Method for controlling multiple operations of smart card
Technical field
The present invention relates to a kind of smart card control method, is a kind of method for controlling multiple operations of smart card specifically.
Background technology
" city all-purpose card " is the high speed development along with electronic computer technology, " ecommerce " and " electronic money " means of payment increasingly mature and the new ideas that propose.The municipal service industry-by-industry is united, adopt consistent way of paying, make things convenient for citizen to consume, improve the work efficiency of operation enterprise; In certain zone, resident or visitor hold functions such as same IC-card can be realized authentication, the consumption and payment that flows, storage various information, reach the overall goal of " one card in hand is lived without anxiety ".
Building digitalized city is the long-term goal of city all-purpose card engineering project, IC-card is as the carrier and the interface of information, in " city all-purpose card " engineering project,, set up the urban service management information platform by being used for townie IC-card to citizen's distribution.With civic life information and consumption information, carry out digitized record by using IC-card, be reflected in the relevant infosystem in city, for the integrated management of urban information provides data necessary and analysis.These information has been arranged, be aided with other means, as: inquiry, statistics, measuring and calculating indirectly, decision analysis etc. are the personal consumption in the city, enterprise operation and city manager's decision-making, many-sided strong analysis foundation is provided and has instructed foundation.
The city all-purpose card is chiefly directed to the payment and the authentication of the every field of life of urban resident, can finish utility prepaid, the quick clearing and the payment in a plurality of fields such as finance, tourism, medical treatment, guarantee the authentication and the information stores inquiry in each field, the application of city all-purpose card comparative maturity is listed below:
Public transport charge: charges such as public transport, subway, light rail, ferry, taxi;
Public utility charges: water, electricity, gas, CATV (cable television), telecommunications charges;
Financial application: circle is deposited, consumption, enchashment, circle are carried;
Tourism consumption: replace admission ticket, tourism integration;
Medical treatment: treatment charge;
Social security: five danger management, medical insurance treatment, endowment treatment;
Oiling, aerating: oil gas charge, tax control management.
The EMV standard is by international three biggest banks card tissue--Europay (Continental Europe card, purchased by Master), the technical standard that shifts to IC-card from magnetic stripe card of the common bank card of initiating to formulate of MasterCard (Master Card) and Visa (Visa), be based on the financial payment standard of intellective IC card, become generally acknowledged framework standard at present.Its objective is the unified standard of in the financial IC card payment system, setting up card and terminal interface, make under this system all card and terminal can intercommunication usefulness mutually, and the employing of this technology will improve the bank card security of payment greatly, reduce fraud.The version of formal issue has EMV96 and EMV2000 at present.
EMV2000 is the basic technology standard that the existing debit/credit of financial IC card is in the world used, by the card tissue associating formulation of international three biggest banks, the main contents of standard comprise the application of debt-credit note transaction flow, debit/credit using standard and security authentication mechanism etc., its objective is the general standard platform of setting up a unification for financial IC card, financial terminal, payment system and financial institution.
But, domestic " all-purpose card " project mostly is the mode of independent non-financial application at present, promptly use a special application of IC cards in " all-purpose card ", such card need arrive special " all-purpose card " service handling site application, as shown in fig. 1, and to the all-purpose card project flow process of paying the fees, normally the holder extracts cash at the financial grid point of bank, pay cash to all-purpose card service handling site then, for " all-purpose card " public account is supplemented with money. pay various types of expenses at every turn and also must handle to the site, and mainly, brought many inconvenience to the holder with the cash base transaction.
Summary of the invention
The present invention has overcome above-mentioned shortcoming, EMV is used with " all-purpose card " combine, and provides a kind of complexity method for controlling multiple operations of smart card low, easy to use.
The present invention solves the technical scheme that its technical matters takes: a kind of method for controlling multiple operations of smart card comprises the steps:
1) the payment system environment is created at least two down and is used sub-directory, and each is used sub-directory and is provided with application identifier;
2) according to described application identifier realization each is used the visit and the processing of sub-directory.
Described step 2) can be specially:
A) receive the application protocol data order;
B) application identifier that comprises in the described application protocol data order of identification;
C) according to the file in the application sub-directory that application identifier is selected and execution is corresponding.
Described application identifier can be an array, comprises the expansion of resource identification and privately owned sign.
The described file of depositing under the sub-directory of respectively using can include data file and key file.
Described respectively the application includes application data file and catalogue defined file in the data file that also can deposit under the sub-directory, and directly quotes by filename.
The filename of described application data file can to use in the sub-directory application identifier corresponding or be the beginning of filename with described application identifier with the place.
The filename of described application data file and catalogue defined file can be unique in described smart card system.
Also can comprise common command processing file in the described payment system environment.
The security mechanism that the described file of respectively using under the sub-directory can be subjected to respectively to use self is protected, not visit mutually.
The present invention uses sub-directory by create at least two under the payment system environment, each is used sub-directory and is provided with application identifier, and according to visit and the processing of described application identifier realization to each application sub-directory, thereby realize the EMV application is combined with " all-purpose card ", the holder only need handle a card, just can enjoy all services that EMV uses and " all-purpose card " provides simultaneously, and reduced the complexity of handling every business, such as fee payment service etc., and then the holder can directly pay the fees in EMV service handling site, has not only saved the time, promote degree of safety, and reduced the cost that the holder applies for card.
Description of drawings
Fig. 1 is the schematic flow sheet of paying the fees in the prior art
Fig. 2 constitutes synoptic diagram for smartcard internal system among the present invention
Fig. 3 is to described smart card access process flow diagram flow chart among the present invention
Embodiment
On a sheet smart card chip, support EMV and " all-purpose card " two kinds of application simultaneously, need card can handle the APDU order of EMV standard finance and " all-purpose card " application specific APDU order, also need be at payment system environment (the Payment System Environment of card, the IC-card file system root directory, hereinafter to be referred as PSE) under be respectively two and use create sub-directories, as shown in Figure 2, by each is used the application identifier (ApplicationIdentifier of sub-directory, hereinafter to be referred as AID) select, only deposit the data file and the key file of application corresponding under each sub-directory.Wherein, the security mechanism that the user file under EMV application directory and " all-purpose card " application directory is subjected to respectively to use self is protected, and does not allow mutual visit.
Described APDU refers to Application Protocol Data Unit, described smart card all is with Application Protocol Data Unit (ApplicationProtocol Data Unit by the exchange of the total data between I/O interface and the terminal, be the communication standard of IC-card, be called for short APDU) carry out.APDU comprises order APDU and replys two kinds of APDU, orders APDU to send to card by terminal, and replying APDU then is the response of card to order APDU.Abide by ISO/IEC 7816-4 standard, APDU designs irrelevantly with host-host protocol fully.
Described application identifier (Application Identifier is called for short AID) is a byte arrays, and wherein, the first five byte is resource identification (Resource Identifier is called for short RID); Remaining byte is privately owned sign expansion (proprietary identifier extension is called for short PIX), and length range is 0 to 11 byte.
Any application data file in the IC-card (Application Definition File is abbreviated as ADF) or catalogue defined file (Directory Definition File is abbreviated as DDF) can be quoted by filename.Wherein, the filename of ADF is corresponding with its AID or with the beginning of AID as filename, each filename in the sheet smart card chip is unique in this smart card.
Comprise pay the fees, inquire about, the access process to described smart card of consumption etc., as shown in Figure 3, smart card operating system, be that the RID (five bytes of AID) that the COS internal condition is employed judges the type that current selected is used, and determine the current APDU command set of supporting according to this, treatment scheme is shown in figure three:
Step [100]: the smart card card powers on, and operating system COS internal default selects PSE as current application;
Step [110]: card is waited for and is received the APDU order;
Step [120]: card receives the APDU order, and at first the RID according to current application judges application type;
Step [130]: use if the described APDU that receives is EMV, judge whether be the order of EMV service-specific according to the instruction INS in the order:
Step [131]: if the order of EMV service-specific is carried out specific command and handled, end process jumps to step [110], waits for next bar APDU order;
If not the order of EMV service-specific, jump to step [150];
Step [140]: " all-purpose card " used, and judges whether it is the order of all-purpose card service-specific according to the instruction INS in the order;
Step [141]: if the order of all-purpose card service-specific is carried out specific command and handled, end process jumps to step [110], waits for next bar APDU order;
If not the order of all-purpose card service-specific, jump to step [150];
In above two application any one then directly jumps to step [150];
Step [150]: carry out public APDU command process, INS judges whether it is common command according to instruction:
Step [160]: common command is handled, and judges whether it is select command, i.e. SELECT order
Step [161]: if the SELECT order is then selected APDU order indication to use, and is set to current application, end process jumps to [110], waits for next bar APDU order
Step [162]: if not SELECT order, i.e. other common command, then fill order is handled, and end process jumps to [110], waits for next bar APDU order; Be not common command, return " function is not supported ", end process jumps to [110], waits for next bar APDU order.
More than method for controlling multiple operations of smart card provided by the present invention is described in detail, used specific case herein principle of the present invention and embodiment are set forth, the explanation of above embodiment just is used for helping to understand method of the present invention and core concept thereof; Simultaneously, for one of ordinary skill in the art, according to thought of the present invention, the part that all can change in specific embodiments and applications, in sum, this description should not be construed as limitation of the present invention.