CN113596841B - Authentication control method and system for user identity identification card - Google Patents
Authentication control method and system for user identity identification card Download PDFInfo
- Publication number
- CN113596841B CN113596841B CN202111067715.5A CN202111067715A CN113596841B CN 113596841 B CN113596841 B CN 113596841B CN 202111067715 A CN202111067715 A CN 202111067715A CN 113596841 B CN113596841 B CN 113596841B
- Authority
- CN
- China
- Prior art keywords
- authentication
- mobile terminal
- user identity
- identification card
- identity identification
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Active
Links
Images
Classifications
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04W—WIRELESS COMMUNICATION NETWORKS
- H04W12/00—Security arrangements; Authentication; Protecting privacy or anonymity
- H04W12/06—Authentication
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04W—WIRELESS COMMUNICATION NETWORKS
- H04W12/00—Security arrangements; Authentication; Protecting privacy or anonymity
- H04W12/40—Security arrangements using identity modules
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04W—WIRELESS COMMUNICATION NETWORKS
- H04W12/00—Security arrangements; Authentication; Protecting privacy or anonymity
- H04W12/60—Context-dependent security
- H04W12/69—Identity-dependent
- H04W12/72—Subscriber identity
Landscapes
- Engineering & Computer Science (AREA)
- Computer Security & Cryptography (AREA)
- Computer Networks & Wireless Communication (AREA)
- Signal Processing (AREA)
- Telephone Function (AREA)
Abstract
The embodiment of the invention provides an authentication control method and an authentication control system for a user identity identification card, wherein the method is characterized in that an authentication control application program is deployed on a mobile terminal, so that the mobile terminal can call an application protocol data unit instruction of the user identity identification card arranged in the mobile terminal under the instruction of the authentication control application program, and the authentication control information carried by the application protocol data unit instruction controls the user identity identification card to execute an authentication process, so that the authentication process of the user identity identification card can be controlled by the authentication control application program deployed on the mobile terminal, the user identity identification card is prevented from leaking important information in the authentication process, and the safety and the confidentiality in the authentication process are further improved.
Description
Technical Field
The embodiment of the invention relates to the technical field of identity authentication, in particular to an authentication control method and system for a user identity identification card.
Background
The rapid development of mobile network communication technology greatly improves the communication level of people. Network users can use the network to make video calls, voice chats, make calls, send short messages, and the like. Generally, before using a network, a user needs to handle a Subscriber Identity Module (SIM) card in a network operator, and then perform network login authentication on the SIM, after the authentication is passed, the authority of accessing the SIM card to the network is opened, and the user can access a signal network by using the SIM card, and data information in the process of using the SIM card by the user is also stored in the SIM card.
In the related art, each SIM card corresponds to an International Mobile Subscriber unique identifier (IMSI) and an authentication key. After a user installs an SIM card into a mobile terminal, the mobile terminal directly reads series information in the SIM card and sends an authentication request to the SIM card to request the SIM to start authentication, in the authentication process, the SIM sends the authentication request to a network terminal, the network terminal generates a random number, then an authentication result SRES and a call encryption key are calculated by using the IMSI and the authentication key stored in the SIM, meanwhile, the SIM card terminal also generates the authentication result SRES and the call encryption key according to the random number generated by the network terminal, the IMSI and the authentication key, and if the calculation results of the network terminal and the SIM are the same, the authentication is successful. After the authentication is successful, the user can log on the network to use the network.
However, in the authentication method, the authentication can be completed only by interaction between the SIM card and the network, and the authentication process cannot be controlled, so that important information is easily leaked in the authentication process, and the security and confidentiality of the authentication process are reduced.
Disclosure of Invention
The embodiment of the invention provides an authentication control method and an authentication control system for a user identity identification card, which are characterized in that an authentication control application program is deployed on a mobile terminal, so that the mobile terminal can call an application protocol data unit of the user identity identification card arranged in the mobile terminal under the instruction of the authentication control application program, and the user identity identification card can execute an authentication process according to authentication control information, thereby solving the problem of low safety and confidentiality in the authentication process in the prior art.
A first aspect of an embodiment of the present invention provides an authentication control method for a user identification card, which is applied to a mobile terminal, where the mobile terminal is provided with the user identification card therein, and the mobile terminal is deployed with an authentication control application program, and the method includes:
the mobile terminal calls an application protocol data unit instruction of the user identity identification card under the instruction of the authentication control application program, wherein the application protocol data unit instruction carries authentication control information;
the mobile terminal sends the application protocol data unit instruction to the user identification card, and the authentication control information is used for controlling the authentication process of the user identification card.
Optionally, the invoking the application protocol data unit instruction of the user identification card includes:
and the mobile terminal acquires an access key and calls the application protocol data unit instruction according to the access key.
Optionally, before the invoking of the application protocol data unit instruction of the user identification card, the method further includes:
and the mobile terminal acquires the authentication state and the authentication key of the user identity identification card at a server under the instruction of the authentication control application program, and executes the next step when the authentication state is not authenticated.
A second aspect of the embodiments of the present invention provides an authentication control method for a user identification card, which is applied to the user identification card, and the method includes:
receiving an application protocol data unit instruction sent by a mobile terminal, wherein the application protocol data unit instruction carries authentication control information, and the application protocol data unit instruction is an application protocol data unit instruction of the user identity identification card called by the mobile terminal under the instruction of an authentication control application program;
and executing an authentication process according to the authentication control information.
Optionally, the authentication control information includes an authentication time period;
the executing the authentication process according to the authentication control information comprises:
and the authentication process is completed through the authentication request sent by the mobile terminal in the authentication time period according to the authentication request.
Optionally, the method further includes:
and receiving an access key sent by a server, and sending the access key to a mobile terminal so that the mobile terminal calls an application protocol data unit instruction of the user identity identification card according to the access key after acquiring the access key.
A third aspect of an embodiment of the present invention provides an authentication control system for a user identity card, including: the mobile terminal comprises a mobile terminal and a user identity identification card, wherein the user identity identification card is arranged in the mobile terminal, and the mobile terminal is provided with an authentication control application program;
the mobile terminal calls an application protocol data unit instruction of the user identity identification card under the instruction of the authentication control application program, wherein the application protocol data unit instruction carries authentication control information;
the mobile terminal sends the application protocol data unit instruction to the user identity identification card;
and the user identity identification card receives an application protocol data unit instruction sent by the mobile terminal and executes an authentication process according to the authentication control information.
A fourth aspect of an embodiment of the present invention provides a computer device, including: at least one processor and memory;
the memory stores computer-executable instructions;
the at least one processor executes the computer-executable instructions stored in the memory, so that the at least one processor executes the authentication control method for the user identification card according to the first aspect or the second aspect of the embodiments of the present invention.
A fifth aspect of the embodiments of the present invention provides a computer-readable storage medium, where a computer executable instruction is stored in the computer-readable storage medium, and when a processor executes the computer executable instruction, the method for controlling authentication of a subscriber identity module card according to the first aspect or the second aspect of the embodiments of the present invention is implemented.
A sixth aspect of the embodiments of the present invention provides a computer program product, including a computer program, where the computer program, when executed by a processor, implements the method for controlling authentication of a user identity card according to the first aspect or the second aspect of the embodiments of the present invention.
The embodiment of the invention provides an authentication control method of a user identity identification card, which is characterized in that an authentication control application program is deployed on a mobile terminal, so that the mobile terminal can call an application protocol data unit instruction of the user identity identification card arranged in the mobile terminal under the instruction of the authentication control application program, and the application protocol data unit instruction carries authentication control information; therefore, after the mobile terminal sends the application protocol data unit instruction to the user identity identification card, the authentication process of the user identity identification card can be controlled through the application protocol data unit instruction, and the authentication can not be independently completed only through the user identity identification card arranged in the mobile terminal, so that the authentication process of the user identity identification card can be controlled by an authentication control application program deployed by the mobile terminal, and the safety and the confidentiality in the authentication process are improved.
Drawings
In order to more clearly illustrate the embodiments of the present invention or the technical solutions in the prior art, the drawings used in the description of the embodiments or the prior art will be briefly described below, and it is obvious that the drawings in the following description are only some embodiments of the present invention, and for those skilled in the art, other drawings can be obtained according to these drawings without creative efforts.
FIG. 1 is a flow chart illustrating an authentication method of a conventional SIM card;
fig. 2 is a flowchart illustrating an authentication control method for a subscriber identity card according to an exemplary embodiment of the present invention;
fig. 3 is a flowchart illustrating an authentication control method for a subscriber identity card according to another exemplary embodiment of the present invention;
fig. 4 is an architecture diagram illustrating an authentication control system for a subscriber identity card according to an exemplary embodiment of the present invention;
fig. 5 is a schematic structural diagram of a computer device according to an exemplary embodiment of the present invention.
Detailed Description
In order to make the objects, technical solutions and advantages of the embodiments of the present invention clearer, the technical solutions in the embodiments of the present invention will be clearly and completely described below with reference to the drawings in the embodiments of the present invention, and it is obvious that the described embodiments are only a part of the embodiments of the present invention, and not all of the embodiments. All other embodiments, which can be derived by a person skilled in the art from the embodiments given herein without making any creative effort, shall fall within the protection scope of the present invention.
The terms "first," "second," "third," "fourth," and the like in the description and in the claims, as well as in the drawings, if any, are used for distinguishing between similar elements and not necessarily for describing a particular sequential or chronological order. It is to be understood that the data so used is interchangeable under appropriate circumstances such that the embodiments of the invention described herein are, for example, capable of operation in sequences other than those illustrated or otherwise described herein. Furthermore, the terms "comprises," "comprising," and "having," and any variations thereof, are intended to cover a non-exclusive inclusion, such that a process, method, system, article, or apparatus that comprises a list of steps or elements is not necessarily limited to those steps or elements expressly listed, but may include other steps or elements not expressly listed or inherent to such process, method, article, or apparatus.
Fig. 1 is a flow chart illustrating an authentication method of a conventional subscriber identity module card. In the related art, after a user installs an SIM card in a mobile terminal, the mobile terminal automatically reads series information in the SIM card and sends an authentication request to the SIM card after being powered on, in the authentication process, as shown in fig. 1, the SIM sends an authentication request to a network terminal, the authentication request includes an IMSI and an authentication key Ki corresponding to the SIM card, the network terminal generates a random number RAND, and then calculates an authentication result SRES and a call encryption key Kc by using the IMSI and the authentication key stored in the SIM, and the SIM terminal also generates an authentication result SRES and a call encryption key Kc according to the random number RAND, the IMSI and the authentication key Ki generated by the network terminal, and if the network terminal and the SIM have the same calculation result, the authentication is successful. After the authentication is successful, the user can log on the network to use the network. However, in the authentication method, the authentication can be completed only by interaction between the SIM card and the network terminal, and the authentication process cannot be controlled, so that important information is easily leaked in the authentication process, and the safety and the confidentiality of the authentication process are reduced.
Aiming at the defect, the technical scheme of the invention mainly comprises the following steps: by deploying the authentication control Application program at the mobile terminal, the mobile terminal can call an Application Protocol Data Unit (APDU) instruction of a user identity identification card arranged in the mobile terminal under the instruction of the authentication control Application program, and the APDU instruction carries authentication control information; therefore, after the mobile terminal sends the application protocol data unit instruction to the user identity identification card, the authentication process of the user identity identification card can be controlled through the application protocol data unit instruction, and the authentication can not be independently completed only through the user identity identification card arranged in the mobile terminal, so that the authentication process of the user identity identification card can be controlled by an authentication control application program deployed by the mobile terminal, and the safety and the confidentiality in the authentication process are improved.
Fig. 2 is a flowchart illustrating an authentication control method for a user identification card according to an exemplary embodiment of the present invention, where the present embodiment describes the authentication control method by taking execution of a mobile terminal as an example.
It should be noted that, in this embodiment, a user identity card is disposed in the mobile terminal, and the mobile terminal is deployed with an authentication control application program.
As shown in fig. 2, the method provided by the present embodiment may include the following steps;
s201, the mobile terminal calls an application protocol data unit instruction of the user identity identification card under the instruction of the authentication control application program, and the application protocol data unit instruction carries authentication control information.
In particular, the APDU) is a communication unit between the card reader and the SIM card, the authentication control application deployed in the mobile terminal invokes an APDU command of the SIM card, where the APDU command includes authentication control information, and triggers an authentication function of the SIM card by invoking an ADPI command of the SIM card, so as to control network capabilities of the terminal user, such as making a call, sending a short message, and surfing the internet.
S202, the mobile terminal sends the application protocol data unit instruction to the user identity identification card, and the authentication control information is used for controlling the authentication process of the user identity identification card.
Specifically, after the mobile terminal calls the APDU command of the SIM card, the APDU command is sent to the SIM card installed in the mobile terminal, so as to control the authentication of the SIM card.
For example, the mobile phone App may send an APDU command, which requires the SIM card to request network authentication through the mobile phone operating system or the communication module (or the communication module directly communicates with the SIM card through the 7816 interface) within the validity period of 30 minutes, and complete the authentication.
In this embodiment, by deploying the authentication control application program in the mobile terminal, the mobile terminal can call an application protocol data unit instruction of the user identity card arranged in the mobile terminal under the instruction of the authentication control application program, and the application protocol data unit instruction carries authentication control information; therefore, after the mobile terminal sends the application protocol data unit instruction to the user identity identification card, the authentication process of the user identity identification card can be controlled through the application protocol data unit instruction, and the authentication can not be independently completed only through the user identity identification card arranged in the mobile terminal, so that the authentication process of the user identity identification card can be controlled by an authentication control application program deployed by the mobile terminal, and the safety and the confidentiality in the authentication process are further improved.
In one or more possible embodiments, the invoking an app pdu instruction of the user id card comprises: and the mobile terminal acquires an access key and calls the application protocol data unit instruction according to the access key.
Specifically, the APDU command can be called only by a correct access key, generally, the service end stores the access key of each SIM card, the service end sends the access key to the SIM card, the authentication control APP obtains the access key from the SIM card, and the application protocol data unit command is called according to the access key.
In one or more possible embodiments, before the invoking the application protocol data unit instruction of the user identification card, the method further includes: and the mobile terminal acquires the authentication state and the authentication key of the user identity identification card at a server under the instruction of the authentication control application program, and executes the next step when the authentication state is not authenticated.
Specifically, the authentication state and the authentication key of each SIM card are uniformly stored in the server for communication with the SIM card, so that the authentication control process of the SIM card is prevented from being cracked. Therefore, the authentication control APP deployed in the mobile terminal needs to obtain an authentication state and an authentication key corresponding to the SIM card at the server, and when the authentication state is not authenticated, invokes an APDU instruction of the SIM card, thereby triggering the authentication of the SIM card.
Fig. 3 is a flowchart illustrating an authentication control method for a subscriber identity module card according to another exemplary embodiment of the present invention, where the present embodiment describes the authentication control method by taking an execution of an SIM card as an example.
As shown in fig. 3, the method provided by the present embodiment may include the following steps;
s301, receiving an application protocol data unit instruction sent by a mobile terminal, wherein the application protocol data unit instruction carries authentication control information, and the application protocol data unit instruction is an application protocol data unit instruction of the user identity identification card called by the mobile terminal under the instruction of an authentication control application program.
In particular, an APDU) is a communication unit between a card reader and an SIM card, an authentication control application deployed by a mobile terminal calls an APDU command of the SIM card, the APDU command includes authentication control information, and an authentication function of the SIM card is triggered by calling an ADPI command of the SIM card, so as to control network capabilities of a terminal user such as making a call, sending a short message, accessing the internet and the like.
S302, executing authentication process according to the authentication control information.
Specifically, after the mobile terminal calls the APDU command of the SIM card, the APDU command is sent to the SIM card installed in the mobile terminal, so as to control the authentication of the SIM card.
For example, the mobile phone App may send an APDU command, which requires the SIM card to request network authentication through the mobile phone operating system or the communication module (or the communication module directly communicates with the SIM card through the 7816 interface) within the validity period of 30 minutes, and complete the authentication.
In this embodiment, by deploying the authentication control application program in the mobile terminal, the mobile terminal can call an application protocol data unit instruction of the user identity card arranged in the mobile terminal under the instruction of the authentication control application program, and the application protocol data unit instruction carries authentication control information; therefore, after the mobile terminal sends the application protocol data unit instruction to the user identity identification card, the authentication process of the user identity identification card can be controlled through the application protocol data unit instruction, and the authentication can not be independently completed only through the user identity identification card arranged in the mobile terminal, so that the authentication process of the user identity identification card can be controlled by an authentication control application program deployed by the mobile terminal, and the safety and the confidentiality in the authentication process are improved.
In one or more possible embodiments, the authentication control information includes an authentication time period; the executing the authentication process according to the authentication control information comprises: and the authentication process is completed through the authentication request sent by the mobile terminal in the authentication time period according to the authentication request.
Specifically, after the mobile terminal is started, the mobile terminal automatically reads the series information of the SIM card, then calls an APDU command through the authentication control APP to send an authentication request to the SIM card, after the SIM card receives the APDU command, the SIM card analyzes the APDU command to obtain an authentication time period in the authentication control information, and the authentication request is passed in the authentication time period to complete the whole authentication process.
It should be noted that the authentication process in this embodiment is similar to the authentication process in the prior art, and will not be described in detail here.
In one or more possible embodiments, the method further comprises: and receiving an access key sent by a server, and sending the access key to a mobile terminal so that the mobile terminal calls an application protocol data unit instruction of the user identity identification card according to the access key after acquiring the access key.
Specifically, the APDU command can be called only by a correct access key, generally, the service end stores the access key of each SIM card, the service end sends the access key to the SIM card, the authentication control APP obtains the access key from the SIM card, and the application protocol data unit command is called according to the access key.
In this embodiment, if the SIM card does not receive the APDU instruction sent by the authentication control App within the limited time, the SIM card rejects all subsequent network authentication certifications. That is to say, the authentication of the SIM card is controlled by the authentication control APP deployed in the mobile terminal, thereby ensuring the security and confidentiality in the authentication process.
Fig. 4 is an architecture diagram illustrating an authentication control system for a subscriber identity card according to an exemplary embodiment of the present invention.
As shown in fig. 4, the system provided in this embodiment includes: the mobile terminal comprises a mobile terminal 401 and a user identity identification card 402, wherein the user identity identification card is arranged in the mobile terminal, and the mobile terminal is provided with an authentication control application program; the mobile terminal calls an application protocol data unit instruction of the user identity identification card under the instruction of the authentication control application program, wherein the application protocol data unit instruction carries authentication control information; the mobile terminal sends the application protocol data unit instruction to the user identity identification card; and the user identity identification card receives an application protocol data unit instruction sent by the mobile terminal and executes an authentication process according to the authentication control information.
Further, the system further comprises: the server 403, where the authentication state and the authentication key of each SIM card are stored in the server, is used to communicate with the SIM card, so as to prevent the authentication control process of the SIM card from being cracked. Therefore, the authentication control APP deployed in the mobile terminal needs to obtain an authentication state and an authentication key corresponding to the SIM card at the service end, and when the authentication state is not authenticated, invokes an APDU instruction of the SIM card, thereby triggering the authentication of the SIM card.
Further, the service end is also used for sending an access key to the SIM card to encrypt the binary short message, the access key is used for accessing an APDU instruction of the SIM card, the mobile terminal obtains the access key, and the APDU instruction of the SIM card is called according to the access key.
In this embodiment, by deploying the authentication control application program in the mobile terminal, the mobile terminal can call an application protocol data unit instruction of the user identity card arranged in the mobile terminal under the instruction of the authentication control application program, and the application protocol data unit instruction carries authentication control information; therefore, after the mobile terminal sends the application protocol data unit instruction to the user identity identification card, the authentication process of the user identity identification card can be controlled through the application protocol data unit instruction, the authentication can not be independently completed only through the user identity identification card arranged in the mobile terminal, and the authentication function can be triggered only after the SIM card receives the APDU instruction sent by the authentication APP deployed by the mobile terminal, so that the authentication process of the user identity identification card can be controlled by the authentication control application program deployed by the mobile terminal, and the safety and the confidentiality in the authentication process are further improved.
The detailed description of the method embodiments above may be referred to for specific functional implementation of each module provided in this embodiment.
Fig. 5 is a schematic structural diagram of a computer device according to an exemplary embodiment of the present invention. As shown in fig. 5, the present embodiment provides a computer apparatus 50 including: at least one processor 501 and memory 502. The processor 501 and the memory 502 are connected by a bus 503.
In a specific implementation, the at least one processor 501 executes the computer-executable instructions stored in the memory 502, so that the at least one processor 501 executes the method in the above-described method embodiments.
For a specific implementation process of the processor 501, reference may be made to the above method embodiments, which implement the similar principle and technical effect, and this embodiment is not described herein again.
In the embodiment shown in fig. 5, it should be understood that the Processor may be a Central Processing Unit (CPU), other general purpose processors, a Digital Signal Processor (DSP), an Application Specific Integrated Circuit (ASIC), etc. A general purpose processor may be a microprocessor or the processor may be any conventional processor or the like. The steps of a method disclosed in connection with the present invention may be embodied directly in a hardware processor, or in a combination of hardware and software modules.
The memory may comprise high speed RAM memory and may also include non-volatile storage NVM, such as at least one disk memory.
The bus may be an Industry Standard Architecture (ISA) bus, a Peripheral Component Interconnect (PCI) bus, an Extended ISA (EISA) bus, or the like. The bus may be divided into an address bus, a data bus, a control bus, etc. For ease of illustration, the buses in the figures of the present application are not limited to only one bus or one type of bus.
Another embodiment of the present application provides a computer-readable storage medium, where computer-executable instructions are stored in the computer-readable storage medium, and when a processor executes the computer-executable instructions, the method for controlling authentication of a user identity card in the above method embodiments is implemented.
Another embodiment of the present application provides a computer program product, which includes a computer program, and when the computer program is executed by a processor, the computer program implements the method for controlling authentication of a subscriber identity module card according to the first aspect of the embodiments of the present invention.
The computer-readable storage medium may be implemented by any type of volatile or non-volatile storage device or combination thereof, such as Static Random Access Memory (SRAM), electrically erasable programmable read-only memory (EEPROM), erasable programmable read-only memory (EPROM), programmable read-only memory (PROM), read-only memory (ROM), magnetic memory, flash memory, magnetic or optical disk. Readable storage media can be any available media that can be accessed by a general purpose or special purpose computer.
An exemplary readable storage medium is coupled to the processor such the processor can read information from, and write information to, the readable storage medium. Of course, the readable storage medium may also be an integral part of the processor. The processor and the readable storage medium may reside in an Application Specific Integrated Circuits (ASIC). Of course, the processor and the readable storage medium may also reside as discrete components in the apparatus.
Those of ordinary skill in the art will understand that: all or a portion of the steps of implementing the above-described method embodiments may be performed by hardware associated with program instructions. The program may be stored in a computer-readable storage medium. When executed, the program performs steps comprising the method embodiments described above; and the aforementioned storage medium includes: various media that can store program codes, such as ROM, RAM, magnetic or optical disks.
Finally, it should be noted that: the above embodiments are only used to illustrate the technical solution of the present invention, and not to limit the same; while the invention has been described in detail and with reference to the foregoing embodiments, it will be understood by those skilled in the art that: the technical solutions described in the foregoing embodiments may still be modified, or some or all of the technical features may be equivalently replaced; and the modifications or the substitutions do not make the essence of the corresponding technical solutions depart from the scope of the technical solutions of the embodiments of the present invention.
Claims (7)
1. An authentication control method of a user identity card is characterized in that the method is applied to a mobile terminal, the user identity card is arranged in the mobile terminal, and an authentication control application program is deployed on the mobile terminal, the method comprises the following steps:
the mobile terminal obtains the authentication state and the authentication key of the user identity identification card at a server under the instruction of the authentication control application program, obtains an access key from the user identity identification card when the authentication state is not authenticated, and calls an application protocol data unit instruction of the user identity identification card according to the access key, wherein the application protocol data unit instruction carries authentication control information;
the mobile terminal sends the application protocol data unit instruction to the user identity identification card, and the authentication control information is used for controlling the authentication process of the user identity identification card.
2. An authentication control method for a user identification card is applied to the user identification card, and is characterized by comprising the following steps: receiving an application protocol data unit instruction sent by a mobile terminal, wherein the application protocol data unit instruction carries authentication control information, and the application protocol data unit instruction is the application protocol data unit instruction of the user identity identification card, which is called by a server side according to an access key when the authentication state is unauthenticated, and the authentication state and the authentication key of the user identity identification card are acquired by the mobile terminal under the instruction of an authentication control application program;
and executing the authentication process of the user identity identification card according to the authentication control information.
3. The method of claim 2, wherein the authentication control information comprises an authentication time period;
the executing the authentication process according to the authentication control information comprises:
and the authentication process is completed through the authentication request sent by the mobile terminal in the authentication time period according to the authentication request.
4. The method of claim 2 or 3, further comprising:
and receiving an access key sent by a server, and sending the access key to a mobile terminal so that the mobile terminal calls an application protocol data unit instruction of the user identity identification card according to the access key after acquiring the access key.
5. An authentication control system for a subscriber identity module card, comprising: the mobile terminal comprises a mobile terminal and a user identity identification card, wherein the user identity identification card is arranged in the mobile terminal, and the mobile terminal is provided with an authentication control application program;
the mobile terminal obtains an authentication state and an authentication key of the user identity identification card at a server under the instruction of the authentication control application program, obtains an access key from the user identity identification card when the authentication state is not authenticated, and calls an application protocol data unit instruction of the user identity identification card according to the access key, wherein the application protocol data unit instruction carries authentication control information;
the mobile terminal sends the application protocol data unit instruction to the user identity identification card;
and the user identity identification card receives an application protocol data unit instruction sent by the mobile terminal and executes the authentication process of the user identity identification card according to the authentication control information.
6. A computer device, comprising: at least one processor and memory;
the memory stores computer-executable instructions;
the at least one processor executing the computer-executable instructions stored by the memory causes the at least one processor to perform the method of authentication control of a subscriber identity card according to any of claims 1 or 2-4.
7. A computer-readable storage medium, wherein the computer-readable storage medium stores computer-executable instructions, and when the computer-executable instructions are executed by a processor, the method for controlling authentication of a subscriber identity card according to any one of claims 1 or 2 to 4 is implemented.
Priority Applications (1)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
CN202111067715.5A CN113596841B (en) | 2021-09-13 | 2021-09-13 | Authentication control method and system for user identity identification card |
Applications Claiming Priority (1)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
CN202111067715.5A CN113596841B (en) | 2021-09-13 | 2021-09-13 | Authentication control method and system for user identity identification card |
Publications (2)
Publication Number | Publication Date |
---|---|
CN113596841A CN113596841A (en) | 2021-11-02 |
CN113596841B true CN113596841B (en) | 2023-04-07 |
Family
ID=78241997
Family Applications (1)
Application Number | Title | Priority Date | Filing Date |
---|---|---|---|
CN202111067715.5A Active CN113596841B (en) | 2021-09-13 | 2021-09-13 | Authentication control method and system for user identity identification card |
Country Status (1)
Country | Link |
---|---|
CN (1) | CN113596841B (en) |
Citations (4)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
WO2001093528A2 (en) * | 2000-05-31 | 2001-12-06 | Gemplus | Method for secure communication between a network and a terminal smart card |
CN107333263A (en) * | 2017-06-12 | 2017-11-07 | 浙江神州量子网络科技有限公司 | A kind of follow-on SIM card and mobile communication personal identification method and system |
CN108012268A (en) * | 2017-12-08 | 2018-05-08 | 北京虎符信息技术有限公司 | A kind of mobile phone terminal SIM card and the method for safe handling App, medium |
DE102017009312A1 (en) * | 2017-10-06 | 2019-04-11 | Giesecke+Devrient Mobile Security Gmbh | Chipset with distributed SIM functionalities and USIM applications of different authentication types |
Family Cites Families (4)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN103260172A (en) * | 2012-02-21 | 2013-08-21 | 东南大学常州研究院 | Device and method for monitoring telephone number of user |
CN103747443B (en) * | 2013-11-29 | 2017-03-15 | 厦门盛华电子科技有限公司 | One kind is based on cellphone subscriber's identification card Multi-security domain device and its method for authenticating |
CN105704706A (en) * | 2016-04-13 | 2016-06-22 | 苏州蜗牛数字科技股份有限公司 | Virtual card authentication method and system based on bi-channel mobile terminal |
CN111052780B (en) * | 2018-03-29 | 2021-09-21 | 华为技术有限公司 | SIM card authentication method and terminal |
-
2021
- 2021-09-13 CN CN202111067715.5A patent/CN113596841B/en active Active
Patent Citations (4)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
WO2001093528A2 (en) * | 2000-05-31 | 2001-12-06 | Gemplus | Method for secure communication between a network and a terminal smart card |
CN107333263A (en) * | 2017-06-12 | 2017-11-07 | 浙江神州量子网络科技有限公司 | A kind of follow-on SIM card and mobile communication personal identification method and system |
DE102017009312A1 (en) * | 2017-10-06 | 2019-04-11 | Giesecke+Devrient Mobile Security Gmbh | Chipset with distributed SIM functionalities and USIM applications of different authentication types |
CN108012268A (en) * | 2017-12-08 | 2018-05-08 | 北京虎符信息技术有限公司 | A kind of mobile phone terminal SIM card and the method for safe handling App, medium |
Also Published As
Publication number | Publication date |
---|---|
CN113596841A (en) | 2021-11-02 |
Similar Documents
Publication | Publication Date | Title |
---|---|---|
CN109787991B (en) | Secret-free login method, device, equipment and storage medium based on mobile terminal | |
US12035416B2 (en) | ESIM card change method and related device | |
CN108989263B (en) | Short message verification code attack protection method, server and computer readable storage medium | |
EP3528160B1 (en) | Method, system and terminal for encrypting/decrypting application program on communication terminal | |
US9992678B2 (en) | Network locking or card locking method and device for a mobile terminal, terminal, SIM card, storage media | |
CN108989291B (en) | Login verification method, automatic login verification method, server side and client side | |
EP1827049B1 (en) | Authentication vector generating device, subscriber authentication module, mobile communication system and authentication vector generation method | |
CN109196891B (en) | Method, terminal and server for managing subscription data set | |
CN105592072A (en) | Method for obtaining login certification in intelligent terminal, intelligent terminal and operation system thereof | |
CN111581616A (en) | Multi-terminal login control method and device | |
CN107508784B (en) | Application login method and terminal equipment | |
KR20210011577A (en) | Apparatus and Method for Personal authentication using Sim Toolkit and Applet | |
CN112165458B (en) | Real-name authentication method, device and terminal | |
CN113596841B (en) | Authentication control method and system for user identity identification card | |
CN107809758B (en) | SIM card information protection method and device | |
CN111586673B (en) | Method, device, system and storage medium for reusing IMSI in configuration file | |
CN113824691A (en) | Method for implementing silent login strategy applied by mobile terminal third party H5 | |
CN110366161B (en) | Card opening method and device, related equipment and storage medium | |
CN108123954B (en) | Business handling method and terminal equipment | |
CN112800414A (en) | Bank card registration method and device and storage medium | |
CN109088854B (en) | Access method and device of shared application and readable storage medium | |
CN111049808A (en) | Real-name authentication method and device | |
CN108990058B (en) | Soft SIM and embedded security unit | |
CN105557004B (en) | A kind of processing unit and method of data | |
CN116346361B (en) | Identity verification and live video broadcast based combined calling method, terminal and system |
Legal Events
Date | Code | Title | Description |
---|---|---|---|
PB01 | Publication | ||
PB01 | Publication | ||
SE01 | Entry into force of request for substantive examination | ||
SE01 | Entry into force of request for substantive examination | ||
GR01 | Patent grant | ||
GR01 | Patent grant |