CN114900832A - Server and intelligent terminal based on electronic card information safety transmission verification method - Google Patents
Server and intelligent terminal based on electronic card information safety transmission verification method Download PDFInfo
- Publication number
- CN114900832A CN114900832A CN202210445502.XA CN202210445502A CN114900832A CN 114900832 A CN114900832 A CN 114900832A CN 202210445502 A CN202210445502 A CN 202210445502A CN 114900832 A CN114900832 A CN 114900832A
- Authority
- CN
- China
- Prior art keywords
- electronic card
- random number
- user information
- message
- verification
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Pending
Links
Images
Classifications
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04W—WIRELESS COMMUNICATION NETWORKS
- H04W12/00—Security arrangements; Authentication; Protecting privacy or anonymity
- H04W12/03—Protecting confidentiality, e.g. by encryption
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06K—GRAPHICAL DATA READING; PRESENTATION OF DATA; RECORD CARRIERS; HANDLING RECORD CARRIERS
- G06K7/00—Methods or arrangements for sensing record carriers, e.g. for reading patterns
- G06K7/10—Methods or arrangements for sensing record carriers, e.g. for reading patterns by electromagnetic radiation, e.g. optical sensing; by corpuscular radiation
- G06K7/14—Methods or arrangements for sensing record carriers, e.g. for reading patterns by electromagnetic radiation, e.g. optical sensing; by corpuscular radiation using light without selection of wavelength, e.g. sensing reflected white light
- G06K7/1404—Methods for optical code recognition
- G06K7/1408—Methods for optical code recognition the method being specifically adapted for the type of code
- G06K7/1417—2D bar codes
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/08—Network architectures or network communication protocols for network security for authentication of entities
- H04L63/0869—Network architectures or network communication protocols for network security for authentication of entities for achieving mutual authentication
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04W—WIRELESS COMMUNICATION NETWORKS
- H04W12/00—Security arrangements; Authentication; Protecting privacy or anonymity
- H04W12/06—Authentication
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04W—WIRELESS COMMUNICATION NETWORKS
- H04W12/00—Security arrangements; Authentication; Protecting privacy or anonymity
- H04W12/60—Context-dependent security
- H04W12/69—Identity-dependent
-
- Y—GENERAL TAGGING OF NEW TECHNOLOGICAL DEVELOPMENTS; GENERAL TAGGING OF CROSS-SECTIONAL TECHNOLOGIES SPANNING OVER SEVERAL SECTIONS OF THE IPC; TECHNICAL SUBJECTS COVERED BY FORMER USPC CROSS-REFERENCE ART COLLECTIONS [XRACs] AND DIGESTS
- Y02—TECHNOLOGIES OR APPLICATIONS FOR MITIGATION OR ADAPTATION AGAINST CLIMATE CHANGE
- Y02D—CLIMATE CHANGE MITIGATION TECHNOLOGIES IN INFORMATION AND COMMUNICATION TECHNOLOGIES [ICT], I.E. INFORMATION AND COMMUNICATION TECHNOLOGIES AIMING AT THE REDUCTION OF THEIR OWN ENERGY USE
- Y02D30/00—Reducing energy consumption in communication networks
- Y02D30/70—Reducing energy consumption in communication networks in wireless communication networks
Landscapes
- Engineering & Computer Science (AREA)
- Computer Security & Cryptography (AREA)
- Computer Networks & Wireless Communication (AREA)
- Signal Processing (AREA)
- Physics & Mathematics (AREA)
- Health & Medical Sciences (AREA)
- General Engineering & Computer Science (AREA)
- Computing Systems (AREA)
- Computer Hardware Design (AREA)
- Electromagnetism (AREA)
- General Health & Medical Sciences (AREA)
- Toxicology (AREA)
- Artificial Intelligence (AREA)
- Computer Vision & Pattern Recognition (AREA)
- General Physics & Mathematics (AREA)
- Theoretical Computer Science (AREA)
- Mobile Radio Communication Systems (AREA)
- Storage Device Security (AREA)
Abstract
A server and intelligent terminal based on the electronic card information security transmission verification method, communicate with server through the intelligent terminal of the user, carry on the mutual information of two-way through the two-dimensional code between intelligent terminal and the electronic card reading apparatus, the electronic card reading apparatus and server do not need to carry on the direct network communication to realize the information interaction, the drawback to need to carry on information transmission and analysis through the dedicated line of the verification method of the traditional electronic card is improved; and the information is encrypted and transmitted in sections, so that all information can be effectively transmitted, and the safety of information transmission is ensured. The server and the intelligent terminal based on the electronic card information safety transmission verification method can avoid that the related information of the electronic card cannot be obtained due to the fact that a special network is broken or the server cannot respond in time when being busy, and improve the efficiency and the safety of electronic card information transmission verification.
Description
The application is a divisional application of an invention patent application with the application date of 2019, 1, and 30, the application number of 201910093593.3 and the name of 'a method for verifying the safe transmission of electronic card information'.
Technical Field
The invention relates to the field of information transmission verification methods, in particular to a server and an intelligent terminal based on an electronic card information safety transmission verification method.
Background
At present, after the electronic card reading device scans, a computer connected to the electronic card reading device generally needs to transmit code scanning information to a corresponding server through a dedicated network, the server decodes the code scanning information to obtain user-related information, and then returns the user information to the electronic card reading device through the dedicated network to verify the electronic card, and the process of the electronic card verification can refer to fig. 1.
The existing electronic card verification method has certain limitations, transmission verification can be performed only by accessing a server through a special network, and electronic card business transaction terminals in many scenes such as government departments, hospitals and the like only have internal networks, are not in the same type of network with the server of the electronic card, and cannot be connected with corresponding external servers to perform verification of electronic card information, so that the business transaction terminals cannot analyze the electronic card information. Even if some scenes have corresponding external network authorities and can access an external server through a special network, when a special network line is broken or the server is busy, the service handling terminal cannot continuously check and acquire information, and the field service handling of a user is seriously influenced.
Therefore, the present disclosure provides a server and an intelligent terminal based on an electronic card information security transmission verification method to solve the above problems.
Disclosure of Invention
In order to solve the defects in the prior art, the invention provides the server and the intelligent terminal based on the electronic card information safety transmission verification method, the intelligent terminal is used for completing the bidirectional verification and information transmission between the electronic card business handling terminal and the server so as to break the limitation of a special network, avoid the electronic card information from being identified and acquired due to the fault of the special network or the busy server, and simultaneously ensure the safety and reliability of the electronic card information transmission.
In order to achieve the above object, the present invention provides a server based on an electronic card information security transmission verification method, where the electronic card information security transmission verification method executed by the server includes the following steps:
s100: receiving a service request and verifying the validity of user service request information, wherein the request at least comprises user information bound by an electronic card;
s200: verifying the legality of the electronic card reading device, returning the legality verification information of the electronic card reading device, and executing the step S300 if the verification is successful;
s300: receiving an operation random number, an equipment ID and a PSAM card ID which are acquired after a two-dimensional code is scanned by an intelligent terminal, wherein the two-dimensional code is generated by the following steps: firstly, generating an operation random number through electronic card reading equipment and recording the operation random number, and then generating a two-dimensional code comprising the operation random number, equipment ID and PSAM card ID through a computer;
s400: responding to a service request of the intelligent terminal, retrieving user information bound by the electronic card, and calculating a corresponding secret key according to the PSAM card ID acquired in the step S300;
s500: encrypting the user information, adding an operation random number and performing segmentation processing to obtain segmented messages of the user information, and respectively sending the segmented messages to the intelligent terminal; wherein, the encryption is carried out by adopting the key calculated in the step S400;
s600: sending each segment of message to an intelligent terminal, and gradually converting each segment of message into a two-dimensional code for display; the electronic card reading equipment scans and identifies the two-dimensional code to obtain a segmented message; after all the segmented messages are received, decrypting and combining the segmented messages, verifying whether the analyzed operation random number is consistent with the operation random number stored in the electronic card reading device or not, if so, passing the verification, and then transmitting the user information to a computer;
s700: after the verification of the electronic card user information is completed, a business system in the computer carries out corresponding business operation according to the received user information;
the method for verifying the validity of the electronic card reading device in step S200 specifically includes the following steps:
s201: generating and storing a verification random number, then sending the verification random number to an intelligent terminal, displaying the verification random number in a two-dimensional code form through the intelligent terminal, scanning and identifying the two-dimensional code on the intelligent terminal by a subsequent electronic card identifying and reading device to obtain the verification random number, encrypting the verification random number through a PSAM card arranged in the electronic card identifying and reading device to obtain an encrypted random number, finally sending the encrypted random number obtained by processing to a computer connected with the electronic card identifying and reading device by the electronic card identifying and reading device, and displaying the encrypted random number in the two-dimensional code form on a computer display,
s202: receiving data converted by a two-dimensional code on a scanning computer of the intelligent terminal, decrypting the encrypted random number, comparing the obtained decrypted random number with the sent verification random number, and if the obtained decrypted random number is the same as the sent verification random number, representing that the electronic card recognizing and reading equipment is legal and the electronic card recognizing and reading equipment is verified successfully;
the method for returning the validity verification information of the electronic card reading device in the step S200 specifically includes the following steps: and returning equipment verification information to the intelligent terminal, generating a corresponding two-dimensional code through the intelligent terminal, and scanning the code by the electronic card reading equipment to identify the two-dimensional code on the intelligent terminal so as to obtain the returned validity verification information of the electronic card reading equipment.
In some embodiments, the specific step of obtaining the segmented packet of the user information in step S500 may adopt any one of the following processing methods:
1. encrypting user information, segmenting the encrypted user information, adding an operation random number and a serial number identifier into the head of each segment of message, and adding an end identifier into the last segment of message; and encrypting each segment of message added with the operation random number again to obtain a segment message of the user information.
2. Firstly encrypting user information, segmenting the encrypted user information, adding an operation random number and a serial number identifier at the head of each segment of message, and adding an end identifier in the last segment of message to obtain a segmented message of the user information.
3. Firstly, adding an operation random number into the head of user information, encrypting the user information added with the operation random number, segmenting the encrypted user information, adding a serial number identifier into each segment of message, and adding an end identifier into the last segment of message to obtain a segmented message of the user information.
4. Firstly, segmenting user information, adding an operation random number and a serial number identifier into the head of each segment of message, and adding an end identifier into the last segment of message; and encrypting each segment of information respectively to obtain a segmented message of the user information.
In some embodiments, in step S600, the electronic card reading device scans and identifies the two-dimensional code on the intelligent terminal one by one to obtain the segmented message. In addition, the electronic card reading device can be a multi-card intelligent terminal.
In order to achieve the above object, the present invention further provides an intelligent terminal based on the electronic card information security transmission verification method, wherein the electronic card information security transmission verification method executed by the intelligent terminal includes the following steps:
s100: sending a service request to a server so that the server verifies the validity of user service request information, the server verifies the validity of the electronic card reading equipment and returns the validity verification information of the electronic card reading equipment, and if the verification is successful, executing a step S200, wherein the request at least comprises user information bound by the electronic card;
s200: scanning the two-dimensional code to obtain an operation random number, a device ID and a PSAM card ID, wherein the two-dimensional code is generated by the following steps: firstly, generating an operation random number through electronic card reading equipment and recording the operation random number, and then generating a two-dimensional code comprising the operation random number, equipment ID and PSAM card ID through a computer;
s300: the sent service request is responded by the server, the server retrieves the user information bound by the electronic card, and a corresponding key is calculated according to the PSAM card ID obtained in the step S200;
s400: receiving a segmented message from a server, wherein the segmented message is generated by the following steps: the server encrypts the user information, adds the operation random number and performs segmentation processing to obtain a segmented message of the user information, wherein the encryption is performed by adopting the key calculated in the step S300;
s500: acquiring each segment of message from a server, and gradually converting each segment of message into a two-dimensional code for display;
s600: the electronic card reading equipment scans and identifies the two-dimensional code to obtain a segmented message; after all the segmented messages are received, decrypting and combining the segmented messages, verifying whether the analyzed operation random number is consistent with the operation random number stored in the electronic card reading device or not, if so, passing the verification, and then transmitting the user information to a computer;
s700: the verification of the electronic card user information is completed, and a business system in the computer performs corresponding business operation according to the received user information;
the method for verifying the validity of the electronic card reading device in step S100 specifically includes the following steps:
s101: receiving a verification random number from a server and displaying the verification random number in a two-dimensional code form, wherein the verification random number is generated by the server and stored in the server;
s102: the electronic card reading equipment scans and identifies the two-dimensional code on the intelligent terminal to obtain a verification random number; encrypting the verification random number through a PSAM card installed in the electronic card reading device to obtain an encrypted random number;
s103: the electronic card reading equipment sends the encrypted random number obtained by processing to a computer connected with the electronic card reading equipment, and displays the encrypted random number on a computer display in a two-dimensional code mode;
s104: scanning a two-dimensional code on a computer, converting the two-dimensional code into data and sending the data to a server, decrypting the encrypted random number by the server, comparing the obtained decrypted random number with the sent verification random number, and if the two-dimensional code is the same as the verification random number, indicating that the electronic card recognizing and reading equipment is legal and the electronic card recognizing and reading equipment is successfully verified;
the method for returning the validity verification information of the electronic card reading device in step S100 specifically includes the following steps: and receiving the equipment verification information sent by the server, generating a corresponding two-dimension code, and scanning the two-dimension code on the intelligent terminal by the electronic card reading equipment to acquire the returned validity verification information of the electronic card reading equipment.
According to the server and the intelligent terminal based on the electronic card information safety transmission verification method, the intelligent terminal of a user is communicated with the server, bidirectional information interaction is carried out between the intelligent terminal and the electronic card reading device through the two-dimensional code, information interaction can be realized between the electronic card reading device and the server without direct network communication, and the defect that the traditional electronic card verification method needs information transmission and analysis through a special line is overcome; and the information is encrypted and transmitted in sections, so that all information can be effectively transmitted, and the safety of information transmission is ensured. The method for verifying the safe transmission of the electronic card information does not need to use a special network, can avoid the situation that the related information of the electronic card cannot be obtained due to the fact that the special network is broken or a server is busy and cannot respond in time, and improves the efficiency and the safety of the electronic card information transmission verification.
Drawings
In order to more clearly illustrate the embodiments of the present invention or the technical solutions in the prior art, the drawings used in the description of the embodiments or the prior art will be briefly described below, it is obvious that the drawings in the following description are only some embodiments of the present invention, and for those skilled in the art, other drawings can be obtained according to the drawings without creative efforts.
FIG. 1 is a diagram illustrating a conventional method for verifying information transmission of an electronic card;
FIG. 2 is a schematic diagram of a method for verifying secure transmission of electronic card information according to the present invention;
fig. 3 is a schematic flow chart of a method for verifying secure transmission of electronic card information according to the present invention.
Detailed Description
In order to make the objects, technical solutions and advantages of the embodiments of the present invention clearer, the technical solutions in the embodiments of the present invention will be clearly and completely described below with reference to the drawings in the embodiments of the present invention, and it is obvious that the described embodiments are some, but not all, embodiments of the present invention. All other embodiments, which can be derived by a person skilled in the art from the embodiments given herein without making any creative effort, shall fall within the protection scope of the present invention.
The embodiment of the invention provides a server and an intelligent terminal based on a safety transmission verification method of electronic card information, wherein the safety transmission verification method of the electronic card information executed by the server and the intelligent terminal can be used for users of electronic cards such as an electronic social security card, an electronic medical security card, an electronic identity card, an electronic health card and the like, and the authentication of the electronic card is carried out on a business handling terminal so that the business handling terminal can safely obtain user information of the electronic card from the server; the business handling terminal in the embodiment of the invention can be a computer or a self-service machine connected with electronic card reading equipment.
As shown in fig. 2 and fig. 3, a flow chart of a method for verifying secure transmission of electronic card information according to an embodiment of the present invention includes the following steps:
s100: the mobile intelligent terminal sends a service request to the server, wherein the request at least comprises user information bound by the electronic card;
specifically, the mobile intelligent terminal is a mobile intelligent terminal bound with an electronic card, at least has the functions of displaying, shooting and communicating, and can be a mobile phone, a notebook computer or a PAD; the method comprises the steps that a user holding the electronic card operates on a mobile intelligent terminal bound with the electronic card, and sends a service request to a server, wherein the service request at least comprises user information bound with the electronic card.
S200: the server verifies the validity of the user service request information;
specifically, after receiving a service request sent by the mobile intelligent terminal, the server verifies the validity of the service request information, including whether the requested electronic card user information exists or not, whether the state of the electronic card user information allows the corresponding service request or not, and the like; if the user service request information is invalid, returning the information of failed verification; if the user service request information is valid, step S300 is performed.
S300: the server verifies the legality of the electronic card reading equipment and returns the legality verification information of the electronic card reading equipment, and if the verification is successful, the step S400 is executed;
specifically, after verifying that the user service request information is valid, the server needs to verify whether an electronic card reading device of the service handling terminal is legal or not before responding to the service request; the specific verification method comprises the following steps:
s301, a server generates a verification random number and stores the verification random number in the server, the verification random number is sent to the mobile intelligent terminal, and the verification random number is displayed in a two-dimensional code form through the mobile intelligent terminal;
s302, scanning and identifying a two-dimensional code on the mobile intelligent terminal by the electronic card identifying and reading equipment to obtain a verification random number; encrypting the verification random number through a PSAM card installed in the electronic card reading device to obtain an encrypted random number;
s303, the electronic card reading device sends the encrypted random number obtained by processing to a computer connected with the electronic card reading device, and the encrypted random number is displayed on a computer display in a two-dimensional code mode;
s304, the mobile intelligent terminal scans the two-dimensional code on the computer, converts the two-dimensional code into data and sends the data to the server, the server decrypts the encrypted random number, compares the obtained encrypted random number with the sent verification random number, and if the two-dimensional code is the same as the verification random number, the electronic card recognizing and reading device is legal and the electronic card recognizing and reading device is successful in verification;
after the server completes the validity verification of the electronic card reading equipment, equipment verification information is returned to the mobile intelligent terminal, then the verification information is generated into a corresponding two-dimensional code through the mobile intelligent terminal, and the electronic card reading equipment scans the two-dimensional code on the mobile intelligent terminal to acquire the returned validity verification information of the electronic card reading equipment. If the returned information is successful, step S400 is executed, and if the verification fails, the process is ended.
S400: the electronic card reading device generates and records an operation random number, then generates a two-dimensional code comprising the operation random number, a device ID and a PSAM card ID through a computer, and sends the two-dimensional code to a server after the code scanning of the mobile intelligent terminal is obtained;
specifically, after the validity verification of the electronic card reading device is successful, the electronic card reading device generates and records an operation random number, then generates a two-dimensional code comprising the operation random number, the device ID of the electronic card reading device, the PSAM card ID and other information in the electronic card reading device through a computer, scans the code by a mobile intelligent terminal to obtain corresponding information, and then sends the information to a server; preferably, the operation random number, the equipment ID and the PSAM card ID acquired by scanning the code by the mobile intelligent terminal are encrypted and then sent to the server; the operation random number is a numerical value used by the PSAM card for recording the current operation, has 32 bits in total, and can be randomly generated when each operation is started until the operation is completed or abandoned in the middle; the operation random number is used for being added into user information to be sent by the server to ensure that the user information sent by the server can be used only once, so that the user information sent by the server is prevented from being stored for multiple times; the device ID of the electronic identification device and the PSAM card ID are used for ensuring that the server can sense and record field information of each service transaction, such as the position of the used device.
S500: the server responds to the service request of the mobile intelligent terminal, retrieves the user information bound by the electronic card, and deduces a corresponding secret key according to the PSAM card ID obtained from the step S400;
specifically, after receiving the operation random number returned by the electronic card reading device, the device ID of the electronic reading device, the PSAM card ID inside the electronic reading device, and other information, the server retrieves the user information bound to the corresponding electronic card according to the service request sent by the mobile intelligent terminal in the corresponding step S100; and according to the PSAM card ID obtained in step S400, a key corresponding to the PSAM card is calculated (each PSAM card has its own unique key for decrypting the packet).
S600: the server encrypts the user information, adds the random number of the operation and carries out segmentation processing on the user information to obtain segmented messages of the user information, and the segmented messages are respectively sent to the mobile intelligent terminal; the encryption is performed by using the key calculated in step S500.
Specifically, after the server retrieves the corresponding user information, the server encrypts the user information, adds an operation random number and performs segmentation processing on the user information; specifically, any one of the following processing methods may be adopted:
1. encrypting user information, segmenting the encrypted user information, adding an operation random number and a serial number identifier into the head of each segment of message, and adding an end identifier into the last segment of message; and encrypting each segment of message added with the operation random number again to obtain a segment message of the user information.
2. Encrypting user information, segmenting the encrypted user information, adding an operation random number and a serial number identifier into the head of each segment of message, and adding an end identifier into the last segment of message to obtain a segmented message of the user information.
3. Firstly, adding an operation random number into the head of user information, encrypting the user information added with the operation random number, segmenting the encrypted user information, adding a serial number identifier into each segment of message, and adding an end identifier into the last segment of message to obtain a segmented message of the user information.
4. Firstly, segmenting user information, adding an operation random number and a serial number identifier into the head of each segment of message, and adding an end identifier into the last segment of message; and encrypting each segment of information respectively to obtain a segmented message of the user information.
The segmentation processing divides the data of the user information into a plurality of segments according to the set data length, for example, if the total data of the user information is 1024 bytes, the length of each segment of data is set to be 400 bytes, the user can be divided into 3 segments of messages in total, and the part with the insufficient length is filled with 0.
And after the user information is encrypted, added with the operation random number and subjected to segmentation processing, a plurality of segments of segmented messages are formed and are respectively sent to the mobile intelligent terminal.
S700: the mobile intelligent terminal acquires each segment of message from the server and converts each segment of message into a two-dimensional code to display one by one;
specifically, the mobile intelligent terminal obtains each segment of the user information generated in step S600 from the server, and converts each segment of the user information into a two-dimensional code to be displayed successively according to the serial number identifier and the end identifier in each segment of the user information.
S800: the electronic card recognizing and reading equipment successively scans and recognizes the two-dimensional code on the mobile intelligent terminal to obtain a segmented message; after all the segmented messages are received, decrypting and combining the segmented messages, verifying whether the analyzed operation random number is consistent with the operation random number stored in the electronic card reading device or not, if so, passing the verification, and then transmitting the user information to a computer;
specifically, the electronic card reading device successively scans and identifies two-dimensional codes containing all the segmented messages on the mobile intelligent terminal, segmented message data in the two-dimensional codes are obtained, when all the segmented messages are received, the electronic card reading device decrypts the obtained segmented messages, and then merges the segmented messages according to serial number identifications and end identifications in the segmented messages, or merges the segmented messages according to serial number identifications and end identifications in the segmented messages, and then decrypts the segmented messages to obtain complete user information and operation random numbers added in the step S600; the specific decryption and combination sequence can be adjusted according to the message generation mode of each segment of the user information adopted in the step S600; verifying whether the operation random number carried in the analyzed message is consistent with the operation random number recorded in the step S400; if the user information is consistent, the user information is considered to be valid, and then the user information is transmitted to the computer.
S900: and (4) completing the verification of the electronic card user information, and carrying out corresponding business operation by a business system in the computer according to the received user information.
Specifically, the computer receives the user information sent by the electronic card reading device, and completes the verification of the electronic card user information, so that the user can perform corresponding business operation through a business system in the computer.
According to the safe transmission verification method of the electronic card information, the mobile intelligent terminal of a user is communicated with the server, bidirectional information interaction is carried out between the mobile intelligent terminal and the electronic card reading device through the two-dimensional code, information interaction can be realized between the electronic card reading device and the server without direct network communication, and the defect that the traditional electronic card verification method needs information transmission and analysis through a special line is overcome; and the information is encrypted and transmitted in segments, so that the safety of information transmission is ensured while all information can be effectively transmitted. According to the method for verifying the safe transmission of the electronic card information, a special network is not needed, the situation that the relevant information of the electronic card cannot be obtained due to the fact that the special network is broken or a server is busy and cannot respond in time can be avoided, and the efficiency and the safety of the electronic card information transmission verification are improved.
Although terms such as electronic card, electronic card reading device, transaction terminal, server, mobile intelligent terminal, etc. are used more often herein, the possibility of using other terms is not excluded, for example: besides the mobile intelligent terminal, other intelligent terminals can be used. These terms are used merely to more conveniently describe and explain the nature of the present invention; they are to be construed as being without limitation to any additional limitations that may be imposed by the spirit of the present invention.
Finally, it should be noted that: the above embodiments are only used to illustrate the technical solution of the present invention, and not to limit the same; while the invention has been described in detail and with reference to the foregoing embodiments, it will be understood by those skilled in the art that: the technical solutions described in the foregoing embodiments may still be modified, or some or all of the technical features may be equivalently replaced; and the modifications or the substitutions do not make the essence of the corresponding technical solutions depart from the scope of the technical solutions of the embodiments of the present invention.
Claims (6)
1. A server based on an electronic card information security transmission verification method is characterized in that: the electronic card information safety transmission verification method executed by the server comprises the following steps:
s100: receiving a service request and verifying the validity of user service request information, wherein the request at least comprises user information bound by an electronic card;
s200: verifying the legality of the electronic card reading device, returning the legality verification information of the electronic card reading device, and executing the step S300 if the verification is successful;
s300: receiving an operation random number, an equipment ID and a PSAM card ID which are acquired after a two-dimensional code is scanned by an intelligent terminal, wherein the two-dimensional code is generated by the following steps: firstly, generating an operation random number through electronic card reading equipment and recording the operation random number, and then generating a two-dimensional code comprising the operation random number, equipment ID and PSAM card ID through a computer;
s400: responding to a service request of the intelligent terminal, retrieving user information bound by the electronic card, and calculating a corresponding secret key according to the PSAM card ID acquired in the step S300;
s500: encrypting the user information, adding an operation random number and performing segmentation processing to obtain segmented messages of the user information, and respectively sending the segmented messages to the intelligent terminal; wherein, the encryption is carried out by adopting the key calculated in the step S400;
s600: sending each segment of message to an intelligent terminal, and gradually converting each segment of message into a two-dimensional code for display; the electronic card reading equipment scans and identifies the two-dimensional code to obtain a segmented message; after all the segmented messages are received, decrypting and combining the segmented messages, verifying whether the analyzed operation random number is consistent with the operation random number stored in the electronic card reading device or not, if so, passing the verification, and then transmitting the user information to a computer;
s700: after the verification of the electronic card user information is completed, a business system in the computer carries out corresponding business operation according to the received user information;
the method for verifying the validity of the electronic card reading device in step S200 specifically includes the following steps:
s201: generating and storing a verification random number, then sending the verification random number to an intelligent terminal, displaying the verification random number in a two-dimensional code form through the intelligent terminal, scanning and identifying the two-dimensional code on the intelligent terminal by a subsequent electronic card identifying and reading device to obtain the verification random number, encrypting the verification random number through a PSAM card arranged in the electronic card identifying and reading device to obtain an encrypted random number, finally sending the encrypted random number obtained by processing to a computer connected with the electronic card identifying and reading device by the electronic card identifying and reading device, and displaying the encrypted random number in the two-dimensional code form on a computer display,
s202: receiving data converted by a two-dimensional code on a scanning computer of the intelligent terminal, decrypting the encrypted random number, comparing the obtained decrypted random number with the sent verification random number, and if the obtained decrypted random number is the same as the sent verification random number, representing that the electronic card recognizing and reading equipment is legal and the electronic card recognizing and reading equipment is verified successfully;
the method for returning the validity verification information of the electronic card reading device in the step S200 specifically includes the following steps: and returning equipment verification information to the intelligent terminal, generating a corresponding two-dimensional code through the intelligent terminal, and scanning the code by the electronic card reading equipment to identify the two-dimensional code on the intelligent terminal so as to obtain the returned validity verification information of the electronic card reading equipment.
2. The server according to claim 1, wherein the server comprises: the specific steps of obtaining the segment message of the user information in step S500 include:
encrypting user information, segmenting the encrypted user information, adding an operation random number and a serial number identifier into the head of each segment of message, and adding an end identifier into the last segment of message; encrypting each segment of message added with the operation random number again to obtain a segmented message of the user information;
or, encrypting the user information, segmenting the encrypted user information, adding an operation random number and a serial number identifier into the head of each segment of the message, and adding an end identifier into the last segment of the message to obtain a segmented message of the user information;
or, firstly adding an operation random number into the head of the user information, encrypting the user information added with the operation random number, segmenting the encrypted user information, adding a serial number identifier into each segment of message, and adding an end identifier into the last segment of message to obtain a segmented message of the user information;
or, the user information is segmented, the operation random number and the serial number identification are added to the head of each segment of the message, and the ending identification is added to the last segment of the message; and encrypting each segment of information respectively to obtain a segmented message of the user information.
3. The server according to claim 1, wherein the server comprises: in step S600, the electronic card reading device scans and identifies the two-dimensional code on the intelligent terminal one by one to obtain the segmented message.
4. An intelligent terminal based on an electronic card information safety transmission verification method is characterized in that: the electronic card information safety transmission verification method executed by the intelligent terminal comprises the following steps:
s100: sending a service request to a server so that the server verifies the validity of user service request information, the server verifies the validity of the electronic card reading equipment and returns the validity verification information of the electronic card reading equipment, and if the verification is successful, executing a step S200, wherein the request at least comprises user information bound by the electronic card;
s200: scanning the two-dimensional code to obtain an operation random number, a device ID and a PSAM card ID, wherein the two-dimensional code is generated by the following steps: firstly, generating an operation random number through electronic card reading equipment and recording the operation random number, and then generating a two-dimensional code comprising the operation random number, equipment ID and PSAM card ID through a computer;
s300: the sent service request is responded by the server, the server retrieves the user information bound by the electronic card, and a corresponding key is calculated according to the PSAM card ID obtained in the step S200;
s400: receiving a segmented message from a server, wherein the segmented message is generated by the following steps: the server encrypts the user information, adds the operation random number and performs segmentation processing to obtain a segmented message of the user information, wherein the encryption is performed by adopting the key calculated in the step S300;
s500: acquiring each segment of message from a server, and gradually converting each segment of message into a two-dimensional code for display;
s600: the electronic card reading equipment scans and identifies the two-dimensional code to obtain a segmented message; after all the segmented messages are received, decrypting and combining the segmented messages, verifying whether the analyzed operation random number is consistent with the operation random number stored in the electronic card reading device or not, if so, passing the verification, and then transmitting the user information to a computer;
s700: the verification of the electronic card user information is completed, and a business system in the computer performs corresponding business operation according to the received user information;
the method for verifying the validity of the electronic card reading device in step S100 specifically includes the following steps:
s101: receiving a verification random number from a server and displaying the verification random number in a two-dimensional code form, wherein the verification random number is generated by the server and stored in the server;
s102: the electronic card reading equipment scans and identifies the two-dimensional code on the intelligent terminal to obtain a verification random number; encrypting the verification random number through a PSAM card installed in the electronic card reading device to obtain an encrypted random number;
s103: the electronic card reading equipment sends the encrypted random number obtained by processing to a computer connected with the electronic card reading equipment, and displays the encrypted random number on a computer display in a two-dimensional code mode;
s104: scanning a two-dimensional code on a computer, converting the two-dimensional code into data and sending the data to a server, decrypting the encrypted random number by the server, comparing the obtained decrypted random number with the sent verification random number, and if the two-dimensional code is the same as the verification random number, indicating that the electronic card recognizing and reading equipment is legal and the electronic card recognizing and reading equipment is successfully verified;
the method for returning the validity verification information of the electronic card reading device in step S100 specifically includes the following steps: and receiving the equipment verification information sent by the server, generating a corresponding two-dimension code, and scanning the two-dimension code on the intelligent terminal by the electronic card reading equipment to acquire the returned validity verification information of the electronic card reading equipment.
5. The intelligent terminal based on the electronic card information secure transmission verification method according to claim 4, wherein: the step of generating the segment packet in step S400 includes:
the server encrypts user information, segments the encrypted user information, adds an operation random number and a serial number identifier to the head of each segment of the message, and adds an end identifier to the last segment of the message; encrypting each segment of message added with the operation random number again to obtain a segmented message of the user information;
or the server encrypts the user information first, segments the encrypted user information, adds an operation random number and a serial number identifier to the head of each segment of the message, and adds an end identifier to the last segment of the message to obtain a segmented message of the user information;
or, the server adds the user information head into the operation random number, encrypts the user information added with the operation random number, segments the encrypted user information, adds a serial number mark into each segment of message, and adds an end mark into the last segment of message to obtain a segmented message of the user information;
or, the server segments the user information, adds the operation random number and the serial number identification into the head of each segment of the message, and adds the end identification into the last segment of the message; and encrypting each segment of information respectively to obtain a segmented message of the user information.
6. The intelligent terminal based on the electronic card information secure transmission verification method according to claim 4, wherein: in step S600, the electronic card reading device scans and identifies the two-dimensional code on the intelligent terminal one by one to obtain the segmented message.
Priority Applications (1)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
CN202210445502.XA CN114900832A (en) | 2019-01-30 | 2019-01-30 | Server and intelligent terminal based on electronic card information safety transmission verification method |
Applications Claiming Priority (2)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
CN202210445502.XA CN114900832A (en) | 2019-01-30 | 2019-01-30 | Server and intelligent terminal based on electronic card information safety transmission verification method |
CN201910093593.3A CN109831782B (en) | 2019-01-30 | 2019-01-30 | Safety transmission verification method for electronic card information |
Related Parent Applications (1)
Application Number | Title | Priority Date | Filing Date |
---|---|---|---|
CN201910093593.3A Division CN109831782B (en) | 2019-01-30 | 2019-01-30 | Safety transmission verification method for electronic card information |
Publications (1)
Publication Number | Publication Date |
---|---|
CN114900832A true CN114900832A (en) | 2022-08-12 |
Family
ID=66863139
Family Applications (2)
Application Number | Title | Priority Date | Filing Date |
---|---|---|---|
CN202210445502.XA Pending CN114900832A (en) | 2019-01-30 | 2019-01-30 | Server and intelligent terminal based on electronic card information safety transmission verification method |
CN201910093593.3A Active CN109831782B (en) | 2019-01-30 | 2019-01-30 | Safety transmission verification method for electronic card information |
Family Applications After (1)
Application Number | Title | Priority Date | Filing Date |
---|---|---|---|
CN201910093593.3A Active CN109831782B (en) | 2019-01-30 | 2019-01-30 | Safety transmission verification method for electronic card information |
Country Status (1)
Country | Link |
---|---|
CN (2) | CN114900832A (en) |
Families Citing this family (3)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN111917875A (en) * | 2020-07-31 | 2020-11-10 | 展讯通信(上海)有限公司 | Offline file transmission method and system |
CN111914970A (en) * | 2020-08-17 | 2020-11-10 | 国网浙江杭州市余杭区供电有限公司 | Two-dimensional code-based large-data-volume data transmission method |
WO2022099683A1 (en) * | 2020-11-16 | 2022-05-19 | 华为云计算技术有限公司 | Data transmission method and apparatus, device, system, and storage medium |
Family Cites Families (10)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN101398951B (en) * | 2007-09-28 | 2012-01-25 | 中国移动通信集团公司 | Electronic card verification method and electronic card service platform |
CN101414373B (en) * | 2007-10-15 | 2016-06-29 | 中国移动通信集团公司 | Electronic cards verification method and system |
JP3184554U (en) * | 2013-04-19 | 2013-07-04 | 有限会社ノア | Age identification and recognition system |
CN103366111B (en) * | 2013-07-10 | 2016-02-24 | 公安部第三研究所 | Mobile device realizes the method for smart card extended authentication control based on Quick Response Code |
CN104618117B (en) * | 2015-02-04 | 2018-06-12 | 北京奇虎科技有限公司 | The identification authentication system and method for smart card device based on Quick Response Code |
CN205427909U (en) * | 2015-12-16 | 2016-08-03 | 广东楚天龙智能卡有限公司 | Smart card reading and writing terminal with two -dimensional code |
CN105654295A (en) * | 2015-12-29 | 2016-06-08 | 中国建设银行股份有限公司 | Transaction control method and client |
CN107666460B (en) * | 2016-07-27 | 2020-04-17 | 真相网络科技(北京)有限公司 | Remote intelligent evidence obtaining system and method based on mobile internet |
CN106971311A (en) * | 2017-04-26 | 2017-07-21 | 长春市万易科技有限公司 | A kind of false proof traceability system of logistics Means of Agricultural Production and method |
CN108647538A (en) * | 2018-04-09 | 2018-10-12 | 天津中兴智联科技有限公司 | A kind of hand held readers system based on voice prompt |
-
2019
- 2019-01-30 CN CN202210445502.XA patent/CN114900832A/en active Pending
- 2019-01-30 CN CN201910093593.3A patent/CN109831782B/en active Active
Also Published As
Publication number | Publication date |
---|---|
CN109831782A (en) | 2019-05-31 |
CN109831782B (en) | 2022-05-24 |
Similar Documents
Publication | Publication Date | Title |
---|---|---|
CN103201998B (en) | For the protection of the data processing of the local resource in mobile device | |
CN110086608A (en) | User authen method, device, computer equipment and computer readable storage medium | |
US9781109B2 (en) | Method, terminal device, and network device for improving information security | |
US9165149B2 (en) | Use of a mobile telecommunication device as an electronic health insurance card | |
CN106850209A (en) | A kind of identity identifying method and device | |
CN109831782B (en) | Safety transmission verification method for electronic card information | |
CN106131080A (en) | The method and device of transmission medical image data | |
CN104424676A (en) | Identity information sending method, identity information sending device, access control card reader and access control system | |
CN105765941A (en) | Illegal access server prevention method and device | |
CN106161224B (en) | Method for interchanging data, device and equipment | |
CN110266653B (en) | Authentication method, system and terminal equipment | |
CN109391473B (en) | Electronic signature method, device and storage medium | |
KR101379711B1 (en) | Method for file encryption and decryption using telephone number | |
CN114500061A (en) | Data transmission method, Internet of things system, electronic device and storage medium | |
CN213122985U (en) | PIS authentication system | |
CN113890724A (en) | Access authentication method and system for power Internet of things communication equipment | |
CN114666786A (en) | Identity authentication method and system based on telecommunication smart card | |
CN115865495A (en) | Data transmission control method and device, electronic equipment and readable storage medium | |
CN114492489B (en) | NFC label verification system based on dynamic data | |
CN112039921B (en) | Verification method for parking access, parking user terminal and node server | |
CN111783070B (en) | File information acquisition method, device, equipment and storage medium based on block chain | |
CN112910837B (en) | Identity authentication method and system based on communication network and readable storage medium thereof | |
CN112417424A (en) | Authentication method and system for power terminal | |
CN116132072B (en) | Security authentication method and system for network information | |
CN114598478B (en) | Data encryption method, device, electronic equipment and storage medium |
Legal Events
Date | Code | Title | Description |
---|---|---|---|
PB01 | Publication | ||
PB01 | Publication | ||
SE01 | Entry into force of request for substantive examination | ||
SE01 | Entry into force of request for substantive examination |