TW200949765A - Verification system and method of smart card - Google Patents

Verification system and method of smart card Download PDF

Info

Publication number
TW200949765A
TW200949765A TW97117987A TW97117987A TW200949765A TW 200949765 A TW200949765 A TW 200949765A TW 97117987 A TW97117987 A TW 97117987A TW 97117987 A TW97117987 A TW 97117987A TW 200949765 A TW200949765 A TW 200949765A
Authority
TW
Taiwan
Prior art keywords
data
card
program
server
verification code
Prior art date
Application number
TW97117987A
Other languages
Chinese (zh)
Other versions
TWI347564B (en
Inventor
xiang-wei Zhang
Ping-Sheng Xu
xue-yong Luo
yong-hui Lin
nan-sheng Xie
Original Assignee
President Information Corp
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by President Information Corp filed Critical President Information Corp
Priority to TW097117987A priority Critical patent/TWI347564B/en
Publication of TW200949765A publication Critical patent/TW200949765A/en
Application granted granted Critical
Publication of TWI347564B publication Critical patent/TWI347564B/en

Links

Abstract

This invention relates to a verification system and method of a smart card. A browsing program of a computer sends a smart card write-in request and stored value units to a server. The program function in the server website resends an instruction back to the interface control unit of the browsing program. By using a card reader to read the data in the smart card, the stored value units are encrypted, and a verification code is sent to the server. The authorization program compares the encrypted data and the verification code to determine whether the smart card is opened and whether the data are correct. If the data are correct, the connection to the encryption device is enabled to perform authorization, determining whether the identity of the smart card holder is correct; if yes, the authorization program in the server will resend the encrypted data and the verification code back to the interface control unit of the browsing program in the computer to use the card reader to write the stored value units into the smart card.

Description

200949765 九、發明說明: 【發明所屬之技術領域】 本發明係關於一種晶片卡驗證系統及其方法,尤指一 種適用於晶片卡儲值之驗證系統及其方法。 5 【先前技術】 近戍年來智慧卡、晶片卡(Smart Card)的發展與運用, φ 已經到了相當成熟普及的境地,特別是近年來詐騙集團猖 狼’使得政府、企業加速將傳統磁條卡替換成晶片卡如 1〇 T無論是電話卡、健保卡都已是晶片卡,包括便利超商的 消費儲值卡也是晶片卡’手機内的㈣⑽似如—卿 Module)卡、報稅與監理所服務的自然人憑證卡、視訊機頂 盒的收視訂閱戶辨識卡等也都是採用晶片卡,甚至交通運 輸搭乘與停車付費之用的悠遊卡(EasyCard),更是用非接觸 15 的感應式晶片卡。 今曰晶片卡之所以大量取代磁條卡,首要的需求考量 即疋女全性,錶然晶片卡之安全性高於磁條卡,但並非表 不曰曰片卡安全性的風險為零故持續強化其安全性也是晶 片卡必然的課題,舉例來說,目前晶片卡储值點數寫入之 20網頁丨程式語法在網頁為明碼顯示或使用工6位元碼加 密,使用者可輕易解瑪還原破解,且儲值點數並無加密, 有心人士可透過封包側錄方式改寫點數,使得其安全性風 險增加不/’故有必要改善其驗證機制來降低資料可能被 慕改之風險。 5 200949765 【發明内容】 帛於上述習知之網路安全性風險的問題’本發明提供 種於電腦上執行晶片卡寫人储值單位之驗證方法,電腦 連接讀卡機以讀取晶片卡之㈣,電職存有—劉覽程 5式,劉覽程式包括一介面控制單元,透過讀卡機對晶片卡 進饤資料讀或寫之動作,並透過網路連線至一飼服器進行 資料傳輸,词服器儲存有一網站,網站中包含程式函數及 認證程式,伺服器經由網路分別連結電腦、一資料庫及_ 加密裝置,驗證方法主要包括下述之步驟,首先,測覽程 10 <對伺服器傳送-晶片卡寫人請求及儲值單位,伺服器網 站中之程式函數回傳-指令至劉覽程式之介面控制單元, 介面控制單元透過讀卡機讀取晶片卡中之資料,將儲值單 位進行加密並產生一驗證碼,再將加密資料及驗證碼傳送 至伺服器,伺服器之認證程式將加密資料及驗證瑪與資料 15庫進行比對,判斷晶片卡是否為開通狀態且資料正確,若 資料正確則連線至加密裝置進行認證,確認晶片卡持有者 ® 之身份是否正確,若是,則伺服器之認證程式將加密資料 及驗證碼回傳至電腦之瀏覽程式之介面控制單元,透過讀 卡機將儲值單位寫入晶片卡中。 " 20 本發明所提出之晶片卡驗證系統,主要包括一讀卡 機、一電腦、一伺服器、一資料庫以及一加密裝置,資料 庫儲存有晶片卡資料,加密裝置係提供加解密之處理讀 卡機連接電腦’以讀取晶片卡之資料’伺服器儲存有一 L 站’網站中包含程式函數及認證程式,伺服器經由網路分 6 200949765 - 別連結電腦、資料庫及加密裝置,電腦儲存有一網路瀏覽 程式,網路瀏覽程式包括一介面控制單元,例如一 Active X 控制項,透過讀卡機對晶片卡進行資料讀或寫,並透過網 路瀏覽伺服器之網站頁面進行資料傳輸。 5 其中,當瀏覽程式對伺服器傳送一晶片卡寫入請求及 儲值單位時,網站中之程式函數,例如Javascript函數,回 傳指令至網路瀏覽程式之介面控制單元,以透過讀卡機讀 取晶片卡中之資料,對儲值單位進行加密處理,例如以資 〇 料加密標準演算法(Data Encryption Standard,DES)進行加 10 密,並產生一驗證碼,例如一文件訊息驗證碼(Message Authentication Code,MAC),加密後之資料及驗證碼再經 過網路傳送至伺服器,伺服器之認證程式將接收到之加密 資料及驗證碼與資料庫進行比對,確認晶片卡為開通狀態 且資料正確後,再連線至加密裝置,例如一網路硬體加密 15 模組進行認證,以確認晶片卡持有者之身份,若身份確認 無誤,伺服器之認證程式將加密資料及驗證碼回傳至電腦 φ 之瀏覽程式之介面控制單元,透過讀卡機將儲值單位寫入 晶片卡中。 20 【實施方式】 為能讓讀者更瞭解本發明之技術内容,特以一晶片卡 驗證系統為較佳具體實施例說明如下,請先參閱圖1,圖1 係本發明一較佳實施例之晶片卡驗證系統示意圖,其包括 一讀卡機10、一電腦12、一伺服器13、一資料庫14以及一 200949765 5 10 15 加密裝置15,再請參閱圊2,圖2係本發明一較隹實施例之 晶片卡驗證系統架構圖,其亦顯示前述讀卡機10、電腦12、 伺服器13、資料庫14以及加密裝置15,其中’資料庫14儲 存有晶片卡資料,加密裝置15係提供加解密之處理’讀卡 機10連接至電腦12,以讀取晶片卡11之資料’狗服器13儲 存有一網站130,其包含程式函數131及認證程式132 ’祠服 器13經由網路分別連結電腦12、資料庫14及加密裝置15 ’ 電腦12並儲存有一網路瀏覽程式120,其包括一介面控制單 元121,於本實施例中,介面控制單元較佳為一 Active X控 制項,以透過讀卡機10對晶片卡11進行資料讀或寫’並透 過網路瀏覽伺服器13之網站130頁面進行資料傳輸。 其中,當瀏覽程式120對伺服器13傳送一晶片卡寫入請 求及儲值單位’時,網站130中之程式函數131,於本實施例 中,程式函數較佳為一 Javascript函數,回傳指令至網路潘J 覽程式120之介面控制單元121,以透過讀卡機1〇讀取晶片 卡11中之資料,對儲值單位進行加密處理並產生一驗證 碼,於本實施例中,較佳之加密方法為一資料加密標準演 算法(Data Encryption Standard,DES),驗證碼較佳為一文 件訊息驗證碼(Message Authentication Code,MAC),加密 後之資料和驗證碼再經過網路傳送至伺服器13,伺服器13 之認證程式132將加密資料及驗證碼與資料庫14進行比 對’請參閱圖3,圖3係本發明一較佳實施例之資料庫内容 示意圖’確認晶片卡11為開通狀態且資料正確後,再連線 至加密裝置15進行認證,於本實施例中,加密裝置較佳為 20 200949765 一網路硬體加密模組’確認晶片卡持有者之身份正確後’ 伺服器13之認證程式將加密資料及驗證碼回傳至電腦12之 潘!覽程式120之介面控制單元121 ’透過讀卡機1〇將儲值單 位寫入晶片卡11中。 5 ❹ 10 15 請參閱圖4,圖4係本發明一較佳實施例之晶片卡寫入 驗證方法流程圖,首先,瀏覽程式120對伺服器13傳送一晶 片卡寫入請求及儲值單位(步驟2〇),飼服器網站13〇中之程 式函數131回傳指令至瀏覽程式120之介面控制單元121(步 驟21),於本實施例中,程式函數較佳為一 Javascript函數, 介面控制單元較佳為一 Active X控制項,介面控制單元121 透過讀卡機10讀取晶片卡11中之資料,將儲值單位進行加 密並產生一驗證碼(步驟22),於本實施例中,較佳之加密方 法為一資料加密標準演算法(Data Encryption Standard, DES),驗證碼較佳為一文件訊息驗證碼(Message Authentication Code,MAC),介面控制單元121將加密資料 及驗證碼傳送至伺服器13,伺服器13之認證程式132將加密 資料及驗證碼與資料庫14進行比對(步驟23),判斷晶片卡11 是否為開通狀態且資料正確(步驟24),若否,認證程式132 傳送一錯誤訊息至瀏覽程式(步驟26),以告知其晶片卡尚未 開通或資料錯誤,若資料正確則連線至加密裝置15進行認 證,於本實施例中,加密裝置較佳為一網路硬體加密模組, 以確認晶片卡持有者之身份是否正確(步驟25),若否,認證 程式132傳送一錯誤訊息至瀏覽程式(步驟26),以告知其耳 份錯誤,若身份正確,則伺服器13之認證程式132將加密資 20 200949765 ' 料及驗證碼回傳至電腦之瀏覽程式120之介面控制單元 121(步驟27),再透過讀卡機10將儲值單位寫入晶片卡11中 (步驟28)。 於本發明較佳實施例之晶片卡驗證系統中,對儲值單 5 位使用之加密方法較佳為一資料加密標準演算法(Data Encryption Standard,DES),驗證碼較佳為一文件訊息驗證 碼(Message Authentication Code,MAC),其中文件訊息驗 證碼可用以驗證文件訊息是否為約定好通訊的雙方所傳 © 送,並可驗證文件訊息在傳遞過程中是否遭到篡改,此外, 10 於確認晶片卡11為開通狀態且資料正確後,再連線至加密 裝置15進行認證,以確認晶片卡持有者之身份,因此,本 發明所提出之晶片卡驗證系統俾能大幅提升晶片卡資料之 安全性,以確保晶片卡持有者及發行商家之權益。 上述實施例僅係為了方便說明而舉例而已,本發明所 15 主張之權利範圍自應以申請專利範圍所述為準,而非僅限 於上述實施例。 【圖式簡單說明】 圖1係本發明一較佳實施例之晶片卡驗證系統示意圖。 20 圖2係本發明一較佳實施例之晶片卡驗證系統架構圖。 圖3係本發明一較佳實施例之資料庫内容示意圖。 圖4係本發明一較佳實施例之晶片卡寫入驗證方法流程圖。 【主要元件符號說明】 200949765 讀卡機ίο 瀏覽程式120 網站130 資料庫14 晶片卡11 介面控制單元121 程式函數131 加密裝置15 20,21,22,23,24,25,26,27,28 步驟 電腦12 伺服器13 認證程式132BACKGROUND OF THE INVENTION 1. Field of the Invention The present invention relates to a wafer card verification system and method thereof, and more particularly to a verification system and method for a chip card stored value. 5 [Prior Art] In recent years, the development and application of smart cards and smart cards have become quite mature and popular, especially in recent years, the fraud group wolf has made the government and enterprises accelerate the traditional magnetic stripe card. Replace it with a chip card, such as a 1T. Whether it is a phone card or a health insurance card, it is already a chip card, including a convenient value-added consumer value card. It is also a chip card's (4) (10) like the "Modern Module" card, tax filing and supervision service. The natural person voucher card, the video set-top box's viewing subscriber identification card, etc. are also chip cards, and even the EasyCard for transportation and parking, and the non-contact 15 inductive chip card. The reason why the current chip card has replaced the magnetic stripe card in a large amount, the primary requirement is the fullness of the prostitute. The security of the chip card is higher than that of the magnetic stripe card, but it is not the risk of the safety of the card. Continuously strengthening its security is also an inevitable task of the chip card. For example, the current 20-page program syntax of the chip card stored value is encrypted on the webpage or encrypted by the 6-digit code. The user can easily solve the problem. Ma restores the crack, and the stored value points are not encrypted. Those who are interested can rewrite the points by means of packet side-recording, which increases the security risk. Therefore, it is necessary to improve the verification mechanism to reduce the risk that the data may be altered. . 5 200949765 [Summary of the Invention] The problem of the above-mentioned conventional network security risk 'The present invention provides a verification method for executing a chip card writer's stored value unit on a computer, and the computer is connected to the card reader to read the wafer card (4) The electric service is stored in the form of Liu Liucheng. The Liu Lan program includes an interface control unit that reads or writes data into the chip card through the card reader and connects to a feeding device via the Internet. The transmission, the word server stores a website, the website includes a program function and an authentication program, and the server respectively connects the computer, a database and the _ encryption device via the network, and the verification method mainly includes the following steps. First, the measurement process 10 <for the server transfer - the chip card writer request and stored value unit, the program function return command in the server website - the command to the interface control unit of the browser, the interface control unit reads the chip card through the card reader Data, the stored value unit is encrypted and a verification code is generated, and then the encrypted data and the verification code are transmitted to the server, and the server authentication program encrypts the data and the verification data and the data. The library compares to determine whether the chip card is open and the data is correct. If the data is correct, connect to the encryption device for authentication to confirm whether the identity of the chip card holder is correct. If yes, the server authentication program will The encrypted data and the verification code are transmitted back to the interface control unit of the browsing program of the computer, and the stored value unit is written into the wafer card through the card reader. " 20 The wafer card verification system proposed by the invention mainly comprises a card reader, a computer, a server, a database and an encryption device, the database stores the chip card data, and the encryption device provides encryption and decryption. Handle the card reader to connect to the computer to read the data of the chip card. The server stores a L station. The website contains program functions and authentication programs. The server is divided into networks via the network. 6 200949765 - Do not connect computers, databases and encryption devices. The computer stores a web browsing program. The web browsing program includes an interface control unit, such as an Active X control item, which reads or writes data to the chip card through the card reader and browses the web page of the server through the web page. transmission. 5 When the browser sends a chip card write request and a stored value unit to the server, the program function in the website, such as a Javascript function, returns the command to the interface control unit of the web browser to pass the card reader. Reading the data in the chip card, encrypting the stored value unit, for example, adding a 10 cryptography with a Data Encryption Standard (DES), and generating a verification code, such as a file message verification code ( Message Authentication Code (MAC), the encrypted data and verification code are transmitted to the server through the network, and the server authentication program compares the received encrypted data and the verification code with the database to confirm that the chip card is turned on. After the data is correct, it is connected to the encryption device, for example, a network hardware encryption 15 module for authentication to confirm the identity of the chip card holder. If the identity is confirmed, the server authentication program will encrypt the data and verify. The code is transmitted back to the interface control unit of the browser of the computer φ, and the stored value unit is written into the wafer card through the card reader. [Embodiment] In order to make the reader more aware of the technical content of the present invention, a wafer card verification system is described as a preferred embodiment. Please refer to FIG. 1 , which is a preferred embodiment of the present invention. A schematic diagram of a chip card verification system, comprising a card reader 10, a computer 12, a server 13, a database 14, and a 200949765 5 10 15 encryption device 15, see also 圊 2, Figure 2 is a comparison of the present invention The chip card verification system architecture diagram of the embodiment also shows the card reader 10, the computer 12, the server 13, the database 14, and the encryption device 15, wherein the 'database 14 stores the wafer card data, and the encryption device 15 The process of providing encryption and decryption is performed. The card reader 10 is connected to the computer 12 to read the data of the chip card 11. The dog server 13 stores a website 130, which includes a program function 131 and an authentication program 132. The server 13 is connected to the network. The computer 12 is connected to the computer 12, the data library 14 and the encryption device 15'. The computer 12 is stored with a web browser 120, which includes an interface control unit 121. In this embodiment, the interface control unit is preferably an Active X controller. Items, for reading or writing data through the chip card reader 10 pairs 11 'and transmitted through a web browser server website 13 130 pages of data transmission. Wherein, when the browser 120 transmits a chip card write request and a stored value unit to the server 13, the program function 131 in the website 130, in this embodiment, the program function is preferably a Javascript function, and the command is returned. The interface control unit 121 of the network access program 120 reads the data in the wafer card 11 through the card reader 1 and encrypts the stored value unit to generate a verification code. In this embodiment, The encryption method is a Data Encryption Standard (DES). The verification code is preferably a Message Authentication Code (MAC). The encrypted data and verification code are transmitted to the servo through the network. The authentication program 132 of the server 13 compares the encrypted data and the verification code with the database 14 'Please refer to FIG. 3 , which is a schematic diagram of the contents of the database according to a preferred embodiment of the present invention. After the state is turned on and the data is correct, the device is connected to the encryption device 15 for authentication. In this embodiment, the encryption device is preferably 20 200949765. A network hardware encryption module 'confirmation chip After the identity of the holder is correct, the authentication program of the server 13 transmits the encrypted data and the verification code to the interface of the computer 12; the interface control unit 121 of the program 120 transmits the stored value unit to the chip through the card reader 1 Card 11 in. 5 ❹ 10 15 Referring to FIG. 4, FIG. 4 is a flowchart of a method for verifying the writing of a wafer card according to a preferred embodiment of the present invention. First, the browsing program 120 transmits a wafer card writing request and a stored value unit to the server 13. Step 2:), the program function 131 in the feeding machine website 13 returns the command to the interface control unit 121 of the browser 120 (step 21). In this embodiment, the program function is preferably a Javascript function, interface control. The unit is preferably an Active X control item. The interface control unit 121 reads the data in the chip card 11 through the card reader 10, encrypts the stored value unit and generates a verification code (step 22). In this embodiment, Preferably, the encryption method is a Data Encryption Standard (DES), the verification code is preferably a Message Authentication Code (MAC), and the interface control unit 121 transmits the encrypted data and the verification code to the servo. The authentication program 132 of the server 13 compares the encrypted data and the verification code with the database 14 (step 23), and determines whether the wafer card 11 is in the on state and the data is correct (step 24). If not, the authentication program 132 transmits an error message to the browsing program (step 26) to inform that the wafer card has not been opened or the data is incorrect, and if the data is correct, it is connected to the encryption device 15 for authentication. In this embodiment, the encryption is performed. Preferably, the device is a network hardware encryption module to confirm whether the identity of the chip card holder is correct (step 25). If not, the authentication program 132 transmits an error message to the browser (step 26) to inform the device. If the identity is correct, the authentication program 132 of the server 13 transmits the encrypted resource and the verification code to the interface control unit 121 of the browser 120 of the computer (step 27), and then passes through the card reader 10. The stored value unit is written in the wafer card 11 (step 28). In the chip card verification system of the preferred embodiment of the present invention, the encryption method for storing the 5-digit value of the stored value is preferably a Data Encryption Standard (DES), and the verification code is preferably a file message verification. Message Authentication Code (MAC), where the file message verification code can be used to verify whether the file message is sent by both parties who have agreed to communicate, and can verify whether the file message has been tampered with during the delivery process. In addition, 10 After the chip card 11 is in the on state and the data is correct, it is connected to the encryption device 15 for authentication to confirm the identity of the wafer card holder. Therefore, the wafer card verification system proposed by the present invention can greatly enhance the wafer card data. Security to ensure the rights of the chip card holder and the issuing merchant. The above-described embodiments are merely examples for convenience of description, and the scope of the claims of the present invention is determined by the scope of the claims, and is not limited to the above embodiments. BRIEF DESCRIPTION OF THE DRAWINGS FIG. 1 is a schematic diagram of a wafer card verification system in accordance with a preferred embodiment of the present invention. 20 is a block diagram of a wafer card verification system in accordance with a preferred embodiment of the present invention. 3 is a schematic diagram showing the contents of a database according to a preferred embodiment of the present invention. 4 is a flow chart of a wafer card writing verification method according to a preferred embodiment of the present invention. [Main component symbol description] 200949765 Card reader ίο Browser 120 Website 130 Library 14 Chip card 11 Interface control unit 121 Program function 131 Encryption device 15 20, 21, 22, 23, 24, 25, 26, 27, 28 Computer 12 server 13 authentication program 132

Claims (1)

200949765 十、申請專利範園: 法二電執行Μ卡寫人儲值單位之驗證方 以讀取晶片卡之資料,該電腦儲 5 10 15 20 :==:_式包括一介面控制單元,透過 :::機對:月卡進行資料讀或寫之動作,並透過網路連 、习服器進打資料傳輸,該伺服器儲存有—網站,該 含程式函數及騎程式,_服器經由網路分別 連結該電腦、—資料庫及—加密裝置,該驗證方法主要包 括下述之步驟: (Α)該Μ程式對該籠轉送卡寫人請求及 儲值單位; (Β)該伺服器網站中之該程式函數回傳指令至瀏覽程 式之介面控制單元; (C) 該介面控制單元透過該讀卡機讀取該晶片卡中之 資料,將儲值單位進行加密並產生一驗證碼; (D) 將加密資料及驗證碼傳送至該伺服器該伺服器 之該<4證程式將加密資料及驗證碼與該資料庫進行比對, 判斷該晶片卡是否為開通狀態且資料正確;以及 曰(Ε)若資料正確則連線至該加密裝置進行認證,確認 s曰片卡持有者之身份是否正確,若是,則該伺服器之認證 程式將該加密資料及驗證碼回傳至該電腦之瀏覽程式之介 面控制單元,透過該讀卡機將儲值單位寫入該晶片卡中。 2·如申請專利範圍第1項所述之方法,其中,該介面 控制單元為一 Active X控制項。 12 200949765 3.如申請專利範園第i項所述之方法,其令,該網站 _之程式函數為一 Javascript函數。 β 4.如申請專利範圍第1項所述之方法,其中,將儲值 單位進行加密之方法為資料加密標準演算法。 5 10 15 20 5. 如申請專利㈣第4項所述之方法,其卜該驗證 碼為一文件訊息驗證碼。 6. 如申請專利範圍第i項所述之方法,其令,該加密 裝置為一網路硬體加密模組。 7. —種晶片卡驗證系統,主要包括: 一資料庫’儲存有晶片卡資料; 一加密裝置,係提供加解密之處理; 至少一讀卡機,連接至少一電腦,以讀取一晶片 資料; 试一伺服器儲存有-網站,該網站中包含程式函數及認 3•程式該伺服器經由網路分別連結該至少一電腦、該資 料庫及該加密裝置; 該至少一電腦儲存有一網路瀏覽程式,該網路瀏覽程 式:括☆面控制單元,透過該至少一讀卡機對該晶片卡 進行資料讀或寫’並透過網路劉覽該伺服器之網站頁面進 行資料傳輪; 其^,當瀏覽程式對該伺服器傳送一晶片卡寫入請求 儲值單位時’網站中之程式函數回傳指令至網路割覽程 ^之介面控制單元,以透過該讀卡機讀取該晶片卡中之資 ^ 储值單位進行加密並產生一驗證碼,再經過網路傳 13 200949765 送至該伺服器,該伺服器之認證程式將加密資料及驗證喝 與該資料庫進行比對,確認該晶片卡為開通狀態且資料正 5 〇 10 碟後’再連線至該加密裝置進行認證,確認晶片卡持有者 之身份正確後,該伺服器之認證程式將該加密資料及驗證 碼回傳至該電腦之瀏覽程式之介面控制單元,透過該讀卡 機將儲值單位寫入該晶片卡中。 ㈣1.如申請專利範圍第7項所述之系統,其中,該介面 仅剌早7L為一 Active X控制項。 中之W 範圍第7項所述之线,其中,該網: 程式函數為一 Javascript函數。 10’如申請專利範圍第7項所述糸 單位進杆A — π 77疋之糸統,其中,將儲1 〇在之方法為資料加密標準演算法。 11.如申請專利範圍第1〇 碼為一文件訊息驗證碼。11之系、统其中,該驗1 如中請專利範圍第7 裝置為'網路硬趙加密模組。…統其中,該加〗 15200949765 X. Application for Patent Park: Law 2 Electric performs the verification of the memory card of the Leica Writer to read the data of the chip card. The computer storage 5 10 15 20 :==:_ includes an interface control unit. ::: Machine pair: The monthly card is used to read or write data, and the data is transmitted through the network connection and the helper. The server stores the website, the program function and the rider, and the server The network respectively connects the computer, the database, and the encryption device. The verification method mainly includes the following steps: (Α) the program transfers the card request request and the stored value unit to the cage; (Β) the server The program function in the website returns a command to the interface control unit of the browser; (C) the interface control unit reads the data in the chip card through the card reader, encrypts the stored value unit and generates a verification code; (D) transmitting the encrypted data and the verification code to the server, the <4 certificate program of the server compares the encrypted data and the verification code with the database, and determines whether the wafer card is turned on and the data is correct; And 曰If the data is correct, connect to the encryption device for authentication to confirm whether the identity of the s 卡 card holder is correct. If yes, the server's authentication program will return the encrypted data and verification code to the computer for browsing. The interface control unit of the program writes the stored value unit into the wafer card through the card reader. 2. The method of claim 1, wherein the interface control unit is an Active X control item. 12 200949765 3. The method described in claim i of the patent garden, which makes the program function of the website _ a Javascript function. [beta] 4. The method of claim 1, wherein the method of encrypting the stored value unit is a data encryption standard algorithm. 5 10 15 20 5. If the method described in claim 4 of the patent (4) is applied, the verification code is a document message verification code. 6. The method of claim i, wherein the encryption device is a network hardware encryption module. 7. A wafer card verification system, comprising: a database 'storing wafer card data; an encryption device providing encryption and decryption processing; at least one card reader connecting at least one computer to read a wafer data The test server stores a website, the website includes a program function and a program, and the server respectively connects the at least one computer, the database and the encryption device via a network; the at least one computer stores a network a browsing program, the web browsing program includes: a ☆ surface control unit, which reads or writes data to the chip card through the at least one card reader and transmits the data through the webpage of the server through the web browsing; ^, when the browser sends a chip card write request stored value unit to the server, the program function in the website returns the command to the interface control unit of the network cutting program to read the card through the card reader. The value of the stored value unit in the chip card is encrypted and a verification code is generated, which is sent to the server through the network transmission 13 200949765, and the authentication program of the server encrypts the data. Verify that the beverage is compared with the database, confirm that the wafer card is open and the data is 5 〇 10 discs, and then re-connect to the encryption device for authentication to confirm that the identity of the wafer card holder is correct, the server The authentication program returns the encrypted data and the verification code to the interface control unit of the browsing program of the computer, and the stored value unit is written into the chip card through the card reader. (4) 1. The system of claim 7, wherein the interface is only 7L as an Active X control item. The line described in item 7 of the W range, wherein the net: the program function is a Javascript function. 10' As stated in item 7 of the scope of application for patents, the unit enters the pole A- π 77疋, where the method of storing 1 is the data encryption standard algorithm. 11. If the patent application scope 1st code is a document message verification code. The system of the 11th, the system, the test 1 as in the patent scope of the seventh device is the 'network hard Zhao encryption module. ...the one, the plus 〗 15
TW097117987A 2008-05-16 2008-05-16 Certification system and method of smart card TWI347564B (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
TW097117987A TWI347564B (en) 2008-05-16 2008-05-16 Certification system and method of smart card

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
TW097117987A TWI347564B (en) 2008-05-16 2008-05-16 Certification system and method of smart card

Publications (2)

Publication Number Publication Date
TW200949765A true TW200949765A (en) 2009-12-01
TWI347564B TWI347564B (en) 2011-08-21

Family

ID=44871098

Family Applications (1)

Application Number Title Priority Date Filing Date
TW097117987A TWI347564B (en) 2008-05-16 2008-05-16 Certification system and method of smart card

Country Status (1)

Country Link
TW (1) TWI347564B (en)

Cited By (2)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US8774412B2 (en) 2011-08-08 2014-07-08 Industrial Technology Research Institute Verification method and system
TWI596547B (en) * 2016-11-17 2017-08-21 Chunghwa Telecom Co Ltd Card application service anti-counterfeiting writing system and method based on multi-card combination

Families Citing this family (2)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
TWI503693B (en) * 2014-09-04 2015-10-11 Joe Chi Chen Full dynamic digital electronic transactions identification method
TWI665577B (en) * 2018-03-19 2019-07-11 財金資訊股份有限公司 Card reading device with online transaction information confirmation function and payment method thereof

Cited By (2)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US8774412B2 (en) 2011-08-08 2014-07-08 Industrial Technology Research Institute Verification method and system
TWI596547B (en) * 2016-11-17 2017-08-21 Chunghwa Telecom Co Ltd Card application service anti-counterfeiting writing system and method based on multi-card combination

Also Published As

Publication number Publication date
TWI347564B (en) 2011-08-21

Similar Documents

Publication Publication Date Title
CN102202300B (en) A kind of based on twin-channel dynamic cipher authentication system and method
US11038677B2 (en) Systems and methods for encryption and authentication
CN104599408B (en) Third party's account ATM withdrawal method and system based on dynamic two-dimension code
CN113475035A (en) Flick to copy data to clipboard through NFC
KR102137115B1 (en) System and method for certificate easily submission service support
KR101276201B1 (en) Identity management server, system and method using the same
US20070204325A1 (en) Personal identification information schemas
CN107423964A (en) A kind of online payment method, apparatus and system
CN101162535B (en) Method and system for realizing magnetic stripe card trading by IC card
US20170250810A1 (en) Dynamic multiple-application systematic framework for integrated circuit card and information processing methods based on the framework
KR20100045059A (en) System and method for managing settlement account connected with plural affiliated store card's virtual account and recording medium
BR112014020191A2 (en) disposable payment cards
KR102334894B1 (en) Apparatus for authentication and payment based on web, method for authentication and payment based on web, system for authentication and payment based on web and computer readable medium having computer program recorded thereon
KR20210066795A (en) System and method for cryptographic authentication of contactless card
WO2013023478A1 (en) Sim module based usbkey encryption/decryption system and encryption/decryption method
KR20210065091A (en) System and method for cryptographic authentication of contactless card
TW200949765A (en) Verification system and method of smart card
CN102118394A (en) Safety authentication method for remote payment through internet banking based on dual-interface safety intelligent card
CN102332068A (en) On-line logistics encryption, authentication and storage system using universal serial bus key (USBKEY)
CN201946038U (en) Security certificate device of internet-banking remote payment based on dual-interface safety smart card
CN107483427B (en) Self-enhanced anti-counterfeiting method based on Ntag21X series chips
CN109146631A (en) A kind of electric business platform data security processing
US20120150710A1 (en) method and system for facilitating access to financial information
KR102140708B1 (en) Method and server for providing financial service
CN109801075A (en) Method of payment, device, computer equipment and storage medium