CN203242029U - An intelligent card containing an electronic signature function and an intelligent card transaction system - Google Patents

An intelligent card containing an electronic signature function and an intelligent card transaction system Download PDF

Info

Publication number
CN203242029U
CN203242029U CN 201320102167 CN201320102167U CN203242029U CN 203242029 U CN203242029 U CN 203242029U CN 201320102167 CN201320102167 CN 201320102167 CN 201320102167 U CN201320102167 U CN 201320102167U CN 203242029 U CN203242029 U CN 203242029U
Authority
CN
China
Prior art keywords
password
module
smart card
signature
transaction
Prior art date
Application number
CN 201320102167
Other languages
Chinese (zh)
Inventor
李东声
Original Assignee
天地融科技股份有限公司
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Priority to CN201310047316.1 priority Critical
Priority to CN201320069875 priority
Priority to CN201320069875.8 priority
Priority to CN201310047316 priority
Application filed by 天地融科技股份有限公司 filed Critical 天地融科技股份有限公司
Priority to CN 201320102167 priority patent/CN203242029U/en
Application granted granted Critical
Publication of CN203242029U publication Critical patent/CN203242029U/en
Priority claimed from PCT/CN2014/071657 external-priority patent/WO2014121721A1/en

Links

Abstract

The utility model discloses an intelligent card containing an electronic signature function and an intelligent card transaction system. The intelligent card comprises a transmitting and receiving module, a password generating module, a signature module, and a display module. The transmitting and receiving module is used for having access to a POS machine, receiving a transaction message, and transmitting the transaction message to the signature module. The password generating module is used for generating a united password and transmitting the united password to the signature module and the display module. According to the transaction message and the united password, the signature module generates a signature message and transmits at least the signature message to the POS machine via the transmitting and receiving module. Data interaction required by transaction is completed by one-time access of the intelligent card and the POS machine. Therefore, a risk of important information interception caused by multiple accesses is decreased and security is increased.

Description

具有电子签名功能的智能卡及智能卡交易系统 Smart cards and smart card transaction system with an electronic signature function

技术领域 FIELD

[0001] 本实用新型涉及一种电子技术领域,尤其涉及一种具有电子签名功能的智能卡及智能卡交易系统。 [0001] The present invention relates to an electronic technologies, and in particular to smart cards and smart card transaction system with an electronic signature function.

背景技术 Background technique

[0002] 现今,刷卡消费已经成为主流。 [0002] Today, credit card spending has become the mainstream. 采用如下流程实现电子签名交易: Use the following process to achieve electronic signature transaction:

[0003] 步骤S101,用户持卡以非接触方式接入POS机;其中,非接触方式可以为射频、蓝牙、NFC等任意非接触方式。 [0003] In step S101, the user access card in a POS machine non-contact manner; wherein the non-contact non-contact manner may be any radio frequency, Bluetooth, and so the NFC.

[0004] 步骤S102,POS机将交易信息发送至用户接入的智能卡;其中,交易信息可以至少包括帐号和金额,当然还可以包括交易明细信息。 [0004] Step S102, POS machine transmits transaction information to a smart card user access; wherein the transaction information may include at least the account number and the amount, of course, it may also include details of the transaction information.

[0005] 步骤S103,智能卡接收交易信息,显示交易信息,待用户确认交易信息无误后,接收用户输入的确认密码,对交易信息进行签名; [0005] In step S103, the smart card receiving transaction information, transaction information display, until the user confirms the transaction information is correct, the reception confirmation password input by the user, a signature of the transaction information;

[0006] 步骤S104,智能卡再次以非接触方式接入POS机,将签名信息发送至POS机; [0006] In step S104, the smart card again in a non-contact manner POS machine access, the signature information to the POS machine;

[0007] 步骤S105,POS机将交易信息和签名信息上传至银行服务器,以便银行服务器根据交易信息执行交易。 [0007] step S105, POS machine transaction information and signature information is uploaded to the server bank to bank transaction server to execute trades based on the information.

[0008] 由此可见,现有的智能卡在完成对交易信息进行签名的过程中需要以非接触方式与POS机进行至少两次接入,从而会存在接入过程中交易信息和/或签名信息被劫持的问题,造成用户损失,安全性不高。 [0008] Thus, in conventional smart cards to complete the transaction signature information needs to be performed at least twice during the access to the POS machine in a non-contact manner, so that there will be access during transaction information and / or signature information hijacked problems, resulting in loss of customers, security is not high.

实用新型内容 SUMMARY

[0009] 本实用新型旨在解决现有智能卡在多次接入过程中交易信息和/或签名信息被劫持而造成的安全性不高的问题。 [0009] The present invention aims to solve existing smart card several times in the course of trade access information and / or safety is not high signature information hijacked caused.

[0010] 本实用新型的一个目的在于提供一种具有电子签名功能的智能卡。 [0010] The object of the present invention is to provide a smart card having an electronic signature function.

[0011] 本实用新型的另一目的在于提供一种具有电子签名功能的智能卡交易系统。 [0011] Another object of the present invention is to provide a smart card transaction system with an electronic signature function.

[0012] 为达到上述目的,本实用新型的技术方案具体是这样实现的: [0012] To achieve the above object, the technical solution of the present invention are specifically implemented as follows:

[0013] 本实用新型一方面提供了一种具有电子签名功能的智能卡,智能卡包括:收发模块,密码生成模块,签名模块和显示模块;收发模块用于接入POS机,接收交易报文并发送至签名模块;密码生成模块用于生成联合密码,并发送至签名模块和显示模块;签名模块根据交易报文和联合密码生成签名报文,并通过收发模块至少将签名报文发送至POS机。 [0013] In one aspect the present invention provides a smart card having an electronic signature function, the smart card comprising: a transceiver module, a password generation module, a signature module and a display module; transceiver module for accessing a POS machine, and receives the transaction message sent to the signature module; password generating means for generating a joint password and sent to the signature module and the display module; signature module generating a signature of the transaction message packets and joint password and the signature packets to the transceiver module transmits at least the POS.

[0014] 此外,收发模块在发送签名报文至POS机之后,还断开与POS机的连接;显示模块在收发模块断开与POS机的连接后,还显示交易报文。 [0014] In addition, transceiver module after transmitting the signature message to the POS, the POS is also disconnected; a display module is disconnected after the connection with the POS machine transceiver module further displays the transaction message.

[0015] 此外,智能卡还包括:按键模块;按键模块根据接收到的确认密码和/或确认指令,触发显示模块显示联合密码。 [0015] In addition, the smart card further comprising: a key module; password key module according to the received acknowledgment and / or confirmation instructions, display module displays joint trigger password.

[0016] 本实用新型另一方面提供了一种具有电子签名功能的智能卡交易系统,系统包括:P0S机、银行服务器及前述的智能卡;P0S机接收通过按键输入的智能卡生成的联合密码,至少将交易报文、签名报文和联合密码发送至银行服务器;银行服务器验证签名报文和联合密码,并在验证通过后,根据交易报文执行交易操作。 [0016] The present invention further aspect provides a smart card transaction system having an electronic signature function, the system comprising: P0S machine, bank server and the smart card; P0S receives by combining the password key input smart card generated, at least transaction message, the signature packet and the United password sent to the bank server; the bank server verifies the signature packet and the United password, and after the verification, according to the transaction execution message transaction operations.

[0017] 由上述本实用新型提供的技术方案可以看出,本实用新型提供了一种具有电子签名功能的智能卡及具有电子签名功能的智能卡交易系统,通过智能卡和POS机的一次接入完成交易所需数据的交互,降低了多次接入造成的重要信息被截获的风险,提高了安全性。 [0017] As can be seen from the technical solution of the present invention provides, the present invention provides a smart card with an electronic signature function and the smart card transaction system having the electronic signature function, the smart card and the POS primary access to complete the transaction interaction required data, reducing the risk of critical information being intercepted multiple access due to the improved security. 本实用新型的联合密码可以是在每次交易时随机生成的数字、字母和字符的一种或多种的组合,不同于现有的交易密码和OTP必须采用密文进行传输,本实用新型的联合密码可通过明文进行传输,并且不会降低交易过程中账户的安全性;本实用新型的联合密码是在智能卡一侧生成并上传至银行服务器,也不同于现有的OTP需要银行服务器和终端同时生成,本实用新型的单侧生成联合密码并进行签名,以保证联合密码传输的安全性和联合密码验证的准确性;本实用新型的POS机是在输入了联合密码之后发送相关数据(可以是交易报文、签名报文和联合密码)至银行服务器,使得由POS机发送至银行服务器的需要由银行服务器进行处理的数据均为经过授权且有效的数据,保证了安全性,提高了工作效率。 The present invention may be combined randomly generated password for each transaction numbers, letters and characters of one kind or more thereof, and different from the existing transaction password OTP cipher text transmission, the present invention the password can be jointly carried out by the plaintext transmission, without compromising the security of the transaction process account; password combination of the present invention is generated and uploaded to the smart card bank server side, but also different from the existing bank server and the terminal needs OTP simultaneously generated, the present invention generates a unilateral joint signature and password to ensure security and to verify the accuracy of the combined joint password transmitted password; POS machine according to the present invention is transmitted after the input of the combined code data (which may It is a transaction message, the signature packet and the United password) to the bank's server, so that needs to be sent by the bank to the POS server for data processing by the bank servers are authorized and valid data, to ensure the safety and improve the work effectiveness.

附图说明 BRIEF DESCRIPTION

[0018] 为了更清楚地说明本实用新型实施例的技术方案,下面将对实施例描述中所需要使用的附图作简单地介绍,显而易见地,下面描述中的附图仅仅是本实用新型的一些实施例,对于本领域的普通技术人员来讲,在不付出创造性劳动的前提下,还可以根据这些附图获得其他附图。 [0018] In order to more clearly illustrate the embodiments are introduced briefly in the accompanying drawings required for describing the technical solutions used in the present embodiment of the invention, the following embodiments will be apparent in the following description of the drawings are merely present invention Some embodiments, those of ordinary skill in the art is concerned, without creative efforts, can derive other drawings according to these drawings.

[0019] 图1为现有的电子签名交易的方法流程图; [0019] FIG. 1 is a conventional electronic signature transaction flowchart of a method;

[0020] 图2为本实用新型具有电子签名功能的智能卡交易方法实施例1的流程图; [0020] FIG 2 new smart card electronic signature transaction method having a function flow diagram of the present practical embodiment;

[0021] 图3为本实用新型具有电子签名功能的智能卡交易方法实施例2的流程图; [0021] FIG 3 new smart card transaction method having the electronic signature function flow diagram of the present practical embodiment 2;

[0022] 图4为本实用新型具有电子签名功能的智能卡交易系统的结构示意图。 [0022] FIG. 4 is a schematic diagram of the structure of the utility model of smart card transaction system with an electronic signature functions.

具体实施方式 Detailed ways

[0023] 下面结合本实用新型实施例中的附图,对本实用新型实施例中的技术方案进行清楚、完整地描述,显然,所描述的实施例仅仅是本实用新型一部分实施例,而不是全部的实施例。 [0023] below with reference to the present invention, the embodiment of the drawings, the present invention embodiment of the technical solution will be clearly and completely described, obviously, the described embodiments are merely embodiments of the present invention a part, but not all embodiment. 基于本实用新型的实施例,本领域普通技术人员在没有做出创造性劳动前提下所获得的所有其他实施例,都属于本实用新型的保护范围。 Based on the present invention embodiment, all other embodiments of ordinary skill in the art without any creative effort shall fall within the protection scope of the present invention.

[0024] 在本实用新型的描述中,需要理解的是,术语“中心”、“纵向”、“横向”、“上”、“下”、“前”、“后”、“左”、“右”、“竖直”、“水平”、“顶”、“底”、“内”、“外”等指示的方位或位置关系为 [0024] In the novel description of the practice, to be understood that the term "center", "longitudinal", "lateral", "upper", "lower", "front", "rear", "left", " indicating the orientation or positional relationship of the right "," vertical "," horizontal "," top "," bottom "," inner "," outer "as the

基于附图所示的方位或位置关系,仅是为了便于描述本实用新型和简化描述,而不是指示或暗示所指的装置或元件必须具有特定的方位、以特定的方位构造和操作,因此不能理解为对本实用新型的限制。 , Only the position or location based on the relationship shown in the drawings for convenience of description of the present invention and simplicity of description, means or not indicate or imply element referred to must have a particular orientation, the orientation of a particular configuration and operation, can not be understood as the practical limitations of this new right. 此外,术语“第一”、“第二”仅用于描述目的,而不能理解为指示或暗示相对重要性或数量或位置。 In addition, the terms "first", "second" are for illustrative purposes only, and not intended to indicate or imply relative importance or number or location.

[0025] 在本实用新型的描述中,需要说明的是,除非另有明确的规定和限定,术语“安装”、“相连”、“连接”应做广义理解,例如,可以是固定连接,也可以是可拆卸连接,或一体地连接;可以是机械连接,也可以是电连接;可以是直接相连,也可以通过中间媒介间接相连,可以是两个元件内部的连通。 [0025] In the description of the present invention are novel, be noted that, unless otherwise expressly specified or limited, the terms "mounted," "connected to", "connected" are to be broadly understood, for example, it may be a fixed connection, may be a detachable connection, or integrally connected; may be a mechanical connector may be electrically connected; may be directly connected, can also be connected indirectly through intervening structures, it may be in communication the interior of the two elements. 对于本领域的普通技术人员而言,可以具体情况理解上述术语在本实用新型中的具体含义。 Those of ordinary skill in the art, be appreciated that the specific circumstances of the specific meanings in the present invention. [0026] 下面将结合附图对本实用新型实施例作进一步地详细描述。 [0026] The following with reference to the embodiment of the present invention will be described in further detail.

[0027] 实施例1 [0027] Example 1

[0028] 图2为本实用新型具有电子签名功能的智能卡交易方法实施例1的流程图。 [0028] FIG 2 new smart card electronic signature transaction method having a function of a flow diagram of the embodiment of the present invention. 现结合图2,对本实用新型具有电子签名功能的智能卡交易方法进行说明,具体如下: 2 now in conjunction with, the present invention method for smart card transactions with an electronic signature function will be described as follows:

[0029] 本实用新型具有电子签名功能的智能卡交易方法包括: [0029] The present invention has an electronic smart card transaction method signature features include:

[0030] 步骤S201:具有电子签名功能的智能卡接入POS机,接收交易报文; [0030] Step S201: an electronic signature function smart card access POS, receive transaction packets;

[0031] 具体的,在具有电子签名功能的智能卡接入POS机之前,POS机可通过手工输入、网络、扫描商品信息等方式获取交易报文。 [0031] Specifically, before the smart card POS machines have access to electronic signature function, the POS transaction message can get through manual input, network, scan product information and other means.

[0032] 智能卡可通过非接触方式接入POS机,接收POS机发送的交易报文。 [0032] The smart card access may be non-contact manner by the POS, the POS packet received transaction is sent. 其中,交易报文至少包括账户和金额,还可包括交易明细信息。 Wherein the transaction message includes at least accounts and amounts also include transaction detail information.

[0033] 当然,智能卡也可以通过接触方式接入POS机。 [0033] Of course, the smart card may access through POS machine contact manner.

[0034] 本实用新型的智能卡采用非接触方式接入POS机较接触方式接入POS机具有较高的安全性,防止信息被获取。 [0034] The present invention uses non-contact smart card access the POS POS machine than the access-contact manner with high security against information is acquired.

[0035] 步骤S202:智能卡生成联合密码; [0035] Step S202: generating a joint smart card password;

[0036] 具体的,智能卡随机地生成数字、字母和/或符号,从数字、字母和符号中选择一种或多种组合生成联合密码,可以保证联合密码的不唯一性,随机性,提高联合密码的安全性。 [0036] Specifically, the smart card generates random numbers, letters and / or symbols, selecting one or more from the combination of numbers, letters and symbols combined to generate a password, can not guarantee the uniqueness of the combined cryptographic randomness, improve joint password security.

[0037] 步骤S203:智能卡根据交易报文和联合密码生成签名报文; [0037] Step S203: the smart card to generate a signature of the transaction message packets and the United password;

[0038] 具体的,智能卡可以直接对交易报文和联合密码进行签名,生成签名报文;或者 [0038] Specifically, the smart card can trade messages and the United password directly generate a signed message; or

[0039] 智能卡计算交易报文的摘要信息,计算联合密码的摘要信息,对交易报文的摘要信息和联合密码的摘要信息进行签名,生成签名报文;或者 [0039] calculation of the smart card transaction message summary information, password joint calculation of summary information, the summary information on the summary information and transaction passwords joint message will be generate a signed message; or

[0040] 智能卡计算交易报文的摘要信息,对联合密码进行加密获得加密联合密码,对交易报文的摘要信息和加密联合密码进行签名,生成签名报文;或者 [0040] calculation of the smart card transaction message summary information, obtained by the encryption password to encrypt the Joint United password, and encrypt transaction information to digest the message of the United password generate a signed message; or

[0041] 智能卡计算交易报文的摘要信息,对联合密码进行加密获得加密联合密码,并计算加密联合密码的摘要信息,对交易报文的摘要信息和加密联合密码的摘要信息进行签名,生成签名报文。 [0041] Smart Card calculate transaction packet summary information, joint encrypt passwords get encrypted joint passwords, and calculates a cryptographic digest of information cooperation password digest information digest information and the encrypted transaction message of the United password to sign, generating a signature message.

[0042] 其中,摘要信息可以包括如下的一种或其组合:通过哈希算法计算的哈希值、通过MAC算法计算的MAC值,通过对称加密获得的密文本身。 [0042] wherein, summary information may include one or a combination of the following: the hash value calculated by the hash algorithm, MAC value calculated by the MAC algorithm, obtained by the symmetric encryption cipher text itself.

[0043] 另外,加密运算可以为对称加密或者非对称加密(例如通过银行服务器的公钥进行加密)。 [0043] Further, the encrypted encryption operation can be symmetric or asymmetric encryption (e.g., encrypting the public key of the bank server). 为了进一步提高联合密码传输的安全性,智能卡还可以生成一个随机数,将联合密码和该随机数按照预设的格式进行组合,并对组合后的数据进行加密获得加密联合密码。 To further enhance the joint transmission of the password security, the smart card may also generate a random number, password, and the joint combination of the random number according to a preset format, and the data obtained by the encryption to encrypt a combination joint password. 此时将联合密码和随机数进行组合,从而防止重放攻击。 At this time, the combined random number and password combination, thereby preventing replay attacks.

[0044] 本实用新型可以采用通过对联合密码进行摘要计算、对联合密码进行加密或对加密联合密码进行摘要计算,保证了联合密码传输的安全性;可以对联合密码的摘要信息、力口密联合密码或加密联合密码的摘要信息进行签名,提高了交易的安全性。 [0044] The present invention may be employed for the joint password by encrypting the digest calculated combined password or the encrypted combined password digest calculation, to ensure the security of the joint password transmission; digest of information joint password force densely populated United password or summary information encrypted password to sign jointly improve the security of transactions.

[0045] 步骤S204:智能卡至少将签名报文发送至POS机; [0045] Step S204: the smart card at least signed message to the POS unit;

[0046] 具体的,在步骤S203中,如果采用智能卡计算加密联合密码的方案时,此步骤中,智能卡还将加密联合密码和签名报文发送至POS机。 [0046] Specifically, in step S203, if the smart card calculates the encrypted password joint program, in this step, the smart card is also password encryption and signature combined message to the POS machine.

[0047] 在步骤S203中,如果采用智能卡计算加密联合密码的摘要信息的方案时,此步骤中,智能卡还将加密联合密码的摘要信息和签名报文发送至POS机。 [0047] In step S203, if the program calculates the encrypted password joint summary of the smart card, in this step, the smart card will be encrypted and password summary information joint signature message to the POS machine.

[0048] 当然,无论步骤S203中,智能卡计算的是何种信息,智能卡都可以将计算的信息发送至POS机。 [0048] Of course, regardless of the step S203, the smart card information what information is calculated, the smart card can be transmitted to the POS machine calculated.

[0049] 步骤S205 =POS机接收通过按键输入的智能卡生成的联合密码,至少将交易报文、签名报文和联合密码发送至银行服务器; [0049] Step S205 = POS generated by the smart card receives the key input password combination, at least the transaction message, the signature and the packet is sent to the bank server password joint;

[0050] 具体的,在步骤S203中,如果采用智能卡计算加密联合密码的方案时,此步骤中,POS机还将加密联合密码、交易报文、签名报文和联合密码发送至银行服务器。 [0050] Specifically, in step S203, if the smart card computing encryption password joint program this step, POS machines will also encrypt the United password, transaction messages, signatures and messages sent to the bank server password joint.

[0051] 在步骤S203中,如果采用智能卡计算加密联合密码的摘要信息的方案时,此步骤中,POS机还将联合密码的摘要信息、交易报文、签名报文和联合密码发送至银行服务器。 [0051] In step S203, if the program calculates the encrypted joint passwords summary information using a smart card, in this step, POS machines will jointly summary information requiring passwords, transaction message, the signature packet and the United password will be sent to the bank server .

[0052] 当然,无论步骤S203中,智能卡计算的是何种信息,POS机均可以将智能卡计算的信息发送至银行服务器。 [0052] Of course, regardless of the step S203, the calculation of the smart card is what information, POS machines can be calculated transmit information to the smart card bank server.

[0053] 本实用新型的POS机只有在接收到用户输入的联合密码后,才会将交易报文、签名报文和联合密码发送至银行服务器,以触发银行服务器完成交易,以便银行服务器根据联合密码和签名报文对用户身份进行认证,提高交易的安全性。 [0053] The present invention POS machine only after receiving the Joint password entered by the user, only the transaction message, the signature packet and the United password to the bank server to trigger a banking server to complete the transaction, according to a joint bank server password and signature messages to the user identity authentication to improve the security of transactions. 另外,本实用新型的联合密码可以是在每次交易时随机生成的数字、字母和字符的一种或多种的组合,不同于现有的交易密码和OTP必须采用密文进行传输,本实用新型的联合密码可通过明文进行传输,并且不会降低交易过程中账户的安全性;本实用新型的联合密码是在智能卡一侧生成并上传至银行服务器,也不同于现有的OTP需要银行服务器和终端同时生成,本实用新型的单侧生成联合密码并进行签名,以保证联合密码传输的安全性和联合密码验证的准确性;本实用新型的POS机是在输入了联合密码之后发送相关数据(可以是交易报文、签名报文和联合密码)至银行服务器,使得由POS机发送至银行服务器的需要由银行服务器进行处理的数据均为经过授权且有效的数据,保证了安全性,提高了工作效率。 Further, the present invention may be combined randomly generated password for each transaction numbers, letters and characters of one kind or more thereof, and different from the existing transaction password OTP cipher text transmission, the present invention the new password may be carried out by plain joint transmission, without compromising the security of the transaction process account; password combination of the present invention is generated and uploaded to the smart card bank server side, but also different from the existing bank server needs OTP and the terminal simultaneously generated, the present invention generates a unilateral joint signature and password to ensure security and to verify the accuracy of the combined joint password transmitted password; POS machine according to the present invention is transmitted after the data is inputted password joint (can be a transaction message, the signature packet and the United password) to the bank's server, so that needs to be sent by the bank to the POS server for data processing by the bank servers are authorized and valid data, to ensure the safety and improve the work efficiency.

[0054] 步骤S206:银行服务器验证签名报文和联合密码,并在验证通过后,根据交易报文执行交易操作。 [0054] Step S206: the bank server verifies the signature packet and the United password, and after the verification, according to the transaction execution message transaction operations.

[0055] 由此可见本实用新型的智能卡交易方法,通过智能卡和POS机的一次接入完成交易所需数据的交互,降低了多次接入造成的重要信息被截获的风险,提高了安全性。 [0055] Thus the invention of the smart card transaction method, by a smart card and POS machines access the data required to complete the interaction of trading, reducing the risk of critical information being intercepted multiple access due to the improved security .

[0056] 实施例2 [0056] Example 2

[0057] 图3为本实用新型具有电子签名功能的智能卡交易方法实施例2的流程图。 [0057] The present invention FIG 3 smart card transaction functions of the electronic signature method of the flowchart of the second embodiment. 现结合图3,对本实用新型具有电子签名功能的智能卡交易方法进行说明,具体如下: Now with Figure 3, the present invention method for smart card transactions with an electronic signature function will be described as follows:

[0058] 本实用新型具有电子签名功能的智能卡交易方法包括: [0058] The present invention has an electronic smart card transaction method signature features include:

[0059] 步骤S301:具有电子签名功能的智能卡接入POS机,接收交易报文; [0059] Step S301: an electronic signature function smart card access POS, receive transaction packets;

[0060] 具体的,在具有电子签名功能的智能卡接入POS机之前,POS机可通过手工输入、网络、扫描商品信息等方式获取交易报文。 [0060] Specifically, before the smart card POS machines have access to electronic signature function, the POS transaction message can get through manual input, network, scan product information and other means.

[0061] 智能卡可通过非接触方式接入POS机,接收POS机发送的交易报文。 [0061] The smart card access may be non-contact manner by the POS, the POS packet received transaction is sent. 其中,交易报文至少包括账户和金额,还可包括交易明细信息。 Wherein the transaction message includes at least accounts and amounts also include transaction detail information.

[0062] 当然,智能卡也可以通过接触方式接入POS机。 [0062] Of course, the smart card may access through POS machine contact manner.

[0063] 本实用新型的智能卡采用非接触方式接入POS机较接触方式接入POS机具有较高的安全性,防止信息被获取。 [0063] The present invention uses non-contact smart card access the POS POS machine than the access-contact manner with high security against information is acquired.

[0064] 步骤S302:智能卡生成联合密码;[0065] 具体的,智能卡随机地生成数字、字母和/或符号,从数字、字母和符号中选择一种或多种组合生成联合密码,可以保证联合密码的不唯一性,随机性,提高联合密码的安全性。 [0064] Step S302: the smart card to generate combined password; [0065] Specifically, the smart card randomly generated numbers, letters and / or symbols, selecting one or more combinations of the numbers, letters and symbols, generating a joint password, ensure joint of the password is not unique, random, improve the security of the United password.

[0066] 步骤S303:智能卡根据交易报文和联合密码生成签名报文; [0066] Step S303: the smart card to generate a signature of the transaction message packets and the United password;

[0067] 具体的,智能卡可以直接对交易报文和联合密码进行签名,生成签名报文;或者 [0067] Specifically, the smart card can trade messages and the United password directly generate a signed message; or

[0068] 智能卡计算交易报文的摘要信息,计算联合密码的摘要信息,对交易报文的摘要信息和联合密码的摘要信息进行签名,生成签名报文;或者 [0068] calculation of the smart card transaction message summary information, password joint calculation of summary information, the summary information on the summary information and transaction passwords joint message will be generate a signed message; or

[0069] 智能卡计算交易报文的摘要信息,对联合密码进行加密获得加密联合密码,对交易报文的摘要信息和加密联合密码进行签名,生成签名报文;或者 [0069] calculation of the smart card transaction message summary information, obtained by the encryption password to encrypt the Joint United password for summary information and transaction password encryption joint message will be generate a signed message; or

[0070] 智能卡计算交易报文的摘要信息,对联合密码进行加密获得加密联合密码,并计算加密联合密码的摘要信息,对交易报文的摘要信息和加密联合密码的摘要信息进行签名,生成签名报文。 [0070] Smart Card calculate transaction packet summary information, joint encrypt passwords get encrypted joint passwords, and calculates a cryptographic digest of information cooperation password digest information digest information and the encrypted transaction message of the United password to sign, generating a signature message.

[0071] 其中,摘要信息可以包括如下的一种或其组合:通过哈希算法计算的哈希值、通过MAC算法计算的MAC值,通过对称加密获得的密文本身。 [0071] wherein, summary information may include one or a combination of the following: the hash value calculated by the hash algorithm, MAC value calculated by the MAC algorithm, obtained by the symmetric encryption cipher text itself.

[0072] 另外,加密运算可以为对称加密或者非对称加密(例如通过银行服务器的公钥进行加密)。 [0072] Further, the encrypted encryption operation can be symmetric or asymmetric encryption (e.g., encrypting the public key of the bank server). 为了进一步提高联合密码传输的安全性,智能卡还可以生成一个随机数,将联合密码和该随机数按照预设的格式进行组合,并对组合后的数据进行加密获得加密联合密码。 To further enhance the joint transmission of the password security, the smart card may also generate a random number, password, and the joint combination of the random number according to a preset format, and the data obtained by the encryption to encrypt a combination joint password. 此时将联合密码和随机数进行组合,从而防止重放攻击。 At this time, the combined random number and password combination, thereby preventing replay attacks.

[0073] 本实用新型可以采用通过对联合密码进行摘要计算、对联合密码进行加密或对加密联合密码进行摘要计算,保证了联合密码传输的安全性;可以对联合密码的摘要信息、力口密联合密码或加密联合密码的摘要信息进行签名,提高了交易的安全性。 [0073] The present invention may be employed for the joint password by encrypting the digest calculated combined password or the encrypted combined password digest calculation, to ensure the security of the joint password transmission; digest of information joint password force densely populated United password or summary information encrypted password to sign jointly improve the security of transactions.

[0074] 步骤S304:智能卡至少将签名报文发送至POS机; [0074] Step S304: the smart card at least signed message to the POS unit;

[0075] 具体的,在步骤S303中,如果采用智能卡计算加密联合密码的方案时,此步骤中,智能卡还将加密联合密码和签名报文发送至POS机。 [0075] Specifically, in step S303, if the smart card calculates the encrypted password joint program, in this step, the smart card is also password encryption and signature combined message to the POS machine.

[0076] 在步骤S303中,如果采用智能卡计算加密联合密码的摘要信息的方案时,此步骤中,智能卡还将加密联合密码的摘要信息和签名报文发送至POS机。 [0076] In step S303, if the program calculates the encrypted password joint summary of the smart card, in this step, the smart card will be encrypted and password summary information joint signature message to the POS machine.

[0077] 当然,无论步骤S303中,智能卡计算的是何种信息,智能卡都可以将计算的信息发送至POS机。 [0077] Of course, regardless of the step S303, the smart card information what information is calculated, the smart card can be transmitted to the POS machine calculated.

[0078] 步骤S305:智能卡断开与POS机的连接; [0078] Step S305: the smart card is disconnected from the POS machine;

[0079] 具体的,在非接触式方式接入的情况下,用户持智能卡离开POS机的感应范围即可;在接触式方式接入的情况下,用户从POS机中拔出智能卡即可。 [0079] Specifically, in the case where the non-contact mode access, a user holding a smart card away to the POS sensing range; in the case of contact mode access, a user removes the smart card to the POS machine. 断开与POS机的连接保证了智能卡与POS机的一次接触,降低了多次接触信息被截获的风险,提高了数据传输的安全性。 Disconnect POS machines to ensure a contactless smart card and POS machines, reducing the risk of information being intercepted numerous contacts, to improve the security of data transmission.

[0080] 步骤S306:智能卡显示交易报文; [0080] Step S306: Smart Card display transaction messages;

[0081] 具体的,智能卡在显示屏上显示接收到的交易报文,以便用户确认该交易的真实性,保证交易的安全。 [0081] Specifically, the smart card transaction displays the received message on the screen so that users confirm the authenticity of the transaction, to ensure the security of transactions.

[0082] 步骤S307:智能卡接收通过按键输入的确认密码和/或确认指令; [0082] Step S307: the smart card receives the password confirmation key inputs and / or by confirmation command;

[0083] 具体的,用户在确认了交易信息的真实性之后,可以通过输入确认密码和/或确认指令的操作,触发智能卡显示生成的联合密码。 After the [0083] Specifically, the user confirming the authenticity of the transaction information, and confirm the password can operate / or confirmed by entering the command, triggering a smart card displays the generated password joint. 通过输入确认密码触发智能卡显示联合密码可以防止联合密码被他人获知,提高联合密码的保密性。 Trigger smart card by entering the confirmation password display password prevents joint United password be known to others, to improve the security of the United password.

[0084] 步骤S308:智能卡显示联合密码。 [0084] Step S308: Smart Card co-display password.

[0085] 具体的,智能卡显示联合密码,以便用户可以获知该联合密码,将该联合密码输入至POS机,以完成交易。 [0085] Specifically, the smart card password combination of the display, so that the user may know the password joint, the joint to the POS machine password, to complete the transaction.

[0086] 为了进一步提高联合密码的安全性,防止他人获取联合密码的明文信息,在步骤S302时,还可以将联合密码明文以预设的对称加密算法进行加密并将加密后的联合密码存储在智能卡中,在智能卡接收用户通过按键输入的确认密码和/或确认指令后,再以该预设的对称加密算法解密出联合密码明文进行显示。 [0086] In order to further improve the safety joint password, a password to prevent others from obtaining the plaintext joint, at step S302, the clear text password may also be combined in a predetermined symmetric encryption algorithm jointly encrypted passwords are stored in encrypted and after the smart card, receiving the user by confirming the password of the key input and / or confirmation command in the smart card, and then to the predetermined symmetric encryption algorithm jointly decrypt plain text password is displayed.

[0087] 步骤S309 =POS机接收通过按键输入的智能卡生成的联合密码,至少将交易报文、签名报文和联合密码发送至银行服务器; [0087] Step S309 = POS generated by the smart card receives the key input password combination, at least the transaction message, the signature and the packet is sent to the bank server password joint;

[0088] 具体的,在步骤S303中,如果采用智能卡计算加密联合密码的方案时,此步骤中,POS机还将加密联合密码、交易报文、签名报文和联合密码发送至银行服务器。 [0088] Specifically, in step S303, if the smart card computing encryption password joint program this step, POS machines will also encrypt the United password, transaction messages, signatures and messages sent to the bank server password joint.

[0089] 在步骤S303中,如果采用智能卡计算加密联合密码的摘要信息的方案时,此步骤中,POS机还将联合密码的摘要信息、交易报文、签名报文和联合密码发送至银行服务器。 [0089] In step S303, if the program calculates the encrypted joint passwords summary information using a smart card, in this step, POS machines will jointly summary information requiring passwords, transaction message, the signature packet and the United password will be sent to the bank server .

[0090] 当然,无论步骤S303中,智能卡计算的是何种信息,POS机均可以将智能卡计算的信息发送至银行服务器。 [0090] Of course, regardless of the step S303, the calculation of the smart card is what information, POS machines can be calculated transmit information to the smart card bank server.

[0091] 本实用新型的POS机只有在接收到用户输入的联合密码后,才会将交易报文、签名报文和联合密码发送至银行服务器,以触发银行服务器完成交易,以便银行服务器根据联合密码和签名报文对用户身份进行认证,提高交易的安全性。 [0091] The present invention POS machine only after receiving the Joint password entered by the user, only the transaction message, the signature packet and the United password to the bank server to trigger a banking server to complete the transaction, according to a joint bank server password and signature messages to the user identity authentication to improve the security of transactions. 另外,本实用新型的联合密码可以是在每次交易时随机生成的数字、字母和字符的一种或多种的组合,不同于现有的交易密码和OTP必须采用密文进行传输,本实用新型的联合密码可通过明文进行传输,并且不会降低交易过程中账户的安全性;本实用新型的联合密码是在智能卡一侧生成并上传至银行服务器,也不同于现有的OTP需要银行服务器和终端同时生成,本实用新型的单侧生成联合密码并进行签名,以保证联合密码传输的安全性和联合密码验证的准确性;本实用新型的POS机是在输入了联合密码之后发送相关数据(可以是交易报文、签名报文和联合密码)至银行服务器,使得由POS机发送至银行服务器的需要由银行服务器进行处理的数据均为经过授权且有效的数据,保证了安全性,提高了工作效率。 Further, the present invention may be combined randomly generated password for each transaction numbers, letters and characters of one kind or more thereof, and different from the existing transaction password OTP cipher text transmission, the present invention the new password may be carried out by plain joint transmission, without compromising the security of the transaction process account; password combination of the present invention is generated and uploaded to the smart card bank server side, but also different from the existing bank server needs OTP and the terminal simultaneously generated, the present invention generates a unilateral joint signature and password to ensure security and to verify the accuracy of the combined joint password transmitted password; POS machine according to the present invention is transmitted after the data is inputted password joint (can be a transaction message, the signature packet and the United password) to the bank's server, so that needs to be sent by the bank to the POS server for data processing by the bank servers are authorized and valid data, to ensure the safety and improve the work efficiency.

[0092] 步骤S310:银行服务器验证签名报文和联合密码,并在验证通过后,根据交易报文执行交易操作。 [0092] Step S310: the bank server verifies the signature packet and the United password, and after the verification, according to the transaction execution message transaction operations.

[0093] 由此可见本实用新型的智能卡交易方法,通过智能卡和POS机的一次接入完成交易所需数据的交互,降低了多次接入造成的重要信息被截获的风险,提高了安全性。 [0093] Thus the invention of the smart card transaction method, by a smart card and POS machines access the data required to complete the interaction of trading, reducing the risk of critical information being intercepted multiple access due to the improved security .

[0094] 图4为本实用新型具有电子签名功能的智能卡交易系统的结构示意图。 [0094] FIG. 4 is a schematic diagram of the structure of the utility model of smart card transaction system with an electronic signature functions. 先结合图4,对本实用新型具有电子签名功能的智能卡交易系统的结构进行说明,具体如下: 4 in conjunction with FIG. First, the configuration of the present invention the smart card transaction system having the electronic signature function will be described as follows:

[0095] 本实用新型的具有电子签名功能的智能卡交易系统包括:P0S机10、银行服务器20以及具有电子签名功能的智能卡30。 [0095] The present invention is a smart card transaction system with an electronic signature functions include: P0S 10, the bank server 20 and smart card 30 with an electronic signature function. 智能卡30为具有电子签名功能的设备,可以包括含有用户账户信息的卡芯片和利用密钥进行数字签名的安全芯片,或者包括具有上述两个芯片功能的集成芯片。 30 is a device having a smart card electronic signature function, the user may include a chip card containing account information and the security chip using a key of a digital signature, comprising an integrated chip or chip having the above-described two functions.

[0096] 其中,具有电子签名功能的智能卡30包括:收发模块301、密码生成模块302、签名模块303和显示模块304 ;换句话说,具有电子签名功能的智能卡30包含的上述模块可集成在一个芯片上,也可根据智能卡30所采用的芯片的数量和功能,集成在多个芯片上,在此就不在一一举例说明。 [0096] wherein, the smart card 30 with an electronic signature function comprising: a transceiver module 301, a password generation module 302, the signature module 303 and the display module 304; in other words, the above-described module smart card having an electronic signature function 30 contains may be integrated in a on-chip, also according to the number and function of smart card chip 30 is employed, a plurality of integrated on-chip, this is not illustrated in eleven.

[0097] 收发模块301用于接入POS机10,接收交易报文并发送至签名模块303。 [0097] The transceiver module 301 for accessing a POS machine 10, and receives the transaction message is sent to the signature module 303.

[0098] 密码生成模块302用于生成联合密码,并发送至签名模块303和显示模块304。 [0098] The password generation module 302 for generating a combined code and sends it to the signature module 303 and display module 304. 具体的,密码生成模块302可在收发模块301接收到交易报文后,生成联合密码。 Specifically, after the password generation module 302 may receive a transaction message transceiver module 301, to generate combined password.

[0099] 签名模块303根据交易报文和联合密码生成签名报文,并通过收发模块301至少将签名报文发送至POS机10。 [0099] signature module 303 generates a signature of the transaction message packets and password joint, and transmitted to the POS 10 via the transceiver module 301 at least the message signature.

[0100] POS机10接收通过按键输入的智能卡30生成的联合密码,至少将交易报文、签名报文和联合密码发送至银行服务器20。 [0100] POS machine 10 receives key input through the Joint password generated by the smart card 30, at least send the transaction message, the signature packet and the United password to the bank server 20.

[0101] 银行服务器20验证签名报文和联合密码,并在验证通过后,根据交易报文执行交易操作。 [0101] 20 bank signature verification server messages and the United password, and after the verification, according to the transaction execution message transaction operations.

[0102] 当然,在上述结构的基础上,本实用新型的智能卡30的收发模块301在发送签名报文至POS机10之后,还断开与POS机10的连接,以便显示模块304显示交易报文。 [0102] Of course, in the above structure, 301 after sending the signed message to the POS unit 10, is also disconnected from the POS unit 10 according to the present invention the smart card transceiver module 30 to the display module 304 displays the transaction message Wen. 从而保证本实用新型的智能卡30仅与POS机10接触一次便完成了交易所需数据交互,降低由于二次接触产生数据被截获的风险,提高了交易的安全性。 Thus ensuring the present invention, a smart card 30 only once in contact with the POS machine 10 will be required to complete the transaction data exchange, reducing the risk of data due to the secondary contacts intercepted improve the security of transactions.

[0103] 当然,银行服务器20可以在验证联合密码失败预设次数(例如3次)后,锁定该智能卡对应的账号以保护用户账户的安全。 [0103] Of course, the bank server 20 can verify the United preset number of failed password (for example, three times), the locking of the smart card corresponding account in order to protect the security of user accounts.

[0104] 此外,智能卡30还可以包括:按键模块305。 [0104] In addition, the smart card 30 may further comprises: key module 305. 按键模块305根据接收到的确认密码和/或确认指令,触发显示模块304显示联合密码。 Key cryptographic module 305 according to the received acknowledgment and / or confirmation instruction, the display module 304 displays a joint trigger password.

[0105] 具体的,例如用户可以通过如下方式触发显示模块304显示联合密码: [0105] Specifically, for example, a user may trigger the display of the display module 304 by way of a joint Password:

[0106] (I)输入确认密码,在智能卡30验证确认密码正确后,显示模块304显示联合密码;或者 [0106] (I) confirm the password input, confirm the password is correct in the verification smart card 30, the display module 304 displays a password joint; or

[0107] (2)按下确认按键,触发显示模块304显示联合密码;或者 [0107] (2) pressing the Enter key, the display module 304 displays a joint trigger code; or

[0108] (3)输入确认密码,并按下确认按键,在智能卡30验证确认密码正确后,显示模块304显示联合密码。 [0108] (3) input confirmation code, and press OK button 30 after confirming authentication password is correct in the smart card, the display module 304 displays a password joint.

[0109] 当然,可以针对不同的消费金额设置触发显示模块304显示联合密码条件,例如,小额消费只需要用户按下确认按键,大额消费需要用户输入确认密码等。 [0109] Of course, you can trigger a different amount of consumption set the display module 304 displays the password joint conditions, such as small consumer need only confirm the user presses the button, the large consumer user input is required to confirm password.

[0110] 由此可见本实用新型的具有电子签名功能的智能卡和具有电子签名功能的智能卡交易系统,通过智能卡和POS机的一次接入完成交易所需数据的交互,降低了多次接入造成的重要信息被截获的风险,提高了安全性。 [0110] Thus the present invention has a smart card and electronic signature function smart card transaction system with an electronic signature functions, smart cards and POS machines access time required to complete interactive data transaction, resulting in reduced access times the risk of critical information being intercepted, improves security.

[0111] 流程图中或在此以其他方式描述的任何过程或方法描述可以被理解为,表示包括一个或更多个用于实现特定逻辑功能或过程的步骤的可执行指令的代码的模块、片段或部分,并且本实用新型的优选实施方式的范围包括另外的实现,其中可以不按所示出或讨论的顺序,包括根据所涉及的功能按基本同时的方式或按相反的顺序,来执行功能,这应被本实用新型的实施例所属技术领域的技术人员所理解。 [0111] In the flowchart in any process or method or otherwise described in this description may be understood as representing modules comprises one or more steps for implementing specific logical functions or processes executable instructions, fragment or portion, and the scope of the present invention further comprises a preferred embodiment of implementations in which the order shown or discussed do not press, comprising a substantially simultaneous manner or in reverse order, to perform the functionality involved function, which is to be understood by the art of the present invention embodiments Example art.

[0112] 应当理解,本实用新型的各部分可以用硬件、软件、固件或它们的组合来实现。 [0112] It should be understood that portions of the present invention can be implemented in hardware, software, firmware or a combination thereof to achieve. 在上述实施方式中,多个步骤或方法可以用存储在存储器中且由合适的指令执行系统执行的软件或固件来实现。 In the above-described embodiment, a plurality of steps or methods may be implemented in software or firmware and executed by a suitable system executing instructions stored in a memory with. 例如,如果用硬件来实现,和在另一实施方式中一样,可用本领域公知的下列技术中的任一项或他们的组合来实现:具有用于对数据信号实现逻辑功能的逻辑门电路的离散逻辑电路,具有合适的组合逻辑门电路的专用集成电路,可编程门阵列(PGA),现场可编程门阵列(FPGA)等。 For example, if implemented in hardware, as in another embodiment, the present technique may be any one of the following well-known in the art, or their combination thereof: a logic gate circuit for implementing logic functions upon data signals discrete logic circuits having appropriate combinational logic gate circuit ASIC, a programmable gate array (PGA), a field programmable gate array (FPGA) and the like.

[0113] 本技术领域的普通技术人员可以理解实现上述实施例方法携带的全部或部分步骤是可以通过程序来指令相关的硬件完成,的程序可以存储于一种计算机可读存储介质中,该程序在执行时,包括方法实施例的步骤之一或其组合。 [0113] skilled in the art can understand that ordinary method embodiments that all or part of the steps may be by a program instructing relevant hardware, the program may be stored in a computer-readable storage medium, the program when executed, or a combination of one embodiment includes a step of a method embodiment.

[0114] 此外,在本实用新型各个实施例中的各功能单元可以集成在一个处理模块中,也可以是各个单元单独物理存在,也可以两个或两个以上单元集成在一个模块中。 [0114] Further, each functional unit of the present invention in various embodiments may be integrated in one processing module, or may be physically separate units exist, may be two or more units are integrated in one module. 上述集成的模块既可以采用硬件的形式实现,也可以采用软件功能模块的形式实现。 The integrated module may be implemented in the form of hardware, software functional modules may also be implemented. 集成的模块如果以软件功能模块的形式实现并作为独立的产品销售或使用时,也可以存储在一个计算机可读取存储介质中。 If the integrated module implemented as a separate product sold or used in the form of a software functional module, it may be stored in a computer-readable storage medium.

[0115] 上述提到的存储介质可以是只读存储器,磁盘或光盘等。 [0115] The storage medium may be a read-only memory, magnetic or optical disk.

[0116] 在本说明书的描述中,参考术语“一个实施例”、“一些实施例”、“示例”、“具体示例”、或“一些示例”等的描述意指结合该实施例或示例描述的具体特征、结构、材料或者特点包含于本实用新型的至少一个实施例或示例中。 [0116] In the description of the present specification, reference to the term "one embodiment," "some embodiments", "an example", "a specific example", or "some examples" means that a description of the exemplary embodiment or embodiments described a particular feature, structure, material, or characteristic included in the present invention at least one embodiment or examples. 在本说明书中,对上述术语的示意性表述不一定指的是相同的实施例或示例。 In the present specification, a schematic representation of the above terms necessarily referring to the same embodiment or example. 而且,描述的具体特征、结构、材料或者特点可以在任何的一个或多个实施例或示例中以合适的方式结合。 Furthermore, the particular features, structures, materials, or characteristics described embodiments or examples may be at any one or more in a proper manner.

[0117] 尽管上面已经示出和描述了本实用新型的实施例,可以理解的是,上述实施例是示例性的,不能理解为对本实用新型的限制,本领域的普通技术人员在不脱离本实用新型的原理和宗旨的情况下在本实用新型的范围内可以对上述实施例进行变化、修改、替换和变型。 [0117] Although the above has been illustrated and described, the present invention embodiment, it is understood that the above embodiments are exemplary and are not to be understood as the present novel limiting practical, those of ordinary skill in the art without departing from the present may be the case where the invention within the principles and spirit of the present invention, the scope of the embodiments described above variations, modifications, alternatives, and modifications. 本实用新型的范围由所附权利要求及其等同限定。 The scope of the present invention by the appended claims and their equivalents.

Claims (4)

1.一种具有电子签名功能的智能卡,其特征在于,智能卡包括:收发模块,密码生成模块,签名模块和显示模块; 收发模块用于接入POS机,接收交易报文并发送至签名模块; 密码生成模块将生成的联合密码发送至签名模块和显示模块; 签名模块通过收发模块至少将根据交易报文和联合密码生成的签名报文发送至POS机。 A smart card having an electronic signature function, wherein, the smart card comprising: a transceiver module, a password generation module, a signature module and a display module; transceiver module for accessing a POS machine, and receives the transaction message is sent to the signature module; password generation module generates the password to the joint signature module and the display module; module signature generated by the transceiver module according to at least United transaction message and cryptographically signed message to the POS machine.
2.根据权利要求1的智能卡,其特征在于,收发模块在发送签名报文至POS机之后,还断开与POS机的连接; 显示模块在收发模块断开与POS机的连接后,还显示交易报文。 The smart card of claim 1, wherein the transceiver module after transmitting the signature message to the POS machine, also disconnected from the POS machine; disconnected after the display module in a transceiver module POS machine, also shown transaction message.
3.根据权利要求2的智能卡,其特征在于,智能卡还包括:按键模块; 按键模块根据接收到的确认密码和/或确认指令,触发显示模块显示联合密码。 Smart card according to claim 2, wherein the smart card further comprising: a key module; password key module according to the received acknowledgment and / or confirmation instructions, display module displays joint trigger password.
4.一种具有电子签名功能的智能卡交易系统,其特征在于,系统包括:P0S机、银行服务器及前述权利要求1至3任一项的智能卡; POS机接收通过按键输入的智能卡生成的联合密码,至少将交易报文、签名报文和联合密码发送至银行服务器; 银行服务器在验证签名报文和联合密码通过后,根据交易报文执行交易操作。 A smart card transaction system having the electronic signature function, characterized in that, the system comprising: any one of 1 to 3, the smart card according to P0S machine, the bank server and the preceding claims; the POS receives generated by the smart card key input combination code at least the transaction message, the signature packet and the United password to the bank server; server after the bank verifies the signature packet and the United password, according to the transaction execution message transaction operations.
CN 201320102167 2013-02-06 2013-03-06 An intelligent card containing an electronic signature function and an intelligent card transaction system CN203242029U (en)

Priority Applications (5)

Application Number Priority Date Filing Date Title
CN201310047316.1 2013-02-06
CN201320069875 2013-02-06
CN201320069875.8 2013-02-06
CN201310047316 2013-02-06
CN 201320102167 CN203242029U (en) 2013-02-06 2013-03-06 An intelligent card containing an electronic signature function and an intelligent card transaction system

Applications Claiming Priority (3)

Application Number Priority Date Filing Date Title
CN 201320102167 CN203242029U (en) 2013-02-06 2013-03-06 An intelligent card containing an electronic signature function and an intelligent card transaction system
PCT/CN2014/071657 WO2014121721A1 (en) 2013-02-06 2014-01-28 Smart card with electronic signature function, and smart card transaction system and method
HK14101027.9A HK1194247A2 (en) 2013-02-06 2014-01-30 Smart card having electronic signature function and smart card transaction system

Publications (1)

Publication Number Publication Date
CN203242029U true CN203242029U (en) 2013-10-16

Family

ID=48415212

Family Applications (3)

Application Number Title Priority Date Filing Date
CN 201320102167 CN203242029U (en) 2013-02-06 2013-03-06 An intelligent card containing an electronic signature function and an intelligent card transaction system
CN201810462779.7A CN108596605A (en) 2013-02-06 2013-03-06 Smart card with electronic signature function
CN201310070753.5A CN103116847B (en) 2013-02-06 2013-03-06 Smart card, intelligent card transaction system and method with electronic signature functionality

Family Applications After (2)

Application Number Title Priority Date Filing Date
CN201810462779.7A CN108596605A (en) 2013-02-06 2013-03-06 Smart card with electronic signature function
CN201310070753.5A CN103116847B (en) 2013-02-06 2013-03-06 Smart card, intelligent card transaction system and method with electronic signature functionality

Country Status (2)

Country Link
CN (3) CN203242029U (en)
HK (1) HK1194247A2 (en)

Cited By (2)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
WO2014121721A1 (en) * 2013-02-06 2014-08-14 天地融科技股份有限公司 Smart card with electronic signature function, and smart card transaction system and method
CN104166914A (en) * 2014-08-20 2014-11-26 武汉天喻信息产业股份有限公司 Secure system and method based on secure element and applied to host card emulation technology

Families Citing this family (7)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN103366278B (en) * 2013-06-04 2016-11-23 天地融科技股份有限公司 A method and system for processing the requested operation
CN104282092B (en) * 2013-07-04 2017-02-08 中国银联股份有限公司 The method of digital signature and pos terminal for implementing digital signature
CN103973455B (en) * 2014-05-28 2018-09-18 天地融科技股份有限公司 An information interaction method
CN108319870A (en) * 2014-05-28 2018-07-24 天地融科技股份有限公司 Keyless electronic key device
CN104935441B (en) * 2015-06-30 2018-09-21 京东方科技集团股份有限公司 An authentication method and related apparatus, systems
CN105023150A (en) * 2015-07-22 2015-11-04 天地融科技股份有限公司 Data processing method and device for POS machine
CN105023374A (en) * 2015-07-22 2015-11-04 天地融科技股份有限公司 Transaction system of POS machine

Family Cites Families (10)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
JPH0670818B2 (en) * 1984-09-07 1994-09-07 カシオ計算機株式会社 Matching card and the authentication method
US5317636A (en) * 1992-12-09 1994-05-31 Arris, Inc. Method and apparatus for securing credit card transactions
FR2771533B1 (en) * 1997-11-21 2003-01-31 Taib Thierry Baillie Security card for secure payment by credit card
US6816058B2 (en) * 2001-04-26 2004-11-09 Mcgregor Christopher M Bio-metric smart card, bio-metric smart card reader and method of use
US20070241183A1 (en) * 2006-04-14 2007-10-18 Brown Kerry D Pin-secured dynamic magnetic stripe payment card
US7581678B2 (en) * 2005-02-22 2009-09-01 Tyfone, Inc. Electronic transaction card
CN1831865B (en) * 2006-04-24 2010-09-29 北京易恒信认证科技有限公司 Electronic bank safety authorization system and method based on CPK
CN101178802A (en) * 2006-11-08 2008-05-14 李东声 Dynamic password realization method in network bank trading and electronic signing device
CN102542452A (en) * 2011-11-09 2012-07-04 王筱雨 Method and system for verifying transaction passwords of point-of-sale (POS) machine terminal
CN102609750A (en) * 2012-02-15 2012-07-25 东信和平智能卡股份有限公司 Intelligent card provided with input device and output device

Cited By (2)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
WO2014121721A1 (en) * 2013-02-06 2014-08-14 天地融科技股份有限公司 Smart card with electronic signature function, and smart card transaction system and method
CN104166914A (en) * 2014-08-20 2014-11-26 武汉天喻信息产业股份有限公司 Secure system and method based on secure element and applied to host card emulation technology

Also Published As

Publication number Publication date
CN108596605A (en) 2018-09-28
CN103116847B (en) 2019-06-25
HK1194247A2 (en) 2014-10-10
CN103116847A (en) 2013-05-22

Similar Documents

Publication Publication Date Title
US9734496B2 (en) Trusted remote attestation agent (TRAA)
US20150019443A1 (en) Secure remote payment transaction processing
US20100306076A1 (en) Trusted Integrity Manager (TIM)
US9467292B2 (en) Hardware-based zero-knowledge strong authentication (H0KSA)
CN103714641B (en) A terminal master key method and system for secure download tmk
US9135424B2 (en) Secure identity binding (SIB)
US20150324789A1 (en) Cryptocurrency Virtual Wallet System and Method
US9813245B2 (en) Methods for secure cryptogram generation
EP2995039B1 (en) Systems and methods for secure communication
EP3047437A1 (en) Secure remote payment transaction processing including consumer authentication
CN101131756B (en) Security authentication system, device and method for electric cash charge of mobile paying device
US8650614B2 (en) Interactive phishing detection (IPD)
CN103793815B (en) Applicable to bank cards and card industry mobile intelligent terminal receiving system and method
US20150339664A1 (en) Offline authentication
CN101848090B (en) Authentication device and system and method using same for on-line identity authentication and transaction
US20160218875A1 (en) Methods for secure credential provisioning
CN101183456A (en) Encryption device, system and method for encryption, identification using the encryption device
CN103501191B (en) Mobile payment device and method based on near field communication technology nfc
CN102737311A (en) Internet bank security authentication method and system
CN102034321B (en) Authentication method and system used for wireless payment
US9647845B2 (en) Key downloading method, management method, downloading management method, device and system
AU2015277000B2 (en) Efficient methods for authenticated communication
CN103136668A (en) Terminal payment method, terminal and payment platform
CN102123027A (en) Information security processing method and mobile terminal
WO2014161468A1 (en) Information processing method and system

Legal Events

Date Code Title Description
C14 Granted