TW201923641A - Method and device for generating dynamic credit card security code, bank card, and authentication method - Google Patents

Method and device for generating dynamic credit card security code, bank card, and authentication method Download PDF

Info

Publication number
TW201923641A
TW201923641A TW107140034A TW107140034A TW201923641A TW 201923641 A TW201923641 A TW 201923641A TW 107140034 A TW107140034 A TW 107140034A TW 107140034 A TW107140034 A TW 107140034A TW 201923641 A TW201923641 A TW 201923641A
Authority
TW
Taiwan
Prior art keywords
data block
dynamic
credit card
card
pan
Prior art date
Application number
TW107140034A
Other languages
Chinese (zh)
Other versions
TWI696088B (en
Inventor
濤 周
丁林潤
李春歡
陳朋
Original Assignee
大陸商中國銀聯股份有限公司
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by 大陸商中國銀聯股份有限公司 filed Critical 大陸商中國銀聯股份有限公司
Publication of TW201923641A publication Critical patent/TW201923641A/en
Application granted granted Critical
Publication of TWI696088B publication Critical patent/TWI696088B/en

Links

Classifications

    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/08Key distribution or management, e.g. generation, sharing or updating, of cryptographic keys or passwords
    • H04L9/0861Generation of secret information including derivation or calculation of cryptographic keys or passwords
    • H04L9/0869Generation of secret information including derivation or calculation of cryptographic keys or passwords involving random numbers or seeds
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06QINFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES, NOT OTHERWISE PROVIDED FOR
    • G06Q20/00Payment architectures, schemes or protocols
    • G06Q20/30Payment architectures, schemes or protocols characterised by the use of specific devices or networks
    • G06Q20/34Payment architectures, schemes or protocols characterised by the use of specific devices or networks using cards, e.g. integrated circuit [IC] cards or magnetic cards
    • G06Q20/341Active cards, i.e. cards including their own processing means, e.g. including an IC or chip
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06QINFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES, NOT OTHERWISE PROVIDED FOR
    • G06Q20/00Payment architectures, schemes or protocols
    • G06Q20/38Payment protocols; Details thereof
    • G06Q20/40Authorisation, e.g. identification of payer or payee, verification of customer or shop credentials; Review and approval of payers, e.g. check credit lines or negative lists
    • G06Q20/401Transaction verification
    • G06Q20/4012Verifying personal identification numbers [PIN]
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06QINFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES, NOT OTHERWISE PROVIDED FOR
    • G06Q20/00Payment architectures, schemes or protocols
    • G06Q20/38Payment protocols; Details thereof
    • G06Q20/40Authorisation, e.g. identification of payer or payee, verification of customer or shop credentials; Review and approval of payers, e.g. check credit lines or negative lists
    • G06Q20/401Transaction verification
    • G06Q20/4018Transaction verification using the card verification value [CVV] associated with the card
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/32Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials
    • H04L9/3226Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials using a predetermined code, e.g. password, passphrase or PIN
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/32Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials
    • H04L9/3234Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials involving additional secure or trusted devices, e.g. TPM, smartcard, USB or software token

Landscapes

  • Engineering & Computer Science (AREA)
  • Business, Economics & Management (AREA)
  • Computer Security & Cryptography (AREA)
  • Accounting & Taxation (AREA)
  • Computer Networks & Wireless Communication (AREA)
  • Physics & Mathematics (AREA)
  • Strategic Management (AREA)
  • General Business, Economics & Management (AREA)
  • General Physics & Mathematics (AREA)
  • Theoretical Computer Science (AREA)
  • Signal Processing (AREA)
  • Finance (AREA)
  • Microelectronics & Electronic Packaging (AREA)
  • Financial Or Insurance-Related Operations Such As Payment And Settlement (AREA)

Abstract

The invention provides a method for generating a dynamic credit card security code. The method comprise: a dynamic data element is obtained and the dynamic data element is used for replacing one partof a main account number PAN of a credit card to generate an updated main account number PAN; the updated main account number PAN is encrypted to obtain a first data block; and a dynamic credit card security code is generated based on the first data block. In addition, the invention also provides a device for generating a dynamic credit card security code, a bank card, and an authentication methodperformed by an authentication server of a card issuing bank. The calculation links of the generation algorithm are reduced; and the randomness of the calculation result is good.

Description

產生動態信用卡安全碼的方法和設備、銀行卡和認證方法Method and device for generating dynamic credit card security code, bank card and authentication method

本發明涉及金融支付領域,特別地,涉及產生動態信用卡安全碼的方法和設備、銀行卡和認證方法。The present invention relates to the field of financial payments, and in particular, to a method and device for generating a dynamic credit card security code, a bank card, and an authentication method.

信用安全碼(CVN2),是信用卡上的一組3位元數字。其產生方法是銀行將卡片帳號、有效期、服務代碼提取出來,排列後再經過一系列複雜的演算法得出。這組數字在產生之後,就只有發卡銀行和銀行卡的持有者知道該數字是多少。信用卡安全碼就相當於信用卡的身份證,消費者可以憑此碼進行消費交易。由於現有的信用安全碼都是平印在信用卡背面簽名欄上卡號後4位處,因此犯罪份子很容易盜用用戶的信用安全碼,導致用戶的信用卡被盜刷,安全性差。   為了解決以上問題,VISA提出了基於時間可變的動態CVN2方案,從一定程度上解決了交易安全性差的問題。但在現有方案中通常採用DES/3DES產生演算法來產生該動態信用安全碼,計算環節多且複雜。因此,希望一種改進的產生動態信用卡安全碼的方案。   以上公開于本發明背景部分的資訊僅僅旨在增加對本發明的總體背景的理解,而不應當被視為承認或以任何形式暗示該資訊構成已為本領域一般技術人員所公知的現有技術。A credit security code (CVN2) is a set of 3-digit numbers on a credit card. The generation method is that the bank extracts the card account number, validity period, and service code, and arranges them through a series of complicated algorithms. After this number is generated, only the issuing bank and bank card holder know what the number is. The credit card security code is equivalent to the credit card's ID card, and consumers can use this code to make consumption transactions. Because the existing credit security code is printed on the back of the card number on the back of the credit card, it is easy for criminals to misappropriate the user's credit security code, resulting in theft of the user's credit card and poor security. In order to solve the above problems, VISA proposed a time-variable dynamic CVN2 solution, which solves the problem of poor transaction security to a certain extent. However, in the existing solutions, the DES / 3DES generation algorithm is usually used to generate the dynamic credit security code, and the calculation links are many and complicated. Therefore, an improved scheme for generating a dynamic credit card security code is desired. The information disclosed above in the background section of the present invention is only for the purpose of increasing the understanding of the general background of the present invention, and should not be taken as an acknowledgement or any form of suggestion that the information constitutes prior art that is already known to those of ordinary skill in the art.

鑒於此,根據本發明的一個方面,提供了一種產生動態信用卡安全碼的方法,該方法包括:獲取動態資料元素,用所述動態資料元素替換所述信用卡的主帳號PAN的一部分,從而產生更新的主帳號PAN;對所述更新的主帳號PAN進行加密,得到第一資料塊;以及基於所述第一資料塊產生所述動態信用卡安全碼。與DES/3DES產生演算法相比,本發明採用國密演算法,計算環節少,計算結果的隨機性好。   在上述方法中,所述動態資料元素為事件可變因數,使得所述動態信用卡安全碼基於所述事件可變因數的觸發而變化。   在上述方法中,所述事件可變因數對應於個人化之後累計至當前的按鍵次數或個人化之後搖晃卡片的次數。   在上述方法中,所述事件可變因數為8位元數位,並且在所述按鍵次數少於8位元數位時,在所述按鍵次數的資料左邊以二進位數字字0填充。   在上述方法中,用所述動態資料元素替換所述信用卡的主帳號PAN的一部分,從而產生更新的主帳號PAN包括:用所述動態資料元素替換所述PAN的最左邊的8位元數位構建字串,從而產生更新的主帳號PAN。   在上述方法中,對所述更新的主帳號PAN進行加密,得到第一資料塊包括:依次串接所述更新的主帳號PAN、卡片失效日期、服務代碼,以構建第一字串;通過在所述第一字串的右側補0,將所述第一字串擴展為256位元的第二資料塊;以及利用唯一分散金鑰對所述第二資料塊進行加密,從而得到所述第一資料塊。   在上述方法中,基於所述第一資料塊產生所述動態信用卡安全碼包括:從所述第一資料塊中從左至右選出0到9的數位並將選出的數位左靠齊,從而得到第三資料塊;從所述第一資料塊中從左至右選出16進制中A到F,並將其轉換成10進制減去10,從而得到第四資料塊;將所述第四資料塊拼接到所述第三資料塊的右側,得到第五資料塊;以及將所述第五資料塊最左邊的3個數位選擇作為所述動態信用卡安全碼。   在上述方法中,所述動態資料元素為時間可變因數,所述時間可變因數基於當前時間而確定。   根據本發明的另一個方面,提供了一種產生動態信用卡安全碼的設備,該設備包括:獲取裝置,用於獲取動態資料元素;替換裝置,用於用所述動態資料元素替換所述信用卡的主帳號PAN的一部分,從而產生更新的主帳號PAN;加密裝置,用於對所述更新的主帳號PAN進行加密,得到第一資料塊;以及產生裝置,用於基於所述第一資料塊產生所述動態信用卡安全碼。   在上述設備中,所述替換裝置配置成用所述動態資料元素替換所述PAN的最左邊的8位元數位構建字串,從而產生更新的主帳號PAN。   在上述設備中,所述加密裝置包括:串接單元,用於依次串接所述更新的主帳號PAN、卡片失效日期、服務代碼,以構建第一字串;擴展單元,用於通過在所述第一字串的右側補0,將所述第一字串擴展為256位元的第二資料塊;以及加密單元,用於利用唯一分散金鑰對所述第二資料塊進行加密,從而得到所述第一資料塊。   在上述設備中,所述產生裝置配置成從所述第一資料塊中從左至右選出0到9的數位並將選出的數位左靠齊,從而得到第三資料塊;從所述第一資料塊中從左至右選出16進制中A到F,並將其轉換成10進制減去10,從而得到第四資料塊;將所述第四資料塊拼接到所述第三資料塊的右側,得到第五資料塊;以及將所述第五資料塊最左邊的3個數位選擇作為所述動態信用卡安全碼。   在上述設備中,所述動態資料元素為事件可變因數,使得所述動態信用卡安全碼基於所述事件可變因數的觸發而變化。   根據本發明的又一個方面,提供了一種銀行卡,該銀行卡包括:顯示模組,所述顯示模組包括顯示主控晶片,其中所述顯示主控晶片包括如前所述的產生動態信用卡安全碼的設備。   在上述銀行卡中,所述顯示模組還包括:顯示介質;電池,用於對所述顯示介質和所述顯示主控晶片進行供電;個人化天線,用於寫入卡片初始化參數;以及按鍵。   根據本發明的又一個方面,提供了一種由發卡行認證伺服器執行的認證方法,該方法包括:接收來自支付網路的卡片資料,其中所述卡片資料包括卡號、有效期和動態信用卡安全碼;根據主帳號PAN或發卡行識別碼BIN將卡片識別為動態可變卡,並將所述卡片資料路由到動態可變認證系統進行認證;以及從所述動態可變認證系統接收認證結果,所述認證結果包括所述動態信用卡安全碼是否落在所述動態可變認證系統設定的視窗內。   在上述認證方法中,所述動態可變認證系統對於時間可變的動態可變卡使用雙向時間視窗,而對於時間可變的動態可變卡使用單向事件視窗。   本發明的技術方案主要採用動態可變數位dCVN2來替代當前列印在銀行卡背面的靜態CVN2,該可變數位基於SM4安全演算法產生,基於事件可變因數(EBN)的觸發而變化,它能增強無卡支付(CNP)交易的安全性,大幅降低通過截獲和存儲CVN2值實施欺詐的可能性。   通過納入本文的圖式以及隨後與圖式一起用於說明本發明的某些原理的具體實施方式,本發明的方法和裝置所具有的其它特徵和優點將更為具體地變得清楚或得以闡明。In view of this, according to one aspect of the present invention, a method for generating a dynamic credit card security code is provided. The method includes: obtaining a dynamic data element, and replacing a part of the main account PAN of the credit card with the dynamic data element, thereby generating an update. Encrypting the updated primary account number PAN to obtain a first data block; and generating the dynamic credit card security code based on the first data block. Compared with the DES / 3DES generation algorithm, the present invention uses the national secret algorithm, which has fewer calculation links and has better randomness of the calculation result. In the above method, the dynamic data element is an event variable factor, so that the dynamic credit card security code changes based on the trigger of the event variable factor. In the above method, the event variable factor corresponds to the number of keystrokes accumulated to the current time after personalization or the number of card shakes after personalization. In the above method, the event variable factor is 8 digits, and when the number of key presses is less than 8 digits, the left side of the key press data is filled with a binary digit 0. In the above method, replacing a part of the credit card's main account number PAN with the dynamic data element to generate an updated main account number PAN includes replacing the leftmost 8-bit digits of the PAN with the dynamic data element. String to generate an updated master account PAN. In the above method, encrypting the updated master account PAN to obtain a first data block includes: concatenating the updated master account PAN, a card expiration date, and a service code in order to construct a first string; 0 is added to the right of the first string to expand the first string into a second data block of 256 bits; and encrypting the second data block by using a unique decentralized key to obtain the first A data block. In the above method, generating the dynamic credit card security code based on the first data block includes: selecting from 0 to 9 digits from left to right from the first data block and aligning the selected digits to the left to obtain A third data block; selecting A to F in hexadecimal from left to right from the first data block and converting it to decimal minus 10 to obtain a fourth data block; The data block is spliced to the right of the third data block to obtain a fifth data block; and the leftmost three digits of the fifth data block are selected as the dynamic credit card security code. In the above method, the dynamic data element is a time variable factor, and the time variable factor is determined based on a current time. According to another aspect of the present invention, a device for generating a dynamic credit card security code is provided. The device includes: obtaining means for obtaining a dynamic data element; and replacement means for replacing a main card of the credit card with the dynamic data element. A part of the account number PAN to generate an updated master account number PAN; an encryption device for encrypting the updated master account number PAN to obtain a first data block; and a generating device for generating a data block based on the first data block The dynamic credit card security code is described. In the above device, the replacement device is configured to replace the leftmost 8-bit digit construction string of the PAN with the dynamic data element, thereby generating an updated master account number PAN. In the above device, the encryption device includes: a concatenating unit for sequentially concatenating the updated master account number PAN, a card expiration date, and a service code to construct a first string; and an expansion unit for passing the Adding 0 to the right of the first string to expand the first string into a second data block of 256 bits; and an encryption unit for encrypting the second data block with a unique decentralized key, thereby The first data block is obtained. In the above device, the generating device is configured to select the digits from 0 to 9 from left to right from the first data block and align the selected digits to the left to obtain a third data block; from the first data block, From the data block, select A to F in hexadecimal from left to right and convert it to decimal and subtract 10 to obtain a fourth data block; stitch the fourth data block to the third data block To the right of the fifth data block, and selecting the leftmost three digits of the fifth data block as the dynamic credit card security code. In the above device, the dynamic data element is an event variable factor, so that the dynamic credit card security code changes based on the trigger of the event variable factor. According to yet another aspect of the present invention, a bank card is provided. The bank card includes: a display module including a display main control chip, wherein the display main control chip includes generating a dynamic credit card as described above. Security code device. In the above bank card, the display module further includes: a display medium; a battery for supplying power to the display medium and the display main control chip; a personalized antenna for writing card initialization parameters; and keys . According to another aspect of the present invention, there is provided an authentication method performed by a card issuing bank authentication server, the method comprising: receiving card information from a payment network, wherein the card information includes a card number, a validity period, and a dynamic credit card security code; Identifying the card as a dynamically variable card according to the master account PAN or the issuing bank identification code BIN, and routing the card information to a dynamically variable authentication system for authentication; and receiving an authentication result from the dynamically variable authentication system, said The authentication result includes whether the dynamic credit card security code falls within a window set by the dynamic variable authentication system. In the above authentication method, the dynamic variable authentication system uses a two-way time window for a time-variable dynamic variable card, and uses a one-way event window for a time-variable dynamic variable card. The technical solution of the present invention mainly uses a dynamically variable digital dCVN2 to replace the static CVN2 currently printed on the back of the bank card. The variable digital is generated based on the SM4 security algorithm and changes based on the triggering of the event variable factor (EBN). It can enhance the security of cardless payment (CNP) transactions and greatly reduce the possibility of fraud by intercepting and storing CVN2 values. Other features and advantages of the method and apparatus of the present invention will become clearer or clarified in more detail through the drawings incorporated herein and the specific embodiments that are subsequently used to illustrate certain principles of the present invention. .

以下說明描述了本發明的特定實施方式以教導本領域技術人員如何製造和使用本發明的最佳模式。為了教導發明原理,已簡化或省略了一些常規方面。本領域技術人員應該理解源自這些實施方式的變型將落在本發明的範圍內。本領域技術人員應該理解下述特徵能夠以各種方式接合以形成本發明的多個變型。由此,本發明並不局限於下述特定實施方式,而僅由申請專利範圍和它們的等同物限定。   在本發明的上下文中,術語CVN2表示信用卡安全碼,dCVN2或動態CVN2表示動態信用卡安全碼,基於動態資料元素的觸發而變化。   動態資料元素包括時間可變因數(TBN, Time Based Number)和事件可變因數(EBN, Event Based Number)。   術語PAN表示銀行卡的主帳號,標明可以處理交易的發卡機構和持卡者。術語BIN指代發卡行識別碼,即Bank Identification Number。   為本申請的目的,“非接觸”或“無線”可包括任何通信方法或協定,包括專有協定,其中在兩個設備之間交換資料而無需在物理上耦合。在不限制前述的概括性的情況下,“非接觸”或“無線”可包括通過鐳射、射頻、紅外通信、藍牙或無線局域網進行的資料傳輸。   為本申請的目的,術語“支付服務”可包括在可擕式消費者設備上使用、引起資料在可擕式消費者設備和任何其他設備或位置之間交換的任何應用程式。應理解,“支付服務”不限於金融應用程式。   為本申請的目的,“支付資料”對於金融應用程式可包括由支付服務使用以執行交易的那些資料元素,而對於非金融交易可包括除本發明以外的任何必需資料元素。例如,當支付服務是磁條信用卡交易時,“支付資料”可包括磁軌1和/或磁軌2資料,如信用卡行業的普通技術人員所理解地,諸如主帳號、有效期、服務碼和任意資料。“支付資料”也可包括唯一卡標識號或服務供應商的唯一標識號。   圖1是表示本發明的一個實施例的產生動態信用卡安全碼的方法1000。   在步驟110中,獲取動態資料元素;   在步驟120中,用所述動態資料元素替換所述信用卡的主帳號PAN的一部分,從而產生更新的主帳號PAN;   在步驟130中,對所述更新的主帳號PAN進行加密,得到第一資料塊;   在步驟140中,基於所述第一資料塊產生所述動態信用卡安全碼。   在方法1000中,動態資料元素可為事件可變因數或時間可變因數。在一個實施例中,動態資料元素為事件可變因數,使得所述動態信用卡安全碼基於所述事件可變因數的觸發而變化。在一個實施例中,事件可變因數對應於個人化之後累計至當前的按鍵次數或個人化之後搖晃卡片的次數。如果該資料少於8個數位,則在其左邊以二進位數字字0填充到8個數位作為TBN。   在另一個實施例中,所述動態資料元素為時間可變因數,所述時間可變因數基於當前時間而確定。例如,時間可變因數(TBN)是基於以下3個步驟匯出的基於時間的數值:(1)確定從通用協調時1970年1月1日00:00:00用秒數表達的當前時間;(2)用步驟1中得出的時間除以時間窗口值。時間視窗值是以標籤9F5F個人化在晶片中以秒數表達的數值;(3)將步驟2中得到數值去掉小數點之後的資料得到8個cn型的資料。如果該資料少於8個數位,則從左開始截取8個數位作為TBN。   在一個實施例中,步驟120可包括:用所述動態資料元素替換所述PAN的最左邊的8位元數位構建字串,從而產生更新的主帳號PAN。在一個實施例中,步驟130可包括:依次串接所述更新的主帳號PAN、卡片失效日期、服務代碼,以構建第一字串;通過在所述第一字串的右側補0,將所述第一字串擴展為256位元的第二資料塊;以及利用唯一分散金鑰對所述第二資料塊進行加密,從而得到所述第一資料塊。在一個實施例中,步驟140可包括:從所述第一資料塊中從左至右選出0到9的數位並將選出的數位左靠齊,從而得到第三資料塊;從所述第一資料塊中從左至右選出16進制中A到F,並將其轉換成10進制減去10,從而得到第四資料塊;將所述第四資料塊拼接到所述第三資料塊的右側,得到第五資料塊;以及將所述第五資料塊最左邊的3個數位選擇作為所述動態信用卡安全碼。   參考圖2,圖2是表示本發明的一個實施例的產生動態信用卡安全碼的設備2000。   如圖2所示,設備2000可包括獲取裝置210、替換裝置220、加密裝置230以及產生裝置240。在設備2000中,獲取裝置210用於獲取動態資料元素。替換裝置220用於用所述動態資料元素替換所述信用卡的主帳號PAN的一部分,從而產生更新的主帳號PAN。加密裝置230用於對所述更新的主帳號PAN進行加密,得到第一資料塊。產生裝置240用於基於所述第一資料塊產生所述動態信用卡安全碼。   在一個實施例中,替換裝置220配置成用所述動態資料元素替換所述PAN的最左邊的8位元數位構建字串,從而產生更新的主帳號PAN。在一個實施例中,加密裝置230進一步包括:串接單元,用於依次串接所述更新的主帳號PAN、卡片失效日期、服務代碼,以構建第一字串;擴展單元,用於通過在所述第一字串的右側補0,將所述第一字串擴展為256位元的第二資料塊;以及加密單元,用於利用唯一分散金鑰對所述第二資料塊進行加密,從而得到所述第一資料塊。   在一個實施例中,產生裝置240配置成從所述第一資料塊中從左至右選出0到9的數位並將選出的數位左靠齊,從而得到第三資料塊;從所述第一資料塊中從左至右選出16進制中A到F,並將其轉換成10進制減去10,從而得到第四資料塊;將所述第四資料塊拼接到所述第三資料塊的右側,得到第五資料塊;以及將所述第五資料塊最左邊的3個數位選擇作為所述動態信用卡安全碼。   參考圖3,它示出了本發明的一個實施例的銀行卡的顯示模組。在本發明的一個實施例中,銀行卡可包括顯示模組,而顯示模組包括顯示主控晶片、顯示介質、個人化天線、電池和按鍵(可選)。顯示介質可採用電子紙、LCD等技術。電池為顯示介質和主控晶片供電以達到計算dCVN2並顯示的目的。個人化天線用於在卡片(例如動態CVN2部分)初始化的一些參數寫入。   在一個實施例中,在基於事件可變因數產生的dCVN2的情況下,顯示模組必須包括按鍵,用於基於個人化之後累計至當前的按鍵次數產生事件可變因數EBN。在另一個實施例中,在基於時間可變因數產生dCVN2的情況下,該顯示模組可不包括按鍵。   每當啟動支付服務時,即在可擕式消費者設備上產生dCVN2用於認證的目的。圖4描繪了根據本發明對每一交易產生dCVN2的方法。一開始, 用TBN或EBN替換PAN的最左邊8位元數位構建字串,記為新PAN。接著,從左到右連接新PAN、卡片失效日期、服務代碼,構建一個字串。然後,把字串放到256位元資料欄中,右補0, 得到BlockA。利用UDK(唯一分散金鑰,Unique Derivation Key)對BlockA進行加密,得到BlockG。在BlockG中從左到右選出0到9的數字,左靠齊從而得到BlockH。在BlockG中從左到右選出16進制中A到F,然後每個轉化成10進制減去10,從而得到BlockI。將BlockI拼接到BlockH右側,得到BlockJ。最終,dCVN2選擇為BlockJ最左邊3個數位。   參考圖5,圖5示意性地示出根據本發明的一個實施例的dCVN2的銀行卡的認證流程。在一個實施例中,在無卡交易時,卡片資料 (卡號、有效期和dCVN2) 通過支付網路提交到發卡行認證伺服器。發卡行認證伺服器根據PAN或者BIN識別該卡為dCVN2銀行卡,並將認證請求路由到dCVN2認證系統。dCVN2認證系統依據自身配置計算dCVN2,並與卡片提交的dCVN2進行比較。隨後,將比較結果返回給發卡行認證伺服器。最後,發卡行認證伺服器批准/拒絕該交易並告知支付請求方。   dCVN2的基本認證原理是通過使用者端與認證服務提供端以相同的運算因數,採用相同的運算方法,產生dCVN2進行比對,來完成整個認證過程。通常,dCVN2的比對是由認證服務提供端完成,只要卡片中計算得到dCVN2值落在後臺認證伺服器設定窗口內dCVN2值的集合內,則認證通過。動態CVN2銀行卡與系統之間的同步處理。對於時間可變的dCVN2銀行卡,後臺認證使用雙向時間視窗;對於事件可變的dCVN2銀行卡,使用單向事件視窗。   綜上,本發明基於多種可變因數和演算法實現CVN2位元動態顯示,保證交易的安全。此外,在本發明的實施例中,銀行卡中產生/顯示dCVN2的功能模組是獨立的,當dCVN2功能不能正常使用時,銀行卡的其他功能應能繼續正常使用。本發明採用的國密演算法的計算環節少,計算結果的隨機性好於DES/3DES國際演算法。   以上例子主要說明了本發明的產生動態信用卡安全碼的方法和設備、銀行卡和認證系統架構。儘管只對其中一些本發明的具體實施方式進行了描述,但是本領域普通技術人員應當瞭解,本發明可以在不偏離其主旨與範圍內以許多其他的形式實施。因此,所展示的例子與實施方式被視為示意性的而非限制性的,在不脫離如所附各申請專利範圍所定義的本發明精神及範圍的情況下,本發明可能涵蓋各種的修改與替換。The following description describes specific embodiments of the invention to teach those skilled in the art how to make and use the best mode of the invention. To teach the principles of the invention, some conventional aspects have been simplified or omitted. Those skilled in the art will understand that variations from these embodiments will fall within the scope of the invention. Those skilled in the art will appreciate that the features described below can be combined in various ways to form multiple variations of the invention. Therefore, the present invention is not limited to the specific embodiments described below, but is limited only by the scope of patent applications and their equivalents. In the context of the present invention, the term CVN2 represents a credit card security code, and dCVN2 or dynamic CVN2 represents a dynamic credit card security code, which changes based on the triggering of dynamic data elements. The dynamic data elements include time variable factor (TBN, Time Based Number) and event variable factor (EBN, Event Based Number). The term PAN refers to the main account number of the bank card, and indicates the card issuer and cardholder who can process the transaction. The term BIN refers to the issuing bank identification number, which is the Bank Identification Number. For the purposes of this application, "contactless" or "wireless" may include any method of communication or agreement, including proprietary agreements, in which data is exchanged between two devices without physical coupling. Without limiting the foregoing generality, "contactless" or "wireless" may include data transmission via laser, radio frequency, infrared communications, Bluetooth, or wireless local area network. For the purpose of this application, the term "payment service" may include any application used on a portable consumer device that causes data to be exchanged between the portable consumer device and any other device or location. It should be understood that "payment services" are not limited to financial applications. For the purpose of this application, "payment data" may include those data elements used by payment services to perform transactions for financial applications, and may include any required data elements other than the present invention for non-financial transactions. For example, when the payment service is a magnetic stripe credit card transaction, the "payment profile" may include magnetic track 1 and / or magnetic track 2 information, as understood by those skilled in the credit card industry, such as the main account number, validity period, service code, and data. The "payment profile" may also include a unique card identification number or a service provider's unique identification number. FIG. 1 shows a method 1000 for generating a dynamic credit card security code according to an embodiment of the present invention. In step 110, a dynamic data element is obtained; in step 120, a part of the credit card's main account PAN is replaced with the dynamic data element, thereby generating an updated main account PAN; in step 130, the updated The primary account PAN is encrypted to obtain a first data block; In step 140, the dynamic credit card security code is generated based on the first data block.方法 In method 1000, the dynamic data element may be an event variable factor or a time variable factor. In one embodiment, the dynamic data element is an event variable factor, so that the dynamic credit card security code changes based on the triggering of the event variable factor. In one embodiment, the event variable factor corresponds to the number of keystrokes accumulated to the current number of times after personalization or the number of card shakes after personalization. If the data is less than 8 digits, it is padded to the 8 digits with a binary digit 0 to the left as the TBN. In another embodiment, the dynamic data element is a time variable factor, and the time variable factor is determined based on a current time. For example, the time variable factor (TBN) is a time-based value that is derived based on the following 3 steps: (1) determining the current time expressed in seconds from 00:00:00 on January 1, 1970, Universal Coordination Time; (2) Divide the time obtained in step 1 by the time window value. The time window value is the value expressed in seconds on the chip by the tag 9F5F personalization; (3) The data obtained in step 2 after the decimal point is removed to obtain 8 cn-type data. If the data is less than 8 digits, then 8 digits are truncated from the left as the TBN.一个 In one embodiment, step 120 may include: replacing the leftmost 8-bit digits of the PAN with the dynamic data element to construct a string, thereby generating an updated master account number PAN. In one embodiment, step 130 may include: concatenating the updated main account number PAN, card expiration date, and service code in order to construct a first string; by adding 0 to the right of the first string, The first string is expanded into a second data block of 256 bits; and the second data block is encrypted by using a unique distributed key to obtain the first data block. In one embodiment, step 140 may include: selecting from 0 to 9 digits from left to right from the first data block and aligning the selected digits to the left to obtain a third data block; from the first data block From the data block, select A to F in hexadecimal from left to right and convert it to decimal and subtract 10 to obtain a fourth data block; stitch the fourth data block to the third data block To the right of the fifth data block, and selecting the leftmost three digits of the fifth data block as the dynamic credit card security code. Referring to FIG. 2, FIG. 2 shows an apparatus 2000 for generating a dynamic credit card security code according to an embodiment of the present invention. (2) As shown in FIG. 2, the device 2000 may include an obtaining device 210, a replacement device 220, an encryption device 230, and a generating device 240. In the device 2000, the obtaining device 210 is configured to obtain a dynamic data element. The replacement device 220 is configured to replace a part of the main account PAN of the credit card with the dynamic data element, thereby generating an updated main account PAN. The encryption device 230 is configured to encrypt the updated master account PAN to obtain a first data block. The generating device 240 is configured to generate the dynamic credit card security code based on the first data block.一个 In one embodiment, the replacement device 220 is configured to replace the leftmost 8-bit digit construction string of the PAN with the dynamic data element, thereby generating an updated master account number PAN. In one embodiment, the encryption device 230 further includes: a concatenating unit for concatenating the updated main account number PAN, a card expiration date, and a service code in order to construct a first string; and an expansion unit for passing the 0 is added to the right of the first string to expand the first string into a second data block of 256 bits; and an encryption unit for encrypting the second data block using a unique decentralized key, Thereby, the first data block is obtained. In one embodiment, the generating device 240 is configured to select the digits from 0 to 9 from left to right from the first data block and align the selected digits to the left to obtain a third data block; from the first data block, From the data block, select A to F in hexadecimal from left to right and convert it to decimal and subtract 10 to obtain a fourth data block; stitch the fourth data block to the third data block To the right of the fifth data block, and selecting the leftmost three digits of the fifth data block as the dynamic credit card security code. Referring to FIG. 3, it shows a bank card display module according to an embodiment of the present invention. In one embodiment of the present invention, the bank card may include a display module, and the display module includes a display main control chip, a display medium, a personalized antenna, a battery, and a button (optional). Display media can use e-paper, LCD and other technologies. The battery powers the display medium and the main control chip to calculate dCVN2 and display it. The personalized antenna is used to write some parameters initialized in the card (such as the dynamic CVN2 part). In one embodiment, in the case of dCVN2 generated based on an event variable factor, the display module must include a key for generating an event variable factor EBN based on the number of keys accumulated to the current number of keys after personalization. In another embodiment, when the dCVN2 is generated based on a time variable factor, the display module may not include a button. Whenever the payment service is started, dCVN2 is generated on the portable consumer device for authentication purposes. Figure 4 depicts a method for generating dCVN2 for each transaction according to the present invention. Initially, the leftmost 8-bit digits of the PAN are replaced with TBN or EBN to construct a string, which is recorded as a new PAN. Next, connect the new PAN, card expiration date, and service code from left to right to build a string. Then, put the string in the 256-bit data column and pad 0 to the right to get BlockA. UDK (Unique Distributed Key, Unique Derivation Key) is used to encrypt BlockA to get BlockG. In BlockG, select the numbers from 0 to 9 from left to right and align them to the left to get BlockH. In BlockG, select A to F in hexadecimal from left to right, and then convert each to decimal and subtract 10 to get BlockI. BlockI is spliced to the right of BlockH to get BlockJ. In the end, dCVN2 was chosen as the three leftmost digits of BlockJ. Referring to FIG. 5, FIG. 5 schematically illustrates an authentication process of a dCVN2 bank card according to an embodiment of the present invention. In one embodiment, the card information (card number, expiration date, and dCVN2) is submitted to the card issuer authentication server through the payment network when there is no card transaction. The issuing bank authentication server identifies the card as a dCVN2 bank card according to the PAN or BIN, and routes the authentication request to the dCVN2 authentication system. The dCVN2 authentication system calculates dCVN2 based on its configuration and compares it with the dCVN2 submitted by the card. The comparison result is then returned to the issuing bank authentication server. Finally, the issuing bank's authentication server approves / denies the transaction and informs the payment requester. The basic authentication principle of dCVN2 is to complete the entire authentication process by comparing dCVN2 with the same calculation factor and the same calculation method by the user and the authentication service provider. Generally, the comparison of dCVN2 is completed by the authentication service provider. As long as the dCVN2 value calculated in the card falls within the set of dCVN2 values in the setting window of the background authentication server, the authentication is passed. Dynamic CVN2 bank card synchronization with the system. For dCVN2 bank cards with variable time, background authentication uses a two-way time window; for dCVN2 bank cards with variable events, one-way event windows. In summary, the present invention implements CVN 2-bit dynamic display based on a variety of variable factors and algorithms to ensure the security of transactions. In addition, in the embodiment of the present invention, the function module for generating / displaying dCVN2 in the bank card is independent. When the dCVN2 function cannot be used normally, other functions of the bank card should continue to be used normally. The national secret algorithm used in the present invention has fewer calculation links, and the randomness of the calculation result is better than the DES / 3DES international algorithm. The above examples mainly illustrate the method and device for generating a dynamic credit card security code, the bank card and the authentication system architecture of the present invention. Although only some of the specific embodiments of the present invention have been described, those of ordinary skill in the art should understand that the present invention can be implemented in many other forms without departing from the spirit and scope thereof. Therefore, the illustrated examples and implementations are to be regarded as illustrative rather than restrictive, and the present invention may cover various modifications without departing from the spirit and scope of the present invention as defined by the scope of the appended patent applications. With replacement.

1000‧‧‧產生動態信用卡安全碼的方法1000‧‧‧Method for generating dynamic credit card security code

110-140‧‧‧步驟110-140‧‧‧step

2000‧‧‧產生動態信用卡安全碼的設備2000‧‧‧ Device for generating dynamic credit card security code

210‧‧‧獲取裝置210‧‧‧ Get Device

220‧‧‧替換裝置220‧‧‧ Replacement device

230‧‧‧加密裝置230‧‧‧ encryption device

240‧‧‧產生裝置240‧‧‧ generating device

圖1是表示本發明的一個實施例的產生動態信用卡安全碼的方法;   圖2是表示本發明的一個實施例的產生動態信用卡安全碼的設備;   圖3是表示本發明的一個實施例的銀行卡的顯示模組;   圖4是根據本發明的一個實施例的基於SM4演算法的dCVN2產生流程圖;以及   圖5示意性地示出根據本發明的一個實施例的dCVN2的銀行卡的認證流程。Fig. 1 shows a method for generating a dynamic credit card security code according to an embodiment of the present invention; Fig. 2 shows a device for generating a dynamic credit card security code according to an embodiment of the present invention; Fig. 3 is a bank showing an embodiment of the present invention Card display module; FIG. 4 is a flowchart of dCVN2 generation based on an SM4 algorithm according to an embodiment of the present invention; and FIG. 5 schematically illustrates a dCVN2 bank card authentication process according to an embodiment of the present invention .

Claims (17)

一種產生動態信用卡安全碼的方法,其特徵在於,所述方法包括:   獲取動態資料元素,   用所述動態資料元素替換所述信用卡的主帳號PAN的一部分,從而產生更新的主帳號PAN;   對所述更新的主帳號PAN進行加密,得到第一資料塊;以及   基於所述第一資料塊產生所述動態信用卡安全碼。A method for generating a dynamic credit card security code, characterized in that the method includes: obtaining dynamic data elements, 替换 replacing a part of the credit card's main account PAN with the dynamic data elements, thereby generating an updated main account PAN; The updated master account PAN is encrypted to obtain a first data block; and the dynamic credit card security code is generated based on the first data block. 如請求項1所述的方法,其中,所述動態資料元素為事件可變因數,使得所述動態信用卡安全碼基於所述事件可變因數的觸發而變化。The method according to claim 1, wherein the dynamic data element is an event variable factor, so that the dynamic credit card security code changes based on a trigger of the event variable factor. 如請求項2所述的方法,其中,所述事件可變因數對應於個人化之後累計至當前的按鍵次數或個人化之後搖晃卡片的次數。The method according to claim 2, wherein the event variable factor corresponds to the number of keystrokes accumulated to the current time after personalization or the number of card shakes after personalization. 如請求項3所述的方法,其中,所述事件可變因數為8位元數字,並且在所述按鍵次數少於8位元數位時,在所述按鍵次數的資料左邊以二進位數字字0填充。The method according to claim 3, wherein the variable factor of the event is an 8-digit number, and when the number of key presses is less than 8-digits, a binary number word is used to the left of the data of the key presses. 0 padding. 如請求項1所述的方法,其中,用所述動態資料元素替換所述信用卡的主帳號PAN的一部分,從而產生更新的主帳號PAN包括:   用所述動態資料元素替換所述PAN的最左邊的8位元數位構建字串,從而產生更新的主帳號PAN。The method according to claim 1, wherein replacing a part of the credit card's main account PAN with the dynamic data element to generate an updated main account PAN includes: 替换 replacing the leftmost part of the PAN with the dynamic data element 8-bit digitally constructed string to generate an updated master account number PAN. 如請求項1所述的方法,其中,對所述更新的主帳號PAN進行加密,得到第一資料塊包括:   依次串接所述更新的主帳號PAN、卡片失效日期、服務代碼,以構建第一字串;   通過在所述第一字串的右側補0,將所述第一字串擴展為256位元的第二資料塊;以及   利用唯一分散金鑰對所述第二資料塊進行加密,從而得到所述第一資料塊。The method according to claim 1, wherein encrypting the updated master account PAN to obtain a first data block includes: sequentially connecting the updated master account PAN, a card expiration date, and a service code to construct a first A string; ; expanding the first string into a second data block of 256 bits by adding 0 to the right of the first string; and encrypting the second data block using a unique decentralized key To obtain the first data block. 如請求項1所述的方法,其中,基於所述第一資料塊產生所述動態信用卡安全碼包括:   從所述第一資料塊中從左至右選出0到9的數位並將選出的數位左靠齊,從而得到第三資料塊;   從所述第一資料塊中從左至右選出16進制中A到F,並將其轉換成10進制減去10,從而得到第四資料塊;   將所述第四資料塊拼接到所述第三資料塊的右側,得到第五資料塊;以及   將所述第五資料塊最左邊的3個數位選擇作為所述動態信用卡安全碼。The method according to claim 1, wherein generating the dynamic credit card security code based on the first data block comprises: 选 selecting from 0 to 9 digits from left to right from the first data block and selecting the selected digits Align left to get the third data block; 选 Select from A to F in hexadecimal from the first data block from left to right and convert it to decimal minus 10 to get the fourth data block Stitching the fourth data block to the right of the third data block to obtain a fifth data block; and selecting the leftmost three digits of the fifth data block as the dynamic credit card security code. 如請求項1所述的方法,其中,所述動態資料元素為時間可變因數,所述時間可變因數基於當前時間而確定。The method according to claim 1, wherein the dynamic data element is a time variable factor, and the time variable factor is determined based on a current time. 一種產生動態信用卡安全碼的設備,其特徵在於,所述設備包括:   獲取裝置,用於獲取動態資料元素,   替換裝置,用於用所述動態資料元素替換所述信用卡的主帳號PAN的一部分,從而產生更新的主帳號PAN;   加密裝置,用於對所述更新的主帳號PAN進行加密,得到第一資料塊;以及   產生裝置,用於基於所述第一資料塊產生所述動態信用卡安全碼。A device for generating a dynamic credit card security code, characterized in that the device includes: (i) an acquisition device for acquiring a dynamic data element, and (ii) a replacement device for replacing a part of a main account PAN of the credit card with the dynamic data element, Thereby generating an updated master account number PAN; an encryption device for encrypting the updated master account number PAN to obtain a first data block; and a generating device for generating the dynamic credit card security code based on the first data block . 如請求項9所述的設備,其中,所述替換裝置配置成用所述動態資料元素替換所述PAN的最左邊的8位元數位構建字串,從而產生更新的主帳號PAN。The device according to claim 9, wherein the replacing means is configured to replace the leftmost 8-bit digit construction string of the PAN with the dynamic data element, thereby generating an updated master account number PAN. 如請求項9所述的設備,其中,所述加密裝置包括:   串接單元,用於依次串接所述更新的主帳號PAN、卡片失效日期、服務代碼,以構建第一字串;   擴展單元,用於通過在所述第一字串的右側補0,將所述第一字串擴展為256位元的第二資料塊;以及   加密單元,用於利用唯一分散金鑰對所述第二資料塊進行加密,從而得到所述第一資料塊。The device according to claim 9, wherein the encryption device comprises: a concatenating unit for sequentially concatenating the updated master account PAN, a card expiration date, and a service code to construct a first string; an expansion unit For expanding the first string into a second data block of 256 bits by adding 0 to the right of the first string; and an encryption unit for using a unique decentralized key to pair the second data block The data block is encrypted to obtain the first data block. 如請求項9所述的設備,其中,所述產生裝置配置成從所述第一資料塊中從左至右選出0到9的數位並將選出的數位左靠齊,從而得到第三資料塊;從所述第一資料塊中從左至右選出16進制中A到F,並將其轉換成10進制減去10,從而得到第四資料塊;將所述第四資料塊拼接到所述第三資料塊的右側,得到第五資料塊;以及將所述第五資料塊最左邊的3個數位選擇作為所述動態信用卡安全碼。The device according to claim 9, wherein the generating means is configured to select the digits from 0 to 9 from left to right from the first data block and align the selected digits to the left to obtain a third data block ; Select A to F in hexadecimal from left to right in the first data block, and convert it to decimal and subtract 10 to obtain a fourth data block; stitch the fourth data block to A fifth data block is obtained on the right side of the third data block; and the leftmost three digits of the fifth data block are selected as the dynamic credit card security code. 如請求項9所述的設備,其中,所述動態資料元素為事件可變因數,使得所述動態信用卡安全碼基於所述事件可變因數的觸發而變化。The device according to claim 9, wherein the dynamic data element is an event variable factor, so that the dynamic credit card security code changes based on the trigger of the event variable factor. 一種銀行卡,其特徵在於,所述銀行卡包括:   顯示模組,所述顯示模組包括顯示主控晶片,其中所述顯示主控晶片包括如請求項9至13中任一項所述的產生動態信用卡安全碼的設備。A bank card, characterized in that the bank card includes: a display module, the display module includes a display master chip, wherein the display master chip includes the one described in any one of claims 9 to 13 A device that generates a dynamic credit card security code. 如請求項14所述的銀行卡,其中,所述顯示模組還包括:   顯示介質;   電池,用於對所述顯示介質和所述顯示主控晶片進行供電;   個人化天線,用於寫入卡片初始化參數;以及   按鍵。The bank card according to claim 14, wherein the display module further comprises: a display medium; a battery for supplying power to the display medium and the display main control chip; a personalized antenna for writing Card initialization parameters; and keys. 一種由發卡行認證伺服器執行的認證方法,其特徵在於,所述方法包括:   接收來自支付網路的卡片資料,其中所述卡片資料包括卡號、有效期和動態信用卡安全碼;   根據主帳號PAN或發卡行識別碼BIN將卡片識別為動態可變卡,並將所述卡片資料路由到動態可變認證系統進行認證;以及   從所述動態可變認證系統接收認證結果,所述認證結果包括所述動態信用卡安全碼是否落在所述動態可變認證系統設定的視窗內。An authentication method performed by a card issuing bank authentication server, characterized in that the method includes: receiving card information from a payment network, wherein the card information includes a card number, expiration date, and a dynamic credit card security code; according to the main account number PAN or The issuing bank identification code BIN identifies the card as a dynamically variable card, and routes the card information to a dynamically variable authentication system for authentication; and receives an authentication result from the dynamically variable authentication system, the authentication result including the Whether the dynamic credit card security code falls within a window set by the dynamic variable authentication system. 如請求項16所述的認證方法,其中,所述動態可變認證系統對於時間可變的動態可變卡使用雙向時間視窗,而對於時間可變的動態可變卡使用單向事件視窗。The authentication method according to claim 16, wherein the dynamically variable authentication system uses a two-way time window for a time-variable dynamically variable card, and uses a one-way event window for a time-variable dynamically variable card.
TW107140034A 2017-11-15 2018-11-12 Method and equipment for generating dynamic credit card security code, bank card and authentication method TWI696088B (en)

Applications Claiming Priority (3)

Application Number Priority Date Filing Date Title
??201711128382.6 2017-11-15
CN201711128382.6A CN108134667B (en) 2017-11-15 2017-11-15 Method and equipment for generating dynamic credit card security code and bank card
CN201711128382.6 2017-11-15

Publications (2)

Publication Number Publication Date
TW201923641A true TW201923641A (en) 2019-06-16
TWI696088B TWI696088B (en) 2020-06-11

Family

ID=62388695

Family Applications (1)

Application Number Title Priority Date Filing Date
TW107140034A TWI696088B (en) 2017-11-15 2018-11-12 Method and equipment for generating dynamic credit card security code, bank card and authentication method

Country Status (3)

Country Link
CN (1) CN108134667B (en)
TW (1) TWI696088B (en)
WO (1) WO2019096021A1 (en)

Families Citing this family (4)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN108134667B (en) * 2017-11-15 2021-05-11 中国银联股份有限公司 Method and equipment for generating dynamic credit card security code and bank card
CN108234110B (en) * 2017-12-29 2019-07-12 飞天诚信科技股份有限公司 Credit card and its working method
US10713649B1 (en) 2019-07-09 2020-07-14 Capital One Services, Llc System and method enabling mobile near-field communication to update display on a payment card
SG10202101039TA (en) * 2021-02-01 2021-03-30 Capital One Services Llc Simplify virtual card numbers

Family Cites Families (10)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN101093554A (en) * 2007-06-04 2007-12-26 李惠科 Card with realtime biological identification system
US8615468B2 (en) * 2010-01-27 2013-12-24 Ca, Inc. System and method for generating a dynamic card value
CN103188079A (en) * 2011-12-29 2013-07-03 智慧光科技股份有限公司 Dynamic safety code authentication method and intelligent card device thereof
US20140279555A1 (en) * 2013-03-14 2014-09-18 Nagraid Security, Inc. Dynamically allocated security code system for smart debt and credit cards
CA2918788C (en) * 2013-07-24 2020-06-16 Visa International Service Association Systems and methods for interoperable network token processing
CN103646473B (en) * 2013-12-29 2016-06-29 福建今日特价网络有限公司 A kind of card-free payment system of automatic teller machine of bank
US20150371234A1 (en) * 2014-02-21 2015-12-24 Looppay, Inc. Methods, devices, and systems for secure provisioning, transmission, and authentication of payment data
AU2017213235A1 (en) * 2016-01-29 2018-09-20 Xard Group Pty Ltd Apparatus and method for externally controlling a digital transaction processing unit (DTPU)
CN106204024A (en) * 2016-07-19 2016-12-07 上海易码信息科技有限公司 Method of mobile payment under a kind of line
CN108134667B (en) * 2017-11-15 2021-05-11 中国银联股份有限公司 Method and equipment for generating dynamic credit card security code and bank card

Also Published As

Publication number Publication date
TWI696088B (en) 2020-06-11
CN108134667A (en) 2018-06-08
WO2019096021A1 (en) 2019-05-23
CN108134667B (en) 2021-05-11

Similar Documents

Publication Publication Date Title
US11941591B2 (en) Device including encrypted data for expiration date and verification value creation
US11714885B2 (en) Encryption key exchange process using access device
TWI696088B (en) Method and equipment for generating dynamic credit card security code, bank card and authentication method
CA2691789C (en) System and method for account identifier obfuscation
US8898089B2 (en) Dynamic verification value system and method
EP3171540B1 (en) Key delivery system and method
US8627080B2 (en) Systems and methods for mutual authentication using one time codes
CA2965145C (en) Over the air update of payment transaction data stored in secure memory
US10706402B2 (en) Over the air update of payment transaction data stored in secure memory
CN107533620A (en) Enhancing certification based on secondary device interaction
TW202105226A (en) Security hierarchy on a digital transaction processing unit
US11605070B2 (en) Cloud-based electronic payment processing
US20100179909A1 (en) User defined udk
KR20020076750A (en) Payment method and system to input payment information to mobile phone
KR101792498B1 (en) Method for data security using key synchronization and data securuty system using the same
AU2015200719B2 (en) Key delivery system and method