CN114900832A - Server and intelligent terminal based on electronic card information safety transmission verification method - Google Patents

Server and intelligent terminal based on electronic card information safety transmission verification method Download PDF

Info

Publication number
CN114900832A
CN114900832A CN202210445502.XA CN202210445502A CN114900832A CN 114900832 A CN114900832 A CN 114900832A CN 202210445502 A CN202210445502 A CN 202210445502A CN 114900832 A CN114900832 A CN 114900832A
Authority
CN
China
Prior art keywords
electronic card
random number
user information
message
verification
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Pending
Application number
CN202210445502.XA
Other languages
Chinese (zh)
Inventor
郜恩光
吴坚峰
念洪华
贡敏琴
陈键
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
Yilianzhong Intelligent Xiamen Technology Co ltd
Original Assignee
Yilianzhong Intelligent Xiamen Technology Co ltd
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Yilianzhong Intelligent Xiamen Technology Co ltd filed Critical Yilianzhong Intelligent Xiamen Technology Co ltd
Priority to CN202210445502.XA priority Critical patent/CN114900832A/en
Publication of CN114900832A publication Critical patent/CN114900832A/en
Pending legal-status Critical Current

Links

Images

Classifications

    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04WWIRELESS COMMUNICATION NETWORKS
    • H04W12/00Security arrangements; Authentication; Protecting privacy or anonymity
    • H04W12/03Protecting confidentiality, e.g. by encryption
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06KGRAPHICAL DATA READING; PRESENTATION OF DATA; RECORD CARRIERS; HANDLING RECORD CARRIERS
    • G06K7/00Methods or arrangements for sensing record carriers, e.g. for reading patterns
    • G06K7/10Methods or arrangements for sensing record carriers, e.g. for reading patterns by electromagnetic radiation, e.g. optical sensing; by corpuscular radiation
    • G06K7/14Methods or arrangements for sensing record carriers, e.g. for reading patterns by electromagnetic radiation, e.g. optical sensing; by corpuscular radiation using light without selection of wavelength, e.g. sensing reflected white light
    • G06K7/1404Methods for optical code recognition
    • G06K7/1408Methods for optical code recognition the method being specifically adapted for the type of code
    • G06K7/14172D bar codes
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/08Network architectures or network communication protocols for network security for authentication of entities
    • H04L63/0869Network architectures or network communication protocols for network security for authentication of entities for achieving mutual authentication
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04WWIRELESS COMMUNICATION NETWORKS
    • H04W12/00Security arrangements; Authentication; Protecting privacy or anonymity
    • H04W12/06Authentication
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04WWIRELESS COMMUNICATION NETWORKS
    • H04W12/00Security arrangements; Authentication; Protecting privacy or anonymity
    • H04W12/60Context-dependent security
    • H04W12/69Identity-dependent
    • YGENERAL TAGGING OF NEW TECHNOLOGICAL DEVELOPMENTS; GENERAL TAGGING OF CROSS-SECTIONAL TECHNOLOGIES SPANNING OVER SEVERAL SECTIONS OF THE IPC; TECHNICAL SUBJECTS COVERED BY FORMER USPC CROSS-REFERENCE ART COLLECTIONS [XRACs] AND DIGESTS
    • Y02TECHNOLOGIES OR APPLICATIONS FOR MITIGATION OR ADAPTATION AGAINST CLIMATE CHANGE
    • Y02DCLIMATE CHANGE MITIGATION TECHNOLOGIES IN INFORMATION AND COMMUNICATION TECHNOLOGIES [ICT], I.E. INFORMATION AND COMMUNICATION TECHNOLOGIES AIMING AT THE REDUCTION OF THEIR OWN ENERGY USE
    • Y02D30/00Reducing energy consumption in communication networks
    • Y02D30/70Reducing energy consumption in communication networks in wireless communication networks

Landscapes

  • Engineering & Computer Science (AREA)
  • Computer Security & Cryptography (AREA)
  • Computer Networks & Wireless Communication (AREA)
  • Signal Processing (AREA)
  • Physics & Mathematics (AREA)
  • Health & Medical Sciences (AREA)
  • General Engineering & Computer Science (AREA)
  • Computing Systems (AREA)
  • Computer Hardware Design (AREA)
  • Electromagnetism (AREA)
  • General Health & Medical Sciences (AREA)
  • Toxicology (AREA)
  • Artificial Intelligence (AREA)
  • Computer Vision & Pattern Recognition (AREA)
  • General Physics & Mathematics (AREA)
  • Theoretical Computer Science (AREA)
  • Mobile Radio Communication Systems (AREA)
  • Storage Device Security (AREA)

Abstract

A server and intelligent terminal based on the electronic card information security transmission verification method, communicate with server through the intelligent terminal of the user, carry on the mutual information of two-way through the two-dimensional code between intelligent terminal and the electronic card reading apparatus, the electronic card reading apparatus and server do not need to carry on the direct network communication to realize the information interaction, the drawback to need to carry on information transmission and analysis through the dedicated line of the verification method of the traditional electronic card is improved; and the information is encrypted and transmitted in sections, so that all information can be effectively transmitted, and the safety of information transmission is ensured. The server and the intelligent terminal based on the electronic card information safety transmission verification method can avoid that the related information of the electronic card cannot be obtained due to the fact that a special network is broken or the server cannot respond in time when being busy, and improve the efficiency and the safety of electronic card information transmission verification.

Description

Server and intelligent terminal based on electronic card information safety transmission verification method
The application is a divisional application of an invention patent application with the application date of 2019, 1, and 30, the application number of 201910093593.3 and the name of 'a method for verifying the safe transmission of electronic card information'.
Technical Field
The invention relates to the field of information transmission verification methods, in particular to a server and an intelligent terminal based on an electronic card information safety transmission verification method.
Background
At present, after the electronic card reading device scans, a computer connected to the electronic card reading device generally needs to transmit code scanning information to a corresponding server through a dedicated network, the server decodes the code scanning information to obtain user-related information, and then returns the user information to the electronic card reading device through the dedicated network to verify the electronic card, and the process of the electronic card verification can refer to fig. 1.
The existing electronic card verification method has certain limitations, transmission verification can be performed only by accessing a server through a special network, and electronic card business transaction terminals in many scenes such as government departments, hospitals and the like only have internal networks, are not in the same type of network with the server of the electronic card, and cannot be connected with corresponding external servers to perform verification of electronic card information, so that the business transaction terminals cannot analyze the electronic card information. Even if some scenes have corresponding external network authorities and can access an external server through a special network, when a special network line is broken or the server is busy, the service handling terminal cannot continuously check and acquire information, and the field service handling of a user is seriously influenced.
Therefore, the present disclosure provides a server and an intelligent terminal based on an electronic card information security transmission verification method to solve the above problems.
Disclosure of Invention
In order to solve the defects in the prior art, the invention provides the server and the intelligent terminal based on the electronic card information safety transmission verification method, the intelligent terminal is used for completing the bidirectional verification and information transmission between the electronic card business handling terminal and the server so as to break the limitation of a special network, avoid the electronic card information from being identified and acquired due to the fault of the special network or the busy server, and simultaneously ensure the safety and reliability of the electronic card information transmission.
In order to achieve the above object, the present invention provides a server based on an electronic card information security transmission verification method, where the electronic card information security transmission verification method executed by the server includes the following steps:
s100: receiving a service request and verifying the validity of user service request information, wherein the request at least comprises user information bound by an electronic card;
s200: verifying the legality of the electronic card reading device, returning the legality verification information of the electronic card reading device, and executing the step S300 if the verification is successful;
s300: receiving an operation random number, an equipment ID and a PSAM card ID which are acquired after a two-dimensional code is scanned by an intelligent terminal, wherein the two-dimensional code is generated by the following steps: firstly, generating an operation random number through electronic card reading equipment and recording the operation random number, and then generating a two-dimensional code comprising the operation random number, equipment ID and PSAM card ID through a computer;
s400: responding to a service request of the intelligent terminal, retrieving user information bound by the electronic card, and calculating a corresponding secret key according to the PSAM card ID acquired in the step S300;
s500: encrypting the user information, adding an operation random number and performing segmentation processing to obtain segmented messages of the user information, and respectively sending the segmented messages to the intelligent terminal; wherein, the encryption is carried out by adopting the key calculated in the step S400;
s600: sending each segment of message to an intelligent terminal, and gradually converting each segment of message into a two-dimensional code for display; the electronic card reading equipment scans and identifies the two-dimensional code to obtain a segmented message; after all the segmented messages are received, decrypting and combining the segmented messages, verifying whether the analyzed operation random number is consistent with the operation random number stored in the electronic card reading device or not, if so, passing the verification, and then transmitting the user information to a computer;
s700: after the verification of the electronic card user information is completed, a business system in the computer carries out corresponding business operation according to the received user information;
the method for verifying the validity of the electronic card reading device in step S200 specifically includes the following steps:
s201: generating and storing a verification random number, then sending the verification random number to an intelligent terminal, displaying the verification random number in a two-dimensional code form through the intelligent terminal, scanning and identifying the two-dimensional code on the intelligent terminal by a subsequent electronic card identifying and reading device to obtain the verification random number, encrypting the verification random number through a PSAM card arranged in the electronic card identifying and reading device to obtain an encrypted random number, finally sending the encrypted random number obtained by processing to a computer connected with the electronic card identifying and reading device by the electronic card identifying and reading device, and displaying the encrypted random number in the two-dimensional code form on a computer display,
s202: receiving data converted by a two-dimensional code on a scanning computer of the intelligent terminal, decrypting the encrypted random number, comparing the obtained decrypted random number with the sent verification random number, and if the obtained decrypted random number is the same as the sent verification random number, representing that the electronic card recognizing and reading equipment is legal and the electronic card recognizing and reading equipment is verified successfully;
the method for returning the validity verification information of the electronic card reading device in the step S200 specifically includes the following steps: and returning equipment verification information to the intelligent terminal, generating a corresponding two-dimensional code through the intelligent terminal, and scanning the code by the electronic card reading equipment to identify the two-dimensional code on the intelligent terminal so as to obtain the returned validity verification information of the electronic card reading equipment.
In some embodiments, the specific step of obtaining the segmented packet of the user information in step S500 may adopt any one of the following processing methods:
1. encrypting user information, segmenting the encrypted user information, adding an operation random number and a serial number identifier into the head of each segment of message, and adding an end identifier into the last segment of message; and encrypting each segment of message added with the operation random number again to obtain a segment message of the user information.
2. Firstly encrypting user information, segmenting the encrypted user information, adding an operation random number and a serial number identifier at the head of each segment of message, and adding an end identifier in the last segment of message to obtain a segmented message of the user information.
3. Firstly, adding an operation random number into the head of user information, encrypting the user information added with the operation random number, segmenting the encrypted user information, adding a serial number identifier into each segment of message, and adding an end identifier into the last segment of message to obtain a segmented message of the user information.
4. Firstly, segmenting user information, adding an operation random number and a serial number identifier into the head of each segment of message, and adding an end identifier into the last segment of message; and encrypting each segment of information respectively to obtain a segmented message of the user information.
In some embodiments, in step S600, the electronic card reading device scans and identifies the two-dimensional code on the intelligent terminal one by one to obtain the segmented message. In addition, the electronic card reading device can be a multi-card intelligent terminal.
In order to achieve the above object, the present invention further provides an intelligent terminal based on the electronic card information security transmission verification method, wherein the electronic card information security transmission verification method executed by the intelligent terminal includes the following steps:
s100: sending a service request to a server so that the server verifies the validity of user service request information, the server verifies the validity of the electronic card reading equipment and returns the validity verification information of the electronic card reading equipment, and if the verification is successful, executing a step S200, wherein the request at least comprises user information bound by the electronic card;
s200: scanning the two-dimensional code to obtain an operation random number, a device ID and a PSAM card ID, wherein the two-dimensional code is generated by the following steps: firstly, generating an operation random number through electronic card reading equipment and recording the operation random number, and then generating a two-dimensional code comprising the operation random number, equipment ID and PSAM card ID through a computer;
s300: the sent service request is responded by the server, the server retrieves the user information bound by the electronic card, and a corresponding key is calculated according to the PSAM card ID obtained in the step S200;
s400: receiving a segmented message from a server, wherein the segmented message is generated by the following steps: the server encrypts the user information, adds the operation random number and performs segmentation processing to obtain a segmented message of the user information, wherein the encryption is performed by adopting the key calculated in the step S300;
s500: acquiring each segment of message from a server, and gradually converting each segment of message into a two-dimensional code for display;
s600: the electronic card reading equipment scans and identifies the two-dimensional code to obtain a segmented message; after all the segmented messages are received, decrypting and combining the segmented messages, verifying whether the analyzed operation random number is consistent with the operation random number stored in the electronic card reading device or not, if so, passing the verification, and then transmitting the user information to a computer;
s700: the verification of the electronic card user information is completed, and a business system in the computer performs corresponding business operation according to the received user information;
the method for verifying the validity of the electronic card reading device in step S100 specifically includes the following steps:
s101: receiving a verification random number from a server and displaying the verification random number in a two-dimensional code form, wherein the verification random number is generated by the server and stored in the server;
s102: the electronic card reading equipment scans and identifies the two-dimensional code on the intelligent terminal to obtain a verification random number; encrypting the verification random number through a PSAM card installed in the electronic card reading device to obtain an encrypted random number;
s103: the electronic card reading equipment sends the encrypted random number obtained by processing to a computer connected with the electronic card reading equipment, and displays the encrypted random number on a computer display in a two-dimensional code mode;
s104: scanning a two-dimensional code on a computer, converting the two-dimensional code into data and sending the data to a server, decrypting the encrypted random number by the server, comparing the obtained decrypted random number with the sent verification random number, and if the two-dimensional code is the same as the verification random number, indicating that the electronic card recognizing and reading equipment is legal and the electronic card recognizing and reading equipment is successfully verified;
the method for returning the validity verification information of the electronic card reading device in step S100 specifically includes the following steps: and receiving the equipment verification information sent by the server, generating a corresponding two-dimension code, and scanning the two-dimension code on the intelligent terminal by the electronic card reading equipment to acquire the returned validity verification information of the electronic card reading equipment.
According to the server and the intelligent terminal based on the electronic card information safety transmission verification method, the intelligent terminal of a user is communicated with the server, bidirectional information interaction is carried out between the intelligent terminal and the electronic card reading device through the two-dimensional code, information interaction can be realized between the electronic card reading device and the server without direct network communication, and the defect that the traditional electronic card verification method needs information transmission and analysis through a special line is overcome; and the information is encrypted and transmitted in sections, so that all information can be effectively transmitted, and the safety of information transmission is ensured. The method for verifying the safe transmission of the electronic card information does not need to use a special network, can avoid the situation that the related information of the electronic card cannot be obtained due to the fact that the special network is broken or a server is busy and cannot respond in time, and improves the efficiency and the safety of the electronic card information transmission verification.
Drawings
In order to more clearly illustrate the embodiments of the present invention or the technical solutions in the prior art, the drawings used in the description of the embodiments or the prior art will be briefly described below, it is obvious that the drawings in the following description are only some embodiments of the present invention, and for those skilled in the art, other drawings can be obtained according to the drawings without creative efforts.
FIG. 1 is a diagram illustrating a conventional method for verifying information transmission of an electronic card;
FIG. 2 is a schematic diagram of a method for verifying secure transmission of electronic card information according to the present invention;
fig. 3 is a schematic flow chart of a method for verifying secure transmission of electronic card information according to the present invention.
Detailed Description
In order to make the objects, technical solutions and advantages of the embodiments of the present invention clearer, the technical solutions in the embodiments of the present invention will be clearly and completely described below with reference to the drawings in the embodiments of the present invention, and it is obvious that the described embodiments are some, but not all, embodiments of the present invention. All other embodiments, which can be derived by a person skilled in the art from the embodiments given herein without making any creative effort, shall fall within the protection scope of the present invention.
The embodiment of the invention provides a server and an intelligent terminal based on a safety transmission verification method of electronic card information, wherein the safety transmission verification method of the electronic card information executed by the server and the intelligent terminal can be used for users of electronic cards such as an electronic social security card, an electronic medical security card, an electronic identity card, an electronic health card and the like, and the authentication of the electronic card is carried out on a business handling terminal so that the business handling terminal can safely obtain user information of the electronic card from the server; the business handling terminal in the embodiment of the invention can be a computer or a self-service machine connected with electronic card reading equipment.
As shown in fig. 2 and fig. 3, a flow chart of a method for verifying secure transmission of electronic card information according to an embodiment of the present invention includes the following steps:
s100: the mobile intelligent terminal sends a service request to the server, wherein the request at least comprises user information bound by the electronic card;
specifically, the mobile intelligent terminal is a mobile intelligent terminal bound with an electronic card, at least has the functions of displaying, shooting and communicating, and can be a mobile phone, a notebook computer or a PAD; the method comprises the steps that a user holding the electronic card operates on a mobile intelligent terminal bound with the electronic card, and sends a service request to a server, wherein the service request at least comprises user information bound with the electronic card.
S200: the server verifies the validity of the user service request information;
specifically, after receiving a service request sent by the mobile intelligent terminal, the server verifies the validity of the service request information, including whether the requested electronic card user information exists or not, whether the state of the electronic card user information allows the corresponding service request or not, and the like; if the user service request information is invalid, returning the information of failed verification; if the user service request information is valid, step S300 is performed.
S300: the server verifies the legality of the electronic card reading equipment and returns the legality verification information of the electronic card reading equipment, and if the verification is successful, the step S400 is executed;
specifically, after verifying that the user service request information is valid, the server needs to verify whether an electronic card reading device of the service handling terminal is legal or not before responding to the service request; the specific verification method comprises the following steps:
s301, a server generates a verification random number and stores the verification random number in the server, the verification random number is sent to the mobile intelligent terminal, and the verification random number is displayed in a two-dimensional code form through the mobile intelligent terminal;
s302, scanning and identifying a two-dimensional code on the mobile intelligent terminal by the electronic card identifying and reading equipment to obtain a verification random number; encrypting the verification random number through a PSAM card installed in the electronic card reading device to obtain an encrypted random number;
s303, the electronic card reading device sends the encrypted random number obtained by processing to a computer connected with the electronic card reading device, and the encrypted random number is displayed on a computer display in a two-dimensional code mode;
s304, the mobile intelligent terminal scans the two-dimensional code on the computer, converts the two-dimensional code into data and sends the data to the server, the server decrypts the encrypted random number, compares the obtained encrypted random number with the sent verification random number, and if the two-dimensional code is the same as the verification random number, the electronic card recognizing and reading device is legal and the electronic card recognizing and reading device is successful in verification;
after the server completes the validity verification of the electronic card reading equipment, equipment verification information is returned to the mobile intelligent terminal, then the verification information is generated into a corresponding two-dimensional code through the mobile intelligent terminal, and the electronic card reading equipment scans the two-dimensional code on the mobile intelligent terminal to acquire the returned validity verification information of the electronic card reading equipment. If the returned information is successful, step S400 is executed, and if the verification fails, the process is ended.
S400: the electronic card reading device generates and records an operation random number, then generates a two-dimensional code comprising the operation random number, a device ID and a PSAM card ID through a computer, and sends the two-dimensional code to a server after the code scanning of the mobile intelligent terminal is obtained;
specifically, after the validity verification of the electronic card reading device is successful, the electronic card reading device generates and records an operation random number, then generates a two-dimensional code comprising the operation random number, the device ID of the electronic card reading device, the PSAM card ID and other information in the electronic card reading device through a computer, scans the code by a mobile intelligent terminal to obtain corresponding information, and then sends the information to a server; preferably, the operation random number, the equipment ID and the PSAM card ID acquired by scanning the code by the mobile intelligent terminal are encrypted and then sent to the server; the operation random number is a numerical value used by the PSAM card for recording the current operation, has 32 bits in total, and can be randomly generated when each operation is started until the operation is completed or abandoned in the middle; the operation random number is used for being added into user information to be sent by the server to ensure that the user information sent by the server can be used only once, so that the user information sent by the server is prevented from being stored for multiple times; the device ID of the electronic identification device and the PSAM card ID are used for ensuring that the server can sense and record field information of each service transaction, such as the position of the used device.
S500: the server responds to the service request of the mobile intelligent terminal, retrieves the user information bound by the electronic card, and deduces a corresponding secret key according to the PSAM card ID obtained from the step S400;
specifically, after receiving the operation random number returned by the electronic card reading device, the device ID of the electronic reading device, the PSAM card ID inside the electronic reading device, and other information, the server retrieves the user information bound to the corresponding electronic card according to the service request sent by the mobile intelligent terminal in the corresponding step S100; and according to the PSAM card ID obtained in step S400, a key corresponding to the PSAM card is calculated (each PSAM card has its own unique key for decrypting the packet).
S600: the server encrypts the user information, adds the random number of the operation and carries out segmentation processing on the user information to obtain segmented messages of the user information, and the segmented messages are respectively sent to the mobile intelligent terminal; the encryption is performed by using the key calculated in step S500.
Specifically, after the server retrieves the corresponding user information, the server encrypts the user information, adds an operation random number and performs segmentation processing on the user information; specifically, any one of the following processing methods may be adopted:
1. encrypting user information, segmenting the encrypted user information, adding an operation random number and a serial number identifier into the head of each segment of message, and adding an end identifier into the last segment of message; and encrypting each segment of message added with the operation random number again to obtain a segment message of the user information.
2. Encrypting user information, segmenting the encrypted user information, adding an operation random number and a serial number identifier into the head of each segment of message, and adding an end identifier into the last segment of message to obtain a segmented message of the user information.
3. Firstly, adding an operation random number into the head of user information, encrypting the user information added with the operation random number, segmenting the encrypted user information, adding a serial number identifier into each segment of message, and adding an end identifier into the last segment of message to obtain a segmented message of the user information.
4. Firstly, segmenting user information, adding an operation random number and a serial number identifier into the head of each segment of message, and adding an end identifier into the last segment of message; and encrypting each segment of information respectively to obtain a segmented message of the user information.
The segmentation processing divides the data of the user information into a plurality of segments according to the set data length, for example, if the total data of the user information is 1024 bytes, the length of each segment of data is set to be 400 bytes, the user can be divided into 3 segments of messages in total, and the part with the insufficient length is filled with 0.
And after the user information is encrypted, added with the operation random number and subjected to segmentation processing, a plurality of segments of segmented messages are formed and are respectively sent to the mobile intelligent terminal.
S700: the mobile intelligent terminal acquires each segment of message from the server and converts each segment of message into a two-dimensional code to display one by one;
specifically, the mobile intelligent terminal obtains each segment of the user information generated in step S600 from the server, and converts each segment of the user information into a two-dimensional code to be displayed successively according to the serial number identifier and the end identifier in each segment of the user information.
S800: the electronic card recognizing and reading equipment successively scans and recognizes the two-dimensional code on the mobile intelligent terminal to obtain a segmented message; after all the segmented messages are received, decrypting and combining the segmented messages, verifying whether the analyzed operation random number is consistent with the operation random number stored in the electronic card reading device or not, if so, passing the verification, and then transmitting the user information to a computer;
specifically, the electronic card reading device successively scans and identifies two-dimensional codes containing all the segmented messages on the mobile intelligent terminal, segmented message data in the two-dimensional codes are obtained, when all the segmented messages are received, the electronic card reading device decrypts the obtained segmented messages, and then merges the segmented messages according to serial number identifications and end identifications in the segmented messages, or merges the segmented messages according to serial number identifications and end identifications in the segmented messages, and then decrypts the segmented messages to obtain complete user information and operation random numbers added in the step S600; the specific decryption and combination sequence can be adjusted according to the message generation mode of each segment of the user information adopted in the step S600; verifying whether the operation random number carried in the analyzed message is consistent with the operation random number recorded in the step S400; if the user information is consistent, the user information is considered to be valid, and then the user information is transmitted to the computer.
S900: and (4) completing the verification of the electronic card user information, and carrying out corresponding business operation by a business system in the computer according to the received user information.
Specifically, the computer receives the user information sent by the electronic card reading device, and completes the verification of the electronic card user information, so that the user can perform corresponding business operation through a business system in the computer.
According to the safe transmission verification method of the electronic card information, the mobile intelligent terminal of a user is communicated with the server, bidirectional information interaction is carried out between the mobile intelligent terminal and the electronic card reading device through the two-dimensional code, information interaction can be realized between the electronic card reading device and the server without direct network communication, and the defect that the traditional electronic card verification method needs information transmission and analysis through a special line is overcome; and the information is encrypted and transmitted in segments, so that the safety of information transmission is ensured while all information can be effectively transmitted. According to the method for verifying the safe transmission of the electronic card information, a special network is not needed, the situation that the relevant information of the electronic card cannot be obtained due to the fact that the special network is broken or a server is busy and cannot respond in time can be avoided, and the efficiency and the safety of the electronic card information transmission verification are improved.
Although terms such as electronic card, electronic card reading device, transaction terminal, server, mobile intelligent terminal, etc. are used more often herein, the possibility of using other terms is not excluded, for example: besides the mobile intelligent terminal, other intelligent terminals can be used. These terms are used merely to more conveniently describe and explain the nature of the present invention; they are to be construed as being without limitation to any additional limitations that may be imposed by the spirit of the present invention.
Finally, it should be noted that: the above embodiments are only used to illustrate the technical solution of the present invention, and not to limit the same; while the invention has been described in detail and with reference to the foregoing embodiments, it will be understood by those skilled in the art that: the technical solutions described in the foregoing embodiments may still be modified, or some or all of the technical features may be equivalently replaced; and the modifications or the substitutions do not make the essence of the corresponding technical solutions depart from the scope of the technical solutions of the embodiments of the present invention.

Claims (6)

1. A server based on an electronic card information security transmission verification method is characterized in that: the electronic card information safety transmission verification method executed by the server comprises the following steps:
s100: receiving a service request and verifying the validity of user service request information, wherein the request at least comprises user information bound by an electronic card;
s200: verifying the legality of the electronic card reading device, returning the legality verification information of the electronic card reading device, and executing the step S300 if the verification is successful;
s300: receiving an operation random number, an equipment ID and a PSAM card ID which are acquired after a two-dimensional code is scanned by an intelligent terminal, wherein the two-dimensional code is generated by the following steps: firstly, generating an operation random number through electronic card reading equipment and recording the operation random number, and then generating a two-dimensional code comprising the operation random number, equipment ID and PSAM card ID through a computer;
s400: responding to a service request of the intelligent terminal, retrieving user information bound by the electronic card, and calculating a corresponding secret key according to the PSAM card ID acquired in the step S300;
s500: encrypting the user information, adding an operation random number and performing segmentation processing to obtain segmented messages of the user information, and respectively sending the segmented messages to the intelligent terminal; wherein, the encryption is carried out by adopting the key calculated in the step S400;
s600: sending each segment of message to an intelligent terminal, and gradually converting each segment of message into a two-dimensional code for display; the electronic card reading equipment scans and identifies the two-dimensional code to obtain a segmented message; after all the segmented messages are received, decrypting and combining the segmented messages, verifying whether the analyzed operation random number is consistent with the operation random number stored in the electronic card reading device or not, if so, passing the verification, and then transmitting the user information to a computer;
s700: after the verification of the electronic card user information is completed, a business system in the computer carries out corresponding business operation according to the received user information;
the method for verifying the validity of the electronic card reading device in step S200 specifically includes the following steps:
s201: generating and storing a verification random number, then sending the verification random number to an intelligent terminal, displaying the verification random number in a two-dimensional code form through the intelligent terminal, scanning and identifying the two-dimensional code on the intelligent terminal by a subsequent electronic card identifying and reading device to obtain the verification random number, encrypting the verification random number through a PSAM card arranged in the electronic card identifying and reading device to obtain an encrypted random number, finally sending the encrypted random number obtained by processing to a computer connected with the electronic card identifying and reading device by the electronic card identifying and reading device, and displaying the encrypted random number in the two-dimensional code form on a computer display,
s202: receiving data converted by a two-dimensional code on a scanning computer of the intelligent terminal, decrypting the encrypted random number, comparing the obtained decrypted random number with the sent verification random number, and if the obtained decrypted random number is the same as the sent verification random number, representing that the electronic card recognizing and reading equipment is legal and the electronic card recognizing and reading equipment is verified successfully;
the method for returning the validity verification information of the electronic card reading device in the step S200 specifically includes the following steps: and returning equipment verification information to the intelligent terminal, generating a corresponding two-dimensional code through the intelligent terminal, and scanning the code by the electronic card reading equipment to identify the two-dimensional code on the intelligent terminal so as to obtain the returned validity verification information of the electronic card reading equipment.
2. The server according to claim 1, wherein the server comprises: the specific steps of obtaining the segment message of the user information in step S500 include:
encrypting user information, segmenting the encrypted user information, adding an operation random number and a serial number identifier into the head of each segment of message, and adding an end identifier into the last segment of message; encrypting each segment of message added with the operation random number again to obtain a segmented message of the user information;
or, encrypting the user information, segmenting the encrypted user information, adding an operation random number and a serial number identifier into the head of each segment of the message, and adding an end identifier into the last segment of the message to obtain a segmented message of the user information;
or, firstly adding an operation random number into the head of the user information, encrypting the user information added with the operation random number, segmenting the encrypted user information, adding a serial number identifier into each segment of message, and adding an end identifier into the last segment of message to obtain a segmented message of the user information;
or, the user information is segmented, the operation random number and the serial number identification are added to the head of each segment of the message, and the ending identification is added to the last segment of the message; and encrypting each segment of information respectively to obtain a segmented message of the user information.
3. The server according to claim 1, wherein the server comprises: in step S600, the electronic card reading device scans and identifies the two-dimensional code on the intelligent terminal one by one to obtain the segmented message.
4. An intelligent terminal based on an electronic card information safety transmission verification method is characterized in that: the electronic card information safety transmission verification method executed by the intelligent terminal comprises the following steps:
s100: sending a service request to a server so that the server verifies the validity of user service request information, the server verifies the validity of the electronic card reading equipment and returns the validity verification information of the electronic card reading equipment, and if the verification is successful, executing a step S200, wherein the request at least comprises user information bound by the electronic card;
s200: scanning the two-dimensional code to obtain an operation random number, a device ID and a PSAM card ID, wherein the two-dimensional code is generated by the following steps: firstly, generating an operation random number through electronic card reading equipment and recording the operation random number, and then generating a two-dimensional code comprising the operation random number, equipment ID and PSAM card ID through a computer;
s300: the sent service request is responded by the server, the server retrieves the user information bound by the electronic card, and a corresponding key is calculated according to the PSAM card ID obtained in the step S200;
s400: receiving a segmented message from a server, wherein the segmented message is generated by the following steps: the server encrypts the user information, adds the operation random number and performs segmentation processing to obtain a segmented message of the user information, wherein the encryption is performed by adopting the key calculated in the step S300;
s500: acquiring each segment of message from a server, and gradually converting each segment of message into a two-dimensional code for display;
s600: the electronic card reading equipment scans and identifies the two-dimensional code to obtain a segmented message; after all the segmented messages are received, decrypting and combining the segmented messages, verifying whether the analyzed operation random number is consistent with the operation random number stored in the electronic card reading device or not, if so, passing the verification, and then transmitting the user information to a computer;
s700: the verification of the electronic card user information is completed, and a business system in the computer performs corresponding business operation according to the received user information;
the method for verifying the validity of the electronic card reading device in step S100 specifically includes the following steps:
s101: receiving a verification random number from a server and displaying the verification random number in a two-dimensional code form, wherein the verification random number is generated by the server and stored in the server;
s102: the electronic card reading equipment scans and identifies the two-dimensional code on the intelligent terminal to obtain a verification random number; encrypting the verification random number through a PSAM card installed in the electronic card reading device to obtain an encrypted random number;
s103: the electronic card reading equipment sends the encrypted random number obtained by processing to a computer connected with the electronic card reading equipment, and displays the encrypted random number on a computer display in a two-dimensional code mode;
s104: scanning a two-dimensional code on a computer, converting the two-dimensional code into data and sending the data to a server, decrypting the encrypted random number by the server, comparing the obtained decrypted random number with the sent verification random number, and if the two-dimensional code is the same as the verification random number, indicating that the electronic card recognizing and reading equipment is legal and the electronic card recognizing and reading equipment is successfully verified;
the method for returning the validity verification information of the electronic card reading device in step S100 specifically includes the following steps: and receiving the equipment verification information sent by the server, generating a corresponding two-dimension code, and scanning the two-dimension code on the intelligent terminal by the electronic card reading equipment to acquire the returned validity verification information of the electronic card reading equipment.
5. The intelligent terminal based on the electronic card information secure transmission verification method according to claim 4, wherein: the step of generating the segment packet in step S400 includes:
the server encrypts user information, segments the encrypted user information, adds an operation random number and a serial number identifier to the head of each segment of the message, and adds an end identifier to the last segment of the message; encrypting each segment of message added with the operation random number again to obtain a segmented message of the user information;
or the server encrypts the user information first, segments the encrypted user information, adds an operation random number and a serial number identifier to the head of each segment of the message, and adds an end identifier to the last segment of the message to obtain a segmented message of the user information;
or, the server adds the user information head into the operation random number, encrypts the user information added with the operation random number, segments the encrypted user information, adds a serial number mark into each segment of message, and adds an end mark into the last segment of message to obtain a segmented message of the user information;
or, the server segments the user information, adds the operation random number and the serial number identification into the head of each segment of the message, and adds the end identification into the last segment of the message; and encrypting each segment of information respectively to obtain a segmented message of the user information.
6. The intelligent terminal based on the electronic card information secure transmission verification method according to claim 4, wherein: in step S600, the electronic card reading device scans and identifies the two-dimensional code on the intelligent terminal one by one to obtain the segmented message.
CN202210445502.XA 2019-01-30 2019-01-30 Server and intelligent terminal based on electronic card information safety transmission verification method Pending CN114900832A (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
CN202210445502.XA CN114900832A (en) 2019-01-30 2019-01-30 Server and intelligent terminal based on electronic card information safety transmission verification method

Applications Claiming Priority (2)

Application Number Priority Date Filing Date Title
CN202210445502.XA CN114900832A (en) 2019-01-30 2019-01-30 Server and intelligent terminal based on electronic card information safety transmission verification method
CN201910093593.3A CN109831782B (en) 2019-01-30 2019-01-30 Safety transmission verification method for electronic card information

Related Parent Applications (1)

Application Number Title Priority Date Filing Date
CN201910093593.3A Division CN109831782B (en) 2019-01-30 2019-01-30 Safety transmission verification method for electronic card information

Publications (1)

Publication Number Publication Date
CN114900832A true CN114900832A (en) 2022-08-12

Family

ID=66863139

Family Applications (2)

Application Number Title Priority Date Filing Date
CN202210445502.XA Pending CN114900832A (en) 2019-01-30 2019-01-30 Server and intelligent terminal based on electronic card information safety transmission verification method
CN201910093593.3A Active CN109831782B (en) 2019-01-30 2019-01-30 Safety transmission verification method for electronic card information

Family Applications After (1)

Application Number Title Priority Date Filing Date
CN201910093593.3A Active CN109831782B (en) 2019-01-30 2019-01-30 Safety transmission verification method for electronic card information

Country Status (1)

Country Link
CN (2) CN114900832A (en)

Families Citing this family (3)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN111917875A (en) * 2020-07-31 2020-11-10 展讯通信(上海)有限公司 Offline file transmission method and system
CN111914970A (en) * 2020-08-17 2020-11-10 国网浙江杭州市余杭区供电有限公司 Two-dimensional code-based large-data-volume data transmission method
WO2022099683A1 (en) * 2020-11-16 2022-05-19 华为云计算技术有限公司 Data transmission method and apparatus, device, system, and storage medium

Family Cites Families (10)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN101398951B (en) * 2007-09-28 2012-01-25 中国移动通信集团公司 Electronic card verification method and electronic card service platform
CN101414373B (en) * 2007-10-15 2016-06-29 中国移动通信集团公司 Electronic cards verification method and system
JP3184554U (en) * 2013-04-19 2013-07-04 有限会社ノア Age identification and recognition system
CN103366111B (en) * 2013-07-10 2016-02-24 公安部第三研究所 Mobile device realizes the method for smart card extended authentication control based on Quick Response Code
CN104618117B (en) * 2015-02-04 2018-06-12 北京奇虎科技有限公司 The identification authentication system and method for smart card device based on Quick Response Code
CN205427909U (en) * 2015-12-16 2016-08-03 广东楚天龙智能卡有限公司 Smart card reading and writing terminal with two -dimensional code
CN105654295A (en) * 2015-12-29 2016-06-08 中国建设银行股份有限公司 Transaction control method and client
CN107666460B (en) * 2016-07-27 2020-04-17 真相网络科技(北京)有限公司 Remote intelligent evidence obtaining system and method based on mobile internet
CN106971311A (en) * 2017-04-26 2017-07-21 长春市万易科技有限公司 A kind of false proof traceability system of logistics Means of Agricultural Production and method
CN108647538A (en) * 2018-04-09 2018-10-12 天津中兴智联科技有限公司 A kind of hand held readers system based on voice prompt

Also Published As

Publication number Publication date
CN109831782A (en) 2019-05-31
CN109831782B (en) 2022-05-24

Similar Documents

Publication Publication Date Title
CN103201998B (en) For the protection of the data processing of the local resource in mobile device
CN110086608A (en) User authen method, device, computer equipment and computer readable storage medium
US9781109B2 (en) Method, terminal device, and network device for improving information security
US9165149B2 (en) Use of a mobile telecommunication device as an electronic health insurance card
CN106850209A (en) A kind of identity identifying method and device
CN109831782B (en) Safety transmission verification method for electronic card information
CN106131080A (en) The method and device of transmission medical image data
CN104424676A (en) Identity information sending method, identity information sending device, access control card reader and access control system
CN105765941A (en) Illegal access server prevention method and device
CN106161224B (en) Method for interchanging data, device and equipment
CN110266653B (en) Authentication method, system and terminal equipment
CN109391473B (en) Electronic signature method, device and storage medium
KR101379711B1 (en) Method for file encryption and decryption using telephone number
CN114500061A (en) Data transmission method, Internet of things system, electronic device and storage medium
CN213122985U (en) PIS authentication system
CN113890724A (en) Access authentication method and system for power Internet of things communication equipment
CN114666786A (en) Identity authentication method and system based on telecommunication smart card
CN115865495A (en) Data transmission control method and device, electronic equipment and readable storage medium
CN114492489B (en) NFC label verification system based on dynamic data
CN112039921B (en) Verification method for parking access, parking user terminal and node server
CN111783070B (en) File information acquisition method, device, equipment and storage medium based on block chain
CN112910837B (en) Identity authentication method and system based on communication network and readable storage medium thereof
CN112417424A (en) Authentication method and system for power terminal
CN116132072B (en) Security authentication method and system for network information
CN114598478B (en) Data encryption method, device, electronic equipment and storage medium

Legal Events

Date Code Title Description
PB01 Publication
PB01 Publication
SE01 Entry into force of request for substantive examination
SE01 Entry into force of request for substantive examination