CN113645627A

CN113645627A - Security control method and device for transaction, smart card and storage medium

Info

Publication number: CN113645627A
Application number: CN202010635144.XA
Authority: CN
Inventors: 刘辉
Original assignee: China Mobile Communications Group Co Ltd; China Mobile Communications Ltd Research Institute
Current assignee: China Mobile Communications Group Co Ltd; China Mobile Communications Ltd Research Institute
Priority date: 2020-07-03
Filing date: 2020-07-03
Publication date: 2021-11-12

Abstract

The application discloses a safety control method and device for transaction, a smart card and a storage medium. Wherein the method comprises the following steps: receiving a transaction request; the transaction request is initiated for a first application on the smart card; detecting a state of the first application in response to the transaction request; the state of the first application comprises one of a logged-off state and a logged-off state; security control a transaction for the first application based on the detected state of the first application.

Description

Security control method and device for transaction, smart card and storage medium

Technical Field

The present application relates to the field of wireless communications, and in particular, to a method and an apparatus for controlling security of a transaction, a smart card, and a storage medium.

Background

With the rapid development of various digital technologies, the modern society has stepped into the digital era, various digital applications such as digital currency, digital wallets, electronic public transport cards and the like have come into existence, and users can realize digital transactions through the digital applications, so that great convenience is brought to daily life.

However, in practical applications, after a carrier carrying the digital application, such as a mobile phone, is lost, an illegal user can still continue to use the digital application to perform offline transactions, which causes potential risks to transactions and brings economic losses to legitimate users of the mobile phone.

Disclosure of Invention

In order to solve technical problems in the related art, embodiments of the present application provide a method and an apparatus for controlling security of a transaction, a smart card, and a storage medium.

The technical scheme of the embodiment of the application is realized as follows:

the embodiment of the application provides a safety control method of transaction, which is applied to a smart card and comprises the following steps:

receiving a transaction request; the transaction request is initiated for a first application on the smart card;

detecting a state of the first application in response to the transaction request; the state of the first application comprises one of a logged-off state and a logged-off state;

security control a transaction for the first application based on the detected state of the first application.

In the foregoing solution, the performing security control on a transaction for the first application based on the detected state of the first application includes one of:

under the condition that the detected state of the first application is a logout state, performing security control on the transaction aiming at the first application by adopting a first security processing mode;

and under the condition that the detected state of the first application is the unregistered state, performing security control on the transaction aiming at the first application by adopting a second security processing mode.

In the foregoing solution, the performing security control on the transaction for the first application by using the first security processing manner includes:

sending a first notification message to an initiator initiating the transaction request; the first notification message is used for notifying the initiator that the first application is unavailable; and

aborting the transaction for the first application.

In the above scheme, the method further comprises:

querying at least one application registered for a subscription state change event on the smart card; the first application is one of the at least one application; the subscription state change event is associated with a network attachment result of the terminal;

sending a second notification message to the at least one application; wherein the content of the first and second substances,

the second notification message is used for notifying the at least one application of the subscription state change event; the subscription state change event is used for the at least one application to update the state of the at least one application to be a logout state.

In the foregoing solution, the querying at least one application of the registered subscription state change event on the smart card includes:

determining a type of the subscription status change event;

and querying at least one application registered with the subscription state change event on the smart card from a registry based on the determined type of the subscription state change event and the corresponding relationship between the type of the subscription state change event and the application registering the corresponding type of event.

In the above scheme, the method further comprises:

receiving a first instruction sent by a terminal; the first instruction carries the signing state change event; the subscription state change event is generated by the terminal based on the result of monitoring that the subscription state of the user changes; the change of the user subscription state is associated with the logout state of the smart card;

and obtaining the subscription state change event based on the first instruction.

In the foregoing solution, the performing security control on the transaction for the first application by using the second security processing manner includes:

determining the state of the terminal; the state of the terminal comprises one of an online state and an offline state;

under the condition that the determined state of the terminal is an offline state, performing security control on the transaction aiming at the first application based on a set security policy; the security policy characterization prohibits an offline transaction for the first application.

In the foregoing solution, the determining the state of the terminal includes:

determining a state identifier of the terminal;

and determining the state of the terminal based on the determined state identifier of the terminal.

In the foregoing solution, the determining the state identifier of the terminal includes:

receiving a second instruction sent by the terminal; the second instruction is used for indicating the terminal to successfully perform network authentication;

and determining the state identifier of the terminal as a first identifier value based on the second instruction.

receiving a third instruction sent by the terminal; the third instruction is used for indicating that the position state of the terminal is a service restriction state;

and determining the state identifier of the terminal as a second identifier value based on the third instruction.

receiving a fourth instruction; the fourth instruction is used for indicating the terminal to fail in network attachment;

and determining the state identifier of the terminal as a second identifier value based on the fourth instruction.

receiving a fifth instruction; the fifth instruction is used for instructing the smart card to perform initialization processing, and the terminal is in a Near Field Communication (NFC) low power consumption mode;

and determining the state identifier of the terminal as a second identifier value based on the fifth instruction.

In the foregoing solution, the determining the state of the terminal based on the determined state identifier of the terminal includes one of:

under the condition that the determined state identifier of the terminal is a first identifier value, determining that the state of the terminal is an online state;

and under the condition that the determined state identifier of the terminal is the second identifier value, determining that the state of the terminal is an offline state.

In the above scheme, the method further comprises:

detecting whether the terminal meets a conversion condition; the switching condition comprises one of a first switching condition and a second switching condition;

under the condition that the terminal is detected to meet the first conversion condition, triggering the terminal to be converted from the online state to the offline state;

and under the condition that the terminal is detected to meet the second conversion condition, triggering the terminal to be converted from the offline state to the online state.

In the foregoing solution, the performing security control on a transaction for the first application based on the set security policy includes:

aborting the transaction for the first application based on the security policy.

in a case where the first application comprises a digital wallet, aborting a transaction for the digital wallet based on the security policy.

In the above solution, a self-service Application Program Interface (API) is provided on the smart card; the state of the first application query terminal is provided through the calling of the self-service API, or the state of the first application update self is a logout state; wherein the content of the first and second substances,

the self-service API includes at least one of:

an API for application registration events; applying an API to unregister an event; judging whether the event is registered API; an API for processing events by an application; an API for application state settings; and the terminal online state query API.

In the above scheme, the method further comprises:

under the condition that the self-service API comprises the API for inquiring the online state of the terminal, sending the determined state of the terminal to the first application by calling the API for inquiring the online state of the terminal, so that the first application carries out security control on the transaction aiming at the first application on the basis of a set security policy under the condition that the state of the terminal is an offline state; wherein the content of the first and second substances,

the security policy characterization prohibits an offline transaction for the first application.

An embodiment of the present application further provides a security control device for a transaction, where the device includes:

a first receiving unit for receiving a transaction request; the transaction request is initiated for a first application on a smart card;

a detection unit for detecting the state of the first application in response to the transaction request; the state of the first application comprises one of a logged-off state and a logged-off state;

a control unit for performing security control on a transaction for the first application based on the detected state of the first application.

An embodiment of the present application further provides a smart card, where the smart card includes:

a communication interface for receiving a transaction request; the transaction request is initiated for a first application on the smart card;

a processor for detecting a state of the first application in response to the transaction request; the state of the first application comprises one of a logged-off state and a logged-off state; and based on the detected state of the first application, performing security control on a transaction for the first application.

An embodiment of the present application further provides a smart card, where the smart card includes: a processor and a memory for storing a computer program operable on the processor;

when the processor is used for running the computer program, the steps of the security control method for the transaction provided by the embodiment of the application are executed.

The embodiment of the present application also provides a storage medium, on which a computer program is stored, and the computer program, when executed by a processor, implements the steps of the security control method for transaction provided by the embodiment of the present application.

According to the transaction security control method and device, the smart card and the storage medium, the transaction request is received through the smart card; the transaction request is initiated for a first application on the smart card; detecting a state of the first application in response to the transaction request; the state of the first application comprises one of a logged-off state and a logged-off state; security control a transaction for the first application based on the detected state of the first application. By adopting the scheme of the embodiment of the application, the state of the first application on the intelligent card is directly detected, and then the digital transaction aiming at the first application is subjected to targeted safety control based on the state of the first application, so that the safety of the digital transaction can be effectively improved, the economic loss of a terminal user is reduced, and the experience of the terminal user is improved.

Drawings

Fig. 1 is a schematic diagram of a system architecture of a SIM card provided in the related art;

fig. 2 is a schematic diagram of a system architecture for implementing an end-to-end security mechanism by accessing a SIM card according to the related art;

fig. 3 is a schematic diagram of a system architecture of a SIM card according to an embodiment of the present application;

fig. 4 is a schematic flowchart of a security control method for a transaction according to an embodiment of the present disclosure;

fig. 5 is a flowchart illustrating a self-logout of a first application according to an embodiment of the present application;

fig. 6 is a schematic diagram illustrating a transition between an online state and an offline state according to an embodiment of the present application;

fig. 7 is a schematic flow chart of another method for controlling security of a transaction according to an embodiment of the present application;

fig. 8 is a schematic structural diagram of a security control apparatus for transaction according to an embodiment of the present disclosure;

fig. 9 is a schematic diagram of a hardware component structure of a smart card according to an embodiment of the present application.

Detailed Description

In order to make the objects, technical solutions and advantages of the embodiments of the present application clearer, the present application will be described in further detail with reference to the accompanying drawings, the described embodiments should not be construed as limiting the present application, and all other embodiments obtained by a person of ordinary skill in the art without making creative efforts shall fall within the protection scope of the present application.

In the following description, reference is made to "some embodiments" which describe a subset of all possible embodiments, but it is understood that "some embodiments" may be the same subset or different subsets of all possible embodiments, and that the technical solutions described in the embodiments of the present application may be combined with each other without conflict.

Before the technical solutions of the embodiments of the present application are introduced, the solutions of the related art are explained below.

With the continuous development of digital technology, the modern society has already stepped into the digital era, for example, buying things without carrying a wallet, sitting in a bus, a subway without carrying a bus card, and an entrance and exit unit without carrying an access card, and users can realize the functions by using equipment bearing digital application, thereby bringing convenience to daily life. However, the security of digital applications is a major concern when using various digital applications such as digital currency, digital wallets, electronic bus cards, and the like.

In order to prevent the digital application from being attacked by external malicious analysis and protect data security in the digital application, since a Secure Element (SE) has encryption and decryption logic circuits, in practical applications, a digital application with high security requirements, such as a digital application (e.g., a digital wallet) supporting digital transactions, can be carried in the SE.

A Subscriber Identity Module (SIM) card is an industry recognized strong security element. In the third Generation mobile communication system (3G, 3rd-Generation) or the fourth Generation mobile communication system (4G, 4th-Generation), the SIM card may also be called a Universal Subscriber Identity Module (USIM), which is designed to be a dedicated anti-attack software and hardware and is authenticated by a third-party detection laboratory, and has at least an Evaluation Assurance Level (EAL) 4+ Level security.

In practical applications, the SIM card can carry various digital applications such as digital currency, digital wallets, electronic bus cards, etc., in addition to carrier operator communication applications (including network authentication keys and related sensitive data) to implement network-entry authentication. Fig. 1 is a schematic diagram of a system architecture of a SIM card provided in the related art, and as shown in fig. 1, the system architecture of the SIM card includes chip hardware and firmware, a hardware abstraction layer, a virtual machine, a SIM card runtime environment (such as modules for logical channel management, card content management, and the like), a supported API (such as a China Mobile Communication Corporation API), and a digital application (such as a digital currency application, a digital wallet application, and a public transportation card application (electronic public transportation card application)) carried on the SIM card.

On the basis of the system architecture of the SIM card in the related art, the SIM card can implement a variety of service scenarios with high security requirements through technologies such as NFC, machine-card Access (SIM Access), and the like. Fig. 2 is a schematic diagram of a system architecture for implementing an end-to-end security mechanism by accessing an SIM Card according to the related art, and as shown in fig. 2, an end-to-end (a local terminal of the SIM Card and an opposite terminal (hereinafter, the opposite terminal is simply referred to as an opposite terminal for simplicity of description)) security mechanism may be implemented in a Reader (Reader) mode or a Card Emulation (Card Emulation) mode.

In the Reader mode, a terminal (User Equipment (UE) provided with an SIM Card) is used as a Card Reader, an Application calls an SIM API in an Operating System (OS) Framework (Framework) to initiate Card searching operation and establish connection with an opposite terminal Card, a local SIM is used as a security element of the opposite terminal, the Application accesses the SIM Card through the SIM API, in the Card Emulation mode, the SIM Card on the local terminal can be emulated as a Card (the Card is used for emulating various cards used in people's life, such as financial cards, traffic cards, door cards and the like) in combination with an NFC module), and the opposite terminal directly accesses the SIM Card through an NFC-Single Wire Protocol (SWP) interface.

The following describes the transaction flow between the local terminal (Card) and the opposite terminal (Reader). The main implementation of the transaction flow is as follows: initiating a transaction, and establishing physical wireless connection between the Reader and the Card; reader selects digital application on Card and carries out capability negotiation; performing bidirectional authentication on the Reader and the Card, and establishing a safety channel; wherein, the online transaction can use the authentication mechanism based on the symmetric key to process the security message by the end side (Card) and the platform side (Server); the off-line transaction can use an authentication mechanism based on an asymmetric key certificate to process a security message by an end side (Reader side local security element) and an end side (Card); data interaction is carried out in the secure channel, and integrity, confidentiality, replay prevention and the like can be protected on transactions (including online transactions and offline transactions).

Therefore, the end-to-end security mechanism and the end-side hardware security carrier effectively protect the service security and provide safe and convenient use experience for users. However, in some special business scenarios, especially in the case where the digital application cannot perceive the terminal offline status change, there is a potential risk for the transaction. For example, after the mobile phone of the user is lost, the user immediately cancels the mobile phone number, at the moment, the terminal is off-line, but an illegal user can continue to use the digital wallet to carry out off-line transaction; for another example, after the mobile phone of the user is lost, the illegal user switches the mobile phone to enter a flight mode, but the illegal user can continue to use the digital wallet to perform offline transaction; for another example, after the mobile phone of the user is lost, the illegal user is powered off, but the illegal user can continue to use the digital wallet in the NFC low-power-consumption mode to perform offline transaction.

In the security mechanism in the related art at present, especially the security mechanism based on independent security elements (such as electronic bus cards, digital wallets, etc.), since the application cannot sense the state change, even if the security control is performed on the digital transaction aiming at the digital application by setting an offline credit line, implementing risk control, etc., the potential risk exists, so that when a carrier bearing the digital application, such as a mobile phone, is lost, the user suffers from economic loss.

With the rapid development of various digital technologies, it is an important direction for the development of operators to innovate a new service with the characteristics of operators. China mobile proposes' Digital Currency Electronic Payment (DCEP), the status of the whole national finance in the global financial system should be promoted, and a scheme based on a SIM card hard wallet in a Digital Currency test of a people bank is explored.

Therefore, in the related art, because the operating system of the SIM card does not support the functions of digital application self-logout and application state dynamic management, the related technical solution has the following problems:

1. in an off-line scene, the management instruction can not be reached, the digital application can not be cancelled, and the transaction has risks;

2. when the terminal is in a flight mode or a shutdown state, the digital application cannot sense the change of the online state or the offline state of the terminal, and the transaction has risks.

In view of the above technical problems, no effective solution is available at present.

Based on this, in various embodiments of the present application, a transaction request is received via a smart card; the transaction request is initiated for a first application on the smart card; detecting a state of the first application in response to the transaction request; the state of the first application comprises one of a logged-off state and a logged-off state; security control a transaction for the first application based on the detected state of the first application.

By adopting the scheme of the embodiment of the application, the state of the first application on the intelligent card is directly detected, and then the digital transaction aiming at the first application is subjected to targeted safety control based on the state of the first application, so that the safety of the digital transaction can be effectively improved, the economic loss of a terminal user is reduced, and the experience of the terminal user is improved.

The embodiments of the present application will be described in further detail with reference to the drawings and examples.

The embodiment of the application can perform security control on the transaction of the first application (digital application) on the smart card (such as an SIM card) in an offline scene so as to improve the security of the transaction of the digital application. The system architecture of the SIM card will be described below by taking the smart card implementing the embodiment of the present application as an example.

Fig. 3 is a schematic diagram of a system architecture of an SIM card according to an embodiment of the present application, where an application self-service management module and a self-service API are added in an operating system of the SIM card on the basis of the system architecture of the SIM card in the related art (such as the system architecture of the SIM card shown in fig. 1), where a main function of the application self-service management module is to support digital application self-logout management and application state dynamic management, and specifically, the application self-service management module performs targeted security control on a digital transaction for a digital application by detecting a state of the digital application on the SIM card based on the state of the digital application. The SIM card can send the state of the terminal to the digital application by calling the self-service API so that the digital application can sense the state of the terminal, or the self-service API is called to update the state of the digital application to be a logout state, namely, the digital application self-logout is realized.

Based on the above description of the system architecture of the SIM card provided in the embodiment of the present application, the following description describes an implementation of the security control method for transactions provided in the embodiment of the present application.

An embodiment of the present application provides a security control method for a transaction, where the method is applied to a smart card, such as an SIM card and an Embedded SIM (ESIM) card, and fig. 4 is a schematic flow chart of the security control method for a transaction provided in the embodiment of the present application, and as shown in fig. 4, the method includes:

step 401, receiving a transaction request; the transaction request is initiated for a first application on the smart card.

Here, the transaction request received by the smart card may be initiated by the terminal, and specifically, may be initiated by the terminal for a first application on the smart card, where the first application is carried on the smart card, and the first application may be a digital application on the smart card, such as various types of digital applications such as digital currency, digital wallet, electronic bus card, and the like. The terminal initiating the transaction request may be a local terminal of the smart card, that is, a terminal bearing the smart card; or the terminal may be the opposite terminal of the local terminal, that is, the terminal not bearing the smart card.

Step 402, detecting a state of the first application in response to the transaction request.

In an embodiment of the present application, the state of the first application includes one of a logged-off state and a logged-off state.

And 403, performing security control on the transaction aiming at the first application based on the detected state of the first application.

In practical application, the smart card performs targeted security control on digital transaction aiming at the first application based on the state of the first application by detecting the state (logout state or non-logout state) of the first application; that is to say, in the embodiment of the present application, for the first application in different states, different security processing manners may be adopted to perform security control on the transaction for the first application, so as to improve the security of the digital transaction.

Based on this, in some embodiments, for the security control of the transaction for the first application based on the detected state of the first application in the above step 403, the security control may be implemented by one of the following means:

Here, when the state of the first application is a logged-out state, the security control of the transaction for the first application by using the first security processing method may be implemented as follows:

sending a first notification message to an initiator initiating the transaction request; the first notification message is used for notifying the initiator that the first application is unavailable; and aborting the transaction for the first application.

In practical application, when detecting that the state of the first application is a logout state, the current first application is indicated to be unavailable, at this time, if an initiator such as a local terminal or an opposite terminal initiates an offline transaction request for the first application on the smart card, because the state of the first application is the logout state, the initiator cannot normally use the first application, and the first application is selected to fail, the smart card sends a first notification message to the initiator initiating the transaction request, so that the initiator can be timely notified that the first application is unavailable, the transaction for the first application is aborted, and the security of the digital transaction is improved.

Here, when detecting that the state of the first application is the logout state, the smart card may further return an error code to the initiator, and notify the initiator that the current first application is unavailable by sending the error code, that is, notify the initiator that the offline transaction cannot be performed by the first application at this time.

In practical application, in order to avoid that an illegal user uses the first application to perform offline transaction under the condition that the smart card is cancelled, the embodiment of the application can ensure the security of digital transaction.

Based on this, in some embodiments, the method further comprises:

sending a second notification message to the at least one application; wherein the second notification message is used to notify the at least one application of the subscription state change event; the subscription state change event is used for the at least one application to update the state of the at least one application to be a logout state.

Here, the subscription state change event is associated with a network attachment result of the terminal, and it can be understood that when the smart card is logged off, if the terminal attempts to perform network attachment, the network device will return a message of rejecting the attachment to the terminal, and at this time, the network service is unavailable, and since the smart card is logged off, the subscription state of the user will change, and then a subscription state change event is generated; that is, whether the subscription status change event can be generated or not has a direct relationship with the network attachment result of the terminal.

In actual application, the querying at least one application registered on the smart card for the subscription state change event includes:

determining a type of the subscription status change event;

Here, all applications registered for the subscription status change event are stored in the registry, and the correspondence between the type of the subscription status change event and the application registered for the corresponding type of event is stored in the registry, so that, when the type of the subscription status change event is determined, at least one application registered with the subscription status change event on the smart card can be inquired according to the determined type of the subscription status change event and the corresponding relationship between the type of the subscription status change event and the application registered with the corresponding type of event, where the at least one application comprises a first application, the smart card then sends the subscription state change event to the at least one application that has registered the subscription state change event, i.e. informs the at least one application that the smart card is currently logged off, and after receiving the signing state change event, the at least one application updates the state of the application to be a logout state.

In some embodiments, the method further comprises:

Here, after receiving the first instruction, the smart card may analyze the first instruction, thereby obtaining a subscription state change event carried in the first instruction.

The self-logout procedure of the first application is described in detail below with reference to the accompanying drawings.

Fig. 5 is a schematic flow chart of self-logout of a first application according to an embodiment of the present disclosure, where as shown in fig. 5, a terminal determines a user subscription State according to a network attachment result, and when a smart card is logout, the terminal may monitor that the user subscription State changes, and at this time, may generate a subscription State Change Event (subscription State Change Event), and send an APDU command, such as an Envelope-Event Download (Event Download) command, to the smart card, where the APDU command may carry the subscription State Change Event; after receiving the APDU command, the smart card processes the APDU command, namely, event conversion is carried out based on the APDU command to obtain a signing state change event; a triggering entity in the smart card inquires whether an application registers the event from a registry according to the type of the signing state change event, if at least one application registers the event in the registry, the triggering entity sends a notification message to at least one application (including a first application) registering the event, namely the signing state change event is notified to the at least one application registering the event; after the at least one application receives the notification message, the at least one application can judge that the current smart card is logged out and set the state of the at least one application as a logged-out state.

In practical application, when the smart card detects that the state of the first application is the unregistered state, in order to avoid an illegal user from using the first application to perform offline transaction so as to ensure the security of digital transaction, the embodiment of the application can determine the state of the terminal first, and then perform security control on the offline transaction based on the security policy when the state of the terminal is the offline state.

Based on this, in some embodiments, in the case that the state of the first application is the unregistered state, performing security control on the transaction for the first application by using the second security processing manner may be implemented as follows:

In practical application, the State identifier of the terminal can be cached in the RAM of the operating system of the smart card, and then based on the State identifier of the terminal, whether the State of the terminal is an Online State or an Offline State can be determined quickly and accurately.

Based on this, in some embodiments, the determining the state of the terminal includes:

determining a state identifier of the terminal; and determining the state of the terminal based on the determined state identifier of the terminal.

Here, the status Flag of the terminal may include an Online status Flag (RAM _ Online _ Flag) and an Offline status Flag (RAM _ Offline _ Flag).

In practical application, the smart card can dynamically manage the state identifier of the terminal according to the external state change of the terminal, wherein the external state change of the terminal can be understood as that the terminal is switched from one mode to another mode, and the terminal realizes the switching between an online state and an offline state.

Based on this, in some embodiments, the method further comprises:

Here, the first transition condition may include that the terminal is in a power-off state, the terminal logs off the SIM card, and the terminal is in an airplane mode; the second conversion condition may include that the terminal successfully logs in the network and authenticates, which is not limited herein.

The transition between the online state and the offline state is described below with reference to the drawings.

Fig. 6 is a schematic diagram illustrating a transition between an Online State and an Offline State according to an embodiment of the present disclosure, and as shown in fig. 6, when a terminal is currently in an Online State (Online _ State), if it is detected that the terminal logs off a SIM card, the terminal is triggered to transition from the Online _ State to the Offline State (Offline _ State); when the terminal is currently in an Online _ State, if the terminal is detected to be powered off, the terminal is triggered to be switched from the Online _ State to an Offline _ State; when the terminal is currently in an Online _ State, if the terminal is detected to enter a flight mode, the terminal is triggered to be switched from the Online _ State to an Offline _ State; when the terminal log-in authentication fails, the terminal is in an Offline _ State; the terminal closes the flight mode when the Offline _ State, and the log-on authentication fails; when the terminal is currently in the Offline _ State, if the fact that the terminal logs in the network successfully is detected, the terminal is triggered to be switched from the Offline _ State to the Online _ State.

The following describes the determination process of the status identifier of the terminal in detail by taking a smart card as an SIM card as an example.

In some embodiments, the determining the state identifier of the terminal may be implemented by:

receiving a second instruction sent by the terminal; the second instruction is used for indicating the terminal to successfully perform network authentication; and determining the state identifier of the terminal as a first identifier value based on the second instruction.

Specifically, in one case, when the terminal is powered on, the SIM card is powered on and initialized, all the RAM address space data are reset to 0, and the RAM _ Online _ Flag is 0; after receiving a Terminal reset (Terminal Profile) command, the SIM card registers a Location Status Change Event (Location Status Change Event) to the Terminal; the SIM card receives a network authentication (authentication) command sent by the terminal, and if the network authentication command is successfully executed, that is, the terminal performs network authentication successfully, the SIM card receives a second instruction sent by the terminal, where the second instruction is used to indicate that the terminal performs network authentication successfully, and at this time, the RAM _ Online _ Flag of the terminal is set to 1 (a first identification value). Under another condition, when the terminal closes the flight mode, the terminal performs network attachment again, if the terminal performs network attachment successfully, the terminal sends a network authentication command to the SIM card, if the network authentication command is executed successfully, that is, the terminal performs network authentication successfully, the SIM card receives a second instruction sent by the terminal, the second instruction is used for indicating that the terminal performs network authentication successfully, and at this time, the RAM _ Online _ Flag of the terminal is set to 1.

In other embodiments, the determining the state identifier of the terminal may be implemented by:

receiving a third instruction sent by the terminal; the third instruction is used for indicating that the position state of the terminal is a service restriction state; and determining the state identifier of the terminal as a second identifier value based on the third instruction.

Specifically, in one case, when the terminal enters the flight mode, a Location Status Change Event is sent to the SIM card, and the Location state of the terminal is the limited service state; after the SIM card receives the Location Status Change Event, if the Location Status of the terminal is determined to be the service restriction Status, the SIM card receives a third instruction sent by the terminal, and at this time, sets the RAM _ Online _ Flag of the terminal to 0 (second identification value). Under the other condition, when the SIM card is cancelled and the user continues to use the terminal, the terminal fails to attach the network due to the fact that the SIM card is cancelled, the terminal sends a Location Status Change Event to the SIM card, and the position state of the terminal is a service limiting state at the moment; after the SIM card receives the Location Status Change Event, if the position state of the terminal is judged to be the service limiting state, the SIM card receives a third instruction sent by the terminal, and at the moment, the RAM _ Online _ Flag of the terminal is set to be 0.

receiving a fourth instruction; the fourth instruction is used for indicating the terminal to fail in network attachment; and determining the state identifier of the terminal as a second identifier value based on the fourth instruction.

Specifically, in one case, when the terminal closes the flight mode, the terminal performs network attachment again, and if the terminal fails to perform network attachment, the SIM card receives a fourth instruction, where the fourth instruction is used to instruct the terminal to fail to perform network attachment, and the terminal does not send a network authentication command to the SIM card, and at this time, the RAM _ Online _ Flag of the terminal is set to 0. In another case, when the SIM card is logged off and the terminal is powered off and restarted, the initial value of the RAM _ Online _ Flag is 0, the terminal attempts network attachment, at this time, because the SIM card is logged off, the network device returns a network attachment rejection message to the terminal, the SIM card receives a fourth instruction, the fourth instruction is used for indicating that the terminal fails to perform network attachment, the terminal does not send a network authentication command to the SIM card, and at this time, the RAM _ Online _ Flag of the terminal is still set to 0.

receiving a fifth instruction; the fifth instruction is used for indicating the intelligent card to carry out initialization processing, and the terminal is in an NFC low power consumption mode; and determining the state identifier of the terminal as a second identifier value based on the fifth instruction.

Specifically, when the terminal is powered off, the user may perform offline transaction when the terminal is in the NFC low-power-consumption mode, and at this time, the SIM card receives the fifth instruction, executes the SIM card initialization process in the NFC low-power-consumption mode, and sets the RAM _ Online _ Flag of the terminal to 0.

In some embodiments, the determining the state of the terminal based on the determined state identifier of the terminal includes one of:

In some embodiments, the security controlling the transaction for the first application based on the set security policy comprises:

Here, the security policy may be used to characterize that offline transaction is prohibited for the first application, so that, when the smart card determines that the state of the terminal is an offline state, the smart card may terminate the transaction for the first application based on the security policy, thereby effectively improving security of the digital transaction.

In practice, where the first application comprises a digital wallet, the transaction for the digital wallet is aborted based on the security policy.

In actual application, the intelligent card is provided with a self-service API; the state of the first application query terminal is provided through the calling of the self-service API, or the state of the first application update self is a logout state; wherein the content of the first and second substances,

the self-service API includes at least one of:

Here, the API of the application registration event is for an application registration event (variable type (void) register event (short event)); the API for application de-registration events is for application de-registration events (void deregiser events); an API that determines whether an Event is registered is used for determining whether an Event is registered (short Event); the API of the application processing event is used for enabling an application to process an event (void process event), and the smart card runtime environment calls the application interface when the event is triggered; the API for application State setting is used for setting a State (void setApplet State) of a first application, namely a digital application; the API for inquiring the Online state of the terminal is used for judging whether the terminal is in the Online state (BooleanisonnlineState ()) or not by the runtime environment of the intelligent card according to the value of the RAM _ Online _ Flag; if the RAM _ Online _ Flag is 0, returning to false; if the RAM _ Online _ Flag is 1, return true.

In actual application, in order to reduce the processing pressure of the smart card, the smart card can send the state of the terminal to the first application, and the first application performs security control on the transaction aiming at the first application.

Based on this, in some embodiments, the method further comprises:

It should be noted that, when the state of the terminal is an offline state, the process of performing security control on the transaction of the first application based on the set security policy may refer to the processing method of the smart card, and details are not described here.

The scheme of the application is further described in detail in the following by referring to application examples.

The security control method for the transaction provided by the embodiment of the present application is described by taking the first application as a digital wallet and taking the smart card as an SIM card as an example. Fig. 7 is a flowchart illustrating another security control method for a transaction according to an embodiment of the present application, as shown in fig. 7, first, a digital wallet on a SIM card performs application initialization, and specifically, the application may be installed in a pre-installation manner or a post-download manner; when the application is installed, an Operating System (OS) runtime environment of the SIM card completes the registration of a user signing state change event by calling an application Installo () method, namely an installation Applet (Installo Applet) method; after detecting that the terminal is powered on, the SIM card sends a command (SetupEventlist) to register a subscription status change event to the terminal. Here, after the user loses the terminal carrying the digital wallet, such as a mobile phone, the SIM card can be logged off by means of telephone log-off or business hall log-off, and the operator network side logs off the number corresponding to the SIM card.

Next, when the SIM card has logged off, the digital wallet on the SIM card performs self-logout management, specifically, the terminal attempts network attachment, that is, the terminal initiates an Attach Request (Attach Request) to the network (such as a cellular network) side, and if the SIM card has logged off at this time, the network side returns an Attach Reject (Attach Request) response to the terminal, and the Service is unavailable (EPS Service not allowed); the terminal judges the user subscription state based on the network attachment result, if the user subscription state is monitored to be changed, namely the subscription information is judged to be abnormal, a subscription state change event is generated, and the generated subscription state change event is sent to the SIM card through an event downloading instruction; the SIM card inquires whether an application registers the event or not, when the application registers the event, a signing state change event and signing user state information are sent to all applications registering the event through a trigger event, the application processes the event () API by calling the application processing event, processes the signing state change event according to an application logout strategy, updates the state of the application, namely updates the state of the application to be a logout state, realizes the self logout of the application, and returns a logout result to the terminal.

When the SIM card is cancelled, performing exception handling on offline transaction, specifically, after the SIM card is cancelled, if an opposite terminal initiates an offline transaction request, selecting an application (digital wallet) to be used, responding the request by the SIM card, detecting the state of the digital wallet application, and if the state of the digital wallet application is detected to be a cancellation state, directly returning an error code to the terminal by the SIM card, and stopping the transaction aiming at the digital wallet application; if the state of the digital wallet application is detected to be a non-logout state, further detecting the internal state of the digital wallet application, and if the internal state of the digital wallet application is a service logout state, generating an error code by the application and returning the error code to the opposite terminal as a transaction response; and after the opposite end receives the transaction response, judging that the error code is error code which is not available when the application is cancelled (service cancellation state), stopping the transaction aiming at the digital wallet application, and prompting a user or alarming. When the state of the digital wallet application is detected to be a non-logout state and the internal state of the digital wallet application is not a service logout state, further judging whether the terminal is in an offline state, such as the terminal enters a flight mode or is turned off, judging whether a service security policy allows offline transaction under the condition that the terminal is judged to be in the offline state, if not, stopping the transaction aiming at the digital wallet application, returning an error code to the opposite terminal, and stopping the transaction after the opposite terminal receives the error code.

By adopting the scheme of the embodiment of the application, the following technical effects can be achieved:

1. under the terminal off-line scene, the digital application on the SIM card can realize self-logout management, thereby improving the safety of the off-line use of the digital application; furthermore, the method can also warn or alarm the user using the digital application on the cancelled SIM card, thereby being beneficial to tracking the lost terminal bearing the digital application;

2. when the terminal is in a flight mode or a shutdown state, the digital application can acquire the change of the offline state or the online state of the terminal, so that a safety strategy is implemented in a targeted manner, targeted safety control is performed on digital transactions aiming at the digital application, and the safety of the digital transactions is improved;

3. the self-service API is used, so that digital application integration is facilitated, and the compatibility is good;

4. the self-logout of the digital application is realized when the SIM card is logout by combining a cellular network technology, and the technology is a characteristic technology of an operator and is convenient for the operator to provide differentiated services for terminal users;

5. function upgrading is carried out aiming at the SIM card, safety control of offline digital transaction of digital application on the SIM card is realized, and the SIM card is low in cost, safe and controllable.

In order to implement the security control method for a transaction according to the embodiment of the present application, an embodiment of the present application further provides a security control apparatus for a transaction, where the security control apparatus is disposed on a smart card, such as a SIM card or an ESIM card, fig. 8 is a schematic structural diagram of a security control apparatus for a transaction according to the embodiment of the present application, and as shown in fig. 8, the security control apparatus for a transaction includes:

a first receiving unit 81 for receiving a transaction request; the transaction request is initiated for a first application on a smart card;

a detecting unit 82, configured to detect a state of the first application in response to the transaction request; the state of the first application comprises one of a logged-off state and a logged-off state;

a control unit 83, configured to perform security control on a transaction for the first application based on the detected state of the first application.

In some embodiments, the control unit 83 includes: a first control subunit and a second control subunit; wherein the content of the first and second substances,

the first control subunit is configured to, when the detected state of the first application is a logout state, perform security control on a transaction for the first application in a first security processing manner;

and the second control subunit is configured to, when the detected state of the first application is an unregistered state, perform security control on a transaction for the first application in a second security processing manner.

In some embodiments, the first control subunit is specifically configured to:

aborting the transaction for the first application.

In some embodiments, the apparatus further comprises:

the inquiry unit is used for inquiring at least one application of the registered signing state change event on the intelligent card; the first application is one of the at least one application; the subscription state change event is associated with a network attachment result of the terminal;

a first sending unit, configured to send a second notification message to the at least one application; wherein the content of the first and second substances,

In practical application, the query unit is specifically configured to:

determining a type of the subscription status change event;

In some embodiments, the apparatus further comprises:

the second receiving unit is used for receiving a first instruction sent by the terminal; the first instruction carries the signing state change event; the subscription state change event is generated by the terminal based on the result of monitoring that the subscription state of the user changes; the change of the user subscription state is associated with the logout state of the smart card;

and the acquisition unit is used for acquiring the subscription state change event based on the first instruction.

In some embodiments, the second control subunit comprises: a determination unit and a third control subunit; wherein the content of the first and second substances,

the determining unit is used for determining the state of the terminal; the state of the terminal comprises one of an online state and an offline state;

the third control subunit is configured to, when the state of the terminal determined by the determining unit is an offline state, perform security control on a transaction for the first application based on a set security policy; the security policy characterization prohibits an offline transaction for the first application.

In some embodiments, the determining unit comprises: a first determining subunit and a second determining subunit; wherein the content of the first and second substances,

the first determining subunit is configured to determine a state identifier of the terminal;

and the second determining subunit is configured to determine the state of the terminal based on the determined state identifier of the terminal.

In practical applications, in some embodiments, the first determining subunit is specifically configured to:

In some embodiments, the first determining subunit is further specifically configured to:

receiving a fifth instruction; the fifth instruction is used for indicating the intelligent card to carry out initialization processing, and the terminal is in an NFC low power consumption mode;

In some embodiments, the second determining subunit is specifically configured to perform one of:

In some embodiments, the method further comprises:

Here, the state identification of the terminal is cached in the RAM of the operating system of the smart card.

In some embodiments, the third control subunit is specifically configured to:

Here, a self-service API is arranged on the smart card; the state of the first application query terminal is provided through the calling of the self-service API, or the state of the first application update self is a logout state; wherein the content of the first and second substances,

the self-service API includes at least one of:

In some embodiments, the apparatus further comprises:

a second sending unit, configured to send the determined state of the terminal to the first application by calling the API of the terminal online state query when the self-service API includes the API of the terminal online state query, so that when the state of the terminal of the first application is an offline state, the first application performs security control on a transaction for the first application based on a set security policy; wherein the content of the first and second substances,

Here, in practical applications, the first receiving unit 81 may be implemented by a communication interface in a security control device of a transaction, and the detecting unit 82 and the controlling unit 83 may be implemented by a processor in the security control device of the transaction.

It should be noted that, when the security control device for transaction provided in the above embodiment performs security control of transaction, only the division of the above program modules is taken as an example, and in practical applications, the above processing may be distributed to different program modules according to needs, that is, the internal structure of the device may be divided into different program modules to complete all or part of the above-described processing. In addition, the transaction security control device and the transaction security control method provided in the above embodiments belong to the same concept, and specific implementation processes thereof are described in detail in the method embodiments and are not described herein again.

Based on the implementation of the composition structure of the program module, and in order to implement the security control method for transaction in the embodiment of the present application, an embodiment of the present application further provides a smart card, such as an SIM card and an ESIM card, fig. 9 is a schematic diagram of a hardware composition structure of the smart card provided in the embodiment of the present application, and as shown in fig. 9, the smart card 90 includes:

a communication interface 91 capable of performing information interaction with a terminal;

and the processor 92 is connected with the communication interface 91 to realize information interaction with the terminal, and is used for executing the method provided by one or more technical schemes on the smart card side when running a computer program. And the computer program is stored on the memory 93.

Specifically, the communication interface 91 is configured to receive a transaction request; the transaction request is initiated for a first application on the smart card;

a processor 92 for detecting a state of the first application in response to the transaction request; the state of the first application comprises one of a logged-off state and a logged-off state; and further configured to perform security control for a transaction directed to the first application based on the detected state of the first application.

In some embodiments, the processor 92 is specifically configured to one of:

In practical applications, the processor 92 is specifically configured to:

aborting the transaction for the first application.

In some embodiments, the processor 92 is further configured to query the smart card for at least one application registered for a subscription state change event; the first application is one of the at least one application; the subscription state change event is associated with a network attachment result of the terminal;

a communication interface 91, further configured to send a second notification message to the at least one application; wherein the content of the first and second substances,

Here, the processor 92 is specifically configured to:

determining a type of the subscription status change event;

In some embodiments, the communication interface 91 is further configured to receive a first instruction sent by the terminal; the first instruction carries the signing state change event; the subscription state change event is generated by the terminal based on the result of monitoring that the subscription state of the user changes; the change of the user subscription state is associated with the logout state of the smart card;

In some embodiments, the processor 92 is specifically configured to:

determining a state identifier of the terminal;

In some embodiments, the processor 92 is specifically configured to:

In some embodiments, the processor 92 is further specifically configured to:

In some embodiments, the processor 92 is specifically configured to one of:

In some embodiments, the processor 92 is further configured to:

In some embodiments, the processor 92 is specifically configured to:

the self-service API includes at least one of:

In some embodiments, communication interface 91 is further configured to:

under the condition that the self-service API comprises the API for inquiring the online state of the terminal, sending the determined state of the terminal to the first application by calling the API for inquiring the online state of the terminal, so that the first application carries out security control on the transaction aiming at the first application on the basis of a set security policy under the condition that the state of the terminal is an offline state; wherein the security policy characterization prohibits offline transactions for the first application.

It should be noted that specific processing procedures of the communication interface 91 and the processor 92 are described in detail in the method embodiment, and are not described herein again.

Of course, in practice, the various components of the smart card 90 are coupled together by a bus system 94. It will be appreciated that the bus system 94 is used to enable communications among the components. The bus system 94 includes a power bus, a control bus, and a status signal bus in addition to a data bus. For clarity of illustration, however, the various buses are labeled as bus system 94 in fig. 9.

The memory 93 in the embodiment of the present application is used to store various types of data to support the operation of the smart card 90. Examples of such data include: any computer program for operating on the smart card 90.

The security control method for the transaction disclosed in the embodiment of the present application may be applied to the processor 92, or may be implemented by the processor 92. The processor 92 may be an integrated circuit chip having signal processing capabilities. In implementation, the steps of the above method may be performed by instructions in the form of hardware, integrated logic circuits, or software in the processor 92. The Processor 92 may be a general purpose Processor, a Digital Signal Processor (DSP), or other programmable logic device, discrete gate or transistor logic device, discrete hardware components, or the like. Processor 92 may implement or perform the methods, steps, and logic blocks disclosed in the embodiments of the present application. A general purpose processor may be a microprocessor or any conventional processor or the like. The steps of the method disclosed in the embodiments of the present application may be directly implemented by a hardware decoding processor, or implemented by a combination of hardware and software modules in the decoding processor. The software modules may be located in a storage medium located in the memory 93, and the processor 92 reads the information in the memory 93 and, in conjunction with its hardware, performs the steps of the security control method of the aforementioned transaction.

In an exemplary embodiment, the smart card 90 may be implemented by one or more Application Specific Integrated Circuits (ASICs), DSPs, Programmable Logic Devices (PLDs), Complex Programmable Logic Devices (CPLDs), Field Programmable Gate Arrays (FPGAs), general purpose processors, controllers, Micro Controllers (MCUs), microprocessors (microprocessors) or other electronic components for performing the security control method of the aforementioned transactions.

It will be appreciated that the memory 93 of embodiments of the present application can be either volatile memory or nonvolatile memory, and can include both volatile and nonvolatile memory. The nonvolatile Memory may be a Read Only Memory (ROM), a Programmable Read Only Memory (PROM), an Erasable Programmable Read-Only Memory (EPROM), an Electrically Erasable Programmable Read-Only Memory (EEPROM), a magnetic Random Access Memory (FRAM), a Flash Memory (Flash Memory), a magnetic surface Memory, an optical Disc, or a Compact Disc Read-Only Memory (CD-ROM); the magnetic surface storage may be disk storage or tape storage.

Volatile Memory can be Random Access Memory (RAM), which acts as external cache Memory. By way of illustration and not limitation, many forms of RAM are available, such as Static Random Access Memory (SRAM), Synchronous Static Random Access Memory (SSRAM), Dynamic Random Access Memory (DRAM), Synchronous Dynamic Random Access Memory (SDRAM), Double Data Rate Synchronous Dynamic Random Access Memory (DDRSDRAM), Enhanced Synchronous Dynamic Random Access Memory (ESDRAM), Enhanced Synchronous Dynamic Random Access Memory (Enhanced Synchronous Dynamic Random Access Memory), Synchronous linked Dynamic Random Access Memory (DRAM, Synchronous Link Dynamic Random Access Memory), Direct Memory (DRmb Random Access Memory). The memories described in the embodiments of the present application are intended to comprise, without being limited to, these and any other suitable types of memory.

In an exemplary embodiment, the present application further provides a storage medium, specifically a computer storage medium, which may be a computer readable storage medium, for example, including a memory 93 storing a computer program, which may be executed by a processor 92 of the smart card 90 to complete the steps of the security control method for the aforementioned transaction. The computer-readable storage medium can be memories such as FRAM, ROM, PROM, EPROM, EEPROM, Flash Memory, magnetic surface Memory, optical disk or CD-ROM; or may be various devices including one or any combination of the above memories.

In the embodiments of the present application, the terms "first", "second", and the like, are used for distinguishing similar objects only, and do not denote a particular order or sequence of the objects, and it is to be understood that "first", "second", and the like, where the context allows, may be interchanged with other sequences or sequences, such that the embodiments of the present application described herein may be implemented in other sequences than those illustrated or described herein.

The above description is only for the specific embodiments of the present application, but the scope of the present application is not limited thereto, and any person skilled in the art can easily conceive of the changes or substitutions within the technical scope of the present application, and shall be covered by the scope of the present application. Therefore, the protection scope of the present application shall be subject to the protection scope of the claims.

Claims

1. A method for secure control of transactions, applied to a smart card, the method comprising:

2. The method of claim 1, wherein the securely controlling the transaction for the first application based on the detected state of the first application comprises one of:

3. The method of claim 2, wherein the securely controlling the transaction for the first application using a first secure process comprises:

aborting the transaction for the first application.

4. The method according to claim 1 or 2, characterized in that the method further comprises:

5. The method of claim 4, wherein querying at least one application on the smart card for registered subscription state change events comprises:

determining a type of the subscription status change event;

6. The method of claim 4, further comprising:

7. The method of claim 2, wherein the securely controlling the transaction for the first application using a second secure process comprises:

8. The method of claim 7, wherein determining the state of the terminal comprises:

determining a state identifier of the terminal;

9. The method of claim 8, wherein the determining the status identifier of the terminal comprises:

10. The method of claim 8, wherein the determining the status identifier of the terminal comprises:

11. The method of claim 8, wherein the determining the status identifier of the terminal comprises:

12. The method of claim 8, wherein the determining the status identifier of the terminal comprises:

receiving a fifth instruction; the fifth instruction is used for indicating the intelligent card to carry out initialization processing, and the terminal is in a Near Field Communication (NFC) low power consumption mode;

13. The method according to claim 8, wherein the determining the state of the terminal based on the determined state identifier of the terminal comprises one of:

14. The method of claim 13, further comprising:

15. The method of claim 7, wherein the securely controlling the transaction for the first application based on the set security policy comprises:

16. The method of claim 7, wherein the securely controlling the transaction for the first application based on the set security policy comprises:

17. The method according to claim 4 or 7, characterized in that a self-service Application Program Interface (API) is arranged on the smart card; the state of the first application query terminal is provided through the calling of the self-service API, or the state of the first application update self is a logout state; wherein the content of the first and second substances,

the self-service API includes at least one of:

18. The method of claim 17, further comprising:

19. An apparatus for secure control of a transaction, the apparatus comprising:

20. A smart card, characterized in that the smart card comprises:

21. A smart card, characterized in that the smart card comprises: a processor and a memory for storing a computer program operable on the processor;

wherein the processor is adapted to perform the steps of the method of security control of a transaction according to any one of claims 1 to 18 when running the computer program.

22. A storage medium having a computer program stored thereon, wherein the computer program, when executed by a processor, performs the steps of a method for security control of a transaction according to any of claims 1 to 18.