CN116187362A - NFC card data reading and writing method and device, electronic equipment and storage medium - Google Patents

NFC card data reading and writing method and device, electronic equipment and storage medium Download PDF

Info

Publication number
CN116187362A
CN116187362A CN202111447166.4A CN202111447166A CN116187362A CN 116187362 A CN116187362 A CN 116187362A CN 202111447166 A CN202111447166 A CN 202111447166A CN 116187362 A CN116187362 A CN 116187362A
Authority
CN
China
Prior art keywords
nfc card
nfc
chip
card data
writing
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Pending
Application number
CN202111447166.4A
Other languages
Chinese (zh)
Inventor
袁志翔
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
ZTE Corp
Original Assignee
ZTE Corp
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by ZTE Corp filed Critical ZTE Corp
Priority to CN202111447166.4A priority Critical patent/CN116187362A/en
Priority to PCT/CN2022/112791 priority patent/WO2023093140A1/en
Publication of CN116187362A publication Critical patent/CN116187362A/en
Pending legal-status Critical Current

Links

Images

Classifications

    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06KGRAPHICAL DATA READING; PRESENTATION OF DATA; RECORD CARRIERS; HANDLING RECORD CARRIERS
    • G06K17/00Methods or arrangements for effecting co-operative working between equipments covered by two or more of main groups G06K1/00 - G06K15/00, e.g. automatic card files incorporating conveying and reading operations
    • G06K17/0003Automatic card files incorporating selecting, conveying and possibly reading and/or writing operations
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06KGRAPHICAL DATA READING; PRESENTATION OF DATA; RECORD CARRIERS; HANDLING RECORD CARRIERS
    • G06K17/00Methods or arrangements for effecting co-operative working between equipments covered by two or more of main groups G06K1/00 - G06K15/00, e.g. automatic card files incorporating conveying and reading operations

Landscapes

  • Physics & Mathematics (AREA)
  • General Physics & Mathematics (AREA)
  • Engineering & Computer Science (AREA)
  • Theoretical Computer Science (AREA)
  • Storage Device Security (AREA)

Abstract

The embodiment of the invention relates to a read-write method, a read-write device, electronic equipment and a storage medium of NFC card data, which comprise the following steps: when receiving an NFC card data writing request, the NFC mobile terminal analyzes NFC card data to be written from the NFC card data writing request, and writes the NFC card data to be written into a built-in SE chip; when receiving an NFC card data reading request from an NFC card reading device, authenticating the NFC card reading device through the SE chip, and sending the NFC card data to the NFC card reading device after authentication is passed. Therefore, the NFC card reading equipment can acquire NFC card data stored on the NFC mobile terminal, and a technical basis is provided for acquiring personalized NFC card data by the NFC card reading equipment under some application scenes, so that certain operations are realized based on the personalized NFC card data; and the NFC card data security can be effectively ensured, and NFC card data is prevented from being maliciously leaked.

Description

NFC card data reading and writing method and device, electronic equipment and storage medium
Technical Field
The embodiment of the invention relates to the technical field of NFC, in particular to a method, a device, electronic equipment and a storage medium for reading and writing NFC card data.
Background
NFC (Near Field Communication ) is a wireless connection technology providing easy, safe and rapid communication, and compared with other connection modes in the wireless world, NFC is a near-field private communication mode and plays a great role in the fields of access control, public transportation, mobile phone payment and the like.
Along with the development of the application of NFC analog cards (NFC for short) in the above fields and the personalized age, more and more users choose to perform personalized settings on the NFC cards, such as setting card names, personalized covers, personalized prompt tones, and the like.
However, in the prior art, the above-mentioned personalized settings are only visible to the user themselves, but cannot be read by the card reading device, so that the personalized application value cannot be exerted when the user "swipes the card".
Disclosure of Invention
In view of the above, in order to solve the above technical problems, embodiments of the present invention provide a method, an apparatus, an electronic device, and a storage medium for reading and writing NFC card data.
In a first aspect, an embodiment of the present invention provides a method for reading and writing NFC card data, which is applied to an NFC mobile terminal, where an SE chip is built in the NFC mobile terminal, and the method includes:
when an NFC card data writing request is received, analyzing NFC card data to be written from the NFC card data writing request, and writing the NFC card data to be written into the SE chip;
when receiving an NFC card data reading request from an NFC card reading device, authenticating the NFC card reading device through the SE chip, and sending the NFC card data to the NFC card reading device after the NFC card reading device is authenticated.
In a possible implementation manner, before the writing of the NFC card data to be written into the SE chip, the method further includes:
authenticating the SE chip;
and after the authentication of the SE chip is confirmed to pass, executing the step of writing the NFC card data to be written into the SE chip.
In a possible implementation manner, the authenticating the SE chip includes:
and sending the CPLC value of the SE chip to a security server so that the security server authenticates the SE chip based on the CPLC value and by utilizing a preset authentication flow.
In a possible implementation manner, the writing the NFC card data to be written to the SE chip includes:
and sending the NFC card data to be written to the security server, so that the security server writes the NFC card data to be written into the SE chip after determining that the authentication of the SE chip is passed.
In a possible implementation manner, the authenticating the SE chip includes:
sending a key acquisition request to a secure server, wherein the key acquisition request carries a CPLC value of the SE chip, so that the secure server returns an SE chip key corresponding to the received CPLC value to the NFC mobile terminal;
and authenticating the SE chip based on the received SE chip key by utilizing a preset authentication flow.
In a possible implementation manner, the writing the NFC card data to be written to the SE chip includes:
determining whether a target smart card application program corresponding to the NFC card data to be written exists in the SE chip;
if yes, writing the NFC card data to be written into the target intelligent card application program;
If not, acquiring a CAP data packet, instantiating the target smart card application program in the SE chip based on the CAP data packet, and writing the NFC card data to be written into the target smart card application program.
In a possible implementation manner, the authenticating the NFC card device by the SE chip includes:
sending an acquisition request to the NFC card reading device, wherein the acquisition request is used for indicating to acquire a valid non-access key of the target smart card application program stored in the NFC card reading device;
receiving a valid non-access key from the NFC card reading device;
comparing the received effective non-access key with a target effective non-access key of the target smart card application program stored in the NFC mobile terminal;
if the NFC card reading equipment and the NFC card reading equipment are consistent, determining that the NFC card reading equipment passes authentication; and if the NFC card reading equipment and the NFC card reading equipment are inconsistent, determining that the NFC card reading equipment is not authenticated.
In a second aspect, an embodiment of the present invention provides a device for reading and writing NFC card data, where an SE chip is built in the NFC mobile terminal, and the device includes:
the analysis module is used for analyzing NFC card data to be written from the NFC card data writing request when receiving the NFC card data writing request;
The writing module is used for writing the NFC card data to be written into the SE chip;
the authentication module is used for authenticating the NFC card reading equipment through the SE chip when receiving an NFC card data reading request from the NFC card reading equipment;
and the sending module is used for sending the NFC card data to the NFC card reading device after the NFC card reading device is authenticated.
In a third aspect, an embodiment of the present invention provides an electronic device, including: the device comprises a processor and a memory, wherein the processor is used for executing a read-write program of NFC card data stored in the memory so as to realize the read-write method of NFC card data in any one of the first aspect.
In a fourth aspect, an embodiment of the present invention provides a storage medium storing one or more programs, where the one or more programs are executable by one or more processors to implement the method for reading and writing NFC card data in any one of the first aspects.
According to the technical scheme provided by the embodiment of the invention, the NFC card data to be written is written into the SE chip through the NFC mobile terminal, when an NFC card data reading request from the NFC card reading device is received, the NFC card reading device is authenticated through the SE chip, and the NFC card data is sent to the NFC card reading device after the authentication is passed, so that the NFC card reading device can acquire the NFC card data when the NFC mobile terminal is close to the NFC card reading device, and a technical basis is provided for acquiring personalized NFC card data by the NFC card reading device under some application scenes, and further realizing certain operations based on the personalized NFC card data, such as displaying a personalized NFC card cover, playing personalized prompt tones and the like; in addition, the NFC mobile terminal stores the NFC card data in the SE chip, and the SE chip has the functions of safe storage, safe data transmission and the like, so that the method provided by the embodiment of the invention can effectively ensure the safety of the NFC card data and prevent the NFC card data from being leaked maliciously.
Drawings
FIG. 1 is a schematic diagram of a system architecture according to an embodiment of the present invention;
fig. 2 is a flowchart of an embodiment of a method for reading and writing NFC card data according to an embodiment of the present invention;
fig. 3 is a flowchart of an embodiment of another method for reading and writing NFC card data according to an embodiment of the present invention;
fig. 4 is a flowchart of an embodiment of a method for reading and writing NFC card data according to another embodiment of the present invention;
fig. 5 is a flowchart of an embodiment of a method for reading and writing NFC card data according to another embodiment of the present invention;
fig. 6 is a flowchart of an embodiment of a method for reading and writing NFC card data according to another embodiment of the present invention;
fig. 7 is a block diagram of an embodiment of a device for reading and writing NFC card data according to an embodiment of the present invention;
fig. 8 is a schematic structural diagram of an electronic device according to an embodiment of the present invention.
Detailed Description
For the purpose of making the objects, technical solutions and advantages of the embodiments of the present invention more apparent, the technical solutions of the embodiments of the present invention will be clearly and completely described below with reference to the accompanying drawings in the embodiments of the present invention, and it is apparent that the described embodiments are some embodiments of the present invention, but not all embodiments of the present invention. All other embodiments, which can be made by those skilled in the art based on the embodiments of the invention without making any inventive effort, are intended to be within the scope of the invention.
In order to facilitate understanding of the embodiments of the present invention, an exemplary description is first made below of a system architecture to which the embodiments of the present invention relate.
Referring to fig. 1, a schematic diagram of a system architecture according to an embodiment of the present invention is shown. The system architecture shown in fig. 1 includes: a mobile terminal 10, a security server 20, and a card reading device 30.
The mobile terminal 10 has an NFC chip 11, a SE (Secure Element) chip 12, a security module 13, and an upper layer application 14 built therein. It is understood that the mobile terminal 10 having the NFC chip 11 built therein means that the mobile terminal 10 is equipped with NFC functionality, i.e. the mobile terminal 10 is capable of interacting with an NFC card reader device, whereby the mobile terminal 10 will be referred to as NFC mobile terminal 10 hereinafter.
SE chip 12, which may also be referred to as a secure element or a secure chip. Two parts, secure hardware and secure software, wherein the secure hardware comprises a secure running environment, secure storage, secure algorithm, secure interface, etc., and the secure software provides a secure interaction mechanism to ensure the interaction security of commands and data between the SE chip 12 and the outside. Based on the safety functions of safety processing, safety calculation, safety storage and the like of the SE chip 12, the functions of identity authentication, data encryption transmission, sensitive information protection and the like of the equipment can be realized.
Alternatively, the SE chip 12 may have a variety of implementations, including but not limited to: as an embedded security chip in the motherboard of the NFC mobile terminal 10 or in the NFC chip 11, as a payment type SD card mounted on the NFC mobile terminal 10, as a SIM (Subscriber Identity Module ) card or UICC (Universal Integrated Circuit Card, communication integrated circuit card) card mounted on the NFC mobile terminal 10, etc.
The security module 13 may be software, or may be hardware, or may be implemented in a combination of software and hardware, which is not limited in this embodiment of the present invention. In an embodiment of the present invention, the security module 13 may be used to assist in interaction between the upper layer application 14 and the security server 20, as well as to assist in authentication between the SE chip 12 and the security server 20 or the card reading device 30.
The upper layer application 14 includes an application that provides NFC card functionality, such as a wallet application.
The security server 20 may be a single server or may be a server cluster composed of a plurality of servers, and only one server is taken as an example in fig. 1. Further, the security server 20 may be a dedicated server for securing information, or may be another server integrated with an information security securing function, which is not limited in the embodiment of the present invention.
Corresponding to the NFC mobile terminal 10, the card reading device 30 has an NFC chip (not shown in the drawing) built therein, which means that the card reading device 30 is configured with an NFC reading function, and accordingly, the card reading device 30 will be referred to as an NFC card reading device 30 hereinafter.
It will be appreciated that the number of devices in fig. 1 is merely illustrative. The system architecture 100 may include any number of networks and devices, as desired.
The following describes a method for reading and writing NFC card data provided by the present invention with specific embodiments based on the system architecture shown in fig. 1 and with reference to the accompanying drawings, and the embodiments do not limit the embodiments of the present invention.
Referring to fig. 2, a flowchart of an embodiment of a method for reading and writing NFC card data according to an embodiment of the present invention is provided. As an embodiment, the procedure may be applied to an NFC mobile terminal, such as the mobile terminal 10 illustrated in fig. 1. As shown in fig. 2, the process may include the steps of:
in step 201, when receiving the NFC card data writing request, the NFC mobile terminal parses NFC card data to be written from the NFC card data writing request, and writes the NFC card data to be written into the SE chip.
Taking the system architecture 100 shown in fig. 1 as an example, in some embodiments, a user may initiate a data writing request to an NFC card through an upper layer application 14 installed on the NFC mobile terminal 10, which is referred to as an NFC card data writing request in the embodiment of the present invention for convenience of description. Here, the NFC card data may include personalized data set by the user on the NFC card, such as a card cover, a card name, a card alert tone, and the like.
Specifically, as an alternative implementation, the upper layer application 14 may provide a visual interface for the user to input the NFC card data to be written, and after inputting the above NFC card data, trigger a button on the visual interface for indicating that the NFC card data writing request is initiated, for example, a "submit button", "ok button", and so on. The upper layer application 14 may generate an NFC card data write request upon detecting that the button is triggered, and the NFC card data write request carries NFC card data entered by the user on the visual interface.
Upon receiving the above-mentioned NFC card data writing request, the NFC mobile terminal 10 may parse out the NFC card data to be written from the above-mentioned NFC card data writing request, and then write the NFC card data to be written into the SE chip 12.
As can be seen from the above description, the data can be safely stored based on the SE chip, so as to realize functions such as sensitive information inclusion, etc., therefore, the NFC mobile terminal 10 writes the NFC card data into the SE chip 12, so that the security of the NFC card data can be effectively ensured, and especially in the scenario involving some personalized data, the privacy information of the user can be furthest protected from being revealed.
As to how the NFC mobile terminal 10 specifically writes the NFC card data to be written to the SE chip 12, it is explained in the embodiments shown in fig. 3 and 4 below, and will not be described in detail here.
Step 202, when receiving an NFC card data reading request from an NFC card reading device, the NFC mobile terminal authenticates the NFC card reading device through an SE chip, and sends NFC card data to the NFC card reading device after the authentication is passed.
In the embodiment of the present invention, when the NFC mobile terminal 10 is close to the NFC card reading device 30, the NFC card reading device 30 may initiate a reading request for indicating to read NFC card data to the NFC mobile terminal 10 based on the NFC function.
When receiving an NFC card data reading request from the NFC card reading device 30, the NFC mobile terminal 10 first authenticates the NFC card reading device 30 through the SE chip 12 to determine whether the NFC card reading device 30 has a reading authority for an NFC card simulated on the NFC mobile terminal 10; after that, when it is determined that the authentication is passed, that is, it is determined that the NFC card device 30 has the read right for the NFC card emulated on the NFC mobile terminal 10, the NFC mobile terminal 10 sends the NFC card data stored in the SE chip 12 to the NFC card device 30.
Alternatively, as can be seen from the above description, the SE chip may implement functions such as data encryption and transmission, so after determining that authentication is passed, the SE chip 12 may encrypt the stored NFC card data and send the encrypted NFC card data to the NFC chip 11, and then the NFC chip 11 forwards the encrypted NFC card data to the NFC card reader 30 through the NFC function. Through the processing, the NFC card data can be effectively prevented from being leaked in the transmission process.
As to how the NFC mobile terminal 10 authenticates the NFC card reading device by the SE chip 12, and after the authentication is passed, the NFC card data stored in the SE chip 12 is sent to the NFC card reading device 30, which will be described below by the embodiment shown in fig. 6, and will not be described in detail here.
It should be noted that, the execution sequence of the steps 201 and 202 described above does not represent the necessary execution sequence, and when the NFC card data needs to be written into the NFC mobile terminal or the NFC card data needs to be read from the NFC mobile terminal, the writing method of the NFC card data or the reading method of the NFC card data provided by the present invention may be adopted respectively.
According to the technical scheme provided by the embodiment of the invention, the NFC card data to be written is written into the SE chip through the NFC mobile terminal, when an NFC card data reading request from the NFC card reading device is received, the NFC card reading device is authenticated through the SE chip, and the NFC card data is sent to the NFC card reading device after the authentication is passed, so that the NFC card reading device can acquire the NFC card data when the NFC mobile terminal is close to the NFC card reading device, and a technical basis is provided for acquiring personalized NFC card data by the NFC card reading device under some application scenes, and further realizing certain operations based on the personalized NFC card data, such as displaying a personalized NFC card cover, playing personalized prompt tones and the like; in addition, the NFC mobile terminal stores the NFC card data in the SE chip, and the SE chip has the functions of safe storage, safe data transmission and the like, so that the method provided by the embodiment of the invention can effectively ensure the safety of the NFC card data and prevent the NFC card data from being leaked maliciously.
Referring to fig. 3, a flowchart of another embodiment of a method for reading and writing NFC card data according to an embodiment of the present invention is shown, where the flowchart shown in fig. 3 may include the following steps based on the flowchart shown in fig. 2:
in step 301, when receiving the NFC card data writing request, the NFC mobile terminal parses NFC card data to be written from the NFC card data writing request.
Step 302, the NFC mobile terminal authenticates the SE chip.
Step 303, after determining that the authentication of the SE chip is passed, the NFC mobile terminal writes the NFC card data to be written into the SE chip.
As can be seen from the description of steps 302 and 303, in some preferred embodiments, the NFC mobile terminal 10 may authenticate the SE chip 12 first, and write the NFC card data to be written to the SE chip 12 after determining that the authentication to the SE chip 12 passes.
By such processing, the security of the NFC card data can be further improved, and the NFC card data can be prevented from being leaked due to the fact that the NFC mobile terminal 10 is subjected to illegal attack and the NFC card data is wrongly written into the illegal SE chip 12.
As to how the NFC mobile terminal 10 authenticates the SE chip, two different embodiments are explained below by means of fig. 4 and 5, which are not described in detail here.
And 304, when receiving an NFC card data reading request from the NFC card reading device, the NFC mobile terminal authenticates the NFC card reading device through the SE chip.
Step 305, after determining that the authentication of the NFC card device passes, the NFC mobile terminal sends NFC card data to the NFC card device.
For a detailed description of step 301, step 304 and step 305, reference may be made to the related description in the embodiment shown in fig. 2, and the detailed description is omitted here.
According to the technical scheme provided by the embodiment of the invention, the SE chip is authenticated through the NFC mobile terminal, after the authentication is passed, the NFC card data to be written is written into the SE chip, when an NFC card data reading request from the NFC card reading device is received, the NFC card reading device is authenticated through the SE chip, and the NFC card data is sent to the NFC card reading device after the authentication is passed, so that the NFC card reading device can acquire the NFC card data when the NFC mobile terminal is close to the NFC card reading device, and a technical basis is provided for acquiring personalized NFC card data by the NFC card reading device under some application scenes, further realizing certain operations based on the personalized NFC card data, such as displaying personalized NFC card covers, playing personalized prompt tones and the like; in addition, the NFC mobile terminal stores the NFC card data in the SE chip, and the NFC card data is stored in the SE chip after the SE chip is authenticated, so that the method provided by the embodiment of the invention can effectively ensure the safety of the NFC card data and prevent the NFC card data from being maliciously leaked.
Referring to fig. 4, a flowchart of an embodiment of a method for reading and writing NFC card data according to an embodiment of the present invention is provided, where the flowchart shown in fig. 4 is a flowchart describing an implementation manner of authentication on a SE chip on the basis of the flowcharts shown in fig. 2 and 3, and may include the following steps:
in step 401, when receiving the NFC card data writing request, the NFC mobile terminal parses NFC card data to be written from the NFC card data writing request.
And step 402, the NFC mobile terminal sends the CPLC value of the SE chip and NFC card data to the security server.
The CPLC value represents the ID of the SE chip, each with a unique CPLC value.
Optionally, the NFC mobile terminal 10 may encode NFC card data according to a corresponding file format, assign a corresponding identifier, and upload the encoded NFC card data to the security server 20. Here, the file format includes, but is not limited to, pictures, text, audio, and the like. The identification may be used to characterize the type, amount, etc. of NFC card data.
It should be noted that, in the embodiment of the present invention, the execution sequence of transmitting the CPLC value of the SE chip 12 and the NFC card data to the secure server 20 by the NFC mobile terminal 10 is not limited.
Step 403, the secure server authenticates the SE chip based on the CPLC value and by using a preset authentication procedure.
From the above description, it is clear that the CPLC value represents the ID of the SE chip, and thus, after receiving the CPLC value, the secure server 20 can know which SE chip is authenticated. That is, the secure server 20 authenticates the SE chip, e.g., SE chip 12, that corresponds to the received CPLC value. The secure server 20 may authenticate the SE chip 12 corresponding to the received CPLC value by using a preset authentication procedure.
Optionally, the preset authentication procedure is an authentication procedure defined by GPC protocol. The specific authentication procedure can be referred to related descriptions in the prior art, and will not be described herein.
Step 404, after determining that the authentication of the SE chip is passed, the secure server writes the NFC card data into the SE chip.
In some embodiments, after determining that authentication of the SE chip 12 is passed, the secure server 20 first issues a view instruction to the NFC mobile terminal 10, where the view instruction is used to indicate whether a target smart card application (applet) and a secure domain corresponding to NFC card data to be written exist in the SE chip 12.
If so, the secure server 20 writes the NFC card data to the target smart card application in the SE chip 12.
If not, the secure server 20 may issue a CAP packet to the NFC mobile terminal 10, and the NFC mobile terminal 10 may instantiate the target smart card application in the SE chip 12 based on the CAP packet. The secure server 20 then writes the NFC card data to the targeted smart card application in the SE chip 12.
The CAP packet refers to a file with a suffix named CAP, which may be understood as a logic code file written according to the JAVA CARD protocol, and an executable file called a smart CARD application may be generated by an instantiation instruction after being loaded into the SE chip 12. The smart card application is responsible for the data interaction logic with the card reader device.
In addition, upon successful writing of NFC card data to the target smart card application in the SE chip, the display interface of the upper layer application 14 may output a prompt message for prompting the user that the NFC card data was successfully saved.
By the flow shown in fig. 4, authentication of the SE chip built in the NFC mobile terminal by the security server is realized.
Referring to fig. 5, a flowchart of an embodiment of a method for reading and writing NFC card data according to an embodiment of the present invention is provided, where the flowchart shown in fig. 5 is a flowchart describing another implementation manner of authentication on a SE chip on the basis of the flowcharts shown in fig. 2 and 3, and may include the following steps:
in step 501, when receiving an NFC card data writing request, the NFC mobile terminal parses NFC card data to be written from the NFC card data writing request.
Step 502, the NFC mobile terminal sends a key obtaining request to the secure server, where the key obtaining request carries a CPLC value of the SE chip.
Step 503, the secure server returns the SE chip key corresponding to the received CPLC value to the NFC mobile terminal.
Step 504, the NFC mobile terminal authenticates the SE chip based on the received SE chip key and by using a preset authentication procedure.
The SE chip keys include, but are not limited to, ENC keys, MAC keys, DEK keys, etc.
The preset authentication procedure is the same as that mentioned in the embodiment shown in fig. 4.
The flow shown in fig. 5 differs from the flow shown in fig. 4 in that: the flow shown in fig. 4 is the authentication of the SE chip 12 by the secure server 20, whereas in the flow shown in fig. 5, the authentication of the SE chip 12 by the NFC mobile terminal 10. Accordingly, in the flow shown in fig. 4, the NFC mobile terminal 10 first sends a key acquisition request to the secure server 20, where the key acquisition request carries the CPLC value of the SE chip 12 to request acquisition of the SE chip key of the SE chip 12. After that, the secure server 20, upon receiving the key acquisition request, returns the SE chip key corresponding to the received CPLC value, that is, the key of the SE chip 12, to the NFC mobile terminal 10. The NFC mobile terminal 10 then authenticates the SE chip 12 based on the received SE chip key and using a preset authentication procedure.
Step 505, after determining that the authentication of the SE chip is passed, the NFC mobile terminal writes the NFC card data to be written into the SE chip.
In some embodiments, after determining that authentication of the SE chip 12 is passed, the NFC mobile terminal 10 first checks whether there is a target smart card application corresponding to NFC card data to be written in the SE chip 12 and whether a security domain exists.
If so, the NFC mobile terminal 10 writes the NFC card data to the target smart card application in the SE chip 12.
If not, the NFC mobile terminal 10 may download a CAP packet from the secure server 20, then instantiate the target smart card application in the SE chip 12 based on the CAP packet, and then write the NFC card data into the target smart card application in the SE chip 12 by the NFC mobile terminal 10.
Through the flow shown in fig. 5, authentication of the SE chip built in the NFC mobile terminal is realized.
Referring to fig. 6, a flowchart of an embodiment of a method for reading and writing NFC card data according to an embodiment of the present invention is provided, where the flowchart shown in fig. 6 is a flowchart describing an interaction flow between an NFC mobile terminal and an NFC card reader on the basis of the flowchart shown in fig. 2, and may include the following steps:
In step 601, when receiving the NFC card data writing request, the NFC mobile terminal parses NFC card data to be written from the NFC card data writing request, and writes the NFC card data to be written into the SE chip.
In step 602, when receiving an NFC card data reading request from an NFC card reading device, the NFC mobile terminal sends an acquisition request to the NFC card reading device.
The acquisition request is used for indicating to acquire a valid non-access key of a target smart card application program stored in the NFC card reading device.
Step 603, the NFC mobile terminal receives a valid non-access key from the NFC card reading device.
Step 604, the NFC mobile terminal compares the received valid non-access key with the target valid non-access key stored in the NFC mobile terminal, and if the received valid non-access key and the target valid non-access key are consistent, step 605 is executed; if the two are inconsistent, the process is ended.
Step 605, the NFC mobile terminal determines that authentication of the NFC card device passes.
Step 606, the NFC mobile terminal sends NFC card data to the NFC card reading device.
The valid non-access keys for different smart card applications are different, meaning that the NFC card reading device 30 has read rights for the target smart card application if the NFC card reading device 30 holds the valid non-access key for the target smart card application in the SE chip 12. Accordingly, the NFC mobile terminal 10 may authenticate the NFC card reading device 30 by determining whether the NFC card reading device 30 holds a valid non-access key for the target smart card application in the SE chip 12.
Specifically, when the NFC mobile terminal 10 is close to the NFC card device 30, the NFC card device 30 may first send a select instruction to the NFC mobile terminal 10, where the select instruction is used to indicate the AID of the smart card application where the NFC card data to be read is obtained. Wherein the select instruction is received by the NFC chip 11 in the NFC mobile terminal 10 and passed to the SE chip 12.
After that, the SE chip 12 transmits the AID of the smart card application to the NFC chip 11 in the NFC mobile terminal 10 in response to the above-described select instruction, and is transferred to the NFC card reading device 30 by the NFC chip 11.
Further, after the NFC card device 30 receives the AID, the target smart card application in the SE chip 12 may authenticate the NFC card device 30.
Specifically, the SE chip 12 sends an acquisition request to the NFC chip 11 through the target smart card application, where the acquisition request is used to indicate to acquire a target valid non-access key of the target smart card application stored in the NFC card-reading device, and the NFC chip 11 transmits the acquisition request to the NFC card-reading device 30, so that the NFC card-reading device 30 returns a corresponding valid non-access key based on the received AID.
Further, the NFC mobile terminal 10 receives the valid non-access key from the NFC card device 30, compares the received valid non-access key with the target valid non-access key stored in the NFC mobile terminal 10, and if the received valid non-access key and the target valid non-access key are consistent, executes step 605; if the two are inconsistent, the process is ended.
In addition, in the data interaction logic, only the NFC chip 11 and the SE chip 12 are needed to participate, so that even if the NFC mobile terminal 10 is in a power-off state, normal execution of the data interaction logic can be ensured.
Step 605, the NFC mobile terminal determines that authentication of the NFC card device passes.
Step 606, the NFC mobile terminal sends NFC card data to the NFC card reading device.
Through the flow shown in fig. 6, the authentication of the NFC mobile terminal to the NFC card reading equipment is realized, so that only the authentication is passed, namely, the legal NFC card reading equipment can acquire NFC card data, the safety of the NFC card data is effectively ensured, and the NFC card data can be prevented from being maliciously leaked.
Referring to fig. 7, a block diagram of an embodiment of a device for reading and writing NFC card data according to an embodiment of the present invention is provided. As an embodiment, the device may be applied to an NFC mobile terminal, where an SE chip is built in the NFC mobile terminal. As shown in fig. 7, the apparatus includes: a parsing module 71, a writing module 72, an authentication module 73 and a sending module 74.
The parsing module 71 is configured to parse NFC card data to be written from the NFC card data writing request when receiving the NFC card data writing request;
A writing module 72, configured to write the NFC card data to be written into the SE chip;
an authentication module 73, configured to authenticate the NFC card reading device through the SE chip when receiving an NFC card data reading request from the NFC card reading device;
and the sending module 74 is configured to send the NFC card data to the NFC card reading device after the authentication of the NFC card reading device passes.
In a possible implementation, the authentication module 73 is further configured to: authenticating the SE chip before writing the NFC card data to be written into the SE chip;
the writing module 72 is configured to perform the step of writing the NFC card data to be written into the SE chip after determining that authentication of the SE chip passes.
In a possible implementation manner, the authentication module 73, when authenticating the SE chip, includes: and sending the CPLC value of the SE chip to a security server so that the security server authenticates the SE chip based on the CPLC value and by utilizing a preset authentication flow.
In one possible implementation, the writing module 72 is specifically configured to:
and sending the NFC card data to be written to the security server, so that the security server writes the NFC card data to be written into the SE chip after determining that the authentication of the SE chip is passed.
In a possible implementation, the authentication module 73 includes (not shown in the figure):
the key acquisition unit is used for sending a key acquisition request to the secure server, wherein the key acquisition request carries a CPLC value of the SE chip, so that the secure server returns an SE chip key corresponding to the received CPLC value to the NFC mobile terminal;
and the authentication unit is used for authenticating the SE chip based on the received SE chip key and by utilizing a preset authentication flow.
In one possible implementation, the writing module 72 includes:
a determining unit, configured to determine whether a smart card application corresponding to the NFC card data to be written exists in the SE chip;
a writing unit, configured to write the NFC card data to be written into a target smart card application program corresponding to the NFC card data to be written if it is determined that the target smart card application program exists in the SE chip;
the acquisition unit is used for acquiring a CAP data packet if the SE chip is determined to not have the target smart card application program;
and the instantiation unit is used for instantiating the target smart card application program on the SE chip based on the CAP data packet.
In a possible implementation, the authentication module 73 includes (not shown in the figure):
an acquiring unit, configured to send an acquiring request to the NFC card device, where the acquiring request is used to indicate to acquire a valid non-access key of the target smart card application stored in the NFC card device;
a receiving unit, configured to receive a valid non-access key from the NFC card device;
the comparing unit is used for comparing the received effective non-access key with the target effective non-access key of the target smart card application program stored in the NFC mobile terminal;
the determining unit is used for determining that the NFC card reading equipment is authenticated if the NFC card reading equipment and the NFC card reading equipment are consistent; and if the NFC card reading equipment and the NFC card reading equipment are inconsistent, determining that the NFC card reading equipment is not authenticated.
Fig. 8 is a schematic structural diagram of an electronic device according to an embodiment of the present invention, and the electronic device 800 shown in fig. 8 includes: at least one processor 801, memory 802, at least one network interface 804, and other user interfaces 803. The various components in the electronic device 800 are coupled together by a bus system 805. It is appreciated that the bus system 805 is used to enable connected communications between these components. The bus system 805 includes a power bus, a control bus, and a status signal bus in addition to the data bus. But for clarity of illustration, the various buses are labeled as bus system 805 in fig. 8.
The user interface 803 may include, among other things, a display, a keyboard, or a pointing device (e.g., a mouse, a trackball), a touch pad, or a touch screen, etc.
It will be appreciated that the memory 802 in embodiments of the invention can be either volatile memory or nonvolatile memory, or can include both volatile and nonvolatile memory. The non-volatile memory may be a Read-only memory (ROM), a programmable Read-only memory (ProgrammableROM, PROM), an erasable programmable Read-only memory (ErasablePROM, EPROM), an electrically erasable programmable Read-only memory (ElectricallyEPROM, EEPROM), or a flash memory, among others. The volatile memory may be a random access memory (RandomAccessMemory, RAM) that acts as an external cache. By way of example, and not limitation, many forms of RAM are available, such as Static RAM (SRAM), dynamic random access memory (DynamicRAM, DRAM), synchronous dynamic random access memory (SynchronousDRAM, SDRAM), double data rate synchronous dynamic random access memory (ddr SDRAM), enhanced Synchronous Dynamic Random Access Memory (ESDRAM), synchronous link dynamic random access memory (SynchlinkDRAM, SLDRAM), and direct memory bus random access memory (DirectRambusRAM, DRRAM). The memory 802 described herein is intended to comprise, without being limited to, these and any other suitable types of memory.
In some implementations, the memory 802 stores the following elements, executable units or data structures, or a subset thereof, or an extended set thereof: an operating system 8021 and application programs 8022.
The operating system 8021 includes various system programs, such as a framework layer, a core library layer, a driver layer, and the like, for implementing various basic services and processing hardware-based tasks. The application 8022 includes various application programs such as a media player (MediaPlayer), a Browser (Browser), and the like for realizing various application services. The program for implementing the method of the embodiment of the present invention may be contained in the application program 8022.
In the embodiment of the present invention, by calling a program or an instruction stored in the memory 802, specifically, a program or an instruction stored in the application program 8022, the processor 801 is configured to perform method steps provided by each method embodiment, for example, including:
when an NFC card data writing request is received, analyzing NFC card data to be written from the NFC card data writing request, and writing the NFC card data to be written into an SE chip;
when receiving an NFC card data reading request from an NFC card reading device, authenticating the NFC card reading device through the SE chip, and sending the NFC card data to the NFC card reading device after the NFC card reading device is authenticated.
The method disclosed in the above embodiment of the present invention may be applied to the processor 801 or implemented by the processor 801. The processor 801 may be an integrated circuit chip with signal processing capabilities. In implementation, the steps of the above method may be performed by integrated logic circuitry in hardware in the processor 801 or by instructions in software. The processor 801 described above may be a general purpose processor, a digital signal processor (DigitalSignalProcessor, DSP), an application specific integrated circuit (ApplicationSpecificIntegratedCircuit, ASIC), an off-the-shelf programmable gate array (FieldProgrammableGateArray, FPGA) or other programmable logic device, a discrete gate or transistor logic device, a discrete hardware component. The disclosed methods, steps, and logic blocks in the embodiments of the present invention may be implemented or performed. A general purpose processor may be a microprocessor or the processor may be any conventional processor or the like. The steps of the method disclosed in connection with the embodiments of the present invention may be embodied directly in the execution of a hardware decoding processor, or in the execution of a combination of hardware and software elements in a decoding processor. The software elements may be located in a random access memory, flash memory, read-only memory, programmable read-only memory or electrically erasable programmable memory, registers, etc. as well known in the art. The storage medium is located in a memory 802, and the processor 801 reads information in the memory 802 and, in combination with its hardware, performs the steps of the above method.
It is to be understood that the embodiments described herein may be implemented in hardware, software, firmware, middleware, microcode, or a combination thereof. For a hardware implementation, the processing units may be implemented within one or more application specific integrated circuits (ApplicationSpecificIntegratedCircuits, ASIC), digital signal processors (DigitalSignalProcessing, DSP), digital signal processing devices (dspev), programmable logic devices (ProgrammableLogicDevice, PLD), field programmable gate arrays (Field-ProgrammableGateArray, FPGA), general purpose processors, controllers, micro-controllers, microprocessors, other electronic units configured to perform the functions described herein, or a combination thereof.
For a software implementation, the techniques described herein may be implemented by means of units that perform the functions described herein. The software codes may be stored in a memory and executed by a processor. The memory may be implemented within the processor or external to the processor.
The electronic device provided in this embodiment may be an electronic device as shown in fig. 8, and may perform all steps of the method for reading and writing NFC card data in fig. 2-6, so as to achieve the technical effects of the method for reading and writing NFC card data in fig. 2-6, and the detailed description will be omitted herein for brevity.
The embodiment of the invention also provides a storage medium (computer readable storage medium). The storage medium here stores one or more programs. Wherein the storage medium may comprise volatile memory, such as random access memory; the memory may also include non-volatile memory, such as read-only memory, flash memory, hard disk, or solid state disk; the memory may also comprise a combination of the above types of memories.
When one or more programs in the storage medium are executable by one or more processors, the method for reading and writing the NFC card data executed on the electronic device side is implemented.
The processor is used for executing a read-write program of the NFC card data stored in the memory so as to realize the following steps of a read-write method of the NFC card data executed on the electronic equipment side:
when an NFC card data writing request is received, analyzing NFC card data to be written from the NFC card data writing request, and writing the NFC card data to be written into an SE chip;
when receiving an NFC card data reading request from an NFC card reading device, authenticating the NFC card reading device through the SE chip, and sending the NFC card data to the NFC card reading device after the NFC card reading device is authenticated.
Those of skill would further appreciate that the various illustrative elements and algorithm steps described in connection with the embodiments disclosed herein may be implemented as electronic hardware, computer software, or combinations of both, and that the various illustrative elements and steps are described above generally in terms of function in order to clearly illustrate the interchangeability of hardware and software. Whether such functionality is implemented as hardware or software depends upon the particular application and design constraints imposed on the solution. Skilled artisans may implement the described functionality in varying ways for each particular application, but such implementation decisions should not be interpreted as causing a departure from the scope of the present invention.
The steps of a method or algorithm described in connection with the embodiments disclosed herein may be embodied in hardware, in a software module executed by a processor, or in a combination of the two. The software modules may be disposed in Random Access Memory (RAM), memory, read Only Memory (ROM), electrically programmable ROM, electrically erasable programmable ROM, registers, hard disk, a removable disk, a CD-ROM, or any other form of storage medium known in the art.
The foregoing description of the embodiments has been provided for the purpose of illustrating the general principles of the invention, and is not meant to limit the scope of the invention, but to limit the invention to the particular embodiments, and any modifications, equivalents, improvements, etc. that fall within the spirit and principles of the invention are intended to be included within the scope of the invention.

Claims (10)

1. The NFC card data reading and writing method is characterized by being applied to an NFC mobile terminal, wherein an SE chip is arranged in the NFC mobile terminal, and the method comprises the following steps:
when an NFC card data writing request is received, analyzing NFC card data to be written from the NFC card data writing request, and writing the NFC card data to be written into the SE chip;
when receiving an NFC card data reading request from an NFC card reading device, authenticating the NFC card reading device through the SE chip, and sending the NFC card data to the NFC card reading device after the NFC card reading device is authenticated.
2. The method of claim 1, wherein prior to said writing the NFC card data to be written to the SE chip, the method further comprises:
authenticating the SE chip;
and after the authentication of the SE chip is confirmed to pass, executing the step of writing the NFC card data to be written into the SE chip.
3. The method of claim 2, wherein authenticating the SE chip comprises:
and sending the CPLC value of the SE chip to a security server so that the security server authenticates the SE chip based on the CPLC value and by utilizing a preset authentication flow.
4. The method of claim 3, wherein the writing the NFC card data to be written to the SE chip comprises:
and sending the NFC card data to be written to the security server, so that the security server writes the NFC card data to be written into the SE chip after determining that the authentication of the SE chip is passed.
5. The method of claim 2, wherein authenticating the SE chip comprises:
sending a key acquisition request to a secure server, wherein the key acquisition request carries a CPLC value of the SE chip, so that the secure server returns an SE chip key corresponding to the received CPLC value to the NFC mobile terminal;
and authenticating the SE chip based on the received SE chip key by utilizing a preset authentication flow.
6. The method of claim 1, wherein the writing the NFC card data to be written to the SE chip comprises:
determining whether a target smart card application program corresponding to the NFC card data to be written exists in the SE chip;
if yes, writing the NFC card data to be written into the target intelligent card application program;
If not, acquiring a CAP data packet, instantiating the target smart card application program in the SE chip based on the CAP data packet, and writing the NFC card data to be written into the target smart card application program.
7. The method of claim 6, wherein the authenticating the NFC card reading device by the SE chip comprises:
sending an acquisition request to the NFC card reading device, wherein the acquisition request is used for indicating to acquire a valid non-access key of the target smart card application program stored in the NFC card reading device;
receiving a valid non-access key from the NFC card reading device;
comparing the received effective non-access key with a target effective non-access key of the target smart card application program stored in the NFC mobile terminal;
if the NFC card reading equipment and the NFC card reading equipment are consistent, determining that the NFC card reading equipment passes authentication; and if the NFC card reading equipment and the NFC card reading equipment are inconsistent, determining that the NFC card reading equipment is not authenticated.
8. The utility model provides a read-write device of NFC card data, its characterized in that is applied to NFC mobile terminal, NFC mobile terminal embeds the SE chip, the device includes:
the analysis module is used for analyzing NFC card data to be written from the NFC card data writing request when receiving the NFC card data writing request;
The writing module is used for writing the NFC card data to be written into the SE chip;
the authentication module is used for authenticating the NFC card reading equipment through the SE chip when receiving an NFC card data reading request from the NFC card reading equipment;
and the sending module is used for sending the NFC card data to the NFC card reading device after the NFC card reading device is authenticated.
9. An electronic device, comprising: a processor and a memory, wherein the processor is configured to execute a read-write program of NFC card data stored in the memory, so as to implement the read-write method of NFC card data according to any one of claims 1 to 7.
10. A storage medium storing one or more programs executable by one or more processors to implement the method of reading and writing NFC card data according to any one of claims 1 to 7.
CN202111447166.4A 2021-11-29 2021-11-29 NFC card data reading and writing method and device, electronic equipment and storage medium Pending CN116187362A (en)

Priority Applications (2)

Application Number Priority Date Filing Date Title
CN202111447166.4A CN116187362A (en) 2021-11-29 2021-11-29 NFC card data reading and writing method and device, electronic equipment and storage medium
PCT/CN2022/112791 WO2023093140A1 (en) 2021-11-29 2022-08-16 Nfc card data read-write method and apparatus, electronic device and storage medium

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
CN202111447166.4A CN116187362A (en) 2021-11-29 2021-11-29 NFC card data reading and writing method and device, electronic equipment and storage medium

Publications (1)

Publication Number Publication Date
CN116187362A true CN116187362A (en) 2023-05-30

Family

ID=86435106

Family Applications (1)

Application Number Title Priority Date Filing Date
CN202111447166.4A Pending CN116187362A (en) 2021-11-29 2021-11-29 NFC card data reading and writing method and device, electronic equipment and storage medium

Country Status (2)

Country Link
CN (1) CN116187362A (en)
WO (1) WO2023093140A1 (en)

Family Cites Families (7)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN103067335B (en) * 2011-10-18 2016-01-27 中国移动通信集团公司 A kind of cordless realizes the method for information interaction, relevant device and system
CN103188233B (en) * 2011-12-30 2016-03-16 卓望数码技术(深圳)有限公司 A kind of many application distributions and the method and system managed
CN105989386B (en) * 2015-02-28 2019-03-29 北京天威诚信电子商务服务有限公司 A kind of method and apparatus for reading and writing radio frequency identification card
US20160267486A1 (en) * 2015-03-13 2016-09-15 Radiius Corp Smartcard Payment System and Method
CN106470386A (en) * 2015-08-19 2017-03-01 中兴通讯股份有限公司 A kind of near-field communication data transmission method and device
CN105184563A (en) * 2015-09-17 2015-12-23 广东欧珀移动通信有限公司 Safe processing method and apparatus for NFC (Near Field Communication) chip
CN106709727A (en) * 2016-12-07 2017-05-24 深圳市久和久科技有限公司 Intelligent card management method and system thereof, terminal and card service management apparatus

Also Published As

Publication number Publication date
WO2023093140A1 (en) 2023-06-01

Similar Documents

Publication Publication Date Title
JP4740926B2 (en) Service providing system, service providing server, and information terminal device
US7503064B2 (en) Framework for providing a security context and configurable firewall for computing systems
US20140282992A1 (en) Systems and methods for securing the boot process of a device using credentials stored on an authentication token
JP2009187146A (en) Information processing system and information processing program
JP2003316467A (en) Security system for computer using sim card and control method therefor
CN103744686A (en) Control method and system for installing application in intelligent terminal
CN108335105B (en) Data processing method and related equipment
JP2007526573A (en) Secure resource sharing between applications in independent execution environments within a retrieveable token (eg smart card)
CN111143816A (en) Verification and authorization method and verification server
CN110876144A (en) Mobile application method, device and system of identity certificate
EP2338244B1 (en) Use of a secure element for writing to and reading from machine readable credentials
CN111404706A (en) Application downloading method, secure element, client device and service management device
US10025575B2 (en) Method for installing security-relevant applications in a security element of a terminal
EP2068264A2 (en) Service providing system, service providing server and information terminal device
JP2009129413A (en) Shared management method of portable storage device, and portable storage device
CN116187362A (en) NFC card data reading and writing method and device, electronic equipment and storage medium
JPWO2019155792A1 (en) Information processing equipment, information processing methods, and programs
EP3926992B1 (en) Electronic device, and authentication method in electronic device
CN110366161B (en) Card opening method and device, related equipment and storage medium
CN110851881A (en) Security detection method and device for terminal equipment, electronic equipment and storage medium
KR20110005615A (en) System and method for managing wireless otp using user's media, wireless terminal and recording medium
US20210176629A1 (en) Access control for near field communication functions
CN114386111A (en) Chip circuit and access control method
JPWO2017038821A1 (en) Information processing apparatus, information processing method, program, and information processing system
CN113868634A (en) Storage system user authentication method and device, electronic equipment and storage medium

Legal Events

Date Code Title Description
PB01 Publication
PB01 Publication