CN115474192A - Authorization binding method based on film card cloud SDK system - Google Patents

Authorization binding method based on film card cloud SDK system Download PDF

Info

Publication number
CN115474192A
CN115474192A CN202210976436.9A CN202210976436A CN115474192A CN 115474192 A CN115474192 A CN 115474192A CN 202210976436 A CN202210976436 A CN 202210976436A CN 115474192 A CN115474192 A CN 115474192A
Authority
CN
China
Prior art keywords
card
film
sdk
authorization
data
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Pending
Application number
CN202210976436.9A
Other languages
Chinese (zh)
Inventor
孙宏宇
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
Shanghai Fangfutong Technology Service Co ltd
Original Assignee
Shanghai Fangfutong Technology Service Co ltd
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Shanghai Fangfutong Technology Service Co ltd filed Critical Shanghai Fangfutong Technology Service Co ltd
Priority to CN202210976436.9A priority Critical patent/CN115474192A/en
Publication of CN115474192A publication Critical patent/CN115474192A/en
Pending legal-status Critical Current

Links

Images

Classifications

    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04WWIRELESS COMMUNICATION NETWORKS
    • H04W12/00Security arrangements; Authentication; Protecting privacy or anonymity
    • H04W12/04Key management, e.g. using generic bootstrapping architecture [GBA]
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04WWIRELESS COMMUNICATION NETWORKS
    • H04W12/00Security arrangements; Authentication; Protecting privacy or anonymity
    • H04W12/04Key management, e.g. using generic bootstrapping architecture [GBA]
    • H04W12/043Key management, e.g. using generic bootstrapping architecture [GBA] using a trusted network node as an anchor
    • H04W12/0431Key distribution or pre-distribution; Key agreement
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04WWIRELESS COMMUNICATION NETWORKS
    • H04W12/00Security arrangements; Authentication; Protecting privacy or anonymity
    • H04W12/04Key management, e.g. using generic bootstrapping architecture [GBA]
    • H04W12/043Key management, e.g. using generic bootstrapping architecture [GBA] using a trusted network node as an anchor
    • H04W12/0433Key management protocols
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04WWIRELESS COMMUNICATION NETWORKS
    • H04W12/00Security arrangements; Authentication; Protecting privacy or anonymity
    • H04W12/40Security arrangements using identity modules
    • H04W12/48Security arrangements using identity modules using secure binding, e.g. securely binding identity modules to devices, services or applications

Landscapes

  • Engineering & Computer Science (AREA)
  • Computer Security & Cryptography (AREA)
  • Computer Networks & Wireless Communication (AREA)
  • Signal Processing (AREA)
  • Mobile Radio Communication Systems (AREA)

Abstract

The invention discloses an authorization binding method based on a film card cloud SDK system, which comprises the following steps: verifying whether the binding operation is authorized; in the data transparent transmission process, the film card cloud SDK randomly generates an authorization code, attaches the authorization code to a data message, encrypts and signs according to the data transparent transmission process, and forwards the data message to the film card through the film card cloud SDK background server; the film sticking card calls a film sticking card authorization binding module according to the authorization code; the film sticking card authorization binding module compares whether an authorization code input by a user of the terminal equipment to which the film sticking card belongs is consistent with an authorization code analyzed in the message; if the authorization codes are not consistent, the authorization fails; if the authorization codes are consistent, the film card authorization binding module uses the temporary UU I D data to cover the formal UU I D data, and authorization binding is successful. The potential safety hazard that a user of the mobile phone terminal is called by other people to interact by the film sticking card of the terminal under the condition of no perception is avoided.

Description

Authorization binding method based on film card cloud SDK system
Technical Field
The invention relates to the technical field of communication, in particular to an authorization binding method of a film sticking card cloud SDK (Software Development Kit) system.
Background
The film card is used as a hardware carrier and is matched with a terminal application program to provide a shield-like function for the application program, and the function is widely used in a plurality of mobile phone banking application systems. In order to solve the problem that the application on the limited terminal accesses the film-attached card at present, the applicant designs and applies for an invention patent of 'cloud SDK system of film-attached card and operation method thereof' with application number CN 202010895318.6. As shown in fig. 1, the cloud SDK system of the film card includes a terminal device, a film card, and an SDK background system. The SDK background system comprises: the system comprises a user database management module 11, a key management module 12 and a film sticking card cloud SDK background server 13. The terminal device includes: BIP channel management module 21, BIP data transceiver module 22, pad pasting card cloud SDK 23. The pad pasting card includes: an event management module 31 and a sticker card data transceiver module 32. Through the cloud SDK system of the film sticking card, the existing mobile phone system which does not support direct interaction between a mobile phone OS and the film sticking card can communicate with the film sticking card through the cloud SDK system, so that the problem that the film sticking card can not be used as hardware SE for protecting user transaction and identity authentication process of the part of mobile phone terminals is solved.
However, the operation mechanism of the cloud SDK system determines that the communication between the SDK and the film card is not direct contact transmission, and the communication needs to be forwarded through the film card cloud SDK background server. Therefore, the communication can be carried out when the SDK and the film sticking card are not simultaneously operated on the same mobile phone terminal. For example, the film card is installed on the mobile phone terminal a, the cloud terminal SDK is installed on the mobile phone terminal B, and as long as the card number of the film card on the terminal a can be taken by the SDK on the mobile phone terminal B, the SDK on the terminal B can interact with the film card on the terminal a through the film card cloud terminal SDK background server. That is, the user of the mobile phone terminal B can call the film card of the terminal a for interaction under the condition that the user of the mobile phone terminal a does not have any perception, and certain potential safety hazards exist.
Disclosure of Invention
The invention aims to provide an authorization binding method based on a film card cloud SDK system, which avoids the potential safety hazard that a user of a mobile phone terminal to which a film card belongs is called up by other people to interact without perception.
The technical scheme for realizing the purpose is as follows:
an authorization binding method based on a film card cloud SDK system is disclosed, wherein the film card cloud SDK system comprises a terminal device, a film card and an SDK background system, and the SDK background system comprises: the system comprises a user database management module, a key management module and a film sticking card cloud SDK background server; the terminal device includes: the system comprises a BIP channel management module, a BIP data transceiver module and a film sticking card cloud SDK; the pad pasting card includes: event management module and pad pasting card data transceiver module, the interactive process of terminal equipment, pad pasting card and pad pasting card high in the clouds SDK backend server includes: BIP channel binding, session key negotiation and data transparent transmission, wherein the authorization binding method comprises the following steps:
step one, verifying whether the binding operation is authorized, if so, performing normal transaction and authentication operation, and if not, performing the next step;
step two, in the process of data transparent transmission, the film card cloud SDK randomly generates an authorization code, attaches the authorization code to the data message, encrypts and signs according to the process of data transparent transmission, and forwards the data message to the film card through the film card cloud SDK background server;
step three, the film sticking card receives the transparently transmitted message, decrypts and checks the label, takes out the data message, and calls a film sticking card authorization binding module;
comparing whether an authorization code input by a user of the terminal equipment to which the film sticking card belongs is consistent with the authorization code analyzed in the message or not by the film sticking card authorization binding module; if the authorization codes are not consistent, authorization fails, and an error code is returned to the SDK background server at the cloud end of the film card and then transmitted to the terminal application of the terminal equipment; if the authorization codes are consistent, the film card authorization binding module uses the temporary UUID data to cover the formal UUID data, and authorization binding is successful.
Preferably, the first step includes:
an authorization code generation module is arranged in a cloud SDK of the film sticking card, an STK application module is arranged in terminal equipment to which the film sticking card belongs, and a film sticking card authorization binding module is arranged in the film sticking card; the method comprises the following steps that a film card authorization binding module maintains a formal UUID data, a MESN data and a temporary UUID data; the method comprises the steps that a cloud SDK of a film sticking card locally maintains UUID data and MESN data;
when the terminal application initiates a BIP channel binding operation to the film sticking card cloud SDK background server, the terminal application simultaneously transmits UUID data generated by the film sticking card cloud SDK; the method comprises the steps that UUID data transmitted by a film sticking card cloud end SDK are simultaneously transmitted when a film sticking card cloud end SDK background server negotiates a session key with a film sticking card; after receiving UUID data transmitted by a cloud SDK background server, the film sticking card uses the UUID data to cover local temporary UUID data of the film sticking card;
when the film card returns the generated session key, the MESN + formal UUID data are returned to an SDK background server at the cloud end of the film card; the film sticking card cloud SDK background server returns the received session key + MESN + UUID data to the film sticking card cloud SDK of the terminal equipment;
and the cloud SDK of the film sticking card compares whether the received MESN data is consistent with the MESN data locally maintained by the SDK, and simultaneously compares whether the received UUID data is consistent with the UUID data locally maintained by the SDK, if so, the binding operation is authorized, and if not, the next step is carried out.
Preferably, in the second step, in the process of data transparent transmission, the film card cloud SDK randomly generates an authorization code, displays the authorization code to the user through an interface of the terminal application, and simultaneously prompts the user that the user needs to perform authorization binding operation when using the device for the first time; the user confirms that the authorization code is enclosed in the data message by the film card cloud SDK.
Preferably, in the fourth step, the film sticking card authorization binding module calls up an STK application module in the terminal equipment to which the film sticking card belongs through an STK instruction, the STK application module displays an input box according to the STK instruction and prompts a user to input an authorization code; and the STK application module returns the authorization code input by the user to the adhesive film card authorization binding module.
Preferably, the film card is inserted into the mobile phone, after the mobile phone is started, the IMEI is acquired by using a PROVIDE LOCAL INFORMATION command, then the MESN is calculated, and the MESN data is used for covering the locally stored MESN data.
Preferably, the UUID in the cloud SDK of the film card is generated by calling a terminal device interface when the cloud SDK of the film card is used for the first time, the UUID generated for the first time is always used in the subsequent use, and the MESN is initially empty by default.
An authorization binding method based on a film card cloud SDK system is disclosed, wherein the film card cloud SDK system comprises a terminal device, a film card and an SDK background system, and the SDK background system comprises: the system comprises a user database management module, a key management module and a film sticking card cloud SDK background server; the terminal device includes: the system comprises a BIP channel management module, a BIP data transceiver module and a film sticking card cloud SDK; pad pasting card high in clouds SDK includes that the pad pasting card authorizes and binds the module, and the pad pasting card includes: event management module and pad pasting card data transceiver module, the interactive process of terminal equipment, pad pasting card and pad pasting card high in the clouds SDK backend server includes: BIP channel binding, session key negotiation and data transparent transmission, wherein the authorization binding method comprises the following steps:
step one, verifying whether the binding operation is authorized, if so, performing normal transaction and authentication operation, and if not, performing the next step;
step two, in the process of data transparent transmission, the film card randomly generates an authorization code, attaches the authorization code to a data message, encrypts and signs according to the process of data transparent transmission, and forwards the data message to a film card cloud SDK through a film card cloud SDK background server;
step three, the film sticking card cloud SDK decrypts and checks the label after receiving the message transmitted through, takes out the data message and calls a film sticking card authorization binding module;
comparing whether an authorization code input by a user of the terminal equipment to which the film sticking card cloud SDK belongs is consistent with an authorization code analyzed in the message or not by the film sticking card authorization binding module; if the authorization codes are not consistent, authorization fails, and an error code is returned to the SDK background server at the cloud end of the film sticking card and then is transmitted to the terminal equipment to which the film sticking card belongs; if the authorization codes are consistent, the film sticking card authorization binding module uses the temporary UUID data to cover the formal UUID data, and authorization binding is successful.
Preferably, in the second step, in the process of data transparent transmission, the film card randomly generates an authorization code, pops up an interface to be displayed to a user, and simultaneously prompts the user that authorization binding operation is required when the user uses the device for the first time; the user confirms that the film card appended the authorization code to the data message.
Preferably, in the fourth step, the film card cloud SDK displays an input box and prompts a user to input an authorization code; and the authorization code is input by the user, and the authorization code input by the user is returned to the adhesive film card authorization binding module by the adhesive film card cloud end SDK.
The invention has the beneficial effects that: according to the invention, the terminal equipment to which the terminal application belongs, the terminal equipment to which the film sticking card belongs and the film sticking card are authorized and bound, so that the potential safety hazard that a user of the mobile phone terminal is called up by other people to interact without perception is avoided.
Drawings
Fig. 1 is a block diagram of a film card cloud SDK system;
FIG. 2 is a block diagram of a film card cloud SDK system of the present invention;
FIG. 3 is a flow chart of an authorization binding method based on a cloud SDK system of a film card according to the present invention;
Detailed Description
The invention will be further explained with reference to the drawings.
Referring to fig. 1, a conventional film card cloud SDK system includes a terminal device, a film card, and an SDK backend system. The SDK background system comprises: the system comprises a user database management module 11, a key management module 12 and a film card cloud SDK background server 13. The terminal device includes: a BIP (end independent (data transmission) protocol) channel management module 21, a BIP data transceiver module 22, and a film card cloud SDK 23. The pad pasting card includes: an event management module 31 and a sticker card data transceiver module 32.
The user database management module 11 is used for managing the mobile phone number of the user and the card number of the film sticking card. The key management module 12 is used to manage session keys. The film card cloud SDK background server 13 is connected with the user database management module 11 and the key management module 12.
The BIP channel management module 21 receives and transmits channel management instructions with the film card cloud SDK backend server 13 by using the BIP protocol. The BIP data transceiver module 22 utilizes the BIP protocol to transparently transmit transaction instructions to the film card cloud SDK backend server 13. The film sticking card cloud SDK 23 is called by a terminal application and interacts information with the film sticking card cloud SDK background server 13.
The event management module 31 is connected to the BIP channel management module 21, and is configured to process a channel management instruction. The film sticking card data transceiver module 32 and the BIP data transceiver module 22 perform transaction instruction transmission and interact information with the film sticking card application.
When the terminal application background is connected with the film sticking card cloud SDK background server, the terminal application calls the film sticking card cloud SDK to realize the relevant functions of the shield, and when the film sticking card cloud SDK judges that interaction with a film sticking card is needed, the terminal application calls the film sticking card cloud SDK and interacts with the film sticking card cloud SDK background server through the network of the terminal application background;
when the terminal application background does not access the film sticking card cloud SDK background server, the terminal application calls the film sticking card cloud SDK to realize the relevant functions of the shield, and when the film sticking card cloud SDK judges that interaction with the film sticking card is needed, the terminal application calls the film sticking card cloud SDK, and the film sticking card cloud SDK directly interacts with the film sticking card cloud SDK background server through the public network. The interaction process comprises the following steps: BIP channel binding, session key negotiation and data transparent transmission.
At present, the interaction process only comprises BIP channel binding, session key negotiation and data transparent transmission. In order to avoid the potential safety hazard in the background art, for a user to whom a film sticking card belongs, when a terminal device of a certain third party (including a current device to which the film sticking card belongs) calls the film sticking card through the film sticking card cloud SDK for the first time, the user needs to be able to clearly know which terminal application on a specific terminal device is calling the film sticking card on the device through the film sticking card cloud SDK. And meanwhile, the user can make a call operation which is authorized or not, the call process can be continued until the operation is finished only if the user agrees to authorize the call operation, and otherwise, the call process is immediately terminated. Once the first transaction is authorized, the terminal device to which the terminal application belongs, the terminal device to which the film sticking card belongs, and the film sticking card itself form a stable binding relationship. As long as the binding relationship is not changed, the subsequent calling process will not have the step of authorizing the binding. Once the binding relationship changes, namely: the terminal device to which the terminal application belongs is replaced, or the terminal device to which the film card belongs is replaced (including the replacement and use of different card slots in the same device), or the film card is replaced. This results in the first call after the change triggering the authorization binding operation. Namely: and adding the authorization binding in the interaction process.
In order to achieve the above object, as shown in fig. 2-3, the authorization binding method based on the cloud SDK system of the film card of the present invention includes the following steps:
step S1, an authorization code generation module is arranged in a film sticking card cloud SDK, an STK (SIM Tool Kit) application module is arranged in a terminal device to which the film sticking card belongs, and a film sticking card authorization binding module is arranged in the film sticking card; and the authorization code generating module is used for generating an authorization code and displaying the authorization code on the terminal application interface. The STK application module is used for popping up an input prompt box and allowing a user to input an authorization code. The film sticking card authorization binding module is used for processing an authorization code binding process.
The film card authorization binding module in the film card maintains a formal UUID (Universal Unique Identifier) data and a MESN (Unique serial number of the terminal Equipment, and the Unique serial number is obtained by performing Unique mapping calculation on IMEI (International Mobile Equipment Identity)) data. The two data are default to null when leaving the factory, and a temporary UUID is also maintained, and default to null when leaving the factory;
inserting the film sticking card into a mobile phone, obtaining IMEI through a provider LOCAL INFORMATION command (referring to GSM11.14 international standard definition) after starting up, then calculating the MESN, and covering the locally stored MESN data by using the MESN data;
the film card cloud SDK also locally maintains a UUID data and a MESN data. The UUID is generated by calling a terminal equipment interface when the SDK is used for the first time, the UUID data generated for the first time is always used during subsequent use, and the MESN is initially default to be null;
s2, when the terminal application initiates a BIP channel binding operation to the film sticking card cloud SDK background server, the terminal application simultaneously transmits UUID data generated by the film sticking card cloud SDK;
the method comprises the steps that UUID data transmitted by a film sticking card cloud SDK are transmitted simultaneously when a film sticking card cloud SDK background server negotiates a session key with a film sticking card;
s3, after receiving UUID data transmitted by the cloud SDK background server, the film sticking card uses the UUID data to cover the local temporary UUID data of the film sticking card;
s4, when the film sticking card returns the generated session key, the MESN + formal UUID data are returned to the SDK background server at the cloud end of the film sticking card;
the film sticking card cloud SDK background server returns the received session key + MESN + UUID data to the film sticking card cloud SDK of the terminal equipment;
s5, comparing whether the received MESN data is consistent with the MESN data locally maintained by the SDK or not by the cloud end SDK of the film sticking card, and simultaneously comparing whether the received UUID data is consistent with the UUID data locally maintained by the SDK or not, if so, indicating that the authorization binding operation is performed before, and if not, finishing the authorization binding, and if not, performing the next step;
s6, in the data transparent transmission and packaging process, the film card cloud SDK randomly generates an authorization code, displays the authorization code to a user through an interface of a terminal application, and simultaneously prompts the user that the user needs to perform authorization binding operation when using the equipment for the first time;
the display interface is provided with cancel and confirm buttons, if a user presses a cancel key, the calling process is terminated, and the process is ended; if the user presses the confirmation key, the film card cloud SDK attaches the authorization code to the data message, and then the authorization code is encrypted and signed according to the data transparent transmission process and then is forwarded to the film card through the film card cloud SDK background server;
s7, decrypting and checking the label after the film-sticking card receives the transparently transmitted message, taking out the data message, judging whether an authorization code is contained or not, and if the authorization code is not contained, processing according to the data transparently transmitting process; if the authorization code is carried, calling the film sticking card authorization binding module to carry out the next operation;
s8, the film sticking card authorization binding module calls an STK application module in the terminal equipment to which the film sticking card belongs through an STK instruction, the STK application module displays an input frame according to the instruction requirement, and meanwhile prompts a user to input an authorization code;
s9, the input interface is provided with cancel and confirm buttons, if a user presses a cancel key, the calling process is terminated, and the process is ended; if the user inputs the authorization code and presses the confirmation key, the STK application module returns the authorization code input by the user to the film card authorization binding module;
step S10, the authorization code binding module compares whether the authorization code input by the user is consistent with the authorization code analyzed in the message; if the authorization codes are not consistent, authorization fails, the application of the film sticking card terminates the processing of other data messages, meanwhile, an error code is returned to an SDK background server at the cloud end of the film sticking card and then is transmitted to the terminal application, and the process is finished; if the authorization codes are consistent, the film card authorization binding module uses the temporary UUID data to cover the formal UUID data, the authorization binding is successful, and meanwhile, the film card application module processes other received data messages.
In addition, the steps of generating the random authorization code by the film card cloud SDK and displaying the authorization code through the terminal application interface and popping up the STK input box by the film card to prompt the user to input the authorization code can be exchanged, namely: and generating a random authorization code by the film sticking card, popping up the random authorization code by a popup window to display the authorization code to a user, and popping up an input box by a film sticking card cloud SDK applied by the terminal to prompt the user to input. Specifically, as follows, the following description will be given,
an authorization binding method based on a film card cloud SDK system is disclosed, wherein the film card cloud SDK system comprises a terminal device, a film card and an SDK background system, and the SDK background system comprises: the system comprises a user database management module, a key management module and a film sticking card cloud SDK background server; the terminal device includes: the system comprises a BIP channel management module, a BIP data transceiver module and a film sticking card cloud SDK; pad pasting card high in clouds SDK includes that the pad pasting card authorizes and binds the module, and the pad pasting card includes: event management module and pad pasting card data transceiver module, the interactive process of terminal equipment, pad pasting card and pad pasting card high in the clouds SDK backend server includes: BIP channel binding, session key negotiation and data transparent transmission, wherein the authorization binding method comprises the following steps:
step one, verifying whether the binding operation is authorized, if so, performing normal transaction and authentication operation, and if not, performing the next step;
step two, in the process of data transparent transmission, the film sticking card randomly generates an authorization code, attaches the authorization code to a data message, encrypts and signs according to the process of data transparent transmission, and forwards the data message to a film sticking card cloud SDK through a film sticking card cloud SDK background server;
in the process of data transparent transmission, the film card randomly generates an authorization code, pops up an interface to be displayed to a user, and simultaneously prompts the user that the user needs to perform authorization binding operation when using the equipment for the first time; the user confirms that the film card appended the authorization code to the data message.
Step three, decrypting and checking the label after the film sticking card cloud SDK receives the message transmitted through, taking out the data message, and calling a film sticking card authorization binding module;
comparing whether an authorization code input by a user of the terminal equipment to which the film sticking card cloud SDK belongs is consistent with an authorization code analyzed in the message or not by the film sticking card authorization binding module; if the authorization codes are not consistent, authorization fails, and an error code is returned to the SDK background server at the cloud end of the film sticking card and then is transmitted to the terminal equipment to which the film sticking card belongs; if the authorization codes are consistent, the film card authorization binding module uses the temporary UUID data to cover the formal UUID data, and authorization binding is successful.
The film card cloud SDK displays an input box and prompts a user to input an authorization code; and the authorization code is input by the user, and the authorization code input by the user is returned to the adhesive film card authorization binding module by the adhesive film card cloud end SDK.
The above embodiments are provided only for illustrating the present invention and not for limiting the present invention, and those skilled in the art can make various changes and modifications without departing from the spirit and scope of the present invention, therefore all equivalent technical solutions should also fall into the scope of the present invention, and should be defined by the claims.

Claims (9)

1. An authorization binding method based on a film card cloud SDK system is disclosed, wherein the film card cloud SDK system comprises a terminal device, a film card and an SDK background system, and the SDK background system comprises: the system comprises a user database management module, a key management module and a film sticking card cloud SDK background server; the terminal device includes: the system comprises a BIP channel management module, a BIP data transceiver module and a film sticking card cloud SDK; the pad pasting card includes: event management module and pad pasting card data transceiver module, the interactive process of terminal equipment, pad pasting card and pad pasting card high in the clouds SDK backend server includes: BIP channel binding, session key negotiation and data transparent transmission, and is characterized in that the authorization binding method comprises the following steps:
step one, verifying whether the binding operation is authorized, if so, performing normal transaction and authentication operation, and if not, performing the next step;
step two, in the process of data transparent transmission, the film card cloud SDK randomly generates an authorization code, attaches the authorization code to the data message, encrypts and signs according to the process of data transparent transmission, and forwards the data message to the film card through the film card cloud SDK background server;
step three, the film sticking card receives the transparently transmitted message, decrypts and checks the label, takes out the data message, and calls a film sticking card authorization binding module;
comparing whether an authorization code input by a user of the terminal equipment to which the film sticking card belongs is consistent with the authorization code analyzed in the message or not by the film sticking card authorization binding module; if the authorization codes are inconsistent, authorization fails, and an error code is returned to the SDK background server at the cloud end of the film card and then is transmitted to the terminal application of the terminal equipment; if the authorization codes are consistent, the film card authorization binding module uses the temporary UUID data to cover the formal UUID data, and authorization binding is successful.
2. The method for binding authorization based on the SDK system in the cloud end of the film sticking card according to claim 1, wherein the first step comprises:
an authorization code generation module is arranged in a film card cloud SDK, an STK application module is arranged in terminal equipment to which a film card belongs, and a film card authorization binding module is arranged in the film card; the method comprises the following steps that a film card authorization binding module maintains a formal UUID data, a MESN data and a temporary UUID data; the method comprises the steps that a cloud SDK of a film sticking card locally maintains a UUID data and a MESN data;
when the terminal application initiates a BIP channel binding operation to the film sticking card cloud SDK background server, the terminal application simultaneously transmits UUID data generated by the film sticking card cloud SDK; the method comprises the steps that UUID data transmitted by a film sticking card cloud end SDK are simultaneously transmitted when a film sticking card cloud end SDK background server negotiates a session key with a film sticking card; after receiving UUID data transmitted by a cloud SDK background server, the film sticking card uses the UUID data to cover local temporary UUID data of the film sticking card;
when the film card returns the generated session key, the MESN + formal UUID data are returned to the SDK background server at the cloud end of the film card; the film sticking card cloud SDK background server returns the received session key + MESN + UUID data to the film sticking card cloud SDK of the terminal equipment;
and the cloud SDK of the film sticking card compares whether the received MESN data is consistent with the MESN data locally maintained by the SDK, and simultaneously compares whether the received UUID data is consistent with the UUID data locally maintained by the SDK, if so, the binding operation is authorized, and if not, the next step is carried out.
3. The authorization binding method based on the SDK system at the cloud end of the film card according to claim 1, wherein in the second step, in the process of data transmission, the SDK at the cloud end of the film card randomly generates an authorization code, displays the authorization code to a user through an interface of a terminal application, and simultaneously prompts the user that the device needs to be authorized to bind for the first time; the user confirms that the authorization code is enclosed in the data message by the patch card cloud SDK.
4. The authorization binding method based on the film card cloud SDK system of claim 1, wherein in the fourth step, the film card authorization binding module invokes an STK application module in a terminal device to which the film card belongs through an STK instruction, the STK application module displays an input box according to the STK instruction, and prompts a user to input an authorization code; and the STK application module returns the authorization code input by the user to the adhesive film card authorization binding module.
5. The authorization binding method based on the cloud SDK system of the film card as claimed in claim 2, wherein the film card is inserted into a mobile phone, after the mobile phone is powered on, the I MEI is obtained by using a PROVIDE LOCAL INFORMATION command, then the MESN is calculated, and the MESN data is used to cover the locally stored MESN data.
6. The authorization binding method based on the film card cloud SDK system of claim 2, wherein the UUID in the film card cloud SDK is generated by calling a terminal device interface when the film card cloud SDK is used for the first time, the UUID generated for the first time is always used in subsequent use, and the MESN is empty by default initially.
7. An authorization binding method based on a film card cloud SDK system is disclosed, wherein the film card cloud SDK system comprises a terminal device, a film card and an SDK background system, and the SDK background system comprises: the system comprises a user database management module, a key management module and a film sticking card cloud SDK background server; the terminal device includes: the system comprises a BIP channel management module, a B IP data transceiving module and a film sticking card cloud SDK; the film sticking card cloud SDK comprises a film sticking card authorization binding module; the pad pasting card includes: event management module and pad pasting card data transceiver module, the interactive process of terminal equipment, pad pasting card and pad pasting card high in the clouds SDK backend server includes: BIP channel binding, session key negotiation and data transparent transmission, and is characterized in that the authorization binding method comprises the following steps:
step one, verifying whether the binding operation is authorized, if so, performing normal transaction and authentication operation, and if not, performing the next step;
step two, in the process of data transparent transmission, the film sticking card randomly generates an authorization code, attaches the authorization code to a data message, encrypts and signs according to the process of data transparent transmission, and forwards the data message to a film sticking card cloud SDK through a film sticking card cloud SDK background server;
step three, decrypting and checking the label after the film sticking card cloud SDK receives the message transmitted through, taking out the data message, and calling a film sticking card authorization binding module;
comparing whether an authorization code input by a user of the terminal equipment to which the film sticking card cloud SDK belongs is consistent with an authorization code analyzed in the message or not by the film sticking card authorization binding module; if the authorization codes are not consistent, authorization fails, and an error code is returned to the SDK background server at the cloud end of the film sticking card and then is transmitted to the terminal equipment to which the film sticking card belongs; if the authorization codes are consistent, the film card authorization binding module uses the temporary UUID data to cover the formal UUID data, and authorization binding is successful.
8. The authorization binding method based on the film card cloud SDK system of claim 7, wherein in the second step, in the process of data transparent transmission, the film card randomly generates an authorization code, pops up an interface to be displayed to a user, and simultaneously prompts the user that authorization binding operation is required when the user uses the device for the first time; the user confirms that the film card appended the authorization code to the data message.
9. The authorization binding method based on the film card cloud SDK system of claim 7, wherein in the fourth step, the film card cloud SDK displays an input box and prompts a user to input an authorization code; and the authorization code is input by the user, and the authorization code input by the user is returned to the film card authorization binding module by the SDK at the cloud end of the film card.
CN202210976436.9A 2022-08-15 2022-08-15 Authorization binding method based on film card cloud SDK system Pending CN115474192A (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
CN202210976436.9A CN115474192A (en) 2022-08-15 2022-08-15 Authorization binding method based on film card cloud SDK system

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
CN202210976436.9A CN115474192A (en) 2022-08-15 2022-08-15 Authorization binding method based on film card cloud SDK system

Publications (1)

Publication Number Publication Date
CN115474192A true CN115474192A (en) 2022-12-13

Family

ID=84371462

Family Applications (1)

Application Number Title Priority Date Filing Date
CN202210976436.9A Pending CN115474192A (en) 2022-08-15 2022-08-15 Authorization binding method based on film card cloud SDK system

Country Status (1)

Country Link
CN (1) CN115474192A (en)

Similar Documents

Publication Publication Date Title
EP1216538B1 (en) Method and apparatus for executing secure data transfer in a wireless network
KR100414926B1 (en) System and method for provisioning or updating a mobile station using over-the-air transfer of interpreted byte-code program
US6799272B1 (en) Remote device authentication system
US6504932B1 (en) Method of transferring information between a subscriber identification module and a radiocommunication mobile terminal, and a corresponding subscriber identification module and mobile terminal
CN104021469A (en) Method, equipment and system for carrying out payment transaction
EP4068834A1 (en) Initial security configuration method, security module, and terminal
US8032753B2 (en) Server and system for transmitting certificate stored in fixed terminal to mobile terminal and method using the same
US10097553B2 (en) Installation of a secure-element-related service application in a secure element in a communication device, system and telecommunications
CN105577375A (en) Identity authentication method and device
CN114390524B (en) Method and device for realizing one-key login service
CN110913380A (en) Method and device for communicating with Bluetooth device based on applet platform
CN104780521A (en) Data roaming method, device and system
CN115474192A (en) Authorization binding method based on film card cloud SDK system
CN115296822B (en) Method and system for realizing service processing
US6836655B1 (en) Secure interlink receiver for remote programming of wireless telephones
CN103108316A (en) Authentication method, device and system for aerial card writing
CN102547661B (en) Method and device for establishing communication between Android system and telecommunications smart card
KR20050033255A (en) Method and system of certifying mobile internet user
CN107705122A (en) The method and system of secure payment are carried out in Android system
US7852782B2 (en) Method of creating a split terminal between a base terminal and equipments connected in series
CN112105020B (en) Cloud SDK system of film sticking card and operation method thereof
KR100817779B1 (en) Method for Protecting Account Information with Emergency Pin Number and Mobile Terminal Therefor
KR20160124336A (en) Method for Providing Electronic Signature by using Secure Operating System
KR101628614B1 (en) Method for Processing Electronic Signature by using Secure Operating System
CN114158047B (en) Method and device for realizing one-key login service

Legal Events

Date Code Title Description
PB01 Publication
PB01 Publication
SE01 Entry into force of request for substantive examination
SE01 Entry into force of request for substantive examination