CN117789379A - Tamper-proof method and tamper-proof device for POS machine - Google Patents

Tamper-proof method and tamper-proof device for POS machine Download PDF

Info

Publication number
CN117789379A
CN117789379A CN202311537327.8A CN202311537327A CN117789379A CN 117789379 A CN117789379 A CN 117789379A CN 202311537327 A CN202311537327 A CN 202311537327A CN 117789379 A CN117789379 A CN 117789379A
Authority
CN
China
Prior art keywords
pos machine
signal
disassembly
tamper
state
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Pending
Application number
CN202311537327.8A
Other languages
Chinese (zh)
Inventor
刘树林
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
Shenzhen Haizong Technology Co ltd
Original Assignee
Shenzhen Haizong Technology Co ltd
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Shenzhen Haizong Technology Co ltd filed Critical Shenzhen Haizong Technology Co ltd
Priority to CN202311537327.8A priority Critical patent/CN117789379A/en
Publication of CN117789379A publication Critical patent/CN117789379A/en
Pending legal-status Critical Current

Links

Landscapes

  • Cash Registers Or Receiving Machines (AREA)

Abstract

A tamper-proof method and device for a POS machine relates to the field of information security. In the method, a disassembly signal of an anti-disassembly circuit is monitored, wherein the signal of the anti-disassembly circuit comprises a safety signal and a disassembly signal; triggering a protection operation when the disassembly signal is monitored; and sending a disassembly signal of the POS machine to the POS machine management platform so that after the POS machine management platform verifies the disassembly signal, a secret key is generated according to the disassembly signal, and the secret key is used for converting a memory of the POS machine from a tamper-proof state to a safe state. By implementing the technical scheme provided by the application, the problem that in the traditional tamper-proof method, operation cannot be performed when the internal memory of the POS machine fails or needs to be maintained or upgraded is solved.

Description

Tamper-proof method and tamper-proof device for POS machine
Technical Field
The application relates to the technical field of information security, in particular to a tamper-proof method and device of a POS machine.
Background
The POS is a device for making large payments. The card reader reads the magnetic stripe information of the card holder on the bank card, and the POS operator inputs the transaction amount and the personal identification information of the card holder. The POS machine sends the information to the card issuing bank system through the Unionpay center to complete online transaction and return information about whether the transaction is successful or not. Meanwhile, the POS machine can print corresponding transaction credentials.
However, some lawbreakers may compromise the cardholder by dismantling the POS device, implanting malware into the memory module to copy the card information and record the payment code. The traditional solution is to adopt a key verification method to ensure the security of the system, and prohibit the system from starting once the key verification fails. While this approach may prevent external reading or overwriting of the contents of the memory, it will not operate once the internal memory fails or needs maintenance or upgrades.
Therefore, there is a need for a tamper-proof method and device for a POS machine.
Disclosure of Invention
The application provides a tamper-proof method and device of a POS machine, which solve the problem that in the traditional tamper-proof method, when the internal memory of the POS machine fails or needs to be maintained or upgraded, the operation cannot be performed.
The first aspect of the application provides a tamper-proof method of a POS machine, which comprises the following steps: monitoring a disassembly signal of an anti-disassembly circuit, wherein the signal of the anti-disassembly circuit comprises a safety signal and a disassembly signal; triggering a protection operation when the disassembly signal is monitored; the protection operation is to convert the state of the POS machine from a safe state to a tamper-proof state, wherein the tamper-proof state is used for indicating that a memory of the POS machine is in a locking state; and sending a disassembly signal of the POS machine to the POS machine management platform so that after the POS machine management platform verifies the disassembly signal, a secret key is generated according to the disassembly signal, and the secret key is used for converting a memory of the POS machine from a tamper-proof state to a safe state.
Through adopting above-mentioned technical scheme, realized preventing the tamper of POS machine, through the dismantlement signal of monitoring anti-detach circuit, when monitoring the dismantlement signal, trigger protection operation, change the state of POS machine into anti-tamper state from safe state, namely the memory locking of POS machine. Meanwhile, a disassembly signal of the POS machine is sent to the POS machine management platform, the POS machine management platform verifies the disassembly signal, and a secret key is generated and used for converting a memory of the POS machine from a tamper-proof state to a safe state. Therefore, unauthorized personnel can be prevented from tampering with the POS machine, the safety of the POS machine and the integrity of data are ensured, a tamper-proof state releasing mode is provided, and the operability of a user is improved.
Optionally, the anti-disassembly circuit includes a magnetic switch, the safety signal is a signal of the magnetic switch in a closed state, and the disassembly signal is a signal of the magnetic switch in an open state.
Through adopting above-mentioned technical scheme, through magnetic switch's monitoring and signal processing, can accurately detect whether the POS machine is dismantled.
Optionally, send the dismantlement signal of POS machine to POS machine management platform is according to dismantling signal generation secret key, specifically includes: signing the disassembly signal by using a private key corresponding to the POS machine; and sending the signature and the private key corresponding to the POS machine management platform so that the POS machine management platform can verify the signature by using the public key corresponding to the POS machine.
By adopting the technical scheme, the disassembly signal is signed by using the private key, so that the signal can be ensured to come from the corresponding POS machine and is not tampered. Meanwhile, the signature and the private key are sent to the POS machine management platform, the POS machine management platform can verify the validity of the signature by using the public key of the POS machine so as to ensure the authenticity and the integrity of the disassembly signal.
The second aspect of the application provides a tamper-proof method of a POS machine, which includes that a disassembly signal sent by the POS machine is received, the disassembly signal is triggered by an action of a user for disassembling the POS machine and is used for indicating that a state of the POS machine is converted from a safe state to a tamper-proof state, and the tamper-proof state is used for indicating that a memory of the POS machine is in a locked state; after the disassembly signal passes the verification, a secret key is generated according to the disassembly signal, and the secret key is used for converting a memory of the POS machine from the tamper-proof state to the safe state; and sending the secret key to a user corresponding to the POS machine in a short message mode.
Through adopting above-mentioned technical scheme, realized POS machine management platform to dismantling verification and key generation of signal, only after dismantling the signal verification and passing, can only generate key unblock POS machine effectively. Meanwhile, the generated secret key is sent to the user corresponding to the POS machine in a short message mode, so that the user can unlock the POS machine through the received secret key, and the POS machine is enabled to recover to a normal safe state.
Optionally, the receiving the disassembly signal sent by the POS machine specifically includes: receiving a signature sent by the POS machine and a private key corresponding to the POS machine; the signature is a signature of the disassembly signal by a private key corresponding to the POS machine; obtaining a public key corresponding to the private key of the POS machine; and verifying the signature by using the public key corresponding to the POS machine.
By adopting the technical scheme, the signature and the private key sent by the POS machine are received, so that the signature is ensured to be the signature carried out by the corresponding private key, namely the authenticity and the integrity of the disassembly signal are confirmed. By acquiring the public key corresponding to the private key and verifying the signature by using the public key, malicious operations and data leakage can be prevented.
Optionally, generating a key according to the disassembly signal specifically includes: acquiring a key corresponding to the disassembly signal from a preset key library; the preset key library comprises the corresponding relation between the disassembly signal and the key and the corresponding relation between the disassembly signal and the POS machine.
By adopting the technical scheme, the corresponding secret key can be quickly acquired according to the disassembly signal. Through the corresponding relation in the preset key library, the POS machine and the corresponding key thereof can be uniquely determined according to the disassembly signal.
Optionally, the key is sent to the user corresponding to the POS machine in a short message mode, which specifically includes: acquiring a user mobile phone number corresponding to a POS from a preset POS machine registration user library; the preset POS machine registration user library comprises the corresponding relation between the POS machine and the mobile phone number of the user; and sending the secret key to a user mobile phone number corresponding to the POS machine in a short message mode.
Through adopting above-mentioned technical scheme, send the mode of key through the SMS to the user cell-phone number that POS machine corresponds, realized the safe transmission and the authorized use of key, send the key to the user through the mode of SMS, can guarantee the confidentiality of key, prevent that the key from being obtained and using by other people, simultaneously, also convenient when the opening of tamper-proof state that the user maloperation leads to, the user can remove tamper-proof state through the key, has promoted user's sense of use.
A third aspect of the present application provides a tamper-resistant device for a POS machine, the device being a POS machine, the POS machine comprising: the device comprises a detection module, a processing module and a sending module;
the detection module is used for monitoring a disassembly signal of the disassembly prevention circuit, wherein the disassembly prevention circuit comprises a safety signal and a disassembly signal;
the processing module is used for triggering protection operation when the disassembly signal is monitored; the protection operation is to convert the state of the POS machine from a safe state to a tamper-proof state, wherein the tamper-proof state is used for indicating that a memory of the POS machine is in a locking state;
and the sending module is used for sending a disassembly signal of the POS machine to the POS machine management platform so that after the POS machine management platform verifies the disassembly signal, a secret key is generated according to the disassembly signal, and the secret key is used for converting a memory of the POS machine from a tamper-proof state to a safe state.
Optionally, the anti-disassembly circuit includes a magnetic switch, the safety signal is a signal of the magnetic switch in a closed state, and the disassembly signal is a signal of the magnetic switch in an open state.
Optionally, the sending module sends a disassembly signal of the POS machine to the POS machine management platform, so that the POS machine management platform generates a key according to the disassembly signal, and specifically includes: the processing module signs the disassembly signal by using a private key corresponding to the POS machine; the sending module sends the signature and the private key corresponding to the POS machine management platform so that the POS machine management platform can verify the signature by using the public key corresponding to the POS machine.
In a fourth aspect of the present application, there is provided a tamper-resistant device for a POS machine, the device being a POS machine management platform, the POS machine comprising: the device comprises a receiving module, a verification module and a sending module;
the receiving module is used for receiving a disassembly signal sent by the POS machine, wherein the disassembly signal is triggered by the action of a user for disassembling the POS machine and is used for indicating that the state of the POS machine is converted from a safe state to a tamper-proof state, and the tamper-proof state is used for indicating that a memory of the POS machine is in a locking state;
the verification module is used for generating a secret key according to the disassembly signal after the disassembly signal is verified, and the secret key is used for converting a memory of the POS machine from a tamper-proof state to a safe state;
and the sending module is used for sending the secret key to the user corresponding to the POS machine in a short message mode.
Optionally, the receiving module receives the disassembly signal sent by the POS machine, specifically including: the receiving module receives the signature sent by the POS machine and the private key corresponding to the POS machine; the signature is the signature of the disassembly signal by the private key corresponding to the POS machine; obtaining a public key corresponding to a private key of the POS machine; the verification module verifies the signature by using the public key corresponding to the POS machine.
Optionally, the generating a key according to the disassembly signal specifically includes: acquiring a secret key corresponding to the disassembly signal from a preset secret key library; the preset key library comprises the corresponding relation between the disassembly signal and the key and the corresponding relation between the disassembly signal and the POS machine.
Optionally, the sending module sends the secret key to the corresponding user of the POS machine in a short message mode, which specifically includes: the method comprises the steps that a receiving module obtains a user mobile phone number corresponding to a POS from a preset POS machine registration user library; the preset POS machine registration user library comprises the corresponding relation between the POS machine and the mobile phone number of the user; the sending module sends the secret key to the mobile phone number of the user corresponding to the POS machine in a short message mode.
In a fifth aspect the present application provides an electronic device comprising a processor, a memory for storing instructions, a user interface and a network interface for communicating with other devices, the processor for executing instructions stored in the memory to cause the electronic device to perform a method of any one of the above.
In summary, one or more technical solutions provided in the embodiments of the present application at least have the following technical effects or advantages:
1. the POS machine is prevented from being tampered by unauthorized personnel, the safety of the POS machine and the integrity of data are ensured, a tamper-proof state releasing mode is provided, and the operability of a user is improved;
2. whether the POS machine is disassembled or not can be accurately detected through monitoring and signal processing of the magnetic switch;
3. the secret key is sent to the mobile phone number of the user corresponding to the POS machine in a short message mode, so that safe transmission and authorized use of the secret key are realized.
Drawings
Fig. 1 is an architecture diagram of an operating environment of a tamper-proof method of a POS machine according to an embodiment of the present application.
Fig. 2 is a schematic flow chart of a tamper-proof method of a POS machine provided in an embodiment of the application.
Fig. 3 is a schematic flow chart of another tamper-proof method of a POS machine according to an embodiment of the disclosure.
Fig. 4 is a schematic block diagram of a tamper-proof device of a POS machine according to an embodiment of the disclosure.
Fig. 5 is a schematic block diagram of another tamper-proof POS device according to an embodiment of the disclosure.
Fig. 6 is a schematic structural diagram of an electronic device according to an embodiment of the present application.
Reference numerals illustrate: 401. a detection module; 402. a processing module; 403. a transmitting module; 501. a receiving module; 502. a verification module; 503. a transmitting module; 600. an electronic device; 601. a processor; 602. a communication bus; 603. a user interface; 604. a network interface; 605. a memory.
Detailed Description
In order to make those skilled in the art better understand the technical solutions in the present specification, the technical solutions in the embodiments of the present specification will be clearly and completely described below with reference to the drawings in the embodiments of the present specification, and it is obvious that the described embodiments are only some embodiments of the present application, but not all embodiments.
In the description of embodiments of the present application, words such as "for example" or "for example" are used to indicate examples, illustrations or descriptions. Any embodiment or design described herein as "such as" or "for example" should not be construed as preferred or advantageous over other embodiments or designs. Rather, the use of words such as "or" for example "is intended to present related concepts in a concrete fashion.
In the description of the embodiments of the present application, the term "plurality" means two or more. For example, a plurality of systems means two or more systems, and a plurality of screen terminals means two or more screen terminals. Furthermore, the terms "first," "second," and the like, are used for descriptive purposes only and are not to be construed as indicating or implying relative importance or implicitly indicating an indicated technical feature. Thus, a feature defining "a first" or "a second" may explicitly or implicitly include one or more such feature. The terms "comprising," "including," "having," and variations thereof mean "including but not limited to," unless expressly specified otherwise.
As shown in fig. 1, when the POS machine detects the detaching action, the tamper-proof mode is started, and meanwhile, the detaching signal is sent to the corresponding POS machine management platform, and after the POS machine management platform receives the signal, the POS machine management platform generates a key and sends the key to the mobile terminal corresponding to the user side in a short message mode.
As shown in fig. 2, fig. 2 is a schematic flow chart of a tamper-proof method of a POS machine according to an embodiment of the present application, where the method is applied to the POS machine. The method includes steps S201 to S203. The steps are as follows:
step S201: the disassembly signal of the disassembly prevention circuit is monitored, and the disassembly prevention circuit comprises a safety signal and a disassembly signal.
In the above steps, the disassembly prevention circuit is composed of the MODEM circuit and the magnetic switch. A MODEM (MODEM) is a device for modulating and demodulating in data communication, and is commonly used to convert a digital signal into an analog signal for transmission. In this application embodiment, install the shell bottom at the POS machine with magnetic switch, magnetic switch can output a switching signal to indicate the state of POS machine, and when the POS machine is intact, magnetic switch keeps closed state, and the inside contact of magnetic switch links to each other this moment, forms a passageway, and the electric current can pass through. At this time, the output level signal is at a low level (logic 0). When the POS machine is disassembled, contacts in the magnetic switch are separated, and at the moment, an output level signal becomes a high level (logic 1).
And meanwhile, a MODEM circuit is connected with the magnetic switch to detect a disassembly signal, when the POS machine is disassembled or destroyed, the magnetic switch can trigger the change of an output signal, and the MODEM circuit judges whether the POS machine is disassembled or not through the change of a monitoring signal. When the signal is converted from the security signal to the detachment signal, i.e., the switching signal of the magnetic switch is changed from a low level to a high level, this means that the POS machine is detached or destroyed. The MODEM circuit is combined with the disassembly signal to realize the monitoring of the disassembly signal.
Step S202: triggering a protection operation when the disassembly signal is monitored; the protection operation is to convert the state of the POS machine from a safe state to a tamper-proof state, wherein the tamper-proof state is used for indicating that a memory of the POS machine is in a locking state.
In the above step, when the MODEM circuit monitors the disassembly signal, a protection mechanism is triggered. Once the disassembly signal is detected, the MODEM circuit can send a storage flash protection request to the storage block module, and after the protection instruction is received, the storage block module can make corresponding operation according to the protection instruction, so that the storage module enters a tamper-proof mode. In the tamper-resistant mode, the memory module will cease to receive the loading and tampering of the new code program, preventing the loading and tampering of unauthorized code programs.
Step S203: and sending a disassembly signal of the POS machine to the POS machine management platform so that after the POS machine management platform verifies the disassembly signal, a secret key is generated according to the disassembly signal, and the secret key is used for converting a memory of the POS machine from a tamper-proof state to a safe state.
In the above steps, the POS machine establishes communication connection with the POS machine management platform through wireless network connection and sends the disassembly signal to the POS machine management platform, and after the POS machine management platform receives the disassembly signal, the POS machine management platform verifies the received disassembly signal, so as to ensure that the signal is accurate and not tampered with by some other unauthorized actions. The POS machine management platform generates a secret key according to the received disassembly signal by using a hash calculation method.
The specific steps for generating the key are as follows: the method comprises the steps of obtaining data needing hash calculation from a received disassembly signal, wherein the obtaining mode comprises fixed position interception, specific identifier extraction, data field analysis, data tag or attribute extraction and the like. According to the requirement of hash calculation, the acquired data are converted into binary format, operations such as filling or bit supplementing are carried out, hash calculation is carried out on the processed data by using a hash algorithm, the hash calculation generates a hash value, and the generated hash value is a secret key for converting a memory of a POS machine management platform from a tampered state to a safe state.
In one possible embodiment, the anti-disassembly circuit comprises a magnetic switch, the safety signal is a signal when the magnetic switch is in a closed state, and the disassembly signal is a signal when the magnetic switch is in an open state.
Specifically, when the POS machine is intact, the magnetic switch is kept in a closed state, and contacts inside the magnetic switch are connected at the moment to form a passage through which current can pass. The level signal output at this time is a low level (logic 0) corresponding to the safety signal of the disassembly prevention circuit. When the POS machine is disassembled, contacts in the magnetic switch are separated, at the moment, the magnetic switch is in an off state, and an output level signal can become a high level (logic 1) and corresponds to a disassembly signal of the disassembly prevention circuit.
In one possible implementation manner, the method includes sending a disassembly signal of the POS machine to the POS machine management platform, so that the POS machine management platform generates a key according to the disassembly signal, and specifically includes: signing the disassembly signal by using a private key corresponding to the POS machine; and sending the signature and the private key corresponding to the POS machine management platform so that the POS machine management platform can verify the signature by using the public key corresponding to the POS machine.
Specifically, the POS machine generates a pair of keys, including a private key and a public key, during the production process. The private key is typically stored in the secure mode of the POS machine, ensuring the security and confidentiality of the private key. The public key can be shared to the POS machine management platform in advance. When the POS machine triggers the disassembly signal, the POS machine signs the disassembly signal by using the private key of the POS machine to generate a digital signature. The generation process of the digital signature uses an encryption algorithm and a hash function to ensure the uniqueness and the non-tamper property of the signature. The POS machine sends the generated digital signature and the private key of the POS machine to a POS machine management platform, and after the POS machine management platform receives the signature sent by the POS machine, the POS machine management platform can verify by using the public key of the POS machine. The same encryption algorithm and hash function are used in the verification process, and the disassembly signal and the signature are compared.
Fig. 3 is a schematic flow chart of another tamper-proof method of a POS machine according to an embodiment of the present application, which is applied to a POS machine management platform. The method includes steps S301 to S303. The steps are as follows:
step S301: the method comprises the steps of receiving a disassembly signal sent by the POS machine, wherein the disassembly signal is triggered by the action of a user for disassembling the POS machine and is used for indicating that the state of the POS machine is converted from a safe state to a tamper-proof state, and the tamper-proof state is used for indicating that a memory of the POS machine is in a locking state.
In the above step, when the lawless person dismantles the POS machine, the POS machine sends a dismantlement signal to the POS machine management platform, and the function of the signal is to tell the POS machine management platform that the state of the POS machine is converted from a safe state to a tamper-proof state. Tamper-resistant state means that the memory of the POS is in a locked state to prevent unauthorized access or modification.
Step S302: after the disassembly signal passes the verification, a secret key is generated according to the disassembly signal, and the secret key is used for converting a memory of the POS machine from a tamper-proof state to a safe state.
In the above steps, the POS machine management platform can verify the disassembly signal so as to ensure the validity and safety of the signal. If the verification is passed, the POS management platform generates a key through the disassembly signal. The key is used to transfer the memory of the POS from a tampered state to a secure state.
Step S303: and sending the secret key to a user corresponding to the POS machine in a short message mode.
In the step, the generated secret key is sent to the user corresponding to the POS machine in a short message mode. The user can use the key to unlock the POS and restore it to a secure state.
In one possible implementation manner, the receiving the disassembly signal sent by the POS machine specifically includes: receiving a signature sent by a POS machine and a private key corresponding to the POS machine; the signature is the signature of the disassembly signal by the private key corresponding to the POS machine; obtaining a public key corresponding to a private key of the POS machine; and verifying the signature by using the public key corresponding to the POS machine.
Specifically, the disassembly signal sent by the POS machine is received, wherein the disassembly signal comprises a signature and a private key of the corresponding POS machine. The signature is obtained by signing the disassembly signal by a private key of the POS machine. And obtaining a public key corresponding to the private key of the POS machine. In an encryption system, a private key is used for signing and encryption, while a public key is used to verify the signature and decrypt the data. The public key corresponding to the POS machine is used for verifying the validity of the signature. And comparing the signature of the disassembly signal with the public key of the POS machine to determine whether the signature is carried out on the disassembly signal by the private key. If the verification is passed, the disassembly signal is sent by the POS machine, and the disassembly signal can only be decrypted by the POS machine management platform.
In a possible implementation manner, the key is generated according to the disassembly signal, and specifically includes: acquiring a secret key corresponding to the disassembly signal from a preset secret key library; the preset key library comprises the corresponding relation between the disassembly signal and the key and the corresponding relation between the disassembly signal and the POS machine.
Specifically, the POS machine management platform presets a key library in the system, wherein the key library comprises the corresponding relation between the disassembly signal and the key and the corresponding relation between the disassembly signal and the POS machine. When the POS is detached, the system receives a detach signal. According to the disassembly signal and the POS machine corresponding to the disassembly signal, the system acquires a key corresponding to the disassembly signal from a preset key bank. After the corresponding key is obtained, when the key acts on the corresponding POS machine, the POS machine can release the tamper-proof mode.
In one possible implementation manner, the method for sending the secret key to the corresponding user of the POS machine by means of the short message specifically includes: acquiring a user mobile phone number corresponding to the POS from a preset POS machine registration user library; the preset POS machine registration user library comprises the corresponding relation between the POS machine and the mobile phone number of the user; and sending the secret key to the mobile phone number of the user corresponding to the POS machine in a short message mode.
Specifically, the secret key is sent to the mobile phone number of the user corresponding to the POS machine in a short message mode. For example, a manufacturer owns multiple POS machines, and each POS machine is associated with a user. The manufacturer records the corresponding relation between each POS machine and the mobile phone number of the user in a preset POS machine registration user library, and when the manufacturer needs to send a secret key to the user corresponding to a certain POS machine, the manufacturer searches the mobile phone number of the user corresponding to the POS machine from the preset POS machine registration user library. And the manufacturer sends the secret key to the mobile phone number of the user in a short message mode. After receiving the short message, the user can use the secret key to perform corresponding operation, and the tamper-proof mode of the POS machine is released. The safe transmission of the secret key can be ensured by sending the secret key through the short message. In addition, the secret key is sent to the mobile phone of the user, so that the user can conveniently and quickly acquire the secret key when needed, and the convenience of operation is improved.
Referring to fig. 4, the present application further provides a tamper-proof device of a POS machine, where the device is a POS machine, and the device includes: a detection module 401, a processing module 402 and a sending module 403;
the detection module 401 is configured to monitor a disassembly signal of the disassembly prevention circuit, where the disassembly prevention signal includes a safety signal and a disassembly signal;
a processing module 402, configured to trigger a protection operation when the disassembly signal is monitored; the protection operation is to convert the state of the POS machine from a safe state to a tamper-proof state, wherein the tamper-proof state is used for indicating that a memory of the POS machine is in a locking state;
and the sending module 403 is configured to send a disassembly signal of the POS machine to the POS machine management platform, so that after the POS machine management platform verifies the disassembly signal, a key is generated according to the disassembly signal, and the key is used for converting a memory of the POS machine from a tamper-resistant state to a safe state.
In one possible implementation manner, the anti-disassembly circuit comprises a magnetic switch, the safety signal is a signal when the magnetic switch is in a closed state, and the disassembly signal is a signal when the magnetic switch is in an open state.
In one possible implementation manner, the sending module 403 sends a disassembly signal of the POS machine to the POS machine management platform, so that the POS machine management platform generates a key according to the disassembly signal, and specifically includes:
the processing module 402 signs the disassembly signal by using a private key corresponding to the POS machine;
the sending module 403 sends the signature and the private key corresponding to the POS machine management platform, so that the POS machine management platform verifies the signature with the public key corresponding to the POS machine.
Referring to fig. 5, the present application further provides a tamper-proof device of a POS machine, where the tamper-proof device is a POS machine management platform device, and the tamper-proof device includes: a receiving module 501, a verifying module 502 and a transmitting module 503;
the receiving module 501 is configured to receive a disassembly signal sent by the POS machine, where the disassembly signal is triggered by an action of a user for disassembling the POS machine, and is used to indicate that a state of the POS machine is converted from a secure state to a tamper-proof state, and the tamper-proof state is used to indicate that a memory of the POS machine is in a locked state;
the verification module 502 is configured to generate a key according to the disassembly signal after the disassembly signal passes through the verification, where the key is used to convert the memory of the POS machine from a tamper-proof state to a secure state;
and the sending module 503 is configured to send the key to a user corresponding to the POS machine by using a short message.
In one possible implementation manner, the receiving the disassembly signal sent by the POS machine specifically includes: the receiving module 501 receives the signature sent by the POS machine and the private key corresponding to the POS machine; the signature is the signature of the disassembly signal by the private key corresponding to the POS machine; obtaining a public key corresponding to a private key of the POS machine; and verifying the signature by using the public key corresponding to the POS machine.
In a possible implementation manner, the key is generated according to the disassembly signal, and specifically includes: acquiring a secret key corresponding to the disassembly signal from a preset secret key library; the preset key library comprises the corresponding relation between the disassembly signal and the key and the corresponding relation between the disassembly signal and the POS machine.
In one possible implementation manner, the method for sending the secret key to the corresponding user of the POS machine by means of the short message specifically includes: acquiring a user mobile phone number corresponding to the POS from a preset POS machine registration user library; the preset POS machine registration user library comprises the corresponding relation between the POS machine and the mobile phone number of the user; the sending module 503 sends the secret key to the mobile phone number of the user corresponding to the POS machine in a short message mode.
It should be noted that: in the device provided in the above embodiment, when implementing the functions thereof, only the division of the above functional modules is used as an example, in practical application, the above functional allocation may be implemented by different functional modules according to needs, that is, the internal structure of the device is divided into different functional modules, so as to implement all or part of the functions described above. In addition, the embodiments of the apparatus and the method provided in the foregoing embodiments belong to the same concept, and specific implementation processes of the embodiments of the method are detailed in the method embodiments, which are not repeated herein.
The application also provides an electronic device for executing the method applied to the POS machine or the method applied to the POS machine management platform. Referring to fig. 6, fig. 6 is a schematic structural diagram of an electronic device according to an embodiment of the present application. The electronic device 600 may include: at least one processor 601, at least one network interface 604, a user interface 603, a memory 605, at least one communication bus 602.
Wherein the communication bus 602 is used to enable connected communications between these components.
The user interface 603 may include a Display screen (Display), a Camera (Camera), and the optional user interface 603 may further include a standard wired interface, a wireless interface.
The network interface 604 may optionally include a standard wired interface, a wireless interface (e.g., WI-FI interface), among others.
Wherein the processor 601 may include one or more processing cores. The processor 601 connects various portions of the overall server using various interfaces and lines, performs various functions of the server and processes data by executing or executing instructions, programs, code sets, or instruction sets stored in the memory 605, and invoking data stored in the memory 605. Alternatively, the processor 601 may be implemented in hardware in at least one of digital signal processing (Digital Signal Processing, DSP), field programmable gate array (Field-Programmable Gate Array, FPGA), programmable logic array (Programmable Logic Array, PLA). The processor 601 may integrate one or a combination of several of a central processing unit (Central Processing Unit, CPU), an image processor (Graphics Processing Unit, GPU), and a modem, etc. The CPU mainly processes an operating system, a user interface, an application program and the like; the GPU is used for rendering and drawing the content required to be displayed by the display screen; the modem is used to handle wireless communications. It will be appreciated that the modem may not be integrated into the processor 601 and may be implemented by a single chip.
The Memory 605 may include a random access Memory (Random Access Memory, RAM) or a Read-Only Memory (Read-Only Memory). Optionally, the memory 605 includes a non-transitory computer readable medium (non-transitory computer-readable storage medium). Memory 605 may be used to store instructions, programs, code, sets of codes, or sets of instructions. The memory 605 may include a stored program area and a stored data area, wherein the stored program area may store instructions for implementing an operating system, instructions for at least one function (such as a touch function, a sound playing function, an image playing function, etc.), instructions for implementing the various method embodiments described above, etc.; the storage data area may store data or the like involved in the above respective method embodiments. The memory 605 may also optionally be at least one storage device located remotely from the aforementioned processor 601. Referring to FIG. 6, a memory 605, which is a computer storage medium, may include an operating system, a network communication module, a user interface module, and an application program for a tamper resistant method for a POS machine.
In the electronic device 600 shown in fig. 6, the user interface 603 is mainly used for providing an input interface for a user, and acquiring data input by the user; and processor 601 may be used to invoke an application in memory 605 that stores a tamper-resistant method for a POS machine, which when executed by one or more processors 601, causes electronic device 600 to perform the method as described in one or more of the embodiments above. It should be noted that, for simplicity of description, the foregoing method embodiments are all expressed as a series of action combinations, but it should be understood by those skilled in the art that the present application is not limited by the order of actions described, as some steps may be performed in other order or simultaneously in accordance with the present application. Further, those skilled in the art will also appreciate that the embodiments described in the specification are all preferred embodiments, and that the acts and modules referred to are not necessarily required in the present application.
In the foregoing embodiments, the descriptions of the embodiments are emphasized, and for parts of one embodiment that are not described in detail, reference may be made to related descriptions of other embodiments.
In the several embodiments provided herein, it should be understood that the disclosed apparatus may be implemented in other ways. For example, the apparatus embodiments described above are merely illustrative, such as a division of units, merely a division of logic functions, and there may be additional divisions in actual implementation, such as multiple units or components may be combined or integrated into another system, or some features may be omitted, or not performed. Alternatively, the coupling or direct coupling or communication connection shown or discussed with each other may be through some service interface, device or unit indirect coupling or communication connection, electrical or otherwise.
The units described as separate units may or may not be physically separate, and units shown as units may or may not be physical units, may be located in one place, or may be distributed over a plurality of network units. Some or all of the units may be selected according to actual needs to achieve the purpose of the solution of this embodiment.
In addition, each functional unit in each embodiment of the present application may be integrated in one processing unit, or each unit may exist alone physically, or two or more units may be integrated in one unit. The integrated units may be implemented in hardware or in software functional units.
The integrated units, if implemented in the form of software functional units and sold or used as stand-alone products, may be stored in a computer readable memory. Based on such understanding, the technical solution of the present application may be embodied in essence or a part contributing to the prior art or all or part of the technical solution in the form of a software product stored in a memory, including several instructions for causing a computer device (which may be a personal computer, a server or a network device, etc.) to perform all or part of the steps of the methods of the embodiments of the present application. And the aforementioned memory includes: various media capable of storing program codes, such as a U disk, a mobile hard disk, a magnetic disk or an optical disk.
The foregoing is merely exemplary embodiments of the present disclosure and is not intended to limit the scope of the present disclosure. That is, equivalent changes and modifications are contemplated by the teachings of this disclosure, which fall within the scope of the present disclosure. Other embodiments of the disclosure will be apparent to those skilled in the art from consideration of the specification and practice of the disclosure.
This application is intended to cover any adaptations, uses, or adaptations of the disclosure following, in general, the principles of the disclosure and including such departures from the present disclosure as come within known or customary practice within the art to which the disclosure pertains. It is intended that the specification and examples be considered as exemplary only, with a scope and spirit of the disclosure being indicated by the claims.

Claims (10)

1. The tamper-proof method for the POS machine is characterized by being applied to the POS machine, wherein the POS machine comprises an anti-disassembly circuit, and the tamper-proof method comprises the following steps of:
monitoring a disassembly signal of the disassembly prevention circuit, wherein the signal of the disassembly prevention circuit comprises a safety signal and a disassembly signal;
triggering a protection operation when the disassembly signal is monitored; the protection operation is to convert the state of the POS machine from a safe state to a tamper-proof state, wherein the tamper-proof state is used for indicating that a memory of the POS machine is in a locking state;
and sending the disassembly signal of the POS machine to a POS machine management platform, wherein after the disassembly signal passes through verification of the POS machine management platform, a secret key is generated according to the disassembly signal, and the secret key is used for converting a memory of the POS machine from the tamper-proof state to the safe state.
2. The method of claim 1, wherein the anti-disassembly circuit comprises a magnetic switch, the safety signal is a signal that the magnetic switch is in a closed state, and the disassembly signal is a signal that the magnetic switch is in an open state.
3. The method of claim 1, wherein the sending the disassembly signal of the POS machine to the POS machine management platform so that the POS machine management platform verifies the disassembly signal, and generating a key according to the disassembly signal, specifically comprises:
signing the disassembly signal by using a private key corresponding to the POS machine;
and sending the signature and the private key corresponding to the POS machine management platform so that the POS machine management platform can verify the signature by using the public key corresponding to the POS machine.
4. The tamper-proof method of the POS machine is characterized by being applied to a POS machine management platform, and comprises the following steps of:
receiving a disassembly signal sent by a POS machine, wherein the disassembly signal is triggered by the action of a user for disassembling the POS machine and is used for indicating that the state of the POS machine is converted from a safe state to a tamper-proof state, and the tamper-proof state is used for indicating that a memory of the POS machine is in a locking state;
after the disassembly signal passes the verification, a secret key is generated according to the disassembly signal, and the secret key is used for converting a memory of the POS machine from the tamper-proof state to the safe state;
and sending the secret key to a user corresponding to the POS machine in a short message mode.
5. The method of claim 4, wherein the receiving the disassembly signal sent by the POS machine specifically comprises:
receiving a signature sent by the POS machine and a private key corresponding to the POS machine; the signature is a signature of the disassembly signal by a private key corresponding to the POS machine;
obtaining a public key corresponding to the private key of the POS machine;
and verifying the signature by using the public key corresponding to the POS machine.
6. The method according to claim 4, wherein generating a key from the disassembly signal comprises:
acquiring a key corresponding to the disassembly signal from a preset key library; the preset key library comprises the corresponding relation between the disassembly signal and the key and the corresponding relation between the disassembly signal and the POS machine.
7. The method of claim 4, wherein the sending the key to the user corresponding to the POS machine by means of a sms message specifically includes:
acquiring a user mobile phone number corresponding to a POS from a preset POS machine registration user library; the preset POS machine registration user library comprises the corresponding relation between the POS machine and the mobile phone number of the user;
and sending the secret key to a user mobile phone number corresponding to the POS machine in a short message mode.
8. The utility model provides a tamper-proof device of POS machine, its characterized in that, tamper-proof device is the POS machine, the POS machine includes: a detection module (401), a processing module (402), and a transmission module (403);
the detection module (401) is used for monitoring a disassembly signal of the disassembly prevention circuit, wherein the signal of the disassembly prevention circuit comprises a safety signal and a disassembly signal;
-the processing module (402) for triggering a protection operation when the detachment signal is monitored; the protection operation is to convert the state of the POS machine from a safe state to a tamper-proof state, wherein the tamper-proof state is used for indicating that a memory of the POS machine is in a locking state;
the sending module (403) is configured to send the disassembly signal of the POS machine to a POS machine management platform, so that after the POS machine management platform verifies the disassembly signal, a key is generated according to the disassembly signal, and the key is used for converting a memory of the POS machine from the tamper-proof state to the secure state.
9. The utility model provides a tamper-proof device of POS machine, its characterized in that, tamper-proof device is POS machine management platform, POS machine management platform includes: a receiving module (501), a verifying module (502) and a transmitting module (503);
the receiving module (501) is used for receiving a disassembly signal sent by the POS machine, wherein the disassembly signal is triggered by the action of a user for disassembling the POS machine and is used for indicating that the state of the POS machine is converted from a safe state to a tamper-proof state, and the tamper-proof state is used for indicating that a memory of the POS machine is in a locking state;
the verification module (502) is configured to generate a key according to the disassembly signal after the disassembly signal passes through verification, where the key is used to convert the memory of the POS machine from the tamper-proof state to the secure state;
and the sending module (503) is used for sending the secret key to a user corresponding to the POS machine in a short message mode.
10. An electronic device comprising a processor (601), a memory (605), a user interface (603) and a network interface (604), the memory (605) being configured to store instructions, the user interface (603) and the network interface (604) being configured to communicate to other devices, the processor (601) being configured to execute the instructions stored in the memory (605) to cause the electronic device (600) to perform the method of any one of claims 1-3 or the method of any one of claims 4-7.
CN202311537327.8A 2023-11-16 2023-11-16 Tamper-proof method and tamper-proof device for POS machine Pending CN117789379A (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
CN202311537327.8A CN117789379A (en) 2023-11-16 2023-11-16 Tamper-proof method and tamper-proof device for POS machine

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
CN202311537327.8A CN117789379A (en) 2023-11-16 2023-11-16 Tamper-proof method and tamper-proof device for POS machine

Publications (1)

Publication Number Publication Date
CN117789379A true CN117789379A (en) 2024-03-29

Family

ID=90393405

Family Applications (1)

Application Number Title Priority Date Filing Date
CN202311537327.8A Pending CN117789379A (en) 2023-11-16 2023-11-16 Tamper-proof method and tamper-proof device for POS machine

Country Status (1)

Country Link
CN (1) CN117789379A (en)

Similar Documents

Publication Publication Date Title
CN110113167B (en) Information protection method and system of intelligent terminal and readable storage medium
CN105260663B (en) A kind of safe storage service system and method based on TrustZone technologies
CN109412812B (en) Data security processing system, method, device and storage medium
CN102576435B (en) Handy terminal and payment method used for the handy terminal
CN107979467B (en) Verification method and device
CN103902934B (en) A kind of cabinet tamper machine method for detecting and device
JP2006080636A (en) Information processing apparatus
CN105957276A (en) Android system-based intelligent POS security system, starting method and data management control method
CN101983375A (en) Binding a cryptographic module to a platform
EP2704078A1 (en) Security module and method of securing payment information
JP4636809B2 (en) Information processing terminal and information security protection method thereof
CN103942896A (en) System for money withdrawing without card on ATM
US20140281527A1 (en) Detecting Fraud Using Operational Parameters for a Peripheral
CN107133512A (en) POS terminal control method and device
CN105844469B (en) Authorize credible and secure system unit
WO2019239121A1 (en) Key protection device
CN106161481B (en) A kind of device of mobile terminal physical button isolation safe module prevention security risk
US11631062B2 (en) Voucher verification auxiliary device, voucher verification auxiliary system, and voucher verification auxiliary method
CN117789379A (en) Tamper-proof method and tamper-proof device for POS machine
CN116415313A (en) Safety all-in-one machine, protection method and device of safety all-in-one machine
CN115643081A (en) Industrial control system authentication method and device and computer equipment
CN114003919A (en) Computing device, security management method thereof and system supporting private computing
CN114510688A (en) Equipment unlocking method and device, computer readable storage medium and electronic equipment
CN101227281A (en) Dynamic anti stealing information and identification authenticating method
CN111242770B (en) Risk equipment identification method and device, electronic equipment and readable storage medium

Legal Events

Date Code Title Description
PB01 Publication
PB01 Publication
SE01 Entry into force of request for substantive examination
SE01 Entry into force of request for substantive examination