical and geometric calculations for graphics rendering. The processor 110 may include one or more GPUs that execute program instructions to generate or alter display information.

The display screen 194 is used to display images, video, and the like. The display screen 194 includes a display panel. The display panel may adopt a Liquid Crystal Display (LCD), an organic light-emitting diode (OLED), an active-matrix organic light-emitting diode (active-matrix organic light-emitting diode, AMOLED), a flexible light-emitting diode (FLED), a miniature, a Micro-oeld, a quantum dot light-emitting diode (QLED), and the like. In some embodiments, the terminal 100 may include 1 or N display screens 194, N being a positive integer greater than 1.

The internal memory 121 may be used to store computer-executable program code, which includes instructions. The internal memory 121 may include a program storage area and a data storage area. The storage program area may store an operating system, an application program (such as a sound playing function, an image playing function, etc.) required by at least one function, and the like. The storage data area may store data (e.g., audio data, a phonebook, etc.) created during use of the terminal 100, and the like. In addition, the internal memory 121 may include a high speed random access memory, and may also include a non-volatile memory, such as at least one magnetic disk storage device, a flash memory device, a Universal Flash Storage (UFS), and the like. The processor 110 executes various functional applications of the terminal 100 and data processing by executing instructions stored in the internal memory 121 and/or instructions stored in a memory provided in the processor.

The SIM card interface 195 is used to connect a SIM card. The SIM card can be attached to and detached from the terminal 100 by being inserted into the SIM card interface 195 or being pulled out of the SIM card interface 195. The terminal 100 may support 1 or N SIM card interfaces, where N is a positive integer greater than 1. The SIM card interface 195 may support a Nano SIM card, a Micro SIM card, a SIM card, etc. The same SIM card interface 195 can be inserted with multiple cards at the same time. The types of the plurality of cards can be the same or different. The SIM card interface 195 is also compatible with different types of SIM cards. The SIM card interface 195 may also be compatible with external memory cards. The terminal 100 interacts with the network through the SIM card to implement functions such as communication and data communication. In some embodiments, the terminal 100 employs esims, namely: an embedded SIM card. The eSIM card can be embedded in the terminal 100 and cannot be separated from the terminal 100.

FIG. 6 is a schematic block diagram of an embodiment of a server 300 of the present application; as shown in fig. 6, the server 300 may be a data processing device, or may be a circuit device built in the data processing device. The server 300 may be used to perform the functions/steps of the methods provided by the embodiments of the present application shown in fig. 1 and 2.

As shown in FIG. 6, the server 300 is in the form of a general purpose computing device.

The components of the server 300 described above may include, but are not limited to: one or more processors 310, a communication interface 320, a memory 330, a communication bus 340 connecting the various system components (including the memory 330 and the processors 310), a database 350; and one or more computer programs.

Communication bus 340 represents one or more of any of several types of bus structures, including a memory bus or memory controller, a peripheral bus, an accelerated graphics port, and a processor or local bus using any of a variety of bus architectures. These architectures include, but are not limited to, industry Standard Architecture (ISA) bus, micro Channel Architecture (MAC) bus, enhanced ISA bus, video Electronics Standards Association (VESA) local bus, and Peripheral Component Interconnect (PCI) bus, to name a few.

The server typically includes a variety of computer system readable media. Such media may be any available media that is accessible by the server and includes both volatile and nonvolatile media, removable and non-removable media.

Memory 330 may include computer system readable media in the form of volatile Memory, such as Random Access Memory (RAM) and/or cache Memory. The server may further include other removable/non-removable, volatile/nonvolatile computer system storage media. Memory 330 may include at least one program product having a set (e.g., at least one) of program modules that are configured to carry out the functions of embodiments of the present description.

A program/utility having a set (at least one) of program modules, including but not limited to an operating system, one or more application programs, other program modules, and program data, may be stored in memory 330, each of which examples or some combination may include an implementation of a network environment. The program modules generally perform the functions and/or methodologies of the embodiments described herein.

The processor 310 executes various functional applications and data processing by running programs stored in the memory 330, for example, implementing the unlocking method of the shared device provided in the embodiments shown in fig. 1 and fig. 2 of the present specification.

In the above embodiments, the processors may include, for example, a CPU, a DSP, a microcontroller, or a digital Signal processor, and may further include a GPU, an embedded Neural Network Processor (NPU), and an Image Signal Processing (ISP), and the processors may further include necessary hardware accelerators or logic Processing hardware circuits, such as an ASIC, or one or more integrated circuits for controlling the execution of the program according to the technical solution of the present application. Further, the processor may have the functionality to operate one or more software programs, which may be stored in the storage medium.

The embodiment of the present specification provides a non-transitory computer readable storage medium, which stores computer instructions that, when executed on a computer, cause the computer to perform the unlocking method of a shared device provided by the embodiment shown in fig. 1 and fig. 2 of the present specification.

The non-transitory computer readable storage medium described above may take any combination of one or more computer readable media. The computer readable medium may be a computer readable signal medium or a computer readable storage medium. A computer readable storage medium may be, for example, but not limited to, an electronic, magnetic, optical, electromagnetic, infrared, or semiconductor system, apparatus, or device, or any combination of the foregoing. More specific examples (a non-exhaustive list) of the computer readable storage medium would include the following: an electrical connection having one or more wires, a portable computer diskette, a hard disk, a Random Access Memory (RAM), a Read Only Memory (ROM), an Erasable Programmable Read Only Memory (EPROM), a flash Memory, an optical fiber, a portable compact disc Read Only Memory (CD-ROM), an optical storage device, a magnetic storage device, or any suitable combination of the foregoing. In the context of this document, a computer readable storage medium may be any tangible medium that can contain, or store a program for use by or in connection with an instruction execution system, apparatus, or device.

A computer readable signal medium may include a propagated data signal with computer readable program code embodied therein, for example, in baseband or as part of a carrier wave. Such a propagated data signal may take any of a variety of forms, including, but not limited to, electro-magnetic, optical, or any suitable combination thereof. A computer readable signal medium may also be any computer readable medium that is not a computer readable storage medium and that can communicate, propagate, or transport a program for use by or in connection with an instruction execution system, apparatus, or device.

Program code embodied on a computer readable medium may be transmitted using any appropriate medium, including but not limited to wireless, wireline, optical fiber cable, RF, etc., or any suitable combination of the foregoing.

Computer program code for carrying out operations for aspects of the present description may be written in any combination of one or more programming languages, including an object oriented programming language such as Java, smalltalk, C + + or the like and conventional procedural programming languages, such as the "C" programming language or similar programming languages. The program code may execute entirely on the user's computer, partly on the user's computer, as a stand-alone software package, partly on the user's computer and partly on a remote computer or entirely on the remote computer or server. In the case of a remote computer, the remote computer may be connected to the user's computer through any type of Network, including a Local Area Network (LAN) or a Wide Area Network (WAN), or the connection may be made to an external computer (for example, through the Internet using an Internet service provider).

The foregoing description has been directed to specific embodiments of this disclosure. Other embodiments are within the scope of the following claims. In some cases, the actions or steps recited in the claims may be performed in a different order than in the embodiments and still achieve desirable results. In addition, the processes depicted in the accompanying figures do not necessarily require the particular order shown, or sequential order, to achieve desirable results. In some embodiments, multitasking and parallel processing may also be possible or may be advantageous.

In the description of the specification, reference to the description of the term "one embodiment," "some embodiments," "an example," "a specific example," or "some examples," etc., means that a particular feature, structure, material, or characteristic described in connection with the embodiment or example is included in at least one embodiment or example of the specification. In this specification, the schematic representations of the terms used above are not necessarily intended to refer to the same embodiment or example. Furthermore, the particular features, structures, materials, or characteristics described may be combined in any suitable manner in any one or more embodiments or examples. Moreover, various embodiments or examples and features of various embodiments or examples described in this specification can be combined and combined by one skilled in the art without being mutually inconsistent.

Furthermore, the terms "first", "second" and "first" are used for descriptive purposes only and are not to be construed as indicating or implying relative importance or implicitly indicating the number of technical features indicated. Thus, a feature defined as "first" or "second" may explicitly or implicitly include at least one such feature. In the description of the present specification, "a plurality" means at least two, e.g., two, three, etc., unless explicitly defined otherwise.

Any process or method descriptions in flow charts or otherwise described herein may be understood as representing modules, segments, or portions of code which include one or more executable instructions for implementing steps of a custom logic function or process, and alternate implementations are included within the scope of the preferred embodiment of the present description in which functions may be executed out of order from that shown or discussed, including substantially concurrently or in reverse order, depending on the functionality involved, as would be understood by those reasonably skilled in the art of the embodiments of the present description.

In the several embodiments provided in this specification, it should be understood that the disclosed system, apparatus, and method may be implemented in other ways. For example, the above-described apparatus embodiments are merely illustrative, and for example, the division of the units is only one logical division, and there may be other divisions in actual implementation, for example, a plurality of units or components may be combined or integrated into another system, or some features may be omitted, or not executed. In addition, the shown or discussed mutual coupling or direct coupling or communication connection may be an indirect coupling or communication connection through some interfaces, devices or units, and may be in an electrical, mechanical or other form.

In addition, functional units in the embodiments of the present specification may be integrated into one processing unit, or each unit may exist alone physically, or two or more units are integrated into one unit. The integrated unit can be realized in a form of hardware, or in a form of hardware plus a software functional unit.

The integrated unit implemented in the form of a software functional unit may be stored in a computer readable storage medium. The software functional unit is stored in a storage medium and includes several instructions to enable a computer device (which may be a personal computer, a server, or a network device) or a Processor (Processor) to execute some steps of the methods described in the embodiments of the present disclosure. And the aforementioned storage medium includes: a U disk, a removable hard disk, a Read-Only Memory (ROM), a Random Access Memory (RAM), a magnetic disk or an optical disk, and other various media capable of storing program codes.

The above description is only a preferred embodiment of the present disclosure, and should not be taken as limiting the present disclosure, and any modifications, equivalents, improvements and the like made within the spirit and principle of the present disclosure should be included in the protection scope of the present disclosure.

Claims

1. An unlocking method of a shared device is applied to a terminal, and is characterized in that the method comprises the following steps:

unlocking the shared device using the device token through NFC.

2. The method of claim 1, wherein prior to reading the NFC tag number on the shared device via NFC, the method further comprises:

3. The method according to claim 2, wherein the device key request further includes a terminal identification number, and the user identification information is obtained by the terminal by encrypting the user identification number using the transmission key.

4. The method of claim 2, wherein the device key information comprises an encrypted device key, and wherein determining the device key based on the device key information comprises:

5. The method according to claim 2, wherein the authorization request further includes a terminal identification number, and the shared device identification information is obtained by the terminal by encrypting the shared device identification number using the transmission key.

6. The method of claim 2, wherein the device token information comprises an encrypted device token, and wherein determining the device token based on the device token information comprises:

7. An unlocking method of a shared device is applied to a server, and is characterized in that the method comprises the following steps:

receiving a registration request of a terminal, and acquiring a terminal identification number of the terminal in the registration request;

sending the user identification number and the transmission key to the terminal;

receiving an equipment key request sent by the terminal, and acquiring an NFC tag number and user identification information in the equipment key request;

8. The method of claim 7, wherein the device key request further includes a terminal identification number, wherein the user identification information includes an encrypted user identification number, and wherein determining a device key based on the NFC tag number and the user identification information comprises:

inquiring whether a user consistent with the user identification number exists;

9. The method of claim 7, wherein the authorization request further includes a terminal identification number, wherein the shared device identification information includes an encrypted shared device identification number, and wherein determining the device token based on the shared device identification information and the user identification information comprises:

inquiring the occupation state of the sharing equipment identification number;

and sending the equipment token to the terminal.

10. A terminal, comprising: a memory for storing computer program code, the computer program code comprising instructions which, when read from the memory by the terminal, cause the terminal to perform the steps of:

unlocking the shared device using the device token through NFC.

11. The terminal of claim 10, wherein the instructions, when executed by the terminal, cause the terminal to perform the following further steps prior to performing the step of reading an NFC tag number on a shared device via NFC:

12. The terminal according to claim 11, wherein the device key request further includes a terminal identification number, and the user identification information is obtained by the terminal by encrypting the user identification number using the transmission key.

13. The terminal of claim 11, wherein the device key information comprises an encrypted device key, and wherein the instructions, when executed by the terminal, cause the terminal to perform the step of determining the device key based on the device key information comprises:

14. The terminal according to claim 11, wherein the authorization request further includes a terminal identification number, and the shared device identification information is obtained by the terminal by encrypting the shared device identification number using the transmission key.

15. The terminal of claim 11, wherein the device token information comprises an encrypted device token, and wherein the instructions, when executed by the terminal, cause the terminal to perform the step of determining a device token based on the device token information comprises:

16. A server, comprising: a memory for storing computer program code, the computer program code comprising instructions that, when read from the memory by the server, cause the server to perform the steps of:

determining an equipment key based on the NFC tag number and the user identification information, and sending equipment key information to the terminal, wherein the equipment key information is determined by the equipment key;

17. The server of claim 16, wherein the device key request further includes a terminal identification number, wherein the user identification information includes an encrypted user identification number, and wherein the instructions, when executed by the server, cause the server to perform the step of determining a device key based on the NFC tag number and the user identification information comprises:

inquiring whether a user consistent with the user identification number exists;

18. The server of claim 16, wherein the authorization request further comprises a terminal identification number, wherein the shared device identification information comprises an encrypted shared device identification number, and wherein the instructions, when executed by the server, cause the server to perform the step of determining a device token based on the shared device identification information and the user identification information comprises:

inquiring the occupation state of the sharing equipment identification number;

and sending the equipment token to the terminal.

19. A computer-readable storage medium, comprising computer instructions, which when executed on the terminal, cause the terminal to perform the method for unlocking the shared device according to any one of claims 1 to 6.

20. A computer-readable storage medium comprising computer instructions which, when run on the server, cause the server to perform the method of unlocking the shared device according to any one of claims 7-9.

21. A computer program product, which, when run on a computer, causes the computer to perform a method of unlocking a shared device as claimed in any one of claims 1 to 9.