CN204631932U - A kind of payment devices for mobile terminal - Google Patents
A kind of payment devices for mobile terminal Download PDFInfo
- Publication number
- CN204631932U CN204631932U CN201520318200.1U CN201520318200U CN204631932U CN 204631932 U CN204631932 U CN 204631932U CN 201520318200 U CN201520318200 U CN 201520318200U CN 204631932 U CN204631932 U CN 204631932U
- Authority
- CN
- China
- Prior art keywords
- mobile terminal
- safety chip
- payment
- detection device
- card
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Active
Links
Landscapes
- Financial Or Insurance-Related Operations Such As Payment And Settlement (AREA)
Abstract
The utility model provides a kind of payment devices for mobile terminal, comprising: mobile terminal action detection device, for detecting the kinematic parameter of mobile terminal; Safety chip, is connected with described mobile terminal action detection device, for according to described kinematic parameter identification motion state, and when judging to meet default motion state, utilizes private key to sign to payment message.By upper, before being paid by mobile terminal, by user, payment verification is carried out for the rocking action of mobile terminal, mobile terminal action detection device and safety chip direct-connected, rock trigger pip and directly export safety chip to, there is not described jolt signal and to be held as a hostage or by counterfeit problem.
Description
Technical field
The utility model relates to Financial information safety technical field, particularly a kind of payment devices for mobile terminal.
Background technology
Mobile banking refers to the system of being carried out bank paying by the such as mobile terminal device such as smart mobile phone or panel computer by internet, in order to improve security and convenience, the SD card of mobile terminal device can be utilized to carry out safety certification as safe unit, when mobile terminal device pays, produce the program paid and the HASH value paying message need be sent to safe unit, safe unit utilizes private key to sign to HASH value, signature result is sent to bank's background system by internet together with payment message, bank's background system utilizes the PKI of user to verify signature result, be verified the rear payment just carrying out reality.
As can be seen from above-mentioned signature process, the link that signature process during payment does not have user to confirm, may exist by the long-range risk of seizing on both sides by the arms of hacker thus, namely hacker carries out delivery operation at the mobile terminal device of Long-distance Control user, the signature function calling mobile terminal device safe unit is signed to payment message, when this signature result is sent to bank's background system, it is the signature forged that bank's background system None-identified goes out it, still can carry out actual payment, make the fund of user impaired.
Utility model content
In view of this, fundamental purpose of the present utility model is, there is provided a kind of payment devices for mobile terminal, an integrated mobile terminal action detection device in the safe unit of mobile terminal inside, with perception user rocking mobile terminal device, when using mobile terminal device to pay, only when mobile terminal device rocks, just payment message is signed, refusal signature in other situations, payment cannot be carried out, thus evade long-range risk of seizing on both sides by the arms.
The described payment devices for mobile terminal comprises:
Mobile terminal action detection device, for detecting the kinematic parameter of mobile terminal, identifies motion state, and when judging to meet default motion state, output order;
Safety chip, is connected with described mobile terminal action detection device, utilizes private key to sign to payment message according to instruction.
By upper, before being paid by mobile terminal, by user, payment verification is carried out for the rocking action of mobile terminal, mobile terminal action detection device and safety chip direct-connected, rock trigger pip and directly export safety chip to, there is not described jolt signal and to be held as a hostage or by counterfeit problem.
Optionally, described mobile terminal action detection device comprises part of data acquisition and motion detection part.
Optionally, described part of data acquisition comprises one of following: accelerometer, three-axis gyroscope.
By upper, the different actions of mobile terminal can be detected, meet and all can carry out payment verification by different action.
Optionally, described safety chip comprises SD card safety chip.
Optionally, also comprise: the SD card controller be connected with described SD card safety chip; The storage unit be connected with described SD card controller.
By upper, because SD card is as the data storage device of standard, itself do not possess the interface receiving instruction, when user open financial class application and after assigning dependent instruction, first instruction can issue SD card controller as the data field writing SD sector command, and then obtains the response data of COS information by the order of reading SD sector.
Accompanying drawing explanation
Figure 1 shows that payment devices embodiment schematic diagram;
Figure 2 shows that the payment flow figure of payment devices.
Embodiment
For overcoming the defect that prior art exists, the utility model provides a kind of payment devices for mobile terminal, an integrated mobile terminal action detection device in the safe unit of mobile terminal inside, perception user rocking mobile terminal device, when using mobile terminal device to pay, only when mobile terminal device rocks, just payment message is signed, thus evade long-range risk of seizing on both sides by the arms.
Be illustrated in figure 1 the principle schematic of the payment devices for mobile terminal.
As shown in the embodiment of fig. 1, the utility model utilizes SD card safety chip to carry out safety certification as safe unit, and payment equipment comprises: SD card controller, and difference connected storage unit, SD card safety chip and communication port; In addition, the mobile terminal action detection device be connected with described SD card safety chip is also comprised.Storage unit adopts model to be the storage chip of K9K8G08, and SD card controller is connected by NAND_FLASH interface with between storage unit, is connected by SPI interface with between SD card safety chip, is connected with adopting SD interface between communication port; Described SD card safety chip is same with between mobile terminal action detection device to be connected by SPI interface.
In the present embodiment, mobile terminal action detection device comprises part of data acquisition and motion detection part, and wherein, part of data acquisition comprises accelerometer and/or three-axis gyroscope, for rocking data collection to mobile terminal device.Motion detection part, for judging that it rocks whether superthreshold, namely determines whether that user's subjectivity that action is carried out according to the rules is rocked.In the present embodiment, accelerometer adopts and comprises the circuit that model is ADXL345 chip, and three-axis gyroscope adopts and comprises the circuit that model is CMR3000 chip, and motion detection part adopts and comprises the circuit that model is AT89C51 chip.SPI interface is adopted to be connected between part of data acquisition with motion detection part.
First SD card controller needs the address judging received information, and only when the transmission address of information belongs to SD card safety chip, and before carrying out payment action, side communicates with mobile terminal action detection device, assigns instruction to it.Motion detection part in mobile terminal action detection device judges action (rocking) parameter that the user that part of data acquisition collects applies mobile terminal, if when being judged as compulsory exercise, inform SD card controller, the HASH value of the payment message sent by SD card controller mobile terminal receive main control chip (not shown), and described HASH value is transmitted to SD card safety chip, utilize private key to sign to HASH value by SD card safety chip, signature result is sent to bank's background system by internet together with payment message.Described SD card controller adopts and comprises the chip that model is GT0321 model, and specific works step will describe in detail later.
Be illustrated in figure 2 the process flow diagram of payment devices, specifically comprise the following steps:
Step S10: the address judging received information.
Open all kinds of APP on mobile terminal whenever user after, the main control chip of mobile terminal is selected to perform corresponding operation according to user.When user open financial class application and after assigning dependent instruction (comprising payment instruction, query statement etc.), described instruction transformation is chip operating system information (COS, Chip Operation System) by the main control chip of mobile terminal.The function of COS information is the message exchange of the main control chip of control SD card safety chip and mobile terminal, storer in management SD card safety chip complete the process of various order at chip internal.SD card safety chip, as the data storage device of standard, itself does not possess the interface receiving COS information.Therefore, when user open financial class application and after assigning dependent instruction, when described instruction transformation is COS information by mobile terminal main control chip, COS information need be issued SD card controller as the data field writing SD sector command, and then obtain the response data of COS information by the order of reading SD sector.According to the sevtor address in SD order, SD card controller determines that storage unit is issued in order, still SD card safety chip is issued, if the sevtor address in order is less than or equal to the actual address of storage unit, order is sent to storage unit by SD card controller, then enter step S20, perform and store operation normally.
If the sevtor address in order is greater than the actual address of storage unit, then enters step S30, order is sent to SD card safety chip.
Whether the instruction that identification receives of step S30:SD card safety chip is payment instruction.
SD card safety chip has the function identifying described COS information, when judge that COS information loads be payment instruction time, enter step S40, otherwise enter step S80.
Step S40: part of data acquisition gathers the kinematic parameter of mobile terminal, and motion detection part identification motion conditions, transfers to SD card safety chip.
After SD card safety chip in step S30 receives and confirms as payment instruction, that opens with the communication of motion detection part is enable, can receive motion detection part thus and judge result.This result triggers as user the instruction that SD card safety chip carries out paying message signature procedure.
When mobile terminal rocks, accelerometer detects current X, Y, Z tri-acceleration parameter of axle, and motion detection part judges the motion conditions of mobile terminal according to described parameter.Further, when the changing towards the direction relative to gravity of mobile device, accelerometer just can detect; But to detect simultaneously mobile device towards and kinematic parameter, just need to use three-axis gyroscope, it can detect the anglec of rotation of mobile device around X, Y, Z axis.
Can be detected the motion conditions of mobile device by accelerometer and/or three-axis gyroscope, described motion conditions at least comprises one of following:
One, movement locus.
Two, motion frequency.
Three, exercise intensity.
Four, run duration.
Owing to belonging to prior art to the judgement principle of above-mentioned motion conditions, therefore no longer its deterministic process is described in detail at this.
Detected acceleration parameter and the anglec of rotation are transferred to motion detection part by accelerometer and/or three-axis gyroscope.
Step S50: according to described parameter, motion detection part judges whether the motion conditions of mobile terminal belongs to predetermined operation.
Because the differentiation situation of above-mentioned four kinds of motion conditions is different, meet wherein any one parameter request time, can think and belong to compulsory exercise.
First for movement locus, suppose that prespecified movement locus is similar to letter " O ", then, when the movement locus of the mobile terminal that accelerometer and/or three-axis gyroscope collect is for letter " O ", represent and belong to compulsory exercise.It should be noted that, the judgement based on movement locus only detects movement locus itself, has nothing to do with its shift length, namely no matter actual measurement time radius of motion be 5 or radius be 10, as long as preset when movement locus meets, can serious forgiveness be improved thus.
For motion frequency, when within a certain period of time, after the reciprocal time that accelerometer and/or three-axis gyroscope detect mobile terminal reaches preset value, represent that the motion frequency that user rocks mobile terminal reaches requirement, belong to compulsory exercise.
For exercise intensity, motion shift reciprocately distance or the reciprocal time of accelerometer and/or three-axis gyroscope detection mobile terminal reach preset value, and accelerometer is when detecting that X, Y, Z tri-has the acceleration of any axle to be greater than threshold values in axle, represent that user employs certain dynamics and rocks mobile terminal, thus reach default exercise intensity, belong to compulsory exercise.
For run duration, if accelerometer detects that X, Y, Z tri-has the acceleration of any axle to be greater than threshold values in axle, and when the duration reaches expection, namely think and belong to compulsory exercise.Or three-axis gyroscope detects around any axle rotational angle of X, Y, Z tri-in axle and is greater than threshold value, and when the duration reaches expection, thinks equally and belong to compulsory exercise.
By above-mentioned deterministic process, when judged result be mobile terminal according to compulsory exercise campaign time, represent that user adopts the action triggers preset SD card safety chip to carry out the instruction of payment message signature procedure, enter step S40; Otherwise enter step S70, namely SD card safety chip does not perform signature operation, and payment instruction is invalid.Response data is set as " sky ", the return code that the main control chip to mobile terminal is reported is set as " time-out ".The main control chip of mobile terminal, according to above-mentioned corresponding data and return code information, is loaded on the display interface of financial class application.
Motion detection part is for the differentiation to four kinds of motion conditions, realize by independent chip, such as adopt and comprise the circuit that model is AT89C51 chip, also the integrated chip of this function will can be realized in SD card safety chip, such as adopt and comprise the circuit that model is HS32U2 chip, can realize in a word above-mentionedly differentiating.
Step S60:SD card safety chip performs signature operation.
When after the program that user is signed to payment message by compulsory exercise triggering SD card safety chip, SD card safety chip utilizes private key to sign to the HASH value paying message, and signature result is sent to bank's background system by internet together with payment message.And by signature result responsively data buffer storage at the storage area of SD card safety chip inside, the return code that the main control chip to mobile terminal is reported is set as " correctly ".
The utility model can solve in prior art and mobile terminal itself is provided with mobile terminal action detection device, will rock as trigger pip, as shaking of arranging in micro-letter, as the functional realiey that shakes in note red packet pays.But because mobile terminal action detection device does not directly communicate with SD card safety chip, the jolt signal that therefore there is mobile terminal is held as a hostage, or produced the technical matters of certain signal personation by program.The application by mobile terminal action detection device and SD card safety chip direct-connected, action triggers signal directly exports SD card safety chip to, there is not described jolt signal and to be held as a hostage or by counterfeit technical matters.
Step S80: perform other instructions.
When user assigns other non-pay instructions by the application of financial class, such as to query the balance etc. other instructions time, then SD card safety chip directly performs this instruction.When performing other instructions, according to implementation status by execution result responsively data buffer storage at the storage area of SD card safety chip inside, and corresponding return code is set.
The foregoing is only preferred embodiment of the present utility model, not in order to limit the utility model.In a word, all within spirit of the present utility model and principle, any amendment done, equivalent replacement, improvement etc., all should be included within protection domain of the present utility model.
Claims (5)
1. for a payment devices for mobile terminal, it is characterized in that, comprising:
Mobile terminal action detection device, for detecting the kinematic parameter of mobile terminal, identifies motion state, and when judging to meet default motion state, output order;
Safety chip, is connected with described mobile terminal action detection device, utilizes private key to sign to payment message according to instruction.
2. equipment according to claim 1, is characterized in that, described mobile terminal action detection device comprises part of data acquisition and motion detection part.
3. equipment according to claim 2, is characterized in that, described part of data acquisition comprises one of following: accelerometer, three-axis gyroscope.
4. equipment according to claim 1, is characterized in that, described safety chip comprises SD card safety chip.
5. equipment according to claim 4, is characterized in that, also comprises: the SD card controller be connected with described SD card safety chip; The storage unit be connected with described SD card controller.
Priority Applications (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN201520318200.1U CN204631932U (en) | 2015-05-15 | 2015-05-15 | A kind of payment devices for mobile terminal |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN201520318200.1U CN204631932U (en) | 2015-05-15 | 2015-05-15 | A kind of payment devices for mobile terminal |
Publications (1)
| Publication Number | Publication Date |
|---|---|
| CN204631932U true CN204631932U (en) | 2015-09-09 |
Family
ID=54050937
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN201520318200.1U Active CN204631932U (en) | 2015-05-15 | 2015-05-15 | A kind of payment devices for mobile terminal |
Country Status (1)
| Country | Link |
|---|---|
| CN (1) | CN204631932U (en) |
-
2015
- 2015-05-15 CN CN201520318200.1U patent/CN204631932U/en active Active
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| JP7241791B2 (en) | Methods, devices, devices and storage media for defending against attacks | |
| CN104412242B (en) | Internal memory is protected | |
| CN100524154C (en) | A computer system including a bus bridge for connection to a security services processor | |
| CN109787943A (en) | A kind of method and apparatus of resisting abnegation service aggression | |
| CN106231090A (en) | The analog card changing method of a kind of NFC mobile terminal and device | |
| CN103620606B (en) | Store detection means, system and storage detection method | |
| CN107643940A (en) | Container creation method, relevant device and computer-readable storage medium | |
| CN104850989A (en) | Payment equipment for mobile terminal and payment method | |
| CN108021805A (en) | Detect method, apparatus, equipment and the storage medium of Android application program running environment | |
| CN106200891A (en) | The display method of user interface, Apparatus and system | |
| CN106327169A (en) | Electronic fund transferring method and apparatus | |
| CN102129384A (en) | Method and apparatus for virtualizing a host USB adapter | |
| EP3007066A1 (en) | Method for using shared device in apparatus capable of operating two operating systems | |
| CN109726067A (en) | A kind of process monitoring method and client device | |
| CN105631662A (en) | NFC payment method, NFC payment system and mobile terminal | |
| CN101490700B (en) | Smart card terminal side data and management framework | |
| CN106488394A (en) | A kind of method and device of equipment connection | |
| CN107451813A (en) | Method of payment, payment devices and paying server | |
| CN108366161A (en) | The test method and device of radiation dispersion, electronic device and readable storage medium storing program for executing | |
| CN109450912A (en) | Data transmission method, device and equipment | |
| WO2013168151A2 (en) | Method and system for authentication of communication and operation | |
| CN108306977A (en) | Electric vehicle charging accounting method and apparatus | |
| CN114499919B (en) | Method and system for modeling engineering machinery communication security network threat | |
| CN103138919B (en) | A kind of key fill front-end system and method thereof | |
| CN113810403A (en) | Charging pile vulnerability detection method and detection device based on communication protocol |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| C14 | Grant of patent or utility model | ||
| GR01 | Patent grant | ||
| C56 | Change in the name or address of the patentee | ||
| CP01 | Change in the name or title of a patent holder |
Address after: 100094, Beijing, Haidian District, West Road, No. 8, Zhongguancun Software Park, building 9, international software building E, one floor, two layers Patentee after: BEIJING HAITAI FANGYUAN HIGH TECHNOLOGY CO., LTD. Address before: 100094, Beijing, Haidian District, West Road, No. 8, Zhongguancun Software Park, building 9, international software building E, one floor, two layers Patentee before: Beijing Haitai Fangyuan High Technology Co., Ltd. |